Friday Security Notes
Just a few things to read/follow-up/keep-an-eye-on over the weekend:
Wireshark announced a few Denial of Service vulnerabilities (i.e. it sees certain traffic and crashes) yesterday: www.wireshark.org/security/wnpa-sec-2007-01.html
UPDATE:
Release notes are available: www.wireshark.org/docs/relnotes/wireshark-0.99.5.html
Download: www.wireshark.org/download.html
Exploit code is available Computer Associates BrightStor ARCserve Backup LGSERVER.EXE
The targeted service listens on TCP/1900. The example exploit sets up a shell on TCP/4444 (but that's trivial to change)
Dshield notes a bit of a peak: isc.sans.org/port.html?port=1900
Concentrated activity towards TCP/4400 is a bit less obvious.
Cisco Vulnerabilities, there were a few issues identified by Cisco this week. Keep an eye/ear/SEC-rule out for "instability issues" on your routing infrastructure. For current details:
www.cisco.com/en/US/products/products_security_advisories_listing.html
Wireshark announced a few Denial of Service vulnerabilities (i.e. it sees certain traffic and crashes) yesterday: www.wireshark.org/security/wnpa-sec-2007-01.html
UPDATE:
Release notes are available: www.wireshark.org/docs/relnotes/wireshark-0.99.5.html
Download: www.wireshark.org/download.html
Exploit code is available Computer Associates BrightStor ARCserve Backup LGSERVER.EXE
The targeted service listens on TCP/1900. The example exploit sets up a shell on TCP/4444 (but that's trivial to change)
Dshield notes a bit of a peak: isc.sans.org/port.html?port=1900
Concentrated activity towards TCP/4400 is a bit less obvious.
Cisco Vulnerabilities, there were a few issues identified by Cisco this week. Keep an eye/ear/SEC-rule out for "instability issues" on your routing infrastructure. For current details:
www.cisco.com/en/US/products/products_security_advisories_listing.html
Keywords:
0 comment(s)
×
![modal content]()
Diary Archives
Comments