HNS Newsletter
Issue 163 - 26.05.2003.
http://net-security.org

This is a newsletter delivered to you by Help Net Security. It 
covers weekly roundups of security events that were in the 
news the past week. Visit Help Net Security for the latest 
security news - http://net-security.org.


-----------------------------------------------------------------
SECURITY INCIDENT ALERT
-----------------------------------------------------------------
Check your Web servers, FTP servers, Mail servers , DNS servers,
firewalls, IDS systems, switchers and routers for over 900 up to 
date vulnerabilities. Secure your critical assets today!

FREE System Security Test and Detailed Report
http://www.net-security.org/lm/ads/ads.pl?banner=scannerx1
-----------------------------------------------------------------


Table of contents:
 
1) Security news
2) Vulnerabilities
3) Advisories
4) Articles
5) Reviews
6) Security world
7) Software
8) Virus news


[ Security news ]

 
----------------------------------------------------------------

SECURITY FEARS STALL WI-FI GROWTH
Market slowed by wireless security anxieties, but smaller
companies less concerned.
http://www.net-security.org/news.php?id=2662


INTERNET DREAMS TURN TO CRIME
This is a story about how a legitimate business turned into crime.
http://www.net-security.org/news.php?id=2663


IRC ADMINISTRATORS MAY OUT-HACK FIZZER VIRUS
Internet relay chat network administrators have found several 
possible ways of stopping the Fizzer worm, but they might run 
afoul of US hacking laws.
http://www.net-security.org/news.php?id=2664


THE SAD STATE OF STORAGE SECURITY
Storage system security is getting little attention on many levels, 
according to a recent report from research firm The451.
http://www.net-security.org/news.php?id=2665


WORM SPOOFS MICROSOFT TECH SUPPORT E-MAIL
New network worm named "Palyh" is spreading via email and local 
area networks while masquerading an e-mail from Microsoft's 
technical support.
http://net-security.org/virus_news.php?id=237


SECURITY BREACHES RAGE THROUGH ASIA PACIFIC
Security breaches are running rampant in the Asia Pacific (APAC) 
region, as findings from Evans Data Corporation indicate that 
three-quarters of the nearly 600 developers that were surveyed 
reported at least one violation during 2002. Of that group, 
two-thirds had three or more security breaches.
http://www.net-security.org/news.php?id=2668


SOME SITES EASY MARKS FOR HACKERS ON THE WEB
There is an epidemic of graffiti on the Internet. The Web sites of 
Al-Jazeera and Madonna are among the thousands defaced during 
recent months.
http://www.net-security.org/news.php?id=2669


A NEW FIX FOR WIRELESS WOES?
Within months, federal agencies will reap the rewards of the 
growing wireless local-area network market, as major government 
contracts begin offering a new class of wireless network gear 
stamped with much-needed federal certification.
http://www.net-security.org/news.php?id=2671


DISA TESTS WIRELESS LAN PRODUCTS
In March, the Defense Information Systems Agency began evaluating 
various wireless local-area network products, such as access 
points, wireless switches and dedicated security software.
http://www.net-security.org/news.php?id=2672


MALWARE MYTHS AND MISINFORMATION PART ONE
Anti-virus and other industry security researchers are generally a 
knowledgeable and well-intentioned bunch, but the public voices 
of the industry are usually drawn not from the research community, 
but from the marketing department.
http://www.net-security.org/news.php?id=2673


ID HARVEST SCAM TARGETS AOL USERS
Scammers are sending out invitations targeted at AOL members 
asking them to click on a link, which states that recipients have 
seven unread email messages.
http://www.net-security.org/news.php?id=2674


CISCO TO UNVEIL SECURITY PRODUCTS
Lending new credence to the saying, "the more, the merrier," Cisco 
Systems plans to announce 14 security products and services on 
Tuesday.
http://www.net-security.org/news.php?id=2675


RELAX, IT WAS A HONEYPOT
A security company cleverly tricks hackers into compromising one 
of its distribution sites. Really.
http://www.net-security.org/news.php?id=2676


A SPY MACHINE OF DARPA'S DREAMS
A defense agency information-gathering project code-named 
LifeLog looks, to some national security experts and civil 
libertarians, like a successor to the controversial Total 
Information Awareness initiative.
http://www.net-security.org/news.php?id=2677


