* Patches from FreeBSD, Debian, SGI, others * Beware more Bagle variants * Students engineer a winner, and other interesting reading Today’s bug patches and security alerts:Flaws in Oracle databaseTwo functions in Versions 9ir2 and earlier of Oracle Database Server have been discovered by SecuriTeam. The flaws could be exploited to run arbitrary code on the affected server. Oracle users should logon to Metalink for updates:http://metalink.oracle.com **********ISS warns of SMB processing flaw ISS has issued a warning about a module used in its own products: “A vulnerability was discovered in the SMB (Server Message Block) protocol parsing routines of the ISS Protocol Analysis Module (PAM) component found in some ISS products. The flaw relates to incorrect parsing of the SMB protocol, which may lead to a heap overflow condition.” For more, go to:https://xforce.iss.net/xforce/alerts/id/165Related eEye advisory:https://www.eeye.com/html/Research/Advisories/AD20040226.html**********Trillian IM clients patched A couple vulnerabilities have been found in the Trillian and Trillian Pro instant messaging clients. An attacker could exploit these flaws to run arbitrary code on the affected machine. A patch for the free version is available here:https://www.ceruleanstudios.com/trillian-v0.74-patch-g.exeMembers should upgrade to Version 2.011 via this link:https://www.ceruleanstudios.com/members E-matters advisory:https://security.e-matters.de/advisories/022004.html**********FreeBSD patches jailGuess security at the jail wasn’t so good… sorry, couldn’t resist. Jail is a sandbox application that allows administrators to lock a process down so it cannot interact with other processes. Turns out, a coding problem could all someone with superuser privileges to gain full read and write access. For more, go to:https://www.nwfusion.com/go2/0301bug1a.html**********Debian releases patch for lbreakout2A buffer overflow in the lbreakout2 game could be exploited by a malicious user to gain the privileges of “games”. For more, go to:https://www.debian.org/security/2004/dsa-445**********Mandrake Linux updates mtoolsA flaw in the mformat program could allow certain files to be created with 0666 permissions. Also, the tool does not drop permissions when reading local configuration files. For more, go to:https://www.nwfusion.com/go2/0301bug1b.html**********Immunix, SGI patch kernelAs we’ve been reporting, a flaw in the various Linux kernel implementations could be exploited to gain root privileges on the affected machine. More fixes are available:Immunix 7+ (source code):https://www.nwfusion.com/go2/0301bug1c.htmlSGI:https://www.nwfusion.com/go2/0301bug1d.html**********Red Hat patches mod_pythonA flaw in Version 3.03 and prior of mod_python could be exploited in a denial-of-service attack against the affected machine. For more, go to:https://rhn.redhat.com/errata/RHSA-2004-063.htmlRed Hat releases libxml2 fixA flaw in the way libxml2 parses long URLs from remote sites could be exploited by an attacker to potentially run arbitrary code on the affected machine. For more, go to:https://rhn.redhat.com/errata/RHSA-2004-091.html**********Today’s roundup of virus alerts:Bagle F, G – More Bagle variants. Like the previous versions, these too spreads via their own SMTP engine. This one uses a password-protected ZIP file to carry the malicious code. (Sophos)Bagle C, D – Two new variants of the Bagle worm have been spotted. Both virus have their own SMTP engines for sending infected messages. Both open a backdoor on port 2745 and listen for remote commands. (Sophos, Panda Software)W32/Agobot-FE – Another variant of the Agobot worm that attempts to allow unauthorized third-party access to the infected machine via an IRC channel. The virus also attempts to stop a number of security-related applications that may be running on the target machine. (Sophos)W32/Nachi-D – Another Nachi variant that targets machines already infected with MyDoom-A. Like its predecessors, it too attempts to connect via ports 135 and 445. (Sophos, Panda Software)W32/Maddis-A – A password-stealing Trojan that spreads via network shares. The virus sends its collected information to a set of predefined sites. (Sophos)**********From the interesting reading department:Students engineer a winnerThe Simon Fraser University students come up with an anti-theft device for laptops. Vancouver Sun, 02/26/04.https://www.nwfusion.com/go2/0301bug1e.htmlNMap 3.50 availableNmap (“Network Mapper”) is an open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts, according to its author, Fyodor. Download the new version here:https://www.insecure.org/nmap/ Related content how-to Doing tricks on the Linux command line Linux tricks can make even the more complicated Linux commands easier, more fun and more rewarding. By Sandra Henry-Stocker Dec 08, 2023 5 mins Linux news TSMC bets on AI chips for revival of growth in semiconductor demand Executives at the chip manufacturer are still optimistic about the revenue potential of AI, as Nvidia and its partners say new GPUs have a lead time of up to 52 weeks. By Sam Reynolds Dec 08, 2023 3 mins CPUs and Processors Technology Industry news End of road for VMware’s end-user computing and security units: Broadcom Broadcom is refocusing VMWare on creating private and hybrid cloud environments for large enterprises and divesting its non-core assets. By Sam Reynolds Dec 08, 2023 3 mins Mergers and Acquisitions news analysis IBM cloud service aims to deliver secure, multicloud connectivity IBM Hybrid Cloud Mesh is a multicloud networking service that includes IT discovery, security, monitoring and traffic-engineering capabilities. By Michael Cooney Dec 07, 2023 3 mins Network Security Cloud Computing Networking Podcasts Videos Resources Events NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe