How about not posting it. If any one wants it they can goto
http://www.sans.org and sub up themselves.
Ronnie
On Friday 06 July 2001 01:15, you wrote:
> I know the debate about posting security warnings is still ongoing, but how
> about I just post this when I get it, its only once a week.
>
> simon
>
>
> LAN Administrator
> Damelin Hatfield
> Tel: 012 342-0755
> Cel: 083 374 1161
>
>
> -----Original Message-----
> From: Network Computing and The SANS Institute
> [mailto:[EMAIL PROTECTED]]
> Sent: Friday, July 06, 2001 4:04 AM
> To: Simon Taplin
> Subject: Security Alert Consensus #104
>
>
> To: Simon Taplin (SD209500)
> Re: Your personalized newsletter
>
> -- Security Alert Consensus --
> Number 104 (01.27)
> Thursday, July 5, 2001
> Created for you by
> Network Computing and the SANS Institute
> Powered by Neohapsis
>
> ----------------------------------------------------------------------
>
> Welcome to SANS' distribution of the Security Alert Consensus.
>
> ----------------------------------------------------------------------
>
> Need to bone up on building wireless infrastructure or provide better
> support for your mobile users? While at N+I 2001 in Atlanta, spend some
> time at the Network Computing Real-World Labs(R) LIVE, where we'll be
> demonstrating Mobile Computing and Wireless Connectivity products,
> technologies and solutions.
>
> WHERE: Georgia World Congress Center, Atlanta, GA
> WHEN: September 9 - 14, 2001
> http://www.networkcomputing.com/marketing/mediakit/events.html
>
> ----------------------------------------------------------------------
>
> Cisco was bitten by two bugs this week: a problem with its SSH
> {01.27.001} implementation and another bug with its on-board HTTP
> servers {01.27.008}. These vulnerabilities should serve as a reminder
> that not only do operating systems need patching and lock-down attention
> but infrastructure equipment does, as well. Security-savvy network
> administrators who have already shutdown the HTTP services on their
> Cisco devices proactively avoided this latest round of HTTP-based
> vulnerabilities.
>
> While organizations should still upgrade their vulnerable IOS and CatOS
> images, proactive lock-down efforts can definitely reduce potential
> risks. It's time to re-embrace some age-old wisdom: "If you aren't using
> it, turn it off."
>
> Until next week,
> --Security Alert Consensus Team
>
> ************************************************************************
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> TABLE OF CONTENTS:
>
> {01.27.007} Linux - Update {01.26.024}: Samba malicious NetBIOS name
> file overwrite
> {01.27.009} Linux - Update {01.25.017}: rxvt command line buffer
> overflow
> {01.27.012} Linux - Update {01.23.002}: gpg file name format string
> vulnerability
> {01.27.013} Linux - Update {01.24.020}: Potential buffer overflow in
> xinetd svc_logprint function
> {01.27.019} Linux - Update {01.18.017}: kdesu creates world-readable
> temp file to hold authentication info
> {01.27.022} Linux - GnatsWeb allows escalated access to files
> {01.27.028} Linux - Update {01.19.014}: Zope ZClasses permission
> remapping
> {01.27.034} Linux - Update {01.24.021}: Scotty ntping host name buffer
> overflow
>
>
> - --- Linux News ---------------------------------------------------------
>
> *** {01.27.007} Linux - Update {01.26.024}: Samba malicious NetBIOS
> name file overwrite
>
> Multiple Linux vendors have issued patches addressing the vulnerability
> discussed in {01.26.024} ("Samba malicious NetBIOS name file
> overwrite").
>
> Updated RedHat RPMs:
> http://archives.neohapsis.com/archives/linux/redhat/2001-q2/0138.html
>
> Updated Caldera RPMs:
> http://archives.neohapsis.com/archives/linux/caldera/2001-q2/0016.html
>
> Updated Immunix RPMs:
> http://archives.neohapsis.com/archives/linux/immunix/2001-q2/0137.html
>
> Updated Trustix RPMs:
> http://archives.neohapsis.com/archives/bugtraq/2001-06/0360.html
>
> Updated SuSE RPMs:
> http://archives.neohapsis.com/archives/linux/suse/2001-q2/1581.html
>
> Updated Mandrake RPMs:
> http://archives.neohapsis.com/archives/bugtraq/2001-07/0002.html
>
> Source: RedHat, SuSE, Caldera, Immunix, Trustix, Mandrake (SF Bugtraq)
> http://archives.neohapsis.com/archives/linux/redhat/2001-q2/0138.html
> http://archives.neohapsis.com/archives/linux/suse/2001-q2/1581.html
> http://archives.neohapsis.com/archives/bugtraq/2001-06/0360.html
> http://archives.neohapsis.com/archives/linux/immunix/2001-q2/0137.html
> http://archives.neohapsis.com/archives/linux/caldera/2001-q2/0016.html
> http://archives.neohapsis.com/archives/bugtraq/2001-07/0002.html
>
> *** {01.27.009} Linux - Update {01.25.017}: rxvt command line buffer
> overflow
>
> Immunix has officially reported that it is not vulnerable to the
> vulnerability discussed in {01.25.017} ("rxvt command line buffer
> overflow"), because the company does not ship rxvt setuid or setgid by
> default.
>
> For Immunix rxvt binary and source update information see:
> http://archives.neohapsis.com/archives/bugtraq/2001-06/0378.html
>
> Source: Immunix
> http://archives.neohapsis.com/archives/linux/immunix/2001-q2/0138.html
>
> *** {01.27.012} Linux - Update {01.23.002}: gpg file name format string
> vulnerability
>
> Caldera has released updated gnupg packages to fix the vulnerability
> discussed in {01.23.002} ("gpg file name format string vulnerability").
>
> Updated Caldera packages are listed at:
> http://archives.neohapsis.com/archives/linux/caldera/2001-q2/0011.html
>
> Source: Caldera
> http://archives.neohapsis.com/archives/linux/caldera/2001-q2/0011.html
>
> *** {01.27.013} Linux - Update {01.24.020}: Potential buffer overflow
> in xinetd svc_logprint function
>
> Multiple Linux vendors have released updated xinetd packages to fix the
> vulnerability discussed in {01.24.020} ("Potential buffer overflow in
> xinetd svc_logprint function").
>
> Updated SuSe RPMs:
> http://archives.neohapsis.com/archives/linux/suse/2001-q2/1582.html
>
> Updated EnGarde RPMs:
> http://archives.neohapsis.com/archives/bugtraq/2001-06/0412.html
>
> Updated Immunix RPMs:
> http://archives.neohapsis.com/archives/linux/immunix/2001-q2/0142.html
> Updated Conectiva RPMs:
> http://archives.neohapsis.com/archives/linux/conectiva/2001-q2/0016.html
>
> Source: SuSe, EnGarde, Immunix, Conectiva
> http://archives.neohapsis.com/archives/linux/suse/2001-q2/1582.html
> http://archives.neohapsis.com/archives/linux/engarde/2001-q2/0010.html
> http://archives.neohapsis.com/archives/linux/immunix/2001-q2/0142.html
> http://archives.neohapsis.com/archives/linux/conectiva/2001-q2/0016.html
>
> *** {01.27.019} Linux - Update {01.18.017}: kdesu creates
> world-readable temp file to hold authentication info
>
> Mandrake has released updated kdelib packages to fix the vulnerability
> discussed in {01.18.017} ("kdesu creates world-readable temp file to
> hold authentication info").
>
> Updated RPMs are listed at:
> http://archives.neohapsis.com/archives/bugtraq/2001-06/0382.html
>
> Source: Mandrake (SF Bugtraq)
> http://archives.neohapsis.com/archives/bugtraq/2001-06/0382.html
>
> *** {01.27.022} Linux - GnatsWeb allows escalated access to files
>
> GnatsWeb versions 2.7, 2.8.0, 2.8.1, 3.95 and 4.0 contain a
> vulnerability in the new help file system that allows a remote attacker
> to read or execute files accessible by the Web server. The vulnerability
> allows file execution if a file name value is provided in a request URL
> without checking the file name.
>
> RedHat/GNATS has confirmed the problem and released a patch:
> http://sources.redhat.com/gnats/gnatsWeb/advisory-jun-26-2001.html
>
> Source: Redhat / GNATSWeb Security Advisory
> http://archives.neohapsis.com/archives/bugtraq/2001-06/0365.html
>
> *** {01.27.028} Linux - Update {01.19.014}: Zope ZClasses permission
> remapping
>
> Conectiva has released updated Zope packages to fix the vulnerability
> discussed in {01.19.014} ("Zope ZClasses permission remapping ").
