General Alerts & Security Issues from 2002



[Home] - [About Us] - [News] - [Downloads] - [Warnings] - [Links]
[Archives] - [Non-Java Web Chat] - [PGP] - [Search Page] - [Feedback]

   Virus Warnings from 2002 (Jan 01 - Jan 02, 2002)

[Jump to Amiga] [Jump to Windows] [Jump to Mac] [Jump to Linux] [Jump to Misc and Hoaxes]
AmigaD Amiga Virus Links
   * Virus Help Denmark Amiga Warnings

    01 January 2002 - Previous Warnings Moved to Archives
   If you are having difficulty finding something that was here before,
   then enter a word in our Search Site Engine.

   Top of Page

WindowsD Windows Virus Links
   * F-Secure: Last Fifty warnings
   * NAI: New Viruses

    02 January 2002 - OCIPEP Advisory Number AV01-020 W32.Gokar
   The Canadian Office of Critical Infrastructure Protection and Emergency
   Preparedness Virus Assessment says that W32.Gokar is a mass mailing worm
   written in Visual Basic. E-mails containing the worm use various subject
   lines and the attachment is a randomly generated ".pif", ".scr", ".exe",
   ".com", or ".bat" file. The attachment must be opened in order to trigger
   the worm. The worm can also spread through IRC. OCIPEP has not received
   any reports of this worm being detected on Canadian systems but will
   continue to monitor the situation. If you have any information regarding
   this worm on Canadian systems, please contact OCIPEP.

    02 January 2002 - OCIPEP Advisory Number AV01-015 W32.Badtrans.B
   The Canadian Office of Critical Infrastructure Protection and Emergency
   Preparedness says the purpose of this advisory is to bring attention to
   a virus named W32.Badtrans.B. This virus has been rated a medium threat
   by several virus detection vendors, and other sources indicate it is
   spreading in Europe.
   [Note from vht-can]
   OCIPEP states in this advisory, that they had not received any reports of
   this virus being detected on Canadian systems. As of Wed Jan 2nd 2002,
   they now have my report of receiving this virus in Canada. On Christmas
   day, my brother-in-laws machine sent me a copy of this virus.

    02 January 2002 - UNIRAS: New variant of the Maldal virus
   The UNIRAS (UK Govt CERT) which is part of NISCC (National Infrastructure
   Security Co-ordination Centre) says this new variant is not detected by
   all current Anti Virus definitions.
   This is being called W32/Maldal.2b73-mm and Maldal.gen (by NAI) but this
   name may change.
   Related Links:
   * Click here for vnunet.com article
   An email bearing New Year greetings also contains a malicious worm
   that is spreading in Europe and the US, according to experts.
   Computer Associates (CA) International has assigned a 'medium-to-high'
   risk to Reeezak, also known as W32/Reeezak.A@mm, W32/Zacker.C@mm and
   W32.Maldal.C@mm, which masquerades as a Macromedia Flash holiday
   greeting.
   * Symantec Security Response - W32.Maldal.D@mm
   W32.Maldal.D@mm was written and distributed on December 28th of 2001.
   The virus code is in Visual Basic. It is about 27KB in size packed
   with Aspack. The worm utilizes Outlook to spread itself to everybody
   in the Outlook address book.

    01 January 2002 - NIPC Update: Universal Plug and Play Vulnerabilities
   National Infrastructure Protection Center Update Advisories - 01-030.2
   This advisory updates NIPC Advisory 01-030 regarding what Microsoft
   refers to as a critical vulnerability in the universal plug and play
   (UPnP) service in Windows XP, Millennium Edition (ME) and Windows 98
   or Windows 98SE systems. This vulnerability could lead to denial of
   service attacks and system compromise. Microsoft has released a patch
   (Microsoft Security Bulletin 01-059) for this vulnerability at the
   following site: MicroSoft Bulletin MS01-059
   Other news sites in regards to this apparent problem:
   * ZDNet: FBI Warns On Windows XP Hole
   * CERT Advisory CA-2001-37
   * CIAC Information Bulletin Number M-030
   * Tim Mullen: Fear, Uncertainty and Doubt, Inc.

    01 January 2002 - Previous Warnings Moved to Archives
   If you are having difficulty finding something that was here before,
   then enter a word in our Search Site Engine.

   Top of Page

MacintoshD Macintosh Virus Links
   * F-Secure: Last Fifty warnings

    01 January 2002 - Apple Mac OS X Credentials Disclosure Vulnerability
   Apple Mac OS X PPP Authentication Credentials Disclosure Vulnerability
   SecurityFocus says an issue has been reported in Mac OS X which could
   disclose the authentication information for a PPP connection. If a user
   has established a PPP connection, executing a ps command will not only
   display the information about current processes running, but will
   disclose the PPP username and password for Internet Connect. (Security
   Focus Bugtraq ID: 3753)

    01 January 2002 - Previous Warnings Moved to Archives
   If you are having difficulty finding something that was here before,
   then enter a word in our Search Site Engine.

   Top of Page

LinuxD Linux Virus Links
   * F-Secure: Last Fifty warnings

    01 January 2002 - Previous Warnings Moved to Archives
   If you are having difficulty finding something that was here before,
   then enter a word in our Search Site Engine.

   Top of Page

MiscellaneousD Miscellaneous and HOAX Virus Links
   * Vmyths.com Virus Myths & Hoaxes

    01 January 2002 - Palm OS: a Platform for Malicious Code? Part Two
   This is the second of a two-part series that will attempt to establish
   to what degree Palm OS-based systems represent a suitable platform for
   malicious code. The first article examined the operating system in general
   as well some of the types of malicious code that could be used to infect
   Palm OS platforms. This installment will look at file system viruses,
   non-overwriting link viruses, compressing link viruses, existing Palm OS
   malware, and virus scanners for Palm OS. (by Markus Schmall)
   * Palm OS: A Platform for Malicious Code? Part One

    01 January 2002 - M-031: Buffer Overflow in System V Derived Login
   CIAC services says a vulnerability has been discovered in the login
   program for many System V-derived Unix implementations that allows
   unauthorized root access. This vulnerability can be remotely exploited
   to gain privileges of the invoker of login. Programs such as telnetd,
   rlogind, and other suid root programs will allow root access to the
   system. Solution: Apply the patch from vendor.
   Platform: IBM AIX versions 4.3 and 5.1, Hewlett-Packard's HP-UX
             SCO OpenServer 5.0.6 and earlier, SGI IRIX 3.x and
             Sun Solaris 8 and earlier

    01 January 2002 - Previous Warnings Moved to Archives
   If you are having difficulty finding something that was here before,
   then enter a word in our Search Site Engine.


   Check out the Archives Section for old virus warnings.

   Top of Page

Virus Help Team Canada Site (c)2000-2012 by Charlene
VHT-CAN and our webhoster disclaimes any responsibility for software
obtained through this site. Contact VHT-Canada