-------- Original Message --------
Subject: Security Threat Watch 020
Date: Mon, 15 Mar 2004 14:13:05 -0500 (EST)
From: Security Threat Watch <stw@update.networkcomputing.com>
To: fert@eagle.ptialaska.net
Security Threat Watch
Number 020
Monday, March 15, 2004
Created for you by Network Computing & Neohapsis
--- Security News ----------------------------------------------
Last week marked Microsoft's monthly security patch release. It left us
with vulnerabilities in MSN Messenger, Outlook and Windows Media Server.
The Outlook bug is particularly critical, given the current state of
roving, Internet e-mail worms.
Two other significant vulnerabilities include a bug in Compaq Insight
Manager, which allows a remote user to compromise the trusted
certificate store, and a bug in the popular cPanel Web hosting
administration portal, which allows remote attackers to execute
arbitrary commands with root privileges.
Until next week,
- The Neohapsis Security Threat Watch Team
--- Advertisement -----------------------------------------------------
Free Microsoft Security Summit in 20 cities beginning April 6th
Learn how to make your infrastructure and applications more secure.
The free Microsoft Security Summits feature keynote speakers,
Ask the Experts panel discussions, and intensive training tracks for
IT Professionals and Developers. Space is limited. Register today.
http://update.networkcomputing.com/cgi-bin4/DM/y/efqb0FOrpb0FYk0CQLi0AS
--- New Vulnerabilities -----------------------------------------------
Below is a list of new vulnerabilities announced this week.
Vulnerabilities considered to be 'critical' involve highly-deployed
software, or carry a high-risk of system compromise. Note that
vulnerabilities not highlighted may still be of critical severity
to your environment.
**** Highlighted critical vulnerabilities ****
Compaq Insight Manager: remote upload of trusted certificates (SSRT4679)
Outlook: mailto link arbitrary script execution (MS04-009/828040)
cPanel: multiple vulnerablities (including remote command execution as root)
**** Newly announced vulnerabilities this week ****
____Windows____
Compaq Insight Manager: remote upload of trusted certificates (SSRT4679)
http://archives.neohapsis.com/archives/compaq/2004-q1/0006.html
http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0058.html
EpicGames Unreal engine: 'classes' name format string vulnerability
http://archives.neohapsis.com/archives/bugtraq/2004-03/0089.html
IBM DB2 Remote Command Server: remote command execution as administrator
http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0055.html
MSN Messenger: remote file retrieval (MS04-010/838512)
http://archives.neohapsis.com/archives/ntbugtraq/2004-q1/0094.html
Outlook: mailto link arbitrary script execution (MS04-009/828040)
http://archives.neohapsis.com/archives/ntbugtraq/2004-q1/0093.html
SLMail Pro 2.0.9: large HTTP version request overflow
http://archives.neohapsis.com/archives/ntbugtraq/2004-q1/0098.html
Windows Media Server: malformed connection DoS (MS04-008/832359)
http://archives.neohapsis.com/archives/ntbugtraq/2004-q1/0092.html
____BSD____
OpenBSD: TCP out-of-order packet flood DoS
http://archives.neohapsis.com/archives/openbsd/2004-03/0511.html
OpenBSD: Apache httpd mod_access authentication failure on SPARC64
http://archives.neohapsis.com/archives/openbsd/2004-03/0868.html
____CGI____
CFWebstore 5.0: SQL tampering, XSS
http://archives.neohapsis.com/archives/bugtraq/2004-03/0122.html
Invision Power Board 1.3: 'pop' URL parameter XSS
http://archives.neohapsis.com/archives/bugtraq/2004-03/0082.html
cPanel: multiple vulnerabilities (including remote command execution as root)
http://archives.neohapsis.com/archives/bugtraq/2004-03/0116.html
http://archives.neohapsis.com/archives/bugtraq/2004-03/0119.html
http://archives.neohapsis.com/archives/bugtraq/2004-03/0124.html
phpBB 2.0.6d: viewforum.php and viewtopic.php XSS
http://archives.neohapsis.com/archives/bugtraq/2004-03/0128.html
____Cross-Platform____
Metamail/extcompose: insecure file handling
http://archives.neohapsis.com/archives/bugtraq/2004-03/0118.html
MyProxy 20030629: URL request XSS
http://archives.neohapsis.com/archives/bugtraq/2004-03/0108.html
Pegasi Web Server 0.2.2: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2004-03/0109.html
uudeview 0.5.19: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2004-03/0117.html
wMCam server 2.1.348: connection flooding DoS
http://archives.neohapsis.com/archives/bugtraq/2004-03/0098.html
--- Patches and Updates -----------------------------------------------
The following contains a list of vendor patches and updates released
this week.
