Last day to save $500 for SANS San Diego 2013

@RISK: The Consensus Security Vulnerability Alert

Volume: III, Issue: 51
December 25, 2004

SANS Newsletters Home

Four very newly discovered, and important Windows vulnerabilities from a Chinese security firm. (#1, #2, #3, and #4 below). Microsoft hasn't issued patches, so use the workarounds. Starting next week, @RISK will be delivered on Friday mornings to give you time before the weekend to be sure you have blocked the most critical vulnerabilities. Training News: Win one of four Apple iPods by registering for the big Orlando security and audit training conference by December 31. ( http://www.sans.org/orlando05/ )

@RISK is the SANS community's consensus bulletin summarizing the most important vulnerabilities and exploits identified during the past week and providing guidance on appropriate actions to protect your systems (PART I). It also includes a comprehensive list of all new vulnerabilities discovered in the past week (PART II).

Summary of the vulnerabilities reported this week:

    • Category
    • # of Updates & Vulnerabilities
    • Microsoft Windows
    • 4 (#1, #2, #3, #4)
    • Other Microsoft Products
    • 2
    • Third Party Windows Apps
    • 2
    • Linux
    • 2 (#8, #10)
    • Unix
    • 15
    • Cross Platform
    • 7 (#5, #6, #7)
    • Web Application
    • 5 (#9)
    • Network Device
    • 1
Table Of Contents
Part II -- Comprehensive List of Newly Discovered Vulnerabilities from Qualys (www.qualys.com)
Other Microsoft Products
Third Party Windows Apps
Linux
Unix
Cross Platform
Web Application
Network Device

****************Sponsored by SANS Orlando 2005***************************

Fourteen immersion training tracks for managers, auditors, sysadmins, security professionals and for those seeking to pass the ISC2 CISSP exam. The best teachers in security, in Florida, when it is cold in the north and Europe. Plan to bring the family along for a weekend at Disney World. Conference and registration details: http://www.sans.org/orlando05

************************** SPONSORED LINKS ******************************

Privacy notice: Sponsored links redirect to non-SANS web pages. #1 Industry experts and regulatory organizations define best practices for managing log data - FREE whitepaper: http://www.sans.org/info.php?id=692

*************************************************************************

PART I Critical Vulnerabilities

Part I is compiled by the security team at TippingPoint (www.tippingpoint.com) as a by-product of that company's continuous effort to ensure that its intrusion prevention products effectively block exploits using known vulnerabilities. TippingPoint's analysis is complemented by input from a council of security managers from twelve large organizations who confidentially share with SANS the specific actions they have taken to protect their systems. A detailed description of the process may be found at http://www.sans.org/newsletters/cva/#process

Widely Deployed Software
  • (1) HIGH: Microsoft Windows HTML Help ActiveX Control Vulnerability
  • Affected:
    • Internet Explorer version 6.0
    • Windows XP SP2

  • Description: This vulnerability in the HTML Help ActiveX Control can be used to completely compromise a Windows client. An attacker can exploit the flaw by constructing a malicious webpage or an HTML email. Browsing the webpage or opening the email is sufficient for the client compromise i.e. no further user interaction is required. The problem occurs because it is possible to inject JavaScript code in the HTML Help ActiveX control's parameters. By forcing the control to open a local file, it is then possible to execute the JavaScript code in the context of the "Local Computer" zone. Technical details and a proof-of-concept exploit have been publicly posted. The PoC exploit, when run on Windows XP SP2, creates "Microsoft Office.hta" file in the "Documents and Settings\All Users\Start Menu\Programs\Startup" directory.

  • Status: Microsoft not confirmed, no patches available. A workaround is to disable "Active Scripting" in Internet Explorer.

  • Council Site Actions: Due to holidays and the late-breaking nature of the issues, we were unable to solicit any council site responses.

  • References:
  • (2) HIGH: Microsoft Windows USER32 Library LoadImage Buffer Overflow
  • Affected:
    • Windows NT/2000/XP SP0 and SP1/2003

  • Description: USER32 library contains Windows API functions for user interface handling. The "LoadImage" function is responsible for handling files such as icons, cursors, animated cursors and bitmaps. The "LoadImage" function reportedly contains a heap-based buffer overflow that can be triggered by a specially crafted icon, cursor or a bitmap file. The problem occurs because the declared image size is not checked prior to opening the image. The flaw may be able to be exploited to execute arbitrary code on the client. To exploit the flaw, an attacker can take any of the following actions: (a) Create a webpage containing a malicious .ico, .bmp, .ani or .cur file, and entice an attacker to visit his webpage. (b) Send an HTML email containing the malicious .ico, .bmp, .ani or .cur file. (c) Create a shared folder containing the malicious .ico, .bmp, .ani or .cur file, and entice a user to browse his shared folder. The technical details and exploit code have been publicly posted.

  • Status: Microsoft not confirmed, no patches available. XP SP2 is reportedly not vulnerable.

  • Council Site Actions: Due to holidays and the late-breaking nature of the issues, we were unable to solicit any council site responses.

  • References:
  • (3) MODERATE: Microsoft Windows Winhlp32.exe Buffer Overflows
  • Affected:
    • Windows NT/2000/XP/2003

  • Description: Winhlp32.exe application is responsible for handling Windows Help (".hlp") files. This application reportedly contains a heap-based buffer overflow and integer overflow vulnerability. A specially crafted ".hlp" file may exploit these flaws to execute arbitrary code on the client system with the privileges of the logged-on user. Note that Windows prompts a user before downloading and opening a ".hlp" file. Hence, to exploit the flaw via a hyperlink or frame pointing to the malicious .hlp file will require user interaction. However, it may also be possible to invoke Winhlp32.exe via the HTML Help ActiveX Control, and exploit the flaw without any user interaction (not confirmed). The technical details and proof-of-concept exploits have been publicly posted.

  • Status: Microsoft not confirmed, no patches available. Users should not open .hlp files downloaded from untrusted sources.

  • Council Site Actions: Due to holidays and the late-breaking nature of the issues, we were unable to solicit any council site responses.

  • References:
  • (4) MODERATE: Internet Explorer DHTML Edit ActiveX Control Spoofing
  • Affected:
    • Internet Explorer version 6.0 and possibly prior

  • Description: This Internet Explorer (IE) vulnerability allows an attacker to trick a victim into visiting a malicious site. The attack occurs when a victim clicks a link supplied by the attacker in an email or on a webpage, which according to IE's address bar points to a trusted site. However, the attacker can manipulate all the contents of the trusted site's webpage. Hence, any information entered by the user on such a page can be stolen by the attacker (phishing attacks). The problem occurs due to a flaw in IE's DHTML Edit ActiveX control. The control's "execScript" function does not sufficiently validate a window's domain prior to executing a script. The attacker can leverage the flaw in the execScript function to re-write the contents of a trusted site's webpage. Note that the attacker can also spoof the content for secure sites by exploiting this vulnerability as IE shows a "Lock" icon on the bottom right-hand corner on a spoofed webpage.

  • Status: Microsoft not confirmed, no updates available. An option is to disable ActiveX controls. However, that may downgrade the users' web browsing experience. The users should be advised to type the web addresses of sensitive sites such as banks etc. and not to open links to secure sites embedded in another page or an email.

  • Council Site Actions: All council sites are awaiting confirmation from the vendor and a patch. They plan to patch during the regular system update process. One site commented that they consider IE vulnerabilities a level 4 on a scale from 1 to 5 for servers and a level 5 on a workstation. Thus, this is not a priority to patch for them. Another site is still investigating replacing IE with Firefox as a long term strategy move.

  • References:
Other Software
  • (7) MODERATE: Sybase Adaptive Server Enterprise Vulnerabilities
  • Affected: Sybase Adaptive Server Enterprise versions 12.5.2 and prior

  • Description: Sybase Adaptive Server Enterprise contains three vulnerabilities. The discoverers of the flaw have rated these vulnerabilities as "High Risk". Other advisories with a similar rating from the discoverers have included overflows that require minimal user privileges or flaws that can be exploited by remote unauthenticated attackers. Hence, although the @RISK rating for this item is currently "MODERATE" due to lack of any more information, the Sybase administrators should apply the patches on a priority basis. The technical details regarding the flaws are scheduled to be disclosed after 3 months.

  • Status: Vendor confirmed, upgrade to version 12.5.3.

  • Council Site Actions: The affected software is not in production or widespread use, or is not officially supported at any of the council sites. They reported that no action was necessary.

  • References:
Exploit Code
  • (9) Sanity Worm Exploiting phpBB Hole

  • Description: This worm attacks websites using the phpBB bulletin board software by exploiting recently reported command execution vulnerability in the bulletin board's "viewtopic" script. Upon a successful attack, the worm defaces the website and overwrites the files with the following extensions-.asp, .php. .htm. .jsp, .phtm and .shtm. The worm code has been publicly posted and hence can be potentially modified. Sites using phpBB should immediately upgrade to version 2.0.11.

  • Council Site Actions: The affected software is not in production or widespread use, or is not officially supported at any of the council sites. They reported that no action was necessary.

  • References:
Part II: Weekly Comprehensive List of Newly Discovered Vulnerabilities
Week 51, 2004

This list is compiled by Qualys ( www.qualys.com ) as part of that company's ongoing effort to ensure its vulnerability management web service tests for all known vulnerabilities that can be scanned. As of this week Qualys scans for 3965 unique vulnerabilities. For this special SANS community listing, Qualys also includes vulnerabilities that cannot be scanned remotely.

  • 04.51.1 - CVE: Not Available
  • Platform: Other Microsoft Products
  • Title: Windows Media Player ActiveX Control Vulnerability
  • Description: Windows Media Player ActiveX control may be abused by a web page to change attributes of media files allowing malicious users to execute script code in the Local Zone. Windows Media Player version 9 is affected.
  • Ref: http://www.4rman.com/security.htm
  • 04.51.2 - CVE: Not Available
  • Platform: Other Microsoft Products
  • Title: Windows Media Player ActiveX Control File Enumeration
  • Description: The Windows Media Player ActiveX control is reported to be vulnerable to a local file-system enumeration weakness when accessed by a malicious web page. The "getItemInfoByAtom()" control method allows the site to know whether a requested resource exists on the vulnerable host. Windows Media Player 9 is reported to be vulnerable.
  • Ref: http://www.4rman.com/security.htm
  • 04.51.3 - CVE: Not Available
  • Platform: Third Party Windows Apps
  • Title: WinRAR File Name Remote Client-Side Buffer Overflow
  • Description: RARLAB WinRAR is a compression utility. WinRAR is vulnerable to a buffer overflow issue when processing specially crafted file names. WinRAR versions 3.41 and earlier are known to be vulnerable.
  • Ref: http://www.securityfocus.com/bid/12002
  • 04.51.4 - CVE: Not Available
  • Platform: Third Party Windows Apps
  • Title: VB2C FRM File Remote Buffer Overflow
  • Description: VB2C is an application that converts Visual Basic files to C/GTK. It has been reported to be vulnerable to a buffer overflow condition due to insufficient boundary checks while processing a crafted FRM file. VB2C version 0.02 is reported to be vulnerable.
  • Ref: http://securesoftware.list.cr.yp.to/archive/0/30
  • 04.51.5 - CVE: CAN-2004-1283
  • Platform: Linux
  • Title: Mesh Viewer Buffer Overflow
  • Description: Mesh Viewer is an application designed to display 3-D images in an X-Windows environment. It is reported to be vulnerable to a buffer overflow issue due to improper boundary checks of user-supplied input. Mesh viewer version 0.2.2 is reported to be vulnerable.
  • Ref: http://tigger.uic.edu/~jlongs2/holes/meshviewer.txt
  • 04.51.6 - CVE: Not Available
  • Platform: Linux
  • Title: YAMT ID3 Tag Sort Command Execution
  • Description: YAMT (Yet Another MP3 Tool) is an MP3 organizer utility. It is reported to be vulnerable to a command execution issue due to improper sanitization of input to the "id3tag_sort()" function in "id3tag.c" script. YAMT version 0.5 is reported to be vulnerable.
  • Ref: http://securesoftware.list.cr.yp.to/archive/0/40
  • 04.51.7 - CVE: Not Available
  • Platform: Unix
  • Title: abcpp Directive Handler Buffer Overflow
  • Description: abcpp is a preprocessor for ABC music notation files. Insufficient boundary checking of ABC directives while copying into a finite buffer in the "handle_directive()" function of the "abcpp.c" file exposes a buffer overflow issue. abcpp version 1.3.0 is affected.
  • Ref: http://securesoftware.list.cr.yp.to/archive/0/52
  • 04.51.8 - CVE: CAN-2004-1258
  • Platform: Unix
  • Title: abcm2ps ABC File Buffer Overflow
  • Description: Jef Moine abcm2ps is a tool that converts ABC files to music sheets in PostScript format. abcm2ps is vulnerable to a buffer overflow issue. abcm2ps version 3.7.20 is known to be vulnerable.
  • Ref: http://tigger.uic.edu/~jlongs2/holes/abcm2ps.txt
  • 04.51.9 - CVE: CAN-2004-1278
  • Platform: Unix
  • Title: abc2ps/jcabc2ps Voice Field Buffer Overflow
  • Description: abc2ps and jcabc2ps are utilities that convert music notation files into PostScript format. It is reported that abc2ps and jcabc2ps are vulnerable to a buffer overflow issue. abc2ps version 1.2 and John Chambers jcabc2ps version 20040902 are known to be vulnerable.
  • Ref: http://tigger.uic.edu/~jlongs2/holes/jcabc2ps.txt
  • 04.51.10 - CVE: CAN-2004-1290
  • Platform: Unix
  • Title: pgn2web Buffer Overflow
  • Description: pgn2web is an open-source application designed to convert PGN (Portable Game Notation) files to web pages. pgn2web is susceptible to a buffer overflow vulnerability due to improper boundary checks of the"process_moves()" function in the "pgn2web.c" file. pgn2web version 0.3 is reported to be vulnerable.
  • Ref: http://tigger.uic.edu/~jlongs2/holes/pgn2web.txt
  • 04.51.11 - CVE: CAN-2004-1256
  • Platform: Unix
  • Title: abc2midi Multiple Stack Buffer Overflow Vulnerabilities
  • Description: abc2midi is a tool used to convert ABC files into MIDI files. abc2midi is vulnerable to two buffer overflow issues. abcMIDI version 2004-12-04 is known to be vulnerable.
  • Ref: http://tigger.uic.edu/~jlongs2/holes/abc2midi.txt
  • 04.51.12 - CVE: CAN-2004-1273, CAN-2004-1274
  • Platform: Unix
  • Title: greed GRX File List Buffer Overflow
  • Description: greed (Get and Resume Elite Edition) is an FTP/HTTP file transfer application. It is reported to be vulnerable to a buffer overflow issue due to improper sanitization of GRX file lists. greed GRX version 0.81p is reported to be vulnerable.
