• United States

Check Point, Cisco and Microsoft patch away

Feb 05, 20044 mins

* Patches from Debian, Mandrake Linux, others * Beware another version of the Agobot virus * Microsoft deflecting MyDoom-B DoS attack, and other interesting reading

Our online pooh-bah Adam Gaffin takes a look at Microsoft’s recommendations for avoiding malicious URLs by retyping them manually:

Our online pooh-bah Adam Gaffin takes a look at Microsoft’s recommendations for avoiding malicious URLs by retyping them manually:

With a follow-up here:

Today’s bug patches and security alerts:

ISS warns of holes in Check Point firewall, VPN server

Internet Security System Wednesday issued a warning of critical vulnerabilities in Check Point’s Check Point Firewall-1 and Check Point VPN-1 Server and SecuRemote and SecureClient VPN clients. IDG News Service, 02/05/04.

ISS VPN server advisory:

ISS firewall advisory:


Software flaw could leave Cisco gear vulnerable to freezes/shutdowns

A hardware vulnerability may cause some high-end Cisco switches and routers with specific configurations to crash, but only under very specific circumstances. Network World Fusion, 02/04/04.

Cisco advisory:


Microsoft patches IE flaws

Microsoft Monday released a security patch to fix three known vulnerabilities in its Internet Explorer Web browser that have been exploited to attack Internet users. IDG News Service, 02/02/04.

Microsoft advisory:

Related CERT advisory:


Debian patches kernel for mips and mipsel

A flaw in the Debian Linux kernel for mips and mipsel contains vulnerability that could be exploited to gain local root access on the affected machine. For more, go to:

Debian releases new Perl package

An information leak in certain Perl implementations could allow an attacker to view information in files they normally would not have access to. For more, go to:

Debian issues crawl fix

A buffer overflow has been found in crawl, a dungeon exploration game for Debian. No word on how it could be exploited or what the ramifications of such an exploit would be. For more, go to:


Mandrake Linux issues new fix for Gaim

Twelve vulnerabilities have been found in Gaim, a cross platform, multi-protocol instant messaging application. While some of the flaws are minor a few could be exploited to gain root privileges on the affected machine. For more, go to:


Today’s roundup of virus alerts:

W32/Agobot-CS – A Trojan horse that spreads via weakly protected network shares. It attempts to connect to an IRC server to allow an attacker gain access to the infected machine as well as stops various security-related application processes. (Sophos)

W32/Agobot-P – Another version of the Agobot virus. This one too exploits weak passwords on network shares as well as the RPC DCOM vulnerability in Windows. Like its predecessors, it terminates security applications and provides backdoor functionality via an IRC connection. (Sophos)

W32/SdBot-W – Like the two viruses mentioned above, weak network share passwords and IRC backdoors are the name of the game with this virus. (Sophos)


From the interesting reading department:

Microsoft deflecting MyDoom-B DoS attack

Microsoft Tuesday said it had yet to be affected by a MyDoom-B worm-induced distributed denial-of-service attack, which anti-virus software companies predicted would be fairly easy for the software company to fend off. IDG News Service, 02/03/04.

KDE update available

The K Desktop Environment (KDE) Project announced Tuesday that the third version of its KDE3 desktop platform, called KDE3.2, is available for Linux and Unix operating systems. IDG News Service, 02/03/04.