E-COMMERCE NEEDS IT OWN SECURITY NET
For many companies, the protection of brand, reputation and 
customers, is paramount. The importance of safeguarding these 
assets in the virtual world of the internet as it is offline.
http://www.net-security.org/news.php?id=2678


DESPITE U.S. EFFORTS, WEB CRIMES THRIVE
Here in his hometown, Michael is a respected computer programmer. 
In the United States, he's a wanted man.
http://www.net-security.org/news.php?id=2679


SECURITY BUDGETS ON THE UP
Purse-strings are loosening when it comes to IT security, in the 
financial services sector at least.
http://www.net-security.org/news.php?id=2680


I EXPECT IT WOULD GET BILL'S ATTENTION
Here it goes again. Microsoft Corp. made the front pages recently 
for yet another security bug, this time in its Passport 
authentication service.
http://www.net-security.org/news.php?id=2681


WLAN MANAGER'S DILEMMA
Wireless LANs solve two important problems for network managers. 
They reduce the cost of LAN infrastructure deployment and enhance 
client mobility. But they also introduce headaches of their own, 
especially when it comes to security and management.
http://www.net-security.org/news.php?id=2682


CONSUMERS STILL WARY OF ONLINE SECURITY
Even consumers with several years of experience online continue to 
cite security and privacy features as a key factor in the decision to 
spend online.
http://www.net-security.org/news.php?id=2684


CITRIX PLANS LINUX DUE TO WINDOWS' FEARS
Citrix has outlined plans to develop a Linux version of one of its 
key security products--because customers believe that using 
Windows servers for access systems exposes them to too many 
security risks.
http://www.net-security.org/news.php?id=2685


APPLICATION SECURITY - THE NEXT FRONTIER?
Last week Checkpoint confirmed that it is branching out into new 
areas, notably application security.
http://www.net-security.org/news.php?id=2686


MICROSOFT'S SCO LICENSING DEAL 'SNUBS LINUX'
An agreement to license Unix intellectual property from SCO Group 
is designed to feed the fear, uncertainty and doubt surrounding 
Linux, industry observers say.
http://www.net-security.org/news.php?id=2687


FIZZER VIRUS SECRETS REVEALED
The Fizzer virus - which caused havoc on P2P and chat networks - 
has been decompiled, revealing many of its secrets.
http://www.net-security.org/news.php?id=2688


AU SECURITY RESEARCHERS NEED LEGAL ADVICE: CERT
The technical head of CERT, Jeff Carpenter, says Australian 
researchers should familiarise themselves with copyright laws in 
the context of reverse engineering malicious code to avoid 
hassles with DMCA-like legislation.
http://www.net-security.org/news.php?id=2689


TESTERS ANGRY OVER SPAM-BLOCKING FEES
Claiming they helped build a service that was supposed to remain 
free, beta testers of Cloudmark's spam-blocking system are 
protesting the launch of the finished version, which costs 
$3.99 per month.
http://www.net-security.org/news.php?id=2690


YOU'VE GOT SPAM (VERY LIKELY FROM A HIJACKED COMPUTER)
The Flint Hill School, a preparatory academy in Oakton, Virginia, 
might seem an unlikely place to find an Internet spammer. But late 
last year, America Online traced a new torrent of spam, or 
unsolicited e-mail ads, to the school's computer network.
http://www.net-security.org/news.php?id=2691


VIRUS ATTACKS: HOME PC USERS MOST AT RISK
In Singapore, home users are the most vulnerable when computer 
viruses and worms are on a rampage.
http://www.net-security.org/news.php?id=2692


HOME NETWORK SECURITY
This document gives home users an overview of the security 
risks and countermeasures associated with Internet connectivity.
http://www.net-security.org/news.php?id=2693


ANTI-TERROR LAW USED AGAINST HACKERS, THIEVES
A Justice Department report card on the USA-PATRIOT Act 
reveals it's not just for terrorists anymore.
http://www.net-security.org/news.php?id=2696


PASSIVE NETWORK TRAFFIC ANALYSIS
This article will offer a brief overview of passive network 
monitoring, which can offer a thorough understanding of the 
network's topology: what services are available, what 
operating systems are in use, and what vulnerabilities 
may be exposed on the network.
http://www.net-security.org/news.php?id=2697


HOW SECURE IS WINDOWS SERVER 2003?
By all indications, Windows Server 2003 is engineered to be more 
secure than its predecessors. Or is it?
http://www.net-security.org/news.php?id=2698


HOW CAN WE STOP THE SPREAD OF WORMS?
Banning executable attachments is the first step, security 
expert says.
http://www.net-security.org/news.php?id=2699


PATCHING APACHE
The last thing anyone in the Apache community seems to want is to 
compromise its open-source roots and cause fragmentation of an 
extremely popular Web server. But most distributors also want to 
make money by fine-tuning it to run with their Linux distros.
http://www.net-security.org/news.php?id=2700


CYBERSECURITY AND YOU: FIVE TIPS EVERY CONSUMER SHOULD KNOW
It's no accident that the Bush administration's cybersecurity plan 
begins with an appeal to home users and small businesses, arguably 
the least computer security-conscious group of Internet users.
http://www.net-security.org/news.php?id=2701


SECURITY CONFERENCE FEATURES WEIRD AND WOEFUL PREDICTIONS
The good news: by 2010, computers should match the human brain in 
processing power. The bad news: by decade’s end, wireless-based 
viruses, hacking, and security breaches will be a major headache 
for IT administrators.
http://www.net-security.org/news.php?id=2702


MICROSOFT AND SYMANTEC GIVE SENATE RECIPES FOR FRYING SPAM
In a sign of the difficulty facing federal lawmakers as they craft 
antispam legislation, Microsoft Chairman Bill Gates and Symantec 
Corp. CEO John Thompson have offered starkly different plans 
for combating the problem.
http://www.net-security.org/news.php?id=2703


TRY TO PROTECT YOURSELF FROM IDENTITY THEFT
Recent news events have shed light on how easy it is for hackers to 
steal our identities and ruin our financial lives. Recently, federal 
authorities reported that they had cracked a ring responsible for 
the largest case of identity theft in U.S. history.
http://www.net-security.org/news.php?id=2704


UNWANTED E-MAIL
Security companies aim to perfect techniques to protect individual 
and corporate computer users.
http://www.net-security.org/news.php?id=2705


WIRELESS LAN ATTACKS EXPLAINED
This white paper outlines how hackers are exploiting vulnerabilities 
in 802.11 wireless LANs and the widely available wireless hacking 
tools that are used.
http://www.net-security.org/news.php?id=2707


PAYPAL SCAM RISES AGAIN
PayPal users are once again the targets of a hit-and-run e-mail 
scam aimed at conning them out of their personal and financial 
information.
http://www.net-security.org/news.php?id=2708


VIRUSES 101: U OF C TO TEACH SECRETS OF CYBERCRIME
Developing malicious software - viruses, worms and Trojan horses - 
will soon be part of the program for 16 students at the University 
of Calgary.
http://www.net-security.org/news.php?id=2709


WORKER VENGEANCE MAKES ITS WAY ONLINE
Furious that he'd been fired from the travel agency where he 
worked, James O'Brien hacked into his former employer's computer 
system and canceled 60 customers' airline tickets.
http://www.net-security.org/news.php?id=2710


CONGRESS SLAMS SPAM
A broad international effort is needed to stop the torrent of junk 
e-mail that threatens Internet commerce and correspondence.
http://www.net-security.org/news.php?id=2711


INSTALLING AND SECURING RED HAT LINUX
This article details the steps required to install Red Hat Linux 
on a production server.
http://www.net-security.org/news.php?id=2712

----------------------------------------------------------------




[ Vulnerabilities ]


All vulnerabilities are located here:
http://www.net-security.org/archive_vuln.php


----------------------------------------------------------------

Demarc PureSecure v1.6 Plaintext Password Vulnerability
http://www.net-security.org/vuln.php?id=2700


XMB 1.8 Partagium Cross Site Scripting Vulnerability
http://www.net-security.org/vuln.php?id=2699


PHP-Nuke Denial of Service and SQL Injection Vulnerabilities
http://www.net-security.org/vuln.php?id=2698


PHP-Nuke PHP-Banner-Exchange Module Path 
Disclosure Vulnerability
http://www.net-security.org/vuln.php?id=2697


BadBlue Remote Administrative Interface Access Vulnerability
http://www.net-security.org/vuln.php?id=2696


Blackmoon FTP Server Cleartext Passwords and 
User Enumeration Vulnerabilities
http://www.net-security.org/vuln.php?id=2695


ttForum and ttCMS SQL Injection Vulnerabilities
http://www.net-security.org/vuln.php?id=2694


