Date: 10 Aug 2004 21:44:24 -0000
From:"Peter Laborge" <plaborge@securityfocus.com>
To:linux-secnews@securityfocus.com
Subject: SecurityFocus Linux Newsletter #196
SecurityFocus Linux Newsletter #196
------------------------------------

This issue sponsored by: SPI Dynamics

ALERT: How Hackers Use LDAP Injection to Steal Your Data and Bypass
Authentication
It's as simple as placing additional LDAP query commands into a Web 
form
input box giving hackers complete access to all your backend systems!
Firewalls and IDS will not stop such attacks because LDAP Injections 
are
seen as valid data.

Download this *FREE* white paper from SPI Dynamics for a complete guide 
to
protection!

http://www.securityfocus.com/sponsor/SPIDynamics_linux-secnews_040810

------------------------------------------------------------------------
I. FRONT AND CENTER
     1. Data Driven Attacks Using HTTP Tunneling
II. LINUX VULNERABILITY SUMMARY
     1. Mozilla and Netscape SOAPParameter Integer Overflow Vulnerab...
     2. Sun Java Runtime Environment Remote XSLT Privilege Escalatio...
     3. Horde IMP HTML+TIME HTML Injection Vulnerability
     4. PuTTY Modpow Integer Handling Memory Corruption Vulnerabilit...
     5. Linux Kernel File 64-Bit Offset Pointer Handling Kernel Memo...
     6. LibPNG Graphics Library Multiple Remote Vulnerabilities
     7. PHP-Nuke Delete God Admin Access Control Bypass Vulnerabilit...
     8. Acme thttpd Directory Traversal Vulnerability
     9. Gnome VFS 'extfs' Scripts Undisclosed Vulnerability
     10. Gaim Multiple Unspecified MSN Protocol Buffer Overflow 
Vulne...
     11. LILO gfxboot Plaintext Password Display Vulnerability
     12. YaST2 Utility Library File Verification Shell Code 
Injection...
     13. Neon WebDAV Client Library Unspecified Vulnerability
     14. LibPNG Graphics Library Unspecified Remote Buffer Overflow 
V...
     15. Opera Remote Location Object Cross-Domain Scripting 
Vulnerab...
     16. Mozilla Browser Input Type HTML Tag Unauthorized Access 
Vuln...
     17. Mozilla Browser/Thunderbird SendUIDL POP3 Message Handling 
R...
     18. Mozilla Browser Non-FQDN SSL Certificate Spoofing 
Vulnerabil...
     19. Mozilla SSL Redirect Spoofing Vulnerability
     20. phpBB Login.PHP Cross-Site Scripting Vulnerability
III. LINUX FOCUS LIST SUMMARY
     1. can Hopster traffic be blocked? (Thread)
IV. NEW PRODUCTS FOR LINUX PLATFORMS
     1. Cyber-Ark  Inter-Business Vault
     2. EnCase Forensic Edition
     3. KeyGhost SX
     4. SafeKit
     5. Astaro Linux Firewall
     6. CAT Cellular Authentication Token and eAuthentication Servic...
V. NEW TOOLS FOR LINUX PLATFORMS
     1. Firewall Builder 2.0
     2. Lepton's Crack 20031130
     3. popa3d v0.6.4.1
     4. tinysofa enterprise server 2.0-rc1
     5. cenfw 0.2 beta
     6. TinyCA v0.6.4
VII. SPONSOR INFORMATION

I. FRONT AND CENTER
-------------------
1. Data Driven Attacks Using HTTP Tunneling
By Ido Dubrawsky

In this article we will look at a means to bypass the access control
restrictions of a company's router or firewall. This information is
intended to provide help for those who are legitimately testing the
security of a network (whether they are in-house expertise or outside
consultants).

http://www.securityfocus.com/infocus/1793

II. LINUX VULNERABILITY SUMMARY
-------------------------------
1. Mozilla and Netscape SOAPParameter Integer Overflow Vulnerab...
BugTraq ID: 10843
Remote: Yes
Date Published: Aug 02 2004
Relevant URL: http://www.securityfocus.com/bid/10843
Summary:
It is reported that Mozilla and Netscape contain an integer overflow 
vulnerability in the SOAPParameter object constructor. This overflow may 
result in the corruption of critical heap memory structures, leading to 
possible remote code execution.

