BUCO NELLE VPN BASATE SU WINDOWS 2000/XP Una vulnerabilita' scoperta nel software di VPN di Windows 2000/XP potrebbe mettere a rischio molte intranet aziendali. Microsoft ne sta analizzando l'effettiva pericolosita'
URL: http://punto-informatico.it/pi.asp?i=41573

"Difendersi da Slapper: il worm per Linux"
Come rendersi immuni da Slapper, l'ultimo arrivato dei Worm per Linux.
Sfrutta una vulnerabilità di OpenSSH e potrebbe infettare moltissimi web server Apache. Di Andrea Scrimieri.
http://www.ziobudda.net/news/see_comments.php?id_notizia=8542

Telnet
Vendor: IBM
A buffer overflow vulnerability was reported in the telnet/tn/tn3270 commands on IBM's AIX UNIX operating system. A local user may be able to obtain root privileges
Impact: Execution of arbitrary code via local system
Alert: http://securitytracker.com/alerts/2002/Sep/1005298.html

Windows PPTP Service
Vendor: Microsoft
A buffer overflow vulnerability was reported in Microsoft's point-to-point protocol (PPTP) service. A remote user can cause the system to crash and may be able to execute arbitrary code.
Impact: Denial of service via network
Alert: http://securitytracker.com/alerts/2002/Sep/1005296.html

Front Page
Vendor: Microsoft
A vulnerability was reported in a component of Microsoft FrontPage Server Extensions (FSPE). A remote user could cause denial of service conditions or could execute arbitrary code on the server, depending on the version of FPSE.
Impact: Denial of service via network
Alert: http://securitytracker.com/alerts/2002/Sep/1005287.html

Apache mod_dav
Vendor: Apache Software Foundation
A vulnerability was reported in the Apache 2.0 version's 'mod_dav' distributed authoring and versioning (DAV) component. A remote user may be able to trigger a segmentation fault and cause denial of service conditions.
Impact: Denial of service via network
Alert: http://securitytracker.com/alerts/2002/Sep/1005285.html

PHP-Nuke
Vendor: Phpnuke.org
An input validation vulnerability was reported in PHP-Nuke in the 'modules.php' script. A remote user can conduct cross-site scripting attacks against PHP-Nuke users.
Impact: Disclosure of authentication information
Alert: http://securitytracker.com/alerts/2002/Sep/1005282.html

Fetchmail
Vendor: Raymond, Eric S.
A buffer overflow vulnerability was reported in fetchmail. A remote user may be able to cause arbitrary code to be executed when fetchmail is operating in multi-drop mode.
Impact: Execution of arbitrary code via network
Alert: http://securitytracker.com/alerts/2002/Sep/1005273.html

*SECURITY FIX ISSUED FOR WATCHGUARD FIREWALL WatchGuard Technologies last week released hotfixes for vulnerabilities affecting its Vclass software. Legacy RSSA appliances running the current version of Vclass software and legacy RSSA appliances that haven't upgraded to Vclass software are also affected. The vulnerabilities originate in the command line interface (CLI) and include a format strings vulnerability in the password validation code that could allow an attacker to gain root access. WatchGuard recommends "that all affected customers download, test and install the appropriate version of this hotfix as soon as is practical." The company also recommends verifying that only trusted hosts can connect to the CLI.
http://watchguard.com/vars/rssa.asp

UN ESERCITO SUPERA LA CIFRATURA A 64BIT
Ci sono voluti l'equivalente di quattro anni/uomo per superare l'algoritmo, un lavoro di analisi compiuto da 331mila computer messi a disposizione da volontari
URL: http://punto-informatico.it/pi.asp?i=41602
Also - http://www.vnunet.com/News/1135452
Also - http://www.eweek.com/article2/0,3959,560039,00.asp

** I FORMATI DI OFFICE SONO DAVVERO SEGRETI? ** Secondo una credenza molto diffusa, i formati dei file scritti da Microsoft Office sarebbero segreti.
[Pubblicato su www.zeusnews.it il 30-9-2002] >> di Paolo Attivissimo http://www.zeusnews.it/news.php3?cod=1580

