• United States

Apple releases Apache patch

Jun 16, 20033 mins

* Patches from Apple, SuSE, others * Beware latest e-mail worm that spreads via peer-to-peer networks * Fortinet adds intrusion detection platform, and other interesting reading

Today’s bug patches and security alerts:

Apple releases Apache patch

Apple has released an update for the Mac OS X implementation of the Apache Web server. As we reported earlier this month, another security hole was found in the Apache code. Version 2.0.46 is the latest update to patch all known vulnerabilities. For more, go to:


SuSE, Debian patch radiusd-cistron code

A buffer overflow flaw in SuSE and Debian’s implementation of radiusd-cistron, a RADIUS protocol, could be exploited to gain the privileges of the RADIUS server, usually root. A fix is available. For more, go to:




Debian reports DoS flaw in lyskom-server

A bug in the lyskom-server code for Debian could be exploited by a malicious user in a denial-of-service attack. By sending a large query, the attacker could cause the server to become unresponsive. For more, go to:

Debian releases new webmin package

A flaw in the Debian Web setup package (webmin) could allow unauthorized remote access to the applications. A fix is available. For more, go to:

Debian releases updated mikmod code

A buffer overflow exists when a long file name is used inside of an archive. Debian urges users to upgrade their mikmod code as soon as possible. For more, go to:


Today’s roundup of virus alerts:

W32/Nofer-A – An e-mail worm that mines target e-mail addresses from a number of sources on the infected machine. The virus infects executable files and attempts to spread via peer-to-peer networks. (Sophos)


From the interesting reading department:

Technology Insider: Storage security appliances

There’s no silver bullet when it comes to security. You’ve got to defend your network from all kinds of attacks using every means available. A new set of products has emerged that offers protection for stored data, as well as data in transit. Network World, 06/16/03.

AT&T pumps up managed security offerings

AT&T is beefing up its managed security services by offering users a wider variety of tools to keep their network and traffic safe. Network World, 06/16/03.

Fortinet adds intrusion detection platform

Fortinet is adding intrusion prevention software to its multifunction security platform, enabling customers to block a range of threats or suspected attacks. Network World Fusion, 06/16/03.

California man to plead guilty in Al-Jazeera hacks

A 24-year-old California man Monday will appear in court to answer charges that he hijacked the Internet domain of Arabic news service Al-Jazeera in March. IDG News Service, 06/12/03.