Network Security
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
FWD: SecurityFocus.com Newsletter #47
- From: Paul Howell
- Date: Mon Jun 26 12:55:51 2000
------- Forwarded Message
Date: Mon, 26 Jun 2000 09:33:32 -0700
Reply-To: Walter Ash <wash@SECURITYFOCUS.COM>
Sender: SF-NEWS Mailing List <SF-NEWS@SECURITYFOCUS.COM>
From: Walter Ash <wash@SECURITYFOCUS.COM>
Subject: SecurityFocus.com Newsletter #47
To: SF-NEWS@SECURITYFOCUS.COM
Premier sponsor: PentaSafe
STOP NOW AND MAKE SURE THAT YOUR SYSTEMS ARE SECURE. Download PentaSafe's
10-Point Security Checkup ReportTM for Windows NT, UNIX, Linux, or IBM
AS/400. In minutes, this FREE program will scan your systems, checking
for the top ten most critical, yet often overlooked, security weaknesses
and let you know if your systems' security is a pass or a fail.
Do it now: http://www.pentasafe.com
SecurityFocus.com Newsletter #47
- --------------------------------
I. FRONT AND CENTER
1. Audio Interview with Jennifer Granick
2. Audio Interview with Max Vision
3. Intrusion Detection: Analyzing IDS Data
4. Incident Handling: Intelligence Preparation of The Battlefield
5. The Motives and Psychology of the Black-hat Community
6. Focus-Sun: Solaris Default Processes and init.d Part 3
7. Info.sec.radio is on the air!
8. Request for Writers - Antivirus
II. BUGTRAQ SUMMARY
1. SuSE Linux aaabase User Account with /tmp Home Vulnerability
2. Cart32 "expdate" Administrative Information Disclosure Vulnerability
3. Panda Antivirus for NetWare Unauthenticated Admin Vulnerability
4. IMP/MSWordView /tmp File Permission Vulnerability
5. IMP/MSWordView /tmp File Deletion Denial of Service Vulnerability
6. Tripwire 1.2 Long Filename Request DoS Vulnerability
7. Network Associates Net Tools PKI Server 1.0 Buffer Overflow
8. Network Associates Net Tools PKI Server 1.0 Unauthenticated Access
9. WebBBS Web Server Buffer Overflow Vulnerability
10. Alt-N MDaemon 2.8.5.0 UIDL DoS Vulnerability
11. RedHat Piranha Virtual Server Package Plaintext Password
12. HM Software S to Infinity Multiple Vulnerabilities
13. libICE Denial of Service Vulnerability
14. xdm/kdm/wdm Buffer Overflow Vulnerability
15. Linux KON (Kanji On Console) Buffer Overflow Vulnerability
16. Linux rpc.lockd Remote Denial Of Service Vulnerability
17. CUPS (Common UNIX Printing System) Denial of Service Vulnerability
18. GSSFTP Daemon Input Validation Vulnerability
19. Netscape Professional Services FTP Server Vulnerability
20. Netwin DMailWeb & CWMail Multiple DoS Vulnerabilities
21. Linux gpm Denial of Service Vulnerability
22. BEA Systems WebLogic Server and Express Source Code Disclosure
23. SGI IRIX cvconnect File Overwrite Vulnerability
24. KDE KMail Long Attachment Filename Denial of Service Vulnerability
25. xinetd Connection Filtering Via Hostname Vulnerability
26. gkermit setgid uucp Vulnerability
27. AIX cdmount Insecure External Program Call Vulnerability
28. Secure Locate LOCATE_PATH Validation Vulnerability
29. Allaire JRun 2.3.x Sample Files Vulnerability
III. SECURITYFOCUS.COM NEWS ARTICLES
1. Online Snafu exposes CIA names (June 22, 2000)
2. Signing-off on Crime? (June 21, 2000)
3. Ripping the Net (June 25, 2000)
IV.SECURITY FOCUS TOP 6 TOOLS
1. packet2sql 2.0.1 (Linux)
2. OutGuess 1.0 (Linux, Solaris, Unix)
3. tcpd 0.2 (Linux, Solaris)
4. Advanced NT Security Explorer 1.0 (Windows NT)
5. dumpevt2.pl (Windows NT)
6. Guardbot (Linux, Solaris, Windows 95/98, Windows NT)
V. SECURITYJOBS LIST SUMMARY
1. Security Consultant at Brazil. (Thread)
2. willing to work in digital security industry (Thread)
3. Technical Security R&D Engineer - #640 - Melbourne, FL (Thread)
4. Incident Response Director - #640 - Melbourne, FL (Thread)
5. Posting for a Friend. (Thread)
6. Security Partnering in London (Thread)
7. Computer Security Consultants Needed (Thread)
8. Security jobs in Switzerland (Thread)
VI. INCIDENTS LIST SUMMARY
1. foreign HTTP requests (Thread)
2. 8.2.2-P5 stops answering queries? (Thread)
3. Port 7070? (Thread)
4. Connections to port 635 ?? (Thread)
5. Netbus portscan ( port 12345) (Thread)
6. Which DoS ? [Updated] (Thread)
7. Hacked by the script kiddie - an ordinary netadmin's day (Thread)
8. Addendum: scanned - strange! (Thread)
9. Nike Site taken over (Thread)
10. (forw) Jennifer Granick Audio Interview now online (Thread)
11. scanned - strange! (Thread)
12. Quova.net (Thread)
13. "Quova.net" (Exodus downstream customer) (Thread)
14. .:: 14x :: Omega Statistics ::. (Thread)
15. t0rn, backdoors and a busy cracker. (Thread)
16. Portscan detected from your machine (Thread)
17. FTP Access Probe? (Thread)
18. was: Portscan detected from your machine (Thread)
19. scan log (Thread)
20. Biggest Incident This Week: Missing Hard Drives (Thread)
21. Help for writing a kernel module. (Thread)
VII. VULN-DEV RESEARCH LIST SUMMARY
1. Another new worm??? (technical) (Thread)
2. Another new worm??? (Thread)
3. Capturing System Calls (Thread)
4. Red Hat 6.2's ftp segmentation fault (Thread)
5. old DOS still good 4 win2k (Thread)
6. Another new worm??? (long) (Thread)
7. disclosure and risk to list subscribers (Thread)
8. Fwd: ShowFile CGI Security Vulnerability (Thread)
9. R: R: New DoS attack (Thread)
10. HP LaserJet 4 Series Jet Direct (Thread)
11. Another New Worm? (Thread)
12. Keyboard recording (Thread)
13. Fw: Norton AntiVirus SupportNow! VIRUS NOTIFICATION! (Thread)
14. New DoS attack (Thread)
15. HP LaserJet 4 Series Jet Direct (and others) (Thread)
16. omni backup program (Thread)
17. dsniff-2.2 release (Thread)
18. N2H2 Web Proxy/Filter appliance (Thread)
20. R: New DoS attack (Thread)
21. [Fwd: Exploit code for PalmOS] (Thread)
22. Firewalls and stuff (Was about N2H2) (Thread)
23. Exploit code for PalmOS (Thread)
VIII. MICROSOFT FOCUS LIST SUMMARY
1. Firewall (Thread)
2. [ no subject ]
3. post sp6a hotifxes (Thread)
4. IIS Log analysis (Thread)
5. Lan-to-Lan VPN (Thread)
6. DHCP on Windows 2000 DC (Thread)
7. New SHS worm (Thread)
8. Firewall ports (Thread)
9. NT 4.0 DHCP/DNS/WINS Server Security (Thread)
10. Winfingerprint v2.2.5 (Thread)
11. Administrivia (Thread)
12. Check_Subject (Thread)
13. your mail (Thread)
14. Last Login Time (Thread)
15. How secure is PPTP? (Thread)
16. Virus Detection in Exchange Server 4.0 (Thread)
17. WinNT System Scanner Info (Thread)
18. Windows NT System Scanner (Thread)
19. MS Outloook / Exchange Custom Config (Thread)
20. Is there a bug in the Outlook patch (Thread)
21. cyber cop - CyberCop Sting (Thread)
22. NT server, Service packs, Exchange.. (Thread)
23. Multiple login with the same user name. (Thread)
24. Internet Browser Cache (Thread)
25. MS hotmail Email Spam (Thread)
IX. SUN FOCUS LIST SUMMARY
1. Daily sysadmin tasks (Thread)
2. ipf fails to attach (Thread)
3. Sun Patch Methods (Thread)
4. Locking down a Sun box (Thread)
5. Sun Patch Methods [SecFocus patch tool] (Thread)
6. IPchains vs IPfilter (Thread)
7. Solaris 2.8, was Locking down a Sun box (Thread)
8. Portscan warning (was: Determining unnessary ports) (Thread)
9. Running BIND chroot on Solaris (Solution) (Thread)
10. Trusted Solaris: can it beused on the command line/serial (Thread)
11. Trusted Solaris: can it beused on the command line/serial (Thread)
12. Trusted Solaris: can it beused on the command line/serial (Thread)
