OCIPEP DAILY BRIEF Number: DOB02-147 Date: 18 September 2002 http://www.ocipep.gc.ca/DOB/DOB02-147_e.html
NEWS Research to protect Canadians in case of CBRN attack - Update The Canadian government's interdepartmental initiative to prepare for and respond to chemical, biological, radiological and nuclear (CBRN) threats has allocated up to $46 million to 24 projects in the areas of food and environmental safety, health, and infrastructure protection. The CBRN Research and Technology Initiative (CRTI) is a five-year, $170-million fund set up to address CBRN threats as a part of the government's comprehensive $7.7-billion security package announced in Budget 2001. Comment: OCIPEP is a federal participant in the CRTI. The full CRTI press release can be viewed at: http://www.crti.drdc-rddc.gc.ca/pressroom_e.html#020916 OCIPEP Information Note - "Release of U.S. National Strategy to Secure Cyberspace" Today, OCIPEP issued Information Note IN02-006 to draw attention to the release of the draft U.S. National Strategy to Secure Cyberspace. The public and private sector can review the draft and recommend changes before the President approves the first version, which is expected to occur before the end of the year. The immediate impact of the U.S. strategy on Canada will be an increased focus on Canada's, and more specifically the Government of Canada's, cybersecurity approaches, policies and activities, as well as on cross-border CIP cooperation. The U.S. strategy is consistent with the Canadian government's approach to cybersecurity, which includes raising awareness, training and education, partnership development, federal leadership, and incident coordination and management. The OCIPEP Information Note can be viewed at: http://www.ocipep.gc.ca/emergencies/info_notes/IN02_006_e.html The U.S. National Strategy to Secure Cyberspace can be viewed at: http://www.securecyberspace.gov. Sewage spill in Red River Since Monday, a faulty valve at a Winnipeg sewage treatment plant has been dumping approximately 230,000 cubic metres of untreated sewage per day into the Red River. Repairs to the pump room could take up to a week, according to a city official. The spill was not expected to affect the city's drinking water, and none of the municipalities downstream use the river as a source of drinking water. (Source: CBC News, 17 September 2002) Click here for the source article Comment: The Manitoba Government Department of Conservation will conduct daily water quality tests on the river and monitor aquatic or fishery impacts. It is expected that high river flows, which are more than twice the usual flow at this time of year, will lessen the impact of the spill on the river's water quality and the environment. West Nile death confirmed: Province considers mass spraying The first death from the West Nile virus in Canada this year has been confirmed. Autopsy results on the 70-year old man who died in Mississauga yesterday indicate that he died from the virus. The Ontario Premier suggested that the provincial government is assessing the possibility of mass chemical spraying next year, aimed at controlling the spread of the virus. "If there is action to prevent such deaths, you'd want to do that," said Mr. Eves, emphasizing he will look to Dr. Colin D'Cunha, Ontario's chief medical officer of health, for guidance. (Source: infomedia.gc.ca, 17 September 2002) Click here for the source article Comment: The city of Winnipeg used chemical sprays this past summer to help control the mosquito population, which is a key vector related to West Nile virus. The program was successful in helping to control the mosquito population despite the objections to spraying from some communities. For more information, please consult the OCIPEP web site at: http://www.ocipep.gc.ca/otherlinks/hlinx_e.html Cross-border military cooperation: Final talks Canadian and U.S. military representatives met on Tuesday to work out emergency protocols that would allow both Canadian and U.S. soldiers to cross the border in the event of a crisis. It is expected that an agreement will be finalized by October 1. Officials involved in the discussions say a team of up to 100 senior military planners will be based in Colorado at the headquarters of the North American Aerospace Defense Command (NORAD) and the new U.S. Northern Command (NORTHCOM), which is responsible for security threats to North America. (Source: Canada.com, 17 September 2002) Click here for the source article Comment: The OCIPEP Daily Brief DOB02-133, released on 28 August 2002, reported that Canada and the U.S. were in the final stages of negotiating an agreement for land and naval cooperation between the two countries. IN BRIEF Bottled water regulations to be updated Health Canada announced yesterday that regulations on governing bottled water, which date back to 1973, will be updated to maintain the safety of drinking water. (Source: thestar.com 17 September 2002) Click here for the source article Comment: The discussion paper on bottled water can be viewed at: http://www.hc-sc.gc.ca/food-aliment/friia-raaii/frp-pra/water-eau/e_rfr_bottle_w ater_tofc.php Slapper worm continues to spread The Slapper worm has now infected at least 30,000 Linux Apache Web servers that haven't been patched to fix vulnerabilities related to the OpenSSL protocol, which were detailed by the OpenSSL Project on July 30. (Source: computerworld.com, 17 September 2002) Click here for the source article Comment: The OpenSSL Project security advisory issued on 30 July 2002 can be viewed at: http://www.openssl.org/news/secadv_20020730.txt Cyber security strategy to be published in draft version only The U.S. government's National Strategy to Secure Cyberspace will be published today as planned, but in draft form only. Companies and IT providers will have two months to review the draft and recommend changes. The final version should be ready for the President's signature by the end of the year. (Source: computerworld.com, 17 September 2002) Click here for the source article CYBER UPDATES See: What's New for the latest Alerts, Advisories and Information Products Threats See: In Brief - Slapper worm continues to spread Symantec reports on Backdoor.Phoenix, which is a Trojan horse that gives an attacker unauthorized access to an infected computer. By default, it opens port 7410 on the compromised computer. http://securityresponse.symantec.com/avcenter/venc/data/backdoor.phoenix.html Vulnerabilities CERT/CC reports on a remotely exploitable buffer overflow vulnerability in IBM AIX RCP that could allow attackers to gain root privileges. Follow the link for patch information. http://www.kb.cert.org/vuls/id/209363 CERT/CC reports on a remotely exploitable vulnerability in HP-UX JetDirect-enabled printers that could allow attackers to obtain sensitive information and gain unauthorized access to the printer. Follow the link for patch information. http://www.kb.cert.org/vuls/id/377003 CERT/CC reports on a remotely exploitable vulnerability in PHP that could allow attackers to alter message headers and content. No known patch is available at this time. http://www.kb.cert.org/vuls/id/410609 Patches: New packages are now available for Debian GNU/Linux KDE Konquerer. (SecurityFocus) http://online.securityfocus.com/advisories/4477 Additional vulnerabilities were reported in the following products: Applications using the FreeBSD kvm library (multiple versions) sensitive descriptor leak vulnerability. (SecurityFocus) http://online.securityfocus.com/advisories/4479 Vandyke Software SecureCRT buffer overflow vulnerability. (CERT/CC) http://www.kb.cert.org/vuls/id/216227 Nobreak CrazyWWWBoard 2000p4 and 2000LEp5 buffer overflow vulnerability. (CERT/CC) http://www.kb.cert.org/vuls/id/229955 Lycos HTML Gear 'Guest Gear' Web Site Guestbook cross-site scripting vulnerability. (Security Tracker) http://www.infosyssec.com/cgi-bin/link.cgi?target=http://www.infosyssec.com/info syssec/aaa33.htm Enterasys X-Pedition Switch Router prior to 8.3.0.10 denial-of-service vulnerability. (Security Tracker) http://www.infosyssec.com/cgi-bin/link.cgi?target=http://www.infosyssec.com/info syssec/aaa33.htm Tools Brute Force Exploit Detector (BED) 0.3 is a collection of scripts to automatically test implementations of different protocols for buffer overflows and for format string vulnerabilities. (Snake-basket) http://www.snake-basket.de/bed.html CONTACT US For additions to, or removals from the distribution list for this product, or to report a change in contact information, please send to: Email: [EMAIL PROTECTED] For urgent matters or to report any incidents, please contact OCIPEP’s Emergency Operations Centre at: Phone: (613) 991-7000 Fax: (613) 996-0995 Secure Fax: (613) 991-7094 Email: [EMAIL PROTECTED] For general information, please contact OCIPEP’s Communications Division at: Phone: (613) 991-7035 or 1-800-830-3118 Fax: (613) 998-9589 Email: [EMAIL PROTECTED] Web Site: www.ocipep-bpiepc.gc.ca Disclaimer The information in the OCIPEP Daily Brief has been drawn from a variety of external sources. Although OCIPEP makes reasonable efforts to ensure the accuracy, currency and reliability of the content, OCIPEP does not offer any guarantee in that regard. The links provided are solely for the convenience of OCIPEP Daily Brief users. OCIPEP is not responsible for the information found through these links. IWS INFOCON Mailing List @ IWS - The Information Warfare Site http://www.iwar.org.uk
