HNS NewsletterIssue 268 - 06.06.2005.http://net-security.orgThis is a newsletter delivered to you by Help Net Security. Itcovers weekly roundups of security events that were in thenews the past week.----------------------------------------------------------------INFOSECURITY CANADA----------------------------------------------------------------Infosecurity Canada, taking place June 14-16, 2005 at theMetro Toronto Convention Centre, brings together professionalsinterested in IT security with suppliers of security productsand solutions. It offers attendees a comprehensive conferenceprogram, coupled with an exhibition floor occupied by leadingcompanies, where they can thoroughly evaluate solutionsavailable to them.----------------------------------------------------------------http://net-security.org/v/infosecurity----------------------------------------------------------------


Table of contents:1) Security news2) Vulnerabilities3) Advisories4) Articles5) Software6) Webcasts7) Conferences8) Security World9) Virus News[ Security news ]----------------------------------------------------------------MANAGING IM AND E-MAIL THREATS IN THE WORKPLACEUnmanaged instant messaging is becoming a major problem in theworkplace, security experts warn. According to Francis Costello,chief marketing officer for Akonix Systems, a provider of software tomanage instant messaging and e-mail, 80 to 90 percent of all companieshave some instant messaging in use by employees.http://www.net-security.org/news.php?id=7910FEDS TAKE AIM AT SPYWARE, BUT IT ISN'T OPTIMISTICMany purveyors of spam are beyond the reach of two proposed laws,tech pros say.http://www.net-security.org/news.php?id=7911HYBRID WORM WAVE OF THE FUTUREA new worm that hit users this week is a perfect example of thefuture of malicious code, said Panda Software. And that future looksominous.http://www.net-security.org/news.php?id=7912BIG BROTHER TRIES TO MUSCLE ISPSThe Bush administration asked a federal appeals court Friday torestore its ability to compel Internet service providers to turn overinformation about their customers or subscribers as part of its fightagainst terrorism.http://www.net-security.org/news.php?id=7913OVISLINK RS-1000 SECURITY GATEWAY REVIEWEDThe appliance focuses purely on broadband security so wirelessnetworking is not on the menu which is a pity considering the price.http://www.net-security.org/news.php?id=7914SECURITY BEST PRACTICESCentralization, automation, problem prioritization--many IT-securityprofessionals are embracing those concepts as they fight off thenever-ending onslaught of threats.http://www.net-security.org/news.php?id=7915CRIMINAL INTENT: WHAT, ME WORRY?How much cybercrime simply goes undetected?http://www.net-security.org/news.php?id=7916US BIOMETRIC ID REQUEST RAISES ID CONCERN IN UKThe UK government plans to issue its ID card as a passport withbiometric identifiers stored in a chip Ð and the US wants those chipsto be compatible with its own scanners, raising the possibility thatUS agencies could have access to the ID Card database.http://www.net-security.org/news.php?id=7917FIREWALLS AND WORMSSome of the activity that worms/viruses can cause may not be caughtby anti-virus software.http://www.net-security.org/news.php?id=7918DHS FALLS SHORT ON CYBERDUTIESThe Department of Homeland Security has failed to fulfill thecybersecurity responsibilities it has been assigned since itscreation in January 2003, according to a government report releasedlast week.http://www.net-security.org/news.php?id=7919FINDING SECURITY IN A WIRELESS WORLDAs WLANs continue to rapidly proliferate, the technology is scarcelydiscussed without mention of security concerns.http://www.net-security.org/news.php?id=7920IBM UNVEILS NEW PRIVACY TECHNOLOGYDB2 Anonymous Resolution enables selected data sharing.http://www.net-security.org/news.php?id=7921HARDWARE SECURITY SCHEME WORKS AT NET INFRASTRUCTURETwo small networking companies are collaborating on a new concept fornetwork security.http://www.net-security.org/news.php?id=7922MIDEAST INCREASINGLY AT RISK FROM CYBER-CRIMEAlmost halfway through 