____Linux____
Debian > DSA 457-1: wu-ftpd
http://archives.neohapsis.com/archives/vendor/2004-q1/0073.html
Debian > DSA 458-1: python2.2
http://archives.neohapsis.com/archives/vendor/2004-q1/0074.html
Debian > DSA 459-1: kdelibs
http://archives.neohapsis.com/archives/vendor/2004-q1/0075.html
Debian > DSA 460-1: sysstat
http://archives.neohapsis.com/archives/vendor/2004-q1/0076.html
Debian > DSA 461-1: calife
http://archives.neohapsis.com/archives/vendor/2004-q1/0077.html
Debian > DSA 462-1: xitalk
http://archives.neohapsis.com/archives/vendor/2004-q1/0078.html
Debian > DSA 463-1: samba
http://archives.neohapsis.com/archives/bugtraq/2004-03/0127.html
Mandrake > MDKSA-2004:019: python
http://archives.neohapsis.com/archives/linux/mandrake/2004-q1/0147.html
Mandrake > MDKSA-2004:020: gdk-pixbuf
http://archives.neohapsis.com/archives/linux/mandrake/2004-q1/0149.html
Mandrake > MDKSA-2004:021: Mozilla
http://archives.neohapsis.com/archives/linux/mandrake/2004-q1/0150.html
Mandrake > MDKSA-2004:022: kdelibs
http://archives.neohapsis.com/archives/linux/mandrake/2004-q1/0151.html
Red Hat > RHSA-2004:075-01: kdelibs
http://archives.neohapsis.com/archives/linux/redhat/2004-q1/0019.html
Red Hat > RHSA-2004:093-01: sysstat
http://archives.neohapsis.com/archives/bugtraq/2004-03/0103.html
Red Hat > RHSA-2004:093-01: sysstat
http://archives.neohapsis.com/archives/linux/redhat/2004-q1/0020.html
Red Hat > RHSA-2004:102-01: gdk-pixbuf
http://archives.neohapsis.com/archives/linux/redhat/2004-q1/0021.html
--- Advertisement -----------------------------------------------------
Free Microsoft Security Summit in 20 cities beginning April 6th
Learn how to make your infrastructure and applications more secure.
The free Microsoft Security Summits feature keynote speakers,
Ask the Experts panel discussions, and intensive training tracks for
IT Professionals and Developers. Space is limited. Register today.
http://update.networkcomputing.com/cgi-bin4/DM/y/efqb0FOrpb0FYk0CQLi0AS
--- Sign Off ----------------------------------------------------------
If this e-mail was passed to you, and you would like to begin receiving
our free security e-mail newsletter on a weekly basis, we invite you to
subscribe today by forwarding this message to [sub_stw@update.networkcomputing.com].
Or you can subscribe directly here:
http://www.networkcomputing.com/go/stw.jhtml
To manage all aspects of your subscription and newsletter account,
simply use the URL below. You'll need your e-mail address and
password to log in. If you don't have your password, you can generate
a new one using the same URL. Once logged in, you can change your
e-mail address and password as well as select specific platforms for
which you'd like to receive information on patches and vulnerabilities.
If you have any questions regarding this system, please don't hesitate
to e-mail us at stw@nwc.com.
http://stwpref.update.networkcomputing.com/CMP/NWC/prefctr.asp
Important subscription contacts:
CMP Media LLC
600 Community Drive
Manhasset, NY 11030
Missed an issue? You can find all back issues of Security Threat Watch
(as well as Security Alert Consensus and Security Express) online.
http://archives.neohapsis.com/
Note: To better serve you we use dynamic URLs within our advertisments,
which allow us to see how many readers click on a given ad. We do not
share this information, or your personal information, with any outside
party. Concerned about the privacy of your information relative to these
tracking URLs? Please refer to our privacy policy.
http://www.doubleclick.net/us/corporate/privacy
We'd like to know what you think about the newsletter and what
information you'd like to see in future editions. E-mail your comments
to (stw@nwc.com).
To unsubscribe from this newsletter, forward this message to
[unsub_stw@update.networkcomputing.com].
Copyright (c) 2004 Network Computing, a CMP Media LLC publication. All
Rights Reserved. Distributed by Network Computing
(http://www.networkcomputing.com). Powered by Neohapsis Inc., a
Chicago-based security assessment and integration services consulting
group (info@neohapsis.com | http://www.neohapsis.com/).
This message powered by DARTmail
http://www.doubleclick.net/us/corporate/privacy
.
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Mon Mar 15 10:31:18 2004
This archive was generated by hypermail 2.1.8 : Mon Mar 15 2004 - 10:31:18 AKST