Last day to save $500 for SANS San Diego 2013

@RISK: The Consensus Security Vulnerability Alert

Volume: III, Issue: 24
June 21, 2004

SANS Newsletters Home

A quiet week for patching.

@RISK is the SANS community's consensus bulletin summarizing the most important vulnerabilities and exploits identified during the past week and providing guidance on appropriate actions to protect your systems (PART I). It also includes a comprehensive list of all new vulnerabilities discovered in the past week (PART II).

Summary of the vulnerabilities reported this week:

    • Category
    • # of Updates & Vulnerabilities
    • Windows
    • 1 (#4)
    • Other Microsoft Products
    • 2
    • Third Party Windows Apps
    • 3 (#1, #2)
    • Linux
    • 2 (#7, #8)
    • BSD
    • 1
    • Solaris
    • 1
    • UNIX
    • 4
    • Cross Platform
    • 3 (#5)
    • Web Application
    • 15 (#6)
    • Network Device
    • 2 (#3)

******************** Security Training Update *************************

This Week's Featured Security Training Program: Just two weeks until SANS largest Summer Conference: SANSFIRE 2004 Monterey, CA, July 5-13,2004 SANSFIRE offers you 14 immersion training tracks in one of the most beautiful and romantic places in America. Phenomenal training for auditors who want to master the challenges of security auditors, for managers who want to build a great security program, for security beginners who want to get a fast start, and, of course, the only place to go for technologists who want to master the most current methods for protecting systems and networks. SANSFIRE also offers lots of evening programs, extra one-day classes ranging from security business law to cyberwarrior training, and vendor exhibits, too.

Register soon to get a seat at your choice of courses. http://www.sans.org/sansfire2004

***********************************************************************

Table Of Contents
Part II -- Comprehensive List of Newly Discovered Vulnerabilities from Qualys (www.qualys.com)
Other Microsoft Products
Third Party Windows Apps
BSD
Solaris
Unix
Cross Platform
Web Application
Network Device
PART I Critical Vulnerabilities

Part I is compiled by the security team at TippingPoint (www.tippingpoint.com) as a by-product of that company's continuous effort to ensure that its intrusion prevention products effectively block exploits using known vulnerabilities. TippingPoint's analysis is complemented by input from a council of security managers from twelve large organizations who confidentially share with SANS the specific actions they have taken to protect their systems. A detailed description of the process may be found at http://www.sans.org/newsletters/cva/#process

Widely Deployed Software
  • (1) HIGH: Multiple IBM ActiveX Vulnerabilities
  • Affected:
    • IBM acpRunner ActiveX version 1.2.5.0
    • IBM eGatherer ActiveX version 2.0.0.16

  • Description: IBM's acpRunner and eGatherer ActiveX controls are designed to automate support for the IBM PCs. The ActiveX controls are digitally signed by the IBM and marked as "safe for scripting". A malicious webpage or an HTML email may exploit these controls to silently execute arbitrary code on a client system. The problems arise because the controls support methods that can be invoked to write an arbitrary file on the client system. Writing a malicious file in the startup folder, for instance, can compromise the client PC when the system is rebooted. Note that users who do not have these ActiveX controls on their systems may be tricked into installing the controls. The controls may even be silently installed if the user has previously selected an option to trust all the code from IBM. The advisories contain proof-of-concept HTML code, which can be used to leverage the vulnerabilities.

  • Status: IBM confirmed, patches available. References eEye Advisories http://www.eeye.com/html/research/advisories/AD20040615A.html http://www.eeye.com/html/research/advisories/AD20040615B.html IBM Patch Download http://www-306.ibm.com/pc/support/site.wss/document.do?lndocid=MIGR-51860 Safe Initialization and Scripting for ActiveX Controls http://msdn.microsoft.com/workshop/components/activex/safety.asp SecurityFocus BIDs http://www.securityfocus.com/bid/10561 http://www.securityfocus.com/bid/10562

  • Council Site Actions: One site is about to start the process of rolling out new IBM desktops. They plan to correct the problem as part of or prior to the rollout. A second site has a fair number of affected systems. They don't plan to take any action unless there are further reports of an active exploitation.

