* Patches from FreeBSD, Ethereal, Gentoo, others * Beware another variant of the Nachi virus * Netsky takes gold, silver and bronze in March, and other interesting reading Today’s bug patches and security alerts:Cisco warns of hacking toolkitCisco during the weekend warned customers about the public release of computer code that exploits multiple security vulnerabilities in Cisco products. IDG News Service, 03/29/04.https://www.nwfusion.com/news/2004/0329ciscohack.html?nl More from Cisco:https://www.nwfusion.com/go2/0329bug2a.html **********FreeBSD patches IPv6A flaw in the FreeBSD IPv6 implementation could be exploited to read portions of kernel memory without proper validation. For more, go to:https://www.nwfusion.com/go2/0329bug2b.html**********Ethereal patches available A flaw in the way certain protocols are handled by Ethereal could be exploited to crash the application or potentially run arbitrary code on the affected machine. For more, go to:Conectiva:https://www.nwfusion.com/go2/0329bug2c.htmlGentoo: https://forums.gentoo.org/viewtopic.php?t=154817Mandrake Linux:https://www.nwfusion.com/go2/0329bug2d.htmlRed Hat:https://rhn.redhat.com/errata/RHSA-2004-137.html**********Gentoo, Trustix release Apache patchAn Apache flaw could allow plain-text HTTP requests to be used in a denial-of-service attack against an SSL-enabled server. For more, go to:Gentoo:https://forums.gentoo.org/viewtopic.php?t=153486Trustix:https://www.nwfusion.com/go2/0329bug2e.html**********Squid update availableA flaw in the way Squid uses Access Control Lists to protect URLs could be exploited to bypass the protection and access the restricted URL. For more, go to:Gentoo:https://forums.gentoo.org/viewtopic.php?t=155641Mandrake Linux:https://www.nwfusion.com/go2/0329bug2f.htmlRed Hat:https://rhn.redhat.com/errata/RHSA-2004-134.html**********Trustix releases tcpdump updateA number of vulnerabilities in Trustix’s implementation of tcpdump have been fixed in a new release. Trustix is urging all users to download the update. For more, go to:https://www.nwfusion.com/go2/0329bug2g.html**********Conectiva issues fix for libxml2A flaw in the way libxml2 parses remote data retrieved using FTP or HTTP could be exploited to cause a buffer overflow. This in turn could be used to run arbitrary code on the affected machine. For more, go to:https://www.nwfusion.com/go2/0329bug2h.htmlConectiva patches OpenSSLConectiva has released an OpenSSL update that fixes a number of vulnerabilities in previous versions. For more, go to:https://www.nwfusion.com/go2/0329bug2i.html**********Heap overflow in MPlayerNot enough memory is allocated for the buffer that accepts a URL from the server when MPlayer makes a request. This could result in a heap overflow that could be exploited to run arbitrary code on the affected machine. For more, go to:https://www.mplayerhq.hu/homepage/design6/news.htmlGentoo patch:https://forums.gentoo.org/viewtopic.php?t=155680**********Debian patches pam-pgsqlA bug in the way user-supplied data is sent to a PostgreSQL database could be exploited to insert SQL statements. Debian has released a patch for the problem. For more, go to:https://www.debian.org/security/2004/dsa-469**********Conectiva, Gentoo patch Midnight CommanderA flaw in the way Midnight Commands (mc) handles certain symlinks could be exploited to execute code on the affected machine. An attacker would have to package the code in a .tar.gz or a cpio file and get the user to open it. For more, go to:Conectiva:https://www.nwfusion.com/go2/0329bug2j.htmlGentoo:https://forums.gentoo.org/viewtopic.php?t=155656**********Today’s roundup of virus alerts:Backdoor.Rybot – A backdoor Trojan accessible via IRC that logs keystrokes on the infected machine for later retrieval. (Sophos)W32/Agobot-FJ – A multi-threat Agobot variant. First the virus acts as a backdoor via IRC or open TCP ports. The virus also sniffs for certain network traffic looking for data and tried to steal software keys to popular PC games. It also attempts to shutdown a number of security-related applications that could be running on the infected machine. (Sophos)W32/Nachi-E – Yet another variant of the Nachi virus. This virus spreads to machines already infected with MyDoom-A by exploiting a number of known Windows vulnerabilities. If Nachi-E hits a machine with IIS installed, it attempts to overwrite all Web-related files in an effort to deface Web sites. (Sophos)**********From the interesting reading department:Gates e-mails security brain dump to customersMicrosoft Chairman and Chief Software Architect Bill Gates reached out to his company’s customers on Wednesday in an e-mail that detailed the company’s work to secure its software products. IDG News Service, 03/31/04.https://www.nwfusion.com/news/2004/0331gatesemai.html?nlNetsky takes gold, silver and bronze in MarchThe Netsky worm swept the competition for “top virus” in March, taking the first, second and third spots in anti-virus company Sophos PLC’s ranking for the month. IDG News Service, 03/31/04.https://www.nwfusion.com/news/2004/0331netsktakes.html?nlQ1 Labs revises security mgmt. systemQ1 Labs this week will announce upgraded software that is designed to let companies classify network security threats and prioritize alerts based on that data. Network World, 03/29/04.https://www.nwfusion.com/news/2004/0329q1.html?nlBradner: If it had teeth it might bite someoneThe National Cyber Security Partnership just released the first two of five planned reports concerning various aspects of cybersecurity. The reports are not all that bad, but I have a hard time not dismissing the whole effort as a cynical attempt to avoid facing up to reality. Network World, 03/29/04.https://www.nwfusion.com/columnists/2004/0329bradner.html?nlFederations are key to Internet securityCommon threats demand common defenses. E-mail-borne malware – such as viruses, spam and spyware – represents the most serious threat to the stability and security of the Internet-based global economy. The Internet won’t be truly safe for e-business until we have a governance structure that can effectively deal with these and other cyberthreats – specifically, a governance structure that is multinational, federated and self-policing. Network World, 03/29/04.https://www.nwfusion.com/columnists/2004/0329kobielus.html?nl Related content how-to Doing tricks on the Linux command line Linux tricks can make even the more complicated Linux commands easier, more fun and more rewarding. By Sandra Henry-Stocker Dec 08, 2023 5 mins Linux news TSMC bets on AI chips for revival of growth in semiconductor demand Executives at the chip manufacturer are still optimistic about the revenue potential of AI, as Nvidia and its partners say new GPUs have a lead time of up to 52 weeks. By Sam Reynolds Dec 08, 2023 3 mins CPUs and Processors Technology Industry news End of road for VMware’s end-user computing and security units: Broadcom Broadcom is refocusing VMWare on creating private and hybrid cloud environments for large enterprises and divesting its non-core assets. By Sam Reynolds Dec 08, 2023 3 mins Mergers and Acquisitions Industry news analysis IBM cloud service aims to deliver secure, multicloud connectivity IBM Hybrid Cloud Mesh is a multicloud networking service that includes IT discovery, security, monitoring and traffic-engineering capabilities. By Michael Cooney Dec 07, 2023 3 mins Network Security Network Security Network Security Podcasts Videos Resources Events NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe