Thursday, May 31, 2007

US-CERT Technical Cyber Security Alert TA07-151A -- Mozilla Updates for Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

National Cyber Alert System

Technical Cyber Security Alert TA07-151A

Mozilla Updates for Multiple Vulnerabilities

Original release date: May 31, 2007
Last revised: --
Source: US-CERT


Systems Affected

* Mozilla Firefox
* Mozilla Thunderbird
* Mozilla SeaMonkey
* Netscape Browser

Other products based on Mozilla components may also be affected.


Overview

The Mozilla web browser and derived products contain several
vulnerabilities, the most severe of which could allow a remote
attacker to execute arbitrary code on an affected system.


I. Description

Mozilla has released new versions of Firefox, Thunderbird, and
SeaMonkey to address several vulnerabilities. Further details about
these vulnerabilities are available from Mozilla and the Vulnerability
Notes Database. An attacker could exploit these vulnerabilities by
convincing a user to view a specially-crafted HTML document, such as a
web page or an HTML email message.

Support for Firefox 1.5 is scheduled to end in June 2007. According to
Mozilla:

Firefox 1.5.0.x will be maintained with security and stability
updates until June 2007. All users are strongly encouraged to
upgrade to Firefox 2.


II. Impact

While the impacts of the individual vulnerabilities vary, the most
severe could allow a remote, unauthenticated attacker to execute
arbitrary code on a vulnerable system. An attacker may also be able to
cause a denial of service.


III. Solution

Upgrade

These vulnerabilities are addressed in Mozilla Firefox 2.0.0.4,
Firefox 1.5.0.12, Thunderbird 2.0.0.4, Thunderbird 1.5.0.12,
SeaMonkey 1.0.9, SeaMonkey 1.1.2. By default, Mozilla Firefox,
Thunderbird, and SeaMonkey automatically check for updates.


IV. References

* US-CERT Vulnerability Notes -
<http://www.kb.cert.org/vuls/byid?searchview&query=mozilla_20070531>

* Securing Your Web Browser -
<http://www.us-cert.gov/reading_room/securing_browser/browser_security.html#Mozilla_Firefox>

* Mozilla Foundation Security Advisories -
<http://www.mozilla.org/security/announce/>

* Known Vulnerabilities in Mozilla Products -
<http://www.mozilla.org/projects/security/known-vulnerabilities.html>

* Mozilla Hall of Fame -
<http://www.mozilla.org/university/HOF.html>

* Site Controls -
<http://browser.netscape.com/ns8/help/options-site.jsp>


____________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/techalerts/TA07-151A.html>
____________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA07-151A Feedback VU#751636" in the
subject.
____________________________________________________________________

For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________

Produced 2007 by US-CERT, a government organization.

Terms of use:

<http://www.us-cert.gov/legal.html>
____________________________________________________________________


Revision History

May 31, 2007: Initial release

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBRl8hMuxOF3G+ig+rAQLIagf/S2DvesVDq/ZeL4vm68xSSniQYCETBYOe
fIIluxwNULN0HS3Z6Nyy2B9se0Z9SkIVPEg166nYTMdH3N7DHDJxFVJCwkiUJjV+
EnY4KWg1q/VWJKqislLRCGSV5LbaSkCiHeet228RmpRUlAeoNxkKfdfPdnGP+iTq
DVl/fOtDipYLBIRgFpvsqj+iQjWQxScU3LB8pDKSstXKBOUDmxyWTsmYAN1bL4d9
CWuzCYcO7LJl4tyY2nmz+lgCCFVqlu89AWSPD8VNRc4f3V1whDxlHMV83V17jMDx
6F8+3pgmp8GVxf54CgiXegFr67qN2KNxrlzZf0o8jxl9bF83zV0+TQ==
=m76L
-----END PGP SIGNATURE-----

Posted by Bob Blogger at 12:41 PM 1 comments

California Fire News

California Fire News

Local News - Good Samaritan Rescue

Posted: 30 May 2007 10:13 PM CDT

MyMotherLode.com - Local News - :

Good Samaritan Rescues Accident Victim

Tuesday, May 29, 2007 - 04:25 PM
Bill Johnson
MML News Director
Sonora's Bill Schuler suffered a few scrapes and a sore back when his car went into a ditch (5/29/07).

Sonora, CA -- Thanks to wearing a seat belt, Sonora's Bill Schuler is alive to enjoy another day after his single vehicle accident.


Located at Hwy 108 and Via Este (5/29/07).

Early Tuesday afternoon the former president of the Tuolumne County Board of Realtors was headed eastbound on Hwy 108 in his 1992 Ford Explorer when he attempted to make a right hand turn onto Via Este. His brakes locked and the car headed straight into a ravine approximately 20-25 feet below street level.


Involved in car accident at Hwy 108 and Via Este (5/29/07).

21 year old Jeff Hike of Sonora jumped into the ravine, kicked in the back window, cut the seatbelt with his pocket knife and led Schuler to safety.

While the car suffered major damage, Schuler had only a scratch on his right elbow and some back pain to show for an incident that could have taken his life were it not for his seatbelt.

Written by bill.johnson@mlode.com

"

Time to prepare for catastrophic fire?

Posted: 31 May 2007 12:33 AM CDT

Mount Shasta Herald, Weed Press, Dunsmuir News - Mt. Shasta News - News:

Now is time to prepare for catastrophic fire

By Paul Boerger
Published: Wednesday, May 30, 2007 2:10 PM CDT


Global warming has hit the forests says CAL FIRE battalion chief Margy Marshall, and with southern Siskiyou County having a long history of wildfires it is only a matter of time before another one occurs. Marshall says it is up to citizens to prepare the areas around their homes to defend their property.

At a May 23 presentation at the Stage Door Carbaret Coffeehouse in Mount Shasta, Marshall strongly made the case that homes with a "defensible space" have a high rate of survivability from a wildfire.

"You home will have a 86 to 95 percent chance of survival if you choose to manage the vegetation around your home," Marshall said, noting that California law now requires 100 feet of defensible space.


Marshall showed historical maps of the large fires that have occurred around Mount Shasta, several coming right up the city boundary.

"It would be naive to think that it can't happen again," Marshall said.

Marshall said the following step are essential in preparing for a wildfire:



€ Choose fire safe building materials whenever possible;

€ Have a "lean, clean and green zone" immediately surrounding your home that includes clearing for 30 feet and a "reduced fuel zone" for an additional 70 feet;

€ Prepare for evacuating to a safe area. Know where the safe areas are in your city; and



€ Pay attention to the "little things" during the summer such as cleaning gutters, moving wood piles away from the home and don't let flammable materials accumulate in your yard such as under the deck.

"By reducing the chance of your home igniting, you can make a difference," Marshall said.

Marshall said the impact of global warming cannot be ignored.



"Since 1986, longer, warmer summers have resulted in a fourfold increase in major wildfires. Researchers attribute these changes to an increase in summer temperatures and earlier melting of snow pack," Marshall said. "Snowpacks are melting one to four weeks earlier than they did 50 years ago. We are at 50 percent normal right now."

Marshall said she has been a firefighter since 1977 and has seen a "big change" in the number of fires.

"It used to be unusual for us to deploy elsewhere," Marshall said. "Now, hardly a summer goes by when we aren't sent somewhere."



The Mount Shasta Area Fire Safety Plan has the following recommendations if a wildfire occurs:

€ For an evacuation, make plans for moving pets and valuables, turn off propane, dress in long pants, long sleeved shirt and cap and check on children, elderly or disabled in your community;

€ If you are unable to evacuate, stay inside your home away from outside walls. Remember it will be hotter outside that inside the home. Keep doors closed and unlocked, stay together and remain calm.



Once the fire has passed, check your home, attic and yard for burning embers and extinguish small fires if safe to do so.

If you become trapped in your car, park as far away from grass, brush, trees and power lines as possible, close doors, windows and vents. Cover yourself with a blanket or jacket.

Marshall said she was part of the crews that fought the Cedar Fire near San Diego that destroyed over 3,000 homes and killed over 20 civilians, in addition to firefighters.



"Most of the civilians who were killed, died trying to flee the fire in their cars," Marshall said, stressing again to make your home defensible.

Marshall said CAL FIRE is available to inspect homes and make suggestions on how to create defensible space. Check local listings for the nearest station.

"The signs are all around us that a wildfire will occur," Marshall said. "You can make a difference."

"

CAL FIRE NEWS- Grass fire burns state lands at Moss Landing beac

Posted: 30 May 2007 02:24 PM CDT

Salinas, CA: Grass fire burns state lands at Moss Landing beach

The North Monterey County Fire District sent two engines and a water tender to defeat a three-acre grass fire at Moss Landing State Beach on Tuesday afternoon.

The fire started off Struve Road about 2 p.m. and took 45 minutes to contain, firefighters said, but three hours to completely put out. No cause was found, they said.

Tehama County - CONTROLLED BURN PLANNED

Posted: 30 May 2007 02:20 PM CDT

North State Briefs: May 30, 2007 : Local:
Tehama County plans large burn

RED BLUFF -- The California Department of Forestry and Fire Protection plans to burn about 2,000 acres by June 15 in Tehama County in preparation for fire season, a Cal Fire spokeswoman said.

Cal Fire will team up with a local cattle ranch in the Red Bank District and the Nature Conservancy to control invasive weeds, such as medusa head and yellow star thistle, spokeswoman Mickie Jakez said.

About 700 acres will be burned in the Dye Creek Ranch area, 400 acres between Highway 99 and the railroad tracks south of Vina, and another 870 acres near Red Bank Road and Gallatin Road, Jakez said. The burn should begin this week or the beginning of June, weather permitting."

News - Training fire to be set near Sacramento-Amador county lines - sacbee.com

Posted: 30 May 2007 02:07 PM CDT

News - Training fire to be set near Sacramento-Amador county lines:

A training fire will be set Wednesday on Highway 104 near the Sacramento and Amador county lines.

The Amador/El Dorado Unit of the California Department of Forestry and Fire Protection will be conducting training exercises Wednesday and Thursday.

Sacramento Metro Fire crews will also be on hand at the fire, which will be set about 9 a.m. at the Chance Ranch, according to a firefighters.

Firefighter Told To Move Them

Posted: 30 May 2007 10:32 AM CDT


Firefighter Told To Move Them
LINK:
May 23, 2007


California - The white front and red glittery strip of lights on a 1966 fire engine peeks out from behind a wooden fence in a newer suburban area. They give away a neighborhood fixture: Mark Hathaway's two historic fire engines. When Hathaway isn't at work as a city firefighter in San Jose, he is tinkering with the engines' wiring and shining their sleek red surfaces. He has become legendary at Cowell Elementary School, a couple of blocks away, for regularly giving his 7-year-old daughter, Melaine, and her friends rides to school in the engines. His 3-year-old son, Mathew, rides in a child seat.

But city code enforcement officials say the engines break a city law banning vehicles over 8,000 pounds in residential areas, even on private property. The fire engines weigh 24,000 to 25,000 pounds each. He has until June 11 to move them.

"The reason I bought my house was because it would house my fire engines," said Hathaway, 36, who moved to Woodside Way about 5 and a half years ago and bought one of the engines soon after. "I chose the city of Manteca. It is supposed to be 'The Family City' and my fire engines are part of my family. I have two young kids who would be very sad to see them leave, and so would I."

The hoses and exterior fixtures would be vulnerable to vandalism at a storage park for recreational vehicles, he said. Replacing the windshield on the 1966 fire engine would cost at least $1,000, and the round, metal siren proudly centered on the vehicle is $1,400.

A well-wisher whom Hathaway had never met showed up at his door and offered him a spot of land for the trucks, but Hathaway said he would have to put money into a shed to house them securely.

Hathaway grew up next to San Jose's Fire Station 9. By age 5, he had acquired a love for the engines, visiting the station and then saving up money for toy engines. The first real one came when he turned 18. It was a 1970 fixer-upper he later sold to San Jose Del Cabo, Mexico. He bought the 1966, his most recent, about three years ago.

Trouble arrived April 28 when someone sent an anonymous, online complaint to the city's government outreach site reporting the engines and a camper in the driveway. An anonymous caller also left a voice message with a complaint about the camper protruding onto the sidewalk.

The city sent a courtesy letter to Hathaway on May 1 stating the camper couldn't be parked in the driveway and the engines violated the weight rule.

School, neighborhood support

Neighbors praised Hathaway and signed 24 letters to the city asking that the engines be allowed to stay. But the City Council voted 4-0 Monday evening not to pursue changes to the code or an exception for Hathaway.

"I support you," Councilman Vince Hernandez said. "It is all those 12 or 13 or 14 other people who will line up behind you and say, 'What about me?' (that I can't support)," he said. "It's a difficult situation."

Hathaway supporter Jim Rachels, a lifelong Manteca resident whose children, ages 7 and 10, have attended field trips to Hathaway's trucks, scoffed at implying that letting the engines stay would open a Pandora's box to comparable requests.

"It's embarrassing, quite frankly," Rachels, 44, said. "Mark has been there for 5 and a half years without any issues. He offers a community service. He has field trips, he is at every event, and his passion as a firefighter is an asset to our community."

Cowell Principal Harriet Myrick shook her head at the possibility of no longer seeing children arrive at school on the engine.

"It won't ever be the same," she said. "Kids will never have that thrill of riding to school in a fire engine. How many kids get to do that?

"He offers a free service, and in education today, there is not a lot of that."

The city's Fire Department does presentations only for students in grades 2-4, she said. Hathaway has given his presentations to students at Cowell and at Woodward elementary schools and brought his truck to community events.

The effort earned him the name "The Fire Engine Guy" and sometimes, "The Fire Truck Guy."

"I don't know what I'm going to do," Hathaway said. "If I can talk to a lawyer and take it to court? I don't know. I don't think it is fair."

Written by Modesto Bee

FIRE WEATHER WATCH

Posted: 30 May 2007 10:17 AM CDT

CRITICAL FIRE WEATHER PATTERN DEVELOPING FOR THURSDAY

From the National Weather Service - Sacramento:

LOW PRESSURE APPROACHING THE CALIFORNIA COAST WILL CAUSE DRY THUNDERSTORMS THURSDAY AND THURSDAY NIGHT.
AN OUTBREAK OF DRY LIGHTNING IS POSSIBLE FROM LATE THURSDAY MORNING AND THROUGH AROUND MIDNIGHT THURSDAY NIGHT...

HOWEVER NOCTURNAL STORMS ARE POSSIBLE ALONG THE WEST SLOPES OF THE SIERRA AND MOTHERLODE THURSDAY NIGHT INTO FRIDAY MORNING.
FUELS HAVE EXPERIENCED RAPID DRYING OVER THE LAST COUPLE OF WEEKS. THEREFORE A FIRE WEATHER WATCH WILL BE IN EFFECT FOR DRY LIGHTNING DURING THIS PERIOD. ...

FIRE WEATHER WATCH IN EFFECT FROM THURSDAY MORNING THROUGH THURSDAY EVENING...

THE NATIONAL WEATHER SERVICE IN SACRAMENTO HAS ISSUED A FIRE WEATHER WATCH...WHICH IS IN EFFECT FROM THURSDAY MORNING THROUGH THURSDAY EVENING.
AN UPPER LEVEL LOW PRESSURE SYSTEM WILL BRING SCATTERED DRY THUNDERSTORMS TO THE AREA THURSDAY AND THURSDAY EVENING. FUELS HAVE EXPERIENCED VERY RAPID DRYING OVER THE PAST FEW WEEKS. 1000 HOUR FUELS ARE NOW AT LEVELS USUALLY OBSERVED IN LATE JULY OR EARLY AUGUST."

Posted by Bob Blogger at 7:23 AM 0 comments

Wednesday, May 30, 2007

California Fire News

California Fire News

City of Sacramento Fire Department - Reward For Union Pacific Trestle Fire

Posted: 29 May 2007 11:22 PM CDT

City of Sacramento Fire Department: Press Release

Reward For Union Pacific Trestle Fire
Sacramento Fire Department Logo
May 24, 2007
For Immediate Release
Incident No. 		Senior Special Agent Nina Delgadillo
Phone: 1-888-416-4533
nina.delgadillo@atf.gov

Date/Time of Occurrence: May 24, 2007 - 3:30p.m.
Type of Incident: Announcement
Location: 5770 Freeport Blvd, SACRAMENTO

The Sacramento Fire Department and the ATF Announce a Reward For Union Pacific Trestle Fire

Sacramento- the Sacramento Fire Department and the Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF) will announce a reward for information that leads to the arrest and conviction of the person or persons responsible for the Union Pacific Railroad Trestle Fire in Sacramento on March 15, 2007.

The fire destroyed a 1300 foot section of elevated railroad trestle at approximately 5:30 p.m. near Exposition Parkway and Tribute Road and investigators later determined the cause of the fire was incendiary in nature.

ATF and Investigators from the Sacramento Fire Department and Sacramento Police Department have information which they believe is valuable, however they need additional information from the public which may assist them in solving this case.

Investigators and volunteers will be distributing leaflets to the public; the area of distribution will include numerous transient camp sites along the American River Parkway.

Anyone having information and seeking to receive a reward , should call 1-888-ATF-FIRE.

DBA: Sacramento Fire Department

Cal Fire Suspends All Outdoor Burning - News Story

Posted: 29 May 2007 11:10 PM CDT

Cal Fire Suspends All Outdoor Burning

"LINCOLN, Calif. -- Cal Fire has suspended all outdoor burning because dry weather this winter has led to a rise in wildfire danger.
The state usually sees a peak in fire danger in summer and fall, but the lack of rain and snow has made this winter different than most."We didn't have a choice," Cal Fire spokeswoman Tina Rose said. "You have to cut off the burning. If there is going to be the dry conditions we're experiencing plus north winds, it would be insane not to."
As for rainfall, the Sacramento region experienced the driest January on record.
Cal Fire crews said in a matter of seconds, a debris fire can quickly get out of control.
"All up and down Northern California right now, we're seeing fires that we'd not normally see until June," Rose said. "For the last two weeks we've run from one escaped debris pile to another."
In Lincoln, on McCourtney Road, two homes were saved from controlled burns that got out of hand.
Lincoln resident Ron Allbirtain said he just found out about the burn ban."It means we can't clear our property like we want to," he said. "Sometimes there are rules we have to follow that we don't like, but it's for our benefit."

Fatal Wildfire Brings Policy Questions

Posted: 29 May 2007 10:43 PM CDT

Fatal Wildfire Brings Policy Questions

Sunday May 27, 2007 11:46 PM

AP Photo LA114

By GILLIAN FLACCUS

Associated Press Writer

RIVERSIDE, Calif. (AP) - A blaze that killed five federal firefighters last year has emboldened those who question the cost of saving the ever expanding number of homes on the fringe of wilderness.

The five perished last fall while protecting an empty mountain vacation home from the Southern California fire, which authorities say was started by a 36-year-old auto mechanic now charged with murder.

However, the deaths also were blamed on social and political pressures and decisions to put homes before the safety of firefighters, according to a report last week from the California Department of Forestry & Fire Protection.

As another fire season heats up, some U.S. Forest Service officials say a shift in strategy is inevitable as firefighters increasingly risk their lives defending communities that have been built in prime fire territory.

``We are not going to die for property,'' said Tom Harbour, national director of fire and aviation management for the Forest Service. ``It's time for homeowners to take responsibility for the protection of their homes.''