  • Ref: http://tigger.uic.edu/~jlongs2/holes/greed.txt
  • 04.51.13 - CVE: CAN-2004-1289
  • Platform: Unix
  • Title: PCAL Calendar File getline Buffer Overflow
  • Description: PCAL is a PostScript calendar generation utility. PCAL is prone to a buffer overflow vulnerability caused by an issue that exists in the "getline()" function in the "pcalutil.c" file. PCAL version 4.7.1 is known to be vulnerable.
  • Ref: http://tigger.uic.edu/~jlongs2/holes/pcal.txt
  • 04.51.14 - CVE: CAN-2004-1260
  • Platform: Unix
  • Title: abctab2ps ABC File Remote Buffer Overflow
  • Description: abctab2ps is a music and tablature typesetting program. It is vulnerable to a remote buffer overflow issue due to insufficient boundary checks in the "trim_title()" function of the "parse.cpp" file. abctab2ps version 1.6.3 is reported to be vulnerable.
  • Ref: http://securesoftware.list.cr.yp.to/archive/0/32
  • 04.51.15 - CVE: Not Available
  • Platform: Unix
  • Title: GNU UnRTF Font Table Conversion Buffer Overflow
  • Description: GNU UnRTF is a program converting RTF documents into other formats such as HTML, LaTeX, and PostScript. It is reported to be vulnerable to a buffer overflow condition while converting certain crafted files. This is due to insufficient boundary checks while copying user-supplied data. Attackers could leverage this to execute arbitrary code on the vulnerable system. UnRTF version 0.19.3 is reported to be vulnerable.
  • Ref: http://securesoftware.list.cr.yp.to/archive/0/53
  • 04.51.16 - CVE: Not Available
  • Platform: Unix
  • Title: DXFScope Remote Client-Side Buffer Overflow
  • Description: DXFScope is a Unix utility designed to render DXF formatted image files. It is reported to be vulnerable to a remote buffer overflow due to improper sanitization of user-supplied input in the "dxfin()" function of the "d.c" file.
  • Ref: http://securesoftware.list.cr.yp.to/archive/0/11
  • 04.51.17 - CVE: Not Available
  • Platform: Unix
  • Title: Bolthole Filter Address Parsing Buffer Overflow
  • Description: Bolthole Filter is an email filter. Insufficient boundary checks in the "save_embedded_address()" function of the "filter.c" file exposes a buffer overflow issue in the application. Bolthole Filter version 2.6.1 is affected.
  • Ref: http://securesoftware.list.cr.yp.to/archive/0/19
  • 04.51.18 - CVE: CAN-2004-1280
  • Platform: Unix
  • Title: junkie FTP Client Filename Command Execution
  • Description: junkie is an FTP client. junkie is vulnerable to a remote command execution issue when reading file names containing Unix shell delimiter characters. junkie version 0.3.1 is known to be vulnerable.
  • Ref: http://tigger.uic.edu/~jlongs2/holes/junkie.txt
  • 04.51.19 - CVE: Not Available
  • Platform: Unix
  • Title: junkie FTP Client File Corruption Vulnerability
  • Description: The junkie FTP client is reported to be vulnerable to a file corruption condition. This is exposed when the client fails to sanitize server-supplied filenames during downloads. Malicious servers could thereby compromise systems with the vulnerable client if sensitive system files can be overwritten. junkie FTP Client version 0.3.1 is reported to be vulnerable.
  • Ref: http://securesoftware.list.cr.yp.to/archive/0/27
  • 04.51.20 - CVE: CAN-2004-1146
  • Platform: Unix
  • Title: CVSTrac Unspecified Cross-Site Scripting
  • Description: CVSTrac is a web-based bug and patch-set tracking system for CVS. CVSTrac is vulnerable to an unspecified cross-site scripting vulnerability. CVSTrac versions prior to 1.1.5 are reported to be vulnerable.
  • Ref: http://www.securityfocus.com/advisories/7653
  • 04.51.21 - CVE: CAN-2004-1257
  • Platform: Unix
  • Title: abc2mtex Process ABC Key Field Buffer Overflow
  • Description: abc2mtex is a tool for converting ABC music notation files into MTEX format. abc2mtex is vulnerable to a buffer overflow issue when converting files. abc2mtex version 1.6.1 is known to be vulnerable.
  • Ref: http://tigger.uic.edu/~jlongs2/holes/abc2mtex.txt
  • 04.51.22 - CVE: Not Available
  • Platform: Cross Platform
  • Title: csv2xml Buffer Overflow Vulnerability
  • Description: The csv2xml tool is designed to convert CSV (Comma Separated Value) input into XML (eXtensible Markup Language) output. It is reported to be vulnerable to a buffer overflow condition due to insufficient boundary checks while processing user-supplied data via crafted files. Attackers could leverage this to execute arbitrary code on the vulnerable system. csv2xml version 0.5.2 is reported to be vulnerable.
  • Ref: http://securesoftware.list.cr.yp.to/archive/0/39
  • 04.51.23 - CVE: Not Available
  • Platform: Cross Platform
  • Title: IglooFTP Server File Corruption Vulnerability
  • Description: IglooFTP is an FTP client. IglooFTP does not properly sanitize server-supplied filenames during downloads, potentially allowing for files to be created or overwritten on the client machine.
