OCIPEP DAILY BRIEF Number: DOB02-166 Date: 16 October 2002



State of the Lakes Ecosystem Conference (SOLEC) to begin today
Canadian and American experts are meeting at SOLEC this week to talk
about the environmental health of the Great Lakes. The conferences are
hosted by the U. S. Environmental Protection Agency and Environment
Canada on behalf of the two Countries every two years in response to the
binational Great Lakes Water Quality Agreement. At SOLEC 2002, a report
will be tabled that presents information on over half of the key
environmental indicators identified since the conference series began
eight year ago. Identification of additional work on other indicators
will also be part of the discussions. It is hoped that within the next
ten years, the two nations can agree upon all the significant
environmental indicators and examine and assess the data they reveal.
(Source: Environment Canada)
Click here for the source article

OCIPEP Comment: The two nations have made the health of the Great Lakes
one of their prime, joint concerns. As reported in OCIPEP Daily Brief
DOB02-031 release 3 April 2002, the U.S. Environmental Protection Agency
produced a Strategic Plan for the Great Lakes Ecosystems to address the
long-term sustainability of the Great Lakes system. Canada has a similar
plan in place, which is coordinated by the Great Lakes Sustainability
Fund (GLSF). The International Joint Commission (IJC), a body jointly
represented by Canadian and American senior officials with a mandate to
"help prevent and resolve disputes relating to the use and quality of
boundary waters and to advise Canada and the United States on related
questions,, recently released its Eleventh Biennial Report on Great
Lakes Water Quality, on September 12. For additional information on the
Great Lakes Water Quality Agreement and its implications, visit the
Environment Canada website at: http://www.on.ec.gc.ca/glwqa/

Gulf, Asian oil tankers warned of attack danger
Oil tankers in Middle Eastern, Pakistani and Indonesian waters have been
alerted to the possibility of attacks following last week's explosion on
an oil tanker off Yemen, according to the International Maritime Bureau
(IMB), a global ocean crime watchdog. The first IMB warning was issued
to global shipping on Sunday, but warnings will continue on a daily
basis until the IMB decides the danger has passed. The IMB appealed to
governments and port authorities to tighten up security around oil
tankers by declaring approach channels for tankers off-limit areas for
unauthorized craft. (Source: news.yahoo.com, 14 October 2002) 
Click here for the source article

OCIPEP Comment: As reported in OCIPEP Daily Brief DOB02-160, the U.S.
Navy made similar advisories on September 10 as a precautionary measure
leading into the 9-11 memorial. OCIPEP has no information respecting
specific threats to Canadian oil, gas and energy facilities.

U.S. to consider mass smallpox vaccination
The Advisory Council on Immunization Practices, a group that drafts
vaccine policy for the Centers for Disease Control (CDC) and the
secretary of Health and Human Services, is engaged in a two-day meeting
substantially devoted to whether and when smallpox vaccination should
begin again after 30 years. Medical experts are urging limited use of
the vaccine. Government officials have advocated much wider
distribution. Proposals being considered by the White House include
offering the vaccine to the entire population within about a year.
(Source: ajc.com, 13 October 2002)
Click here for the source article

OCIPEP Comment: As reported in the OCIPEP Daily Brief DOB02-162, the
British government is considering mass vaccination against smallpox as
well. According to a Health Canada official, Canada's smallpox strategy
is under review and is currently in the consultation process.



New Brunswick train derailment - Update
Representatives from local and federal governments were on site to
evaluate the situation with regard to the leaking of hazardous materials
from three of the derailed cars. Chemicals involved are Sodium chlorate
(powder), Sulfuric acid (liquid) and a wax emulsion (glue). A relatively
small amount of Sulfuric acid had leaked, and the rest of the contents
was pumped out. (Source: NB RD, 15 October 2002)
Click here for the source article

West Nile virus
The West Nile (WN) virus may be taking on new forms. Reports indicate
that there have been four cases of "polio-like" paralysis in Michigan,
caused by the WN virus. All four patients were young and did not
demonstrate any other symptoms related to the WN virus, when one or more
of their limbs became paralyzed within hours. (Source: nature.com, 16
October 2002)
Click here for the source article

Interpol encourages global co-operation to fight cybercrime
Members from 37 different countries met this week at an Interpol
conference to discuss ways to improve co-operation in investigating
online offences. Interpol encourages member countries to establish new
laws to deal with cybercrime, and to develop partnerships at the
international level. (Source: reuters.com, 16 October 2002)
Click here for the source article

See: What's New for the latest Alerts, Advisories and Information


Central Command reports on Worm/Apbost.d, which is a worm that infects
files with the extensions: *.bat, *.com, *.exe, *.pif, and *.scr by
inserting its viral code at the beginning of each file.

Symantec reports on W32.HLLW.Tufas, which is a worm written in Borland
Delphi and compressed with UPX that propagates via IRC. It also has
backdoor capabilities that can give a hacker access to a computer. The
size is about 627,712 Bytes in length after it is decompressed.

Symantec reports on W32.Lamecada@mm, which is a worm that propagates via
Outlook e-mail. It arrives with the subject line "Internet Explorer Bugs
Fix Setup" and the attachment "Setup.exe".

Symantec reports on Backdoor.Theef, which is a Trojan horse written in
Delphi that can allow unauthorized access to an infected computer. It
opens port 9871 to listen for a connection.

Symantec reports on Backdoor.DarkSky.C, which is a Trojan horse that is
used to gain unauthorized access to an infected computer. It copies
itself to the %windir% and %system% folders.

Trend Micro reports on UNIX_ALUTAPS.A, which is a Trojanized version of
Sendmail 8.12.6 that compromises security on affected UNIX systems. More
information on this malware is available at CERTR Advisory CA-2002-28
Trojan Horse Sendmail Distribution


SecuriTeam reports on a remotely exploitable information leak
vulnerability in Symantec Enterprise Firewall 6.5.2, Raptor Firewall 6.5
and 6.5.3 Secure Webserver 1.1. Follow the link for patch information.

Additional vulnerabilities were reported in the following products:

PHPRank 1.8 unauthorized access, admin password plain text storage, code
injection and cross-site scripting vulnerabilities. (SecurityFocus)

PHPBBMod 1.3.3 information disclosure vulnerability. (SecurityFocus)

MondoSearch 4.4 source disclosure vulnerability. (SecurityFocus)

PHPReactor 1.2.7 pl1 cross-site scripting vulnerability. (SecurityFocus)

Nylon Proxy 0.2 denial-of-service vulnerability. (SecurityFocus)

Syslog-ng 1.4.15 and 1.5.20 buffer overflow vulnerability.

PHPNuke 6.0 multiple script code filtering vulnerabilities.

KDE 3.0.1-3.0.3 file disclosure vulnerability. (SecurityFocus)

OpenOffice 1.0.1 insecure temporary file symbolic link vulnerability.

SquirrelMail 1.2.7 web root path disclosure vulnerability.

OpenServer 5.0.5 and 5.0.6 buffer overflow in multiple DNS Resolver
libraries. (SecurityFocus)

ATP HTTP Daemon 0.4b and prior buffer overflow vulnerability.

J2EE EJB privacy leak and denial-of-service vulnerabilities.

GazTek 1.4-3 and prior HTTP Daemon buffer overflow. (SecuriTeam)

Daniel Arenz' Mini Server 2.1.6 directory traversal and log hogging
vulnerabilities. (SecuriTeam)

My Web Server 1.0.2 long URL crashing vulnerability. (SecuriTeam)

TelCondex SimpleWebServer 2.06.20817 Build 3128 long URL crashing
vulnerability. (SecuriTeam)

Polycom ViaVideo 2.2 and 3.0 Web Component security vulnerabilities.

Fake AP 0.3.1 generates counterfeit 802.11b beacon frames with random
ESSID, BSSID (MAC), and channel assignments.



To add or remove a name from the distribution list, or to modify
existing contact information, e-mail: [EMAIL PROTECTED]

For urgent matters or to report any incidents, please contact OCIPEP's
Emergency Operations Centre at:

Phone: (613) 991-7000
Fax: (613) 996-0995
Secure Fax: (613) 991-7094

For general information, please contact OCIPEP's Communications Division

Phone: (613) 944-4875 or 1-800-830-3118
Fax: (613) 998-9589
Web Site: www.ocipep-bpiepc.gc.ca

The information in the OCIPEP Daily Brief has been drawn from a variety
of external sources. Although OCIPEP makes reasonable efforts to ensure
the accuracy, currency and reliability of the content, OCIPEP does not
offer any guarantee in that regard. The links provided are solely for
the convenience of OCIPEP Daily Brief users. OCIPEP is not responsible
for the information found through these links. 

IWS INFOCON Mailing List
@ IWS - The Information Warfare Site

Reply via email to