Last day to save $500 for SANS San Diego 2013

@RISK: The Consensus Security Vulnerability Alert

Volume: V, Issue: 36
September 11, 2006

SANS Newsletters Home

Another quiet week. The pause may give you time to get involved in community projects to help better secure the internet. Here's a great one:

If you are an administrator/CSO/vulnerability researcher (or have a similar role) and are interested contributing to this years the Top-20 Internet Security Vulnerabilities project, contact the project manager, Rohit Dhamankar (dhamankar@sans.org), with your name, the organization you represent, email and phone, and a brief description of your security specialty. At the end of this issue, you'll find a description of the Top20 project.

Alan

@RISK is the SANS community's consensus bulletin summarizing the most important vulnerabilities and exploits identified during the past week and providing guidance on appropriate actions to protect your systems (PART I). It also includes a comprehensive list of all new vulnerabilities discovered in the past week (PART II).

Summary of the vulnerabilities reported this week:

    • Category
    • # of Updates & Vulnerabilities
    • Microsoft Office
    • 1
    • Third Party Windows Apps
    • 7 (#2, #5)
    • Unix
    • 4
    • Cross Platform
    • 6 (#1)
    • Web Application - Cross Site Scripting
    • 5
    • Web Application - SQL Injection
    • 11
    • Web Application
    • 48 (#3, #4)
    • Network Device
    • 3
    • Hardware
    • 3

****************** Sponsored By Fiberlink Communications ****************

The Hack is Back! In Fiberlink's new on-demand video/companion guide, our ethical hacker demonstrates four advanced hacks using techniques used to target mobile endpoints and the corporate network. Learn about the changing security landscape, current hacking techniques used to exploit vulnerabilities on mobile systems, and fundamental security strategy changes that can protect your mobile enterprise from attack. http://www.sans.org/info.php?id=1339

****************** Highlighted Training Program of the Week ************ THE PROCESS CONTROL & SCADA SECURITY SUMMIT Don't miss this unique opportunity to hear fresh approaches to improving SCADA and control system security that can be implemented now at the SCADA Security Summit in Las Vegas on September 28 - 30. http://www.sans.org/info.php?id=1330

What previous attendees said about the program: "It didn't just concentrate on the problems; it focused on finding the solutions." (Tracy Pettit, Nebraska Public Power District) "Real world, hands-on, hit the ground running focus with instant payback." (Jeff Bryner, Portland General Electric) "It was refreshing to get away from all the 'chicken little' stuff and take a step closer to reality. It is good to know that not all the myths are true and that there are potential and viable solutions that can and apparently are working." (Kimberly Lee, US Department of Defense)

*************************************************************************

Table Of Contents
Part II -- Comprehensive List of Newly Discovered Vulnerabilities from Qualys (www.qualys.com)
Microsoft Office
Third Party Windows Apps
Unix
Cross Platform
Web Application - Cross Site Scripting
Web Application - SQL Injection
Web Application
Network Device
Hardware

************************* Sponsored Links: ******************************

1) Register Today- SANS Internet Storm Center webcast, 9/13 at 1pm-2pm EDT, "Internet Storm Center: The Evolving Malware Landscape" http://www.sans.org/info.php?id=1340

*************************************************************************

PART I Critical Vulnerabilities

Part I is compiled by Rob King and Rohit Dhamankar at TippingPoint, a division of 3Com, as a by-product of that company's continuous effort to ensure that its intrusion prevention products effectively block exploits using known vulnerabilities. TippingPoint's analysis is complemented by input from a council of security managers from twelve large organizations who confidentially share with SANS the specific actions they have taken to protect their systems. A detailed description of the process may be found at http://www.sans.org/newsletters/cva/#process

Widely Deployed Software
  • (1) MODERATE: ISC BIND Remote Denial of Service
  • Affected:
    • ISC BIND versions 9.3.x and possibly 9.2.x

  • Description: ISC BIND, by far the most popular Domain Name System (DNS) server software on the internet, contains a remotely-exploitable denial-of-service (DoS) condition. By sending a specially-crafted DNS request including SIG or recursive queries, an attacker could cause the server to crash. Depending on configuration, the server may or may not automatically restart. Note that ISC does not believe that the 9.2 branch is vulnerable, but they have issued a patch anyway.

  • Status: ISC confirmed, updates available.

  • Council Site Actions: Two of the reporting council sites have responded to this item. One site has updated their systems to 9.3.2-P1. The other site has several dozen affected systems and will likely deploy patches within the next several weeks. Some of their systems load all patches from a Linux distributor and will likely be updated within approximately a week.

  • References: ISC Security Advisory
Other Software
  • (2) CRITICAL: Ipswitch IMail Remote Buffer Overflow
  • Affected:
    • Ipswitch Imail Server 2006

  • Description: Ipswitch IMail, a popular mail server solution for Microsoft Windows, contains a remotely-exploitable buffer overflow. By sending a specially-formatted request to the SMTP server component, an unauthenticated attacker could trigger this buffer overflow and execute arbitrary code with the privileges of the server software - often SYSTEM. Note that technical details for this vulnerability have been publicly posted.

  • Status: Ipswitch confirmed, updates available.

  • Council Site Actions: The affected software and/or configuration are not in production or widespread use, or are not officially supported at any of the council sites. They reported that no action was necessary.

  • References:
  • (3) HIGH: Capi4HylaFax Remote Command Execution
  • Affected:
    • Capi4HylaFax versions 1.x

  • Description: Capi4HylaFax, a module that allows faxing via CAPI and AVM Fritz! cards, contains a remote command execution vulnerability. By sending a specially-crafted fax request to a vulnerable system, an attacker could execute arbitrary code with the privileges of the HylaFax process, often root.

  • Status: Vendor has not confirmed, no updates available.

  • Council Site Actions: The affected software and/or configuration are not in production or widespread use, or are not officially supported at any of the council sites. They reported that no action was necessary.

  • References:
  • (5) MODERATE: Retro64 CR64Loader ActiveX Control Remote Buffer Overflow
  • Affected:
    • Retro64 CR64Loader ActiveX Component

  • Description: The Retro64 CR64Loader ActiveX component, part of various Retro64 video game products, contains a remotely-exploitable buffer overflow. A specially-crafted web page that instantiates this component could trigger this buffer overflow, and execute arbitrary code with the privileges of the current user. Note that re-usable exploit code to leverage similar flaws is publicly available. Flaws similar to this have been widely exploited in the past.

