Friday Infosec Grab Bag
Here are some links to odds and ends that came to us through the day today. Thanks, readers, for your links and comments!
Updated TrendMicro Rogue DNS Servers
Apache HTTP Server Mod_Status Cross-Site Scripting Vulnerability
Multiple Vulnerabilities in IBM DB2 Universal Database:
IBM DB2 Universal Database Multiple Race Condition Vulnerabilities (root access)
IBM DB2 Universal Database Directory Traversal Vulnerability (root access)
IBM DB2 Universal Database Multiple File Creation Vulnerabilities (privilege elevation)
IBM DB2 Universal Database Directory Creation Vulnerability (privilege elevation)
IBM DB2 Universal Database Multiple Untrusted Search Path Vulnerabilities (root access)
IBM DB2 Universal Database buildDasPaths Buffer Overflow Vulnerability (root access)
Vendor response: V8 V9
Cisco IOS Vulnerability Cisco's forum discussion
Marcus H. Sachs
Director, SANS Internet Storm Center
College Students
We don't have any reports of significant increases in malicious traffic (yet) but just as a reminder to sysadmins around the world many colleges and universities are welcoming back their students this weekend and next weekend. Due to the world-wide spread of malware through the Storm Worm over the past several months we expect that all of those infected laptops will have a field day once they connect to the university networks.
Marcus H. Sachs
Director, SANS Internet Storm Center
Yo, Skype! What's the Deal?
As reported in a diary yesterday, the Skype VoIP service has been down for well over a day. Many of our readers report that they still can't get their clients to connect, while others say it's working fine. According to Skype, all is well and everybody should be happy.
So what is really going on? Was it just a "software problem" as Skype says? Here are some ideas to consider:
- Was the Skype outage caused by the publication of a Skype DoS exploit?
- Was it caused by the mandatory reboot after Microsoft's Patch Tuesday?
Both theories are referenced at http://colsec.blogspot.com/2007/08/skype-outage-last-24-hours.html
Unless something "new" comes up, we ask that you keep an eye on Skype's heartbeat blog for further unfolding details. (Thanks, Roland, for the links!)
UPDATE:
Ronaldo reminded us of the Snort Skype Preprocessor posted a few days ago. A preprocessor that detects/blocks Skype....hmmm....
Marcus H. Sachs
Director, SANS Internet Storm Center
Comments