Threat Level: green Handler on Duty: Manuel Pelaez

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Windows 98 support extended. Reports of SQL Slammer, Solaris TTYPROMPT compromises

Published: 2004-01-12
Last Updated: 2004-01-12 20:51:23 UTC
by Joshua Wright (Version: 1)
0 comment(s)
Windows 98 Support Extended

The ZD Net news service is reporting that Microsoft has announced a reprieve for the discontinuance of support for Windows 98. Organizations should use this extra time to plan a migration path away from Windows 98 in order to continue receiving security updates and patches in the future.

Link:

http://news.zdnet.co.uk/software/windows/0,39020396,39119028,00.htm

SQL Slammer Activity

One organization reported a recent increase in the number of SQL Slammer infections. Just a reminder that SQL Slammer is still a very real threat if you are running unpatched versions of MS SQL Server 2000 or the Microsoft Desktop Engine (MSDE). Microsoft patches MS02-039 and MS02-061 are needed to resolve the vulnerability exploited by SQL Slammer. Organizations should consider maintaining filters on routers and firewalls for UDP/1434 to stop SQL Slammer activity from entering and leaving your network.

Links:

http://www.cert.org/advisories/CA-2003-04.html
http://www.microsoft.com/technet/security/virus/alerts/slammer.asp

Solaris TTYPROMPT Exploits in use

At least one organization has reported Solaris 8 systems being exploited with the Solaris TTYPROMPT vulnerability. This vulnerability affects the Solaris telnet service and permits a remote attacker to gain access to privileged user accounts. SunSolve patch 110668-03 is needed to fix this vulnerability on Solaris 8. This vulnerability was announced on the BUGTRAQ mailing list on 18-JAN-2002.

Links:

http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F28063
http://www.securityfocus.com/bid/5531/info/

-Joshua Wright
Keywords:
0 comment(s)
Diary Archives