Network Security

Welcome to our security bulletin for October 2005;

TippingPoint, a division of 3Com, has recently discovered a Veritas NetBackup vulnerability which has the potential to allow remote users to execute malicious code. Affected versions are NetBackup 3.4, 4.5, 5.0, 5.1 and 6.0. More details, and patches available here http://seer.support.veritas.com/docs/279085.htm

Serious new MS Windows problem has been uncovered, currently being tracked by Internet Security Systems. This could allow complete compromise of Windows 2000 systems. Also, a further issue has been found with DirectShow, which could render the system vulnerable through use of a malicious video file. Versions affected:

Further details and patches from ISS at http://xforce.iss.net/xforce/alerts/id/206

The US Federal Trade Commission has launched Operation Spam Zombies, a campaign to make Internet service providers aware of what they can do about the large number of "zombies" (compromised computers working on behalf of third parties) on their networks.
These machines, running malicious software, together form botnets, in order that the botnet operator can launch distributed denial of service attacks, phishing attacks (spam email tricking people into revealing valuable information) or sell internet access to spammers.
Read more at http://www.theregister.co.uk/2005/10/13/rise_of_the_botnets/page2.html

Also from theregister.co.uk, a new security threat has emerged for the PlayStation Portable. One of the download tools used to downgrade the embedded software from version 2.0 to 1.50 is actually a Trojan which deletes system files and renders the PSP unusable.

Major Security Threat - Web Browsers
Affected browsers:
FireFox 1.0.6 and prior
FireFox 1.5 Beta 1(Deer Park Alpha 2)
Netscape 7.x and 8.x
Mozilla Suite 1.7.11 and prior

These Gecko based browsers are vulnerable as they support Internation Domain Names (web addresses containing non-standard characters such as accents or non-Latin alphabets). A web page could be created with a hyperlink containing a long string of such non-standard characters which would cause an overflow in the dynamic memory allocation of the system. This could result in either denial of service or even allow malicious code to be executed. Mozilla has issued a patch
(https://addons.mozilla.org/messages/307259.html), but if you don't use International Domain Names they can be disabled from within the browser.

Other New Vulnerabilities
RaXnet Cacti graphing solution - new problems have been discovered. Patches or latest version available at http://www.cacti.net.

NOD32 AntiVirus System - download latest version at http://www.nod32.com/home/home.htm.

Old security bulletins are stored in our archive

If you have a security issue or are looking for Internet security services, contact us to see what we can do for you.