Mac OS X
Vendor: Apple Computer
A denial of service vulnerability was reported in the Mac OS X operating system. A local user can cause a kernel panic.
Impact: Denial of service via local system
Alert: http://securitytracker.com/alerts/2002/Dec/1005772.html
InterScan VirusWall
Vendor: Trend Micro
A vulnerability was reported in TrendMicro's InterScan VirusWall. A remote user can connect to the proxy and connect to arbitrary services on arbitrary hosts, potentially including hosts on the internal network.
Impact: Host/resource access via network
Alert: http://securitytracker.com/alerts/2002/Dec/1005768.html
Apache
Vendor: Apache Software Foundation
An information disclosure vulnerability was reported in the Apache web server in the mod_jk module. The flaw occurs when mod_jk is used with the Tomcat server. A remote user may obtain information intended for another user. A remote user may also cause the service to become unusuable.
Impact: Denial of service via network
Alert: http://securitytracker.com/alerts/2002/Dec/1005765.html
Microsoft WLAN Feature
Vendor: Microsoft
An information disclosure vulnerability was reported in the Microsoft Windows XP wireless LAN (WLAN) support feature. A remote user may be able to obtain information about registered access points.
Impact: Disclosure of system information
Alert: http://securitytracker.com/alerts/2002/Dec/1005761.html
Sygate Personal Firewall
Vendor: Sygate
A vulnerability was reported in the Sygate Personal Firewall.
A local user with appropriate operating system privileges can stop the service without a password.
Impact: Modification of system information
Alert: http://securitytracker.com/alerts/2002/Dec/1005760.html
Microsoft Outlook
Vendor: Microsoft
A vulnerability was reported in Microsoft Outlook. A remote user can send e-mail to cause the client to crash.
Impact: Denial of service via network
Alert: http://securitytracker.com/alerts/2002/Dec/1005757.html
Netscape Enterprise Server
Vendor: Netscape
An input validation vulnerability was reported in the Netscape Enterprise Server Manager in the log viewer. A remote user could cause arbitrary Javascript-based server commands to be executed.
Impact: User access via network
Alert: http://securitytracker.com/alerts/2002/Dec/1005755.html
Sendmail
Vendor: Sendmail Consortium
An access control vulnerability was reported in Sendmail. A remote user with the ability to control a DNS server or spoof the DNS may be able to bypass a target server's sendmail access controls and send mail to or via that server.
Impact: Host/resource access via network
Alert: http://securitytracker.com/alerts/2002/Dec/1005748.html
Microsoft Internet Explorer (IE)
Vendor: Microsoft
A vulnerability was reported in the showModalDialog() function in Microsoft Internet Explorer. A remote user can cause arbitrary scripting code to be executed, allowing cross-site scripting attacks.
Impact: Disclosure of authentication information
Alert: http://securitytracker.com/alerts/2002/Dec/1005747.html
Netfilter
Vendor: Netfilter.org
An access control vulnerability was reported in the Linux kernel Netfilter/IPTables firewall functions. A local user may be able to read arbitrary network traffic in certain circumstances.
Impact: Disclosure of system information
Alert: http://securitytracker.com/alerts/2002/Dec/1005746.html
Linksys Cable/DSL Router
Vendor: Linksys
Several vulnerabilities were reported in the Linksys BEFW11S4 Wireless router. A remote user can bypass authentication to gain administrative control of the router or can execute arbitrary code on the router.
Impact: Execution of arbitrary code via network
Alert: http://securitytracker.com/alerts/2002/Dec/1005744.html
Problemi sulle apparecchiature Wireless Apple E' stato riscontrato un problema di ingegnerizzazione di alcuni apparecchi wireless dell'APPLE, precisamente i modelli della linea Titanium PowerBook, o "TiBook". Il problema riguarderebbe il meteriale metallico dell'involucro, che attenuerebbe di molto il segnale RF.
http://www.securitywireless.info/link.asp?TOPIC_ID=101
Dall'Implementazione alla security di una rete Wireless Ormai il wireless sta sempre piu' prendendo il "volo" e fiducia, il crescente aumento di questi apparecchi ne è la prova più evidente.
http://www.securitywireless.info/article_read.asp?id=40
SMART CARD TRADITE DALL'ATTIVITA' ELETTRICA Lo sostiene una societa' che si occupa di sistemi crittografici e che ha scoperto un metodo, basato sull'analisi dell'attivita' elettrica, per ricostruire dati memorizzati su smart card e token
URL: http://punto-informatico.it/pi.asp?i=42443
"Floppyfw 1.0.15: Firewall & Router in un floppy!"
