Weekly Newsletter from Help Net Security Issue 20 - 03.07.2000 - Covers weekly roundups of security related events. In this issue: Serious IE5 and Excel 2000 and Powerpoint 2000 remote vulnerability, IE5 and Access 2000 vulnerability, Active Setup Download problem, dos in Windows 2000 Server, dos in checkpoint firewall-1 on NT, dos in Windows 2000 telnet server, Boa Webserver local path problem, WU-FTPD and DHCP updates. Also contains weekly security news and defaced archive.
a32959b0a20f41420f9188a3a136688198f371db530e7cde638101265254371c
Net-Sec newsletter
Issue 20 - 03.07.2000
http://net-security.org
Net-Sec is a newsletter delivered to you by Help Net Security. It covers weekly
roundups of security events that were in the news the past week.
Visit Help Net Security for the latest security news - http://www.net-security.org.
Subscribe to this weekly digest on:
http://www.net-security.org/text/newsletter
Table of contents:
1) General security news
2) Security issues
3) Security world
4) Defaced archives
General security news
---------------------
----------------------------------------------------------------------------
SECURITY CHECKS CRASH ROUTERS
Red-faced networking giant Cisco has been forced to warn customers that its
routers can crash when tested for security vulnerabilities by security scanning
software programs.
Link: http://www.vnunet.com/News/1104718
SECURE MESSAGING
Critical Path detailed a suite of secure messaging services designed to help
enterprises protect information assets such as engineering drawings, financial
documents, and legal agreements transferred over the Internet.
Link: http://www.infoworld.com/articles/hn/xml/00/06/26/000626hncritical.xml
UK BACKS OFF AWAY FROM RIP BILL
CNN reports that the U.K. government is backing away from some of the more
controversial aspects of its e-mail surveillance bill (Regulation of Investigatory
Powers - RIP) currently under consideration in the House of Lords.
Link: http://www.cnn.com/2000/TECH/computing/06/26/cybersnoop.idg/index.html
CRACKED! PART 6: TELKING WITH THE ENEMY
"Soon after rebuilding the system I started talking to someone on IRC that
identified themselves as the person that had cracked our system. He was
connecting from the same places that the cracker had been coming from and
seemed to know things that only the cracker would have known, so I decided
to take him at face value. Over the first couple of weeks we talked about a
variety of subjects. I have selected some of the most interesting bits and
grouped them together to give an idea of the flavor of the conversations. It
was an interesting window into the mind of someone living a very different life."
Link: http://www.rootprompt.org/article.php3?article=588
SCENES FROM THE "HACKERS" HOOD
"The impression that most people fail to get from regular attacks is how trivial
they are," said Elias Levy, chief technology officer of SecurityFocus.com.
"These people tend to choose their targets pretty much at random - or
whoever bothers them that day, or pisses them off."
Link: http://www.wired.com/news/culture/0,1284,37238,00.html
VIRUS SCAN FOR HANDHELDS
It looks like McAfee is now offering virus scanning software for handheld
computers. Altought there are no viruses for handhelds, there is an option
to infect when you sync your handheld and your PC. Contributed by Brian.
Link: http://www.mcafee.com/wireless/handscan/default.asp?
MATTEL AND PRIVACY
In response to public complaints about privacy, Mattel Interactive announced
that the company would provide a tool that removes software that was
surreptitiously placed on customers computers and is designed to transmit
and receive information to Mattel.
Link: http://abcnews.go.com/sections/business/DailyNews/mattel000624.html
BANK DETAILS SNATCHED
A man calling himself 'Kelly' rang ABC radio station 2BL claiming he had
accessed company details from the GST information site www.gstassist.gov.au,
which contains the details of about 27,000 businesses. According to ZDnet AU,
he said that he he simply used a inserted numbers between 1 and 27,000 into
a CGI output and it retrieved records. Contributed by Apocalyse Dow.
Link: http://www.zdnet.com.au/zdnn/stories/zdnn_display/au0003700.html
NIKE HIJACKING, PART II
Nike.com hijacking received a sequel - when Nike's website was hijacked last
week, traffic was redirected through one man's Web servers in the U.K.,
bogging them down and costing his Web hosting company time and money
(at least he says so). Now he is suing Nike and he created "Shame on Nike"
web site.
Link: http://www.wired.com/news/politics/0,1283,37286,00.html
Link: http://www.shameonnike.com/
LOVE LETTER CREATOR CHARGED
Onel de Guzman is charged for writting the Love Letter worm. The National
Bureau of Investigation will charge de Guzman "traditional" crimes such as
theft and violation of a law that normally covers credit card fraud. If
charged maximum penalty of 20 years in prison.
COMPUTER ASSOCIATES REBUFFS SOPHOS ALLEGATIONS
Simon Perry, Computer Associates' vice president, told Newsbytes that he
viewed Sophos' comments as irrelevant, adding that the approach his firm
takes with warnings customers about viruses is to warn them of any potential
problems, for whatever reason. "Our reporting of viruses to our customers
has drawn kudos, both from customers and the industry at large," he said,
adding that the company aims to quickly let people know what the latest
virus is and what the associated dangers are.
Link: http://www.computeruser.com/news/00/06/30/news19.html
STUDENT ADMITS GOVERNMENT ATTACKS
A university student admitted in Boston federal court to breaking into U.S.
government computers including Defense Department and NASA systems.
Ikenna Iffih, a student at Northeastern University's College of Computer
Science, pleaded guilty to a series of coast-to-coast cyber attacks before
U.S. District Judge Robert Keeton late on Thursday.
Link: http://www.wired.com/news/politics/0,1283,37352,00.html
SEGA DREAMCAST COPYRIGHT PROTECTION BROKEN
The Dreamcast game system has been viewed as one of the most secure
digital entertainment systems on the market. It looks like it is not so
secure. Group called Utopia has broken through copyright protections
of the system.
Link: http://news.cnet.com/news/0-1005-200-2181596.html?tag=st.ne.1005.sndstry.ni
LEE ASHURT'S POINT OF VIEW
Lee Ashurst accused of hacking into and sabotaging the Internet service
Etisalat, has filed a defamation suit in Dubai against them. He has also
set up a site with his opinion on the whole situation.
Link: http://www.supportlee.4mg.com/
ISSUE DISCLOSURE POLICY
Lewis Z. Koch did an article on Rain Forrest Puppy's "issue disclosure policy",
a text dealing with reporting vulnerabilities to vendors. First version of this
text file was sent to Bugtraq approximately 3 weeks ago.
Link: http://mcafee.snap.com/main/page/pcp/cd/0,85,-1716-1431464-397786,00.html
----------------------------------------------------------------------------
Security issues
---------------
All vulnerabilities are located at:
http://net-security.org/text/bugs
----------------------------------------------------------------------------
IE 5 AND EXCEL 2000, POWERPOINT 2000 VULNERABILITY
Internet Explorer 5.01, Excel 2000 and PowerPoint under Windows 98 (suppose
other versions are also vulnerable, have not tested) allow executing programs
when viewing a web page or HTML email message - in the latter case at least
with IFRAME. This allows taking full control over user's computer.
Link: http://www.net-security.org/text/bugs/962198313,44285,.shtml
IE 5 AND ACCESS 2000 VULNERABILITY
Internet Explorer 5.01 and Access 2000 under Windows 98 (suppose other
versions are also vulnerable) allow executing programs when viewing a web
page or HTML email message - (in the latter case with IFRAME). This allows
taking full control over user's computer.
Link: http://www.net-security.org/text/bugs/962198423,71032,.shtml
PATCH FOR "ACTIVE SETUP DOWNLOAD" PROBLEM
Microsoft has released a patch that eliminates a security vulnerability in an
ActiveX control that ships with Microsoft Internet Explorer. The vulnerability
could be used to overwrite files on the computer of a user who visited a
malicious web site operator's site.
Link: http://www.net-security.org/text/bugs/962463758,19962,.shtml
DOS IN MICROSOFT WINDOWS 2000 SERVER
Multiple ports and protocols on Microsoft Windows 2000 Server are
susceptible to a simple network attack which raises CPU utilization on
Windows 2000 Server to 100%.
Link: http://www.net-security.org/text/bugs/962540960,71332,.shtml
DOS IN CHECK POINT FIREWALL-1 ON WINDOWS NT
The SMTP Security Server component of Check Point Firewall-1 4.0 and
4.1 is vulnerable to a simple network-based attack which raises the
firewall load to 100%.
Link: http://www.net-security.org/text/bugs/962541047,22517,.shtml
DOS IN MICROSOFT WINDOWS 2000 TELNET SERVER
Microsoft Windows 2000 Server is supplied with a Telnet server for remote
console access. A Denial of Service vulnerability exists in this server which
may be exploited by a local or remote attacker.
Link: http://www.net-security.org/text/bugs/962541114,23868,.shtml
BOA WEBSERVER LOCAL PATH PROBLEM
BOA Webserver is a small fast webserver that supports only basic functions.
It beats the pants off of apache for speed however, the only problem is that
it does not do any URL parsing. It admits this (somewhere on the page it says
you better lock down your file system real good), but the problem still remains.
Basically you can specify the full local path to any file on a Boa webserver and
out it spits the contents. i.e.
Link: http://www.net-security.org/text/bugs/962541273,5729,.shtml
[MANDRAKE] WU-FTPD UPDATE
Wu-ftpd is vulnerable to a very serious remote attack in the SITE EXEC
implementation. Because of user input going directly into a format string for
a *printf function, it is possible to overwrite important data, such as a return
address, on the stack.
Link: http://www.net-security.org/text/bugs/962578199,96510,.shtml
[MANDRAKE] - DHCP UPDATE
The OpenBSD team discovered a vulnerability in it that allows for remote
exploitation by a corrupt dhcp server, (or an attacker pretending to be a dhcp
server). If this vulnerability is exploited, root access can be gained on the host
running dhcp client remotely. The problem is that input is not checked and, as
a result, it is possible to execute commands remotely when the network config
files are being written on the dhcp client.
Link: http://www.net-security.org/text/bugs/962578323,92268,.shtml
----------------------------------------------------------------------------
Security world
--------------
All press releases are located at:
http://net-security.org/text/press
----------------------------------------------------------------------------
CENTRAL COMMAND ANNOUNCES PERFECTSUPPORT - [26.06.2000]
Today Central Command announced PerfectSupport, a new support service that
provides mission critical antivirus support and services. This subscription service
provides maximum virus protection to all organizations where virus prevention,
and malicious application recovery is critical to their operation. This premium
service includes unlimited toll-free phone support at any time and priority access
to Central Command's Emergency Virus Response Team during virus outbreaks.
Press release:
< http://www.net-security.org/text/press/962040421,209,.shtml >
----------------------------------------------------------------------------
eWEEK CHALLENGES PUBLIC TO HACK THEM - [27.06.2000]
In its second major test of Web enterprise security, Labs Interactive, by the
editors of eWEEK, in conjunction with digital security services firm Guardent, has
created an e-commerce site and is challenging the public to hack the site at
openhack.com. Prize money of up to $2,500 will be awarded to the first hacker to
crack the site which mimics a true corporate e-commerce network, including e-mail,
Web server, a database application, remote access and five different operating
systems. The challenge goes live on June 26 and runs through the first two weeks
of July.
Press release:
< http://www.net-security.org/text/press/962098245,92659,.shtml >
----------------------------------------------------------------------------
GENUITY ANNOUNCES ENHANCED FIREWALL SERVICES - [27.06.2000]
Genuity Inc., formerly GTE Internetworking, today announced significant new
enhancements to the Site Patrol for FireWall-1 family of managed Internet
security services. Designed to secure high-volume enterprise intranets and
e-business extranets, new leading-edge features include the industry's first High
Availability managed firewall service. Site Patrol uses StoneSoft Corporation's
award-winning StoneBeat clustering technology with dynamic load balancing to
ensure maximum availability, scalability and performance. In addition, a hot
standby, High Availability option is also available for organizations with fixed
throughput requirements.
Press release:
< http://www.net-security.org/text/press/962098361,38122,.shtml >
----------------------------------------------------------------------------
SECOND ANNUAL GLOBAL E-SECURITY CONVENTION - [28.06.2000]
Baltimore Technologies, a global leader in e-security solutions, today announced
the company's second annual Global e-Security Convention, focusing on the use
of e-security to deliver secure, trusted business models and applications. Global
e-Security 2000 is the most authoritative convention set up to educate delegates
on the business and technology benefits of e-security. This convention will
highlight PKI technology as an integral component of secure e-business with the
ability to unleash endless opportunities for companies worldwide.
Press release:
< http://www.net-security.org/text/press/962198599,45835,.shtml >
----------------------------------------------------------------------------
CA ANNOUNCES ETRUST SINGLE SIGN-ON 6.5 - [28.06.2000]
Computer Associates International, Inc., the world's leading eBusiness solutions
provider, today announced the general availability (GA) of eTrust Single Sign-On
(SSO) 6.5, the industry-leading secured access solution. The latest version of
eTrust SSO provides a comprehensive solution for eBusinesses desiring integrated
SSO and access control capabilities for existing client/server and Web-based
applications from a single product.
Press release:
< http://www.net-security.org/text/press/962198695,70218,.shtml >
----------------------------------------------------------------------------
CYLINK ANNOUNCES GENERAL EELEASE OF NETHAWK - [29.06.2000]
On June 23, Cylink Corporation began customer shipments of its NetHawk, the
companys new high-speed virtual private network (VPN) appliance for secure,
site-to-site Internet communications. NetHawk is an Internet Protocol Security
(IPSec) solution that transparently integrates into the network, providing an
enterprise-strength combination of performance and manageability.
Press release:
< http://www.net-security.org/text/press/962275562,59227,.shtml >
----------------------------------------------------------------------------
FREE LINUX FIREWALL RELEASED TO PUBLIC - [01.07.2000]
NetMaster Networking Solutions, Inc. of Chilliwack, B.C., announced today they
are making their Gateway Guardian Personal Edition firewall software available
FREE for personal and non-profit use. It can be downloaded off their web site,
www.GatewayGuardian.com, and also from over 100 download sites across the
Internet. "We have done this to meet the increasing demand for firewall protection
from families adopting high-speed cable, and DSL internet connections across
Canada and the U.S.," said Steve Hemenway, NetMaster's Vice President of Sales
and Marketing.
Press release:
< http://www.net-security.org/text/press/962464441,94200,.shtml >
----------------------------------------------------------------------------
INTERPOL AND ATOMICTANGERINE ANNOUNCE ALLIANCE - [01.07.2000]
Companies worldwide will have new access to superior intelligence in their war
against global cyber crime as a result of an innovative alliance between the
private and public sector. Working directly with Menlo Park-based venture
consulting powerhouse AtomicTangerine, famous Lyon, France-based Interpol has
initiated a special relationship designed to deliver advanced intelligence collected
by the law enforcement organization to corporations worldwide. Interpol is the
world's pre-eminent organization supporting the prevention and detection of
international crime.
Press release:
< http://www.net-security.org/text/press/962550257,75895,.shtml >
----------------------------------------------------------------------------
Defaced archives
------------------------
[25.06.2000] - Washington State Department of Social and Health Services
Original: http://maa.dshs.wa.gov/
Defaced: http://www.attrition.org/mirror/attrition/2000/06/25/maa.dshs.wa.gov/
[26.06.2000] - Epson
Original: http://www.epson.com.cn/
Defaced: http://www.attrition.org/mirror/attrition/2000/06/26/www.epson.com.cn/
[27.06.2000] - London Fire Brigade
Original: http://www.londonfirebrigade.gov.uk/
Defaced: http://www.attrition.org/mirror/attrition/2000/06/27/londonfirebrigade.gov.uk/
[27.06.2000] - Counterpart Consortium Turkmenistan
Original: http://www.cpart.org
Defaced: http://www.attrition.org/mirror/attrition/2000/06/27/www.cpart.org/
[28.06.2000] - LSU School of Social Work
Original: http://www.socialwork.lsu.edu/
Defaced: http://www.attrition.org/mirror/attrition/2000/06/28/www.socialwork.lsu.edu/
[29.06.2000] - The Bloodhound Gang Online
Original: http://www.bloodhoundgang.com/
Defaced: http://www.attrition.org/mirror/attrition/2000/06/29/www.bloodhoundgang.com/
[29.06.2000] - HyperHog Internet Service
Original: http://www.hyperhog.net/
Defaced: http://www.attrition.org/mirror/attrition/2000/06/29/www.hyperhog.net/
[30.06.2000] - Banco Union Colombiano
Original: http://www.bancounion.com.co/
Defaced: http://www.attrition.org/mirror/attrition/2000/06/30/www.bancounion.com.co/
[30.06.2000] - Philippine Association for Open Computing
Original: http://www.passoc.org/
Defaced: http://www.attrition.org/mirror/attrition/2000/06/30/www.passoc.org/
[30.06.2000] - The Undersecretariat of Foreign Trade Turkey
Original: http://www.foreigntrade.gov.tr/
Defaced: http://www.attrition.org/mirror/attrition/2000/06/30/www.foreigntrade.gov..tr/
[01.07.2000] - White Force
Original: http://www.whiteforce.com/
Defaced: http://www.attrition.org/mirror/attrition/2000/07/01/www.whiteforce.com/
[01.07.2000] - College of New Caledonia
Original: http://www.cnc.bc.ca/
Defaced: http://www.attrition.org/mirror/attrition/2000/07/01/www.cnc.bc.ca/
HNS staff
staff@net-security.org
http://net-security.org
---------------------------------------------------------------------
To unsubscribe, e-mail: news-unsubscribe@net-security.org
For additional commands, e-mail: news-help@net-security.org