GAME SERVER BASI DI LANCIO PER I DDOS
Una nota societa' di sicurezza punta il dito su alcuni server dedicati al gioco multiplayer via Internet, a suo dire utilizzabili dai cracker per lanciare temibili attacchi DoS distribuiti. GameSpy ammette il rischio crack
URL: http://punto-informatico.it/pi.asp?i=42775
Also - http://www.theregister.co.uk/content/55/28924.html

SQL SERVER 2000 AL TERZO PACCO
Disponibile per il download il Service Pack 3 per SQL Server 2000, un megapacco che include tutte le patch rilasciate per il server di database di Microsoft e alcune migliorie funzionali
URL: http://punto-informatico.it/pi.asp?i=42773

Norton Internet Security
Vendor: Symantec
A denial of service vulnerability was reported in Symantec's Norton Internet Security 2003 firewall product. A remote user may be able to cause the firewall to crash.
Impact: Denial of service via network
Alert: http://securitytracker.com/alerts/2003/Jan/1005937.html

Xserver
Vendor: HP (Compaq)
An unspecified vulnerability was reported in the Xserver for HP's HP-UX operating system version 11.22. A remote authenticated user or a local user could obtain elevated privileges on the system.
Impact: Root access via local system
Alert: http://securitytracker.com/alerts/2003/Jan/1005936.html

Rpc
Vendor: Sun
A vulnerability was reported in Sun Solaris in the processing of RPC requests using AUTH_DES authentication. A remote user may be able to obtain root access on the system.
Impact: Root access via network
Alert: http://securitytracker.com/alerts/2003/Jan/1005934.html

phpBB
Vendor: phpBB Group
An input validation vulnerability was reported in in phpBB. A remote authenticated user can inject certain SQL commands to be executed by the underlying database.
Impact: Denial of service via network
Alert: http://securitytracker.com/alerts/2003/Jan/1005933.html

Dhcp
Vendor: ISC (Internet Software Consortium) Several buffer overflow vulnerabilities were reported in the Internet Software Consortium's (ISC) DHCPD. A remote user can execute arbitrary code on the target system.
Impact: Execution of arbitrary code via network
Alert: http://securitytracker.com/alerts/2003/Jan/1005924.html

mpg123
Vendor: mpg123.de
A buffer overflow vulnerability was reported in the 'mpg123'
MP3 audio player. A remote user could cause arbitrary code to be executed when a malicious MP3 file is played.
Impact: Execution of arbitrary code via network
Alert: http://securitytracker.com/alerts/2003/Jan/1005918.html

"Sicurezza Informatica: un processo da organizzare"
Ridurre la sicurezza informatica ad un semplice aggiornamento di software, cercando di chiudere i bachi che di tanto in tanto emergono è una visione altamente riduttiva del problema.
http://www.ziobudda.net/news/see_comments.php?id_notizia=10058

"E' uscito FreeBSD 5.0... e vai!! ;)"
Bhè penso che il titolo sia esplicativo... :) Se nn l'avete mai provata, questo è il momento per farlo e per scoprire un nuovo meraviglioso mondo...parola di Jackal ;) http://www.freebsd.org/releases/5.0R/announce.html

COLPISCE SAHAY, TERMINATOR ANTIWORM
Un nuovo, piccolo e viscido vermicello di nome Sahay striscia fra le maglie della Rete a caccia di un altro worm, Yaha, di cui vuole la testa. Fra gli altri suoi hobby c'e' corrompere i file e mandare in crash i computer infettati
URL: http://punto-informatico.it/pi.asp?i=42791
Also - http://news.zdnet.co.uk/story/0,,t269-s2128957,00.html
Also - http://www.sophos.com/virusinfo/articles/sahay.html

