Last day to save $500 for SANS San Diego 2013

@RISK: The Consensus Security Vulnerability Alert

Volume: VI, Issue: 45
November 5, 2007

SANS Newsletters Home

Novell, Firefox, McAfee and SonicWall users all need to implement updates this week. This week's list illustrates how the number of critical vulnerabilities, found outside the traditional Windows and UNIX operating systems and services, is growing. Many of this week's affected vendors have automated update service, but you might be surprised by the number of companies - such as back-up vendors - that still expect users to check their web site to find out whether vulnerabilities have been discovered and to get patches.

Alan

@RISK is the SANS community's consensus bulletin summarizing the most important vulnerabilities and exploits identified during the past week and providing guidance on appropriate actions to protect your systems (PART I). It also includes a comprehensive list of all new vulnerabilities discovered in the past week (PART II).

Summary of the vulnerabilities reported this week:

    • Category
    • # of Updates & Vulnerabilities
    • Platform Number of Updates and Vulnerabilities
    • - ------------------------ -------------------------------------
    • Third Party Windows Apps
    • 10 (#1, #3, $6, #8, #9)
    • Mac Os
    • 1
    • Linux
    • 4
    • Solaris
    • 2
    • Aix
    • 7
    • Novell
    • 1
    • Cross Platform
    • 19 (#2, #4, #5, #7)
    • Web Application - Cross Site Scripting
    • 5
    • Web Application - SQL Injection
    • 5
    • Web Application
    • 23
    • Network Device
    • 1

****************** Sponsored By SANS Encryption Summit ******************

Attend the SANS Encryption Summit December 3-4 and benefit from an in-depth program aimed at getting you the information you need to protect your sensitive data. Come away with concrete actionable information you can deploy as soon as you return to work. http://www.sans.org/info/18932

******** Data Leakage is the Fastest Growing Area of Security ***********

PCI, HIPAA, GLBA, SB1386, breach disclosure?? What are the regulatory requirements around these? Attend the Data Leakage and Insider Threat Summit December 3-4 in Orlando and find out. Then hear what tools work best and how other companies have implemented a data leakage strategy. http://www.sans.org/info/18226

*************************************************************************

Table Of Contents
Part II -- Comprehensive List of Newly Discovered Vulnerabilities from Qualys (www.qualys.com)
Third Party Windows Apps
Mac Os
Linux
Solaris
Aix
Novell
Cross Platform
Web Application - Cross Site Scripting
Web Application - SQL Injection
Web Application
Network Device

************************** Sponsored Links: ***************************

1) Attending SANS Cyber Defense Initiative - Washington DC? Experience the Vendor Expo, Thursday, Dec 13, 2007. http://www.sans.org/info/18937

2) SAVE BIG! Get 30% off any upcoming courses through SANS OnDemands Pre-Paid program. http://www.sans.org/info/18477 or email ondemand@sans.org

3) Save with SANS Voucher Credit today. One procurement, transcend fiscal years, online usage reports, status updates. Visit online today. http://www.sans.org/info/18947 or Email Vouchers@sans.org.

*************************************************************************

PART I Critical Vulnerabilities

Part I for this issue has been compiled by Rob King at TippingPoint, a division of 3Com, as a by-product of that company's continuous effort to ensure that its intrusion prevention products effectively block exploits using known vulnerabilities. TippingPoint's analysis is complemented by input from a council of security managers from twelve large organizations who confidentially share with SANS the specific actions they have taken to protect their systems. A detailed description of the process may be found at http://www.sans.org/newsletters/cva/#process

Widely Deployed Software
  • (1) HIGH: Novell Client Trust Buffer Overflow
  • Affected:
    • Novell Client Trust

  • Description: Novell Client Trust is a Novell mechanism for client authentication, used by a variety of Novell products. A specially crafted request to this service could trigger a buffer overflow in a string copy operation. Successfully exploiting this vulnerability would allow an attacker to execute arbitrary code with the privileges of the vulnerable process. Some technical details for this vulnerability are publicly available. Note that this product may be used by several Novell products. Currently, Novell BorderManager is confirmed as vulnerable.

  • Status: Novell confirmed, updates available. Users can mitigate the impact of this vulnerability by blocking access to UDP port 3024 at the network perimeter, if possible.

  • References:
  • (2) HIGH: McAfee E-Business Server Administration Interface Integer Overflow
  • Affected:
    • McAfee E-Business Server versions prior to 8.5.3

  • Description: McAfee E-Business Server is an enterprise encryption and data sharing application. This product contains a flaw in its handling of authentication packets. A specially-crafted authentication packet could trigger an integer overflow vulnerability. Successfully exploiting this vulnerability would allow an attacker to execute arbitrary code with the privileges of the vulnerable process. Note that versions of the product for Microsoft Windows appear to be unaffected by this vulnerability.

  • Status: McAfee confirmed, updates available.

  • References:
  • (3) HIGH: SonicWALL VPN Client ActiveX Control Multiple Vulnerabilities
  • Affected:
    • SonicWALL VPN Client versions 2.5 and prior

  • Description: The SonicWALL VPN client, used to connect to SonicWALL VPN servers, installs an ActiveX component. This component contains multiple vulnerabilities in various exported methods. Several methods contain buffer overflow vulnerabilities, while another method contains an arbitrary file deletion vulnerability. A malicious web page that instantiates this control and exploits one of these vulnerabilities would be able to execute arbitrary code with the privileges of the current user, or delete arbitrary files. Proofs-of-concept are available for several of the vulnerabilities, as are technical details.

  • Status: Vendor confirmed, updates available. Users can mitigate the impact of this vulnerability by disabling the affected control via Microsoft(tm)s __kill bit__ mechanism, for CLSID 6EEFD7B1-B26C-440D-B55A-1EC677189F30.

  • References:
  • (4) HIGH: Mozilla Firefox Arbitrary Script Execution Vulnerability
  • Affected:
    • Mozilla Firefox versions 2.0.0.8 and prior

  • Description: Mozilla Firefox contains a vulnerability in its handling of JavaScript. A specially crafted web page could bypass domain restrictions an allow an attacker to execute arbitrary JavaScript in a security domain different from that in which it was loaded. This could allow an attacker to alter the user interface or potentially execute arbitrary code with the privileges of the current user. Some technical details and a proof-of-concept are available for this vulnerability. Additionally, technical details may be available via source code analysis. Other Mozilla products, such as Thunderbird and SeaMonkey may also be affected.

