Symantec Backup Exec for Windows Servers is vulnerable to denial of service. There are two different issues that could cause a denial of service, one being a NULL pointer reference that can cause the backup exec job engine service to crash with a specially crafted packet sent to TCP port 5633. Two integer overflows within the engine, triggered by a specially crafted packet to port 5633 can cause the service to enter an infinite loop consuming large amounts of CPU time. Backup Exec version 11d build 11.0.7170 and version 11d build 11.0.6.6235 are affected. Users should upgrade to versions Build 11.0.7170 and Build 11.0.6235 respectively.

We found a survey published today that some of you may be interested in. Cloudmark Inc., an anti-spam, anti-phishing outfit, released a survey about phishing sites, and the effects on the perception of the company being phished. It seems that some people (42% of the people surveyed) would have their trust in the brand “greatly reduced” after receiving a phishing email claiming to be from them. Now, of course the phishing email has absolutely nothing to do with the actual company, but it still seems to leave an impression. If the results of this survey can be trusted, it looks like some consumers need to be educated about phishing attacks and the relation to the brand.

Today a vulnerability was disclosed that effects IBM Lotus Notes. The issue effects versions 5.x, 6.x, 7.x and 8.x. Specifically, the issue lies within the Lotus Notes viewer, a specially crafted Lotus Notes viewer file (.123 extension) could cause a buffer overflow within the viewer and lead to the execution of arbitrary code.

If you have Lotus Notes 7.x or 8.x, IBM has an update. If you are using version 6.x, or 5.x, there is currently no update. IBM is currently working on an update for 6.x, but will not release one for 5.x. However, a workaround for these versions is to disable the viewer. If the viewer is disabled, then the files will not be opened within Lotus Notes viewer.

The latest releases of Firefox (2.0.0.10) and SeaMonkey (1.1.7) address three recently discovered vulnerabilities. The first is a race condition in window.location that can allow Cross-site scripting via referer-spoofing. The second is a memory corruption issue which could lead to the execution of arbitrary code. The third is a jar URI scheme vulnerability that can also allow Cross-site scripting to occur.

You should update if you are using one of these products.

For for the original notifications travel over to Mozilla’s known vulnerabilities site

Two denial of service vulnerabilities were reported in Linux kernels prior to 2.6.23.8 this weekend.

The first is caused by a design flaw in the “wait_task_stopped()” function. It is locally exploitable by manipulating the state of a child process. Kernel version 2.6.24-rc1 is also known to be vulnerable. See CVE-2007-5500 for more details.

The second involves a design flaw in the “write_queue_from” which creates a NULL-pointer issue. This vulnerability is remotely exploitable by sending the system a specially crafted ACK packet. See CVE-2007-5501 for more details.

The original advisory can be viewed at:
http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.23.8

A new samba patch was released yesterday to address two buffer overflows. The first allows for the execution of arbitrary code when the WINS support option is enabled. An attacker would send specially crafted WINS requests to take advantage of this vulnerability. The second d can be exploited by sending a specially crafted GETDC mailslot request. For this second exploit to succeed samba must be configured as a Domain Controller. Samba versions 3.0.0-3.0.26a are know to be vulnerable to these issues.
The original advisory and patches are available at:
http://us1.samba.org/samba/history/security.html

Apple has released new security updates for Mac OS X. The updates address a variety of issues including vulnerabilities in the Adobe Flash Player, AppleRAID, BIND, FTP, the kernel and various sub-systems. Successful exploitation of these issues could lead to system access, privilege escalation, Denial of Service issues, etc.

All users are strongly encouraged to update to Mac OS X 10.4.11 or apply Security Update 2007-008.

Full details can be found in the original Apple advisory:
http://docs.info.apple.com/article.html?artnum=307041