Vulnerability in IPv6 can cause denial of service
U.S. CERT and security advisory company Secunia this week reported a flaw in some Juniper Networks' routers running on nascent Internet Protocol version 6 networks. The vulnerability known as a memory leak allows IPv6 packets to take up more memory than usual and slow down a router until it finally crashes and must reboot, creating a denial of service, reports CNET News.com. A similar problem occurred when IPv4, the dominant protocol for connecting devices to the Internet, was introduced. Juniper Networks software created after June 20 includes corrected code, and the company issued a workaround on its Web site. Users also are advised to disable the routers' Packet Forwarding Engine. For more information on the vulnerability, click here for the CERT advisory.
Gartner sings different iPod tune
Gartner Group is warning enterprises to consider banning the popular Apple iPod MP3 players to avoid security risks. Several news outlets report the small players can circumvent firewalls and introduce malware such as Trojan horses to corporate networks. The players' considerable storage capacity could be used to steal intellectual property. Gartner recommends portable music players be added to workplace bans on digital cameras and other portable media storage devices.
Computer Associates sued for $800 million
Beleaguered software giant Computer Associates is being sued for $800 million by three Canadian security companies that say CA stole their concepts and software in creating eTrust 20/20 and Command Center. CA says the lawsuit has no merit. This lawsuit filed by NI Group, Scienton Technologies and Secure-IT comes about a week after Texas stockholder Sam Wyly announced he's suing the company for some $1 billion. The Long Island-based company has been beset with trouble since federal probes into past bookkeeping practices have led to several arrests, at least one conviction and the recent removal of CEO Sanjay Kumar, who subsequently left the company.
Nigerians arrested in e-mail scams
Using software that flags e-mails containing key words used in popular scams, Nigerian authorities have rounded up more than 500 suspects believed behind the popular scheme that promises untold wealth in exchange for helping transfer money out of Africa. The messages appear to come from a Nigerian dictators' widow or some other official and, if the amount of seized property is any indication, has netted plenty of victims. Nigerian police say they've recovered properties worth more than $500 million. The arrests came after ISPs and government departments began using new technology to scan outgoing e-mails for signs of scam letters, an Australian newspaper reports.