CesarFTP Plaintext Passwords Vulnerability
http://www.net-security.org/vuln.php?id=2693


Snowblind Web Server Multiple Vulnerabilities
http://www.net-security.org/vuln.php?id=2692


ttCMS Remote Code Execution Vulnerability
http://www.net-security.org/vuln.php?id=2691


PHP-Nuke Statistics Module Code Injection Vulnerability
http://www.net-security.org/vuln.php?id=2690


MailMax Buffer Overflow Vulnerability
http://www.net-security.org/vuln.php?id=2689

----------------------------------------------------------------




[ Advisories ]


All advisories are located at:
http://www.net-security.org/archive_advi.php


----------------------------------------------------------------

Mandrake Linux Security Update Advisory - gnupg
http://www.net-security.org/advisory.php?id=2056


Slackware Security Advisory - quotacheck security 
fix in rc.M (revised)
http://www.net-security.org/advisory.php?id=2055


Slackware Security Advisory - quotacheck security fix in rc.M
http://www.net-security.org/advisory.php?id=2054


Slackware Security Advisory - mod_ssl RSA blinding fixes
http://www.net-security.org/advisory.php?id=2053


Slackware Security Advisory - GnuPG key validation fix
http://www.net-security.org/advisory.php?id=2052


Slackware Security Advisory - glibc XDR overflow fix
http://www.net-security.org/advisory.php?id=2051


Slackware Security Advisory - BitchX security fixes
http://www.net-security.org/advisory.php?id=2050


Slackware Security Advisory - EPIC4 security fixes
http://www.net-security.org/advisory.php?id=2049


Mandrake Linux Security Update Advisory - LPRng
http://www.net-security.org/advisory.php?id=2048


Mandrake Linux Security Update Advisory - lpr
http://www.net-security.org/advisory.php?id=2047


Conectiva Linux Security Announcement -bugzilla
http://www.net-security.org/advisory.php?id=2046


Mandrake Linux Security Update Advisory - cdrecord (update)
http://www.net-security.org/advisory.php?id=2045


Red Hat Security Advisory - Updated gnupg packages 
fix validation bug
http://www.net-security.org/advisory.php?id=2044


Guardian Digital Security Advisory - swatch incorrect 
value in default configuration
http://www.net-security.org/advisory.php?id=2043


SGI Security Advisory - Security Vulnerabilities in 
MediaBase Apache and PHP
http://www.net-security.org/advisory.php?id=2042


Gentoo Linux Security Announcement - xinetd
http://www.net-security.org/advisory.php?id=2041


Gentoo Linux Security Announcement - lv
http://www.net-security.org/advisory.php?id=2040


Debian Security Advisory - New BitchX packages fix 
DoS and arbitrary code execution
http://www.net-security.org/advisory.php?id=2039


OpenPKG Security Advisory - gnupg
http://www.net-security.org/advisory.php?id=2038

----------------------------------------------------------------




[ Featured articles ]


All articles are located at:
http://www.net-security.org/articles_main.php

Articles can be contributed to staff@net-security.org


----------------------------------------------------------------

INFOSECURITY EUROPE A HIGHLY SUCCESSFUL EVENT
Neil Stinchcombe, public relations contact for this year's 
Infosecurity Europe, dropped us an e-mail with some of the 
statistics on this highly successful event. I've also added 
couple of quotes from the executives that presented their 
companies during the convention.
http://www.net-security.org/article.php?id=492


BASEL II: EVERYONE IS IN THE RISK BUSINESS NOW
Managing risk used to be straightforward process, but all that is 
about to change for the world's central banks and their IT 
departments.
http://net-security.org/article.php?id=493


INTERVIEW WITH DAVE WRESKI
The founder and CEO of Guardian Digital talks about his company, 
computer security and Linux in general.
http://www.net-security.org/article.php?id=494


PALYH WORM PROBLEMS COULD EASILY HAVE BEEN AVOIDED
One frequently ignored aspect of corporate antivirus protection is 
the built-in file filtering facilities that such protection normally
includes, and which represents a fundamental feature in mail 
server antivirus solutions.
http://net-security.org/article.php?id=495

----------------------------------------------------------------




[ Reviews ]


All reviews are located at: 
http://www.net-security.org/reviews.php 


----------------------------------------------------------------

TCP/IP BIBLE
There are tons of books about TCP/IP - some deal with network 
implementation issues, some with applications, others are about 
security implications, and still further you can find books on 
protocol theory and protocol analysis. This book gives you an 
overview, a starting point on everything there is to know 
about TCP/IP.
http://www.net-security.org/review.php?id=66


