Spyware, Viruses, & Security forum

General discussion

VULNERABILITIES \ FIXES - July 31, 2008

Fedora update for trac


Secunia Advisory: SA31314
Release Date: 2008-07-31


Critical:
Less critical
Impact: Cross Site Scripting

Where: From remote

Solution Status: Vendor Patch


OS: Fedora 8
Fedora 9

Description:
Fedora has issued an update for trac. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks.

Solution:
Apply updated packages via the yum utility ("yum update trac").

Original Advisory:
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg01261.html
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg01270.html

Other References:
SA31231:
http://secunia.com/advisories/31231/

Discussion is locked
You are posting a reply to: VULNERABILITIES \ FIXES - July 31, 2008
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: VULNERABILITIES \ FIXES - July 31, 2008
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Fedora update for phpMyAdmin

In reply to: VULNERABILITIES \ FIXES - July 31, 2008

Secunia Advisory: SA31312
Release Date: 2008-07-31


Critical:
Not critical
Impact: Cross Site Scripting
Spoofing

Where: From remote

Solution Status: Vendor Patch


OS: Fedora 8
Fedora 9

Description:
Fedora has issued an update for phpMyAdmin. This fixes two vulnerabilities, which can be exploited by malicious local users to conduct cross-site scripting attacks, and by malicious people to conduct spoofing attacks.

Solution:
Apply updated packages via the yum utility ("yum update phpMyAdmin").

Original Advisory:
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg01239.html
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg01316.html

Other References:
SA31263:
http://secunia.com/advisories/31263/

Collapse -
Fedora update for pdns-recursor

In reply to: VULNERABILITIES \ FIXES - July 31, 2008

Secunia Advisory: SA31311
Release Date: 2008-07-31


Critical:
Moderately critical
Impact: Spoofing

Where: From remote

Solution Status: Vendor Patch


OS: Fedora 9

Description:
Fedora has issued an update for pdns-recursor. This fixes a vulnerability, which can be exploited by malicious people to poison the DNS cache.

Solution:
Apply updated packages via the yum utility ("yum update pdns-recursor").

Original Advisory:
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg01353.html

Other References:
SA29584:
http://secunia.com/advisories/29584/

Collapse -
HP-UX System Administration Manager Security Issue

In reply to: VULNERABILITIES \ FIXES - July 31, 2008

Secunia Advisory: SA31309
Release Date: 2008-07-31


Critical:
Less critical
Impact: Security Bypass

Where: From local network

Solution Status: Vendor Patch


OS: HP-UX 11.x

Description:
A security issue has been reported in HP-UX, which can lead to an insecure configuration.

The security issue is caused due to an error if the System Administration Manager (SAM) is used to configure NFS. This can result in an insecure configuration allowing unintended access to all systems.

The security issue is reported in HP-UX B.11.11 and B.11.23 running SAM.

Solution:
HP-UX B.11.11 (11i v1):
Install PHCO_36562 or subsequent and change NFS configuration as needed.

HP-UX B.11.23 (11i v2):
Install PHCO_36563 or subsequent and change NFS configuration as needed.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
HPSBUX02286 SSRT071466:
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01367453

Collapse -
rPath update for openssl

In reply to: VULNERABILITIES \ FIXES - July 31, 2008

Secunia Advisory: SA31308
Release Date: 2008-07-31


Critical:
Highly critical
Impact: DoS
System access

Where: From remote

Solution Status: Vendor Patch


OS: rPath Linux 1.x

Description:
rPath has issued an update for openssl. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.

Solution:
Update to:
openssl=conary.rpath.com@rpl:1-compat/0.9.7a-0.5-2
openssl-scripts=conary.rpath.com@rpl:1-compat/0.9.7a-0.5-2

Original Advisory:
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0241

Other References:
SA22130:
http://secunia.com/advisories/22130/

Collapse -
Debian update for newsx

In reply to: VULNERABILITIES \ FIXES - July 31, 2008

Secunia Advisory: SA31307
Release Date: 2008-07-31


Critical:
Moderately critical
Impact: DoS
System access

Where: From remote

Solution Status: Vendor Patch


OS: Debian GNU/Linux 4.0
Debian GNU/Linux unstable alias sid

Description:
Debian has issued an update for newsx. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to a boundary error within the "read_article()" function in src/getarticle.c. This can be exploited to cause a stack-based buffer overflow via a specially crafted NNTP packet.

