Thursday, August 23, 2007

US-CERT Technical Cyber Security Alert TA07-235A -- Trend Micro ServerProtect Contains Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

National Cyber Alert System

Technical Cyber Security Alert TA07-235A

Trend Micro ServerProtect Contains Multiple Vulnerabilities

Original release date: August 23, 2007
Last revised: --
Source: US-CERT

Systems Affected

* Trend Micro ServerProtect for Windows/Novell Netware

Overview

A number of vulnerabilities exist in the Trend Micro ServerProtect
antivirus product. These vulnerabilities could allow a remote attacker
to completely compromise an affected system.

I. Description

Multiple buffer overflow vulnerabilities and an integer overflow
vulnerability have been discovered in the RPC interfaces used by
various components in Trend Micro's ServerProtect software package.
These vulnerabilities could be exploited by a remote attacker with the
ability to supply a specially crafted RPC request to the system
running the affected software.

Further information about the vulnerabilities is available in the
Vulnerability Notes Database.

II. Impact

A remote, unauthenticated attacker could execute arbitrary code on a
vulnerable system. The attacker-supplied code would be executed with
system privileges, resulting in a complete compromise of the affected
system.

III. Solution

Apply updates from Trend Micro

Trend Micro has provided an update for these vulnerabilities in

ServerProtect 5.58 for Windows NT/2000/2003 Security Patch 4 -
Build 1185

Administrators are encouraged to review this notice and apply the
patch as soon as possible.

Restrict network access to the affected components

Until the patch can be applied, administrators may wish to block
access to the vulnerable software from outside their network
perimeters, specifically by blocking access to the ports used by the
ServerProtect service (5186/tcp) and the ServerProtect Agent service
(3628/tcp). This will limit exposure to attacks; however, attackers
within the network perimeter could still exploit the vulnerabilities.

IV. References

* US-CERT Vulnerability Notes for Trend Micro ServerProtect Security
Patch 4 -
<http://www.kb.cert.org/vuls/byid?searchview&query=spnt_558_win_en_securitypatch4>
* README for Trend Micro ServerProtect 5.58 for Windows NT/2000/2003
Security Patch 4 - Build 1185 -
<http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch4_readme.txt>

____________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/techalerts/TA07-235A.html>
____________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA07-235A Feedback VU#959400" in the
subject.
____________________________________________________________________

For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________

Produced 2007 by US-CERT, a government organization.

Terms of use:

<http://www.us-cert.gov/legal.html>
____________________________________________________________________


Revision History

August 23, 2007: Initial release

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBRs3klPRFkHkM87XOAQL7zAf+PXpaSnXpigRzucYQBATk81xcjzQXhoQx
HSGK1rJfxF6rQfyP/KpoBxMLLVvFkPbixK/Q2Cc3h5SGRzLPk6KANXIW+dJ3lMVl
q0DHKdr8MLtczp+rQv8Dzhwoi+AT1DYmlqEnW0Rb1X5vSK26y1tUNbrIPmVocpIK
DcxFVuFS7NEBIgQEopnZn4cXq59uavjuNR9QMFfekZcM1dMvxkYEG46fY9oggSdD
DPHqg9fkfTZ8ARnzy44L6PMMkRtOTIdCOCfmTj/leC8Y+HggScZ2SziV3CxKvJVZ
2dCMGMkoPlPujqQxgR1L5DAT47KVYR5QbzbVqTFsUiNYH4pJ4W5G1g==
=v2XA
-----END PGP SIGNATURE-----

California Fire News

California Fire News

InciWeb: Snow Wildland Fire - 80 acres - 30%

Posted: 22 Aug 2007 06:38 PM GMT-06:00

Snow Wildland Fire

INCIDENT UPDATED 28 MIN. AGO

Summary

The Snow Fire began about 12 noon on Aug. 21, 2007 and is burning in heavy brush and timber at a slow to moderate rate of spread. The fire began at the top of Mt San Jacinto in the Snow Creek area northeast of Black Mountain Group Campground in steep and rugged wilderness terrain. Six abandoned structure at Camp Lackey has been burned, but no communities are threatened. The cause of the fire is under investigation.

Basic Information

Incident Type Wildland Fire
Cause Lightning
Date of Origin 08/21/2007 at 1157 hrs.
Location NE OF THE TOWN OF PINE COVE
Incident Commander Dave Fiorella

Current Situation

Total Personnel 585
Size 80 acres
Percent Contained 30%
Estimated Containment Date 08/27/2007 at hrs.
Fuels Involved

Heavy brush and timber.

Fire Behavior

Light to moderate rate of spread. Single Tree torching.

Significant Events

Six abandoned structure at Camp Lackey have been burned, but no communities are threatened. Manadatory evacuation of Black Mtn, Boulder Basin Campgrounds and the portion of the San Jacinto State Park Wilderness in the immediate fire area was completed Wednesday afternoon.

Outlook

Planned Actions

Continue direct line construction where possile. Utilize aircraft to support ground operations.

Projected Movement

NE in the Snow Creek drainage. Possible spread south toward Fuller Ridge.

Growth Potential

High

Terrain Difficulty

High

Remarks

6 airtankers, 19 crews, 7 helicopters, 16 engines, one dozer and 12 water tenders are on scene.

Weather

Current Wind Conditions 7 mph SE
Current Temperature 87 degrees
Current Humidity 19 %

California USAR - Team #6 Sent To Texas For Hurricane Dean

Posted: 22 Aug 2007 06:36 PM GMT-06:00

California USAR Teams Sent To Texas For Hurricane Dean

By Cal Fire News
Monday, August 20, 2007

Members of California's Urban Search and Rescue program traveled to Dallas, Texas, to prepare for the arrival of Hurricane Dean along the shores of Texas. Forty-three personnel were sent with specialized equipment to support rescue operations. They will stage in Dallas until the storm arrives, then mobilize into the impacted areas.

On Sunday, under orders from the Federal Emergency Management Agency, California's Urban Search and Rescue Task Force (USAR) #6 from the Riverside City Fire Department departed for a staging location in Dallas. The Task Force is comprised of 34 personnel and specialized equipment to help rescue victims trapped in structure collapses.

In a press release from the Governor's Office of Emergency Services (OES), Governor Schwarzenegger said, "I want to make sure California does everything it can to help authorities in Texas as they prepare for the impact of Hurricane Dean. My Office of Emergency Services will continue to monitor the situation and stands ready to assist in deploying whatever other available resources it can to help Texas state officials and FEMA respond to and recover from this storm.

CA-HUU- Redwood - Vegetation Fire

Posted: 22 Aug 2007 06:16 PM GMT-06:00

Location: Near Hwy 101 and Redwood drive, in Garberville
Sizeup: 5-6 acres, Moderate ROS
Large Resource order placed

CA-NEU- 80 incident (Interchange) - Vegetation Fire

Posted: 22 Aug 2007 07:46 PM GMT-06:00

CA-NEU-Interchange Vegetation Fire -Header from Tahoe Donner 80 Incident
Credit: KCRA Web Cam screen shot
Alert! -
Threat to Tahoe Donner Subdivision,
I-80 closed WB from Donner to Truckee.
Location: August 22, 2007 1:46 pm - WB I80 AT DONNER LAKE RD - Truckee west of town in the Tahoe Donner area Nevada-Yuba-Placer Unit .
Sizeup: Initial reports from the scene were two spot fires approximately two
acres in size. Fire has a rapid ROS, structure threat, Power lines are down. Per CHP CAD, power lines are down across WB I-80 and are holding traffic WB
Resources:
3- Type 1 Stike teams ordered
3- Type 3 Strike teams ordered
H-404 enroute
DT 1642 from SCU -> NEU for cover
SCU 9160 C -> AEU Cover
Comms: Com- 154.130 Tac- White 3154.295

Update: 1600 hrs. North Ops is currently putting this fire at between 80 and 100 acres
  • 80 acres, has crested top of hill, only a "short run" to Tahoe Donner subdivision
  • Per fire traffic, and CHP CAD - NO evacuations at this time. Donner Lake area
  • 2 additional air tankers ordered, total of 6, spotting in drainage.
  • Structure protection strike teams staging @ Northwoods and Northwoods Blvd.
  • Ops requesting DC-10 Air Tanker - declined.

    CAL FIRE Information (530) 823-4083 (80 Fire Information)


CA-SNF- Vista Incident - Forest Fire

Posted: 22 Aug 2007 03:27 PM GMT-06:00

CA-SNF- Vista Incident - Full Wildland Dispatch

Location: Sherman Pass Road at Moon Meadow, Sequoia NF Road 22 S 20 to just below Road 22 S 20 at Vista
Sizeup: 1st engine on scene reports 2 acres in Heavy brush and Timber, Moderate ROS, burning to the SW, requesting a second alarm.
Resources: Air Attack 410 Helo 523 enroute, Enroute En 41, 42, 45, req. Air Attack, 2 ATs, Scorpion 4.
IC Request 4 additional ATs 1 Helo and a lead plane immediate need.
T76 is onscene
Comms:
Air 169.150
A/A 135.975
Ground Tac: Sequoia NF Channel 2

Updates: (1) 50 + acres Rapid ROS, request to have on Stand by for evacuatation of Black Rock Campground.
Air Attack 410
Tankers 75, 76, 78, 88, 89
Helos 523
Approx. 10 Engines
webcam: Column showing
http://sierrafire.cr.usgs.gov/cgi-bi...breckenridge_2

Fire truck crashes on way to fire - Minor injuries

Posted: 22 Aug 2007 01:56 PM GMT-06:00


A Brooktrails fire engine rests on its side after a Saturday afternoon crash...
(The Willits News)

A Brooktrails fire engine rests on its side after a Saturday afternoon crash... (The Willits News)The Willits News - Fire truck crashes on way to fire:

A fire engine from the Brooktrails Fire Department crashed on its way to an afternoon vegetation fire on Sherwood on Saturday, August 18. Of the five volunteer firefighters on the pumper fire truck, two received minor injuries.

Battalion Chief Robert Nowlin, 40, received a broken finger and Firefighter Adam Stewart, 27, has bruised ribs and a minor leg injury.


The other firefighters, Neil Banham, 53, Josh Moralez, 18, and Jake Jones, 19, escaped injury.

While the fire engine was en route to the mixed grass and timber fire, its right-side wheels traveled off the main portion of the roadway, causing it to slide out of control on the dirt. Even though Nowlin attempted to regain control, he was unable to and the truck rolled onto its right side beside the roadway, says Officer Terry Munoz of the California Highway Patrol. Other members of the fire department following arrived promptly on scene and extricated the crew.

"I am so grateful that the crew was not seriously injured and that no one from the public was injured, either," says Brooktrails Fire Chief Daryl Schoeppner. "Firefighting is a risky job; these guys put themselves at risk for the public every time they respond. We never like to see these kids of things happen,

Inciweb: Elk Complex Wildland Fire - 17,684 acres - 90%

Posted: 22 Aug 2007 01:25 PM GMT-06:00

Elk Complex Wildland Fire
Updated!

INCIDENT UPDATED 1:07 HRS. AGO
NEWS RELEASE

Klamath River Access Opened
FOR IMMEDIATE RELEASECONTACT: Duane Lyon August 17, 2007Phone: 530 841 4485 Website: www.fs.fed.us/r5/klamath Klamath National Forest Announces Changes in ClosuresYreka, CA - The Wingate River Acce... more

Community Oveview 8/4/07

Community Oveview 8/4/07
Credit: NorCal 1

view pictures || view maps

Summary

The Elk Complex is 90% contained. Crews continue to monitor. Check www.fs.fed.us/r5/klamath/conditions/ or call the Fire Information Center at 530 841 4451 for current information on road, trail, and river access closures.

Basic Information

Incident Type Wildland Fire
Cause Lightning
Date of Origin 07/10/2007 at 2201 hrs.
Location Happy Camp Ranger District
Incident Commander Herb Mclane

Current Situation

Total Personnel 114
Size 17,684 acres
Percent Contained 90%
Estimated Containment Date 10/30/2007 at 0700 hrs.
Fuels Involved

10 Timber (litter and understory). Mature heavy timber overstory with brush understory, large quantities of dead fuels and snags.

Fire Behavior

Slow moving surface fire in green pockets within fire prerimeter with isolated torching, creeping and roll-out on steep slopes.

Significant Events

Continued to secure line burned on previous days. Patrol, mop-up, and repair activities. Fire backed down to the Klamath River on the west.

Outlook

Planned Actions

Continue to secure the line burned on previous days. Continue to perform fireline repair.

Projected Movement

12 hours: Interior burning of unburn fuels.

24 hours: Potential for re-burn in areas wetted by previous rain event as drying continues.

48 hours: Potential for re-burn in areas wetted by previous rain event as drying continues.

72 hours: Potential for re-burn in areas wetted by previous rain event as drying continues.

Growth Potential

Low

Terrain Difficulty

Extreme

Containment Target

Likely to meet objectives based on current weather projections.

Remarks

Fire finished backing into the Klamath River. Portions of the Elk fire, Humming Bird fire and King Creek to / Titus / Wingate fires are in confinement status which accounts for the 90% continement. Plan to transition to a type 3 team on 08/05/07.

Weather

Current Wind Conditions 1 mph NW
Current Temperature 52 degrees
Current Humidity 75 %

Zaca Fire from Space: NASA’s Aqua satellite on August 21

Posted: 22 Aug 2007 01:26 PM GMT-06:00

Zaca 2 Wildfire, Southern California - 222,907 acres
Zaca Wildfire, Southern California Image. Caption explains image.
Image Acquired: August 21, 2007

Zaca Wildfire, Southern California

Since July 4, 2007, the Zaca Fire has been burning through chaparral and woodlands in Southern California's Los Padres National Forest. These images of the fire were captured by the Moderate Resolution Imaging Spectroradiometer (MODIS) on NASA's Aqua satellite on August 21, at which point the fire had burned over 220,000 acres. According to the daily report from the National Interagency Fire Center on August 22, the fire was about 80 percent contained.

The pair of images includes a photo-like version of the scene (top) and an infrared-enhanced version (bottom) that highlights burned areas (brick red) and possible open flames (bright pink). In both images, areas in which the sensor detected active fire are outlined in red. In the photo-like images, the dry vegetation of the chaparral landscapes of Southern California appear greenish brown, bare ground is light tan, and irrigated farmland is bright green.

The large images provided above have a spatial resolution (level of detail) of 250 meters per pixel. The MODIS Rapid Response Team provides twice-daily images of the region in additional resolutions.

NASA image courtesy the MODIS Rapid Response Team, Goddard Space Flight Center

CNN.com

News: Breaking News -- MercuryNews.com

AP Top U.S. News At 8:45 p.m.