Sunday, March 28, 2004

---------------------------------------------------------------------- Slashdot ---------------------------------------------------------------------- 1.  Verizon's NYC 911 System Shutdown ---------------------------------------------------------------------- SecurityFocus Vulns ---------------------------------------------------------------------- 2.  Vulns: Mutt Menu Drawing Remote Buffer Overflow Vulnerability. Mutt is a freely available, open source mail user agent (MUA). It is available for the Unix and Linux platforms. A problem in the handling of some types of input has be... 3.  Vulns: Midnight Commander Virtual File System Symlink Buffer Overflow Vulnerability. Midnight Commander is a popular file management tool for Unix systems. Among other features, Midnight Commander is provided with a code layer to access the file system; t... ---------------------------------------------------------------------- NewsIsFree: Security ---------------------------------------------------------------------- 4.  National Security Spec Advances 5.  RSA shows RFID tag blocker 6.  WebTV 911 'hacker' charged with cyberterrorism 7.  Homeland insecurity starts at home 7:28:30 PM    comment []

---------------------------------------------------------------------- Slashdot ---------------------------------------------------------------------- 1.  Mars Terraforming Debate 6:33:48 PM    comment []

---------------------------------------------------------------------- Yahoo! News - Technology ---------------------------------------------------------------------- 1.  Cybersecurity Liability Said Increasing (Reuters). Reuters - Hackers, viruses, and other online threats don't just create headaches for Internet users -- they could also create prison sentences for corporate executives, experts say. ---------------------------------------------------------------------- Slashdot ---------------------------------------------------------------------- 2.  Bush Says Americans 'Ought to Have' Broadband and a Pony by 2007 ---------------------------------------------------------------------- SecurityFocus Vulns ---------------------------------------------------------------------- 3.  Vulns: Apache Connection Blocking Denial Of Service Vulnerability. Apache is prone to an issue that may permit remote attackers to cause a denial of service issue via a listening socket on a rarely accessed port. The issue is caused by ... 4.  Vulns: Apache Error Log Escape Sequence Injection Vulnerability. Apache is a freely available Web server for Unix and Linux variants, as well as Microsoft operating systems. It has been reported that the Apache web server is prone to ... 5.  Vulns: Apache Mod_SSL HTTP Request Remote Denial Of Service Vulnerability. mod_ssl is the implementation of SSL (Secure Socket Layer) for the Apache webserver. mod_ssl has been reported to be prone to a remote denial of service vulnerability. ... ---------------------------------------------------------------------- NewsIsFree: Security ---------------------------------------------------------------------- 6.  Cisco announces multiple vulnerabilities based on new exploit code release. UPDATED 5:33:28 PM    comment []

---------------------------------------------------------------------- Yahoo! News - Technology ---------------------------------------------------------------------- 1.  Singer Howie Day Arrested in Wisconsin (AP). AP - Singer Howie Day was arrested for apparently locking a woman in a bathroom and breaking another woman's cell phone after one of the women allegedly refused his sexual advances. ---------------------------------------------------------------------- Slashdot ---------------------------------------------------------------------- 2.  Annual Ludum Dare Independent Game Competition ---------------------------------------------------------------------- SecurityFocus Vulns ---------------------------------------------------------------------- 3.  Vulns: phpBB profile.php avatarselect Cross-Site Scripting Vulnerability. phpBB is an open-source web forum application that is written in PHP and supported by a number of database products. It will run on most Unix and Linux variants, as well ... 4.  Vulns: PhpBB admin_words.php Multiple Vulnerabilities. phpBB is an open-source web forum application that is written in PHP and supported by a number of database products. It will run on most Unix and Linux variants, as well ... 5.  Vulns: PHPBB Search.PHP Search_Results Parameter SQL Injection Vulnerability. phpBB is an open-source web forum application that is written in PHP and supported by a number of database products. It will run on most Unix and Linux variants, as well ... 6.  Vulns: Nival Interactive Etherlords Remote Denial Of Service Vulnerability. Etherlords and Etherlords II are role playing based adventure games commercially available for the Microsoft Windows platform. The game has the capacity to act as both a... 7.  Vulns: Emil Multiple Buffer Overrun and Format String Vulnerabilities. emil is a filter for converting Internet mail messages from various formats. It is available for Unix and Linux variants. Multiple locally and remotely exploitable buff... ---------------------------------------------------------------------- NewsIsFree: Security ---------------------------------------------------------------------- 8.  ARIN plans to assign from 70.0.0.0/8 shortly 9.  Critical Flaw in ISS RealSecure/BlackIce 4:33:08 PM    comment []

---------------------------------------------------------------------- Slashdot ---------------------------------------------------------------------- 1.  Methane on Mars? ---------------------------------------------------------------------- SecurityFocus Vulns ---------------------------------------------------------------------- 2.  Vulns: ESignal Remote Buffer Overflow Vulnerability. eSignal is an application that provides real-time stock market information. It is commercially available for the Microsoft Windows platform. It has been reported that e... ---------------------------------------------------------------------- NewsIsFree: Security ---------------------------------------------------------------------- 3.  Auditing the mind of a hacker 4.  Cisco announces multiple vulnerabilities based on new exploit code release. UPDATED 2004-03-28 5.  WORM_AGOBOT.GB 3:32:48 PM    comment []

---------------------------------------------------------------------- SecurityFocus Vulns ---------------------------------------------------------------------- 1.  Vulns: Trend Micro Interscan WebManager Java TeleWindow Unspecified Credential Theft Vulnerability. Interscan WebManager is a suite of applications designed to inspect and filter HTTP data of potentially malicious content. Java TeleWindow is an application included in ... 2.  Vulns: phpBB Multiple Input Validation Vulnerabilities. phpBB is an open-source web forum application that is written in PHP and supported by a number of database products. It will run on most Unix and Linux variants, as well ... 3.  Vulns: Apache mod_disk_cache Module Client Authentication Credential Storage Weakness. Apache mod_disk_cache module is used to implement a disk based storage manager. It stores and retrieves content from cache using URI based keys. It is often used with m... ---------------------------------------------------------------------- NewsIsFree: Security ---------------------------------------------------------------------- 4.  BBC News: Online virus war is slowing down "The long-running feud between the makers of the Bagl... 5.  Wired: Soviets Burned By CIA Hackers? "charges the book's revelations are rubbish" 6.  Tech World: Microsoft will pay for a review of your network's security "And tell you which of it... 7.  IT Web Za: Making hotspots secure "Wireless connectivity provides freedom to access information ... 8.  The Register: Auditing the mind of a hacker [O'Reilly] "Security consultants are teaming up with... 2:32:28 PM    comment []

---------------------------------------------------------------------- Ars Technica ---------------------------------------------------------------------- 1.  Ars OpenForum maintenance... time for more disk space. The server is scheduled to go down around 9PM EST today, and the updates, plus building the array out to the new disks, are expected to take most of the night, barring any problems. By Ken "Caesar" Fisher. ---------------------------------------------------------------------- Yahoo! News - Technology ---------------------------------------------------------------------- 2.  Spam-Busters Say They're Winning the War (Reuters). Reuters - They're the scourge of the electronic age -- the modern-day equivalent of the 19th century snake-oil salesmen hawking their miracle cures, love potions and get-rich-quick schemes. ---------------------------------------------------------------------- Slashdot ---------------------------------------------------------------------- 3.  IBM's Linux Upgrade Roadmap ---------------------------------------------------------------------- SecurityFocus Vulns ---------------------------------------------------------------------- 4.  Vulns: MySQL Aborted Bug Report Insecure Temporary File Creation Vulnerability. MySQL includes a bug reporting utility (mysqlbug), which opens a text editor to permit a user to submit bug reports to the vendor. A vulnerability related to insecure te... 5.  Vulns: Check Point Firewall-1 SmartDashboard Filter Buffer Overflow Vulnerability. Firewall-1 is a commercially available enterprise firewall software package. It is distributed by Check Point, and available for the Unix, Linux, and Microsoft Windows pl... 6.  Vulns: Cisco IOS MSFC2 Malformed Layer 2 Frame Denial Of Service Vulnerability. IOS is the device operating system available for the Cisco hardware platform. It is maintained and distributed by Cisco. A problem has been identified in the handling o... 7.  Vulns: Cisco Content Service Switch Management Port UDP Denial Of Service Vulnerability. The Content Service Switch is a device designed to enhance the handling and service of web content. It is distributed and maintained by Cisco Systems. A problem in the ... 8.  Vulns: Cisco ACNS Authentication Library Remote Buffer Overrun Vulnerability. Cisco has reported a remotely exploitable buffer overrun in ACNS authentication libraries, which are typically deployed on various Content devices. In particular, there ... 9.  Vulns: Cisco Aironet AP1x00 Malformed HTTP GET Denial Of Service Vulnerability. The Cisco Aironet AP1x00 is a series of wireless access point devices. Cisco Aironet AP1x00 series devices are prone to a denial of service vulnerability upon receipt of... 1:32:07 PM    comment []

---------------------------------------------------------------------- Slashdot ---------------------------------------------------------------------- 1.  Squeezebox MP3 Player Hacked to Play Video 12:31:48 PM    comment []

---------------------------------------------------------------------- Yahoo! News - Technology ---------------------------------------------------------------------- 1.  New 'Pitfall' Game Is a Great Find (Reuters). Reuters - "Pitfall" was one of the great games of the early computer age. ---------------------------------------------------------------------- Slashdot ---------------------------------------------------------------------- 2.  Say Goodbye to BuyMusic.com ---------------------------------------------------------------------- SecurityFocus Vulns ---------------------------------------------------------------------- 3.  Vulns: Kerio MailServer Spam Filter Buffer Overrun Vulnerability. Kerio has reported that MailServer is prone to a remotely exploitable buffer overrun condition. This vulnerability exists in the spam filter component. Insufficient b... ---------------------------------------------------------------------- NewsIsFree: Security ---------------------------------------------------------------------- 4.  WORM_SOBER.E 11:31:28 AM    comment []

---------------------------------------------------------------------- Boing Boing ---------------------------------------------------------------------- 1.  Europeans! Adjust your clocks and your circadians today. Reminder: Today is Leap Forward day in Europe. Adjust your clocks accordingly. Here's an excerpt from Eastern Standard Tribe on the subject: The sleep-deprived are terrible, terrible drivers. Daylight savings time is a widowmaker: stay off the roads on Leap Forward day! ---------------------------------------------------------------------- CNET News.com ---------------------------------------------------------------------- 2.  Week ahead: Gates is Gartner's guest. Gartner Symposium/ITxpo 2004 will grab the limelight in the coming week, as notable tech executives, including Mr. Bill himself, gather for the four-day affair. 3.  When the CEO is the brand but falls from grace. Knowledge@Wharton examines how companies can save their skins even when the founder falls into disgrace. ---------------------------------------------------------------------- Yahoo! News - Technology ---------------------------------------------------------------------- 4.  Video Game Industry Faces 'Crisis of Creativity' (Reuters). Reuters - The video game industry is facing a hardening of the creative arteries as aging gamers' tastes increasingly shift toward sequels and games based on movies, industry participants said this week. ---------------------------------------------------------------------- Slashdot ---------------------------------------------------------------------- 5.  25th Anniversary Of Three Mile Island 6.  X-43A Hits Mach 7 ---------------------------------------------------------------------- The Register ---------------------------------------------------------------------- 7.  Auditing the mind of a hacker. FBI and security experts probe psyche ---------------------------------------------------------------------- NewsIsFree: Security ---------------------------------------------------------------------- 8.  Open source security ‘not good enough’ 9.  Motives, methods of hackers are changing 10.  Ottawa to set up secure communication system safe from hackers 11.  Making hotspots secure 12.  Microsoft will pay for a review of your network's security 13.  Online virus war is slowing down 14.  Soviets Burned By CIA Hackers? 15.  New Spawn of Bagle Worm Unleashed 16.  Alleged hacker from Ukraine to be extradited to US 17.  NASA successfully tests hypersonic jet 18.  Dogs of War: Securing Microsoft Groupware Environments with Unix (Part One) 19.  How about wireless entertainment in your home? 20.  Bush wants cheap high-speed Internet access for all by 2007 21.  Zyxel 645R VOIP (SIP) example 22.  HTML_DOGET.A 10:31:09 AM    comment []

---------------------------------------------------------------------- The Register ---------------------------------------------------------------------- 1.  Good Technology settles with Lawsuits in Motion. Lump sum and license 7:16:57 AM    comment []