  • (2) LOW: RealNetworks RealPlayer Heap Corruption Vulnerability
  • Affected:
    • RealOne Player
    • RealOne Player v2
    • RealPlayer 10
    • RealPlayer 8
    • RealPlayer Enterprise

  • Description: RealPlayer, a popularly used media player, contains a heap memory corruption vulnerability. The flaw can be triggered by a malformed ".RA", ".RM", ".RV" or ".RMJ" files, and exploited to execute arbitrary code with the player's privileges. A malicious webpage or an email attachment may exploit this vulnerability to compromise a client system. No technical details regarding how to trigger the flaw have been posted. The discoverer(s) of the vulnerability have developed working exploits that have not been publicly posted.

  • Status: Vendor confirmed, updates available. Note that the cumulative patch, which fixes the RealPlayer vulnerabilities reported in the last week's @RISK newsletter, also fixes this one.

  • Council Site Actions: All of the reporting council sites are using the affected software. However, most sites do not officially support the software. Several sites plan to roll out the patches during their normal system upgrade process. Another site is investigating whether they can provide the users the patch. The remaining sites will rely on the users to install the patch.

  • References:
  • (3) LOW: Multiple Vendor BGP Implementation Vulnerabilities
  • Affected:
    • Cisco IOS running on a device with BGP enabled
    • Possibly other vendors

  • Description: The Border Gateway Protocol (BGP), typically used by the ISPs and large organizations, exchanges routing information for the Internet over port 179/tcp. Multiple vendor implementations of the protocol are vulnerable to a denial-of-service that can be triggered by malformed BGP "OPEN" and "UPDATE" messages. These vulnerabilities were discovered by the BGP "protocol fuzzing", a technique also employed by the well known PROTOS suites. Most BGP routers accept BGP messages only with their explicitly configured peers. Hence, in order to exploit the flaw, an attacker has spoof the identity of the TCP packets (to appear to be a valid BGP peer). Causing a DoS to a BGP router can in turn lead to cutting access to certain portions of the Internet. The technical details required to exploit the flaws have been posted.

  • Status: Cisco has released patches for the IOS. For the status of other vendors, please refer to the CERT advisory. A workaround is to implement BGP MD5 Signature Option. This option may already have been implemented to mitigate the "TCP Reset Vulnerability" reported earlier this year.

  • Council Site Actions: Most of the reporting council sites plan to roll out the patches during their next regularly scheduled system update process. One site is still awaiting word from their network support team on whether they are vulnerable or not.

  • References:
  • (4) LOW: Internet Explorer Address Bar Spoofing Vulnerability
  • Affected: IE version 6.0

  • Description: This vulnerability in Internet Explorer reportedly allows an attacker to conduct "phishing" attacks. The flaw can be exploited by crafting a malicious URL of the form: " http://[trusted site]%2F%20%20%20..[malicious site]". IE's status bar displays the trusted site, and hence such a URL can be exploited to extract sensitive information from an unsuspecting user. The flaw can also be exploited to display the malicious website's content in the security context of the trusted sites. This may lead to running scripts or ActiveX controls, as the trusted sites are typically configured with more relaxed security settings. The technical details and proof-of-concept exploits have been posted.

  • Status: Microsoft has not confirmed, no patches available. Users should be advised to type the URLs of the websites where they are likely to enter sensitive personal or financial information.

  • Council Site Actions: Most of the reporting council sites are treating this as a low priority and will roll out the patch when time allows or is convenient. One site is encouraging users to switch to an alternative to IE.

  • References:
Other Software
  • (5) HIGH: Subversion String Parsing Buffer Overflow
  • Affected: Subversion version prior to 1.0.5

  • Description: Subversion is an open-source version control system similar to the CVS. A subversion repository can be accessed by using the "svn" protocol, if the repository is running "svnserve". The svn server, which runs on port 3690/tcp by default, is vulnerable to a heap-based buffer overflow that can be triggered by specially crafted strings. The flaw may be exploited by an unauthenticated attacker to execute arbitrary code on the svn server. This may lead to compromising the source code control system. The technical details required to exploit the flaw have been posted. Note that multiple exploits for another flaw in the svn protocol that was reported a month back have been recently posted. Hence, an exploit for this flaw is likely to be developed in the near future.

  • Status: Vendor confirmed, upgrade to version 1.0.5. A workaround is to disable svnserve and access the Subversion repositories via HTTP.

  • Council Site Actions: Only one site is running the affected software and only on a small number of systems. They believe the updates have already occurred or will take place later this month.

  • References:
  • (6) HIGH: Horde Chora CVS Viewer Remote Command Execution
  • Affected: Chora version prior to 1.2.2

  • Description: Chora is a PHP-based web viewer for CVS and SVN source code repositories. The viewer contains a remote command execution vulnerability. The flaw exists in the module responsible for displaying the "diffs" (differences) between versions of a file. The problem occurs because the parameter used to indicate the number of lines with differences (possibly "num") is not properly sanitized. Hence, a remote attacker can inject an arbitrary command in this parameter's value. In addition, the default installation of PHP may also allow a remote attacker to upload arbitrary files to the server's "/tmp" directory. Hence, an attacker may execute arbitrary code on the server by uploading a malicious executable in the "/tmp" directory. The technical details required to exploit the vulnerability have been posted.

  • Status: Vendor confirmed, patches available.

  • Council Site Actions: The affected software is not in production or widespread use at any of the council sites. They reported that no action was necessary.

  • References:
Exploit Code
  • (7) Squid Web Proxy NTLM Authentication Buffer Overflow

  • Description: An exploit has been released for the flaw in the Squid proxy's NTLM authentication scheme. Council Site Actions: No update in action since last week. Response from last week is below: Three of the reporting council sites are using the affected software. However two of them are not using NTLM authentication; thus no action is necessary. The third site was using NTLM authentication but has reverted to other means until the patches can be installed. They plan to roll out the patches during their normal system update process.

  • References:
Part II: Weekly Comprehensive List of Newly Discovered Vulnerabilities
Week 24, 2004

This list is compiled by Qualys ( www.qualys.com ) as part of that company's ongoing effort to ensure its vulnerability management web service tests for all known vulnerabilities that can be scanned. As of this week Qualys scans for 3493 unique vulnerabilities. For this special SANS community listing, Qualys also includes vulnerabilities that cannot be scanned remotely.

