OCIPEP DAILY BRIEF Number: DOB02-078 Date: 10 June 2002 NEWS
OCIPEP Issues Report - Research Information OCIPEP has posted a report entitled "Towards a National Mitigation Policy - An Investigation of Efforts to Create Safer Communities: Experiences in Canada and the United States." The full report can be found at: http://www.ocipep-bpiepc.gc.ca/research/scie_tech/Newton_2000-D016_e.html Ottawa Company Could Be Terrorist Target An Ottawa firm that supplies radioisotopes for medical treatment and diagnosis could be a target for terrorists looking for nuclear material, according to an article in the Ottawa Citizen. MDS Nordion keeps a two-year supply, or 45.2 kilograms, of highly enriched uranium at its March Road location, while it waits for nuclear reactors to go into service at Atomic Energy of Canada Limited's (AECL) Chalk River laboratories. The company plans to import another 22 kilograms of the same material from the U.S. this year, with an option to take in another 22.6 kilograms next year. If commercial operation of the primary Maple 1 reactor in Chalk River is delayed further, Nordion and AECL will be stockpiling over 90 kilograms of highly enriched uranium, almost enough to make four nuclear bombs. Alan Kuperman, a senior policy analyst with the Nuclear Control Institute in Washington, stresses that the presence of the nuclear material makes the company a "very logical target" for terrorist groups. Nordion officials downplayed the threat, stressing that specific security requirements are followed, and both the Canadian Nuclear Safety Commission and the U.S. Nuclear Regulatory Commission recently agreed that Nordion was operating within government regulations. (Source: The Ottawa Citizen, 9 June 2002) http://www.canada.com/ottawa/ottawacitizen/story.asp?id={A1968730-7CC3-45D0- AB09-B20B1F1752F8} Some U.S. Activists to Be Refused Entry to Canada The Calgary Herald has learned that border security will be stepped up at the Alberta-U.S. border prior to the G8 Summit, in order to keep activists and anarchists out of Canada. Activists arriving at crossings with "tools of civil disobedience," such as gas masks, pepper spray and Molotov cocktails, will not be allowed to come in to Canada, according to G8 security official. However, activists deemed not to be a threat to the Summit will be allowed entry. (Source: The Calgary Herald, 9 June 2002) http://www.canada.com/calgary/calgaryherald/story.asp?id={9769BEC9-1549-4FD8 -A89D-C9196F195CDE} IN BRIEF U.S. DOT Issues Advisory An advisory issued by the U.S. Department of Transportation last week warned that fuel trucks and petroleum transfer facilities could be targeted by terrorist organizations. The warning was issued after two incidents involving fuel-carrying trucks in Israel. In one case, the truck was successfully hijacked, and in the other, an explosive device was planted on a diesel tanker during its normal route. (Source: truckline.com, 28 May 2002) http://www.truckline.com/insideata/atap/052802_alert.html Comment: OCIPEP has not received any information regarding similar threats in Canada. U.S. Coast Guard Issues Advisory The U.S. Coast Guard and FBI issued a warning on the weekend regarding a terrorist threat from scuba divers and swimmers against ferry boats and cruise ships. The warning did not change the threat level of the Homeland Security Advisory System, according to a Coast Guard official in Washington. (Source: CNN.com, 9 June 2002) http://www.cnn.com/2002/US/06/09/coastguard.terror/index.html Comment: OCIPEP has not received any information regarding similar threats in Canada. G8 No-Fly Zone Includes Hang-gliders, Balloons Hang-gliders and hot air balloons will be forbidden to enter the no-fly zone over Kananaskis during the June 26-27 G8 Summit. While he understands the need to enforce restrictions, a hang-gliding centre operator near Cochrane does not think hang-gliding and para-gliding pose a threat to the Summit, and will apply for compensation to cover any losses to his business. (Source: CBC News, 9 June 2002) http://calgary.cbc.ca/template/servlet/View?filename=hg_07062002 CYBER UPDATES See: What's New for the latest Alerts, Advisories and Information Products Threats Symantec reports on W32.HLLW.Nople, which is a network-aware worm that copies itself to all remote computers as the file C:\Winnt\Noplease_flash_movie.exe and has the message "Es hora de formatear tu disco". http://securityresponse.symantec.com/avcenter/venc/data/w32.hllw.nople.html Trend Micro reports on WPRO_SPENTY.A, which is a destructive Lotus Word Pro Macro file infector that infects files as they are opened or created. http://www.antivirus.com/vinfo/virusencyclo/default5.asp?VName=WPRO_SPENTY.A Trend Micro reports on HTML_HAIYASP.A, which is a web-based backdoor malware that is targeted at web servers. It compromises network security and may be used to delete files and folders from infected systems. http://www.antivirus.com/vinfo/virusencyclo/default5.asp?VName=HTML_HAIYASP. A Vulnerabilities SecurityFocus reports on a cross-site scripting vulnerability in XMB Forum 1.6 Magic Lantern that could allow a remote attacker to steal cookie-based authentication credentials from legitimate users of a host running XMB Forum. No known patch is available at this time. http://online.securityfocus.com/bid/4944/discussion/ SecurityFocus reports on multiple denial-of-service vulnerabilities in Cisco IOS. No known patch is available at this time. http://online.securityfocus.com/bid/4949/discussion/ http://online.securityfocus.com/bid/4947/discussion/ http://online.securityfocus.com/bid/4948/discussion/ SecurityFocus reports on a vulnerability in the Telindus 1100 series routers, which may leak sensitive information. View the "Solution" tab for workaround information. http://online.securityfocus.com/bid/4946/discussion/ SecurityFocus reports on a vulnerability in the NetScreen event log HTML page that fails to filter HTML tags from the authentication fields of the web user interface. As a result, the log files will appear as though they have been deleted. No known patch is available at this time. http://online.securityfocus.com/bid/4945/discussion/ SecurityFocus provides a report on vulnerabilities in Trustix Secure Linux FreeBSD- bzip2 in which files may be overwritten without warning, read by a local attacker regardless of their intended permissions, or they may end up with incorrect permissions, allowing a local attacker to view their contents. http://online.securityfocus.com/advisories/4190 SecurityFocus provides a report on a vulnerability in "MediaMail" and "MediaMail Pro" mail applications. Follow the link for a solution. http://online.securityfocus.com/advisories/4191 SecurityFocus provides a report on a race condition vulnerability in some utilities in the Trustix Secure Linux GNU fileutils package that could cause root to delete the entire file system. Follow the link for a solution. http://online.securityfocus.com/advisories/4193 SecurityFocus provides a report on a buffer overflow vulnerability in the Trustix Secure Linux uw-imap package that could allow a remote attacker to run code on the server with the uid/gid of the e-mail owner. Follow the link for a solution. http://online.securityfocus.com/advisories/4194 SecurityFocus provides a report on a vulnerability in Trustix Secure Linux winbind and the storing of the *.tdb files. Follow the link for a solution. http://online.securityfocus.com/advisories/4195 Tools There are no updates to report at this time. CONTACT US For additions to, or removals from the distribution list for this product, or to report a change in contact information, please send to: Email: [EMAIL PROTECTED] For urgent matters or to report any incidents, please contact OCIPEP’s Emergency Operations Centre at: Phone: (613) 991-7000 Fax: (613) 996-0995 Secure Fax: (613) 991-7094 Email: [EMAIL PROTECTED] For general information, please contact OCIPEP’s Communications Division at: Phone: (613) 991-7035 or 1-800-830-3118 Fax: (613) 998-9589 Email: [EMAIL PROTECTED] Web Site: www.ocipep-bpiepc.gc.ca Disclaimer The information in the OCIPEP Daily Brief has been drawn from a variety of external sources. Although OCIPEP makes reasonable efforts to ensure the accuracy, currency and reliability of the content, OCIPEP does not offer any guarantee in that regard. The links provided are solely for the convenience of OCIPEP Daily Brief users. OCIPEP is not responsible for the information found through these links. IWS INFOCON Mailing List @ IWS - The Information Warfare Site http://www.iwar.org.uk