iDEFENSE Security Advisory 09.22.04 - Sophos Small Business Suite Reserved Device Name Handling Vulnerability

Grok Headline matches for iDEFENSE Security Advisory 09.22.04 - Sophos Small Business Suite Reserved Device Name Handling Vulnerability

iDEFENSE Security Advisory 03.21.05: Mac
OS X CF_CHARSET_PATH Buffer Overflow
Vulnerability

iDEFENSE Security Advisory 03.21.05: Mac
OS X CF_CHARSET_PATH Buffer Overflow
Vulnerability 03/22/2005 05:13 PM
iDefense Customer Service (Mar 21 2005)

iDEFENSE Security Advisory 04.06.05: IBM
Lotus Domino Server Web Service DoS
Vulnerability

iDEFENSE Security Advisory 04.06.05: IBM
Lotus Domino Server Web Service DoS
Vulnerability 04/06/2005 05:45 PM
Posted by iDEFENSE Labs, Apr 06 2005

iDEFENSE Security Advisory 04.12.05:
Microsoft MSHTA Script Execution
Vulnerability

iDEFENSE Security Advisory 04.12.05:
Microsoft MSHTA Script Execution
Vulnerability 04/12/2005 04:17 PM
Posted by iDEFENSE Labs, Apr 12 2005

Re: iDEFENSE Security Advisory 12.21.04:
libtiff STRIPOFFSETS Integer Overflow
Vulnerability

Re: iDEFENSE Security Advisory 12.21.04:
libtiff STRIPOFFSETS Integer Overflow
Vulnerability 12/28/2004 03:27 PM
Marcus Meissner (Dec 27 2004)

iDEFENSE Security Advisory 12.21.04:
libtiff STRIPOFFSETS Integer Overflow
Vulnerability

iDEFENSE Security Advisory 12.21.04:
libtiff STRIPOFFSETS Integer Overflow
Vulnerability 12/22/2004 01:09 AM
customer service mailbox (Dec 21 2004)

iDEFENSE Security Advisory 04.07.05: SGI
IRIX gr_osview File Overwrite
Vulnerability

iDEFENSE Security Advisory 04.07.05: SGI
IRIX gr_osview File Overwrite
Vulnerability 04/07/2005 10:50 PM
Posted by iDEFENSE Labs, Apr 07 2005

iDEFENSE Security Advisory 04.07.05: SGI
IRIX gr_osview Information Disclosure
Vulnerability

iDEFENSE Security Advisory 04.07.05: SGI
IRIX gr_osview Information Disclosure
Vulnerability 04/07/2005 10:50 PM
Posted by iDEFENSE Labs, Apr 07 2005

Re: iDEFENSE Security Advisory 12.16.04:
MPlayer MMST Streaming Stack Overflow
Vulnerability

Re: iDEFENSE Security Advisory 12.16.04:
MPlayer MMST Streaming Stack Overflow
Vulnerability 12/19/2004 03:48 PM
Hideki Yamane (Dec 16 2004)

iDEFENSE Security Advisory 04.12.05:
Microsoft Windows CSRSS.EXE Stack
Overflow Vulnerability

iDEFENSE Security Advisory 04.12.05:
Microsoft Windows CSRSS.EXE Stack
Overflow Vulnerability 04/12/2005 04:17 PM
Posted by iDEFENSE Labs, Apr 12 2005

iDEFENSE Security Advisory 12.21.04:
Hewlett Packard HP-UX ftpd Remote Buffer
Overflow Vulnerability

iDEFENSE Security Advisory 12.21.04:
Hewlett Packard HP-UX ftpd Remote Buffer
Overflow Vulnerability 12/22/2004 01:09 AM
customer service mailbox (Dec 21 2004)

RE: iDEFENSE Security Advisory 04.08.05:
Microsoft Multiple E-Mail Client Address
Spoofing Vulnerability