Solution:
Apply updated packages.

Original Advisory:
http://lists.debian.org/debian-security-announce/2008/msg00207.html

Collapse -
Panasonic Network Cameras Error Page Cross-Site Scripting Vu

In reply to: VULNERABILITIES \ FIXES - July 31, 2008

Secunia Advisory: SA31304
Release Date: 2008-07-31


Critical:
Less critical
Impact: Cross Site Scripting

Where: From remote

Solution Status: Vendor Patch


OS: Panasonic Network Camera BB-HCM5XX Series 3.x
Panasonic Network Camera BL-CXXX Series 3.x

Description:
A vulnerability has been reported in various Panasonic network cameras, which can be exploited by malicious people to conduct cross-site scripting attacks.

Solution:
Reportedly, a fixed firmware version is available. Contact the vendor for details.

Provided and/or discovered by:
NetAgent Co., Ltd.

Original Advisory:
http://jvn.jp/en/jp/JVN33706820/index.html

Collapse -
Sun Solaris "picld" Denial of Service

In reply to: VULNERABILITIES \ FIXES - July 31, 2008

Secunia Advisory: SA31303
Release Date: 2008-07-31


Critical:
Not critical
Impact: DoS

Where: Local system

Solution Status: Vendor Patch


OS: Sun Solaris 10
Sun Solaris 8
Sun Solaris 9

Description:
A vulnerability has been reported in Sun Solaris, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

The vulnerability is caused due to an unspecified error in the Solaris Platform Information and Control Library daemon (picld(1M)), which can be exploited to disable system monitoring and prevent system utilities (e.g. prtdiag(1M), prtpicl(1M), and prtfru(1M)) from operating properly.

Solution:
Apply patches.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-239728-1

Collapse -
Sun N1 Service Provisioning System Web Server Plugin Vulnera

In reply to: VULNERABILITIES \ FIXES - July 31, 2008

Secunia Advisory: SA31301
Release Date: 2008-07-31


Critical:
Less critical
Impact: Security Bypass

Where: From remote

Solution Status: Vendor Patch


Software: Sun N1 Service Provisioning System 5.x
Sun N1 Service Provisioning System 6.x

Description:
A vulnerability has been reported in Sun N1 Service Provisioning System, which can be exploited by malicious users to bypass certain security restrictions.

The vulnerability is caused due to an unspecified error in the Sun Java System Web Server plugin for Sun N1 Service Provisioning System. This can be exploited to gain administrative access to the Sun Java System Web Server.

Successful exploitation requires access to the N1SPS administrator console.

The vulnerability is reported in Sun N1 Service Provisioning System 5.2.x or 6.0.x with the Web Server 7.0 plugin installed.

Solution:
Sun N1 Service Provisioning System 5.2.x or 6.0.x:
Apply Web Server 7.0 plugin patch 138536-01 or later.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-239566-1

Collapse -
HIOX Random Ad "hm" File Inclusion Vulnerability

In reply to: VULNERABILITIES \ FIXES - July 31, 2008

Secunia Advisory: SA31300
Release Date: 2008-07-31


Critical:
Highly critical
Impact: Exposure of system information
Exposure of sensitive information
System access

Where: From remote

Solution Status: Unpatched


Software: HIOX Random Ad 1.x

Description:
Ghost Hacker has discovered a vulnerability in HIOX Random Ad, which can be exploited by malicious people to disclose sensitive information and compromise a vulnerable system.

Input passed to the "hm" parameter in hioxRandomAd.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local or external resources.

Successful exploitation requires that "register_globals" is enabled.

The vulnerability is confirmed in version 1.3. Other versions may also be affected.