  • Status: Mozilla has not confirmed, no updates available.

  • References:
  • (5) MODERATE: Oracle E-Business Suite SQL Injection Vulnerability
  • Affected:
    • Oracle E-Business Suite versions 12 and prior

  • Description: Oracle E-Business Suite is a collection of Oracle(tm) enterprise applications. This application contains a vulnerability in its __okxLOV.jsp__ web page. A specially crafted request to this page would allow an attacker to execute arbitrary SQL code in the context of the vulnerable application. This could allow the attacker to alter the database or disclose other information. Additionally, the attacker may leverage this vulnerability to exploit an otherwise local vulnerability in the database.

  • Status: Oracle confirmed, updates available.

  • References:
  • (6) MODERATE: Macrovision InstallSheild ActiveX Control Vulnerable Methods
  • Affected:
    • Macrovision InstallShield ActiveX Control

  • Description: The Macrovision InstallShield product allows software vendors to automatically verify installation targets on various criteria. This product provides its services via an ActiveX control. Several methods of this control allow for arbitrary file download and execution. A malicious web page that instantiated this control could use these methods to execute arbitrary code on a vulnerable system with the privileges of the current user. Note that the control does alert the user when it downloads files, and the user has the option to abort the download, but the option exists only as long as the download is occurring. Once the file has been downloaded, there is no opportunity to abort. This product is often installed by third parties, therefore, a user may be unaware that the vulnerable control is installed.

  • Status: Macrovision confirmed, updates available. Users can mitigate the impact of this vulnerability by disabling the vulnerable control via Microsoft(tm)s __kill bit__ mechanism for CLSID E9880553-B8A7-4960-A668-95C68BED571E.

  • References:
  • (7) LOW: HP OpenView Radia Integration Server Arbitrary File Disclosure
  • Affected:
    • HP OpenView Radia Integration Server versions 4.2 and prior

  • Description: HP OpenView Radia Integration Server is the configuration management application of HP(tm)s OpenView suite. This product contains a vulnerability in its handling of requests to its built in web server. A request to this web server containing a specially crafted path would allow an attacker to view the contents of arbitrary files on the system. This service may run with administrative privileges, allowing the attacker to view all files on the system. Some technical details are available for this vulnerability.

  • Status: HP confirmed, updates available. Users can mitigate the impact of this vulnerability by blocking access to TCP port 3465 at the network perimeter, if possible.

  • References:
  • (8) LOW: Symantec Altris TFTP Arbitrary File Disclosure Vulnerability
  • Affected:
    • Symantec Altris Deployment Solution version 6.x

  • Description: Symantec Altris is an operating system deployment solution for enterprises. The PXE component of this system contains a Trivial File Transfer Protocol (TFTP) server that allows clients access to files on the server. This server contains a directory traversal vulnerability. A specially crafted request to this server would allow an attacker to download any file accessible to the server. Since the server usually runs with SYSTEM privileges, this would be any file on the system. Some technical details are available for this vulnerability. Note that TFTP does not support authentication; therefore no authentication is necessary to exploit this vulnerability.

  • Status: Symantec confirmed, updates available. Users can mitigate the impact of this vulnerability by blocking access to UDP port 69 at the network perimeter, if possible.

  • References:
Other Software
  • (9) MODERATE: ACDSee Multiple Vulnerabilities
  • Affected:
    • ACDSee versions 10.x and prior

  • Description: ACDSee is a popular image viewing application for Microsoft Windows. It contains several vulnerabilities in the processing of various file formats. A specially crafted PSP image file or LHA archive could trigger a buffer overflow, and allow an attacker to execute arbitrary code with the privileges of the current user. Depending on configuration, the affected file formats may be opened automatically by ACDSee. Note that the LHA parsing flaw is not present in the default configuration of ACDSee.

  • Status: ACDSee confirmed, updates available.

  • References:
Part II: Weekly Comprehensive List of Newly Discovered Vulnerabilities
Week 45, 2007

This list is compiled by Qualys ( www.qualys.com ) as part of that company's ongoing effort to ensure its vulnerability management web service tests for all known vulnerabilities that can be scanned. As of this week Qualys scans for 5549 unique vulnerabilities. For this special SANS community listing, Qualys also includes vulnerabilities that cannot be scanned remotely.