13. Determining unnessary ports (Thread)
14. Trusted Solaris: can it beused on the command line/serial (Thread)
15. Trusted Solaris: can it beused on the command line/serial (Thread)
16. Determining unnecessary ports (Thread)
17. sun support / linux ?? (Thread)
18. [ no subject ]
19. (IP Filter for Solaris) (Thread)
20. linux v. solaris (Thread)
21. Sunscreen vs ipf (Thread)
22. Secured FTP server (Thread)
X. LINUX FOCUS LIST SUMMARY
1. hdparm -c (Thread)
2. Terminal app. (Thread)
3. Squid Cache (Thread)
4. virus scanner for ftp/http proxy (Thread)
5. Question on ipchains and /etc/host.deny (Thread)
6. Linux questions (Thread)
7. Linux Distro Security (Thread)
8. The quietest bunch of Linux users of all time... (Thread)
9. HTML Mail (Thread)
10. Freeware mailing list software? (Thread)
11. a Few questions (Thread)
12. deleting a user (Thread)
13. [kernel 2.2.16] - icmp scramble (Thread)
14. ICMP IP PACKETS Coding (Thread)
15. Apache and Frontpage Extension (Thread)
16. No o/s is secure (Thread)
17. Netfilter Instalation (Thread)
18. ADMROCKS, rewt (Thread)
19. ADMROCKS, rewt, again (Thread)
20. The quietest bunch of Linux users of all time.. . (Thread)
21. Ipchains on RedHat (Thread)
XI. SPONSOR INFORMATION - PentaSafe
XII. SUBSCRIBE/UNSUBSCRIBE INFORMATION
JAWS Technologies is a leading provider of trusted end-to-end security
solutions, including information security software utilizing proprietary
4096 bit encryption technology, consulting and training services and
secure Internet-based data storage and backup. As an enabler to
e-commerce, JAWS' information security services help organizations protect
key assets including information, brand and reputation, while contributing
to improved corporate governance and legal obligations. Visit
http://www.JAWSstorage.com/?ref_id=1 to trial our Internet-based Secure
Network Storage service free for 30 days.
I. FRONT AND CENTER
- -------------------
Welcome to the SecurityFocus.com 'week in review' newsletter issue 47
1. Audio Interview with Jennifer Granick
An interview with Jennifer Granick, a criminal defense attorney in San
Francisco who many consider one of the top legal experts on hacking and
cyberlaw. Topics include digital evidence preservation, the law and
security.
Jennifer discusses digital forensics and legal issues as well as answering
questions and offering her thoughts on:
- - What legal advice would you give organizations and individuals who have
been targeted by computer criminials?
- - How does digital forensics differ from conventional forensics?
- - How you should preserve digital evidence for use in legal proceedings.
- - Is technology surpassing the capabilities of the legal system?
http://www.securityfocus.com/media/34
2. Audio Interview with Max Vision
Security Focus presents an interview with Max Vision, the creator of
ArachNIDS. Topics include intrusion detection and security.
Max discusses ArachNIDS and Intrusion Detection and answers questions and
offers his opinions on:
- - Why choose Snort IDS?
- - What are the advantages of signature based detection over anomaly?
- - What is the procedure for submitting a signature to ArachNIDS.
- - Where do you see the IDS industry heading?
http://www.securityfocus.com/media/33
3. New Article in the Intrusion Detection Focus Area: Analyzing IDS Data
This paper was written after a discussion with a fellow security expert
from a military research lab. As this research organization grew, it
needed to address the growing pains tied to large scale versus small-scale
intrusion detection. We talked about how much work there is surrounding
the operations of IDS services and how management was not aware of the
amount of effort involved. Management had been influenced by marketing
that demonstrated that intrusion detection was as simple as installing a
real-time detector to the network and respond before any real damage
occurred. This paper is the beginning of outlining the processes that
surround the IDS framework. It is not a paper to discuss weaknesses in IDS
technology, but the weaknesses of IDS implementation. - Chris Jordan
http://www.securityfocus.com/frames/?focus=ids&content=/focus/ids/articles/analyzeids.html
4. New Article in the Incident Handling Focus Area: Intelligence
Preparation of The Battlefield
"Intelligence Preparation of the Battlefield" is a term used in the
military that defines the methodology employed to reduce uncertainties
concerning the enemy, environment, and terrain for all types of
operations. It is a continuous process that is used throughout all planned
and executed operations. The networked environment which security
professionals are tasked with securing is analogous to a battlefield. The
myriad of attackers and intruders from the void are the aggressors
constantly on the offense. The security professionals are the defenders,
entrusted to preserve the confidentiality and integrity of data against
these marauders.
http://www.securityfocus.com/frames/?focus=ih&content=/focus/ih/articles/battlefield.html
5. The Motives and Psychology of the Black-hat Community
This installation of the Know Your Enemy series focuses on an examination
of black-hat activity following the compromise of a honeynet setup. This
paper is the result of the work and research of the Honeynet Project, a
small group of security professionals dedicated to learning the tools and
tactics of the blackhat community. In it, the reader is shown detailed
keystroke logs of everything that these unsuspecting blackhats did to hack
and maintain root on the system, as well as full transcripts of their IRC
sessions while they were being watched - including their plans to DoS
major networks, and their usage of stolen credit card numbers. The
Honeynet Project estimates that over 370 other systems were compromised in
this two-week period by the same individuals.
Read the results of this revealing and unconventional research at:
http://www.securityfocus.com/frames/?focus=ids&content=/focus/ids/articles/kye/motives.html
6. Focus-Sun: Solaris Default Processes and init.d Part 3
By Hal Flynn
This article has been written to provide insight into a stock installation
of Solaris 8, and the services started by default. Out of the box, Solaris
8 by runs many services. Most of this document will apply to releases of
Solaris prior to 8, and to both the Sparc and Intel architectures. Many
topics discussed will be familiar to seasoned administrators. However,
this document will benefit all parties involved in the administration and
security aspects of Solaris. In this, the final installation of Hal
Flynn's init.d and startup analysis series, he talks about what processes
are started from what files, what these processes do, and how to eliminate
them if they are not needed on a system.
http://www.securityfocus.com/frames/?focus=sun&content=/focus/sun/articles/b5.html
7. Info.sec.radio is on the air!
This week's edition of Info.sec.radio features the first in a three part
series on Hackers, Forensics and Hacker Profiling as well as an interview
with Chris Davis of Itemus. Chris Davis is credited with tracking down
Raphael Gray a.k.a. Curador, the person who was responsible for stealing
25,000 Credit Card numbers and posting them to the net.