  • Ref: http://securesoftware.list.cr.yp.to/archive/0/50
  • 04.51.24 - CVE: Not Available
  • Platform: Cross Platform
  • Title: xlreader Remote Client-Side Buffer Overflow
  • Description: xlreader is a utility designed to read and convert Excel documents. Insufficient sanitization of malformed Excel documents in the "book_format_sql()" function exposes a buffer overflow issue. xlreader version 0.9 is affected.
  • Ref: http://www.securityfocus.com/bid/11970
  • 04.51.25 - CVE: Not Available
  • Platform: Cross Platform
  • Title: Yanf HTTP Response Buffer Overflow
  • Description: Yanf (Yet Another News Fetcher) is a client utility for retrieving news from Web sites. Insufficient sanitization of data received from the server in the "get()" function of the "get.c" file exposes a buffer overflow condition. Yanf version 0.4 is affected.
  • Ref: http://www.securityfocus.com/bid/11964/info/
  • 04.51.26 - CVE: Not Available
  • Platform: Cross Platform
  • Title: rtf2latex2e Stack Buffer Overflow
  • Description: rtf2latex2e is an application designed to convert RTF formatted files to LaTeX. Insufficient sanitization of the "buf" variable in the "ReadFontTbl()" function of the "reader.c" file exposes a buffer overflow issue. rtf2latex2e version 1.0 fc2 is affected.
  • Ref: http://securesoftware.list.cr.yp.to/archive/0/14
  • 04.51.27 - CVE: Not Available
  • Platform: Cross Platform
  • Title: Ringtone Tools EMelody File Remote Buffer Overflow
  • Description: Ringtone Tools is an application that creates custom ringtones and graphical logos for mobile phones. It is reported to be vulnerable to a remote buffer overflow condition due to insufficient boundary checks while copying user-supplied data via a malicious eMelody file. Ringtone Tools version 2.22 is reported to be vulnerable.
  • Ref: http://securesoftware.list.cr.yp.to/archive/0/29
  • 04.51.28 - CVE: Not Available
  • Platform: Cross Platform
  • Title: Perl Crypt::ECB Incorrect Block Encryption Weakness
  • Description: The Perl module Crypt::ECB (Electronic Code Book) is an implementation of the Electronic Code Book mode of encryption and decryption. The module fails to properly validate user-supplied input data. This weakness may potentially result in incorrect encryption and decryption of input data. The Perl model Crypt::ECB 1.1 and ECB 1.1-2 are vulnerable.
  • Ref: http://secunia.com/advisories/13566/
  • 04.51.29 - CVE: Not Available
  • Platform: Web Application
  • Title: PhpBB Multiple Admin Pages Vulnerabilities
  • Description: PhpBB is a web forum application. The vendor has reported multiple issues in the 2.0.7 version of the application that could be used to gain administrator rights or manipulate bulletin board data.
  • Ref: http://www.securityfocus.com/bid/12013/info/
  • 04.51.30 - CVE: Not Available
  • Platform: Web Application
  • Title: PhpBB IMG Tag HTML Injection Vulnerability
  • Description: PhpBB is a web-based bulletin board. It is reportedly vulnerable to an HTML injection issue due to insufficient sanitization of the "IMG" image tags. An attacker could leverage this to insert malicious HTML content into the board. PhpBB version 2.0.7 is reported to be vulnerable.
  • Ref: http://www.phpbb.com/support/documents.php?mode=changelog
  • 04.51.31 - CVE: Not Available
  • Platform: Web Application
  • Title: Mantis Unspecified SQL Injection Vulnerability
  • Description: Mantis is a Web based bug tracking system implemented in PHP. It is reported to be vulnerable to sql injection issue, due to improper sanitization of user-supplied input. Mantis version 0.18.2 is reported to be vulnerable.
  • Ref: http://www.mantisbt.org/
  • 04.51.32 - CVE: Not Available
  • Platform: Web Application
  • Title: o3read HTML Parser Buffer Overflow
  • Description: o3read is a file conversion utility. Insufficient boundary checks in the "parse_thml()" function of the "o3read.c" file exposes a buffer overflow issue. o3read version 0.3 is affected.
  • Ref: http://securesoftware.list.cr.yp.to/archive/0/42
  • 04.51.33 - CVE: Not Available
  • Platform: Web Application
  • Title: WorkBoard Multiple Cross-Site Scripting Vulnerabilities
  • Description: WorkBoard is a Web based project management application implemented in PHP. It is reported to be vulnerable to multiple cross-site scripting issues, due to improper sanitization of "project_id" and "task_id" parameters of the "modules.php" script. WorkBoard version 1.2 is knwown to be vulnerable.
  • Ref: http://lostmon.blogspot.com/2004/12/workboard-input-validation-er ror-in.html
  • 04.51.34 - CVE: Not Available
  • Platform: Network Device
  • Title: ChBg Scenario File Overflow Vulnerability
  • Description: ChBg is a desktop background manager. It is reported to be vulnerable to a remote buffer overflow issue, due to improper boundary checks of user-supplied input data. ChBg 1.5 is reported to be vulnerable to the issue.
  • Ref: http://www.securityfocus.com/bid/11957

