CastleCops, Internet Crime Fighters
Need help? Click here to register for free! Absolutely zero advertisements on this site!

$9736.22 of $21422.68
left sidedonated so farneed $11686.46 donated to reach our goalright side, our goal
Help CastleCops serve the community on new servers, Donate Here to reach our goal.

Donation/Premium
spacer
Donations. Become Premium Today! Premium Icon
block bottom
Security Central
spacer
· Home
· PIRT/Fried Phish
· MIRT
· SIRT
· Deutsch
· Wiki
· Newsletter
· O16/ActiveX
· CLSID List
· Contest2007
· Downloads
· Feedback (send)
· Forums
· HijackThis
· Hijacktrend
· LSPs
· My Downloads
· O18
· O20
· O21
· O22
· O23
· O9
· Premium
· Private Messages
· Proxomitron
· Reviews
· Search
· StartupList
· Stories Archive
· Submit News
· WsIRT
· Your Account
· Acceptable Use Policy
block bottom
Survey
spacer
Was 2007 a good year?

Yes it was a wonderful year
Yes, but there is always room for improvement
Status quo
It was a challenge
Other (leave comment)



Results
Polls

Votes: 934
Comments: 25
block bottom
spacer spacer
image Advisories!: Latest Advisories & Live Feeds (12/29/03) image
Cyber Security
Latest Advisories
Live Virus Advisory Feeds
2003-12-29
Secunia
Security Tracker
Security Focus
Symantec
*Live Feeds are from Panda, Trend Micro, and Symantec


Live Virus Advisory Feeds

Secunia

Secunia Highlights:
Internet Explorer URL Spoofing Vulnerability
A vulnerability has been identified in Internet Explorer, which can be exploited by malicious people to display a fake URL in the address and status bars.
rsync File Handling Integer Overflow Vulnerability
A vulnerability has been identified in rsync, which can be exploited by malicious people to compromise a vulnerable system.

Latest 15 Secunia Security Advisories:
2003-12-29
- PHP-Nuke pollID Parameter SQL Injection Vulnerability

- PHP / mod_php File Descriptor Leakage Vulnerability

- Microsoft Internet Information Services Track Log Bypass

- ViewCVS Error Page Cross-Site Scripting Vulnerability

- KnowledgeBuilder Arbitrary File Inclusion Vulnerability

- Gentoo update for CVS

- CVS pserver CVSROOT/passwd Privilege Escalation Vulnerability

- Private Message System Cross-Site Scripting Vulnerability

2003-12-28
- Internet Explorer for Mac Disclosure of Referer Information Weakness

- Indent File Parsing Buffer Overflow Vulnerability

- OpenBB FID Parameter Cross-Site Scripting Vulnerability

- LANDesk Management Suite ircrboot.dll Buffer Overflow Vulnerability

- PsychoBlogger SQL Injection and Cross-Site Scripting Vulnerabilities

- LISTSERV WA CGI Script Cross-Site Scripting Vulnerability

2003-12-27
- Pico Server Directory Traversal Vulnerability

Top 5 Most Read Secunia Security Advisories (Last 24 hours):
- Internet Explorer for Mac Disclosure of Referer Information Weakness

- Internet Explorer URL Spoofing Vulnerability

- Indent File Parsing Buffer Overflow Vulnerability

- Internet Explorer System Compromise Vulnerabilities

- LANDesk Management Suite ircrboot.dll Buffer Overflow Vulnerability


Security Tracker

Private Message System (PMSys) 'page' Parameter Input Validation Flaw Permits Cross-Site Scripting Attacks

David Sopas Ferreira from SystemSecure.org reported a vulnerability in Private Message System (PMSys). A remote user can conduct cross-site scripting attacks.

Impact: Disclosure of authentication information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information

GKrellM Discloses User E-Mail Passwords to Local Users

A vulnerability was reported in GKrellM. A local user can view user passwords.

Impact: Disclosure of authentication information

Microsoft IIS Fails to Log HTTP TRACK Requests

A logging vulnerability was reported in Microsoft Internet Information Server. A type of remote request is not logged.

Impact: Modification of system information

PHP-Nuke Surveys Module Input Validation Flaw Permits SQL Injection

An input validation vulnerability was reported in PHP-Nuke in the Surveys module. A remote user can inject SQL commands.

Impact: Disclosure of user information, Execution of arbitrary code via network, Modification of user information

LANDesk Management Suite 'IRCRBOOT.DLL' Buffer Overflow Lets Remote Users Execute Arbitrary Code

Tri Huynh from SentryUnion reported a buffer overflow vulnerability in LANDesk Management Suite in IRCRBOOT.DLL. A remote user may be able to execute arbitrary code.

Impact: Execution of arbitrary code via network, User access via network

SecurityFocus BugTraq
SecurityFocus Vulnerabilities

12/27/2003 Landesk Management Suite IRCRBOOT.DLL buffer overflow Tri Huynh
12/27/2003 PHP-NUKE 7.0 FINAL (and olders) sql injection r00t rsteam ru
12/26/2003 Hijacking Apache https by mod_php Steve Grubb
12/26/2003 OpenBB 1.06 SQL Injection n teusink planet nl
12/26/2003 Re: Reported Command Injection in Squirrelmail GPG Brian G. Peterson
12/26/2003 DANGER ZONE: Internet Explorer http-equiv@excite.com
2003-12-25: Cyrus IMSP Daemon Remote Buffer Overflow Vulnerability
2003-12-25: OpenSSL ASN.1 Parsing Vulnerabilities
2003-12-24: Microsoft Internet Explorer For Mac HTTP Referer Information Disclosure Vulnerability
2003-12-24: phpBB search.php SQL Injection Vulnerability
2003-12-24: SiteInteractive Subscribe Me Setup.PL Arbitrary Command Execution Vulnerability
2003-12-24: Psychoblogger Multiple SQL Injection Vulnerabilities
2003-12-24: Psychoblogger Multiple Cross-Site Scripting Vulnerabilities
2003-12-24: OpenBSD Tcpdump Remote Denial of Service Vulnerability
2003-12-24: KnowledgeBuilder Remote File Include Vulnerability
2003-12-24: ViewCVS Viewcvs.py Cross-Site Scripting Vulnerability
2003-12-23: phpBB Privmsg.PHP Cross-Site Scripting Vulnerability
2003-12-23: Webfroot Shoutbox Viewshoutbox.PHP Cross-Site Scripting Vulnerability
2003-12-23: Microsoft Internet Explorer File Download Warning Bypass Vulnerability
2003-12-23: Multiple Browser URI Display Obfuscation Weakness
2003-12-23: Microsoft Internet Explorer BackToFramedJPU Cross-Domain Policy Vulnerability
2003-12-23: Microsoft Internet Explorer Browser MHTML Redirection Local File Parsing Vulnerability
2003-12-23: Microsoft Internet Explorer MHTML Forced File Execution Vulnerability
2003-12-23: My Little Forum Email.PHP Cross-Site Scripting Vulnerability
2003-12-23: Xlight FTP Server PASS Command Remote Buffer Overflow Vulnerability
2003-12-23: Red Hat Linux 2.4 Kernel Multiple Potential Vulnerabilities
2003-12-23: Apple QuickTime/Darwin Streaming MP3Broadcaster ID3 Tag Handling Vulnerability
2003-12-23: ISC BIND Negative Cache Poison Denial Of Service Vulnerability
2003-12-23: IBM AIX lpd Local Format String Vulnerability
2003-12-23: iSoft-Solutions QuikStore Shopping Cart template Parameter Directory Traversal Vulnerability
2003-12-23: iSoft-Solutions QuikStore Shopping Cart store Parameter Path Disclosure Vulnerability
2003-12-23: Opera Browser URI Display Obfuscation Weakness
2003-12-23: Sun Solaris tcsh ls-F Builtin Unspecified Privilege Escalation Vulnerability
2003-12-23: CyberGuard Firewall/VPN 5.1 Cross-Site Scripting Vulnerability
2003-12-23: Opera Relative Path Directory Traversal File Corruption Vulnerability
2003-12-22: osCommerce manufacturers_id Parameter Cross-Site Scripting Vulnerability
2003-12-22: osCommerce products_id URI Parameter SQL Injection Vulnerability
2003-12-22: PServ Web Server Directory Traversal Vulnerability
2003-12-22: Unix Shell Redirection Race Condition Vulnerability
2003-12-22: RhinoSoft Serv-U FTP Server Insecure INI File Permissions Vulnerability
2003-12-22: ProjectForum HTML Injection Vulnerability
2003-12-22: ProjectForum find Request Denial of Service Vulnerability
2003-12-22: DCAM WebCam Server Personal Web Server Directory Traversal Vulnerability
2003-12-22: Sun One Application Server Request Logging Circumvention Weakness
2003-12-22: Sun ONE Application Server Source Disclosure Vulnerability
2003-12-22: BN Soft BoastMachine Comment Form HTML Injection Vulnerability
2003-12-22: CesarFTP Remote CWD Denial of Service Vulnerability
2003-12-22: Xoops MyLinks Myheader.php Cross-Site Scripting Vulnerability