Tune in live at 10:00am Pacific, 11:00am Mountain, 1:00pm Eastern or
6:00pm Greenwich at http://www.securityfocus.com/media/35.
8. Request for Writers - Antivirus
SecurityFocus.com is expanding its article library to include papers on
antivirus-related topics.
Experienced contract and freelance writers, with samples of published
work, are invited to submit proposals for 1800-2200 word articles on a
range of AV subjects.
For further information, please contact:
Jeremy Paquette
SecurityFocus.com
jpaquette@securityfocus.com
(403) 213-3939
II. BUGTRAQ SUMMARY
- -------------------
1. SuSE Linux aaabase User Account with /tmp Home Vulnerability
BugTraq ID: 1357
Remote: No
Date Published: 2000-05-02
Relevant URL:
http://www.securityfocus.com/bid/1357
Summary:
In all versions of SuSE Linux, accounts are created by default which have
the home directory of /tmp. As /tmp is world writable, it is possible for
any user on the system to create shell dotfiles, which will be executed
upon someone actually logging into that account, or su'ing with the -
option to that account. This could allow a local user to compromise
certain accounts on the machine, and could potentially be used to leverage
further access.
Under SuSE 6.4, these accounts are games, firewall, wwwrun and nobody.
2. Cart32 "expdate" Administrative Information Disclosure Vulnerability
BugTraq ID: 1358
Remote: Yes
Date Published: 2000-05-03
Relevant URL:
http://www.securityfocus.com/bid/1358
Summary:
By appending the string "/expdate" to a request for the cart32.exe
executable, (http: //target/cgi-bin/cart32.exe/expdate) an attacker
can access an error message followed by a debugging page containing the
server variables, the Cart32 administration directory and possibly the
contents of the cgi-bin.
3. Panda Antivirus for NetWare Remote Unauthenticated Administration Vulnerability
BugTraq ID: 1359
Remote: Yes
Date Published: 2000-06-17
Relevant URL:
http://www.securityfocus.com/bid/1359
Summary:
Port 2001 is open by default in Panda Antivirus for NetWare (other
platforms have not been tested) and will allow a remote user to execute
any NetWare command via the 'CMD' option.
4. IMP/MSWordView /tmp File Permission Vulnerability
BugTraq ID: 1360
Remote: No
Date Published: 2000-04-22
Relevant URL:
http://www.securityfocus.com/bid/1360
Summary:
A vulnerability exists in the IMP webmail package that may allow sensitive
information to be disclosed. By failing to set a restrictive umask,
MS-Word documents which are converted by IMP in to HTML are readable by
any user on the system. This action is performed by a utility named
MSWordView, the files are stored in /tmp, and are named
imp.word.<date>_<random data>.html.
This vulnerability requires local access to the machine. As many
installations are on machines which specifically do not allow user level
access, this may not be an issue for all machines using IMP.
5. IMP/MSWordView /tmp File Deletion Denial of Service Vulnerability
BugTraq ID: 1361
Remote: Yes
Date Published: 2000-04-22
Relevant URL:
http://www.securityfocus.com/bid/1361
Summary:
A potential denial of service exists in all versions of the IMP web mail
package. The MSWordView application utilizes /tmp as temporary space for
converting MS Word documents to html. If the MSWordView application is
terminated prior to completion, the file created in /tmp will not be
removed. A remote user can exploit this flaw, and cause the /tmp
filesystem to fill with files. This could cause a myriad of problems,
including crashing the system, depending on the implementation of the
operating system and the /tmp file system.
This vulnerability requires the user have an account of the machine for
receiving web based mail.
6. Tripwire 1.2 Long Filename Request DoS Vulnerability
BugTraq ID: 1362
Remote: No
Date Published: 1999-01-04
Relevant URL:
http://www.securityfocus.com/bid/1362
Summary:
If Tripwire1.2 and earlier encounters a filename composed of 128-255
characters, it will crash. The application must be restarted to regain
normal functionality.
7. Network Associates Net Tools PKI Server 1.0 Buffer Overflow Vulnerability
BugTraq ID: 1363
Remote: Yes
Date Published: 2000-06-19
Relevant URL:
http://www.securityfocus.com/bid/1363
Summary:
Under special circumstances, Network Associates Net Tools PKI Server
(which is a component of PGP VPN Suite) will crash if unusually long
strings are included in an HTTP request. Restarting the application is
required in order to regain normal functionality.
8. Network Associates Net Tools PKI Server 1.0 Unauthenticated Access Vulnerability
BugTraq ID: 1364
Remote: Yes
Date Published: 2000-06-19
Relevant URL:
http://www.securityfocus.com/bid/1364
Summary:
The Xcert Universal Database API (XUDA) templates that are included with
Network Associates Net Tools PKI Server do not refer to absolute pathnames
to other files. Therefore it is possible, under certain conditions, for
an unauthenticated user to gain access to the host computer.
9. WebBBS Web Server Buffer Overflow Vulnerability
BugTraq ID: 1365
Remote: Yes
Date Published: 2000-06-19
Relevant URL:
http://www.securityfocus.com/bid/1365
Summary:
A buffer overflow vulnerability exists in the web server that ships with
WebBBS 1.15. It is possible to exploit the overflow if an unusually long
filename or GET request is sent to the web server. This request will cause
the service to stop responding and allow an attacker to execute arbitrary
code.
10. Alt-N MDaemon 2.8.5.0 UIDL DoS Vulnerability
BugTraq ID: 1366
Remote: Yes
Date Published: 2000-06-16
Relevant URL:
http://www.securityfocus.com/bid/1366
Summary:
A remote user is capable of crashing Alt-N MDaemon 2.8.5.0 by executing
the pass command, then the UIDL command and quitting the mail server
before the UIDL has returned a response. This must be done before the
user is presented with the POP3 login banner. Restarting the application
is required in order to regain normal functionality.
11. RedHat Piranha Virtual Server Package Plaintext Password Vulnerability
BugTraq ID: 1367
Remote: No
Date Published: 2000-06-09
Relevant URL:
http://www.securityfocus.com/bid/1367
Summary:
Password changes submitted to Red Hat Piranha via HTTP are insecurely
passed as variables in a GET request. Unauthorized users could obtain the
password by reading the httpd access log or by sniffing.
12. HM Software S to Infinity Multiple Vulnerabilities
BugTraq ID: 1368
Remote: No
Date Published: 2000-06-15
Relevant URL:
http://www.securityfocus.com/bid/1368
Summary:
A number of vulnerabilities exist in HM Software S to Infinity, a security
access control, desktop lockdown and transparent encryption application.
Intended features include restriction of access to folders, files, floppy
and CD-ROM drives, etc.
Early versions of S to Infinity allows the capability of any user to
rename files and directories which opens up the possibility of a number of
exploits:
- - Renaming the S to Infinity directories in /Program Files and
/Winnt/System will cause the program to cease to function.
- - S to Infinity implicitly trusts any allowed program on the system.
However, it can be configured to set *.exe to read-only. Therefore, a user
can run any application by copying the executable program to something.txt
and then renaming that copy to a trusted executable like notepad.exe.