  • Status: Vendor has not confirmed, no updates available. Users may be able to mitigate the impact of this vulnerability by disabling the ActiveX component via Microsoft's "kill bit" mechanism for CLSID "{288C5F13-7E52-4ADA-A32E-F5BF9D125F99}".

  • Council Site Actions: The affected software and/or configuration are not in production or widespread use, or are not officially supported at any of the council sites. They reported that no action was necessary. Once council site did comment that it was likely that at least a few systems at their have this ActiveX control, but they have no plans to respond because they have no realistic way to identify the affected user population.

  • References:
Part II: Weekly Comprehensive List of Newly Discovered Vulnerabilities
Week 36, 2006

This list is compiled by Qualys ( www.qualys.com ) as part of that company's ongoing effort to ensure its vulnerability management web service tests for all known vulnerabilities that can be scanned. As of this week Qualys scans for 5156 unique vulnerabilities. For this special SANS community listing, Qualys also includes vulnerabilities that cannot be scanned remotely.

  • 06.36.1 - CVE: CVE-2006-4534
  • Platform: Microsoft Office
  • Title: Microsoft Word 2000 Unspecified Remote Code Execution
  • Description: Microsoft Word is vulnerable to an unspecified remote code execution issue when opening a malicious Word document. See the advisory for futher details.
  • Ref: http://www.microsoft.com/technet/security/advisory/925059.mspx
  • 06.36.2 - CVE: Not Available
  • Platform: Third Party Windows Apps
  • Title: J River Media Center Mediacenter.EXE Buffer Overflow
  • Description: Media Center is an application that allows you to play PC music, videos and view various images. Media Center and various Media center plugins are prone to a buffer overflow vulnerability. This issue resides in the "Mediacenter.exe" file. Version 11.0.309 is vulnerable to this issue.
  • Ref: http://www.securityfocus.com/bid/19853
  • 06.36.3 - CVE: CVE-2006-3999
  • Platform: Third Party Windows Apps
  • Title: Internet Security Systems BlackICE Local Denial of Service
  • Description: Internet Security Systems BlackICE is a firewall/IDS application. It is vulnerable to a local denial of service issue due improper validation of the third argument of the "NtOpenSection" before it is used in "RapDrv.sys". Internet Security Systems BlackICE versions 3.6.cpn, 3.6.cpj, and 3.6.cpiE are vulnerable. Ref: http://www.matousec.com/info/advisories/BlackICE-Insufficient-validation-of-arguments-of-NtOpenSection.php
  • 06.36.4 - CVE: Not Available
  • Platform: Third Party Windows Apps
  • Title: AuditWizard Log File Information Disclosure
  • Description: AuditWizard is a system inventory auditing application for Windows. It is prone to a local information disclosure vulnerability because the application fails to properly ensure that sensitive information is not disclosed to local users. The vendor may have reissued version 6.3.2 with fixes that address this issue.
  • Ref: http://www.securityfocus.com/bid/19860
  • 06.36.5 - CVE: CVE-2006-24822006-1.16 are vulnerable.
  • Platform: Third Party Windows Apps
  • Title: Microchip Data Systems ZipTV TZipTV ARJ File Handling Buffer Overflow Vulnerability
  • Description: ZipTV is a file compression and decompression suite. The TZipTV component of ZipTV is used to view archives. The TZipTV component is vulnerable to a buffer overflow issue when handling malformed ARJ archives with excessively large ARJ header blocks. ZipTV for Delphi 7 version 2006.1.26 and ZipTV for C++ Builder version
  • Ref: http://secunia.com/secunia_research/2006-50/advisory/
  • 06.36.6 - CVE: CVE-2006-3552
  • Platform: Third Party Windows Apps
  • Title: Ipswitch IMail Server and Collaboration Suite Unspecified SMTP Daemon
  • Description: Ipswitch IMail is an email server that serves clients their mail via a web interface. Ipswitch Collaboration Suite (ICS) is an application suite that includes IMail Server and IMail Anti-Virus. Ipswitch IMail Server / Collaboration Suite are prone to an unspecified vulnerability that may allow for remote arbitrary code execution. Ipswitch Collaboration 2006 Suite Premium and Standard Editions, IMail, IMail Plus, and IMail Secure are reported to be vulnerable.
  • Ref: http://www.ipswitch.com/support/ics/updates/ics20061.asp
  • 06.36.7 - CVE: Not Available
  • Platform: Third Party Windows Apps
  • Title: Avira AntiVir Personal Edition Classic Update.EXE Local Privilege Escalation
  • Description: AntiVir Personal Edition Classic is prone to a local privilege escalation vulnerability. This issue is due to a failure in the application to sanitize user-supplied input to the progress bar control of the "update.exe" process. AntiVir Personal Edition Classic version 7 is vulnerable.
  • Ref: http://www.securityfocus.com/bid/19889
  • 06.36.8 - CVE: Not Available11.00.00 are affected by this vulnerability.
  • Platform: Third Party Windows Apps
  • Title: Panda Platinum Internet Security 2006/2007 Local Privilege Escalation
  • Description: Panda Platinum Internet Security is an Internet security application suite that includes antivirus, antispyware, firewall, identity protection, antispam and parental control software packages. The application is prone to a local privilege escalation vulnerability deriving from a design error. Specifically, this vulnerability arises because the application assigns insecure file permissions to certain directories upon installation. Attackers may exploit this vulnerability to overwrite executables with arbitrary code in the affected directories to be executed with LocalSystem level privileges. Panda Platinum Internet Security versions 2006 10.02.01 and 2007
  • Ref: http://www.securityfocus.com/archive/1/445479
  • 06.36.9 - CVE: Not Available
  • Platform: Unix
  • Title: DSocks Name Variable Buffer Overflow
  • Description: Dsocks is a client wrapper application to allow anonymous web browsing using the Tor DNS proxy. The application is prone to a remote buffer overflow vulnerability. Successful exploits may allow an attacker to execute arbitrary code in the context of the user running the application.
  • Ref: http://www.securityfocus.com/archive/1/445200
  • 06.36.10 - CVE: Not Available
  • Platform: Unix
  • Title: Tor Multiple Buffer Overflow/Information Disclosure/Denial of Service Vulnerabilities
  • Description: Tor is an implementation of second generation Onion Routing, a connection oriented anonymizing communication service. Tor is affected by multiple vulnerabilities. Please refer to the provided link for further details.
  • Ref: http://archives.seul.org/or/announce/May-2006/msg00000.html
  • 06.36.11 - CVE: CVE-2006-4146
  • Platform: Unix
  • Title: GDB DWARF Multiple Buffer Overflow Vulnerabilities
