Ops and Intel update

Realplayer Vulnerability DON'T USE:
Published: 2008-01-04,
Last Updated: 2008-01-05 20:13:55 UTC
by Scott Fendley (Version: 5)

Good morning everyone,

Earlier this week, Evgeny Legerov reported a vulnerability involving Real Player which could allow an attacker to execute code on victim computers. At this moment in time, there is no patch or other work around for this vulnerability though I would expect that limiting end-user privileges would limit the potential risk.

Until an update is available, I recommend that you limit viewing multimedia content using Real Player. It would be worthwhile to plan to add this future update into the mix with any operating system updates which are scheduled to be released soon.

For more information on this vulnerability, please see:

http://secunia.com/advisories/28276/
http://www.frsirt.com/english/advisories/2008/0016

Update 15:10 UTC: While you're at it, consider blocking access to uc8010-dot-com. If you do a Google Search for this domain, you'll understand why: Lots of injecting of a mailicious 0.js from this domain is currently going on, plenty of web sites seem to contain this booby trap. One of the IFRAMES fetched from this site, the file "r.htm" contains a RealPlayer exploit. Still the one from last month (www.kb.cert.org/vuls/id/871673) but if they happen to re-tool to the new vulnerability, things might get ugly.

XXXXXXXXXXXXXXXXXXXXXX

• Pragma FortressSSH SSH server DoS

  - 1 day ago

  Multiple user-reachable assert()'s. Applications: FortressSSH 5.0 (04.01.2008)

• VanDyke VShell DoS

  - 1 day ago

  DoS on keys exchange. Applications: VShell 3.0 (04.01.2008)

• Seattle Lab telnet Server DoS

  - 1 day ago

  NULL pointer dereference on telnet options parsing. Applications: Seattle Lab Telnet Server 4.1 (04.01.2008)

• Pragma TelnetServer DoS

  - 1 day ago

  NULL pointer dereference on TELOPT PRAGMA LOGON telnet option. Applications: Pragma TelnetServer 7.0 (04.01.2008)

• Foxit Remote Access Server telnet server DoS

  - 1 day ago

  Crash on oversized option. Applications: Remote Access Server 2.1 (04.01.2008)

• FortiGuard URL filtering protection bypass

  - 1 day ago

  It's possible to bypass filtering by removing Host:header from HTTP request of by fragmenting request. Applications: Fortigate 1000 (04.01.2008)

• PHP multiple security vulnerabilities

  - 1 day ago

  DoS conditions, internal state modification, code execution, integer overflows, information leaks. (04.01.2008)

• YaSSL library / MySQL multiple security vulnerabilities

  - 1 day ago

  Buffer overflows in ProcessOldClientHello and operator>>, memory exhaustion in HASHwithTransform::Update. Applications: MySQL 6.0, yaSSL 1.7 (04.01.2008)

• tcpreen buffer overflows

  - 1 day ago

  FD_SET buffer overflow on large number of incvoming connections. (04.01.2008)

• Wireshark multiple security vulnerabilities

  - 1 day ago

  Infinite loop in RPC dissector, memory exhaustion in CIP dissector. Applications: Wireshark 0.99 (04.01.2008)

XXXXXXXXXXXXXXXXXXXXXXXXXXX

• U.S. stocks to weigh recession vs. rate-cut hopes next week

  - 28 minutes ago

• As credit crunch reverberates, investors fret over dividends

  - 28 minutes ago

• Web security provider warns of 'secret crush' Facebook threat

  - 28 minutes ago

• Musharraf says Bhutto's death her own fault: '60 Minutes'

  - 28 minutes ago

• Academics not impressed with new Fed transparency plan

  - 28 minutes ago

XXXXXXXXXXXXXXXXXXXXXXXX

By Craig Whitlock

Washington Post Foreign Service
Saturday, January 5, 2008; Page A11

MILAN, Italy -- In an age of spy satellites, security cameras and an Internet that stores every keystroke, terrorism suspects are using simple, low-tech tricks to cloak their communications, making life difficult for authorities who had hoped technology would give them the upper hand.

Across Europe, al-Qaeda operatives and sympathizers are avoiding places that they assume are bugged or monitored, such as mosques and Islamic bookshops, counterterrorism experts said. In several cases, suspects have gone back to nature -- leaving the cities on camping trips or wilderness expeditions so they can discuss plots without fear of being overheard.

In Britain, a man who called himself "Osama bin London" is among five people being tried on charges of operating terrorist training camps in remote areas, sometimes under the guise of paintball fights in the woods. The camps' participants included four men who later tried to set off backpack bombs on the London transit system on July 21, 2005.

SOURCE:

g

.