Security Hero Rotating Header Image

May 7th, 2009:

moth – vulnerable web application vmware

[TOOL] moth – vulnerable web application vmware

<!– Envelope-to: email@address Delivery-date: Fri, 08 May 2009 05:16:18 +0100 Received: from outgoing.securityfocus.com ([205.206.231.26] helo=outgoing2.securityfocus.com) by lt.network5.net with esmtp (Exim 4.43) id 1M2HVS-0000iE-HH for email@address; Fri, 08 May 2009 05:16:18 +0100 Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20]) by outgoing2.securityfocus.com (Postfix) with QMQP id 99A311437EF; Thu, 7 May 2009 20:32:49 -0600 (MDT) Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm Precedence: bulk List-Id: <bugtraq.list-id.securityfocus.com> List-Post: <mailto:bugtraq@securityfocus.com> List-Help: <mailto:bugtraq-help@securityfocus.com> List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com> List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com> Delivered-To: mailing list bugtraq@securityfocus.com Delivered-To: moderator for bugtraq@securityfocus.com Received: (qmail 26065 invoked from network); 8 May 2009 01:27:05 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:date:message-id:subject :from:to:content-type:content-transfer-encoding; bh=SyCfTT2c7R3DWewqZdYZG8EgJOqHFK2fzCyTUJrAaMo=; b=p6ktcdbApNzZlWMG4QavNiKQ5+V75Oo8oywOyXfZxaWtWOPy95RUd2Ss7vt9XxYbyD IQ/Udu/wnTA3RlxsJq+bVKVO72s/6hG9SuBI3FGBNRf2KxYpg+IAvoqSCI4Q6Hq6dojN i02Cnk2fzqUtFhACLptGR9wikvm/KZlbOnIFM= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type :content-transfer-encoding; b=JScKEuXjuBW7pgap1a2tE+ZZSGIAXdtnRCgZBb3jzZtk0O/ynO4nwbVr9hcyvav5KW Fh1WowRRxetmPqXLEMHz2UibjdkQKfAKmvkiseYN419hTCtubakiE81mEXzVg72gOuKJ IpcLx6ExI+WT1dY8WNoJqNSvgQZdGz+onwEPY= MIME-Version: 1.0 Message-ID: <cdfaf8b20905071827l42929b6ex20cde4d3ae9ab1c7@mail.gmail.com> webappsec <websecurity@webappsec.org>, "owasp-argentina@lists.owasp.org" <owasp-argentina@lists.owasp.org>, Opensource Code review engine <owasp-orizon@lists.owasp.org>, owasp-appcec-tool-benchmarking-project@lists.owasp.org, pen-test@securityfocus.com, bugtraq@securityfocus.com Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-IMAPbase: 1176125385 9004 Status: O X-UID: 9004 Content-Length: 1822 X-Keywords:

4062

4062

JS/Exploit.Pdfka.A, JS/TrojanDownloader.Agent.NQB, PDF/Exploit.Pidief.GX, SWF/TrojanDownloader.Agent.NAO (2), Win32/Adware.BHO.GKZ, Win32/Adware.BHO.GLG, Win32/Adware.Coolezweb (3), Win32/Adware.InternetAntivirus, Win32/Adware.PersonalAntivirus, Win32/Agent.NFX, Win32/Agent.NXT (2), Win32/Agent.PHC, Win32/AutoRun.ABH, Win32/AutoRun.Agent.EU, Win32/Exploit.MS08-067.BT, Win32/FlyStudio.NKT (2), Win32/Hupigon, Win32/Inject.NCM, Win32/Injector.HP, Win32/Injector.LK, Win32/KillAV.NDC, Win32/Peerfrag.AR, Win32/PSW.LdPinch.NEL, Win32/PSW.OnLineGames.NMP, Win32/PSW.OnLineGames.NMY (2), Win32/PSW.OnLineGames.NNU (2), Win32/PSW.OnLineGames.ODJ, Win32/Qhost, Win32/Rootkit.Agent.NLD, Win32/Rustock.NIF (3), Win32/Spy.Banker.QRJ (2), Win32/Spy.Banker.QRK (2), Win32/Spy.Banker.QRL, Win32/Spy.Banker.QRM (2), Win32/Spy.Zbot.JF, Win32/TrojanClicker.Delf.NGO, Win32/TrojanClicker.VB.NFM, Win32/TrojanClicker.VB.QF, Win32/TrojanDownloader.Agent.PBI (2), Win32/TrojanDownloader.Banload.OOC, Win32/TrojanDownloader.Bredolab.AA, Win32/TrojanDownloader.Small.OOC (3), Win32/TrojanDownloader.Small.OOT (3), Win32/TrojanDownloader.VB.NXY (2), Win32/TrojanDownloader.Zlob.CZK, Win32/TrojanDropper.Agent.OAB (2), Win32/VB.NJY, Win32/Wigon.KI

URL: http://www.eset.com/joomla/index.php?option=com_content&task=view&id=6008&Itemid=26

[TOOL] moth – vulnerable web application vmware

Bugtraq: [TOOL] moth – vulnerable web application vmware

[TOOL] moth – vulnerable web application vmware

URL: http://www.securityfocus.com/archive/1/503363

moth – vulnerable web application vmware

[TOOL] moth – vulnerable web application vmware

Posted by Andres Riancho on May 7

List,

Moth is a VMware image with a set of vulnerable Web Applications and
scripts, that you may use for:
    – Testing Web Application Security Scanners
    – Testing Static Code Analysis tools (SCA)
    – Giving an introductory…

URL: http://seclists.org/fulldisclosure/2009/May/0066.html

Hackers taking advantage of Windows 7

Hackers taking advantage of Windows 7

Microsoft said Thursday that cybercriminals are already hawking booby-trapped versions of just-released Windows 7 operating system software.

