* Patches from Red Hat, SuSE, F-Secure, others * Beware three Trojan horses hitting certain mobile phones Today’s bug patches and security alerts:Red Hat, SuSE patch critical KDE security holeRed Hat and SuSE have released patches for a critical security hole in their Linux distributions that stem from a vulnerability in the KDE desktop environment. IDG News Service, 01/23/06.http://www.networkworld.com/news/2006/012306-redhat-suse-hole.html KDE advisory:https://www.kde.org/info/security/advisory-20060119-1.txt Other related fixes:Debian:https://www.debian.org/security/2006/dsa-948Gentoo:https://security.gentoo.org/glsa/glsa-200601-11.xmlMandriva: https://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:019Red Hat:https://rhn.redhat.com/errata/RHSA-2006-0184.htmlSuSE: http://www.networkworld.com/go2/0123bug1a.html**********F-Secure patches anti-virus softwareAnti-virus software vendor F-Secure issued a patch for a wide range of its products Thursday after a security researcher in Luxembourg reported vulnerabilities to the company. IDG News Service, 01/20/06.http://www.networkworld.com/news/2006/012006-f-secure-patch.htmlF-Secure advisory:https://www.f-secure.com/security/fsc-2006-1.shtml**********Cisco product flaws affect VoIP gear, routersA triad of Cisco product vulnerabilities could cause problems for users of the company’s IP PBXs and certain routers, Cisco warned this week. NetworkWorld.com, 01/19/06.http://www.networkworld.com/news/2006/011906-cisco-voip-flaw.htmlCisco Call Manager privilege escalation advisory:https://www.cisco.com/warp/public/707/cisco-sa-20060118-ccmpe.shtml**********HP patches ftpd for HP-UXA remote denial-of-service vulnerability has been found in the FTP Daemon (ftpd) for HP-UX. Patches have been released and can be downloaded by logging into the HP IT Resource Center:https://itrc.hp.com**********Gentoo patches Sun and Blackdown JavaAccording to Gentoo, “Sun’s and Blackdown’s JDK or JRE may allow untrusted applets to elevate their privileges.” Fixes are available. For more, go to:https://security.gentoo.org/glsa/glsa-200601-10.xml**********Recent updates from Debian:sudo (code execution):https://www.debian.org/security/2006/dsa-946ClamAV (heap overflow, code execution):https://www.debian.org/security/2006/dsa-947crawl (privilege escalation):https://www.debian.org/security/2006/dsa-949**********New updates from Mandriva:mod_auth_ldap (code execution):https://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:017kernel (multiple flaws):https://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:018**********Today’s roundup of virus alerts:New Trojan horses threaten cell phonesThree new malicious programs are hitting certain mobile phones, anti-virus companies have warned. The Trojan horses, or programs that are disguised as legitimate applications, spread via Bluetooth or multimedia messages and can affect phones running the Symbian operating system. IDG News Service, 01/23/06.http://www.networkworld.com/news/2006/012306-trojan-symbian.htmlNyxem worm programmed to overwrite data files on Feb. 3Anti-virus vendors are warning of a rapidly-spreading worm that is carrying a potentially destructive set of instructions. The Nyxem worm – also nicknamed the Kama Sutra worm – is programmed to overwrite all of the files on computers it infects on Feb. 3, said Mikko Hypponen, chief research officer at F-Secure. IDG News Service, 01/23/06.http://www.networkworld.com/news/2006/012306-nyxem-worm.htmlW32/Zotob-K — A mass mailing worm that masquerades as a message warning of a password or account expiration. It will usually come with a double-extension attachment. It drops “wininit.exe” in the Windows System folder and can allow backdoor access via IRC. (Sophos)W32/Kookoo-A — This Trojan spreads through network shares and allows backdoor access to the infected machine. It drops “oledsp32.dll” in the Windows System folder and can be used as a proxy server. (Sophos)Troj/Brospy-K — A Trojan that monitors Web activity, looking for password and other user data. It’s installed as “msnscps.dll” in the Windows System folder. (Sophos)Troj/Clagger-D — An e-mail worm that spreads through a message claiming to be a credit card overdraft notice. It will have an attachment called “file1185.exe”. It is used to bypass the Windows Firewall and download additional malicious code. (Sophos)W32/Rbot-LT — Yet another Rbot variant that exploits known Windows flaws as it spreads through network shares and allows backdoor access via IRC. It is installed as “LSSRV.EXE” in the Windows System folder. It also captures keystrokes to “KEY32.TXT”. (Sophos)Troj/QQRob-CY — A Trojan that drops two files in the Windows System folder: “svchsot.exe” and “check.dll”. It can be used to drop additional code on the infected host. (Sophos) Related content news analysis Cisco, AWS strengthen ties between cloud-management products Combining insights from Cisco ThousandEyes and AWS into a single view can dramatically reduce problem identification and resolution time, the vendors say. By Michael Cooney Nov 28, 2023 4 mins Network Management Software Cloud Computing opinion Is anything useful happening in network management? Enterprises see the potential for AI to benefit network management, but progress so far is limited by AI’s ability to work with company-specific network data and the range of devices that AI can see. By Tom Nolle Nov 28, 2023 7 mins Generative AI Network Management Software brandpost Sponsored by HPE Aruba Networking SASE, security, and the future of enterprise networks By Adam Foss, VicePresident Pre-sales Consulting, HPE Aruba Networking Nov 28, 2023 4 mins SASE news AWS launches Cost Optimization Hub to help curb cloud expenses At its ongoing re:Invent 2023 conference, the cloud service provider introduced several new and free updates that are expected to help enterprises optimize their AWS costs. By Anirban Ghoshal Nov 28, 2023 3 mins Amazon re:Invent Podcasts Videos Resources Events NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe