Date: 27 January 2012
Click here for printable version
Well, this week has been interesting.
To start the week the US-CERT posted an alert regarding Distributed Denial of Service attacks by the 'Anonymous' group. These attacks are typically conducted by members of the group using the 'Low Orbit Ion Cannon' attack tool and are coordinated via good old IRC.
We have also seen a major bug discovered in Symantic's pcAnywhere software. This bug allows attackers to execute arbitrary code on the target system with 'System' or Administrator level privileges.
HP issued an alert regarding the OpenSSL package on HP-UX being vulnerable to a denial of service (remotely triggered crash). This is the same issue which RedHat sent an alert about last week.
Several bugs were also found in the Google Chrome web browser, and fixed. Users of the Chrome browser are recommended to upgrade to the most recent version ASAP.
To round out this week we also saw a TFTP directory traversal attack against the D-Link DIR-601 wireless router. This attack relies on a TFTP daemon listening on the WAN connection of the device and allows arbitrary files to be read.