---------------------------------------------------------------------- Slashdot ---------------------------------------------------------------------- 1.  George Mason University Speech Accent Archive ---------------------------------------------------------------------- NewsIsFree: Security ---------------------------------------------------------------------- 2.  Securiteam: Mac OS-X Admin Service Buffer Overflow Vulnerability "can lead to arbitrary code exe... 6:16:37 AM    comment []

---------------------------------------------------------------------- Yahoo! News - Technology ---------------------------------------------------------------------- 1.  Political Money, Tracked to Your Door (washingtonpost.com). washingtonpost.com - A new Web site makes it easy to see how much dough your neighbors are giving to presidential candidates. ---------------------------------------------------------------------- NewsIsFree: Security ---------------------------------------------------------------------- 2.  Security Focus: PHP openlog() Buffer Overflow Vulnerability "may be possible for an attacker to ... 3.  Solitude, Astronomy, and Hacking 5:16:17 AM    comment []

4:16:04 AM    comment []

---------------------------------------------------------------------- Dilbert ---------------------------------------------------------------------- 1.  Dilbert for 28 Mar 2004. ---------------------------------------------------------------------- Slashdot ---------------------------------------------------------------------- 2.  Apple Tries to Patent iPod User Interface ---------------------------------------------------------------------- BBC News | Technology | UK Edition ---------------------------------------------------------------------- 3.  Bright outlook for digital cameras. Digital photography has been around for the best part of a decade, but is now coming of age. 3:15:28 AM    comment []

---------------------------------------------------------------------- Boing Boing ---------------------------------------------------------------------- 1.  iVillage creates a virtual women-only island in the There MMO. Terra Nova's Betsy Book takes note of a co-branding deal between the women's portal site iVillage and the massively multiplayer environment There, in which a women-only island called Paradise Island will be created for the enjoyment of women players, branded by iVillage. Book raises three excellent questions about this: 1 - It's a virtual space doubly marked by gender and commercial co-branding. (Is this the first of its kind? Anyone know of any precedents?) 2 - iVillage is a text-based community of women whose bonding often takes place specifically around members' relationships to their RL bodies in the form of pregnancy, dieting, health, and beauty tips. While there may be the rare case of role-playing and gender-bending in the iVillage web community (ie. men posing as women), most participants' online identities are extensions of their RL (female) selves. Will this direct tie between offline/online identity carry over into a virtual world? Or will iVillage women use There to role play, whether that means creating an avatar that looks radically different from their RL body, or even choose a male avatar? 3 - The branding of a virtual space as female automatically sexualizes it. Already some of the male community members in There are viewing the addition of iVillage island as a welcome opportunity to increase their chances for romance. How will the iVillage women respond to these romantic overtures? Is There prepared to deal with any Mr. Bungles that show up? Link 2:15:07 AM    comment []

1:14:47 AM    comment []

---------------------------------------------------------------------- Slashdot ---------------------------------------------------------------------- 1.  Creativity, a Problem for the Gaming Industry? ---------------------------------------------------------------------- NewsIsFree: Security ---------------------------------------------------------------------- 2.  [MS04-005] Virtual PC for Mac güvenlik açýðý (835159) 3.  [VIRUS] W32/Mydoom.C 4.  [MS04-006] WINS güvenlik açýðý kod çalýþtýrmaya izin veriyor (830352) 5.  [MS04-007] ASN.1 güvenlik açýðý (828028) 6.  [VIRUS] Robin Hood virüsü? Yeni bir Nachi varyantý yayýlýyor! 7.  [MS] Windows'un program kodlarý internete sýzdý 8.  UnrealIRCd güvenlik açýðý 9.  Redhat 9.0 üzerine Snort IDS ve Acid Kurulum Klavuzu v1.2 10.  [VIRUS] Yeni bir Bagle virüsü varyantý yayýlýyor: W32/Bagle.B-mm (Orta Risk) 11.  Að güvenliðinde IBM ve Cisco iþbirliði 12.  What Happens to Java Now? 13.  Pixar releases RenderMan Pro Server for Mac 14.  What's Hot in Remote Systems Monitoring 12:14:28 AM    comment []

© Copyright 2004 Gregg Doherty. Last update: 4/3/2004; 12:20:45 AM.