Search /
Docfinder:
Advanced search  |  Help  |  Site map
RESEARCH CENTERS
SITE RESOURCES
Click for Layer 8! No, really, click NOW!
Networking for Small Business
TODAY'S NEWS
Apple tops the $100B+ tech club
How to get the IRS' attention: Forge nearly $8 million in tax returns, steal identities
How the Phoenix Suns basketball team takes on social media attacks
Microsoft details Windows 8 for ARM devices
Blogger exposes major Google Wallet security flaw
Web app lets enterprise set security, sharing for Google Apps users
Cloudscaling to offer OpenStack private cloud platform
Macs take on the enterprise
Valentine's Day Patch Tuesday: Microsoft to issue 9 patches, 4 critical
Mobile World Congress sneak peek: Quad-core smartphones, Ice Cream Sandwich & more
Microsoft details 'Windows on ARM' program
March debut of 'iPad 3' a sure bet, says analyst
Resume Makeover: How an Information Security Professional Can Target CSO Jobs
FBI unbolts Steve Jobs 1991 investigation file
/

Bug Alert: Flaw in PGP plug-in for Outlook

Related linksToday's breaking news
Send to a friendFeedback

Sign up to receive this and other networking newsletters in your inbox.

By Jason Meserve
Security and Bug Patch Alert, 07/10/02

Today's bug patches and security alerts:

Flaw found in Pretty Good Privacy plug-in

Network Associates has released a patch for PGP Desktop Security 7.0.4, PGP Personal Security 7.0.3 and PGP Freeware 7.0.3. A flaw in the plug-in for Outlook could allow malicious user to run arbitrary code on the affected machine and possibly read encrypted messages. For more, go to:

www.nai.com/naicommon/download/upgrade/patches/patch-pgphotfix.asp

Security holes patched in SQL Server, Outlook PGP

www.nwfusion.com/news/2002/0711pgppatch.html

**********

Flaw in iPlanet Web server lets attackers run code

A security vulnerability in the search feature of Sun's iPlanet Web server can allow attackers to execute code of their choice on remote iPlanet servers, according to a security advisory released Tuesday by Next Generation Security Software. IDG News Service, 07/09/02.

Story:

www.nwfusion.com/news/2002/0709iplanet.html

Related patches:

iPlanet 4.1 users:

wwws.sun.com/software/download/download/5261.html

iPlanet 6.0 users:

wwws.sun.com/software/download/download/5262.html

**********

Researchers reveal new IE, Outlook security flaw

Researchers have identified a fresh security flaw in Microsoft's Internet Explorer Web browser and Outlook e-mail client which can leave systems open to malicious code inserted in e-mails or Web pages, network security consultancy Pivx Solutions LLC said Wednesday. IDG News Service, 07/11/02.

Story:

www.nwfusion.com/news/2002/0711ieoutflaw.html

Microsoft has not issued an advisory as of this writing.

Microsoft releases cumulative patch for SQL

This patch fixes all previously disclosed vulnerabilities in Microsoft SQL Server as well as three new vulnerabilities. The new flaws include two buffer overflow possibilities and a potential for privilege elevation. In the case of the buffer overflows, a malicious user could run arbitrary code on the affected machine. For more, go to:

www.microsoft.com/technet/security/bulletin/ms02-034.asp

SQL Server installation may leave passwords

Microsoft is warning users who install SQL Server that passwords used at the time of the install may be left in temporary files that are not properly deleted. This information could be stored in clear text and be used in the future to gain administrator access to the affected machine. For more, go to:

www.microsoft.com/technet/security/bulletin/ms02-035.asp

**********

Mac OS X Software Update security issue uncovered

Apple has been using an automated system to update users computers on Mac OS X since the software was first released over a year ago. According to the Bug Traq Security list, Mac OS X's implementation of the Software Update is vulnerable to attack. MacCentral.com, 07/09/02.

Story:

www.nwfusion.com/news/2002/0709mac.html

**********

CERT: Multiple Vulnerabilities in CDE ToolTalk

CERT is warning of two flaws in the Common Desktop Environment (CDE) ToolTalk RPC database server for Unix. The first flaw could be exploited by a malicious user to delete and execute code or cause a denial of service against the affected machine. The second flaw potentially could be exploited to overwrite certain files with arbitrary code. For more, go to:

www.cert.org/advisories/CA-2002-20.html

**********

SuSE Linux issues Squid security alert

SuSE Linux AG Tuesday announced it has detected five security vulnerabilities in the version of the Squid Web cache software included in its Linux distribution. The severity of the errors in the package ranges from harmless to critical, according to SuSE in Nurnberg, Germany. The company points to vulnerabilities in gopher clients and the FTP directory parsing code, which could "remotely execute code introduced by attackers." IDG News Service, 07/10/02.

