Source: Xatrix
When PGPfire is installed on a system, the default Windows TCP stack is replaced with a PGPfire versione. The altered TCP stack produces responses uncharacteristic of any other operating system.
This allows a remote user to fingerprint and identify sensitive systems, and could result in an organized attack against sensitive/vulnerable resources.
Source: SNP
l33tdawg: I've got a guy on my ICQ list who says that this isn't true -- the reason being he actually worked on development of SubSeven, and claims that this report is fake. Hmmmz... seems like a dubious claim to me, but all the same, I'll guide him here so he can post his comments/arguments for all of you.
Source: ZDNet
Corporations across America are opening their doors to hackers when they set up wireless networks--or when their employees set them up behind their backs. "We came across a company with one of these networks. All their source code, everything was available," said Thubten Comberford of White Hat Technologies, a wireless security firm. "This network was beaconing, 'log onto me'...It basically had its Rolls-Royce parked in the driveway, engine running, with a sign saying 'steal me.'"
Source: NewsBytes
A security hole in America Online's [NYSE: AOL] popular Internet chat software could allow remote attackers to execute malicious programs on the users' computer, a government-funded security watchdog warned today.
Source: CERT.org
CERT Advisory CA-2002-02 Buffer Overflow in AOL ICQ
Original release date: January 24, 2002
Last revised: --
Source: CERT/CC
A complete revision history can be found at the end of this file.
Systems Affected
* AOL Mirabilis ICQ Versions 2001A and prior
* Voice Video & Games plugin installed with AOL Mirabilis ICQ
Versions 2001B Beta v5.18 Build #3659 and prior
Overview
Source: NewsBytes
RealNetworks [NASDAQ:RNWK] will release a patch for a security flaw in its RealPlayer 8 software that could allow a rogue site to crash the player and potentially execute malicious code.
According to a company spokesperson, the patch will correct a buffer overflow bug reported to RealNetworks last week by Tim Morgan, an Oregon-based security expert. The media firm will distribute the patch to users through its automatic update service beginning Friday.
Source: NewsBytes
CNet Catchup, a popular Windows software update utility, contains a security vulnerability that could enable a remote attacker to run malicious code on the user's computer.
According to CNet Networks' Catchup Dispatch newsletter, distributed Jan. 23, the vulnerability affects all previous versions of Catchup and allows an attacker "to launch Catchup and execute arbitrary code on a user's system."
Source: Xatrix
L33tdawg: While the exploit available allows an attacker to run any command as the user who runs the webserver (in most cases this is nobody), I believe the extent of damage that is possible is probrably limited -- unless of course you're crazy enough to be running Apache as root! :)
Version Affected:
1.2.2
Source: Vnunet
Mysterious hackers are targeting PCs with vulnerable 6112 ports, security authority the Sans Institute said this week.
The number of scans destined for port 6112 (dtspc) have increased fivefold since 21 January and Sans believes that this is because exploits exist for vulnerabilities on this port and systems are being compromised and backdoored. vnunet.com reported that this port was being actively exploited last week.
Source: Zero Security
A security vulnerability in Linux allows remote attackers to cause the remote OS to return chucks of "userland" memory (unrestricted memory). This would pose an information leak, possibly allowing gaining of sensitive information.
Systems affected:
Linux
Solaris
It is possible to read parts of a remote machines memory. To be specific, it would have to be memory recently freed/swapped to disk.
