CRIME NIPC Daily Report 08 May 2002

From: George Heuston (GeorgeH@private)
Date: Wed May 08 2002 - 07:09:42 PDT

  • Next message: George Heuston: "CRIME NIPC Daily Report 9 May 02"

    NIPC Daily Report
    8 May 2002
    
    Sun Solaris vulnerability could allow root access.  On 7 May, the CERT
    Coordination Center released advisory CA-2002-11 regarding a remotely
    exploitable heap overflow existing in the cachefsd program shipped and
    installed by default with Sun Solaris 2.5.1, 2.6, 7, and 8 (SPARC and
    Intel Architectures).  The vulnerability could permit a remote attacker
    to gain root access by executing arbitrary code with the privileges of
    the cachefsd, typically root. The CERT/CC has received credible reports
    of scanning and exploitation of Solaris systems running cachefsd.  The
    US DOE Computer Incident Advisory Capability (CIAC) recommends that
    administrators of vulnerable systems apply a patch from the vendor. If a
    patch is not available, disable cachefsd in inetd.conf until a patch can
    be applied. If disabling the cachefsd is not an option, follow the
    suggested workaround in the Sun Alert Notification, available at
    http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F44309
    <http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F44309> .
    (CERT Coordination Center, 7 May)
    
    Airport security upgrades requires extensive planning. Airport officials
    have begun addressing issues related to the size of the bomb-detecting
    machines, the expense of installation and the proper way to use the
    machines.  A logistical crunch is apparent at many airports where
    officials are trying to decide where the machines will go, given that
    some of the machines are the size of a large sport-utility vehicle.
    Given this, officials will start budgeting for expensive procedures such
    as moving walls, reinforcing floors and renovating bag-sorting systems.
    (The Cincinnati Enquirer, 7 May)
    
    FAA pursues new systems. The Federal Aviation Administration (FAA)
    announced on 6 May, it has finished the first phase of its Free Flight
    program, introducing several systems with safety, efficiency, and cost
    saving benefits.  Most recently, the FAA deployed the User Request
    Evaluation Tool (URET) at the Washington Air Route Traffic Control
    Center in Leesburg, VA.  URET is designed to allow pilots to fly more
    direct routes, at higher altitudes, or to adjust their routes in flight
    while receiving immediate feedback advising if the new path is safe from
    the paths of other planes.  Other air traffic control centers that
    currently have the program include Chicago, Cleveland, Indianapolis, and
    Memphis, with Atlanta scheduled to get it soon.  Thirteen other centers
    are scheduled to receive the program by the end of 2004. ( FCW.com;
    Associated Press, 7 May)
    
    DOD Emergency program moving along. Following a successful demonstration
    with state and local agencies, the federal government is ready to move
    on to a tougher test of the Domestic Emergency Response Information
    Services (DERIS) program: working with rural governments. The Department
    of Defense (DOD), which manages DERIS, is also in the process of
    transferring the program to the Federal Emergency Management Agency
    (FEMA) and the National Guard Bureau as they are both responsible for
    coordinating with first responders under the Bush administration's
    homeland security mandate. DOD, working with FEMA, the National Guard
    and other federal agencies, developed DERIS to provide a network of
    training tools to bring together first responders at all levels of
    government during an emergency. (FCW.com, 7 May)
    
    General threat of Al Qa'ida attack continues.  The national terrorist
    threat advisory, which was to have expired on 11 March, is being
    continued. Intelligence and other information indicate that both the
    capacity and desire of Al Qa'ida and other terrorist groups to attack US
    interests here and abroad continue. Law enforcement agencies are advised
    to remain at an elevated state of alert and to immediately report any
    suspected terrorist attack to the FBI. This threat advisory will remain
    in effect until further notice. ( JTF-CNO, 7 May)
    



    This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:43:05 PDT