OCIPEP DAILY BRIEF Number: DOB02-148 Date: 19 September 2002

http://www.ocipep.gc.ca/DOB/DOB02-148_e.html

NEWS

U.S. National Strategy to Secure Cyberspace - Links Update
Details of the draft strategy were first reported yesterday in DOB02-146. The
OCIPEP Information Note regarding the draft strategy can be viewed at:
http://www.ocipep.gc.ca/emergencies/info_notes/IN02_006_e.html
The draft National Strategy to Secure Cyberspace can be viewed at:
http://www.whitehouse.gov/pcipb/cyberstrategy-draft.pdf


IN BRIEF

Prime Minister assures that Kyoto will not be lethal for economy
While speaking at a Liberal fundraiser in Calgary, the Prime Minister came to
the defence of the Kyoto protocol yesterday evening, making assurances that it
would not cause any catastrophes in the job market and investment sectors as
voiced by several provincial government leaders, particularly Alberta. With the
support of Canadian business leaders and oil companies, the Alberta government
began a $1.5-million anti-Kyoto public relations campaign yesterday. (Source:
thestar.com, 19 September 2002)
Click here for the source article

Halifax plans to clean up harbour
Halifax Regional Council will raise $210 million of the $315 million required to
fund the Halifax Harbour Solutions Project. This project aims to construct three
sewage treatment plants to process raw sewage before it is dumped in the
harbour. The Nova Scotia government has pledged to contribute $30 million to the
project and it is hoped that the remainder of the funds will be provided by the
federal government. (Source: THE GLOBE AND MAIL, 18 September 2002)
Click here for the source article


Comment: The clean-up of the heavily polluted Halifax Harbour has been a
difficult issue for the Nova Scotia provincial government for the past 20 years.
The dumping of untreated sanitary and storm wastewater into the harbour has
caused numerous problems, including widespread bacterial contamination and the
prohibition of shellfish harvesting in the harbour. The web page for the Halifax
Harbour Solutions Project can be viewed at:
http://www.region.halifax.ns.ca/harboursol/project_summary.html

Winnipeg sewage dumping to be investigated
This week's accidental dumping of raw sewage in Manitoba's Red River will be
investigated by federal fisheries officials to determine if charges will be laid
under the federal Fisheries Act. The act prohibits the dumping of harmful
material into a body of water which contains fish. The investigation will focus
on whether negligence was a factor in this incident. (Source: CBC Manitoba, 18
September 2002)
Click here for the source article


Comment: Details of this incident were first reported yesterday in DOB02-147 .
Winnipeg residents have been advised to continue using their water and sewer
services as usual.

Internet cable: Growing popularity in the U.S.
According to an U.S. research company, cable modems remain the primary means
used by North Americans for connecting to the Internet. The study revealed that
58 percent of high-speed Internet users in the U.S. were accessing the web via
cable compared to one third of consumers using digital subscriber lines (DSL) .
The research company noted that in Canada, there are more DSL users in central
and eastern Canada compared to more cable users in western Canada. (Source: THE
GLOBE AND MAIL, 18 September, 2002)
Click here for the source article


CYBER UPDATES
See: What's New for the latest Alerts, Advisories and Information Products

Threats

McAfee Security reports on BackDoor-AKR, which is a Trojan horse that copies
itself to Windows system directory as internat.dic and Windows directory as
notepad.jmp. It opens TCP port 3721 to allow a remote attacker to connect to the
infected system and perform various tasks.
http://vil.nai.com/vil/content/v_99695.htm


McAfee Security reports on Jekord, which is a Trojan horse written in Borland
Delphi that reads through the victim's browser history files and cookie data. It
may attempt to mail information to its creator.
http://vil.nai.com/vil/content/v_99701.htm


Trend Micro reports on VBS_INA.A, which is a VBScript malware that uses Outlook
e-mail to propagate copies of the batch file malware, BAT_INA.A. It arrives with
the subject line "hehe, isn't that fascinating..." and the attachment
"BAT.INA.BAT".
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=VBS_INA.A

Vulnerabilities

SecurityFocus reports on a remotely exploitable denial-of-service vulnerability
in MS Windows XP Professional and .NET Standard Server Beta 3. View the
"Solution" tab for workaround information.
http://online.securityfocus.com/bid/5713/discussion/


SecurityFocus reports on a remotely exploitable keystroke injection
vulnerability in MS Windows RDP that could allow an attacker to inject
maliciously crafted packets into a session. View the "Solution" tab for
workaround information.
http://online.securityfocus.com/bid/5712/discussion/


SecurityFocus reports on a locally exploitable session hijacking vulnerability
in MS Netmeeting 3.0.1 4.4.3385 that could allow an attacker to gain the
privileges of the locally logged on user. No known patch is available at this
time.
http://online.securityfocus.com/bid/5715/discussion/


SecurityFocus reports on a remotely exploitable packet information leakage
vulnerability in MS Windows Encrypted RDP that could allow an attacker to deduce
certain things about the nature of the traffic. No known patch is available at
this time.
http://online.securityfocus.com/bid/5711/discussion/


SecuriTeam reports on a remotely exploitable IP Spoofing vulnerability in Sygate
Personal Firewall 5.0. Follow the link for workaround information.
http://www.securiteam.com/windowsntfocus/5WP0I2A8AI.html


Patches:


New packages are now available for Debian PHP. (SecurityFocus)
http://online.securityfocus.com/advisories/4486


Additional vulnerabilities were reported in the following products:


Opera Web Browser 6.0.1 linux denial-of-service vulnerability. (SecurityFocus)
http://online.securityfocus.com/bid/5717/discussion/


PlanetDNS PlanetWeb 1.14 buffer overflow vulnerability. (SecurityFocus)
http://online.securityfocus.com/bid/5710/discussion/


NetBSD setlocale (multiple versions) buffer overflow vulnerability.
(SecurityFocus)
http://online.securityfocus.com/advisories/4481


NetBSD mbone tools and pppd buffer overflow vulnerability. (SecurityFocus)
http://online.securityfocus.com/advisories/4483


NetBSD NFS server code denial-of-service vulnerability. (SecurityFocus)
http://online.securityfocus.com/advisories/4482


NetBSD kfd daemon vulnerabilities. (SecurityFocus)
http://online.securityfocus.com/advisories/4484


OpenSSH 3.4p1 password disclosure vulnerability. (SecuriTeam)
http://www.securiteam.com/unixfocus/5VP0H2A8AK.html


Entrust GetAccess arbitrary file disclosure vulnerability. (CERT/CC)
http://www.kb.cert.org/vuls/id/243243

Tools

IRCCrypt 1.3 beta is a local IRC Proxy-style utility that provides
application-layer encryption for public channels. (ISSO)
http://readyresponse.dynu.com/isso/projects/irccrypt/


CONTACT US

For additions to, or removals from the distribution list for this product, or to
report a change in contact information, please send to:
Email: [EMAIL PROTECTED]

For urgent matters or to report any incidents, please contact OCIPEPís Emergency
Operations Centre at:

Phone: (613) 991-7000
Fax: (613) 996-0995
Secure Fax: (613) 991-7094
Email: [EMAIL PROTECTED]

For general information, please contact OCIPEPís Communications Division at:

Phone: (613) 991-7035 or 1-800-830-3118
Fax: (613) 998-9589
Email: [EMAIL PROTECTED]
Web Site: www.ocipep-bpiepc.gc.ca

Disclaimer
The information in the OCIPEP Daily Brief has been drawn from a variety of
external sources. Although OCIPEP makes reasonable efforts to ensure the
accuracy, currency and reliability of the content, OCIPEP does not offer any
guarantee in that regard. The links provided are solely for the convenience of
OCIPEP Daily Brief users. OCIPEP is not responsible for the information found
through these links.







IWS INFOCON Mailing List
@ IWS - The Information Warfare Site
http://www.iwar.org.uk


Reply via email to