| Previous Alerts |
|
14-01-2009: Kwetsbaarheid certificaten |
|
Kwetsbaarheid certificaten
Afgelopen weken is een kwetsbaarheid aan het licht gekomen met betrekking tot SSL certificaten. Met gebruik van 200 Playstations 3 is men erin geslaagd een certificaat te ... More
|
|
11-07-2008: CERT-2008-1447 DNS vulnerability en patch |
|
CERT-2008-1447 DNS vulnerability en patch
Het Domain Name System (DNS) is een mechanisme op het Internet waarmee
voor mensen hanteerbare computer-aanduidingen, zoals de naam van een
website, vertaa... More
|
|
02-04-2007: Animated cursor ANI exploit in Windows |
|
Microsoft Windows animated cursor ANI header stack buffer overflow exploit
Over the last few days, multiple real-world eplxoits have been reported using the recently disclosed buffer overflow in th... More
|
|
22-09-2006: MS Internet Explorer vulnerability in VML |
|
Microsoft Internet Explorer vulnerability in VML Could Allow Remote Code Execution
Recently problems are reported concerning a vulnerability in VML which could allow Remote Code Execution. There is a ... More
|
|
24-04-2006: External DNS recursion on TUNIX Firewalls |
|
External DNS and recursion on TUNIX/Firewalls
Certain issues have come to light recently with regard to recursive DNS queries(*) to DNS servers which have prompted TUNIX to reevaluate its views about ... More
|
|
23-03-2006: Race condition in sendmail |
|
Race condition in sendmail
This vulnerability only occurs when sendmail is used as the outside front-end for the SMTP protocol. The TUNIX/Firewall uses an intermediate front-end, called smap, and the... More
|
|
23-03-2006: OPIE arbitrary password change |
|
OPIE arbitrary password change
The TUNIX/Firewall has OPIE authentication disabled. Therefore it is not vulnerable to this problem.
A problem has been discovered in FreeBSD's OPIE authentication whic... More
|
|
23-03-2006: IPsec replay attack vulnerability |
|
IPSec replay attack vulnerability
IPSec provides standard protection against replay attacks. A replay attack is usually done by recording traffic and resending it at another time, causing different ki... More
|
|
02-01-2006: Microsoft Windows WMF exploits advisory |
|
Microsoft Windows WMF exploits advisory
An update from Microsoft that fixes this vulnerabilty is now available:
http://www.microsoft.com/athome/security/update/bulletins/200601_WMF.mspx
A very se... More
|
|
09-12-2005: Sober.Y download advisory |
|
Sober.Y download advisory
According to anti-virus sources the Sober.Y worm will begin downloading and running a file to attempt to update itself on Januari 5th 2006:
http://www.f-secure.com/weblog/a... More
|
|
07-12-2005: Cisco IOS HTTP vulnerability |
|
TUNIX security advisory
This advisory contains important information for users of any Tunix supplied Cisco Soho devices, about the following CERT warnings:
Cisco IOS HTTP Server Command Injection Vul... More
|
|
07-12-2005: Beveiliging in de pers |
|
DNS Beveiliging in de pers
De laatste weken verschijnen artikelen in de Computable waarin gediscussieerd wordt over de beveiliging van DNS. Deze discussie is dringend nodig maar roept wellicht vragen ... More
|
|
29-11-2005: Windows Update may fail through a Corporate Firewall filtering HTTP traffic |
|
Windows Update may fail through a Corporate Firewall filtering HTTP traffic.
Applies to: customers using the latest version of Windows Update (v6) when proxy settings are configured in Internet Explor... More
|
|
04-10-2005: Kaspersky Virus Scanner Vulnerability |
|
Kaspersky Virus Scanner Vulnerability
Recently, a vulnerability in the Kaspersky virus scanner has been discovered. This vulnerability may allow remote attackers to run arbitrary code on the machine r... More
|
|
06-07-2005: SecureBase 4 TCP stack |
|
SecureBase 4 TCP stack
TUNIX security advisory:
Two problems have been discovered in the SecureBase 4 TCP stack,
which theoretically could lead to a vulnerability for a DOS attack.
* Impact: Low/me... More
|
|
03-05-2005: Email-Worm.Win32.Sober.p |
|
Email-Worm.Win32.Sober.p
The Kaspersky virusscanner for email on TUNIX firewalls detects
this virus, if the firewall uses a recent signature-database.
(20050502194227) Under normal circumstances, thes... More
|
|
08-02-2005: MSN Messenger vulnerability |
|
TUNIX security advisory:
This advisory contains important information for users of MSN Messenger.
MSN Messenger
Exploit for MSN Messenger vulnerability available on the internet.
