Security News Letter

May 10th

 
  Home Up Next
   Download ZoneAlarm Pro

 Download ZoneAlarm Pro Here

Download eEye's Retina Vulnerability Scanner Here
 Jumpline.com VDS Web Hosting

 

 Kaspersky Anti-Virus: Install & Feel Safe!

Two companies face CAN-SPAM, other charges
By Grant Gross IDG News Service
Two alleged "saturation" spammers, one based in Michigan and the other operating out of Australia and New Zealand, face a variety of legal charges, including the first charges under a new U.S. anti-spam law, the Federal Trade Commission (FTC) announced Thursday. 
The two companies, Phoenix Avatar, based in the Detroit area, and Global Web Promotions, have allegedly violated the Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act, which went into effect in January. They also face charges of marketing fraudulent products under the FTC Act. Spam allegedly sent by the two companies was responsible for more than 889,000 consumer complaints to the FTC between Jan. 1 and April 24, the largest numbers of complaints about any alleged spammers. More....  

Sasser worm exposes patching failures 

By Ellen Messmer Network World,

Organizations that evaded last week's Sasser worm infestation credited vigilant patching processes and preventative measures such as installing server-based behavior-blocking software and worm filtering gateways.

Anti-virus software, on the other hand, was of limited use in stopping the four known variants of Sasser because the worm could re-infect machines even with the most up-to-date virus signatures, says Vincent Gullotto, vice president at Network Associates' Avert Labs. "If you don't have the [Windows] patch in place, this can happen," he says.

According to Mikko Hypponen, head of anti-virus research at F-Secure in Helsinki, Finland, the Sasser worm variants don't delete files or leave Trojans. This makes it a fairly benign worm and a lot like the Blaster worm of last August. Like Blaster, damage stems from Sasser's intense network scanning, which can paralyze networks. More....  

Sasser worm suspect confesses to German police 

 News Story by James Mackenzie, Computerworld

MAY 08, 2004 (REUTERS) - German police have arrested an 18-year-old man who confessed to creating the "Sasser" computer worm, believed to be one of the costliest Internet attacks. In what police called the largest case of its kind, the computer science student was arrested on yesterday after software giant Microsoft gave German authorities a tip-off, police said.

"We are absolutely certain that this really is the creator of the Internet worm because Microsoft experts were involved in the inquiry and confirmed our suspicions and because the suspect admitted to it," said Frank Federau from Lower Saxony police.

Microsoft, the FBI and German police had worked together to find the suspect. More....  

Common Security Vulnerabilities in e-commerce systems
by K. K. Mookhey, Security Focus

1. Introduction

The tremendous increase in online transactions has been accompanied by an equal rise in the number and type of attacks against the security of online payment systems. Some of these attacks have utilized vulnerabilities that have been published in reusable third-party components utilized by websites, such as shopping cart software. Other attacks have used vulnerabilities that are common in any web application, such as SQL injection or cross-site scripting. This article discusses these vulnerabilities with examples, either from the set of known vulnerabilities, or those discovered during the author's penetration testing assignments. The different types of vulnerabilities discussed here are SQL injection, cross-site scripting, information disclosure, path disclosure, price manipulation, and buffer overflows.

Successful exploitation of these vulnerabilities can lead to a wide range of results. Information and path disclosure vulnerabilities will typically act as initial stages leading to further exploitation. SQL injection or price manipulation attacks could cripple the website, compromise confidentiality, and in worst cases cause the e-commerce business to shut down completely.

Wherever examples of such vulnerabilities are given in advisories published by Bugtraq, we have given the Bugtraq ID in square brackets. Details of the vulnerability may be viewed by navigating to http://www.securityfocus.com/bid/<bid_number> More....  

Customers won't tolerate security breaches
Graeme Wearden
ZDNet UK
May 06, 2004 Latest research shows that firms who fall victim to hacking, viruses or phishing may have to worry about more than just patching up their systems 
A survey, which was carried out by telecoms firm Energis, found the rate of customer attrition in the business-to-business sector rose by 47 per cent after a firm fell victim to hacking, a virus, a denial of service attack or a phishing fraud. 
Energis spoke to more than 100 large companies or government agencies, and found nearly all of them had suffered a security breach in the last year. These organisations reported many of their existing customers had taken their business elsewhere because of these breaches and the customers that remained were spending on average four per cent less with them. More.... More....

Vulnerabilities

10 May 2004

bulletMicrosoft Active Server Pages Cookie Retrieval Vulnerability
bulletMicrosoft Internet Explorer Memory Access Violation Vulnerability
bulletHeimdal kadmind v4 Remote Heap Overflow Vulnerability
bulletTrend OfficeScan Corporate Edition Weak Permissions Vulnerability
bulletMicrosoft Windows IPSec Vulnerabilty
bulletEudora File URL Buffer Overflow Vulnerability
bulletNukeJokes Multiple Vulnerabilities
bulletDeleGate SSL-filter Buffer Overflow Vulnerability

06 May 2004

bulletP4DB Multiple Vulnerabilities
bulletPhpNuke 7.2 Multiple Vulnerabilities
bulletTitan FTP Server Aborted LIST Denial of Service Vulnerability
bulletSMF Size Tag Script Injection Vulnerability
bulletFuse Talk Multiple Vunerabilities
bulletVerity Ultraseek Path Disclosure Vulnerability
bulletPHPX 3.26 Multiple Vulnerabilities
bulletOmail Remote Root Execution Vulnerability

05 May 2004

bulletAppleFileServer Remote Command Execution Vulnerability
bulletPaX Linux Kernel 2.6 Patches Denial of Security Vulnerability
bulletCoppermine Multiple Vulnerabilities

04 May 2004

bulletApple QuickTime QuickTime.qts Heap Overflow Vulnerability
bulletServ-U LIST -l Parameter Buffer Overflow Vulnerability

03 May 2004

bulletCitrix MetaFrame Administrator Excessive Privilege Vulnerability
bulletMicrosoft Internet Explorer Certificate Stealing Vulnerability
bullet3com NBX VOIP NetSet Denial of Service Vulnerability
bulletProps 0.6.1 Multiple Vulnerabilities
bulletSquirrelMail Multiple Cross Scripting Vulnerabilities
bulletMoodle Cross Site Scripting Vulnerability

Advisories

Released in the last 15 days

 

10 May 2004

bulletFedora Legacy Update Advisory - Updated OpenSSL resolves security vulnerability (FLSA:1395)
bulletGentoo Linux Security Advisory - Multiple vulnerabilities in LHa (GLSA 200405-02)
bulletGentoo Linux Security Advisory - Multiple format string vulnerabilities in neon 0.24.4 and earlier (GLSA 200405-01)
bulletOpenPKG Security Advisory - ssmtp (OpenPKG-SA-2004.020)

07 May 2004

bulletDebian Security Advisory - New exim packages fix buffer overflows (Debian Security Advisory)
bulletConectiva Linux Security Announcement - lha (CLA-2004:840)
bulletSuSE Security Announcement - Live CD 9.1 (SuSE-SA:2004:011)

06 May 2004

bulletFreeBSD Security Advisory - heimdal kadmind remote heap buffer overflow (FreeBSD-SA-04:09.kadmind)
bulletFreeBSD Security Advisory - heimdal cross-realm trust vulnerability (FreeBSD-SA-04:08.heimdal)

05 May 2004

bulletOpenPKG Security Advisory - kolab (OpenPKG-SA-2004.019)
bulletSCO Security Advisory - UnixWare 7.1.3 Open UNIX 8.0.0 UnixWare 7.1.1 : apache multiple vulnerabilities, upgraded to apache-1.3.29 (SCOSA-2004.6)
bulletSlackware Security Advisory - lha update in bin package (SSA:2004-125-01)

04 May 2004

bulletSGI Security Advisory - Sasser worm and Embedded Support Partner (ESP) port 5554/tcp (20040501-01-I)
bulletApple Security Advisory - Security Update 2004-05-03 (APPLE-SA-2004-05-03)
bulletSUSE Security Announcement - Linux Kernel (SuSE-SA:2004:010)
bulletSlackware Security Advisory - libpng update (SSA:2004-124-04)
bulletSlackware Security Advisory - xine-lib update (SSA:2004-124-03)
bulletSlackware Security Advisory - sysklogd update (SSA:2004-124-02)
bulletSlackware Security Advisory - rsync update (SSA:2004-124-01)

03 May 2004

bulletMicrosoft Security Update Alert - Sasser Worm
bulletDebian Security Advisory - New flim packages fix insecure temporary file creation (DSA 500-1)
bulletDebian Security Advisory - New rsync packages fix directory traversal bug (DSA 499-1)
bulletNetwosix Linux Security Advisory - xchat (2004-0014)
bulletNetwosix Linux Security Advisory - samba (2004-0013 )
bulletApple Security Update - QuickTime 6.5.1 (APPLE-SA-2004-04-30)
bulletRed Hat Security Advisory - Updated mc packages resolve several vulnerabilities (RHSA-2004:173-01)
bulletMandrakelinux Security Update Advisory - proftpd (MDKSA-2004:041)
bulletRed Hat Security Advisory - Updated OpenOffice packages fix security vulnerability in neon (RHSA-2004:163-01)
bulletRed Hat Security Advisory - Updated libpng packages fix crash (RHSA-2004:181-01)
bulletTrustix Secure Linux Security Advisory - libpng proftpd (2004-0025)
bulletRed Hat Security Advisory - Updated utempter package fixes vulnerability (RHSA-2004:175-01)
bulletOpenPKG Security Advisory - proftpd (OpenPKG-SA-2004.018)
bulletDebian Security Advisory - libpng, libpng3 (DSA 498-1)
bulletTrustix Secure Linux Security Advisory - rsync (2004-0024)
bulletRed Hat Security Advisory - Updated httpd packages fix mod_ssl security issue (RHSA-2004:182-01)
bulletRed Hat Security Advisory - An updated LHA package fixes security vulnerabilities (RHSA-2004:179-01)
bulletRed Hat Security Advisory - An updated X-Chat package fixes vulnerability in Socks-5 (RHSA-2004:177-01)
bulletMandrakelinux Security Update Advisory - libpng (MDKSA-2004:040)
bulletMandrakelinux Security Update Advisory - mc (MDKSA-2004:039)
bulletOpenPKG Security Advisory - png (OpenPKG-SA-2004.017 )
bulletGentoo Linux Security Advisory - Multiple Vulnerabilities in Samba (GLSA 200404-21)
bulletDebian Security Advisory - New mc packages fix several vulnerabilities (DSA 497-1)

Home Up Next

 

 

 

Security Products:

 

HIPAA Step by Step Training: Security Rule

April 20th and 22nd classes are closed out Additional class May 20th 

 

 

PestPatrol is a powerful security and personal privacy tool that detects and eliminates destructive pests like trojans, spyware, adware and hacker tools. It complements your anti-virus and firewall software, extending your protection against non-viral malicious software that can evade your existing security and invade your personal privacy. These pests often lurk silently on your computer until something – or someone – sets them off. When that happens, you could lose passwords, personal data, credit card numbers, and - if you telecommute and connect to your office via a VPN - open up a back door for the hacker into your entire company network. Click here for Pest Patrol

 

Intrusion Detection Systems

bulletIntruvert

Vulnerability Scanners

bullet

eEye's Retina

Firewalls

bulletNetscreen
bulletCheckpoint

Management

bulletSolarWinds

Virus Control

bulletMail Marshall

Services

bulletSecurity audit
bulletPerimeter Vulnerability Scan
bulletRouter/ switch optimization for security
bulletFirewall checking and configuration
bulletVPN Design and Implementation
bulletNetwork design
bulletnetwork based application analysis
bulletNetwork Baselining
bulletSecurity baselining

 

 
  BlackICE PC Protection

This mailing has been performed by Aavex Technology Corporation
545 S. Main St, Elburn IL 60119 USA,  630-365-0025 in compliance with the "CAN-SPAM Act of 2003",  approved and signed by the president of The United States of America on Dec. 16, 2003. For this reason, this email cannot be considered SPAM This newsletter contains commercial advertisement.

 

  

Copyright © 2004 Aavex Technology