Chief Forester Gail Kimbell would not say whether the service is considering a change in policy on defending homes in certain fire conditions, but the agency plans to address flaws in the response to the deadly fire in remote Twin Pines, about 90 miles east of Los Angeles, and is conducting a longer-term review of overall firefighter safety.

Firefighters' attitudes also are an issue in protecting homes.

Public expectations can sometimes lead to bravado and a cavalier mind-set among firefighters, experts say. A recent investigative report in the five deaths listed overconfidence, excessive motivation and risk-taking as contributing factors.

``One of the standard fire orders states: 'Fight the fire aggressively having provided for safety first,''' said Peter Leschak, a 26-year firefighter and a commander for the Minnesota Department of Natural Resources' Division of Forestry. ``There has been an argument recently to change that because we don't need to encourage firefighters to be more aggressive - half the time we're holding them back.''

Federal firefighters could scale back structural protection without too much political fallout, but that would not be easy for the California Department of Forestry and Fire Protection, which answers to the governor, said John Maclean, a federally certified firefighter and the author of several books on wildfire disasters.

The state agency spends 44 percent of its budget on wildfire suppression annually, he said, and much of that work means protecting homes where suburbs collide with wilderness.

More than 6 million homes in California stand in wildfire ``red zones'' - areas defined in part by their thick brush and steep slopes - and that number is expected to grow by 20 percent in the next decade, according to a recently released insurance report.

``There is an expectation on the part of a lot of people that somebody better get in there and do or die for their house,'' Maclean said. ``If you stop doing that and you stop taking reasonable risk to protect structures, you'd have a new governor in about five minutes.''

David Kassel, who rebuilt his San Diego home after it burned in 2003, said he would be shocked if firefighters started backing off structural protection.

``What is the purpose of the fire department? Are they just going to stand around and watch?'' Kassel said. ``If the structures are being left to the local departments to take care of, isn't that simply shifting the risk from one department to another? I wouldn't want to be the fireman who would say, 'I'm going to leave this to you because we can't handle something risky.'''

---

On the Net:

Esperanza fire report: http://www.fire.ca.gov/fire-er-memorial-esperanza.php

CA-TCU- LIME IC VEG FIRE

Posted: 29 May 2007 07:06 PM CDT

FULL VEGETATION RESPONSE 1 TO 2 ACRES, MODERATE ROS

ALL COLUMBIA AIRCRAFT

HIGHWAY 108 AND LIME KILN ROAD/SANQUINETTI

ST 9275G
WT 549
CDF TAC 8

CA-SCU-DEL VALLE - NEW START

Posted: 29 May 2007 05:36 PM CDT

CA-SCU-DEL VALLE IC

NEW START FULL WILDLAND RESPONSE

2-DOZERS
1-AA
2-AT
1-EPRP (EAGLE 1)
2- DELTA CREWS

Alaska-Intense Wild Fire Burns On for 5 days | 16,465 acres

Posted: 29 May 2007 12:47 PM CDT

Intense Wild Fire Burns On for 5 days -16,465 acres

INTERIOR OF ALASKA – Firefighters are, and have been tackling several fires burning in Alaska right now! The largest of the fires is the Mooseheart fire – the fire began on Wednesday, May 23, 2007 and officials estimate that the size of the fire is more than 16,465 acres- fire Managers report that the fire was still burning intensely, in some areas, on Monday afternoon.

The Mooseheart fire is located about 25 miles southwest of Manley Hot Springs and is said to have been ignited by Lightning.

At least 75 fire fighting personnel are working to control the fire and there are seven Smoke jumpers also on site, mopping up around structures where a successful burnout was conducted over the weekend.

Red Flag Warnings for high winds from the southwest could hamper visibility and precautions to residents who live near Manley Hot Springs, that also have respiratory problems, have been issued, due to the smoke."

Posted by Bob Blogger at 7:06 AM 0 comments

Subscribe to: Posts (Atom)

CNN.com

Loading...

News: Breaking News -- MercuryNews.com

Loading...

AP Top U.S. News At 8:45 p.m.

Loading...