  • 07.45.1 - CVE: Not Available
  • Platform: Third Party Windows Apps
  • Title: Gretech GOM Player GomWeb3.DLL Remote Buffer Overflow
  • Description: GOM Player is a media player application for Windows. The application is exposed to a remote buffer overflow issue because it fails to perform adequate boundary checks on user-supplied input before using it in an insufficiently sized buffer. The problem occurs in the "OpenUrl()" method of the GomWeb Control "GomWeb3.dll". GOM Player version 2.1.6.3499 is affected.
  • Ref: http://support.microsoft.com/kb/240797
  • 07.45.2 - CVE: Not Available
  • Platform: Third Party Windows Apps
  • Title: Sony CONNECT SonicStage Player M3U Playlist Processing Buffer Overflow
  • Description: Sony CONNECT SonicStage player is a music file loader and library management application for Microsoft Windows. The application is exposed to a buffer overflow issue because it fails to properly bounds check user-supplied input before copying it to an insufficiently sized memory buffer. SonicStage version 4.3 is affected.
  • Ref: http://www.securityfocus.com/bid/26241/info
  • 07.45.3 - CVE: Not Available
  • Platform: Third Party Windows Apps
  • Title: GlobalLink ConnectAndEnterRoom ActiveX Control Heap Buffer Overflow
  • Description: GlobalLink is exposed to a heap-based buffer overflow issue because it fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer. The issue occurs in the "ConnectAndEnterRoom()" method of the ActiveX control. GlobalLink version 2.7.0.8 is affected.
  • Ref: http://support.microsoft.com/kb/240797
  • 07.45.4 - CVE: Not Available
  • Platform: Third Party Windows Apps
  • Title: SSReader Ultra Star Reader ActiveX Control Register Method Buffer Overflow
  • Description: SSReader Ultra Star Reader is an ActiveX control to read PDG eBook files. The ActiveX control is exposed to a remote buffer overflow issue because it fails to bounds check user-supplied data before copying it into an insufficiently sized buffer.
  • Ref: http://support.microsoft.com/kb/240797
  • 07.45.5 - CVE: CVE-2007-4345
  • Platform: Third Party Windows Apps
  • Title: Ipswitch IMail SMTP Server IMail Client Remote Buffer Overflow
  • Description: Ipswitch IMail Server is an email server that serves clients their mail via a web interface. It runs on Microsoft Windows. IMail Client, which is included in Ipswitch IMail Server, is exposed to a heap-based buffer overflow issue because the software fails to properly bounds check user-supplied input before copying it into an insufficiently sized memory buffer. IMail Client version 9.22, which is included with IMail Server 2006.22 is affected.
  • Ref: http://www.securityfocus.com/archive/1/482988
  • 07.45.6 - CVE: Not Available
  • Platform: Third Party Windows Apps
  • Title: Symantec Altiris Deployment Solution Aclient Local Privilege Escalation
  • Description: Symantec Altiris Deployment Solution is software for deploying and managing servers, desktops, notebooks, thin clients, and handheld devices from a centralized location. It is available for Microsoft Windows. The application is exposed to a local privilege escalation issue due to a failure in the Aclient process to properly drop privileges before executing external files.
  • Ref: http://www.symantec.com/avcenter/security/Content/2007.10.31a.html
  • 07.45.7 - CVE: CVE-2007-3874
  • Platform: Third Party Windows Apps
  • Title: Altiris Deployment Solution Directory Traversal
  • Description: Symantec Altiris Deployment Solution is software for deploying and managing servers, desktops, notebooks, thin clients, and handheld devices from a centralized location. It is available for Microsoft Windows. The application is exposed to a directory traversal issue because it does not properly sanitize user-supplied input of directory traversal strings ("../").
  • Ref: http://www.symantec.com/avcenter/security/Content/2007.10.31.html
  • 07.45.8 - CVE: CVE-2007-5660
  • Platform: Third Party Windows Apps
  • Title: Macrovision InstallShield Update Service Isusweb.DLL Multiple Remote Code Execution Vulnerabilities
  • Description: The Macrovision InstallShield Update Service ActiveX control is a web-based software-updating component commonly installed with Macrovision InstallShield and FlexNet software. The application is exposed to a remote code execution issue because it fails to properly sanitize user-supplied data. These issues affect several unspecified methods within the "isusweb.dll" library. InstallShield Update Service versions 5.01.100.47363 and 6.0.100.60146 are affected.
  • Ref: http://support.installshield.com/kb/view.asp?articleid=Q113020
  • 07.45.9 - CVE: CVE-2007-2263
  • Platform: Third Party Windows Apps
  • Title: Real Networks RealPlayer SWF File Processing Remote Code Execution
  • Description: Real Networks RealPlayer is an application that allows users to play various media formats. The application is exposed to a buffer overflow issue because it fails to perform adequate boundary checks on user-supplied data. The issue occurs in the SWF rendering ActiveX control.
  • Ref: http://service.real.com/realplayer/security/10252007_player/en/
  • 07.45.10 - CVE: Not Available
  • Platform: Third Party Windows Apps
  • Title: SonicWALL SSL VPN Client Remote ActiveX Multiple Vulnerabilities
  • Description: SonicWALL SSL VPN is an appliance designed to provide remote VPN access to the corporate network. It comes with ActiveX Controls that provide VPN client functionality in Internet Explorer. The application is exposed to multiple remote issues. SonicWALL SSL VPN 1.3.0.3 software as well as WebCacheCleaner 1.3.0.3 and NeLaunchCtrl 2.1.0.49 ActiveX controls are affected.
  • Ref: http://www.securityfocus.com/archive/1/483097
  • 07.45.11 - CVE: CVE-2007-5476
  • Platform: Mac Os
  • Title: Adobe Flash Player On Opera Browser For Mac OS X Unspecified Issue
  • Description: Adobe Flash Player is an application used to play Flash media. The application is exposed to an unspecified issue that occurs when Flash Player is running on Opera Browser for the Mac OS X operating system. Flash Player versions 9.0.47.0 and earlier are affected when running on Mac OS X.
  • Ref: http://www.adobe.com/support/security/advisories/apsa07-05.html
  • 07.45.12 - CVE: Not Available
  • Platform: Linux
  • Title: vobcopy vobcopy.bla Insecure Temporary File Creation
  • Description: vobcopy is an application that copies DVD vob files onto hard disks. The application is exposed to a file creation issue when the application is running in silent mode. It creates temporary files in an insecure manner.
  • Ref: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=448319
  • 07.45.13 - CVE: Not Available
  • Platform: Linux
  • Title: OpenLDAP Multiple Remote Denial of Service Vulnerabilities
  • Description: OpenLDAP is an implementation of the Lightweight Directory Access Protocol (LDAP). The application is exposed to multiple remote denial of service issues. OpenLDAP versions prior to 2.3.39 are affected.
  • Ref: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=440632
  • 07.45.14 - CVE: Not Available
  • Platform: Linux
  • Title: Liferea Feedlist.OPML Local Information Disclosure
  • Description: Liferea (LInux FEed REAder) is a news aggregator for online news feeds for UNIX-like systems. The application is exposed to a local information disclosure issue because local users can read sensitive files. Liferea versions prior to 1.4.6 are affected.
  • Ref: http://sourceforge.net/project/shownotes.php?release_id=550468
  • 07.45.15 - CVE: CVE-2007-4351
  • Platform: Linux
  • Title: CUPS IPP Tag Handling Remote Buffer Overflow
  • Description: CUPS, Common UNIX Printing System, is a widely used set of printing utilities for UNIX-based systems. The application is exposed to a remote buffer overflow issue because it fails to properly bounds check user-supplied data before copying it to an insufficiently sized memory buffer. CUPS version 1.3.3 is affected.
  • Ref: http://www.kb.cert.org/vuls/id/446897
  • 07.45.16 - CVE: Not Available
  • Platform: Solaris
  • Title: Sun Solaris SCTP Init Processing Remote Denial of Service
  • Description: Sun Solaris is exposed to a denial of service issue because the operating system fails to handle exceptional conditions. The problem occurs in the SCTP INIT processing when a SCTP socket is configured in the LISTEN state. A remote privileged attacker can exploit this issue to cause a kernel panic. Solaris 10 operating system is affected. Ref: http://sunsolve.sun.com/search/document.do?assetkey=1-26-103101-1&searchclause=
  • 07.45.17 - CVE: Not Available
  • Platform: Solaris
  • Title: Sun Solaris 10 Internet Protocol ip(7P) Unspecified Local Denial of Service
  • Description: Sun Solaris is an enterprise-grade UNIX distribution. The application is exposed to a local denial of service issue due to an unspecified error in the Internet Protocol ip(7P). Sun Solaris version 10 for SPARC and x86 architectures are affected. Ref: http://sunsolve.sun.com/search/document.do?assetkey=1-26-103087-1&searchclause=
  • 07.45.18 - CVE: CVE-2007-4513
  • Platform: Aix
  • Title: IBM AIX lqueryvg Local Privilege Escalation
  • Description: AIX is a UNIX operating system from IBM. The "lqueryvg" utility is used to examine the properties of disk volume groups. The application is exposed to a local privilege escalation issue because it fails to perform adequate boundary checks on user-supplied data. The issue occurs in the "lqueryvq" utility, which fails to check the length of data passed to the "-p" option before copying it to a fixed sized buffer. Ref: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=614
  • 07.45.19 - CVE: CVE-2007-4623
  • Platform: Aix
  • Title: IBM AIX bellmail Local Privilege Escalation
  • Description: AIX is a UNIX operating system from IBM. bellmail is a mail user-agent (MUA). The application is exposed to a local privilege escalation issue because it fails to perform adequate boundary checks on user-supplied input. Ref: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=617
  • 07.45.20 - CVE: CVE-2007-4513
  • Platform: Aix
  • Title: IBM AIX lquerypv Local Privilege Escalation
  • Description: AIX is a UNIX operating system from IBM. The "lquerypv" utility is used to examine the properties of physical volume in a volume group. The application is exposed to a local privilege escalation issue because it fails to perform adequate boundary checks on user-supplied data. The issue occurs in the "lquerypv" utility, which fails to check the length of data passed to the "-V" option before copying it to a fixed sized buffer. Ref: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=615
  • 07.45.21 - CVE: CVE-2007-4217
  • Platform: Aix
  • Title: IBM AIX ftp Local Privilege Escalation
  • Description: IBM AIX is a UNIX operating system from IBM. The "ftp" command is used to transfer files between local and remote hosts. The application is exposed to a local privilege escalation issue because it fails to perform adequate boundary checks on user-supplied data. The issue occurs in the "ftp" command, which is installed setuid-superuser by default. Ref: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=616
  • 07.45.22 - CVE: Not Available
  • Platform: Aix
  • Title: IBM AIX Swcons Arbitrary File Access
  • Description: IBM AIX is a UNIX operating system from IBM. The "swcons" utility is used for temporarily redirecting system console output to a specified device or file. The application is exposed to an arbitrary file access issue because it fails to adequately verify user-supplied input. AIX versions 5.2 and 5.3 are affected. Ref: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=611
  • 07.45.23 - CVE: CVE-2007-4622
  • Platform: Aix
  • Title: IBM AIX dig Local Privilege Escalation
  • Description: IBM AIX is a UNIX operating system from IBM. The "dig" command is used to perform DNS lookups for diagnostic and testing purposes. The application is exposed to a local privilege escalation issue because it fails to perform adequate boundary checks on user-supplied data. Ref: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=613
  • 07.45.24 - CVE: CVE-2007-4621
  • Platform: Aix
  • Title: IBM AIX Crontab Local Privilege Escalation
  • Description: AIX is a UNIX operating system from IBM. The "crontab" program is a utility that creates, edits, or removes cron jobs. Cron jobs are commands that are invoked at a scheduled time. The application is exposed to a local privilege escalation issue because it fails to perform adequate length checks on user-supplied data. Ref: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=612
  • 07.45.25 - CVE: CVE-2007-5767
  • Platform: Novell
  • Title: Novell BorderManager Client Trust Heap Based Buffer Overflow
  • Description: Novell BorderManager is a security tool providing firewall and VPN functionality. The application is exposed to a heap-based buffer overflow issue because the application fails to bounds check user-supplied data before copying it into an insufficiently sized buffer. BorderManager version 3.8 is affected.
  • Ref: http://www.zerodayinitiative.com/advisories/ZDI-07-064.html
  • 07.45.26 - CVE: Not Available
  • Platform: Cross Platform
  • Title: Mozilla FireFox Sidebar Bookmark Persistent Denial of Service
  • Description: Mozilla Firefox is a web browser available for multiple operating platforms. The application is exposed to an issue that results in a persistent denial of service issue when a malicious bookmark is set and followed. Mozilla Firefox version 2.0.0.8 is affected.
  • Ref: http://www.securityfocus.com/bid/26217
  • 07.45.27 - CVE: Not Available
  • Platform: Cross Platform
  • Title: AMX Mod X Multiple Off-by-One Buffer Overflow Vulnerabilities
  • Description: AMX Mod X is a server administration plugin for the Valve Software game Half-Life. The application is exposed to multiple off-by-one buffer overflow issues because it fails to adequately bounds check user-supplied input before copying it to insufficiently sized memory buffers. AMX Mod X version 1.76d is affected.
  • Ref: http://wiki.alliedmods.net/AMX_Mod_X_1.8.0_Changes
  • 07.45.28 - CVE: Not Available
  • Platform: Cross Platform
  • Title: IBM Lotus Domino IMAP4 LSUB Buffer Overflow
  • Description: IBM Lotus Domino is a client/server product designed for collaborative working environments. Domino Server supports email, scheduling, instant messaging, and data-driven applications. The application is exposed to a remote buffer overflow issue because it fails to properly bounds check user-supplied data before copying it into an insufficiently sized memory buffer.
  • Ref: http://www.securityfocus.com/bid/26219
  • 07.45.29 - CVE: Not Available
  • Platform: Cross Platform
  • Title: GoSamba Include_Path Parameter Multiple Remote File Include Vulnerabilities
  • Description: GoSamba is a set of PHP/Perl scripts for managing SAMBA over the web. The application is exposed to multiple remote file include issues because it fails to sufficiently sanitize user-supplied input to the "include_path" parameter. GoSamba version 1.0.1 is affected.
  • Ref: http://sourceforge.net/projects/gosamba/
  • 07.45.30 - CVE: CVE-2007-5504
  • Platform: Cross Platform
  • Title: Oracle Database Server DBMS_AQADM_SYS.DBLINK_INFO Buffer Overflow
  • Description: Oracle Database Server is an enterprise database server system available for multiple operating platforms. The application is exposed to a remote buffer overflow issue because it fails to properly bounds check user-supplied data before copying it to an insufficiently sized memory buffer.
  • Ref: http://www.securityfocus.com/archive/1/482923
  • 07.45.31 - CVE: Not Available
  • Platform: Cross Platform
  • Title: Oracle Database Server MDSYS.SDO_CS Buffer Overflow
  • Description: Oracle Database Server is an enterprise database server system available for multiple operating platforms. The application is exposed to a remote buffer overflow issue because it fails to properly bounds check user-supplied data before copying it into an insufficiently sized memory buffer. Ref: http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuoct2007.html