Vulnerabilities
Title: Well-known security flaws go ignored
Source: vnunet.com
Date Written: January 20, 2003
Date Collected: January 20, 2003
According to the Open Web Application Security Project (OWASP), poor software development practices and inadequate security policies leave many companies vulnerable to well-known and easily exploitable security flaws.
OWASP recently released a list of the most serious Internet application security vulnerabilities, which could threaten the security of the "entire Internet".
http://www.vnunet.com/News/1138108

INTRODUCTION TO NGREP
Here's an introduction to ngrep, a packet sniffing tool that can use regular expressions to search for specific patterns inside packets.
>> http://www.net-security.org/news.php?id=1796

DECRYPTING THE SECRET TO STRONG SECURITY Whitfield Diffie writes: "Is open-source software better for security than proprietary software?"
>> http://www.net-security.org/news.php?id=1832

"Coresis rilascia il suo Corso Linux Base sotto GPL"
Coresis ha deciso di rilasciare con licenza FDL, l'equivalente GPL per testi e documentazione, il suo CORSO DI AMMINISTRAZIONE BASE LINUX, in cui si affrontano, con forte enfasi su problematiche e casi reali, le nozioni di base che deve avere un system administrator Linux.
http://www.ziobudda.net/news/see_comments.php?id_notizia=10076

"Come migliorare le performance del kernel di Linux"
Un tutorial per migliorare le performance del kernel di Linux!
http://www.ziobudda.net/news/see_comments.php?id_notizia=10086

UNO SNIFFATORE DI RETI WIRELESS
Ha la forma di una carta di credito e si propone di dare una mano a chi vuole sfruttare le reti wi-fi con il proprio portatile. Piccolo tool per wardriver
URL: http://punto-informatico.it/pi.asp?i=42816

MICROSOFT UNVEILS CD PIRATE-PROOFING
New software can control unauthorised copying, claims Redmond Microsoft claims it has invented a system of preventing CDs from being Illegally copied. The software giant is the latest to come up with a solution to what has been a major problem to the music industry
http://www.security-research.org/modules.php?op=modload&name=News&file=article&sid=75

MORE CRITICAL VULNS IN PHP TOPSITES
More critical vulnerabilties is the popular php topsites scripts were discovered by the CyberArmy Security Research ACAT team recently. Check out the full story for details of the vulnerability.
Version: All
Script: edit.php
vendor: itop10.net
Type: Code Injection/Execution Vulnerability http://www.security-research.org/modules.php?op=modload&name=News&file=article&sid=80

Vulnerabilities
Title: Well-known security flaws go ignored
Source: vnunet.com
Date Written: January 20, 2003
Date Collected: January 21, 2003
The Open Web Application Security Project (OWASP) has published a list of well-known and dangerous security exploits found in applications. Though many of these exploits have been well documented and well studied, even for decades, many firms have not taken steps to counteract these exploits. Some software development projects even replicate mistakes that years of experience should filter out. Quocirca analyst Clive Longbottom states that security professionals need to develop products and services directed at small companies that can't afford an IT security specialist.
http://www.vnunet.com/News/1138108

I recently completed a white paper that demonstrates some techniques that can be used for detecting spoofed MAC addresses on 802.11 networks. In this paper I identify tactics that can be used to identify the use of the Wellenreiter, FakeAP and AirJack tools through anomaly analysis.
http://home.jwu.edu/jwright/papers/wlan-mac-spoof.pdf

The Linux Virus Writing HOWTO describes how to write parasitic file viruses which infect ELF executables on Linux/i386. Contains a lot of source code.
Every mentioned infection method is accompanied with a practical guide to detection. Changes: Added a rewritten segment scanner in C, added support for 64-bit ELF, and a fix for an embarrassing bug in the table of used RPM packages. The document is finished up to "Segment padding infection"; all the following chapters are probably broken.
http://packetstormsecurity.org/papers/virus/virus-writing-HOWTO-2003-01-08.tar.gz

