* Patches from Red Hat, Conectiva, others * Beware e-mails with the subject line: "El fin se puede hackear a hotmail!!" * Report: Bugbear, Sobig top viruses so far in 2003, and other interesting reading Happy Fourth of July!Watch out for a potential Web site defacement spree this weekend:ISS warns of coordinated attackAn international hacking contest scheduled to begin this weekend could cause headaches for organizations worldwide and disrupt the Internet, according to a warning from Internet Security Systems (ISS). IDG News Service, 07/02/03. https://www.nwfusion.com/news/2003/0702isswarns.htmlToday’s bug patches and security alerts: Red Hat releases Ethereal patchA number of flaws have been found in Ethereal, a network monitoring tool. Some of these flaws could be exploited to run arbitrary code on an affected machine. For more, go to:https://rhn.redhat.com/errata/RHSA-2003-203.htmlRed Hat releases update for PHPA number of enhancements and bug fixes are in this latest version of PHP. One minor security bug that could be exploited in a cross-scripting attack is also patched. For more, go to:https://rhn.redhat.com/errata/RHSA-2003-204.html Unzip flaw patched by Red HatA flaw in Version 5.50 and earlier of unzip could allow arbitrary files to be overwritten. This could allow malicious code to be placed on the affected machine. For more, go to:https://rhn.redhat.com/errata/RHSA-2003-199.htmlBug in Red Hat GNOME fixed A flaw in GNOME’s Panel Notification Area applet causes the application to crash whenever a user logs on. This problem has been fixed. For more, go to:https://rhn.redhat.com/errata/RHBA-2003-219.html**********Conectiva patches kdeA flaw in the way kde, a graphical user environment for Linux, calls the ghostview application for viewing PS and PDF files could be exploited to run arbitrary commands on the affected machine. For more, go to:https://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000668**********Password flaw in Debian’s mantisAccording to an alert from debian, “mantis, a PHP/MySQL Web based bug tracking system, stores the password used to access its database in a configuration file which is world-readable. This could allow a local attacker to read the password and gain read/write access to the database.” For more, go to:https://www.debian.org/security/2003/dsa-335Debian issues fix for imagemagickAccording to an alert from Debian, “imagemagick’s libmagick library, under certain circumstances, creates temporary files without taking appropriate security precautions. This vulnerability could be exploited by a local user to create or overwrite files with the privileges of another user who is invoking a program using this library.” For more, go to:https://www.debian.org/security/2003/dsa-331Debian releases fix for acmThe multi-player aerial combat game acm calls an RPC library that contains an integer overflow vulnerability. The flaw could be exploited to run arbitrary code on the affected machine. For more, go to:https://www.debian.org/security/2003/dsa-333Debian patches flaw in xgalagaA buffer overflow in xgalaga, a game, could be exploited by a long Home variable to gain the privileges of ‘games’. For more, go to:https://www.debian.org/security/2003/dsa-334**********Today’s roundup of virus alerts:W32/Sluter-A – Another one of those worms that scans port 445 looking for open C$ and Admin$ shares. (Sophos)W32/Colevo-A – This virus spreads to MSN Messenger contacts using an e-mail message entitled “El fin se puede hackear a hotmail!!” and an attachment called “hotmailpass.exe”. The virus leaves a backdoor open for attackers to gain access to the infected machine. (Sophos)**********From the interesting reading department:Hacker who threatened Bloomberg gets prisonA Kazakh citizen Tuesday was sentenced to more than four years in prison for hacking into Bloomberg L.P.’s computer system in an attempt to extort $200,000 from the business news service and its founder, Michael Bloomberg, now New York City’s mayor. Boston.com, 07/01/03.https://www.boston.com/news/daily/01/bloomberg_hack.htmReport: Bugbear, Sobig top viruses so far in 2003The Bugbear and Sobig viruses top a list of the most frequently occurring viruses of 2003, according to a report put out by antivirus company Sophos PLC. IDG News Service, 07/01/03.https://www.nwfusion.com/news/2003/0701reporbugbe.html Related content how-to Doing tricks on the Linux command line Linux tricks can make even the more complicated Linux commands easier, more fun and more rewarding. By Sandra Henry-Stocker Dec 08, 2023 5 mins Linux news TSMC bets on AI chips for revival of growth in semiconductor demand Executives at the chip manufacturer are still optimistic about the revenue potential of AI, as Nvidia and its partners say new GPUs have a lead time of up to 52 weeks. By Sam Reynolds Dec 08, 2023 3 mins CPUs and Processors CPUs and Processors Technology Industry news End of road for VMware’s end-user computing and security units: Broadcom Broadcom is refocusing VMWare on creating private and hybrid cloud environments for large enterprises and divesting its non-core assets. By Sam Reynolds Dec 08, 2023 3 mins Mergers and Acquisitions Industry news analysis IBM cloud service aims to deliver secure, multicloud connectivity IBM Hybrid Cloud Mesh is a multicloud networking service that includes IT discovery, security, monitoring and traffic-engineering capabilities. By Michael Cooney Dec 07, 2023 3 mins Network Security Network Security Network Security Podcasts Videos Resources Events NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe