Manage your WServerNews profileWServerNews privacy policy
WServerNews (formerly W2Knews)
Vol. 11, #38 - Sep 18, 2006 - Issue #594
CTO Replaces Trend Scan-Mail With Ninja

  1. EDITORS CORNER
    • New SunPoll: Vista Rollout
    • CTO Replaces Trend Scan-Mail With Ninja
    • Seminar: Protecting Exchange And Centralized Backup
    • Quotes Of The Week
  2. ADMIN TOOLBOX
    • Admin Tools We Think You Shouldn't Be Without
  3. TECH BRIEFING
    • Outsourcing Your Windows Environment
    • Step-by-Step Guide: BIOS Password Hacking
    • Why VMware Still Trumps Microsoft Virtual Server
    • Improve Server Performance By Making Better Use Of RAM
    • Simple Active Directory Tricks: Event Logs
    • New Exchange Exams Likely To Emphasize Server Roles, Security
    • Security Improves With SQL Server 2005's Analysis Services
  4. WINDOWS SERVER NEWS
    • We'll Soon See LongHorn Server
    • Analysts: Microsoft Changes Meaning Of 'Release Candidate'
    • Microsoft Takes Third Shot At Buggy Security Patch
  5. WINDOWS SERVER THIRD PARTY NEWS
    • CounterSpy Enterprise 'Last Scan Date' Report Available
    • Double-Take Software Releases Application Manager 4.1
    • Latest Whopping SNSI Vulnerability Database Update!
  6. WServerNews 'FAVE' LINKS
    • This Week's Links We Like. Tips, Hints And Fun Stuff
  7. WServerNews - PRODUCT OF THE WEEK
    • "Trend Scan-Mail To Ninja" 50% Competitive Upgrade Offer
Security Bundle Special

Small and Medium Businesses are more and more becoming the target of
hackers, spammers, phishers and other bad guys. This Security Bundle
Special helps you fight them! For an incredible price you can protect
your networks against spam, viruses, bad attachments, spyware, and
vulnerabilities. Normally the products in this bundle cost well over
$3,500. Now you can get it for only $2,499! Check out which award-winning
products are in it. But you have to hurry. this offer is valid only
till midnight September 30, 2006. Your PO has to be in before that time.
http://www.wservernews.com/060918-Special

EDITORS CORNER

New SunPoll: Vista Rollout

"Now that Vista is close, what are your plans for rolling it out?"
  • I'm deploying it the moment I can get my hands on it!
  • We'll wait 3 months
  • We're going to give it 6-12 months
  • We'll wait till Vista SP1 comes out
  • We're going for a slow-and-steady replacement process, when new machines get put in
Vote here, bottom middle column: http://www.sunbelt-software.com

CTO Replaces Trend Scan-Mail With Ninja

We received the following email this week: "I was just doing a reinstall on my failed (Mutinous RAID Controller) and disaster recovered Exchange 2003 server and downloaded the most recent version of Ninja. The disaster recovery process went perfectly and the reinstall of Ninja was a snap, I used the AV and attachment blocking features for the first time as I was using Trend Scan-mail for Exchange previously. Ninja's AV plug-in is working very well and I will cease to use the Trend product at this time as it is no longer needed. Ninja Rocks! Thanks very much."
-- Robert Hamrick, CTO,
White County Government

We have a 50% Competitive Upgrade discount for Trend Scan-Mail users. Ask your Rep or Reseller.

Seminar: Protecting Exchange And Centralized Backup

"What Every IT Manager Should Know About Protecting Microsoft Exchange and Centralized Backup" - Join Sunbelt and Double-Take Software as we discuss strategies for implementing high availability, remote availability and offsite disaster recovery solutions for Exchange and other mission critical applications using Double-Take.

Hosted at the Microsoft office in St. Louis, MO on Wednesday, September 20th. Register here:
http://www.wservernews.com/060918-DT_Seminar_MO


Hosted at the Sheraton Waikiki Hotel in Honolulu, HI on Tuesday, September 26th. Register here:
http://www.wservernews.com/060918-DT_Seminar_HI


Quotes Of The Week

Both Quotes Of The Week are from Philosopher Plato: "Be kind, for everyone you meet is fighting a harder battle."
"Democracy... is a charming form of government, full of variety and disorder; and dispensing a sort of equality to equals and unequals alike."

