| Top
Security News |
Russians Aided Turkish Bank Hackers
Computers instead of handguns were the weapons of choice of Turkish hackers who stole $300,000 from online banking customers, with the help of...
Clicking A Link Gets More Dangerous
The developers who built a proof of concept they call Drive-By Pharming said that by simply viewing the malicious web page would trigger major changes in...
Internet Explorer Open To New Flaw
An issue with the WinInet module (wininet.dll), used in Internet Explorer and other applications, has a vulnerability in its handling of FTP sessions.
Solaris Admins, Your Telnet Is In Danger
A zero-day exploit affecting Telnet in Solaris 10 and 11 has emerged, which makes us wonder just who in the world is running Telnet as a public service these...
Bot Battlers Bruised By Botnets
The scary part of bot infestations running on millions of PCs connected to the Internet comes from the revelation that sometimes the bot herders work cooperatively rather than competitively.
Vermont Victimized By Virus
A bot attack against a state computer in Vermont may have yielded information on 70,000 people to the criminals responsible for the intrusion. Financial...
PayPal's Security Key
Infoworld reports that PayPal, long a favored target of phishers and email spam, has come up with a measure designed to better protect its customers.
|
|
|
|
Multiple vulnerabilities in IBM's DB2 Universal Database presented the potential for local exploitation, which could have led to privilege escalation to root.
Administrators of IBM DB2 Universal Database should make sure they have the relevant Fix Packs in place on their systems.
Vulnerabilities reported to IBM in November 2006 by iDefense Labs and recently disclosed could have been attacked locally and presented plenty of problems.
One issue with DB2INSTANCE file creation could have allowed a local user to write to any file on the system through the use of symbolic links. Said iDefense:
Specifically, when supplying the DB2INSTANCE environment variable, the setuid-root DB2 administration binaries will use the home directory of the specified user for loading configuration data. This allows attackers create or append to arbitrary files by creating a specific executing environment.
Also, iDefense found several privilege escalation vulnerabilities, due to a design error in DB2. Again from iDefense:
A heap-based buffer overflow vulnerability can occur when copying data from an environment variable. The variable contents are copied to a static BSS segment buffer without ensuring proper NUL termination. Consequently, this allows an attacker to cause a heap overflow in a later function call.
A stack-based buffer overflow can occur when an environment variable contains a long string. By specifying a specially crafted value, it is possible to overwrite the return address of a function and execute arbitrary code.
Such exploits could have caused denial of service conditions, or escalation to root. All of the issues reported here exist on DB2 installations on UNIX, Linux, or Windows systems.
Bonus Recap: Your bank may have been a target of a massive pharming attack that took place over nearly three days of this week.
Security firm Websense discovered several dozen financial institutions and their customers could have been victimized by attacks.
Those attacks would have placed Trojans on computers, with a bot controller in Russia uploading or downloading files to them.
Once a victim connected to a financial site targeted by the thieves, the Trojaned files would have been able to grab login credentials and send them to the criminals.
Websense also said that the Australian Prime Minister spam that had been hitting inboxes early in the week appeared to be related to the bank pharming scheme.
About
the Author:
David Utter is a technology writer for SecurityProNews, WebProNews, and InternetFinancialNews.
|
|
,
Inc. 2549 Richmond Rd. Lexington KY, 40509
