|
Merry Christmas to All! To all of the Internet Storm Center readers around the world, I want to extend a hearty Merry Christmas, Happy Holidays, and best wishes for the coming year. As you probably know, everybody in the Storm Center family is a volunteer. We've got a few dozen volunteer incident handlers, several thousand volunteer DShield sensor operators, plus countless other people who volunteer their own time in tracking down events on the Internet then email us their analysis and thoughts. Without the tremendous effort put forth by everybody, the Storm Center would not be where it is today. Thanks, Family!!!
I was working on an adaptation of The Night Before Christmas for today's diary, and had planned to call it "The Night Before 0-Day" but since we had a nice release of 0-days yesterday I think I'll save it for next year. Instead, let me offer our readers a corny adaptation of the Twelve Days of Christmas. If you are a true geek and your significant other is still wondering what you would like to see under the tree, try this out: On the 1100 Day of Christmas, my true love gave to me - Twelve Months of TIVO On the 1011 Day of Christmas, my true love gave to me - Eleven Pentium Processors On the 1010 Day of Christmas, my true love gave to me - XM Satellite Radio On the 1001 Day of Christmas, my true love gave to me - Nine Linux Servers On the 1000 Day of Christmas, my true love gave to me - Eight Mega Pixels On the 0111 Day of Christmas, my true love gave to me - Seven Speaker Soundsystem On the 0110 Day of Christmas, my true love gave to me - Six-ft Plasma TV On the 0101 Day of Christmas, my true love gave to me - Five Sonet Rings On the 0100 Day of Christmas, my true love gave to me - Forty GB iPod On the 0011 Day of Christmas, my true love gave to me - Three GHz Laptop On the 0010 Day of Christmas, my true love gave to me - Two Access Points On the 0001 Day of Christmas, my true love gave to me - An iPAQ Pocket PC More Details on Recent Vulnerabilities. Yesterday we mentioned some new vulnerabilities with proof-of-concept code that affect Windows systems, plus we mentioned the release of Oracle vulnerability details by David Litchfield. We received a number of requests for links to additional information on these issues. Here are a few: Windows Issues, original notification http://www.xfocus.net/flashsky/icoExp/index.html Bugtraq Discussion http://www.securityfocus.com/archive/1/385332/2004-12-21/2004-12-27/0 http://www.securityfocus.com/archive/1/385340/2004-12-21/2004-12-27/0 http://www.securityfocus.com/archive/1/385342/2004-12-21/2004-12-27/0 Oracle Issues http://archives.neohapsis.com/archives/vulnwatch/2004-q4/0052.html http://archives.neohapsis.com/archives/vulnwatch/2004-q4/0053.html http://archives.neohapsis.com/archives/vulnwatch/2004-q4/0056.html http://archives.neohapsis.com/archives/vulnwatch/2004-q4/0057.html http://archives.neohapsis.com/archives/vulnwatch/2004-q4/0058.html http://archives.neohapsis.com/archives/vulnwatch/2004-q4/0059.html http://archives.neohapsis.com/archives/vulnwatch/2004-q4/0060.html http://archives.neohapsis.com/archives/vulnwatch/2004-q4/0061.html One more just to make your weekend phun Automated Windows XP SP2 Remote Compromise http://freehost07.websamba.com/greyhats/sp2rc-analysis.htm Marcus H. Sachs Director, SANS Internet Storm Center Handler on Duty |
Marcus 301 Posts ISC Handler Dec 25th 2004 |
| Subscribe |
Dec 25th 2004 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!