Hope you enjoy this issue of WServerNews! Warm regards, Stu Sjouwerman  |   Email me: [email protected]


ADMIN TOOLBOX

Admin Tools We Think You Shouldn't Be Without

Must-have FREE software. Web Employee Directory + Secure Self Service - rDirectory for Microsoft Active Directory.
http://www.wservernews.com/060918-NameScape

"Are your attachments consuming your Exchange store?" Download a free trial now:
http://www.wservernews.com/060918-GRPSoft

WINREPORTER is a powerful scanning and reporting administrative tool, that remotely inventories software, device configuration and user settings.
http://www.wservernews.com/060918-WinReporter

SNSI is WinITPro Magazine Readers' Choice Fave Vulnerability scanner two years in a row. Military strength scanner, licensed by admin, not IP!
http://www.wservernews.com/060918-SNSI



TECH BRIEFING

Outsourcing Your Windows Environment

Many IT professionals have never worked for an outsourcer and have a fear about what it might mean when one of those companies takes over their IT operation. Rest assured, your life as an IT manager isn't over when an outsourcer steps through the door. Yes, your daily life will change following a signed outsourcing agreement, but there are many ways it will not change too. Learn more in this exclusive article! (free registration):
http://www.wservernews.com/060918-Outsourcing


Step-by-Step Guide: BIOS Password Hacking

Regardless of how long you've been working with computers, you've likely had the need to reset a BIOS password. When you have to get into or reconfigure a desktop or laptop system and one of those pesky passwords is getting in your way, this guide will show you how to get around it. Learn the steps necessary to hack, crack or otherwise reset your unwanted BIOS password. At: SearchWindowsSecurity.com
http://www.wservernews.com/060918-BIOS_Hacking


Why VMware Still Trumps Microsoft Virtual Server

The differences between VMware Server and Microsoft Virtual Server demonstrate why VMware Server is still quite popular despite Microsoft's Virtual Server being freely available. Read more at SearchServerVirtualization:
http://www.wservernews.com/060918-VMWare


Improve Server Performance By Making Better Use Of RAM

Your server may slow down if it's not making the most efficient use of RAM or else simply because it needs more RAM. Learn more in this tip at SearchWinComputing:
http://www.wservernews.com/060918-RAM


Simple Active Directory Tricks: Event Logs

When troubleshooting a problem, looking through event logs in Active Directory can make you crazy. Read expert Gary Olsen's tricks for making the process less tedious. SearchWinIT.com
http://www.wservernews.com/060918-AD_Tricks


New Exchange Exams Likely To Emphasize Server Roles, Security

Brush up on your knowledge of Exchange Server roles and security. These changes in the next generation of Exchange will likely factor heavily in the certification exams. At SearchExchange.com:
http://www.wservernews.com/060918-Exchange_Exams


Security Improves With SQL Server 2005's Analysis Services

Microsoft's Analysis Services in SQL Sever 2005 has resolved security issues of its predecessor. Challenges are a thing of the past when it comes to administrative permissions, creating member roles and cube processing. In this tip, Contributor Baya Pavliashvili compares the latest version with MSAS 2000. At SearchSQLServer.com:
http://www.wservernews.com/060918-SQL2005


WINDOWS SERVER NEWS

We'll Soon See LongHorn Server

One of the 3,000 Redmond blogs announced that they are shipping the latest Community Technology Preview (CTP) of Windows Longhorn. They called it the August CTP/Build 5600, and said it was mainly a stability and performance update.

"You won't find many additional features over Beta 2, but there are big gains in performance and reliability as we've been able to bake in all the core OS improvements that were happening simultaneously in Windows Vista, as well as fix a bunch of our own bugs, " says the posting. Longhorn will have a third beta in the first half of 2007. It is expected to ship in the second half 07, and will undoubtedly be called Windows Server 2007; "W2K7"
http://www.wservernews.com/060918-Longhorn


Analysts: Microsoft Changes Meaning Of 'Release Candidate'

InformationWeek was reporting last week that two industry watchers say that Microsoft is corrupting the term, leading to major confusion among customers and others about whether the operating system is truly ready to evaluate. More at the InfoWeek site:
http://www.wservernews.com/060918-Release_Candidate


Microsoft Takes Third Shot At Buggy Security Patch

Our friends at eEye reported that after last month's large Patch Tuesday, Microsoft is today releasing only three new patches and is updating two patches from last month. The summary bulletin lists the three new bulletins, but customers should be aware that MS06-042 has changed for the second time, and MS06-040 has changed as well.

