=-------------------------------------------------------------------------= Issue #13 Artificial intelligence is no match for natural stupidity. =--------------------------------------------------------------------------= [ INDEX ] =--------------------------------------------------------------------------= Key Content =--------------------------------------------------------------------------= 00.0 .. COPYRIGHTS ...................................................... 00.1 .. CONTACT INFORMATION & SNAIL MAIL DROP ETC ....................... 00.2 .. SOURCES ......................................................... 00.3 .. THIS IS WHO WE ARE .............................................. 00.4 .. WHAT'S IN A NAME? why `HWA.hax0r.news'?.......................... 00.5 .. THE HWA_FAQ V1.0 ................................................ 01.0 .. GREETS .......................................................... 01.1 .. Last minute stuff, rumours, newsbytes ........................... 01.2 .. Mailbag ......................................................... 02.0 .. From the Editor.................................................. 03.0 .. Why Business Fears Distributed Attacks........................... 04.0 .. April Popular Mechanics article: Hackers and Crackers............ 05.0 .. What IS frame spoofing etc anyways?.............................. 06.0 .. What should I fear from Java and ActiveX?........................ 07.0 .. Some cool geek code (leetbuzz.c) to roll your led's from root.... 08.0 .. Building a packet sniffer from the ground up Part I.............. 09.0 .. CIAC Security advisory on HP-UX ftp,hpterm....................... 10.0 .. Sendmail DoS on versions up to latest 8.9.3...................... 11.0 .. Xylan Omniswitch 'features' (DoS)................................ 12.0 .. xfs (font server for X) bug, exploitability warning.............. 12.1 .. xfsx.sh - Very simple shell script exploit code for the recently discovered xfs security hole. By ArchAng3| of Death, Midgard Security Team. ................................................. 13.0 .. Bug allows remote systems to read local files remotely in MSIE5 14.0 .. Possible root/user level compromise in SCO TermVision............ 15.0 .. Linux INSMOD exploit/vulnerability............................... 16.0 .. Webramp DoSability............................................... 17.0 .. HP Security bulletins (March 31)................................. 18.0 .. VENGINE polymorphic mutation engine for the Melissa virus w/code. 18.1 .. [ISN] Virus camp split over melissa virus........................ 18.2 .. [ISN] The Anarchic Lure of Virus Writing ........................ 18.3 .. A shadowy bunch...Philly Inquirer................................ 18.4 .. National Post "Hang Hackers like Coin Clippers".................. 18.5 .. Second victim, erh suspect fingered on Melissa virus in Europe... 19.0 .. Various vulnerabilities;......................................... 1. Overflow in CAC.Washington.EDU ipop3d 4.xx................... 2. Overflow in pine 4.xx (Linux)................................ 3. Lockfile vunerability in pine 4.xx (Linux)................... 4. Lockfile vunerability in ipop3d 4.xx......................... 5. Linux 2.x IPC vunerability................................... 6. Linux 2.x mmap vunerability.................................. 7. Midnight Commander 4.x bugs (x2)............................. 20.0 .. AOLwatch news.................................................... 21.0 .. AntiOnline and hacker attacks.................................... 22.0 .. NATO fights Serbs online......................................... 23.0 .. Chicago man sues employer over having weak voicemail security.... 24.0 .. Mitnick speaks in a rare Q and A, (Forbes)....................... 25.0 .. Australian stock exchange to carry out threat on Y2K slackers.... 26.0 .. Hack your Palm V to add eight mb of ram!......................... 27.0 .. MDT software mentioned in last issue warrants arrests............ 28.0 .. Hot on the trail of infamous hacker/cracker Zyklon, BUSTED!...... 28.1 .. Rebuttal by Fluxx;.............................................. 29.0 .. Atlanta based ISS looks to hire hackers from OZ.................. 30.0 .. More on hacktivism from the Boston Globe......................... 31.0 .. Some nasty WinGate 3.0 DoS's, password fun and other probs....... 32.0 .. Sekure team releases problems found with ISS-scanner (rewt sploit!) 33.0 .. FileGuard crack, security vulnerabilities........................ 34.0 .. Linux system administration mini-howto by Pestilence ............ 35.0 .. Guide to using NMAP by Lamont Granquist ......................... 36.0 .. Digital Unix 4.0 has potential root compromise in /var perms..... 37.0 .. Running Procmail