OCIPEP DAILY BRIEF Number: DOB02-170 Date: 22 October 2002

http://www.ocipep.gc.ca/DOB/DOB02-170_e.html 
 

NEWS 

Report recommends cleanup of toxic sites 
A new report by the Office of the Auditor General of Canada and the
Commissioner of the Environment and Sustainable Development recommends
that the federal government pay for the cleanup of toxic waste at Nova
Scotia's Sydney tar ponds and the Laredo Uranium mine in Saskatchewan.
While the report does not specify the cost of the cleanup, the federal
Environment Minister has reportedly stated that the cleanup could cost
$2 billion. (Source: cbc.ca, 21 October 2002)
Click here for the source article

OCIPEP Comment: In 1999 the Auditor General and the Commissioner of the
Environment audited the federal government's scientific investigation of
existing industrial chemicals and pesticides and its management of their
use. The 1999 report concluded that the federal government was not
adequately managing the risks created by toxic substances. The latest
report revisited the departments audited (Environment Canada, Health
Canada, Industry Canada, Natural Resources Canada, Fisheries and Oceans
Canada, and Agriculture and Agri-Food Canada and the Pest Management
Regulatory Agency) to assess their progress in implementing the 27
recommendations made in 1999. 

The full report is available at: 
(http://www.oag-bvg.gc.ca/domino/other.nsf/html/99menu2e.html).

Oil and transport sectors asked to boost security
In light of recent events in Indonesia and elsewhere, the U.S.
government has urged the transportation, oil and gas, and other critical
infrastructure sectors to improve the security of their facilities from
possible terrorist attacks. While the government recommends greater
vigilance, the country's threat level remains at "yellow". (Source:
news.yahoo.com, 21 October 2002)
Click here for the source article

OCIPEP Comment: As reported in OCIPEP Daily Brief DOB02-169, the
Indonesian government has warned that oil and energy operations are
likely targets both within Indonesia and in Southeast Asia in general.

U.S. produces guidelines for reporting cyber incidents
CIO Magazine, in conjunction with the Secret Service and the FBI, has
published guidelines for businesses to follow when reporting computer
security incidents to law enforcement. The report includes what events
should be reported, what details regarding the event should be reported
and where the report should be sent. (Source: linuxsecurity.com, 21
October 2002)
Click here for the source article

OCIPEP Comment: To view the CIO/FBI/Secret Service guidelines, go to:
http://www.cio.com/research/security/incident_response.pdf



 

IN BRIEF  

Health Canada plans smallpox vaccinations
According to media reports, Health Canada has, in consultation with the
provinces, decided to vaccinate 500 Canadian doctors, nurses and lab
technicians against smallpox in order to be prepared in the event of a
terrorist attack involving the disease. The report states that the
vaccinations, which would be administrated on a voluntary basis, would
be completed by the end of the year. (Source: cbc.ca, 21 October 2002)
Click here for the source article

OCIPEP Comment: As reported in the OCIPEP Daily Brief DOB02-164, the
U.S. government recently announced a proposal that would see the
inoculation of 500,000 hospital staff against smallpox across the
country. The World Health Organization continues to recommend against
mass vaccinations because of the side effects, which can include severe
negative skin reactions and encephalitis. 

Infrastructure projects in Nova Scotia
The province of Nova Scotia plans to spend about $20 million on new
infrastructure projects with almost half of the funds being spent on
improving the water and sewer system in the Beaver Bank area, near
Halifax. (Source: cbc.ca, 21 October 2002)
Click here for the source article

New weather software being tested in the prairie region
Radar software that will enable its users to chart advancing storms is
being tested in Canada's prairie region. The software is designed to
forewarn analysts of the severity of developing storms that may produce
hail or tornado. The usefulness of such technology was reinforced by the
tragedy at Pine Lake, Alberta, in 2000. (Source: winnipegfreepress.com,
21 October 2002)
Click here for the source article

Australia launches national security web portal
The Attorney General of Australia recently launched a web portal to
provide a single access point for national security information from the
Australian Government. To access the portal, go to
http://nationalsecurity.ag.gov.au/.





CYBER UPDATES
See: What's New for the latest Alerts, Advisories and Information
Products  


Threats

Central Command reports on Worm/Zetno, which is a worm that copies
itself in the \windows\ directory under the filename "Winsysger.exe"
(1.025 Kbytes) when executed. Additionally, the files "C:\Zetno.exe
(11.541 Kbytes)" and "C:\Windows\System\Zipload32.exe (11.541 Kbytes)"
are created new. 
http://support.centralcommand.com/cgi-bin/command.cfg/php/enduser/std_ad
p.php?p_refno=021018-000013 
Symantec reports on W32.HLLW.Cozit, which is a worm written in Borland
C++ and packed by UPX. It propagates via the KaZaA network. It copies
itself to the Windows folder as Svchost.exe and changes the registry to
run this file whenever Windows is started. When the worm is executed, it
copies itself to the KaZaA download folder using a file name chosen at
random from a list that it carries. On December 1, the worm will display
a message in the title bar of the foreground window.
http://securityresponse.symantec.com/avcenter/venc/data/w32.hllw.cozit.h
tml\

Symantec reports on W32.Lamecada.B@mm, which is a variant of
W32.Lamecada@mm. It propagates via Outlook e-mail. It arrives with the
subject line "Hey...check this naked Eleanor pics...!!" and the
attachment "ELEANOR-NAKED-PICS.JPG.Exe".
http://securityresponse.symantec.com/avcenter/venc/data/w32.lamecada.b@;m
m.html


Vulnerabilities 

SecurityFocus reports on a remotely exploitable denial-of-service
vulnerability in MS Windows 2000 RPC Service. View the "Solution" tab
for patch information.
http://online.securityfocus.com/bid/6005/discussion/


Patches:


New NIS packages are now available for Debian GNU Linux. (SecurityFocus)
http://online.securityfocus.com/advisories/4584


Additional vulnerabilities were reported in the following products:


Linux BTTV Video Capture, PCILynx FireWire and IXJ Telephony Card Driver
2.4 Kernel privilege elevation vulnerabilities. (SecurityFocus)
http://online.securityfocus.com/bid/5989/discussion/
http://online.securityfocus.com/bid/5987/discussion/
http://online.securityfocus.com/bid/5985/discussion/ 
Multiple Linux Kernel 2.2 and 2.4.18 security vulnerabilities.
(SecurityFocus)
http://online.securityfocus.com/bid/5984/discussion/
http://online.securityfocus.com/bid/5983/discussion/ 
Solaris NFS lockd (multiple versions) denial-of-service vulnerability.
(SecurityFocus)
http://online.securityfocus.com/bid/5986/discussion/ 
Perlbot 1.9.2 Filename Variable and Text Variable command execution
vulnerabilities. (SecurityFocus)
http://online.securityfocus.com/bid/6009/discussion/
http://online.securityfocus.com/bid/6008/discussion/ 
Perlbot 1.0 beta command execution vulnerabilities. (SecurityFocus)
http://online.securityfocus.com/bid/5999/discussion/
http://online.securityfocus.com/bid/5998/discussion/ 
Hans Persson Molly 0.5 command execution vulnerabilities.
(SecurityFocus)
http://online.securityfocus.com/bid/6007/discussion/ 
Software602 Web602 Web Server unauthorized admin directory access
vulnerability. (SecurityFocus)
http://online.securityfocus.com/bid/6006/discussion/

YaBB Login 1.40 and 1.41 cross-site scripting vulnerability.
(SecurityFocus)
http://online.securityfocus.com/bid/6004/discussion/

Multiple VBulletin cross-site scripting vulnerabilities. (SecurityFocus)
http://online.securityfocus.com/bid/5997/discussion/

Multiple Vendor IPSec Implementation denial-of-service vulnerabilities.
(SecurityFocus)
http://online.securityfocus.com/bid/6011/discussion/ 
IPFilter FTP Proxy unauthorized access vulnerability. (SecurityFocus)
http://online.securityfocus.com/bid/6010/discussion/


GENTOO LINUX gruff buffer overflow vulnerability. (SecurityFocus)
http://online.securityfocus.com/advisories/4582

HTTPD SOCKS4 1.30-1.41c buffer overflow vulnerability. (SecurityFocus)
http://www.securiteam.com/windowsntfocus/6F00M0A5PO.html

Internet Explorer security architecture vulnerability. (SecurityFocus)
http://www.securiteam.com/windowsntfocus/6H00O0A5PM.html


Tools
There are no updates to report at this time. 


 

CONTACT US  

To add or remove a name from the distribution list, or to modify
existing contact information, e-mail: [EMAIL PROTECTED]

For urgent matters or to report any incidents, please contact OCIPEP's
Emergency Operations Centre at:

Phone: (613) 991-7000
Fax: (613) 996-0995
Secure Fax: (613) 991-7094
Email: [EMAIL PROTECTED]

For general information, please contact OCIPEP's Communications Division
at:

Phone: (613) 944-4875 or 1-800-830-3118
Fax: (613) 998-9589
Email: [EMAIL PROTECTED]
Web Site: www.ocipep-bpiepc.gc.ca

Disclaimer
The information in the OCIPEP Daily Brief has been drawn from a variety
of external sources. Although OCIPEP makes reasonable efforts to ensure
the accuracy, currency and reliability of the content, OCIPEP does not
offer any guarantee in that regard. The links provided are solely for
the convenience of OCIPEP Daily Brief users. OCIPEP is not responsible
for the information found through these links. 
  
        





IWS INFOCON Mailing List
@ IWS - The Information Warfare Site
http://www.iwar.org.uk


Reply via email to