The re-release of MS06-042 comes as a result of eEye Digital Security finding yet another security vulnerability in the original MS06-042 patch. For those of you keeping score, it is now MS06-042: 0 and eEye Research: 2. MS06-040 was re-released to address a memory issue affecting Windows 2003 SP1 or Windows XP x64 systems, which is discussed in the Microsoft Knowledge Base article 924054.
http://www.wservernews.com/060918-Security_Patch


WINDOWS SERVER THIRD PARTY NEWS

CounterSpy Enterprise 'Last Scan Date' Report Available

You asked for a report that shows the last scan date for each agent, here it is. Ordered by last scan date ascending so you can quickly identify machines that have not scanned recently.

http://www.sunbelt-software.com/support/Agent%20Scan%20History.rpt

Making this report available in the Console is easy, simply save this file into the /Reports subfolder under your CounterSpy Enterprise installation directory on your server. If you are running the console, don't close it. After you save the .rpt file, it will know the file is there immediately. To run the report, select "Agent Scan History" from the report list, set your dates and run. This report was created using Crystal Reports version 10.0.0.533.

Double-Take Software Releases Application Manager 4.1

Double-Take(r) Software this week released Double-Take Application Manager 4.1 which includes SQL Server support, additional Exchange Server protection options, and improved monitoring and management features for protecting application data on the Windows platform.

Double-Take Application Manager, which now supports both SQL Server and Exchange Server, integrates the management of application protection into a single administrative interface allowing for increased automation and ease of setup. The end result is improved protection, reduced recovery times and a higher level of application availability for Windows(r) based customers running business critical systems that rely on SQL Server and Exchange Server.
http://www.wservernews.com/060918-Double-Take


Latest Whopping SNSI Vulnerability Database Update!

Windows IT Pro Magazine readers chose SNSI as their Favorite Vulnerability Scanner in 2005 and 2006! Check out the enormous vulnerability update this time. You HAVE to run a really good vulnerability scanner on your networks. Not doing so is inviting major trouble, especially if you are running a multi-platform environment.

Small and Medium Businesses are more and more becoming the target of hackers, spammers, phishers and other bad guys. This Security Bundle Special helps you fight them! For an incredible price you can protect your networks against spam, viruses, bad attachments, spyware, and vulnerabilities. Normally the products in this bundle cost well over $3,500. Now you can get it for only $2,499! Check out which award- winning products are in it. But you have to hurry. this offer is valid only till midnight September 30, 2006. SNSI is part of this Bundle!
http://www.wservernews.com/060918-SNSI_Special

