Thursday, July 26, 2007

Cisco outlines fix for ARP storms

Network World

Virus and Bug Patch Alert




Network World's Virus and Bug Patch Alert Newsletter, 07/26/07

Cisco outlines fix for ARP storms

By Jason Meserve

Today's bug patches and security alerts:

New Cisco advisory outlines fix for ARP storms on wireless LANs

Cisco has just released a new security advisory that details what caused the address storms that recently afflicted Duke University's wireless net. The advisory, posted on the company’s Web site, says that Cisco’s wireless LAN controllers have "multiple vulnerabilities in the handling of Address Resolution Protocol (ARP) packets." These vulnerabilities "could result in a denial of service (DoS) in certain environments." The vendor is offering free software to patch this problem, and notes that "there are workarounds to mitigate the effects of these vulnerabilities."

Network World Security Buyers Guide

Find the right security products for your enterprise - fast. From anti-spam to wireless LAN security, our Buyers Guides have detailed information on hundreds of products in more than 20 categories. With the side-by-side comparison tool you can evaluate product features to make the best decision for your enterprise.

Click here to go to the Security Buyers Guide now.

Cisco advisory

**********

Users urged to patch serious hole in BIND 9 DNS server

A security researcher has reported a serious vulnerability in BIND 9, the software widely used in the Internet's DNS addressing system. The vulnerability in BIND 9 could allow an attacker to force the DNS server to return an incorrect Web site to a user, a trick known as DNS cache poisoning, or pharming. IDG News Service, 07/25/07.

SANS Internet Storm Center advisory

Patches:

Debian

OpenPKG

Mandriva

Ubuntu

**********

Researchers claim first iPhone vulnerability; exploit steals data, operates phone

Three security researchers claimed Sunday that they have found the first exploitable vulnerability in Apple's iPhone, a flaw that allows them to steal any data from the device or even to turn it into a remote surveillance tool. Computerworld, 07/23/07.

Also:

Consumer Reports: iPhone Hacking Raises Security Concerns for all Smartphone Users

**********

Researcher publishes attack code for Mozilla flaw

Mozilla is working on patching its Firefox browser after a hacker posted details of a flaw that could let criminals run unauthorized software on a victim's machine. The flaw lies in Firefox's URL handler component, which was the source of another bug, disclosed Tuesday by Mozilla. IDG News Service, 07/25/07.

Mozilla advisory

Blog: Remote Command Execution in FireFox et al

**********

Five new updates from Gentoo:

MPlayer (multiple buffer overflows, code execution)

MIT Kerberos 5 (code execution, root privileges)

Festival (privilege escalation)

GIMP (multiple integer overflows, code execution)

NVClock (code execution)

**********

Two new patches from Debian:

tcpdump (integer overflow, code execution)

ImageMagick (multiple flaws)

**********

Five new fixes from Debian:

ClamAV (denial of service)

Iceape (multiple flaws)

Iceweasel (multiple flaws)

Xulrunner (multiple flaws)

Firefox (multiple flaws)

**********

Today's malware news:

Funny.zip

There's a fairly large seeding of Trojan-Downloader.Win32.Agent.brk going on. The e-mail messages that are sent typically contain funny.zip as the attachment. E-mail subjects vary but are typically "spammy" in nature. F-Secure Blog, 07/25/07.

Poisoned Web sites soar sixfold, Sophos says

The number of infected Web pages has soared nearly sixfold since the first of the year, according to security company Sophos. Detailed in a just-released threat report, the spike shows just how widespread Web attacks have become, Sophos said today. In June, the company detected an average of almost 30,000 newly-infected pages each day; earlier in the year, the tally was as low as only 5,000 new pages daily. Computerworld, 07/25/07.

**********

From the interesting reading department:

Black Hat/Defcon hackfests next week promise rollicking action

Rigorous and sometimes raw disclosure of network vulnerabilities will all be part of the action at next week’s back-to-back hackfests, Black Hat and Defcon in Las Vegas. Network World, 07/23/07.

