CRIME FW: [Cyber_threats] Daily News 11/25/02

• Previous message: Andrew Plato: "CRIME Roesch and Graham to give IDS presentation at ITEC"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----Original Message-----
From: NIPC Watch [mailto:nipcwatch@private] 
Sent: Monday, November 25, 2002 8:30 AM
To: Cyber Threats
Subject: [Cyber_threats] Daily News 11/25/02

November 21, CERT/CC
CERT Advisory CA-2002-33 Heap Overflow Vulnerability in Microsoft Data
Access Components (MDAC). A vulnerability in the Microsoft Data Access
Components (MDAC) could lead to remote execution of code with the
privileges
of the current process or user. Microsoft Data Access Components (MDAC)
is a
collection of utilities and routines to process requests between
databases
and network applications. A buffer overflow vulnerability exists in the
Remote Data Services (RDS) component of MDAC. The RDS component provides
an
intermediary step for a client's request for service from a back-end
database that enables the web site to apply business logic to the
request.
According to Microsoft's Security Bulletin MS02-065, a routine in the
RDS
component, specifically the RDS Data Stub function, contains an
unchecked
buffer. The RDS Data Stub function's purpose is to parse incoming HTTP
requests and generate RDS commands. This unchecked buffer could be
exploited
to cause a heap overflow. Source.
http://www.cert.org/advisories/CA-2002-33.html


November 18, Federal Computer Week
Cyber center planned. The Bush administration last week proposed
creating a
national. cyberspace response center to help federal, state and local
governments, as well as the private sector, detect cyber attacks. The
proposal is included in five priorities that the President's Critical
Infrastructure Protection Board is considering as part of its draft
National
Strategy to Secure Cyberspace, said Richard Clarke, board chairman. The
center would detect incidents, issue alerts, share information and
provide
assistance to start fixes, if necessary. The priorities also include a
plan
to secure federal, state and local government networks. The board
proposes
expanding the Common Criteria security product certification program and
using the government's buying power to influence vendors to improve the
security of their products. Source.
http://www.fcw.com/fcw/articles/2002/1118/news-cyber-11-18-02.asp

Virus: #1 Virus in USA:: PE_FUNLOVE.4099
Source: http://wtc.trendmicro.com/wtc/wmap.html, Trend World Micro Virus
Tracking Center [Infected Computers, North America, Past 24 hours, #1 in
United States]

Top 10 Target Ports
137(netbios-ns); 80(http); 1433(ms-sql-s); 21(ftp); 139(netbios-ssn);
4662;
25(smtp); 445(microsoft-ds); 22(ssh); 135;
Source: http://isc.incidents.org/top10.html; Internet Storm Center



_______________________________________________
Cyber_Threats mailing list
Cyber_Threats@listserv
http://listserv.infragard.org/mailman/listinfo/cyber_threats

• Next message: George Heuston: "CRIME InfraGard Meeting, Intel Aloha, 8-11AM, 4 Dec"
• Previous message: Andrew Plato: "CRIME Roesch and Graham to give IDS presentation at ITEC"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Nov 25 2002 - 11:47:06 PST