× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. December 2000

FW: NIPC Advisory 00-060

  • Subject: FW: NIPC Advisory 00-060
  • From: MacWheel99@xxxxxxx
  • Date: Tue, 5 Dec 2000 17:03:43 EST
 
I hope that this is an appropriate forward to the group.  I got it from star 
base in Evansville Indiana which is the *BASE/400 users group.  It may need 
to be cleaned up at some point to remove the e-mail addresses of the previous 
forwarders.

MacWheel99@aol.com (Alister Wm Macintyre) (Al Mac)



Fellow members,

The following is warning from the NIPC (National Infrastructure Protection
Center) as is relates to the Internet.

Dave Titzer

-----Original Message-----
From: Marshall D. Bissonnette [mailto:mbissohq@bigrivers.com]
Sent: Tuesday, December 05, 2000 9:56 AM
To: Dave Titzer
Subject: Fw: NIPC Advisory 00-060


-----Original Message-----
From: NIPC Watch <nipc.watch@fbi.gov>
To: undisclosed-recipients: ; <undisclosed-recipients: ;>
Date: Friday, December 01, 2000 1:09 PM
Subject: NIPC Advisory 00-060


>Subject: National Infrastructure Protection Center
>Advisory 00-060
>"E-Commerce Vulnerabilities"
>30 November 2000
>
>Based on FBI investigations and other information, the NIPC has observed
>that there has recently been an increase in hacker activity specifically
>targeting U.S. systems associated with e-commerce and other
>internet-hosted sites.  The majority of the intrusions have occurred on
>Microsoft Windows NT systems, although Unix based operating systems have
>been victimized as well.  The hackers are exploiting at least three
>known system vulnerabilities to gain unauthorized access and download
>propriety information.  Although these vulnerabilities are not new, this
>recent activity warrants additional attention by system administrators.
>In most cases, the hacker activity had been ongoing for several months
>before the victim became aware of the intrusion. The NIPC strongly
>recommends that all computer network systems administrators check
>relevant systems and apply updated patches as necessary.  Specific
>emphasis should be placed on systems related to e-commerce or
>e-banking/financial business.  The following types of exploits have been
>observed:
>
>Unauthorized Access to IIS Servers through Open Database Connectivity
>(ODBC) Data Access with Remote Data Service (RDS):
>
>Systems Affected:  Windows NT running IIS with RDS enabled.
>Details:  Microsoft Security Bulletin MS99-025,
>
> NIPC CyberNotes 99-22
>http://www.microsoft.com/technet/security/bulletin/ms99-025.asp,
>or
>http://www.nipc.gov/warnings/advisories/1999/99-027.htm
>http://www.nipc.gov/cybernotes/cybernotes.htm
>Summary:  This vulnerability allows a malicious remote user to use a web
>browser to force a Windows NT server to return information from
>Structured Query Language (SQL) databases or to run system commands.
>
>SQL Query Abuse Vulnerability
>Affected Software Versions:  Microsoft SQL Server Version 7.0 and
>Microsoft Data Engine (MSDE) 1.0
>Details:  Microsoft Security Bulletin MS00-14,
> NIPC CyberNotes 20-05
>http://www.nipc.gov/cybernotes/cybernotes.htm
>http://www.microsoft.com/technet/security/bulletin/ms00-014.asp
>Summary:  This vulnerability could allow the remote author of a
>malicious SQL query to take unauthorized actions on a SQL Server or MSDE
>database.
>
>Registry Permissions Vulnerability
>Systems Affected:  Windows NT 4.0 Workstation, Windows NT 4.0 Server
>Details:  Microsoft Security Bulletin MS00-008,
> NIPC CyberNotes 20-08 and 20-22
>http://www.microsoft.com/technet/security/bulletin/ms00-008.asp
>http://www.nipc.gov/cybernotes/cybernotes.htm
>Summary: Users can modify certain registry keys such that:
>
>• a malicious user could specify code to launch at system crash
>• a malicious user could specify code to launch at next login
>• an unprivileged user could disable security measures
>
>
> The NIPC is conducting further analysis of this hacker activity and
>will provide additional information as it becomes available.
>
>Please report any illegal or malicious activities to your local FBI
>office or the NIPC, and to your military or civilian computer incident
>response group, as appropriate.  Incidents may be reported online at
>www.nipc.gov/incident/cirr.htm.
>
>


As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.