|
News
UK
|
Headlines, most important issues and industry checklists.
|
|
UCN-2003-09-22-1
Online credit checks in UK
UCN-2003-09-19
New Safebuy assurance scheme
UCN-2003-09-18-2
New
UK Spamming laws
UCN-2003-09-15-3
Downtime
Costs European Firms 5.2bn
UCN-2003-09-15-4:
Britain
Being hit by Inst Messaging Anarchy.
UCN-2003-09-11:
British duo face TK Worm
charges
|
Sendmail
buffer overflow in prescan() affects many versions of Linux, UNIX and
BSD.
Open
ssh buffer overflow DOS and possible arbitary code execution
Remote
RPC call vulnerability on Windows machines due to buffer overflow that
can gives local privileges.
|
@STAKE
exec sacked for anti MS report on weakness of software monoculture.
report here
Move to
bring software security into vendor purchasing process
W32.Welchia.Worm
W32.Blaster.Worm
W32.Bugbear.B@mm
|
http://www.sans.org/top20/
SANS FBI top 20 chekcklist.
Operating system concensus benchmarks
from Centre for Internet Security and SANS.
NSA
guides.
CERT.org global centre for IT Security
information.
|
|
News Global
|
Latest
Exploits week previous to October the 6th 2003-
|
|
UCN-2003-09-23-1
High level email virus outbreak -W32/Gibe.E-mm
UCN-2003-09-23-2
Software vendors such as Oracle more responsible
UCN-2003-09-23-3
30 unpatched vulnerabilities in Internet Explorer?
UCN-2003-09-23-4
Hack attacks increasing according to PanSec
UCN-2003-09-23-5
New IE XML Vulnerability.and this
UCN-2003-09-18-1:
US-CERT goes online
UCN-2003-09-17:
Open SSH problems. Rumours.
UCN-2003-09-16:
The Blaster and Welchia worms continue to have a sustained impact on
many Australian networks.
UCN-2003-09-15-1:
US
specific cert to work in
conjunction with Cert.org. Shows
need for geographic focus to Certs.
UCN-2003-09-15-2:
Whitehouse
selects Symantec
chief as head of homeland security.
UCN-2003-09-12:
Copy protected CDs launched on market.
UCN-2003-05-23:
SANS-FBI Top 20 Vulnerabilities
v3.23
|
UKCERT
Refdate
|
Description
of exploit, vuln or advisory.
|
MITRE
Can Ref
|
| UCE-2003-10-6-6 |
ProFTPD
ASCII File Remote Compromise Vulnerability, OpenSSH PAM challenge authentication
failure, Portable OpenSSH server PAM Vulnerability + Sendmail 8.12.9 Prescan
Bug |
- |
| UCE-2003-10-6-5 |
Two
CIAC Security Advisories:1. Sun aspppls(1M) does not create the temporary
file /tmp/.asppp.fifo safely. 2. OpenSSH Buffer Management Error. |
- |
| UCE-2003-10-6-4 |
Two
Hewlett-Packard Security Bulletins:1. Potential Security Vulnerabilities
in Apache HTTP Server. 2. smrsh restrictions bypass (rev.2). |
- |
| UCE-2003-10-6-3 |
Cumulative
Patch for Internet Explorer |
- |
| UCE-2003-10-6-2 |
W32.Blaster.Worm |
- |
| UCE-2003-10-6-1 |
W32.Welchia.Worm |
- |
| UCE-2003-10-5-6 |
PWSteal.Finero |
- |
| UCE-2003-10-5-5 |
Backdoor.Hacarmy |
- |
| UCE-2003-10-5-4 |
EMML,
EMGB : Include() hole |
- |
| UCE-2003-10-5-3 |
PHP-Nuke
v 6.7 + Windows = File Upload |
- |
| UCE-2003-10-5-2 |
Conexant
Access Runner DSL Console login bypass vulnerability |
- |
| UCE-2003-10-5-1 |
Cobalt
RaQ Control Panel Cross Site Scripting |
- |
| UCE-2003-10-4-12 |
OpenLinux:
wu-ftpd fb_realpath() off-by-one bug |
- |
| UCE-2003-10-4-11 |
Cisco
LEAP Insecurities + POC |
- |
| UCE-2003-10-4-10 |
Conectiva
Security Announcement - vixie-cron |
|
| UCE-2003-10-4-9 |
TSLSA-2003-0003
- openssl |
- |
| UCE-2003-10-4-8 |
Potential
OpenSSL DoS. |
- |
| UCE-2003-10-4-7 |
[RHSA-2003:256-02]
Updated Perl packages fix security issues |
- |
| UCE-2003-10-4-6 |
FreeBSD
: kernel memory disclosure via procfs |
- |
| UCE-2003-10-4-5 |
Cafelog
WordPress / b2 SQL injection vulnerabilities discovered and fixed in CVS |
- |
| UCE-2003-10-4-4 |
EartStation
5 P2P application contains malicious code |
- |
| UCE-2003-10-4-3 |
Cisco
6509 switch telnet vulnerability |
- |
| UCE-2003-10-4-2 |
WordPress
Cafelog is vulnerable to a number of SQL injection attacks |
- |
| UCE-2003-10-4-1 |
Exploit
that brute forces Microsoft's Active Directory authentication |
- |
| UCE-2003-10-3-6 |
WORM_LOVGATE.G |
- |
| UCE-2003-10-3-5 |
TROJ_QHOSTS.A |
- |
| UCE-2003-10-3-4 |
Packard
- Potential Security Vulnerability in socket programs + sendmail |
- |
| UCE-2003-10-3-3 |
ProFTPD
ASCII File Remote Compromise Vulnerability, OpenSSH PAM challenge authentication
failure, Portable OpenSSH server PAM Vulnerability + Sendmail 8.12.9 Prescan
Bug |
- |
| UCE-2003-10-3-2 |
W32.Logitall.A@mm
|
- |
| UCE-2003-10-3-1 |
Trojan.Qhosts
|
- |
| UCE-2003-10-2-7 |
TSLSA-2003-0001
- openssl |
- |
| UCE-2003-10-2-6 |
New
Tool: MetaCoretex (DB Security Scanner) |
- |
| UCE-2003-10-2-5 |
Visualroute
Server - reverse tracerouting |
- |
| UCE-2003-10-2-4 |
New
OpenSSL remote vulnerability (issue date 2003/10/02) |
- |
| UCE-2003-10-2-3 |
Process
Killing - Playing with PostThreadMessage |
- |
| UCE-2003-10-2-2 |
CERT
Advisory CA-2003-26 Multiple Vulnerabilities in SSL/TLS Implementations |
- |
| UCE-2003-10-2-1 |
Inside
the PostThreadMessage API.a WM_QUIT message causing the process to terminate |
- |
| UCE-2003-10-1-10 |
Backdoor.IRC.Tastyred
|
-- |
| UCE-2003-10-1-9 |
W97M.Tabi.Trojan
|
- |
| UCE-2003-10-1-8 |
W32.HLLW.Gaobot.AO
|
- |
| UCE-2003-10-1-7 |
ptl-2003-02:
IBM DB2 INVOKE Command Stack Overflow Vulnerability |
- |
| UCE-2003-10-1-6 |
ptl-2003-01:
IBM DB2 LOAD Command Stack Overflow Vulnerability |
- |
| UCE-2003-10-1-5 |
Multiple
vulnerabilities in WinShadow |
- |
| UCE-2003-10-1-4 |
NOVL-2003-10087450
- Novell Response to NISCC/CERT Advisoriesre: OpenSSL |
CAN-2003-0545
|
| UCE-2003-10-1-3 |
Cisco
Security Advisory: SSL Implementation Vulnerabilities |
- |
| UCE-2003-10-1-2 |
Local
proof of concept exploit |
- |
| UCE-2003-10-1-1 |
OmniCon
WinShadow version 2.0 exploit |
- |
| UCE-2003-09-30-19 |
W32.HLLW.Donk.B
|
- |
| UCE-2003-09-30-18 |
Trojan.Vardo
|
- |
| UCE-2003-09-30-17 |
Trojan.PWS.QQPass.E
|
- |
| UCE-2003-09-30-16 |
W32.HLLW.Gaobot.AN
|
- |
| UCE-2003-09-30-15 |
Local
stackbased overflow found for silly Poker v0.25.5 (advisory + poc exploit) |
- |
| UCE-2003-09-30-14 |
[CLA-2003:751]
Conectiva Security Announcement - openssl |
- |
| UCE-2003-09-30-13 |
MDKSA-2003:097
- Updated mplayer packages fix buffer overflow vulnerability |
- |
| UCE-2003-09-30-12 |
local
buffer overflow vulnerability in freesweep |
- |
| UCE-2003-09-30-11 |
teapop (200309-18) |
CAN-2003-0515
|
| UCE-2003-09-30-10 |
OpenSSL