On Februari 8 2005 ... More
|
|
01-02-2005: Imintouch Remote-access |
|
Imintouch - Remote-access
Imintouch by "01 communique" is remote control software which enables
browser-based access from and to any Internet-connected Windows PC
through regular https traffic. It tr... More
|
|
01-02-2005: AWStats vulnerabilities |
|
TUNIX security advisory:
This advisory contains important information for users of AWStats
AWstats
An exploit is found for the following security hole:
A security hole was recently found in AWStats ... More
|
|
04-01-2005: Mail from Planet Internet is blocked |
|
Mail sent via smtp.wxs.nl is blacklisted
Due to circumstances out of our control the netrange 195.121/16 is
blacklisted in the rbl-plus.maps.tunix.nl, which is mirrored from
rbl-plus.mail-abuse.org.
... More
|
|
01-01-2005: IM-Worm.Win32.VB.a |
|
TUNIX security advisory
This advisory contains a warning for MSN users:
IM-Worm.Win32.VB.a
IM-Worm.Win32.VB.a
This virus spreads via the MSN-Messenger contactlist.
The virus drops a backdoorprogr... More
|
|
01-01-2005: Cisco vulnerabilities |
|
TUNIX security advisory
This advisory contains important information for users of any Tunix supplied Cisco Soho or PIX firewalls, about the following CERT warnings:
VU#472582 Cisco IOS IPv6 denial-of... More
|
|
01-11-2004: I-Worm.Sober.i |
|
I-Worm.Sober.i
The AVP virusscanner for email on TUNIX firewalls detects this virus,
if the firewall uses a recent signature-database (20041119104119).
Under normal circumstances, these signatures ar... More
|
|
01-10-2004: I-Worm.Bagle.at |
|
I-Worm.Bagle.at
The AVP virusscanner for email on TUNIX firewalls detects this virus,
if the firewall uses a recent signature-database (20041029092123).
Under normal circumstances, these signatures a... More
|
|
01-07-2004: I-Worm.Mydoom.m |
|
I-Worm.Mydoom.m
The AVP virusscanner for email on TUNIX firewalls detects this virus,
if the firewall uses a recent signature-database (TS200407261711,
KVDB200407261711 or later).
Under normal circum... More
|
|
01-05-2004: Zafi-b |
|
I-Worm.Zafi.b
The AVP virusscanner for email on TUNIX firewalls detects this virus,
if the firewall uses a recent signature-database (TS200406120910,
KVDB200406120910 or later).
Under normal circumst... More
|
|
01-05-2004: Worm win32.Sasser.a |
|
Worm.Win32.Sasser.a / b
These worms will not pass the TUNIX firewall through the currently known
method(s) by which it is propagating itself, UNLESS one explicitly
configures the firewall to open/rel... More
|
|
01-05-2004: Internet Explorer Exploits |
|
Internet Explorer Vulnerabilities with webmail
Several sources on the internet report serious vulnerabilities in
webmail applications and Internet Explorer.
These vulnerabilities can result in th... More
|
|
01-05-2004: I-Worm.Bagle.s |
|
I-Worm.Bagle.s alias Bagle.U
The AVP virusscanner for email on TUNIX firewalls detects this virus,
if the firewall uses a recent signature-database (TS200403261109,
KVDB200403261109 or later).
Under ... More
|
|
01-04-2004: I-Worm.Bagle.y |
|
I-Worm.Bagle.y
The AVP virusscanner for email on TUNIX firewalls detects this virus,
if the firewall uses a recent signature-database (TS200404271019,
KVDB200404271019 or later).
Under normal ... More
|
|
01-03-2004: Bagle-pqr |
|
I-Worm.Bagle.p,q,r
The AVP virusscanner for email on TUNIX firewalls detects this virus,
if the firewall uses a recent signature-database (TS200403181216,
KVDB200403181216 or later).
Under nor... More
|
|
01-02-2004: Netskyd |
|
I-Worm.Netsky.d
The AVP virusscanner for email on TUNIX firewalls detects this virus,
if the firewall uses a recent signature-database (TS200403011318,
KVDB200403011318 or later).
Under normal... More
|
|
01-02-2004: I-Worm.Moodown.b |
|
I-Worm.Moodown.b (Netsky)
The AVP virusscanner for email on TUNIX firewalls detects this virus,
if the firewall uses a recent signature-database (TS200402181238,
KVDB200402181238 or later).
Un... More
|
|
01-02-2004: Bagle.b |
|
I-Worm.Bagle.b
The AVP virusscanner for email on TUNIX firewalls detects this virus,
if the firewall uses a recent signature-database (TS200402171458,
KVDB200402171458 or later).
Under normal ... More
|
|
01-02-2004: Bagle-i |
|
I-Worm.Bagle.i
The AVP virusscanner for email on TUNIX firewalls detects this virus,
if the firewall uses a recent signature-database (TS200403031101,
KVDB200403031101 or later).