New vulnerability updates for this release include:
ID      Name
W2784 - Ginwui Trojan Horse Detected (Low Risk Level) 
W2785 - RealVNC Authentication Bypass Vulnerability (Medium Risk Level)
W2787 - Symantec Client Security Stack Overflow Vulnerability (High Risk Level).
W2788 - Symantec LiveUpdate Files Not Updated (Warning Risk Level)
W2792 - Firefox addSelection Vulnerability (Low Risk Level)
W2793 - SeaMonkey addSelection Vulnerability (Low Risk Level)
W2794 - Thunderbird Malformed Vcard Vulnerability (Low Risk Level)
W2795 - Snort Sequence Check Vulnerability (Low Risk Level)
L1169 - Ruby HTTP/XMLRPC server error - MDV, RHE (Low Risk Level)
L1170 - ClamAV HTTP client command line error - MDV (Medium Risk Level)
L1215 - Gnupg unsigned text extraction error - FC (Medium Risk Level)
L1216 - Xorg-X11 -modulepath -logfile code errors - FC (Medium Risk Level)
L1217 - Beagle -status -info script error - FC (Medium Risk Level)
L1218 - cURL TFTP URL long path vulnerability - FC (High Risk Level)
L1219 - Samba cleartext password in log files - FC (Low Risk Level)
L1220 - Fedora Kernel multiple vulnerabilities - FC (Medium Risk Level)
L1221 - GDM daemon/slave.c .ICE authority error - FC, MDV (Low Risk Level)
L1222 - Xorg-X11 Xrender "&" error - MDV, RHE (Medium Risk Level)
L1223 - MySQL sql_parse.cc multiple vulnerabilities - MDV (Medium Risk Level) 
L1224 - Xine-ui long filename format string error - MDV (High Risk Level)
L1225 - Kernel - Mandriva multiple vulnerabilities - MDV (Medium Risk Level)
L1226 - Xscreensaver - Focus/File creation - RHE (Low Risk Level)
L1229 - Postgresql - SQL injection - RHE (Medium Risk Level)
S380  - N1 System Manager password disclosure - Solaris 10 (Medium Risk Level)
S381  - Libike, in.iked data handling - Solaris 9 - 10 (Low Risk Level)
S382  - Patchadd, patchrm incorrectly check dependencies - Solaris 8-10 
H147  - Mozilla may permit arbitrary code execution - HP-UX 11 (Medium Risk Level)
M78   - Mozilla/Firefox Javascript processing - Mac OS X (Medium Risk Level)
W2796 - Symantec Antivirus Stack Overflow Vulnerability - 10.x (High Risk Level)
W2797 - Symantec Client Security Stack Overflow Vulnerability - 3.x (High Risk Level)
W2798 - IE Cumulative Patch Missing (June 2006) (High Risk Level)
W2799 - ART Image Rendering Vulnerability (High Risk Level)
W2801 - Windows Media Player PNG Vulnerability (High Risk Level)
W2802 - Routing and Remote Access Memory Corruption Vulnerability (High Risk Level)
W2804 - PowerPoint Malformed Record Vulnerability (High Risk Level) 
W2805 - Exchange Server Script Injection Vulnerability (Medium Risk Level)
W2806 - Server Message Block Driver Elevation Vulnerability (Medium Risk Level)
W2807 - RPC Spoofing Vulnerability (Medium Risk Level)
W2808 - TCP/IP IP Source Route Vulnerability (Medium Risk Level)
L1230 - Php multiple vulnerabilities - MDV (High Risk Level)
L1231 - Mpg123 MPEG processing error - MDV (High Risk Level)
L1232 - Dia .bmp and malformed file vulnerabilities - MDV, RHE (Medium Risk Level)
L1233 - Evolution Load Images option error - MDV (Low Risk Level)
W2809 - Windows Media Player 7.1 PNG Vulnerability (High Risk Level)
W2810 - Word Viewer Malformed Object Pointer Vulnerability (High Risk Level)
W2811 - Adobe Reader Memory Leak Issue (Low Risk Level)
L1234 - Kernel - Multiple vulnerabilities - RHE (Medium Risk Level)
L1235 - Quagga - Info Disclosure/Route injection/Dos - RHE (Medium Risk Level)
L1236 - Zebra - Info Disclosure/Route injection/Dos - RHE (Medium Risk Level)
L1237 - Libtiff Tiffsplit command vulnerability - MDV, FC (Medium Risk Level)
L1238 - OpenLDAP slurpd overlong hostname error - MDV (Low Risk Level)
L1240 - PostqreSQL multibyte & parsing errors - MDV, FC (Medium Risk Level)
L1241 - Freetype2 multiple vulnerabilities - MDV (Medium Risk Level)
L1242 - GDM Face Browser Login vulnerability - MDV, SuSE, FC (Medium Risk Level)
L1243 - Mailman - MIME multipart messages - RHE (Medium Risk Level)
L1244 - Spamassassin - Vpopmail/Paranoid Switches - RHE (High Risk Level)
L1246 - Kernel 2.4 - Multiple vulnerabilities - SuSE (Medium Risk Level)
L1247 - Red Carpet - world readable secrets - SuSE (High Risk Level)
L1248 - Kernel 2.6 - Multiple vulnerabilities - SuSE (High Risk Level)
L1249 - Nagios-Www - HTTP header - SuSE (Medium Risk Level)
L1250 - Libtiff t2p_write_pdf error - MDV (Medium Risk Level)
L1251 - SpamAssassin -P vpopmail vulnerability - MDV, FC (High Risk Level)
L1252 - Sendmail malformed MIME stack exhaustion - MDV, RHE (High Risk Level)
L1253 - Kdebase user session file reading - MDV, RHE (Medium Risk Level)
L1254 - Mozilla Browsers - Multiple vulnerabilities - FC (High Risk Level) 
L1255 - Fedora Core Kernel multiple vulnerabilities - FC (Medium Risk Level)
L1256 - Rsync receive_xattr handling error - FC (Medium Risk Level)
L1257 - ImageMagick ExpandFileName error - FC (High Risk Level)
M79   - PowerPoint Record Validation - Mac OS X (Medium Risk Level)
W2813 - Skype - Latest Not Installed (Medium Risk Level)
W2814 - SpySheriff Detected (Low Risk Level)
W2816 - Winamp MIDI File Handling Vulnerability (Medium Risk Level)
L1258 - Php - Multiple vulnerabilities - SuSE (Medium Risk Level)
H148  - Kernel may enter a panic state - HP-UX 11 (Low Risk Level)
H149  - Support Tools Manager - HP-UX 11 (Low Risk Level)
W2817 - Patchlink Update Server SQL injection vulnerability (High Risk Level)
W2818 - iTunes AAC Parsing Code Vulnerability (Low Risk Level)
W2819 - WebEx Downloader Plug-in Vulnerability (Low Risk Level)
W2820 - Sun ONE Application Server Cross-Site Scripting Vulnerability (Low Risk Level)
W2821 - Sun Java Application Server Cross-Site Scripting Vulnerability (Low Risk Level)
