CERTStation Threat Management Advisory Serving over 52,000 professionals
   
Date 08.22.08
   
   
Researcher reveals critical Java bugs in Nokia phones
Gmail Account Automatic Hacking Tool Presented at Defcon
VeriSign releases stock fraud protection service
Microsoft issues massive security update
Buffer overflow reported in FlashGet download manager
Fri, Aug 22 2008
Debate is reaching a fever pitch over a new security feature in Firefox 3.0 that throws out a warning page to users when a Web site's SSL certificate is expired or has not been issued by a trusted third party.
Fri, Aug 22 2008
Microsoft's Security Vulnerability Research & Defense team (SVRD) have recently posted information online about the Cross Site Scripting (XSS) filter to be incorporated into Internet Explorer 8 when it is released.
Fri, Aug 22 2008
Unless you're a dyed in the wool cryptographic geek you probably didn't know that there was a Crypto conference, or even a chain of worldwide crypto conferences that take place each year.
Fri, Aug 22 2008
The next releases of SUSE Linux, OpenSUSE 11.1 and SUSE Linux Enterprise 11 (SLES), will see the security extension SELinux moving into the SUSE distribution.
Fri, Aug 22 2008
Almost two-thirds of 'white-collar' professionals don't care about their privacy on work computers, according to a survey by the Information Systems Audit and Control Association (ISACA).
Thu, Aug 21 2008
Symantec has just released its monthly spam report for July, and it shows the appearance of new ingenious ways that hijackers use in order to either sell products through spam or infect the targeted machines.
Thu, Aug 21 2008
As soon as we covered the release of iPhone software 2.0.1, one of our readers promptly wrote, "at last - bug fixes for 2.0!" These are the feelings of the whole iPhone community, which is downright fed up with the issues surrounding Apple's new iPhone 3G.
Thu, Aug 21 2008
Progress in attacking hash functions was presented by cryptologists at Crypto 2008. They explained their attack on the GOST Russian hash standard - usage of GOST is mandatory in Russian government offices.
Thu, Aug 21 2008
The United States Computer Emergency Response Team (US-CERT) has raised an alarm for a serious vulnerability in Apache Tomcat, warning that a proof-of-concept exploit is publicly available.
Thu, Aug 21 2008
Security vendor McAfee has announced it will extend its security products to Mobile Internet Devices (MIDs) and Intel-based laptops.
 
65 additonal records not shown
Exploit of the week

Exploit of the week selected by CERTStation Labs is found in a well known Cisco router -- model number 2621MX. A security researcher by the name of Andy Davis has published a public exploit for the vulnerability found in Cisco IOS FTP Server. The published exploit can be used only when the router is attached to gdb.

Vulnerability of the week

The vulnerability of the week selected this week by CERTStation Labs is found in BEA WebLogic. According to Secunia the buffer overflow in BEA WebLogic, which can at least trigger system crashes, may be exploited to remotely inject and execute arbitrary code. The flaw is caused by Apache Connector which appears not to check certain POST requests sufficiently. Although the authenticity of the flaw is still in question Secunia and FrSirt have already rated this as Highly Critical.

Security website of the week

The website of the week selected by CERTstation labs is bestsecuritytips.com. The website contains tons of information related to information security -- from hundreds of tips to free downloads of software and ebooks, live RSS feeds, latest news, blog and a forum for the techies. All in all it is a highly recommended site for technical people interested in security stuff.

Thu, Aug 21, 2008
McAfee and Wave Systems announced plans this week to help secure devices based on Intel's technology. McAfee is extending its data security technology to laptops and mobile Internet devices, while Wave Systems is focused on devices leveraging Intel vPro technology. Both Wave Systems and McAfee made the announcements during the Intel Developer Forum in San Francisco.
Thu, Aug 21, 2008
Nokia Corp. confirmed today that its widely used Series 40 operating system has security vulnerabilities that could allow stealth installation and activation of applications.
Fri, Aug 22 2008
A direct dynamic code evaluation (Eval) Injection vulnerability has been discovered in Turnkey PHP Live Helper, version 2.0.1. The issue is triggered due to an input validation error in the 'chat.php' script while using the "test" parameter. This could allow the remote attacker to execute arbitrary PHP code.
Severity
Fri, Aug 22 2008
A variable overwrite vulnerability has been discovered in Turnkey PHP Live Helper, version 2.0.1. The issue is triggered due to an input validation error in the 'libsecure.php' script while using the 'db' config file. Exploitation of the vulnerability requires that the 'register_globals' is enabled. This could allow the remote attacker to overwrite arbitrary variables.
Severity
Fri, Aug 22 2008
An SQL injection vulnerability has been discovered in Turnkey PHP Live Helper, version 2.0.1. The issue is triggered due to an input validation error in the 'onlinestatus_html.php' script while using the "dep" parameter. This could allow the remote attacker to execute arbitrary SQL commands.
Severity
Thu, Aug 21 2008
Remote file inclusion vulnerability has been discovered in DeeEmm CMS (DMCMS) version 0.7.4. The vulnerability is triggered due to an input validation error in the "language_dir" parameter used in 'user_language.php' script. This could be exploited by a remote attacker to execute arbitrary PHP code via a URL on a vulnerable system.
Severity
Wed, Aug 20 2008
Multiple remote file inclusion vulnerabilities have been in CyBoards PHP Lite version 1.21. The issue arises due to improper sanitization of "script_path" parameter used in the following scripts which are 'flat_read.php', 'post.php', 'process_post.php', 'process_search.php', 'forum.php', 'process_subscribe.php', 'read.php', 'search.php', 'path/subscribe.php', 'add_ban.php', 'add_ban_form.php', 'add_board.php', 'add_vip.php', 'add_vip_form.php', 'copy_ban.php', 'copy_vip.php', 'delete_ban.php', 'delete_board.php', 'delete_messages.php', 'delete_vip.php', 'edit_ban.php', 'edit_board.php', 'edit_vip.php', 'index.php', 'lock_messages.php', 'login.php', 'modify_ban_list.php', 'modify_vip_list.php', 'move_messages.php', 'process_add_board.php', 'process_ban.php', 'process_delete_ban.php', 'process_delete_board.php', 'process_delete_messages.php', 'process_delete_vip.php', 'process_edit_board.php', 'process_lock_messages.php', 'process_login.php', 'process_move_messages.php', 'process_sticky_messages.php', 'process_vip.php' and 'path/adminopts/sticky_messages.php'. This could be exploited by a remote attacker to execute arbitrary PHP code via a URL on a vulnerable system.
Severity
Tue, Aug 19 2008
Yelp in Gnome, versions after 2.19.90 and before 2.24 are susceptible to a format string vulnerability. The issue arises due to an input validation error in the "window_error" function as the application fails to enforce proper sanitization of the 'yelp-window.c' script via format string specifiers in an invalid URI on the command line, as demonstrated by use of yelp within man or ghelp URI handlers in Firefox, Evolution, and unspecified other programs. This remotely exploitable vulnerability permits attackers to execute arbitrary code on the vulnerable system.
Severity
Sat, Aug 16 2008
Freeway versions prior to 1.4.2.197 is prone to a directory traversal vulnerability. The issue occurs due to input validation error in the 'includes/events_application_top.php' script. An attacker could exploit this vulnerability by sending a specially-crafted URL request via unspecified vectors. This allows a remote attacker to include and execute arbitrary local files and obtain sensitive information from the vulnerable system.
Severity
Sat, Aug 16 2008
txtSQL 2.2 Final is prone to a remote file inclusion vulnerability. The vulnerability occurs due to improper sanitization of "CFG[txtsql][class]" parameter used in 'examples/txtSQLAdmin/startup.php' script. This could be exploited by a remote attacker to include malicious PHP file and execute arbitrary code on the vulnerable system. NOTE: This vulnerability is undergoing analysis. It will be updated when more information is available.
Severity
Fri, Aug 15 2008
TIBCO Hawk, versions before 4.8.1, Runtime Agent (TRA), versions before 5.6.0, iProcess Engine, versions 10.3.0 to 10.6.2 and 11.0.0 and Mainframe Service Tracker, versions before 1.1.0 are susceptible to multiple buffer overflow vulnerabilities. The issues arise due to a boundary condition error in AMI C library (libtibhawkami) and Hawk HMA (tibhawkhma) as these components fail to enforce proper bounds checking mechanisms while handling a specially crafted message. These remotely exploitable vulnerabilities permit attackers to overflow the buffer and execute arbitrary code on the vulnerable system.
Severity
Fri, Aug 22 2008
YourFreeWorld Programs Rating Script is prone to SQL injection vulnerability. The issue occurs due to improper sanitization of "id" parameter used in 'details.php' script. This can be exploited by a remote attacker to conduct SQL injection attacks. NOTE: This vulnerability is undergoing analysis. It will be updated when more information is available.
Severity
 