>
> Updated RPMs are listed at:
> http://archives.neohapsis.com/archives/linux/conectiva/2001-q2/0017.html
> Source: Conectiva
> http://archives.neohapsis.com/archives/linux/conectiva/2001-q2/0017.html
>
> *** {01.27.034} Linux - Update {01.24.021}: Scotty ntping host name
> buffer overflow
>
> SuSE has released updated Scotty packages to fix the vulnerability
> discussed in {01.24.021} ("Scotty ntping host name buffer overflow").
>
> Updates RPMs are listed at:
> http://archives.neohapsis.com/archives/linux/suse/2001-q3/0011.html
>
> Source: SuSE
> http://archives.neohapsis.com/archives/linux/suse/2001-q3/0011.html
>
> ************************************************************************
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.0.6 (BSD/OS)
> Comment: For info see http://www.gnupg.org
>
> iD8DBQE7RREa+LUG5KFpTkYRArtoAJ4zFwJDApLpYNZbovD/jxG7M8+cawCgldw6
> omSdnYuOd4OKp7OtrG9gX74=
> =m08v
> -----END PGP SIGNATURE-----
> ------------------------------------------------------------------------
>
> Need to bone up on building wireless infrastructure or provide better
> support for your mobile users? While at N+I 2001 in Atlanta, spend some
> time at the Network Computing Real-World Labs(R) LIVE, where we'll be
> demonstrating Mobile Computing and Wireless Connectivity products,
> technologies and solutions.
>
> WHERE: Georgia World Congress Center, Atlanta, GA
> WHEN: September 9 - 14, 2001
> http://www.networkcomputing.com/marketing/mediakit/events.html
>
> ----------------------------------------------------------------------
>
> Become a Security Alert Consensus member! If this e-mail was passed to
> you and you would like to begin receiving our security e-mail newsletter
> on a weekly basis, we invite you to subscribe today.
> http://www.sans.org/sansnews/.
>
> We are signing the Consensus newsletter with PGP. The new SANS PGP key
> is posted at:
> http://certserver.pgp.com:11371/pks/lookup?op=get&search=0xA1694E46 and
> can be accessed from the SANS Web site (http://www.sans.org).
>
> Special Note: To better secure your confidential information, we will
> no longer include personal URLs in our Consensus newsletter mailings.
> Instead, we have created a new form (http://www.sans.org/sansurl). On
> this form you can enter the SD number located near your name at the top
> of the newsletter. When you submit this form, an e-mail containing a
> URL will be sent to you at the e-mail address on record. With this URL
> you can make changes to your account (edit the content of your Consensus
> mailing, for example) without endangering the security of your personal
> URL. If you'd like to change your e-mail address or other information,
> or unsubscribe to this newsletter, please visit your new URL as
> described above. If you have any problems or questions, e-mail us at
> <[EMAIL PROTECTED]>.
>
> Missed an issue? You can find all back issues of Security Alert
> Consensus (and Security Express) online. http://archives.neohapsis.com/
>
> Your opinion counts. We'd like to hear your thoughts on Security Alert
> Consensus. E-mail any questions or comments to <[EMAIL PROTECTED]>.
>
> Copyright (c) 2001 Network Computing, a CMP Media LLC publication. All
> Rights Reserved. Distributed by Network Computing
> (http://www.networkcomputing.com) and The SANS Institute
> (http://www.sans.org). Powered by Neohapsis Inc., a Chicago-based
> security assessment and integration services consulting group
> ([EMAIL PROTECTED] | http://www.neohapsis.com/).
>
>
> _______________________________________________
> http://linux.nf -- [EMAIL PROTECTED]
> Archives, Subscribe, Unsubscribe, Digest, Etc
> ->http://linux.nf/mailman/listinfo/linux-users
--
Ronnie
==================
Life can be a dream; or it can be a nightmare
it's all in your mind
_______________________________________________
http://linux.nf -- [EMAIL PROTECTED]
Archives, Subscribe, Unsubscribe, Digest, Etc
->http://linux.nf/mailman/listinfo/linux-users
