SSLTelnet remote format string vulnerability
iDefense Inc. is warning FreeBSD users of a format string vulnerability in SSLTelnet version 0.13-1 that could allow remote code execution. Because the process runs as root, gaining root access is also possible. SSLtelnetd is a replacement for telnetd. The flaw is caused by an argument deficient call to syslog().iDefense recommends users consider implementing an alternate telnet/SSL solution.
iDefense security advisory
Norton AntiVirus denial-of-service vulnerability
Symantec's Norton AntiVirus 2003 Professional Edition and Norton AntiVirus 2002 are vulnerable to a moderate remote denial-of-service flaw caused by specially crafted compressed files, according to vulnerability researcher Bipin Gautam. A virus scan (automatic/manual) of some specially crafted compressed files triggeres a DoS using 100% CPU. Gautam reports NAV is unable to stop the scan in middle, even if the user wishes to manually stop the virus scan. The only alternative is to kill the process. The compressed file doesn't need to be a ZIP file to trigger this attack, the researcher said.
Adobe Reader 6.0 filename handler buffer-overflow vulnerability
Exploitation of a buffer-overflow vulnerability in Adobe Reader 6.0 could allow a remote attacker to execute arbitrary code, reported iDefense. A parsing error in the filename path splitting routine can force Adobe Reader to open a file containing an unhandled file extension. If an overly long extension is supplied, a stack based overflow occurs and allows an attacker to execute arbitrary code under the privileges of the local user. iDefense said that remote exploitation is possible by sending a specially crafted e-mail and attaching a malicious PDF. Adobe Acrobat and other versions of the Reader may also be vulnerable. Adobe recommends that users upgrade to version 6.0.2.
Read the iDefense advisory.
Upgrade instructions and further information from Adobe is available here.
Mozilla 5.0 vunerable to 'shell' flaw
Another version of Mozilla has been identified as vulnerable to a "moderately critical" flaw that could allow malicious Web sites to use the Windows "shell:" URI handler in an attack. Mozilla 5.0 running on Windows NT 5.1 and on Windows XP with Service Pack 1 are part of a string of vulnerable versions of Mozilla's Application Suite, Firefox and Thunderbird products, according to security researcher Liu Die Yu. Mozilla said the bug affects only users of Microsoft's Windows operating system, not Linux or Macintosh.
For more details on the flaw, click here.
Former AltaVista employee arrested for stealing source code
A former AltaVista employee is due in court July 20 for allegedly breaking into the search engine company's computer systems to steal source code after he left the company. Laurent Chavet, 29, was arrested last week near Redmond, Wash., where he was employed by Microsoft, reportedly to work on enhancing MSN Search. The FBI alleges Chavet began accessing AltaVista systems after he left the Sunnyvale, Calif., company in February 2002. Microsoft would not say when Chavet was hired, but authorities have said the charges are not linked to the software giant. Microsoft is making an aggressive push to compete with Google and Yahoo, which now owns AltaVista through an acquisition.
Chinese hackers advertise customized viruses on Internet
A news agency is reporting Chinese hackers are openly offering made-to-order viruses capable of bypassing U.S. security systems. An unnamed Web site contained an ad for customizing an existing virus to circumvent the latest antivirus signature engines for under $25. Virus writing is illegal in China, and authorities have since shut down the site. No one's sure how many already contacted the hackers, who listed instant message handles in their ads, before the Shanghai-based antivirus firm Rising found the ads and notified police.