-----Original Message----- From: information_technology-admin@private [mailto:information_technology-admin@private] On Behalf Of InfraGard Sent: Tuesday, March 02, 2004 6:51 AM To: Information Technology Subject: [Information_technology] Daily News 3/02/04 February 27, Techworld - Critical security hole in Dell OpenManage. A security hole in Dell OpenManage server could leave the product open to attack by an unauthorized user. The problem has been identified as high risk by security consultancy Secunia. The vulnerability is caused due to a boundary error in the Web server when handling certain HTTP POST requests. POST is an extremely common HTML method of processing forms but can be exploited by sending a message with a hidden but extremely long variable to cause a heap overflow. The vulnerability can be side-stepped by restricting access to Port 1311/TCP and only allowing trusted IP addresses to connect. However, without that in place, a denial of service or system access are readily achievable. Additional information is available on the Secunia Website: http://secunia.com/advisories/10994/ Source: http://www.techworld.com/news/index.cfm?fuseaction=displaynews&NewsID=11 15 February 27, eWEEK - Vulnerability in WinZip could compromise security. Security analysts on Friday, February 27, reported that versions of the popular ZIP file management program WinZip have a serious security flaw. According to iDefense Inc., an error in the parameter parsing code in these versions "allows remote attackers to execute arbitrary code." The attacker would have to construct a specially designed MIME archive (with one of .mim, .uue, .uu, .b64, .bhx, .hqx and .xxe extensions) and distribute the file to users. Once opened, the attack would trick WinZip into executing code contained in the attacking file. iDefense said it had a functioning proof-of-concept attack demonstrating the problem. The malicious file could be distributed by e-mail, on a Web page, or through peer-to-peer networks. According to iDefense, versions 7 and 8, as well as the latest beta of WinZip 9 are vulnerable to this attack. However, the released Version 9 of WinZip is not vulnerable. In addition to upgrading, users can prevent an attack by turning off automatic handling of these file types by WinZip in Windows Explorer. Source: http://www.eweek.com/article2/0,4149,1540280,00.asp February 27, eWEEK - File sharing vulnerability discovered in Mac OS X. A security issue that could result in stolen passwords and data on Friday, February 27, was revealed for Apple Computer Inc.'s Apple Filing Protocol (AFP), a component of Mac OS X 10.3.2. In a posting to the SecurityFocus BUGTRAQ list, Chris Adams, a system administrator, noted that while users could request secure connections, the system will not issue any alert or indication if an SSH connection is unavailable and then defaults to a non-secure connection. The only indication was a negative one--users must be aware that an alert "Opening Secure Connection" did not appear. This could result in users sending unencrypted passwords over an insecure connection. Adams said that any such activity would only come as the result of an active attack. "OS X does warn you before using unencrypted passwords and AFP does prevent passive password collection by encrypting the log-in process to protect the password on its way to the server. This problem allows you to trick it into sending the unencrypted password to you instead of the intended server," he said. Though his BUGTRAQ warning provided workarounds, such as manually configuring a SSH tunnel or using SFTP instead, Adams suggested that SSH should be enabled by default for both client and server and the user interface modified to clearly warn when the system is unable to establish an SSH tunnel. Additional information is available on the SecruityFocus Website: http://www.securityfocus.com/bid/9763/discussion/ Source: http://www.eweek.com/article2/0,1759,1540556,00.asp Internet Alert Dashboard Current Alert Levels AlertCon: 1 out of 4 https://gtoc.iss.net Security Focus ThreatCon: 1 out of 4 http://analyzer.securityfocus.com/ Current Virus and Port Attacks Virus: #1 Virus in the United States: WORM_NETSKY.C Source: http://wtc.trendmicro.com/wtc/wmap.html, Trend World Micro Virus Tracking Center [Infected Computers, North America, Past 24 hours, #1 in United States] Top 10 Target Ports 3127 (mydoom), 80 (www), 445 (microsoft?ds), 135 (epmap), 3128 (squid?http), 1080 (socks), 137 (netbios?ns), 1434 (ms?sql?m), 389 (ldap), 10080 (amanda) Source: http://isc.incidents.org/top10.html; Internet Storm Center _______________________________________________ Information_technology mailing list Information_technology@listserv
This archive was generated by hypermail 2b30 : Tue Mar 02 2004 - 10:21:59 PST