An attacker can exploit this issue by crafting a malicious web page and 
having unsuspecting users view the page in a vulnerable version of 
Mozilla or Netscape.

Netscape 7.0, 7.1, and versions of Mozilla prior to 1.7.1 are known to 
be vulnerable to this issue. Users of affected versions of Netscape are 
urged to switch to Mozilla 1.7.1 or later, as new versions of Netscape 
are not likely to appear.

2. Sun Java Runtime Environment Remote XSLT Privilege Escalatio...
BugTraq ID: 10844
Remote: Yes
Date Published: Aug 03 2004
Relevant URL: http://www.securityfocus.com/bid/10844
Summary:
It has been reported that the Sun Java Runtime Environment is affected 
by an access validation vulnerability within the XSLT processor.

An attacker might exploit this issue to allow an untrusted applet or 
application to read data from a trusted applet or application that is 
running within the same virtual machine.  It has also been reported that 
this issue may facilitate privilege escalation.

3. Horde IMP HTML+TIME HTML Injection Vulnerability
BugTraq ID: 10845
Remote: Yes
Date Published: Aug 03 2004
Relevant URL: http://www.securityfocus.com/bid/10845
Summary:
Reportedly Horde IMP is affected by an HTML injection vulnerability due 
to insufficient sanitization of HTML+TIME script.

An attacker can exploit this issue to gain access to an unsuspecting 
user's cookie based authentication credentials; disclosure of personal 
email is possible. Other attacks are also possible.

4. PuTTY Modpow Integer Handling Memory Corruption Vulnerabilit...
BugTraq ID: 10850
Remote: Yes
Date Published: Aug 04 2004
Relevant URL: http://www.securityfocus.com/bid/10850
Summary:
Reportedly PuTTY is affected by a remote, pre-authentication code 
execution vulnerability. 

An attacker might leverage this issue to execute arbitrary code on an 
affected system.  As this issue is exploitable before any authorization 
and before the host key is verified, any remote attacker can exploit 
this to gain unauthorized access to a vulnerable computer with the 
privileges of the user that started the affected application.

5. Linux Kernel File 64-Bit Offset Pointer Handling Kernel Memo...
BugTraq ID: 10852
Remote: No
Date Published: Aug 04 2004
Relevant URL: http://www.securityfocus.com/bid/10852
Summary:
A vulnerability in the Linux kernel in the 64-bit file offset handling 
code may allow malicious users to read kernel memory.  This issue is 
due to a design error that causes the affected code to fail to properly 
validate file pointers.

An attacker may leverage this issue to read arbitrary Linux kernel 
memory.  This could allow an attacker to read sensitive data such as cached 
passwords.  This issue will certainly aid in further attacks against 
the affected computer.

It has been reported that the Linux 2.6.X kernel, although still 
vulnerable, might not be exploitable. This BID will be updated when more 
information becomes available.

6. LibPNG Graphics Library Multiple Remote Vulnerabilities
BugTraq ID: 10857
Remote: Yes
Date Published: Aug 04 2004
Relevant URL: http://www.securityfocus.com/bid/10857
Summary:
The libpng graphics library is reported prone to multiple 
vulnerabilities. The following issues are reported:

It is reported that a stack-based buffer overrun vulnerability exists 
in the libpng library (CAN-2004-0597).

A remote attacker may exploit this condition, by supplying a malicious 
image to an unsuspecting user. When this image is viewed, the 
vulnerability may be triggered resulting in code execution occurring in the 
context of the user that viewed the malicious image.

A denial of service vulnerability is also reported to affect libpng 
(CAN-2004-0598).

A remote attacker may exploit this condition, by supplying a malicious 
image to an unsuspecting user. When the malicious image is viewed, a 
NULL pointer dereference will occur resulting in a crash of the 
application that is linked to the vulnerable library.

Additionally several integer overrun vulnerabilities are reported to 
exist in png_handle_sPLT(), png_read_png() and other functions of libpng 
(CAN-2004-0599). 

A remote attacker may exploit the integer-overrun conditions, by 
supplying a malicious image to an unsuspecting user. When the malicious image 
is viewed, an integer value may wrap, or be interpreted incorrectly 
resulting in a crash of the application that is linked to the vulnerable 
library, or may potentially result in arbitrary code execution.

This BID will be split into independent BIDs when further analysis of 
these vulnerabilities is complete.

