HNS Newsletter
Issue 149 - 17.02.2003.
http://net-security.org

This is a newsletter delivered to you by Help Net Security. It 
covers weekly roundups of security events that were in the 
news the past week. Visit Help Net Security for the latest 
security news - http://net-security.org.


---------------------------------------------------------------------
QUESTION: How Vulnerable are Your Applications and Databases?

ANSWER: Find out by downloading a vulnerability assessment 
scanner that can empower you with all of the answers.

DOWNLOAD YOUR FREE EVALUATION VERSION of AppDetective from:
http://www.appsecinc.com/helpnetsecurity

FREE DATABASE AND APPLICATION VULNERABILITY ASSESSMENT EVALUATION
FREE WHITE PAPERS ON DATABASE SECURITY, SQL INJECTION, AND WORMS

Download your FREE EVALUATION VERSION of AppDetective and 
INFORMATIVE WHITE PAPERS on database/application security from:
http://www.appsecinc.com/helpnetsecurity/
---------------------------------------------------------------------


Table of contents:
 
1) Security news
2) Vulnerabilities
3) Advisories
4) Articles
5) Reviews
6) Security world
7) Security software
8) Virus news


[ Security news ]

 
----------------------------------------------------------------

HOW TO BUILD A SECURE WLAN
For real-time communications like Wi-Fi, a comprehensive real-time 
network protection strategy is required to enable pervasive, 
widespread deployment.
>> http://www.net-security.org/news.php?id=1977


BACKPACKERS' SAVINGS AT RISK FROM ONLINE BANKING SCAM
Attackers are preying on backpackers, using internet cafes to 
steal thousands of dollars of travellers' savings from online 
bank accounts.
>> http://www.net-security.org/news.php?id=1978


SUNSCREEN, PART TWO: POLICIES, RULES, AND NAT
This article covers some of the rudimentary facilities in SunScreen 
such as adding and removing rules, setting up a remote management 
station, and network address translation.
>> http://www.net-security.org/news.php?id=1979


GSM SECURITY FLAWS EXPOSED
Steve Lord, consultant, X-Force Security Assessment Services for 
Internet Security Systems, argues that, while some functions of 
GSM offer impressive levels of security, others should not be 
trusted.
>> http://www.net-security.org/news.php?id=1981


FEDS CONSIDER WAGING CYBER WAR
The government is studying ways to use cyberattacks against 
their enemies.
>> http://www.net-security.org/news.php?id=1982


SECURE FUTURE FOR SSL VPNS
Simplifying VPNs by using the browser-based SSL will instigate a 
fundamental change in the use of VPNs in enterprises, according 
to research from The Tolly Group.
>> http://www.net-security.org/news.php?id=1985


HOW VULNERABLE IS THE INTERNET NOW?
According to Gartner research director Richard Stiennon, it would 
not be difficult for an attacker to send spoofed routing tables to 
poorly configured routers and misdirect traffic across large parts 
of the Internet.
>> http://www.net-security.org/news.php?id=1986


SPYWARE FOUND IN 30% OF EUROPEAN BUSINESSES
Almost one-third of European companies have been infected with 
spyware applications on their networks, according to research.
>> http://www.net-security.org/news.php?id=1988


GO THE EXTRA MILE - SECURE WINDOWS ADMIN ACCOUNT
Here's a look at the steps you can take to manage access to the 
Windows administrator account and improve security of how it's 
used by IT staff.
>> http://www.net-security.org/news.php?id=1989


HOW WE CAN STOP IDENTITY THEFT--FOR GOOD
This crime will not stop until the government steps in to regulate 
corporate privacy policies, and companies that handle your 
personal data are held liable for any abuses carried out by 
their employees.
>> http://www.net-security.org/news.php?id=1993


FTP SERVER OFFERS KEY TO THE STORE
Sloppy practices leave critical user IDs and passwords available 
for public download.
>> http://www.net-security.org/news.php?id=1994


FORENSICS ON THE WINDOWS PLATFORM, PART TWO
In this article we will concentrate on the areas of a Windows file 
system that are likely to be of most interest to forensic 
investigators and the software tools that can be used to 
carry out an investigation.
>> http://www.net-security.org/news.php?id=1995


