DAILY BRIEF Number: DOB02-088 Date: 24 June 2002 http://www.ocipep.gc.ca/DOB/DOB02-088_e.html
NEWS Kananaskis, Calgary Ready for G8 Summit Motorists driving through Kananaskis Country this week will only be allowed to do so in police-escorted convoys and only if they have a reason to be there, according to RCMP Corporal Jamie Johnston. Travel restrictions in the area will remain in effect until Friday morning. In Calgary, Premier Ralph Klein said he was confident that all security measures were in place and that Calgary was ready for the G8 Summit. Meanwhile, protesters are planning a march for June 26 with the goal of blocking off all traffic in Calgary's downtown core. Rene Biberstine, a protest organizer, is encouraging businesses to close and workers to stay home for the day. A "family friendly" march was held on June 23 in Calgary by about 2,000 people as part of the "G6B" (Group of Six Billion). (Source: CBC News, 22-23 June 2002) Click here for the source article - 1 Click here for the source article - 2 Click here for the source article - 3 Click here for the source article - 4 IN BRIEF New Terrorist Attacks on U.S. Planned: Al-Qaeda Spokesperson The al-Qaeda terrorist network is planning new attacks against the U.S. within the next few months, according to a person claiming to be a spokesperson for the group. In an address on the al-Jazeera television network, the spokesperson said Osama bin Laden was alive and would soon appear on television. The address was believed to have been recorded recently. (Source: CBC News, 23 June 2002) Click here for the source article Cargo Container Inspection to Improve The U.S. government must start checking high-risk cargo containers before they leave a foreign port, according to Customs Deputy Commissioner Douglas Browning. New technology will allow customs inspectors to ensure that containers have not been tampered with between departure and arrival points. By January 2003, all inspectors will be using a pocket-size device that can detect radiation. (Source: fcw.com, 24 June 2002) Click here for the source article Manitoba Flood Update Levels on the Roseau River in southeastern Manitoba were still rising on Saturday and there were concerns over possible flooding in the town of Vita, according to local media. A boil-water advisory was still in effect in the region, and people were warned to stay off water in flood areas because of strong currents and turbulence. (Source: The Winnipeg Sun, 24 June 2002) Click here for the source article Search for Al-Qaeda Web Site U.S. law enforcement officials were searching for an Arabic web site that appeared to send messages to al-Qaeda followers, including possible information on future terrorist attacks, according to U.S. media reports. The "alneda.com" web site, which emerged earlier this month on web servers in Malaysia and Texas, contained audio and video clips of Osama bin Laden. (Source: Modbee.com, 23 June 2002) Click here for the source article CYBER UPDATES See: What's New for the latest Alerts, Advisories and Information Products Threats Symantec reports on W32.HLLW.Kazmor, which is a worm with Trojan horse capabilities that disguises itself as popular movie, game, or software files. It propagates via a local network and KaZaA file-sharing networks by tricking users into downloading and opening it. http://securityresponse.symantec.com/avcenter/venc/data/w32.hllw.kazmor.html Trend Micro reports on WORM_FRETHEM.G, which is a non-destructive, memory-resident variant of WORM_FRETHEM.A that propagates via e-mail. http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_FRETHEM.G Trend Micro reports on W97M_AYAM.A, which is a nondestructive macro virus that propagates via e-mail with the subject line "Hi man, it's %user name%" and the attachment "Maya.doc". http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=W97M_AYAM.A Vulnerabilities CERT/CC reports on a vulnerability in the Linksys EtherFast Router. It enables remote management, even if the feature is disabled, and it could result in unauthorized access, unauthorized monitoring, information leakage, denial-of-service and permanent disability of affected devices. http://www.kb.cert.org/vuls/id/267883 SecurityFocus reports on a mail-merge vulnerability in MS Word. View