Oggi è stata rilasciata la versione 1.0.15 di FloppyFw, basata sul kernel 2.2.23. Floppyfw è una soluzione completa di router e firewall che occupa lo spazio di un singolo floppy
http://www.ziobudda.net/news/see_comments.php?id_notizia=9555
"Linux, rilasciata la patch per l'ext3 bug"
Andrew Morton ha annunciato il rilascio di una patch che risolve il bug presente nel file system ext3 di Linux 2.4.20.
http://www.ziobudda.net/news/see_comments.php?id_notizia=9552
"Firewall alla prova dei nuovi test ICSA"
Alcuni vendor hanno sottoposto i propri firewall ai test ICSA nella nuova versione 4.0 I risultati, dal punto di vista dei firewall, non sono molto consolanti, ma forse questi test aiuteranno a migliorare la sicurezza di prodotti non sempre all'altezza.
http://www.ziobudda.net/news/see_comments.php?id_notizia=9549
Also - http://www.net-security.org/news.php?id=1575
Vulnerabilities
Title: Microsoft Ups IE Flaw to 'Critical'
Source: EWeek.com
Date Written: December 9, 2002
Date Collected: December 9, 2002
On December 6, 2002, Microsoft Corp. raised the severity rating for a recent
cumulative patch for Internet Explorer from 'moderate' to 'critical' after
Danish security researcher Thor Larholm was able to show that the
vulnerability was more serious than Microsoft had realized and could allow
an attacker to run malicious code on a vulnerable machine. The flaw affects
versions 5.5 and 6.0 of the Internet Explorer web browser and can be
exploited by "either sending the malicious code to the user in an HTML mail
message or luring the user to a Web page containing the code."
http://www.eweek.com/article2/0,3959,754178,00.asp
Also - http://zdnet.com.com/2100-1105-976440.html
Also - http://www.nwfusion.com/news/2002/1209msflaw.html
Vulnerabilities
Title: Samba security flaw gets patch
Source: ZDNet News
Date Written: December 9, 2002
Date Collected: December 9, 2002
A variety of open source software firms, including Red Hat, SuSE,
MandrakeSoft, Debian, Turbolinux and Conectiva, have issued patches to fix a
serious vulnerability in versions 2.2.2 through 2.2.6 of the Samba software
used "to let computers running the Microsoft Windows operating system tap
into files on Linux machines, and vice versa."
http://zdnet.com.com/2110-1105-976441.html
Vulnerabilities
Title: Microsoft Windows Remote Desktop Protocol (RDP) uses weak algorithm for encrypting packets
Source: CERT
Date Written: December 6, 2002
Date Collected: December 9, 2002
A new Microsoft security flaw was published by CERT on December 6, 2002.
Microsoft Window's (XP and 2000) Remote Desktop Protocol (RDP) uses an
encryption algorithm susceptible to compromise by a determined attacker. The
attacker would then be able to view the data transferred during the remote
desktop session. Microsoft has issued a patch. The flaw was discovered by
Ben Cohen and Pete Chown of Skygate Technology Ltd.
http://www.kb.cert.org/vuls/id/865833
Vulnerabilities
Title: Data-loss bug afflicts Linux
Source: C-Net News
Date Written: December 6, 2002
Date Collected: December 9, 2002
A software bug that could cause data loss has been discovered and fixed in a
recently issued version of the Linux kernel. Though this kernel was
available to users, it had not yet become part of the packaged Linux
operating systems. However, this flaw has nudged Linux programmers to begin
using more formal bug-tracking tools. Though this bug was "not very severe"
according to Andrew Morton, who posted the patch on December 6, 2002, it
highlights the increased importance given to security issues for competing
operating systems. Red Hat, the leading Linux distributor, has its own
bug-tracking site and uses Bugzilla, an open source bug-tracking software.
http://news.com.com/2100-1001-976427.html
AN INTRODUCTION TO DISTRIBUTED DENIAL OF SERVICE ATTACKS
This article will explain the concept of DDoS attacks, how they
work, how to react if you become a target, and how the security
community can work together to prevent them.