CYBERCRIME SHOW TACKLES TERRORISM
Amid heightened awareness of terrorism and computer attacks, 
computer crime professionals gathered at the Foxwoods Resort 
Casino here this week to hone their cybersleuthing skills at the 
annual Cybercrime conference.
>> http://www.net-security.org/news.php?id=1996


OPEN AND CLOSED SECURITY ARE ROUGHLY EQUIVALENT
Open and closed approaches to security are basically equivalent, 
with opening a system up to inspection helps both attackers 
and defenders.
>> http://www.net-security.org/news.php?id=1997


MICROSOFT OFFERS E-MAIL SECURITY NEWSLETTER
Microsoft, in an effort to boost security awareness after a recent 
high-profile breach of its software, said that it would start sending 
e-mail newsletters to users about computer security threats and 
issues.
>> http://www.net-security.org/news.php?id=1998


SPAM OFFERS: SOME LEGIT, MOST NOT
Ever wonder what happens when you respond to unsolicited e-mail 
come-ons to make money at home, pump up your manhood or spy 
on anyone online? Turns out, spam begets spam. And that's 
usually about it.
>> http://www.net-security.org/news.php?id=2003


HOW TO TIGHTEN THE LOOSE SECURITY IN WIRELESS NETWORKS
If proper security precautions are implemented into a wireless 
deployment at the outset, the risks associated with this enabling 
technology can be greatly reduced.
>> http://www.net-security.org/news.php?id=2004


POLICE RECOVER DISK AT CENTRE OF ID THEFT FLAP
A hard drive that contained confidential details about hundreds of 
thousands of insurance company clients has been recovered by 
Canadian police.
>> http://www.net-security.org/news.php?id=2005


NEW LINUX SUPPORT POLICIES ARE OMINOUS
Red Hat and Mandrake are cutting support for older versions of 
their Linux distributions. The results will be a security nightmare 
for the Internet.
>> http://www.net-security.org/news.php?id=2006


WEB SERVICES CHANGES THE SECURITY GAME
Peter Judge: People don't want to wait for Web services - 
so the security industry is going to have to shift a generation 
pretty quickly.
>> http://www.net-security.org/news.php?id=2007


MITNICK BANNED FROM SECURITY GROUP
The famous ex-hacker is a member of the world's largest 
not-for-profit computer security organization... for about 
two minutes.
>> http://www.net-security.org/news.php?id=2008


GOVERNMENT WARNS 'PATRIOT HACKERS'
The FBI's National Infrastructure Protection Center warned that 
growing tensions between the United States and Iraq could lead 
to an increase in global computer hacking activities on both sides.
>> http://www.net-security.org/news.php?id=2010


NEW CELEBRITY VIRUS: CATHERINE ZETA-JONES
The popularity of Catherine Zeta-Jones has led to the actress 
being used as a hook to tempt users into launching a virus on 
their PCs.
>> http://www.net-security.org/news.php?id=2011


DETECTING SERVER COMPROMISES
How can I determine if my Linux server has been hacked? How 
can I be sure that I haven't been hacked? Jay Beale responds.
>> http://www.net-security.org/news.php?id=2012


SOME EXPERTS SAY CYBERTERRORISM IS VERY UNLIKELY
For years, government experts have warned a "cyberterrorism" 
attack could amount to "an electronic Pearl Harbor." Now, a less 
alarmist viewpoint is emerging from experts who say the 
comparison is overblown.
>> http://www.net-security.org/news.php?id=2013


ARE YOU INFECTED? DETECTING MALWARE INFECTION
This article discusses how to determine whether or not the system 
has been infected and offers tips on to manually disinfect the system.
>> http://www.net-security.org/news.php?id=2014


COMPUTER WORMS TURN, BUT BUSINESS SLOW TO INSURE AGAINST RISK
Economist Bob Hartwig once predicted that cyber insurance would 
grow to $2.5 billion in sales by 2002. Industry officials doubt that 
actual sales have topped $100 million yet.
>> http://www.net-security.org/news.php?id=2015