Solution:
Edit the source code to ensure that input is properly verified.

Provided and/or discovered by:
Ghost Hacker

Original Advisory:
http://milw0rm.com/exploits/6161

Collapse -
HIOX Browser Statistics "hm" File Inclusion Vulnerabilities

In reply to: VULNERABILITIES \ FIXES - July 31, 2008

Secunia Advisory: SA31299
Release Date: 2008-07-31


Critical:
Highly critical
Impact: Exposure of system information
Exposure of sensitive information
System access

Where: From remote

Solution Status: Unpatched


Software: HIOX Browser Statistics 2.x

Description:
Ghost Hacker has discovered two vulnerabilities in HIOX Browser Statistics, which can be exploited by malicious people to disclose sensitive information and compromise a vulnerable system.

Input passed to the "hm" parameter in hioxstats.php and hioxupdate.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local or external resources.

Successful exploitation requires that "register_globals" is enabled.

The vulnerabilities are confirmed in version 2.0. Other versions may also be affected.

Solution:
Edit the source code to ensure that input is properly verified.

Provided and/or discovered by:
Ghost Hacker

Original Advisory:
http://milw0rm.com/exploits/6162

Collapse -
nzFotolog "action_file" Local File Inclusion

In reply to: VULNERABILITIES \ FIXES - July 31, 2008

Secunia Advisory: SA31297
Release Date: 2008-07-31


Critical:
Moderately critical
Impact: Exposure of system information
Exposure of sensitive information

Where: From remote

Solution Status: Unpatched


Software: nzFotolog 0.x

Description:
R3d.W0rm has discovered a vulnerability in nzFotolog, which can be exploited by malicious people to disclose sensitive information.

Input passed to the "action_file" parameter in index.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes.

Successful exploitation requires that "register_globals" is enabled and that "magic_quotes_gpc" is disabled.

The vulnerability is confirmed in version 0.4.1. Other versions may also be affected.

Solution:
Edit the source code to ensure that input is properly verified.

Provided and/or discovered by:
IRCRASH (R3d.W0rm)

Original Advisory:
http://milw0rm.com/exploits/6164

Collapse -
ZeeScripts Reviews "ItemID" SQL Injection Vulnerability

In reply to: VULNERABILITIES \ FIXES - July 31, 2008

Secunia Advisory: SA31296
Release Date: 2008-07-31


Critical:
Moderately critical
Impact: Manipulation of data

Where: From remote

Solution Status: Unpatched


Software: ZeeScripts Reviews



Description:
Mr.SQL has reported a vulnerability in ZeeScripts Reviews, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed to the "ItemID" parameter in comments.php is not properly sanitised before being used in an SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

Solution:
Edit the source code to ensure that input is properly sanitised.

Provided and/or discovered by:
Mr.SQL

Original Advisory:
http://milw0rm.com/exploits/6165

Collapse -
Article Friendly Two SQL Injection Vulnerabilities

In reply to: VULNERABILITIES \ FIXES - July 31, 2008

Secunia Advisory: SA31292
Release Date: 2008-07-31


Critical:
Moderately critical
Impact: Manipulation of data

Where: From remote

Solution Status: Unpatched


Software: Article Friendly

Description:
Mr.SQL has reported two vulnerabilities in Article Friendly, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed to the "autid" parameter in authordetail.php and to the "Cat" parameter in categorydetail.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

Successful exploitation requires that "magic_quotes_gpc" is disabled.

Solution:
Filter malicious characters and character sequences in a proxy.

Provided and/or discovered by:
Mr.SQL

Original Advisory:
http://milw0rm.com/exploits/6167

Collapse -
PozScripts Classified Ads "cid" SQL Injection Vulnerability

In reply to: VULNERABILITIES \ FIXES - July 31, 2008

Secunia Advisory: SA31291
Release Date: 2008-07-31


Critical:
Moderately critical
Impact: Manipulation of data

Where: From remote

Solution Status: Unpatched


Software: PozScripts Classified Ads

Description:
Hussin X has reported a vulnerability in PozScripts Classified Ads, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed to the "cid" parameter in browsecats.php and showcategory.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

Solution:
Filter malicious characters and character sequences in a proxy.

Provided and/or discovered by:
Hussin X

Original Advisory:
http://milw0rm.com/exploits/6169

Collapse -
Axesstel AXW-D800 Authentication Bypass Vulnerabilities

In reply to: VULNERABILITIES \ FIXES - July 31, 2008

Secunia Advisory: SA31285
Release Date: 2008-07-31


Critical:
Less critical
Impact: Security Bypass

Where: From local network

Solution Status: Unpatched


OS: Axesstel AXW-D800

Description:
Bboyhacks has reported some vulnerabilities in Axesstel AXW-D800, which can be exploited by malicious people to bypass certain security restrictions.

The vulnerabilities are caused due to the device allowing unrestricted access to the etc/config/System.html, etc/config/Network.html, etc/config/Security.html, cgi-bin/sysconf.cgi, and cgi-bin/route.cgi files. This can be exploited to potentially alter various configuration options by directly accessing the affected files via the web interface.

The vulnerabilities are reported in firmware version D2_ETH_109_01_VEBR Jun-14-2006. Other versions may also be affected.

Solution:
Restrict access to trusted users only.

Provided and/or discovered by:
Bboyhacks

Collapse -
phpFreeChat nickid Hijacking Vulnerability

In reply to: VULNERABILITIES \ FIXES - July 31, 2008

Secunia Advisory: SA31283
Release Date: 2008-07-31


Critical:
Less critical
Impact: Hijacking

Where: From remote

Solution Status: Vendor Patch


Software: phpFreeChat 1.x

Description:
A vulnerability has been reported in phpFreeChat, which can be exploited by malicious users to conduct hijacking attacks.

The problem is that the nickid values are the same as the users' session IDs. This can be exploited to take over other users' or administrators' sessions.

Successful exploitation requires valid user credentials.

The vulnerability is reported in all 1.x versions before 1.2.

Solution:
Update to version 1.2.

Provided and/or discovered by:
The vendor credits Cerberus.

Original Advisory:
http://www.phpfreechat.net/changelog/1.2

Collapse -
TubeGuru Video Sharing Script "UID" SQL Injection Vulnerabil

In reply to: VULNERABILITIES \ FIXES - July 31, 2008

Secunia Advisory: SA31276
Release Date: 2008-07-31


Critical:
Moderately critical
Impact: Manipulation of data

Where: From remote

Solution Status: Unpatched


Software: TubeGuru Video Sharing Script

Description:
Hussin X has reported a vulnerability in TubeGuru Video Sharing Script, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed to the "UID" parameter in ugroups.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

Solution:
Filter malicious characters and character sequences using a proxy.

Provided and/or discovered by:
Hussin X

Original Advisory:
http://milw0rm.com/exploits/6170

Collapse -
ImpressCMS "modules/admin.php" Unspecified Vulnerability

In reply to: VULNERABILITIES \ FIXES - July 31, 2008

Secunia Advisory: SA31259
Release Date: 2008-07-31


Critical:
Moderately critical
Impact: Unknown

Where: From remote

Solution Status: Vendor Patch


Software: ImpressCMS 1.x

Description:
A vulnerability with an unknown impact has been reported in ImpressCMS.

The vulnerability is caused due to an unknown error in modules/admin.php. No further information is currently available.

NOTE: Other potential vulnerabilities have also been reported.

The vulnerability is reported in version 1.0. Prior versions may also be affected.

Solution:
Update to version 1.0.1.

Provided and/or discovered by:
Reported by the vendor.

Original Advisory:
http://sourceforge.net/project/shownotes.php?release_id=616122

Collapse -
fizzMedia "mid" SQL Injection Vulnerability

In reply to: VULNERABILITIES \ FIXES - July 31, 2008

Secunia Advisory: SA31252
Release Date: 2008-07-31


Critical:
Moderately critical
Impact: Manipulation of data

Where: From remote

Solution Status: Unpatched


Software: fizzMedia 1.x

Description:
Mr.SQL has reported a vulnerability in fizzMedia, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed to the "mid" parameter in comment.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

The vulnerability is reported in version 1.51.2. Other versions may also be affected.