Other security flaws present in S to Infinity:
- - The drive invisibility mechanism can be bypassed by using Find, Internet
Explorer, or Open and Save Dialogue boxes. Searching for the hidden drive
letter and a known file in Find will allow access to files on the hidden
drive. A user can open a hidden drive in Internet Explorer by clicking on
a link that refers to the particular drive (eg. <a href="c:\">Link</a>).
- - File and directory attributes can be modified using the DOS attrib
command. StoI file-level protection does not rely on DOS file attributes,
so this will not affect StoI settings.
13. libICE Denial of Service Vulnerability
BugTraq ID: 1369
Remote: Yes
Date Published: 2000-06-19
Relevant URL:
http://www.securityfocus.com/bid/1369
Summary:
A denial of service vulnerability exists in libICE, part of the X11
windowing system. Any libICE application which creates inet listening
sockets can be remotely crashed. This is due to a bug in the handling of
the SKIP_STRING macro. By supplying a large value for the skip value, it
is possible to cause a pointer to point to uninitialized memory. This in
turn will cause a segfault.
This vulnerability will affect any application using TCP listening
sockets in libICE. However, one more widespread use of libICE in this
configuration is in the gnome-session program, part of the GNOME package.
It is possible to cause the X session of a user to end by performing this
denial of service against someone running GNOME.
14. xdm/kdm/wdm Buffer Overflow Vulnerability
BugTraq ID: 1370
Remote: Yes
Date Published: 2000-06-19
Relevant URL:
http://www.securityfocus.com/bid/1370
Summary:
A buffer overflow exists in xdm and derivatives, including kdm and wdm.
Error handling code exists in the xdmcp.c send_failed() method that copies
a host name into a buffer, without verifying sufficient space exists.
Depending on the implementation of the resolver libraries, it may be
possible to perform a remote buffer overflow, or crash xdm.
[...]
static char buf[256];
[...]
sprintf (buf, "Session %d failed for display %s: %s",
(int)sessionID, name, reason);
The name variable is copied directly into a buffer of size 256. By
altering the reverse name resolution for an IP to return machine
executable code in response to a lookup, it may be possible to obtain
remote access. As xdm runs as root, root privileges may be obtained.
15. Linux KON (Kanji On Console) Buffer Overflow Vulnerability
BugTraq ID: 1371
Remote: No
Date Published: 2000-06-21
Relevant URL:
http://www.securityfocus.com/bid/1371
Summary:
Certain versions of KON (Kanji On Console) a program for displaying Kanji
text under Linux has buffer overflows which may (not confirmed with a
working exploit) lead to a root compromise.
In particular two binaries which ship with the application are noted as
vulnerable:
kon: via -StartupMessage
fld: via -t bdf <file to be read>
16. Linux rpc.lockd Remote Denial Of Service Vulnerability
BugTraq ID: 1372
Remote: Yes
Date Published: 2000-06-08
Relevant URL:
http://www.securityfocus.com/bid/1372
Summary:
A denial of service attack exists in the NFS lock daemon supplied with
Linux. By connecting to the port rpc.lockd is running on, and supplying
random input, it will cause lockd to exit with an error. The socket
associated with rpc.lockd is also not properly released, and cannot be
rebound to without a reboot.
This vulnerability most likely affects all Linux distributions running
NFS.
17. CUPS (Common UNIX Printing System) Denial of Service Vulnerability
BugTraq ID: 1373
Remote: Yes
Date Published: 2000-06-21
Relevant URL:
http://www.securityfocus.com/bid/1373
Summary:
Certain versions of the CUPS (Common UNIX Printing System) are vulnerable
to Denial of Service attacks which result in disruption of print services.
These attacks may be buffer overflow attacks which result in root access.
The information available currently is not robust enough to come to a
definitive conclusion.
The problems as listed in the UPS 1.0.5 Denial of Service Patch Set #1 -
06/16/2000 are:
- - Malformed IPP requests could crash cupsd.
- - Standard CGI form POSTs could crash cupsd.
- - The cupsd program did not always delete request files when
needed.
- - Authenticating with a non-existent user or a user with
no shadow password could crash cupsd.
18. GSSFTP Daemon Input Validation Vulnerability
BugTraq ID: 1374
Remote: Yes
Date Published: 2000-06-14
Relevant URL:
http://www.securityfocus.com/bid/1374
Summary:
A denial of service, and a potential remote root compromise, exist in the
gssftp daemon, as provided as part of the MIT Kerberos 5 1.1, 1.1.1 and
1.2-beta1 and beta2 distributions. Due to a command parsing flaw, remote
users may be able to execute certain ftp commands they are not authorized
to performed. This may allow a remote user to cause a denial of service
against the ftpd, and may be used by an attacker with a local account to
gain root access.
This vulnerability is not present in Kerberos 5 1.0.x distributions.
19. Netscape Professional Services FTP Server Vulnerability
BugTraq ID: 1375
Remote: Yes
Date Published: 2000-06-21
Relevant URL:
http://www.securityfocus.com/bid/1375
Summary:
Certain versions of the Netscape Professional Services FTP Server have a
serious vulnerability which may lead to a remote or local root compromise.
The vulnerability in essence is a failure of of the FTP server to enforce
a restricted user environment (chroot). By failing to do this an FTP
(anonymous or otherwise) user may download any file on the system
(/etc/passwd etc.) as well as upload files at will at the privilege level
of the FTP daemon.
Furthermore (quoted from the original attached message) this FTP server
supports LDAP users; different LDAP accounts are served on single physical
UID. This means, any user can access and eventually overwrite files on
other accounts; as it's used in cooperation with webserver, typically
virtual web servers are affected.
20. Netwin DMailWeb & CWMail Multiple DoS Vulnerabilities
BugTraq ID: 1376
Remote: Yes
Date Published: 2000-06-21
Relevant URL:
http://www.securityfocus.com/bid/1376
Summary:
DMailWeb and CWMail are server side applications that provide users with
web based email they can access using any web browser. They are compatible
with any standard POP/SMTP email server system. Certain versions of these
applications have a series of vulnerabilities related to unchecked user
supplied data (overly long strings etc.) which result in the services
crashing. This is possibly (although not confirmed) an indicator of
exploitable buffer overflows. At the least this is a denial of service
issue.
21. Linux gpm Denial of Service Vulnerability
BugTraq ID: 1377
Remote: No
Date Published: 1999-11-23
Relevant URL:
http://www.securityfocus.com/bid/1377
Summary:
gpm is a program that allows Linux users to use the mouse in virtual
consoles. It communicates with a device, /dev/gpmctl, via unix domain
STREAM sockets and is vulnerable to a locally exploitable denial of
service attack. If a malicious user makes too many connections to the
device, it will hang and gpm will not function. RedHat 6.1 is confirmed to
be vulnerable. It is not known what other linux distributions may also be
vulnerable.
22. BEA Systems WebLogic Server and Express Source Code Disclosure Vulnerability
BugTraq ID: 1378
Remote: Yes
Date Published: 2000-06-21
Relevant URL:
http://www.securityfocus.com/bid/1378
Summary:
Within WebLogic Server and WebLogic Express there are four main java
servlets registered to serve different kind of files. A default servlet
exists if a requested file does not have an assigned servlet.
If an http request is made that includes "/file/", the server calls upon
the default servlet which will cause the page to display the source code
in the web browser.