“It’s so important for customers to get their copies of Windows from a trusted source,” Joe Williams, general manager, Worldwide Genuine Windows at Microsoft, said in an interview posted at the company’s official website.

“In the last few days we’ve seen reports of illegitimate distributions of the release candidate of our latest Windows operating system, Windows 7, being offered in a way that is designed to infect a customer’s PC with malware.” A nearly-final version of Windows 7 made its world debut on Tuesday, giving people a chance to tell Microsoft what they love or hate about the new-generation operating system.

URL: http://www.hackinthebox.org/index.php?name=News&file=article&sid=31213

FBI slow to update terror watch list

FBI slow to update terror watch list

The FBI has retained almost 24,000 names on the nation’s terrorist watch list without current or proper justification, while failing to include people who are subjects of terrorist investigations, according to a Justice Department report issued yesterday.

The FBI’s lapses “create a risk to national security,” Justice Department inspector general Glenn A. Fine said in the report. In addition, he said, keeping people on the list improperly can lead to unnecessary delays for travelers at airports, along highways, and elsewhere.

The results also underscore concerns raised by civil-liberties advocates about the list’s accuracy and transparency, and its impact on those who are inappropriately listed – or confused with someone who is on the list. The watch list, maintained by the FBI and fed by a number of government agencies, was created in 2004. As of September, it contained the names of 400,000 people. With aliases, the list grows to 1.1 million names.

URL: http://www.hackinthebox.org/index.php?name=News&file=article&sid=31212

Open source goes back to school

Open source goes back to school

The Shuttleworth Foundation is releasing an open source school information management system worldwide.

SchoolTool 1.0 is targeted at primary and secondary schools, and is in beta testing and will be deployed at the beginning of the 2010 academic year.

According to the SchoolTool Web site, the program does not depend on a technology-intensive environment, but is aimed at schools with broad access to technology in the form of computers, laptops, PDAs, cellphones and wireless pagers. SchoolTool will leverage those communication technologies to deliver the needed information.

URL: http://www.hackinthebox.org/index.php?name=News&file=article&sid=31211

Hackers ‘Tap In’ to Improve Radio Frequency (RFID) Systems

Hackers ‘Tap In’ to Improve Radio Frequency (RFID) Systems

Radio frequency identification (RFID) is behind new-age systems the Highway E-Z Pass and the MasterCard PayPass bank card. Unfortunately, it now seems hackers are trying to take advantage of this convenient technology, and security experts are facing a serious challenge in keeping people safe.

To participate in the Highway E-Z Pass, a person must first install a RFID tag in their windshield prior to traveling on a toll highway. When the driver approaches the stretch of the road that requires payment, their account is electronically debited. MasterCard PayPass bank cards work in a similar fashion.

URL: http://www.hackinthebox.org/index.php?name=News&file=article&sid=31210

IPv6 security guru fields question

IPv6 security guru fields question

Although he acknowledges that businesses have yet to embrace IPv6, security guru Scott Hogg says that doesn’t mean IT executives can ignore the security problems that the next generation Internet protocol can present. After all, he notes, operating systems such as Microsoft Vista and Linux are already IPv6 capable and thus any networks that use them might be handling IPv6 traffic without their operators’ knowledge.

In this question and answer session, Hogg, who is also the coauthor of the Cisco-approved IPv6 Security guidebook and who writes regularly for Network World’s Cisco Subnet blog, talks about steps that network operators can take to ensure that they don’t inadvertently let their network get compromised by stealth IPv6 packets.

URL: http://www.hackinthebox.org/index.php?name=News&file=article&sid=31209

North Korea said to be building cyber-war arsenal

North Korea said to be building cyber-war arsenal

North Korea is reportedly building a military unit to handle online warfare with the US and South Korea.

A report in South Korean newspaper JoongAng Daily claims that the North Korean People’s Army has built a new unit comprising 100 hackers. The hackers are said to be the biggest source of international attacks on US military web sites. The paper cited government sources in claiming that the hackers are tasked with infiltrating enemy networks and stealing sensitive data. The unit is also thought to be working on malicious programs capable of taking down IT infrastructure in the event of a war.

Cyber attacks against government systems are nothing new, particularly in the US. Most recently, agents in China and Russia were said to be behind a series of attacks on systems which manage the country’s power grid. China has since denied its role in the incident.