Vulnerabilities
Title: Security Flaw Exposes AOL Accounts
Source: EWeek.com
Date Written: January 22, 2003
Date Collected: January 22, 2003
Millions of America Online (AOL) subscriber accounts were once again vulnerable to eavesdropping this week. Although AOL plugged the security hole early Wednesday morning, it is unclear at this point how many AOL and AIM accounts have been compromised. The flaw allowed any AOL user to access any other AOL user's personal data without requiring a password. AOL has faced several major security breaches in the past, most notably in summer of 2000 when hackers were able to access the subscriber's information database that includes detailed customer records like credit card information.
http://www.eweek.com/article2/0,3959,840980,00.asp

Vulnerabilities
Title: Rampant cordless keyboard strikes again
Source: Aftenposten
Date Written: January 20, 2003
Date Collected: January 22, 2003
Hewlett-Packard Norway will no longer guarantee the security of their cordless keyboards after several incidents in which keyboards beamed their information to other people's computers. Ørjan Stokkeland thought his computer had a virus, causing random words to appear in text fields, until his supposed virus wrote a letter bearing the name of his neighbor. HP spokesman Joakim Larsen warns against typing sensitive information on these keyboards, and advises, "If you want to be completely sure that no one can see what you are writing then you should use a keyboard with a cord."
http://www.aftenposten.no/english/local/article.jhtml?articleID=474623

GROSSA BRECCIA IN UN DEMONE DI SOLARIS
Tutte le versioni dello Unix di Sun, o quasi, sono afflitte da una grave vulnerabilita' di sicurezza che potrebbe spalancare le porte ai cracker.
Colpa di un servizio per la gestione dei colori
URL: http://punto-informatico.it/pi.asp?i=42839
Also - http://www.eweek.com/article2/0,3959,840818,00.asp

ALCUNI SERVER A RISCHIO PER UNA FALLA
Microsoft ha rilasciato i primi tre bollettini di sicurezza del 2003. Fra questi c'e' una vulnerabilita' classificata come grave che colpisce alcuni server con Windows NT/2000. L'ora dello sparapatch
URL: http://punto-informatico.it/pi.asp?i=42836
Also - http://zdnet.com.com/2100-1105-981745.html
Also - http://www.theinquirer.net/?article=7379
Also - http://212.100.234.54/content/55/28998.html
Also - http://www.idg.net/ic_1022684_9716_1-5046.html

Cybercrime-Hacking
Title: Personal Data Is Pirated From Russian Phone Files
Source: NY Times
Date Written: January 23, 2003
Date Collected: January 23, 2003
Mobile Telesystems, a Russian mobile phone carrier, has suffered a security breach, with pirated CDs of the company's customer database, containing the personal information of five million people, appearing for sale on the streets of Moscow. A spokeswoman for the company has stated that determining the source of the leak will be difficult, since rules governing the use of the database are very strict. Mobile phone carriers and Internet service providers are required by Russian law to provide customer information to government agencies, and some suspect that a low-paid employee in the Federal Security Service may have sold the information.
http://www.nytimes.com/2003/01/23/business/worldbusiness/23DATA.html

WEB VULNERABILITY PUTS INTERNET USERS, SITES AT RISK After months of extensive research, San Jose California-based WhiteHat Security has unmasked a flaw in one of the Web's cornerstone protocols which places all e-commerce sites, as well as scores of Internet users, in jeopardy http://www.extremetech.com/article2/0,3973,841047,00.asp

"Vulnerabilities in your code: Advanced Buffer Overflows"
In this paper, CoreSecurity underline some of the most common mistakes made by programmers, presented as ten examples by gera (Advanced Buffer Overflows). We pinpoint the exact location of vulnerabilities in the codes and provide exploit for each one found.
http://www.core-sec.com/examples/core_vulnerabilities.pdf

"Vulnerabilities in your code: Format Strings"
Second paper, from "Vulnerabilities in your code" series, shows programmers that they have to be careful when using format strings. It contains information about exploitation of these types of bugs, presented as five examples by gera.
http://www.core-sec.com/examples/core_format_strings.pdf

Microsoft:hidden files
Will this world ever be safe from privacy issues? According to the riddler it seems like it's only getting worse. Microsoft is one of the biggest companies out there and also one of the biggest threats to privacy out there.
http://www.astalavista.com/library/os/win95-98/mshidden.txt

The Java string cache
"The behaviour of Java's 'string literals' is a commonly misunderstood feature of the platform, but with a little knowledge of this system and some liberal hacking using the reflection API it is possible to cause 'System.out.println("Hello World")' to actually display a completely different piece of text. doubters read on.
http://www.ca-osi.com/modules.php?name=News&file=article&sid=457

Cybercrime-Hacking
Title: Concerns Raised as Virus Writers Publish E-Zine
Source: InfoSecurity Magazine
Date Written: January 23, 2003
Date Collected: January 24, 2003
A hacker group calling itself GEDZAC, or Zoneavirus, has published its first e-zine, according to security intelligence firm iDefense. The e-zine, titled Mitosis, contains source code for a dozen viruses and tips, such as how to avoid detection by antivirus software. The new e-zine joins a growing list of publications, such as 2600 and Phrack, written for and by the hacker community.
http://www.infosecuritymag.com/2003/jan/digest23.shtml#news4

Vulnerabilities
Title: Security flaw found in open-source tool
Source: ZDNet News
Date Written: January 23, 2003
Date Collected: January 24, 2003
A critical vulnerability has been found in the Concurrent Versions System
(CVS) according to an advisory from the Computer Emergency Response Team
(CERT) Coordination Center. CVs is used by a majority of the open-source software projects to update and maintain code. The security flaw allows attackers to take control of a CVS server and potentially make changes to the source code. The scope of the vulnerability is immeasurable.
Sourceforge.net alone uses CVS to maintain over 55,000 open-source projects.
Even CVS is maintained by CVS. As opposed to other open-source software attacks, this flaw would make an attack extremely difficult to detect since CVS is the keeper of the raw code. No exploits for this vulnerability are thought to exist, and many key CVS repositories have already begun work arounds to protect their code.
http://zdnet.com.com/2100-1104-981801.html
Also - http://www.theregister.co.uk/content/56/29019.html

Vulnerabilities
Title: Experts Warn Against Overreacting to New Attack
Source: EWeek.com
Date Written: January 23, 2003
Date Collected: January 24, 2003
A whitepaper released by White Hat Security Inc., of Santa Clara, Calif.
demonstrates an HTTP vulnerability that could expose sensitive user authentication data. The vulnerability takes advantage of the TRACE request and falls into the class of attacks known as cross-site scripting. However, security experts point out that the vulnerability is not new, and that the attack requires the attacker to control the user's computer. "Of course, the actual severity of cross-site scripting is still a thing of myth and guesstimation. Exploitation is still a feat of luck and social engineering,"
Rain Forest Puppy, a security expert and one of the moderators of the VulnWatch mailing list, wrote in a post to the list.
http://www.eweek.com/article2/0,3959,842428,00.asp

CERT Advisory CA-2003-03 Buffer Overflow in Windows Locator Service A buffer overflow vulnerability in the Microsoft Windows Locator service could allow a remote attacker to execute arbitrary code or cause the Windows Locator service to fail. This service is enabled and running by default on Windows 2000 domain controllers and Windows NT 4.0 domain controllers.
http://www.security-research.org/modules.php?op=modload&name=News&file=article&sid=106

*******SPOT*******
Portale in cui potrai trovare informazioni, testi e programmi sulla sicurezza, hardware e tanto altro!Contiene più di 1.5Gb di roms, oltre 100Old Games e più di 300 sfondi ad alta qualità. www.gnomixland.com
*******/SPOT*******

g00d reading! 'n' bye
Security News MainTainer:
The Jackal a.k.a. jAcKallO < -jackal-@libero.it > (AreaSessantuno Member) / (SpiPPolatori Collaborator) (HackerAlliance Member) / (Daily DisInfo CreaTor & MainTainer)