RE: iDEFENSE Security Advisory 04.08.05:
Microsoft Multiple E-Mail Client Address
Spoofing Vulnerability 04/12/2005 11:07 PM
Posted by Larry Seltzer, Apr 09 2005

iDEFENSE Security Advisory 12.21.04:
Multiple Vendor xpdf PDF Viewer Buffer
Overflow Vulnerability

iDEFENSE Security Advisory 12.21.04:
Multiple Vendor xpdf PDF Viewer Buffer
Overflow Vulnerability 12/22/2004 01:09 AM
customer service mailbox (Dec 21 2004)

iDEFENSE Security Advisory 12.21.04:
libtiff Directory Entry Count Integer
Overflow Vulnerability

iDEFENSE Security Advisory 12.21.04:
libtiff Directory Entry Count Integer
Overflow Vulnerability 12/22/2004 01:09 AM
customer service mailbox (Dec 21 2004)

Re: iDEFENSE Security Advisory 03.28.05:
Multiple Telnet Client slc_add_reply()
Buffer Overflow Vulnerability

Re: iDEFENSE Security Advisory 03.28.05:
Multiple Telnet Client slc_add_reply()
Buffer Overflow Vulnerability 03/28/2005 07:59 PM
Solar Designer (Mar 28 2005)

iDEFENSE Security Advisory 09.16.04:
Ipswitch WhatsUp Gold Remote Denial of
Service Vulnerability

iDEFENSE Security Advisory 09.16.04:
Ipswitch WhatsUp Gold Remote Denial of
Service Vulnerability 09/16/2004 09:22 PM
customer service mailbox (Sep 16 2004)

iDEFENSE Security Advisory 03.28.05:
Multiple Telnet Client slc_add_reply()
Buffer Overflow Vulnerability

iDEFENSE Security Advisory 03.28.05:
Multiple Telnet Client slc_add_reply()
Buffer Overflow Vulnerability 03/28/2005 07:59 PM
iDEFENSE Labs (Mar 28 2005)

iDEFENSE Security Advisory 04.08.05:
Microsoft Multiple E-Mail Client Address
Spoofing Vulnerability

iDEFENSE Security Advisory 04.08.05:
Microsoft Multiple E-Mail Client Address
Spoofing Vulnerability 04/09/2005 05:51 PM
Posted by iDEFENSE Labs, Apr 08 2005

iDEFENSE Security Advisory 03.28.05:
Multiple Telnet Client env_opt_add()
Buffer Overflow Vulnerability

iDEFENSE Security Advisory 03.28.05:
Multiple Telnet Client env_opt_add()
Buffer Overflow Vulnerability 03/28/2005 07:59 PM
iDEFENSE Labs (Mar 28 2005)

[Full-Disclosure] iDEFENSE Security
Advisory 04.13.04 - Microsoft Help and
Support Center Argument Injection
Vulnerability

[Full-Disclosure] iDEFENSE Security
Advisory 04.13.04 - Microsoft Help and
Support Center Argument Injection
Vulnerability 04/14/2004 03:47 PM
idlabs-advisories_at_idefense.com (Apr 13 2004)

iDEFENSE Security Advisory 04.12.05:
Microsoft Internet Explorer DHTML Engine
Race Condition Vulnerability

iDEFENSE Security Advisory 04.12.05:
Microsoft Internet Explorer DHTML Engine
Race Condition Vulnerability 04/12/2005 04:17 PM
Posted by iDEFENSE Labs, Apr 12 2005

iDEFENSE Security Advisory 04.12.05:
Microsoft Windows Internet Explorer Long
Hostname Heap Corruption Vulnerability

iDEFENSE Security Advisory 04.12.05:
Microsoft Windows Internet Explorer Long
Hostname Heap Corruption Vulnerability 04/12/2005 04:17 PM
Posted by iDEFENSE Labs, Apr 12 2005

[Full-Disclosure] iDEFENSE Security
Advisory 04.15.04: RealNetworks Helix
Universal Server Denial of Service
Vulnerability

