Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Quiet Day;TCP/443; Firefox GIF image handling heap overflow exploit; MS javaprxy.dll update

Published: 2005-07-05
Last Updated: 2005-07-06 01:44:09 UTC
by Kevin Hong (Version: 1)
0 comment(s)

Quiet Day



It has been a slow day and everybody in the US enjoyed their Independence Day. I didn't see any sign of widespread exploits of the phpBB, java or Veritas vulnerability. Actually one of our readers reported a new phpBB incident, but he only submited the one script which defaced the web site defacement and notified Zone-H. Following the script, a brazilian defacer group created it. Still no sign of a new phpBB worm. If you have any sign of a new phpBB worm or wild exploit, please share this information withus.

Some of people give some ideas of Spam challenge protocol, we appreciate your submission and will post a summary at a later date. I didn't take the honor of raise the infon, maybe next handler who is Jason will take the honor.





TCP/443.



Today, we did see an increase of tcp/443 scanning. The reason is unknown, maybe a new bot, or even a new vulnerability? You can see the tcp/443 activity at the
. If you have any strange activity at tcp/443, please share it with us. We need any helpful packet, log and your feedback. You can submit through our



Update: Preliminary analysis shows that most of the 443 scanning traffic is spoofed (J.U.).



Firefox GIF image handling heap overflow exploit



The
release new exploit for Firefox. The vulnerability is due to a heap overrun error when processing a specific extension block in GIF images, which may be exploited to run arbitrary code on a vulnerable system via a web page or email message containing a specially crafted GIF image. The affected version is Firefox version 1.0.1 and prior.




MS javaprxy.dll update



Microsoft updated their
(903144) of A COM Onject (Javaprxy.dll) Internet Explorer to Unexpectedly Exit. The advisory update with Microsoft Download Center Information for the registry key update that disables Javaprxy.dll in the Explorer. But still workaround and no official patch available.








Kevin Hong


Handler on Duty.


khong-at-kisa.or.kr

Keywords:
0 comment(s)
Diary Archives