CastleCops, Internet Crime Fighters
Need help? Click here to register for free! Absolutely zero advertisements on this site!

Donation/Premium
spacer
Donations. Become Premium Today! Premium Icon
block bottom
Security Central
spacer
· Home
· PIRT/Fried Phish
· MIRT
· SIRT
· Deutsch
· Wiki
· Newsletter
· O16/ActiveX
· CLSID List
· Contest2007
· Downloads
· Feedback (send)
· Forums
· HijackThis
· Hijacktrend
· LSPs
· My Downloads
· O18
· O20
· O21
· O22
· O23
· O9
· Premium
· Private Messages
· Proxomitron
· Reviews
· Search
· StartupList
· Stories Archive
· Submit News
· WsIRT
· Your Account
· Acceptable Use Policy
block bottom
spacer spacer
image Advisories!: Latest Advisories & Live Feeds (12/27/03) image
Cyber Security
Latest Advisories
Live Virus Advisory Feeds
2003-12-27
Secunia
Security Tracker
Security Focus
Symantec
*Live Feeds are from Panda, Trend Micro, and Symantec

Live Virus Advisory Feeds

Secunia

*offline at 1000hrs EST
*offline at 1100hrs EST

Security Tracker

pServ Double Slash '//' Input Validation Flaw Discloses Files to Remote Users

A vulnerability was reported in pico Server (pServ). A remote user can view arbitrary files on the target system with the privileges of the web server.

Impact: Disclosure of system information, Disclosure of user information

Serv-U FTP Server File Configuration Flaw May Let Local Users Gain Elevated Privileges

An access control vulnerability was reported in the Serv-U FTP Server. A local user may be able to gain elevated privileges.

Impact: Modification of user information, Root access via local system, User access via local system

L-Soft LISTSERV Input Validation Flaw in WA.EXE Management Interface May Permit Cross-Site Scripting Attacks Against List Administrators

An input validation vulnerability was reported in L-Soft's LISTSERV mailing list software. A remote user can conduct cross-site scripting attacks against administrators.

Impact: Disclosure of authentication information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information

indent Buffer Overflow Lets Users Execute Arbitrary Code

A buffer overflow vulnerability was reported in 'indent'. A user can cause arbitrary code execution when a malicious C source code file is processed.

Impact: Execution of arbitrary code via local system, Execution of arbitrary code via network

Surfboard httpd Buffer Overflow May Allow a Remote User to Execute Arbitrary Code

d3ck4 reported a buffer overflow vulnerability in the Surfboard httpd web server. A remote user may be able to execute arbitrary code (but that was not confirmed in the report).

