|
|
|
Researcher reveals critical Java bugs in Nokia phones |
|
Gmail Account Automatic Hacking Tool Presented at Defcon |
|
VeriSign releases stock fraud protection service |
|
Microsoft issues massive security update |
|
Buffer overflow reported in FlashGet download manager |
|
|
|
 |
|
|
|
| | Firefox SSL-certificate debate gets gnarly | Fri, Aug 22 2008 | | Debate is reaching a fever pitch over a new security feature in Firefox 3.0 that throws out a warning page to users when a Web site's SSL certificate is expired or has not been issued by a trusted third party. |
| | | Internet Explorer 8's XSS Filter examined | Fri, Aug 22 2008 | | Microsoft's Security Vulnerability Research & Defense team (SVRD) have recently posted information online about the Cross Site Scripting (XSS) filter to be incorporated into Internet Explorer 8 when it is released. |
| | | New attack against multiple encryption functions | Fri, Aug 22 2008 | | Unless you're a dyed in the wool cryptographic geek you probably didn't know that there was a Crypto conference, or even a chain of worldwide crypto conferences that take place each year. |
| | | SUSE Linux to come with SELinux | Fri, Aug 22 2008 | | The next releases of SUSE Linux, OpenSUSE 11.1 and SUSE Linux Enterprise 11 (SLES), will see the security extension SELinux moving into the SUSE distribution. |
| | | White-collar pros shrug off security | Fri, Aug 22 2008 | | Almost two-thirds of 'white-collar' professionals don't care about their privacy on work computers, according to a survey by the Information Systems Audit and Control Association (ISACA). |
| | | Spammers Attack Through WW III Headlines | Thu, Aug 21 2008 | | Symantec has just released its monthly spam report for July, and it shows the appearance of new ingenious ways that hijackers use in order to either sell products through spam or infect the targeted machines. |
| | | iPhone Firmware 2.0.3 Confirmed | Thu, Aug 21 2008 | | As soon as we covered the release of iPhone software 2.0.1, one of our readers promptly wrote, "at last - bug fixes for 2.0!" These are the feelings of the whole iPhone community, which is downright fed up with the issues surrounding Apple's new iPhone 3G. |
| | | European cryptologists attack hash functions | Thu, Aug 21 2008 | | Progress in attacking hash functions was presented by cryptologists at Crypto 2008. They explained their attack on the GOST Russian hash standard - usage of GOST is mandatory in Russian government offices. |
| | | Exploit code published for Apache Tomcat flaw | Thu, Aug 21 2008 | | The United States Computer Emergency Response Team (US-CERT) has raised an alarm for a serious vulnerability in Apache Tomcat, warning that a proof-of-concept exploit is publicly available. |
| | |
|
|
|
|
| |
65 additonal records not shown
|
|
|
|
|
|
| Exploit of the week |
|
Exploit of the week selected by CERTStation Labs is found in a well known Cisco router -- model number 2621MX. A security researcher by the name of Andy Davis has published a public exploit for the vulnerability found in Cisco IOS FTP Server. The published exploit can be used only when the router is attached to gdb.
|
| Vulnerability of the week |
|
The vulnerability of the week selected this week by CERTStation Labs is found in BEA WebLogic. According to Secunia the buffer overflow in BEA WebLogic, which can at least trigger system crashes, may be exploited to remotely inject and execute arbitrary code. The flaw is caused by Apache Connector which appears not to check certain POST requests sufficiently. Although the authenticity of the flaw is still in question Secunia and FrSirt have already rated this as Highly Critical.
|
| Security website of the week |
|
The website of the week selected by CERTstation labs is bestsecuritytips.com. The website contains tons of information related to information security -- from hundreds of tips to free downloads of software
and ebooks, live RSS feeds, latest news, blog and a forum for the techies. All in all it is a highly recommended site for technical people interested in security stuff.
|
|
|
|
|
|
|
McAfee, Wave Systems Target Data Protection for Intel-based Mobile Devices
|
Thu, Aug 21, 2008 |
|
McAfee and Wave Systems announced plans this week to help secure devices based on Intel's technology. McAfee is extending its data security technology to laptops and mobile Internet devices, while Wave Systems is focused on devices leveraging Intel vPro technology. Both Wave Systems and McAfee made the announcements during the Intel Developer Forum in San Francisco. |
|
|
|
Nokia admits security flaws in Series 40 OS
|
Thu, Aug 21, 2008 |
|
Nokia Corp. confirmed today that its widely used Series 40 operating system has security vulnerabilities that could allow stealth installation and activation of applications.