Under normal ... More
|
|
01-01-2004: I-Worm MyDoom |
|
I-Worm.Novarg (MyDoom)
The AVP virusscanner for email on TUNIX firewalls detects this virus,
if the firewall uses a recent signature-database (TS200401270838,
KVDB200401270838 or later).
Under... More
|
|
01-01-2004: I-Worm.Bagle |
|
I-Worm.Bagle
The AVP virusscanner for email on TUNIX firewalls detects this virus,
if the firewall uses a recent signature-database (TS200401190952 or
later).
Under normal circumstances, these... More
|
|
01-11-2003: I-Worm.Mimail |
|
I-Worm.Mimail.c
The AVP virusscanner for email on TUNIX firewalls detects this virus,
if the firewall uses a recent signature-database (TS200311030207 or
later).
Under normal circumstances, these sig... More
|
|
01-09-2003: I-Worm.Sven |
|
I-Worm.Swen
The AVP virusscanner for email on TUNIX firewalls detects this virus,
if the firewall uses a recent signature-database (TS200309181407 or
later).
Under normal circumstances, these signat... More
|
|
01-08-2003: Worm Blaster |
|
RPC DCOM WORM (MSBLASTER)
Discovered on: August 11, 2003
W32.Blaster.Worm is a worm that will exploit the DCOM RPC vulnerability (described in Microsoft Security Bulletin MS03-026) using TCP port 135... More
|
|
01-06-2003: I-Worm.Tanatos.b |
|
I-Worm.Tanatos.b (aka Bugbear.b)
The AVP virusscanner for email on TUNIX firewalls detects this virus,
if the firewall uses a recent signature-database (TS200306051242 or
later).
Under normal circums... More
|
|
01-05-2003: I-Worm.Fizzer |
|
I-Worm.Fizzer
The AVP virusscanner for email on TUNIX firewalls detects this virus,
if the firewall uses a recent signature-database (TS200305120507 or
later).
Under normal circumstances, these signa... More
|
|
01-02-2003: Supnot |
|
I-Worm.Supnot
Aliases: W32.Lovgate
The AVP virusscanner for email on TUNIX firewalls detects this virus,
if the firewall uses a recent signature-database (TS200302241548 or
later).
Under normal circu... More
|
|
01-01-2003: SQL Slammer |
|
The SQL-Slammer worm ( a.k.a. Sapphire,SQL-Hell )
The worm will not pass the TUNIX firewall through the currently known method(s) by which it is propagating itself,
UNLESS one explicitly configures t... More
|
|
01-01-2003: GotoMyPc |
|
GoToMyPC - Remote-access
GoToMyPC by Expertcity inc. is remote control software which enables browser-based access from and
to any Internet-connected Windows PC through regular http(s) traffic. It tr... More
|
|
01-01-2003: Avron |
|
I-Worm.Avron
The AVP virusscanner for email on TUNIX firewalls detects this virus,
if the firewall uses a recent signature-database (TS200301081407 or
later).
Under normal circumstances, these signat... More
|
|
01-11-2002: Bridex |
|
I-Worm.Bridex
The AVP virusscanner for email on TUNIX firewalls detects this virus,
if the firewall uses a recent signature-database (TS200211041351 or
later).
Under normal circumstances, these sign... More
|
|
01-10-2002: Trojan.VBS.Carewmr |
|
Trojan.VBS.Carewmr
The AVP virusscanner for email on TUNIX firewalls detects this virus,
if the firewall uses a recent signature-database (TS200210220221 or
later).
Under normal circumstances, these ... More
|
|
01-10-2002: I-Worm.Tanatos |
|
I-Worm.Tanatos
The AVP virusscanner for email on TUNIX firewalls detects this virus,
if the firewall uses a recent signature-database (TS200210010840 or
later).
Under normal circumstances, these sign... More
|
|
01-10-2002: FriendGreetings.com |
|
FriendGreetings.com
Update on the virus alert for friendgreetings.com (which is technically not a virus but can have
similar effects).
Several vendors of anti-virus software warn for friendgreetings.... More
|
|
01-08-2002: P2P-Worm Duload |
|
P2P-worm "Duload"
The AVP virusscanner for email on TUNIX firewalls detects this virus,
if the firewall uses a recent signature-database (TS200208221407 or
later).
Under normal circumstances, these s... More
|
|
01-08-2002: Death 25 virus backdoor |
|
Backdoor Death 25 backdoor/trojan/virus
The AVP virusscanner for email on TUNIX firewalls detects this virus,
if the firewall uses a signature-database that is updated since august
12th.
