[nycbug-talk] [Fwd: Security Threat Watch 028]

Tue May 11 11:08:51 EDT 2004

Has anyone encountered this MAC bug?

-------- Original Message --------

Security Threat Watch
	Number 028
	Monday, May 10, 2004
	Created for you by Network Computing & Neohapsis

--- Security News ----------------------------------------------

The largest vulnerability this week involves a remote buffer overflow in
the Apple File Server for various flavors of Mac OS. The advisory
indicates that remote exploitation is relatively easy.
http://archives.neohapsis.com/archives/vulnwatch/2004-q2/0023.html

In other news, it seems a potential suspect who may have been
responsible for (partial) creation of the Sasser worm has been found.
This capture seems to be the first payout from Microsoft's $5 million
antivirus author reward fund.
http://news.com.com/2100-7349_3-5208762.html

Until next week,
- The Neohapsis Security Threat Watch Team

--- Advertisement -----------------------------------------------------

Join InformationWeek for a FREE, on-demand TechWebCast on 
Enterprise Grid Computing.  It is better at balancing
workloads, is more fault-tolerant, and is more scalable.
We'll discuss three basic steps to move your business to
Grid Computing.  Register and view now:
http://update.networkcomputing.com/cgi-bin4/DM/y/egxP0GPnp20G5l0CTZF0Aa

--- New Vulnerabilities -----------------------------------------------

Below is a list of new vulnerabilities announced this week.
Vulnerabilities considered to be 'critical' involve highly-deployed
software, or carry a high-risk of system compromise.  Note that
vulnerabilities not highlighted may still be of critical severity
to your environment.

**** Highlighted critical vulnerabilities ****

AppleFileServer: LoginExt packet PathName remote overflow

**** Newly announced vulnerabilities this week ****

____Windows____

Aldos HTTP server 1.5: Web root escaping, information disclosure
http://archives.neohapsis.com/archives/bugtraq/2004-05/0013.html

Eudora 6.1: embedded file URL buffer overflow
http://archives.neohapsis.com/archives/bugtraq/2004-05/0057.html

Serv-U 5.0.0.5: large LIST command parameter DoS
http://archives.neohapsis.com/archives/bugtraq/2004-05/0012.html

Titan FTP Server 3.01: aborted LIST command remote DoS
http://archives.neohapsis.com/archives/vulnwatch/2004-q2/0025.html

____Linux____

KDE kolab: potential local configuration/password exposure
http://archives.neohapsis.com/archives/bugtraq/2004-05/0040.html

PaX Linux 2.6 patch: local DoS
http://archives.neohapsis.com/archives/bugtraq/2004-05/0004.html

SuSE Live CD 9.1: insecure listening services (SuSE-SA:2004:011)
http://archives.neohapsis.com/archives/vendor/2004-q2/0051.html

____MacOS____

AppleFileServer: LoginExt packet PathName remote overflow
http://archives.neohapsis.com/archives/vulnwatch/2004-q2/0023.html

____CGI____

Coppermine Photo Gallery 1.2.2: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2004-05/0009.html

Crystal Reports Web interface: remote file retrieval, deletion/DoS
http://archives.neohapsis.com/archives/bugtraq/2004-05/0007.html

Fuse Talk: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2004-05/0039.html

NukeJokes 1.7: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2004-05/0067.html

P4DB 2.01: remote command execution, XSS
http://archives.neohapsis.com/archives/bugtraq/2004-05/0046.html

PHP-Nuke 6.x, 7.x: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2004-05/0042.html

PHPX 3.26: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2004-05/0033.html

SMF 1.0: SIZE tag XSS
http://archives.neohapsis.com/archives/bugtraq/2004-05/0034.html

Verity Ultraseek 5.2.1: system path disclosure
http://archives.neohapsis.com/archives/vulnwatch/2004-q2/0024.html

YaBB forum 1.2: incorrect Subject field filtering
http://archives.neohapsis.com/archives/bugtraq/2004-05/0014.html

omail 0.98.5: remote command execution
http://archives.neohapsis.com/archives/bugtraq/2004-05/0032.html

____Cross-Platform____

DeleGate 8.9.2: SSL certificate remote overflow
http://archives.neohapsis.com/archives/bugtraq/2004-05/0049.html

HP WEBM agents: remote OpenSSL DoS (SSRT4717)
http://archives.neohapsis.com/archives/bugtraq/2004-05/0064.html

Heimdal kadmind: preauth remote heap overflow
http://archives.neohapsis.com/archives/bugtraq/2004-05/0048.html

--- Patches and Updates -----------------------------------------------

The following contains a list of vendor patches and updates released
this week.