  • Description: GDB, the GNU Project Debugger, is a debugging application for programs written in C, C++ and other languages. DWARF is a standardized method to insert debugging information into ELF executable files. The application is prone to multiple buffer overflow vulnerabilities due to insufficient bounds checking when handling DWARF and DWARF2 data in both "dwarfread.c" and "dwarfread2.c". Arbitrary data in location description blocks (DW_FORM_block) which is in excess of 64 bytes will overwrite current stack frame data.
  • Ref: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204845
  • 06.36.12 - CVE: CVE-2006-4600
  • Platform: Unix
  • Title: OpenLDAP SLAPD Access Control Circumvention
  • Description: OpenLDAP is an open source implementation of the LDAP protocol. slapd is the stand alone LDAP daemon. It is prone to an access control circumvention vulnerability. This issue arises because the application does not properly process an access control list that is used to allow users to add or delete their own domain name. Versions prior to 2.3.25 are vulnerable. Ref: http://www.openldap.org/lists/openldap-announce/200608/msg00000.html
  • 06.36.13 - CVE: Not Available
  • Platform: Cross Platform
  • Title: Avira AntiVir Shatter Local Buffer Overflow
  • Description: Avira AntiVir is anti-virus software. It is prone to an unspecified "shatter style" local buffer overflow vulnerability. Version 6.35.00.00 is reported to be vulnerable; other versions may be vulnerable as well.
  • Ref: http://www.securityfocus.com/bid/19843
  • 06.36.14 - CVE: Not Available
  • Platform: Cross Platform
  • Title: OpenSSL PKCS Padding RSA Signature Forgery
  • Description: OpenSSL is an open-source implementation of the SSL protocol. OpenSSL is susceptible to a vulnerability that may allow an RSA signature to be forged. It is possible to forge a PKCS #1 v1.5 signature when an RSA key with exponent 3 is used. All versions of OpenSSL prior to and including 0.9.7j and 0.9.8b are affected by this vulnerability. Updates are available.
  • Ref: http://www.securityfocus.com/bid/19849
  • 06.36.15 - CVE: Not Available
  • Platform: Cross Platform
  • Title: LibTIFF TIFFFindFieldInfo Remote Buffer Overflow
  • Description: LibTIFF is a library for reading and manipulating Tag Image File Format (TIFF) files. It is freely available for UNIX and UNIX-like operating systems as well as Microsoft Windows. It is exposed to a buffer overflow issue because due to improper boundary checks before copying user-supplied data into a finite-sized buffer. This issue is known to affect versions of LibTIFF included with Sony PSP devices running firmware versions 2.0 through 2.8.
  • Ref: http://www.psp-hacks.com/forums/about39614.html
  • 06.36.16 - CVE: Not Available
  • Platform: Cross Platform
  • Title: Compression Plus Zoo Format Stack Overflow
  • Description: The Compression Plus is a compression toolkit that supports several compressed archival formats. It is susceptible to a stack based buffer overflow vulnerability. This issue occurs when the affected application attempts to process malicious ZOO files. Versions 5 and prior of Compression Plus are reported vulnerable.
  • Ref: http://www.securityfocus.com/bid/19796
  • 06.36.17 - CVE: Not Available
  • Platform: Cross Platform
  • Title: Cerberus Helpdesk Ticket Parameter Unauthorized Access
  • Description: Cerberus Helpdesk is an email management application. Insufficient sanitization of the "ticket" parameter when viewing tickets in the Client Support Center exposes the application to an unauthorized access issue. Cerberus Helpdesk version 3.2, build 317 is affected.
  • Ref: http://www.securityfocus.com/bid/19797
  • 06.36.18 - CVE: CVE-2006-4095, CVE-2006-4096
  • Platform: Cross Platform
  • Title: ISC BIND Multiple Remote Denial of Service Vulnerabilities
  • Description: ISC BIND is prone to multiple denial of service issues. All current versions are affected. Please check the attached advisory for details.
  • Ref: http://www.securityfocus.com/bid/19859
  • 06.36.19 - CVE: CVE-2006-4460
  • Platform: Web Application - Cross Site Scripting
  • Title: PHP iAddressBook Unspecified Cross-Site Scripting
  • Description: PHP iAddressBook is an online address book implemented in PHP. It is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input to unspecified parameters and scripts. Versions 0.95 and prior are vulnerable.
  • Ref: http://wacha.ch/wiki/addressbook:changelog#version_0.96_2006-09-02
  • 06.36.20 - CVE: Not Available
  • Platform: Web Application - Cross Site Scripting
  • Title: SoftBB Page Parameter Cross-Site Scripting
  • Description: SoftBB is a web-based bulletin board. Insufficient sanitization of the "page" parameter of the "index.php" script exposes the application to a cross-site scripting issue.
  • Ref: http://www.securityfocus.com/bid/19847
  • 06.36.21 - CVE: Not Available
  • Platform: Web Application - Cross Site Scripting
  • Title: VBZoom Profile.PHP Cross-Site Scripting
  • Description: VBZooM is a forum application. It is prone to a cross-site scripting vulnerability due to insufficient input sanitization of the "UserID" parameter of the "index.php" script. Version 1.11 is reported to be vulnerable.
  • Ref: http://www.securityfocus.com/bid/19803
  • 06.36.22 - CVE: Not Available
  • Platform: Web Application - Cross Site Scripting
  • Title: PHP-Nuke MyHeadlines Module Cross-Site Scripting
  • Description: MyHeadlines is a module for PHP-Nuke, which acts as a RSS reader. MyHeadlines is vulnerable to a cross-site scripting issue due to insufficient sanitization of user-supplied input to the "myh_op" parameter of the "modules.php" script. MyHeadlines version 4.3.1 is vulnerable.
  • Ref: http://www.securityfocus.com/bid/19825
  • 06.36.23 - CVE: Not Available
  • Platform: Web Application - Cross Site Scripting
  • Title: AckerTodo Index.PHP Cross-Site Scripting
  • Description: AckerTodo is a list manager. It is vulnerable to a cross-site scripting issue due to insufficient sanitization of user-supplied input to the "task_id" parameter of the "index.php" script. AckerTodo version 4.0 is vulnerable.
  • Ref: http://www.securityfocus.com/archive/1/445465
  • 06.36.24 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: ZixForum ReplyNew.ASP SQL Injection
  • Description: ZixForum is a web-based forum application. Insufficient sanitization of the "RepId" parameter of the "ReplyNew.asp" script exposes the application to an SQL injection issue. ZixForum version 1.12 is affected.
  • Ref: http://www.securityfocus.com/bid/19855
  • 06.36.25 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: 8Pixel.net SimpleBlog ID Parameter SQL Injection
  • Description: SimpleBlog is a web log application. It is exposed to an SQL injection issue due to insufficient sanitization of user-supplied input to the "id" parameter of the "default.asp" script. Version 2.3 is affected.
  • Ref: http://www.securityfocus.com/bid/19848
  • 06.36.26 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: ICBlogger Devam.ASP SQL Injection
  • Description: ICBlogger is a web log application. It is vulnerable to an SQL injection issue due to insufficient sanitization of user-supplied input to the "YID" parameter of the "devam.asp" script. ICBlogger version 2.0 is vulnerable.
  • Ref: http://www.securityfocus.com/archive/1/445002
  • 06.36.27 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: e107 Multiple SQL Injection Vulnerabilities
  • Description: e107 is a content management system implemented in PHP. It is prone to multiple SQL injection vulnerabilities because it fails to properly sanitize user-supplied input to multiple scripts and parameters. Version 0.7.5 is vulnerable to this issue.
  • Ref: http://www.securityfocus.com/bid/19812
  • 06.36.28 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: Autentificator Aut_Verifica.Inc.PHP SQL Injection
  • Description: Autentificator is a script that allow administrators to control access to certain web pages. It is affected by an SQL injection issue due to insufficient sanitization of the "user" parameter of the "aut_verifica.inc.php" script. Autentificator version 2.01 is affected.
  • Ref: http://www.securityfocus.com/bid/19813
  • 06.36.29 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: SMF Multiple SQL Injection Vulnerabilities
  • Description: SMF is a web forum. It is exposed to multiple SQL injection issues due to insufficient sanitization of user-supplied to different parameters of "ManagedBoards.php" and "Subs-Boards.php". Version 1.1 RC3 is affected.
  • Ref: http://www.securityfocus.com/bid/19814
  • 06.36.30 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: SSLinks Multiple SQL Injection Vulnerabilities
  • Description: SSLinks is an application for administrating website link exchanges. It is vulnerable to multiple SQL injection issus because it fails to properly sanitize user-supplied input to the "go" and "rate" parameters of the "global.inc.php" scripts. SSLinks versions 1.22 and earlier are vulnerable.
  • Ref: http://www.securityfocus.com/bid/19815
  • 06.36.31 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: Annuaire 1Two index.php SQL Injection
  • Description: Annuaire 1Two is a web directory script. It is prone to an SQL injection vulnerability due to insufficient input sanitization of the "password" parameter of the "index.php" script. Version 1.1.0 is reported to be vulnerable.
  • Ref: http://www.securityfocus.com/bid/19817
  • 06.36.32 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: Muratsoft Haber Portal Kategori.ASP SQL Injection
  • Description: Haber Portal is a web portal script implemented in ASP. It is prone to an SQL injection vulnerability because it fails to properly sanitize user-supplied input to the "kat" parameter of the "kategori.asp" script. Version 3.6 is vulnerable to this issue.
  • Ref: http://www.securityfocus.com/bid/19821
  • 06.36.33 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: Uni-vert PhpLeague Joueurs.PHP SQL Injection
  • Description: Uni-vert PhpLeague is a sport score management tool. It is prone to an SQL injection vulnerability because it fails to sufficiently sanitize user-supplied data to the "id_joueur" parameter of the "consult/joueurs.php" script. Versions 0.82b and 0.82 are vulnerable.
  • Ref: http://www.securityfocus.com/bid/19880
  • 06.36.34 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: PHP-Fusion News.PHP SQL Injection
  • Description: PHP-Fusion is a website management application. Insufficient sanitization of the "_SERVER[REMOTE_ADDR]" parameter of the "news.php" script exposes the application to a SQL injection issue. PHP-Fusion version 6.01.4 is affected.
  • Ref: http://www.securityfocus.com/bid/19908
  • 06.36.35 - CVE: Not Available
  • Platform: Web Application
  • Title: Alt-N MDaemon WebAdmin Component Unauthorized Access
  • Description: WebAdmin is an adminstrative component for the MDaemon mail server. The MDaemon WebAdmin component is vulnerable to an unauthorized access issue because the application does not prevent domain administrators from accessing unauthorized email accounts. Alt-N MDaemon WebAdmin Component versions prior to 3.2.6 are vulnerable.
  • Ref: http://www.securityfocus.com/archive/1/445153
  • 06.36.36 - CVE: Not Available
  • Platform: Web Application
  • Title: Easy Address Book Web Server Remote Format String
  • Description: Easy Address Book Web Server is a web-based address book application. It is vulnerable to a remote format string issue due to a failure of the application to properly sanitize user-supplied data prior to including it in the format specifier argument to a formatted printing function. Easy Address Book Web Server version 1.2 is vulnerable.
  • Ref: http://www.securityfocus.com/archive/1/445262
  • 06.36.37 - CVE: Not Available
  • Platform: Web Application
  • Title: annoncesV annonce.php Remote File Include
  • Description: annoncesV is a web-based news script. It is prone to a remote file include vulnerability due to insufficient input sanitization of the "page" parameter of the "annonce.php" script. Version 1.1 is reported to be vulnerable.
  • Ref: http://www.securityfocus.com/bid/19854
  • 06.36.38 - CVE: Not Available
  • Platform: Web Application
  • Title: Graphiks GrapAgenda Index.PHP Remote File Include
  • Description: GrapAgenda is a web-based agenda tool. It is exposed to a remote file include issue due to insufficient sanitization of user-supplied input to the "page" parameter of the "index.php" script. Version 0.1 is affected.
  • Ref: http://www.securityfocus.com/bid/19857
  • 06.36.39 - CVE: Not Available
  • Platform: Web Application
  • Title: Web Dictate Admin Authentication Bypass
  • Description: Web Dictate is a web-based dictation application. It is prone to an authentication bypass vulnerability, due to a failure to check for "null" passwords. Version 1.02 is reported to be vulnerable.
  • Ref: http://www.securityfocus.com/bid/19836
  • 06.36.40 - CVE: Not Available
  • Platform: Web Application
  • Title: Amazing little picture poll Admin Login Page Authentication Bypass
  • Description: Amazing little picture poll is a voting poll application. It is prone to an authentication bypass vulnerability. This issue occurs because the application fails to check for null passwords before authenticating a valid user. An attacker can exploit this issue to gain administrative access to the effected application. Version 1.3 is vulnerable to this issue.
  • Ref: http://www.securityfocus.com/bid/19837
  • 06.36.41 - CVE: Not Available
  • Platform: Web Application
  • Title: pHNews Comments.PHP Local File Include
  • Description: pHNews is a web-based content management system implemented in PHP. It is prone to a local file include vulnerability because it fails to properly sanitize user-supplied input to the "templates_dir" parameter of the "modules/comments.php" script.
  • Ref: http://www.securityfocus.com/bid/19838
  • 06.36.42 - CVE: Not Available
  • Platform: Web Application
  • Title: SoftBB Multiple Input Validation Vulnerabilities
  • Description: SoftBB is a web-based bulletin board. It is affected by multiple security issues including SQL injection and remote file include. SoftBB version 0.1 is affected.
  • Ref: http://www.securityfocus.com/bid/19839
  • 06.36.43 - CVE: Not Available
  • Platform: Web Application
  • Title: PHP-Proxima BB_Smilies.PHP Local File Include
  • Description: PHP-Proxima is an add-on for PHP-Nuke. It is exposed to a local file include issue due to insufficient sanitization of user-supplied input to the "name" parameter of the "modules/Forums/bb_smilies.php" script. PHP-Proxima version 6.0 is affected.
  • Ref: http://www.securityfocus.com/bid/19840
  • 06.36.44 - CVE: Not Available
  • Platform: Web Application
  • Title: DynCMS X_Admindir Remote File Include
  • Description: DynCMS is a content-management system that is implemented in PHP. It is prone to a remote file include vulnerability because it fails to properly sanitize user-supplied input to the "x_admindir"' parameter of the "0_admin/modules/Wochenkarte/frontend/index.php" script.
  • Ref: http://www.securityfocus.com/bid/19846
  • 06.36.45 - CVE: Not Available
  • Platform: Web Application
  • Title: MySpeach JScript.PHP Remote File Include
  • Description: MySpeach is a web-based chat application. It is vulnerable to a remote file include issue due to insufficient sanitization of user-supplied input to the "my_ms[root]" parameter of the "jscript.php" script. MySpeach versions 3.0.2 and earlier are vulnerable.
  • Ref: http://www.securityfocus.com/bid/19851
  • 06.36.46 - CVE: Not Available
  • Platform: Web Application
  • Title: YACS Multiple Remote File Include Vulnerabilities
  • Description: Yet Another Community System (YACS) is a web-based CMS. It is exposed to multiple remote file include issues due to insufficient sanitization of user-supplied input to the "context[path_to_root]" parameter of various scripts. YACS Version 6.6.1 is affected.
  • Ref: http://www.securityfocus.com/bid/19799
  • 06.36.47 - CVE: Not Available
  • Platform: Web Application
  • Title: ToendaCMS Remote File Include
  • Description: ToendaCMS is a content management solution. Insufficient sanitization of the "tcms_administer_site" parameter of the "inc/database.php" script exposes the application to a remote file include issue. ToendaCMS 1.0.3 and earlier are affected.
  • Ref: http://www.securityfocus.com/bid/19806
  • 06.36.48 - CVE: Not Available
  • Platform: Web Application
  • Title: Papoo CMS IBrowser Remote File Include
  • Description: Papoo CMS is a content management system. It is exposed to a remote file include issue due to insufficient sanitization of user-supplied input to the "tinyMCE_imglib_include" variable of the "ibrowser.php" script. Version 3.0.2 is affected.
  • Ref: http://www.securityfocus.com/bid/19807
  • 06.36.49 - CVE: Not Available
  • Platform: Web Application
  • Title: IntegraMOD PHPbb_Root_Path Multiple Remote File Include Vulnerabilities
  • Description: IntegraMOD is an integrated modification application for PHPBB. It is exposed to multiple remote file include issue due to insufficient sanitization of user-supplied input to the "phpbb_root_path" parameter of the "includes/functions_mod_user.php" and "includes/functions.php" scripts. IntegraMOD 2.0 rc2 and earlier are affected.
  • Ref: http://www.securityfocus.com/bid/19809
  • 06.36.50 - CVE: Not Available
  • Platform: Web Application
  • Title: MyBace Login_Check.PHP Remote File Include
  • Description: MyBace is an internet homepage content management system. The application is prone to a remote file include vulnerability because it fails to sufficiently sanitize user-supplied input to the "hauptverzeichniss" parameter of the "includes/login_check.php" script. MyBace Light is vulnerable.
  • Ref: http://www.securityfocus.com/archive/1/445185
  • 06.36.51 - CVE: Not Available
  • Platform: Web Application
  • Title: Ixprim CMS Theme_Manager.Class.PHP Remote File Include
  • Description: Ixprim is a content management system. Insufficient sanitization of the "GLOBAL" parameter of the "Theme_Manager.class.php" script exposes the application to a remote file include issue. Ixprim version 1.2 is affected.
  • Ref: http://www.securityfocus.com/bid/19816
  • 06.36.52 - CVE: Not Available
  • Platform: Web Application
  • Title: Revista Multiple Input Validation Vulnerabilities
  • Description: Revista is a Spanish magazine editor. It is prone to multiple input validation vulnerabilities because the application fails to properly sanitize user-supplied input. The issues include multiple cross-site scripting and SQL injections. Version 1.1.2 is vulnerable to this issue.
  • Ref: http://www.securityfocus.com/archive/1/445007
  • 06.36.53 - CVE: Not Available
  • Platform: Web Application
  • Title: TikiWiki Configure Script JHot.PHP Remote Command Execution
  • Description: TikiWiki is a Wiki implemented in PHP. It is prone to a command execution vulnerability. The application fails to sanitize user-input in the "cmd" parameter of the "jhot.php" script. Attackers could exploit this to execute arbitrary system commands with the privileges of the webserver process. Versions 1.9.4 and prior are vulnerable to these issues; other versions may also be affected.
  • Ref: http://www.securityfocus.com/bid/
  • 06.36.54 - CVE: Not Available
  • Platform: Web Application
  • Title: Webmin and Useradmin HTML Injection and Information Disclosure Vulnerabilities
  • Description: Webmin is a web-based UNIX/Linux system administration tool. It is affected by HTML injection and information disclosure issues due to insufficient sanitization of user-supplied input. Usermin versions prior to 1.226 and Webmin versions prior to 1.296 are vulnerable to this issue.
  • Ref: http://www.securityfocus.com/bid/19820
  • 06.36.55 - CVE: Not Available
  • Platform: Web Application
  • Title: yappa-ng Admin_Module_Deldir.Inc.PHP Remote File Include
  • Description: yappa-ng is a photo album. Insufficient sanitization of the "config[path_src_include]" parameter of the "admin_module_deldir.inc.php" script exposes the application to a remote file include issue. All current versions are affected.
  • Ref: http://www.securityfocus.com/bid/19823
  • 06.36.56 - CVE: Not Available
  • Platform: Web Application
  • Title: In-Portal In-Link ADODB_DIR.PHP Remote File Include
  • Description: In-Portal In-Link is a directory management application. It is exposed to a remote file include issue due to insufficient sanitization of user-supplied input to the "$ADODB_DIR" parameter of the "adodb-postgres.inc.php" script. Version 2.3.4 is affected.
  • Ref: http://www.securityfocus.com/bid/19824
  • 06.36.57 - CVE: Not Available
  • Platform: Web Application
  • Title: FlashChat Multiple Remote File Include Vulnerabilities
  • Description: FlashChat is a web-based chatroom application. Insufficient sanitization of the "dir[inc]" parameter of the "aedating4CMS.php" and "aedatingCMS2.php" scripts exposes the application to a remote file include issue. FlashChat version 4.5.7 is affected.
  • Ref: http://www.securityfocus.com/bid/19826
  • 06.36.58 - CVE: Not Available
