Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2005-11-29 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

w00tw00t

Published: 2005-11-29
Last Updated: 2005-11-30 05:49:00 UTC
by Swa Frantzen (Version: 1)
0 comment(s)
Following our request for help, a while ago, we received another submission of somebody finding the following in his web logs:

"GET /w00tw00t.at.ISC.SANS.DFind:)"

It seems that we forgot to tell our whitehat readers that the search is off. We know what's behind it.  It's a web vulnerability scanner that has this fingerprint. Find and use it at your own risk. We at the Internet Storm Center distance ourselves from this tool that is labeled by at least one security company as a hacker tool..


Keywords:
0 comment(s)

Cisco IOS - we are aware

Published: 2005-11-29
Last Updated: 2005-11-29 18:53:48 UTC
by Pedro Bueno (Version: 2)
0 comment(s)
We have received information on the Cisco IOS web server code injection/execution vulnerability. Enabling HTTP interface on Cisco IOS may not be such a good idea afterall. More details here

--------------------------------
Jason Lam  (isc.jason  / at /  gmail.com)
Keywords:
0 comment(s)

Security Talks for portuguese community

Published: 2005-11-29
Last Updated: 2005-11-29 16:42:20 UTC
by Pedro Bueno (Version: 1)
0 comment(s)
Jacomo Piccolini, from RNP/CAIS (Brazilian National Education and Research Network) invites the portuguese language community to join the celebration of the International Day of Information Security tomorrow. RNP will be presenting a security symposium with a whole day of talks about security. The audio/video streaming url will be posted on their site, tomorrow.

--------------------------------------------
Pedro Bueno (pbueno //&&// isc. sans. org)

Keywords:
0 comment(s)

DoS Exploit for MS05-053 released

Published: 2005-11-29
Last Updated: 2005-11-29 13:46:54 UTC
by Pedro Bueno (Version: 1)
0 comment(s)
Today we received some alerts about exploits for MS05-053 that have been released and can be found on specialized websites.
This exploit claims to cause a DoS condition when viewing a special file on IE.

from the code:
"The crafted metafile from this code when viewed in internet explorer raises the CPU utilization to 100%. The code was tested on Windows 2000 server SP4. The issue does not occur with the hotfix for GDI (MS05-053) installed"

Did I say PATCH yet?
Go on...

---------------------------------------------
Pedro Bueno ( pbueno //&&// isc. sans. org)
Keywords:
0 comment(s)
Diary Archives