McAfee warns of W32/Bagle-AD@mm
McAfee Inc., the Santa Clara, Calif.-based company formerly known as Network Associates, is warning that a new version of the Bagle virus, W32/Bagle-AD@mm, is circulating. The mass-mailing worm is packed using UPX and comes in the form of a password-protected .zip file, with the password included in the message body as plain text or within an image. Bagle-AD harvests addresses from local files and then uses them in the "From" field to spoof its origin. Once activated, McAfee said, the worm copies itself to system folders that have the phrase "shar" in the name, such as common peer-to-peer applications, and adds a registry key to the system start-up. The worm then listens on TCP port 1234 for remote connections. McAfee ranks Bagle-AD as a medium threat.
IBM Lotus Domino Web Access message handling denial of service
Vulnerability aggregator Secunia is warning of a moderate vulnerability in IBM Lotus Domino Web Access (formerly called iNotes) 6.x that could be exploited by an attacker to cause a remote denial of service. Secunia reported that the vulnerability is caused due to an unspecified error when processing mail and can be exploited by sending mail containing an overly large, specially crafted ,jpg image attachment (about 12 MB) to a vulnerable system. Successful exploitation reportedly crashes the Domino server when the mail is opened. Domino 6.5.1 is vulnerable; the flaw may affect other versions as well. A fix will reportedly not be issued, but Secunia recommended limiting the maximum message size as a workaround.
HP warns of highly critical Netscape flaw
Hewlett-Packard is warning HP-UX 11.x users of a highly critical vulnerability that could allow remote exposure of system and other sensitive data, can cause a denial of service or allow remote system access.
According to HP, the flaws affect Netscape for HP-UX B.11.00, B.11.11, B.11.22 and B.11.23.
HP recommends immediately uninstalling affected Netscape browsers and switching to Mozilla to correct the flaw. Netscape is no longer being updated for HP-UX, according to HP.