____Linux____

Debian > DSA 499-1: rsync
http://archives.neohapsis.com/archives/bugtraq/2004-05/0003.html

Debian > DSA 500-1: flim
http://archives.neohapsis.com/archives/bugtraq/2004-05/0001.html

Debian > DSA 501-1: exim
http://archives.neohapsis.com/archives/vendor/2004-q2/0052.html

Fedora > FLSA-2004:1395: OpenSSL
http://archives.neohapsis.com/archives/bugtraq/2004-05/0065.html

Slackware > SSA:2004-124-01: rsync
http://archives.neohapsis.com/archives/bugtraq/2004-05/0019.html

Slackware > SSA:2004-124-02: sysklogd
http://archives.neohapsis.com/archives/bugtraq/2004-05/0016.html

Slackware > SSA:2004-124-04: libpng
http://archives.neohapsis.com/archives/bugtraq/2004-05/0017.html

Slackware > SSA:2004-125-01: lha
http://archives.neohapsis.com/archives/bugtraq/2004-05/0037.html

Slackware> SSA:2004-124-03: xine-lib
http://archives.neohapsis.com/archives/bugtraq/2004-05/0018.html

SuSE > SuSE-SA:2004:010: kernel
http://archives.neohapsis.com/archives/vendor/2004-q2/0048.html

____BSD____

FreeBSD > FreeBSD-SA-04:08: heimdal
http://archives.neohapsis.com/archives/bugtraq/2004-05/0045.html

FreeBSD > FreeBSD-SA-04:09: kadmind
http://archives.neohapsis.com/archives/bugtraq/2004-05/0043.html

OpenBSD > CVS
http://archives.neohapsis.com/archives/openbsd/2004-05/0282.html

____SCO____

SCOSA-2004.6: apache
http://archives.neohapsis.com/archives/bugtraq/2004-05/0035.html

____MacOS____

APPLE-SA-2004-05-03: multiple security updates
http://archives.neohapsis.com/archives/bugtraq/2004-05/0023.html

--- Advertisement -----------------------------------------------------

Join Transform Magazine for a FREE, on-demand TechWebCast: 
Out Of Regulatory Necessity Comes Enterprise Invention.
HP and Doculabs discuss how to align processes and
technologies with business requirements.  Learn how
organizations move toward compliance and reap the benefits.
Register and view now:
http://update.networkcomputing.com/cgi-bin4/DM/y/egxP0GPnp20G5l0CS6y0Ao 

--- Sign Off ----------------------------------------------------------

If this e-mail was passed to you, and you would like to begin receiving
our free security e-mail newsletter on a weekly basis, we invite you to
subscribe today by forwarding this message to [subscribe_stw at update.networkcomputing.com].
Or you can subscribe directly here: 
http://www.networkcomputing.com/go/stw.jhtml

To manage all aspects of your subscription and newsletter account,
simply use the URL below. You'll need your e-mail address and
password to log in. If you don't have your password, you can generate
a new one using the same URL. Once logged in, you can change your
e-mail address and password as well as select specific platforms for
which you'd like to receive information on patches and vulnerabilities.
If you have any questions regarding this system, please don't hesitate
to e-mail us at stw at nwc.com.
http://stwpref.update.networkcomputing.com/CMP/NWC/prefctr.asp

Important subscription contacts:
CMP Media LLC
600 Community Drive
Manhasset, NY 11030

Missed an issue? You can find all back issues of Security Threat Watch
(as well as Security Alert Consensus and Security Express) online.
http://archives.neohapsis.com/

Note: To better serve you we use dynamic URLs within our advertisments,
which allow us to see how many readers click on a given ad. We do not
share this information, or your personal information, with any outside
party. Concerned about the privacy of your information relative to these
tracking URLs? Please refer to our privacy policy.
http://www.doubleclick.net/us/corporate/privacy

We'd like to know what you think about the newsletter and what
information you'd like to see in future editions. E-mail your comments
to (stw at nwc.com).

To unsubscribe from this newsletter, forward this message to
[unsubscribe_stw at update.networkcomputing.com]. 

Copyright (c) 2004 Network Computing, a CMP Media LLC publication. All
Rights Reserved. Distributed by Network Computing
(http://www.networkcomputing.com). Powered by Neohapsis Inc., a
Chicago-based security assessment and integration services consulting
group (info at neohapsis.com | http://www.neohapsis.com/).

This message powered by DARTmail
http://www.doubleclick.net/us/corporate/privacy

-- 
Cheers,
Mikel King
Optimized Computer Solutions, INC
39 West Fourteenth Street
Second Floor
New York, NY 10011
http://www.ocsny.com

+------------------------------------------+
You may like them. You will see. You may
like them in a tree.
http://www.FreeBSD.org
http://www.OpenOffice.org
http://www.Mozilla.org
+------------------------------------------+
How do you spell cooperation? Pessimists use
each other, but optimists help each other.
Collaboration feeds your spirit, while
competition only stokes your ego. You'll
find the best way to get along.
+------------------------------------------+