Latest Advisories

Live Virus Advisory Feeds
2004-01-27

*Live Feeds are from Panda, Trend Micro, and Symantec

Live Virus Advisory Feeds

Secunia

Secunia Highlights:
Internet Explorer URL Spoofing Vulnerability
A vulnerability has been identified in Internet Explorer, which can be exploited by malicious people to display a fake URL in the address and status bars.
Windows XP Malicious Folder Automatic Code Execution Vulnerability
http-equiv has reported a vulnerability in Windows XP, which can be exploited by malicious people to compromise a user's system or gain escalated privileges.

Latest 15 Secunia Security Advisories:
2004-01-27
- BEA WebLogic HTTP TRACE Response Cross-Site Scripting Issue

- BEA WebLogic May Provide Access to Wrong Identity

- ProxyNow! HTTP Request Buffer Overflow Vulnerabilities

- Mac OS X Security Update Fixes Multiple Vulnerabilities

- Fedora update for slocate

- Red Hat update for gaim

- Red Hat update for slocate

- Slackware update for gaim

- Mandrake update for tcpdump

- Mandrake update for gaim

- Mandrake update for mc

- Debian update for gnupg

- FinJan SurfinGate Proxy Access to Admin Functions

- Novell Groupwise Cross Site Scripting Vulnerability

- Gaim Multiple Buffer Overflow Vulnerabilities

Top 5 Most Read Secunia Security Advisories (Last 24 hours):
- Windows XP Malicious Folder Automatic Code Execution Vulnerability

- Internet Explorer URL Spoofing Vulnerability

- Gallery Arbitrary File Inclusion Vulnerability

- Serv-U FTP Server SITE CHMOD Command Buffer Overflow Vulnerability

- NetWare Enterprise Web Server Cross Site Scripting Vulnerability


Security Tracker

BEA WebLogic May Disclose Managed Server Password to Local Users

A vulnerability was reported in BEA's WebLogic Server and Express. The system may write the username and password used to start a managed server to a file in clear text.

Impact: Disclosure of authentication information

BEA WebLogic May Write Administrator Password in Clear Text to 'config.xml'

A vulnerability was reported in BEA WebLogic Server and Express version 8.1 (including Service Pack 1). A local user may be able to view the administrator's password.

Impact: Disclosure of authentication information, User access via local system

BEA WebLogic May Disclose MBean Passwords to Operators in Certain Cases

A vulnerability was reported in BEA WebLogic Server and Express. An authenticated Operator may be able to gain access to passwords that can, in turn, allow the user to gain administrative access on the application.

Impact: Disclosure of authentication information, User access via network

WebLogic Server and Express Input Validation Flaw in Processing HTTP TRACE Requests Permits Cross-Site Scripting

A vulnerability was reported in WebLogic Server and Express. A remote user can cross-site scripting attacks using HTTP TRACE requests.

Impact: Disclosure of authentication information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information

ProxyNow! Buffer Overflow Lets Remote Users Gain SYSTEM Privileges

Several vulnerabilities were reported in ProxyNow! A remote user can execute arbitrary code on the target system with SYSTEM privileges.

