Vulnerabilities
   Source:   IDG.net
   Date Written:  March 28, 2002
   Date Collected: March 29, 2002
   Title: Windows NT/2000 hole can let attacker take over systems According to IDS vendor Entercept Security Technologies Inc., an exploit is circulating in the hacker community for a vulnerability in a software debugging component of Microsoft Corp.'s Windows NT and 2000 operating systems. The flaw, which could allow an attacker to take over the affected system, was discovered earlier this month but nothing had been made public until the discovery of the exploit. Microsoft is working on a patch to fix the problem.
http://www.idg.net/ic_837366_1794_9-10000.html

Vulnerabilities
   Source:   Network World Fusion
   Date Written:  March 29, 2002
   Date Collected: March 29, 2002
   Title: Correctable glitch found in Cisco VoIP system could crash phone
service
A vulnerability in Cisco System's IP PBX software has been discovered this week that could make an organization's voice-over-IP system vulnerable to a denial of service (DoS) attack. Specifically, the flaw affects CallManager 3.1, a crucial component of Cisco's IP voice system. A patch is available to address the problem.
http://www.nwfusion.com/news/2002/0329ciscoglitch.html

"Ancora problemi per il kernel"
Nuovo bug trovato all'interno del kernel Linux. Le versioni a rischio sono tutte quelle che vanno dalla versione 2.2.20 alla 2.4.18. Questa volta è colpa di d_path.
http://www.ziobudda.net/news/see_comments.php?id_notizia=6338

"Linux Advisory Watch - March 29th 2002"
http://www.ziobudda.net/news/see_comments.php?id_notizia=6355

"Nuovo HOWTO sull'upgrade del kernel"
In this HOWTO, we'll take an in depth look at upgrading the Linux kernel.
When you're finished, we hope you'll feel comfortable taking on the sometimes daunting task of upgrading your Linux kernel and understand a little bit more about the inner workings of Linux.
http://www.ziobudda.net/news/see_comments.php?id_notizia=6350

"Ancora sul war-driving"
Ovvero, come trovare buchi nelle reti wireless delle aziende girando in macchina con una scheda conforme al protocollo per reti senza fili 802.11.
La sentenza e' sempre quella: troppe reti insicure permettono l'accesso a chiunque (almeno negli Stati Uniti).
http://www.ziobudda.net/news/see_comments.php?id_notizia=6347

INTRODUCTION TO INTRUSION PROTECTION AND NETWORK SECURITY In this introduction to protecting your computers from intrusion, the author discusses concepts of computer security. Selecting good passwords, using firewalls, and other security concepts are introduced.
http://www.linuxsecurity.com/docs/REF/INTRO/Intrusion-INTRO/index.html

WLAN HARDENING CHECKLIST
As evidenced by the troubling number of security flaw headlines that 802.11b-based wireless LANs have garnered in recent months, developing a well-hardened WLAN infrastructure can be a complex and uncertain task. However, here are some steps that IT managers can take to lessen the vulnerability of wireless networks.
http://www.eweek.com/article/0,3658,s=712&a=24526,00.asp

A BEGINNERS GUIDE TO SECURITY (V.0.1)
"There is no 100% safe program, package or distribution. Just varying degrees of insecurity" - Hal Burgiss (Security-Quickstart HOWTO for Red Hat Linux) http://www.linuxbeginner.org/modules.php?name=News&file=article&sid=30

ALWAYS VULNERABLE: SECURITY BROADBAND CONNECTIONS Broadband connections - cable and DSL - are becoming increasingly common. However, the benefits of high-speed Internet access bring new challenges, particularly in the realm of security. This article will look at some of the risks posed by high-speed broadband connections, along with some ways that users can protect themselves and their systems.
http://online.securityfocus.com/infocus/1560

A BUFFER OVERFLOW STUDY
This study deals with the various kinds of overflows (heap,
stack) to understand how they work and how they may be used to execute malicious code. It also focuses on a few Linux solutions (Grsecurity features, Libsafe etc) and explains how they behave.
http://www.enseirb.fr/~glaume/bof/report.html

INSTANT WEB MAIL SECURITY ISSUES
1) The function command(), which sends a POP3 command to a
POP3 server, allows embedded CR and LF characters. Nowhere in the program does those characters get stripped in user input before it is sent to that function. This means that we can include additional POP3 commands in user requests.
2) The mail sending script write.php allows embedded CR and LF characters in the user input that makes up mail headers like From, To, Cc, Bcc, Subject and X-Priority. This can be used for adding uuencoded attachments up in the headers with lines ending in CR instead of CRLF, as previously discussed on Bugtraq.
Link: http://www.net-security.org/text/bugs/1017155733,99915,.shtml

DOS IN DEBIAN (POTATO) PROFTPD
The version of proftp that is in debian potato (1.2.0pre10 as reported by running 'proftpd -v ') is vulnerable to a glob DoS attack, as discovered on the 15th March 2001. You can verify this bug by logging in to a server running debian stable's proftpd and type ls */../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*
This results with 100% of the CPU and memory resources being consumed.
Link: http://www.net-security.org/text/bugs/1017229292,17495,.shtml

LINUX KERNEL D_PATH() TRUNCATING EXCESSIVE LONG PATH In case of excessively long path names d_path kernel internal function returns truncated trailing components of a path name instead of an error value. As this function is called by getcwd(2) system call and do_proc_readlink() function, false information may be returned to user-space processes.
Link: http://www.net-security.org/text/bugs/1017229542,89851,.shtml

RETRIEVING INFORMATION ON LOCAL FILES IN IE The problem lies within the dynsrc property's implementation, which completely ignores the source validity and gives script access to the assigned file even if it is not presentable.
Link: http://www.net-security.org/text/bugs/1017320607,62894,.shtml

Net Security
Win-NT, 2K debug process gives up control. Got root?
http://www.theregister.co.uk/content/55/24654.html
Also - http://news.com.com/2100-1001-871771.html

 GUNINSKI SCOVA DUE NUOVE FALLE IN OFFICE XP Secondo il noto cacciatore di bachi, Office XP soffrirebbe di due vulnerabilita' che, se combinate, potrebbero rappresentare un serio rischio di sicurezza. Pubblicato online il codice degli exploit. Con accuse a Microsoft
URL: http://punto-informatico.it/pi.asp?i=39637
Also - http://www.infoworld.com/articles/hn/xml/02/04/02/020402hnxpflaws.xml

Vulnerabilities
   Source:   Network Magazine
   Date Written:  April 3, 2002
   Date Collected: April 2, 2002
   Title: Routing Instability on the Internet Although the Border Gateway Protocol (BGP), which manages routing information between different networks, has some built-in security measures, it remains vulnerable to attacks that could potentially cause major outages on the Internet. To counter this threat, "system administrators must arm their routers with strong authentication and encrypted links, such as Secure Shell (SSH), whenever possible."
http://www.networkmagazine.com/article/NMG20020304S0007

Vulnerabilities
   Source:   The Register
   Date Written:  April 2, 2002
   Date Collected: April 2, 2002
   Title: MS security patch fails to work According to 'The Register', a Critical Security Update issued by Microsoft Corp. to patch a data binding flaw in the Internet Explorer web browser does not function correctly. The patch was supposed to prevent malicious code from being executed on a machine, but apparently fails to do so in some cases.
http://www.theregister.co.uk/content/55/24667.html

"Linux Security Week - April 1st 2002"
http://www.ziobudda.net/news/see_comments.php?id_notizia=6371

"Configurare XFree86 4.0"
LinuxOrbit presenta un'articolo dedicato a tutti quelli che vogliono avere di piu' dal loro XFree86 4.0 http://www.ziobudda.net/news/see_comments.php?id_notizia=6370

"Advanced Bash Scripting Guide - version 1.2 update"
Announcing the release of the version 1.2 update of the "Advanced Bash Scripting Guide". This LDP-hosted project is a complete tutorial and reference on the gentle art of shell scripting under Linux and generic
http://www.ziobudda.net/news/see_comments.php?id_notizia=6369

Net Security
Windows Messenger 'Trojan update' . How to kill it, how Redmond resurrects it http://www.theregister.co.uk/content/55/24668.html

"SecurityFocus Newsletter #138"
http://www.ziobudda.net/news/see_comments.php?id_notizia=6385

"SecurityFocus Linux Newsletter #74"
http://www.ziobudda.net/news/see_comments.php?id_notizia=6384

"Monitorare la propria LAN"
Un imperdibile tutorial sul come mantenere sotto monitoraggio la propria LAN utilizzando, insieme, prodotti al top della propria categoria: Dsniff, MRTG, IP Flow Meter, Tcpdump, NTOP, Ngrep e altri.
http://www.ziobudda.net/news/see_comments.php?id_notizia=6382

Vulnerabilities
   Source:   ZDNet News
   Date Written:  April 3, 2002
   Date Collected: April 3, 2002
   Title: eBay plugs 'very serious' security hole Online auction site eBay disabled the 'Change Your Password' function on its website on April 2 after a serious vulnerability had been reported that potentially allowed an attacker, who knew the user ID of an eBay account, to take over that account. Once in control, the attacker could access the user's credit card information and commit auction fraud using the account.
The feature will remain disabled until a fix has been developed. The company's authentication system has been criticized in the past for allowing other forms of attacks.
http://zdnet.com.com/2100-1106-874389.html
Also - http://www.newsbytes.com/news/02/175614.html

Vulnerabilities
   Source:   The Register
   Date Written:  April 4, 2002
   Date Collected: April 4, 2002
   Title: Flash glitch throttles bandwidth It appears that a flaw in Macromedia Flash Player 6 prevents the user from stopping "the download of large files once they have been started, resulting in a bandwidth drain to surfers."
http://www.theregister.co.uk/content/55/24707.html

"Il dizionario dei problemi di sicurezza"
Sono piu' di 2000 i termini inseriti all'interno del dizionario Common Vulnerabilities and Exposures creato e gestito dal Mitre Corp. of Bedford, Mass.
http://www.ziobudda.net/news/see_comments.php?id_notizia=6399

 MICROSOFT.NET AL SUO PRIMO PACCO
Microsoft ha rilasciato il primo service pack per il cuore della sua piattaforma .NET, un aggiornamento contenente pochi ma evidentemente importanti fix di sicurezza
URL: http://punto-informatico.it/pi.asp?i=39694

g00d reading!  'n' bye
Security  News  Staff:
The Jackal < -jackal-@libero.it >