Threat Level: green Handler on Duty: Remco Verhoef

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2006-01-08 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Handler Candy

Published: 2006-01-08
Last Updated: 2006-01-09 01:20:30 UTC
by Dave Brookshire (Version: 1)
0 comment(s)
And now for something completely different...

Given the ongoing WMF saga for the past two weeks,  here's some Sunday Brain Candy(TM) to help you readers relax and get ready for next week:

Podcast Candy
  • Rocketboom [Warning: we've had one user report that the page handled the quicktime plug-in oddly, and ended up crashing his Firefox browser.]

Visual Candy
Aural Candy

This is a quick ambient piece of mine that I hope you will sit back and enjoy.  On behalf of the Handlers, thanks for all the help and support during the WMF analysis.  (Released using the Creative Commons License, so no copyright issues here!)
Have a pleasant Sunday evening, everyone!

------------------------
Dave Brookshire
Keywords:
0 comment(s)

Apple AirPort Firmware Update

Published: 2006-01-08
Last Updated: 2006-01-08 19:05:51 UTC
by Dave Brookshire (Version: 1)
0 comment(s)
On Thursday, Apple released an update to their AirPort firmware that
fixes a vulnerability (CVE-ID: CVE-2005-3714) that would allow an
attacker to craft packets causing an AirPort Base Station to
stop responding--therefore, denial of service.

Update is available from the "Software Update" pane in the System
Preferences, or from Apple's Software Download site:

http://www.apple.com/support/downloads/

Information will also be posted to the Apple Product Security web site:

http://docs.info.apple.com/article.html?artnum=61798

Keywords:
0 comment(s)

Blue Coat WinProxy Vuln

Published: 2006-01-08
Last Updated: 2006-01-08 18:08:44 UTC
by Dave Brookshire (Version: 1)
0 comment(s)
Blue Coat Systems WinProxy Vulnerability, Patch and remote exploit announced.  Exploit code has been published and according to the iDefense Advisory "Exploitation .... is trivial" and "allows for the remote execution of arbitrary code by attackers."

http://www.idefense.com/intelligence/vulnerabilities/display.php?id=364

"iDefense has confirmed this vulnerability in WinProxy 6.0. All previous
versions are suspected to be vulnerable.".

Patch - WinProxy 6.1a
http://www.winproxy.com/

Common Vulnerabilities and Exposures (CVE) project has assigned the
name CAN-2005-4085
http://cve.mitre.org/

Keywords:
0 comment(s)

2006, Week 1: A Look at the Numbers

Published: 2006-01-08
Last Updated: 2006-01-08 16:21:54 UTC
by Dave Brookshire (Version: 1)
0 comment(s)
The first week of the new year has been a pretty busy one for the Handlers, mostly surrounding the WMF issue.  At last count, 1740 e-mail messages have gone through the Handlers list, for an average of 247 messages per day.  Of those, the term "WMF" appeared in a subject line 989 times.  Of the total, there were 834 unique 'From' addresses.  I remember, when I first joined the Handlers, a busy day was in the neighborhood of 40 messages.  Whew.

Here's hoping the rest of 2006 smooths out a bit.

-----------------------
Dave Brookshire

Keywords:
0 comment(s)
Diary Archives