Cisco patches PIX firewall

This is the last newsletter of 2003. We’ll be taking the next two weeks off to celebrate the holidays with our family and friends. Hope you all have a great holiday season and prosperous 2004!

Today’s bug patches and security alerts:

Cisco warns of holes in PIX firewalls

Network equipment maker Cisco is warning customers about security holes in its PIX firewall product and firewall software that runs on the Catalyst 6500 Series and 7600 Series switches. IDG News Service, 12/16/03.

https://www.nwfusion.com/news/2003/1216ciscowarns.html?nl

Cisco advisory:

https://www.cisco.com/warp/public/707/cisco-sa-20031215-pix.shtml

Related Cisco FWSM vulnerabilities advisory:

https://www.cisco.com/warp/public/707/cisco-sa-20031215-fwsm.shtml

**********

Opera vulnerability patched

A flaw in Opera’s download dialog box could be exploited by a remote user to delete arbitrary files on the affected machine. For more, go to:

https://www.securitytracker.com/alerts/2003/Dec/1008460.html

**********

Linux vendors patch lftp

A buffer overflow vulnerability has been found in the lftp FTP client. The flaw could be exploited when the “ls” or “rels” command is executed on a “specially prepared directory.” An attacker could use this to run arbitrary code on the affected client. For more, go to:

Mandrake Linux:

https://www.nwfusion.com/go2/1215bug2a.html

OpenPKG:

https://www.openpkg.org/security/OpenPKG-SA-2003.053-lftp.html

Red Hat:

https://rhn.redhat.com/errata/RHSA-2003-403.html

Slackware:

https://www.nwfusion.com/go2/1215bug2b.html

SuSE:

https://www.suse.com/de/security/2003_051_lftp.html

**********

Red Hat issues two Apache-related advisories

A couple of vulnerabilities have been found in Red Hat’s implementation of the open source Apache Web server application. Fixes are available:

Updated httpd packages fix Apache security vulnerabilities:

https://rhn.redhat.com/errata/RHSA-2003-320.html

Updated apache packages fix minor security vulnerability:

https://rhn.redhat.com/errata/RHSA-2003-405.html

**********

OpenPKG patches cvs

A flaw in versions of the cvs server prior to 1.11.10 could be exploited to create directories and files at the root level of the affected machine. For more, go to:

https://www.openpkg.org/security/OpenPKG-SA-2003.052-cvs.html

**********

NetBSD issues BIND DNS patch

A programming error in the BIND 8 DNS server could “result in a DNS message being incorrectly cached as a negative response.” This could lead to a denial of service against legitimate domain names. For more, go to:

https://www.nwfusion.com/go2/1215bug2c.html

**********

Today’s roundup of virus alerts:

W32/Sober-B – This worm spreads via e-mail, peer-to-peer networks and network shares. The virus seeks out e-mail address in a number of file types and overwrites files shared folders of popular peer-to-peer applications with copies of itself. The infected message could be written in German or English. (Sophos)

**********

From the interesting reading department:

Win 98’s demise leaves questions on security

Days after software giant Microsoft announced it would stop distributing the Windows 98 operating system, and weeks ahead of the scheduled end of support, industry experts warn that the operating system, though long in the tooth, is still widely used within organizations. IDG News Service, 12/16/03.

https://www.nwfusion.com/news/2003/1216win98.html

Check Point buys Zone to bolster endpoint security

Check Point Software is to buy Zone Labs, which makes software that can tell whether a remote machine meets security policies before allowing it to access a corporate VPN. The $205 million cash-and-stock deal is expected to close in the spring. IDG News Service, 12/15/03.

https://www.nwfusion.com/go2/1215bug2d.html