* Patches from Yahoo, Debian, others * Beware Lovgate-X * Teleworking and its security challenges are growing, and other interesting reading Today’s bug patches and security alerts:Borland Interbase flaw foundSecurityTracker is warning of a vulnerability in Borland’s Interbase database that could allow an attacker to gain administrative privileges over the database. Users are urged to eliminate write privileges from the admin.ib file found in Interbase installations. For more, go to:https://www.securitytracker.com/alerts/2004/Mar/1009500.html **********Yahoo patches e-mail hole Yahoo has patched a hole in its Web e-mail service that could have allowed malicious hackers to run malicious computer scripts on computers that use Microsoft’s Internet Explorer Web browser to check Web e-mail accounts. IDG News Service, 03/24/04.https://www.nwfusion.com/news/2004/0324yahoopatch.htmlSee also:Yahoo, Hotmail vulnerable to security flaw, 03/23/04https://www.nwfusion.com/news/2004/0323yahooflaw.html?nl********** Debian patches emilTwo flaws have been found in Debian’s emil, a filter for converting Internet mail messages. A buffer overflow could be exploited to run arbitrary code on the affected machine. A format string vulnerability has also been found in the package. For more, go to:https://www.debian.org/security/2004/dsa-468Debian issues patch for ecartis Two vulnerabilities have been found in ecartis, a mailing list management application. One flaw could be exploited to disclose mailing list passwords. Another deals with multiple buffer overflows found in ecartis’ code. For more, go to:https://www.debian.org/security/2004/dsa-467**********Rapid7 warns of OpenBSD flawSecurity consultancy Rapid7 is warning of a flaw in OpenBSD’s isakmpd daemon. The flaw could be exploited by a remote user in a denial-of-service attack against the affected machine. For more, go to:https://www.rapid7.com/advisories/R7-0018.html**********Multiple bugs in EtherealStefan Esser of e-matters is warning of a number of potential vulnerabilities in Ethereal, a network monitoring tool. The flaws were discovered during a code audit conducted earlier this month. For more, go to:https://security.e-matters.de/advisories/032004.html**********Today’s roundup of virus alerts:W32/Agobot-EF – A variant of the Agobot family that attempts to exploit the DCOM and RPC vulnerabilities in Windows. The virus connects to an IRC server to await commands from a remote attacker. (Sophos)W32/Agobot-EX – A virus that copied itself into the Windows system folder under the name soundman.exe. Like some of its cousins, this virus too connects to an IRC server to recieve commands from an attacker. (Sophos)W32/Lovgate-X – A backdoor worm that attempts to steal passwords from the infected machine. Lovgate-X spreads via e-mail and weakly protected network shares. (Sophos)**********From the interesting reading department:Funk releases new version of secure wireless clientThe new version of Funk Software’s secure client software includes changes to simplify the work of administering hundreds of wireless clients. Network World Fusion, 03/23/04.https://www.nwfusion.com/news/2004/0323funk.html?nlAT&T offers proactive tools to help stop malicious net attacksAT&T has launched one of the first proactive services designed to alert customers that their network might be under attack. The Edge, 03/23/04.https://www.nwfusion.com/edge/news/2004/0323attalert.html?nlCisco to acquire IDS vendor Riverhead Networks for $39 millionCisco this week announced plans to purchase privately held Riverhead Networks, a maker of security technology that protects against distributed denial of service attacks, in an all-cash deal worth approximately $39 million. Network World Fusion, 03/22/04.https://www.nwfusion.com/news/2004/0322ciscoriver.html?nlSymantec readies multi-user gateway security for small businessSymantec next month plans to ship three new gateway security appliances for use by small-to-midsize businesses as a combined VPN/firewall, Web filtering and intrusion-detection system. Network World, 03/22/04.https://www.nwfusion.com/news/2004/0322symantec.html?nlTeleworking and its security challenges are growingWork trends indicate that the remote-client security challenge is only growing larger and more complex. Network World Wide Area Networking Newsletter, 03/23/04.https://www.nwfusion.com/newsletters/frame/2004/0322wan1.html?nl Related content news Broadcom to lay off over 1,200 VMware employees as deal closes The closing of VMware’s $69 billion acquisition by Broadcom will lead to layoffs, with 1,267 VMware workers set to lose their jobs at the start of the new year. By Jon Gold Dec 01, 2023 3 mins Technology Industry Technology Industry Markets news analysis Cisco joins $10M funding round for Aviz Networks' enterprise SONiC drive Investment news follows a partnership between the vendors aimed at delivering an enterprise-grade SONiC offering for customers interested in the open-source network operating system. By Michael Cooney Dec 01, 2023 3 mins Network Management Software Industry Networking news Cisco CCNA and AWS cloud networking rank among highest paying IT certifications Cloud expertise and security know-how remain critical in building today’s networks, and these skills pay top dollar, according to Skillsoft’s annual ranking of the most valuable IT certifications. Demand for talent continues to outweigh s By Denise Dubie Nov 30, 2023 7 mins Certifications Network Security Networking news Mainframe modernization gets a boost from Kyndryl, AWS collaboration Kyndryl and AWS have expanded their partnership to help enterprise customers simplify and accelerate their mainframe modernization initiatives. By Michael Cooney Nov 30, 2023 4 mins Mainframes Cloud Computing Data Center Podcasts Videos Resources Events NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe