• United States

Two SGI security updates

Mar 29, 20045 mins

* Patches from Gentoo, SGI, others * Beware Bagel.U * Face-off: Is patch mgmt. the best protection against vulnerabilities?, and other interesting reading

Today’s bug patches and security alerts:

SGI Advanced Linux Environment security update #15

A new update for SGI ProPack v2.3 and SGI ProPack v2.4 for the SGI Altix family of systems that fixes issues with kdelibs, gdk-pixbuf, wu-ftpd and ntp. For more, go to:

SGI Advanced Linux Environment security update #16

Another new update for SGI ProPack v2.3 and SGI ProPack v2.4 for the SGI Altix family of systems. This release patches the OpenSSL vulnerability we’ve mentioned over the past week. For more, go to:


Gentoo issues fix for Apache

As we reported last week, the Apache Software Foundation has released Version 2.0.49 of the popular Apache Web server application. The new release is

primarily a bug fix, including three potential denial-of-service vulnerabilities. Get the update here:


HP Web Jetadmin flaw patched

HP is warning of a vulnerability in its Web Jetadmin tool. A number of weak HTS scripts could be exploited by ” a remote authenticated user to read and write files on the system and execute scripts.”  For more, go to:

HP advisory:


Freshmeat flaw fixed

A cross-scripting vulnerability has been found in Freshmeat, a community site for open source projects. The flaw, which potentially allowed malicious JavaScript to be executed via links in comment fields, has been fixed. For more, go to:


Potential flaw in Blogger tool

A flaw in Google’s Blogger application could allow scripts to be injected into user profile fields. Google has been notified of the problem, but a fix is not yet available. For more, go to:


Today’s roundup of virus alerts:

Bagel.U a virus of few words

Anti-virus software companies are again warning e-mail users about a new version of the prolific Bagel virus, which is spreading on the Internet through infected e-mail messages and targeting machines running the Microsoft Windows operating system. IDG News Service, 03/26/04.

W32/Lovgate-Z – Another Lovegate variant that spreads via e-mail, file sharing networks, and weakly-protected network shares. The virus overwrite EXE files on the infected machine as well as installs backdoor functionality. (Sophos)

W32/Sober-E – This is another variant of the Sober mass mailing worm. Sophos does not have further details, but says it has no reports of the virus in the wild. (Sophos)

Mywife.A – A virus that terminates anti-virus applications running on the infected machine, potentially leaving it unprotected from future infection. (Panda Software)

Snapper.A – An e-mail worm that attempts to exploit an Internet Explorer iFrame vulnerability to run when the infected message is viewed in the preview pane. The virus also tries to download CGI code to exploit another Windows vulnerability. Both flaws exploited have patches available. (Panda Software)

Cone.E – This virus spreads via e-mail and peer-to-peer networks and is used to launch a denial-of-service attack against a remote Web site. (Panda Software)

Starr.A – Not dangerous in its own right, but this tool allows system and Internet activities to be monitored. The information gathered could be used for malicious purposes. (Panda Software)

Troj/Ranckbot-A – A Trojan horse that drops a variant of the Sdbot worm on the infected machine. (Sophos)

W32/Nyxem-A – An e-mail worm that spreads via a message and attachment claiming to porn. (Sophos)


From the interesting reading department:

Face-off: Is patch mgmt. the best protection against vulnerabilities?

Two industry insiders, Eric Schultze of Shavlik Technologies and Steven Hofmeyr of Sana Security, debate the best approach to dealing with software flaws. Network World, 03/29/04:



Tester’s Challenge update

Network World’s most recent Tester’s Challenge published two weeks ago called on the major operating system vendors to streamline the process of supplying security update information to customers. Network World, 03/29/04.

Talking security with Motorola’s William Boni

CSO William Boni talks intrusion-detection, how his company is protecting itself and why IT security folks need to stick together. Network World, 03/29/04.

Symantec preps SMB gateways

Symantec next month plans to ship three new gateway security appliances for use by small to midsize businesses as combined VPN/firewall, Web filtering and intrusion-detection systems. Network World, 03/29/04.

AT&T unveils security alert service

AT&T last week launched one of the first proactive services designed to alert users that their network might be under attack. Network World, 03/29/04.

Time to enlist a ‘national guard’ for IT?

The U.S. is unprepared to recover quickly from a major cyberterrorism attack and might require government intervention to organize IT professionals, according to military emergency management officials at a security conference. Network World, 03/29/04.

Small businesses get alternative for SSL

Start-up enKoo is coming out with a low-cost remote-access appliance based on Secure Sockets Layer that might not have all the bells and whistles of other such gear, but does offer customers practical means for accessing important data. Network World, 03/29/04.

Microsoft program: ‘You patch, we pay’

Under a new program, Microsoft is paying for security assessments of its customers’ networks to help improve policies in areas such as software patch management and assuage fears about the security risks posed by Microsoft products. IDG News Service, 03/25/04.