7. PHP-Nuke Delete God Admin Access Control Bypass Vulnerabilit...
BugTraq ID: 10861
Remote: Yes
Date Published: Aug 04 2004
Relevant URL: http://www.securityfocus.com/bid/10861
Summary:
PHP-Nuke is reported prone to an access control bypass vulnerability.

Reports indicate that a PHP-Nuke superuser may bypass access controls 
and privilege restrictions, to delete the PHP-Nuke "God Admin" account. 
This may be accomplished by making a specially crafted request for the 
"admin.php" script.

8. Acme thttpd Directory Traversal Vulnerability
BugTraq ID: 10862
Remote: Yes
Date Published: Aug 04 2004
Relevant URL: http://www.securityfocus.com/bid/10862
Summary:
It is reported that thttpd is susceptible to a directory traversal 
vulnerability. This issue presents itself due to insufficient sanitization 
of user-supplied data. This issue only exists in the Windows port of 
the application, as it does not correctly take into consideration the 
environmental attributes of file system access in applications.

This issue may allow an attacker to retrieve arbitrary, potentially 
sensitive files, from the affected host computer, as the user that the 
thttpd process is running as.

Version 2.07 beta 0.4 of thttpd, running on a Microsoft Windows 
platform is reported vulnerable to this issue.

9. Gnome VFS 'extfs' Scripts Undisclosed Vulnerability
BugTraq ID: 10864
Remote: Yes
Date Published: Aug 04 2004
Relevant URL: http://www.securityfocus.com/bid/10864
Summary:
Gnome VFSs 'extfs' scripts are reported prone to an undisclosed 
vulnerability.

It is reported that a user that views specially crafted, attacker 
supplied URIs utilizing the 'extfs' VFS module may be able to execute 
arbitrary commands in the context of the user.

This BID will be updated as further information is disclosed.

10. Gaim Multiple Unspecified MSN Protocol Buffer Overflow Vulne...
BugTraq ID: 10865
Remote: Yes
Date Published: Aug 04 2004
Relevant URL: http://www.securityfocus.com/bid/10865
Summary:
It is reported that there are multiple unspecified buffer overflow 
vulnerabilities in the MSN protocol module in Gaim.

Due to a lack of details, further information is not available at the 
moment. This BID will be updated as more information becomes available.

11. LILO gfxboot Plaintext Password Display Vulnerability
BugTraq ID: 10866
Remote: No
Date Published: Aug 04 2004
Relevant URL: http://www.securityfocus.com/bid/10866
Summary:
Reportedly gfxboot is affected by a plain text password display 
vulnerability.  This issue is due to a design error that fails to protect user 
passwords.

The problem reportedly results in the plain text lilo boot password to 
be displayed when typing.

An attacker might leverage this issue to read the plain text lilo boot 
password.

12. YaST2 Utility Library File Verification Shell Code Injection...
BugTraq ID: 10867
Remote: Yes
Date Published: Aug 04 2004
Relevant URL: http://www.securityfocus.com/bid/10867
Summary:
YaST2 utility library 'liby2util' is affected by a file verification 
shell code injection vulnerability.  This issue is due to a design error 
that fails to properly validate files.

An attacker could leverage this issue to inject malicious shell code 
into a file name being transferred using the vulnerable utility.  This 
might facilitate privilege escalation and unauthorized access.

13. Neon WebDAV Client Library Unspecified Vulnerability
BugTraq ID: 10869
Remote: Yes
Date Published: Aug 04 2004
Relevant URL: http://www.securityfocus.com/bid/10869
Summary:
It is reported that Neon contains an unspecified vulnerability. The 
cause of this vulnerability is currently unknown.

Due to the nature of the library, it is likely that this is a remotely 
exploitable issue.

It is currently unknown what the affects and impacts of this issue is. 
This BID will be updated immediately when more information becomes 
available.

14. LibPNG Graphics Library Unspecified Remote Buffer Overflow V...
BugTraq ID: 10872
Remote: Yes
Date Published: Aug 05 2004
Relevant URL: http://www.securityfocus.com/bid/10872
Summary:
Reportedly LibPNG contains a buffer offset calculation error that may 
facilitate a buffer overflow vulnerability.  This issue is due to a 
logical design error.

This vulnerability may allow an attacker to crash applications 
utilizing the library, or potentially allow code execution.

Please note that vulnerabilities previously outlined in this BID have 
been described in the LibPNG Graphics Library Multiple Remote 
Vulnerabilities outlined in BID 10857.

15. Opera Remote Location Object Cross-Domain Scripting Vulnerab...
BugTraq ID: 10873
Remote: Yes
Date Published: Aug 05 2004
Relevant URL: http://www.securityfocus.com/bid/10873
Summary:
Opera is affected by a remote location object cross-domain scripting 
vulnerability.  This issue is due to a failure to properly validate 
methods that a user can access.

An attacker might leverage this issue to steal cookie based 
authentication credentials, conduct phishing attacks along with other attacks.  
Furthermore, provided there is an HTML script invoking 'location' methods 
local to a victim's computer (such as c:/winnt/help/ciadmin.htm in most 
Microsoft Windows implementations) an attacker can exploit this issue 
to gain read access to directory contents, files and email read using 
Opera's email utilities.

Although this issue is reported to affect versions 1.52 and 1.53 of the 
affected software, it is likely that earlier versions are also 
affected.

16. Mozilla Browser Input Type HTML Tag Unauthorized Access Vuln...
BugTraq ID: 10874
Remote: Yes
Date Published: Aug 05 2004
Relevant URL: http://www.securityfocus.com/bid/10874
Summary:
Mozilla browser is reportedly affected by an input type HTML tag 
unauthorized access vulnerability.  This issue is due to an access validation 
error that allows access to arbitrary files on an unsuspecting user's 
system.

This issue will allow an attacker to obtain arbitrary files residing on 
the computer of an unsuspecting user that activates a malicious script.

17. Mozilla Browser/Thunderbird SendUIDL POP3 Message Handling R...
BugTraq ID: 10875
Remote: Yes
Date Published: Aug 05 2004
Relevant URL: http://www.securityfocus.com/bid/10875
Summary:
Mozilla and Mozilla Thunderbird are reported prone to a remote heap 
overflow vulnerability. The issue is reported to exist due to a lack of 
sufficient boundary checks performed on POP3 data handled by SendUidl().

An attacker controlled POP3 mail server may exploit this condition by 
sending a specifically crafted email message to the affected mail 
client. This will result in the corruption of heap-based memory.

18. Mozilla Browser Non-FQDN SSL Certificate Spoofing Vulnerabil...
BugTraq ID: 10876
Remote: Yes
Date Published: Aug 05 2004
Relevant URL: http://www.securityfocus.com/bid/10876
Summary:
Mozilla browser is reportedly vulnerable to an SSL certificate spoofing 
vulnerability in the 'cert_TestHostName()' function.  This issue is due 
to a design error that fails to properly validate certified host names.

This issue would allow an attacker to spoof a trusted certificate from 
a third party site, facilitating phishing style attacks by luring an 
unsuspecting user to enter information on what is apparently a trusted 
site.

19. Mozilla SSL Redirect Spoofing Vulnerability
BugTraq ID: 10880
Remote: Yes
Date Published: Aug 05 2004
Relevant URL: http://www.securityfocus.com/bid/10880
Summary:
It is reported that Mozilla, and products derived from Mozilla are 
susceptible to an SSL redirect spoofing vulnerability.

By exploiting this vulnerability, an attacker can ensure that the 
victims browser contains the SSL lock icon, and will display the SSL 
certificate information of a legitimate site when the lock is clicked on.

This vulnerability may aid in Phishing style attacks.

Mozilla prior to 1.7, Mozilla Firebird 0.7, Mozilla Firefox prior to 
0.9, and Mozilla Thunderbird prior to 0.7 are all reported vulnerable.

20. phpBB Login.PHP Cross-Site Scripting Vulnerability
BugTraq ID: 10883
Remote: Yes
Date Published: Aug 06 2004
Relevant URL: http://www.securityfocus.com/bid/10883
Summary:
phpBB is affected by a cross-site scripting vulnerability in the 
'login.php' script.  This issue is due to a failure of the application to 
properly sanitize user-supplied URI input.

This can be exploited by constructing links that pass malicious strings 
through the affected URI parameter. If an unsuspecting user visits such 
a link, the malicious, externally created content supplied in the link 
will be rendered (or executed, in the case of script code) as part of 
the 'login.php' document and within the context of the vulnerable 
website (including the phpBB forum).