  • 04.24.1 - CVE: Not Available
  • Platform: Other Microsoft Products
  • Title: Microsoft Internet Explorer Denial of Service
  • Description: It has been revealed that Internet Explorer has a denial of service vulnerability in its file saving handlers. If a user attempts to use the "Save As" option on a specially crafted URL, it will result in the Internet Explorer instance crashing. All current versions are reported to be vulnerable.
  • Ref: http://www.securityfocus.com/archive/1/366111
  • 04.24.2 - CVE: Not Available
  • Platform: Other Microsoft Products
  • Title: Microsoft Internet Explorer Wildcard DNS Cross-Site Scripting
  • Description: Microsoft Internet Explorer is vulnerable to a cross-site scripting issue. The vulnerability is exposed when a user follows a specially crafted link. The link must point to a web-server whose DNS server is configured with wildcard responses enabled. The resulting web page will include the embedded script which will then be executed by the browser.
  • Ref: http://www.securityfocus.com/archive/1/366073
  • 04.24.3 - CVE: Not Available
  • Platform: Third Party Windows Apps
  • Title: IBM acpRunner ActiveX Control Vulnerability
  • Description: IBM acpRunner control is an ActiveX application that is signed and distributed by IBM. It exports the "DownLoadURL", "SaveFilePath", and "Download" methods. The methods allow silent installation of malicious executables which may result in a remote compromise of the target system. acpRunner ActiveX version 1.2.5.0 is affected.
  • Ref: http://www.eeye.com/html/research/advisories/AD20040615A.html
  • 04.24.4 - CVE: Not Available
  • Platform: Third Party Windows Apps
  • Title: eGatherer ActiveX Control Insecure Method Vulnerability
  • Description: IBM eGatherer ActiveX control is designed for remote PC administration. It has been revealed that the ActiveX control contains insecure methods that may result in arbitrary binary execution. IBM has released "Access Support Fix Pack 2" patch to remedy the issue.
  • Ref: http://www.eeye.com/html/research/advisories/AD20040615A.html
  • 04.24.5 - CVE: Not Available
  • Platform: Third Party Windows Apps
  • Title: Mozilla Browser URI Obfuscation Weakness
  • Description: The Mozilla browser is reportedly vulnerable to a URI obfuscation issue on the Windows platform. A specially crafted URI in a GET action form method can trick the victim's Mozilla browser into displaying a URI in the address bar which is different from the actual URI the victim visits. Mozilla versions 1.6 and 1.7rc3 for Windows and Firefox versions 0.8 and 0.9rc for Windows are reportedly affected by this issue.
  • Ref: http://secunia.com/advisories/11856/
  • 04.24.6 - CVE: Not Available
  • Platform: BSD
  • Title: FreeIPS Protected Service Denial of Service
  • Description: FreeIPS is an intrusion prevention application for FreeBSD. It is possible for an attacker to cause a denial of service condition on the target by triggering an attack response from the FreeIPS server. FreeIPS version 1.0 is known to be vulnerable.
  • Ref: http://www.securityfocus.com/bid/10541
  • 04.24.7 - CVE: Not Available
  • Platform: Solaris
  • Title: Symantec Enterprise Firewall DNS Cache Poisoning
  • Description: Symantec Raptor Firewall contains a caching name service proxy "dnsd" that has been reported to be vulnerable to a cache poisoning weakness. When dnsd requests recursive DNS records from a remote DNS server, the remote DNS server could poison dnsd by returning unrequested records. If properly orchestrated this attack can facilitate man-in-the-middle attacks. Raptor Firewall versions 7.0.4 and 8.0 for Solaris have been reported to be vulnerable.
  • Ref: http://www.securityfocus.com/archive/1/366113
  • 04.24.8 - CVE: Not Available
  • Platform: Unix
  • Title: Racoon IKE Improper Certificate Verification
  • Description: Racoon is an IKE (Internet Key Exchange) daemon included in KAME's IPsec utilities and the Linux 2.6 Kernel port IPsec-Tools. It is reported that Racoon improperly validates X.509 certificates when negotiating IPSec connections. This vulnerability would allow attackers to forge certificates and potentially gain access to IPSec VPNs. The issue is fixed in the Linux port of Racoon version 0.3.3.
  • Ref: http://www.securityfocus.com/archive/1/366023
  • 04.24.10 - CVE: Not Available
  • Platform: Unix
  • Title: Immunix StackGuard Evasion Vulnerability
  • Description: Immunix StackGuard is a Unix compiler designed to prevent buffer overflow attacks. The software is susceptible to a functionality bypass, allowing attackers to execute arbitrary code. Immunix OS version 7.0 is known to be vulnerable.
  • Ref: http://www.immunix.org/gcc-SGa11.patch
  • 04.24.11 - CVE: Not Available
  • Platform: Unix
  • Title: Chora CVS Front-End Remote Command Execution
  • Description: Chora is a web accessible CVS repository viewing package built using Horde PHP libraries. It has been reported that it contains a arbitrary program execution vulnerability due to insufficient user input sanitization. A malicious user could leverage this vulnerability to run executables with the equivalent permissions of the web server. Chora versions 1.2.1 and earlier have been reported to be vulnerable. The vendor has released version 1.2.2 to remedy the issue.
