DAILY BRIEF Number: DOB02-126 Date: 19 August 2002 http://www.ocipep.gc.ca/DOB/DOB02-126_e.html
NEWS Continued Cable Service Disruption as Labour Dispute Persists As the labor conflict at Vidéotron continues, thousands of its customers in the Quebec City region were left without service when cables were cut on August 16. The company's latest offer was turned down by almost 100 per cent of its striking technicians. (Source: CBC News, 17 August 2002) Click here for the source article Comment: Sabotage of Vidéotron cables has persisted throughout this dispute. (Previously reported in Daily Brief of August 9.) Sabotage of cables has impacted Internet and telephone access, as well as cable television, for tens of thousands of customers in the province of Quebec. City of Ottawa to Take Control of All Emergency Services The City of Ottawa will control its own ambulance dispatch system, according to an announcement made by Mayor Bob Chiarelli. The locally-controlled system will allow the city to have a single dispatch system for police, fire and ambulance services. (Source: CBC News, 16 August 2002) Click here for the source article Comment: The dispatch of ambulances in Ontario is currently administered by the province. There appears to be a consensus that the most efficient dispatch system is one that combines all emergency response services, including police, fire and ambulance. Easy Access to U.S. Government Networks Officials of ForensicTec, a San Diego security firm, have come forward with claims that they easily accessed the U.S. Military Internet Network and were able to view sensitive documents, including correspondence between generals. "We were kind of shocked at the security measures, or lack thereof," commented ForensicTec President Brett O'Keefe. Despite possible repercussions, the company decided to come forward with this information, pointing out that the next person to come across these networks may not opt to do the right thing. The Army's computer defense system recorded the break-in and an Army spokesman stated that "no classified material was believed to have been exposed". (Source: news.com, 16 August 2002) Click here for the source article Comment: US$2 billion of the fiscal 2003 Defense budget will be allocated to increase the protection of U.S. government information systems and related data. Flooding Situation in the Czech Republic Prompts NATO Request for Aid In its August 18 Situation Report, the NATO Euro-Atlantic Disaster Response Coordination Centre (EADRCC) lists outstanding items that are required to help battle the worst flood the Czech Republic has experienced in the last century. Items such as small portable dryers, vaccines against Hepatitis A, insect repellants and a heavy floating crane are listed. A number of NATO countries have responded to the request for assistance. (Source: NATO EADRCC Situation Report # 5, 18 August 2002) Comment: A statement by NATO Secretary General Lord Robertson regarding the assistance effort can be viewed at: http://www.nato.int/docu/pr/2002/p02-099e.html IN BRIEF U.S. to Tighten Foreign Visitor Entry Foreign visitors who enter the U.S. on or after 11 September 2002 will be fingerprinted and photographed, and will be required to answer questions regarding their visit to the U.S. Their fingerprints will then be compared to those of thousands of foreign felons, terrorists and suspected terrorists. The program will initially apply to visitors from countries identified by the U.S. State Department as being a risk to national security, and will eventually be expanded to monitor almost all foreign visitors. (Source: fcw.com, 19 August 2002) Click here for the source article Comment: Canada is not on the U.S. State Department list of countries identified as a threat to U.S. national security. It is not yet clear whether this program will be expanded to include Canadian citizens. CYBER UPDATES See: What's New for the latest Alerts, Advisories and Information Products Threats Symantec reports on Backdoor.Tela, which is a Trojan horse that allows unauthorized access to the infected computer. http://securityresponse.symantec.com/avcenter/venc/data/backdoor.tela.html Symantec reports on Netbus.160.Dropper, which drops components of the W95.Netbus.160.Trojan onto the target system. http://securityresponse.symantec.com/avcenter/venc/data/netbus.160.dropper.html Vulnerabilities Oracle reports on a remotely exploitable format string vulnerability in versions of Oracle8i and 9i that could allow an attacker to gain control over the Listener Control utility. Follow the link for patch information. http://otn.oracle.com/deploy/security/pdf/2002alert40rev1.pdf SecurityFocus reports on locally exploitable vulnerabilities in HP Secure OS for Linux 1.0 PTrace / IOCTL, TLCompAdd and Tcl/Tk. Follow the links for patch information. http://online.securityfocus.com/bid/5466/discussion/ http://online.securityfocus.com/bid/5465/discussion/ http://online.securityfocus.com/advisories/4390 Patches: Mandrake Linux sharutils uudecode utility package update is available (SecurityFocus). http://online.securityfocus.com/advisories/4399 Updated Red Hat Linux krb5 packages fix remote buffer overflow (SecurityFocus). http://online.securityfocus.com/advisories/4400 Cumulative patch for MS SQL Server 7.0 and 2000 is available (Microsoft). http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bull etin/MS02-043.asp Additional vulnerabilities were reported in the following products: Gateway GS-400 Server default administrator password vulnerability (SecurityFocus). http://online.securityfocus.com/bid/5472/discussion/ Leszek Krupinski L-Forum 2.4 .0 script injection and file disclosure vulnerabilities (SecurityFocus). http://online.securityfocus.com/bid/5462/discussion/ http://online.securityfocus.com/bid/5463/discussion/ MyWebServer 1.0.2 HTML injection, buffer overflow and web root disclosure vulnerabilities (SecurityFocus). http://online.securityfocus.com/bid/5470/discussion/ http://online.securityfocus.com/bid/5469/discussion/ http://online.securityfocus.com/bid/5471/discussion/ Mandrake Linux xchat IRC client prior to 1.8.9 arbitrary command execution vulnerability (SecurityFocus). http://online.securityfocus.com/advisories/4398 Mandrake Linux glibc prior to 2.2.5 buffer overflow vulnerability (SecurityFocus). http://online.securityfocus.com/advisories/4393 Tools Fake AP 0.2 generates counterfeit 802.11b beacon frames with random ESSID, BSSID (MAC), and channel assignments. http://www.blackalchemy.to/Projects/fakeap/fake-ap.html CONTACT US For additions to, or removals from the distribution list for this product, or to report a change in contact information, please send to: Email: [EMAIL PROTECTED] For urgent matters or to report any incidents, please contact OCIPEP’s Emergency Operations Centre at: Phone: (613) 991-7000 Fax: (613) 996-0995 Secure Fax: (613) 991-7094 Email: [EMAIL PROTECTED] For general information, please contact OCIPEP’s Communications Division at: Phone: (613) 991-7035 or 1-800-830-3118 Fax: (613) 998-9589 Email: [EMAIL PROTECTED] Web Site: www.ocipep-bpiepc.gc.ca Disclaimer The information in the OCIPEP Daily Brief has been drawn from a variety of external sources. Although OCIPEP makes reasonable efforts to ensure the accuracy, currency and reliability of the content, OCIPEP does not offer any guarantee in that regard. The links provided are solely for the convenience of OCIPEP Daily Brief users. OCIPEP is not responsible for the information found through these links. IWS INFOCON Mailing List @ IWS - The Information Warfare Site http://www.iwar.org.uk