Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: IE vulnerability / MS Patches issues / Cisco CatOS vulnerabilities - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
IE vulnerability / MS Patches issues / Cisco CatOS vulnerabilities


IE Vulnerability
A security advisory released at the Secunia website reports the exploitation in the wild of a vulnerability in Internet Explorer that could lead to a system compromise.

According the advisory "Two vulnerabilities have been reported in Internet Explorer, which in combination with other known issues can be exploited by malicious people to compromise a user's system."
This possible new IE vulnerability has been discussed in the Full Disclosure list about some days ago, and according Secunia is actively being exploited in the wild to install adware on user's systems.
Since there is no official patch for this vulnerability, a solution is to disable Active Scripting for all but trusted web sites.
Reference: http://secunia.com/advisories/11793/

MS Patches issues
We received a report from a user about issues installing the Microsoft Patches
released yesterday. According the user, after installing the patches in W2k SP3 and SP4 he noticed problems like "loading the patch MS Word documents could no longer be launched using Internet Explorer 5.5 and above."

Although we didnt find any other problems related to this, it is a good practice to test the patches deployment before apply in production machines.
Cisco CatOS SSH/Telnet/HTTP vulnerabilities
Cisco released a security advisory about a vulnerability in CatOS that could lead to a Denial of Service in the running device.
"A TCP-ACK DoS attack is conducted by not sending the regular final ACK required for a 3-way TCP handshake to complete, and instead sending an invalid response to move the connection to an invalid TCP state. This attack can be initiated from a remote spoofed source.
This vulnerability is currently known to be exploitable only if you have the Telnet, HTTP or SSH service configured on a device which is running Cisco CatOS."
Reference: http://www.cisco.com/warp/public/707/cisco-sa-20040609-catos.shtml

ISC Webcast

Did you miss todays ISC Monthly Webcast?

Check the archives at: http://www.sans.org/webcasts/show.php?webcastid=90489

-----------------------------------------------------

Handler on Duty: Pedro Bueno (bueno_AT_ieee.org)
Pedro

155 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!