Latest Advisories

Live Virus Advisory Feeds
2004-01-24

*Live Feeds are from Panda, Trend Micro, and Symantec

Live Virus Advisory Feeds

Secunia

Secunia Highlights:
Internet Explorer URL Spoofing Vulnerability
A vulnerability has been identified in Internet Explorer, which can be exploited by malicious people to display a fake URL in the address and status bars.
Microsoft ISA Server 2000 H.323 Protocol Filter Vulnerability
Microsoft Internet Security and Acceleration Server 2000 contain a vulnerability in the H.323 protocol implementation, which can be exploited by malicious people to cause a DoS (Denial of Service) or gain system access.
Symantec Automatic LiveUpdate Privilege Escalation Vulnerability
KF has discovered a vulnerability in Symantec LiveUpdate, which can be exploited by malicious, local users to gain escalated privileges on a vulnerable system.

Latest 15 Secunia Security Advisories:
2004-01-23
- Need for Speed Client Buffer Overflow Vulnerability

- Red Hat update for slocate

2004-01-22
- mod_perl File Descriptor Leakage Vulnerability

- Cisco Voice Products Director Agent Insecure Default Installation

- Gentoo update for honeyd

- Honeyd Remote Identification Vulnerability

- Mephistoles Internet Suite httpd Cross-Site Scripting Vulnerability

2004-01-21
- HP-UX update for Mozilla

- Sun Cluster OpenSSL Vulnerabilities

- Sun Solaris update for IKE

- WebTrends Exposure of Installation Path

- NetCam Directory Traversal Vulnerability

- DUware Products Admin Area Authentication Bypass Vulnerability

- Trustix update for slocate

- Red Hat update for mc

Top 5 Most Read Secunia Security Advisories (Last 24 hours):
- XBlockOut -display Privilege Escalation Vulnerability

- Microsoft Internet Explorer Multiple Vulnerabilities

- Cisco Catalyst Switch Non-Standard TCP Flag Combination DoS Vulnerability

- Internet Explorer URL Spoofing Vulnerability

- Need for Speed Client Buffer Overflow Vulnerability


Security Tracker

Q-Shop ASP Shopping Cart Input Validation Holes Let Remote Users Inject SQL Commands

Some vulnerabilities were reported in Q-Shop. A remote user can inject SQL commands and can conduct cross-site scripting attacks.

Impact: Disclosure of authentication information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information, User access via network

SurfinGate Proxy Mode Lets Remote Users Execute Application Commands

A vulnerability was reported in SurfinGate. A remote user can execute certain control commands on the application when the application is running in proxy mode.

Impact: Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network

Sun Solaris modload() May Grant Root Access to Local Users

A vulnerability was reported in Sun Solaris. A local user may be able to gain root access on the system.

Impact: Root access via local system

Apache mod_python String Processing Bug Still Lets Remote Users Crash the Web Server

A vulnerability was reported in Apache mod_python. A remote user can cause the Apache server to crash.

Impact: Denial of service via network

NetWare Enterprise Server PERL Handler Input Validation Flaw Permits Cross-Site Scripting Attacks

Rafel Ivgi (The-Insider) reported an input validation vulnerability in the NetWare Enterprise Server in the CGI2PERL module. A remote user can conduct cross-site scripting attacks.

Impact: Disclosure of authentication information, Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information


SecurityFocus BugTraq
SecurityFocus Vulnerabilities

01/23/2004 Multiple Vulnerabilities in Phorum 3.4.5 Fredrik Björk
01/23/2004 Re: Major hack attack on the U.S. Senate Brian C. Lane
01/23/2004 QuadComm Q-Shop ASP Shopping Cart Software multiple security vulnerabilities S-Quadra Security Research
01/23/2004 Re: vulnerabilities of postscript printers Darren Reed
01/23/2004 Re: vulnerabilities of postscript printers der Mouse
01/23/2004 Re: Hijacking Apache 2 via mod_perl jon schatz
01/23/2004 Re: Major hack attack on the U.S. Senate ~Kevin Davis³
01/23/2004 Finjan SurfinGate Vulnerability David Byrne
01/23/2004 NetWare-Enterprise-Web-Server/5.1/6.0 Multiple Vulnerabilities Rafel Ivgi, The-Insider
01/22/2004 yet another new phising scam Gadi Evron
01/22/2004 vulnerabilities of postscript printers Bob Kryger
01/22/2004 Re: Hijacking Apache 2 via mod_perl Ben Laurie
01/22/2004 NetBus Pro Web Server Direcory Listing And Remote File Upload Rafel Ivgi, The-Insider
01/22/2004 Re: Paper announcement: Is finding security holes a good idea? Christopher E. Cramer
01/22/2004 Re: Hijacking Apache 2 via mod_perl Steve G
01/22/2004 FREESCO public http server - Cross Site Scripting Vulnerabillity Rafel Ivgi, The-Insider
01/22/2004 Re: Re[2]: Hijacking Apache 2 via mod_perl Steve G
01/22/2004 Re: Hijacking Apache 2 via mod_perl André Malo
01/22/2004 Re[2]: Hijacking Apache 2 via mod_perl 3APA3A
01/22/2004 Major hack attack on the U.S. Senate Richard M. Smith
01/22/2004 GeoHttpServer Authentification Bypass Vulnerability & D.O.S (Denial Of Service) Rafel Ivgi, The-Insider
01/22/2004 Need for Speed Hot pursuit 2 Symantec SSR

