Cisco patches flaw in Personal Assistant

Today’s bug patches and security alerts:

Cisco patches flaw in Personal Assistant

In certain configurations of the Cisco Personal Assistant the user authentication for the configuration utility is disabled, allowing anyone access. A fix is available:

https://www.cisco.com/warp/public/707/cisco-sa-20040108-pa.shtml

**********

More Linux kernel fixes available

As we reported last week, a vulnerability in the Linux kernel could be exploited to gain root access on the affected machine. More vendors have made fixes available:

Mandrake Linux:

https://www.mandrakesecure.net/en/kernelupdate.php

Slackware:

https://www.nwfusion.com/go2/0112bug1a.html

**********

OpenPKG patches inn

A buffer overflow has been found in inn 2.4.0 implemented by OpenPKG. The flaw could be exploited remotely to allow an attacker to run arbitrary code on the affected machine. For more, go to:

https://www.openpkg.org/security/OpenPKG-SA-2004.001-inn.html

**********

SGI releases Advanced Linux Environment security update #8

Advanced Linux Environment security update #8 from SGI for SGI ProPack v2.3 for the Altix family of systems patches a flaw in the lftp application. There’s a buffer overflow vulnerability in older versions of lftp. For more, go to:

https://www.nwfusion.com/go2/0112bug1b.html

**********

Red Hat pushes updated CVS package

According to an alert from Red Hat, “Updated cvs packages closing a vulnerability that could allow cvs to attempt to create files and directories in the root file system are now available.” For more, go to:

https://rhn.redhat.com/errata/RHSA-2004-003.html

**********

Debian updates phpgroupware

Two vulnerabilities in earlier versions of phpgroupware have been patched by Debian. One flaw could allow an attacker to execute malicious scripts on the affected server. There’s also a SQL injection vulnerability that’s been patched. For more, go to:

https://www.debian.org/security/2004/dsa-419

Debian patches vbox3

According a Debian alert, “A bug was discovered in vbox3, a voice response system for isdn4linux, whereby root privileges were not properly relinquished before executing a user-supplied tcl script.  By exploiting this vulnerability, a local user could gain root privileges.” For more, go to:

https://www.debian.org/security/2004/dsa-418

**********

Today’s roundup of virus alerts:

Trojan masquerades as Windows XP update

Security companies are warning Internet users about a new Trojan horse program spreading via spam e-mail and masquerading as a Windows XP software update from Microsoft. IDG News Service, 01/09/04.

https://www.nwfusion.com/news/2004/0109newtrojan.html?nl

W32/Aozo-A – A worm that spreads via the Kazaa peer-to-peer network. No word on any permanent damage caused by the virus. (Sophos)

Xcmd.A – A Trojan that allows an attacker to run other applications on the infected machine. The attacker must have administration rights on the affected machine. (Panda Software)

Dluca.D — Another Trojan Horse. This one tries to download malicious code from the Internet. (Panda Software)

W32/Randex-Y – This virus attacks random IP addresses looking for weakly protected network shares. The virus connects to an IRC server to allow an attacker backdoor access to the infected machine. (Sophos)

**********

From the interesting reading department:

Microsoft Word file security flaw uncovered

Microsoft is again facing criticism from security experts after a researcher posted instructions for circumventing a password feature in the company’s popular Microsoft Word word processing program. IDG News Service, 01/08/04.

https://www.nwfusion.com/news/2004/0108microword.html?nl

Wireless LAN worries

This is supposed to be the year that the industry addresses the serious security shortcomings that are holding back enterprise wireless LAN rollouts. But looming implementation issues and vendor disagreement are raising questions about just how soon the security dilemma will be solved. Network World, 01/12/04.

https://www.nwfusion.com/news/2004/0112wlansecurity.html?nl

Management Strategies: Let’s get physical

IT security must include locked doors and premises protection, not just firewalls. Network World, 01/12/04.

https://www.nwfusion.com/careers/2004/0112man.html?nl

Review: SSL VPN gateways

Security with ease of use is the promise of Secure Sockets Layer VPNs. In our test of seven SSL VPN gateways – from AEP, F5 Networks, NetScreen Technologies, Netilla, Nokia, Symantec and Whale Communications – we assessed how well each is equipped to provide secure remote access to corporate applications. Network World, 01/12/04.

https://www.nwfusion.com/reviews/2004/0112revmain.html?nl

White paper: Application of Hardware Accelerated Extensible Network Nodes for Internet Worm and Virus Protection

A platform has been implemented that actively detects and blocks worms and viruses at multi-Gigabit/second rates. It uses the Field-programmable Port Extender (FPX) to scan for signatures of malicious software (malware) carried in packet payloads. Dynamically reconfigurable Field Programmable Gate Array (FPGA) logic tracks the state of Internet flows and searches for regular expressions and fixed strings that appear in the content of packets. Applied Research Laboratory, Washington University in Saint Louis.

https://www.nwfusion.com/go2/0112bug2c.html

Lamo pleads guilty

Adrian Lamo, the so-called “homeless hacker,” pleaded guilty on Thursday to charges that he broke into the internal computer network of The New York Times. IDG News Service, 01/09/04.

https://www.nwfusion.com/news/2004/0109lamoplead.html?nl