News UK
Headlines, most important issues and industry checklists.

Online credit checks in UK

New Safebuy assurance scheme


New UK Spamming laws

Downtime Costs European Firms 5.2bn
Britain Being hit by Inst Messaging Anarchy.

British duo face TK Worm charges

Sendmail buffer overflow in prescan() affects many versions of Linux, UNIX and BSD.

Open ssh buffer overflow DOS and possible arbitary code execution

Remote RPC call vulnerability on Windows machines due to buffer overflow that can gives local privileges.

@STAKE exec sacked for anti MS report on weakness of software monoculture.
report here

Move to bring software security into vendor purchasing process



SANS FBI top 20 chekcklist.

Operating system concensus benchmarks from Centre for Internet Security and SANS.

NSA guides. global centre for IT Security information.

News Global

Latest Exploits week previous to October the 6th 2003-

High level email virus outbreak -W32/Gibe.E-mm

Software vendors such as Oracle more responsible

30 unpatched vulnerabilities in Internet Explorer?

Hack attacks increasing according to PanSec

New IE XML Vulnerability.
and this

US-CERT goes online

Open SSH problems. Rumours.

The Blaster and Welchia worms continue to have a sustained impact on many Australian networks.

US specific cert to work in
conjunction with Shows
need for geographic focus to Certs.

Whitehouse selects Symantec
chief as head of homeland security.

Copy protected CDs launched on market.

SANS-FBI Top 20 Vulnerabilities v3.23


UKCERT Refdate
Description of exploit, vuln or advisory.
UCE-2003-10-6-6 ProFTPD ASCII File Remote Compromise Vulnerability, OpenSSH PAM challenge authentication failure, Portable OpenSSH server PAM Vulnerability + Sendmail 8.12.9 Prescan Bug -
UCE-2003-10-6-5 Two CIAC Security Advisories:1. Sun aspppls(1M) does not create the temporary file /tmp/.asppp.fifo safely. 2. OpenSSH Buffer Management Error. -
UCE-2003-10-6-4 Two Hewlett-Packard Security Bulletins:1. Potential Security Vulnerabilities in Apache HTTP Server. 2. smrsh restrictions bypass (rev.2). -
UCE-2003-10-6-3 Cumulative Patch for Internet Explorer -
UCE-2003-10-6-2 W32.Blaster.Worm -
UCE-2003-10-6-1 W32.Welchia.Worm -
UCE-2003-10-5-6 PWSteal.Finero -
UCE-2003-10-5-5 Backdoor.Hacarmy -
UCE-2003-10-5-4 EMML, EMGB : Include() hole -
UCE-2003-10-5-3 PHP-Nuke v 6.7 + Windows = File Upload -
UCE-2003-10-5-2 Conexant Access Runner DSL Console login bypass vulnerability -
UCE-2003-10-5-1 Cobalt RaQ Control Panel Cross Site Scripting -
UCE-2003-10-4-12 OpenLinux: wu-ftpd fb_realpath() off-by-one bug -
UCE-2003-10-4-11 Cisco LEAP Insecurities + POC -
UCE-2003-10-4-10 Conectiva Security Announcement - vixie-cron
UCE-2003-10-4-9 TSLSA-2003-0003 - openssl -
UCE-2003-10-4-8 Potential OpenSSL DoS. -
UCE-2003-10-4-7 [RHSA-2003:256-02] Updated Perl packages fix security issues -
UCE-2003-10-4-6 FreeBSD : kernel memory disclosure via procfs -
UCE-2003-10-4-5 Cafelog WordPress / b2 SQL injection vulnerabilities discovered and fixed in CVS -
UCE-2003-10-4-4 EartStation 5 P2P application contains malicious code -
UCE-2003-10-4-3 Cisco 6509 switch telnet vulnerability -
UCE-2003-10-4-2 WordPress Cafelog is vulnerable to a number of SQL injection attacks -
UCE-2003-10-4-1 Exploit that brute forces Microsoft's Active Directory authentication -
UCE-2003-10-3-6 WORM_LOVGATE.G -
UCE-2003-10-3-5 TROJ_QHOSTS.A -
UCE-2003-10-3-4 Packard - Potential Security Vulnerability in socket programs + sendmail -
UCE-2003-10-3-3 ProFTPD ASCII File Remote Compromise Vulnerability, OpenSSH PAM challenge authentication failure, Portable OpenSSH server PAM Vulnerability + Sendmail 8.12.9 Prescan Bug -
UCE-2003-10-3-2 W32.Logitall.A@mm -
UCE-2003-10-3-1 Trojan.Qhosts -
UCE-2003-10-2-7 TSLSA-2003-0001 - openssl -
UCE-2003-10-2-6 New Tool: MetaCoretex (DB Security Scanner) -
UCE-2003-10-2-5 Visualroute Server - reverse tracerouting -
UCE-2003-10-2-4 New OpenSSL remote vulnerability (issue date 2003/10/02) -
UCE-2003-10-2-3 Process Killing - Playing with PostThreadMessage -
UCE-2003-10-2-2 CERT Advisory CA-2003-26 Multiple Vulnerabilities in SSL/TLS Implementations -
UCE-2003-10-2-1 Inside the PostThreadMessage API.a WM_QUIT message causing the process to terminate -
UCE-2003-10-1-10 Backdoor.IRC.Tastyred --
UCE-2003-10-1-9 W97M.Tabi.Trojan -
UCE-2003-10-1-8 W32.HLLW.Gaobot.AO -
UCE-2003-10-1-7 ptl-2003-02: IBM DB2 INVOKE Command Stack Overflow Vulnerability -
UCE-2003-10-1-6 ptl-2003-01: IBM DB2 LOAD Command Stack Overflow Vulnerability -
