Patch per Office XP new
Rilasciata una nuova patch da parte di MIcrosoft. L'aggiornamento riguarda i software Microsoft Outlook 2000 e Microsoft Outlook 2002.
URL: http://www.hwfiles.it/news/237.html

Net Security
MS Word runs malicious e-mail scripts. Patch on http://www.theregister.co.uk/content/4/25033.html

"New KernelAnalysis-HOWTO"
E' disponibile il nuovo documento KernelAnalyses-HOWTO che dovrebbe aiutare a districarsi tra i sorgenti del kernel
http://www.ziobudda.net/news/see_comments.php?id_notizia=6709

Malware
Source: The Register
Date Written: April 26, 2002
Date Collected: April 29, 2002
Title: Cisco and Sophos spoofed in virus mail-outs E-mails are being sent out that appear to be from Cisco's Product Security Incident Response team (PSIRT) that contain an virus-infected attachment, width.pid. Additionally, spoofed e-mail messages appearing to originate from anti-virus vendor Sophos contain the Klez-G worm.
http://www.theregister.co.uk/content/56/25052.html

Vulnerabilities
Source: OSAC Cybernews
Date Written: April 27, 2002
Date Collected: April 29, 2002
Title: Virus Alert! Cellphones, PDAs Can Be Targets Too Wireless Internet connectivity not only is vulnerable to exploitation by hackers attempting to gain unauthorized access to a system, but also to virus and other malware proliferation. Cell phones, personal digital assistants, and other hand-held devices could be the target of malware attacks as their popularity increases. One such example is the Phage virus that affected the Palm platform and overwrote data in files.
http://www.ds-osac.org/edb/cyber/news/story.cfm?KEY=7974

Vulnerabilities
Source: NewsFactor
Date Written: April 26, 2002
Date Collected: April 29, 2002
Title: Wireless Networks Let Your Computers Share - Sometimes Unintentionally Wireless 802.11b cards installed in laptops can give users a great deal of mobility and freedom. However, these cards can be insecure, and if proper security precautions are not taken, the machine utilizing the wireless connection can be insecure within a 300-foot range. Hackers with the proper technology can actually move around, a technique known as war driving, and pick up wireless networks.
http://www.newsfactor.com/perl/story/17460.html

Net Security
Microsoft Excels @ insecurity. Guninski collars another bug.
http://www.theregister.co.uk/content/6/25064.html

Net Security
WinAmp's 'malicious MP3' vuln. All you need is an upgrade http://www.theregister.co.uk/content/55/25075.html

WIRELESS LAN SECURITY: A SHORT HISTORY
If you're holding back on an 802.11 deployment because of security concerns, you're not alone. Research indicates that the perceived insecurity of wireless networks is a major inhibitor to further market growth.
http://www.oreillynet.com/pub/a/wireless/2002/04/19/security.html

SETTING UP A FREEBSD FIREWALL WITH AN IPSEC UPLINK This article shares steps for setting up an IPSec tunnel for securing a 802.11b wireless uplink. The article also covers basic NAT and IPFW for use with this setup.
http://www.bsdtoday.com/2002/April/Features671.html

OVERVIEW OF ATTACK TRENDS
This paper in PDF format, gives a brief overview of recent trends that affect the ability of organizations and individuals to use the Internet safely.
Link: http://www.cert.org/archive/pdf/attack_trends.pdf

DENIAL OF SERVICE IN MULTIPLE IE VERSIONS OBJECT elements are used for embedded OLE in HTML documents.
A flaw in the way Microsoft Internet Explorer processes this directive allows a page that causes a loop in object dependancy, or loads itself in a certain manner in an OBJECT, to completely crash Internet Explorer.
Link: http://www.net-security.org/text/bugs/1019477085,70900,.shtml

CGISCRIPT.NET - CSMAILTO.CGI - REMOTE COMMAND EXECUTION The script stores all its configuration data in hidden form fields, relying on the user to accurately (and honestly) echo that information back with each form submission. The only thing allowing a user from having complete control over the script is a referer check which is easily bypassed.
Link: http://www.net-security.org/text/bugs/1019726143,95500,.shtml

SUDO PASSWORD PROMPT VULNERABILITY
Sudo - A popular utility for allowing users to execute commands as other users contains a vulnerability which may be exploited to execute arbitrary commands.
Link: http://www.net-security.org/text/bugs/1019823011,90906,.shtml

Hey guys, the Spring 2002 issue of Hacker's Digest has been released today and can be viewed at http://www.hackersdigest.com/issue4.html

Vulnerabilities
Source: Newsbytes
Date Written: April 29, 2002
Date Collected: April 30, 2002
Title: New Stealth Attack Found Against Personal Firewalls The program Backstealth, "designed to access a remote Web site and download a harmless text file without detection by the user's firewall," was posted to the Packetstorm Web site last week. The program can defeat outbound blocking by several personal firewall products.
http://www.newsbytes.com/news/02/176213.html
Also - http://www.hwfiles.it/news/239.html

Vulnerabilities
Source: ZDNet
Date Written: April 29, 2002
Date Collected: April 30, 2002
Title: Microsoft warns of Outlook attacks Microsoft has issued a warning that those editing or creating e-mails in rich text or HTML formats with the Microsoft Word option could be vulnerable to malicious scripts. A patch is available from Microsoft. Veteran bug hunter Georgi Guninski reports that the patch only addresses the Outlook and Word issues, but does not fix the vulnerability in Excel that creates the vulnerability.
http://zdnet.com.com/2100-1104-893841.html
Also - http://www.theregister.co.uk/content/6/25064.html

