ISS notified Check Point on 2/2/2004, and Check Point made their update
for the FW-1 HTTP issue on 2/4/2004. It is our policy to only release
public information when the affected vendor has published information
and/or released a fix.
Check Point only released one fix on 2/4/2004, not two fixes
Nanog-
ISS X-Force release two X-Force Security Advisories this evening
detailing high-risk issues in Checkpoint Firewall-1 and VPN-1. Please
refer to the following URLs for more information:
http://xforce.iss.net/xforce/alerts/id/162
http://xforce.iss.net/xforce/alerts/id/163
-Original Message-
From: ISS XForce
Sent: Tuesday, September 23, 2003 10:54 AM
To: [EMAIL PROTECTED]
Subject: ISS Security Brief: ProFTPD ASCII File Remote Compromise
Vulnerability
*** PGP SIGNATURE VERIFICATION ***
*** Status: Good Signature
*** Signer: X-Force [EMAIL PROTECTED]
ISS X-Force discovered this vulnerability and our advisory will be
released shortly. We were working to determine the full scope of the
vulnerability before we notified the vendor. Unfortunately, someone
else found the flaw and began to cause discuss it using specifics. That
caused us to push
===
-Original Message-
From: Ingevaldson, Dan (ISS Atlanta)
Sent: Tuesday, September 16, 2003 4:01 PM
To: [EMAIL PROTECTED]; Richard A Steenbergen
Cc: William Allen Simpson; [EMAIL PROTECTED]
Subject: RE: new openssh issue
ISS X-Force discovered this vulnerability and our advisory
Please see our X-Force Alert for more information about the new set of
MSRPC issues. We have published a free CLI tool to scan for computers
vulnerable to MS03-039.
X-Force Alert:
http://xforce.iss.net/xforce/alerts/id/152
Free Scanner:
Manager, X-Force RD
[EMAIL PROTECTED]
404-236-3160
Internet Security Systems, Inc.
The Power to Protect
http://www.iss.net
===
-Original Message-
From: Ingevaldson, Dan (ISS Atlanta)
Sent: Thursday, September 11, 2003 7:54 AM
To: [EMAIL PROTECTED]; [EMAIL
FYI, http://xforce.iss.net/xforce/alerts/id/152
Regards,
===
Daniel Ingevaldson
Engineering Manager, X-Force RD
[EMAIL PROTECTED]
404-236-3160
Internet Security Systems, Inc.
The Power to Protect
http://www.iss.net
===
Wesley-
There is no evidence that the patch does not fix the vulnerability. You
may be getting infected during the patching and cleaning process. Best
bet is to patch, reboot, then clean.
Regards,
===
Daniel Ingevaldson
Engineering Manager, X-Force RD
[EMAIL
The Nachi worm propagates via MSRPC DCOM and the IIS WebDAV bug. It
may be causing this storm because it runs 300 scanning threads, and it
pings each IP first.
http://xforce.iss.net/xforce/alerts/id/150
MS Blast wasn't multithreaded.
Regards,
===
Daniel Ingevaldson
Joe-
Sounds like this:
http://story.news.yahoo.com/news?tmpl=storycid=581ncid=581e=1u=/nm/2
0030819/tc_nm/airlines_aircanada_virus_dc
-d
-Original Message-
From: Joe Abley [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 19, 2003 3:40 PM
To: [EMAIL PROTECTED]
Subject: some wide-scale
Our assessment of worm's behavior is below:
If windowsupdate.com fails to resolve, it will return a -1, which is not
interpreted because this routine has no error checking. The worm then
attempts to send its SYN packets to 255.255.255.255, which may have done
some interesting things, but it
12 matches
Mail list logo