Symantec SSR

W32.Torun
W32.Torun.dr, Worm.W32.Torun [AVP] December 28, 2003 December 29, 2003
Trojan.Download.Revird December 27, 2003 December 29, 2003
Backdoor.Portless December 26, 2003 December 29, 2003
PWSteal.Bancos.D December 22, 2003 December 23, 2003
W32.Cissi.A@mm December 22, 2003 December 23, 2003
W32.Gluber.B@mm December 21, 2003 December 22, 2003
Trojan.Bookmarker December 20, 2003 December 22, 2003
Backdoor.Trodal December 20, 2003 December 20, 2003
VBS.Sling December 20, 2003 December 20, 2003
W32.Sober.C@mm December 20, 2003 December 20, 2003
W32.Sober.gen December 20, 2003 December 20, 2003
W32.HLLW.Warpigs.C
Backdoor.Spyboter.gen [KAV] December 19, 2003 December 20, 2003
Trojan.Anymail December 18, 2003 December 19, 2003
W32.Sober.B@mm December 18, 2003 December 18, 2003
W32.Wilsef December 17, 2003 December 18, 2003
Trojan.Gema December 16, 2003 December 17, 2003
W32.HLLW.Cayam@mm December 16, 2003 December 17, 2003
W32.Randex.BE
W32/Sdbot.worm.gen.b [McAfee], Backdoor.SdBot.gen [Kaspersky] December 15, 2003 December 16, 2003
PWSteal.Sagic December 15, 2003 December 15, 2003
Hacktool.Sagic December 15, 2003 December 15, 2003
Trojan.PWS.Qphook December 14, 2003 December 15, 2003
Backdoor.Uprootkit
Backdoor.UpRootKit [Kaspersky] December 13, 2003 December 15, 2003
Backdoor.Uprootkit.cli
Backdoor.UpRootKit [Kaspersky] December 13, 2003 December 15, 2003
Trojan.Sysbin December 11, 2003 December 12, 2003
MHTMLRedir.Exploit December 11, 2003 December 12, 2003
W32.HLLW.Gaobot.EE December 11, 2003 December 11, 2003
W32.Mertian.Worm
W32.Mertian@mm December 11, 2003 December 11, 2003
Backdoor.Volac.dr December 10, 2003 December 11, 2003
Backdoor.Volac December 10, 2003 December 11, 2003
Backdoor.Roxy.C December 10, 2003 December 11, 2003
W32.Scold@mm
W32/Scold@MM [McAfee], Win32.Scold.A [Computer Associates], WORM_SCOLD.A [Trend], W32/Scold-A [Sophos], I-Worm.Scold [Kaspersky] December 10, 2003 December 11, 2003
Trojan.Slog December 10, 2003 December 11, 2003
Backdoor.Formador
Backdoor.Trojan.Client, Backdoor.Formador.c [AVP], Downloader-DP [Mcafee] December 10, 2003 December 10, 2003
Trojan.Benuti December 9, 2003 December 10, 2003
W32.Randex.BD
Backdoor.IRCBot.gen [Kaspersky] December 9, 2003 December 9, 2003
W32.HLLW.Bodiru December 8, 2003 December 8, 2003
PHP.Feast December 8, 2003 December 8, 2003
Backdoor.Xibo
Backdoor.XLBH.b [Kaspersky] December 8, 2003 December 8, 2003
Backdoor.Ketch December 5, 2003 December 8, 2003
W32.HLLW.Gaobot.DK
W32.HLLW.Gaobot.gen, W32/Gaobot.worm.gen [McAfee], Backdoor.Agobot.3.gen [Kaspersky] December 5, 2003 December 8, 2003
Trojan.Digits
Download.Trojan December 5, 2003 December 5, 2003
W32.Memas@mm
W32/Memas@mm[McAfee] December 4, 2003 December 5, 2003
W32.HLLW.Slideshow December 4, 2003 December 5, 2003
W32.Randex.AZ
W32.Randex.AX December 4, 2003 December 4, 2003
Trojan.Framar December 3, 2003 December 3, 2003
W32.Mimail.M@mm
W32.Mimail.Gen, W32/Mimail.gen@MM [McAfee] December 3, 2003 December 3, 2003
W32.HLLW.Epon@mm
I-Worm.Epon [Kaspersky] December 2, 2003 December 3, 2003
Backdoor.Freefors December 2, 2003 December 2, 2003
W32.Kwbot.S.Worm@mm
Backdoor.IRCBot.gen [KAV] December 2, 2003 December 2, 2003
JS.Pun.Trojan December 1, 2003 December 2, 2003
W32.Mimail.L@mm
W32.Mimail.Gen, W32/Mimail.l@MM [McAfee] December 1, 2003 December 2, 2003
Backdoor.Dragonqq
PWS-QQDrag [McAfee] December 1, 2003 December 1, 2003
Backdoor.Haxdoor
Backdoor.Haxdoor.i [Kaspersky] November 30, 2003 December 1, 2003
W32.HLLW.Studd
W32/Duster [McAfee] November 28, 2003 December 1, 2003
W32.HLLW.Southghost November 28, 2003 December 1, 2003
W32.Midlak@mm November 27, 2003 December 1, 2003