CCIE SECURITY EXAM CERTIFICATION GUIDE
The information compressed in this book surely isn't enough to pass 
the test without any problems, but it provides a notable quantity 
of knowledge, which will come quite useful during this two-hour 
written exam.
http://www.net-security.org/review.php?id=67


IPSEC SECOND EDITION
IPSec is short for IP Security, a set of protocols developed by the 
Internet Engineering Task Force, is used to secure exchange of 
packets at the IP layer. If you're interested in the subject than 
you'll be glad to know that the second edition of IPSec is out. 
What does this edition deliver? Read on to find out.
http://www.net-security.org/review.php?id=68

----------------------------------------------------------------




[ Security world ]


All press releases are located at:
http://www.net-security.org/press_main.php


----------------------------------------------------------------

Tumbleweed Releases Anti-Spam Service Built for Business
http://www.net-security.org/press.php?id=1429


Royal College of General Practitioners Chooses Trustix Linux 
Solutions to Help Keep GPs Informed
http://www.net-security.org/press.php?id=1428


Cisco Extends Leadership in Integrated Network Security
http://www.net-security.org/press.php?id=1427


Matrix Hacking – A Slice of Reality in a World of Make Believe
http://www.net-security.org/press.php?id=1426


Sophos Offers Free Web Updates To Protect Journalists 
From Computer Viruses
http://www.net-security.org/press.php?id=1425


Intrusion Inc. Doubles Performance of Two Most Popular IDS Sensors
http://www.net-security.org/press.php?id=1424


PC-Duo Enterprise Remote Control v8 Provides Flexible Encryption
http://www.net-security.org/press.php?id=1423


Taicom Chooses SSH Communications Security to 
Secure its VPN Router Series
http://www.net-security.org/press.php?id=1422


Neoteris Delivers Instant Secure Application Access To SAS For 
Mobile Consultants, Partners And Employees Throughout EMEA
http://www.net-security.org/press.php?id=1421

----------------------------------------------------------------




[ Security Software ]


Windows software is located at:
http://net-security.org/software_main.php?cat=1

Linux software is located at:
http://net-security.org/software_main.php?cat=2


----------------------------------------------------------------

ELFPGP 0.1.5
elfpgp signs an ELF binary (executable or library) by using 
standard PGP/GnuPG keys. It also allows for verification of 
said signatures.
http://www.net-security.org/software.php?id=489


DROPBEAR SSH SERVER 0.32
Dropbear is an SSH 2 server, designed to be usable in 
small memory environments.
http://www.net-security.org/software.php?id=490

----------------------------------------------------------------




[ Virus News ]


All virus news are located at: 
http://www.net-security.org/viruses.php 


----------------------------------------------------------------

Weeky Virus Report - Palyh, Petik, Melare and Redisto Worms
http://www.net-security.org/virus_news.php?id=240


Trojan Uses Internet Explorer "Exploit.SelfExecHtml" Vulnerability
http://www.net-security.org/virus_news.php?id=239


Sobig.B Worm is Spreading at an Alarming Rate
http://www.net-security.org/virus_news.php?id=238


The Palyh Worm Appears as A Communique From Microsoft
http://www.net-security.org/virus_news.php?id=237


Palyh Worm Disguised as Microsoft Email
http://www.net-security.org/virus_news.php?id=236

----------------------------------------------------------------

Questions, contributions, comments or ideas go to:
 
Help Net Security staff
staff@net-security.org
http://net-security.org

----------------------

Subscribe to this weekly digest on:
http://www.net-security.org/subscribe.php

Unsubscribe by sending the e-mail address you are subscribed
with to: info@net-security.org with UNSUBSCRIBE in the message body.

The archive of the newsletter in TXT and PDF format is available 
http://www.net-security.org/newsletter_archive.php


-----------------------------------------------------------------
SECURITY INCIDENT ALERT
-----------------------------------------------------------------
Check your Web servers, FTP servers, Mail servers , DNS servers,
firewalls, IDS systems, switchers and routers for over 900 up to 
date vulnerabilities. Secure your critical assets today!

FREE System Security Test and Detailed Report
http://www.net-security.org/lm/ads/ads.pl?banner=scannerx1
-----------------------------------------------------------------