W2822 - ASP.NET Application Folder Vulnerability (Low Risk Level)
W2823 - IIS Malformed Active Server Pages Vulnerability (Medium Risk Level)
W2824 - Server Service Vulnerabilities (High Risk Level)
W2825 - DHCP Client Service Vulnerability (High Risk Level)
W2826 - Excel 2000 Malformed File Vulnerabilities (High Risk Level)
W2827 - Excel 2002 Malformed File Vulnerabilities (Medium Risk Level)
W2828 - Excel 2003 Malformed File Vulnerabilities (Medium Risk Level)
W2829 - Excel Viewer 2003 Vulnerability (Medium Risk Level)
W2830 - Microsoft Office 2000 Parsing Vulnerabilities (High Risk Level)
W2831 - Microsoft Office XP Parsing Vulnerabilities (Medium Risk Level)
W2832 - Microsoft Office 2003 Parsing Vulnerabilities (Medium Risk Level)
W2833 - Microsoft Office PNG and GIF Vulnerability (Medium Risk Level)
L1268 - aRts artswrapper setuid() return error - MDV (Medium Risk Level) 
L1269 - Xine-lib HTTP reply and AVI demux - MDV (High Risk Level)
L1270 - Wv2 word_helper.h error - MDV (High Risk Level)
L1271 - GnuPG - parse-packet.c - MDV, FC, SuSE (Medium Risk Level)
L1272 - MySQL NULL str_to_date argument error - MDV (Low Risk Level)
L1273 - GD malformed GIF loop error - MDV (Low Risk Level)
L1274 - Tetex PNG image file row value error - MDV (High Risk Level)
L1275 - Libwmf PNG image file row value error - MDV (High Risk Level)
L1276 - Mutt Browse_get_namespace error - MDV (Medium Risk Level)
L1277 - Perl-Crypt-Cbc - weak ciphertext - SuSE (Medium Risk Level)
L1278 - OpenOffice multiple vulnerabilities - FC, MDV (High Risk Level)
L1279 - Kernel, Fedora Core security update - FC (Warning Risk Level)
L1280 - Sun Java Application Server - Cross-Site Scripting - RHE (Low Risk Level)
L1281 - Kernel - core dump handling - RHE (Medium Risk Level)
S385 - StarOffice - multiple vulnerabilities - Solaris 8 - 10. (Medium Risk Level)
S386 - Kernel patches cause erroneous audit behavior - Solaris 10 (Low Risk Level)
S387 - Sun ONE/Java Application Server 8.1 input handling - Solaris (Low Risk Level)
H151 - Mkdir permits unauthorized access - HP-UX 11 (Medium Risk Level)
M81  - Syslog/ImageIO/AFP vulnerabilities - Mac OS X 10.4 (High Risk Level)
M82  - iTunes AAC filter parsing - Mac OS X (Medium Risk Level)
L1290 - Squirrel Mail XSS in search.php - FC (Low Risk Level)
L1291 - GIMP xcf_load_vector error - FC (Medium Risk Level)
L1292 - Samba smdb excess memory consumption - FC (Low Risk Level)
L1293 - Php - Multiple vulnerabilities - RHE (Medium Risk Level)
L1294 - Kernel - Multiple vulnerabilities - RHE (Medium Risk Level)
S388 - Ypserv mishandles corrupted NIS requests - Solaris 8-10 (Medium Risk Level)
S389 - Apache 1.3 SSLVerifyClient - Solaris 8 - 10 (Medium Risk Level)
S390 - LibICE - induces linked application instability - Solaris 8 - 9 (Medium Risk Level)
S391 - Apache 2 SSLVerifyClient - Solaris 10 (Medium Risk Level)
S392 - TCP/IP connections degraded by malformed ICMP datagrams - Solaris 8 - 10 (Low Risk Level)
S393 - Libdiskmgmt interaction with swap, format - Solaris 10 (Medium Risk Level)
H152 - Kernel inducible to denials of service - HP-UX 11 (Low Risk Level)
M83  - Microsoft Excel/Office - July Security Updates missing - Mac OS X (Medium Risk Level)
W2835 - Flash Player Memory Access Error Vulnerability (High Risk Level)
W2836 - Oracle Database Server Vulnerabilities (July 2006) - Windows (High Risk Level)
W2837 - Oracle Application Server Vulnerabilities (July 2006) - Windows (High Risk Level)
W2838 - Oracle Collaboration Suite Vulnerability (July 2006) - Windows (High Risk Level)
W2839 - Oracle E-Business Suite Vulnerabilities (July 2006) - Windows (High Risk Level)
W2840 - Oracle Enterprise Manager Vulnerabilities (July 2006) - Windows (High Risk Level)
L1295 - Libwmf - Integer overflow - RHE (Medium Risk Level)
L1296 - Libmms MiMMS stack overflow - MDV (High Risk Level)
L1297 - OpenOffice macro and applet errors - MDV (High Risk Level)
L1298 - PPP setuid function call error - MDV (Medium Risk Level)
L1299 - Samba smbd service.c memory error - MDV (Low Risk Level)
L1300 - PHP multiple library vulnerabilities - MDV (High Risk Level)
L1301 - Mandriva Kernel multiple vulnerabilities - MDV (High Risk Level)
L1302 - Webmin simplify_path bypass - MDV (Medium Risk Level)
L1303 - Libtunepimp LookupTRM date and string errors - MDV (High Risk Level)
L1304 - Gimp xcf_load_vector vulnerability - MDV (Medium Risk Level)
L1305 - Wireshark multiple vulnerabilities - MDV (High Risk Level)
L1306 - Freetype2 Font File Handling - MDV (Medium Risk Level)
L1307 - KDElibs DOM Object replaceChild dereference - MDV (Low Risk Level)
L1308 - Xine-Lib MiMMS stack overflow - MDV (High Risk Level)
S394 - Kernel mishandles mount directives - Solaris 10 (Medium Risk Level)
S395 - Kernel Event Port API - Solaris 10 (Medium Risk Level)
S396 - Kernel debugger introduces instability - Solaris 10_x86 (Low Risk Level)
W2841 - Firefox JavaScript Race Condition Vulnerability (Medium Risk Level)
W2842 - Thunderbird JavaScript Race Condition Vulnerability (Medium Risk Level)
W2843 - SeaMonkey JavaScript Race Condition Vulnerability (Medium Risk Level)
W2844 - McAfee Common Management Agent Vulnerability (Medium Risk Level)
W2845 - Server Service Unchecked Buffer Vulnerability (High Risk Level)
W2846 - DNS Resolution Vulnerability (High Risk Level)
W2847 - IE Cumulative Patch Missing (August 2006) (High Risk Level)
W2848 - MHTML Parsing Vulnerability - XP SP2 (High Risk Level)
W2849 - MHTML Parsing Vulnerability - XP x64 (High Risk Level)
W2850 - MHTML Parsing Vulnerability - Server 2003 SP1 (High Risk Level)
W2851 - MHTML Parsing Vulnerability - Server 2003 x64 (High Risk Level)
W2852 - Microsoft Management Console Vulnerability (High Risk Level) 
