May 14, 2007 - Current Activity

Samba Releases Update to Address Multiple Vulnerabilities

Samba has released version 3.0.25 to address several vulnerabilities. The impacts of these vulnerabilities include remote code execution, remote command injection, and system privilege elevation.

More information regarding these vulnerabilities can be found in the following Samba Security Announcements:

• CVE-2007-2444: Local SID/Name translation bug can result in user privilege elevation
• CVE-2007-2446: Multiple Heap Overflows Allow Remote Code Execution
• CVE-2007-2447: Remote Command Injection Vulnerability

Cisco Releases Security Advisory to Address Multiple Vulnerabilities in IOS FTP Server

Cisco has released Security Advisory cisco-sa-20070509-iosftp to address multiple vulnerabilities in IOS FTP Server.  These vulnerabilities may allow unauthorized, remote users to access the filesystem, cause a denial-of-service condition, or execute arbitrary code.

US-CERT encourages administrators to apply the fixes and workarounds described in Security Advisory cisco-sa-20070509-iosftp.

Microsoft Releases May Security Bulletin

Microsoft has released updates to address vulnerabilities in Microsoft Windows, Internet Explorer, Windows DNS RPC Interface, Office, Exchange, CAPICOM, and BizTalk as part of the Microsoft Security Bulletin Summary for May 2007.

More information about these vulnerabilities is located in the Vulnerability Notes Database and Technical Cyber Security Alert TA07-128A.

US-CERT strongly encourages users to review the bulletins and follow best-practice security policies to determine what updates should be applied.

Microsoft Releases Advance Notification for May Security Bulletins

Microsoft has issued a Security Bulletin Advance Notification indicating that their May release cycle will contain seven bulletins, some of which have a maximum rating of Critical. The notification further states that two of the bulletins are for Windows; three for Office; one for Exchange; and one for CAPICOM and BizTalk. The release is scheduled for May 8, 2007.

US-CERT will provide additional information as it becomes available.

Cisco Releases Security Advisory to Address Multiple Vulnerabilities in ASA and PIX Appliances

Cisco has released Security Advisory cisco-sa-20070502-asa to address multiple vulnerabilities in Cisco ASA and PIX appliances.  These vulnerabilities include two authentication bypass vulnerabilities affecting the Lightweight Directory Access Protocol (LDAP) authentication system and two denial-of-service (DoS) vulnerabilities affecting Virtual Private Networks (VPNs).

More information about these vulnerabilities can be found in the Vulnerability Notes Database.

US-CERT recommends administrators apply the workarounds and patches as described in Cisco Security Advisory cisco-sa-20070502-asa.

OPeNDAP Releases Update to Address Vulnerability in Network Data Access Protocol Software

OPeNDAP has released an update to address a vulnerability in Version 3 of the OPeNDAP Network Data Access Protocol software.

US-CERT encourages administrators to apply the fixes and workarounds described in Vulnerability Note VU#857153 and in the OPeNDAP Server 3 update.

Cisco Releases Security Advisory to Address Vulnerability in NetFlow Collection Engine

Cisco has released Security Advisory cisco-sa-20070425-nfc to address a vulnerability in Cisco NetFlow Collection Engine. Upon installation, default user credentials are created on the system. A remote attacker with knowledge of these hard-coded credentials may be able to gain access to an affected system.

US-CERT encourages administrators to apply the fixes and workarounds described in Vulnerability Note VU#127545 and Security Advisory cisco-sa-20070425-nfc.