Technology
Source: PC Magazine
Date Written: April 30, 2002
Date Collected: May 1, 2002
Title: Hack Yourself for Top Security Individual persistence is the first line of defense for technology security, in conjunction with anti-virus and new vulnerability assessment software.
Similar information has been posted to the ExtremeTech web site, which operators claim is diligently updated, and can be accessed at www.extremetech.com/syscheck.
http://www.pcmag.com/article/0,2997,s=1493&a=25840,00.asp

Vulnerabilities
Source: ZDNet
Date Written: May 1, 2002
Date Collected: May 1, 2002
Title: Netscape flaw exposes hard drives GreyMagic Security, an Israeli software firm, reported that a patch for a Netscape and Mozilla software vulnerability still has not been released by AOL Time Warner, although the firm disclosed the vulnerability to the company on April 24, 2002. According to the software firm, the vulnerability allows a hidden code in a web page to request data an Internet user's computer files.
http://zdnet.com.com/2100-1104-896099.html
Also - http://www.newsbytes.com/news/02/176261.html

Vulnerabilities
Source: New Scientist
Date Written: May 1, 2002
Date Collected: May 1, 2002
Title: Music player bug could let in MP3 viruses The music player Winamp contains a bug within one of its codes that enables computer viruses to be hidden in MP3 files. The vulnerability can be avoided by deactivating Winamp's "minibrowser" for those individuals who do not possess the latest version 2.80, which does not contain the bug.
http://www.newscientist.com/news/news.jsp?id=ns99992236
Also - http://punto-informatico.it/pi.asp?i=39955

Net Security
Multiple Solaris vulns reported. We don't even know where to begin http://www.theregister.co.uk/content/55/25083.html

Kernel 2.5.12
Nuovo kernel di sviluppo. E non sono poche le novita'.
http://www.ziobudda.net/Admin/redir_news.php?id=6770

Apache 2.0 su Win2000
Un articolo che spiega passo per passo come installare Apache 2.0 su Windows2000 cosi' da eliminare IIS (insieme a tutti i suoi problemi di sicurezza).
http://www.ziobudda.net///Admin/redir_news.php?id=6754

Intrusion Detection
La vostra casa (la LAN) è da proteggere. Il firewall è la protezione. Ma come controllate se qualche d'uno ha tentato di accedere a casa vostra ?
Utilizzando un Intrusion Detection.
http://www.ziobudda.net///Admin/redir_news.php?id=6736

Linux Security Week - April 29th 2002
http://www.ziobudda.net///Admin/redir_news.php?id=6738

Updated SecurityFocus Newsletter #142
http://www.ziobudda.net///Admin/redir_news.php?id=6740

E' stato rilasciato il numero 6 di Ondaquadra. Correte a scaricarlo e a leggerlo!!
http://ondaquadra.cjb.net/

FILE A RISCHIO CON NETSCAPE E MOZILLA
Una societa' di sicurezza israeliana ha scoperto una grave falla di Netscape e Mozilla che permetterebbe ad un cracker di leggere file dal PC dell'utente
URL: http://punto-informatico.it/pi.asp?i=39979

BACKSTEALTH, IL BUCA-FIREWALL MADE IN ITALY Attraverso un nuovo tool per la sicurezza uno sviluppatore italiano ha dimostrato come sia possibile aggirare le barriere di molti dei piu' noti personal firewall
URL: http://punto-informatico.it/pi.asp?i=39978

THE WALL, QUELLO DI SOLARIS E' BUCATO
Alcuni esperti di sicurezza hanno scoperto una seria falla nel demone rwalld di Solaris che potrebbe consentire ad un cracker di eseguire comandi arbitrari
URL: http://punto-informatico.it/pi.asp?i=39982

Vulnerabilities
Source: CERT
Date Written: May 1, 2002
Date Collected: May 2, 2002
Title: CERT® Advisory CA-2002-10 Format String Vulnerability in rpc.rwalld CERT issued a warning about a vulnerability that affects Sun Solaris 2.5.1, 2.6.7, and 8 systems. According to CERT, the rwall daemon (rpc.rwalld), a device that listens for requests on the network contains a format string vulnerability. If exploited, this vulnerability could permit an intruder to remotely execute arbitrary code and gain root privileges, or the privileges of the rwall daemon. A patch is not currently available, although security measures may be taken to limit access to rpc.rwalld.
http://www.cert.org/advisories/CA-2002-10.html
Also - http://www.infoworld.com/articles/hn/xml/02/05/02/020502hnsunhole.xml
Also - http://www.iss.net/security_center/static/8971.php

Vulnerabilities
Source: Newsbytes
Date Written: May 1, 2002
Date Collected: May 2, 2002
Title: USB Port Devices Pose Security Threat Security experts have now determined that USB ports are capable of providing a gateway for malware to attack a network, while also allowing large quantities of information to be transported from the network.
http://www.newsbytes.com/news/02/176291.html

g00d reading! 'n' bye
Security News Staff:
The Jackal a.k.a jAcKallO
<-jackal-@libero.it>