W32.Dumaru.Y@mm January 23, 2004 January 25, 2004
Trojan.Bookmarker.D January 23, 2004 January 26, 2004
W32.HLLW.Sanker January 22, 2004 January 23, 2004
Backdoor.OptixPro.13b
Backdoor.Optix.Pro.13 [Kaspersky] January 21, 2004 January 22, 2004
Backdoor.Tuxder January 20, 2004 January 20, 2004
Trojan.Httpdos
Backdoor.Snart.j[Kaspersky] January 20, 2004 January 20, 2004
Trojan.Mitglieder.C
Mitglieder [F-Secure] January 20, 2004 January 20, 2004
VBS.Zsyang.B@mm
I-Worm.Zsyang [Kaspersky] January 19, 2004 January 19, 2004
W32.Beagle.A@mm
I-Worm.Bagle [Kaspersky], WORM_BAGLE.A [Trend], W32/Bagle-A [Sophos], W32/Bagle@MM [McAfee], Win32.Bagle.A [Computer Associates] January 18, 2004 January 18, 2004
Backdoor.IRC.Aladinz.H January 18, 2004 January 18, 2004
Trojan.Bookmarker.C January 15, 2004 January 16, 2004
W32.Protoride.Worm January 16, 2004 January 16, 2004
W97M.Twopey.E
Macro.Word97.Racaga [Kaspersky] January 15, 2004 January 16, 2004
W32.Stuplo January 15, 2004 January 16, 2004
Backdoor.IRC.Aladinz.G
Worm.Win32.Randon.o [Kaspersky] January 15, 2004 January 15, 2004
Downloader.Mimail.B
Downloader-GN [McAfee], Troj/Mmdload-A [Sophos] January 14, 2004 January 16, 2004
W32.HLLC.Elpmis January 14, 2004 January 15, 2004
W32.HLLW.Nettrash
Backdoor.NetTrash, Backdoor/NetTrash.10.a [Kaspersky] January 12, 2004 January 13, 2004
Trojan.Bookmarker.B January 12, 2004 January 13, 2004
W32.HLLW.Gaobot.FQ
W32/Gaobot.worm.gw [McAfee] January 12, 2004 January 13, 2004
PWSteal.Freemega January 11, 2004 January 12, 2004
PWSteal.Leox January 11, 2004 January 12, 2004
Backdoor.Threadsys January 10, 2004 January 12, 2004
Trojan.Xombe
Xombe [FSecure], Downloader-GJ [McAfee], Troj/Dloader-L [Sophos] January 9, 2004 January 9, 2004
Backdoor.Sdbot.S
Backdoor.SdBot.gen [Kaspersky] January 8, 2004 January 8, 2004
W32.Opaserv.AE.Worm January 7, 2004 January 8, 2004
W32.Mimail.P@mm
W32/Mimail.p@MM [McAfee], Win32.Mimail.P [Computer Associates], WORM_MIMAIL.P [Trend], W32/Mimail-N [Sophos], I-Worm.Mimail.p [Kaspersky] January 7, 2004 January 8, 2004
W32.HLLW.Gaobot.FL January 6, 2004 January 7, 2004
W32.Bizten
Trojan.Win32.Bizten [Kaspersky] January 6, 2004 January 6, 2004
W32.HLLW.Gaobot.FB
Backdoor.Agobot.3.gen [Kaspersky] January 4, 2004 January 5, 2004
Backdoor.Graybird.H January 4, 2004 January 5, 2004
W32.Miroot.Worm
W32/Legemer.worm [McAfee] January 3, 2004 January 5, 2004
W32.Bugbros@mm January 2, 2004 January 5, 2004
Backdoor.IRC.Aladinz.F
Win32.Randon.AC [Kaspersky] January 1, 2004 January 2, 2004
W32.Tupeg January 1, 2004 January 2, 2004
Download.Berbew.dam
Downloader-DI.dam [McAfee], Troj/Antikl-Dam [Sophos] December 31, 2003 January 2, 2004
W32.Jitux.Worm
W32/Jitux.worm [McAfee], WORM_JITUX.A [Trend] December 31, 2003 December 31, 2003
W32.Mumo December 29, 2003 December 30, 2003
Backdoor.Gaster December 29, 2003 December 30, 2003
W32.Torun
W32.Torun.dr, Worm.W32.Torun [Kaspersky], PE_TORUN.A [Trend] December 28, 2003 December 29, 2003
Trojan.Download.Revird December 27, 2003 December 29, 2003
Backdoor.Portless December 26, 2003 December 29, 2003
PWSteal.Bancos.D December 22, 2003 December 23, 2003
W32.Cissi.A@mm December 22, 2003 December 23, 2003






NAV Daily Definitions (Go)


*Note: The i32 Intelligent Updater package cannot be used to update Symantec AntiVirus Corporate Edition 8.0 servers or Norton AntiVirus Corporate Edition 7.6 servers, but can be used to update Corporate Edition clients. The x86 Intelligent Updater package can be used to update corporate Edition clients and servers.


Live Virus Advisory Feed