Live Virus Advisory Feed
Posted on Monday, 29 December 2003 @ 09:44:01 UTC by phoenix22 (1576 reads)
[ Trackback ]		image

"Advisories!: Latest Advisories & Live Feeds (12/29/03)" | Login/Create an Account | 0 comments
Threshold
The comments are owned by the poster. We aren't responsible for their content.

No Comments Allowed for Anonymous, please register
 
Login
spacer
Nickname

Password

Security Code: Type Security Code: Usage signifies AUP acceptance
· New User? · Click here to create a registered account.
block bottom
Related Links
spacer
· del.icio.us!
· digg it!
· reddit!
· TrackBack (0)
· Linux.com
· IBM
· PHP HomePage
· Red Hat
· Microsoft
· Linux Kernel Archives
· PHP-Nuke
· HotScripts
· Apple
· Apache Web Server
· W3 Consortium
· HTML Standard
· MP3.com
· More about Cyber Security
· News by phoenix22

Most read story about Cyber Security:
Booby Trapped software!
block bottom
Article Rating
spacer
Average Score: 4
Votes: 1


Please take a second and vote for this article:

Bad
Regular
Good
Very Good
Excellent
block bottom
Options
spacer

Printer Friendly Page  Printer Friendly Page
block bottom
2002-2008 © Computer Cops LLC dba CastleCops®. All rights reserved.
Acceptable Use Policy. Use signifies your agreement.
184ppm 2.245s (0.011s)
Making cybercriminals unhappy since 2002*
In Memory of Trpm
spacer spacer