• United States

Borland Interbase flaw found

Mar 25, 20044 mins

* Patches from Yahoo, Debian, others * Beware Lovgate-X * Teleworking and its security challenges are growing, and other interesting reading

Today’s bug patches and security alerts:

Borland Interbase flaw found

SecurityTracker is warning of a vulnerability in Borland’s Interbase database that could allow an attacker to gain administrative privileges over the database. Users are urged to eliminate write privileges from the admin.ib file found in Interbase installations. For more, go to:


Yahoo patches e-mail hole

Yahoo has patched a hole in its Web e-mail service that could have allowed malicious hackers to run malicious computer scripts on computers that use Microsoft’s Internet Explorer Web browser to check Web e-mail accounts. IDG News Service, 03/24/04.

See also:

Yahoo, Hotmail vulnerable to security flaw, 03/23/04


Debian patches emil

Two flaws have been found in Debian’s emil, a filter for converting Internet mail messages. A buffer overflow could be exploited to run arbitrary code on the affected machine. A format string vulnerability has also been found in the package. For more, go to:

Debian issues patch for ecartis

Two vulnerabilities have been found in ecartis, a mailing list management application. One flaw could be exploited to disclose mailing list passwords. Another deals with multiple buffer overflows found in ecartis’ code. For more, go to:


Rapid7 warns of OpenBSD flaw

Security consultancy Rapid7 is warning of a flaw in OpenBSD’s isakmpd daemon. The flaw could be exploited by a remote user in a denial-of-service attack against the affected machine. For more, go to:


Multiple bugs in Ethereal

Stefan Esser of e-matters is warning of a number of potential vulnerabilities in Ethereal, a network monitoring tool. The flaws were discovered during a code audit conducted earlier this month. For more, go to:


Today’s roundup of virus alerts:

W32/Agobot-EF  – A variant of the Agobot family that attempts to exploit the DCOM and RPC vulnerabilities in Windows. The virus connects to an IRC server to await commands from a remote attacker. (Sophos)

W32/Agobot-EX – A virus that copied itself into the Windows system folder under the name soundman.exe. Like some of its cousins, this virus too connects to an IRC server to recieve commands from an attacker. (Sophos)

W32/Lovgate-X – A backdoor worm that attempts to steal passwords from the infected machine. Lovgate-X spreads via e-mail and weakly protected network shares. (Sophos)


From the interesting reading department:

Funk releases new version of secure wireless client

The new version of Funk Software’s secure client software includes changes to simplify the work of administering hundreds of wireless clients. Network World Fusion, 03/23/04.

AT&T offers proactive tools to help stop malicious net attacks

AT&T has launched one of the first proactive services designed to alert customers that their network might be under attack. The Edge, 03/23/04.

Cisco to acquire IDS vendor Riverhead Networks for $39 million

Cisco this week announced plans to purchase privately held Riverhead Networks, a maker of security technology that protects against distributed denial of service attacks, in an all-cash deal worth approximately $39 million. Network World Fusion, 03/22/04.

Symantec readies multi-user gateway security for small business

Symantec next month plans to ship three new gateway security appliances for use by small-to-midsize businesses as a combined VPN/firewall, Web filtering and intrusion-detection system. Network World, 03/22/04.

Teleworking and its security challenges are growing

Work trends indicate that the remote-client security challenge is only growing larger and more complex. Network World Wide Area Networking Newsletter, 03/23/04.