Linux Today SECURITY LETTER FOR JUNE 9, 2000 Latest Security News for the Linux and Open Source Community. ------------------------------------------------------------------ ------------------------------------------------------------------ TODAY'S LINUX SECURITY NEWS: ------------------------------------------------------------------ LWN: OPENSSH 2.1.1 RELEASED "We've been completely blown away by the number of people who a switching from commercial ssh to openssh, with over 250,000 people visiting the our web page in the last 3 months." COMPLETE STORY: http://lwn.net/daily/openssh2.1.1.php3 ------------------------------------------------------------------ LKAP: LINUX KERNEL AUDITING PROJECT "It's an attempt to audit the linux kernel for any security vulnerabilities and/or holes and/or possible vulnerabilities and/or possible holes, and of course without adding more bugs or drawbacks to the existing kernels." COMPLETE STORY: http://linuxtoday.com/story.php3?sn=23124 ------------------------------------------------------------------ SJ MERCURY/AP: MALICIOUS PROGRAM EMBEDDED ON HOME COMPUTERS LINKED TO INTERNET "The FBI will meet with experts from a security company Friday to discuss the firm's discovery that hackers have embedded a malicious program disguised as a movie clip on 2,000 commercial and home computers, positioning themselves to launch an attack designed to shut down Web sites." COMPLETE STORY: http://www.sjmercury.com/svtech/news/breaking/merc/docs/036282.htm ------------------------------------------------------------------ CNN: FBI PROBES NEW HACKER ATTACK REPORTED BY SECURITY COMPANY "When a fake movie clip is activated, the executable program -- called "Serbian Badman Trojan" -- runs without any visible clues to the user, NETSEC said. The program sends passwords, network details and other information to the hackers." COMPLETE STORY: http://www.cnn.com/2000/TECH/computing/06/09/hacker.attack.02/index.html /-------------------------------------------------------------------\ RECEIVE VALUABLE LINUX / OPEN SOURCE INFORMATION BY E-MAIL Subscribe to our Linux / Open Source e-mail lists today and you'll receive targeted mailings that will notify you of products and services that meet your interests. Subscribers to these free lists will receive occasional e-mailed announcements of special offers relating to Linux / Open Source. Sign up today at http://e-newsletters.internet.com/mailinglists.html \--------------------------------------------------------------adv.-/ ------------------------------------------------------------------ CONECTIVA LINUX SECURITY ANNOUNCEMENT - KERNEL "By constructing an environment where a certain capability is set, the loss of root privileges doesn't work and the privileged program keeps on taking its action, but as root, not as a normal user as it was intended to do." COMPLETE STORY: http://linuxtoday.com/story.php3?sn=23143 ------------------------------------------------------------------ CALDERA SYSTEMS SECURITY ADVISORY: SERIOUS BUG IN SETUID() "There is a serious vulnerability in the Linux kernel that allows local users to obtain root privilege by exploiting certain setuid root applications." COMPLETE STORY: http://linuxtoday.com/story.php3?sn=23148 ------------------------------------------------------------------ Visit the other sites in the Linux Channel: Linux Planet <http://www.linuxplanet.com>, LinuxStart <http://www.linuxstart.com>, Linux Central <http://www.linuxcentral.com>, and JustLinux <http://www.justlinux.com>. Also, check out the ISP-Linux Moderated Digest <http://isp-lists.isp-planet.com/moderated/isp-linux/>. ------------------------------------------------------------------ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ For information about advertising in this newsletter, contact Frank Fazio, Director of Inside Sales, internet.com Corporation Call (203)662-2997 or write mailto:[EMAIL PROTECTED] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ This newsletter is published by internet.com Corporation http://internet.com - The Internet Industry Portal ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ To learn about other free newsletters offered by internet.com or to change your subscription - http://e-newsletters.internet.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ internet.com's network of more than 100 Websites are organized into 14 channels... Internet Technology http://internet.com/sections/it.html E-Commerce/Marketing http://internet.com/sections/marketing.html Web Developer http://internet.com/sections/webdev.html Windows Internet Technology http://internet.com/sections/win.html Linux/Open Source http://internet.com/sections/linux.html Internet Resources http://internet.com/sections/resources.html Internet Lists http://internet.com/sections/lists.html ISP Resources http://internet.com/sections/isp.html Downloads http://internet.com/sections/downloads.html International http://internet.com/sections/international.html Internet News http://internet.com/sections/news.html Internet Stocks/VC http://internet.com/sections/stocks.html ASP Resources http://internet.com/sections/asp.html Wireless Internet http://internet.com/sections/wireless.html ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ To find an answer - http://search.internet.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ For information on reprinting or linking to internet.com content: http://internet.com/corporate/permissions.html ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Copyright (c) 2000 internet.com Corporation ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -------------------------------------------------------------------------- Utk berhenti langganan, kirim email ke [EMAIL PROTECTED] Informasi arsip di http://www.linux.or.id/milis.php3 Pengelola dapat dihubungi lewat [EMAIL PROTECTED]