  • 07.45.32 - CVE: Not Available
  • Platform: Cross Platform
  • Title: Sun Fire X2100 M2 And X2200 M2 ELOM Unspecified Remote Arbitrary Command Execution
  • Description: Sun Fire X2100 M2 and X2200 M2 are enterprise-level servers. They use the Embedded Lights Out Manager (ELOM) for remote management. This issue allows remote unprivileged users to execute arbitrary commands with superuser privileges on the embedded Service Processor. Embedded Lights Out Manager (ELOM) for x86 architecture is affected. Ref: http://sunsolve.sun.com/search/document.do?assetkey=1-26-103127-1&searchclause=
  • 07.45.33 - CVE: Not Available
  • Platform: Cross Platform
  • Title: NuFW SAMP_SEND Heap Based Buffer Overflow
  • Description: NuFW is a freely available, open-source authenticating firewall suite. The application is exposed to a heap-based buffer overflow issue because it fails to perform adequate boundary checks on user-supplied data. The issue resides in the "samp_send()" function in the "nuauth/sasl.c" file. NuFW version 2.2.6 is affected.
  • Ref: http://www.securityfocus.com/bid/26251
  • 07.45.34 - CVE: CVE-2007-2957
  • Platform: Cross Platform
  • Title: McAfee E-Business Server Authentication Packet Handling Integer Overflow
  • Description: McAfee E-Business Server is an enterprise security suite. The application is exposed to an integer overflow issue because it fails to ensure that integer values aren't overrun. The issue stems from a flow in a way the administration utility service handles authentication packets. McAfee E-Business Server versions prior to 8.1.1 for Linux and prior to 8.5.2 for Solaris are affected
  • Ref: http://secunia.com/secunia_research/2007-69/advisory/
  • 07.45.35 - CVE: Not Available
  • Platform: Cross Platform
  • Title: Perdition IMAPD __STR_VWRITE Remote Format String
  • Description: Perdition is a POP3 and IMAP4 proxy server. The application is expsoed to a remote format string issue because it fails to properly sanitize user-supplied input before passing it as the format specifier to a formatted-printing function. Perdition versions 1.17 and earlier are affected.
  • Ref: http://www.securityfocus.com/archive/1/483034
  • 07.45.36 - CVE: Not Available
  • Platform: Cross Platform
  • Title: Hitachi Collaboration Portal Schedule Component Information Disclosure
  • Description: Hitachi Collaboration Portal is exposed to an unspecified information disclosure issue. It affects the schedule component of certain collaboration products. Information may unintentionally be displayed in a schedule portlet. Ref: http://www.hitachi-support.com/security_e/vuls_e/HS07-036_e/index-e.html
  • 07.45.37 - CVE: Not Available
  • Platform: Cross Platform
  • Title: Yarssr GUI.PM Remote Code Injection
  • Description: Yarssr is an RSS feed aggregator and news reader application implemented in Perl. The application runs in conjunction with the Gnome window manager and displays results from the Gnome toolbar notification area. The application is exposed to an arbitrary Perl code injection issue because it fails to properly sanitize user-supplied input. Yarssr version 0.2.2 is affected.
  • Ref: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=448721
  • 07.45.38 - CVE: Not Available
  • Platform: Cross Platform
  • Title: IBM WebSphere Application Server UDDI Console Multiple Input Validation Vulnerabilities
  • Description: WebSphere Application Server is a utility designed to facilitate the creation of various enterprise web applications. The UDDI user console is a graphical user interface (GUI) for interacting with the application. The application is exposed to multiple cross-site scripting and cross-site request forgery attacks because it fails to adequately sanitize user-supplied input. WebSphere Application Server versions 6.0 and 6.1 are affected.
  • Ref: http://www-1.ibm.com/support/docview.wss?uid=swg1PK50245
  • 07.45.39 - CVE: CVE-2007-5197
  • Platform: Cross Platform
  • Title: Mono System.Math BigInteger Buffer Overflow
  • Description: Mono is a multiplatform open-source implementation of the Microsoft .NET architecture. The application is exposed to a buffer overflow issue because it fails to perform adequate boundary checks on user-supplied data. The issue occurs in the "BigInteger" implementation of Mono.Math.
  • Ref: http://www.securityfocus.com/bid/26279
  • 07.45.40 - CVE: Not Available
  • Platform: Cross Platform
  • Title: Mozilla Firefox Chrome Cross-Domain Security Bypass
  • Description: Mozilla Firefox is a web browser available for multiple platforms. The application is exposed to an issue that permits an attacker to execute script code in arbitrary domains. This issue is due to an access validation in the affected application. Mozilla Firefox version 2.0.0.8 is affected.
  • Ref: http://www.securityfocus.com/bid/26283
  • 07.45.41 - CVE: Not Available
  • Platform: Cross Platform
  • Title: Apache Geronimo SQLLoginModule Authentication Bypass
  • Description: Apache Geronimo is a Java application server. The application is exposed to an authentication bypass issue. Specifically, SQLLoginModule allows for successful authentication when using a username that does not exist in the database. Apache Geronimo versions 2.0, 2.0.1, 2.0.2, and 2.1 are affected.
  • Ref: https://issues.apache.org/jira/browse/GERONIMO-3543
  • 07.45.42 - CVE: Not Available
  • Platform: Cross Platform
  • Title: IBM Tivoli Continuous Data Protection for Files Insecure Default Permissions
  • Description: IBM Tivoli Continuous Data Protection for Files is a commercially available network administration application. It allows administrators to distribute and execute arbitrary content on client computers in order to perform administrative actions. The application is exposed to an insecure permissions vulnerability. This issue affects the application's "Global Download" directory. IBM Tivoli Continuous Data Protection version 3.1 is affected.
  • Ref: http://www-1.ibm.com/support/docview.wss?uid=swg1IC54264
  • 07.45.43 - CVE: Not Available
  • Platform: Cross Platform
  • Title: Avaya Messaging Storage Server and Avaya Message Networking Input Validation
  • Description: Avaya Messaging Storage Server and Avaya Message Networking are messaging products developed by Avaya. The application is exposed to an input validation issue that occurs in the web administration page.
  • Ref: http://support.avaya.com/elmodocs2/security/ASA-2007-415.htm
  • 07.45.44 - CVE: Not Available
  • Platform: Cross Platform
  • Title: IBM Lotus Domino Web Server Unspecified Security
  • Description: IBM Lotus Domino is a client/server product designed for collaborative working environments. Domino Server supports email, scheduling, instant messaging, and data-driven applications. The application is exposed to an unspecified issue. IBM Lotus Domino versions 7.0.2 and 6.5.6 are affected.
  • Ref: http://www-1.ibm.com/support/docview.wss?uid=swg27009808
  • 07.45.45 - CVE: Not Available
  • Platform: Web Application - Cross Site Scripting
  • Title: WordPress Edit-Post-Rows.PHP Cross-Site Scripting
  • Description: WordPress allows users to generate news pages and web logs dynamically. The application is exposed to a cross-site scripting issue because it fails to properly sanitize user-supplied input to the "post_columns" parameter of the "wp-admin/edit-post-rows.php" script. WordPress version 2.3 is affected.
  • Ref: http://www.securityfocus.com/archive/1/482905
  • 07.45.46 - CVE: Not Available
  • Platform: Web Application - Cross Site Scripting
  • Title: SMART-SHOP Index.PHP Multiple Cross-Site Scripting Vulnerabilities
  • Description: SMART-SHOP is a web-based shopping-cart application. The application is exposed to multiple cross-site scripting issues because it fails to sufficiently sanitize user-supplied input to the "email", and "command" parameters of "index.php".