>> http://www.net-security.org/news.php?id=1574
/ETC/INITTAB - THE MOST OVERLOOKED CRACKER HAVEN
Crackers can cause their software to be run by adding entries
to /etc/inittab, a file frequently missed by administrators.
>> http://www.net-security.org/news.php?id=1595
Shutting Down Sygate Personal Firewall Without Supplying Password
>> http://www.net-security.org/vuln.php?id=2277
"Il bug sull'ext3"
CNet parla del bug dell'ext3 e di come i programmatori affrontino i bug del
kernel
http://www.ziobudda.net/news/see_comments.php?id_notizia=9574
"C'è ancora qualcosa da fare nel kernel?"
Una interessante discussione sulla lkml: un programmatore si chiede se ci
sia ancora qualcosa di interessante da fare nel kernel, o se siano rimasti
solo lavori di ottimizzazione e manutenzione.
http://www.ziobudda.net/news/see_comments.php?id_notizia=9571
ANONIMATO, UFFICIALE IL REMAILER DI FIRENZE
Si e' conclusa la fase sperimentale del nuovo sistemone che consente di
inviare messaggi elettronici nel pieno anonimato. Entusiasmo tra i
sostenitori della privacy. Il nuovo strumento a disposizione di tutti. Ecco
cos'e' e come funziona
URL: http://punto-informatico.it/pi.asp?i=42480
"Nuovo kernel di sviluppo"
Rilasciata la versione 2.5.51: nessuna rivoluzione, ma molti piccoli fix
http://www.ziobudda.net/news/see_comments.php?id_notizia=9590
Vulnerabilities
Title: Vulnerability Note VU#630355
Source: CERT
Date Written: December 9, 2002
Date Collected: December 11, 2002
The CERT Coordination Center is warning that "Netscape and iPlanet
Enterprise Servers fail to sanitize log files before they are displayed
using the administration client." The Carnegie Mellon University group
warns that "IPlanet Enterprise Server and Netscape Enterprise Server
versions prior to 4.1. SP12 have a vulnerability involving the rendering of
<SCRIPT> tags embedded in the web logs when viewed through the
administration client." A patch is available to address the problem. The
impact of the vulnerability is that "A remote attacker can execute arbitrary
script as the administrator of the server by embedding <SCRIPT> tags in URL
requests that are subsequently viewed in the administration client."
http://www.kb.cert.org/vuls/id/630355
Vulnerabilities
Title: Senate Closes Accidental Anonymizer
Source: Security Focus
Date Written: December 10, 2002
Date Collected: December 11, 2002
Hacker Adrian Lamo discovered an open proxy server for the www.senate.gov
Web site. Network administrators shut down the server "that for months had
turned the site into a free Web anonymizer that could have allowed savvy
surfers to launder their Internet connections so that efforts to trace them
would lead to Capitol Hill." Director of technology development for the
Senate Sergeant-at-Arms Tracy Williams believes misconfigured devices
associated with the government Web site are to blame for the open server.
Lamo, who discovered a security vulnerability in the New York Times' network
in February 2002, notified administrators monitoring the site of the
vulnerability.
http://online.securityfocus.com/news/1780
"SmoothWall: condividere l'accesso ad Internet facilmente!"
