NIPC Daily Report 8 May 2002 Sun Solaris vulnerability could allow root access. On 7 May, the CERT Coordination Center released advisory CA-2002-11 regarding a remotely exploitable heap overflow existing in the cachefsd program shipped and installed by default with Sun Solaris 2.5.1, 2.6, 7, and 8 (SPARC and Intel Architectures). The vulnerability could permit a remote attacker to gain root access by executing arbitrary code with the privileges of the cachefsd, typically root. The CERT/CC has received credible reports of scanning and exploitation of Solaris systems running cachefsd. The US DOE Computer Incident Advisory Capability (CIAC) recommends that administrators of vulnerable systems apply a patch from the vendor. If a patch is not available, disable cachefsd in inetd.conf until a patch can be applied. If disabling the cachefsd is not an option, follow the suggested workaround in the Sun Alert Notification, available at http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F44309 <http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F44309> . (CERT Coordination Center, 7 May) Airport security upgrades requires extensive planning. Airport officials have begun addressing issues related to the size of the bomb-detecting machines, the expense of installation and the proper way to use the machines. A logistical crunch is apparent at many airports where officials are trying to decide where the machines will go, given that some of the machines are the size of a large sport-utility vehicle. Given this, officials will start budgeting for expensive procedures such as moving walls, reinforcing floors and renovating bag-sorting systems. (The Cincinnati Enquirer, 7 May) FAA pursues new systems. The Federal Aviation Administration (FAA) announced on 6 May, it has finished the first phase of its Free Flight program, introducing several systems with safety, efficiency, and cost saving benefits. Most recently, the FAA deployed the User Request Evaluation Tool (URET) at the Washington Air Route Traffic Control Center in Leesburg, VA. URET is designed to allow pilots to fly more direct routes, at higher altitudes, or to adjust their routes in flight while receiving immediate feedback advising if the new path is safe from the paths of other planes. Other air traffic control centers that currently have the program include Chicago, Cleveland, Indianapolis, and Memphis, with Atlanta scheduled to get it soon. Thirteen other centers are scheduled to receive the program by the end of 2004. ( FCW.com; Associated Press, 7 May) DOD Emergency program moving along. Following a successful demonstration with state and local agencies, the federal government is ready to move on to a tougher test of the Domestic Emergency Response Information Services (DERIS) program: working with rural governments. The Department of Defense (DOD), which manages DERIS, is also in the process of transferring the program to the Federal Emergency Management Agency (FEMA) and the National Guard Bureau as they are both responsible for coordinating with first responders under the Bush administration's homeland security mandate. DOD, working with FEMA, the National Guard and other federal agencies, developed DERIS to provide a network of training tools to bring together first responders at all levels of government during an emergency. (FCW.com, 7 May) General threat of Al Qa'ida attack continues. The national terrorist threat advisory, which was to have expired on 11 March, is being continued. Intelligence and other information indicate that both the capacity and desire of Al Qa'ida and other terrorist groups to attack US interests here and abroad continue. Law enforcement agencies are advised to remain at an elevated state of alert and to immediately report any suspected terrorist attack to the FBI. This threat advisory will remain in effect until further notice. ( JTF-CNO, 7 May)
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:43:05 PDT