Threat Level: green Handler on Duty: Remco Verhoef

SANS ISC: Outlook Express Weakness / Solaris Apache Bug / Winamp Exploitation / Translations / End of Internet / Social Engineering Story - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Outlook Express Weakness / Solaris Apache Bug / Winamp Exploitation / Translations / End of Internet / Social Engineering Story
Outlook Express Weakness

Today we received a report from Juha-Matti Laurio. He reported a flaw in Outlook Express 6, which may disclose email addresses in "BCC:" fields to other recipients when sending multipart messages, which is disabled by default.

This weakness was confirmed by our ISC Handler Lorna, which gave a simple and complete explanation:

"Just like fragmentation...only the first email from the fragmented original
message contains the Bcc list."


Juha-Matti also reported it to Secunia, which published an advisory about it with more details.


Reference: http://secunia.com/advisories/12376/

Solaris Apache Bug

Another interesting advisory from Secunia is about Multiple Vulnerabilities in Apache for Sun Solaris. "These vulnerabilities can be exploited to bypass certain security restrictions, cause a DoS (Denial of Service), or potentially compromise a vulnerable system."


Time to Patch!


Reference: http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57628
http://secunia.com/advisories/12377/



Winamp Exploit used in the wild


We received information about Winamp vulnerability being exploited. An exploit is already public available and is reported being used in the wild.

Reference: http://secunia.com/advisories/12381/



Translations

ISC Handler Tom Liston, on his diary on August 23rd, on the 'Follow the Bouncing Malware, Part II' topic,mentioned:



"...And some downright bizarre stuff:

Hara Hara Mahadev !!!

tum agar badshah hai to hum eespeek ka yekka!

(Would anyone care to enlighten me?)"



A reader sent the translation to us:


"This appears to be Hindi, the translation of which is approximately:


Illuminating, Illuminating Eminence!!!

If you are a king then accept a lesson of a bug!"


and


"Hara Hara Mahadev !!!

tum agar badshah hai to hum eespeek ka yekka!"



Green green big king!!!

If you are a king then we are Ace of (what ever eespeek is)


End of Internet

An update about 'The End of Internet' prediction came from VirusList website.

According the VirusList website, some news agencies misinterpreted Kaspersky words.
"...The story stems from brief comments made
yesterday at a press conference which was dedicated to cybercrime and the
problems of spam.

At this press conference, Kaspersky commented that the possibility of
terrorists using the Internet as a tool to attack certain countries was
a reality. As an example, he cited the fact that a number of Arabic and
Hebrew language websites contained an announcement of an 'electronic
jihad' against Israel, to start on 26th August 2004."



Reference: http://www.viruslist.com/eng/index.html?tnews=461517&id=2100900

Social Engineering

This is a little story about social engineering and what you could do to avoid future problems.

Average Joe's wife received a phone call about 7:00pm from an alleged employee of Joe's adsl phone company provider, offering a software called SoS-Phone, to be installed in Joe's computer, to enhance the internal network security, for a cost of only 1 dollar/month. For that, he had to arrange a visit to Joe's house to check the computer environment.

Average Joe's wife ask the guy to call later because she had to talk to his husband first and he wasnt there. Then, she called his brother-in-law asking about that, because Joe's brother works in the security department of the same Phone Company!:) and then discovered that there was no such product!

Possible usage of this attack:

- Install malicious software to steal credit card number, passwords...

- Use this to get into your home and rob your house

- ...

In this example, if she wasn't lucky enough to have someone that she could verify, she could follow some steps to identify such scams:

- Check with the company if such product really exists, using 800 numbers, internet...

- Ask for name and a phone number that you could call back and verify the credentials

- use your common sense



believe...this CAN happen...

I am Joe's brother and this happened yesterday...:)

------------------------------------------------------------------

Olympic Games 2004 Status: Brazil 2 Gold/ 1 Silver/ 2 Bronze

Handler on Duty: Pedro Bueno <bueno/AT/ieee.org>
Pedro

155 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!