* Patches from Mandrake Linux, Trustix, others * Beware variety of Rbot-V Trojans * Cisco details strategy for Catalyst Firewall Services Module and anti-DDoS gear, and other interesting reading Today’s bug patches and security alerts:Flaw in Linksys Wireless-G router?A post on the Bugtraq mailing list reports that the Web-based administration page for the popular Linksys WRT54G Wireless G router could still be available via ports 80 and 440 on the WAN connection even if that option is disabled. In addition to changing the default password (obviously), users can also get around this issue by forwarding ports 80 and 440 to non-existent hosts. For more, go to:https://www.nwfusion.com/go2/0531bug2a.html **********Vulnerability found in WildTangent WebDriver A buffer overflow has been found in WildTangent’s WebDriver, an interactive media plug-in for browsers. An attacker could exploit this by providing an long file name, which will trigger the buffer overflow, and potentially execute arbitrary commands on the affected machine. For more, go to:https://www.ngssoftware.com/advisories/wildtangent.txt**********Mandrake Linux, Trustix release Apache updatesNew updates for the popular Apache Web server are available. A stack overflow in the SSL/TLS extension module could be exploited if the Subject-DN in the client certificate exceeds 6KB in length. For more, go to:Mandrake Linux: https://www.nwfusion.com/go2/0531bug2b.htmlTrustix:https://www.trustix.org/errata/2004/0031********** Trustix issues Kerberos patchMultiple buffer overflows have been found in Kerberos’ krb5_aname_to_localname() library function. An attacker could exploit these to gain root access on the affected machine. For more, go to:https://www.trustix.org/errata/2004/0032**********Mandrake Linux patches mailmanA flaw in Mailman 2.1 and prior could allow third parties to retrieve member passwords from the affected server. Users should update to Version 2.1.5 to fix the problem. For more, go to:https://www.nwfusion.com/go2/0531bug2c.htmlMandrake Linux updates kolab-serverA flaw in kolab-server, the KDE Groupware server, could leave passwords (including root) stored in plain text. For more, go to:https://www.nwfusion.com/go2/0531bug2d.htmlMandrake Linux issues fix for xpcdA buffer overflow flaw has been found in xpcd, a PhotoCD viewer application. A fix is available:https://www.nwfusion.com/go2/0531bug2e.htmlMandrake Linux patches mod_sslAccording to Mandrake Linux, “A stack-based buffer overflow exists in the ssl_util_uuencode_binary function in ssl_engine_kernel.c in mod_ssl for Apache 1.3.x. When mod_ssl is configured to trust the issuing CA, a remote attacker may be able to execute arbitrary code via a client certificate with a long subject DN.” For more, go to:https://www.nwfusion.com/go2/0531bug2f.html**********Buffer overflow in FirebirdSecuriTeam is reporting a buffer overflow exists in the Firebird relational database. The flaw could be exploited in a denial-of-service attack or to potentially overwrite certain memory segments. For more, go to:https://www.securiteam.com/unixfocus/5AP0P0UCUO.html**********Today’s roundup of virus alerts:W32/Rbot-V – A backdoor Trojan that exploits weak passwords on network shares to spread. The virus that uses IRC to allow access by a third-party. It installs itself as “mssmgrd.exe” in the Windows System directory. (Sophos)W32/Rbot-X – Similar to Rbot-V above, except the installation file is called “MSlti32.exe”. (Sophos)W32/Rbot-Y – Again similar to Rbot-V and Rbot-X with two exceptions: First, it installs itself as “PIDSERV.EXE” in the Windows System Directory. Second it tries to delete certain common network share names from the infected machine. (Sophos)W32/Agobot-SG – What would an issue of this newsletter be without an Agobot variant? Like other variants, this virus spreads via network shares and tries to exploit the Windows RPC and DCOM vulnerabilities. It allows backdoor access via IRC and tries to terminate certain anti-virus applications running on the infected machine. (Sophos)W32/Dumaru-AK – The only information we have on this worm is that it spreads via e-mail and the Kazaa file-sharing network. (Sophos)**********From the interesting reading department:Cisco details strategy for Catalyst Firewall Services Module and anti-DDoS gearCisco Wednesday outlined its technology and pricing strategy for a new version of the Firewall Services Module that has so far been free for the Cisco Catalyst 6500 Series switches as a way to set up “virtual firewalls” at switching points. Network World Fusion, 06/02/04.https://www.nwfusion.com/news/2004/0602cisco.html?nlSun, Netegrity beef up identity offeringsSun next month will revamp its identity management software by consolidating its lineup of eight products into three offerings while integrating technology from its recent acquisition of provisioning vendor Waveset. Network World Fusion, 06/02/04.https://www.nwfusion.com/news/2004/0602sunnet.html?nlSecurity vendor says offshore development needs checksAn executive from Citadel Security Software pointed to offshore software development as one reason for security vulnerabilities in a hearing before a U.S. House Subcommittee Wednesday. IDG News Service, 06/02/04.https://www.nwfusion.com/news/2004/0602securvendo.html?nlOpinion: Microsoft’s actions speak louder than wordsSP2 is an important security upgrade to Windows XP, and I hope it is widely installed among licensed XP users. I also hope it is quickly pirated, so unlicensed XP users also can install it. For me to remain secure on the Internet, I need everyone to become more secure. And the more people who install SP2, the more we all benefit. Network World, 05/31/04.https://www.nwfusion.com/columnists/2004/0531schneier.html?nlNutter’s Help Desk: Looking for a simple but secure VPNI have a small construction company and live 35 miles from my office. What is the simplest, yet most secure method to use VPN technology to hook up to my office from home and vise versa? Network World, 05/31/04.https://www.nwfusion.com/columnists/2004/0531nutter.html?nlAttack of the bandwidth-hogging hackersSwiss security researchers have unearthed a flaw in wireless LAN systems that might be used by hackers to drastically increase their share of the available bandwidth at the expense of the other users. SecurityFocus.com, 06/02/04.https://www.securityfocus.com/news/8810Viruses up – or downFor years, anti-virus companies have failed to agree on a consistent scheme for naming viruses so it’s perhaps no great surprise they can’t agree on numbers either. Confused? You will be when you watch the latest episode of the anti-virus Soap opera. The Register, 06/01/04.https://www.theregister.co.uk/2004/06/01/virus_stats/ Related content news EU approves $1.3B in aid for cloud, edge computing New projects focus on areas including open source software to help connect edge services, and application interoperability. By Sascha Brodsky Dec 05, 2023 3 mins Technology Industry Technology Industry Technology Industry brandpost Sponsored by HPE Aruba Networking Bringing the data processing unit (DPU) revolution to your data center By Mark Berly, CTO Data Center Networking, HPE Aruba Networking Dec 04, 2023 4 mins Data Center feature 5 ways to boost server efficiency Right-sizing workloads, upgrading to newer servers, and managing power consumption can help enterprises reach their data center sustainability goals. By Maria Korolov Dec 04, 2023 9 mins Green IT Servers Data Center news Omdia: AI boosts server spending but unit sales still plunge A rush to build AI capacity using expensive coprocessors is jacking up the prices of servers, says research firm Omdia. By Andy Patrizio Dec 04, 2023 4 mins CPUs and Processors Generative AI Data Center Podcasts Videos Resources Events NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe