AusCERT - How to outrun zombies

HOME

About AusCERT

Membership

PKI Services

Training

Publications

Sec. Bulletins

Conferences

News & Media

Services

Web Log

Site Map

Site Help

Member login

How to outrun zombies

Date: 19 March 2010

Click here for printable version

Greetings all,

Quite a number of noteworthy vulnerabilities were reported this week. Anyone running SAP MaxDB or an HP machine with Broadcom Integrated NIC Firmware should definitely apply the patches. The vulnerabilities that were corrected could allow an attacker to take complete control of the system.

Google have also released a new version of Chrome correcting a number of vulnerabilities, including some that were patched in Safari last week.

Still the most interesting vulnerability in my book this week goes to Novell eDirectory. Whilst the administrator session hijacking vulnerability may not be the most technical vulnerability it does bring to light the need for defense in depth. We see zero day vulnerabilities released daily and we can't rely on patching alone as a method of protecting our systems. If you are running systems where the administrative functionality is accessible by anyone with network access, you are really asking for trouble. To better secure your systems, you should configure your firewalls, use subnetting and disable all features not being used. Just like if you're being chased by a zombie, you may not have to have the most secure system on the planet, but if you're more secure than the next one you're less likely to get mauled.

Enjoy your weekend,

Paul