[iwar] [fc:Security.Alert.Consensus]

From: Fred Cohen (fc@all.net)
Date: 2002-08-29 23:26:46


Return-Path: <sentto-279987-5281-1030688764-fc=all.net@returns.groups.yahoo.com>
Delivered-To: fc@all.net
Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Thu, 29 Aug 2002 23:36:07 -0700 (PDT)
Received: (qmail 4204 invoked by uid 510); 30 Aug 2002 06:32:51 -0000
Received: from n8.grp.scd.yahoo.com (66.218.66.92) by all.net with SMTP; 30 Aug 2002 06:32:51 -0000
X-eGroups-Return: sentto-279987-5281-1030688764-fc=all.net@returns.groups.yahoo.com
Received: from [66.218.67.199] by n8.grp.scd.yahoo.com with NNFMP; 30 Aug 2002 06:26:04 -0000
X-Sender: fc@red.all.net
X-Apparently-To: iwar@onelist.com
Received: (EGP: mail-8_1_0_1); 30 Aug 2002 06:26:04 -0000
Received: (qmail 85080 invoked from network); 30 Aug 2002 06:26:04 -0000
Received: from unknown (66.218.66.217) by m6.grp.scd.yahoo.com with QMQP; 30 Aug 2002 06:26:04 -0000
Received: from unknown (HELO red.all.net) (12.232.72.152) by mta2.grp.scd.yahoo.com with SMTP; 30 Aug 2002 06:26:03 -0000
Received: (from fc@localhost) by red.all.net (8.11.2/8.11.2) id g7U6Qku26549 for iwar@onelist.com; Thu, 29 Aug 2002 23:26:46 -0700
Message-Id: <200208300626.g7U6Qku26549@red.all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL3]
From: Fred Cohen <fc@all.net>
X-Yahoo-Profile: fcallnet
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com>
Date: Thu, 29 Aug 2002 23:26:46 -0700 (PDT)
Subject: [iwar] [fc:Security.Alert.Consensus]
Reply-To: iwar@yahoogroups.com
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

                   -- Security Alert Consensus --
                       Number 034 (02.34)
                   Thursday, August 29, 2002
                       Created for you by
             Network Computing and the SANS Institute
                      Powered by Neohapsis

----------------------------------------------------------------------

Welcome to SANS' distribution of the Security Alert Consensus.

----------------------------------------------------------------------

This issue sponsored by SPI Dynamics

ALERT: Cyber-Warfare's Weapon of Choice- Web App Attacks Firewalls, IDS
and Access Controls don't stop these attacks because hackers using the
Web application layer are NOT seen as intruders. Learn why 75% of
today's successful system hacks involve Web App vulnerabilities, not
network security flaws. Download this *FREE* white paper from SPI
Dynamics.

<a href="http://www.spidynamics.com/mktg/webappsecurity20">http://www.spidynamics.com/mktg/webappsecurity20>

----------------------------------------------------------------------

An interesting advisory released this week details how it's possible
to use some Microsoft Word field trickery to create a document that
can actually display different text to different people at different
times. This can lead to some interesting situations. Imagine, for
example, a legal document that while read on the computer screen
says one thing, but when printed (and signed) says another. Did you
go back and verify that the printed version matched what you read in
the electronic version? Didn't think so. Read the details at:
<a href="http://archives.neohapsis.com/archives/bugtraq/2002-08/0274.html">http://archives.neohapsis.com/archives/bugtraq/2002-08/0274.html>

The only other notable item this week is a mega patch for Internet
Explorer that fixes six new security vulnerabilities. It's reported
as item {02.34.002}.

Until next week,
--Security Alert Consensus Team

************************************************************************

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

TABLE OF CONTENTS:

{02.34.001} Win - MS02-046: TSAC ActiveX control buffer overflow
{02.34.002} Win - MS02-047: Cumulative Internet Explorer patch
{02.34.003} Win - MS02-045: Network share provider buffer overflow/DoS
{02.34.004} Win - Multiple OmniHTTPd sample CGI CSS vulnerabilities
{02.34.026} Win - mIRC asctime decoding overflow
{02.34.006} Linux - Update {02.33.043}: KDE Konqueror ignores SSL
            certificate basic constraints
{02.34.008} Linux - Multiple Linux kernel vulnerabilities
{02.34.014} Linux - Update {02.30.024}: Mailman ml-name CGI CSS
            vulnerability
{02.34.021} Linux - Update {02.23.022}: Bugzilla 2.14.1 multiple
            vulnerabilities
{02.34.024} Linux - Update {02.32.017}: xinetd signal pipe descriptor
            DoS
{02.34.007} NW - RconJ authentication bypass
{02.34.009} SGI - Update {00.35.031}: SGI WorldView Wnn buffer overflow
{02.34.013} SCO - ndcfg command line overflow
{02.34.019} SCO - XServer command execution with privileges
{02.34.022} SCO - Update {02.26.002}: DNS libresolve/resolver buffer
            overflow
{02.34.005} NApps - LG Electronics LG3100 router DoS
{02.34.020} NApps - Belkin F5D6130 SNMP DoS
{02.34.010} Cross - Abyss Web server multiple vulnerabilities
{02.34.011} Cross - Light IRC script command execution
{02.34.012} Cross - Achievo CGI config_atkroot code execution
{02.34.015} Cross - Blazix HTTP server source retrieval and ACL bypass
{02.34.016} Cross - Mantis CGI private bug viewing
{02.34.018} Cross - GAIM Manual command execution
{02.34.023} Cross - Update {02.33.024}: Multiple Postgres function
            buffer overflows
{02.34.025} Cross - irssi channel topic DoS
{02.34.017} Tools - Sendmail 8.12.6 available


- --- Windows News -------------------------------------------------------

*** {02.34.001} Win - MS02-046: TSAC ActiveX control buffer overflow

Microsoft released MS02-046 ("TSAC ActiveX control buffer
overflow"). The Terminal Services Advanced Client ActiveX control
contains a buffer overflow in the handling of one of the input
parameters that allows a malicious Web site to execute arbitrary code
on the user's system.

FAQ and patch:
<a href="http://www.microsoft.com/technet/security/bulletin/MS02-046.asp">http://www.microsoft.com/technet/security/bulletin/MS02-046.asp>

Source: Microsoft (NT Bugtraq)
<a href="http://archives.neohapsis.com/archives/ntbugtraq/2002-q3/0108.html">http://archives.neohapsis.com/archives/ntbugtraq/2002-q3/0108.html>

*** {02.34.002} Win - MS02-047: Cumulative Internet Explorer patch

Microsoft released MS02-047 ("Cumulative Internet Explorer
patch"). This is a cumulative Internet Explorer patch that fixes all
past security vulnerabilities as well as six new vulnerabilities,
including the official patch for the Gopher protocol overflow reported
earlier.

FAQ and patch:
<a href="http://www.microsoft.com/technet/security/bulletin/MS02-047.asp">http://www.microsoft.com/technet/security/bulletin/MS02-047.asp>

Source: Microsoft (NTBugtraq)
<a href="http://archives.neohapsis.com/archives/ntbugtraq/2002-q3/0109.html">http://archives.neohapsis.com/archives/ntbugtraq/2002-q3/0109.html>

*** {02.34.003} Win - MS02-045: Network share provider buffer
		overflow/DoS

Microsoft released MS02-045 ("Network share provider buffer
overflow/DoS"). The network share provider service included with
Windows NT, 2000 and XP contains a buffer overflow in the handling
of certain SMB parameters that allows a remote attacker to crash the
system, thereby leading to a denial of service attack.

FAQ and patch:
<a href="http://www.microsoft.com/technet/security/bulletin/MS02-045.asp">http://www.microsoft.com/technet/security/bulletin/MS02-045.asp>

Source: Microsoft (NTBugtraq)
<a href="http://archives.neohapsis.com/archives/ntbugtraq/2002-q3/0107.html">http://archives.neohapsis.com/archives/ntbugtraq/2002-q3/0107.html>

*** {02.34.004} Win - Multiple OmniHTTPd sample CGI CSS vulnerabilities

Multiple vulnerabilities reportedly exist in the sample CGI scripts
included with OmniHTTPd. The test.shtml, test.php and redir.exe sample
scripts all are vulnerable to cross-site scripting.

These vulnerabilities are not confirmed.

Source: SecurityFocus Bugtraq
<a href="http://archives.neohapsis.com/archives/bugtraq/2002-08/0263.html">http://archives.neohapsis.com/archives/bugtraq/2002-08/0263.html>
<a href="http://archives.neohapsis.com/archives/bugtraq/2002-08/0264.html">http://archives.neohapsis.com/archives/bugtraq/2002-08/0264.html>
<a href="http://archives.neohapsis.com/archives/bugtraq/2002-08/0266.html">http://archives.neohapsis.com/archives/bugtraq/2002-08/0266.html>

*** {02.34.026} Win - mIRC asctime decoding overflow

Versions 6.02 and prior of the mIRC client contain a buffer overflow
in the handling of data passed to the $asctime function, potentially
allowing a malicious IRC user or server to execute arbitrary code.

This vulnerability is confirmed and fixed in version 6.03.

Source: VulnWatch
<a href="http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0092.html">http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0092.html>


- --- Linux News ---------------------------------------------------------

*** {02.34.006} Linux - Update {02.33.043}: KDE Konqueror ignores SSL
		certificate basic constraints

Debian released updated kdelibs packages that fix the vulnerability
discussed in {02.33.043} ("KDE Konqueror ignores SSL certificate
basic constraints").

Updated DEBs are listed at the reference URL below.

Source: Debian
<a href="http://archives.neohapsis.com/archives/vendor/2002-q3/0044.html">http://archives.neohapsis.com/archives/vendor/2002-q3/0044.html>

*** {02.34.008} Linux - Multiple Linux kernel vulnerabilities

A Red Hat advisory indicates that multiple kernel security
vulnerabilities exist in the 2.4.18 and prior kernels. All Linux
kernels are affected.

It is unknown at this time whether the 2.4.19 Linux kernel fixes
these problems.

Updated Red Hat RPMs are available at the reference URL below.

Source: Red Hat
<a href="http://archives.neohapsis.com/archives/linux/redhat/2002-q3/0060.html">http://archives.neohapsis.com/archives/linux/redhat/2002-q3/0060.html>

*** {02.34.014} Linux - Update {02.30.024}: Mailman ml-name CGI CSS
		vulnerability

Both Red Hat and Debian rereleased updated mailman packages that
fix the vulnerability discussed in {02.30.024} ("Mailman ml-name CGI
CSS vulnerability").

Updated Red Hat RPMs:
<a href="http://archives.neohapsis.com/archives/bugtraq/2002-08/0245.html">http://archives.neohapsis.com/archives/bugtraq/2002-08/0245.html>

Updated Debian DEBs:
<a href="http://archives.neohapsis.com/archives/vendor/2002-q3/0048.html">http://archives.neohapsis.com/archives/vendor/2002-q3/0048.html>

Source: Red Hat, Debian
<a href="http://archives.neohapsis.com/archives/bugtraq/2002-08/0245.html">http://archives.neohapsis.com/archives/bugtraq/2002-08/0245.html>
<a href="http://archives.neohapsis.com/archives/vendor/2002-q3/0048.html">http://archives.neohapsis.com/archives/vendor/2002-q3/0048.html>

*** {02.34.021} Linux - Update {02.23.022}: Bugzilla 2.14.1 multiple
		vulnerabilities

Red Hat released updated bugzilla packages that fix the vulnerability
discussed in {02.23.022} ("Bugzilla 2.14.1 multiple vulnerabilities").

Updated RPMs are listed at the reference URL below.

Source: Red Hat
<a href="http://archives.neohapsis.com/archives/linux/redhat/2002-q3/0058.html">http://archives.neohapsis.com/archives/linux/redhat/2002-q3/0058.html>

*** {02.34.024} Linux - Update {02.32.017}: xinetd signal pipe
		descriptor DoS

Mandrake released updated xinetd packages that fix the vulnerability
discussed in {02.32.017} ("xinetd signal pipe descriptor DoS").

Updated RPMs are listed at the reference URL below.

Source: Mandrake (SF Bugtraq)
<a href="http://archives.neohapsis.com/archives/bugtraq/2002-08/0279.html">http://archives.neohapsis.com/archives/bugtraq/2002-08/0279.html>


- --- NetWare News -------------------------------------------------------

*** {02.34.007} NW - RconJ authentication bypass

A Novell advisory indicates that RconJ authentication can be bypassed
when using the Secure IP/SSL option. This allows a remote attacker
to gain console access to the server.

A patch is available at:
<a href="http://support.novell.com/servlet/tidfinder/2963349">http://support.novell.com/servlet/tidfinder/2963349>

Source: Novell (SF Bugtraq)
<a href="http://archives.neohapsis.com/archives/bugtraq/2002-08/0216.html">http://archives.neohapsis.com/archives/bugtraq/2002-08/0216.html>


- --- SGI News -----------------------------------------------------------

*** {02.34.009} SGI - Update {00.35.031}: SGI WorldView Wnn buffer
		overflow

SGI finally released updated worldview packages that fix the
vulnerability discussed in {00.35.031} ("SGI WorldView Wnn buffer
overflow").