[Full-Disclosure] iDEFENSE Security
Advisory 04.15.04: RealNetworks Helix
Universal Server Denial of Service
Vulnerability 04/15/2004 09:06 PM
idlabs-advisories_at_idefense.com (Apr 15 2004)

iDEFENSE Security Advisory 12.21.04:
Multiple Vendor Xine version 0.99.2 PNM
Handler PNA_TAG Heap Overflow
Vulnerability

iDEFENSE Security Advisory 12.21.04:
Multiple Vendor Xine version 0.99.2 PNM
Handler PNA_TAG Heap Overflow
Vulnerability 12/22/2004 01:09 AM
customer service mailbox (Dec 21 2004)

iDEFENSE Security Advisory 09.15.04: GNU
Radius SNMP String Length Integer
Overflow Denial of Service Vulnerability

iDEFENSE Security Advisory 09.15.04: GNU
Radius SNMP String Length Integer
Overflow Denial of Service Vulnerability 09/16/2004 05:38 AM
customer service mailbox (Sep 15 2004)

Re: [Full-Disclosure] iDEFENSE Security
Advisory 05.27.04: 3Com OfficeConnect
Remote 812 ADSL Router Authentication
Bypass Vulnerability

Re: [Full-Disclosure] iDEFENSE Security
Advisory 05.27.04: 3Com OfficeConnect
Remote 812 ADSL Router Authentication
Bypass Vulnerability 05/28/2004 12:24 PM
Seth Alan Woolley (May 27 2004)

[Full-Disclosure] iDEFENSE Security
Advisory 05.27.04: 3Com OfficeConnect
Remote 812 ADSL Router Authentication
Bypass Vulnerability

[Full-Disclosure] iDEFENSE Security
Advisory 05.27.04: 3Com OfficeConnect
Remote 812 ADSL Router Authentication
Bypass Vulnerability 05/30/2004 01:49 AM
idlabs-advisories_at_idefense.com (May 27 2004)

iDEFENSE Security Advisory 12.21.04:
Multiple Vendor Xine version 0.99.2 PNM
Handler Negative Read Length Heap
Overflow Vulnerability

iDEFENSE Security Advisory 12.21.04:
Multiple Vendor Xine version 0.99.2 PNM
Handler Negative Read Length Heap
Overflow Vulnerability 12/22/2004 01:09 AM
customer service mailbox (Dec 21 2004)

[Full-Disclosure] iDEFENSE Security
Advisory 05.26.04: 3Com OfficeConnect
Remote 812 ADSL Router Telnet Protocol
Denial of Service Vulnerability

[Full-Disclosure] iDEFENSE Security
Advisory 05.26.04: 3Com OfficeConnect
Remote 812 ADSL Router Telnet Protocol
Denial of Service Vulnerability 05/26/2004 03:00 PM
idlabs-advisories_at_idefense.com (May 26 2004)

iDEFENSE Security Advisory 03.31.05: PHP
getimagesize() Multiple Denial of
Service Vulnerabilities

iDEFENSE Security Advisory 03.31.05: PHP
getimagesize() Multiple Denial of
Service Vulnerabilities 04/01/2005 02:14 PM
iDEFENSE Labs (Mar 31 2005)

iDEFENSE Security Advisory 03.19.03:
Heap Overflow in Windows Script Engine

iDEFENSE Security Advisory 03.19.03:
Heap Overflow in Windows Script Engine 03/19/2003 10:25 PM
iDEFENSE Labs (Mar 19 2003)

iDEFENSE Security Advisory 01.28.03:
SSH2 Clients Insecurely Store Passwords

iDEFENSE Security Advisory 01.28.03:
SSH2 Clients Insecurely Store Passwords 01/01/2004 04:31 AM
iDEFENSE Labs (Jan 29 2003)

iDEFENSE Security Advisory 02.11.04:
XFree86 Font Information File Buffer
Overflow II

iDEFENSE Security Advisory 02.11.04:
XFree86 Font Information File Buffer
Overflow II 02/12/2004 07:28 PM
iDefense Labs (Feb 12 2004)

