Threat Level: green Handler on Duty: Tom Webb

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2006-05-27 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Symantec Patch Posted

Published: 2006-05-27
Last Updated: 2006-05-27 20:01:00 UTC
by Deborah Hale (Version: 1)
0 comment(s)
Symantec has just posted patches for the Security Advisory SYM06-010.  It appears at this time that the patches are manual download and install.  We don't know at this point if a product live update will be posted for these patches but for the meantime it is there for manual load. 

So for those of you enjoying the long weekend, look at what you get to look forward to on Tuesday. If you are running Symantec Corporate Edition 10.1 you get to spend Tuesday patching.

Symantec Patch Update
Keywords:
0 comment(s)

Hacker Activity

Published: 2006-05-27
Last Updated: 2006-05-27 14:26:12 UTC
by Deborah Hale (Version: 1)
0 comment(s)
It appears that there is a little hacker contest going on this weekend.  We have received reports of several sites being hacked by different groups. One of the web sites that posts counts of hacker activity shows several known hacker groups that are having lots of fun.

Now is it because of the long weekend or are the kiddies out of school for summer vacation and they are bored already.  Hard to tell, all we can do is keep our eyes open.  Hopefully all of our readers have taken the necessary steps to harden and protect their web pages and can sit back and enjoy the long weekend. If you haven't, you can sit back and enjoy the long weekend but come Tuesday morning you will be busy fixing the mess that the kiddies leave behind.

In case you want some information about how to harden and protect your webservers take a look at the information available in the SANS Reading Room.  We have some of the best and brightest contributors that give us some great ideas.

SANS Reading Room Web Servers
Keywords:
0 comment(s)

Cisco Vulnerability in the VPN Client Software

Published: 2006-05-27
Last Updated: 2006-05-27 13:53:41 UTC
by Deborah Hale (Version: 1)
0 comment(s)
The Cisco VPN Client for Windows software is affected by a local privilege escalation vulnerability that allows non-privileged users to gain administrative privileges. Cisco has made free software available to address the vulnerability.

Cisco Advisory - VPN Client
Keywords:
0 comment(s)

Update on Symantec Elevation of Privilege Vulnerability

Published: 2006-05-27
Last Updated: 2006-05-27 13:45:11 UTC
by Deborah Hale (Version: 1)
0 comment(s)
 It appears that Symantec has issued an update to the vulnerability that was identified yesterday.
It has been confirmed that the products affected are Symantec Client Security version 3.1 and Symantec Antivirus Corporate Edition version 10.1.  This is a stack overflow vulnerability and can cause a system crash. 

See the information on Symantec's Website for their recommendations for mitigation.

Symantec Advisory


Keywords:
0 comment(s)
Diary Archives