Malware
Title: Honeymoon over for Linux users
Source: vnunet.com
Date Written: September 30, 2002
Date Collected: September 30, 2002
Open source software has being targeted by malware writers more often as these products gain popularity. Network Associates' Anti-virus Emergency Response Team (AVERT) detected "over 170 viruses and Trojans for Linux, as well as an additional 30 Unix shell scripts." Slapper worm variants, which affect Linux run machines, have infected 2,500 (Slapper C) and 19,200 (Slapper B) machines. It is estimated that Linux use has grown 30 percent per year, and as popularity grows, so will the number of malicious codes released to target these systems. Experts also fear that hybrid attacks, which use a variety of attacks to affect a number of different operating systems.
http://www.vnunet.com/News/1135481

Vulnerabilities
Title: Office 97 Users Warned: Upgrade Or Face Security Risks
Source: Boston Internet.com
Date Written: September 27, 2002
Date Collected: September 30, 2002
The Giga Information Group is warning Microsoft Office 97 users to upgrade immediately because of security and technical flaws. A recently discovered flaw in Microsoft Word 97 could be exploited to allow an attacker to, under specific circumstances, retrieve Word documents from a target computer.
Microsoft is aware of the vulnerability and is working on a patch, but users who stay with the older software are dependrnt on Microsoft deeming the security problem necessary.
http://boston.internet.com/news/article.php/1472131

WHO'S ON YOUR NETWORK?
Many organizations are finding that firewalls, antivirus software and user authentication policies aren't enough to keep networks safe. That explains the growing market for intrusion detection technology.
>> http://www.net-security.org/news.php?id=1090

WI-FI IN THE WILD: A FREELOADER'S GUIDE
The cryptic symbols began showing up on city sidewalks and walls this summer: small, squiggly lines scrawled in white chalk, surrounded by arcane strings of letters and numbers. But who created them?
>> http://www.net-security.org/news.php?id=1103

LINUX FIREWALL ON OUT OF DATE HARDWARE: KERNEL 2.2 OR 2.4?
The people at Portazero.info are publishing a performance test, trying to understand what kernel is best suited for a Linux firewall based on an out of date PC.
>> http://www.net-security.org/news.php?id=1107

DIGITAL DEFENSE TEST
This test is based on a list of best practices for individual users and home network users developed by CERT.
>> http://www.net-security.org/news.php?id=1109

REMOTE MANAGEMENT OF WIN2K SERVERS: THREE SECURE SOLUTIONS This article will discuss three methods to make the remote management of Win2K servers more secure.
>> http://www.net-security.org/news.php?id=1110

EXPLOITING COMMON VULNERABILITIES IN PHP APPLICATIONS Shaun Clowes: "This paper is based on my speech during the Blackhat briefings in Singapore and Hong Kong in April 2001."
>> http://www.net-security.org/news.php?id=1114

LINUX NEWBIE ADMINISTRATOR GUIDE
This is a complete reference for new Linux users who wish to set up and administer their own Linux home computer, workstation and/or their home or small office network.
>> http://sunsite.dk/linux-newbie

"Linux 2.5.39"
Nuova versione del ramo 2.5 da parte di L. Torvalds. E non sono poche le differenze rispetto alla versione 2.5.38.
http://www.ziobudda.net/news/see_comments.php?id_notizia=8575

"Alan Cox: Linux 2.4.20-pre8-ac3"
Pochi i fix rispetto alla versione pre8-ac2.
http://www.ziobudda.net/news/see_comments.php?id_notizia=8574

Malware
Title: Bugbear eats credit cards, passwords
Source: ZDNet News
Date Written: October 1, 2002
Date Collected: October 1, 2002
A new Internet worm, known as Bugbear or Tanatos, is spreading worldwide on October 1, 2002. The worm, which spreads via e-mail or network file sharing, could affect users of all versions of the Windows operating system (OS).
Bugbear contains a Trojan horse program that terminates anti-virus and firewall software and attempts to steal passwords and credit card information. A Microsoft patch is available to fix the problem.
http://news.zdnet.co.uk/story/0,,t269-s2123098,00.html
Also - http://www.infoworld.com/articles/hn/xml/02/09/30/020930hnievirus.xml
Also - http://www.msnbc.com/news/815117.asp
Also - http://www.vnunet.com/News/1135543

Malware
Title: Virus poses as Microsoft security patch
Source: Network World Fusion
Date Written: September 30, 2002
Date Collected: October 1, 2002
A new computer virus was discovered on September 30, 2002 that attempts to spread using an e-mail masquerading as a Microsoft security patch. The e-mail urges recipients to run an attachment that appears to be a fix for flaws in Microsoft's Internet Explorer web browser and Outlook e-mail software. The attachment is in fact a virus. This form of deception is a common technique to facilitate the spread of malware.
http://www.nwfusion.com/news/2002/0930msvirus.html

