Newsletter
October 2004

For previous months:

********************************************************************

                         SecuritySpace Newsletter
                         Published by E-Soft Inc.

                            October 1st, 2004

====================================================================

Advanced Security Audits for $199/Month

With the latest enhancements to customize your audit with 80+ 
parameters, you can run unlimited audits against unlimited IPs. 
Our award winning vulnerability scanner allows you to schedule 
audits on a daily/weekly/monthly basis, fix problems and retest at 
your leisure.  Available 24x7, always up to date, find out why 
banks, governments, ISPs, insurance companies and more are turning 
to SecuritySpace for auditing their systems.

http://www.securityspace.com/smysecure/adv_index.html

====================================================================

In this month's newsletter:

I.   New This Month:
       1) 589 new vulnerability tests on-line

II.  Tip of the Month: Leveraging multiple Network Monitor sensors

III. Security News - Your Top 10 Picks of September

IV.  Free Internet Research Reports
       1) Secure Web Server Market Share Change
       2) Web Server Market Share Change
       3) Technology Penetration e.g. Java, Flash, etc.
       4) Apache Module Report
       5) Web Authoring Tools
       6) Market Share Theft and Upgrade Report
       7) Cookie Usage Report
       8) ISP Report
       9) DNS Load Balancing Report
      10) Web Bug Report
      11) Firewalled IIS Servers
      12) Web Site Failure/Growth Report
      13) Compact Privacy Policy Report
      14) Website Distribution by Area Code
      15) DNS Site Operator Report

V.   Subscription / Removal Information

====================================================================
I. New This Month

1)  589 new vulnerability tests on-line
--------------------------------------
    Security Audits have 589 new tests added this month, bringing
    the total this month to 4705 vulnerability tests on-line. In
    addition to numerous Local Security checks for various
    distributions and the addition of checks for Gentoo and AIX,
    the following remote tests have been added.

    Date   Test   Description
    ----   ----   -----------
    Sep 29 14842  Serendipity SQL Injections                        
    Sep 29 14838  myServer POST Denial of Service                   
    Sep 29 14841  IRC bot ident server detection                    
    Sep 29 14843  ICECast HTTP Header Buffer Overflow               
    Sep 28 14836  WordPress XSS                                     
    Sep 28 14833  vBulletin XSS(2)                                  
    Sep 28 14834  radmin on port 10002 - possible GDI compromise    
    Sep 28 14837  PD9 MegaBBS multiple vulnerabilities              
    Sep 28 14835  Symantec Norton AntiVirus Version Detection       
    Sep 28 14831  MySQL bounded parameter overflaw                  
    Sep 28 14829  Intellipeer POP3 server user account enumeration  
    Sep 28 14832  Debian GNU/Linux Sendmail Default SASL Password   
    Sep 28 14828  BroadBoard SQL Injection                          
    Sep 28 14830  @lex guestbook remote file include                
    Sep 27 14823  ViewCVS XSS                                       
    Sep 27 14824  Pinnacle ShowCenter Skin DoS                      
    Sep 27 14822  OpenBB XSS                                        
    Sep 27 14825  MDaemon mail server DoS                           
    Sep 27 14827  MDaemon imap server DoS(2)                        
    Sep 27 14826  MDaemon imap server DoS                           
    Sep 24 14806  YaBB Gold 1 Multiple Input Validation Issues      
    Sep 24 14792  vBulletin XSS                                     
    Sep 24 14793  Tutos input validation Issues                     
    Sep 24 14800  Subversion Module unreadeable path information disclosure
    Sep 24 14818  Possible GDI+ compromise                          
    Sep 24 14804  Alt-N MDaemon Multiple Buffer Overflows           
    Sep 24 14810  Macromedia JRun Multiple Vulnerabilities          
    Sep 24 14788  IP protocols scan                                 
    Sep 24 14805  Emulive Server4 Authentication Bypass             
    Sep 24 14819  Canon ImageRUNNER Printer Email Printing          
    Sep 24 14816  aspWebCalendar SQL Injection                      
    Sep 24 14817  aspWebAlbum SQL Injection                         
    Sep 24 14803  Apache = 2.0.51                                   
    Sep 22 14782  YaBB XSS and administrator command execution      
    Sep 22 14785  vBulletin SQL injection Issue                     
    Sep 22 14784  Tutos SQL injection and Cross Site Scripting Issues
    Sep 22 14783  Snitz Forums 2000 HTTP Response Splitting         
    Sep 22 14787  PHPMyBackupPro Input Validation Issues            
    Sep 22 14786  BBS E-Market File Disclosure                      
    Sep 19 14770  php arbitrary file upload                         
    Sep 19 14768  Security Update 2004-09-16                        
    Sep 19 14773  Identifies services like FTP, SMTP, NNTP...       
    Sep 19 14772  Try very hard to identify what runs on common ports
    Sep 19 14771  Apache <= 1.3.31 htpasswd local overflow          
    Sep 19 14748  Apache < 2.0.51                                   
    Sep 16 14726  ZoneAlarm Pro local DoS                           
    Sep 16 14722  WebLogic Multiple Vulnerabities                   
    Sep 16 14719  Turbo Seek files reading                          
    Sep 16 14729  Mozilla/Thunderbird multiple flaws                
    Sep 16 14724  Buffer Overrun in JPEG Processing (833987)        
    Sep 16 14732  Vulnerability in WordPerfect Converter (884933)   
    Sep 16 14727  Post-Nuke News module XSS                         
    Sep 16 14733  PerlDesk File Inclusion                           
    Sep 16 14728  Mozilla/Firefox multiple flaws                    
    Sep 16 14718  Cisco bug ID CSCdu35577 (Web Check)               
    Sep 13 14713  Simple Form Mail Relaying via Subject Tags Vulnerability
    Sep 13 14711  Samba ASN.1 Denial of Service                     
    Sep 13 14715  OpenCA signature verification flaw                
    Sep 13 14714  OpenCA multiple signature validation bypass       
    Sep 13 14712  MailEnable SMTP Connector Service DNS Lookup DoS Vulnerability
    Sep 13 14707  TYPSoft empty username DoS                        
    Sep 13 14706  TYPSoft directory traversal flaw                  
    Sep 13 14708  PhpGroupWare XSS                                  
    Sep 13 14709  FTP Serv-U 4.x 5.x DoS                            
    Sep 9  14660  ZoneAlarm Personal Firewall port 67 flaw          
    Sep 9  14325  Zixforum database disclosure                      
    Sep 9  14269  YaPiG remote server-side script execution vulnerability
    Sep 9  14614  XOOPS Dictionary Module Cross Scripting Vulnerability
    Sep 9  14647  Xedus XSS                                         
    Sep 9  14646  Xedus Denial of Service                           
    Sep 9  14645  Xedus directory traversal                         
    Sep 9  14644  Xedus detection                                   
    Sep 9  14372  wu-ftpd S/KEY authentication overflow             
    Sep 9  14302  wu-ftpd rnfr file overwrite                       
    Sep 9  14371  wu-ftpd MAIL_ADMIN overflow                       
    Sep 9  14301  wu-ftpd ABOR priviledge escalation                
    Sep 9  14585  WS FTP STAT buffer overflow                       
    Sep 9  14598  WS FTP server multiple flaws                      
    Sep 9  14584  WS FTP server DoS                                 
    Sep 9  14586  WS FTP CWD DoS                                    
    Sep 9  14599  WS FTP server FTP bounce attack and PASV connection hijacking flaws
    Sep 9  14597  WS_FTP client weak stored password                
    Sep 9  14382  WebMatic Security Vulnerability                   
    Sep 9  14365  WebAPP Directory Traversal                        
    Sep 9  14363  INL ulog-php SQL injection                        
    Sep 9  14699  TYPSoft FTP 'RETR' DoS                            
    Sep 9  14686  Trillian MSN Overflow                             
    Sep 9  14615  TorrentTrader SQL Injection                       
    Sep 9  14591  Titan FTP Server CWD heap overflow                
    Sep 9  14659  Titan FTP Server directory traversal              
    Sep 9  14359  TikiWiki Unauthorized Page Access                 
    Sep 9  14364  TikiWiki multiple input validation vulnerabilities
    Sep 9  14300  Sympa unauthorised list creation security issue   
    Sep 9  14323  Sympa New List Cross Site Scripting               
    Sep 9  14299  Sympa invalid LDAP password DoS                   
    Sep 9  14298  Sympa wwsympa do_search_list Overflow DoS         
    Sep 9  14369  SWsoft Plesk Reloaded Cross Site Scripting Vulnerability
    Sep 9  14361  NSS Library SSLv2 Challenge Overflow              
    Sep 9  14273  SSH settings                                      
    Sep 9  14228  SquirrelMail XSS and Local escalation             
    Sep 9  14381  Samba FindNextPrintChangeNotify() Denial of Service
    Sep 9  14278  RealPlayer multiple remote overflows              
    Sep 9  14275  QuiXplorer Directory Traversal                    
    Sep 9  14263  PuTTY SSH2 authentication password persistence weakness
    Sep 9  14262  PuTTY window title escape character arbitrary command execution
    Sep 9  14687  psyBNC Server Detection                           
    Sep 9  14685  PsNews XSS                                        
    Sep 9  14362  PlaySMS Cookie SQL Injection                      
    Sep 9  14613  phpScheduleIt HTML Injection Vulnerability        
    Sep 9  14296  PhpGroupWare multiple module SQL injection vulnerabilities
    Sep 9  14295  PhpGroupWare calendar server side script execution
    Sep 9  14294  PhpGroupWare unspecified remote file include vulnerability
    Sep 9  14293  PhpGroupWare plaintext cookie authentication credentials vulnerability
    Sep 9  14292  PhpGroupWare multiple HTML injection vulnerabilities
    Sep 9  14368  PHP-CSL Cross Site Scripting Vulnerability        
    Sep 9  14356  PHP-Fusion Database Backup Disclosure             
    Sep 9  14357  PhotoADay Cross-Site Scripting Vulnerability      
    Sep 9  14587  Password Protect SQL Injection                    
    Sep 9  14641  Oracle DBS_SCHEDULER vulnerability                
    Sep 9  14346  Opera Resource Detection                          
    Sep 9  14261  Opera remote location object cross-domain scripting vulnerability
    Sep 9  14336  Opera Javascript Denial of Service                
    Sep 9  14638  Opera Empty Embedded Object DoS                   
    Sep 9  14700  OpenCA HTML Injection                             
    Sep 9  14378  NetAsq identification                             
    Sep 9  14343  MySQL mysqlhotcopy script insecure temporary file 
    Sep 9  14319  MySQL buffer overflow                             
    Sep 9  14327  MyDMS SQL Injection and Directory Traversal       
    Sep 9  14354  Music Daemon File Disclosure                      