RED HAT, ORACLE TO CERTIFY LINUX FOR THE GOVERNMENT
Red Hat and Oracle have teamed to get Linux evaluated under 
the Common Criteria, a certification that could open doors for 
the broader use of open-source software by government agencies.
>> http://www.net-security.org/news.php?id=2016


FTD.COM HOLE LEAKS PERSONAL INFORMATION
A security flaw on the Web site leaves private information open 
to harvesting just before Valentine's Day, one of the busiest 
times of the year for the online florist.
>> http://www.net-security.org/news.php?id=2017

----------------------------------------------------------------




[ Vulnerabilities ]


All vulnerabilities are located here:
http://www.net-security.org/archive_vuln.php


----------------------------------------------------------------

Lotus Domino Source Code Viewing Vulnerability
>> http://www.net-security.org/vuln.php?id=2443


AIX libIM.a Buffer Overflow Vulnerability
>> http://www.net-security.org/vuln.php?id=2442


Abyss WebServer Brute Force Vulnerability
>> http://www.net-security.org/vuln.php?id=2441


IndyNews PhpNuke Module Multiple Vulnerabilities
>> http://www.net-security.org/vuln.php?id=2440


CheetaChat Getting Plain Text Passwords Vulnerability
>> http://www.net-security.org/vuln.php?id=2439


CGI::Lite::escape_dangerous_chars() function Vulnerability
>> http://www.net-security.org/vuln.php?id=2438


Windows NT 4.0/2000 cmd.exe Long Path Buffer 
Overflow Vulnerability
>> http://www.net-security.org/vuln.php?id=2437


Far Manager Buffer Overflow Vulnerability
>> http://www.net-security.org/vuln.php?id=2436


Kaspersky Antivirus Denial of Service Vulnerability
>> http://www.net-security.org/vuln.php?id=2435


Ericsson HM220dp ADSL Modem Insecure Web 
Administration Vulnerability
>> http://www.net-security.org/vuln.php?id=2434


NOD32 Antivirus Software for Unix Buffer Overflow Vulnerability
>> http://www.net-security.org/vuln.php?id=2433


Netgear FM114P Wireless Router Firmware Information 
Disclosure Vulnerability
>> http://www.net-security.org/vuln.php?id=2432


Cedric Email Reader PHP Script File Include Vulnerability
>> http://www.net-security.org/vuln.php?id=2431


Opera Java Applet Denial of Service Vulnerability
>> http://www.net-security.org/vuln.php?id=2430


Opera Username Buffer Overflow Vulnerability
>> http://www.net-security.org/vuln.php?id=2429


F-Prot Anti Virus Buffer OVerflow Vulnerability
>> http://www.net-security.org/vuln.php?id=2428


Eggdrop Arbitrary Connection Vulnerability
>> http://www.net-security.org/vuln.php?id=2427


Gallery 1.3.3 File Permissions Problems
>> http://www.net-security.org/vuln.php?id=2426


SQLBase 8.1.0 Buffer Overflow Vulnerability
>> http://www.net-security.org/vuln.php?id=2425


showHelp("file:") Disables Security in Internet Explorer
>> http://www.net-security.org/vuln.php?id=2424


Internet Explorer Local File Reading Vulnerability
>> http://www.net-security.org/vuln.php?id=2423


OpenSSH Segfault in Debian Distribution
>> http://www.net-security.org/vuln.php?id=2422

----------------------------------------------------------------




[ Advisories ]


All advisories are located at:
http://www.net-security.org/archive_advi.php


----------------------------------------------------------------

IBM Security Advisory - libIM.a buffer overflow vulnerability
>> http://www.net-security.org/advisory.php?id=1593


Debian Security Advisory - New w3m packages fix cookie 
information leak
>> http://www.net-security.org/advisory.php?id=1592


Mandrake Linux Security Advisory - util-linux
>> http://www.net-security.org/advisory.php?id=1591


Conectiva Linux Security Announcement - mozilla
>> http://www.net-security.org/advisory.php?id=1590


Debian Security Advisory - New w3mmee-ssl packages 
fix cookie information leak
>> http://www.net-security.org/advisory.php?id=1589