2005 and it already seems as though this yearwill far surpass 2004 as the worst year on record for globalcyber-crime.http://www.net-security.org/news.php?id=7923INFRARED MEETS SPEED AND SECURITY NEEDSBluetooth and its ilk may be making the news, but there is analternative, and in the battle for wireless networks the short-rangeoption may prove to be the victor.http://www.net-security.org/news.php?id=7924SUPPORTING ISA FIREWALL NETWORKS PROTECTING ILLEGAL TOP-LEVEL DOMAINSOf all the issues in ISA firewall networking, the one that mostcommonly gets people hot under the collar is that of the split DNS.http://www.net-security.org/news.php?id=7925INVESTMENT BANK UBS: ONE OF OUR DISC DRIVES IS MISSINGInvestment bank UBS has launched an investigation after a discreckoned to contain sensitive client data went missing.http://www.net-security.org/news.php?id=7926FBI VETERAN TO SECURE MICROSOFTExpert to face uphill struggle?http://www.net-security.org/news.php?id=7927HP STAKES BID TO DOMINATE ID MARKETHP last week made a grab for a bigger slice of the lucrative identitymarket with the release of a National Identity System (NIS) based onMicrosoft's .NET platform.http://www.net-security.org/news.php?id=7928LONDON COUPLE ARRESTED FOR ROLE IN LARGE-SCALE INDUSTRIAL ESPIONAGEAccording to several media reports, Israeli police have revealedtheir findings of a large-scale industrial espionage scandal.http://www.net-security.org/news.php?id=7929NEC DELAYS QUANTUM CRYPTOGRAPHY SYSTEMCompany hoped to sell the technology later this year, but delayed itfor at least three years.http://www.net-security.org/news.php?id=7930ISRAELI POLICE UNCOVER TROJAN INDUSTRIAL SPY RINGThe malware was allegedly used to steal corporate secrets.http://www.net-security.org/news.php?id=7931BLANK VIRUS BLANKS EMAILA new version of the Bagle Downloader is spreading like wildfire viaemail, according to email filtering firm MessageLabs.http://www.net-security.org/news.php?id=7932EMPLOYEE TRAINING & EDUCATION CAN MITIGATE THREATSSecurity isnÕt only about protecting your network from externalthreats; itÕs also about protecting against threats from within.http://www.net-security.org/news.php?id=7933SPAM HURTS DEVELOPING COUNTRIES MOST, OECD SAYSUnderdeveloped nations lack technology, money and knowledge to stopunwanted e-mail.http://www.net-security.org/news.php?id=7934AN INTRODUCTION TO SECURING LINUX WITH APACHE, PROFTPD AND SAMBAMany machines come with default installations of Apache and Samba,and a few others even include a FTP daemon. While these services maybe disabled by default, some users may be inclined to use theseprograms. This article is a brief, but in-depth tutorial on how tokeep these applications up-to-date and secure.http://www.net-security.org/news.php?id=7935FEDERAL AGENCIES TO USE RFID, BUT CITE SECURITY CONCERNSThirteen of the largest federal agencies are using or plan to useradio-frequency identification technology, according to a studyreleased last week by the Government Accountability Office.http://www.net-security.org/news.php?id=7936DETERRENCE MUST BE THE KEY TO AVOIDING DDOS ATTACKSComputing talks to the corporate victims of a malicious distributeddenial of service attack.http://www.net-security.org/news.php?id=7937NETWORK SECURITY REVENUES TO RISE 27% TO $1.3 BILLIONInfonetics says revenues rose 5% in first quarter, will growh 15% peryear between 2004 and 2008.http://www.net-security.org/news.php?id=7938NEW MYTOB WORM POSES AS IT ADMINISTRATORAnother variant of the Mytob worm began wiggling its way into inboxesthis week, enticing recipients to open an e-mail attachment that couldallow a remote hacker to access and perform commands on an infectedmachine.http://www.net-security.org/news.php?id=7939COLLEGES REJECT APPLICANTS WHO FOLLOWED HACKING INSTRUCTIONSStanford University's Graduate School of Business has rejected 41applicants who tried to access an admissions Web site earlier thisyear in hopes of learning their fate ahead of schedule.http://www.net-security.org/news.php?id=7940NEW BILL PROPOSES 10-YEAR SENTENCE FOR ONLINE FRAUDHome Office gets tough on