-----Original Message----- From: NIPC Watch [mailto:nipc.watch@private] Sent: Thursday, May 01, 2003 7:44 AM To: Information Technology Subject: [Information_technology] Daily News 5/01/03 April 30, Microsoft Microsoft Security Bulletin MS03-016: Cumulative Patch for BizTalk Server. There are two vulnerabilities in Microsoft's BizTalk Server. The first vulnerability affects Microsoft BizTalk Server 2002 only. A buffer overrun exists in the HTTP receiver and could result in an attacker being able to execute code of their choice on the BizTalk Server. The second vulnerability affects both Microsoft BizTalk Server 2000 and BizTalk Server 2002. A SQL injection vulnerability exists in some of the pages used by DTA that could allow an attacker to send a crafted URL query string to a legitimate DTA user. If that user were to then navigate to the URL sent by the attacker, he or she could execute a malicious embedded SQL statement in the query string. Microsoft has assigned a risk rating of "Critical" to this vulnerability, and a patch is available at the Microsoft website: http://www.microsoft.com/technet/treeview/default.asp?url=/t echnet/security/bulletin/MS03-016.asp. Source: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/secur ity/ bulletin/MS03-016.asp April 30, IDG News Service DHS asks for tech help. Tom Ridge, secretary of the Department of Homeland Security (DHS), highlighted his department's need for technological innovations during a speech for members of the Northern Virginia Technology Council in Virginia, Tuesday. Ridge also called for the technology industry to do more to protect the U.S. technology infrastructure, noting that private companies control 85 percent of the nation's cyber resources. "We think that the lessons learned from Y2K and 9/11 should be applied and not forgotten. Ridge said he fears that some U.S. residents may be "lapsing into complacency" about the possibility of terrorist attacks. "You need to be just as worried, maybe even more worried, about somebody hacking into your system as somebody pulling up with explosives," Ridge said. Ridge asked the crowd for "good ideas and cost-effective solutions" for domestic security that can be copied across the U.S. Source: http://www.pcworld.com/news/article/0,aid,110514,00.asp April 29, eWEEK Vulnerability puts Oracle9i at risk. A new vulnerability in Oracle Corp.'s database software puts not only the information in the database at risk, but in some cases, also can lead to a compromise of the operating system. The vulnerability is in the service that enables users to create links between two Oracle databases. In order to exploit the flaw, an attacker would need to send an overly long parameter with the connect string with a query to create a database link. This would trigger the stack buffer overflow, which would in turn overwrite the saved return address on the stack. This would give the attacker the ability to run any code he chose on the vulnerable server. The vulnerability affects Oracle 9i Release 1 and 2; all releases of 8i; all releases of 8; and 7.3.x. A patch is available at the Oracle website: http://otn.oracle.com/deploy/security/pdf/2003alert54.pdf. Source: http://www.eweek.com/article2/0,3959,1047710,00.asp April 29, Associated Press U.K. arrests 'Fluffi Bunni' hacker. Lynn Htun, the man thought to be the leader of a group of hackers known as "Fluffi Bunni," was arrested Tuesday by British authorities. Fluffi Bunni captured the attention of the FBI just days after the September 11 terror attacks, when thousands of commercial Web sites were vandalized with a single break-in that included the message, "Fluffi Bunni Goes Jihad." The FBI characterized the act in a November 2001 report as an anti-American cyberprotest against the war on terrorism. Victims have included the Washington-based SANS Institute, Security Focus, and Attrition.org, a site run by experts who formerly tracked computer break-ins. Source: http://www.siliconvalley.com/mld/siliconvalley/news/5745576.htm Current Alert Levels Internet Security Systems - AlertCon: 1 out of 4 https://gtoc.iss.net/ Last Changed 8 April 2003 Security Focus ThreatCon: 1 out of 4 www.securityfocus.com Last Changed 18 April 2003 Current Virus and Port Attacks Virus: #1 Virus in USA: WORM_LOVGATE.F Source: http://wtc.trendmicro.com/wtc/wmap.html, Trend World Micro Virus Tracking Center [Infected Computers, North America, Past 24 hours, #1 in United States] Top 10 Target Ports: 137 (netbios-ns), 80 (www), 1434 (ms-sql-m), 445 (microsoft-ds), 25 (smtp), 113 (ident), 139 (netbios-ssn), 4662 (eDonkey2000), 11310 (---), 6257 (WinMX) Source: http://isc.incidents.org/top10.html; Internet Storm Center _______________________________________________ Information_technology mailing list Information_technology@listserv
This archive was generated by hypermail 2b30 : Thu May 01 2003 - 12:44:13 PDT