Solution:
Edit the source code to ensure that input is properly sanitised.

Provided and/or discovered by:
Mr.SQL

Original Advisory:
http://milw0rm.com/exploits/6133

Collapse -
M

In reply to: VULNERABILITIES \ FIXES - July 31, 2008

Secunia Advisory: SA31247
Release Date: 2008-07-31


Critical:
Moderately critical
Impact: Manipulation of data

Where: From remote

Solution Status: Unpatched


Software: M

Collapse -
PHP Hosting Directory "adm" Security Bypass

In reply to: VULNERABILITIES \ FIXES - July 31, 2008

Secunia Advisory: SA31235
Release Date: 2008-07-31


Critical:
Moderately critical
Impact: Security Bypass

Where: From remote

Solution Status: Unpatched


Software: PHP Hosting Directory 2.x

Description:
Stack has discovered a vulnerability in PHP Hosting Directory, which can be exploited by malicious people to bypass certain security restrictions.

The vulnerability is caused due to improper access restriction. This can be exploited to bypass the authentication mechanism and gain access to the administration section by setting the "adm" cookie to "1".

The vulnerability is confirmed in version 2.0. Other versions may also be affected.

Solution:
Restrict access to "admin" URLs (e.g. with ".htaccess").

Provided and/or discovered by:
Stack

Original Advisory:
http://milw0rm.com/exploits/6163

Collapse -
Acronis True Image Echo Server FTP AES Encryption Security B

In reply to: VULNERABILITIES \ FIXES - July 31, 2008

Secunia Advisory: SA30856
Release Date: 2008-07-31


Critical:
Less critical
Impact: Exposure of sensitive information

Where: From remote

Solution Status: Unpatched


Software: Acronis True Image Echo Enterprise Server 9.x

Description:
Travis C Johnson has discovered a security issue in Acronis True Image Echo Server, which can be exploited by malicious people to disclose sensitive information.

The security issue is caused due to the application not correctly encrypting backups when the backup destination is an FTP server, which can be exploited to disclose sensitive information by e.g. intercepting the transfer.

The security issue is confirmed in Acronis True Image Echo Server build 8072 for Linux. Other versions may also be affected.

Solution:
Do not rely on the encryption when backing up onto FTP servers.

Create local backups and transfer them manually.

Provided and/or discovered by:
Travis C Johnson

Collapse -
Blue Coat K9 Web Protection Multiple Buffer Overflow Vulnera

In reply to: VULNERABILITIES \ FIXES - July 31, 2008

Secunia Advisory: SA25813
Release Date: 2008-07-31


Critical:
Highly critical
Impact: System access

Where: From remote

Solution Status: Unpatched


Software: Blue Coat K9 Web Protection 3.x

Description:
Secunia Research has discovered some vulnerabilities in K9 Web Protection, which can be exploited by malicious people to compromise a user's system.

Solution:
Use another product.

The vendor is reportedly working on a fix, which may be available shortly.

Provided and/or discovered by:
Carsten Eiram, Secunia Research.

Original Advisory:
Secunia Research:
http://secunia.com/secunia_research/2007-61/
http://secunia.com/secunia_research/2007-64/

Collapse -
Patches for DNS vulnerability put the brakes on servers

In reply to: VULNERABILITIES \ FIXES - July 31, 2008

31 July 2008,

Paul Vixie, head of BIND vendor ISC, admitted on the BIND mailing list that the anti-cache poisoning patches for the BIND nameserver could cut performance in systems under heavy loads. In the development and testing stage, it became evident that the patches slowed down recursive resolving servers with more than 10,000 queries per second. Because time was short, developers decided to solve the security problem first, and then deal with the performance problem with a later update.

