Black Hat Briefings
The next Black Hat USA 2002 Briefings and Training is scheduled for July 29 through August 1 in Las Vegas. Windows & .NET Magazine and the Security Administrator newsletter are sponsoring this popular event that includes a series of informational briefings and a training series. The briefings include more than 30 talks by notable industry insiders covering a wide range of topics such as using biometrics, auditing source code, tracing anonymous users, securing databases, using second-generation honeypots, securing email, attacking wireless networks, cracking Voice over IP (VoIP) Cisco Systems router forensics, and more. The training series includes 12 sessions that cover security-related tools and toolkits, Active Directory (AD) security, advanced Internet Control Message Protocol (ICMP) scanning techniques, and a variety of hacking techniques (e.g., hacking into Cisco networks).
http://www.blackhat.com/html/bh-usa-02/bh-usa-02-index.html
SANSFIRE 2002
The System Administration, Networking, and Security (SANS) Institute hosts numerous training events each year. The Institute's SANSFIRE 2002 event is scheduled for June 25 through July 2 in Boston. The event is for new and experienced security practitioners and includes several learning tracks, including security essentials, firewalls, perimeter protection and VPNs, intrusion detection in-depth, hacker techniques, exploits and incident handling, securing Windows, securing UNIX, auditing, forensic investigation and response, information security officer training, and more.
http://www.sans.org/SANSFIRE02
If you're looking for a seminar to attend outside the United States, CSI, Black Hat, and SANS all host conferences in various countries. For information about these international events, visit each organization's respective Web site. Of course, you can perform a simple Web search to locate a variety of conferences and seminars presented by other organizations. For example, I used the URLs below to search Google, and the search results revealed dozens and dozens of interesting events. Although most security-related conferences are hosted by non-vendor-affiliated organizations, many security product and service vendors offer seminars to create a better understanding of how particular products fit into a given security strategy.
http://www.google.com/search?hl=en&lr=&q=security+%2bseminar
http://www.google.com/search?hl=en&lr=&q=security+%2bconference
SPONSOR: CONNECTED HOME VIRTUAL TOUR
WIN A FREE $200 GIFT CERTIFICATE TO ROADWIRED.COM!
Visit the Connected Home Virtual Tour and browse through the latest home entertainment, home networking, and home automation options. Sign up for prize drawings, too, and you might win a free gift certificate to RoadWired.com. Take the tour today!
http://www.connectedhomemag.com/virtualtour
2. SECURITY RISKS
(contributed by Ken Pfeil, ken@winnetmag.com)
Buffer-Overrun Vulnerability in Macromedia'S JRun Server 3.1 anD JRUN 3.0
David Litchfield of Next Generation Security Software discovered a buffer-overrun condition in Macromedia's JRun Server 3.1 and Jrun 3.0. The Internet Server API (ISAPI) .dll filter that JRun uses to handle requests for .jsp resources doesn't properly handle overly long host header fields. As a result, an attacker can gain control over the process's execution. A more detailed advisory is located on Litchfield's Web site. Macromedia has released a bulletin regarding this vulnerability and recommends that affected users apply the appropriate patch listed in the bulletin.
http://www.secadministrator.com/articles/index.cfm?articleid=25406
DENIAL OF SERVICE IN MICROSOFT EXCHANGE 2000 SERVER
Several people from the Computing Center, Johannes Gutenberg University, Mainz, Germany, discovered a Denial of Service (DoS) condition in Exchange 2000. This vulnerability stems from a flaw in the way Exchange 2000 handles certain malformed message attributes specified in Request for Comments (RFC) 821 and RFC 822 on received mail. An attacker can use these malformed messages to cause the Store service to consume 100 percent of CPU resources until the Exchange server processes the mail message. Rebooting the server or restarting the service won't help because the Exchange server still must process the malformed message. Microsoft Security Bulletin MS02-025 (Malformed Mail Attribute can Cause Exchange 2000 to Exhaust CPU Resources) addresses this vulnerability and recommends that affected users apply the appropriate patch listed at the URL below.
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms02-025.asp
Unauthorized File Disclosure in Deerfield.cOM's WebSite Pro 3.1.11.0
Ory Segal discovered a vulnerability in Deerfield.com's WebSite Pro 3.1.11.0 that can disclose source-script code to an unauthorized user. This condition appears when the software attempts to serve files with at least a four-character extension (e.g., .shtml), which it requests by using 8.3-format filenames. Deerfield has released version 3.1.13.0, which addresses this vulnerability.
http://www.secadministrator.com/articles/index.cfm?articleid=25385
Authentication Flaw in Windows Debugger
A vulnerability exists in the authentication mechanism of the Windows 2000 and Windows NT 4.0 debugging facility that can let an unauthorized program gain access to the debugger. An attacker can use this vulnerability to cause a running program to execute a program of the attacker's choice under the system security context. Microsoft Security Bulletin MS02-024 (Authentication Flaw in Windows Debugger can Lead to Elevated Privileges) addresses these vulnerabilities and recommends that affected users apply the appropriate patch listed in the bulletin at the second URL below.
http://www.secadministrator.com/articles/index.cfm?articleid=25367
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms02-024.asp
