Security Bytes: New Bagle variant circulating; vulnerabilities discovered in Lotus and HP-UX

Bagle-AD hits the 'Net, while workarounds are needed for flaws in Lotus Domino and HP-UX features.

McAfee warns of W32/Bagle-AD@mm

McAfee Inc., the Santa Clara, Calif.-based company formerly known as Network Associates, is warning that a new version of the Bagle virus, W32/Bagle-AD@mm, is circulating. The mass-mailing worm is packed using UPX and comes in the form of a password-protected .zip file, with the password included in the message body as plain text or within an image. Bagle-AD harvests addresses from local files and then uses them in the "From" field to spoof its origin. Once activated, McAfee said, the worm copies itself to system folders that have the phrase "shar" in the name, such as common peer-to-peer applications, and adds a registry key to the system start-up. The worm then listens on TCP port 1234 for remote connections. McAfee ranks Bagle-AD as a medium threat.

For more info on Bagle-AD, click here.

IBM Lotus Domino Web Access message handling denial of service

Vulnerability aggregator Secunia is warning of a moderate vulnerability in IBM Lotus Domino Web Access (formerly called iNotes) 6.x that could be exploited by an attacker to cause a remote denial of service. Secunia reported that the vulnerability is caused due to an unspecified error when processing mail and can be exploited by sending mail containing an overly large, specially crafted ,jpg image attachment (about 12 MB) to a vulnerable system. Successful exploitation reportedly crashes the Domino server when the mail is opened. Domino 6.5.1 is vulnerable; the flaw may affect other versions as well. A fix will reportedly not be issued, but Secunia recommended limiting the maximum message size as a workaround.

HP warns of highly critical Netscape flaw

Hewlett-Packard is warning HP-UX 11.x users of a highly critical vulnerability that could allow remote exposure of system and other sensitive data, can cause a denial of service or allow remote system access.

According to HP, the flaws affect Netscape for HP-UX B.11.00, B.11.11, B.11.22 and B.11.23.

HP recommends immediately uninstalling affected Netscape browsers and switching to Mozilla to correct the flaw. Netscape is no longer being updated for HP-UX, according to HP.

Dig deeper on Security Resources

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close