23. SGI IRIX cvconnect File Overwrite Vulnerability
BugTraq ID: 1379
Remote: No
Date Published: 2000-06-20
Relevant URL:
http://www.securityfocus.com/bid/1379
Summary:
SGI's WorkShop Debugger and Performance tools is a optional package for
IRIX that provides tools for debugging programs. It ships with a binary
that other parts of the package invoke (it is not meant to be run by
regular users) called cvconnect. cvconnect is setuid root and has a
vulnerability that allows users to overwrite any files on the filesystem.
This can be exploited by an attacker to gain root priviliges locally.
24. KDE KMail Long Attachment Filename Denial of Service Vulnerability
BugTraq ID: 1380
Remote: Yes
Date Published: 1999-06-01
Relevant URL:
http://www.securityfocus.com/bid/1380
Summary:
A buffer overflow vulnerability exists in versions of kmail, up to and
including version 1.0.29.1. By sending an attachment with a filename in
excess of approximately 250 bytes, it is possible to cause the mail
recipient's kmail to crash. It is possible that this overflow could be
further exploited to actually execute remote commands on the machine the
mail is read on; this has not been demonstrated, however, and it appears
to not be the case.
25. xinetd Connection Filtering Via Hostname Vulnerability
BugTraq ID: 1381
Remote: Yes
Date Published: 2000-06-04
Relevant URL:
http://www.securityfocus.com/bid/1381
Summary:
A vulnerability exists in versions of xinetd prior to versions 2.1.8.8p3
and 2.1.8.9pre6. If a hostname is specified to limit access to a service
instead of an ip (for instance, specifying 'localhost' instead of
127.0.0.1), any host which attempts to connect to the service that does
not have a reverse record will be able to connect, when they should
actually be denied.
26. gkermit setgid uucp Vulnerability
BugTraq ID: 1383
Remote: Unknown
Date Published: 2000-06-21
Relevant URL:
http://www.securityfocus.com/bid/1383
Summary:
The gkermit binary supplied with Redhat Linux (released after February 27,
2000) is setgid uucp. gkermit can read/write/append files with a gid of
uucp, such as /etc/uucp/passwd and several /dev entries. Malicious use of
gkermit is dangerous on systems running uucp.
27. AIX cdmount Insecure External Program Call Vulnerability
BugTraq ID: 1384
Remote: No
Date Published: 2000-06-20
Relevant URL:
http://www.securityfocus.com/bid/1384
Summary:
A vulnerability exist in the cdmount program, shipped by IBM as part of
AIX. Any AIX system which ships with the LPP UMS.objects 2.3.0.0 and below
is vulnerable. cdmount is installed setuid root. It performs a system()
call to execute the mount program with arguments provided by the user. By
supplying shell metacharacters as arguments to cdmount, it is possible to
execute commands with root privilege.
28. Secure Locate LOCATE_PATH Validation Vulnerability
BugTraq ID: 1385
Remote: No
Date Published: 2000-06-21
Relevant URL:
http://www.securityfocus.com/bid/1385
Summary:
The LOCATE_PATH environment variable used by Secure Locate is not properly
checked for validity. A malicious user could construct an invalid
LOCATE_PATH variable which could cause an exploitable SEGV in slocate.
Secure Locate maintains an index of the entire filesystem, including files
only visible by root. The slocate binary is setgid "slocate" so it can
read this index. If slocate is properly exploited, the location of
sensitive files could be revealed to an unprivileged local user.
29. Allaire JRun 2.3.x Sample Files Vulnerability
BugTraq ID: 1386
Remote: Yes
Date Published: 2000-06-22
Relevant URL:
http://www.securityfocus.com/bid/1386
Summary:
A number of vulnerabilities exist in Allaire JRun 2.3.x when the
documentation, sample code, examples, and applications as well as
tutorials are present on the host server. These are shipped with JRun and
should be manually removed in order to circumvent the vulnerabilities.
Remote users may take advantage of these sample files in order to view
sensitive information such as the filesystem and system configuration or
execute various functions on the server.
Eg.
1) Accessing http://target/servlet/SessionServlet will display all of the
current HttpSession ids that are maintained by the server.
2) The viewsource.jsp path checking is disabled by default. This makes it
is possible for a remote user to view any file on the server.
III. SECURITYFOCUS.COM NEWS AND COMMENTARY
- ------------------------------------------
1. Online Snafu exposes CIA names (June 22, 2000)
The text uncovered within an electronic document airs old secrets.
http://www.securityfocus.com/news/51
2. Signing-off on Crime? (June 21, 2000)
A new federal law will make electronic signatures legally binding, without
setting security standards. Does it favor forgers?
http://www.securityfocus.com/news/50
3. Ripping the Net (June 25, 2000)
The Beatles, Bond and... Black Boxes? David Banisar warns that global
Internet surveillance may be England's next big export.
http://www.securityfocus.com/commentary/52
IV.SECURITY FOCUS TOP 6 TOOLS
- -----------------------------
1. packet2sql 2.0.1 (Linux)
by Xant, xant@users.sourceforge.net
URL:
http://www.securityfocus.com/data/tools/packet2sql-2.0.1.tar.gz
Packet2sql will convert any text file/log file which contains ipchains
packet logs into a stream of SQL inserts. The SQL can be saved into a file
and used as a query to any SQL-92 compliant database. The database can be
used as a base for a firewall-analyzing database application, to identify
attack signatures, to share security information easily with other sites,
and to extract the addresses of logged attackers so as to be able to
contact their admins. Entirely reimplented in C++, takes standard input in
addition to filenames listed on the command line, and is 170 times faster
than v1. A crash associated with empty lines was fixed. A fix was made for
an incorrect SQL which was generated when the day of the month was less
than 10.
2. OutGuess 1.0 (Linux, Solaris, Unix)
by Niels Provos
URL:
http://www.securityfocus.com/data/tools/outguess.tar.gz
OutGuess is a universal steganographic tool that allows the insertion of
hidden information into the redundant bits of data sources. The nature of
the data source is irrelevant to the core of OutGuess. The program relies
on data specific handlers that will extract redundant bits and write them
back after modification. In this version the PNM and JPEG image formats
are supported.
3. tcpd 0.2 (Linux, Solaris)
by Kazunori Fujiwara, fujiwara@rcac.tdi.co.jp
URL:
http://www.securityfocus.com/data/tools/tcpd-0.0.2.tar.gz
tcpd is a complete replacement for the tcp_wrappers package which works
with both IPv4 and IPv6. The API is fully compatible with tcp_wrappers.
4. Advanced NT Security Explorer 1.0 (Windows NT)
by Elcom Ltd.
URL:
http://www.securityfocus.com/data/tools/antexp.zip
Advanced NT Security Explorer is an application for NT system
administrators for finding holes in system security. It analyses user
password hashes, and tries to recover plain-text passwords. If it's
possible to recover the password in a reasonable time, the password should
be considered to be insecure, and so it's time to change it.
Users can access a hard drive from another computer in the network and
copy a SAM registry key, where password hashes are stored. Also, users can
sniff a network and recover password hash from sniffer results. Advanced
NT Security Explorer (ANTExp) will help you in your way to complete system
security.
In addition, ANTExp could be used for recovering lost passwords of
particular users.
5. dumpevt2.pl (Windows NT)
by H. Carvey
URL:
http://www.securityfocus.com/data/tools/auditing/log/dumpevt2.pl
dumpevt2.pl dumps all EventLogs of each machine you designate into an
Excel spreadsheet (NOTE: Be sure to edit line 14 of dumpevt2.pl to include
the names of your machines!). Uses the Win32::Lanman module available from
http://jenda.krynicky.cz/perl, and Win32::Perms.