  • Ref: http://www.securityfocus.com/archive/1/482906
  • 07.45.47 - CVE: Not Available
  • Platform: Web Application - Cross Site Scripting
  • Title: Omnistar Live KB.PHP Cross-Site Scripting
  • Description: Omnistar Live is a web-based help desk application. The application is exposed to a cross-site scripting issue because it fails to properly sanitize user-supplied input to the "category_id" parameter of the "users/kb.php" script.
  • Ref: http://www.securityfocus.com/archive/1/482928
  • 07.45.48 - CVE: Not Available
  • Platform: Web Application - Cross Site Scripting
  • Title: Saxon Menu.PHP Cross-Site Scripting
  • Description: Saxon is a web-based news forum application. The application is exposed to a cross-site scripting issue because it fails to properly sanitize user-supplied input to the "config[news_url]" parameter of the "admin/menu.php" script. Saxon version 5.4 is affected.
  • Ref: http://www.securityfocus.com/archive/1/482920
  • 07.45.49 - CVE: Not Available
  • Platform: Web Application - Cross Site Scripting
  • Title: Blue Coat ProxySG Management Console URI Handler Cross-Site Scripting
  • Description: Blue Coat ProxySG is an enterprise proxy appliance. ProxySG management console is a web-based application for managing the appliance. The application is exposed to a cross-site scripting issue because it fails to properly sanitize user-supplied input when handling a URI that loads Certificate Revocation Lists. Ref: http://www.bluecoat.com/support/securityadvisories/advisory_cross-site_scripting_vulnerability
  • 07.45.50 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: JobSite Professional File.PHP SQL Injection
  • Description: JobSite Professional is a PHP-based application for managing job listings. The application is exposed to an SQL injection issue because it fails to properly sanitize user-supplied input to the "id" parameter of the "file.php" script before using it in an SQL query. JobSite Professional version 2.0 is affected.
  • Ref: http://www.securityfocus.com/bid/26225
  • 07.45.51 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: emagiC CMS.Net EMC.ASP SQL Injection
  • Description: emagiC CMS.Net is an ASP-based content manager. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "pageId" parameter of the "emc.asp" script before using it in an SQL query. emagiC CMS.Net version 4.0 is affected.
  • Ref: http://www.securityfocus.com/bid/26229
  • 07.45.52 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: Saxon Example.PHP SQL Injection
  • Description: Saxon is a web-based news forum application. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "template" parameter of the "example.php" script before using it in an SQL query. Saxon version 5.4 is affected.
  • Ref: http://www.securityfocus.com/archive/1/482921
  • 07.45.53 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: miniBB BB_FUNC_SEARCH.PHP SQL Injection
  • Description: miniBB is a web-based bulletin board. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Specifically, the application fails to sanitize the "table" parameter of the "bb_func_search.php" script. miniBB version 2.1 is affected.
  • Ref: http://www.minibb.net/forums/9_4888_0.html
  • 07.45.54 - CVE: Not Available
  • Platform: Web Application - SQL Injection
  • Title: AFCommerce Firstname Parameter SQL Injection
  • Description: AFCommerce is a PHP-based ecommerce application. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "firstname" parameter of an unspecified script.
  • Ref: http://www.securityfocus.com/bid/26282
  • 07.45.55 - CVE: CVE-2007-5623
  • Platform: Web Application
  • Title: Nagios Plugins SNMP GET Reply Remote Buffer Overflow
  • Description: Nagios is an open-source application designed to monitor networks and services for interruptions and to notify administrators when various events occur. The application is exposed to a remote buffer overflow issue because the software fails to properly bounds check user-supplied data before copying it to an insufficiently sized buffer. Nagios Plugins version 1.4.10 is affected. Ref: http://sourceforge.net/tracker/?func=detail&atid=397597&aid=1815362&group_id=29880
  • 07.45.56 - CVE: Not Available
  • Platform: Web Application
  • Title: OneOrZero TCreate.PHP HTML Injection
  • Description: OneOrZero is a web-based task management and help desk application. The application is exposed to an HTML injection issue because it fails to properly sanitize user-supplied input before using it in dynamically generated content. The issue affects the "description" parameter of the "tcreate.php" script. OneOrZero version 1.6.5.4 is affected.
  • Ref: http://www.securityfocus.com/bid/26217
  • 07.45.57 - CVE: CVE-2007-5682
  • Platform: Web Application
  • Title: TikiWiki Tiki-Graph_Formula.PHP White-List Check Code Injection
  • Description: TikiWiki is a wiki application. The application is exposed to an arbitrary PHP code injection issue because it fails to properly sanitize user-supplied input to the "tiki-graph_formula.php" script. TikiWiki versions 1.9.8.1 and earlier are affected.
  • Ref: http://www.securityfocus.com/archive/1/482908
  • 07.45.58 - CVE: CVE-2007-4348
  • Platform: Web Application
  • Title: IBM Tivoli Storage Manager Client CAD Service HTML Injection
  • Description: IBM Tivoli Storage Manager facilitates data backup and archiving. It is available for various platforms. The application is exposed to an HTML injection issue because it fails to properly sanitize user-supplied input before using it in dynamically generated content. IBM Tivoli Storage Manager Client versions 5.3.5.3 and 5.4.1.2 are affected.
  • Ref: http://www.securityfocus.com/archive/1/482927
  • 07.45.59 - CVE: Not Available
  • Platform: Web Application
  • Title: FireConfig DL.PHP Local File Include
  • Description: FireConfig is a PHP-based front end configuration tool for ipables and iproute. The application is exposed to a local file include issue because it fails to adequately sanitize user-supplied requests containing directory traversal strings ("../") for restricted files that reside outside of the web document root directory. Specifically, this issue affects the "file" parameter of the "dl.php" script. FireConfig version 0.5 is affected.
  • Ref: http://www.securityfocus.com/bid/26222
  • 07.45.60 - CVE: Not Available
  • Platform: Web Application
  • Title: Django i18n Remote Denial of Service
  • Description: Django is a Python-based framework for building web applications. The application is exposed to a remote denial of service issue because it fails to adequately handle user-supplied input. This issue affects the "i18n" internationalization system when processing specially crafted "Accept-Language" HTTP requests. Django versions 0.91, 0.95, 0.95.1, and 0.96 are affected.
  • Ref: http://www.djangoproject.com/weblog/2007/oct/26/security-fix/
  • 07.45.61 - CVE: Not Available
  • Platform: Web Application
  • Title: Sige Sige_Init.PHP Remote File Include
  • Description: Sige is a web-based development platform tool implemented in PHP. The application is exposed to a remote file include issue because it fails to sufficiently sanitize user-supplied input to the "SYS_PATH" parameter of the "inc/sige_init.php" script. Sige version 0.1 is affected.
  • Ref: http://www.securityfocus.com/bid/26230
  • 07.45.62 - CVE: Not Available
  • Platform: Web Application
  • Title: Teatro pub08_comments.php Remote File Include
  • Description: Teatro is a web-based portal application. The application is exposed to a remote file include issue because it fails to sufficiently sanitize user-supplied input to the "basePath" parameter of the "pub/pub08_comments.php" script. Teatro version 1.6 is affected.
  • Ref: http://www.securityfocus.com/archive/1/482910
  • 07.45.63 - CVE: Not Available
  • Platform: Web Application
  • Title: CaupoShop Pro Index.PHP Remote File Include
  • Description: CaupoShop Pro is a PHP-based ecommerce application. The application is exposed to a remote file include issue because it fails to sufficiently sanitize user-supplied input to the "action" parameter of the "index.php" script.
  • Ref: http://www.securityfocus.com/bid/26239
  • 07.45.64 - CVE: Not Available
  • Platform: Web Application
  • Title: MySpace Resource Script Breadcrumb.PHP Remote File Include
  • Description: MySpace Resource Script (MSRS) is a content manager to create content for MySpace. The application is exposed to a remote file include issue because it fails to sufficiently sanitize user-supplied input to the "rootBase" parameter of the "_theme/breadcrumb.php" script. MSRS version 1.21 is affected.
  • Ref: http://www.securityfocus.com/bid/26240
  • 07.45.65 - CVE: Not Available
  • Platform: Web Application
  • Title: ProfileCMS Profile Creation Arbitrary File Upload
  • Description: ProfileCMS is a PHP-based content manager. The application is exposed to an arbitrary file upload issue because it fails to sufficiently sanitize user-supplied input. Specifically, the application fails to verify the content of images before uploading it to the web server. ProfileCMS version 1.0 is affected.
  • Ref: http://www.securityfocus.com/bid/26242
  • 07.45.66 - CVE: Not Available
  • Platform: Web Application
  • Title: Micro Login System UserPWD.TXT Information Disclosure
  • Description: Micro Login System is a lightweight authentication application implemented in PHP. The application is exposed to an information disclosure issue because it fails to securely store user authentication credentials. Specifically, usernames and corresponding MD5 password hashes are stored in the "userpwd.txt" file. Micro Login System version 1.0 is affected.
  • Ref: http://www.securityfocus.com/bid/26246
  • 07.45.67 - CVE: Not Available
  • Platform: Web Application
  • Title: PHP-AGTC Membership System Adduser.PHP Unauthorized Access
  • Description: PHP-AGTC membership system is a PHP-based user management application. The application is exposed to an unauthorized access issue that occurs in the "adduser.php" script. Specifically, any user can access the "adduser.php" script and add administrative users to the affected application. PHP-AGTC membership system version 1.1a is affected.
  • Ref: http://www.securityfocus.com/bid/26255
  • 07.45.68 - CVE: Not Available
  • Platform: Web Application
  • Title: phpFaber URLInn Config.PHP Remote File Include
  • Description: URLInn is a PHP-based application that creates tiny URLs. The application is exposed to a remote file include issue because it fails to sufficiently sanitize user-supplied input to the "dir_ws" parameter of the "config.php" script. URLInn version 2.0.5 is affected.
  • Ref: http://www.securityfocus.com/bid/26261
  • 07.45.69 - CVE: Not Available
  • Platform: Web Application
  • Title: ILIAS Multiple HTML Injection Vulnerabilities
  • Description: ILIAS is a PHP-based learning management application. The application is exposed to multiple HTML injection issues because it fails to properly sanitize user-supplied input before using it in dynamically generated content. These issues affect the mailing and forum components. ILIAS versions 3.8.3 and earlier are affected.
  • Ref: http://www.securityfocus.com/archive/1/483011
  • 07.45.70 - CVE: Not Available
  • Platform: Web Application
  • Title: Light FMan PHP Multiple Unspecified Security Vulnerabilities
  • Description: Light FMan PHP is a web-based advanced file manager implemented in PHP. The application is exposed to multiple unspecified issues. Light FMan PHP versions prior to 2.0rc1 are affected. Ref: http://sourceforge.net/project/shownotes.php?release_id=550239&group_id=179336
  • 07.45.71 - CVE: Not Available
  • Platform: Web Application
  • Title: Hitachi Web Server HTML Injection Vulnerability and Signature Forgery
  • Description: Hitachi Web Server is a web application server available for multiple operating systems. The application is exposed to multiple remote issues. Ref: http://www.hitachi-support.com/security_e/vuls_e/HS07-035_e/index-e.html
  • 07.45.72 - CVE: Not Available
  • Platform: Web Application
  • Title: ISPworker Download.PHP Multiple Local File Include Vulnerabilities
  • Description: ISPworker is a PHP-based ecommerce application. The application is exposed to multiple local file include issues because it fails to sufficiently sanitize user-supplied input to the "ticketid" and "filename" parameters of the "download.php" script. ISPworker version 1.21 is affected.
  • Ref: http://www.securityfocus.com/bid/26277
  • 07.45.73 - CVE: Not Available
  • Platform: Web Application
  • Title: SF RETIRED: phpMyConferences PageTraiteDownload.PHP Local File Include Vulnerability
  • Description: 26278 - Title : RETIRED: phpMyConferences PageTraiteDownload.PHP Local File Include Vulnerability phpMyConferences is a PHP-based tool for conference organizing and management. phpMyConferences is prone to a local file include vulnerability because it fails to adequately sanitize user-supplied requests containing directory traversal strings ("../") for restricted files that reside outside of the web document root directory. Specifically, this issue affects the "dir" parameter of the "PageTraiteDownload.php" script. A remote attacker can exploit this issue to retrieve potentially sensitive information that may aid in further attacks. This issue affects phpMyConferences version 8.0.2. Other versions may also be affected. Note: this BID is being retired. The affected script does not work, so this issue cannot be exploited in the manner specified.
  • Ref: www.securityfocus.com
  • 07.45.74 - CVE: Not Available
  • Platform: Web Application
  • Title: Synergiser Index.PHP Local File Include
  • Description: Synergiser is a content management system (CMS) implemented in PHP. The application is exposed to a local file include issue because it fails to properly sanitize user-supplied input to the "page" parameter of the "index.php" script. Synergiser version 1.2 RC1 is affected.
  • Ref: http://www.securityfocus.com/bid/26289
  • 07.45.75 - CVE: Not Available
  • Platform: Web Application
  • Title: BackUpWordPress Bkpwp_Plugin_Path Parameter Multiple Remote File Include Vulnerabilities
  • Description: BackUpWordPress is a plugin for archiving WordPress blogs. The application is exposed to multiple remote file include issues because it fails to sufficiently sanitize user-supplied input to the "bkpwp_plugin_path" parameter. BackUpWordPress version 0.4.2b is affected.
  • Ref: http://www.securityfocus.com/bid/26290
  • 07.45.76 - CVE: Not Available
  • Platform: Web Application
  • Title: CONTENTCustomizer Dialog.PHP Information Disclosure
  • Description: CONTENTCustomizer is a PHP-based web site editing application. The application is exposed to an information disclosure issue that occurs in the "dialog.php" script when the "action" parameter is set to "editauthor". CONTENTCustomizer 3.1mp is affected.
  • Ref: http://www.securityfocus.com/bid/26291
  • 07.45.77 - CVE: Not Available
  • Platform: Web Application
  • Title: Work System ECommerce Unspecified Ajax Pages Security
  • Description: WORK system ecommerce is a PHP-based content manager. The application is exposed to an unspecified security issue in some Ajax pages. WORK system ecommerce versions prior to 4.0.2 are affected.
  • Ref: http://sourceforge.net/forum/forum.php?forum_id=748757
  • 07.45.78 - CVE: CVE-2007-4344
  • Platform: Network Device
  • Title: ACDSee Products Plugins ID_PSP.apl and AM_LHA.apl Multiple Remote Buffer Overflow Vulnerabilities
  • Description: ACDSee Products are applications designed to manage and edit digital photographs. The application is exposed to multiple buffer overflow issues because the applications fail to bounds check user-supplied data before copying it into insufficiently sized buffers. ACDSee Photo Manager version 9.0, ACDSee Pro Photo Manager version 8.1, and ACDSee Photo Editor version 4.0 are affected.
  • Ref: http://secunia.com/secunia_research/2007-73/advisory/

