Fwd: Security Threat Watch 005

Subject: Fwd: Security Threat Watch 005
From: Matthew Dunaway (fert@eagle.ptialaska.net)
Date: Mon Nov 24 2003 - 12:34:05 AKST

I thought some of you might be interested in this newsletter, if you
haven't already subscribed.

>X-From_: stw@update.networkcomputing.com Mon Nov 24 11:38:31 2003
>X-MID: <Kilauea107609-19476-67981287-0@flonetwork.com>
>Date: Mon, 24 Nov 2003 15:38:29 -0500 (EST)
>From: Security Threat Watch <stw@update.networkcomputing.com>
>To: fert@eagle.ptialaska.net
>Subject: Security Threat Watch 005
>
>Security Threat Watch
> Number 005
> Monday, November 24, 2003
> Created for you by Network Computing & Neohapsis
>
>--- Security News ----------------------------------------------
>
>An interesting item popped up this week involving the Sony Ericsson T610
>mobile phone. It seems the Bluetooth implementation may have bugs in it
>that allow attackers to steal personal documents/settings without
>needing to authenticate/pair. As more devices start offering wireless
>services and connectivity, we need to keep in mind that many of these
>technology implementations are still in their infancy and going through
>the usual cycle of "vulnerability growing pains." Mobile devices with
>wireless connectivity features need to be treated exactly the same as
>computers on the Internet: disable unnecessary features; try not to
>offer unauthenticated services; and keep up to date on patches (yes,
>even mobile phones can have software/firmware updates). The Sony
>Ericsson T610 item is reported in this issue under the 'Mobile'
>category.
>
>Also, one of this week's discussions concerned the compromise of various
>Debian Project servers. This compromise delayed the release of the
>latest distribution version (3.0r2). More information is available at:
>http://archives.neohapsis.com/archives/linux/debian/2003-q4/0347.html
>
>We have created a new newsletter management system that will let you
>password-protect your platform preferences and account settings. To
>begin using the new interface, simply visit the URL below, enter the
>e-mail address you use to receive this newsletter and then click on the
>"Click here" link to have a new password generated and sent to your
>e-mail address. Once you have received your password, you can log in via
>the same URL to manage all aspects of your newsletter account. If you
>have any problems with this system, please don't hesitate to e-mail us
>at stw@nwc.com.
>http://stwpref.update.networkcomputing.com/CMP/NWC/prefctr.asp
>
>Until next week,
>- The Neohapsis Security Threat Watch Team
>
>--- Advertisement -----------------------------------------------------
>
>This issue sponsored by VeriSign, inviting you to read our paper
>on how VeriSign's Security Intelligence and Control(SM) Services let
>you focus on business initiatives, like record up-time and global
>VPNs, while VeriSign's experience helps you monitor and manage
>your security infrastructure.
>http://update.networkcomputing.com/cgi-bin4/DM/y/ed2d0FOrpb0FYk0CCSz0AZ
>
>
>--- New Vulnerabilities -----------------------------------------------
>
>Below is a list of new vulnerabilities announced this week.
>Vulnerabilities considered to be 'critical' involve highly-deployed
>software, or carry a high-risk of system compromise. Note that
>vulnerabilities not highlighted may still be of critical severity
>to your environment.
>
>
>**** Highlighted critical vulnerabilities ****
>
>Apple Safari 1.1: double-host URL cookie stealing
>SAP DB Web tools 7.4.x: multiple vulnerabilities
>
>
>**** Newly announced vulnerabilities this week ****
>
>____Windows____
>
>EffectOffice Server 2.9: port 56004 overflow/DoS
>http://archives.neohapsis.com/archives/bugtraq/2003-11/0239.html
>
>Exchange 2003 OWA: random access to other mailboxes
>http://archives.neohapsis.com/archives/ntbugtraq/2003-q4/0213.html
>
>Kerio Winroute 5.10: proxy header rewriting may expose sensitive information
>http://archives.neohapsis.com/archives/bugtraq/2003-11/0213.html
>http://archives.neohapsis.com/archives/ntbugtraq/2003-q4/0210.html
>
>NetServe 1.0.7: access files outside the Web root
>http://archives.neohapsis.com/archives/bugtraq/2003-11/0189.html
>
>YAK! 2.1.0: FTP service may allow arbitrary file download
>http://archives.neohapsis.com/archives/bugtraq/2003-11/0221.html
>
>
>____Linux____
>
>minimalist: remote command execution
>http://archives.neohapsis.com/archives/vendor/2003-q4/0019.html
>
>
>____BSD____
>
>OpenBSD kernel: ibcs2 code execution/kernel panic
>http://archives.neohapsis.com/archives/openbsd/2003-11/1214.html
>http://archives.neohapsis.com/archives/openbsd/2003-11/1222.html
>
>
>____HP-UX____
>
>CDE libDtHelp unspecified overflow (SSRT3657)
>http://archives.neohapsis.com/archives/hp/2003-q4/0046.html
>
>Some network traffic can cause DCE services to fail (SSRT3660)
>http://archives.neohapsis.com/archives/hp/2003-q4/0047.html
>
>dtmailpr: DISPLAY env var overflow
>http://archives.neohapsis.com/archives/bugtraq/2003-11/0218.html
>
>
>____MacOS____
>
>Apple Safari 1.1: double-host URL cookie stealing
>http://archives.neohapsis.com/archives/bugtraq/2003-11/0200.html
>http://archives.neohapsis.com/archives/bugtraq/2003-11/0245.html
>
>
>____CGI____
>
>Rolis Guestbook 1.0: insert.inc.php remote file include/code execution
>http://archives.neohapsis.com/archives/bugtraq/2003-11/0188.html
>
>Sqwebmail: Web mail referrer exposes login information
>http://archives.neohapsis.com/archives/bugtraq/2003-11/0190.html
>
>phpWebFileManager 2.0.0: file reading via parent directory references
>http://archives.neohapsis.com/archives/bugtraq/2003-11/0183.html
>
>
>____Mobile Devices____
>
>Sony Ericsson T610: possible file download over Bluetooth
>http://archives.neohapsis.com/archives/bugtraq/2003-11/0168.html
>
>
>____Cross-Platform____
>
>FreeRADIUS: small string tag heap overflow/DoS
>http://archives.neohapsis.com/archives/bugtraq/2003-11/0241.html
>
>Half Life Server: game file download/information leak
>http://archives.neohapsis.com/archives/bugtraq/2003-11/0215.html
>
>Opera <7.23: skin file auto-save to arbitrary file names
>http://archives.neohapsis.com/archives/ntbugtraq/2003-q4/0211.html
>
>Quagga/zebra: telnet service malformed telnet options DoS
>http://archives.neohapsis.com/archives/bugtraq/2003-11/0164.html
>
>SAP DB 7.4.x : niserver overflow and trojan netapi32.dll
>http://archives.neohapsis.com/archives/vulnwatch/2003-q4/0044.html
>
>SAP DB Web tools 7.4.x: multiple vulnerabilities
>http://archives.neohapsis.com/archives/vulnwatch/2003-q4/0045.html
>
>SIRCD 0.5.2: anyone can set user mode +o
>http://archives.neohapsis.com/archives/bugtraq/2003-11/0238.html
>
>Sybase ASE 12.5: invalid remote password array DoS
>http://archives.neohapsis.com/archives/vulnwatch/2003-q4/0047.html
>
>
>
>--- Patches and Updates -----------------------------------------------
>
>The following contains a list of vendor patches and updates released
>this week.
>
>____Linux____
>
>Debian > DSA 401-1: hylafax
>http://archives.neohapsis.com/archives/vendor/2003-q4/0018.html
>
>Debian > DSA 402-1: minimalist
>http://archives.neohapsis.com/archives/vendor/2003-q4/0019.html
>
>Mandrake > MDKSA-2003:107: glibc
>http://archives.neohapsis.com/archives/linux/mandrake/2003-q4/0126.html
>
>OpenLinux > CSSA-2003-037.0: NFS utils
>http://archives.neohapsis.com/archives/linux/caldera/2003-q4/0021.html
>
>OpenLinux > CSSA-2003-034.0: gnupg
>http://archives.neohapsis.com/archives/linux/caldera/2003-q4/0017.html
>
>OpenLinux > CSSA-2003-035.0: webmin/usermin
>http://archives.neohapsis.com/archives/linux/caldera/2003-q4/0018.html
>
>OpenLinux > CSSA-2003-036.0: sendmail
>http://archives.neohapsis.com/archives/linux/caldera/2003-q4/0019.html
>
>Red Hat > RHSA-2003:288-01: XFree86
>http://archives.neohapsis.com/archives/bugtraq/2003-11/0205.html
>
>SGI > Advanced Linux Environment security update #5
>http://archives.neohapsis.com/archives/bugtraq/2003-11/0227.html
>
>SuSE > SuSE-SA:2003:046: sane
>http://archives.neohapsis.com/archives/vendor/2003-q4/0020.html
>
>
>____HP-UX____
>
>SSRT3663: Apache
>http://archives.neohapsis.com/archives/hp/2003-q4/0048.html
>
>
>
>
>--- Advertisement -----------------------------------------------------
>
>This issue sponsored by VeriSign, inviting you to read our paper
>on how VeriSign's Security Intelligence and Control(SM) Services let
>you focus on business initiatives, like record up-time and global
>VPNs, while VeriSign's experience helps you monitor and manage
>your security infrastructure.
>http://update.networkcomputing.com/cgi-bin4/DM/y/ed2d0FOrpb0FYk0CCSz0AZ
>
>
>--- Sign Off ----------------------------------------------------------
>
>
>If this e-mail was passed to you, and you would like to begin receiving
>our free security e-mail newsletter on a weekly basis, we invite you to
>subscribe today by forwarding this message to
>[sub_stw@update.networkcomputing.com].
>Or you can subscribe directly here:
>http://www.networkcomputing.com/go/stw.jhtml
>
>To manage all aspects of your subscription and newsletter account,
>simply use the URL below. You'll need your e-mail address and
>password to log in. If you don't have your password, you can generate
>a new one using the same URL. Once logged in, you can change your
>e-mail address and password as well as select specific platforms for
>which you'd like to receive information on patches and vulnerabilities.
>If you have any questions regarding this system, please don't hesitate
>to e-mail us at stw@nwc.com.
>http://stwpref.update.networkcomputing.com/CMP/NWC/prefctr.asp
>
>Missed an issue? You can find all back issues of Security Threat Watch
>(as well as Security Alert Consensus and Security Express) online.
>http://archives.neohapsis.com/
>
>Note: To better serve you we use dynamic URLs within our advertisments,
>which allow us to see how many readers click on a given ad. We do not
>share this information, or your personal information, with any outside
>party. Concerned about the privacy of your information relative to these
>tracking URLs? Please refer to our privacy policy.
>http://www.doubleclick.net/us/corporate/privacy
>
>We'd like to know what you think about the newsletter and what
>information you'd like to see in future editions. E-mail your comments
>to (stw@nwc.com).
>
>To unsubscribe from this newsletter, forward this message to
>[unsub_stw@update.networkcomputing.com].
>
>Copyright (c) 2003 Network Computing, a CMP Media LLC publication. All
>Rights Reserved. Distributed by Network Computing
>(http://www.networkcomputing.com). Powered by Neohapsis Inc., a
>Chicago-based security assessment and integration services consulting
>group (info@neohapsis.com | http://www.neohapsis.com/).
>
>This message powered by DARTmail
>http://www.doubleclick.net/us/corporate/privacy

---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.

This archive was generated by hypermail 2a23 : Mon Nov 24 2003 - 12:34:08 AKST