According to Vixie, a beta version of the patch, called P2, is already available for BIND 9.4.3 and BIND 9.5.1. The final versions, 9.3.5-P2, 9.4.2-P2 and 9.5.0-P2, should be available by the end of this week. These should also further improve port allocation. When in doubt, Vixie advises administrators to wait for the final version, instead of using P1. He felt that stopping up security holes was more important than server performance.

More: http://www.heise-online.co.uk/security/Patches-for-DNS-vulnerability-put-the-brakes-on-servers--/news/111220

Collapse -
ESET NOD32 signature update logjam

In reply to: VULNERABILITIES \ FIXES - July 31, 2008

31 July 2008

Users of ESET antivirus products are apparently currently having problems updating virus signatures. The problem is caused by a cumulative update that strains the capacity of the server. ESET usually only releases small, periodic, updates. But this time so many large updates piled up, that the company decided simply to do all the updates in one fell swoop.

According to ESET, not all customers are affected. Users of ESET NOD32 Antivirus v3, for instance, are off the hook. But users of Version 2.x are likely to notice delays. However, licenced users can upgrade to version 3 at any time for free. ESET assumes that all users now have their regular updates and will ensure that such problems are avoided in the future.

http://www.heise-online.co.uk/security/ESET-NOD32-signature-update-logjam--/news/111221

Collapse -
AVG update nails down stability bugs

In reply to: VULNERABILITIES \ FIXES - July 31, 2008

Engine upgrade follows LinkScanner traffic spew fix
By John Leyden
Published Thursday 31st July 2008

AVG has published an engine upgrade to its popular anti-virus scanning software that addresses a raft of stability bugs.

The update, published Tuesday, addresses a bug that means the scanner is liable to crash when scanning malformed UPX compressed executable files. More significantly version 8.0.156 of the software fixes glitches introduced around the same time AVG modified the LinkScanner Search-Shield component of its software on 9 July so that it didn't scan every page returned by a search query.

http://www.theregister.co.uk/2008/07/31/avg_engine_update/

Collapse -
'Hacktivism' threatens world of nations

In reply to: VULNERABILITIES \ FIXES - July 31, 2008

DDoS gets political
By Dan Goodin in San Jose
Published Thursday 31st July 2008

Usenix Politically motivated computer attacks like the one last year that crippled network traffic in Estonia for weeks are likely to increase, and there's not much victims can do to stop them, a security researcher says.

Indeed, just last week government websites in the former Soviet republic of Georgia were ransacked by a denial-of-service attack amid growing diplomatic tensions between the country and Russia. Other victims include Radio Free Europe and dissidents in Tibet and Burma.

More: http://www.theregister.co.uk/2008/07/31/nazario_hactivism_analysis/

Collapse -
DNS flaw causes security scramble

In reply to: VULNERABILITIES \ FIXES - July 31, 2008

Cache poisoning workarounds published

Written by Clement James

vnunet.com, 31 Jul 2008

The well-publicised vulnerability in the DNS system, which can lead to DNS cache poisoning, has got security firms scrambling to provide protection.

Security service provider Integralis introduced a three-point system this week which it claims provides an immediate fix to eliminate the security risks and provide long-term protection.

The vulnerability allows a hacker to reroute information sent across the internet in such a way that existing security software and appliances may not detect a problem.

More: http://www.vnunet.com/vnunet/news/2222961/dns-flaw-security-scramble

Collapse -
Media Malware - A Look Inside

In reply to: VULNERABILITIES \ FIXES - July 31, 2008

A piece of malware has been discovered that modifies a user's music files so they are vulnerable to further infection. The infection can also spread if such files are shared with others. The malware searches the user's drive for music files and injects (after necessary conversions) a malicious URL, which is loaded upon music playback. This is achieved via the AddScript method provided by the Windows Media Format SDK, which injects a script into a music file with a user-defined command (in this case URLANDEXIT). A quick analysis of how this works and a look at the malicious file can be seen below:

More: http://securitylabs.websense.com/content/Blogs/3145.aspx

Popular Forums

icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

SMART HOME

This one tip will help you sleep better tonight

A few seconds are all you need to get a better night's rest.