Microsoft Office and Gentoo Linux bug fixes

Today’s bug patches and security alerts:

Microsoft issues Office security warnings

Microsoft Wednesday warned of several flaws in its ubiquitous Office products, the most serious of which could allow an attacker to take control of a user’s computer. IDG News Service, 09/04/03.

Story:

https://www.nwfusion.com/news/2003/0904microissue.html

Related Microsoft advisories:

Flaw in NetBIOS could lead to information disclosure:

https://www.microsoft.com/technet/security/bulletin/MS03-034.asp

Flaw in Microsoft Word could enable macros to run:

https://www.microsoft.com/technet/security/bulletin/MS03-035.asp

Buffer overrun in WordPerfect converter could allow code execution:

https://www.microsoft.com/technet/security/bulletin/MS03-036.asp

Flaw in Visual Basic for Applications could allow arbitrary code execution:

https://www.microsoft.com/technet/security/bulletin/MS03-037.asp

Unchecked buffer in Microsoft Access Snapshot Viewer could allow code execution:

https://www.microsoft.com/technet/security/bulletin/MS03-038.asp

**********

Red Hat issues new Apache httpd packages

A couple of vulnerabilities in the Apache Web server code for Red Hat Linux have been patched. One flaw in an optional module may result in cipher suite restrictions being ignored. Another flaw could be exploited in a denial-of-service attack against the affected server. For more, go to:

https://rhn.redhat.com/errata/RHSA-2003-240.html

**********

Gentoo patches pam_smb

A vulnerability in the pam-smb module for Red Hat could be exploited by a malicious user to execute arbitrary code with the privileges of the application requesting PAM authentication. For more, go to:

https://forums.gentoo.org/viewtopic.php?t=79856

Gentoo releases horde fix

An attacker could exploit a flaw in the horde mail transfer agent (MTA) to trick a user into visiting a certain site. For more, go to:

https://forums.gentoo.org/viewtopic.php?t=79903

Gentoo fixes flaw in eRoaster

A flaw in the way eRoaster, a CD burning application, uses temporary files could be exploited by a malicious user to run arbitrary code with the privileges of the eRoaster user. For more, go to:

https://forums.gentoo.org/viewtopic.php?t=80178

Gentoo releases new version of phpwebsite

A number of vulnerabilities have been found in Gentoo’s phpwebsite package, one of which could be exploited to allow an attacker to run SQL queries on the affected machine. For more, go to:

https://forums.gentoo.org/viewtopic.php?t=80177

Gentoo patches gallery

According to an alert from Gentoo, “A cross-site scripting (XSS) vulnerability in search.php of Gallery 1.1 through 1.3.4 allows remote attackers to insert arbitrary web script via the search string parameter.” For more, go to:

https://forums.gentoo.org/viewtopic.php?t=80212

**********

Mandrake Linux patches gkrellm

Arbitrary code execution is possible if an attacker exploits a buffer overflow found in gkrellm, the server component of the gkrellm monitor package. Versions of gkrellm 2.1.x prior to 2.1.14 are vulnerable. For more, go to:

https://www.nwfusion.com/go2/0901bug2a.html

Mandrake Linux releases updated pam_ldap module

A flaw in the pam_ldap 162 for Mandrake Linux results in users not being properly authenticated. Any user could get past the authentication mechanism in certain cases. For more, go to:

https://www.nwfusion.com/go2/0901bug2b.html

**********

Today’s roundup of virus alerts:

Troj/JSurf-A – A Trojan horse that exploits a previously patched flaw in Internet Explorer. The virus arrives in an HTML e-mail and attempts to download code from a remote site. (Sophos)

W32/Quaters-A – This virus spreads via e-mail and IRC channels and comes with a message to British Prime Minister Tony Blair. The virus attempts a denial of service against a British government Web site and terminates security-related applications on the infected machine. (Sophos)

XM97/Phone-B – An Excel macro virus with a bunch of junk routines, according to Sophos. (Sophos)

W32/Cailont-B – A Windows virus that spreads via e-mail and drops several files on the infected machine. No word on the damage it causes. (Sophos)

**********

From the interesting reading department:

Romanian nabbed for launching Blaster-F

A 24 year-old Romanian student has been arrested for authoring another variant of the Blaster Internet worm, according to a statement released by Softwin SRL, a computer security company based in Bucharest, Romania. IDG News Service, 09/03/03.

https://www.nwfusion.com/news/2003/0903romannabbe.html

Congress considers cybersecurity legislation

As the U.S. Congress reconvenes this week after a month-long break, legislation imposing cybersecurity requirements on private industry, including a proposal that would require public companies to report their cybersecurity efforts, may be on the way. IDG News Service, 09/04/03.

https://www.nwfusion.com/news/2003/0904congrconsi2.html