Impact: Denial of service via network, Execution of arbitrary code via network

SecurityFocus BugTraq
SecurityFocus Vulnerabilities

12/26/2003 Hijacking Apache https by mod_php Steve Grubb
12/26/2003 OpenBB 1.06 SQL Injection n teusink planet nl
12/26/2003 Re: Reported Command Injection in Squirrelmail GPG Brian G. Peterson
12/26/2003 DANGER ZONE: Internet Explorer http-equiv@excite.com
12/24/2003 Bugtraq Security Systems ADV-0001 Bugtraq Security Systems
12/24/2003 directory traversal bug in Pserv 3.0b2 Donato Ferrante
12/24/2003 IE 5.22 on Mac Transmitting HTTP Referer from Secure Page deane deanebarker net
12/24/2003 Remote Code Execution in Knowledge Builder. Zero_X www.lobnan.de Team
12/24/2003 Re: An undetectable Online Bank Vulnerability? Seth Arnold
12/24/2003 New VISA scam exploits IE vulnerability Marek Szuba
2003-12-23: phpBB Privmsg.PHP Cross-Site Scripting Vulnerability
2003-12-23: Webfroot Shoutbox Viewshoutbox.PHP Cross-Site Scripting Vulnerability
2003-12-23: Microsoft Internet Explorer File Download Warning Bypass Vulnerability
2003-12-23: Multiple Browser URI Display Obfuscation Weakness
2003-12-23: Microsoft Internet Explorer BackToFramedJPU Cross-Domain Policy Vulnerability
2003-12-23: Microsoft Internet Explorer Browser MHTML Redirection Local File Parsing Vulnerability
2003-12-23: Microsoft Internet Explorer MHTML Forced File Execution Vulnerability
2003-12-23: My Little Forum Email.PHP Cross-Site Scripting Vulnerability
2003-12-23: Xlight FTP Server PASS Command Remote Buffer Overflow Vulnerability
2003-12-23: Red Hat Linux 2.4 Kernel Multiple Potential Vulnerabilities
2003-12-23: Apple QuickTime/Darwin Streaming MP3Broadcaster ID3 Tag Handling Vulnerability
2003-12-23: ISC BIND Negative Cache Poison Denial Of Service Vulnerability
2003-12-23: IBM AIX lpd Local Format String Vulnerability
2003-12-23: iSoft-Solutions QuikStore Shopping Cart template Parameter Directory Traversal Vulnerability
2003-12-23: iSoft-Solutions QuikStore Shopping Cart store Parameter Path Disclosure Vulnerability
2003-12-23: Opera Browser URI Display Obfuscation Weakness
2003-12-23: Sun Solaris tcsh ls-F Builtin Unspecified Privilege Escalation Vulnerability
2003-12-23: CyberGuard Firewall/VPN 5.1 Cross-Site Scripting Vulnerability
2003-12-23: Opera Download Dialog Relative Path File Corruption Vulnerability
2003-12-22: osCommerce manufacturers_id Parameter Cross-Site Scripting Vulnerability
2003-12-22: osCommerce products_id URI Parameter SQL Injection Vulnerability
2003-12-22: PServ Web Server Directory Traversal Vulnerability
2003-12-22: Unix Shell Redirection Race Condition Vulnerability
2003-12-22: RhinoSoft Serv-U FTP Server Insecure INI File Permissions Vulnerability
2003-12-22: ProjectForum HTML Injection Vulnerability
2003-12-22: ProjectForum find Request Denial of Service Vulnerability
2003-12-22: DCAM WebCam Server Personal Web Server Directory Traversal Vulnerability
2003-12-22: Sun One Application Server Request Logging Circumvention Weakness
2003-12-22: Sun ONE Application Server Source Disclosure Vulnerability
2003-12-22: BN Soft BoastMachine Comment Form HTML Injection Vulnerability
2003-12-22: CesarFTP Remote CWD Denial of Service Vulnerability
2003-12-22: Xoops MyLinks Myheader.php Cross-Site Scripting Vulnerability
2003-12-21: DameWare Mini Remote Control Server Pre-Authentication Buffer Overflow Vulnerability
2003-12-21: PHP-Nuke admin.php SQL Injection Vulnerability
2003-12-20: BES-CMS Multiple Module File Include Vulnerability
2003-12-20: Apple MacOS X ASN.1 Decoding Unspecified Remote Denial Of Service Vulnerability
2003-12-20: Apple MacOS X fs_usage Unspecified Local Privilege Escalation Vulnerability
2003-12-20: Apple MacOS X AppleFileServer Unspecified Vulnerability
2003-12-20: Eric S. Raymond Fetchmail Unspecified Denial of Service Vulnerability
2003-12-20: RSync Daemon Mode Undisclosed Remote Heap Overflow Vulnerability
2003-12-20: Apple MacOS X DHCP Response Root Compromise Vulnerability
2003-12-20: Apple Mac OS X Panther Screen Effects Locking Latency Vulnerability
2003-12-20: MacOSX CD9660.Util Probe For Mounting Argument Local Buffer Overflow Vulnerability