iDEFENSE Security Advisory 02.17.04:
Ipswitch IMail LDAP Daemon Remote Buffer
Overflow

iDEFENSE Security Advisory 02.17.04:
Ipswitch IMail LDAP Daemon Remote Buffer
Overflow 02/17/2004 06:25 PM
iDefense Labs (Feb 17 2004)

iDEFENSE Security Advisory 04.05.05:
Computer Associates eTrust Intrusion
Detection System CPImportKey DoS

iDEFENSE Security Advisory 04.05.05:
Computer Associates eTrust Intrusion
Detection System CPImportKey DoS 04/05/2005 05:37 PM
iDEFENSE Labs

NetBSD Security Advisory 2004-002:
Inconsistent IPv6 path MTU discovery
handling

NetBSD Security Advisory 2004-002:
Inconsistent IPv6 path MTU discovery
handling 02/19/2004 06:15 PM
NetBSD Security-Officer (Feb 19 2004)

NetSuite relaunches, Oracle delays small
business suite

NetSuite relaunches, Oracle delays small
business suite 08/19/2004 03:12 PM
Two months after ending a licensing deal with Oracle Corp., midmarket business applications vendor NetSuite Inc. is using its entry-level software relaunch to woo customers of Intuit Inc.'s QuickBooks.

KDE Security Advisory: VCF file
information reader vulnerability

KDE Security Advisory: VCF file
information reader vulnerability 01/16/2004 10:59 AM
Dirk Mueller (Jan 14 2004)

APC Security Advisory – Denial of
Service Vulnerability with
PowerChuteBusinessEdition

APC Security Advisory – Denial of
Service Vulnerability with
PowerChuteBusinessEdition 07/23/2004 06:15 PM
security.advisory_at_apcc.com (Jul 21 2004)

NetBSD Security Advisory 2004-008: CVS
server vulnerability

NetBSD Security Advisory 2004-008: CVS
server vulnerability 06/03/2004 04:52 PM
NetBSD Security-Officer (Jun 03 2004)
Grok Description matches for iDEFENSE Security Advisory 09.22.04 - Sophos Small Business Suite Reserved Device Name Handling Vulnerability
GrokA matches for iDEFENSE Security Advisory 09.22.04 - Sophos Small Business Suite Reserved Device Name Handling Vulnerability

Malware Inc.

Malware Inc. 04/04/2005 08:50 PM
In news that should surprise absolutely none of you, it appears that the people who used to write viruses for ego purposes are increasingly writing spyware for money instead. Basically, what the study (bias alert: done by a security company who's trying to sell you stuff) points out is that, just like with file sharing applications, spyware and adware have become a business model for virus writers. They're wrapping up their viruses with spyware; they still get the ego boost, but also some profit as well. No wonder virus companies are desperately trying to come up with decent anti-spyware offerings.

Malware on the way out

Malware on the way out 07/15/2004 12:21 PM
Are spyware & adware on the way out? More and more I'm hearing about companies taking the turn for the better. BOUT TIME! Even the once-accused WeatherBug has taken strong stances and stronger actions against malware, and is called for it. But will it last, has features and views beat the 'ware?

First malware for OS X?

First malware for OS X? 04/09/2004 04:04 PM
One of the selling points of OS X has been, to date, the lack of any viruses, worms, or Trojan horses. Intego reports that it has identified a Trojan horse called MP3Concept.

Mac OS X displays the icon of the MP3 file, with an .mp3 extension, rather than showing the file as an application, leading users to believe that they can double-click the file to listen to it. But double clicking the file launches the hidden code, which can damage or delete files on computers running Mac OS X, then iTunes to play the music contained in the file, to make users think that it is really an MP3 file . While the first versions of this Trojan horse that Intego has isolated are benign, this technique opens the door to more serious risks.

