Search /
Docfinder:
Advanced search  |  Help  |  Site map
RESEARCH CENTERS
SITE RESOURCES
Click for Layer 8! No, really, click NOW!
Networking for Small Business
TODAY'S NEWS
Apple tops the $100B+ tech club
How to get the IRS' attention: Forge nearly $8 million in tax returns, steal identities
Microsoft details Windows 8 for ARM devices
Blogger exposes major Google Wallet security flaw
Web app lets enterprise set security, sharing for Google Apps users
Cloudscaling to offer OpenStack private cloud platform
Valentine's Day Patch Tuesday: Microsoft to issue 9 patches, 4 critical
Mobile World Congress sneak peek: Quad-core smartphones, Ice Cream Sandwich & more
Microsoft details 'Windows on ARM' program
March debut of 'iPad 3' a sure bet, says analyst
Resume Makeover: How an Information Security Professional Can Target CSO Jobs
FBI unbolts Steve Jobs 1991 investigation file
Cisco boosted profit, sales in Q2 while cutting costs
Macs take on the enterprise
/

Jennifer Lopez naked?

Related linksToday's breaking news
Send to a friendFeedback

Sign up to receive this and other networking newsletters in your inbox.

By Jason Meserve
Network World Security and Bug Patch Alert, 05/30/01

Oh boy, this one has the potential to be a big virus: A new version of the LoveLetter virus is " in the wild " that comes with an attachment claiming to be a naked picture of movie/music star Jennifer Lopez. The recent Anna Kournikova virus proved that sex sells, even if it is a virus.

The particulars on this one include a subject line of " Where are you? " , body text of "This is my pic in the beach!" and an attachment called " JENNIFERLOPEZ_NAKED.JPG.vbs " . If you really want to see Jennifer Lopez sans clothing, just watch the next major awards show – she's bound to show up without clothes eventually.

In other virus news, a hoax is going around that could convince Windows 95 and 98 users to delete an innocuous file off their systems. According to a story published by the IDG News Service, " The warning tells users to delete the sulfnbk.exe file, a utility used to restore long file names. The file isn't usually infected, and running a virus check on it will prove fruitless, which just adds to the hoax's credibility. The message warns people that it's a virus undetectable by antivirus software. Diligent users who search for the file and find it may presume the warning was accurate and delete it. "

For more on the hoax:

www.nwfusion.com/news/2001/0530virus.html

Today's bug patches and security alerts:

* NetBSD warns of denial of service vulnerability

NetBSD says it is possible to stop a NetBSD node from communicating by bombarding it with fragmented IPv4 packets. The NetBSD advisory says that for the attack to be effective, the attacker needs to have good network connectivity to the victim node (such as being logged onto the victim machine itself or connected by a fat LAN). For more information:

ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-006.txt.asc

* IP filter bypass possible

According to a NetBSD alert, " IP Filter (ipf) - the IP packet filtering software in NetBSD - has a bug where the checks on a fragmented packet are incomplete and it may be possible to abuse this to bypass filter rules. " For more information on this:

ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-007.txt.asc

* NetBSD patches sh3

According to NetBSD, " Missing validation of user-supplied arguments to a system call can allow user applications on the sh3 platform to execute code with supervisor privileges, bypassing normal system protections. This problem is only present on the sh3 platform, which includes the dreamcast, evbsh3, hpcsh and mmeye ports. " For more:

ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-008.txt.asc

* FreeBSD warns of security holes in icecast

FreeBSD is urging users to upgrade to the latest version of icecast, an application for serving up MP3 audio files. Previous releases contained number format string vulnerabilities that could allow a malicious user to run arbitrary code on the affected system. Intel processor users can download new icecast packages from:

ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/audio/icecast-1.3.10.tgz

ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-5-current/audio/icecast-1.3.10.tgz

* Samba fix available for FreeBSD

Samba, the service message block protocol used in Linux operating systems, contains a temporary file race condition. This flaw could be exploited to overwrite arbitrary files on the affected system. Intel processor users can download new Samba packages from:

ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/net/samba-2.0.9.tgz

ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-5-current/net/samba-2.0.9.tgz

ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/net/samba-devel-2.2.0.tgz

ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-5-current/net/samba-devel-2.2.0.tgz

* Linux-Mandrake, Immunix release gnupg patches

A patch is available to Linux-Mandrake and ImmunixOS users that fixes a format string vulnerability in gnupg, an open source version of PGP for Linux. The flaw could be exploited to invoke shell commands with the privileges of the logged in user. For more information and to download a patch, Linux-Mandrake users can point to:

www.linux-mandrake.com/en/security/2001/MDKSA-2001-053.php3

Immunix users can get more information and links to patches at:

download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-023-01

General information can be found at:

www.gnupg.org/download.html

* SuSE, Immunix patch man packages

A couple of bugs in man (a tool for looking up online manual pages on Linux and Unix systems) could allow a malicious user to gain root access to the affected machine. More information will be available shortly for SuSE users, including links to patches, at:

www.suse.com/us/support/security/index.html

ImmunixOS users can get more information and patches from:

download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-021-01

* Immunix updates Kerberos package

According to an Immunix alert, there is " a possible buffer overflow in the kerberos gssapi-aware ftpd in the krb5-workstation package that is included in all versions of Immunix OS. " Immunix believes StackGuard will protect against this flaw, but is urging users to upgrade anyway. For more information and download links:

download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-022-01

Today's roundup of virus alerts:

* Vigilante warns of improperly cleaned backdoor virus

Security software vendor Vigilante is warning that system administrators may not be properly removing the sadmind/IIS worm from their systems. The worm can be used as a backdoor for hackers to enter an infected machine and deface Web pages as well as cause other damage. It turns out that some people have cleaned the initial virus, but did not remove the backdoor program the virus drops, leaving the system vulnerable. For more information on this:

www.cert.org/advisories/CA-2001-11.html

* WM97/Marker-HL - A Word macro virus that infects documents and creates a non-viral file called " version.dat " . (Sophos)

From the interesting reading department:

* SuSE enhances multimedia, security of Linux OS

Linux vendor SuSE Linux Tuesday announced it would release an upgrade to the SuSE Linux 7.1 operating system. SuSE Linux 7.2 will be available directly from the company and software retailers starting June 15, according to the company.

www.nwfusion.com/news/2001/0530suslin.html

IDG News Service, 05/30/01

* Microsoft says upgrade now or pay big later

IT executives could face millions of dollars in extra costs to upgrade to the newest version of Microsoft Office, which ships this week, if they don't buy upgrade packages before the software giant's new license and maintenance program begins in four months.

www.nwfusion.com/news/2001/0528office.html

Network World, 05/28/01

* Free archives

All our newsletters are archived on Fusion, where you can access them for free. Yes, free! So come on down:

www.nwfusion.com/newsletters/bug/index.html

RELATED LINKS

Jason Meserve is the Multimedia Editor of Network World Fusion and writes about streaming media, search engines and IP Multicast. Jason can be reached at jmeserve@nww.com.

Security and Bug Patch Alert archive
Past newsletters.


NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!
New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE
Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.