W2853 - Folder GUID Code Execution Vulnerability (Medium Risk Level)
W2854 - HTML Help String Buffer Vulnerability (High Risk Level)
W2855 - VBA Unchecked Parameters Vulnerability - Office 2000 (High Risk Level)
W2856 - VBA Unchecked Parameters Vulnerability - Office XP (Medium Risk Level)
W2857 - PowerPoint Mso.dll Vulnerability - Office 2000 (High Risk Level)
W2858 - PowerPoint Mso.dll Vulnerability - Office XP (Medium Risk Level)
W2859 - PowerPoint Mso.dll Vulnerability - Office 2003 (Medium Risk Level)
W2860 - Kernel Unchecked Buffer Vulnerability - W2K (Medium Risk Level)
W2861 - Hyperlink Vulnerabilities (Medium Risk Level)
W2862 - Kernel Unhandled Exception Vulnerability (High Risk Level)
L1309 - Ruby safe level alias bypass of restrictions - FC, RHE, MDV (Medium Risk Level)
L1310 - Thunderbird - Multiple vulnerabilities - RHE (Medium Risk Level)
L1311 - Firefox - Multiple vulnerabilities - RHE (Medium Risk Level)
L1312 - Seamonkey - Multiple vulnerabilities - RHE (Medium Risk Level)
L1313 - Kdebase - kdesktop_lock process - RHE (Medium Risk Level)
L1314 - Elfutils - Corrupt input file processing - RHE (Low Risk Level)
L1315 - Httpd mod_rewrite module error - FC, MDV, SuSE (High Risk Level)
L1316 - DUMB it_read_envelope function error - FC (Medium Risk Level)
L1317 - Libwmf player.c MaxRecordSize error - MDV, SuSE (High Risk Level)
L1318 - Freeciv multiple vulnerabilities - MDV (Medium Risk Level)
L1319 - Gnupg - Improper bounds checking - RHE (Medium Risk Level)
L1320 - Libtiff - TIFF image file processing - RHE, SuSE (Medium Risk Level)
L1321 - Xfree86 - PCF font handling - SuSE (Medium Risk Level)
L1322 - Horde - XSS/Image proxy - SuSE (Medium Risk Level)
L1323 - Kernel - Multiple vulnerabilities - RHE (Medium Risk Level)
S397 - Kernel IP routing table bypass - Solaris 10 (Medium Risk Level)
S398 - Kernel TCP may succumb by ACK storms - Solaris 8 - 10 (Medium Risk Level)
S399 - Kernel large data deletions may induce corruption - Solaris 10 (Medium Risk Level)
S400 - N1 Grid Engine permits unauthorized configuration - Solaris 7 -10 (Medium Risk Level)
S401 - Ld, ld.so behave erratically - Solaris 8-9 (Low Risk Level)
M84 - Firefox JavaScript race condition vulnerabilities - Mac OS X (Medium Risk Level)
M85 - Thunderbird JavaScript race condition vulnerabilities - Mac OS X (Medium Risk Level)
M86 - AFP Server, ImageIO, Bluetooth, other vulnerabilities - Mac OS X (High Risk Level)
M87 - MS PowerPoint record parsing - Mac OS X (Medium Risk Level)
W2863 - VBA Unchecked Parameters Vulnerability - VBA SDK (Medium Risk Level)
W2864 - Runsrv32.exe Detected (Low Risk Level)
W2865 - Backup Exec RPC Vulnerability (Medium Risk Level)
W2866 - MDAC 2.8 SP1 Not Installed (Low Risk Level)
L1324 - Apache - Unescaped error message - RHE (Medium Risk Level)
L1325 - Krb5 - setuid() call failure - RHE, MDV (Medium Risk Level)
L1327 - Kerberos V5 setuid return call errors - FC (High Risk Level)
L1328 - ClamAV UPX extraction error - MDV (High Risk Level)
L1330 - Ncompress bounds checking datastream error - MDV (Medium Risk Level)
S402 - Utxconfig Sun Ray Server access control bypass - Solaris 8 - 10 (High Risk Level)
S403 - Kernel 3rd party STREAMS may hang at bootup - Solaris 10 (Warning Risk Level)
W2867 - Office PNG and GIF Vulnerability - Office XP (Medium Risk Level)
W2868 - Office PNG and GIF Vulnerability - Office 2000 (High Risk Level)
W2869 - Word Malformed Object Pointer Vulnerability - Word 2002 (Medium Risk Level)
W2870 - Word Malformed Object Pointer Vulnerability - Word 2003 (Medium Risk Level)
W2871 - PowerPoint Malformed Record Vulnerability
W2872 - PowerPoint Malformed Record Vulnerability - PowerPoint 2003 (Medium Risk Level)
W2873 - Opera Iframe Vulnerability (Low Risk Level)
W2874 - Wireshark Vulnerabilities (Medium Risk Level)
W2875 - IE Cumulative Patch Missing (August 2006) - IE6, SP1 (High Risk Level)
S405 - Java applet may select vulnerable JRE - Solaris (Medium Risk Level)
S406 - Format allows File System Mgmt profile to act as root - Solaris 8-9 (High Risk Level)
H154 - Libpam Trusted mode password policy issue - HP-UX 11 (Low Risk Level)
H147    Mozilla may permit arbitrary code execution - HP-UX 11
L1169   Ruby HTTP/XMLRPC server error - MDV, RHE
L1170   ClamAV HTTP client command line error - MDV
L1215   Gnupg unsigned text extraction error - FC
L1216   Xorg-X11 -modulepath -logfile code errors - FC
L1217   Beagle -status -info script error - FC
L1218   cURL TFTP URL long path vulnerability - FC
L1219   Samba cleartext password in log files - FC
L1220   Fedora Kernel multiple vulnerabilities - FC
L1221   GDM daemon/slave.c .ICE authority error - FC, MDV
L1222   "Xorg-X11 Xrender ""&"" error - MDV, RHE"
L1223   MySQL sql_parse.cc multiple vulnerabilities - MDV
L1224   Xine-ui long filename format string error - MDV
L1225   Kernel - Mandriva multiple vulnerabilities - MDV
L1226   Xscreensaver - Focus/File creation - RHE
L1229   Postgresql - SQL injection - RHE
M78     Mozilla/Firefox Javascript processing - Mac OS X
S380    N1 System Manager password disclosure - Solaris 10
S381    Libike, in.iked data handling - Solaris 9 - 10
S382    Patchadd, patchrm incorrectly check dependencies - Solaris 8-10
W2784  Ginwui Trojan Horse Detected
W2785  RealVNC Authentication Bypass Vulnerability
W2786  Symantec Antivirus Stack Overflow Vulnerability
W2787  Symantec Client Security Stack Overflow Vulnerability
W2788  Symantec LiveUpdate Files Not Updated
W2792  Firefox addSelection Vulnerability
W2793  SeaMonkey addSelection Vulnerability
W2794  Thunderbird Malformed Vcard Vulnerability
W2795  Snort Sequence Check Vulnerability
Updated Checks