Impact: Execution of arbitrary code via network, Root access via network


SecurityFocus BugTraq
SecurityFocus Vulnerabilities

01/26/2004 ProxyNow! 2.x Multiple Overflow Vulnerabilities Peter Winter-Smith
01/26/2004 Re: Windows XP Explorer Executes Arbitrary Code in Folders Stuart Moore
01/26/2004 RE: Self-Executing FOLDERS: Windows XP Explorer Part V Thor Larholm
01/26/2004 Re: Self-Executing FOLDERS: Windows XP Explorer Part V mightye[removethis] mightye[removethis]@mightye.org
01/26/2004 [RHSA-2004:032-01] Updated Gaim packages fix various vulnerabiliies bugzilla redhat com
01/26/2004 Re: QuadComm Q-Shop ASP Shopping Cart Software multiple security vulnerabilities S-Quadra Security Research
01/26/2004 Directory traversal and XSS in BremsServer 1.2.4 Donato Ferrante
01/26/2004 Advisory 01/2004: 12 x Gaim remote overflows Stefan Esser
01/26/2004 Serv-U ftp 4.2 site chmod long_file_name exploit Qianwei Hu
01/25/2004 Self-Executing FOLDERS: Windows XP Explorer Part V http-equiv@excite.com
01/25/2004 Re: Major hack attack on the U.S. Senate Crispin Cowan
01/24/2004 NextPlace.com E-Commerce ASP Engine Rafel Ivgi, The-Insider
01/24/2004 Re: vulnerabilities of postscript printers Theo de Raadt
01/24/2004 Re: Major hack attack on the U.S. Senate ed the7thbeer com
01/24/2004 Re: [work] Re: Major hack attack on the U.S. Senate Jonathan A. Zdziarski
01/24/2004 Inrtra Forum Cross Site Scripting Vulnerabillity Rafel Ivgi, The-Insider
01/24/2004 Re: vulnerabilities of postscript printers Bob Beck
01/24/2004 RE: Major hack attack on the U.S. Senate bugtraq anastrophe com
01/24/2004 Re: vulnerabilities of postscript printers Stephen Samuel
01/24/2004 Re: Major hack attack on the U.S. Senate Dinesh Nair
01/24/2004 BWS v1.0b3 Directory Transversal Vulnerability Rafel Ivgi, The-Insider
01/24/2004 Re: [work] Re: Major hack attack on the U.S. Senate opticfiber
01/24/2004 Resources consumption in Reptile webserver daily version Donato Ferrante
01/24/2004 Re: vulnerabilities of postscript printers der Mouse
01/24/2004 Tiny Server 1.1 (1.0.5) Multiple Vulnerabilities Donato Ferrante
01/24/2004 Oracle HTTP Server Cross Site Scripting Vulnerabillity Rafel Ivgi, The-Insider
01/24/2004 Re: vulnerabilities of postscript printers Michael Zimmermann
01/24/2004 [SST]ServU MDTM command remote buffero verflow adv icbm
01/24/2004 Re: Major hack attack on the U.S. Senate rsh idirect com
01/24/2004 Re: vulnerabilities of postscript printers der Mouse
01/24/2004 Re: vulnerabilities of postscript printers Glynn Clements
01/24/2004 Re: vulnerabilities of postscript printers Michael Zimmermann
01/24/2004 Re: vulnerabilities of postscript printers Michael Zimmermann
2004-01-23: Jabber Server SSL Handling Denial of Service Vulnerability
2004-01-23: Reptile Web Server Remote Denial Of Service Vulnerability
2004-01-23: QuadComm Q-Shop SQL Injection Vulnerabilities
2004-01-23: Novell Netware Enterprise Web Server Multiple Vulnerabilities
2004-01-23: Sun Solaris modload() Unauthorized Kernel Module Loading Vulnerability
2004-01-23: ELM frm Command Remote Buffer Overflow Vulnerability
2004-01-23: QMail-SMTPD Long SMTP Session Integer Overflow Denial of Service Vulnerability
2004-01-23: Apache mod_python Module Malformed Query Denial of Service Vulnerability
2004-01-22: McAfee ePolicy Orchestrator Agent HTTP POST Buffer Mismanagement Vulnerability
2004-01-22: Linux Kernel do_mremap Function Boundary Condition Vulnerability
2004-01-22: Linux Kernel do_brk Function Boundary Condition Vulnerability
2004-01-22: Native Solutions TBE Banner Engine Server Side Script Execution Vulnerability
2004-01-22: Netbus Directory Listings Disclosure and File Upload Vulnerability
2004-01-22: Acme thttpd CGI Test Script Cross-Site Scripting Vulnerability
2004-01-22: Apache mod_perl Module File Descriptor Leakage Vulnerability
2004-01-22: EA Black Box Need For Speed Hot Pursuit 2 Game Client Remote Buffer Overflow Vulnerability
2004-01-22: lftp Try_Squid_Eplf Buffer Overflow Vulnerability
2004-01-22: lftp Try_Netscape_Proxy Buffer Overflow Vulnerability
2004-01-22: TCPDump ISAKMP Decoding Routines Multiple Remote Buffer Overflow Vulnerabilities
2004-01-22: OpenSSH Buffer Mismanagement Vulnerabilities
2004-01-22: SuSE Multiple Scripts Insecure Temporary File Handling Symbolic Link Vulnerabilities
2004-01-21: HP-UX UUCP Unspecified Buffer Overflow Vulnerability
2004-01-21: HP-UX UUSUB System Hostname Buffer Overflow Vulnerability
2004-01-21: CDE LibDTHelp DTHelpUserSearchPath Local Buffer Overflow Vulnerability
2004-01-21: Xoops MyLinks Myheader.php Cross-Site Scripting Vulnerability
2004-01-21: Honeyd Remote Virtual Host Detection Vulnerability
2004-01-21: Microsoft Windows Samba File Sharing Resource Exhaustion Vulnerability
2004-01-21: Mephistoles HTTPD Cross-Site Scripting Vulnerability
2004-01-21: Darkwet Network WebcamXP Cross-Site Scripting Vulnerability
2004-01-21: Cisco Voice Product IBM Director Agent Port Scan Denial Of Service Vulnerability
2004-01-21: Cisco Voice Product IBM Director Agent Unauthorized Remote Administrative Access Vulnerability
2004-01-21: OpenSSL ASN.1 Parsing Vulnerabilities
2004-01-21: Ethereal SMB Protocol Dissector Denial of Service Vulnerability
2004-01-21: Ethereal Q.931 Protocol Dissector Denial of Service Vulnerability
2004-01-21: AIPTEK NETCam Webserver Directory Traversal Vulnerability
2004-01-21: 2Wire HomePortal Series Directory Traversal Vulnerability
2004-01-21: DUware Software Multiple Vulnerabilities
2004-01-20: Anteco Visual Technologies OwnServer Directory Traversal Vulnerability
2004-01-20: WebTrends Reporting Center Management Interface Path Disclosure Vulnerability
2004-01-20: Mozilla Browser Cross Domain Violation Vulnerability
2004-01-20: HP-UX RWrite Buffer Overflow Vulnerability
2004-01-20: Sendmail Ruleset Parsing Buffer Overflow Vulnerability
2004-01-20: Sendmail Prescan() Variant Remote Buffer Overrun Vulnerability
2004-01-20: Multiple Vendor rpc.mountd File Disclosure Vulnerablity
2004-01-20: PHPix Remote Arbitrary Command Execution Vulnerability
2004-01-20: NetScreen Security Manager Insecure Default Remote Communication Vulnerability
2004-01-20: KDE Personal Information Management Suite VCF File Remote Buffer Overflow Vulnerability
2004-01-20: CVS Malformed Request System Root File Creation Vulnerability