Study: Largest vendors account for fewer software flaws

The top 10 most vulnerable software vendors are contributing a smaller percentage of all vulnerability disclosures per year compared to five years ago, a study by IBM's Internet Security Systems X-Force team has found. Computerworld, 07/25/07.

Free security tool ferrets out unpatched software

A Danish security vendor is offering a free tool designed to inform users when their applications need patching. IDG News Service, 07/24/07.

McAfee sets Rootkit Detective free

The freeware program promises the ability to find and remove so-called rootkits -- self-cloaking malware attacks that install themselves as kernel modules or drivers and are most often used to hide other types of threats such as keyword-logging programs -- and send data about the attacks that are discovered back to McAfee. Computerworld, 07/25/07.

'Dangling pointers' more dangerous than thought, says security vendor

An issue largely ignored because the security risk was deemed only theoretical might soon become a significant and dangerous security risk, according to Web application security vendor Watchfire. Computerworld, 07/23/07.

Ransomware

How do you protect yourself? Keep your data backed up -- often -- in a manner that cannot be infected by ransomware. Keep multiple backup sets so you can restore your data to some point in the past, not just the last time a backup was made (your last backup may contain the infection). Gibbsblog, 07/23/07.

Fox News server found unsecured

Security analysts spotted a gaping security hole in Fox News Network's Web site on Monday, revealing file directories and sensitive content, although it appears the problem has been fixed. IDG News Service, 07/23/07.

Online communities a godsend for IT managers, survey says

Study shows IT managers who participate in online communities for troubleshooting, systems and security management, and application deployment benefit professionally by saving time when solving IT problems. Network World, 07/23/07.

A lesson from an answering machine: the importance of input anchoring in password recognition

I recently made a discovery that shows the importance of anchoring the input when trying to match a password. By this I mean that there should be no extra characters accepted either before or after the password (i.e., no extra characters that could be part of the password). Unanchored matching greatly weakens the defense against brute forcing the password. Symantec Security Response Weblog, 07/24/07.

Black Hat: Researchers say forensics software can be hacked

The software that police and enterprise security teams use to investigate wrongdoing on computers is not as secure as it should be, according to researchers at iSec Partners Inc. Network World, 07/25/07.


  What do you think?
Post a comment on this newsletter

TODAY'S MOST-READ STORIES:

1. Hogwarts IT director quits
2. Serious hole in BIND 9 DNS server
3. Free security tool ferrets out unpatched software
4. Cisco outlines fix for ARP storms on WLANs
5. 12 IT skills that employers can't say no to
6. Cisco outlines vision for the new data center
7. Security team claims successful iPhone hack
8. What will Windows 7 look like?
9. 11 corporate anthems to die for
10. Andreessen thanks EDS/Cisco for $138M

MOST E-MAILED STORY:
Hogwarts IT director quits


Contact the author:

Jason Meserve is Network World's Multimedia Editor and writes about streaming media, search engines and IP Multicast. Check out his Multimedia Exchange Weblog.

Check out Jason Meserve and Keith Shaw's weekly podcast "Twisted Pair"



ARCHIVE

Archive of the Virus and Bug Patch Alert Newsletter.


BONUS FEATURE

IT PRODUCT RESEARCH AT YOUR FINGERTIPS

Get detailed information on thousands of products, conduct side-by-side comparisons and read product test and review results with Network World’s IT Buyer’s Guides. Find the best solution faster than ever with over 100 distinct categories across the security, storage, management, wireless, infrastructure and convergence markets. Click here for details.


PRINT SUBSCRIPTIONS AVAILABLE
You've got the technology snapshot of your choice delivered to your inbox each day. Extend your knowledge with a print subscription to the Network World newsweekly, Apply here today.

International subscribers, click here.


SUBSCRIPTION SERVICES

To subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here.

This message was sent to: security.world@gmail.com. Please use this address when modifying your subscription.


Advertising information: Write to Associate Publisher Online Susan Cardoza

Network World, Inc., 118 Turnpike Road, Southborough, MA 01772

Copyright Network World, Inc., 2007

No comments:

Post a Comment