Vendor superseded patches, packages, signatures
W1142,W1986,W1999,W2067 - Anti-Virus Signatures
H142     Software Distributor permits local privilege elevation  HP-UX 11
H138     Xterm permits privilege elevation - HP-UX 11
H135     HP OpenView Operations/VantagePoint JRE vulnerability
H129     Veritas data protection issue - HP-UX 11
H91      Apache/OpenSSL Temp File Handling - HP-UX 11
H74      RPC I/O Vulnerability HP-UX 11
H65      XDR Library Vulnerabilities - HP-UX 10,11
H62      Tftpd Unusable in Certain Network Traffic - HP-UX 11
H60      Rpc.ypupdated Grants Unauthorized Access - HP-UX 11
H52      Ypxfrd getdbm argument validation - HP-UX 10,11
H51      VirtualVault Apache mod_ssl, mod_proxy - HP-UX 11.04 (VVOS)
H47      OpenSSH - Buffer Management - HP-UX 11
H39      Software Distributor - HP-UX 11
H37      XDR Library xdrmem_getbutes() - HP-UX 10,11
H31      Sendmail  Prescan() address parsing - HP-UX 11
H26      OpenView Agents DCE input handling - HP-UX 11
H23      Csh/ksh/sh-posix - 'here document' Unsafe Temporary Files - HP-UX
H19      Rpc.mountd - Information Leak - HP-UX 11
H17      Rpc.yppasswdd - HP-UX 10,11
H5       OpenSSH -Off-by-1 Channel - HP-UX 11.04
H1       Sendmail -Address Parsing - HP-UX 10,11
SNSI uses the latest Mitre Common Vulnerabilities and Exposures (CVE) list of computer incidents. It also contains the latest SANS/FBI top 20 vulnerability list. SNSI also uses the latest CERT, CIAC Microsoft and FedCIRC (Department of Homeland Security) advisories.
http://www.wservernews.com/060918-SunbeltNetworkSecurityInspector