Full patch information is available at the reference URL below.

Source: SGI
<a href="http://archives.neohapsis.com/archives/vendor/2002-q3/0045.html">http://archives.neohapsis.com/archives/vendor/2002-q3/0045.html>


- --- SCO News -----------------------------------------------------------

*** {02.34.013} SCO - ndcfg command line overflow

The ndcfg utility contains a buffer overflow in the handling of
command-line parameters that allows a local attacker to execute
arbitrary code with elevated privileges.

The vendor confirmed this vulnerability. Updated binaries are listed
at the reference URL below.

Source: Caldera/SCO
<a href="http://archives.neohapsis.com/archives/linux/caldera/2002-q3/0012.html">http://archives.neohapsis.com/archives/linux/caldera/2002-q3/0012.html>

*** {02.34.019} SCO - XServer command execution with privileges

A Caldera/SCO advisory indicates that the XServer does not properly
drop privileges before executing external commands, thereby allowing
a local attacker to gain root privileges.

The vendor confirmed this vulnerability. Updated binaries are listed
in the reference URL below.

Source: Caldera/SCO
<a href="http://archives.neohapsis.com/archives/linux/caldera/2002-q3/0014.html">http://archives.neohapsis.com/archives/linux/caldera/2002-q3/0014.html>

*** {02.34.022} SCO - Update {02.26.002}: DNS libresolve/resolver
		buffer overflow

Caldera/SCO released updates for UnixWare 7.1.1 that fix the
vulnerability discussed in {02.26.002} ("DNS libresolve/resolver
buffer overflow").

Updated UnixWare 7.1.1 binaries are available at:
<a href="ftp://ftp.caldera.com/pub/updates/UnixWare/CSSA-2002-SCO.37">ftp://ftp.caldera.com/pub/updates/UnixWare/CSSA-2002-SCO.37>

Source: Caldera/SCO
<a href="http://archives.neohapsis.com/archives/linux/caldera/2002-q3/0013.html">http://archives.neohapsis.com/archives/linux/caldera/2002-q3/0013.html>


- --- Network Appliances News --------------------------------------------

*** {02.34.005} NApps - LG Electronics LG3100 router DoS

The LG Electronics LG3100f and LG3100p routers contain denial
of service vulnerabilities that come from buffer overflows in the
handling of large HTTP and telnet data streams as well as from handling
malformed TCP packets.

These vulnerabilities are not confirmed.

Source: SecurityFocus Bugtraq
<a href="http://archives.neohapsis.com/archives/bugtraq/2002-08/0210.html">http://archives.neohapsis.com/archives/bugtraq/2002-08/0210.html>
<a href="http://archives.neohapsis.com/archives/bugtraq/2002-08/0228.html">http://archives.neohapsis.com/archives/bugtraq/2002-08/0228.html>

*** {02.34.020} NApps - Belkin F5D6130 SNMP DoS

The Belkin F5D6130 wireless access point is vulnerable to a remotely
exploitable denial of service, whereby a flood of particular SNMP
requests will cause the device to cease to function.

This vulnerability is not confirmed.

Source: SecurityFocus Bugtraq
<a href="http://archives.neohapsis.com/archives/bugtraq/2002-08/0265.html">http://archives.neohapsis.com/archives/bugtraq/2002-08/0265.html>


- --- Cross-Platform News ------------------------------------------------

*** {02.34.010} Cross - Abyss Web server multiple vulnerabilities

The Abyss Web server version 1.0.3 reportedly contains two
vulnerabilities: an administration console authentication bypass and
a reverse directory traversal vulnerability. The end result is that
remote attackers can access files outside the Web root and change
configuration settings.

These vulnerabilities are not confirmed.

Source: SecurityFocus Bugtraq
<a href="http://archives.neohapsis.com/archives/bugtraq/2002-08/0229.html">http://archives.neohapsis.com/archives/bugtraq/2002-08/0229.html>

*** {02.34.011} Cross - Light IRC script command execution

The Light IRC script prior to version 2.7.30p5 contains a vulnerability
in the handling of channel names that may allow a malicious IRC
attacker to execute arbitrary script code on the user's system.