UCE-2003-10-1-5 Multiple vulnerabilities in WinShadow -
UCE-2003-10-1-4 NOVL-2003-10087450 - Novell Response to NISCC/CERT Advisoriesre: OpenSSL CAN-2003-0545
UCE-2003-10-1-3 Cisco Security Advisory: SSL Implementation Vulnerabilities -
UCE-2003-10-1-2 Local proof of concept exploit -
UCE-2003-10-1-1 OmniCon WinShadow version 2.0 exploit -
UCE-2003-09-30-19 W32.HLLW.Donk.B -
UCE-2003-09-30-18 Trojan.Vardo -
UCE-2003-09-30-17 Trojan.PWS.QQPass.E -
UCE-2003-09-30-16 W32.HLLW.Gaobot.AN -
UCE-2003-09-30-15 Local stackbased overflow found for silly Poker v0.25.5 (advisory + poc exploit) -
UCE-2003-09-30-14 [CLA-2003:751] Conectiva Security Announcement - openssl -
UCE-2003-09-30-13 MDKSA-2003:097 - Updated mplayer packages fix buffer overflow vulnerability -
UCE-2003-09-30-12 local buffer overflow vulnerability in freesweep -
UCE-2003-09-30-11 teapop (200309-18) CAN-2003-0515
UCE-2003-09-30-10 OpenSSL ASN.1 parsing vulnerabilities. -
UCE-2003-09-30-9 Multiple OpenSSH/OpenSSL Vulnerabilities on IRIX CAN-2003-0695 CAN-2003-0787 CAN-2003-0545
UCE-2003-09-30-8 lets code execution through long IRC answer -
UCE-2003-09-30-7 Immunix Secured OS 7+ OpenSSL update CAN-2003-0543
UCE-2003-09-30-6 Immunix Secured OS 7+ OpenSSL update -
UCE-2003-09-30-5 mpg123 (200309-17) CAN-2003-0577
UCE-2003-09-30-4 OpenPKG Security Advisory (openssl) -
UCE-2003-09-30-3 Updated OpenSSL packages fix vulnerabilities CAN-2003-0543
UCE-2003-09-30-2 CERT Advisory Notice: Clarifications regarding recent vulnerabilities in OpenSSH -
UCE-2003-09-30-1 Updated OpenSSL packages fix vulnerabilities -
UCE-2003-09-29-18 DCE 1.2.2c Denial of Service Vulnerability ---
UCE-2003-09-29-17 VBS.Biscuit.A@mm -
UCE-2003-09-29-16 W32.HLLW.Fatee.B -
UCE-2003-09-29-15 W32.HLLP.Spreda.B -
UCE-2003-09-29-14 XM.VNN -
UCE-2003-09-29-13 W32.Galil.C@mm -
UCE-2003-09-29-12 sendmail prescan() vulnerability on IRIX CAN-2003-0694
UCE-2003-09-29-11 [ANNOUNCE] kses 0.2.1 -
UCE-2003-09-29-10 [CLA-2003:750] Conectiva Security Announcement - proftpd -
UCE-2003-09-29-9 New webfs packages fix buffer overflows, file and directory exposure -
UCE-2003-09-29-8 GLSA: net-ftp/proftpd (200309-16) -
UCE-2003-09-29-7 GLSA: media-video/mplayer (200309-15) -
UCE-2003-09-29-6 Shattering SEH III -
UCE-2003-09-29-5 GuppY makes XSS attacks easy -
UCE-2003-09-29-4 TSLSA-2003-0037 - proftpd -
UCE-2003-09-29-3 shatter attacks that are possible using progress bars -
UCE-2003-09-29-2 Geeklog versions 2.x -
UCE-2003-09-29-1 Remote exploit for Cfengine versions 2.-2.0.3 -
UCE-2003-09-27-9 W32.Smibag.Worm -
UCE-2003-09-27-8 PWSteal.Lemir.F -
UCE-2003-09-27-7 Backdoor.Zombam.B -
UCE-2003-09-27-6 Backdoor.Semes -
UCE-2003-09-27-5 Backdoor.Mprox -
UCE-2003-09-274 BAT.IRC.Flood -
UCE-2003-09-27-3 W32.Randex.P -
UCE-2003-09-27-2 UnixWare 7.1.3 Open UNIX 8. Sendmail: buffer overflow -
UCE-2003-09-27-1 UnixWare 7.1.3 Open UNIX 8. OpenSSH: buffer problems CAN-2003-0786
UCE-2003-09-26-10 Updated apache2 packages fix CGI scripting deadlock -


Updated proftpd packages fix remote root vulnerability


UCE-2003-09-26-8 Denial of Service Vulnerability on IRIX CAN-2003-0746
UCE-2003-09-26-5 Mplayer Buffer Overflow -
UCE-2003-09-26-7 SMC Router Denial of Service exploit -
UCE-2003-09-26-6 New marbles packages fix buffer overflow CAN-2003-0830
UCE-2003-09-26-5 Mplayer Buffer Overflow -
UCE-2003-09-26-4 Local root exploit for IBM DB2 Universal Database v7.2 -
UCE-2003-09-26-3 Exploit that causes a denial of service -
UCE-2003-09-26-2 Remote exploit for Cfengine versions 2.-2.0.3 -
UCE-2003-09-26-1 Remote exploit for atphttpd version 0.4b on Linux x86 -
UCE-2003-09-25-15 VBS.Taber -
UCE-2003-09-2514 Backdoor.Translat -
UCE-2003-09-25-13 myServer 0.4.3 Directory Traversal Vulnerability -
UCE-2003-09-2512 EORF2003-04: sbox path disclosure problem -
UCE-2003-09-25-11 LanSuite 2003 - Multiple Vulnerabilities -
UCE-2003-09-25-10 FreeBSD Security Advisory FreeBSD -
UCE-2003-09-25-9 Sanctum AppScan 4 misses potential vulnerabilities -
UCE-2003-09-25-8 Thread-IT Message Board XSS Vulnerability -
UCE-2003-09-25-6 Comment Board XSS Vulnerability -
UCE-2003-09-25-5 Privacy leak in VeriSign's SiteFinder service #2 -
UCE-2003-09-25-4 Outlook security updates not stopping Swen -
UCE-2003-09-25-3 WebWeaver version 1.06 and below -
UCE-2003-09-25-2 602PRO LanSuite 2003 for Windows -
UCE-2003-09-25-1 The Savant Web Server version 3.1 for Windows -
UCE-2003-09-24-13 proFTPD root vulnerability affecting UNIX -
UCE-2003-09-24-12 FreeBSD DOS issue -new -
UCE-2003-09-24-11 W32.Dumaru.M@mm -
UCE-2003-09-24-10 W32.Welchia.Worm -
UCE-2003-09-24-9 W32.Swen.A@mm -
UCE-2003-09-24-8 FreeBSD Security Advisory FreeBSD-SA-03:14.arp -
UCE-2003-09-24-7 'WebTool-userpass' passphrase disclosure vulnerability -
UCE-2003-09-24-6 TCLHttpd Server - Multiple Vulnerabilities -
UCE-2003-09-24-5 MondoSoft File Creation vulnerability -
UCE-2003-09-24-4 slackware WU-FTPD Security Advisory -
UCE-2003-09-24-3 slackware ProFTPD Security Advisory -
UCE-2003-09-24-2 slackware- New OpenSSH packages -
UCE-2003-09-24-1 OpenServer 5.0.7 wu-ftpd fb_realpath() off-by-one bug -
UCE-2003-09-23-6 Privacy leak in VeriSign's SiteFinder service -
UCE-2003-09-23-5 ProFTPD ASCII File Remote Compromise Vulnerability -
UCE-2003-09-23-4 WZFTPD Denial Of Service -
UCE-2003-09-23-3 Multiple PAM vulnerabilities in portable OpenSSH -
UCE-2003-09-23-2 Portable OpenSSH 3.7.1p2 released -
UCE-2003-09-23-1 mpg123 v0.59r remote client-side heap corruption exploit -
UCE-2003-09-22-8 SpeakFreely for Win remote crash through malformed GIF -
UCE-2003-09-22-7 SpeakFreely for Win spoofed DoS -
UCE-2003-09-22-6 Wu_ftpd all versions (not) vulnerability -
UCE-2003-09-22-5 dos vulnerability in Xitami Open Source Web Server -
UCE-2003-09-22-4 Red Hat: Updated Perl packages fix security issues CAN-2002-1323
UCE-2003-09-22-3 Updated Apache and mod_ssl packages fix CAN-2003-0020
UCE-2003-09-22-2 Snort not backdoored, Sourcefire not compromised -
UCE-2003-09-22-1 Remote exploit for lsh 1.4.x -
UCE-2003-09-21-3 Debian SSH fix download CAN-2003-0693
UCE-2003-09-21-2 Remote exploit for netris version 0.5 on RedHat 8.0 -
UCE-2003-09-21-1 Local root exploit for hztty 2.0 CAN-2003-0783
UCE-2003-09-20-9 New ipmasq packages fix insecure packet filtering rules CAN78-2003-05
UCE-2003-09-20-8 How Verisign's SiteFinder service breaks Windows networking -
UCE-2003-09-20-7 SuSE Security Announcement: sendmail, sendmail-tls CAN-2003-0694
UCE-2003-09-20-6 Multiple Security Issues in Netup UTM -
UCE-2003-09-20-5 How VeriSign's SiteFinder service breaks Outlook Express -
UCE-2003-09-20-4 Windows: Analysis of RPC AND Universal Heap Overflow -
UCE-2003-09-20-3 LSH: Buffer overrun and remote root compromise in lshd -
UCE-2003-09-20-2 KDM:New kdebase packages fix multiple vulnerabilites -
UCE-2003-09-20-1 myPHPnuke 1.8.8:Vulnrability -
UCE-2003-09-19-5 kde:Conectiva Security Announcement - -
UCE-2003-09-19-4 Community Wizard:Admin Access Vulnerability -
UCE-2003-09-19-3 Powerslave 4.3 Information Leak Vuln. -
UCE-2003-09-19-2 Microsoft:Wave of fake Official Microsoft Advisory -
UCE-2003-09-19-1 Linux:uninitialized buffer in midnight commander -
UCE-2003-09-18-8 The Plug and Play Web Server v1.0002c dos -
UCE-2003-09-18-7 The Plug and Play Web Server v1.0002c scripting -
UCE-2003-09-18-6 Remote Pine exploit for versions 4.56 and below CAN-2003-0720
UCE-2003-09-18-5 Remote Windows exploit for RPC DCOM CAN-2003-0528
UCE-2003-09-18-4 LSH exploit -
UCE-2003-09-18-3 Solaris sadmind exploit -
UCE-2003-09-18-2 MySQL Buffer Overflow CAN-2003-0780
UCE-2003-09-18-1 DB2 Buffer Overflow -
Top Links UK (not ranked)
UKCERT Highlights
Top Links globally (not ranked)


Exploit section which has many
code examples.

UKCERT starts email newlsletter.

UKCERT is developing a new secure database login system.

Also a forum with identification system and experts exchange.

Priority at the moment is the new Search facility and next weeks new newsletter.
CERTs Worldwide

Bank of Montreal in Customer records
on hard drive for ebay.

California law could change global business.

Canadian tech company ecommerce
patent enforced in Australia.

Global- CERT™
Australia- AusCERT
UK- UKCERT - You are here.
Canada- CanCERT
Hong Kong- HKCERT

Sector specific US certs.

Sector specific UK certs.


contact webmaster @ to add new ones
Other European based
Teams- CSIRTs

All text is available under the terms of the GNU Free Documentation License.