• United States

Cisco, Microsoft patch again

Jul 31, 20034 mins

* Patches from Cisco, Microsoft, Red Hat, others * Beware latest variant of Gruel virus family * Kentucky state auditor says hackers infiltrated agency network, and other interesting reading

Today’s bug patches and security alerts:

Cisco patches Aironet wireless vulnerabilities

Network hardware giant Cisco released a software patch and warned customers on Monday about two security holes that affect some editions of the Aironet wireless access point. IDG News Service, 07/29/03.

Get the Cisco patch:


Microsoft fixing another faulty patch

Microsoft Tuesday acknowledged that a recent security patch is causing problems on machines running the Windows NT 4.0 operating system. IDG News Service, 07/30/03.

Patch in question:


Red Hat releases updated openssh packages

A flaw in the openssh PAM authentication module could be exploited to determine if an account name is valid or not. An attacker could use this information to narrow the focus of an attack against a target machine. For more, go to:

Red Hat patches semi

Semi, a MIME library for emacs, contains a vulnerability in the way it utilizes temporary files. This could be exploited to run arbitrary code on the affected machine. For more, go to:


SGI patches IRIX nsd

A vulnerability in the name services daemon (nsd) for SGI IRIX could be exploited to gain root access on the affected machine. A fix is available. For more, go to:


Conectiva issues Apache patch

A denial-of-service vulnerability in the Apache Web server code for Conectiva has been fixed as well as a few other minor bugs. For more, go to:

Conectiva patches mnogosearch buffer overflow

A pair of buffer overflow vulnerabilities have been found in Conectiva’s mnogosearch. Both flaws could be exploited to run arbitrary commands on the affected Web server. For more, go to:


SCO releases Samba update for OpenServer

SCO has patched a flaw in the Samba implementation for OpenServer that could be exploited by an anonymous user to gain root privileges. For more, go to:


Today’s roundup of virus alerts:

W32/Gruel-M – Yet another variant of the Gruel virus family. Spreads via e-mail disguised as a virus alert notice and can change passwords and lock the infected system. (Sophos)

W32/Cidu-A – This virus, written in Delphi, attempts to overwrite .exe files on the infected machine, open the CD tray, disable the task bar and replace desktop icons. (Sophos)

W32/Randon-R – A network worm that exploits weak or non-existent passwords on network shares to spread. The virus drops a number of files on the infected machine. (Sophos)


From the interesting reading department:

Kentucky state auditor says hackers infiltrated agency network

Hackers, apparently from outside the U.S., have made one Kentucky state agency’s computer network their old Kentucky home, according to Kentucky’s state auditor. Network World Fusion, 07/30/03.

Exploit code posted for Windows hole

Several independent coding groups have posted code on the Internet that can allow hackers to exploit a previously disclosed vulnerability in Microsoft’s Windows operating system. IDG News Service, 07/28/03.

Related ISS utility:

Dell’s Axim patch delayed

Dell missed a self-imposed deadline to post a fix on its support Web site for the performance problems that have plagued the Windows Mobile 2003 versions of its Axim handheld. The company had quietly posted an FTP link to the patch Wednesday, but pulled that file after some users were able to discover a way to upgrade their Pocket PC 2002 operating systems without a license, a Dell spokeswoman said. IDG News Service, 07/30/03.

Secure Computing buys content-filter company

Secure Computing Tuesday announced it has agreed to acquire Seattle-based N2H2, a maker of Web-based content-filtering products Bess and Sentian, which can be integrated with Cisco firewalls and the Cisco Content Engine. Network World Fusion, 07/29/03.