Tsunami.exe, Oracle critical patch update, got packets?

Published: 2005-01-18
Last Updated: 2005-01-19 00:07:07 UTC
by Adrien de Beaupre (Version: 1)
0 comment(s)
Tsunami.exe

A piece of malicious code is making the rounds of the Internet masquerading as a Tsunami relief donation request. While not really surprising I find this is somewhat of a new low even for the writers of malware. Words like despicable, shameful, contemptible, pathetic, and feeble come to mind. I had to check a thesaurus for printable comments, can you tell? Filter attachments at your perimeter in organizations, use up-to-date anti-virus, and as users do not open attachments.
Oracle critical patch update released

Oracle has released a critical patch update to address vulnerabilities in the RDBMS products. The full details of the vulnerabilities have not yet been released. Oracle has rated some of them as having wide impact. NGSSoftware, who have released an advisory, rates many of them as high risk. They include privilege escalation and a buffer overflow condition.

For more info:

http://www.oracle.com/technology/deploy/security/pdf/cpu-jan-2005_advisory.pdf

and

http://www.ngssoftware.com/advisories/oracle-02.txt

Got packets?

Upswings in scanning activity for ports tcp/901 un-explained, possibly looking for swat/samba installs? Share your theories and packet captures.

http://www.dshield.org/port_report.php?port=901

Cheers,
Adrien de Beaupré

Internet Storm Center Handler of the Day

http://www.cinnabar.ca
Keywords:
0 comment(s)

Comments


Diary Archives