Se avete bisogno di condividere il vostro accesso ad Internet, e volete
farlo in modo rapido e sicuro, Smoothwall è quello che fa per voi! In questa
pagina trovate le spiegazioni (in italiano!) per configurarlo.
http://www.ziobudda.net/news/see_comments.php?id_notizia=9624
OTTO NUOVE FALLE NELLA MS VIRTUAL MACHINE
Sono otto le nuove vulnerabilita' di sicurezza corrette da Microsoft nella
sua nuova versione della Virtual Machine Java. Tappate anche due falle di
Windows
URL: http://punto-informatico.it/pi.asp?i=42488
Also - http://www.pcworld.com/news/article/0,aid,107936,00.asp
Also - http://news.zdnet.co.uk/story/0,,t269-s2127469,00.html
Also - http://www.net-security.org/article.php?id=306
Also - http://www.microsoft.com/security/security_bulletins/ms02-071.asp
Also - http://www.microsoft.com/security/security_bulletins/ms02-070.asp
Also - http://www.microsoft.com/security/security_bulletins/ms02-069.asp
Vulnerabilities
Title: Trend Micro squashes buffer overflow bug
Source: The Register
Date Written: December 12, 2002
Date Collected: December 12, 2002
Anti-virus vendor Trend Micro issued a fix that addresses buffer overflow
vulnerabilities in POP3-proxy of PC-cillin and OfficeScan. The flaw could
be exploited by a local user, and Trend Micro recommends applying a service
pack to address the problem.
http://www.theregister.co.uk/content/56/28529.html
Malware
Title: Threats move beyond Linux to Windows
Source: ZDNet
Date Written: December 10, 2002
Date Collected: December 13, 2002
Rootkits, historically existent only in the Unix/Linux OS world has made the
leap to Windows OS. Rootkits are a collection of tools used to compromise a
computer or network of computers. Two common components of rootkits are
backdoor access utilities and keylogger applications. Backdoor utilities
allow attackers to gain "unfettered and undetected" access to the host.
Keylogger utilities are used by attackers to record valid user key strokes,
including IDs and passwords. Using both in tandem a hacker can gain
undetected, privileged access to high value assets. Additionally rootkits
can contain network sniffers, giving the hacker a the potential of a network
map and IDs and passwords of other privileged users. Many rootkits exist
for the Unix and Linux operating system, but now a proof-of-concept Windows
NT rootkit has been created.
http://www.zdnet.com.au/newstech/security/story/0,2000024985,20270561,00.htm
Vulnerabilities
Title: RealNetworks Readies Patch for Media Player
Source: PC World
Date Written: December 12, 2002
Date Collected: December 13, 2002
RealNetworks recently completed a thorough security review of its RealOne
Player software and expects to release a patch by December 25, 2002.
Recently, RealNetworks released a patch to fix a possibly severe flaw, but
the patch itself was flawed. Though RealNetworks not received any reports
of attacks, it stresses that it "takes all potential vulnerabilities very
seriously and continues to work with the security professionals to verify
and fix the 'buffer overrun' errors." Mark Litchfield, who discovered the
security flaws in the RealOne Player, praises RealNetworks for its swift
action.
http://www.pcworld.com/news/article/0,aid,107927,00.asp
Vulnerabilities
Title: Apache suffers more attacks
Source: ZDNet
Date Written: December 10, 2002
Date Collected: December 13, 2002
A recent slew of Apache Web server security vulnerabilities have raised the
concern of system administrators. Apache Web server runs on about 60
percent of all Web servers. Esecurityplanet.com recently reported that
Apache software "is being actively attacked on the Internet. Coming on the
heels of the concerted attack against the DNS root servers last month, this
exploited vulnerability against such a core component of the Web has caused
rinsing concern about the overall vulnerability of the Internet to
systematic attacks.
http://techupdate.zdnet.com/techupdate/stories/main/0,14179,2901333,00.html
*******SPOT*******
SfondiMania
Ogni giorno riceverai comodamente nella tua email 1 immagine ad alta qualità per il tuo desktop. Tale servizio viene offerto da GnomixLand.com in collaborazione con Bismark.it
http://www.gnomixland.com/phpscript/pagina.php?sezioni=Newsletter#SfondiMania
*******/SPOT*******
g00d reading! 'n' bye
Security News MainTainer:
The Jackal a.k.a. jAcKallO < -jackal-@libero.it >
(AreaSessantuno Member) / (SpiPPolatori Collaborator)
(HackerAlliance Member) / (Daily DisInfo CreaTor & MainTainer)