Symantec SSR

PWSteal.Bancos.D December 22, 2003 December 23, 2003
W32.Cissi.A@mm December 22, 2003 December 23, 2003
W32.Gluber.B@mm December 21, 2003 December 22, 2003
Trojan.Bookmarker December 20, 2003 December 22, 2003
Backdoor.Trodal December 20, 2003 December 20, 2003
VBS.Sling December 20, 2003 December 20, 2003
W32.Sober.C@mm December 20, 2003 December 20, 2003
W32.Sober.gen December 20, 2003 December 20, 2003
W32.HLLW.Warpigs.C
Backdoor.Spyboter.gen [KAV] December 19, 2003 December 20, 2003
Trojan.Anymail December 18, 2003 December 19, 2003
W32.Sober.B@mm December 18, 2003 December 18, 2003
W32.Wilsef December 17, 2003 December 18, 2003
Trojan.Gema December 16, 2003 December 17, 2003
W32.HLLW.Cayam@mm December 16, 2003 December 17, 2003
W32.Randex.BE
W32/Sdbot.worm.gen.b [McAfee], Backdoor.SdBot.gen [Kaspersky] December 15, 2003 December 16, 2003
PWSteal.Sagic December 15, 2003 December 15, 2003
Hacktool.Sagic December 15, 2003 December 15, 2003
Trojan.PWS.Qphook December 14, 2003 December 15, 2003
Backdoor.Uprootkit
Backdoor.UpRootKit [Kaspersky] December 13, 2003 December 15, 2003
Backdoor.Uprootkit.cli
Backdoor.UpRootKit [Kaspersky] December 13, 2003 December 15, 2003
Trojan.Sysbin December 11, 2003 December 12, 2003
MHTMLRedir.Exploit December 11, 2003 December 12, 2003
W32.HLLW.Gaobot.EE December 11, 2003 December 11, 2003
W32.Mertian.Worm
W32.Mertian@mm December 11, 2003 December 11, 2003
Backdoor.Volac.dr December 10, 2003 December 11, 2003
Backdoor.Volac December 10, 2003 December 11, 2003
Backdoor.Roxy.C December 10, 2003 December 11, 2003
W32.Scold@mm
W32/Scold@MM [McAfee], Win32.Scold.A [Computer Associates], WORM_SCOLD.A [Trend], W32/Scold-A [Sophos], I-Worm.Scold [Kaspersky] December 10, 2003 December 11, 2003
Trojan.Slog December 10, 2003 December 11, 2003
Backdoor.Formador
Backdoor.Trojan.Client, Backdoor.Formador.c [AVP], Downloader-DP [Mcafee] December 10, 2003 December 10, 2003
Trojan.Benuti December 9, 2003 December 10, 2003
W32.Randex.BD
Backdoor.IRCBot.gen [Kaspersky] December 9, 2003 December 9, 2003
W32.HLLW.Bodiru December 8, 2003 December 8, 2003
PHP.Feast December 8, 2003 December 8, 2003
Backdoor.Xibo
Backdoor.XLBH.b [Kaspersky] December 8, 2003 December 8, 2003
Backdoor.Ketch December 5, 2003 December 8, 2003
W32.HLLW.Gaobot.DK
W32.HLLW.Gaobot.gen, W32/Gaobot.worm.gen [McAfee], Backdoor.Agobot.3.gen [Kaspersky] December 5, 2003 December 8, 2003
Trojan.Digits
Download.Trojan December 5, 2003 December 5, 2003
W32.Memas@mm
W32/Memas@mm[McAfee] December 4, 2003 December 5, 2003
W32.HLLW.Slideshow December 4, 2003 December 5, 2003
W32.Randex.AZ
W32.Randex.AX December 4, 2003 December 4, 2003
Trojan.Framar December 3, 2003 December 3, 2003
W32.Mimail.M@mm
W32.Mimail.Gen, W32/Mimail.gen@MM [McAfee] December 3, 2003 December 3, 2003
W32.HLLW.Epon@mm
I-Worm.Epon [Kaspersky] December 2, 2003 December 3, 2003
Backdoor.Freefors December 2, 2003 December 2, 2003
W32.Kwbot.S.Worm@mm
Backdoor.IRCBot.gen [KAV] December 2, 2003 December 2, 2003
JS.Pun.Trojan December 1, 2003 December 2, 2003
W32.Mimail.L@mm
W32.Mimail.Gen, W32/Mimail.l@MM [McAfee] December 1, 2003 December 2, 2003
Backdoor.Dragonqq
PWS-QQDrag [McAfee] December 1, 2003 December 1, 2003
Backdoor.Haxdoor
Backdoor.Haxdoor.i [Kaspersky] November 30, 2003 December 1, 2003
W32.HLLW.Studd
W32/Duster [McAfee] November 28, 2003 December 1, 2003
W32.HLLW.Southghost November 28, 2003 December 1, 2003
W32.Midlak@mm November 27, 2003 December 1, 2003
Backdoor.IRC.Whisper November 26, 2003 November 26, 2003
W32.Spex.B.Worm
Worm.P2P.Specx [Kaspersky] November 26, 2003 November 26, 2003
Backdoor.Asoxy November 26, 2003 November 26, 2003
W32.Randex.AX November 25, 2003 November 26, 2003
Backdoor.Spotcom November 25, 2003 November 25, 2003
Backdoor.Sysbug
BackDoor-CAG [McAfee], Troj/Sysbug-A [Sophos] November 25, 2003 November 25, 2003
W32.Azha.Worm November 24, 2003 November 25, 2003
W32.Randex.AW
Backdoor.SdBot.gen [Kaspersky], W32/Sdbot.worm.gen [McAfee] November 24, 2003 November 25, 2003
W32.HLLW.Bandie November 24, 2003 November 25, 2003
W32.Widare
Bloodhound.W32.2 November 23, 2003 November 24, 2003
Backdoor.Ciadoor.B
Backdoor.Ciadoor.12.b [Kaspersky], Backdoor-ASB [McAfee] November 23, 2003 November 24, 2003
W32.Notime November 22, 2003 November 24, 2003
W32.HLLW.Gaobot.DJ
W32.HLLW.Gaobot.gen November 21, 2003 November 24, 2003
W32.Randex.AT
Backdoor.SdBot.gen [KAV] November 21, 2003 November 21, 2003
Backdoor.Tinydog November 20, 2003 November 21, 2003
W32.Bolgi.Worm November 20, 2003 November 21, 2003
W32.HLLW.Taplak
W32.Klap, W32.HLLW.Taplak November 20, 2003 November 20, 2003
PWSteal.Banpaes.B November 20, 2003 November 20, 2003
W32.Randex.AR November 19, 2003 November 20, 2003
W32.HLLW.Anarch@mm November 19, 2003 November 20, 2003