    Sep 9  14353  Music Daemon Denial of Service                    
    Sep 9  14668  Mozilla/Firefox security manager certificate handling DoS
    Sep 9  14379  Multiple Vulnerabilities in Merak Webmail / IceWarp Web Mail
    Sep 9  14324  Mantis Multiple Flaws (2)                         
    Sep 9  14344  Mantis multiple unspecified XSS                   
    Sep 9  14360  MAILsweeper Archive File Filtering Bypass         
    Sep 9  14656  MailEnable HTTPMail Service GET Overflow Vulnerability
    Sep 9  14655  MailEnable HTTPMail Service Content-Length Overflow Vulnerability
    Sep 9  14654  MailEnable HTTPMail Service Authorization Header DoS Vulnerability
    Sep 9  14676  Security Update 2004-09-07                        
    Sep 9  14312  ScanMail file check                               
    Sep 9  14279  Kerio MailServer < 6.0.1                          
    Sep 9  14681  Keene digital media server XSS                    
    Sep 9  14352  JShop Cross-Site Scripting Vulnerability          
    Sep 9  14388  IgnitionServer Irc operator privilege escalation vulnerability
    Sep 9  14376  IgnitionServer Denial of Service                  
    Sep 9  14684  ipswitch IMail DoS                                
    Sep 9  14683  INN buffer overflow                               
    Sep 9  14637  IlohaMail User Parameter Vulnerability            
    Sep 9  14636  IlohaMail Password Disclosure Vulnerability       
    Sep 9  14635  IlohaMail External Programs Vulnerabilities       
    Sep 9  14634  IlohaMail Email Header HTML Injection Vulnerability
    Sep 9  14629  IlohaMail Detection                               
    Sep 9  14633  IlohaMail Contacts Deletion Vulnerability         
    Sep 9  14632  IlohaMail Attachment Upload Vulnerability         
    Sep 9  14631  IlohaMail Arbitrary File Access via Session Variable Vulnerability
    Sep 9  14630  IlohaMail Arbitrary File Access via Language Variable
    Sep 9  14674  Identd scan                                       
    Sep 9  14390  ICECast XSS                                       
    Sep 9  14370  HastyMail HTML Attachement Script Execution       
    Sep 9  14338  Gallery Script Execution                          
    Sep 9  14682  eZ/eZphotoshare Denial of Service                 
    Sep 9  14664  external services identification                  
    Sep 9  14358  eGroupWare Cross-Site Scripting Vulnerability     
    Sep 9  14375  Easy File Sharing Web Server ACL Bypass           
    Sep 9  14639  dasBlog HTML Injection Vulnerability              
    Sep 9  14291  CVSTrac timeline.c timeline_page function overflow
    Sep 9  14290  CVSTrac ticket title arbitrary command execution  
    Sep 9  14289  CVSTrac malformed URI infinite loop DoS           
    Sep 9  14288  CVSTrac chdir() chroot jail escape                
    Sep 9  14287  CVSTrac invalid ticket DoS                        
    Sep 9  14286  CVSTrac history.c history_update function overflow
    Sep 9  14285  CVSTrac database plaintext password storage       
    Sep 9  14284  CVSTrac cgi.c multiple overflows                  
    Sep 9  14283  CVSTrac CVSROOT/passwd arbitrary account deletion 
    Sep 9  14313  CVS file existence information disclosure weakness
    Sep 9  14318  CuteNews XSS                                      
    Sep 9  14665  CuteNews index.php XSS                            
    Sep 9  14626  Citrix NFuse_Application parameter XSS            
    Sep 9  14317  cfengine CFServD transaction packet buffer overrun vulnerability
    Sep 9  14316  cfengine format string vulnerability              
    Sep 9  14315  cfengine detection and local identification       
    Sep 9  14314  cfengine AuthenticationDialogue vulnerability     
    Sep 9  14640  Cerbere HTTP Proxy Denial of Service              
    Sep 9  14270  ISS BlackICE Vulnerable config files              
    Sep 9  14308  BasiliX Detection                                 
    Sep 9  14307  BasiliX Content-Type XSS Vulnerability            
    Sep 9  14306  BasiliX Attachment Disclosure Vulnerability       
    Sep 9  14305  BasiliX Arbitrary File Disclosure Vulnerability   
    Sep 9  14304  BasiliX Arbitrary Command Execution Vulnerability 
    Sep 9  14350  BadBlue Connections Denial of Service             
    Sep 9  14347  AWStats rawlog plugin logfile parameter input validation vulnerability
    Sep 9  14377  Arkoon identification                             
    Sep 9  14337  CSCec16481                                        

    New tests added in the last 30 days (and links to them) can be
    found at http://www.securityspace.com/smysecure/last30.html
    The complete arsenal of available tests can be viewed and searched
    at http://www.securityspace.com/smysecure/index.html. 

====================================================================
II.  Tip of the Month: Alerting on "ANY/ALL" in Network Monitor
                                                                                
     When configuring a monitored device, you have the options of
     setting alerts when "ANY" sensor reports an error, or only when
     "ALL sensors report an error.  With "ANY", you get an idea when
     network segments that some, but not all, of your customers use
     may be experiencing trouble (e.g. an overseas link to the UK).
     With "ALL", you are only notified if ALL sensors cannot reach
     your network, making it highly likely that the problem is on
     your network or your upstream ISP, and impacts all of your
     customers.
                                                                                
     http://www.securityspace.com/netmon/index

====================================================================
III. Security News - Your Top 10 Picks of September

Our readers ranked the following 10 articles as the most interesting
in September (based on click-through percentage):

They are, in order:

    1.  Code theft mystery deepens
        http://www.techworld.com/security/news/index.cfm?NewsID=2161
        Story from TechWorld

    2.  Top ISP caught red-handed aiding spammers
        http://www.techworld.com/security/news/index.cfm?NewsID=2199
        Story from TechWorld

    3.  WinZip catches itself in security trousers
        http://www.techworld.com/security/news/index.cfm?NewsID=2168
        Story from TechWorld

    4.  New, dangerous Microsoft JPEG exploit code released
        http://www.computerworld.com/securitytopics/security/holes/story/0,10801,96124,00.html
        Story from ComputerWorld

    5.  More big security holes in Linux
        http://www.techworld.com/security/news/index.cfm?NewsID=2201
        Story from TechWorld

    6.  U.S. government, companies warn of critical Oracle flaws
        http://www.computerworld.com/securitytopics/security/holes/story/0,10801,95678,00.html
        Story from ComputerWorld

    7.  Hackers use Google to access photocopiers
        http://news.zdnet.co.uk/internet/security/0,39020375,39167848,00.htm
        Story from ZDNet

    8.  Spammers embrace anti-spam technology
        http://www.techworld.com/security/news/index.cfm?NewsID=2154
        Story from TechWorld

    9.  First 'warspamming' case reaches court
        http://news.zdnet.co.uk/0,39020330,39165719,00.htm
        Story from ZDNet

   10.  Windows PCs threatened by JPEG-handling flaw
        http://news.zdnet.co.uk/software/windows/0,39020396,39166677,00.htm
        Story from CNET/ZDNet

====================================================================

IV. Internet Research Reports

1) Secure Web Server Market Share Change
----------------------------------------
These reports illustrate the market share of SSL enabled servers.
Included are domain by domain breakdowns of SSL servers in use,
certificate authorities being used to sign certificates, types
of protocols in use, types of ciphers, and more.

http://www.securityspace.com/s_survey/sdata/200409/index.html

2) Web Server Market Share Change
---------------------------------
The base web server survey that each month visits all servers we
know of and extracts the web server signature string.  Included are
domain by domain breakdowns of server usage.

http://www.securityspace.com/s_survey/data/200409/index.html

3) Technology Penetration - Java, JavaScript, etc.
--------------------------------------------------
A report on the usage of client side technologies, including
JavaScript, Java, Flash/Shockwave, and more.

http://www.securityspace.com/s_survey/data/man.200409/techpen.html

4) Apache Module Report
-----------------------
The Apache Module report is a breakdown of the popular add-on
modules to the Apache web servers. Included are graphs that plot
the penetration of technologies such as PHP, perl, and SSL
enabling technologies such as OpenSSL.

http://www.securityspace.com/s_survey/data/man.200409/apachemods.html

5) Web Authoring Tools
----------------------
A report on the usage of web authoring tools on the web by examining
signature strings imbedded by many popular authoring tools into web
pages.

