Happy Valentine's Day

It has been a relatively quiet Valentine's Day. I hope all of you out there had nice ones with your loved ones.

ARCserve probes?

On Friday, 11 Feb, cybertronic released an exploit for an apparently previously unknown vulnerability in ARCserve on a popular mailing list. On Saturday, 12 Feb, a Metasploit plugin was released that also exploits this vulnerability. Based on observations from a reader and it appears that there is active scanning for this vulnerability on TCP port 41523. If anyone has packet captures of this traffic, we'd appreciate a copy.

OWA issue

One of my Local Mentor students, pointed out there was a bulletin about an exploit for Outlook Web Access (OWA) published on 25 Jan by exploitlabs, that I don't think we covered here. Many companies have OWA set up for their employees as a convenience. This exploit allows attackers to redirect login to any URL they desire and could be used to gather usernames and passwords. No patch has yet been released, but Microsoft says it will be fixed in the next major release of Exchange.

New Opera version

A new version of one of the more popular alternative web browsers, Opera (v7.54u2) was released in the last day or two, which fixes a and a .


=========================

Jim Clausing, jclausing(at)isc.sans.org