  • Platform: Web Application
  • Title: MyBace user_daten.php Remote File Include
  • Description: MyBace is an internet homepage content management system. It is prone to a remote file include vulnerability due to insufficient input sanitization of the "template_back" parameter of the "admin/login/content/user_daten.php" script. MyBace Light is reported to be vulnerable.
  • Ref: http://www.securityfocus.com/bid/19830
  • 06.36.59 - CVE: Not Available
  • Platform: Web Application
  • Title: VTiger CRM HTML Injection and Access Control Bypass Vulnerabilities
  • Description: VTiger is an open source customer relationship management system (CRM) implemented in PHP. It is prone to multiple HTML injection and access control bypass issues due to insufficient sanitization of user-supplied input to various parameters of multiple scripts. VTiger CRM version 4.2.4 is reportedly affected by these issues.
  • Ref: http://www.securityfocus.com/bid/19829
  • 06.36.60 - CVE: Not Available
  • Platform: Web Application
  • Title: GNU Mailman Multiple Security Vulnerabilities
  • Description: Mailman is prone to multiple security issues including cross-site scripting, MIME Header handling errors, denial of service and log spoofing. Mailman versions later than version 2.0 and prior to 2.1.9rc1 are affected.
  • Ref: http://www.securityfocus.com/bid/19831
  • 06.36.61 - CVE: Not Available
  • Platform: Web Application
  • Title: TR Forum Multiple Input Validation Vulnerabilities
  • Description: TR Forum is a web forum application. It is vulnerable to multiple input validation issues such as SQL injection and authentication bypass. This is due to insufficient sanitization of user-supplied input to various scripts. TR Forum version 2.0 is vulnerable.
  • Ref: http://www.securityfocus.com/bid/19834
  • 06.36.62 - CVE: Not Available
  • Platform: Web Application
  • Title: Timesheet Login.PHP SQL Injection
  • Description: Timesheet is a web-based application for tracking project hours. It is vulnerable to an SQL injection issue due to insufficient sanitization of user-supplied data to the "username" parameter of the "login.php" script. Timesheet version 1.2.1 is vulnerable.
  • Ref: http://www.securityfocus.com/bid/19856
  • 06.36.63 - CVE: Not Available
  • Platform: Web Application
  • Title: C-News Commentaires.PHP Remote File Include
  • Description: C-News is a web-based news script. It is prone to a remote file include vulnerability due to insufficient input sanitization of the "path" parameter of the "commentaires.php" script. Version 1.0.1 is reported to be vulnerable.
  • Ref: http://www.securityfocus.com/bid/19861
  • 06.36.64 - CVE: Not Available
  • Platform: Web Application
  • Title: Sponge News News.PHP Remote File Include
  • Description: Sponge News is a web-based news application. It is prone to a remote file include vulnerability because it fails to properly sanitize user-supplied input to the "sndir" parameter of the "news.php" script. This issue affects Sponge News 2.2 and prior.
  • Ref: http://www.securityfocus.com/bid/19862
  • 06.36.65 - CVE: Not Available
  • Platform: Web Application
  • Title: ACGV News Article.PHP Remote File Include
  • Description: ACGV News is a news supplement manager. It is prone to a remote file include vulnerability because it fails to sufficiently sanitize user-supplied input to the "PathNews" parameter of the "article.php" script. ACGV News 0.9.1 and prior are vulnerable.
  • Ref: http://www.securityfocus.com/bid/19863
  • 06.36.66 - CVE: Not Available
  • Platform: Web Application
  • Title: SZEWO PhpCommander download.php Local File Include
  • Description: PhpCommander is web-based account manager, implemented in PHP. It is prone to a local file include vulnerability due to insufficient sanitization of the "Directory" parameter of the "download.php" script. Version 3.0 is reported to be vulnerable.
  • Ref: http://www.securityfocus.com/bid/19867
  • 06.36.67 - CVE: Not Available
  • Platform: Web Application
  • Title: MySource Classic PHP Code Injection
  • Description: MySource Classic is a content management system application. It is prone to an injection vulnerability due to insufficient input sanitization of the site's "Equation" attribute. Version 2.14.6 is reported to be vulnerable.
  • Ref: http://classic.squiz.net/download/changelogs/change_log_2.14.8
  • 06.36.68 - CVE: Not Available
  • Platform: Web Application
  • Title: Akarru Social BookMarking Engine Main_Content.PHP Remote File Include
  • Description: Akarru Social BookMarking Engine is a bookmark management application.It is prone to a remote file include vulnerability because it fails to properly sanitize user-supplied input to the "bm_content" parameter of the "main_content.php" script. This issue affects Akarru Social BookMarking Engine version 0.4.3.34.
  • Ref: http://www.securityfocus.com/bid/19870
  • 06.36.69 - CVE: Not Available
  • Platform: Web Application
  • Title: VCD-DB Comments Unspecified HTML Injection
  • Description: VCD-db is a media content management Web application. It is prone to an unspecified HTML injection vulnerability due to improper sanitization of user-supplied input to unspecific fields and scripts. This issue affects versions prior to 0.983.
  • Ref: http://www.securityfocus.com/bid/19871
  • 06.36.70 - CVE: Not Available
  • Platform: Web Application
  • Title: Php Download Download.PHP Directory Traversal
  • Description: Php download is affected by a directory traversal issue due to insufficient sanitization of the "file" parameter of the "download.php" script. All current versions are affected.
  • Ref: http://www.securityfocus.com/bid/19872
  • 06.36.71 - CVE: Not Available
  • Platform: Web Application
  • Title: Beautifier Core.PHP Remote File Include
  • Description: Beautifier is a web-based content management system. It is exposed to a remote file include issue due to insufficient sanitization of user-supplied input to the "BEAUT_PATH" parameter of "core.php". This issue affects version 0.1.
  • Ref: http://www.securityfocus.com/bid/19873
  • 06.36.72 - CVE: Not Available
  • Platform: Web Application
  • Title: Premod Shadow Functions_Portal.PHP Remote File Include
  • Description: Premod Shadow is a modification for PHPBB. The application is vulnerable to a remote file include issue due to insufficient sanitization of user-supplied input to the "phpbb_root_path" parameter of the "includes/functions_portal.php" script. Premod Shadow version 2.7.1 is vulnerable.
  • Ref: http://www.securityfocus.com/bid/19874
  • 06.36.73 - CVE: Not Available
  • Platform: Web Application
  • Title: PHPFullAnnu home.module.php Remote File Include
  • Description: phpFullAnnu is a content management system implemented in PHP. It is prone to a remote file include vulnerability due to insufficient input sanitization of the "repmod" variable of the "home.module.php" script. Versions 5.1 and prior are reported to be vulnerable.
  • Ref: http://www.securityfocus.com/bid/19875
