• United States

Flaw in Linksys Wireless-G router?

Jun 03, 20046 mins

* Patches from Mandrake Linux, Trustix, others * Beware variety of Rbot-V Trojans * Cisco details strategy for Catalyst Firewall Services Module and anti-DDoS gear, and other interesting reading

Today’s bug patches and security alerts:

Flaw in Linksys Wireless-G router?

A post on the Bugtraq mailing list reports that the Web-based administration page for the popular Linksys WRT54G Wireless G router could still be available via ports 80 and 440 on the WAN connection even if that option is disabled. In addition to changing the default password (obviously), users can also get around this issue by forwarding ports 80 and 440 to non-existent hosts. For more, go to:


Vulnerability found in WildTangent WebDriver

A buffer overflow has been found in WildTangent’s WebDriver, an interactive media plug-in for browsers. An attacker could exploit this by providing an long file name, which will trigger the buffer overflow, and potentially execute arbitrary commands on the affected machine. For more, go to:


Mandrake Linux, Trustix release Apache updates

New updates for the popular Apache Web server are available. A stack overflow in the SSL/TLS extension module could be exploited if the Subject-DN in the client certificate exceeds 6KB in length. For more, go to:

Mandrake Linux:

Trustix issues Kerberos patch

Multiple buffer overflows have been found in Kerberos’ krb5_aname_to_localname() library function. An attacker could exploit these to gain root access on the affected machine. For more, go to:


Mandrake Linux patches mailman

A flaw in Mailman 2.1 and prior could allow third parties to retrieve member passwords from the affected server. Users should update to Version 2.1.5 to fix the problem. For more, go to:

Mandrake Linux updates kolab-server

A flaw in kolab-server, the KDE Groupware server, could leave passwords (including root) stored in plain text. For more, go to:

Mandrake Linux issues fix for xpcd

A buffer overflow flaw has been found in xpcd, a PhotoCD viewer application. A fix is available:

Mandrake Linux patches mod_ssl

According to Mandrake Linux, “A stack-based buffer overflow exists in the ssl_util_uuencode_binary function in ssl_engine_kernel.c in mod_ssl for Apache 1.3.x.  When  mod_ssl is configured to trust the issuing CA, a remote attacker may be  able to execute arbitrary code via a client certificate with a long  subject DN.” For more, go to:


Buffer overflow in Firebird

SecuriTeam is reporting a buffer overflow exists in the Firebird relational database. The flaw could be exploited in a denial-of-service attack or to potentially overwrite certain memory segments. For more, go to:


Today’s roundup of virus alerts:

W32/Rbot-V – A backdoor Trojan that exploits weak passwords on network shares to spread. The virus that uses IRC to allow access by a third-party. It installs itself as “mssmgrd.exe” in the Windows System directory. (Sophos)

W32/Rbot-X – Similar to Rbot-V above, except the installation file is called “MSlti32.exe”. (Sophos)

W32/Rbot-Y – Again similar to Rbot-V and Rbot-X with two exceptions: First, it installs itself as “PIDSERV.EXE” in the Windows System Directory. Second it tries to delete certain common network share names from the infected machine. (Sophos)

W32/Agobot-SG – What would an issue of this newsletter be without an Agobot variant? Like other variants, this virus spreads via network shares and tries to exploit the Windows RPC and DCOM vulnerabilities. It allows backdoor access via IRC and tries to terminate certain anti-virus applications running on the infected machine. (Sophos)

W32/Dumaru-AK – The only information we have on this worm is that it spreads via e-mail and the Kazaa file-sharing network. (Sophos)


From the interesting reading department:

Cisco details strategy for Catalyst Firewall Services Module and anti-DDoS gear

Cisco Wednesday outlined its technology and pricing strategy for a new version of the Firewall Services Module that has so far been free for the Cisco Catalyst 6500 Series switches as a way to set up “virtual firewalls” at switching points. Network World Fusion, 06/02/04.

Sun, Netegrity beef up identity offerings

Sun next month will revamp its identity management software by consolidating its lineup of eight products into three offerings while integrating technology from its recent acquisition of provisioning vendor Waveset. Network World Fusion, 06/02/04.

Security vendor says offshore development needs checks

An executive from Citadel Security Software pointed to offshore software development as one reason for security vulnerabilities in a hearing before a U.S. House Subcommittee Wednesday. IDG News Service, 06/02/04.

Opinion: Microsoft’s actions speak louder than words

SP2 is an important security upgrade to Windows XP, and I hope it is widely installed among licensed XP users. I also hope it is quickly pirated, so unlicensed XP users also can install it. For me to remain secure on the Internet, I need everyone to become more secure. And the more people who install SP2, the more we all benefit. Network World, 05/31/04.

Nutter’s Help Desk:  Looking for a simple but secure VPN

I have a small construction company and live 35 miles from my office.  What is the simplest, yet most secure method to use VPN  technology to hook up to my office from home and vise versa? Network World, 05/31/04.

Attack of the bandwidth-hogging hackers

Swiss security researchers have unearthed a flaw in wireless LAN systems that might be used by hackers to drastically increase their share of the available bandwidth at the expense of the other users., 06/02/04.

Viruses up – or down

For years, anti-virus companies have failed to agree on a consistent scheme for naming viruses so it’s perhaps no great surprise they can’t agree on numbers either. Confused? You will be when you watch the latest episode of the anti-virus Soap opera. The Register, 06/01/04.