Microsoft Security Bulletin MS03-004 - Cumulative Patch 
for Internet Explorer
>> http://www.net-security.org/advisory.php?id=1588


Red Hat Security Advisory - Updated PAM packages fix 
bug in pam_xauth module
>> http://www.net-security.org/advisory.php?id=1587


Red Hat Security Advisory - Updated lynx packages fix 
CRLF injection vulnerability
>> http://www.net-security.org/advisory.php?id=1586


Red Hat Security Advisory - Updated python packages 
fix predictable temporary file
>> http://www.net-security.org/advisory.php?id=1585


Debian Security Advisory - New hypermail packages fix 
arbitrary code execution
>> http://www.net-security.org/advisory.php?id=1584


Debian Security Advisory - New w3mmee packages fix 
cookie information leak
>> http://www.net-security.org/advisory.php?id=1583


Microsoft Security Bulletin MS02-071 - Flaw in Windows 
WM_TIMER Message Handling Could Enable Privilege Elevation
>> http://www.net-security.org/advisory.php?id=1582

----------------------------------------------------------------


----------------------------------------------------------------
HNS Book Giveaway: http://net-security.org/news.php?id=2022
> Cisco Secure PIX Firewalls
> Web Security Field Guide
----------------------------------------------------------------


[ Featured articles ]


All articles are located at:
http://www.net-security.org/articles_main.php

Articles can be contributed to staff@net-security.org


----------------------------------------------------------------

INTERVIEW WITH DAVID W. CHAPMAN
The President and Principal Consultant for SecureNet Consulting 
talks about firewalls.
>> http://www.net-security.org/article.php?id=381


INTERVIEW WITH CHARLES R. ELDEN
The independent security consultant, former CIA employee and 
co-author of "Wireless Security and Privacy" talks about 
wireless security.
>> http://www.net-security.org/article.php?id=384


NAI UNVEILS 'INFINISTREAM SECURITY FORENSICS' SOLUTION
InfiniStream Security Forensics is a forensics analysis solution 
that allows enterprise customers worldwide to reconstruct, 
understand and prevent harmful network activity and 
security events.
>> http://www.net-security.org/article.php?id=385


WIRELESS LAN SECURITY: RISKS & DEFENSES WEB SEMINAR
In this one hour AirDefense web seminar, you should be informed 
how you can protect your WLANs with a layered security approach.
>> http://www.net-security.org/article.php?id=386


INTERVIEW WITH RICH BOWEN
The co-author of Apache Administrator's Handbook talks about 
his book and Apache in general.
>> http://www.net-security.org/article.php?id=387


KAVADO: NEW VERSION OF SCANDO WEB APPLICATION SCANNER
ScanDo is a Web application scanner that assesses the entire 
Web application to identify security loopholes.
>> http://www.net-security.org/article.php?id=388


INTERVIEW WITH MARTIN CROOME
The European General Manager of Socket Communications talks 
about the company and wireless security issues.
>> http://www.net-security.org/article.php?id=389


INTERVIEW WITH ADAM N. BOSNIAN
Vice President, Sales and Marketing of Elron Software talks 
about the company, viruses, spam and internet monitoring.
>> http://www.net-security.org/article.php?id=390

----------------------------------------------------------------


----------------------------------------------------------------
HNS Book Giveaway: http://net-security.org/news.php?id=2022
> Cisco Secure PIX Firewalls
> Web Security Field Guide
----------------------------------------------------------------


[ Reviews ]


All reviews are located at: 
http://www.net-security.org/reviews.php 


----------------------------------------------------------------

WEB SECURITY FIELD GUIDE
This "Field guide" should be of interest to the novice and 
inter-mediate readers interested in enchancing the security 
of their Microsoft based installations.
>> http://net-security.org/review.php?id=31


MAXIMUM WIRELESS SECURITY
While wired networks have been around for ages and have had 
the time to make good security defences, wireless networks and 
new in comparison and still have a long way to go. This book aims 
to give you the knowledge you need to bring your wireless network 
maximum security, by teaching you how that security can and 
will be broken.
>> http://www.net-security.org/review.php?id=32

----------------------------------------------------------------




[ Security world ]


