funsec mailing list archives
RE: Rinbot Brings Back Old Times to County Offices
From: "Richard M. Smith" <rms () computerbytesman com>
Date: Fri, 9 Mar 2007 13:20:00 -0500
Someone isn't keeping up with their security patches: http://www.symantec.com/security_response/writeup.jsp?docid=2007-021615-1555 -99 <http://www.symantec.com/security_response/writeup.jsp?docid=2007-021615-155 5-99&tabid=2> &tabid=2 The Rinbot worm then attempts to spread by exploiting the following vulnerabilities: <http://www.securityfocus.com/bid/18107> Symantec Client Security and Symantec AntiVirus Elevation of Privilege (BID 18107) <http://www.securityfocus.com/bid/19409> Microsoft Windows Server Service Remote Buffer Overflow Vulnerability (BID 19409) <http://www.securityfocus.com/bid/5411> Microsoft SQL Server User Authentication Remote Buffer Overflow Vulnerability (BID 5411) Richard -----Original Message----- From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of Fergie Sent: Friday, March 09, 2007 1:12 PM To: funsec () linuxbox org Subject: [funsec] Rinbot Brings Back Old Times to County Offices -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Via The Washington Post. [snip] Typewriters were dusted off, hand-held radios were tested, and Anne Arundel County employees reported having to walk between offices rather than sending e-mails yesterday after a virus led to the shutdown of more than 2,500 computers. The fast-spreading virus infected as many as 200 county computers Wednesday, and technicians shut down the entire network for Anne Arundel offices for more than 24 hours. The disruption left hundreds of employees without access to databases, the Internet and printers, but 911 emergency services and financial transactions such as bill payments were not affected, officials said. By the end of the day, parts of the network were up and running. But during the two days of network shutdown, some county employees said they were forced to resort to tools and methods abandoned long ago in the name of technological progress. [snip] More: http://www.washingtonpost.com/wp-dyn/content/article/2007/03/08/AR200703080 2012.html - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.5.3 (Build 5003) wj8DBQFF8aNcq1pz9mNUZTMRAklOAJ4v/ESWsExjBco8ZVBsPqUj/Az7DQCg8Exj U7XGReKHSi8e6vOW9CoNZB8= =PLPp -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Rinbot Brings Back Old Times to County Offices Fergie (Mar 09)
- RE: Rinbot Brings Back Old Times to County Offices Richard M. Smith (Mar 09)