DAILY BRIEF Number: DOB02-158 Date: 03 October 2002


Kyoto and Beyond
A report prepared for The David Suzuki Foundation and the Canadian
Climate Action Network (CANet) entitled "Kyoto and Beyond: The Low
Emission Path to Innovation and Efficiency" proposes several measures
that are key to meeting Kyoto requirements. These include energy
conservation; efficiency improvements; decreasing electric heat usage;
industrial cogeneration; increased usage of wind and other renewable
sources; and, in the long term, increased imports of hydroelectricity.
The report can be viewed in PDF format at the following address:

Comment: There has been considerable media attention lately to the issue
of alternate means of power production. The Conservation Council of New
Brunswick (CCNB) and CANet stated Wednesday that rebuilding nuclear
power plants and using them as an alternative to carbon
dioxide-producing fossil fuels wouldn't necessarily assist Canada in
reaching Kyoto Protocol targets. A spokesperson from the CCNB contends
that the province's nuclear power generating station at Point Lepreau
has outlived its usefulness and that funding the extension of its
lifespan will only serve to delay the development of alternative methods
of energy production. As reported in the OCIPEP Daily Brief DOB02-152,
released 25 September 2002, New Brunswick Power is looking to make
substantial renovations to keep the Point Lepreau nuclear generating
station operational past its planned closing date in 2006. 

Hurricane Lili halts U.S. gulf refinery production
Hurricane Lili is affecting the U.S. oil production industry as
refineries in Port Arthur, Texas, and Louisiana, including the Louisiana
Offshore Oil Port (the largest oil port in the U.S.), are shutting down
because of the storm. Such closures are depleting the market of more
than 500,000 barrels of oil per day. (Source: Forbes.com, 02 October
Click here for the source article

Comment: Hurricane Lili has been downgraded to a category 2 hurricane. A
projected track of the hurricane shows that Lili will be situated south
of the Ontario/Great Lakes area by October 5. The projected track can be
viewed on the Environment Canada's web site at:

EPA releases Homeland Security Strategy
On October 2, the U.S. Environmental Protection Agency (EPA) released
its Strategic Plan for Homeland Security, which is intended to support
the U.S. President's National Strategy for Homeland Security and the
efforts undertaken by the new Department of Homeland Security. The plan
divides the EPA's homeland security responsibilities into four areas:
critical infrastructure protection; preparedness, response, and
recovery; communication and information; and, protection of EPA
personnel and infrastructure. For each mission area, goals, tactics, and
results are outlined. The EPA's homeland security responsibilities
include protection of water infrastructure; cleanup following biological
or chemical attacks; "reducing the vulnerability of the chemical
industry and hazardous materials sector of the nation's critical
infrastructure"; and, involvement in response to and recovery from
radiological attacks. (Source: www.epa.gov, October 2, 2002)
Click here for the source article

Comment: The EPA noted in the plan that although it had lead agency
status in several homeland security areas, that status was subject to
change along with its Homeland Security Strategy, as the Department of
Homeland Security may absorb some of those responsibilities as it
develops. The EPA has bolstered its response, preparedness and recovery
capabilities since 11 September 2001 by providing training and better
equipping response teams, issuing water system security grants and
announcing plans for a center to coordinate research in areas such as
building decontamination, rapid risk assessment and drinking water
protection. For the full text of the EPA's Strategic Plan for Homeland
Security, please go to:



Ontario hydro dam alert system will be improved
The Ontario Energy Minister stated yesterday that the government has
ordered modifications to their computerized warning system at the
province's hydroelectric dams following a tragic accident near Calabogie
that caused the death of a mother and son in June 2002. 

Comment: The Members' Statements regarding hydro dam safety can be
viewed at: http://hansardindex.ontla.on.ca/hansardeissue/37-3/l035a.htm.

Bruce power tables environmental impact study for restart of two nuclear
The Canadian Nuclear Safety Commission (CNSC) has released an
Environmental Assessment (EA) Study Report for public comment. The study
was prepared by Bruce Power for the proposed restart of Bruce units 3
and 4 at the Bruce A Nuclear Generating Station. The release of the
study follows the request filed by Bruce Power to restart the two
nuclear reactors in the fall of 2001 and the issuing of the
environmental assessment guidelines by the CNSC in April 2002. (Source:
Canadian Nuclear Association Newsletter, 2 October 2002-at the time of
the Daily Brief release, the Newsletter was not yet available online;
however, to view the CNA Newsletters web page, please go to: CNA -

Comment: To view the Bruce Power EA Study Report, please go to:

Firms respond to White House cybersecurity call 
Five security firms, including Foundstone, TippingPoint, Internet
Security Systems Inc. and Qualys Inc., are expected to introduce product
upgrades that address the vulnerabilities highlighted by the
GSA/NIPC/SANS report, which was released 2 October 2002. In the past,
one of the main cyber security problems was that vendors were unable to
agree on what the main security flaws were. (Source: www.csoonline.com)
Click here for the source article

Comment: As reported in the OCIPEP Daily Brief DOB02-157, released 2
October 2002, OCIPEP has produced an Information Note, IN02-007,
regarding the Top 20 Internet security vulnerabilities.

See: What's New for the latest Alerts, Advisories and Information

There are no new updates to report at this time. 


SecurityFocus reports on a locally exploitable vulnerability in HP
OpenVMS Potential POP server (multiple versions) that could allow a
local authorized non-privileged attacker to gain unauthorized privileges
or access to privileged files. Follow the link for more information.

SecuriTeam reports on flood ACK packets causing the IBM Secureway
Firewall 4.2.x on aix to hang. Follow the link for more information.

Additional vulnerabilities were reported in the following products:

Trolltech Qt Assistant 1.0 unauthorized access vulnerability.

WN Server (multiple versions) buffer overflow vulnerability.

Monkey (multiple versions) HTTP Server multiple cross-site scripting
vulnerabilities. (SecurityFocus)

Sun ONE Starter Kit 2.0 / ASTAware SearchDisc 3.1 Search Engine
directory traversal vulnerability. (SecurityFocus)

Eric S. Raymond Fetchmail (multiple versions) Multidrop Mode heap
overflow, denial-of-service and buffer overflow vulnerabilities.

BearShare 4.0.5 directory traversal vulnerability resurfaces.

Sendmail 8.12.6 and 8.11.6-15 smrsh bypass vulnerabilities. (SecuriTeam)

Allot's NetEnforcer privilege elevation vulnerability. (Security

CGI-Telnet Perl Script 1.1 for Web Servers password file disclosure
vulnerability. (Security Tracker)

There are no new updates to report at this time. 



For additions to, or removals from the distribution list for this
product, or to report a change in contact information, please send to:

For urgent matters or to report any incidents, please contact OCIPEP's
Emergency Operations Centre at:

Phone: (613) 991-7000
Fax: (613) 996-0995
Secure Fax: (613) 991-7094

For general information, please contact OCIPEP's Communications Division

Phone: (613) 991-7035 or 1-800-830-3118
Fax: (613) 998-9589
Web Site: www.ocipep-bpiepc.gc.ca

The information in the OCIPEP Daily Brief has been drawn from a variety
of external sources. Although OCIPEP makes reasonable efforts to ensure
the accuracy, currency and reliability of the content, OCIPEP does not
offer any guarantee in that regard. The links provided are solely for
the convenience of OCIPEP Daily Brief users. OCIPEP is not responsible
for the information found through these links. 

IWS INFOCON Mailing List
@ IWS - The Information Warfare Site

Reply via email to