(c) 2007. All rights reserved. The information contained in this newsletter, including any external links, is provided "AS IS," with no express or implied warranty, for informational purposes only. In some cases, copyright for material in this newsletter may be held by a party other than Qualys (as indicated herein) and permission to use such material must be requested from the copyright owner.

Subscriptions: @RISK is distributed free of charge by the SANS Institute to people responsible for managing and securing information systems and networks. You may forward this newsletter to others with such responsibility inside or outside your organization.

Instructors have excellent hands on real life experience.
-Terry Kuxhaus, State of South Dakota

Mentor Program

Latest Whitepapers

Building and Maintaining a "Certifiable" Workforce
By Robert J. Mavretich

How Can You Build and Leverage SNORT IDS Metrics to Reduce Risk?
By Tim Proffitt

Daisy Chain Authentication
By Courtney Imbert

Latest Tweets

NEW #SANS Survey: Security Analytics & Intelligence 2nd [...]
October 1, 2013 - 6:30 PM

Tips on how to convince your boss to let you train online wi [...]
October 1, 2013 - 6:23 PM

#2 Tip on how 2 convince your boss 2 let u train online: Fle [...]
October 1, 2013 - 3:00 PM

Contact Us

(301) 654-SANS (7267)
Mon-Fri 9am - 8pm EST/EDT
info@sans.org

"It has really been an eye opener concerning the depth of security training & awareness that SANS has to offer."
- Michael Hall, Drivesavers

"It was a great learning experience that helped open my eyes wider. The instructor's knowledge was fantastic."
- Manuja Wikesekera, Melbourne Cricket Club

"SANS is far more in-depth than other training I have attended."
- Frank Rajnai, Sears Canada Inc