  • Ref: http://security.e-matters.de/advisories/102004.html
  • 04.24.12 - CVE: Not Available
  • Platform: Cross Platform
  • Title: WebLogic Java RMI Incorrect Session Inheritance
  • Description: BEA WebLogic Server and WebLogic Express are enterprise application server products. The software may behave incorrectly for RMI when implemented over the Internet Inter-ORB Protocol (IIOP). This issue may result in incorrect session inheritance by a vulnerable client. WebLogic Express and Server versions 6.1, 7.0 and 8.1 are affected.
  • Ref: http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA04_62.00.jsp
  • 04.24.13 - CVE: Not Available
  • Platform: Cross Platform
  • Title: Multiple Vendor Anti-Virus Scanner Denial of Service
  • Description: A potential denial of service condition has been reported for multiple anti-virus products. File compression algorithms compress large files with gigabytes of highly redundant data down to just a few kilobytes. Many vendors do not gracefully handle the decompression of such highly compressed files resulting in a denial of service condition.
  • Ref: http://www.securityfocus.com/archive/1/365967
  • 04.24.14 - CVE: Not Available
  • Platform: Cross Platform
  • Title: Check Point FireWall-1 IKE Information Disclosure
  • Description: Check Point FireWall-1 is vulnerable to an information disclosure issue during IKE negotiation. This issue is due to a design error that may present sensitive information to an attacker. Check Point FireWall-1 versions 4.1 and NG are affected.
  • Ref: http://archives.neohapsis.com/archives/bugtraq/2004-06/0251.html
  • 04.24.15 - CVE: Not Available
  • Platform: Web Application
  • Title: Invision Power Board Cross-Site Scripting
  • Description: Invision Board is web forum software. Insufficient sanitization of the "f" parameter in the "ssi.php" script exposes a cross-site scripting issue. Invision Board version 1.3 Final is reported to be affected.
  • Ref: http://www.securityspace.com/smysecure/catid.html?id=12268
  • 04.24.16 - CVE: Not Available
  • Platform: Web Application
  • Title: WebLogic SSL Connection Denial of Service
  • Description: BEA WebLogic Server and WebLogic Express are Java application servers. A remote denial of service vulnerability has been reported in WebLogic's handling of SSL connections. SSL connections are not closed correctly, resulting in socket exhaustion. A remote user could leverage this to deny service to legitimate users. WebLogic Server and WebLogic Express versions 8.1 SP2 and earlier are reported to be vulnerable.
  • Ref: http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA04_61.00.jsp
  • 04.24.17 - CVE: Not Available
  • Platform: Web Application
  • Title: Pivot Remote File Include Vulnerability
  • Description: Pivot is a PHP tool for creating and maintaining dynamic web pages. Improper input validation of user supplied input exposes a remote file include vulnerability. Attackers can provide malicious parameters to the application through the URL resulting in the execution of attacker supplied code.
  • Ref: http://www.securityfocus.com/bid/10553/
  • 04.24.18 - CVE: Not Available
  • Platform: Web Application
  • Title: Web Wiz Forums Cross-Site Scripting
  • Description: Web Wiz Forums is reportedly vulnerable to a cross-site scripting issue. This is due to insufficient user-input sanitization of the "FID" URI parameter used by the "registration_rules.asp" script. Web Wiz Forums versions 7.8 and earlier have been reported to be vulnerable.
  • Ref: http://www.securityfocus.com/archive/1/366109
  • 04.24.19 - CVE: Not Available
  • Platform: Web Application
  • Title: PHPHeaven PHPMyChat Multiple Remote Vulnerabilities
  • Description: phpHeaven phpMyChat is web-based chat software. Insufficient sanitization of user-supplied input exposes various HTML injection, cross-site scripting and authentication bypass issues. phpHeaven phpMyChat version 0.14.5 is reported to be affected.
  • Ref: http://archives.neohapsis.com/archives/bugtraq/2004-06/0252.html
  • 04.24.20 - CVE: Not Available
  • Platform: Web Application
  • Title: cPanel Remote SQL Injection Vulnerability
  • Description: cPanel is a web hosting administration system. It is available for Unix variant operating systems. It has been revealed that cPanel is vulnerable to a remote SQL injection attack in its password script due to insufficient user input sanitization. Properly exploiting this vulnerability would allow a malicious user to view or modify SQL database contents.
  • Ref: http://www.securityfocus.com/archive/1/365546
  • 04.24.21 - CVE: Not Available
  • Platform: Web Application
  • Title: Snitz Forum 2000 Cross-Site Scripting
  • Description: Snitz Forums is ASP-based forum software. It is vulnerable to a HTML injection issue. During registration, the software does not validate the e-mail address. This can allow for attacks such as the theft of cookie-based authentication credentials. Snitz Forum version 3.4.04 is affected.
