Threat Level: green Handler on Duty: Jan Kopriva

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2004-03-12 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Compaq Web Management, BJs Alerts of Possible Credit Card Theft

Published: 2004-03-12
Last Updated: 2004-03-13 03:32:48 UTC
by Dave Brookshire (Version: 1)
0 comment(s)
Immunity Advisory: Compaq Web Management Vulnerability

Immunity, Inc. released an advisory regarding a vulnerability in Compaq Web Management (HP HTTP).
"Compaq Web Management includes a number of daemons, which listen on a number of TCP ports, and also to SNMP requests. On port 2381, an SSL HTTP server runs. If the system is configured to let anonymous users browse it, a common configuration, then a bug in the validation system allows users to upload their own certificates to be trusted by the client system. This would allow that machine to be administered remotely via such mechanisms as Secure Task Execution. This is considered a cricical problem, as Compaq Web Management is often installed on every machine in an enterprise."

Complete advisory is available at:

http://www.immunitysec.com/downloads/hp_http.sxw.pdf

Banking Group Comments on "Phishing" Losses

"Phishing" schemes have been increasing in frequency over the past year. These usually involve messages sent to users' e-mail boxes claiming to come from banks, e-bay, paypal, etc... and then direct users to a web site that appear to be legitimate. From that web site, users are asked to provide personal and/or financial details that may be used for identity theft or other forms of fraud.

The Austrailian Bankers' Association comments in a ZDNet article that the losses from these schemes "are not material enough" to warrant boosting online banking security, compared to "other forms of graft such as credit card fraud."

http://news.zdnet.co.uk/internet/security/0,39020375,39148259,00.htm

BJ's Wholesale Club Alerts Members of Potential Credit Card Leak

BJ's has issued a press release stating that a small fraction of its 8 million members may have been affected by a compromise that may have resulted in the theft of their credit card information. BJs has made additional customer care representatives available to assist members whose credit card may have been stolen. If you suspect unauthorized use of any credit card used at BJ's, you should report it to the credit card issuer or bank. Additional questions should be directed to 1-800-BJS-CLUB.

More Information is available at:

http://www.bjs.com/news/content/item234.shtml

http://www.msnbc.msn.com/id/4516301/

http://money.cnn.com/2004/03/12/news/companies/bj.reut/

------------------------------


Dave Brookshire, SANS Handler-on-Duty

Keywords:
0 comment(s)
Diary Archives