Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: New Version of PHP, Cisco Advisory, BurstNET DoS'd - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
New Version of PHP, Cisco Advisory, BurstNET DoS'd
PHP has released version 5.1.3 which has several important security fixes that will help prevent much of the abuse that PHP has gotten lately.  I'd encourage those of you using PHP to seriously consider upgrading when you can.

There is a privilege escalation in Cisco Unity Express that allows an authenticated but unprivileged user to reset the password of any expired account.  This could be used to gain a higher level of access or even administrator access.  This doesn't strike me as a very critical issue as you need to have access to the HTTP management interface to execute this attack.  Those environments that practice least privilege (i.e. not giving people access they don't need and removing access when no longer needed) shouldn't be affected by in a big way.

Earlier today, a popular hosting/colocation company was the target of a denial of service attack and was down for a little bit.  They seemed to take care of the problem pretty quickly. 

At a point where it seems overwhelming with all the new attacks, I'm glad that there are other things to worry about than gibbering packet apes kicking over networks with DoS attacks.  At least now the bad guys come with some interesting hacks and there is real stuff on the line (identity theft/fraud, for instance).  In the words of Ed Skoudis, you can think of it as "unlimited job security".

--
John Bambenek, bambenek /at/ gmail /dot/ com

John

248 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!