phishing.http://www.net-security.org/news.php?id=7941EUROPE PCS MOST USED IN ATTACKSEuropean computers are the most susceptible to exploitation byhackers looking to carry out distributed denial of service (DDoS)attacks on internet businesses, according to two reports releasedlast week.http://www.net-security.org/news.php?id=7942BAGLE VIRUS PERIL IN EMPTY E-MAILAnother variant of the computer virus, Bagle, has quickly been makingits way across the net, say security experts.http://www.net-security.org/news.php?id=7943M-COMMERCE SECURITY RISKS EXPOSEDVulnerabilities in mobile applications offer a way to attackotherwise secure web sites, according to independent securityconsultancy SecureTest.http://www.net-security.org/news.php?id=7944TIME TO BLOW SPYWARE'S COVERThe need for systems and processes that root out spyware is becomingacute.http://www.net-security.org/news.php?id=7945TAKING THE SPAM FIGHT BEYOND MESSAGE DEFLECTIONAppRiver, Habeas, OmniTI tools protect e-mail senders and recipients.http://www.net-security.org/news.php?id=7946COMPANIES TAKE TO THE SECURITY WARPATHEric Litt, chief information security officer at General Motors,calls it "management by inclusion".http://www.net-security.org/news.php?id=7947KEYBOARD COPSForget leaving fingerprints at the scene of the crime. Today's policeknow that the hard evidence they find on your hard drive can put youbehind bars.http://www.net-security.org/news.php?id=7948HOW SAVVY ARE YOU ABOUT YOUR ONLINE SECURITY?U.S. residents are "dangerously ignorant" of the data that Web siteowners collect on them, a study shows.http://www.net-security.org/news.php?id=7949WHY YOUR SECURITY INVESTIGATION IS GOING TO FAILWalking in to a business and finding the smoldering corpse of amishandled security investigation seems to be all too common lately.http://www.net-security.org/news.php?id=7950THE ART OF SELLING SECURITYWe asked security officers to share creative methods they've used toget funding for infosec projects.http://www.net-security.org/news.php?id=7951----------------------------------------------------------------[ Vulnerabilities ]All vulnerabilities are located here:http://www.net-security.org/vulnerabilities.php----------------------------------------------------------------UCB Pop Server Arbitrary Privileged File Creationhttp://www.net-security.org/vulnerability.php?id=17036UCB Pop Server XTND XMIT Anonymous Mail Sendhttp://www.net-security.org/vulnerability.php?id=17037MyBulletinBoard (MyBB) misc.php Multiple Variable XSShttp://www.net-security.org/vulnerability.php?id=17008MyBulletinBoard (MyBB) forumdisplay.php Multiple Variable XSShttp://www.net-security.org/vulnerability.php?id=17009MyBulletinBoard (MyBB) member.php Multiple Variable XSShttp://www.net-security.org/vulnerability.php?id=17010MyBulletinBoard (MyBB) memberlist.php Multiple Variable XSShttp://www.net-security.org/vulnerability.php?id=17011MyBulletinBoard (MyBB) showthread.php Multiple Variable XSShttp://www.net-security.org/vulnerability.php?id=17012MyBulletinBoard (MyBB) printthread.php tid Variable XSShttp://www.net-security.org/vulnerability.php?id=17013MyBulletinBoard (MyBB) calendar.php eid Variable SQL Injectionhttp://www.net-security.org/vulnerability.php?id=17014MyBulletinBoard (MyBB) online.php pidsql Variable SQL Injectionhttp://www.net-security.org/vulnerability.php?id=17015MyBulletinBoard (MyBB) memberlist.php usersearch Variable SQLInjectionhttp://www.net-security.org/vulnerability.php?id=17016MyBulletinBoard (MyBB) editpost.php pid Variable SQL Injectionhttp://www.net-security.org/vulnerability.php?id=17017MyBulletinBoard (MyBB) forumdisplay.php fid Variable SQL Injectionhttp://www.net-security.org/vulnerability.php?id=17018MyBulletinBoard (MyBB) newreply.php tid Variable SQL Injectionhttp://www.net-security.org/vulnerability.php?id=17019MyBulletinBoard (MyBB) search.php sid Variable SQL Injectionhttp://www.net-security.org/vulnerability.php?id=17020MyBulletinBoard (MyBB) showthread.php Multiple Variable SQL Injectionhttp://www.net-security.org/vulnerability.php?id=17021MyBulletinBoard (MyBB) usercp2.php tid Variable SQL Injectionhttp://www.net-security.org/vulnerability.php?id=17022MyBulletinBoard (MyBB) printthread.php tid Variable SQL Injectionhttp://www.net-security.org/vulnerability.php?id=17023MyBulletinBoard (MyBB) reputation.php pid Variable SQL Injectionhttp://www.net-security.org/vulnerability.php?id=17024MyBulletinBoard (MyBB) portal.php username Variable SQL Injectionhttp://www.net-security.org/vulnerability.php?id=17025MyBulletinBoard (MyBB) polls.php tid Variable SQL Injectionhttp://www.net-security.org/vulnerability.php?id=17026MyBulletinBoard (MyBB) ratethread.php tid Variable SQL Injectionhttp://www.net-security.org/vulnerability.php?id=17027Calendarix Advanced cal_day.php catview Variable SQL Injectionhttp://www.net-security.org/vulnerability.php?id=16971Calendarix Advanced calendar.php year Variable XSShttp://www.net-security.org/vulnerability.php?id=16973Calendarix Advanced cal_week.php catview Variable SQL Injectionhttp://www.net-security.org/vulnerability.php?id=16974Calendarix Advanced cal_cat.php catview Variable SQL Injectionhttp://www.net-security.org/vulnerability.php?id=16975Calendarix Advanced cal_pophols.php id Variable SQL Injectionhttp://www.net-security.org/vulnerability.php?id=16972mvnForum Config Page Cleartext Password Storagehttp://www.net-security.org/vulnerability.php?id=16961X-Cart Gold home.php Multiple Variable XSShttp://www.net-security.org/vulnerability.php?id=16936X-Cart Gold product.php Multiple Variable XSShttp://www.net-security.org/vulnerability.php?id=16937X-Cart Gold error_message.php id Variable XSShttp://www.net-security.org/vulnerability.php?id=16938X-Cart Gold help.php section Variable XSShttp://www.net-security.org/vulnerability.php?id=16939X-Cart Gold orders.php mode Variable XSShttp://www.net-security.org/vulnerability.php?id=16940X-Cart Gold register.php mode Variable XSShttp://www.net-security.org/vulnerability.php?id=16941X-Cart Gold search.php mode Variable XSShttp://www.net-security.org/vulnerability.php?id=16942X-Cart Gold giftcert.php Multiple Variable XSShttp://www.net-security.org/vulnerability.php?id=16943X-Cart Gold home.php Multiple Variable SQL Injectionhttp://www.net-security.org/vulnerability.php?id=16944X-Cart Gold product.php Multiple Variable SQL Injectionhttp://www.net-security.org/vulnerability.php?id=16945X-Cart Gold error_message.php id Variable SQL Injectionhttp://www.net-security.org/vulnerability.php?id=16946X-Cart Gold help.php section Variable SQL Injectionhttp://www.net-security.org/vulnerability.php?id=16947X-Cart Gold orders.php mode Variable SQL Injectionhttp://www.net-security.org/vulnerability.php?id=16948X-Cart Gold register.php mode Variable SQL Injectionhttp://www.net-security.org/vulnerability.php?id=16949X-Cart Gold search.php mode Variable SQL Injectionhttp://www.net-security.org/vulnerability.php?id=16950X-Cart Gold giftcert.php Multiple Variable SQL Injectionhttp://www.net-security.org/vulnerability.php?id=16951Stronghold 2 Malformed Nickname Join DoShttp://www.net-security.org/vulnerability.php?id=16933FutureSoft TFTP Server 2000 Multiple Remote Overflowshttp://www.net-security.org/vulnerability.php?id=16954MyBulletinBoard (MyBB) User Profile website Field XSShttp://www.net-security.org/vulnerability.php?id=16934PowerDownload downloads.php incdir Variable Remote File Inclusionhttp://www.net-security.org/vulnerability.php?id=16952mvnForum Search Variable XSShttp://www.net-security.org/vulnerability.php?id=16962NewLife Blogger Unspecified SQL Injectionhttp://www.net-security.org/vulnerability.php?id=16913Hosting Controller resellerresources.asp jresourceid Variable SQLInjectionhttp://www.net-security.org/vulnerability.php?id=16914Hosting Controller plandetails.asp Information Disclosurehttp://www.net-security.org/vulnerability.php?id=16915Nortel VPN Router Malformed IKE Packet DoShttp://www.net-security.org/vulnerability.php?id=16918PicoWebServer HTTP Request Remote Overflowhttp://www.net-security.org/vulnerability.php?id=16910WordPress template-functions-category.php cat_ID SQL Injectionhttp://www.net-security.org/vulnerability.php?id=16905NPDS admin.php language