|
|
|
|
|
|
|
|
|
| | Turnkey PHP Live Helper 'chat.php' Eval Injection Vulnerability | Fri, Aug 22 2008 | | A direct dynamic code evaluation (Eval) Injection vulnerability has been discovered in Turnkey PHP Live Helper, version 2.0.1. The issue is triggered due to an input validation error in the 'chat.php' script while using the "test" parameter. This could allow the remote attacker to execute arbitrary PHP code. | | Severity |  |
|
| | | Turnkey PHP Live Helper 'db config file' Variable Overwrite Vulnerability | Fri, Aug 22 2008 | | A variable overwrite vulnerability has been discovered in Turnkey PHP Live Helper, version 2.0.1. The issue is triggered due to an input validation error in the 'libsecure.php' script while using the 'db' config file. Exploitation of the vulnerability requires that the 'register_globals' is enabled. This could allow the remote attacker to overwrite arbitrary variables. | | Severity | |
|
| | | Turnkey PHP Live Helper 'onlinestatus_html.php' SQL Injection Vulnerability | Fri, Aug 22 2008 | | An SQL injection vulnerability has been discovered in Turnkey PHP Live Helper, version 2.0.1. The issue is triggered due to an input validation error in the 'onlinestatus_html.php' script while using the "dep" parameter. This could allow the remote attacker to execute arbitrary SQL commands. | | Severity | |
|
| | | DeeEmm CMS 'language_dir' Parameter Remote File Inclusion Vulnerability | Thu, Aug 21 2008 | | Remote file inclusion vulnerability has been discovered in DeeEmm CMS (DMCMS) version 0.7.4. The vulnerability is triggered due to an input validation error in the "language_dir" parameter used in 'user_language.php' script. This could be exploited by a remote attacker to execute arbitrary PHP code via a URL on a vulnerable system. | | Severity | |
|
| | | CyBoards PHP Lite Multiple Remote File Inclusion Vulnerabilities | Wed, Aug 20 2008 | | Multiple remote file inclusion vulnerabilities have been in CyBoards PHP Lite version 1.21. The issue arises due to improper sanitization of "script_path" parameter used in the following scripts which are 'flat_read.php', 'post.php', 'process_post.php', 'process_search.php', 'forum.php', 'process_subscribe.php', 'read.php', 'search.php', 'path/subscribe.php', 'add_ban.php', 'add_ban_form.php', 'add_board.php', 'add_vip.php', 'add_vip_form.php', 'copy_ban.php', 'copy_vip.php', 'delete_ban.php', 'delete_board.php', 'delete_messages.php', 'delete_vip.php', 'edit_ban.php', 'edit_board.php', 'edit_vip.php', 'index.php', 'lock_messages.php', 'login.php', 'modify_ban_list.php', 'modify_vip_list.php', 'move_messages.php', 'process_add_board.php', 'process_ban.php', 'process_delete_ban.php', 'process_delete_board.php', 'process_delete_messages.php', 'process_delete_vip.php', 'process_edit_board.php', 'process_lock_messages.php', 'process_login.php', 'process_move_messages.php', 'process_sticky_messages.php', 'process_vip.php' and 'path/adminopts/sticky_messages.php'. This could be exploited by a remote attacker to execute arbitrary PHP code via a URL on a vulnerable system. | | Severity | |
|
| | | Gnome Yelp 'window_error()' Format String Vulnerability | Tue, Aug 19 2008 | | Yelp in Gnome, versions after 2.19.90 and before 2.24 are susceptible to a format string vulnerability. The issue arises due to an input validation error in the "window_error" function as the application fails to enforce proper sanitization of the 'yelp-window.c' script via format string specifiers in an invalid URI on the command line, as demonstrated by use of yelp within man or ghelp URI handlers in Firefox, Evolution, and unspecified other programs. This remotely exploitable vulnerability permits attackers to execute arbitrary code on the vulnerable system. | | Severity | |
|
| | | Freeway 'events_application_top.php' Directory Traversal Vulnerability | Sat, Aug 16 2008 | | Freeway versions prior to 1.4.2.197 is prone to a directory traversal vulnerability. The issue occurs due to input validation error in the 'includes/events_application_top.php' script. An attacker could exploit this vulnerability by sending a specially-crafted URL request via unspecified vectors. This allows a remote attacker to include and execute arbitrary local files and obtain sensitive information from the vulnerable system. | | Severity | |
|
| | | txtSQL 'CFG[txtsql][class]' Parameter File Inclusion Vulnerability | Sat, Aug 16 2008 | | txtSQL 2.2 Final is prone to a remote file inclusion vulnerability. The vulnerability occurs due to improper sanitization of "CFG[txtsql][class]" parameter used in 'examples/txtSQLAdmin/startup.php' script. This could be exploited by a remote attacker to include malicious PHP file and execute arbitrary code on the vulnerable system.
NOTE: This vulnerability is undergoing analysis. It will be updated when more information is available. | | Severity | |
|
| | | TIBCO Hawk AMI C Library Buffer Overflow Vulnerabilities | Fri, Aug 15 2008 | | TIBCO Hawk, versions before 4.8.1, Runtime Agent (TRA), versions before 5.6.0, iProcess Engine, versions 10.3.0 to 10.6.2 and 11.0.0 and Mainframe Service Tracker, versions before 1.1.0 are susceptible to multiple buffer overflow vulnerabilities. The issues arise due to a boundary condition error in AMI C library (libtibhawkami) and Hawk HMA (tibhawkhma) as these components fail to enforce proper bounds checking mechanisms while handling a specially crafted message. These remotely exploitable vulnerabilities permit attackers to overflow the buffer and execute arbitrary code on the vulnerable system. | | Severity | |
|
| | | YourFreeWorld Programs Rating Script 'id' Parameter SQL Injection Vulnerability | Fri, Aug 22 2008 | | YourFreeWorld Programs Rating Script is prone to SQL injection vulnerability. The issue occurs due to improper sanitization of "id" parameter used in 'details.php' script. This can be exploited by a remote attacker to conduct SQL injection attacks.
NOTE: This vulnerability is undergoing analysis. It will be updated when more information is available. | | Severity |  |
|
|
|
|
|
|
| |
91 additonal records not shown
|
|
|
|
|
|
| | PWS-FerTP | Tue, Apr 15 2008 | | Severity | | | Aliases: | | | Infects: | Windows Me,Windows XP |
|
| | | Bloodhound.Exploit.173 | Fri, Feb 22 2008 | | Severity | | | Aliases: | | | Infects: | Windows 3.x,Windows 95,Windows 98,Windows Me,Windows NT,Windows Server 2003,Windows Vista,Windows XP |
|
| | | W97M.Panther.H | Thu, Apr 12 2007 | | Severity | | | Aliases: | W97M.Happy [symantec] | | Infects: | Windows 2000,Windows 95,Windows 98,Windows Me,Windows NT,Windows Server 2003,Windows XP |
|
| | | W32.Rinbot.AN | Thu, Mar 29 2007 | | Severity | | | Aliases: | W32/Delbot-AB [Sophos] | | Infects: | Windows 2000,Windows 95,Windows 98,Windows Me,Windows NT,Windows Server 2003,Windows XP |
|
| | | DNSChanger.f | Tue, Mar 27 2007 | | Severity | | | Aliases: | | | Infects: | Windows Me,Windows XP |
|
| | | W32.Surubat.A@mm | Wed, Feb 07 2007 | | Severity | | | Aliases: | | | Infects: | Windows 2000,Windows 95,Windows 98,Windows Me,Windows NT,Windows XP |
|
| | | Trojan.Peacomm | Fri, Jan 19 2007 | | Severity | | | Aliases: | CME-711 [Common Malware Enumeration],Downloader-BAI.sys [McAfee],Small.DAM [F-Secure],Troj/Dorf-Fam [Sophos],TROJ_SMALL.EDW [Trend Micro] | | Infects: | Windows 2000,Windows 95,Windows 98,Windows Me,Windows NT,Windows Server 2003,Windows XP |
|
| | | Trojan.Mdropper.L | Thu, Jul 20 2006 | | Severity | | | Aliases: | | | Infects: | Windows 2000,Windows 95,Windows 98,Windows Me,Windows NT,Windows Server 2003,Windows XP |
|
| | | | | Bloodhound.Exploit.62 | Mon, Apr 03 2006 | | Severity | | | Aliases: | | | Infects: | Windows 2000,Windows 95,Windows 98,Windows Me,Windows NT,Windows Server 2003,Windows XP |
|
|
|
|
|
|
| |
-4 additonal records not shown
|
|
|
Do NOT reply
to this message. For any queries or concerns please contact
news-admin@certstation.com
This email is in compliance with the CAN-SPAM Act of 2003. Click
here to view our CAN-SPAM Act compliance policy.
To unsubscribe from the CERTStation Security News Wire, go to
http://usp.hdaar.com/newswire,
enter your email address, and click Unsubscribe
* Number 52000 represents current users of CERTStation Lite and CERTStation Lite based components such as CERTStation RSS and CERTStation TMA
|
|
|
Security
Sparklines |
|
Microsoft |
|
OS X |
|
Windows
XP |
|
Linux |
|
Internet
Explorer |
|
Mozilla |
|
Sparklines show the number of articles that referenced a given topic everyday over the last 12 weeks |
|
|
|
|
|
Podcast
|
|
|
Tips of the week |
| Change program permissions |
|
It is always a good idea to restrict dangerous commands privileges such as who, ping, gcc, etc to make your system more secure. You can issue the "chmod 700" command to restrict privileges. The mentioned commands are the ones users usually execute as soon as they have access to your system. |
|
|
| Linux Security |
| By default, when you login to a Linux box, it tells you the Linux distribution name, version, kernel version, and the name of the machine. This is sufficient information about your machine for hackers. You can edit '/etc/issue' to show your specified information, furthermore, you can modify /etc/rc.d/rc.local to not load the 'issue' file at startup. |
|
|
| Delete sensitive information properly |
|
Simply deleting a file does not completely erase it from the hard drive. To ensure that an attacker cannot access these files, use software shredders to do this task. |
|
|
|
|
Metrics |
| Last
Week |
|
| Viruses |
0 |
| Worms |
1 |
| Trojans |
5 |
| Vulnerabilities |
101 |
| Total
Records* |
|
| Viruses |
326 |
| Worms |
1383 |
| Trojans |
1544 |
| Vulnerabilities |
10307 |
*since 2004 |
|
|
|
|
|
|
