Catching up with SCO

Today’s bug patches and security alerts:

Depending on your allegiances, SCO is either revered or hated for its legal actions regarding Linux. In either case, the company’s Web site had been down for a while, falling to a massive denial-of-service attack. It seems to be stable again, so we’ve got a slew of updates from the company to catch up on:

Slocate on OpenLinux

A heap overflow in slocate could be exploited by a local user to gain elevated privileges on the affected machine.

ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2004-001.0.txt

mpg123 on OpenLinux

Version 0.59r of the mpg123 media player contains a flaw that could be exploited in a denial-of-service attack or to run arbitrary code on the affected machine via an MP3 file of zero bytes.

ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2004-002.0.txt

Bind for OpenLinux

A poisoned cache in Bind could be exploited in a denial-of-service attack against affected sites.

ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2004-003.0.txt

Fetchmail 6.2.4 and earlier for OpenLinux

Fetchmail 6.2.4 and earlier does not properly allocate memory for certain log entries. This could be exploited to cause a denial of service.

ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2004-004.0.txt

Saned on OpenLinux

Multiple vulnerabilities have been found in the saned daemon, most could be exploited in a denial-of-service attack.

ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2004-005.0.txt

Perl Safe.pm for OpenLinux and UnixWare

The “safe” compartment for Perl allows code to run without access to outside variables. A flaw in the Perl Safe.pm code allows code to run outside the specified boundaries.

OpenLinux:

ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2004-007.0.txt

UnixWare:

ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.1

Fileutils for OpenLinx

An integer overflow in the fileutils package for OpenLinux could be exploited in a denial-of-service attack.

ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2004-006.0.txt

Rsync on OpenLinux

A heap overflow in versions of rsync prior to 2.5.7 could be exploited to execute arbitrary commands on the affected machine.

ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2004-010.0.txt

Screen for OpenLinux

An “integer signedness error” in screen could be exploited locally to run execute arbitrary code.

ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2004-011.0.txt

CUPS for OpenLinux

A flaw in the Internet Printing Protocol used by CUPS could be exploited in a denial-of-service attack.

ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2004-012.0.txt

Mutt on OpenLinux

A buffer overflow in mutt 1.4.1 and earlier could be exploited in a denial-of-service attack or to potentially execute arbitrary code on the affected machine.

ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2004-013.0.txt

Gnupg for OpenLinux

A flaw in the way ElGamal sign+encrypt keys are used in Gnupg could allow a malicious user to determine a private key from a signature.

ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2004-009.0.txt

Midnight Commands (mc) for OpenLinux

A stack-based buffer overflow could allow a remote attacker to run arbitrary code via a symlink attack.

ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2004-014.0.txt

Util-linux on OpenLinux

According to SCO, “The login program in util-linux 2.11 and earlier uses a pointer after it has been freed and reallocated, which could cause login to leak sensitive data.”

ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2004-016.0.txt

Vim on OpenLinux

A flaw in Vim could allow attackers to run arbitrary commands using the libcall feature in modelines.

ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2004-015.0.txt

**********

Today’s roundup of virus alerts:

W32/Sober-F – Another variant of the mass mailer worm that harvests potential target e-mail address from a range of files on the infected machine. The virus also uses Notepad to display a faked message mail transaction error message when it firsts infects a machine. (Sophos)

Troj/Adtoda-A – A virus that displays two error messages on its intended target then installs itself. The screen content are inverted and the operating system is frozen by the virus. (Sophos)

The top 12 reported viruses in March, according to Central Command:

1. Worm/Netsky.D

2. Worm/Netsky.B

3. Worm/Netsky.P

4. Worm/Netsky.C

5. Worm/MyDoom.F

6. Worm/MyDoom.A

7. Worm/Bagle.J

8. Worm/Netsky.K

9. Worm/Netsky.Q

10. Worm/Sober.D

11. Worm/Netsky.A

12. Worm/MyDoom.G

**********

From the interesting reading department:

Security tools target inside jobs

For a decade, corporations have erected perimeter defenses to keep Internet attackers at bay. Now IT managers are under pressure to deal with an even bigger challenge: keeping insiders from using the Internet to leak valuable business data. Network World, 04/05/04.

https://www.nwfusion.com/news/2004/0405insideout.html?nl

XP fix previews impact of a more secure Windows

Companies testing XP SP2 say users will have to change the way they develop applications and build networks to compensate for the security changes Microsoft is making to its desktop and server operating systems. Network World, 04/05/04.

https://www.nwfusion.com/news/2004/0405winxp.html?nl

Review: Inkra Networks’ 1518TX Virtual Service Switch

The devil’s in the details of this virtual security switch. Network World, 04/05/04.

https://www.nwfusion.com/reviews/2004/0405rev.html?nl

Management strategies: Securing mobile assets

Policies are key in procuring and tracking wireless devices throughout your company. Network World, 04/05/04.

https://www.nwfusion.com/careers/2004/0405man.html?nl

Schools rethink network security

Computer worms and viruses continue to besiege colleges and universities, which are responding with a range of network security improvements. Network World, 04/05/04.

https://www.nwfusion.com/news/2004/0405appscampus.html?nl

Feeling vulnerable? Try assessment tools

Come June, high-volume merchants and payment processors that do business on the Web and want to work with MasterCard International had better be conducting quarterly vulnerability assessments of their Web sites. MasterCard warned last fall that it won’t do business with them otherwise. Network World, 04/05/04.

https://www.nwfusion.com/news/2004/0405specialfocus.html?nl

Human error blamed for most security breaches

People making mistakes are the major source of security breaches. Eight-four per cent of organisations quizzed in a survey out today blamed human error “either wholly or in part” for their last major security breach. Last year, human error was cited as the cause of 63 per cent of security breaches. The Register, 03/31/04.

https://www.theregister.co.uk/content/55/36706.html

Cybersecurity group releases recommendations

A computer industry task force that includes representatives from Microsoft and Computer Associates issued its first round of recommendations on Thursday for improving software security, including a role for the U.S. government in supporting creation of secure software products. IDG News Service, 04/01/04.

https://www.nwfusion.com/news/2004/0401cybergroup2.html?nl