Lotus Domino/Notes flaws detailed

Today’s bug patches and security alerts:

Lotus Domino/Notes flaws detailed

iDefense and Secunia have released advisories outlining various flaws in Lotus Notes and Domino. iDefense claims there’s a DoS vulnerability in the Domino Server’s LDAP components. Fortunately, a fix is available from Lotus.

Secunia has a number of Notes/Domino advisories and potential workaround:

Domino iNotes Client Script Insertion Vulnerabilities

Notes HTML Speed Reader Link Buffer Overflows

Notes Multiple Archive Handling Directory Traversal

Notes TAR Reader File Extraction Buffer Overflow

Notes UUE File Handling Buffer Overflow

Notes ZIP File Handling Buffer Overflow

**********

SuSE patches “empty RPATH” vulnerabilities

A flaw in the GNU linker ‘ld’ could leave empty RPATH components, which could be exploited to run arbitrary code on the affected machine. The affected applications include binutils, kdelibs3, kdegraphics3, koffice, dia, and lyx.

**********

Trustix releases new ‘multi’ update

The latest update from Trustix fixes flaws in the kernel, fcron and unzip. An attacker could exploit flaws in previous versions of these programs to gain elevated privileges and run malicious code.

**********

Sony Ericsson phones vulnerable to DoS attacks

If you use a Sony Ericsson Mobile Communications mobile phone, you may want to disable the Bluetooth function, the French Security Incident Response Team warned this week, saying a security vulnerability potentially puts the phones at risk to a denial-of-service attack. IDG News Service, 02/10/06.

**********

Ubuntu patches heimdal

According to an alert from Ubuntu, “A privilege escalation flaw has been found in the heimdal rsh (remote shell) server. This allowed an authenticated attacker to overwrite arbitrary files and gain ownership of them.”

**********

Mandriva issues fix for groff

According to a Mandriva alert, “The Groffer utility, part of the groff package, created a temporary directory in an insecure way which allowed for the exploitation of a race condition to create or overwrite files the privileges of the user invoking groffer.”

**********

Recent updates from Debian:

Elog (several flaws)

adzapper (denial of service)

**********

Today’s roundup of virus alerts:

W32/Bagle-CJ — A new Bagle variant that spreads through peer-to-peer networks and e-mail. The e-mail version spreads through a message that looks like an account/billing warning and will have an attachment names “Generated_bill”, Order_details” or “Service_receipt”. It drops “regmaping.exe” in the Windows System folder and “winresw.exe” in the Windows directory. (Sophos)

Troj/Drsmartl-L — A virus that can be used to download and install additional malicious software on the infected host. No other details were given. (Sophos)

Troj/Swizzor-AW — This Trojan downloads adware from the Internet to display ads on the infected host. It may drop such files as “Website Hosting.lnk”, “Bingo.lnk” and “Casino Online.lnk” in the Favorites directory. (Sophos)

W32/Rbot-CCY — This Rbot variant spreads through network shares by exploiting weak passwords and known Windows flaws. It drops “msnse.exe” in the Windows System folder and allows backdoor access via IRC. (Sophos)

**********

From the interesting reading department:

DHS completes large-scale cyber attack simulation

The Department of Homeland Security (DHS) has completed the first full-scale government-led cyber attack simulation, and officials there called the exercise a “significant milestone.” IDG News Service, 02/10/06.