Friday Security Notes

Published: 2007-02-02
Last Updated: 2007-02-02 18:32:40 UTC
by Kevin Liston (Version: 2)
0 comment(s)
Just a few things to read/follow-up/keep-an-eye-on over the weekend:

Wireshark announced a few Denial of Service vulnerabilities (i.e. it sees certain traffic and crashes) yesterday:

Release notes are available:

Exploit code is available Computer Associates BrightStor ARCserve Backup LGSERVER.EXE
The targeted service listens on TCP/1900.  The example exploit sets up a shell on TCP/4444 (but that's trivial to change)
Dshield notes a bit of a peak:
Concentrated activity towards TCP/4400 is a bit less obvious.

Cisco Vulnerabilities, there were a few issues identified by Cisco this week.  Keep an eye/ear/SEC-rule out for "instability issues" on your routing infrastructure.  For current details:
0 comment(s)


Diary Archives