CRIME FW: [Cyber_threats] Daily News 12/05/02

• Previous message: Lyle Leavitt: "CRIME [Fwd: [Information_technology] Daily News 12/05/02]"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----Original Message-----
From: NIPC Watch [mailto:nipcwatch@private] 
Sent: Thursday, December 05, 2002 6:49 AM
To: Cyber Threats
Subject: [Cyber_threats] Daily News 12/05/02

December 4, CERT/CC
Vulnerability Note VU#140977: SSH Secure Shell for Workstations contains
buffer overflow vulnerability. The Windows version of SSH Secure Shell
for
Workstations contains a buffer overflow vulnerability that may allow an
attacker to execute arbitrary code. The SSH Secure Shell for
Workstations
client includes a URL handling feature that allows users to launch URLs
that
appear in the terminal window. When the user clicks on a URL, it will be
launched using their default browser. Versions 3.1 to 3.2.0 of this
application contain a buffer overflow vulnerability that is triggered
when
the launched URL is approximately 500 characters or greater in length.
To
exploit this vulnerability, an attacker must supply a malicious URL to a
terminal session and convince the victim to launch it. Source.
http://www.kb.cert.org/vuls/id/140977


December 3, CERT/CC
Vulnerability Note VU#740169: Cyrus IMAP Server contains a buffer
overflow
vulnerability. A buffer overflow vulnerability exists in versions of
Cyrus
IMAP Server up to and including 2.1.10. This vulnerability may allow a
remote attacker to execute arbitrary code on the mail server with the
privileges of the Cyrus IMAP Server. Cyrus IMAP Server is an e-mail
application that uses the Internet Message Access Protocol (lMAP).
Version
2.1.10 and prior of the Cyrus IMAP Server contain a buffer overflow
vulnerability that may be exploited prior to authentication to the IMAP
server. Exploitation of this vulnerability may also rely on the
implementation of malloc() being used on the system. This is not
typically
root, but may lead to the ability to read all mail on the system.
Source.
http://www.kb.cert.org/vuls/id/740169

Virus: #1 Virus in USA: PE_ELKERN.D
Source: http://wtc.trendmicro.com/wtc/wmap.html, Trend World Micro Virus
Tracking Center [Infected Computers, North America, Past 24 hours, #1 in
United States]

Top 10 Target Ports
137(netbios-ns); 80(http); 1433(ms-sql-s); 21(ftp); 25(smtp);
139(netbios-ssn); 445(microsoft-ds); 4665(edonkey); 1646(sa-msg-port);
4662
Source: http://isc.incidents.org/top10.html; Internet Storm Center


_______________________________________________
Cyber_Threats mailing list
Cyber_Threats@listserv
http://listserv.infragard.org/mailman/listinfo/cyber_threats

• Next message: McCall, Bill: "RE: CRIME Fwd: [Fwd: Eugene says "NO!" to USA PATRIOT act]"
• Previous message: Lyle Leavitt: "CRIME [Fwd: [Information_technology] Daily News 12/05/02]"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Dec 05 2002 - 10:31:17 PST