Heap overflow in rsync

Network World needs your help. We’re looking for the weirdest, most wild, descriptive and/or silly network product name you’ve come across. Got one to share? Fill out this short form and you could win a fabulous Network World prize: http://www.nwfusion.com/survey/favprod2003.html

Network World needs your help. We’re looking for the weirdest, most wild, descriptive and/or silly network product name you’ve come across. Got one to share? Fill out this short form and you could win a fabulous Network World prize:

https://www.nwfusion.com/survey/favprod2003.html

Today’s bug patches and security alerts:

Heap overflow in rsync

A heap overflow vulnerability in the rsync application can be exploited with the recently discovered Linux kernel flaw to compromise Linux servers. Fixes are available. For more, go to:

Official rsync site:

https://rsync.samba.org/

Conectiva:

https://www.nwfusion.com/go2/1208bug1a.html

Debian (temporary location):

https://klecker.debian.org/~joey/rsync/

EnGarde:

https://www.nwfusion.com/go2/1208bug1b.html

Mandrake Linux:

https://www.nwfusion.com/go2/1208bug1c.html

OpenPKG:

https://www.openpkg.org/security/OpenPKG-SA-2003.051-rsync.html

Red Hat:

https://rhn.redhat.com/errata/RHSA-2003-398.html

Slackware:

https://www.nwfusion.com/go2/1208bug1d.html

SuSE:

https://www.suse.com/de/security/team/index.html

Trustix:

https://www.nwfusion.com/go2/1208bug1e.html

**********

Yahoo Messenger buffer overflow

A buffer overflow in Yahoo Messenger’s Open() function could be exploited via a Web page to run arbitrary commands on the affected machine. Internet Explorer users would have to change their security settings to “low” in order for this exploit to be successful. For more, go to:

https://messenger.yahoo.com/security/update4.html

**********

Apple issues security update for Safari

A security update for Mac OS X 10.3.1 and 10.2.8 fixes a problem with the way cookies are accessed in the Safari browser. The new update allows only authorized Web sites to access user cookie information. For more, go to:

Mac OS X 10.3.1:

https://www.info.apple.com/kbnum/n120283

Mac OS X 10.2.8

https://www.info.apple.com/kbnum/n120282

**********

More Linux kernel patches

As we reported last week, a flaw in the Linux kernel implementation could be (and has been) used to compromise a Linux server. More fixes are available:

Conectiva:

https://www.nwfusion.com/go2/1208bug1f.html

SuSE:

https://www.suse.com/de/security/2003_049_kernel.txt

**********

Today’s roundup of virus alerts:

W32/Sdbot-L – Yet another version of the Sdbot Trojan horse. This version spreads via weakly protected network shares and allows an attacker to remotely control the infected machine via IRC. (Sophos)

**********

From the interesting reading department:

Security experts: Insider threat looms largest

While the U.S. military is building up defenses to fend off network-based attacks from enemy states and terrorists, some say the more-insidious security problem is the threat of an insider bent on sabotage or stealing data. Network World, 12/08/03.

https://www.nwfusion.com/news/2003/1208infowar.html?nl

Radware switch targets attacks

Radware last week debuted a security appliance that could help businesses stop Web-based attacks such as Welchia and MS-SQL Slammer at the network gates. Network World, 12/08/03.

https://www.nwfusion.com/news/2003/1208radware.html?nl

NetContinuum boosts security gateway

NetContinuum this week is scheduled to launch an updated version of its application-firewall appliance for protecting HTML-based and some non-Web applications from about 4,000 known attacks aimed at subverting servers. Network World, 12/08/03.

https://www.nwfusion.com/news/2003/1208netcon.html?nl

ExpertCity tries to change its image

Company’s GoToMyPC Corporate 4.0 is slowly winning acceptance from cautious enterprise security pros. Network World, 12/08/03.

https://www.nwfusion.com/net.worker/news/2003/1215netlead.html?nl