DAILY BRIEF Number: DOB02-165 Date: 15 October 2002



Cleanup continues after ships collide

A collision between two cargo ships near Montreal prompted an overnight
shutdown of the St. Lawrence Seaway. A Canadian bulk carrier vessel
collided with a Dutch-registered heavy lift cargo ship just east of the
Mercier Bridge in Montreal. Emergency work crews have removed about 100
litres of oil that spilled from one of the ships. Although both ships
experienced extensive damage, no serious injuries were reported. The
Seaway was reopened early Sunday morning. (Source: montreal.cbc.ca, 13
October 2002)
Click here for the source article

Comment: Verifications made with the Canadian Coast Guard (CCG) on
October 14 revealed that the Dutch ship remained tied down in the port
of Montreal for inspection. The Canadian vessel was allowed to leave
Montreal. According to a CCG official, verification of the environment
showed no signs of pollutants in the river or on the banks.

Train derailment in New Brunswick: Sulfuric acid leak
A train derailment that occurred last Friday morning, 30 kilometres
southwest of Bathurst, resulted in the shutdown of the VIA Rail train
corridor, Bathurst-Moncton. The derailment involved 21 freight cars of
the N.B. East Coast Railway, some of which contained sulfuric acid and
sodium chloride. Although some of the product leaked, there was no
immediate danger to populated areas or the environment. It was
anticipated that repairs would be completed by Monday or Tuesday.
(Source www.canoe.ca, 13 October 2002)
Click here for the source article


Bali explosions kill tourists: Link to terrorism
Indonesian Defence Minister Matori Abdul Djalil has stated that the
explosions that claimed the lives of more than 180 people last Saturday
is linked to al-Qaeda. Three Canadian citizens were injured and one is
presumed dead. The Department of Foreign Affairs has issued an advisory,
urging people to avoid vacationing in Indonesia until further notice.
(Source: cbc.ca, 15 October 2002)
Click here for the source article

Comment: There are media reports that a statement reputed to be issued
by Osama bin Laden himself yesterday praises this most recent terrorist
attack, as well as the recent activities in Yemen and Kuwait, and warns
of more to come.

To access the DFAIT travel advisory for Indonesia go to:

West Nile virus - Update
Health officials in Brockville, Ontario, suspect that a local woman, who
has recently taken ill, may have been infected with the West Nile virus.
If the analysis is positive, the woman will be the first confirmed case
of the West Nile virus in the area. 
(Source: cbc.ca, 11 October 2002)
Click here for the source article

U.S. exercise tests government's response to terrorist threats
A two-day exercise involving high-level government officials will be
held at Andrews Air Force Base, beginning October 17. The exercise will
test the U.S. government's response efforts, should they be faced with
several credible terrorist threats targeting American energy facilities.
(Source: wired.com, 14 October 2002)
Click here for the source article

Segments of U.S. private sector urged to increase role in security
The Council on Competitiveness, a Washington, D.C. think tank, gained
the endorsement of several prominent U.S. CEOs (including those from
Merck, AT&T and Cisco, as well as public sector leaders and academics)
for a "call to action" regarding security for the U.S. private sector.
The document proposes that improvements in security necessary to address
vulnerability gaps in privately-controlled critical infrastructures can
simultaneously improve productivity. (Source: compete.org, 11 October
Click here for the source article

See: What's New for the latest Alerts, Advisories and Information

There are no updates to report at this time.


SecurityFocus reports on a locally exploitable privilege escalation
vulnerability in MS Windows 2000 NetDDE. No known patch is available at
this time.

SecurityFocus reports on a remotely exploitable cross-site scripting
vulnerability in MS Content Management Server 2001. No known patch is
available at this time.

SecurityFocus reports on a remotely exploitable denial-of-service
vulnerability in IBM AIX 4.3.3 and 5.1. View the "Solution" tab for
workaround information.

Additional vulnerabilities were reported in the following products:

SurfControl SuperScout e-mail filter vulnerabilities. (SecurityFocus)

Authoria HR Suite AthCGI.EXE cross-site scripting vulnerability.

VBZoom arbitrary file upload vulnerability. (SecurityFocus)

PHPBB2 Avatar 2.0.0-2.0.3 information disclosure vulnerability.

NETGEAR's FVS318 Firewall/VPN/Router plain text DDNS's username and
password storage vulnerability. (SecuriTeam)

NETGEAR FM114P TCP flood and authentication cracking vulnerability.

TSAC Web package/IIS 5.1 connect.asp cross-site scripting vulnerability.


IPTables log analyzer 0.3 displays Linux 2.4 iptables logs (rejected,
accepted, masqueraded packets...) in a HTML page. (GeGe)



To add or remove a name from the distribution list, or to modify
existing contact information, e-mail: [EMAIL PROTECTED]

For urgent matters or to report any incidents, please contact OCIPEP's
Emergency Operations Centre at:

Phone: (613) 991-7000
Fax: (613) 996-0995
Secure Fax: (613) 991-7094

For general information, please contact OCIPEP's Communications Division

Phone: (613) 944-4875 or 1-800-830-3118
Fax: (613) 998-9589
Web Site: www.ocipep-bpiepc.gc.ca

The information in the OCIPEP Daily Brief has been drawn from a variety
of external sources. Although OCIPEP makes reasonable efforts to ensure
the accuracy, currency and reliability of the content, OCIPEP does not
offer any guarantee in that regard. The links provided are solely for
the convenience of OCIPEP Daily Brief users. OCIPEP is not responsible
for the information found through these links. 

IWS INFOCON Mailing List
@ IWS - The Information Warfare Site

Reply via email to