Variable XSShttp://www.net-security.org/vulnerability.php?id=16919NPDS powerpack_f.php language Variable XSShttp://www.net-security.org/vulnerability.php?id=16920NPDS sdv_infos.php sitename Variable XSShttp://www.net-security.org/vulnerability.php?id=16921NPDS reviews.php title Variable XSShttp://www.net-security.org/vulnerability.php?id=16923NPDS reply.php image_subject Variable XSShttp://www.net-security.org/vulnerability.php?id=16924NPDS Glossaire Module terme Variable SQL Injectionhttp://www.net-security.org/vulnerability.php?id=16925NPDS links.php Query Variable SQL Injectionhttp://www.net-security.org/vulnerability.php?id=16926NPDS Modules.php Lettre Variable XSShttp://www.net-security.org/vulnerability.php?id=16922----------------------------------------------------------------[ Advisories ]All advisories are located at:http://www.net-security.org/archive_advi.php----------------------------------------------------------------Conectiva Linux Security Announcement - gdk-pixbuf (CLA-2005:958)http://www.net-security.org/advisory.php?id=4859Symantec Security Advisory - gzip, bzip2, nasm, postgresql(01/Jun/2005)http://www.net-security.org/advisory.php?id=4858Trustix Secure Linux Security Advisory - binutils (2005-05-31)http://www.net-security.org/advisory.php?id=4857Conectiva Linux Security Announcement -  gftp (CLA-2005:957)http://www.net-security.org/advisory.php?id=4856Conectiva Linux Security Announcement - php4 (CLA-2005:955)http://www.net-security.org/advisory.php?id=4855Mandriva Linux Security Update Advisory - gdb (MDKSA-2005:095)http://www.net-security.org/advisory.php?id=4854----------------------------------------------------------------[ Articles ]All articles are located at:http://www.net-security.org/articles_main.phpArticles can be contributed to articles@net-security.org----------------------------------------------------------------AN INTRODUCTION TO SECURING LINUX WITH APACHE, PROFTPD AND SAMBAMany machines come with default installations of Apache and Samba,and a few others even include a FTP daemon. While these services maybe disabled by default, some users may be inclined to use theseprograms. This article is a brief, but in-depth tutorial on how tokeep these applications up-to-date and secure.http://www.net-security.org/article.php?id=794----------------------------------------------------------------[ Software ]Windows software is located at:http://net-security.org/software_main.php?cat=1Linux software is located at:http://net-security.org/software_main.php?cat=2Pocket PC software is located at:http://net-security.org/software_main.php?cat=3----------------------------------------------------------------MAILSCANNER 4.42.9 (Linux)MailScanner is a virus scanner for e-mail designed for use on e-mailgateways.http://www.net-security.org/software.php?id=144OUTPOST FIREWALL PRO 2.7 (Windows)This is a comprehensive solution for online protection.http://www.net-security.org/software.php?id=276SMOKEPING 2.0 RC5 (Linux)With SmokePing you can measure latency, latency distribution andpacket loss in your network.http://www.net-security.org/software.php?id=178YASSL 1.0 (Linux)yaSSL is an SSL Library for programmers building securityfunctionality into their applications and devices.http://www.net-security.org/software.php?id=521----------------------------------------------------------------[ Webcasts ]All webcasts are located at:http://net-security.org/webcasts.php----------------------------------------------------------------eEye and IIS Ð Implementing a Multi-Layered Security Solution to BestAddress Spyware, Phishing and Zero Day AttacksOrganized by eEye on 14 July 2005, 2:00 PMhttp://www.net-security.org/webcast.php?id=376----------------------------------------------------------------[ Conferences ]All conferences are located at:http://net-security.org/conferences.php----------------------------------------------------------------InfoSeCon 2005Organized by Information Security Bulletin and ZIK - 6 June-10 June2005http://www.net-security.org/conference.php?id=135Second European PKI WorkshopOrganized by University of Salford - 30 