Untitled Document
www.expresscomputeronline.com WEEKLY INSIGHT FOR TECHNOLOGY PROFESSIONALS
22 August 2005  
Untitled Document
Sections

Market
Management
Technology
Technology Life
Columns

Between The Bytes

Specials

HMA Bankbiz
UPS Batteries

Services
Subscribe/Renew
Archives
Search
Contact Us
Network Sites
Network Magazine India
Exp. Hotelier & Caterer
Exp. Travel & Tourism
feBusiness Traveller
Exp. Pharma Pulse
Exp. Healthcare Mgmt.
Exp. Textile
Group Sites
ExpressIndia
Indian Express
Financial Express
Home - Technology - Article

Updates

A compilation of the latest information about viruses and worms, security issues and patches to rectify the same.

Worm poses as pirated ‘Grand Theft Auto’

A worm that targets gamers is making the rounds, tapping into popular titles and peer-to-peer file sharing. The worm, Hagbard.A, tries to disguise itself on peer-to-peer networks as pirated downloads of popular game titles Grand Theft Auto: San Andreas, Need for Speed Underground 2 and 400 other programmes, Sophos said in a recent advisory.

The downloaded programme will copy itself to the file-sharing folder on the compromised PC and attempt to spread using the Windows Messenger. An instant message sent to others on the service contains a link to the worm and reads: “please download this...it’s only small brb.”

Malware Top 10
TROJ_DROPPER.JA
BKDR_LITBOT.A
BKDR_LANDIS.A
WORM_BAGLE.BN
WORM_BAGLE.BM
PE_BOBAX.AB
WORM_REATLE.E
WORM_REATLE.D
WORM_MYTOB.JH
WORM_MYTOB.JF

(Source: Trend Micro.
 Period: August 1 to August 8)

CA BrightStor ARCserve Buffer Overflow

BrightStor ARCserve Backup Agent for Microsoft SQL Server is a component of the BrightStor ARCserve Backup system for handling backups of Microsoft SQL server data. Remote exploitation of a buffer overflow in the Backup Agent for Microsoft SQL Server within Computer Associates’ BrightStor ARCserve Backup Agent for SQL allows an attacker to execute arbitrary code with system privileges. When a string with a length over 3,168 bytes is sent to the listening port, 6070 by default, a stack-based buffer overflow occurs. This allows for complete system compromise including the installation or removal of software and access to any file on the system. BrightStor ARCserve Backup Agent for Microsoft SQL Server version 11.0 is affected by this vulnerability, and it is suspected that all versions are vulnerable.

EMC Navisphere Manager Directory traversal vulnerability

EMC Navisphere storage management software is a suite of tools that enables discovery, monitoring, provisioning and reporting on EMC CLARiiON FC4700 storage systems.

Remote exploitation, a directory traversal vulnerability in EMC Navisphere Manager could allow an attacker to retrieve arbitrary files from the system running Navisphere Manager as well as retrieve directory listings.

The vulnerability specifically exists due to a lack of validation of HTTP requests. When successfully exploited, it allows remote attackers to gain access to files on the target system, and in some cases it is possible to retrieve the Clarion Administrator password by viewing log files. Later revisions of Navisphere Management Server that come bundled with the Flare Operating Environment (FOE) already contain this fix, starting with FLARE 14 (rev 02.07) released in June 2004.

Red Hat update for dump

Red Hat has issued an update for dump. This fixes a weakness which can be exploited by malicious, local users to cause a DoS (Denial of Service).

The affected versions include RedHat Enterprise AS 2.1, RedHat Enterprise ES 2.1, RedHat Enterprise WS 2.1 and RedHat Linux Advanced Workstation 2.1 for Itanium. Updated packages are available from the Red Hat network.

For more details visit: www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33239.

 


UNSUBSCRIBE HERE
Untitled Document
© Copyright 2001: Indian Express Newspapers (Mumbai) Limited (Mumbai, India). All rights reserved throughout the world. This entire site is compiled in Mumbai by the Business Publications Division (BPD) of the Indian Express Newspapers (Mumbai) Limited. Site managed by BPD.