Link

Meeroh sez: The Mac OS X mp3 trojan is being blown completely out of proportion. Quick review of facts so far:

1. It was pointed out in a Usenet thread that it is possible to embed arbitrary data in an mp3 2. It was subsequently suggested that the arbitrary data could be executable 3. An enterprising developer proceeded to then create a file which to any mp3 player will appear as an mp3 file, but the Mac OS X Finder sees it as an application 4. An anti-virus vendor published advertising for their product saying that it has a cure for this form of Trojan.

Some other relevant points:

1. This has little to do with Mac OS X vs. Mac OS 9. The exact same file will do the exact same thing on Mac OS 9 -- be playable by mp3 players, and act as an application 2. This has little to do with Mac OS X using extensions to identify file types. The icon shown by the Finder could be embedded in the file itself, in which case the file would look like an mp3 file regardless of its name. 3. This trick requires using the resource fork, and therefore the file has to be transmitted encoded. Any mp3 file that is transferred as a plain binary file (as opposed to a Mac binary file, with the resource fork), is harmless. 4. The fact that the file can be played in am mp3 player is irrelevant; if the trojan were malicious, the user would be doomed after double-clicking on it regardless of whether the file is a valid audio file.

To summarize, a Mac application can have any icon or name whatsoever, including a name and an icon that make it look like a document. Exactly what happens when you receive such an application (in email or by downloading it in your browser) depends on your settings, but I am not aware of any case in which it will be automatically launched.

Therefore, to activate this Trojan you have to either receive a Mac-encoded attachment and double-click on it in the Finder, or you have to download a Mac-encoded a file (which is then usually decoded to your desktop) and double-click it in the Finder.

The only reason that this is news is that a vendor of anti-virus software took it as an opportunity to generate some advertising, as far as I can tell.

Malware: Do you know your enemy?

Malware: Do you know your enemy? 02/05/2005 09:11 PM
ZDNet Feb 4 2005 12:40PM GMT

New Malware Causes Concern

New Malware Causes Concern 06/25/2004 12:46 AM
Developing | NetSec Inc. has detected a new vulnerability that is infecting users of Microsoft Windows with malware. By visiting a malicious website with the Internet Explorer web browser, users can become silently infected with arbitrary code that is embedded in images on web pages. Once installed, the code begins to log keystrokes and then calls home to servers which then upload even more payload onto infected systems.

Click Here For Malware

Click Here For Malware 09/23/2004 06:52 AM
TechTree Sep 23 2004 10:05AM GMT

Analyzing malware

Analyzing malware 02/19/2004 04:11 AM
Malware is a set of instructions that run on your computer and make your system do something that an attacker wants it to do. I strongly encourage you to run attack and defensive tools in a laboratory of your own. Here's how.

All quiet on the malware front

All quiet on the malware front 07/01/2004 06:55 AM
Zafi tops viral charts in placid June

Malware attacks IE users via pop-ups

Malware attacks IE users via pop-ups 06/30/2004 07:34 AM
Oh dear

Big muscle on the way to battle malware

Big muscle on the way to battle malware 12/27/2004 04:34 AM
USA Today Dec 27 2004 8:50AM GMT

Other News: Using Malware for Profit

Other News: Using Malware for Profit 09/09/2004 10:37 AM
USA Today spent eight months digging into details of computer malware and its use for profit.

Other News: Sniffer Malware

Other News: Sniffer Malware 09/20/2004 10:43 AM
The latest malware sniffs network traffic for sensitive information, a nasty new trick.

Malware Might Become a Problem for
Macintosh

Malware Might Become a Problem for
Macintosh 09/04/2004 01:38 AM

Direct and Related Links for 'Malware Might Become a Problem for Macintosh'

“Macintosh users have had some bragging rights over their Windows counterparts for various reasons, not the least of which is “malware” — viruses, worms and Trojan horses — that is a frequent pain to Windows users. But on March 20, a “proof of concept” Trojan horse named MPSConcept (file name MP3Virus.Gen) was discovered, paving the way for more serious malware. The malware is theoretically benign but is intended to show a particular vulnerability in an…

First 64-Bit Malware for Windows Appears

First 64-Bit Malware for Windows Appears 05/27/2004 11:05 AM
Proof-of-concept threat not spreading in wild, only affects 64-bit Windows systems.