Live Virus Advisory Feed
Posted on Saturday, 27 December 2003 @ 10:03:06 UTC by phoenix22 (1767 reads)
[ Trackback ]		image

"Advisories!: Latest Advisories & Live Feeds (12/27/03)" | Login/Create an Account | 0 comments
Threshold
The comments are owned by the poster. We aren't responsible for their content.

No Comments Allowed for Anonymous, please register
 
Login
spacer
Nickname

Password

Security Code: Type Security Code: Usage signifies AUP acceptance
· New User? · Click here to create a registered account.
block bottom
Related Links
spacer
· del.icio.us!
· digg it!
· reddit!
· TrackBack (0)
· Linux.com
· IBM
· PHP HomePage
· Red Hat
· Microsoft
· Linux Kernel Archives
· PHP-Nuke
· HotScripts
· Apple
· Apache Web Server
· W3 Consortium
· HTML Standard
· MP3.com
· More about Cyber Security
· News by phoenix22

Most read story about Cyber Security:
Booby Trapped software!
block bottom
Article Rating
spacer
Average Score: 5
Votes: 1


Please take a second and vote for this article:

Bad
Regular
Good
Very Good
Excellent
block bottom
Options
spacer

Printer Friendly Page  Printer Friendly Page
block bottom
2002-2008 © Computer Cops LLC dba CastleCops®. All rights reserved.
Acceptable Use Policy. Use signifies your agreement.
235ppm 0.180s (0.007s)
Making cybercriminals unhappy since 2002*
In Memory of Trpm
spacer spacer