CRIME FW: [Cyber_threats] Daily News 12/30/02

From: George Heuston (GeorgeH@private)
Date: Mon Dec 30 2002 - 11:04:54 PST


-----Original Message-----
From: NIPC Watch [mailto:nipc.watch@private] 
Sent: Monday, December 30, 2002 9:57 AM
To: Cyber Threats
Subject: [Cyber_threats] Daily News 12/30/02


December 26, SecuriTeam
Cisco Vulnerable to SSH Malformed Packet Vulnerabilities. Certain Cisco
products containing support for the Secure Shell (SSH) server are
vulnerable to a Denial of Service (DoS) if the SSH server is enabled on
the device. A malformed SSH packet directed at the affected device can
cause a reload of the device. The vulnerability can be exploited to make
an affected product unavailable for several minutes while the device
reloads. Once it has resumed normal processing, the device is still
vulnerable and can be forced to reload repeatedly. A table listing all
the versions being affected, and their available fixes can be found at
http://www.cisco.com/warp/public/707/ssh-packet-suite-vuln.shtml#Softwar
e.
Upgrades may be obtained through Cisco's website at
http://www.cisco.com/tacpage/sw-center/. Workarounds consist of
disabling the SSH server, removing SSH as a remote access method,
permitting only trusted hosts to connect to the server, and blocking SSH
traffic to the device completely via external mechanisms. Source:
http://www.securiteam.com

Virus: #1 Virus in USA: PE_FUNLOVE.4099
Source: http://wtc.trendmicro.com/wtc/wmap.html, Trend World Micro Virus
Tracking Center [Infected Computers, North America, Past 24 hours, #1 in
United States]

137(netbios-ns); 80 (http); 1433(ms-sql-s); 445(microsoft-ds); 21(ftp);
443(https); 53(domain); 4662; 139(netbios-ssn); 1524(ingreslock)
Source: http://isc.incidents.org/top10.html; Internet Storm Center

_______________________________________________
Cyber_Threats mailing list
Cyber_Threats@listserv
http://listserv.infragard.org/mailman/listinfo/cyber_threats



This archive was generated by hypermail 2b30 : Mon Dec 30 2002 - 13:34:39 PST