Bevy of Linux updates

Today’s bug patches and security alerts:

Red Hat issues patch for KDE

A flaw in KDE’s SSL implementation has been found Versions 2.2.2 and earlier. Users of this software could be vulnerable to “man-in-the-middle attacks.” A fix is available. For more, go to:

https://rhn.redhat.com/errata/RHSA-2003-192.html

Red Hat releases update hanterm packages

The hanterm terminal emulator for Red Hat’s X Window System could be exploited to trick an unsuspecting user into running arbitrary commands on the affected machine. For more, go to:

https://rhn.redhat.com/errata/RHSA-2003-070.html

**********

SuSE releases patch for CUPS flaw

A flaw in CUPS, a print spooler, for Linux and Unix could be exploited in a denial-of-service flaw against the affected machine. For more, go to:

https://lists2.suse.com/archive/suse-security-announce/2003-Jun/0001.html

SuSE patches flaw in pptpd

An integer buffer overflow in pptpd’s read() call could be exploited by a malicious user to gain root privileges on the affected machine. For more, go to:

https://lists2.suse.com/archive/suse-security-announce/2003-Jun/0002.html

**********

Mandrake Linux updates kon2

A buffer overflow in kon2, a Kanji emulator for the console, could be exploited by a malicious user to gain root access on the affected system. For more, go to:

https://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:064

**********

Immunix issues patch for LPRng

An attacker could use a symbolic link attack to exploit insecure files created by LPRng’s psbanner, used to creat PostScript banner pages. Exploiting the attack could allow the user to write arbitrary files with the privileges of lp. Download the patch from:

https://download.immunix.org/ImmunixOS/7+/Updates/RPMS/LPRng-3.6.24-2_imnx_1.i386.rpm

**********

Debian warns of buffer overflow in eterm

A buffer overflow vulnerability in eterm could be exploited by a malicious user to gain the privileges of the “utmp” group on the affected system. For more, go to:

https://www.debian.org/security/2003/dsa-309

Debian patches gzip

According to an alert from Debian, “znew, a script included in the gzip package, creates its temporary files without taking precautions to avoid a symlink attack.” For more, go to:

https://www.debian.org/security/2003/dsa-308

**********

Today’s roundup of virus alerts:

Bugbear.B still seems to be infecting machines worldwide. Panda Software has issued a free disinfecting tool to help clean your system of the virus:

https://updates.pandasoftware.com/pq/gen/bugbearb/pqremove.com

W32/Mofei-A – A Windows virus that spreads via network shares and users a Trojan horse to open a backdoor to the infected machine. (Sophos)

Dial/PecDial-B – As described by Sophos, this is a “premium rate porn dialler which runs in the background as a service process.” (Sophos)

Redisto.B – A virus that spreads via e-mail and peer-to-peer file sharing networks. It stops all running processes on the infected machine and collects sensitive information and mails it to various addresses. (Panda Software)

**********

From the interesting reading department:

Survey: Security cuts both ways on IT plans

Security concerns are causing network executives to accelerate some technology deployment plans and put the brakes on others, according to the 10th annual Network World 500 survey. Network World, 06/09/03.

https://www.nwfusion.com/news/2003/0609nw500.html

IT execs share security concerns

Insider threats from employees and trading partners, interconnected networks with no clear boundaries, and the potential for terrorist cyberattacks against corporate networks are among the top worries for technology managers, according to those attending the Gartner IT Security Summit last week. Network World, 06/09/03.

https://www.nwfusion.com/news/2003/0609gartner.html

BigFix adds admin, bandwidth controls to patch mgmt.

Focusing on the near-Herculean task network executives face in keeping patches current on their Microsoft, Macintosh and Linux software, BigFix last week introduced tools to help with the heavy lifting. Network World, 06/09/03.

https://www.nwfusion.com/news/2003/0609bigfix.html

Patch mgmt. mess gets Microsoft’s attention

Microsoft will eliminate six of its patch management tools by year-end, according to the company’s chief security strategist. Network World, 06/09/03.

https://www.nwfusion.com/news/2003/0609teched2.html

Security box vendors set to square off at CeBit show

We’ll be examining the pros and cons of security boxes – among other issues – at Network World’s Security Showdown next week in New York at the CeBit America conference, a new spinoff of the huge CeBit show held annually in Germany. Panel participants will include representatives from Cisco, Network Associates, Nokia and Symantec, who will quiz each other about security appliances. Network World, 06/09/03.

https://www.nwfusion.com/news/2003/0609appliances.html

Homeland Security creates cybersecurity division

The U.S. Department of Homeland Security has launched a cybersecurity center, but not all cybersecurity experts welcomed the move of the former White House cybersecurity office to a division at DHS. IDG News Service, 06/06/03.

https://www.nwfusion.com/news/2003/0606homelsecur2.html