  • 06.36.74 - CVE: Not Available
  • Platform: Web Application
  • Title: Bingo News BP_ncom.PHP Remote File Include
  • Description: Bingo News is a news reader application. It is prone to a remote file include vulnerability due to insufficient sanitization of the "bnrep" parameter of the "bp_ncom.php" script. Version 3.01 is reported to be vulnerable.
  • Ref: http://www.securityfocus.com/bid/19877
  • 06.36.75 - CVE: Not Available
  • Platform: Web Application
  • Title: ppalCart Multiple File Include Vulnerabilities
  • Description: ppalCart is affected by multiple file include issues due to insufficient sanitization of user-supplied input. ppalCart version 2.5 EE is affected.
  • Ref: http://www.securityfocus.com/bid/19881
  • 06.36.76 - CVE: Not Available
  • Platform: Web Application
  • Title: ACGV News PathNews Parameter Multiple Remote File Include Vulnerabilities
  • Description: ACGV News is a news supplement manager. It is exposed to multiple remote file include issues due to insufficient sanitization of user-supplied input to the "PathNews" parameter of the "header.php" and "news.php" scripts. ACGV News versions 0.9.1 and earlier are affected.
  • Ref: http://www.securityfocus.com/bid/19882
  • 06.36.77 - CVE: Not Available
  • Platform: Web Application
  • Title: WMNews Multiple Remote File Include Vulnerabilities
  • Description: WMNews is a web-based news manager. It is prone to multiple remote file include vulnerabilities due to insufficient sanitization of the "ide" parameter of the "article.php" script and the "pwfile" parameter of several scripts. Version 0.5 is reported to be vulnerable.
  • Ref: http://www.securityfocus.com/bid/19886
  • 06.36.78 - CVE: Not Available
  • Platform: Web Application
  • Title: PHP-Nuke Book Catalog Module Upload.PHP Arbitrary File Upload
  • Description: Book Catalog is a book archival and organization tool. Insufficient sanitization of user-supplied input of the "upload.php" script exposes the application to an arbitrary file upload issue. PHP-Nuke version 1.0 is affected.
  • Ref: http://www.securityfocus.com/bid/19890
  • 06.36.79 - CVE: Not Available
  • Platform: Web Application
  • Title: Web-Provence SL_Site Spaw_control.class.PHP Remote File Include
  • Description: Web-Provence SL_Site is a simple content management application. It is exposed to a remote file include vulnerability due to insufficient sanitization of user-supplied input to the "spaw_root" parameter of "spaw_control.class.php". This issue affects versions 1.0 and earlier.
  • Ref: http://www.securityfocus.com/bid/19892
  • 06.36.80 - CVE: Not Available
  • Platform: Web Application
  • Title: Fire Soft Board Demarrage.PHP Remote File Include
  • Description: Fire Soft Board is a web forum application. It is prone to a remote file include vulnerability because it fails to sufficiently sanitize user-supplied input to the "racine" parameter of the "demarrage.php" script. Version RC3 is vulnerable.
  • Ref: http://www.securityfocus.com/bid/19899
  • 06.36.81 - CVE: Not Available
  • Platform: Web Application
  • Title: Web Server Creator Customize.PHP Remote File Include
  • Description: Web Server Creator is affected by a remote file include issue due to insufficient sanitization of the "l" parameter of the "customize.php" script. Web Server Creator version 0.1 is affected.
  • Ref: http://www.securityfocus.com/bid/19896
  • 06.36.82 - CVE: Not Available
  • Platform: Web Application
  • Title: PhpNews Multiple Remote File Include Vulnerabilities
  • Description: WMNews is a web-based news manager. It is prone to multiple remote file include vulnerabilities due to insufficient sanitization of the "Include" parameter of the "lib.inc.php" and "variables.php" scripts. Version 1.0 is reported to be vulnerable.
  • Ref: http://www.securityfocus.com/bid/19904
  • 06.36.83 - CVE: Not Available
  • Platform: Network Device
  • Title: SnapGear Multiple Unspecified Denial of Service Vulnerabilities
  • Description: SnapGear is a internet security appliance for small businesses. It is prone to multiple unspecified remote denial of service vulnerabilities. These issues are reportedly due to multiple unspecified window replay problems for IPSec and an unspecified anti-virus issue. This issue affects SnapGear firmware version 3 series.
  • Ref: http://www.securityfocus.com/bid/19805
  • 06.36.84 - CVE: Not Available
  • Platform: Network Device
  • Title: Canon ImageRunner Information Disclosure
  • Description: The Canon ImageRunner multi-function device is a network based printer and photocopier. It is vulnerable to an information disclosure issue because the remote UI web interface exposes clear text username and password entries when exporting address book entries. Canon iR C3220 and ImageRunner models 5020, iR9070, iR C6800, iR C6870 and iR 8500 are vulnerable.
  • Ref: http://www.securityfocus.com/archive/1/445302
  • 06.36.85 - CVE: Not Available
  • Platform: Network Device
  • Title: Cisco IOS Multiple GRE Source Routing Vulnerabilities
  • Description: Cisco IOS is prone to multiple vulnerabilities because the application fails to perform boundary checks on user-supplied data prior to using it to create network packets. The issues present themselves when the device handles malicious GRE packets with oversized header offset values, and the improper handling of the 255.255.255.255 source route entry in the device's routing table. A successful attack can allow an attacker to bypass security restrictions or possibly crash the Cisco IOS operating system. Cisco IOS Version C3550 IOS 12.1(19) is reported to be vulnerable.
  • Ref: http://www.cisco.com/warp/public/707/cisco-sr-20060906-gre.shtml
  • 06.36.86 - CVE: Not Available
  • Platform: Hardware
  • Title: CAPI4Hylafax Remote Arbitrary Command Execution
  • Description: CAP4Hylafax is an application that allows you to send and receive faxes through a CAPI 2.0 device. It is exposed to an arbitrary command execution issue due insufficient sanitization of user-supplied input. CAPIHylafax version 1.1 is affected.
  • Ref: http://www.securityfocus.com/bid/19801
  • 06.36.87 - CVE: Not Available
  • Platform: Hardware
  • Title: AnywhereUSB 5 Driver Malformed String Descriptor Integer Overflow
  • Description: AnywhereUBS/5 driver is a driver that provides five USB ports. It is exposed to an integer overflow issue due to the driver's failure to ensure integer values are not overrun. Version 1.80.00 is affected.
  • Ref: http://www.securityfocus.com/bid/19833/info
  • 06.36.88 - CVE: Not Available
  • Platform: Hardware
  • Title: Intel PRO/Wireless Network Connection Drivers Remote Code Execution
  • Description: Intel PRO/Wireless Network Connection drivers are the integrated wireless LAN solution for Intel Centrino mobile technology. The drivers are exposed to a remote code execution vulnerability that is likely a result from a race condition error. Refer to the link below for further details.
  • Ref: http://support.intel.com/support/wireless/wlan/sb/CS-023065.htm