http://www.securityspace.com/s_survey/data/man.200409/webauth.html

6) Market Share Theft and Upgrade Report
----------------------------------------
These reports detail statistics on web sites whose signature changed
from one month to the next.  Included are detailed stats on sites
that upgrade (or downgrade) from one revision to another, as well
as sites that switch completely the type of web server delivering
content.

http://www.securityspace.com/s_survey/data/man.200409/srvch.html

7) Internet Cookie Report
--------------------------
An analysis of the usage of cookies on the internet, along with
the attributes, such as longevity and technologies being used to
generate cookies (as witnessed by Cookie names such as "WEBTRENDS_ID",
"PHPSESSID", "CFTOKEN", etc.)

http://www.securityspace.com/s_survey/data/man.200409/cookieReport.html

8) ISP Report
--------------
An analysis of the respective market share ISPs have, as determined
by ranking them according to the number of sites being directly or
indirectly hosted by these ISPs.

http://www.securityspace.com/s_survey/data/man.200409/ISPreport.html

9) DNS Load Balancing Report
-----------------------------
An analysis of name resolutions of all web servers we know about
allows us to determine the number of sites that employ DNS
solutions that do (and do not) employ DNS load balancing techniques.

http://www.securityspace.com/s_survey/data/man.200409/dnsmult.html

10) Web Bug Report
------------------
By analyzing web page content of sites that are crawled each
month, a determination of the number of sites that employ web
bugs is made, as well as providing statistics on organizations
benefiting from web bugs such as advertising agencies.

http://www.securityspace.com/s_survey/data/man.200409/webbug.html

11) Firewalled IIS Servers
--------------------------
An analysis of HTTP header information returned by IIS servers
as part of every request the service, a common misconfiguration
can be exposed that details information of an organization's
private network.

http://www.securityspace.com/s_survey/data/man.200409/firewalled_cloc.html

12) Web Growth/Failure Report
-----------------------------
By analyzing the number of new sites we find each month, and those
that stop responding to our survey, a report is generated that
focuses on new and expired web sites.  By analyzing market share
of web servers within this data set, a determination can be made
of technologies of choice for new web site administrators.

http://www.securityspace.com/s_survey/data/man.200409/growth.html

13) Compact Privacy Policy Report
---------------------------------
This report provides an analysis of the penetration of compact
privacy policies on the web since the inception of the P3P
specification.  Included is a complete breakdown of the usage of
all tags, their meanings, the number of sites using these tags,
and more.

http://www.securityspace.com/s_survey/data/man.200409/p3p.html

14) Website Distribution by Area Code/Geographic Region
-------------------------------------------------------
This report details how sites are distributed based on telephone
numbers that are found published on these sites.  By examining
the area code, and mapping this to the geographic region applicable,
a geographic view of web sites is available.  This report is limited
to sites publishing numbers matching the North American Numbering
Plan (NANP).

http://www.securityspace.com/s_survey/data/man.200409/areacode.html

15) DNS Site Operator Report
----------------------------
This report details DNS servers and the number of domains each
is responsible for.  In essence, this provides the list of customers
of ISPs, hosting companies, specialty DNS service providers,
and more.  The free report provides the top 20 DNS servers (as
measured by # of domains the server services), as well as allowing
users to query the relevant statistics of any known DNS server.

http://www.securityspace.com/s_survey/data/man.200409/dnsop.html
====================================================================
V.  Subscription/Removal Information

If you know of anyone who may find this newsletter interesting,
please forward it to them.

To subscribe or unsubscribe from this monthly newsletter, please
visit https://secure1.securityspace.com/secnews/subscribe.html
--------------------------------------------------------------------
Ying Chan                          
Marketing Manager                  
E-Soft Inc.                        http://www.e-softinc.com
SecuritySpace.com                  http://www.securityspace.com

To subscribe or cancel a subscription, please go here.



© 1998-2024 E-Soft Inc. All rights reserved.