This vulnerability is confirmed and fixed in version 2.7.30p5, which
is available at:
<a href="ftp://ftp.light.canuck.gen.nz/pub/Light/">ftp://ftp.light.canuck.gen.nz/pub/Light/>

Debian also released updated DEBs, which are listed at:

Source: SecurityFocus Bugtraq, Debian
<a href="http://archives.neohapsis.com/archives/bugtraq/2002-08/0231.html">http://archives.neohapsis.com/archives/bugtraq/2002-08/0231.html>
<a href="http://archives.neohapsis.com/archives/vendor/2002-q3/0046.html">http://archives.neohapsis.com/archives/vendor/2002-q3/0046.html>

*** {02.34.012} Cross - Achievo CGI config_atkroot code execution

Versions of the Achievo CGI suite prior to 0.8.2 do not properly handle
the config_atkroot URL parameter, which allows a remote attacker to
execute arbitrary PHP code on the system.

The vendor confirmed this vulnerability and released version 0.8.2,
which is available at:
<a href="http://www.achievo.org/download/">http://www.achievo.org/download/>

Source: SecurityFocus Bugtraq
<a href="http://archives.neohapsis.com/archives/bugtraq/2002-08/0235.html">http://archives.neohapsis.com/archives/bugtraq/2002-08/0235.html>

*** {02.34.015} Cross - Blazix HTTP server source retrieval and ACL
		bypass

Versions 1.2.1 and prior of the Blazix HTTP server contain two
vulnerabilities: retrieval of the source code of server-side scripts
by appending particular characters to the URL and access to Web
directories that are explicitly configured to be forbidden.

The vendor confirmed these vulnerabilities and released version 1.2.2.

Source: SecurityFocus Bugtraq
<a href="http://archives.neohapsis.com/archives/bugtraq/2002-08/0259.html">http://archives.neohapsis.com/archives/bugtraq/2002-08/0259.html>

*** {02.34.016} Cross - Mantis CGI private bug viewing

The Mantis CGI suite prior to version 0.17.5 allows a remote attacker
to view bugs that are otherwise marked private.

The vendor confirmed this vulnerability and released version 0.17.5.

Source: SecurityFocus Bugtraq
<a href="http://archives.neohapsis.com/archives/bugtraq/2002-08/0253.html">http://archives.neohapsis.com/archives/bugtraq/2002-08/0253.html>
<a href="http://archives.neohapsis.com/archives/bugtraq/2002-08/0255.html">http://archives.neohapsis.com/archives/bugtraq/2002-08/0255.html>

*** {02.34.018} Cross - GAIM Manual command execution

GAIM contains a vulnerability in the handling of the 'Manual' browser
command that could allow a link clicked on by the user to execute
arbitrary command-line commands.

Debian confirmed this vulnerability and released updated DEBs, which
are listed at:
<a href="http://archives.neohapsis.com/archives/vendor/2002-q3/0049.html">http://archives.neohapsis.com/archives/vendor/2002-q3/0049.html>

Source: Debian
<a href="http://archives.neohapsis.com/archives/vendor/2002-q3/0049.html">http://archives.neohapsis.com/archives/vendor/2002-q3/0049.html>

*** {02.34.023} Cross - Update {02.33.024}: Multiple Postgres function
		buffer overflows

Postgres version 7.2.2 was released. It fixes the vulnerability
discussed in {02.33.024} ("Multiple Postgres function buffer
overflows").

The update can be downloaded from:
<a href="ftp://ftp.postgresql.org/pub/sources/v7.2.2">ftp://ftp.postgresql.org/pub/sources/v7.2.2>

Source: SecurityFocus Bugtraq
<a href="http://archives.neohapsis.com/archives/bugtraq/2002-08/0258.html">http://archives.neohapsis.com/archives/bugtraq/2002-08/0258.html>

*** {02.34.025} Cross - irssi channel topic DoS

The irssi IRC client crashes when a user joins a channel with a
particularly long topic description. This then leads to a denial of
service attack.

Debian released updated DEBs, which are available at the reference
URL below.

Source: Debian
<a href="http://archives.neohapsis.com/archives/vendor/2002-q3/0047.html">http://archives.neohapsis.com/archives/vendor/2002-q3/0047.html>


- --- Tool Announcements News --------------------------------------------

*** {02.34.017} Tools - Sendmail 8.12.6 available

Sendmail version 8.12.6 was released. The new version contains bug
fixes only; no new security problems are involved.