Malware Analysis for Administrators

Malware Analysis for Administrators 05/24/2004 12:36 PM

Stopping Malware Before It Hits

Stopping Malware Before It Hits 11/16/2003 06:14 PM
SpudGunMan writes "John Lockwood, Ph.D, an assistant professor of computer science at Washington University, and the graduate students that work in his ...

Other News: Macs and Malware

Other News: Macs and Malware 03/19/2005 02:34 AM
One anti-virus executive says Macs are untroubled by malware, but here's why you need to keep up your guard.

Symantec: Mac OS X Becoming a Malware
Target

Symantec: Mac OS X Becoming a Malware
Target 03/22/2005 04:42 PM
Slashdot Mar 22 2005 1:34AM GMT

Adware dominates PC malware infections

Adware dominates PC malware infections 03/24/2005 01:48 PM
vnunet.com Mar 24 2005 4:06PM GMT

Nasty Malware Fouls PCs With Porn

Nasty Malware Fouls PCs With Porn 04/30/2004 04:52 AM
An especially evil new browser hijacker is sweeping the Net, spying on users of infected machines and pummeling them with truly vile pornography. Some folks are screaming for vengeance, but the problem is finding out who unleashed the vicious code. By Michelle Delio.

Toxic bl0gs spreading malware

Toxic bl0gs spreading malware 04/14/2005 03:22 PM
Computer Weekly Apr 14 2005 5:59PM GMT

DNS Cache Poisoning Spreads Malware

DNS Cache Poisoning Spreads Malware 04/06/2005 01:53 PM

New mobile malware wipes phones

New mobile malware wipes phones 04/06/2005 01:50 PM
Personal Computer World Apr 6 2005 5:14PM GMT

Microsoft to Squash Malware with 'A1'

Microsoft to Squash Malware with 'A1' 01/05/2005 08:49 AM
Microsoft's upcoming antivirus/anti-spyware subscription service, dubbed "A1" is going beta. Microsoft Watch is reporting that even while Redmond has remained tight-lipped, it has silently begun to inform partners of its plans for the service. A1 will "secure the perimeter" around Windows.

Identity checks combat malware

Identity checks combat malware 03/29/2005 04:43 PM
vnunet.com Mar 29 2005 8:15PM GMT

Has Mass-Mailed Malware Peaked?

Has Mass-Mailed Malware Peaked? 03/27/2005 12:28 PM

Microsoft Prepares to Dash Malware with
"A1"

Microsoft Prepares to Dash Malware with
"A1" 01/05/2005 03:30 AM
Microsoft's upcoming antivirus/anti-spyware subscription service, dubbed "A1" is going beta. Microsoft Watch is reporting that even while Redmond has remained tight-lipped, it has silently begun to inform partners of its plans for the service. A1 will "secure the perimeter" around Windows, making flaws in its design less significant than in the past.

Malware infects BitTorrent downloads

Malware infects BitTorrent downloads 06/17/2005 07:12 PM
Those using BT in the legally and ethically questionable act of downloading copyrighted content may become victims of a legally and ethically questionable act.

Malware Hijacking Google Homepage

Malware Hijacking Google Homepage 10/28/2003 11:08 PM
A lot of malware has been going around lately, some of it preventing you from visiting the actual Google website, or putting up a notice when you try to visit. The most common reason for this is spyware or malware -- software that's included with other programs and stows away in your computer watching what you're doing, popping up ads, and doing other bad things. To get rid of it, you can install LavaSoft's Ad-Aware or Spybot Search and Destroy. Both are free but neither me nor Google are recommending either....

Malware - Fighting Malicious Code

Malware - Fighting Malicious Code 04/19/2004 01:50 PM

iDEFENSE Security Advisory 09.22.04 - Sophos Small Business Suite Reserved Device Name Handling Vulnerability

The following phrases have been identified by the grok system as matching this entry: broadbanduniverse malware