ASN.1 parsing vulnerabilities. |
- |
| UCE-2003-09-30-9 |
Multiple
OpenSSH/OpenSSL Vulnerabilities on IRIX |
CAN-2003-0695
CAN-2003-0787
CAN-2003-0545
|
| UCE-2003-09-30-8 |
lets code execution through long IRC answer |
- |
| UCE-2003-09-30-7 |
Immunix
Secured OS 7+ OpenSSL update |
CAN-2003-0543 |
| UCE-2003-09-30-6 |
Immunix
Secured OS 7+ OpenSSL update |
- |
| UCE-2003-09-30-5 |
mpg123
(200309-17) |
CAN-2003-0577
|
| UCE-2003-09-30-4 |
OpenPKG
Security Advisory (openssl) |
- |
| UCE-2003-09-30-3 |
Updated
OpenSSL packages fix vulnerabilities |
CAN-2003-0543 |
| UCE-2003-09-30-2 |
CERT
Advisory Notice: Clarifications regarding recent vulnerabilities in OpenSSH |
- |
| UCE-2003-09-30-1 |
Updated
OpenSSL packages fix vulnerabilities |
- |
| UCE-2003-09-29-18 |
DCE
1.2.2c Denial of Service Vulnerability |
--- |
| UCE-2003-09-29-17 |
VBS.Biscuit.A@mm
|
- |
| UCE-2003-09-29-16 |
W32.HLLW.Fatee.B
|
- |
| UCE-2003-09-29-15 |
W32.HLLP.Spreda.B
|
- |
| UCE-2003-09-29-14 |
XM.VNN
|
- |
| UCE-2003-09-29-13 |
W32.Galil.C@mm
|
- |
| UCE-2003-09-29-12 |
sendmail
prescan() vulnerability on IRIX |
CAN-2003-0694
|
| UCE-2003-09-29-11 |
[ANNOUNCE]
kses 0.2.1 |
- |
| UCE-2003-09-29-10 |
[CLA-2003:750]
Conectiva Security Announcement - proftpd |
- |
| UCE-2003-09-29-9 |
New
webfs packages fix buffer overflows, file and directory exposure |
- |
| UCE-2003-09-29-8 |
GLSA:
net-ftp/proftpd (200309-16) |
- |
| UCE-2003-09-29-7 |
GLSA:
media-video/mplayer (200309-15) |
- |
| UCE-2003-09-29-6 |
Shattering
SEH III |
- |
| UCE-2003-09-29-5 |
GuppY
makes XSS attacks easy |
- |
| UCE-2003-09-29-4 |
TSLSA-2003-0037
- proftpd |
- |
| UCE-2003-09-29-3 |
shatter
attacks that are possible using progress bars |
- |
| UCE-2003-09-29-2 |
Geeklog
versions 2.x |
- |
| UCE-2003-09-29-1 |
Remote
exploit for Cfengine versions 2.-2.0.3 |
- |
| UCE-2003-09-27-9 |
W32.Smibag.Worm |
- |
| UCE-2003-09-27-8 |
PWSteal.Lemir.F |
- |
| UCE-2003-09-27-7 |
Backdoor.Zombam.B |
- |
| UCE-2003-09-27-6 |
Backdoor.Semes |
- |
| UCE-2003-09-27-5 |
Backdoor.Mprox |
- |
| UCE-2003-09-274 |
BAT.IRC.Flood |
- |
| UCE-2003-09-27-3 |
W32.Randex.P |
- |
| UCE-2003-09-27-2 |
UnixWare
7.1.3 Open UNIX 8. Sendmail: buffer overflow |
- |
| UCE-2003-09-27-1 |
UnixWare
7.1.3 Open UNIX 8. OpenSSH: buffer problems |
CAN-2003-0786
|
| UCE-2003-09-26-10 |
Updated
apache2 packages fix CGI scripting deadlock |
- |
|
UCE-2003-09-26-9
|
Updated
proftpd packages fix remote root vulnerability
|
-
|
| UCE-2003-09-26-8 |
Denial of Service Vulnerability on IRIX |
CAN-2003-0746 |
| UCE-2003-09-26-5 |
Mplayer
Buffer Overflow |
- |
| UCE-2003-09-26-7 |
SMC
Router Denial of Service exploit |
- |
| UCE-2003-09-26-6 |
New
marbles packages fix buffer overflow |
CAN-2003-0830
|
| UCE-2003-09-26-5 |
Mplayer
Buffer Overflow |
- |
| UCE-2003-09-26-4 |
Local
root exploit for IBM DB2 Universal Database v7.2 |
- |
| UCE-2003-09-26-3 |
Exploit
that causes a denial of service |
- |
| UCE-2003-09-26-2 |
Remote
exploit for Cfengine versions 2.-2.0.3 |
- |
| UCE-2003-09-26-1 |
Remote
exploit for atphttpd version 0.4b on Linux x86 |
- |
| UCE-2003-09-25-15 |
VBS.Taber |
- |
| UCE-2003-09-2514 |
Backdoor.Translat |
- |
| UCE-2003-09-25-13 |
myServer
0.4.3 Directory Traversal Vulnerability |
- |
| UCE-2003-09-2512 |
EORF2003-04:
sbox path disclosure problem |
- |
| UCE-2003-09-25-11 |
LanSuite
2003 - Multiple Vulnerabilities |
- |
| UCE-2003-09-25-10 |
FreeBSD
Security Advisory FreeBSD |
- |
| UCE-2003-09-25-9 |
Sanctum
AppScan 4 misses potential vulnerabilities |
- |
| UCE-2003-09-25-8 |
Thread-IT
Message Board XSS Vulnerability |
- |
| UCE-2003-09-25-6 |
Comment
Board XSS Vulnerability |
- |
| UCE-2003-09-25-5 |
Privacy
leak in VeriSign's SiteFinder service #2 |
- |
| UCE-2003-09-25-4 |
Outlook
security updates not stopping Swen |
- |
| UCE-2003-09-25-3 |
WebWeaver
version 1.06 and below |
- |
| UCE-2003-09-25-2 |
602PRO
LanSuite 2003 for Windows |
- |
| UCE-2003-09-25-1 |
The
Savant Web Server version 3.1 for Windows |
- |
| UCE-2003-09-24-13 |
proFTPD
root vulnerability affecting UNIX |
- |
| UCE-2003-09-24-12 |
FreeBSD
DOS issue -new |
- |
| UCE-2003-09-24-11 |
W32.Dumaru.M@mm |
- |
| UCE-2003-09-24-10 |
W32.Welchia.Worm
|
- |
| UCE-2003-09-24-9 |
W32.Swen.A@mm
|
- |
| UCE-2003-09-24-8 |
FreeBSD
Security Advisory FreeBSD-SA-03:14.arp |
- |
| UCE-2003-09-24-7 |
'WebTool-userpass'
passphrase disclosure vulnerability |
- |
| UCE-2003-09-24-6 |
TCLHttpd
Server - Multiple Vulnerabilities |
- |
| UCE-2003-09-24-5 |
MondoSoft
File Creation vulnerability |
- |
| UCE-2003-09-24-4 |
slackware
WU-FTPD Security Advisory |
- |
| UCE-2003-09-24-3 |
slackware
ProFTPD Security Advisory |
- |
| UCE-2003-09-24-2 |
slackware-
New OpenSSH packages |
- |
| UCE-2003-09-24-1 |
OpenServer
5.0.7 wu-ftpd fb_realpath() off-by-one bug |
- |
| UCE-2003-09-23-6 |
Privacy
leak in VeriSign's SiteFinder service |
- |
| UCE-2003-09-23-5 |
ProFTPD
ASCII File Remote Compromise Vulnerability |
- |
| UCE-2003-09-23-4 |
WZFTPD
Denial Of Service |
- |
| UCE-2003-09-23-3 |
Multiple
PAM vulnerabilities in portable OpenSSH |
- |
| UCE-2003-09-23-2 |
Portable
OpenSSH 3.7.1p2 released |
- |
| UCE-2003-09-23-1 |
mpg123
v0.59r remote client-side heap corruption exploit |
- |
| UCE-2003-09-22-8 |
SpeakFreely
for Win remote crash through malformed GIF |
- |
| UCE-2003-09-22-7 |
SpeakFreely
for Win spoofed DoS |
- |
| UCE-2003-09-22-6 |
Wu_ftpd
all versions (not) vulnerability |
- |
| UCE-2003-09-22-5 |
dos
vulnerability in Xitami Open Source Web Server |
- |
| UCE-2003-09-22-4 |
Red
Hat: Updated Perl packages fix security issues |
CAN-2002-1323
|
| UCE-2003-09-22-3 |
Updated
Apache and mod_ssl packages fix |
CAN-2003-0020
|
| UCE-2003-09-22-2 |
Snort
not backdoored, Sourcefire not compromised |
- |
| UCE-2003-09-22-1 |
Remote
exploit for lsh 1.4.x |
- |
| UCE-2003-09-21-3 |
Debian
SSH fix download |
CAN-2003-0693
|
| UCE-2003-09-21-2 |
Remote
exploit for netris version 0.5 on RedHat 8.0 |
- |
| UCE-2003-09-21-1 |
Local
root exploit for hztty 2.0 |
CAN-2003-0783 |
| UCE-2003-09-20-9 |
New
ipmasq packages fix insecure packet filtering rules |
CAN78-2003-05
|
| UCE-2003-09-20-8 |
How
Verisign's SiteFinder service breaks Windows networking |
- |
| UCE-2003-09-20-7 |
SuSE
Security Announcement: sendmail, sendmail-tls |
CAN-2003-0694
|
| UCE-2003-09-20-6 |
Multiple
Security Issues in Netup UTM |
- |
| UCE-2003-09-20-5 |
How
VeriSign's SiteFinder service breaks Outlook Express |
- |
| UCE-2003-09-20-4 |
Windows:
Analysis of RPC AND Universal Heap Overflow |
- |
| UCE-2003-09-20-3 |
LSH:
Buffer overrun and remote root compromise in lshd |
- |
| UCE-2003-09-20-2 |
KDM:New
kdebase packages fix multiple vulnerabilites |
- |
| UCE-2003-09-20-1 |
myPHPnuke
1.8.8:Vulnrability |
- |
| UCE-2003-09-19-5 |
kde:Conectiva
Security Announcement - |
- |
| UCE-2003-09-19-4 |
Community
Wizard:Admin Access Vulnerability |
- |
| UCE-2003-09-19-3 |
Powerslave
4.3 Information Leak Vuln. |
- |
| UCE-2003-09-19-2 |
Microsoft:Wave
of fake Official Microsoft Advisory |
- |
| UCE-2003-09-19-1 |
Linux:uninitialized
buffer in midnight commander |
- |
| UCE-2003-09-18-8 |
The
Plug and Play Web Server v1.0002c dos |
- |
| UCE-2003-09-18-7 |
The
Plug and Play Web Server v1.0002c scripting |
- |
| UCE-2003-09-18-6 |
Remote
Pine exploit for versions 4.56 and below |
CAN-2003-0720 |
| UCE-2003-09-18-5 |
Remote
Windows exploit for RPC DCOM |
CAN-2003-0528 |
| UCE-2003-09-18-4 |
LSH
exploit |
- |
| UCE-2003-09-18-3 |
Solaris
sadmind exploit |
- |
| UCE-2003-09-18-2
|
MySQL
Buffer Overflow |
CAN-2003-0780 |
| UCE-2003-09-18-1
|
DB2
Buffer Overflow |
-
|
|
|
| Top
Links UK
(not ranked) |
UKCERT
Highlights
|
Top
Links globally
(not ranked) |
UKCERT
-Dev
|
|
http://www.uniras.gov.uk/
http://www.mod.uk/cert/
http://www.bcs-issg.org.uk/
http://www.cesg.gov.uk/index.cfm
http://www.ja.net/CERT/cert.html
http://www.cl.cam.ac.uk/users/rja14/
http://www.hpl.hp.com/conferences
/isc03/
http://www.isg.rhul.ac.uk/
http://www.isaca.org.uk/
http://www.ukresilience.info/virus.htm
http://www.terena.nl/tech/task-forces/tf-csirt/
|
Exploit
section which has many
code examples.
|
http://www.sans.org
http://www.cert.org/
http://www.securityfocus.com/
http://www.auscert.org.au/
http://www.foundstone.com
http://news.ists.dartmouth.edu/today
snews.html#internal11560
http://archives.neohapsis.com
http://securityresponse.symantec.com/
http://www.cisecurity.org/
http://www.itsecurity.com/defaultie5.htm
http://www.linuxsecurity.com/
|
UKCERT
starts email newlsletter.
UKCERT is developing a new secure database login system.
Also a forum with identification system and experts exchange.
Priority at the moment is the new Search facility and next weeks new newsletter. |
| elaw
|
CERTs Worldwide
|
|
Bank
of Montreal in Customer records
on hard drive for ebay.
California
law could change global business.
Canadian
tech company ecommerce
patent enforced in Australia.
|
Global-
CERT™
US- USCERT
Australia- AusCERT
UK- UKCERT - You are here.
Canada- CanCERT
Japan- JPCERT
Hong
Kong- HKCERT
|
Sector
specific US certs.
--Energy
--NASA
--Military
Sector
specific UK certs.
--Academic
--Military
--Governmental
|
CERT-China
CERT-Croatia
CERT-France
CERT-Germany
CERT-Italy
CERT-Denmark
CERT-Finland
CERT-Korea
CERT-Lithuania
contact
webmaster @ ukcert.org.uk to add new ones
|
CERT-Mexico
CERT-Netherland
CERT-Norway
CERT-Poland
CERT-Russia
CERT-Slovenia
CERT-Spain
CERT-Sweden
CERT-Switzerland
Other European based
Teams- CSIRTs |