The source code can be downloaded at:
<a href="ftp://ftp.sendmail.org/pub/sendmail/">ftp://ftp.sendmail.org/pub/sendmail/>

Source: Sendmail
<a href="http://archives.neohapsis.com/archives/sendmail/2002-q3/0001.html">http://archives.neohapsis.com/archives/sendmail/2002-q3/0001.html>

************************************************************************

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (BSD/OS)
Comment: For info see http://www.gnupg.org

iD8DBQE9bn8Q+LUG5KFpTkYRAljVAJ42i1vS2svUvuLS0rTnfm3NTqPzPwCeJo7H
qMhdILThDz22RvpFT75QTWo=
=Cy5o
-----END PGP SIGNATURE-----
------------------------------------------------------------------------

This issue sponsored by SPI Dynamics

ALERT: Cyber-Warfare's Weapon of Choice- Web App Attacks Firewalls, IDS
and Access Controls don't stop these attacks because hackers using the
Web application layer are NOT seen as intruders. Learn why 75% of
today's successful system hacks involve Web App vulnerabilities, not
network security flaws. Download this *FREE* white paper from SPI
Dynamics.

<a href="http://www.spidynamics.com/mktg/webappsecurity20">http://www.spidynamics.com/mktg/webappsecurity20>

----------------------------------------------------------------------

Become a Security Alert Consensus member! If this e-mail was passed
to you and you would like to begin receiving our security e-mail
newsletter on a weekly basis, we invite you to subscribe today.
<a href="http://www.sans.org/sansnews/">http://www.sans.org/sansnews/>

We are signing the Consensus newsletter
with PGP. The new SANS PGP key is posted at:
<a href="http://www.pgp.net:11371/pks/lookup?op=get&search=0xA1694E46">http://www.pgp.net:11371/pks/lookup?op=get&search=0xA1694E46> 
and can
also be accessed from the SANS Web site (http://www.sans.org).

Special Note: To better secure your confidential information,
we will no longer include personal URLs in our Consensus
newsletter mailings. Instead, we have created a new form
(http://www.sans.org/sansurl). On this 
form you can enter the SD
number located near your name at the top of the newsletter. When you
submit this form, an e-mail containing a URL will be sent to you at
the e-mail address on record. With this URL you can make changes to
your account (edit the content of your Consensus mailing, for example)
without endangering the security of your personal URL. If you'd like
to change your e-mail address or other information, please visit your
new URL as described above. If you have any problems or questions,
e-mail us at &lt;<a href="mailto:consensus@nwc.com?Subject=Re:%20Security%20Alert%20Consensus%20#034%2526In-Reply-To=%2526lt;200208296368.QAN82559@server2.SANS.ORG">consensus@nwc.com</a>.

If you would like to unsubscribe from this newsletter, grab your SD
number (next to your name at the top of this message) and visit the
URL below. You will be sent a personal URL via E-mail, from which
you can unsubscribe.  http://www.sans.org/sansurl

Missed an issue? You can find all back issues of
Security Alert Consensus (and Security Express) online.
<a href="http://archives.neohapsis.com/">http://archives.neohapsis.com/>

Your opinion counts. We'd like to hear your thoughts on Security Alert
Consensus. E-mail any questions or comments to &lt;<a href="mailto:consensus@nwc.com?Subject=Re:%20Security%20Alert%20Consensus%20#034%2526In-Reply-To=%2526lt;200208296368.QAN82559@server2.SANS.ORG">consensus@nwc.com</a>.

Copyright (c) 2002 Network Computing, a CMP Media LLC
publication. All Rights Reserved. Distributed by Network
Computing (http://www.networkcomputing.com) 
and The SANS Institute
(http://www.sans.org). Powered by Neohapsis Inc., 
a Chicago-based
security assessment and integration services consulting group
(<a href="mailto:info@neohapsis.com?Subject=Re:%20Security%20Alert%20Consensus%20#034%2526In-Reply-To=%2526lt;200208296368.QAN82559@server2.SANS.ORG">info@neohapsis.com</a> 

------------------------ Yahoo! Groups Sponsor ---------------------~-->
4 DVDs Free +s&p Join Now
http://us.click.yahoo.com/pt6YBB/NXiEAA/MVfIAA/kgFolB/TM
---------------------------------------------------------------------~->

------------------
http://all.net/ 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 



This archive was generated by hypermail 2.1.2 : 2002-10-01 06:44:32 PDT