HNS Newsletter
Issue 173 - 04.08.2003.
http://net-security.org

This is a newsletter delivered to you by Help Net Security. It 
covers weekly roundups of security events that were in the 
news the past week. Visit Help Net Security for the latest 
security news - http://net-security.org.


----------------------------------------------------------------
ALERT: How a Hacker Launches a SQL Injection Attack
----------------------------------------------------------------
It's as simple as placing additional SQL commands into an input 
box on a web form giving hackers complete access to all your 
backend data!

Firewalls and IDS will not stop SQL Injection attempts because 
they are NOT seen as intrusions.

Download this *FREE* white paper from SPI Dynamics for a 
complete guide to protection!
----------------------------------------------------------------
http://www.spidynamics.com/mktg/sqlinjection56
----------------------------------------------------------------


Table of contents:
 
1) Security news
2) Vulnerabilities
3) Advisories
4) Articles
5) Security world
6) Virus news


[ Security news ]

 
----------------------------------------------------------------

HOW TO TELL IF THE RIAA WANTS YOU
A new database created by the Electronic Freedom Foundation 
helps file traders find out whether they've been issued a 
subpoena from the Recording Industry Association of America.
http://www.net-security.org/news.php?id=3212


DO SECURITY COMPANIES CREATE MONSTERS?
Security software companies "try to create a need for [vendor 
solutions]," says Frost & Sullivan security analyst Jason Wright. 
"That's how capitalism works." But do some go too far?
http://www.net-security.org/news.php?id=3213


JAPAN CANCELS NATIONAL HACKING CONTEST
Japan canceled a national computer-hacking contest scheduled 
for next month after the government came under fire as 
encouraging cybercrime, a government official said Friday.
http://www.net-security.org/news.php?id=3214


KEYSER SOZE'S UNOFFICIAL XP SECURITY PACK 1.002
Keyser Soze's Unofficial XP Security Pack comprises of 90% 
security hotfixes & 10% critical hotfixes.
http://www.net-security.org/news.php?id=3215


DEFENDING YOUR SITE AGAINST SPAM, PART 2
This article is the second and final installment describing my 
efforts to defend my systems from spam.
http://www.net-security.org/news.php?id=3216


VERIZON GLITCH FIX
After months, Verizon Wireless finally fixed a glitch on its 
network that could have allowed hackers to harvest lists 
of customers' phone numbers and read private text 
messages. Unfortunately, the fix created another problem.
http://www.net-security.org/news.php?id=3217


HP, IBM, SUN TO UNVEIL SERVER SECURITY INITIATIVE
Hewlett-Packard, IBM, and Sun Microsystems are allying with 
three security providers to announce an open standards 
initiative for safe computing on Aug. 5.
http://www.net-security.org/news.php?id=3218


COMPANIES LACK IT SECURITY FUNDING
The Ernst & Young Global Information Security Survey has 
found that 90% of organisations define protecting their 
information resources as a major business objective, but 
that this area is not allocated the appropriate funding.
http://www.net-security.org/news.php?id=3220


FIREWALL EVOLUTION - DEEP PACKET INSPECTION
Deep Packet Inspection can be seen as the integration of 
Intrusion Detection (IDS) and Intrusion Prevention (IPS) 
capabilities with traditional stateful firewall technology.
http://www.net-security.org/news.php?id=3221


SECURITY PROS TALK, BUT CAN THEY WALK?
The past two weeks have been typical of the current state
of Internet security: Industry and government leaders say 
they're focused on improving security while flaws continue 
to be found and exploited.
http://www.net-security.org/news.php?id=3222


TRUSTE, IAPP JOIN FOR CORPORATE PRIVACY PUSH
Two prominent privacy organizations today announced a 
partnership to jointly deliver privacy-related education, 
training and certification programs for companies.
http://www.net-security.org/news.php?id=3223


THE LEAKY NET - PRIVACY ON THE INTERNET?
In everyday life, with a few simple precautions, you can keep 
your personal details private.
http://www.net-security.org/news.php?id=3224


SACKED STAFF TURN TO SABOTAGE
Failure to revoke access to corporate networks could 
prove very costly.
http://www.net-security.org/news.php?id=3225


FBI TARGETS NET PHONING
Internet telephone calls are fast becoming a national security 
threat that must be countered with new police wiretap rules, 
according to an FBI proposal presented quietly to regulators 
this month.
http://www.net-security.org/news.php?id=3226


BUILD A WIRELESS ACCESS POINT ON LINUX
When the ability to write and modify your own management software 
is the main objective, a custom-built wireless access point is the 
way to go. Take a look at what's involved in building a wireless 
bridge using Linux, including software and hardware considerations.
http://www.net-security.org/news.php?id=3227


SECRET NETWORKS PROTECT MUSIC SWAPPERS
They are the country clubs of the file-sharing world, exclusive 
Internet networks that require knowing the right people and 
having a wealth of content on your hard disk to get into 
the clique.
http://www.net-security.org/news.php?id=3228


SETTING UP FOR FORENSICS
The goal of this article is is to create a CD-ROM of forensic tools 
and databases for use with your systems, and also outline some 
methods to collect forensic evidence from hacked production 
systems.
http://www.net-security.org/news.php?id=3229


SPAM DUMPSTER DIVING
Anti spam activists struck gold this week when they found a 
website, which contains thousands of zipfiles, left behind by 
or nicked from a spammer. Nearly a gigabyte of email 
addresses, unzipped.
http://www.net-security.org/news.php?id=3230


STUDY: BAD SECURITY FLAWS DON'T DIE
A study of Internet security flaws showed that for serious issues, 
half of vulnerable systems remain unfixed after 30 days.
http://www.net-security.org/news.php?id=3231


WIRELESS LAN SECURITY FALLS SHORT OF EXPECTATIONS
Security is still the number one inhibitor to enterprise adoption 
of wireless LAN technologies.
http://www.net-security.org/news.php?id=3232


I'M WORKING FOR THE FBI, CLAIMS ACCUSED HACKER
Self-styled grey hat hacker Jesse Tuttle is fighting charges that 
he broke into his local council's computer network with a claim 
that he only did it as part of his work with the FBI.
http://www.net-security.org/news.php?id=3233


ZIMMERMANN: PUBLIC TOO SLOW TO ADOPT ENCRYPTION
The reported use of encryption by terrorists has not shaken Philip 
Zimmermann’s faith in having strong encryption in the hands
of the public.
http://www.net-security.org/news.php?id=3234


GOOGLE OPENS DOOR TO HACKERS
Hackers no longer even need to visit a website to attack it, 
instead they are using information from pages cached by 
popular search engine Google according to a report in 
the New Scientist.
http://www.net-security.org/news.php?id=3235


EXPERTS ANXIOUS OVER POSSIBLE NET ATTACK
Government and industry experts are increasingly concerned 
about brewing hacker activity they consider a precursor to a 
broad Internet attack that will target a serious flaw in 
Windows software from Microsoft.
http://www.net-security.org/news.php?id=3236


INTEL LOCKS UP DEAL FOR SECURE PCS
Intel has signed a deal to integrate security software into 
motherboards that will be used in business computers, part 
of a larger industry effort to improve security.
http://www.net-security.org/news.php?id=3238


HOAX E-MAIL MAY BE WORSE FOR BUSINESS THAN VIRUSES
“Hoax e-mails are a major headache for IT departments,” said
Chris Belthoff, senior security analyst at Sophos. “They're more
insidious; they prey upon weaknesses of the end-user; they 
panic employees over non-existent viruses.”
http://www.net-security.org/news.php?id=3239


FED: CYBERTERROR FEARS MISSED REAL THREAT
When airliners crashed into the World Trade Center and the Pentagon 
on September 11th, 2001, the nature of the attack took America's 
defenders by surprise. They were expecting hackers.
http://www.net-security.org/news.php?id=3240


APEC FURTHERS PLANS TO COMBAT CYBERCRIME
Greater use of the Internet has become a boon for cybercriminals.
http://www.net-security.org/news.php?id=3241


GOVERNMENT SECURITY: STORMY ON SEVERAL FRONTS
The number of different IT issues facing our government—from
ID-theft to intrusion detection—would challenge even the most
capable corporate information officer.
http://www.net-security.org/news.php?id=3243


SERVICES FROM A SECURITY POINT OF VIEW
In this article, we'll go over each of the most commonly used 
Internet services, briefly examining each for their weaknesses 
and abuse potential.
http://www.net-security.org/news.php?id=3244


BLACK HAT PUTS HACKER ON MOCK TRIAL
A raucous conference crowd heard real-life attorneys battle over 
a hacker's guilt in a mock trial held to illustrate how slippery 
electronic evidence can be in computer crime cases.
http://www.net-security.org/news.php?id=3245


COULD CRACKERS STEAL THE 2004 ELECTION?
A report by the Information Security Institute at Johns Hopkins 
University says the touch-screen machines are Swiss cheese —
full of holes — for hackers. “Common voters, without any insider
privileges, can cast unlimited votes without being detected,”
the report claims.
http://www.net-security.org/news.php?id=3246

----------------------------------------------------------------




[ Vulnerabilities ]


All vulnerabilities are located here:
http://www.net-security.org/archive_vuln.php


----------------------------------------------------------------

Cdrtools Local Root Compromise Vulnerability
http://www.net-security.org/vuln.php?id=2861