Attackers may exploit this vulnerability to obtain the authentication 
credentials of other forum users. If the domain hosts other 
applications, their credentials and/or other sensitive information (session IDs, 
etc) may be exposed.

III. LINUX FOCUS LIST SUMMARY
-----------------------------
1. can Hopster traffic be blocked? (Thread)
Relevant URL:

http://www.securityfocus.com/archive/91/371150

IV. NEW PRODUCTS FOR LINUX PLATFORMS
------------------------------------
1. Cyber-Ark  Inter-Business Vault
By: Cyber-Ark
Platforms: Linux, Windows 2000, Windows NT, Windows XP
Relevant URL: 
http://www.cyber-ark.com/datasecuritysoftware/inter-business_vault.htm
Summary: 

Based on Cyber-Ark Software's Vaulting Technology, the Inter-Business 
Vault, an information security solution that enables organizations to 
safely overcome traditional network boundaries in order to securely share 
business information among customers, business partners, and remote 
branches. It provides a seamless, LAN-like experience over the Internet 
that includes all the security, performance, accessibility, and ease of 
administration required to allow organizations to share everyday 
information worldwide. To learn more about these core attributes of the 
Inter-Business Vault click on the relevant link below:

2. EnCase Forensic Edition
By: Guidance Software Inc.
Platforms: DOS, FreeBSD, Linux, MacOS, NetBSD, OpenBSD, PalmOS, 
Solaris, UNIX, Windows 2000, Windows 95/98, Windows NT, Windows XP
Relevant URL: 
http://www.guidancesoftware.com/products/EnCaseForensic/index.shtm
Summary: 

EnCase Forensic Edition Version 4 delivers the most advanced features 
for computer forensics and investigations. With an intuitive GUI and 
superior performance, EnCase Version 4 provides investigators with the 
tools to conduct large-scale and complex investigations with accuracy and 
efficiency. Guidance Software?s award winning solution yields 
completely non-invasive computer forensic investigations while allowing 
examiners to easily manage large volumes of computer evidence and view all 
relevant files, including "deleted" files, file slack and unallocated 
space. 

The integrated functionality of EnCase allows the examiner to perform 
all functions of the computer forensic investigation process. EnCase's 
EnScript, a powerful macro-programming language and API included within 
EnCase, allows investigators to build customized and reusable forensic 
scripts.

3. KeyGhost SX
By: KeyGhost Ltd
Platforms: BeOS, DOS, Linux, OS/2, Solaris, SunOS, Windows 2000, 
Windows 95/98, Windows NT, Windows XP
Relevant URL: http://www.keyghost.com/SX/
Summary: 

KeyGhost SX discreetly captures and records all keystrokes typed, 
including chat conversations, email, word processor, or even activity within 
an accounting or specialist system. It is completely undetectable by 
software scanners and provides you with one of the most powerful stealth 
surveillance applications offered anywhere. 

Because KeyGhost uses STRONG 128-Bit encryption to store the recorded 
data in it?s own internal memory (not on the hard drive), it is 
impossible for a network intruder to gain access to any sensitive data stored 
within the device.

4. SafeKit
By: Evidian Inc.
Platforms: AIX, HP-UX, Linux, Solaris, Windows 2000
Relevant URL: http://www.evidian.com/safekit/index.htm
Summary: 

Evidian's SafeKit technology makes it possible to render any 
application available 24 hours per day. With no extra hardware: just use your 
existing servers and install this software-only solution.

This provides ultimate scalability. As your needs grow, all you need to 
do is add more standard servers into the cluster. With the load 
balancing features of SafeKit, you can distribute applications over multiple 
servers. If one system fails completely, the others will continue to 
serve your users.

5. Astaro Linux Firewall
By: Astaro
Platforms: Linux
Relevant URL: http://www.astaro.com/php/statics.php?action=asl&lang=gb
Summary: 

Astaro Linux Firewall: All-in-one firewall, virus protection, content 
filtering and spam protection internet security software package for 
Linux. 
Free download for home users.

6. CAT Cellular Authentication Token and eAuthentication Servic...
By: Mega AS Consulting Ltd
Platforms: Java, Linux, OpenBSD, Os Independent, SecureBSD, Solaris, 
UNIX, Windows 2000, Windows NT
Relevant URL: http://www.megaas.co.nz
Summary: 

Low cost, easy to use Two Factor Authentication One Time Password token 
using the Cellular. Does not use SMS or communication, manages multiple 
OTP accounts - new technology. For any business that want a safer 
access to its Internet Services. More information at our site.
 
We also provide eAuthentication service for businesses that will not 
buy an Authentication product but would prefer to pay a monthly charge 
for authentication services from our our CAT Server.

V. NEW TOOLS FOR LINUX PLATFORMS
--------------------------------
1. Firewall Builder 2.0
By: Vadim Kurland
Relevant URL: http://www.fwbuilder.org/
Platforms: FreeBSD, Linux, MacOS, Solaris, Windows 2000, Windows XP
Summary: 

Firewall Builder consists of a GUI and set of policy compilers for 
various firewall platforms. It helps users maintain a database of objects 
and allows policy editing using simple drag-and-drop operations. The GUI 
and policy compilers are completely independent, and support for a new 
firewall platform can be added to the GUI without any changes to the 
program (only a new policy compiler is needed). This provides for a 
consistent abstract model and the same GUI for different firewall platforms. 
It currently supports iptables, ipfilter, and OpenBSD pf.

2. Lepton's Crack 20031130
By: Lepton and Nekromancer
Relevant URL: http://www.nestonline.com/lcrack/lcrack-20031130-beta.zip
Platforms: Linux, MacOS, Os Independent, UNIX, Windows 2000, Windows 
NT, Windows XP
Summary: 

Lepton's Crack is a generic password cracker. It is easily-customizable 
with a simple plugin system and allows system administrators to review 
the quality of the passwords being used on their systems. It can 
perform a dictionary-based (wordlist) attack as well as a brute force 
(incremental) password scan. It supports standard MD4 hash, standard MD5 hash, 
NT MD4/Unicode, Lotus Domino HTTP password (R4), and SHA-1 hash 
formats. LM (LAN Manager) plus appending and prepending

3. popa3d v0.6.4.1
By: Solar Designer, solar@openwall.com
Relevant URL: http://www.openwall.com/popa3d/
Platforms: Linux, Solaris
Summary: 

popa3d is a POP3 daemon which attempts to be extremely secure, 
reliable, RFC compliant, and fast (in that order).

4. tinysofa enterprise server 2.0-rc1
By: Omar Kilani
Relevant URL: http://www.tinysofa.org
Platforms: Linux, POSIX
Summary: 

tinysofa enterprise server is a secure server targeted enterprise grade 
operating system. It is based on Trustix Secure Linux and includes a 
complete distribution port to Python 2.3 and RPM 4.2, an overhauled PAM 
authentication system providing system-wide authentication 
configuration, the latest upstream packages, the replacement of ncftp with lftp, the 
addition of gdb and screen, feature additions to the swup updater that 
provide multiple configuration file support, user login FTP support, 
enable/disable support, variable expansion support (allows multiple 
architectures), and many enhancements.

5. cenfw 0.2 beta
By: Peter Robinson
Relevant URL: http://www.securegateway.org
Platforms: Linux, Windows 2000, Windows 95/98, Windows CE, Windows NT, 
Windows XP
Summary: 

The Centron IPTables Firewall Gui is an object oriented, database 
driven, windows interface to linux IPtables firewall rules.

6. TinyCA v0.6.4
By: Stephan Martin
Relevant URL: http://tinyca.sm-zone.net/
Platforms: Linux, OpenNMS, POSIX
Summary: 

TinyCA is a simple GUI written in Perl/Tk to manage a small 
certification authority. It is based on OpenSSL and Perl modules from the OpenCA 
project. TinyCA lets you manage x509 certificates. It is possible to 
export data in PEM or DER format for use with servers, as PKCS#12 for use 
with clients, or as S/MIME certificates for use with email programs. It 
is also possible to import your own PKCS#10 requests and generate 
certificates from them.

VII. SPONSOR INFORMATION
-----------------------

This issue sponsored by: SPI Dynamics

ALERT: How Hackers Use LDAP Injection to Steal Your Data and Bypass
Authentication
It's as simple as placing additional LDAP query commands into a Web 
form
input box giving hackers complete access to all your backend systems!
Firewalls and IDS will not stop such attacks because LDAP Injections 
are
seen as valid data.

Download this *FREE* white paper from SPI Dynamics for a complete guide 
to
protection!

http://www.securityfocus.com/sponsor/SPIDynamics_linux-secnews_040810

------------------------------------------------------------------------