* Patches from HP, Macromedia, Debian, others * Beware yet another variant of the Agobot family of Trojans * Mgmt. matters: Ace Hardware simplifies security management, and other interesting reading Today’s bug patches and security alerts:SSL vulnerability could bring down Cisco LAN/WAN gearCisco warns that an implementation of Secure Sockets Layer on some of its switches, routers and firewalls could leave these devices vulnerable to a denial-of-service attack. Network World Fusion, 03/17/04.https://www.nwfusion.com/news/2004/0317ciscossl.html?nl Cisco advisory:https://www.nwfusion.com/go2/0315bug2a.html OpenSSL advisory:https://www.openssl.org/news/secadv_20040317.txtMore SSL and OpenSSL patches:Debian:https://www.debian.org/security/2004/dsa-465EnGarde: https://www.nwfusion.com/go2/0315bug2b.htmlFreeBSD:https://www.nwfusion.com/go2/0315bug2c.htmlMandrake Linux: https://www.nwfusion.com/go2/0315bug2d.htmlRed Hat:https://rhn.redhat.com/errata/RHSA-2004-121.htmlSuSE:https://www.suse.com/de/security/2004_07_openssl.html**********HP patches Web-based Management SystemA security flaw in HP’s Web-based Management System could allow someone without any privileges to gain remote access to the infected system with administrator rights. For more, go to:https://www.nwfusion.com/go2/0315bug2e.html**********Macromedia patches flaw in ColdFusion MX and JRun 4.0A flaw in the way Macromedia’s ColdFusion MX and JRun 4.0 handle certain SOAP-based Web services could be exploited in a denial-of-service attack against the affected machine. An update can be downloaded here:https://download.macromedia.com/pub/security/mpsb04-04.zip**********Debian patches gdk-pixbufA flaw in the way BMP files are handled by gdk-pixbuf, the GdkPixBuf image library for Gtk, could be used to crash the application using the library. For more, go to:https://www.debian.org/security/2004/dsa-464**********Red Hat patches Mozilla bugAn update is available for Red Hat’s Mozilla implementation that fixes the way certain S/MIME types are handled. For more, go to:https://rhn.redhat.com/errata/RHSA-2004-112.html**********Today’s roundup of virus alerts:Troj/Bdoor-CCK – A backdoor Trojan that drops the file ‘WMER.HTM’ into the Windows help folder. (Sophos)W32/Protoride-F – This virus spreads via network shares and installs a backdoor on the infected machine accessible by IRC. (Sophos)Troj/Prorat-D – Another backdoor Trojan that may try to counter its removal from the infected system. (Sophos)W32/Agobot-ED – Yet another variant of the Agobot family of Trojan horse viruses that installs an IRC-accessible backdoor and terminates certain security and anti-virus applications. (Sophos)W32/Agobot-FG – Similar to Agobot-ED, this Trojan tries to exploit the DCOM and RPC flaws in Windows to install its malicious code. (Sophos)**********From the interesting reading department:Vericept announces anti-fraud product aimed at identity theft problemVericept this week announced a software-based anti-fraud product that monitors the outbound IP-based communications of an enterprise in order to prevent loss of sensitive data that could lead to identity theft. Network World Fusion, 03/17/04.https://www.nwfusion.com/news/2004/0317vericept.html?nlMgmt. matters: Ace Hardware simplifies security managementThis is the third in a special Fusion series spotlighting enterprise network managers’ innovative use of management products to automate processes, prevent outages and save money. Stay tuned for more. Network World Fusion, 03/17/04.https://www.nwfusion.com/news/2004/0317mm3.html?nl Related content news Broadcom to lay off over 1,200 VMware employees as deal closes The closing of VMware’s $69 billion acquisition by Broadcom will lead to layoffs, with 1,267 VMware workers set to lose their jobs at the start of the new year. By Jon Gold Dec 01, 2023 3 mins Technology Industry Mergers and Acquisitions news analysis Cisco joins $10M funding round for Aviz Networks' enterprise SONiC drive Investment news follows a partnership between the vendors aimed at delivering an enterprise-grade SONiC offering for customers interested in the open-source network operating system. By Michael Cooney Dec 01, 2023 3 mins Network Management Software Network Management Software Network Management Software news Cisco CCNA and AWS cloud networking rank among highest paying IT certifications Cloud expertise and security know-how remain critical in building today’s networks, and these skills pay top dollar, according to Skillsoft’s annual ranking of the most valuable IT certifications. Demand for talent continues to outweigh s By Denise Dubie Nov 30, 2023 7 mins Certifications Certifications Certifications news Mainframe modernization gets a boost from Kyndryl, AWS collaboration Kyndryl and AWS have expanded their partnership to help enterprise customers simplify and accelerate their mainframe modernization initiatives. By Michael Cooney Nov 30, 2023 4 mins Mainframes Cloud Computing Data Center Podcasts Videos Resources Events NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe