Net-Sec newsletter Issue 20 - 03.07.2000 http://net-security.org Net-Sec is a newsletter delivered to you by Help Net Security. It covers weekly roundups of security events that were in the news the past week. Visit Help Net Security for the latest security news - http://www.net-security.org. Subscribe to this weekly digest on: http://www.net-security.org/text/newsletter Table of contents: 1) General security news 2) Security issues 3) Security world 4) Defaced archives General security news --------------------- ---------------------------------------------------------------------------- SECURITY CHECKS CRASH ROUTERS Red-faced networking giant Cisco has been forced to warn customers that its routers can crash when tested for security vulnerabilities by security scanning software programs. Link: http://www.vnunet.com/News/1104718 SECURE MESSAGING Critical Path detailed a suite of secure messaging services designed to help enterprises protect information assets such as engineering drawings, financial documents, and legal agreements transferred over the Internet. Link: http://www.infoworld.com/articles/hn/xml/00/06/26/000626hncritical.xml UK BACKS OFF AWAY FROM RIP BILL CNN reports that the U.K. government is backing away from some of the more controversial aspects of its e-mail surveillance bill (Regulation of Investigatory Powers - RIP) currently under consideration in the House of Lords. Link: http://www.cnn.com/2000/TECH/computing/06/26/cybersnoop.idg/index.html CRACKED! PART 6: TELKING WITH THE ENEMY "Soon after rebuilding the system I started talking to someone on IRC that identified themselves as the person that had cracked our system. He was connecting from the same places that the cracker had been coming from and seemed to know things that only the cracker would have known, so I decided to take him at face value. Over the first couple of weeks we talked about a variety of subjects. I have selected some of the most interesting bits and grouped them together to give an idea of the flavor of the conversations. It was an interesting window into the mind of someone living a very different life." Link: http://www.rootprompt.org/article.php3?article=588 SCENES FROM THE "HACKERS" HOOD "The impression that most people fail to get from regular attacks is how trivial they are," said Elias Levy, chief technology officer of SecurityFocus.com. "These people tend to choose their targets pretty much at random - or whoever bothers them that day, or pisses them off." Link: http://www.wired.com/news/culture/0,1284,37238,00.html VIRUS SCAN FOR HANDHELDS It looks like McAfee is now offering virus scanning software for handheld computers. Altought there are no viruses for handhelds, there is an option to infect when you sync your handheld and your PC. Contributed by Brian. Link: http://www.mcafee.com/wireless/handscan/default.asp? MATTEL AND PRIVACY In response to public complaints about privacy, Mattel Interactive announced that the company would provide a tool that removes software that was surreptitiously placed on customers' computers and is designed to transmit and receive information to Mattel. Link: http://abcnews.go.com/sections/business/DailyNews/mattel000624.html BANK DETAILS SNATCHED A man calling himself 'Kelly' rang ABC radio station 2BL claiming he had accessed company details from the GST information site www.gstassist.gov.au, which contains the details of about 27,000 businesses. According to ZDnet AU, he said that he he simply used a inserted numbers between 1 and 27,000 into a CGI output and it retrieved records. Contributed by Apocalyse Dow. Link: http://www.zdnet.com.au/zdnn/stories/zdnn_display/au0003700.html NIKE HIJACKING, PART II Nike.com hijacking received a sequel - when Nike's website was hijacked last week, traffic was redirected through one man's Web servers in the U.K., bogging them down and costing his Web hosting company time and money (at least he says so). Now he is suing Nike and he created "Shame on Nike" web site. Link: http://www.wired.com/news/politics/0,1283,37286,00.html Link: http://www.shameonnike.com/ LOVE LETTER CREATOR CHARGED Onel de Guzman is charged for writting the Love Letter worm. The National Bureau of Investigation will charge de Guzman "traditional" crimes such as theft and violation of a law that normally covers credit card fraud. If charged maximum penalty of 20 years in prison. COMPUTER ASSOCIATES REBUFFS SOPHOS ALLEGATIONS Simon Perry, Computer Associates' vice president, told Newsbytes that he viewed Sophos' comments as irrelevant, adding that the approach his firm takes with warnings customers about viruses is to warn them of any potential problems, for whatever reason. "Our reporting of viruses to our customers has drawn kudos, both from customers and the industry at large," he said, adding that the company aims to quickly let people know what the latest virus is and what the associated dangers are. Link: http://www.computeruser.com/news/00/06/30/news19.html STUDENT ADMITS GOVERNMENT ATTACKS A university student admitted in Boston federal court to breaking into U.S. government computers including Defense Department and NASA systems. Ikenna Iffih, a student at Northeastern University's College of Computer Science, pleaded guilty to a series of coast-to-coast cyber attacks before U.S. District Judge Robert Keeton late on Thursday. Link: http://www.wired.com/news/politics/0,1283,37352,00.html SEGA DREAMCAST COPYRIGHT PROTECTION BROKEN The Dreamcast game system has been viewed as one of the most secure digital entertainment systems on the market. It looks like it is not so secure. Group called Utopia has broken through copyright protections of the system. Link: http://news.cnet.com/news/0-1005-200-2181596.html?tag=st.ne.1005.sndstry.ni LEE ASHURT'S POINT OF VIEW Lee Ashurst accused of hacking into and sabotaging the Internet service Etisalat, has filed a defamation suit in Dubai against them. He has also set up a site with his opinion on the whole situation. Link: http://www.supportlee.4mg.com/ ISSUE DISCLOSURE POLICY Lewis Z. Koch did an article on Rain Forrest Puppy's "issue disclosure policy", a text dealing with reporting vulnerabilities to vendors. First version of this text file was sent to Bugtraq approximately 3 weeks ago. Link: http://mcafee.snap.com/main/page/pcp/cd/0,85,-1716-1431464-397786,00.html ---------------------------------------------------------------------------- Security issues --------------- All vulnerabilities are located at: http://net-security.org/text/bugs ---------------------------------------------------------------------------- IE 5 AND EXCEL 2000, POWERPOINT 2000 VULNERABILITY Internet Explorer 5.01, Excel 2000 and PowerPoint under Windows 98 (suppose other versions are also vulnerable, have not tested) allow executing programs when viewing a web page or HTML email message - in the latter case at least with IFRAME. This allows taking full control over user's computer. Link: http://www.net-security.org/text/bugs/962198313,44285,.shtml IE 5 AND ACCESS 2000 VULNERABILITY Internet Explorer 5.01 and Access 2000 under Windows 98 (suppose other versions are also vulnerable) allow executing programs when viewing a web page or HTML email message - (in the latter case with IFRAME). This allows taking full control over user's computer. Link: http://www.net-security.org/text/bugs/962198423,71032,.shtml PATCH FOR "ACTIVE SETUP DOWNLOAD" PROBLEM Microsoft has released a patch that eliminates a security vulnerability in an ActiveX control that ships with Microsoft Internet Explorer. The vulnerability could be used to overwrite files on the computer of a user who visited a malicious web site operator's site. Link: http://www.net-security.org/text/bugs/962463758,19962,.shtml DOS IN MICROSOFT WINDOWS 2000 SERVER Multiple ports and protocols on Microsoft Windows 2000 Server are susceptible to a simple network attack which raises CPU utilization on Windows 2000 Server to 100%. Link: http://www.net-security.org/text/bugs/962540960,71332,.shtml DOS IN CHECK POINT FIREWALL-1 ON WINDOWS NT The SMTP Security Server component of Check Point Firewall-1 4.0 and 4.1 is vulnerable to a simple network-based attack which raises the firewall load to 100%. Link: http://www.net-security.org/text/bugs/962541047,22517,.shtml DOS IN MICROSOFT WINDOWS 2000 TELNET SERVER Microsoft Windows 2000 Server is supplied with a Telnet server for remote console access. A Denial of Service vulnerability exists in this server which may be exploited by a local or remote attacker. Link: http://www.net-security.org/text/bugs/962541114,23868,.shtml BOA WEBSERVER LOCAL PATH PROBLEM BOA Webserver is a small fast webserver that supports only basic functions. It beats the pants off of apache for speed however, the only problem is that it does not do any URL parsing. It admits this (somewhere on the page it says you better lock down your file system real good), but the problem still remains. Basically you can specify the full local path to any file on a Boa webserver and out it spits the contents. i.e. Link: http://www.net-security.org/text/bugs/962541273,5729,.shtml [MANDRAKE] WU-FTPD UPDATE Wu-ftpd is vulnerable to a very serious remote attack in the SITE EXEC implementation. Because of user input going directly into a format string for a *printf function, it is possible to overwrite important data, such as a return address, on the stack. Link: http://www.net-security.org/text/bugs/962578199,96510,.shtml [MANDRAKE] - DHCP UPDATE The OpenBSD team discovered a vulnerability in it that allows for remote exploitation by a corrupt dhcp server, (or an attacker pretending to be a dhcp server). If this vulnerability is exploited, root access can be gained on the host running dhcp client remotely. The problem is that input is not checked and, as a result, it is possible to execute commands remotely when the network config files are being written on the dhcp client. Link: http://www.net-security.org/text/bugs/962578323,92268,.shtml ---------------------------------------------------------------------------- Security world -------------- All press releases are located at: http://net-security.org/text/press ---------------------------------------------------------------------------- CENTRAL COMMAND ANNOUNCES PERFECTSUPPORT - [26.06.2000] Today Central Command announced PerfectSupport, a new support service that provides mission critical antivirus support and services. This subscription service provides maximum virus protection to all organizations where virus prevention, and malicious application recovery is critical to their operation. This premium service includes unlimited toll-free phone support at any time and priority access to Central Command's Emergency Virus Response Team during virus outbreaks. Press release: < http://www.net-security.org/text/press/962040421,209,.shtml > ---------------------------------------------------------------------------- eWEEK CHALLENGES PUBLIC TO HACK THEM - [27.06.2000] In its second major test of Web enterprise security, Labs Interactive, by the editors of eWEEK, in conjunction with digital security services firm Guardent, has created an e-commerce site and is challenging the public to hack the site at openhack.com. Prize money of up to $2,500 will be awarded to the first hacker to crack the site which mimics a true corporate e-commerce network, including e-mail, Web server, a database application, remote access and five different operating systems. The challenge goes live on June 26 and runs through the first two weeks of July. Press release: < http://www.net-security.org/text/press/962098245,92659,.shtml > ---------------------------------------------------------------------------- GENUITY ANNOUNCES ENHANCED FIREWALL SERVICES - [27.06.2000] Genuity Inc., formerly GTE Internetworking, today announced significant new enhancements to the Site Patrol for FireWall-1 family of managed Internet security services. Designed to secure high-volume enterprise intranets and e-business extranets, new leading-edge features include the industry's first High Availability managed firewall service. Site Patrol uses StoneSoft Corporation's award-winning StoneBeat clustering technology with dynamic load balancing to ensure maximum availability, scalability and performance. In addition, a hot standby, High Availability option is also available for organizations with fixed throughput requirements. Press release: < http://www.net-security.org/text/press/962098361,38122,.shtml > ---------------------------------------------------------------------------- SECOND ANNUAL GLOBAL E-SECURITY CONVENTION - [28.06.2000] Baltimore Technologies, a global leader in e-security solutions, today announced the company's second annual Global e-Security Convention, focusing on the use of e-security to deliver secure, trusted business models and applications. Global e-Security 2000 is the most authoritative convention set up to educate delegates on the business and technology benefits of e-security. This convention will highlight PKI technology as an integral component of secure e-business with the ability to unleash endless opportunities for companies worldwide. Press release: < http://www.net-security.org/text/press/962198599,45835,.shtml > ---------------------------------------------------------------------------- CA ANNOUNCES ETRUST SINGLE SIGN-ON 6.5 - [28.06.2000] Computer Associates International, Inc., the world's leading eBusiness solutions provider, today announced the general availability (GA) of eTrust Single Sign-On (SSO) 6.5, the industry-leading secured access solution. The latest version of eTrust SSO provides a comprehensive solution for eBusinesses desiring integrated SSO and access control capabilities for existing client/server and Web-based applications from a single product. Press release: < http://www.net-security.org/text/press/962198695,70218,.shtml > ---------------------------------------------------------------------------- CYLINK ANNOUNCES GENERAL EELEASE OF NETHAWK - [29.06.2000] On June 23, Cylink Corporation began customer shipments of its NetHawk, the company's new high-speed virtual private network (VPN) appliance for secure, site-to-site Internet communications. NetHawk is an Internet Protocol Security (IPSec) solution that transparently integrates into the network, providing an enterprise-strength combination of performance and manageability. Press release: < http://www.net-security.org/text/press/962275562,59227,.shtml > ---------------------------------------------------------------------------- FREE LINUX FIREWALL RELEASED TO PUBLIC - [01.07.2000] NetMaster Networking Solutions, Inc. of Chilliwack, B.C., announced today they are making their Gateway Guardian Personal Edition firewall software available FREE for personal and non-profit use. It can be downloaded off their web site, www.GatewayGuardian.com, and also from over 100 download sites across the Internet. "We have done this to meet the increasing demand for firewall protection from families adopting high-speed cable, and DSL internet connections across Canada and the U.S.," said Steve Hemenway, NetMaster's Vice President of Sales and Marketing. Press release: < http://www.net-security.org/text/press/962464441,94200,.shtml > ---------------------------------------------------------------------------- INTERPOL AND ATOMICTANGERINE ANNOUNCE ALLIANCE - [01.07.2000] Companies worldwide will have new access to superior intelligence in their war against global cyber crime as a result of an innovative alliance between the private and public sector. Working directly with Menlo Park-based venture consulting powerhouse AtomicTangerine, famous Lyon, France-based Interpol has initiated a special relationship designed to deliver advanced intelligence collected by the law enforcement organization to corporations worldwide. Interpol is the world's pre-eminent organization supporting the prevention and detection of international crime. Press release: < http://www.net-security.org/text/press/962550257,75895,.shtml > ---------------------------------------------------------------------------- Defaced archives ------------------------ [25.06.2000] - Washington State Department of Social and Health Services Original: http://maa.dshs.wa.gov/ Defaced: http://www.attrition.org/mirror/attrition/2000/06/25/maa.dshs.wa.gov/ [26.06.2000] - Epson Original: http://www.epson.com.cn/ Defaced: http://www.attrition.org/mirror/attrition/2000/06/26/www.epson.com.cn/ [27.06.2000] - London Fire Brigade Original: http://www.londonfirebrigade.gov.uk/ Defaced: http://www.attrition.org/mirror/attrition/2000/06/27/londonfirebrigade.gov.uk/ [27.06.2000] - Counterpart Consortium Turkmenistan Original: http://www.cpart.org Defaced: http://www.attrition.org/mirror/attrition/2000/06/27/www.cpart.org/ [28.06.2000] - LSU School of Social Work Original: http://www.socialwork.lsu.edu/ Defaced: http://www.attrition.org/mirror/attrition/2000/06/28/www.socialwork.lsu.edu/ [29.06.2000] - The Bloodhound Gang Online Original: http://www.bloodhoundgang.com/ Defaced: http://www.attrition.org/mirror/attrition/2000/06/29/www.bloodhoundgang.com/ [29.06.2000] - HyperHog Internet Service Original: http://www.hyperhog.net/ Defaced: http://www.attrition.org/mirror/attrition/2000/06/29/www.hyperhog.net/ [30.06.2000] - Banco Union Colombiano Original: http://www.bancounion.com.co/ Defaced: http://www.attrition.org/mirror/attrition/2000/06/30/www.bancounion.com.co/ [30.06.2000] - Philippine Association for Open Computing Original: http://www.passoc.org/ Defaced: http://www.attrition.org/mirror/attrition/2000/06/30/www.passoc.org/ [30.06.2000] - The Undersecretariat of Foreign Trade Turkey Original: http://www.foreigntrade.gov.tr/ Defaced: http://www.attrition.org/mirror/attrition/2000/06/30/www.foreigntrade.gov..tr/ [01.07.2000] - White Force Original: http://www.whiteforce.com/ Defaced: http://www.attrition.org/mirror/attrition/2000/07/01/www.whiteforce.com/ [01.07.2000] - College of New Caledonia Original: http://www.cnc.bc.ca/ Defaced: http://www.attrition.org/mirror/attrition/2000/07/01/www.cnc.bc.ca/ HNS staff staff@net-security.org http://net-security.org