Cisco voice product flaw on IBM servers

Today’s bug patches and security alerts:

Cisco warns of voice product flaws on IBM servers

According to an alert from Cisco, “The default installation of Cisco voice products on the IBM platform will install the Director Agent in an unsecure state, leaving the Director services vulnerable to remote administration control and/or Denial of Service attacks.” For more, go to:

https://www.nwfusion.com/go2/0119bug2a.html

**********

Conectiva patches screen

A buffer overflow in screen could be exploited by an attacker that sends 2 gigabytes of data to the affected machine. A fix is available that also patches a problem with window sizing. For more, go to:

https://www.nwfusion.com/go2/0119bug2b.html

Conectiva releases patch for kdepim

A buffer overflow in KDE’s VCF file reader could be exploited by an attacker to run arbitrary code on the affected machine. For more, go to:

https://www.nwfusion.com/go2/0119bug2c.html

Conectiva issues fix for cvs flaw

A flaw in the account management for the CVS pserver could allow anyone with access to the server to modify the CVSROOT/passwd file to give themselves root access to the affected machine. For more, go to:

https://www.nwfusion.com/go2/0119bug2d.html

**********

Red Hat patches mc

A vulnerability in mc (Midnight Commander), a file management tool, could be exploited by using malicious code hidden inside a compressed file. This code could be run on the affected machine when the compressed file is opened by mc. For more, go to:

https://rhn.redhat.com/errata/RHSA-2004-034.html

**********

Debian, Trustix release patch for slocate

A buffer overflow vulnerability in slocate, a secure version of the file search utility locate, could be exploited by a malicious user to gain the group privilege of slocate. The attacker could use this to view all data in the slocate database. For more, go to:

Debian:

https://www.debian.org/security/2004/dsa-428

Trustix:

https://www.nwfusion.com/go2/0119bug2e.html

**********

Flaw found in honeyd

A flaw in honeyd, a virtual honeypot daemon, could allow an attacker to detect the IP addresses being simulated by the application. A fix is available:

https://www.citi.umich.edu/u/provos/honeyd/

Gentoo patch for honeyd:

https://forums.gentoo.org/viewtopic.php?t=126976

**********

Today’s roundup of virus alerts:

Nothing new to report today, so we bring you the top 10 viruses reported in December 2003, according to Sophos:

1. W32/Sober-C

2. W32/Mimail-K

3. W32/Dumaru-A

4. W32/Mimail-J

5. W32/Mimail-C

6. W32/Gibe-F

7.  W32/Mimail-I

8. W32/Klez-H

9. W32/Torvil-A

10.   W32/Mimail-F

**********

From the interesting reading department:

Microsoft upgrades security tool that verifies system configuration

As part of the overhaul of its patch management tools, Microsoft on Tuesday released the next version of a tool that detects bad configurations that could leave users open to security vulnerabilities. Network World Fusion, 01/20/04.

https://www.nwfusion.com/news/2004/0120microbase.html?nl

Wireless Wizards: How can WPA be more secure than WEP?

While it is true that both Wi-Fi Protected Access (WPA) and Wired Equivalent Privacy (WEP) have a pre-shared key as the basis for encryption, they actually use the pre-shared key in very different ways. Network World, 01/19/04.

https://www.nwfusion.com/columnists/2004/0119wizards.html?nl

Slammer: One year later

Cash machines froze. Airlines and hospitals dusted off paper forms to schedule reservations and track patients. This was the scene on Jan. 25, 2003, shortly after the Slammer worm appeared and quickly began spreading around the world, flooding computer networks with worm-generated traffic and knocking vital database servers offline. IDG News Service, 01/20/04.

https://www.nwfusion.com/news/2004/0120slammoney.html?nl

LinuxWorld: SuSE, IBM gain higher security certification

Raising the security bar one notch higher, SuSE Linux AG and IBM Wednesday said they have achieved a more rigorous security certification for Linux operating system software running on Big Blue servers. With the higher-level security evaluation, the two companies hope to attract governments and organizations with critical operations to open source Linux software. IDG News Service, 01/21/04.

https://www.nwfusion.com/news/2004/0121linuxsus.html?nl

Experts challenge U.S. online voting system

Citing concerns over security, four computer experts are urging the U.S. government to drop plans to allow U.S. civilians who reside oversees to cast their votes online. IDG News Service, 01/22/04.

https://www.nwfusion.com/news/2004/0122experchall.html?nl

White paper: Is finding security holes a good idea?

A large amount of effort is expended every year on finding and patching security holes. The underlying rationale for this activity is that it increases welfare by decreasing the number of bugs available for discovery and exploitation by bad guys, thus reducing the total cost of intrusions. RTFM.com, 01/21/04.

https://www.rtfm.com/bugrate.pdf