Friday, May 11, 2007

Daily Highlights

The Hawaii Channel reports a pilot landing at Kalaeloa on Monday night, May 7, reported having a green laser beam shot into his cabin; it is the fourth time this year that pilots have encountered the potentially disastrous situation. (See item 18)
·
The Chicago Tribune reports David Acheson, the assistant Food and Drug Administration Commissioner for food protection, said during a hearing that the government lacks the resources to do comprehensive investigations and must repair its flawed food safety inspection. (See item 23)
·
The Department of Homeland Security announced on Thursday, May 10, final awards totaling $445 million in grant programs that strengthen the ability of ports, transit, and intercity bus systems to prevent, protect against, respond to and recover from terrorist attacks, major disasters and other emergencies. (See item 33)

Information Technology and Telecommunications Sector

40. May 10, SC Magazine — Cisco discloses IOS FTP Server flaws. Cisco revealed multiple vulnerabilities in its IOS FTP Server this week. The flaws can result in DoS attacks or malicious users gaining unauthorized privileges. Cisco products running IOS and configured for FTP server functionality are affected by the flaw, according to a company security advisory released Wednesday, May 9. Successful exploitation can allow remote users access to the IOS device’s file system, which can lead to DoS attacks, according to Cisco, which advised network administrators to disable the FTP server feature as a workaround. The vulnerabilities exist in IOS versions 11 and 12, according to Cisco.
Cisco Security Advisory: http://www.cisco.com/en/US/products/products_security_advisory09186a00808399d0.shtml
Source: http://scmagazine.com/us/news/article/656879/cisco−discloses −ios−ftp−server−flaws/

41. May 10, CRN — McAfee, Symantec exterminate ActiveX bugs. Two ActiveX vulnerabilities were reported this week, one in McAfee Security Center, a management interface for its antivirus and antispam software, and the other in Symantec's Norton Antivirus product. The "McSubMgr.DLL" ActiveX control in McAfee Security Center contains a flaw that could enable an attacker to corrupt memory by sending an excessive amount of data, opening the door to remote code execution, Symantec said Wednesday, May 9. McAfee said the flaw affects products that are managed through Security Center, including Total Protection 2007, VirusScan 8.x, 9.x, 10.x, and VirusScan Plus 2007. McAfee said it fixed the vulnerability in March with Security Center updates 7.2.147 and 6.0.25, which many of its customers received automatically. Symantec this week acknowledged a buffer overflow vulnerability in the ActiveX control that ships with its popular Norton Antivirus software. Symantec said it has released an update for Norton that fixes the flaw and has made it available to customers through its LiveUpdate service.
McAfee Security Bulletin: McAfee SecurityCenter 7.2.147 or higher fixes vulnerability: http://ts.mcafeehelp.com/faq3.asp?docid=419189
Symantec COM object security bypass: http://www.symantec.com/avcenter/security/Content/2007.05.09 .html
Source: http://www.crn.com/security/199500662

42. May 10, InformationWeek — Study: 45 percent of workers steal data when changing jobs. Nearly half of professionals from across a wide range of industries admit they have taken data with them −− everything from documents and lists to sales proposals and contracts −− when they've changed jobs. According to the international Information Security Survey, users polled said they don't see their companies' IT security practices as obstacles to accessing data from outside company walls or to walking out the door with it in their bag or thumb drive. They're also aware that if they're capable of taking critical information home with them, others are, too. The survey showed that 39 percent of workers have printed a document out rather than forward it on electronically to try to minimize the number of paths it could take out of the building. The study, which was commissioned by enterprise rights management company Liquid Machines, was conducted by online survey services provider Zoomerang. More than 900 professionals, with 84 percent in the United States, were polled over a one−month period earlier this year.
Source: http://www.informationweek.com/news/showArticle.jhtml?articl eID=199500629

43. May 09, Billings Gazette (WY) — Severed cable causing Verizon outage. Wireless service for Verizon customers in the Billings area and south into Cody and Powell, WY, was interrupted Wednesday morning, May 9, when contractors at the rail yard in Livingston apparently drilled through a fiber optic cable. The cable contained fiber connections for Sprint and for 360 Networks in Butte. Verizon spokesperson Bob Kelley in Denver said that wireless companies like his use land lines to send calls from cell towers back to routing switches. So, wireless service is tied into traditional telecommunications cable networks. “It’s affecting a total of nine of our cell sites in Billings, Cody and Powell,” he said.
Source: http://www.billingsgazette.net/articles/2007/05/09/news/stat e/42−verizon.txt

44. May 09, Security Focus — Experts scramble to quash IPv6 flaw. A flawed feature that could amplify denial−of−service attacks on next−generation networks has vendors and engineers rushing to eliminate the potential security issue. This week, experts sent two drafts to the Internet Engineering Task Force (IETF)−−the technical standards−setting body for the Internet−−proposing different ways of fixing a problem in the way that Internet Protocol version 6 (IPv6) allows the source of network data to determine its path through the network. The drafts recommend that the IPv6 feature should either be eliminated or, at the very least, disabled by default. The specification, known as the Type 0 Routing Header (RH0), allows computers to tell IPv6 routers to send data by a specific route. Originally envisioned as a way to let mobile users to retain a single IP for their devices, the feature has significant security implications. During a presentation at the CanSecWest conference on April 18, researchers Philippe Biondi and Arnaud Ebalard pointed out that RH0 support allows attackers to amplify denial−of−service attacks on IPv6 infrastructure by a factor of at least 80.
IETF: http://www.ietf.org/
Source: http://www.securityfocus.com/news/11463