intro

News UK	Headlines, most important issues and industry checklists.
UCN-2003-09-22-1 Online credit checks in UK UCN-2003-09-19 New Safebuy assurance scheme UCN-2003-09-18-2 New UK Spamming laws UCN-2003-09-15-3 Downtime Costs European Firms 5.2bn UCN-2003-09-15-4: Britain Being hit by Inst Messaging Anarchy. UCN-2003-09-11: British duo face TK Worm charges	Sendmail buffer overflow in prescan() affects many versions of Linux, UNIX and BSD. Open ssh buffer overflow DOS and possible arbitary code execution Remote RPC call vulnerability on Windows machines due to buffer overflow that can gives local privileges.		@STAKE exec sacked for anti MS report on weakness of software monoculture. report here Move to bring software security into vendor purchasing process W32.Welchia.Worm W32.Blaster.Worm W32.Bugbear.B@mm	http://www.sans.org/top20/ SANS FBI top 20 chekcklist. Operating system concensus benchmarks from Centre for Internet Security and SANS. NSA guides. CERT.org global centre for IT Security information.


News Global	Latest Exploits week previous to 28th september 2003
UCN-2003-09-23-1 High level email virus outbreak -W32/Gibe.E-mm UCN-2003-09-23-2 Software vendors such as Oracle more responsible UCN-2003-09-23-3 30 unpatched vulnerabilities in Internet Explorer? UCN-2003-09-23-4 Hack attacks increasing according to PanSec UCN-2003-09-23-5 New IE XML Vulnerability.and this UCN-2003-09-18-1: US-CERT goes online UCN-2003-09-17: Open SSH problems. Rumours. UCN-2003-09-16: The Blaster and Welchia worms continue to have a sustained impact on many Australian networks. UCN-2003-09-15-1: US specific cert to work in conjunction with Cert.org. Shows need for geographic focus to Certs. UCN-2003-09-15-2: Whitehouse selects Symantec chief as head of homeland security. UCN-2003-09-12: Copy protected CDs launched on market. UCN-2003-05-23: SANS-FBI Top 20 Vulnerabilities v3.23	UKCERT Refdate	Description of exploit, vuln or advisory.		MITRE Can Ref
	UCE-2003-09-27-9	W32.Smibag.Worm		-
	UCE-2003-09-27-8	PWSteal.Lemir.F		-
	UCE-2003-09-27-7	Backdoor.Zombam.B		-
	UCE-2003-09-27-6	Backdoor.Semes		-
	UCE-2003-09-27-5	Backdoor.Mprox		-
	UCE-2003-09-274	BAT.IRC.Flood		-
	UCE-2003-09-27-3	W32.Randex.P		-
	UCE-2003-09-27-2	UnixWare 7.1.3 Open UNIX 8. Sendmail: buffer overflow		-
	UCE-2003-09-27-1	UnixWare 7.1.3 Open UNIX 8. OpenSSH: buffer problems		CAN-2003-0786
	UCE-2003-09-26-10	Updated apache2 packages fix CGI scripting deadlock		-
	UCE-2003-09-26-9	Updated proftpd packages fix remote root vulnerability		-
	UCE-2003-09-26-8	Denial of Service Vulnerability on IRIX		CAN-2003-0746
	UCE-2003-09-26-5	Mplayer Buffer Overflow		-
	UCE-2003-09-26-7	SMC Router Denial of Service exploit		-
	UCE-2003-09-26-6	New marbles packages fix buffer overflow		CAN-2003-0830
	UCE-2003-09-26-5	Mplayer Buffer Overflow		-
	UCE-2003-09-26-4	Local root exploit for IBM DB2 Universal Database v7.2		-
	UCE-2003-09-26-3	Exploit that causes a denial of service		-
	UCE-2003-09-26-2	Remote exploit for Cfengine versions 2.-2.0.3		-
	UCE-2003-09-26-1	Remote exploit for atphttpd version 0.4b on Linux x86		-
	UCE-2003-09-25-15	VBS.Taber		-
	UCE-2003-09-2514	Backdoor.Translat		-
	UCE-2003-09-25-13	myServer 0.4.3 Directory Traversal Vulnerability		-
	UCE-2003-09-2512	EORF2003-04: sbox path disclosure problem		-
	UCE-2003-09-25-11	LanSuite 2003 - Multiple Vulnerabilities		-
	UCE-2003-09-25-10	FreeBSD Security Advisory FreeBSD		-
	UCE-2003-09-25-9	Sanctum AppScan 4 misses potential vulnerabilities		-
	UCE-2003-09-25-8	Thread-IT Message Board XSS Vulnerability		-
	UCE-2003-09-25-6	Comment Board XSS Vulnerability		-
	UCE-2003-09-25-5	Privacy leak in VeriSign's SiteFinder service #2		-
	UCE-2003-09-25-4	Outlook security updates not stopping Swen		-
	UCE-2003-09-25-3	WebWeaver version 1.06 and below		-
	UCE-2003-09-25-2	602PRO LanSuite 2003 for Windows		-
	UCE-2003-09-25-1	The Savant Web Server version 3.1 for Windows		-
	UCE-2003-09-24-13	proFTPD root vulnerability affecting UNIX		-
	UCE-2003-09-24-12	FreeBSD DOS issue -new		-
	UCE-2003-09-24-11	W32.Dumaru.M@mm		-
	UCE-2003-09-24-10	W32.Welchia.Worm		-
	UCE-2003-09-24-9	W32.Swen.A@mm		-
	UCE-2003-09-24-8	FreeBSD Security Advisory FreeBSD-SA-03:14.arp		-
	UCE-2003-09-24-7	'WebTool-userpass' passphrase disclosure vulnerability		-
	UCE-2003-09-24-6	TCLHttpd Server - Multiple Vulnerabilities		-
	UCE-2003-09-24-5	MondoSoft File Creation vulnerability		-
	UCE-2003-09-24-4	slackware WU-FTPD Security Advisory		-
	UCE-2003-09-24-3	slackware ProFTPD Security Advisory		-
	UCE-2003-09-24-2	slackware- New OpenSSH packages		-
	UCE-2003-09-24-1	OpenServer 5.0.7 wu-ftpd fb_realpath() off-by-one bug		-
	UCE-2003-09-23-6	Privacy leak in VeriSign's SiteFinder service		-
	UCE-2003-09-23-5	ProFTPD ASCII File Remote Compromise Vulnerability		-
	UCE-2003-09-23-4	WZFTPD Denial Of Service		-
	UCE-2003-09-23-3	Multiple PAM vulnerabilities in portable OpenSSH		-
	UCE-2003-09-23-2	Portable OpenSSH 3.7.1p2 released		-
	UCE-2003-09-23-1	mpg123 v0.59r remote client-side heap corruption exploit		-
	UCE-2003-09-22-8	SpeakFreely for Win remote crash through malformed GIF		-
	UCE-2003-09-22-7	SpeakFreely for Win spoofed DoS		-
	UCE-2003-09-22-6	Wu_ftpd all versions (not) vulnerability		-
	UCE-2003-09-22-5	dos vulnerability in Xitami Open Source Web Server		-
	UCE-2003-09-22-4	Red Hat: Updated Perl packages fix security issues		CAN-2002-1323
	UCE-2003-09-22-3	Updated Apache and mod_ssl packages fix		CAN-2003-0020
	UCE-2003-09-22-2	Snort not backdoored, Sourcefire not compromised		-
	UCE-2003-09-22-1	Remote exploit for lsh 1.4.x		-
	UCE-2003-09-21-3	Debian SSH fix download		CAN-2003-0693
	UCE-2003-09-21-2	Remote exploit for netris version 0.5 on RedHat 8.0		-
UCE-2003-09-21-1	Local root exploit for hztty 2.0		CAN-2003-0783
UCE-2003-09-20-9	New ipmasq packages fix insecure packet filtering rules		CAN78-2003-05
UCE-2003-09-20-8	How Verisign's SiteFinder service breaks Windows networking		-
UCE-2003-09-20-7	SuSE Security Announcement: sendmail, sendmail-tls		CAN-2003-0694
UCE-2003-09-20-6	Multiple Security Issues in Netup UTM		-
UCE-2003-09-20-5	How VeriSign's SiteFinder service breaks Outlook Express		-
UCE-2003-09-20-4	Windows: Analysis of RPC AND Universal Heap Overflow		-
UCE-2003-09-20-3	LSH: Buffer overrun and remote root compromise in lshd		-
UCE-2003-09-20-2	KDM:New kdebase packages fix multiple vulnerabilites		-
UCE-2003-09-20-1	myPHPnuke 1.8.8:Vulnrability		-
UCE-2003-09-19-5	kde:Conectiva Security Announcement -		-
UCE-2003-09-19-4	Community Wizard:Admin Access Vulnerability		-
UCE-2003-09-19-3	Powerslave 4.3 Information Leak Vuln.		-
UCE-2003-09-19-2	Microsoft:Wave of fake Official Microsoft Advisory		-
UCE-2003-09-19-1	Linux:uninitialized buffer in midnight commander		-
UCE-2003-09-18-8	The Plug and Play Web Server v1.0002c dos		-
UCE-2003-09-18-7	The Plug and Play Web Server v1.0002c scripting		-
UCE-2003-09-18-6	Remote Pine exploit for versions 4.56 and below		CAN-2003-0720
UCE-2003-09-18-5	Remote Windows exploit for RPC DCOM		CAN-2003-0528
UCE-2003-09-18-4	LSH exploit		-
UCE-2003-09-18-3	Solaris sadmind exploit		-
UCE-2003-09-18-2	MySQL Buffer Overflow		CAN-2003-0780
UCE-2003-09-18-1	DB2 Buffer Overflow		-
Virus Hoaxes can be seen at http://www.datafellows.com/virus-info/hoax/
Top Links UK (not ranked)	UKCERT Highlights	Top Links globally (not ranked)		UKCERT -Dev
http://www.uniras.gov.uk/ http://www.mod.uk/cert/ http://www.bcs-issg.org.uk/ http://www.cesg.gov.uk/index.cfm http://www.ja.net/CERT/cert.html http://www.cl.cam.ac.uk/users/rja14/ http://www.hpl.hp.com/conferences /isc03/ http://www.isg.rhul.ac.uk/ http://www.isaca.org.uk/ http://www.ukresilience.info/virus.htm http://www.terena.nl/tech/task-forces/tf-csirt/	Exploit section which has many code examples.	http://www.sans.org http://www.cert.org/ http://www.securityfocus.com/ http://www.auscert.org.au/ http://www.foundstone.com http://news.ists.dartmouth.edu/today snews.html#internal11560 http://archives.neohapsis.com http://securityresponse.symantec.com/ http://www.cisecurity.org/ http://www.itsecurity.com/defaultie5.htm http://www.linuxsecurity.com/		UKCERT starts email newlsletter. UKCERT is developing a new secure database login system. Also a forum with identification system and experts exchange. Priority at the moment is the new Search facility and next weeks new newsletter.
elaw	CERTs Worldwide
Bank of Montreal in Customer records on hard drive for ebay. California law could change global business. Canadian tech company ecommerce patent enforced in Australia.	Global- CERT™ US- USCERT Australia- AusCERT UK- UKCERT - You are here. Canada- CanCERT Japan- JPCERT Hong Kong- HKCERT	Sector specific US certs. --Energy --NASA --Military Sector specific UK certs. --Academic --Military --Governmental	CERT-China CERT-Croatia CERT-France CERT-Germany CERT-Italy CERT-Denmark CERT-Finland CERT-Korea CERT-Lithuania contact webmaster @ ukcert.org.uk to add new ones	CERT-Mexico CERT-Netherland CERT-Norway CERT-Poland CERT-Russia CERT-Slovenia CERT-Spain CERT-Sweden CERT-Switzerland Other European based Teams- CSIRTs

All text is available under the terms of the GNU Free Documentation License.