Sun Microsystems Solaris FIFO FS Information Disclosure Vulnerability
Solaris is a UNIX operating system developed by Sun Microsystems. More information can be found at the following URL.
http://www.sun.com/software/solaris/
Sophos, a world leader in IT security and control, has warned internet users about the latest disguise being used by malware authors in their attempt to infect people's PCs: an email claiming to point to a YouTube video.
Experts at SophosLabs™ have proactively protected customers against a wave of malicious emails that pose as links to a YouTube video. The emails, which have a wide variety of subject lines and message texts, all encourage recipients to click on a link to download an online movie.
Subject lines include the following:
A typical malicious email claiming to point to a YouTube video.
Clicking on a link inside the email will send surfers to a webpage containing a malicious script and a Trojan horse designed to compromise the user's PC and turn it into a zombie.
Clicking on the links in the email takes computer users to a malicious webpage.
Interestingly, the malware that hackers are using to try and infect innocent computer users is from the same families of malware used in the waves of Storm Trojan that wreaked havoc on the internet earlier this year.
"The gang behind these attacks are amongst the most professional we have ever seen - spewing out new variants of their code with multiple disguises in their attempt to infect as many PCs as possible," said Graham Cluley, senior technology consultant for Sophos. "Clicking on the links in the email doesn't take you to YouTube's real website, but the IP address of a compromised PC. If infected, victims' computers can be used by hackers to steal personal information, spam out malware and junk email, or launch distributed denial of service attacks against innocent parties."
Sophos products proactively detect the malware as Troj/JSXor-Gen and Mal/Dorf-E, without requiring an update. Users of other vendors' products are recommended to update their protection and ensure that they are defended from the threats.
"Sophos's proactive protection meant that our millions of users won't have been infected by this latest attack," explained Cluley. "Sophos recommends that everyone on the internet treats security as a priority when they use the web and email, or risk putting their livelihoods at risk."
Last month, Sophos published research revealing the rise of web-based malware in the first half of 2007. With computer users becoming increasingly aware of how to protect against email-aware viruses and malware, hackers have turned to the web as their preferred vector of attack.
These vulnerabilities exist due to several calls to the gets() function. The gets() function is a deprecated C library function used to read data from standard input into a buffer. This function provides no way to specify the maximum size of the buffer being read into, and therefore allows the buffer to be overflowed.
The vulnerability exists within the code that parses terminal control sequences. A long series of control sequences will trigger an exploitable stack-based buffer overflow.
The vulnerability exists due to the application loading an arbitrary shared library provided by the attacker, without dropping privileges. Using the -R command line argument, an attacker can specify a shared library used to parse data coming from the printer.
JVNTA07-199A Mozilla 製品における複数の脆弱性 緊急
Mozilla Thunderbird
その他に Mozilla コンポーネントを用いている製品も影響を受ける可能性があります。
Mozilla が提供するウェブブラウザやその他の製品には、複数の脆弱性が存在します。 Mozilla からは、これらの問題を修正した Mozilla Firefox 2.0.0.5 が公開されています。
なお、2007/07/19 現在、Thunderbird 2.0.0.5 はまだ公開されておりません。
2007/07/20 に Thunderbird 2.0.0.5 は公開されました。
想定される影響は各脆弱性によって異なりますが、細工された html ファイルを閲覧した際に、任意のスクリプトを実行されたり、サービス運用妨害 (DoS) 攻撃を受けたり、情報漏えいしたりする可能性があります。
アップデートする
開発元より提供されている最新バージョンへアップデートすることをお奨めします。
JavaScript を無効にする
いくつかの脆弱性に対しては、JavaScript を無効にしたり、Firefox の 機能拡張のひとつである NoScript を使用したりすることで回避することも可能です。 なお、Thunderbird では、JavaScript や Java は初期設定で無効となっています。
Red Hat update for flash-plugin
Software: Red Hat Enterprise Linux Extras v. 3
Red Hat Enterprise Linux Extras v. 4
RHEL Supplementary (v. 5 server)
Description:
Red Hat has issued an update for flash-plugin. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.