SANS CRITICAL INTERNET THREATS 2006 =====================================

SANS Critical Internet Threats research is undertaken annually and provides the basis for the SANS "Top-20" report. The "Top-20" report describes the most serious internet security threats in detail, and provides the steps to identify and mitigate these threats.

The "Top-20" began its life as a research study undertaken jointly between the SANS Institute and the National Infrastructure Protection Centre (NIPC) at the FBI. Today thousands of organizations from all spheres of industry are using the "Top-20" as a definitive list to prioritize their security efforts.

The 2006 Top-20 will once again create the experts' consensus on threats - - the result of a process that brings together security experts, leaders, researchers and visionaries from the most security-conscious federal agencies in the US, UK and around the world; the leading security software vendors and consulting firms; the university-based security programs; many other user organizations; and the SANS Institute.

For reference a copy of the 2005 paper is available online: http://www.sans.org/top20.htm. *A list of participants may be found in the Appendix.

(c) 2006. All rights reserved. The information contained in this newsletter, including any external links, is provided "AS IS," with no express or implied warranty, for informational purposes only. In some cases, copyright for material in this newsletter may be held by a party other than Qualys (as indicated herein) and permission to use such material must be requested from the copyright owner.

==end==

Subscriptions: @RISK is distributed free of charge to people responsible for managing and securing information systems and networks. You may forward this newsletter to others with such responsibility inside or outside your organization.

Real world people giving real world training.
-John Szyszlo, The Gem Group, Inc.

Security 760

Latest Whitepapers

Building and Maintaining a "Certifiable" Workforce
By Robert J. Mavretich

How Can You Build and Leverage SNORT IDS Metrics to Reduce Risk?
By Tim Proffitt

Daisy Chain Authentication
By Courtney Imbert

Latest Tweets

NEW #SANS Survey: Security Analytics & Intelligence 2nd [...]
October 1, 2013 - 6:30 PM

Tips on how to convince your boss to let you train online wi [...]
October 1, 2013 - 6:23 PM

#2 Tip on how 2 convince your boss 2 let u train online: Fle [...]
October 1, 2013 - 3:00 PM

Contact Us

(301) 654-SANS (7267)
Mon-Fri 9am - 8pm EST/EDT
info@sans.org

"As a security professional, this info is foundational to do a competent job, let alone be successful."
- Michael Foster, Providence Health & Security

"This has been a great way to get working knowledge that would have taken years of experience to learn."
- Josh Carlson, Nelnet

"Because of the use of real-world examples it's easier to apply what you learn."
- Danny Hill, Friedkin Companies, Inc.