  • Ref: http://www.sec-tec.co.uk/vulnerability/snitzxss.html
  • 04.24.22 - CVE: Not Available
  • Platform: Web Application
  • Title: MoinMoin Group Name Privilege Escalation
  • Description: MoinMoin is a web-based "Wiki" application. It is reportedly vulnerable to a privilege escalation condition. Remote clients can create user accounts without administrative approval. This allows an attacker to completely take over the MoinMoin Wiki application. Versions before 1.2.2 are reported vulnerable.
  • Ref: http://sourceforge.net/tracker/index.php?func=detail&aid=948103&group_id
    =8482&atid=108482
  • 04.24.23 - CVE: Not Available
  • Platform: Web Application
  • Title: Invision Power Board Potential IP Address Spoofing
  • Description: Invision Power Board is web-based forum. It is reportedly vulnerable to an IP address spoofing issue. The application reportedly logs only the IP address from the "X-FORWARDED-FOR" HTTP field. The attacker could easily fake such a header with an arbitrarily chosen IP address. This issue was reported for version 1.3 of Invision Power Board.
  • Ref: http://archives.neohapsis.com/archives/bugtraq/2004-06/0244.html
  • 04.24.24 - CVE: Not Available
  • Platform: Web Application
  • Title: Usermin HTML Email Script Code Execution
  • Description: Usermin is a web-based user interface for UNIX/Linux users. Insufficient sanitization of HTML email messages exposes a script code execution vulnerability in the application. Usermin versions 1.070 and earlier are affected.
  • Ref: http://www.webmin.com/changes-1.150.html
  • 04.24.25 - CVE: Not Available
  • Platform: Web Application
  • Title: Webmin And Usermin Account Lockout Bypass
  • Description: Webmin is a web-based system administration tool for Unix systems. Usermin is a web-based Unix user tool that allows email access and configuration of various user files. Webmin and Usermin are reportedly vulnerable to an account lockout bypass issue. This issue is due to a failure of the application to properly sanitize user-supplied input. The application fails to parse certain character strings allowing an attacker to continually attempt to authenticate without any lockouts.
  • Ref: http://www.securityfocus.com/archive/1/366112
  • 04.24.26 - CVE: Not Available
  • Platform: Web Application
  • Title: PHP-Nuke Multiple Input Validation Vulnerabilities
  • Description: PHP-Nuke is a content management system. Insufficient sanitization of user-supplied input exposes various issues including cross-site scripting, sql injection and remote denial of service. PHP-Nuke versions 7.3 and earlier are affected.
  • Ref: http://www.waraxe.us/index.php?modname=sa&id=32
  • 04.24.27 - CVE: Not Available
  • Platform: Web Application
  • Title: Virtual Programming VP-ASP Shopping Cart Cross-Site Scripting
  • Description: VP-ASP is a web-based shopping cart system. Insufficient sanitization of user supplied input in the "shop$db.asp" script exposes a cross-site scripting issue. Virtual Programming VP-ASP versions 5.0 and earlier are vulnerable.
  • Ref: http://www.vpasp.com/virtprog/info/faq_securityfixes.htm
  • 04.24.28 - CVE: Not Available
  • Platform: Web Application
  • Title: VP-ASP shoperror.asp Cross-Site Scripting Vulnerability
  • Description: VP-ASP is a shopping cart system designed for web retailers. A cross-site scripting vulnerability has been identified in its "shoperror.asp" script. A remote attacker could leverage this issue to steal authentication cookies, or perform HTML or script injection attacks. VP-ASP version 5.0 has been reported to be vulnerable, although prior versions may also be susceptible.
  • Ref: http://www.vpasp.com/virtprog/info/faq_securityfixes.htm
  • 04.24.29 - CVE: Not Available
  • Platform: Web Application
  • Title: Virtual Programming VP-ASP SQL Injection
  • Description: VP-ASP is a web-based shopping cart system. Insufficient sanitization of user supplied input in the "shopproductselect.asp" script exposes an SQL injection issue. VP-ASP versions 5.0 and prior may be vulnerable to this issue.
  • Ref: http://www.securityfocus.com/archive/1/365954
  • 04.24.30 - CVE: Not Available
  • Platform: Network Device
  • Title: Cisco IOS BGP Denial of Service
  • Description: Cisco IOS is vulnerable to a denial of service condition. The issue exposes itself when the router processes malformed Border Gateway Protocol (BGP) packets causing it to reboot. This issue affects all Cisco IOS devices with BGP enabled.
  • Ref: http://www.cisco.com/warp/public/707/cisco-sa-20040616-bgp.shtml
  • 04.24.31 - CVE: Not Available
  • Platform: Network Device
  • Title: Linksys Web Camera Cross-Site Scripting
  • Description: Linksys Web Camera includes an embedded Web server. Insufficient sanitization of the "next_file" parameter of the "main.cgi" script exposes a cross-site scripting issue, which may allow a remote attacker to steal cookie-based authentication credentials. Linksys Web Camera version 2.10 is affected.
  • Ref: http://www.securityfocus.com/archive/1/365947