6. Guardbot (Linux, Solaris, Windows 95/98, Windows NT)
by Shuo-yen Choo, shuoyen@guardbot.com
URL:
http://www.securityfocus.com/data/tools/GuardBot.tar.gz
Guardbot encrypts HTML pages with DES encryption. The encrypted pages can
be viewed directly in a web browser. The Guardbot protected page generates
a password prompt, and the page is decrypted with the included Java
applet. Guardbot can be used for password protecting web sites, encrypting
html documents for secure transport, etc.
V. SECURITY JOBS SUMMARY
- ------------------------
1. Security Consultant at Brazil. (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d77%26date%3d2000-06-23%26thread%3dPine.LNX.4.10.10006212136570.1176-100000@kbyte.dyndns.org
2. willing to work in digital security industry (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d77%26date%3d2000-06-23%26thread%3d1B615EC3C928D311AB8A0008C7DBCE0F038170E4@srvmail.telecom.lt
3. Technical Security R&D Engineer - #640 - Melbourne, FL (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d77%26date%3d2000-06-23%26thread%3d20000621144108.13619.qmail@securityfocus.com
4. Incident Response Director - #640 - Melbourne, FL (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d77%26date%3d2000-06-23%26thread%3d20000621143717.13598.qmail@securityfocus.com
5. Posting for a Friend. (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d77%26date%3d2000-06-23%26thread%3dPine.GSO.4.21.0006211259560.18870-100000@mail
6. Security Partnering in London (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d77%26date%3d2000-06-23%26thread%3d3.0.32.20000619220653.022d9630@pop.neo.net.au
7. Computer Security Consultants Needed (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d77%26date%3d2000-06-23%26thread%3d4C95EE93836DD311AAA200805FED9789954560@mercury.globalintegrity.com
8. Security jobs in Switzerland (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d77%26date%3d2000-06-23%26thread%3d394CBA86.28492D62@swisgroup.com
VI. INCIDENTS LIST SUMMARY
- -------------------------
1. foreign HTTP requests (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d75%26date%3d2000-06-23%26thread%3d3952159C.B9A9CE3D@7thzone.com
2. 8.2.2-P5 stops answering queries? (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d75%26date%3d2000-06-23%26thread%3d20000622142400.1323.qmail@securityfocus.com
3. Port 7070? (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d75%26date%3d2000-06-23%26thread%3d13D5B5EAE05DD311B8C10008C7CFA81101C3787D@pbi0.pbi.net
4. Connections to port 635 ?? (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d75%26date%3d2000-06-23%26thread%3d14f801bfdbd1$4b0f3980$0200a8c0@windows
5. Netbus portscan ( port 12345) (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d75%26date%3d2000-06-23%26thread%3dE134hs6-0006gv-00@monster.zas.here
6. Which DoS ? [Updated] (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d75%26date%3d2000-06-23%26thread%3dPine.LNX.4.21.0006212021180.32033-100000@spindle.sickfuck.org
7. Hacked by the script kiddie - an ordinary netadmin's day (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d75%26date%3d2000-06-23%26thread%3dPine.OSF.3.95.1000621103148.3429J-100000@romulus.civ.zcu.cz
8. Addendum: scanned - strange! (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d75%26date%3d2000-06-23%26thread%3d20000621050738.87502.qmail@hotmail.com
9. Nike Site taken over (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d75%26date%3d2000-06-23%26thread%3d20000621230333.91591.qmail@hotmail.com
10. (forw) Jennifer Granick Audio Interview now online (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d75%26date%3d2000-06-23%26thread%3d20000621140400.B20096@securityfocus.com
11. scanned - strange! (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d75%26date%3d2000-06-23%26thread%3d20000620235819.23860.qmail@hotmail.com
12. Quova.net (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d75%26date%3d2000-06-23%26thread%3d200006202102.e5KL2KP21508@black-ice.cc.vt.edu
13. "Quova.net" (Exodus downstream customer) (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d75%26date%3d2000-06-23%26thread%3d00062010381501.02560@hermetix.trans4media.com
14. .:: 14x :: Omega Statistics ::. (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d75%26date%3d2000-06-23%26thread%3d00fa01bfda38$f7f7d020$0900000a@intranet.int
15. t0rn, backdoors and a busy cracker. (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d75%26date%3d2000-06-23%26thread%3d394D326D.9EB50886@interrorem.com
16. Portscan detected from your machine (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d75%26date%3d2000-06-23%26thread%3dNEBBJBDAFAEIMINHNCEIAEHHCDAA.kokyung@singnet.com.sg
17. FTP Access Probe? (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d75%26date%3d2000-06-23%26thread%3d015F790A1F66D2118277006097D20683274674@SERVER1
18. was: Portscan detected from your machine (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d75%26date%3d2000-06-23%26thread%3d394BE6AA.B74F15FE@RZ.RWTH-Aachen.DE
19. scan log (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d75%26date%3d2000-06-23%26thread%3dSIMEON.10006161034.E26634@bluebottle.itss
20. Biggest Incident This Week: Missing Hard Drives at Los Alamos (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d75%26date%3d2000-06-23%26thread%3d96116111901@datarescue.be
21. Help for writing a kernel module. (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d75%26date%3d2000-06-23%26thread%3d01b401bfd7d8$c1237f20$25804fa0@kplab.com
VII. VULN-DEV RESEARCH LIST SUMMARY
- ----------------------------------
1. Another new worm??? (technical) (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d82%26date%3d2000-06-23%26thread%3dEnip.BSO.23.0006231104430.17914-100000@www.whitehats.com
2. Another new worm??? (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d82%26date%3d2000-06-23%26thread%3dD129BBE1730AD2118A0300805FC1C2FE04C79AC6@209-76-212-10.trendmicro.com
3. Capturing System Calls (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d82%26date%3d2000-06-23%26thread%3d20000623145338.B731@directo.cl
4. Red Hat 6.2's ftp segmentation fault (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d82%26date%3d2000-06-23%26thread%3d10786F3AE30CD4118FAC00A0CC58F9F101EF96@MAIL
5. old DOS still good 4 win2k (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d82%26date%3d2000-06-23%26thread%3d0D683A7AF15CD2118CDA0008C7A4A92001B01FBA@auadlexc01.au.kworld.kpmg.com
6. Another new worm??? (long) (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d82%26date%3d2000-06-23%26thread%3d96168768701@datarescue.be
7. disclosure and risk to list subscribers (Re: Another new worm???) (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d82%26date%3d2000-06-23%26thread%3dPine.LNX.4.10.10006220803210.31882-100000@decpc.dagon.net
8. Fwd: ShowFile CGI Security Vulnerability (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d82%26date%3d2000-06-23%26thread%3d4e.73b5df9.2682f518@aol.com
9. R: R: New DoS attack (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d82%26date%3d2000-06-23%26thread%3dPine.LNX.4.10.10006211714020.26628-100000@blue.localdomain
10. HP LaserJet 4 Series Jet Direct (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d82%26date%3d2000-06-23%26thread%3d20000621125007.A20681@vim.org
11. Another New Worm? (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d82%26date%3d2000-06-23%26thread%3d00062121072200.22807@demo
12. Keyboard recording (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d82%26date%3d2000-06-23%26thread%3dNDBBIGFKEKDCDLKLPBNIMECMCLAA.marti@videotron.ca
13. Fw: Norton AntiVirus SupportNow! VIRUS NOTIFICATION! (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d82%26date%3d2000-06-23%26thread%3d001001bfdaff$9ef168c0$2d7a063e@ident2
