Threat Level: green Handler on Duty: Rick Wanner

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2004-01-12 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Windows 98 support extended. Reports of SQL Slammer, Solaris TTYPROMPT compromises

Published: 2004-01-12
Last Updated: 2004-01-12 20:51:23 UTC
by Joshua Wright (Version: 1)
0 comment(s)
Windows 98 Support Extended

The ZD Net news service is reporting that Microsoft has announced a reprieve for the discontinuance of support for Windows 98. Organizations should use this extra time to plan a migration path away from Windows 98 in order to continue receiving security updates and patches in the future.

Link:

http://news.zdnet.co.uk/software/windows/0,39020396,39119028,00.htm

SQL Slammer Activity

One organization reported a recent increase in the number of SQL Slammer infections. Just a reminder that SQL Slammer is still a very real threat if you are running unpatched versions of MS SQL Server 2000 or the Microsoft Desktop Engine (MSDE). Microsoft patches MS02-039 and MS02-061 are needed to resolve the vulnerability exploited by SQL Slammer. Organizations should consider maintaining filters on routers and firewalls for UDP/1434 to stop SQL Slammer activity from entering and leaving your network.

Links:

http://www.cert.org/advisories/CA-2003-04.html
http://www.microsoft.com/technet/security/virus/alerts/slammer.asp

Solaris TTYPROMPT Exploits in use

At least one organization has reported Solaris 8 systems being exploited with the Solaris TTYPROMPT vulnerability. This vulnerability affects the Solaris telnet service and permits a remote attacker to gain access to privileged user accounts. SunSolve patch 110668-03 is needed to fix this vulnerability on Solaris 8. This vulnerability was announced on the BUGTRAQ mailing list on 18-JAN-2002.

Links:

http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F28063
http://www.securityfocus.com/bid/5531/info/

-Joshua Wright
Keywords:
0 comment(s)
Diary Archives