NETWORK WORLD NEWSLETTER: JASON MESERVE'S VIRUS AND BUG PATCH ALERT 10/11/04 Today's focus: Linux flaws and fixes
Dear [EMAIL PROTECTED], In this issue: * Patches from Gentoo, Trustix, Debian, others * Beware latest Forbot variants * SANS unveils Top 20 security vulnerabilities, and other �� interesting reading * Links related to Virus and Bug Patch Alert * Featured reader resource _______________________________________________________________ This newsletter is sponsored by Veritas Meta Group Whitepaper Database Infrastructure Performance Challenges: Approaches to Better Manage Application Database and Storage Subsystem Performance Corporate relational databases now manage the majority of business-critical data within the enterprise. IT organizations face continuing challenges in managing increasingly complex, data-driven application environments. Read this white paper to discover several factors which will converge to challenge the IT organization's ability to manage its database software infrastructure. http://www.fattail.com/redir/redirect.asp?CID=84718 _______________________________________________________________ SECURITY CONCERNS STOPPING YOUR WLAN PLANS? Is it possible to deploy a secure wireless LAN with technology available today? That question preys on the minds of IT executives who are tempted to deploy enterprise WLANs, but are hesitant because of security concerns. Find out what we uncovered when we assembled 23 wireless products trying to get to the answer. Click here: http://www.fattail.com/redir/redirect.asp?CID=84759 _______________________________________________________________ Today's focus: Linux flaws and fixes By Jason Meserve Today's bug patches and security alerts: Gentoo, Mandrake Linux, Trustix release patch for cyrus-sasl Code in the cyrus-sasl library blindly accepts certain variables. This could be exploited by a local user to run their code of choice on the impacted machine with the privileges of cyrus-sasl. For more, go to: Gentoo: <http://security.gentoo.org/glsa/glsa-200410-05.xml> Mandrake Linux: <http://www.nwfusion.com/go2/1011bug1a.html> Trustix: <http://www.trustix.org/errata/2004/0053/> Debian, SuSE issue patch for samba A bug in Samba for Unix/Linux could be exploited by a remote user to gain access to arbitrary files on the affected machine. For more, go to: Debian: <http://www.debian.org/security/2004/dsa-600> SuSE: <http://www.suse.com/de/security/2004_35_samba.html> SuSE patches mozilla A new Mozilla update that fixes a number of issues found in the previous releases of the browser is available for SuSE users. Users are urged to download the package as soon as possible. For more, go to: <http://www.suse.com/de/security/2004_36_mozilla.html> Gentoo releases CUPS fix According to a Gentoo advisory, "CUPS leaks information about user names and passwords when using remote printing to SMB-shared printers which require authentication." For more, go to: <http://security.gentoo.org/glsa/glsa-200410-06.xml> Gentoo issues fix for Subversion Data could be leaked from Subvesion, a version control system that is designed to replace CVS. The flaw "could allow sensitive metadata of protected areas to be leaked to unauthorized users." For more, go to: <http://security.gentoo.org/glsa/glsa-200409-35.xml> HP patches Command View XP A flaw in HP's Command View XP for StorageWorks allows a local user to bypass access restrictions. Users looking for a patch should login to the HP's resource site: <http://www.nwfusion.com/go2/1011bug1b.html> Debian releases fix for freenet6 A configuration file in freenet6, a IPv6 tunneling package, is set to readable. This could potentially be exploited to obtain username and password information. For more, go to: <http://www.debian.org/security/2004/dsa-555> Trustix releases another "multi" Trustix has rolled out another service pack of sorts. This one covers flaws in gettext, ghostscript, glibc, groff, gzip, kerberos5, lvm, mysql, netatalk, openssl, perl, postgresql. For more, go to: <http://www.trustix.org/errata/2004/0050/> Today's roundup of virus alerts: W32/Bagz-B - An e-mail virus that uses a variety of subject line and attachment names to spread. The attachment is a ZIP file. No word on any permanent damage caused by this virus. (Sophos) W32/Forbot-AV - This Forbot variant uses the filename "win32usb.exe" as its infection point. It spreads via network shares and can be used for a variety of applications. (Sophos) W32/Forbot-AY - Similar to the above Forbot variant except for the file name used. This variant installs itself as "forboo.exe". (Sophos) W32/Rbot-LT - This worm is capable of deleting network shares and