Threat Level: green Handler on Duty: Tom Webb

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2005-11-25 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Sober, Bagles, and Mytobs ad nauseum...

Published: 2005-11-25
Last Updated: 2005-11-25 21:04:50 UTC
by Adrien de Beaupre (Version: 1)
0 comment(s)
What would a handler shift be like without a plethora of new viruses and worms variants on the loose.

Fortigate is showing W32/Sober.AD-mm 60% at of fortinets traffic over last 24 hours 43% of traffic over last 7 days.

 http://www.fortinet.com/FortiGuardCenter/global_threat_stats.html

Mail servers monitored by a fellow handler has caught over 46000 instances of Sober.y in the last 24 hours.
The F-Secure blog was discussing seeing a few new bagles yesterday.

 http://securityresponse.symantec.com/avcenter/venc/data/w32.beagle.cq@mm.html

 http://www.f-secure.com/v-descs/mytob_do.shtml

Cheers,
Adrien

Keywords:
0 comment(s)

PHP 5.1 update with several security fixes

Published: 2005-11-25
Last Updated: 2005-11-25 20:02:35 UTC
by Adrien de Beaupre (Version: 1)
0 comment(s)
Summary of security fixes:

Fixed a Cross Site Scripting (XSS) vulnerability in phpinfo().
Fixed multiple safe_mode/open_basedir bypass vulnerabilities in ext/curl and ext/gd .
Fixed a possible $GLOBALS overwrite problem in file upload handling.
Fixed a problem when a request was terminated due to memory_limit constraints during certain parse_str() calls.
Fixed an issue with trailing slashes in allowed basedirs.
Fixed an issue with calling virtual() on Apache 2.
Updated to the latest pcrelib to fix a possible integer overflow vulnerability announced in CAN-2005-2491.
Possible header injection in mb_send_mail() function via the To address, the first parameter of the function.

Announcement here

Thanks to Juha-matti!

Cheers,
Adrien



Keywords:
0 comment(s)
Diary Archives