• United States

More Linux kernel patches

Jan 08, 20045 mins

* Patches from Linux, Conectiva, others * Beware latest version of the Minmail virus * Jitux.A worm hits MSN Messenger, and other interesting reading

Today’s bug patches and security alerts:

Security group warns of hole in Linux kernel

Computer security researchers are again warning about a critical vulnerability in the Linux kernel that could be used by malicious hackers to take control of systems using the popular open source operating system. IDG News Service, 01/05/04.

Related patches:




Linux vendors patch Ethereal

Two vulnerabilities in the Ethereal network monitoring utility could be exploited to cause the application to crash. There’s no word on if the flaws could be used to run code on the affected machine. For more, go to:



Red Hat:


Conectiva, Debian patch lftp

A buffer overflow vulnerability has been found in the lftp FTP client. The flaw could be exploited when the “ls” or “rels” command is executed on a “specially prepared directory.” An attacker could use this to run arbitrary code on the affected client. For more, go to:




Debian releases slew of updates

Over the past week Debian has released around a dozen new patches for various applications that run on its platform. Two of the patches can be found above. Here are links to the rest:

New screen packages fix group utmp exploit:

New xsok packages fix local group games exploit:

New bind packages fix denial of service:

New mpg321 packages fix format string vulnerability:

New nd packages fix buffer overflows:

New libnids packages fix buffer overflow:

New fsp packages fix buffer overflow, directory traversal:

New jabber packages fix denial of service:

New zebra packages fix denial of service:


Today’s roundup of virus alerts:

Troj/Dloader-K – A Trojan horse that attempts to download new components from a remote Web site. (Sophos)

Bookmark.B – This virus overwrites the Favorites in Internet Explorer with adult Web sites. (Panda Software)

Autodes – A joke virus that makes the user think the computer is going to self-destruct after 10 seconds. Another message appears letting the user in the gag. (Panda Software)

Troj/StartPg-BG – This virus alters the Internet Explorer start page and uses stylesheets to redirect users to adult Web sites. (Sophos)

W32/Randon-AB – Another virus that attempts to spread via weakly protected network shares. This virus drops several executable files on the infected machine. (Sophos)

Troj/Uproot-A – A backdoor Trojan that allows a remote user access to the infected machine. (Sophos)

W32/Mimail-N – The latest version of the Mimail virus disguises itself as a Paypal credit card message. It asks the user for their credit card information and sends it to a remote Web site. (Sophos)

W32/Mimail-M – Another version of the Mimail virus that spreads via an e-mail message that claims to have pornographic pictures attached. (Sophos)

VBS/Suzer-B – A Trojan horse that’s used to drop another virus (Troj/Cidra-A) on the infected machine. (Sophos)

Troj/Antikl-Dam – A virus that spreads via e-mail and pretends to be security software from a financial institution. Fortunately, the virus is broken. (Sophos)

W32/Agobot-BT – A virus that provided remote access to the infected via IRC. It spreads between computers via weakly protected network shares and attempts to exploit the DCOM RPC vulnerability in Windows. (Sophos)


From the interesting reading department:

Overview of Office Features That Are Intended to Enable Collaboration and That Are Not Intended to Increase Security

Microsoft Office products include features that enable specific collaboration scenarios and features that are designed to help make your documents and files more secure. Features that enable collaboration scenarios function correctly in collaboration environments that do not include users who have malicious intent. Microsoft Knowledge Base.;EN-US;822924

Jitux.A worm hits MSN Messenger

A worm targeting users of Microsoft’s MSN Messenger software has squirmed through the instant messaging (IM) application. IDG News Service, 01/05/04.

AOL adds spyware protection

An upcoming software release from America Online will add spyware protection to the list of standard features for its broadband and dial-up Internet customers, the company said Tuesday. IDG News Service, 01/06/04.