Cisco Unified Videoconferencing Affected by Multiple Vulnerabilities

Published: 2010-11-17
Last Updated: 2010-11-17 21:57:57 UTC
by Guy Bruneau (Version: 1)
0 comment(s)

Multiple vulnerabilities have been reported in Cisco Unified Videoconferencing (Cisco UVC) 5100 series which also impact Cisco Unified Videoconferencing 5200 and 3500 Series.[1]


There is currently no fixes for these vulnerabilities and Cisco recommends "limiting access to Cisco UVC web server to trusted hosts by disabling FTP, SSH, and Telnet services and by setting the "Security mode" field in the "Security" section of the Cisco UVC web GUI to Maximum."

The complete list of affected products/versions, including detailed information about the vulnerabilities can be found here.

[1] http://www.cisco.com/warp/public/707/cisco-sr-20101117-cuvc.shtml


-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot org

Keywords: Cisco Unified Videoconferencing
0 comment(s)

Conficker B++ Activated on Nov 15

Published: 2010-11-17
Last Updated: 2010-11-17 18:32:50 UTC
by Guy Bruneau (Version: 1)
1 comment(s)

We have received reports indicating that Conficker B++ (also known as Downup, Downadup and Kido) activated on the 15 Nov around 10 PM EST time. If you have samples or packets to share, please submit them via our contact page.
 

[1] http://en.wikipedia.org/wiki/Conficker

 

*** Update 2

We have determined the reports we have received appear to be isolated and unrelated incidents.

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot org

 

***UPDATE

We are still looking into the reported events. On the surface it would appear that the reported events are "standard" Conficker infections and behavior. At this time we do not have any binary samples, and are working from third party reports.  From what little is known, this does not appear to be a new version of Conficker, or any new behavior patterns that havent' been discussed publicly. ( http://mtc.sri.com/Conficker/ for more details)   If any of that changes we will update this diary entry with those results.  - Andre Ludwig - Shadowserver

Keywords: Conficker Downup Downadup
1 comment(s)

Reference on Open Source Digital Forensics

Published: 2010-11-17
Last Updated: 2010-11-17 01:52:51 UTC
by Guy Bruneau (Version: 1)
0 comment(s)

This site initially started by Brian Carrier is now maintained by a team of volunteers, contains a large repository of open source digital forensics tools, papers, images and procedures on digital forensics. If your favourite open source tool is not listed on this site, you can submit it to get added to the list. [1]

[1] http://www2.opensourceforensics.org

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot org

Keywords: Digital Forensics
0 comment(s)

Comments

What's this all about ..?

Anonymous

Dec 3rd 2022
9 months ago

password reveal .

Anonymous

Dec 3rd 2022
9 months ago

<a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure:

<a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure. The social networks are not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go.

<a hreaf="https://technolytical.com/">the social network</a> is not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go. The social networks only collect the minimum amount of information required for the service that they provide. Your personal information is kept private, and is never shared with other companies without your permission

Anonymous

Dec 26th 2022
9 months ago

https://thehomestore.com.pk/

Anonymous

Dec 26th 2022
9 months ago

<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> public bathroom near me</a>
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> nearest public toilet to me</a>
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> public bathroom near me</a>

Anonymous

Dec 26th 2022
9 months ago

<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> public bathroom near me</a>
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> nearest public toilet to me</a>
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> public bathroom near me</a>

Anonymous

Dec 26th 2022
9 months ago

https://defineprogramming.com/

Anonymous

Dec 26th 2022
9 months ago

https://defineprogramming.com/

https://defineprogramming.com/

Dec 26th 2022
9 months ago

Enter comment here... a fake TeamViewer page, and that page led to a different type of malware. This week's infection involved a downloaded JavaScript (.js) file that led to Microsoft Installer packages (.msi files) containing other script that used free or open source programs.
distribute malware. Even if the URL listed on the ad shows a legitimate website, subsequent ad traffic can easily lead to a fake page. Different types of malware are distributed in this manner. I've seen IcedID (Bokbot), Gozi/ISFB, and various information stealers distributed through fake software websites that were provided through Google ad traffic. I submitted malicious files from this example to VirusTotal and found a low rate of detection, with some files not showing as malware at all. Additionally, domains associated with this infection frequently change. That might make it hard to detect.
https://clickercounter.org/

https://defineprogramming.com/

Dec 26th 2022
9 months ago

Enter corthrthmment here...

rthrth

Jan 2nd 2023
8 months ago

Login here to join the discussion.


Diary Archives