URL: http://www.hackinthebox.org/index.php?name=News&file=article&sid=31208

Latest iPhone 3.0 Beta Reveals Parental Controls

Latest iPhone 3.0 Beta Reveals Parental Controls

Developers got an unexpected surprise yesterday after Apple released a new beta of the iPhone OS 3.0 and a second version of iTunes 8.2. This release comes just eight days after Apple released 3.0 beta 4 and the first public version of iTunes 8.2. Apple’s typical release schedule for new 3.0 beta versions has been about two weeks. If beta 5’s availability signals a faster release schedule, then a near-final version of iPhone OS 3.0 may be just around the corner. That would make sense since it’s barely over a month until Apple’s annual Worldwide Developers Conference in San Francisco where 3.0 is expected to make its debut.

Nothing has been found in yesterday’s release as dramatic as last week’s hints that Blu-ray functionality may be coming to iTunes 8.2. However, there are some notable additions in this latest version of iPhone OS 3.0. The biggest change is that iPhone apps may be getting restriction settings with parental controls built into the iPhone. Apple has been criticized for its heavy censorship restrictions having rejected iPhone apps like Nine Inch Nails’ nin:access or South Park’s iPhone App for containing material that some users may have found objectionable. Parental controls for iPhone apps are a great way to allow users get the content they want while keeping explicit material away from minors.

URL: http://www.hackinthebox.org/index.php?name=News&file=article&sid=31207

Microsoft to patch critical PowerPoint zero day flaw

Microsoft to patch critical PowerPoint zero day flaw

Microsoft plans to issue one critical patch during its monthly patch cycle next week, plugging a critical flaw in its PowerPoint presentation program that is being actively targeted by attackers. The PowerPoint vulnerability was the only bulletin identified in the Security Bulletin Advance Notification issued today by Microsoft.

Details of the flaw surfaced last month and Microsoft acknowledged that the flaw was being exploited by hackers in the wild in targeted, limited attacks. PowerPoint versions affected by the flaw are Office PowerPoint 2000 Service Pack 3, Office PowerPoint 2002 Service Pack 3, and Office PowerPoint 2003 Service Pack 3.

In a Microsoft Security Advisory issued April 2, the software giant said the flaw could allow remote code execution if a user is tricked into opening a malicious PowerPoint file. The malicious PowerPoint files identified by some security vendors, contain a Trojan dropper embedded within the presentation. The file can be passed via an email message with a malicious PowerPoint attachment or by tricking users to view a malicious website containing a Trojan downloader.

URL: http://www.hackinthebox.org/index.php?name=News&file=article&sid=31206

IPv6 coming, ready or not

FutureNet 2009: IPv6 coming, ready or not

Although many businesses say they see no economic advantage to deploying IPv6 over their networks, several panelists at this year’s FutureNet said that they soon may not have a choice.

IPv6 is a next-generation Internet layer protocol that was designed by the Internet Engineering Task Force (IETF) to solve the problem of IP address depletion under the current Internet layer protocol, IPv4. John Curran, the chairman of the board of trustees at the American Registry for Internet Numbers, said the Internet will run out of IPv4 addresses if they continue to be used at their current pace. Needless to say, Curran thinks this will cause some significant problems.

“On the day when we run out of addresses, none of you are going to notice it on that day, but it’s the months that follow that turn out to be the problem,” he said at this week’s FutureNet conference in Boston, MA. “Backbones not going to be able to add customers unless they find more address space┬íK the pieces you deal with going to be smaller and the routing table going to pay the price.”

URL: http://www.hackinthebox.org/index.php?name=News&file=article&sid=31205

Virtualized Systems Can Be A Security Risk

Virtualized Systems Can Be A Security Risk

With companies looking for ways to cut their IT infrastructure costs, there’s no hotter technology right now than virtualization. But those cost savings could carry a big price in compromised security if IT managers aren’t careful. That was the message from Gartner Fellow Neil MacDonald in his “Securing Virtualization, Virtualizing Security” presentation this week at Everything Channel’s Midsize Enterprise Summit in Miami.

MacDonald’s argument is that most virtual machines being deployed by IT departments today aren’t as secure as physical systems. Not that virtualization is inherently less secure, MacDonald was careful to say, but most virtualization technology isn’t being deployed in a secure way.

Several times during his presentation MacDonald passionately argued that many suppliers of virtualization and security technology aren’t stepping up to the plate and providing the same kinds of protection they provide for physical systems. “The bad news is most of the big guys are still missing in action,” he said.

URL: http://www.hackinthebox.org/index.php?name=News&file=article&sid=31204

Hackers broke into FAA air traffic control systems

Hackers broke into FAA air traffic control systems

Hackers have broken into the air traffic control mission-support systems of the U.S. Federal Aviation Administration several times in recent years, according to an Inspector General report sent to the FAA this week.

In February, hackers compromised an FAA public-facing computer and used it to gain access to personally identifiable information, such as Social Security numbers, on 48,000 current and former FAA employees, the report said.

Last year, hackers took control of FAA critical network servers and could have shut them down, which would have seriously disrupted the agency’s mission-support network, the report said. Hackers took over FAA computers in Alaska, becoming “insiders,” according to the report dated Monday.

URL: http://www.hackinthebox.org/index.php?name=News&file=article&sid=31203