Merry Christmas to All; More Details on Recent Vulnerabilities
Merry Christmas to All! To all of the Internet Storm Center readers around the world, I want to extend a hearty Merry Christmas, Happy Holidays, and best wishes for the coming year. As you probably know, everybody in the Storm Center family is a volunteer. We've got a few dozen volunteer incident handlers, several thousand volunteer DShield sensor operators, plus countless other people who volunteer their own time in tracking down events on the Internet then email us their analysis and thoughts. Without the tremendous effort put forth by everybody, the Storm Center would not be where it is today. Thanks, Family!!!
I was working on an adaptation of The Night Before Christmas for today's diary, and had planned to call it "The Night Before 0-Day" but since we had a nice release of 0-days yesterday I think I'll save it for next year. Instead, let me offer our readers a corny adaptation of the Twelve Days of Christmas. If you are a true geek and your significant other is still wondering what you would like to see under the tree, try this out:
On the 1100 Day of Christmas, my true love gave to me
- Twelve Months of TIVO
On the 1011 Day of Christmas, my true love gave to me
- Eleven Pentium Processors
On the 1010 Day of Christmas, my true love gave to me
- XM Satellite Radio
On the 1001 Day of Christmas, my true love gave to me
- Nine Linux Servers
On the 1000 Day of Christmas, my true love gave to me
- Eight Mega Pixels
On the 0111 Day of Christmas, my true love gave to me
- Seven Speaker Soundsystem
On the 0110 Day of Christmas, my true love gave to me
- Six-ft Plasma TV
On the 0101 Day of Christmas, my true love gave to me
- Five Sonet Rings
On the 0100 Day of Christmas, my true love gave to me
- Forty GB iPod
On the 0011 Day of Christmas, my true love gave to me
- Three GHz Laptop
On the 0010 Day of Christmas, my true love gave to me
- Two Access Points
On the 0001 Day of Christmas, my true love gave to me
- An iPAQ Pocket PC
More Details on Recent Vulnerabilities. Yesterday we mentioned some new vulnerabilities with proof-of-concept code that affect Windows systems, plus we mentioned the release of Oracle vulnerability details by David Litchfield. We received a number of requests for links to additional information on these issues. Here are a few:
Windows Issues, original notification
http://www.xfocus.net/flashsky/icoExp/index.html
Bugtraq Discussion
http://www.securityfocus.com/archive/1/385332/2004-12-21/2004-12-27/0
http://www.securityfocus.com/archive/1/385340/2004-12-21/2004-12-27/0
http://www.securityfocus.com/archive/1/385342/2004-12-21/2004-12-27/0
Oracle Issues
http://archives.neohapsis.com/archives/vulnwatch/2004-q4/0052.html
http://archives.neohapsis.com/archives/vulnwatch/2004-q4/0053.html
http://archives.neohapsis.com/archives/vulnwatch/2004-q4/0056.html
http://archives.neohapsis.com/archives/vulnwatch/2004-q4/0057.html
http://archives.neohapsis.com/archives/vulnwatch/2004-q4/0058.html
http://archives.neohapsis.com/archives/vulnwatch/2004-q4/0059.html
http://archives.neohapsis.com/archives/vulnwatch/2004-q4/0060.html
http://archives.neohapsis.com/archives/vulnwatch/2004-q4/0061.html
One more just to make your weekend phun
Automated Windows XP SP2 Remote Compromise http://freehost07.websamba.com/greyhats/sp2rc-analysis.htm
Marcus H. Sachs
Director, SANS Internet Storm Center
Handler on Duty
I was working on an adaptation of The Night Before Christmas for today's diary, and had planned to call it "The Night Before 0-Day" but since we had a nice release of 0-days yesterday I think I'll save it for next year. Instead, let me offer our readers a corny adaptation of the Twelve Days of Christmas. If you are a true geek and your significant other is still wondering what you would like to see under the tree, try this out:
On the 1100 Day of Christmas, my true love gave to me
- Twelve Months of TIVO
On the 1011 Day of Christmas, my true love gave to me
- Eleven Pentium Processors
On the 1010 Day of Christmas, my true love gave to me
- XM Satellite Radio
On the 1001 Day of Christmas, my true love gave to me
- Nine Linux Servers
On the 1000 Day of Christmas, my true love gave to me
- Eight Mega Pixels
On the 0111 Day of Christmas, my true love gave to me
- Seven Speaker Soundsystem
On the 0110 Day of Christmas, my true love gave to me
- Six-ft Plasma TV
On the 0101 Day of Christmas, my true love gave to me
- Five Sonet Rings
On the 0100 Day of Christmas, my true love gave to me
- Forty GB iPod
On the 0011 Day of Christmas, my true love gave to me
- Three GHz Laptop
On the 0010 Day of Christmas, my true love gave to me
- Two Access Points
On the 0001 Day of Christmas, my true love gave to me
- An iPAQ Pocket PC
More Details on Recent Vulnerabilities. Yesterday we mentioned some new vulnerabilities with proof-of-concept code that affect Windows systems, plus we mentioned the release of Oracle vulnerability details by David Litchfield. We received a number of requests for links to additional information on these issues. Here are a few:
Windows Issues, original notification
http://www.xfocus.net/flashsky/icoExp/index.html
Bugtraq Discussion
http://www.securityfocus.com/archive/1/385332/2004-12-21/2004-12-27/0
http://www.securityfocus.com/archive/1/385340/2004-12-21/2004-12-27/0
http://www.securityfocus.com/archive/1/385342/2004-12-21/2004-12-27/0
Oracle Issues
http://archives.neohapsis.com/archives/vulnwatch/2004-q4/0052.html
http://archives.neohapsis.com/archives/vulnwatch/2004-q4/0053.html
http://archives.neohapsis.com/archives/vulnwatch/2004-q4/0056.html
http://archives.neohapsis.com/archives/vulnwatch/2004-q4/0057.html
http://archives.neohapsis.com/archives/vulnwatch/2004-q4/0058.html
http://archives.neohapsis.com/archives/vulnwatch/2004-q4/0059.html
http://archives.neohapsis.com/archives/vulnwatch/2004-q4/0060.html
http://archives.neohapsis.com/archives/vulnwatch/2004-q4/0061.html
One more just to make your weekend phun
Automated Windows XP SP2 Remote Compromise http://freehost07.websamba.com/greyhats/sp2rc-analysis.htm
Marcus H. Sachs
Director, SANS Internet Storm Center
Handler on Duty
Keywords:
0 comment(s)
×
![modal content]()
Diary Archives
Comments