Site Network: | | Jongsma & Jongsma

Innovation in Information Security

Coverage of important Information Security and Information Technology news and events from the research team at S?nnet Beskerming.

Username: | Password: Contact us to request an account

When Partial Disclosure Hurts

Less than 24 hours after iDefense released information onto multiple security mailing lists about discovered vulnerabilities in Trend Micro's ServerProtect software it appears that there is significant attention being focussed on finding systems that have yet to be patched.

According to the information being gathered by the ISC, it seems that heavy traffic on TCP port 5168 is related to attempts to find unpatched systems, with at least some systems appearing to be compromised. Administrators and network security staff that are recording strange activity on the above port have been requested by the ISC to provide them with full packet traces to aid in the analysis of just what is probing the systems (though a later article will show another means to recover what identifies an actual probe / attack).

Trend Micro have made available necessary patches, which concerned administrators can use to help protect their systems against unwanted attacks.

This all comes at the same time as exploit code has been released for some of the vulnerabilities patched in Microsoft's August Security Patch Release (MS07-042 attack code most recently spotted), and exploit code made available for vulnerabilities in msql and win32std support in PHP.

23 August 2007

Social bookmark this page at eKstreme.
Alternatively, Bookmark or Share via AddThis

Do you like how we cover Information Security news? How about checking out our company services, delivered the same way our news is.

Let our Free OS X Screen Saver deliver the latest security alerts and commentary to your desktop when you're not at your system.

Comments will soon be available for registered users.