Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2004-12-16 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Samba vulnerability, Veritas BackupExec vulnerability, PowerPoint attachments, and some light reading.

Published: 2004-12-16
Last Updated: 2004-12-17 03:23:15 UTC
by Erik Fichtner (Version: 1)
0 comment(s)
Samba vulnerability, Veritas BackupExec vulnerability, PowerPoint attachments, and some light reading.




Samba 2.x, 3.0.0 - 3.0.9 vulnerability



A vulnerability in Samba has been discovered that could allow a remote attacker
to obtain superuser access to a vulnerable Samba server. This vulnerability is
post-authentication, meaning that the attacker needs some valid login credentials
before exploitation.

Patches and a corrected release 3.0.10 are available at

http://www.samba.org/




Veritas BackupExec Agent vulnerability



A remote vulnerability in Veritas BackupExec Agent has been discovered. This vulnerability is especially serious as it does not require any authentication before the service can be exploited, and by their very nature, backup servers
tend to both be reachable by, and have access to, a large number of systems
within an organization. If you run BackupExec, patches are available for both
Version 8.6.x

http://seer.support.veritas.com/docs/273422.htm
and Version 9.1.x

http://seer.support.veritas.com/docs/273420.htm



Even if you do not run BackupExec, now would be a good time to think about the
security implications of your backup network and backup servers.



PowerPoint Attachments Considered Harmful



http://www.securityfocus.com/archive/1/384726/2004-12-13/2004-12-19/0

A recent message over on the Bugtraq mailing list brings up an interesting
idea about the malicious use of PowerPoint presentation documents and their ability to slip past most corporate email gateways. While the attack described
is hardly new, it reminds us that none of the modern helpful file formats were
designed with security in mind, and that you must always be on guard. Even if
you know the person who sent you that file in your email; if you're not already
expecting to receive it, do yourself (and others) a favor and don't open it.
To paraphrase Smokey The Bear; "Only you can prevent virus outbreaks."



In closing...


Some people have way too much free time. Several of the handlers tip their hats
to you.

< http://invisiblethings.org/papers/passive-covert-channels-linux.pdf >
Keywords:
0 comment(s)
Diary Archives