(c) 2004. All rights reserved. The information contained in thisnewsletter, including any external links, is provided "AS IS," with noexpress or implied warranty, for informational purposes only. In somecases, copyright for material in this newsletter may be held by a partyother than Qualys (as indicated herein) and permission to use suchmaterial must be requested from the copyright owner.

==end==

Subscriptions: @RISK is distributed free of charge to peopleresponsible for managing and securing information systems and networks.You may forward this newsletter to others with such responsibilityinside or outside your organization.

To subscribe, at no cost, go to https://portal.sans.org where you mayalso request subscriptions to any of SANS other free newsletters.

To change your subscription, address, or other information, visit http://portal.sans.org

Copyright 2004. All rights reserved. No posting or reuse allowed,other that listed above, without prior written permission.

Excellent Training, Top Notch.
-Dennis Dragos, NYPD

Security 760

Latest Whitepapers

Building and Maintaining a "Certifiable" Workforce
By Robert J. Mavretich

How Can You Build and Leverage SNORT IDS Metrics to Reduce Risk?
By Tim Proffitt

Daisy Chain Authentication
By Courtney Imbert

Latest Tweets

NEW #SANS Survey: Security Analytics & Intelligence 2nd [...]
October 1, 2013 - 6:30 PM

Tips on how to convince your boss to let you train online wi [...]
October 1, 2013 - 6:23 PM

#2 Tip on how 2 convince your boss 2 let u train online: Fle [...]
October 1, 2013 - 3:00 PM

Contact Us

(301) 654-SANS (7267)
Mon-Fri 9am - 8pm EST/EDT
info@sans.org

"The amount of knowledge conveyed and technical diving by practical hands-on was well balanced."
- Aaron Moore, Maricopa County

"SANS is far more in-depth than other training I have attended."
- Frank Rajnai, Sears Canada Inc

"SANS always provides you what you need to become a better security professional at the right price."
- Rasik Vekaria, BP