Late Night Security Readings
Cisco was bitten by two bugs this week: a problem with its SSH{01.27.001} implementation and another bug with its on-board HTTP servers {01.27.008}. These vulnerabilities should serve as a reminder that not only do operating systems need patching and lock-down attention but infrastructure equipment does, as well. Security-savvy network administrators who have already shutdown the HTTP services on their Cisco devices proactively avoided this latest round of HTTP-based vulnerabilities.
While organizations should still upgrade their vulnerable IOS and CatOS images, proactive lock-down efforts can definitely reduce potential risks. It’s time to re-embrace some age-old wisdom: “If you aren’t using it, turn it off.”
+ + +
Oracle 8i Standard and Enterprise Editions versions 8.1.5, 8.1.6 and 8.1.7 as well as all previous versions for Windows, Linux, Solaris, AIX, HP-UX and Tru64 Unix are vulnerable to a remote denial of service attack against the TNS libraries that handle the various Oracle TNS services. The attacker does not need valid authentication credentials to mount an attack.
Oracle has confirmed this problem and produced a patch (under bug number 1656431), which is available at: http://metalink.oracle.com/
+ + +
Lotus Domino server version 5.0.6 has been found vulnerable to a Cross-Site Scripting attack. This potentially allows a malicious e-mail or Web site to execute active scripting in a user’s browser via the
vulnerable Domino site.
+ + +
An advisory indicates that a new feature in the mail() command as of PHP 4.0.5 may allow an attacker, who has Web page authoring permissions, to bypass PHP’s safe mode and execute arbitrary command line commands. This is a concern for ISPs and virtual Web hosting providers.