being used as a keylogger. The virus spreads via network shares and installs itself as "LSSRV.EXE". (Sophos) W32/Rbot-LY - Another Rbot variant that spreads via network shares with weak protection. The virus installs itself as "ntfs16.exe" and it can be used as a keylogger, proxy server and other malicious purposes. (Sophos) W32/Agobot-ZV - A worm that installs itself in the Windows System directory as "soundtctrls.exe". It allows backdoor access via IRC, which can be used to feed commands to the worm. (Sophos) W32/Darby-G - According to Sophos, this "is a multi-lingual email, IRC and peer-to-peer worm." This Darby variant uses a random file name for its infection point and can be used to grant backdoor access via IRC. (Sophos) >From the interesting reading department: SANS unveils Top 20 security vulnerabilities IT security and research organization The SANS Institute Friday is set to release its annual Top 20 list of Internet security vulnerabilities, with the intention of offering organizations at least a starting point for addressing critical issues. IDG News Service, 10/08/04. <http://www.nwfusion.com/news/2004/1008sansunvei.html?nl> IBM champions identity management IBM Wednesday introduced services aimed at helping companies build and maintain systems for securing both physical premises and virtual information repositories. Network World Fusion, 10/06/04. <http://www.nwfusion.com/news/2004/1007ibmpartn.html?nl> _______________________________________________________________ To contact: Jason Meserve Jason Meserve is the Multimedia Editor of Network World Fusion and writes about streaming media, search engines and IP Multicast. Jason can be reached at <mailto:[EMAIL PROTECTED]>. Check out his Multimedia Exchange weblog at: <http://www.nwfusion.com/weblogs/multimedia/> _______________________________________________________________ This newsletter is sponsored by Veritas Meta Group Whitepaper Database Infrastructure Performance Challenges: Approaches to Better Manage Application Database and Storage Subsystem Performance Corporate relational databases now manage the majority of business-critical data within the enterprise. IT organizations face continuing challenges in managing increasingly complex, data-driven application environments. Read this white paper to discover several factors which will converge to challenge the IT organization's ability to manage its database software infrastructure. http://www.fattail.com/redir/redirect.asp?CID=84717 _______________________________________________________________ ARCHIVE LINKS Virus and Bug Patch Alert archive: http://www.nwfusion.com/newsletters/bug/index.html Breaking security news, updated daily http://www.nwfusion.com/topics/security.html _______________________________________________________________ FEATURED READER RESOURCE THE NEW DATA CENTER Today's top companies are accelerating toward Web-based computing. That means building the new data center -- where grids, virtualization, autonomic computing and other big changes shatter the traditional boundaries on applications and information, and bring the extended enterprise to life. Learn about The New Data Center on NW Fusion's Research Center at: <http://www.nwfusion.com/topics/datacenter.html> _______________________________________________________________ May We Send You a Free Print Subscription? You've got the technology snapshot of your choice delivered at your fingertips each day. Now, extend your knowledge by receiving 51 FREE issues to our print publication. Apply today at http://www.subscribenw.com/nl2 International subscribers click here: http://nww1.com/go/circ_promo.html _______________________________________________________________ SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World e-mail newsletters, go to: <http://www.nwwsubscribe.com/Changes.aspx> To unsubscribe from promotional e-mail go to: <http://www.nwwsubscribe.com/Preferences.aspx> To change your e-mail address, go to: <http://www.nwwsubscribe.com/ChangeMail.aspx> Subscription questions? Contact Customer Service by replying to this message. This message was sent to: [EMAIL PROTECTED] Please use this address when modifying your subscription. _______________________________________________________________ Have editorial comments? Write Jeff Caruso, Newsletter Editor, at: <mailto:[EMAIL PROTECTED]> Inquiries to: NL Customer Service, Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 For advertising information, write Kevin Normandeau, V.P. of Online Development, at: <mailto:[EMAIL PROTECTED]> Copyright Network World, Inc., 2004 ------------------------ This message was sent to: [EMAIL PROTECTED]
