If you have seen ID4, this is good!

James' Joke Archive
Return to Keyword Menu - Return to Title Menu
If you have seen ID4, this is good!

CERT(sm) Advisory CA-96.13
July 4, 1996

Topic: ID4 virus, Alien/OS Vulnerability
 
-------------------------------------------------------------------------

The CERT Coordination Center has received reports of weaknesses in
Alien/OS that can allow species with primitive information sciences
technology to initiate denial-of-service attacks against MotherShip(tm)
hosts.  One report of exploitation of this bug has been received.

When attempting takeover of planets inhabited by such races, a trojan
horse attack is possible that permits local access to the MotherShip
host, enabling the implantation of executable code with full root access
to mission-critical security features of the operating system.

The vulnerability exists in versions of EvilAliens' Alien/OS 34762.12.1
or later, and all versions of Microsoft's Windows/95.  CERT advises
against initiating further planet takeover actions until patches
are available from these vendors.  If planet takeover is absolutely
necessary, CERT advises that affected sites apply the workarounds as
specified below.
 
As we receive additional information relating to this advisory, we will
place it in
 
         ftp://info.cert.org/pub/cert_advisories/CA-96.13.README
 
We encourage you to check our README files regularly for updates on
advisories that relate to your site.
 

------------------------------------------------------------------------
 
 I.    Description
 
       Alien/OS contains a security vulnerability, which strangely enough
       can be exploited by a primitive race running Windows/95.  Although
       Alien/OS has been extensively field tested over millions of years by
       EvilAliens, Inc., the bug was only recently discovered during a
       routine invasion of a backwater planet.  EvilAliens notes that
       the operating system had never before been tested against a race
       with "such a kick-ass president."
 
       The vulnerability allows the insertion of executable code with
       root access to key security features of the operating system.  In
       particular, such code can disable the NiftyGreenShield (tm)
       subsystem, allowing child processes to be terminated by unauthorized
       users.
 
       Additionally, Alien/OS networking protocols can provide a
       low-bandwidth covert timing channel to a determined attacker.
 
 
 II.   Impact
 
       Non-privileged primitive users can cause the total destruction of
       your entire invasion fleet and gain unauthorized access to
       files.
 
 
 III.  Solution
 
       EvilAliens has supplied a workaround and a patch, as follows:
 
       A. Workaround
 
          To prevent unauthorized insertion of executables, install a
          firewall to selectively vaporize incoming packets that do not
          contain valid aliens.  Also, disable the "Java" option in
          Netscape.
 
          To eliminate the covert timing channel, remove untrusted
          hosts from routing tables.  As tempting as it is, do not use
          target species' own satellites against them.
 
 
       B. Patch
 
          As root, install the "evil" package from the distribution tape.
 
          (Optionally) save a copy of the existing /usr/bin/sendmail and
          modify its permission to prevent misuse.
 
 
------------------------------------------------------------------------
 The CERT Coordination Center thanks Jeff Goldblum and Fjkxdtssss for
 providing information for this advisory.
------------------------------------------------------------------------
 
 If you believe that your system has been compromised, contact the CERT
 Coordination Center or your representative in the Forum of Incident
 Response and Security Teams (FIRST).
 
 We strongly urge you to encrypt any sensitive information you send by
email.
 The CERT Coordination Center can support a shared DES key and PGP. Contact

the
 CERT staff for more information.
 
 Location of CERT PGP key
          ftp://info.cert.org/pub/CERT_PGP.key
 
 CERT Contact Information
 - ------------------------
 Email    cert@cert.org
 
 Phone    +1 412-268-7090 (24-hour hotline)
                 CERT personnel answer 8:30-5:00 p.m. EST
                 (GMT-5)/EDT(GMT-4), and are on call for
                 emergencies during other hours.
 
 Fax      +1 412-268-6989
 
 Postal address
         CERT Coordination Center
         Software Engineering Institute
         Carnegie Mellon University
         Pittsburgh PA 15213-3890
         USA
 
 CERT publications, information about FIRST representatives, and other
 security-related information are available for anonymous FTP from
         http://www.cert.org/
         ftp://info.cert.org/pub/
 
 CERT advisories and bulletins are also posted on the USENET newsgroup
         comp.security.announce
 
 To be added to our mailing list for CERT advisories and bulletins, send
your
 email address to
         cert-advisory-request@cert.org
 
 
 Copyright 1996 Carnegie Mellon University
 This material may be reproduced and distributed without permission
provided 
it
 is used for noncommercial purposes and the copyright statement is
included.
 
 CERT is a service mark of Carnegie Mellon University.
	
---------------------------------------------------------------------
More jokes like this:computer ID4 movie
Brought to you at http://terhune.net/jokes/