* Patches from HP, Gentoo, others * Beware Lovegate variant * CyberGuard makes bid for Secure Computing, and other interesting reading Today’s bug patches and security alerts:Mozilla moves to fix security vulnerabilityThe Mozilla Foundation has urged users of its open-source Mozilla Application Suite, Firefox browser and Thunderbird e-mail client to download a small patch to work around a security vulnerability discovered Thursday. IDG News Service, 07/09/04.https://www.nwfusion.com/news/2004/0709mozilmoves.html?nl Mozilla advisory:https://www.mozilla.org/security/shell.html **********HP patches HP-UX operating systemAccording to an HP alert, “A potential vulnerability has been identified in the HP-UX ARPA Transport which could be exploited by a local user to create a denial of service.” For more, log in to the HP support center:http://itrc.hp.comHP patches ntpA flaw in the network time protocol (ntp) implementation for HP-UX could result in the wrong date and time being set on connected clients. For more, go to: https://h30097.www3.hp.com/unix/security-download.html**********Gentoo patches Pure-FTPdA potential denial-of-service vulnerability has been found in Gentoo’s Pure-FTPd implementation. When the maximum number of connections is reached, the service may crash. For more, go to: https://forums.gentoo.org/viewtopic.php?t=193899**********Password bypass in MySQLNGSSoftware is warning of two flaws in the popular MySQL database system that could be exploited to bypass the database’s authentication system. To fix the problem, users should upgrade to Version 4.1.3. For more, go to:https://www.nextgenss.com/advisories/mysql-authbypass.txtRelated white paper – “Hack Proofing MySQL”:https://www.ngssoftware.com/papers/HackproofingMySQL.pdf**********Eudora attachment spoof fixedThe latest version of the Eudora e-mail client for Windows (Version 6.1.2) contains a number of security fixes, including one that deals with file attachments that come without an extension. For more, go to:https://www.eudora.com/download/eudora/windows/6.1.2/RelNotes.txt**********Ethereal patches from Gentoo, Mandrake LinuxA number of flaws have been found in the Ethereal network monitoring tool. The vulnerabilities could be exploited to crash the system or potentially run the attacker’s code of choice on the machine. For more, go to:Gentoo:https://forums.gentoo.org/viewtopic.php?t=195840Mandrake Linux:https://www.nwfusion.com/go2/0712bug1a.html**********Today’s roundup of virus alerts:W32/Lovgate-AH – Using a variety of infected file names and message types, this virus spreads via e-mail, peer-to-peer networks and network shares with weak passwords. The virus infects all .exe files on the target machines. (Sophos)W32/Lovgate-AG – This Lovegate variant is similar to AH above, but also exploits the Windows RPC vulnerability as a means of spreading. (Sophos)W32/Sdbot-JY – A Sdbot variant that spreads via network shares and installs itself in the Windows System folder as “IEXPLORE32.EXE”. The virus provides backdoor access via IRC and attempts to terminate security-related applications. (Sophos)W32/Rbot-CZ – This pesk spreads via network shares, installing a backdoor utility in the file “WINSYS32.EXE”. It tried to terminate network shares and security-related applications. (Sophos)W32/Rbot-DE – Looks to be the same as Rbot-CZ above. (Sophos)W32/Rbot-AS – Similar to the above Rbot variants, except AS installs itself as “LSAS.EXE” in the Windows System folder. (Sophos)W32/Agobot-KM – An Agobot variant that exploits various security vulnerabilities and networks shares to spread between machines. It installs itself as “MSVSRV32.EXE” in the Windows System directory and allows backdoor access via IRC. It also redirects URLs for anti-virus sites to the localhost. (Sophos)Troj/Legmir-K – A passwords-stealing Trojan horse. No word on how it spreads. (Sophos)Troj/Padodo-Fam – A family of Trojan horse programs that provide backdoor access via IRC and steal system passwords. (Sophos)Troj/HacDef-F — A Trojan targeting Windows NT, 2000 and XP that changes Internet Explorer settings and gathers system information. (Sophos)**********From the interesting reading department:Has IE dug itself a hole?When another security hole was uncovered in Microsoft Internet Explorer last week, the U.S. Computer Emergency Readiness Team issued six workarounds to minimize vulnerability, including a suggestion to switch to another browser. Network World, 07/12/04.https://www.nwfusion.com/news/2004/071204browser.html?nlReview: Pedestal aids in security enforcementPedestal Software’s SecurityExpressions 3.1 is an agentless product that audits systems based on a pre-defined set of rules, letting organizations easily identify computers and other devices that do not conform to a defined corporate security policy. Network World, 07/12/04.https://www.nwfusion.com/reviews/2004/071204pedastalrev.html?nlWeb servers still doling out ‘Scob’ codeMore than 100 Web servers are still distributing the “Scob” malicious code, first identified two weeks ago as code used in a widespread attack to plant Trojan horse programs on vulnerable computers, according to one computer security company. That attack used compromised Microsoft Internet Information Services Web servers to distribute the Trojan horse programs. IDG News Service, 07/08/04.https://www.nwfusion.com/news/2004/0708webserve.html?nlSymantec opens its security centerSome say that protecting companies and governments from unanticipated cyberattacks is similar to finding a needle in a haystack. But at Symantec’s Security Operating Center in Alexandria, Va., protecting clients from worms, viruses, and other computer-related threats is more like plucking a specific needle from a mound of needles in a haystack. PC World, 07/09/04.https://www.nwfusion.com/news/2004/0709symanopens.html?nlMicrosoft to pitch security as ‘competitive advantage’Microsoft will pitch security as a “competitive advantage” at its worldwide partner conference in Toronto next week, but it may be a tough sell to attendees who are still waiting for the software maker to deliver on some of last year’s security-related promises. IDG News Service, 07/08/04.https://www.nwfusion.com/news/2004/0708microtopi.html?nlCyberGuard makes bid for Secure ComputingNetwork security provider CyberGuard has made an unsolicited offer for rival Secure Computing in a move aimed at filling out its product suite and slashing costs. IDG News Service, 07/12/04.https://www.nwfusion.com/news/2004/0712cybermakes.html?nl Related content news Broadcom to lay off over 1,200 VMware employees as deal closes The closing of VMware’s $69 billion acquisition by Broadcom will lead to layoffs, with 1,267 VMware workers set to lose their jobs at the start of the new year. By Jon Gold Dec 01, 2023 3 mins Technology Industry Mergers and Acquisitions news analysis Cisco joins $10M funding round for Aviz Networks' enterprise SONiC drive Investment news follows a partnership between the vendors aimed at delivering an enterprise-grade SONiC offering for customers interested in the open-source network operating system. By Michael Cooney Dec 01, 2023 3 mins Network Management Software Network Management Software Network Management Software news Cisco CCNA and AWS cloud networking rank among highest paying IT certifications Cloud expertise and security know-how remain critical in building today’s networks, and these skills pay top dollar, according to Skillsoft’s annual ranking of the most valuable IT certifications. Demand for talent continues to outweigh s By Denise Dubie Nov 30, 2023 7 mins Certifications Certifications Certifications news Mainframe modernization gets a boost from Kyndryl, AWS collaboration Kyndryl and AWS have expanded their partnership to help enterprise customers simplify and accelerate their mainframe modernization initiatives. By Michael Cooney Nov 30, 2023 4 mins Mainframes Cloud Computing Data Center Podcasts Videos Resources Events NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe