Version 2.3 Updates - March 3, 2005

[hdm at metasploit.com (H D Moore)]

Hello everyone,

On February 20th, we published the first research article on the 
metasploit.com web site. This article investigates the default security 
settings of the Arkeia Network Backup Client and leads up to the new 
arkia_agent_access.pm exploit module. In addition, we released two 
reliable exploits for Arkeia "Type 77" buffer overflow. These modules 
include a "check" command that will identify vulnerable Arkeia systems 
and display a ton of useful information about the remote system.
- http://metasploit.com/research/arkeia_agent/

A few hours ago, three new exploits were added to the msfupdate system, 
framework snapshot, and web archive. Two of these exploits are for the 
recently published Computer Associates License Client/Server 
vulnerabilities. The CA License Client listens on TCP port 10203 and is 
enabled by default on every single product sold by CA. If you are using 
eTrust, Unicenter, BrightStor, or anything else with the CA name on it, 
you should really start patching:
- http://supportconnectw.ca.com/public/ca_common_docs/security_notice.asp

The third exploit is for a trivial stack overflow bug in the TrackerCam 
webcam software. Luigi published a massive pile of bugs in this product 
on February 18th and the vendor has yet to provide a fixed version. The 
www.trackercam.com web site shows over one hundred "Live Cams" that are 
running this software (and nearly 2500 "offline" cams)...
- http://www.osvdb.org/13953
- http://aluigi.altervista.org/adv/tcambof-adv.txt

I would like to thank everyone who has donated cash, code, hardware, or 
time to the project over the last couple weeks -- there is nothing like 
community support to motivate an open-source development team :-)

-HD