See Linux vulnerability infra... -----Original Message----- From: information_technology-admin@private [mailto:information_technology-admin@private] On Behalf Of InfraGard Sent: Wednesday, January 07, 2004 8:03 AM To: Information Technology Subject: [Information_technology] Daily News 1/07/04 January 06, Government Technology - Broadband lines surpass 100 million worldwide. According to a survey by British firm Point Topic, worldwide broadband Internet lines surpassed 100 million in 2003. The total number of broadband lines rose to more than 89 million in September, an increase of more than 10 million lines. That same percentage growth in the fourth quarter would push the global total of lines past 100 million, making broadband Internet one of the fastest growing technologies in history. The survey results can be found at http://www.point-topic.com/content/dslanalysis/Broadband%20in%202003%20a nalysis1.htm Source: http://www.govtech.net/news/news.php?id=83462 January 05, PC World - Security group warns of Linux flaw. There is a critical vulnerability in the code used to manage virtual memory on Linux systems. The vulnerability affects versions of the Linux kernel up to and including version 2.6 and would give low-level Linux users total control over a Linux system. ISEC Security Research said Monday, January 5, that the problem is in kernel code for a component called "mremap," the core of the Linux operating system that provides basic services for all other parts of the operating system such as allocating processor time for the programs running on the computer and managing the system's memory or storage. Attackers could use the vulnerability to create an invalid virtual memory area, which could destabilize the Linux operating system or allow a malicious user to run attack code on the system. Attackers would need local user access to the vulnerable machine, but would not need any special privileges on the Linux system to exploit the hole, ISEC said. ISEC said they have developed test code to exploit the mremap vulnerability. Users should fix vulnerable systems as soon as software patches became available from their vendor. The original advisory is available here: http://isec.pl/vulnerabilities04.html Source: http://www.pcworld.com/resource/printable/article/0,aid,114088,00.asp Current Alert Levels AlertCon: 1 out of 4 https://gtoc.iss.net Security Focus ThreatCon: 1 out of 4 http://analyzer.securityfocus.com/ Current Virus and Port Attacks Virus: #1 Virus in the United States: WORM_LOVGATE.G Source: http://wtc.trendmicro.com/wtc/wmap.html, Trend World Micro Virus Tracking Center [Infected Computers, North America, Past 24 hours, #1 in United States] Top 10 Target Ports 135 (epmap), 21 (ftp), 137 (netbios?ns), 1434 (ms?sql?m), 80 (www), 445 (microsoft?ds), 6129 (dameware), 139 (netbios?ssn), 53 (domain), 1433 (ms?sql?s) Source: http://isc.incidents.org/top10.html; Internet Storm Center _______________________________________________ Information_technology mailing list Information_technology@listserv
This archive was generated by hypermail 2b30 : Wed Jan 07 2004 - 09:57:37 PST