RAV ActiveX ravupdt.dll Buffer Overflow Vulnerability
http://www.net-security.org/vuln.php?id=2860


Half-Life Servers Remote Buffer Overflow and 
Denial of Service Vulnerabilities
http://www.net-security.org/vuln.php?id=2859


Wu-Ftpd fb_realpath() Off-By-One Vulnerability
http://www.net-security.org/vuln.php?id=2858


ePolicy Orchestrator Multiple Vulnerabilities
http://www.net-security.org/vuln.php?id=2857


man-db Multiple Buffer Overflow Vulnerabilities
http://www.net-security.org/vuln.php?id=2856


Half-Life Client Buffer Overflow Vulnerability
http://www.net-security.org/vuln.php?id=2855


GameSpy Arcade Arbitrary File Writing Vulnerability
http://www.net-security.org/vuln.php?id=2854


Oracle Extproc Buffer Overflow Vulnerability
http://www.net-security.org/vuln.php?id=2853


Sun Solaris Runtime Linker Buffer Overflow Vulnerability
http://www.net-security.org/vuln.php?id=2852


Cisco Aironet AP1100 Valid Account Disclosure Vulnerability
http://www.net-security.org/vuln.php?id=2851


Cisco Aironet AP 1100 Malformed HTTP Request 
Crash Vulnerability
http://www.net-security.org/vuln.php?id=2850


PBLang Cross Site Scripting Vulnerability
http://www.net-security.org/vuln.php?id=2849


Gallery Cross Site Scripting Vulnerability
http://www.net-security.org/vuln.php?id=2848

----------------------------------------------------------------




[ Advisories ]


All advisories are located at:
http://www.net-security.org/archive_advi.php


----------------------------------------------------------------

Debian Security Advisory - New mindi packages fix insecure 
temporary file creation
http://www.net-security.org/advisory.php?id=2320


Netfilter Core Team Security Advisory - Netfilter / NAT Remote DoS
http://www.net-security.org/advisory.php?id=2319


Debian Security Advisory - New kdelibs packages 
fix several vulnerabilities
http://www.net-security.org/advisory.php?id=2318


Slackware Security Advisory - KDE packages updated
http://www.net-security.org/advisory.php?id=2317


Novell Security Advisory - GroupWise (Wireless) WebAccess 
6.5 Log Info Leak
http://www.net-security.org/advisory.php?id=2316


Conectiva Linux Security Announcement - wu-ftpd
http://www.net-security.org/advisory.php?id=2315


Debian Security Advisory - New xfstt packages fix 
several vulnerabilities
http://www.net-security.org/advisory.php?id=2314


Cisco Security Notice - Data Leak in UDP Echo Service
http://www.net-security.org/advisory.php?id=2313


CERT Advisory CA-2003-19 - Exploitation of Vulnerabilities 
in Microsoft RPC
http://www.net-security.org/advisory.php?id=2312


Debian Security Advisory - New kernel source and i386, 
alpha kernel images fix multiple vulnerabilities
http://www.net-security.org/advisory.php?id=2311


Debian Security Advisory - New atari800 packages 
fix buffer overflows
http://www.net-security.org/advisory.php?id=2310


Debian Security Advisory - New wu-ftpd packages 
fix buffer overflow
http://www.net-security.org/advisory.php?id=2309


Mandrake Linux Security Update Advisory - wu-ftpd
http://www.net-security.org/advisory.php?id=2308


SuSE Security Announcement - wuftpd
http://www.net-security.org/advisory.php?id=2307


HP Security Advisory - (OpenVMS) Local or remote 
users may obtain OpenSSL encryption key
http://www.net-security.org/advisory.php?id=2306


Red Hat Security Advisory - Updated wu-ftpd packages 
fix remote vulnerability
http://www.net-security.org/advisory.php?id=2305


Mandrake Linux Security Update Advisory - kdelibs
http://www.net-security.org/advisory.php?id=2304


NetScreen Security Advisory - Potential Denial of 
Service of Security Device
http://www.net-security.org/advisory.php?id=2303


KDE Security Advisory - Konqueror Referrer Authentication Leak
http://www.net-security.org/advisory.php?id=2302

Debian Security Advisory - New xtokkaetama packages 
fix buffer overflows
http://www.net-security.org/advisory.php?id=2301


Debian Security Advisory - New gallery packages fix 
cross-site scripting
http://www.net-security.org/advisory.php?id=2300


SOT Linux Security Advisory - Updated openssh package 
for SOT Linux 2003
http://www.net-security.org/advisory.php?id=2299


Turbolinux Security Announcement - Konqueror Referer 
Leaking Website Authentication Credentials
http://www.net-security.org/advisory.php?id=2298


Debian Security Advisory - New xconq packages fix 
buffer overflows
http://www.net-security.org/advisory.php?id=2297


SGI Security Advisory - IRIX nsd server and modules 
mishandle AUTH_UNIX gid list
http://www.net-security.org/advisory.php?id=2296


Conectiva Linux Security Announcement - perl
http://www.net-security.org/advisory.php?id=2295


Red Hat Security Advisory - Updated openssh packages available
http://www.net-security.org/advisory.php?id=2294


Debian Security Advisory - New sup packages fix insecure 
temporary file creation
http://www.net-security.org/advisory.php?id=2293


SOT Linux Security Advisory - Updated nfs-utils package 
for SOT Linux 2003
http://www.net-security.org/advisory.php?id=2292


Conectiva Linux Security Announcement - mnogosearch
http://www.net-security.org/advisory.php?id=2291


Cisco Security Advisory - HTTP GET Vulnerability in AP1x00
http://www.net-security.org/advisory.php?id=2290

----------------------------------------------------------------




[ Featured articles ]


All articles are located at:
http://www.net-security.org/articles_main.php

Articles can be contributed to staff@net-security.org


----------------------------------------------------------------

STOLEN PDAS PROVIDE OPEN DOOR TO CORPORATE NETWORKS
The PDA Usage Survey 2003 has found that PDA owners commonly 
download the entire contents of their personal and business lives 
onto their handheld computers - with many leaving the information 
unencrypted and without password protection.
http://www.net-security.org/article.php?id=533


COMPUTER FORENSICS AND THE ALTERNATIVE OS
No longer a dark and mysterious process, computer forensics have 
been significantly on the scene for more than five years now. 
Despite this, they have only recently gained the notoriety they 
deserve. Expanded consciousness has also brought along the 
inevitable rise in self-proclaimed "experts" in the field of 
computer forensics.
http://www.net-security.org/article.php?id=532


INTERVIEW WITH MICHAEL JANG
The author of "Mastering Red Hat Linux 9" talks about his 
book, security and Linux in general.
http://www.net-security.org/article.php?id=531

----------------------------------------------------------------




[ Security world ]


All press releases are located at:
http://www.net-security.org/press_main.php


----------------------------------------------------------------

(ISC)2 Unveils Worldwide Academic Partnership Program
http://www.net-security.org/press.php?id=1564


Brevard County Florida Installs bioLock From Realtime 
To Provide Security to US Spacecoast
http://www.net-security.org/press.php?id=1563


Remote Assessment Rocks the Information Security 
Industry by Combining Artificial Intelligence With 
Proven Vulnerability Assessments
http://www.net-security.org/press.php?id=1562


Network Associates Security Solutions Available for Sale 
on eBay With Launch of the McAfee Security Zone
http://www.net-security.org/press.php?id=1561


CryptCOM Secures Innovative New E-Commerce and 
Remote Backup Services with RSA Security Technology
http://www.net-security.org/press.php?id=1560


Fiberlink and Neoteris Join Forces to Deliver a 
Complete Managed SSL Solution
http://www.net-security.org/press.php?id=1559


Sophos Extends Virus Protection To Cover Exchange 2003 Servers
http://www.net-security.org/press.php?id=1558

----------------------------------------------------------------




[ Virus News ]


All virus news are located at: 
http://www.net-security.org/viruses.php 


----------------------------------------------------------------

Central Command Warns of a MiMail.A Worm
http://www.net-security.org/virus_news.php?id=281


Weekly Virus Report - Numan, Enegg and Lerok Worms
http://www.net-security.org/virus_news.php?id=280


Central Command: Top 12 Viruses For July 2003
http://www.net-security.org/virus_news.php?id=279


Sophos: Top 10 Viruses and Hoaxes in July 2003
http://www.net-security.org/virus_news.php?id=278


Panda Antivirus ASP Beta Version Announced
http://www.net-security.org/virus_news.php?id=277

----------------------------------------------------------------

Questions, contributions, comments or ideas go to:
 
Help Net Security staff
staff@net-security.org
http://net-security.org

----------------------

Subscribe to this weekly digest on:
http://www.net-security.org/subscribe.php

Unsubscribe by sending the e-mail address you are subscribed
with to: info@net-security.org with UNSUBSCRIBE in the message body.

The archive of the newsletter in TXT and PDF format is available 
http://www.net-security.org/newsletter_archive.php


----------------------------------------------------------------
ALERT: How a Hacker Launches a SQL Injection Attack
----------------------------------------------------------------
It's as simple as placing additional SQL commands into an input 
box on a web form giving hackers complete access to all your 
backend data!

Firewalls and IDS will not stop SQL Injection attempts because 
they are NOT seen as intrusions.

Download this *FREE* white paper from SPI Dynamics for a 
complete guide to protection!
----------------------------------------------------------------
http://www.spidynamics.com/mktg/sqlinjection56
----------------------------------------------------------------