the "Solution" tab for patch information. http://online.securityfocus.com/bid/5066/discussion/ SecurityFocus reports on vulnerabilities in MS Excel that could allow a remote attacker to automatically execute arbitrary macro code contained in a newly opened workbook. View the "Solution" tab for patch information. http://online.securityfocus.com/bid/5064/discussion/ http://online.securityfocus.com/bid/5063/discussion/ SecurityFocus reports on a buffer overflow vulnerability in MS SQL Server that could allow a remote attacker to execute attacker-supplied instructions with the privileges of the SQL Server process. Other products that rely on Jet Engine may also be affected by this vulnerability. View the "Solution" tab for upgrade information. http://online.securityfocus.com/bid/5057/discussion/ SecurityFocus reports on vulnerabilities in Basilix webmail. The first vulnerability could allow a local attacker to view files attached to outgoing mail messages by webmail users. A second vulnerability could allow a remote attacker to send sensitive information to arbitrary users. A third issue could result in the remote disclosure of sensitive information contained in the database, or the ability to modify data. The last issue involves a script injection vulnerability. View the "Solution" tab for workaround information. http://online.securityfocus.com/bid/5065/discussion/ http://online.securityfocus.com/bid/5062/discussion/ http://online.securityfocus.com/bid/5061/discussion/ http://online.securityfocus.com/bid/5060/discussion/ SecurityFocus reports on a remote denial-of-service vulnerability in IRSSI. No known patch is available at this time. http://online.securityfocus.com/bid/5055/discussion/ SecurityFocus reports on a vulnerability in Apache Tomcat for Windows that could allow a remote attacker to make requests. This could result in the disclosure of the absolute path to the server's web root. View the "Solution" tab for upgrade information. http://online.securityfocus.com/bid/5054/discussion/ SecurityFocus reports on a memory corruption vulnerability in Konqueror version 2.2.2 and Opera version 6.0.1 for Linux. No known patch is available at this time. http://online.securityfocus.com/bid/5059/discussion/ SecurityFocus provides a report on a vulnerability in the /usr/etc/xfsmd daemon that could lead to a remote root exploit. Follow the link for details. http://online.securityfocus.com/advisories/4221 SecurityFocus provides a report on a format string vulnerability in dhcpd dynamic DNS that could allow a remote attacker to get root access to the host. Follow the link for details. http://online.securityfocus.com/advisories/4222 SecuriTeam reports on a cross-site scripting vulnerability in Audiogalaxy that could allow a remote attacker to cause users to view 3rd-party malicious JavaScript or HTML code as legitimate Audiogalaxy content. http://www.securiteam.com/securitynews/5DP0N0A7FI.html Tools Snort IDScenter 109beta2 is a GUI for Snort IDS on Windows platforms. http://www.eclipse.fr.fm/snort.htm Bruteforce Exploit Detector 0.3 is a perl script that remotely detects unknown buffer overflow vulnerabilities in FTP, SMTP, and POP daemons. http://www.kryptocrew.de/snakebyte/bed.html CONTACT US For additions to, or removals from the distribution list for this product, or to report a change in contact information, please send to: Email: [EMAIL PROTECTED] For urgent matters or to report any incidents, please contact OCIPEP’s Emergency Operations Centre at: Phone: (613) 991-7000 Fax: (613) 996-0995 Secure Fax: (613) 991-7094 Email: [EMAIL PROTECTED] For general information, please contact OCIPEP’s Communications Division at: Phone: (613) 991-7035 or 1-800-830-3118 Fax: (613) 998-9589 Email: [EMAIL PROTECTED] Web Site: www.ocipep-bpiepc.gc.ca Disclaimer The information in the OCIPEP Daily Brief has been drawn from a variety of external sources. Although OCIPEP makes reasonable efforts to ensure the accuracy, currency and reliability of the content, OCIPEP does not offer any guarantee in that regard. The links provided are solely for the convenience of OCIPEP Daily Brief users. OCIPEP is not responsible for the information found through these links. IWS INFOCON Mailing List @ IWS - The Information Warfare Site http://www.iwar.org.uk