All press releases are located at:
http://www.net-security.org/press_main.php


----------------------------------------------------------------

ZNQ3 Names Billman as Vice President, Engineering & Development
>> http://www.net-security.org/press.php?id=1248


ZNQ3 Names Platt as Chief Operating Officer
>> http://www.net-security.org/press.php?id=1247


New CryptoHeaven Packages For Small Business
>> http://www.net-security.org/press.php?id=1246


Endeavors Technology Releases Advanced Instant Conferencing 
Tools for Business Critical Decision Teams Using WebEx Meetings
>> http://www.net-security.org/press.php?id=1245


Intrusion Inc. Gigabit IDS Awarded Miercom NetWORKS 
As Advertised Award
>> http://www.net-security.org/press.php?id=1244


Sygate Outperforms Symantec In Independent Test 
Of Enterprise Security Solutions
>> http://www.net-security.org/press.php?id=1243


Cyber-Ark Unveils Inter-Business Vault 2.0
>> http://www.net-security.org/press.php?id=1242


Panda Software Promotes Internet Security Across the USA
>> http://www.net-security.org/press.php?id=1241


Partners HealthCare Chooses Neoteris to Deliver Instant 
Secure Access to Medical Information
>> http://www.net-security.org/press.php?id=1240

----------------------------------------------------------------




[ Security Software ]


Windows software is located at:
http://net-security.org/software_main.php?cat=1

Linux software is located at:
http://net-security.org/software_main.php?cat=2


----------------------------------------------------------------

SLOP 1.21
SLOP is a PERL and PHP based engine for the collection of and 
reporting on logs from various network based devices such as 
firewalls, switches, and web servers.
>> http://www.net-security.org/software.php?id=449


MALLOC() FWSCRAPE 0.0.2A
Malloc() FWScrape is a tool used to analyze the filtering 
characteristics of a specific host, Gateway(router) and/or 
Firewall. This tool performs a series of test and checks to 
determine a hosts filtering rules set in place.
>> http://www.net-security.org/software.php?id=450


ITR (INTERACTIVE TCP RELAY)
This tool provides a security-testing environment for non-HTTP 
Client/Server applications, similar to that provided by interactive 
HTTP proxies.
>> http://www.net-security.org/software.php?id=451


BOU (BUFFER OVERFLOW UTILITY)
BOU is a command-line utility that enables the user to check for 
buffer overflows on Web Server Applications.
>> http://www.net-security.org/software.php?id=452

----------------------------------------------------------------




[ Virus News ] 


All virus news are located at: 
http://www.net-security.org/viruses.php 


----------------------------------------------------------------

One in Every 145 Emails is a Virus
>> http://www.net-security.org/virus_news.php?id=186


Panda Reports the Appearance of a New Worm/Trojan
>> http://www.net-security.org/virus_news.php?id=185


BitDefender Antivirus Beta Testing Program
>> http://www.net-security.org/virus_news.php?id=184

----------------------------------------------------------------

Questions, contributions, comments or ideas go to:
 
Help Net Security staff
staff@net-security.org
http://net-security.org

----------------------

Subscribe to this weekly digest on:
http://www.net-security.org/subscribe.php

Unsubscribe by sending your e-mail address to:
info@net-security.org with UNSUBSCRIBE in the message body.

The archive of the newsletter in TXT and PDF format is available 
http://www.net-security.org/newsletter_archive.php


---------------------------------------------------------------------
QUESTION: How Vulnerable are Your Applications and Databases?

ANSWER: Find out by downloading a vulnerability assessment 
scanner that can empower you with all of the answers.

DOWNLOAD YOUR FREE EVALUATION VERSION of AppDetective from:
http://www.appsecinc.com/helpnetsecurity

FREE DATABASE AND APPLICATION VULNERABILITY ASSESSMENT EVALUATION
FREE WHITE PAPERS ON DATABASE SECURITY, SQL INJECTION, AND WORMS

Download your FREE EVALUATION VERSION of AppDetective and 
INFORMATIVE WHITE PAPERS on database/application security from:
http://www.appsecinc.com/helpnetsecurity/
---------------------------------------------------------------------