Virus Warnings from 2002 (Jan 01 - Jan 02, 2002)[Jump to Amiga] [Jump to Windows] [Jump to Mac] [Jump to Linux] [Jump to Misc and Hoaxes]
D Amiga Virus Links * Virus Help Denmark Amiga Warnings
01 January 2002 - Previous Warnings Moved to Archives
If you are having difficulty finding something that was here before,
then enter a word in our Search Site Engine.
Top of Page
D Windows Virus Links * F-Secure: Last Fifty warnings
* NAI: New Viruses
02 January 2002 - OCIPEP Advisory Number AV01-020 W32.Gokar
The Canadian Office of Critical Infrastructure Protection and Emergency
Preparedness Virus Assessment says that W32.Gokar is a mass mailing worm
written in Visual Basic. E-mails containing the worm use various subject
lines and the attachment is a randomly generated ".pif", ".scr", ".exe",
".com", or ".bat" file. The attachment must be opened in order to trigger
the worm. The worm can also spread through IRC. OCIPEP has not received
any reports of this worm being detected on Canadian systems but will
continue to monitor the situation. If you have any information regarding
this worm on Canadian systems, please contact OCIPEP.
02 January 2002 - OCIPEP Advisory Number AV01-015 W32.Badtrans.B
The Canadian Office of Critical Infrastructure Protection and Emergency
Preparedness says the purpose of this advisory is to bring attention to
a virus named W32.Badtrans.B. This virus has been rated a medium threat
by several virus detection vendors, and other sources indicate it is
spreading in Europe.
[Note from vht-can]
OCIPEP states in this advisory, that they had not received any reports of
this virus being detected on Canadian systems. As of Wed Jan 2nd 2002,
they now have my report of receiving this virus in Canada. On Christmas
day, my brother-in-laws machine sent me a copy of this virus.
02 January 2002 - UNIRAS: New variant of the Maldal virus
The UNIRAS (UK Govt CERT) which is part of NISCC (National Infrastructure
Security Co-ordination Centre) says this new variant is not detected by
all current Anti Virus definitions.
This is being called W32/Maldal.2b73-mm and Maldal.gen (by NAI) but this
name may change.
Related Links:
* Click here for vnunet.com article
An email bearing New Year greetings also contains a malicious worm
that is spreading in Europe and the US, according to experts.
Computer Associates (CA) International has assigned a 'medium-to-high'
risk to Reeezak, also known as W32/Reeezak.A@mm, W32/Zacker.C@mm and
W32.Maldal.C@mm, which masquerades as a Macromedia Flash holiday
greeting.
* Symantec Security Response - W32.Maldal.D@mm
W32.Maldal.D@mm was written and distributed on December 28th of 2001.
The virus code is in Visual Basic. It is about 27KB in size packed
with Aspack. The worm utilizes Outlook to spread itself to everybody
in the Outlook address book.
01 January 2002 - NIPC Update: Universal Plug and Play Vulnerabilities
National Infrastructure Protection Center Update Advisories - 01-030.2
This advisory updates NIPC Advisory 01-030 regarding what Microsoft
refers to as a critical vulnerability in the universal plug and play
(UPnP) service in Windows XP, Millennium Edition (ME) and Windows 98
or Windows 98SE systems. This vulnerability could lead to denial of
service attacks and system compromise. Microsoft has released a patch
(Microsoft Security Bulletin 01-059) for this vulnerability at the
following site: MicroSoft Bulletin MS01-059
Other news sites in regards to this apparent problem:
* ZDNet: FBI Warns On Windows XP Hole
* CERT Advisory CA-2001-37
* CIAC Information Bulletin Number M-030
* Tim Mullen: Fear, Uncertainty and Doubt, Inc.
01 January 2002 - Previous Warnings Moved to Archives
If you are having difficulty finding something that was here before,
then enter a word in our Search Site Engine.
Top of Page
D Macintosh Virus Links * F-Secure: Last Fifty warnings
01 January 2002 - Apple Mac OS X Credentials Disclosure Vulnerability
Apple Mac OS X PPP Authentication Credentials Disclosure Vulnerability
SecurityFocus says an issue has been reported in Mac OS X which could
disclose the authentication information for a PPP connection. If a user
has established a PPP connection, executing a ps command will not only
display the information about current processes running, but will
disclose the PPP username and password for Internet Connect. (Security
Focus Bugtraq ID: 3753)
01 January 2002 - Previous Warnings Moved to Archives
If you are having difficulty finding something that was here before,
then enter a word in our Search Site Engine.
Top of Page
D Linux Virus Links * F-Secure: Last Fifty warnings
01 January 2002 - Previous Warnings Moved to Archives
If you are having difficulty finding something that was here before,
then enter a word in our Search Site Engine.
Top of Page
D Miscellaneous and HOAX Virus Links * Vmyths.com Virus Myths & Hoaxes
01 January 2002 - Palm OS: a Platform for Malicious Code? Part Two
This is the second of a two-part series that will attempt to establish
to what degree Palm OS-based systems represent a suitable platform for
malicious code. The first article examined the operating system in general
as well some of the types of malicious code that could be used to infect
Palm OS platforms. This installment will look at file system viruses,
non-overwriting link viruses, compressing link viruses, existing Palm OS
malware, and virus scanners for Palm OS. (by Markus Schmall)
* Palm OS: A Platform for Malicious Code? Part One
01 January 2002 - M-031: Buffer Overflow in System V Derived Login
CIAC services says a vulnerability has been discovered in the login
program for many System V-derived Unix implementations that allows
unauthorized root access. This vulnerability can be remotely exploited
to gain privileges of the invoker of login. Programs such as telnetd,
rlogind, and other suid root programs will allow root access to the
system. Solution: Apply the patch from vendor.
Platform: IBM AIX versions 4.3 and 5.1, Hewlett-Packard's HP-UX
SCO OpenServer 5.0.6 and earlier, SGI IRIX 3.x and
Sun Solaris 8 and earlier
01 January 2002 - Previous Warnings Moved to Archives
If you are having difficulty finding something that was here before,
then enter a word in our Search Site Engine.
Check out the Archives Section for old virus warnings.
Top of Page