Under norma... More
|
|
01-07-2002: Frethem virus |
|
Frethem virus variants
The AVP virusscanner for email on TUNIX firewalls detects the k and
l variants of this virus if the virusscanner-signature ID TS200207151126
or later are used, these are dist... More
|
|
01-06-2002: I-worm.Lentin virus |
|
I-Worm.Lentin.G (Also known as Yaha)
The AVP virusscanner for email on TUNIX firewalls detects this
virus if the virusscanner-signature ID TS200206201314 or later are used, these are distributed si... More
|
|
28-01-2002: I-worm.Mypage virus |
|
I-Worm.Mypage
The AVP virusscanner for email on TUNIX firewalls detects this
virus if the newest virusscanner-signatures are used (ID TS200201281112 or later).
Under normal circumstances, these sig... More
|
|
06-12-2001: I-worm.Updater virus |
|
I-Worm.Updater
The AVP virusscanner for email on TUNIX firewalls detects this
virus if the newest virusscanner-signatures are used.
Under normal circumstances, these signatures are updated automati... More
|
|
27-09-2001: Lion worm |
|
I-worm.Homepage virus
risico: Medium
Tunix is op de hoogte van het bestaan van dit virus, AVP heeft een update uitgebracht voor detectie van dit virus. Deze kunt u ophalen door het volgende
commando... More
|
|
24-09-2001: Nimda virus |
|
Nimda Worm/Virus (UPDATED)
For more info please visit this CERT advisory.
The "Nimda" virus spreads itself via email, open netwerk-shares and
Microsoft IIS webservers and browse-traffic.
Currently ... More
|
|
19-06-2001: Microsoft IIS.ida bug |
|
INFO Microsoft IIS .ida bug
Naar aanleiding van recente berichten dat er op Microsoft IIS webservers
ingebroken kan worden met behulp van requests naar URLs eindigend op .ida,
wil TUNIX graag onder
d... More
|
|
19-06-2001: Anna Kournikova virus |
|
"Anna Kournikova" virus
Het virus I-Worm.Lee.o dat zich verspreid via een VBS attachment genaamd
"Anna-Kournikova.jpg.vbs" wordt geblokkeerd door de AVP scanner.
Risico: geen
TUNIX Support
Page l... More
|
|
07-06-2001: MsWorld virus |
|
"MsWorld" virus
Het "MsWorld" virus wordt via e-mail verspreid. Wanneer het attachment (MWrld.exe, MissWorld.exe, of MWld.exe) wordt uitgevoerd, verschijnt er een flash-scherm. Het virus verspreid zi... More
|
|
09-05-2001: Homepage virus |
|
I-worm.Homepage virus
risico: Medium
Tunix is op de hoogte van het bestaan van dit virus, AVP heeft een update uitgebracht voor detectie van dit virus. Deze kunt u ophalen door het volgende
commando ... More
|
|
06-03-2001: Naked Wife virus |
|
"Naked wife" virus
het virus "Naked wife" haalt diverse files weg uit de WINDOWS\SYSTEM
directory van machines waarop MS Outlook mailclient software draait,
waardoor het veel schade veroorzaakt aan h... More
|
|
18-11-2000: Microsoft IIS Unicode bug |
|
INFO Microsoft IIS Unicode bug
Naar aanleiding van recente berichten dat er op Microsoft IIS webservers
ingebroken kan worden met behulp van unicodes wil TUNIX graag onder
de aandracht brengen dat op... More
|
|
28-10-2000: Outlook Bufferoverflow Alerts |
|
INFO Outlook Bufferoverflow Alerts
The Outlook bufferoverflow that can cause an intrusion by reading mail
with POP of IMAP will not pass the TUNIX firewall. However, the
effects are depending on the l... More
|
|
27-05-2000: W97MResume.a@mm virus |
|
INFO W97M/Resume.a@mm VIRUS
TUNIX is bezig met een inventarisatie van het probleem.
Er is een tijdelijke patch die test op de string:
name=.*explorer.doc
Indien zo'n string aanwezig is, wo... More
|
|
19-05-2000: NewLove.A virus |
|
INFO NewLove.A VIRUS
AVP heeft een update vrijgegeven. Deze kan worden geactiveerd door op
de firewall in te loggen als fwmaster
en de volgende commandos uit te voeren:
cd /usr/local/etc/local/mailsc... More
|
|
12-05-2000: Southpark virus |
|
INFO Southpark VIRUS
TUNIX is bezig met een inventarisatie van het probleem.
Er is een tijdelijke patch die test op de strings:
name=.*park.exe
en
microsofttsucks
Indien zo'n strin... More
|
|
04-05-2000: I Love You virus |
|
UPDATE VOOR ILOVEYOU VIRUS
Om de update uit te voeren die het I LOVE YOU virus herkent,
dient u op de firewall in te loggen als fwmaster en het volgende
uit te voeren:
cd /usr/local/etc/local/mailsca... More
|