14. New DoS attack (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d82%26date%3d2000-06-23%26thread%3d200006200713.e5K7Dmf18839@sirppi.helsinki.fi
15. HP LaserJet 4 Series Jet Direct (and others) (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d82%26date%3d2000-06-23%26thread%3d017301bfd9a2$423aeab0$4500a8c0@office.diggy.net.au
16. omni backup program (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d82%26date%3d2000-06-23%26thread%3d200006191759.SAA10421@notatla.demon.co.uk
17. dsniff-2.2 release (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d82%26date%3d2000-06-23%26thread%3dPine.BSO.4.20.0006191037280.31226-100000@naughty.monkey.org
18. N2H2 Web Proxy/Filter appliance (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d82%26date%3d2000-06-23%26thread%3dPine.LNX.4.10.10006182155270.23787-100000@blue.localdomain
19. [ no subject ]
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d82%26date%3d2000-06-23%26thread%3dPine.LNX.4.10.10006182016160.23504-100000@blue.localdomain
20. R: New DoS attack (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d82%26date%3d2000-06-23%26thread%3dPine.LNX.4.10.10006171449040.22421-100000@blue.localdomain
21. [Fwd: Exploit code for PalmOS] (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d82%26date%3d2000-06-23%26thread%3d394C3A7C.17289970@thievco.com
22. Firewalls and stuff (Was about N2H2) (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d82%26date%3d2000-06-23%26thread%3d200006171844.OAA13767@ns1.looney.com
23. Exploit code for PalmOS (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d82%26date%3d2000-06-23%26thread%3d394BAF15.F0AC3B10@thievco.com
VIII. MICROSOFT FOCUS LIST SUMMARY
- ---------------------------------
1. Firewall (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d88%26date%3d2000-06-23%26thread%3d46DE49611656B74184073BC8A22950C4523B@ntssc01.Securisys.local
2. [ no subject ]
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d88%26date%3d2000-06-23%26thread%3d961677415.mailspinnerdV3.2.5.3@mail.singnet.com.sg
3. post sp6a hotifxes (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d88%26date%3d2000-06-23%26thread%3dLMBBKEOLAEMDDEPPMOKDIEJAFEAA.truxa@truxoft.com
4. IIS Log analysis (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d88%26date%3d2000-06-23%26thread%3d2A227FD29640D411914D0090275174AC032F0A@mercurio.ba.technisys.com.ar
5. Lan-to-Lan VPN (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d88%26date%3d2000-06-23%26thread%3dCE1AB380C123D411A05E005004839C9251045E@s234x105.massolant.navy.mil
6. DHCP on Windows 2000 DC (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d88%26date%3d2000-06-23%26thread%3dCE1AB380C123D411A05E005004839C9251045D@s234x105.massolant.navy.mil
7. New SHS worm (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d88%26date%3d2000-06-23%26thread%3d952AE73381C2D11195D700A0C99935D31F7C2E@c15a0933
8. Firewall ports (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d88%26date%3d2000-06-23%26thread%3dE02C6DB19CFAD111897500104B9A2F1AE0A389@exchange.batterymarch.com
9. NT 4.0 DHCP/DNS/WINS Server Security (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d88%26date%3d2000-06-23%26thread%3d65E62A0A44CCD311AAB00000F809231C4D7018@hermes01.nhsnet.org
10. Winfingerprint v2.2.5 (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d88%26date%3d2000-06-23%26thread%3d2424F50827D6D311A64300508B951061344699@mahqexc01.storagenetworks.com
11. Administrivia (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d88%26date%3d2000-06-23%26thread%3dPine.GSO.4.21.0006221259340.27184-100000@mail
12. Check_Subject (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d88%26date%3d2000-06-23%26thread%3dB11913169529D41194670000F8631A05634479@fcmail.franklincovey.com
13. your mail (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d88%26date%3d2000-06-23%26thread%3dPine.LNX.4.21.0006220849130.24134-100000@denis.dimick.net
14. Last Login Time (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d88%26date%3d2000-06-23%26thread%3d20000622135701.2024.qmail@web5204.mail.yahoo.com
15. How secure is PPTP? (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d88%26date%3d2000-06-23%26thread%3d39512368.3781.10037C23@localhost
16. Virus Detection in Exchange Server 4.0 (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d88%26date%3d2000-06-23%26thread%3d4F7418FCE28AD211828A00A0C9D8B8DB94811E@buexchange.cc.binghamton.edu
17. WinNT System Scanner Info (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d88%26date%3d2000-06-23%26thread%3d20000620235836.12045.qmail@securityfocus.com
18. Windows NT System Scanner (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d88%26date%3d2000-06-23%26thread%3dDGEGIABCGGCOMCIECGGCMEPADGAA.marc@eeye.com
19. MS Outloook / Exchange Custom Config (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d88%26date%3d2000-06-23%26thread%3d6B6FA301D07CD311936600A0C9ACA4400D38C8@TCCOM
20. Is there a bug in the Outlook patch (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d88%26date%3d2000-06-23%26thread%3ds94f48a8.067@gwsmtp.tnb.com
21. cyber cop - CyberCop Sting (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d88%26date%3d2000-06-23%26thread%3d20000619214743.11701.qmail@securityfocus.com
22. NT server, Service packs, Exchange, SQL Serverand the option pack -- in what order???? (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d88%26date%3d2000-06-23%26thread%3d8E2B23CAA1C8D311ACB30000D1ECC2D2558CBB@CASNTSL.CA.STATE.GOV
23. Multiple login with the same user name. (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d88%26date%3d2000-06-23%26thread%3d010d01bfd86b$b2820930$0a01a8c0@WOOD2PROF
24. Internet Browser Cache (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d88%26date%3d2000-06-23%26thread%3dOFD56D6869.D41E5E9A-ON48256900.0006CEAF@mas.gov.sg
25. MS hotmail Email Spam (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d88%26date%3d2000-06-23%26thread%3d4.3.2.7.2.20000616141435.00c3f240@mail.thalamus.se
IX. SUN FOCUS LIST SUMMARY
- ----------------------------
1. Daily sysadmin tasks (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d92%26date%3d2000-06-23%26thread%3d000e01bfdd17$d4735de0$2b28c9cd@quinc
2. ipf fails to attach (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d92%26date%3d2000-06-23%26thread%3dD6F9BFB17375D3118C59006094516E99D5AFC3@UM-MAIL02
3. Sun Patch Methods (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d92%26date%3d2000-06-23%26thread%3d3953557B.8FD61F67@mail-fair.ivv.nasa.gov
4. Locking down a Sun box (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d92%26date%3d2000-06-23%26thread%3dPine.GSO.4.10.10006231022240.14256-100000@gmi.com
5. Sun Patch Methods [SecFocus patch tool] (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d92%26date%3d2000-06-23%26thread%3dPine.LNX.4.10.10006221840070.2365-100000@vortex.ukshells.co.uk
6. IPchains vs IPfilter (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d92%26date%3d2000-06-23%26thread%3d395239D9.EC2A31F4@llgc.org.uk
7. Solaris 2.8, was Locking down a Sun box (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d92%26date%3d2000-06-23%26thread%3d20000622095237.B11166@soda.CSUA.Berkeley.EDU
8. Portscan warning (was: Determining unnessary ports) (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d92%26date%3d2000-06-23%26thread%3d20000622093210.A11166@soda.CSUA.Berkeley.EDU
9. Running BIND chroot on Solaris (Solution) (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d92%26date%3d2000-06-23%26thread%3dNDBBJIKFNCKKJEGGBJICOECJDCAA.wongcm@commercedc.com.my
10. Trusted Solaris: can it beused on the command line/serial interfa ce? (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d92%26date%3d2000-06-23%26thread%3d000601bfdadf$dd8dc080$0a1111b0@rave.swissptt.ch