Symantec SSR

W32.Novarg.A@mm
W32/Mydoom@MM [McAfee], WORM_MIMAIL.R [Trend] January 26, 2004 January 26, 2004
W32.Mimail.Q@mm
W32/Mimail.q@MM [McAfee], WORM_MIMAIL.Q [Trend], W32/Mimail-Q [Sophos] January 26, 2004 January 26, 2004
W32.Dumaru.Z@mm
W32/Dumaru.z@MM [McAfee] January 25, 2004 January 26, 2004
W32.Dumaru.Y@mm
W32/Dumaru.y@MM [McAfee], I-Worm.Dumaru.j [Kaspersky], Win32.Dumaru.Y [Computer Associates], W32/Dumaru-Y [Sophos], WORM_DUMARU.Y [Trend] January 23, 2004 January 26, 2004
Trojan.Bookmarker.D January 23, 2004 January 26, 2004
W32.HLLW.Sanker January 22, 2004 January 23, 2004
Backdoor.OptixPro.13b
Backdoor.Optix.Pro.13 [Kaspersky] January 21, 2004 January 22, 2004
Backdoor.Tuxder January 20, 2004 January 20, 2004
Trojan.Httpdos
Backdoor.Snart.j[Kaspersky] January 20, 2004 January 20, 2004
Trojan.Mitglieder.C
Mitglieder [F-Secure] January 20, 2004 January 20, 2004
VBS.Zsyang.B@mm
I-Worm.Zsyang [Kaspersky] January 19, 2004 January 19, 2004
W32.Beagle.A@mm
I-Worm.Bagle [Kaspersky], WORM_BAGLE.A [Trend], W32/Bagle-A [Sophos], W32/Bagle@MM [McAfee], Win32.Bagle.A [Computer Associates] January 18, 2004 January 18, 2004
Backdoor.IRC.Aladinz.H January 18, 2004 January 18, 2004
Trojan.Bookmarker.C January 15, 2004 January 16, 2004
W32.Protoride.Worm January 16, 2004 January 16, 2004
W97M.Twopey.E
Macro.Word97.Racaga [Kaspersky] January 15, 2004 January 16, 2004
W32.Stuplo January 15, 2004 January 16, 2004
Backdoor.IRC.Aladinz.G
Worm.Win32.Randon.o [Kaspersky] January 15, 2004 January 15, 2004
Downloader.Mimail.B
Downloader-GN [McAfee], Troj/Mmdload-A [Sophos] January 14, 2004 January 16, 2004
W32.HLLC.Elpmis January 14, 2004 January 15, 2004
W32.HLLW.Nettrash
Backdoor.NetTrash, Backdoor/NetTrash.10.a [Kaspersky] January 12, 2004 January 13, 2004
Trojan.Bookmarker.B January 12, 2004 January 13, 2004
W32.HLLW.Gaobot.FQ
W32/Gaobot.worm.gw [McAfee] January 12, 2004 January 13, 2004
PWSteal.Freemega January 11, 2004 January 12, 2004
PWSteal.Leox January 11, 2004 January 12, 2004
Backdoor.Threadsys January 10, 2004 January 12, 2004
Trojan.Xombe
Xombe [FSecure], Downloader-GJ [McAfee], Troj/Dloader-L [Sophos] January 9, 2004 January 9, 2004
Backdoor.Sdbot.S
Backdoor.SdBot.gen [Kaspersky] January 8, 2004 January 8, 2004
W32.Opaserv.AE.Worm January 7, 2004 January 8, 2004
W32.Mimail.P@mm
W32/Mimail.p@MM [McAfee], Win32.Mimail.P [Computer Associates], WORM_MIMAIL.P [Trend], W32/Mimail-N [Sophos], I-Worm.Mimail.p [Kaspersky] January 7, 2004 January 8, 2004
W32.HLLW.Gaobot.FL January 6, 2004 January 7, 2004
W32.Bizten
Trojan.Win32.Bizten [Kaspersky] January 6, 2004 January 6, 2004
W32.HLLW.Gaobot.FB
Backdoor.Agobot.3.gen [Kaspersky] January 4, 2004 January 5, 2004
Backdoor.Graybird.H January 4, 2004 January 5, 2004
W32.Miroot.Worm
W32/Legemer.worm [McAfee] January 3, 2004 January 5, 2004
W32.Bugbros@mm January 2, 2004 January 5, 2004
Backdoor.IRC.Aladinz.F
Win32.Randon.AC [Kaspersky] January 1, 2004 January 2, 2004
W32.Tupeg January 1, 2004 January 2, 2004
Download.Berbew.dam
Downloader-DI.dam [McAfee], Troj/Antikl-Dam [Sophos] December 31, 2003 January 2, 2004
W32.Jitux.Worm
W32/Jitux.worm [McAfee], WORM_JITUX.A [Trend] December 31, 2003 December 31, 2003
W32.Mumo December 29, 2003 December 30, 2003
Backdoor.Gaster December 29, 2003 December 30, 2003
W32.Torun
W32.Torun.dr, Worm.W32.Torun [Kaspersky], PE_TORUN.A [Trend] December 28, 2003 December 29, 2003
Trojan.Download.Revird December 27, 2003 December 29, 2003
Backdoor.Portless December 26, 2003 December 29, 2003






NAV Daily Definitions (Go)


*Note: The i32 Intelligent Updater package cannot be used to update Symantec AntiVirus Corporate Edition 8.0 servers or Norton AntiVirus Corporate Edition 7.6 servers, but can be used to update Corporate Edition clients. The x86 Intelligent Updater package can be used to update corporate Edition clients and servers.


Live Virus Advisory Feed