Vulnerability in Yahoo Audio Conferencing

Today’s bug patches and security alerts:

Vulnerability in Yahoo Audio Conferencing

According to an alert from Yahoo, “It may be possible for a remote attacker who can get a [Yahoo Audio Conferencing] user to view malicious html code, most likely executed by getting a user to visit their Web page, to cause the user to be involuntarily logged out of chat, crash the user’s browser, or potentially introduce executable code. To our knowledge, there have not been any executable code exploits related to this issue.” Users should upgrade to Version 1,0,0,45. For more, go to:

https://messenger.yahoo.com/messenger/security

**********

Red Hat patches ghostscript

Versions of ghostscript prior to 7.07

A flaw in ghostscript, an interpreter for the PostScript language, could be exploited to run arbitrary commands on the affected machine. For more, go to:

https://rhn.redhat.com/errata/RHSA-2003-181.html

**********

Microsoft revises two security bulletins

Microsoft Wednesday updated security bulletins, fixing two recent software patches. The updates were for MS03-007, which was originally released in March, and MS03-013, originally released in April. MS03-007 patched a serious vulnerability in a common Windows component, “ntdll.dll.” The vulnerability, which affected a component used by the World Wide Web Distributed Authoring and Versioning (WebDAV) protocol, gave attackers the ability to remotely exploit vulnerable servers using specially formed HTTP requests. IDG News Service, 05/29/03.

https://www.nwfusion.com/news/2003/0529microrevis.html

**********

Slackware, Mandrake Linux patch CUPS vulnerability

A flaw in CUPS, a print spooler, for Linux and Unix could be exploited in a denial-of-service flaw against the affected machine. For more, go to:

Slackware:

https://www.slackware.com/security/viewer.php?l=slackware-security&y=2003&m=slackware-security.350709

Mandrake Linux:

https://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:062

**********

Today’s roundup of virus alerts:

W32/Sobig-C – Another mass-mailing worm that also spreads via network shares. The e-mail version of the worm spreads via a message from “bill@microsoft.com“. (Sophos, Symantec)

W32/Naco.B – A Trojan horse that could allow an attacker to open and close the CD-ROM drive door and switch mouse button functions (that’s annoying!). It also disables various security-related applications and send information about the infected machine to an e-mail address. (Panda Software)

W32/Holar.H – A mass-mailer worm that spreads with a message from “Dispatch@McAfee.com.” Random subject lines and body texts are used. (Panda Software)

W32/Auric – Another worm that disables antivirus applications and causes annoyances to the user, like making it difficult to move the mouse to a toolbar and changing colors of the various windows. (Panda Software)

W32/Magold-A – Another nasty worm that spreads via all the usual channels and attempts to delete certain image file types. It also changes window colors and randomly opens the CD-ROM tray. (Sophos)

JS/Fortnight-D – A JavaScript/Java Applet virus that spreads via e-mail and drops another Trojan horse app on it. (Sophos)

**********

From the interesting reading department:

RSA Security teaming with Thor Technologies

RSA Security and Thor Technologies Monday announced a partnership agreement under which the two will work closely to integrate their products. Jason Lewis, director of product management at RSA, said the goal is to integrate RSA’s ClearTrust authentication and access management software with Thor’s Xellerate provisioning software by the third quarter of this year. Under the agreement, RSA will be allowed to ship RSA ClearTrust with some of Thor’s basic provisioning capabilities, such as self-service, self-registration, resetting passwords and profile updates, Lewis said. Network World Fusion, 06/02/03.

https://www.nwfusion.com/news/2003/0602rsathor.html

DISA fortifying military’s IT defenses

The Defense Information Systems Agency, which provides the military with technical help on software and telecom projects around the world, is taking new steps to improve network security at bases and in the field. Network World, 06/02/03.

https://www.nwfusion.com/news/2003/0602disa.html

Sourcefire ignites scanning effort

In a departure from developing intrusion-detection systems, Sourcefire this week divulged plans to build a network-discovery tool that will let users monitor system resources such as servers, desktop computers and applications. Network World, 06/02/03.

https://www.nwfusion.com/news/2003/0602sourcefire.html

ISS hatches ‘virtual patching’ mgmt. plan

Internet Security Systems is readying technology it says could benefit companies fed up with current patch management techniques. Network World, 06/02/03.

https://www.nwfusion.com/news/2003/0602iss.html