11. Trusted Solaris: can it beused on the command line/serial interfa ce? (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d92%26date%3d2000-06-23%26thread%3dPine.LNX.4.10.10006201610580.902-100000@localhost.localdomain
12. Trusted Solaris: can it beused on the command line/serial interface? (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d92%26date%3d2000-06-23%26thread%3d200006201515.QAA17449@otis.UK.Sun.COM
13. Determining unnessary ports (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d92%26date%3d2000-06-23%26thread%3d20000620113533.B578@gorkie.pimmel.com
14. Trusted Solaris: can it beused on the command line/serial interfa ce? (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d92%26date%3d2000-06-23%26thread%3d85FBA0AD7A20D111B9F80000F830D16A3E02FB@gd2zdm.swissptt.ch
15. Trusted Solaris: can it beused on the command line/serial int erfa ce? (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d92%26date%3d2000-06-23%26thread%3d34090E369168D311B2720008C7C5A1CE01F31EC2@ridmsem1.bmc.corange.com
16. Determining unnecessary ports (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d92%26date%3d2000-06-23%26thread%3dLPBBKOBLDKJIOOLEIEHHIEDIIGAA.dlaporte@ccs.neu.edu
17. sun support / linux ?? (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d92%26date%3d2000-06-23%26thread%3d20000619213816.B47147@enigma.redbrick.dcu.ie
18. [ no subject ]
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d92%26date%3d2000-06-23%26thread%3d1B615EC3C928D311AB8A0008C7DBCE0F038170CD@srvmail.telecom.lt
19. (IP Filter for Solaris) (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d92%26date%3d2000-06-23%26thread%3d20000619150327.A1615@gorkie.pimmel.com
20. linux v. solaris (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d92%26date%3d2000-06-23%26thread%3d200006161240.AA14638@tyche.neuroinformatik.ruhr-uni-bochum.de
21. Sunscreen vs ipf (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d92%26date%3d2000-06-23%26thread%3d85FBA0AD7A20D111B9F80000F830D16A3E02D3@gd2zdm.swissptt.ch
22. Secured FTP server (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d92%26date%3d2000-06-23%26thread%3d20000616165639.H20716@apogee.whack.org
X. LINUX FOCUS LIST SUMMARY
- ---------------------------
1. hdparm -c (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d91%26date%3d2000-06-23%26thread%3d001a01bfdd29$2e859fd0$ce2cc818@dealy.videotron.ca
2. Terminal app. (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d91%26date%3d2000-06-23%26thread%3d002a01bfdd15$bb473140$3401a8c0@twave.com
3. Squid Cache (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d91%26date%3d2000-06-23%26thread%3d71CF056160A0D111BCB500A0C99E507401B78009@red-exch.vanteon.com
4. virus scanner for ftp/http proxy (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d91%26date%3d2000-06-23%26thread%3d00062300343300.01453@harry
5. Question on ipchains and /etc/host.deny (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d91%26date%3d2000-06-23%26thread%3d4.3.2.7.2.20000622211304.00c468b0@pop.atz-hosting.nl
6. Linux questions (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d91%26date%3d2000-06-23%26thread%3d20000622223826.26310.qmail@securityfocus.com
7. Linux Distro Security (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d91%26date%3d2000-06-23%26thread%3d39518140.6571F3B9@bbnow.net
8. The quietest bunch of Linux users of all time... (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d91%26date%3d2000-06-23%26thread%3dPine.LNX.4.21.0006202310360.486-100000@scylla.bogus
9. HTML Mail (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d91%26date%3d2000-06-23%26thread%3d20000620095747.A31366@wookie.chirp.com.au
10. Freeware mailing list software? (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d91%26date%3d2000-06-23%26thread%3d008f01bfda2b$bc6be620$0401a8c0@boztek.com
11. a Few questions (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d91%26date%3d2000-06-23%26thread%3d172.000620@rnc.ru
12. deleting a user (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d91%26date%3d2000-06-23%26thread%3d468.000620@rnc.ru
13. [kernel 2.2.16] - icmp scramble (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d91%26date%3d2000-06-23%26thread%3dPine.LNX.4.21.0006192204370.2367-100000@klimek.intranet
14. ICMP IP PACKETS Coding (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d91%26date%3d2000-06-23%26thread%3d394E2B76.238C6F6F@starcity.ru
15. Apache and Frontpage Extension (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d91%26date%3d2000-06-23%26thread%3d10717.000619@rnc.ru
16. No o/s is secure (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d91%26date%3d2000-06-23%26thread%3d5701.000619@rnc.ru
17. Netfilter Instalation (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d91%26date%3d2000-06-23%26thread%3d001101bfda01$e2d81e20$0200a8c0@systron.com.br
18. ADMROCKS, rewt (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d91%26date%3d2000-06-23%26thread%3d394D1B30.6E179D25@cyberspace.org
19. ADMROCKS, rewt, again (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d91%26date%3d2000-06-23%26thread%3d4.0.1.20000618153104.00dbdc20@pop.netzero.net
20. The quietest bunch of Linux users of all time.. . (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d91%26date%3d2000-06-23%26thread%3d394BC17E.71EFD317@advalvas.be
21. Ipchains on RedHat (Thread)
Relevant URL:
http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d91%26date%3d2000-06-23%26thread%3d006e01bfd7e1$3fe503d0$010110ac@netcabo.pt
XI. SPONSOR INFORMATION - PentaSafe
- -----------------------------------
STOP NOW AND MAKE SURE THAT YOUR SYSTEMS ARE SECURE. Download PentaSafe's
10-Point Security Checkup ReportTM for Windows NT, UNIX, Linux, or IBM
AS/400. In minutes, this FREE program will scan your systems, checking
for the top ten most critical, yet often overlooked, security weaknesses
and let you know if your systems' security is a pass or a fail.
Do it now: http://www.pentasafe.com
XII. SUBSCRIBE/UNSUBSCRIBE INFORMATION
- -------------------------------------
1. How do I subscribe?
Send an e-mail message to LISTSERV@SECURITYFOCUS.COM with a message body
of:
SUBSCRIBE SF-NEWS Lastname, Firstname
You will receive a confirmation request message to which you will have
to anwser.
2. How do I unsubscribe?
Send an e-mail message to LISTSERV@SECURITYFOCUS.COM from the subscribed
address with a message body of:
UNSUBSCRIBE SF-NEWS
If your email address has changed email aleph1@securityfocus.com and I
will manualy remove you.
3. How do I disable mail delivery temporarily?
If you will are simply going in vacation you can turn off mail delivery
without unsubscribing by sending LISTSERV the command:
SET SF-NEWS NOMAIL
To turn back on e-mail delivery use the command:
SET SF-NEWS MAIL
4. Is the list available in a digest format?
Yes. The digest generated once a day.
5. How do I subscribe to the digest?
To subscribe to the digest join the list normally (see section 0.2.1)
and then send a message to LISTSERV@SECURITYFOCUS.COM with with a message
body of:
SET SF-NEWS DIGEST
6. How do I unsubscribe from the digest?
To turn the digest off send a message to LISTSERV with a message body
of:
SET SF-NEWS NODIGEST
If you want to unsubscribe from the list completely follow the
instructions of section 0.2.2 next.
7. I seem to not be able to unsubscribe. What is going on?
You are probably subscribed from a different address than that from
which you are sending commands to LISTSERV from. Either send email from
the appropiate address or email the moderator to be unsubscribed manually.
Walter Ash
SecurityFocus
www.securityfocus.com
------- End of Forwarded Message
|