91 additonal records not shown
Tue, Apr 15 2008
Severity
Aliases:
Infects:Windows Me,Windows XP
Fri, Feb 22 2008
Severity
Aliases:
Infects:Windows 3.x,Windows 95,Windows 98,Windows Me,Windows NT,Windows Server 2003,Windows Vista,Windows XP
Thu, Apr 12 2007
Severity
Aliases:W97M.Happy [symantec]
Infects:Windows 2000,Windows 95,Windows 98,Windows Me,Windows NT,Windows Server 2003,Windows XP
Thu, Mar 29 2007
Severity
Aliases:W32/Delbot-AB [Sophos]
Infects:Windows 2000,Windows 95,Windows 98,Windows Me,Windows NT,Windows Server 2003,Windows XP
Tue, Mar 27 2007
Severity
Aliases:
Infects:Windows Me,Windows XP
Wed, Feb 07 2007
Severity
Aliases:
Infects:Windows 2000,Windows 95,Windows 98,Windows Me,Windows NT,Windows XP
Fri, Jan 19 2007
Severity
Aliases:CME-711 [Common Malware Enumeration],Downloader-BAI.sys [McAfee],Small.DAM [F-Secure],Troj/Dorf-Fam [Sophos],TROJ_SMALL.EDW [Trend Micro]
Infects:Windows 2000,Windows 95,Windows 98,Windows Me,Windows NT,Windows Server 2003,Windows XP
Thu, Jul 20 2006
Severity
Aliases:
Infects:Windows 2000,Windows 95,Windows 98,Windows Me,Windows NT,Windows Server 2003,Windows XP
Wed, Jun 21 2006
Severity
Aliases:Romride.G
Infects:Symbian OS
Mon, Apr 03 2006
Severity
Aliases:
Infects:Windows 2000,Windows 95,Windows 98,Windows Me,Windows NT,Windows Server 2003,Windows XP
 
-4 additonal records not shown
Do NOT reply to this message. For any queries or concerns please contact news-admin@certstation.com
This email is in compliance with the CAN-SPAM Act of 2003. Click here to view our CAN-SPAM Act compliance policy.
To unsubscribe from the CERTStation Security News Wire, go to http://usp.hdaar.com/newswire, enter your email address, and click Unsubscribe
* Number 52000 represents current users of CERTStation Lite and CERTStation Lite based components such as CERTStation RSS and CERTStation TMA
 
Security Sparklines
Microsoft
OS X
Windows XP
Linux
Internet Explorer
Mozilla
 
Sparklines show the number of articles that referenced a given topic everyday over the last 12 weeks
Podcast
Tips of the week
Change program permissions
It is always a good idea to restrict dangerous commands privileges such as who, ping, gcc, etc to make your system more secure. You can issue the "chmod 700" command to restrict privileges. The mentioned commands are the ones users usually execute as soon as they have access to your system.
Linux Security
By default, when you login to a Linux box, it tells you the Linux distribution name, version, kernel version, and the name of the machine. This is sufficient information about your machine for hackers. You can edit '/etc/issue' to show your specified information, furthermore, you can modify /etc/rc.d/rc.local to not load the 'issue' file at startup.
Delete sensitive information properly
Simply deleting a file does not completely erase it from the hard drive. To ensure that an attacker cannot access these files, use software shredders to do this task.
Graph
Metrics
Last Week  
Viruses
0
Worms
1
Trojans
5
Vulnerabilities
101
Total Records*  
Viruses
326
Worms
1383
Trojans
1544
Vulnerabilities
10307
*since 2004
Podcasts
Name msword.mp3
Time 3:48 mins
Format mp3
Quality 96 Kbps
Published by CERTStation Media
Subject CERTStation's Critical
Threat Report about
the Zero Day Flaw in
MS Word
Name Examine-Sasser.mp3
Time 7:02 mins
Format mp3
Quality 128 Kbps
Published by CERTStation Media
Subject An audio podcast for a post-mortem analysis of the sasser worm, its
structure, propogation, and impact on data infrastructure
Name Spam-Prevent.mp3
Time 8:40 mins
Format mp3
Quality 128 Kbps
Published by CERTStation Media
Subject An audio podcast on how SPAM is generated along with an examination
on the frameworks and technologies that help manage and reduce SPAM.
Name Wireless-security.mp3
Time 7:52 mins
Format mp3
Quality 128 Kbps
Published by CERTStation Media
Subject An audio podcast discussion around the diverging wireless security
protocols and their impact on WLANs (WEP, WPA, EAP).
Name Vul-Assessment.mp3
Time 6:01 mins
Format mp3
Quality 128 Kbps
Published by CERTStation Media
Subject An audio podcast for understanding vulnerability assessment
components, mechanisms and technologies.
   
    ©2008 CERTStation Inc - All Rights Reserved    
 
Click here If you can't crawl it you can't test it Coverage of web application scanners