June-1 July 2005http://www.net-security.org/conference.php?id=118SIG SIDAR Conference on Detection of Intrusions and Malware &Vulnerability Assessment (DIMVA 2005)Organized by German Informatics Society - 7 July-8 July 2005http://www.net-security.org/conference.php?id=119The 4th European Conference on Information Warfare and Security (ECIW2005)Organized by Academic Conferences International - 11 July-15 July2005http://www.net-security.org/conference.php?id=120The 32nd International Colloquium on Automata, Languages andProgramming (ICALP'05)Organized by European Association for Theoretical Computer Science -11 July-15 July 2005http://www.net-security.org/conference.php?id=12114th USENIX Security SymposiumOrganized by USENIX - 31 July-5 August 2005http://www.net-security.org/conference.php?id=136Crypto 2005Organized by International Association for Cryptologic Research - 14August-18 August 2005http://www.net-security.org/conference.php?id=1228th Information Security Conference(ISC'05)Organized by Institute for Infocomm Research - 21 September-23September 2005http://www.net-security.org/conference.php?id=123The 4th International Workshop for Applied PKI (IWAP'05)Organized by Institute for Infocomm Research - 21 September-23September 2005http://www.net-security.org/conference.php?id=124RSA Conference Europe 2005Organized by RSA Conference - 17 October-19 October 2005http://www.net-security.org/conference.php?id=133CNIS 2005: IASTED International Conference on Communication, Networkand Information SecurityOrganized by IASTED - 14 November-16 November 2005http://www.net-security.org/conference.php?id=137Asiacrypt 2005Organized by International Association for Cryptologic Research - 1December-4 December 2005http://www.net-security.org/conference.php?id=125----------------------------------------------------------------[ Security World ]All press releases are located at:http://www.net-security.org/press_main.phpSend your press releases to press@net-security.org----------------------------------------------------------------FrontBridge Reports "Sobering" Effect on Email with Record High Spam,Virus and Message Volume Totals in Mayhttp://www.net-security.org/press.php?id=3208ViPNet Safe Disk for Pocket PC: A Bulletproof Data Security Systemforhttp://www.net-security.org/press.php?id=3207Panda Platinum Internet Security 2005 receives the Trojan Checkmarkcertification for protection against Trojanshttp://www.net-security.org/press.php?id=3206NFR SecurityÕs Sentivist Achieves Prominent Government SecurityCertificationhttp://www.net-security.org/press.php?id=3205Comodo Cryptography expert to speak at IEEE Symposium on ComputerArithmetichttp://www.net-security.org/press.php?id=3204----------------------------------------------------------------[ Virus News ]All virus news are located at:http://www.net-security.org/viruses.php----------------------------------------------------------------New Bagle Downloader spreading like wildfire via emailhttp://www.net-security.org/virus_news.php?id=554----------------------------------------------------------------Questions, contributions, comments or ideas go to:Help Net Security staffstaff@net-security.orghttp://net-security.org----------------------Unsubscribe from this weekly digest on:http://www.net-security.org/subscribe.phpThe archive of the newsletter in TXT and PDF format is available http://www.net-security.org/newsletter_archive.php

----------------------------------------------------------------INFOSECURITY CANADA----------------------------------------------------------------Infosecurity Canada, taking place June 14-16, 2005 at theMetro Toronto Convention Centre, brings together professionalsinterested in IT security with suppliers of security productsand solutions. It offers attendees a comprehensive conferenceprogram, coupled with an exhibition floor occupied by leadingcompanies, where they can thoroughly evaluate solutionsavailable to them.----------------------------------------------------------------http://net-security.org/v/infosecurity----------------------------------------------------------------