Threat Level: green Handler on Duty: Daniel Wesemann

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

With Every Patch Tuesday there is a Black Wednesday, Juniper Update, COAST (adware-spyware) is toast, Virus Spreading through MSN?, Comcast downtime

Published: 2005-04-13
Last Updated: 2005-04-14 01:53:34 UTC
by John Bambenek (Version: 1)
0 comment(s)
With Every Patch Tuesday there is a Black Wednesday



With all the patches for MS yesterday, several new proof-of-concepts and exploit codes were published (they're not just for Microsoft anymore).
<Br>

MS05-16 - Windows Shell Vulnerability



Details: and



MS05-17 - Message Queueing Vulnerability



Details:



Oracle Buffer Overflows



which is patchable.



which is not patchable as of right now.

Debugger Exploits



and for you Visual C++, OllyDbg, WinDbg users.
<Br>

is so you Linux-based malware analysts don't feel left out from the fun.



These exploits have been brought to you be the number 0 and the letters w and n.



Juniper Update



009
(login required)
<Br>

Juniper has updated their notification to state that they do not user PMTUD for BGP sessions. Therefore, if you can filter or disable SQuench you may not have an ICMP BGP vulnerability.



COAST (adware-spware) is toast



The Consortium Of Anti-Spyware Technology vendors (COAST) has ceased operations and their website will go away on Tax Day (April 15th). No explanation is given.



Virus Spreading through MSN?



Messages will refer you to a URL similar to http://www.reallybadpeople.fakeTLD/gallery/pictures.php?email=targethost@isp.com (not a real URL) that will then download some malware to your machine and then proceed to propogate its funness. This just came in and haven't had the chance to reverse engineer it to see more precisely what it does, but its standard fare. Download bad file, trick user into running bad file, "Dude, you're getting pwn3d!".



Comcast Downtime



We've had several reports today at various times that Comcast was having troubles. Turns out they were.



From there:

(Connection to the Internet is currently unavailable. Our technicians are aware of the situation and are working to resolve the issue. This outage was logged at : 4/13/2005 6:47:00 PM EDT.)



===========================

John Bambenek

bambenek - at - gmail.com

http://decision.csl.uiuc.edu/~bambenek
Keywords:
0 comment(s)
Diary Archives