"OpenSkills"
Coresis è lieta di annunciare la nascita del progetto di knowledge condiviso OpenSkills. Si tratta di un vortal tecnico orientato a professionisti dell'IT, in particolare System Administrators, che sul sito possono trovare informazioni e nozioni pratiche per l'amministrazione di server Unix / Linux e Windows.
http://www.ziobudda.net/news/see_comments.php?id_notizia=8596

"Linus Torvalds: Linux 2.5.40"
Ancora un aggiornamento del Kernel. Consultate il link per il ChangeLog.
http://www.ziobudda.net/news/see_comments.php?id_notizia=8593

Vulnerabilities
Title: FBI, SANS update list of systems vulnerabilities
Source: Government Computer News
Date Written: October 2, 2002
Date Collected: October 2, 2002
The FBI's National Infrastructure Protection Center (NIPC) and the SysAdmin, Audit, Networking and Security (SANS) Institute, on October 2, 2002, released their annual 'Top 20' list of security vulnerabilities for Windows and Unix systems. The top three vulnerabilities for Windows are: Internet Information Services (IIS); Microsoft Data Access Components; and SQL Servers. The top three vulnerabilities for Unix are: Remote procedure calls; Apache Web Servers; and Secure Shell.
http://www.gcn.com/vol1_no1/daily-updates/20164-1.html
Also - http://www.eweek.com/article2/0,3959,582091,00.asp

NUOVE CREPE IN WINDOWS, MEGAPATCH PER SQL SERVER Nella giornata di ieri Microsoft ha distribuito quattro bollettini di sicurezza relativi a 4 nuove falle di Windows, 3 di Services for Unix e una patch cumulativa per SQL Server
URL: http://punto-informatico.it/pi.asp?i=41641
Also - http://news.com.com/2100-1001-960639.html
Also - http://www.nwfusion.com/news/2002/1003msflaw.html

"Decomprimere un file può essere pericoloso?"
Nelle popolari utilità unzip e tar sono state scoperte alcune vulnerabilità che consentirebbero ai cracker di cancellare dei file arbitrari attraverso la decompressione di un file malizioso.
http://www.ziobudda.net/news/see_comments.php?id_notizia=8614

Vulnerabilities
Title: Are Your Word Documents Bugged?
Source: Techweb
Date Written: October 2, 2002
Date Collected: October 3, 2002
While it is well known that Microsoft Word is vulnerable to "malevolent macros and document viruses", it could also allow an attacker access to personal files stored on a vulnerable machine in more subtle ways. Exploits using a Word feature called field codes could hijack multiple files if the attacker knows their absolute path on the drive. Several proof of concept exploits using field codes have already been developed.
http://www.techweb.com/tech/security/20021002_security

"Stato del Kernel 2.5"
Come ogni settimana KernelNewbies.org presenta lo stato attuale del kernel linux ramo 2.5
http://www.ziobudda.net/news/see_comments.php?id_notizia=8638

"Tutto quello che volevi sapere su Linux"
ExtremeTech ha un interessantissimo articolo dedicato a Linux e a tutto quelle cose che un newbie vorrebbe sapere prima di affrontare il grande passo.
http://www.ziobudda.net/news/see_comments.php?id_notizia=8637

Vulnerabilities
Title: Apache fixes scripting flaw
Source: The Register
Date Written: October 4, 2002
Date Collected: October 4, 2002
Based on a recent posting to the BugTraq security mailing list, it appears that a variety of Apache web servers are vulnerable to a number of cross-site scripting attacks. Successful attacks using manipulated HTML pages or script code could allow a hacker to steal cookie-based authentication credentials or execute unauthorized commands on the vulnerable machine. Secure Apache software updates are available to resolve the problems.
http://www.theregister.co.uk/content/55/27438.html
Also - http://www.eweek.com/article2/0,3959,590304,00.asp

g00d reading! 'n' bye
Security News MainTainer:
The Jackal a.k.a. jAcKallO < -jackal-@libero.it > (AreaSessantuno Member) / (SpiPPolatori Collaborator) (HackerAlliance Member) / (Daily DisInfo CreaTor & MainTainer)