WServerNews 'FAVE' LINKS

This Week's Links We Like. Tips, Hints And Fun Stuff

Cool concept 'car' at the Geneva Auto Show in Switzerland. Video:
http://www.wservernews.com/060918-Concept_Car

Looking for a secure home? Really, really secure? Then check this out!
http://www.wservernews.com/060918-Secure_Home

The video we had last week apparently was not so much crosswinds that the Boeing pilot had to deal with. It was WORSE. That airport had houses really close by so that you had to close the eye-shades during the landing to keep from seeing how close you were to buildings.
http://www.wservernews.com/060918-Landing

Got an Ant Problem? Use Aspartame. You may re-consider drinking diet Coke and Pepsi after this! [grin]
http://www.wservernews.com/060918-Aspartame

What Do You Do With 3000 Golf Balls? Funny video at YouTube:
http://www.wservernews.com/060918-3000_Golf_Balls

Mozart on rollerblades, like you've never seen/heard before!
http://www.wservernews.com/060918-Mozart

The Wrightspeed X1 electric car beats a Ferrari 360 Spider and a Porsche Carrera GT and costs half as much:
http://www.wservernews.com/060918-Electric_Car

Update: Microsoft Releases More 'Zune' Details. Here are the pics:
http://www.wservernews.com/060918-Zune

How a Horse's Rear End Affects the Space Program. Very interesting story:
http://www.wservernews.com/060918-Horse

Oh, and here is a helpful hint. Don't play with live grenades. Video:
http://www.wservernews.com/060918-Grenade

I found this in Popular Science magazine. Pretty kewl. "One Day. One bullet shaped bike. One crazy world record."
http://www.wservernews.com/060918-Bike


WServerNews - PRODUCT OF THE WEEK

"Trend Scan-Mail To Ninja" 50% Competitive Upgrade Offer

Sunbelt Software offers all existing Trend users a 50% Competitive Upgrade Discount so they can afford to move from their second- generation product to the latest third-gen (policy-based) messaging security platform for Microsoft Exchange: Ninja. Download the 30-day Ninja eval, see for yourself how good it works, and ask your Rep or Reseller for a Competitive Upgrade quote, be pleasantly surprised!
http://www.wservernews.com/060918-Ninja