(c) 2004. All rights reserved. The information contained in this newsletter, including any external links, is provided "AS IS," with no express or implied warranty, for informational purposes only. In some cases, copyright for material in this newsletter may be held by a party other than Qualys (as indicated herein) and permission to use such material must be requested from the copyright owner.

==end==

Subscriptions: @RISK is distributed free of charge to people responsible for managing and securing information systems and networks. You may forward this newsletter to others with such responsibility inside or outside your organization.

To subscribe, at no cost, go to https://portal.sans.org where you may also request subscriptions to any of SANS other free newsletters.

To change your subscription, address, or other information, visit http://portal.sans.org

Copyright 2004. All rights reserved. No posting or reuse allowed, other than listed above, without prior written permission.

Wow! It's an incident handler's Christmas morning, tools, tools, tools. Very Applicable!
-Todd Davis, Symantec

vLive FOR408

Latest Whitepapers

Building and Maintaining a "Certifiable" Workforce
By Robert J. Mavretich

How Can You Build and Leverage SNORT IDS Metrics to Reduce Risk?
By Tim Proffitt

Daisy Chain Authentication
By Courtney Imbert

Latest Tweets

NEW #SANS Survey: Security Analytics & Intelligence 2nd [...]
October 1, 2013 - 6:30 PM

Tips on how to convince your boss to let you train online wi [...]
October 1, 2013 - 6:23 PM

#2 Tip on how 2 convince your boss 2 let u train online: Fle [...]
October 1, 2013 - 3:00 PM

Contact Us

(301) 654-SANS (7267)
Mon-Fri 9am - 8pm EST/EDT
info@sans.org

"This has been a great way to get working knowledge that would have taken years of experience to learn."
- Josh Carlson, Nelnet

"The amount of knowledge conveyed and technical diving by practical hands-on was well balanced."
- Aaron Moore, Maricopa County

"Just amazing content and instruction, it's really a 'must do' for any info sec professional."
- Mark Austin, PHH Mortgage