Story:

www.nwfusion.com/news/2002/0710susealert.html

Related patch information:

lists2.suse.com/archive/suse-security-announce/2002-Jul/0001.html

**********

More resolver patches available

As we've been reporting, a flaw in the code used to resolve DNS queries could be exploited by a malicious user in a denial-of-service attack or to execute arbitrary code on the affected system. Additional patches are now available:

SuSE:

lists2.suse.com/archive/suse-security-announce/2002-Jul/0002.html

IBM:

Version 4.3 and 5.1 are affected. IBM says fixes will the released in the following APARs:

AIX 4.3:

IY32719

AIX 5.1:

IY32746

OpenPKG:

www.openpkg.org/security/OpenPKG-SA-2002.006-bind.html

**********

DoS vulnerability in Watchguard Firebox Dynamic VPN Configuration Protocol

Peter Grundl has discovered a flaw in the VPN Configuration Protocol used by the Watchguard Firebox. A malicious user could send a malformed request to the server, causing it to crash. Users can upgrade to Version 6.x to fix the problem.

Watchguard Web site:

www.watchguard.com/

**********

Red Hat patches psmisc

A flaw in the psmisc package used to manage system processes could cause the wrong process to be terminated accidentally. A new version of the package is available to fix the bug. For more, go to:

rhn.redhat.com/errata/RHBA-2002-090.html

**********

Conectiva patches ethereal

The ethereal network-monitoring tool is vulnerable to attack by a malicious user using specially crafted packets. The net result could be a denial of service attack or arbitrary code execution. For more, go to:

distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000505

**********

Mandrake Linux updates kernel

A couple of vulnerabilities have been found in version 2.2 and 2.4 of the Mandrake Linux kernel. The flaws could be exploited to crash the affected machine or to open unwanted ports in certain firewall implementations. For more, go to:

www.linux-mandrake.com/en/security/2002/MDKSA-2002-041.php

Patch for LPRng available

A flaw in the LPRng configuration for Mandrake Linux could allow a print job submission from any remote host. This new release sets limits on which hosts can print using the server. For more, go to:

www.linux-mandrake.com/en/security/2002/MDKSA-2002-042.php

**********

Today's roundup of virus alerts:

W32/Nahata-F - A virus that attempts to spread via IRC and e-mail but has limited functionality. (Sophos)

XM97/Momac-A - An Excel macro virus that copies itself from one open file to another. No word on the damage it may cause. (Sophos)

W32/Tinit-B - A virus that attempts to infect network shares attached to the affected machine. Sophos has only received one copy of this virus so the chances of it spreading are low. (Sophos)

W32/Gunsan-A - A Windows virus that spreads via e-mail and IRC. The infected e-mail messages will have a single-space character as a subject line and an attachment called "tast.exe". It attempts to delete a number of file types on the infected machine. (Sophos)

WM97/Marker-KR - A Word macro virus that tries to append information gathered from the infected machine on to the end of the macro code. (Sophos)

Troj/Flood-O - A backdoor program that uses modified mIRC32 code to infect the target machine. Once infected, an attacker can access the machine remotely via IRC. (Sophos)

W32/Datom-A - Another Windows worm that spreads via shared network resources. The virus will seek out other Windows machines on the network to infect. (Sophos)

**********

From the interesting reading department:

Study: Internet attacks up 28% in 2002

The Internet is an increasingly dangerous place for companies, with cyberattacks up 28% for the first half of 2002 over the last half of 2001, according to a new report released Monday by security services company Riptech. IDG News Service, 07/08/02.

www.nwfusion.com/news/2002/0708netattacks.html

President's advisor predicts cybercatastrophes unless security improves

In his keynote address at an information technology auditing conference here, Howard Schmidt, President Bush's advisor on cybersecurity, predicted that networks operated in the U.S. and abroad are likely to be brought down by catastrophic events unless security greatly improves. Network World Fusion, 07/09/02.

www.nwfusion.com/news/2002/0709schmidt.html

View from the White House

One of the most interesting lectures at the Sixth National Colloquium on Information Systems Security Education last month in Seattle was given by Dick Clarke, special advisor to the president on cyberspace security. Network World Security Newsletter, 07/01/02.

www.nwfusion.com/newsletters/sec/2002/01416242.html

**********

Archives online

It's tough being inside on these beautiful New England summer days. Keep up with all the latest alerts using our online archives:

www.nwfusion.com/newsletters/bug/index.html

RELATED LINKS

Jason Meserve is the Multimedia Editor of Network World Fusion and writes about streaming media, search engines and IP Multicast. Jason can be reached at jmeserve@nww.com.

Security and Bug Patch Alert archive
Past newsletters.


NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!
New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE
Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.