• United States
News Editor

@Stake axes employee over critical Microsoft report

Sep 29, 20035 mins

* Patches from Conectiva, Red Hat, others * Beware another worm disguised as a Microsoft-issued patch * Worms sent via IM pose serious, growing threat, and other interesting reading

Report: Widespread use of Microsoft software poses security risk

Whatever Microsoft’s strengths or failings as a developer of reliable software, the mere existence of an operating-system monopoly is a critical security risk, argues a report released Wednesday at a Computer & Communications Industry Association (CCIA) gathering in Washington, D.C. IDG News Service, 09/24/03.

Read the report:

And about the report’s fallout at @Stake:

Today’s bug patches and security alerts:

Conectiva patches PHP4

Conectiva has released Version 4.3.3[2] of PHP4, the popular Web scripting language, that fixes an integer overflow and a number of smaller bugs and defects. For more, go to:


Red Hat patches gnome-pilot

A minor bug was discovered in a previous release of gnome-pilot, a tool for configuring PDA synchronization. A new version is available:

Red Hat updates ucd-snmp package

A flaw in previous versions of ucd-snmp broke the memory reporting capabilities of the network management tool. A new version is available that fixes the problem:

New rhpl package from Red Hat

A flaw in rhpl, a package used by the Red Hat configuration module, could cause a system to run out of file descriptors. A fix is available:


EnGarde patches WebTool flaw

A bug in EnGarde’s WebTool application, which allows users to generate SSH keys, could be exploited to steal passphrases. EnGarde recommends users upgrade as soon as possible. For more, go to:


LanSuite 2003 bugs patched

Two vulnerabilities have been found in 602Pro’s LanSuite 2003, a SMPT/POP3 e-mail system. One flaw could be used to view users information (mailbox number, message ID, et al) while another could be exploited to view any file on the affected machine. A patch is available here:


OpenPKG, Mandrake Linux patch proftpd

A bug in the way ProFTPD handles ASCII translations could be exploited by a remote user to gain root shell privileges. This could allow the attacker to have complete control over the affected machine. For more, go to:


Mandrake Linux:


Debian releases new marbles package

According to an alert from Debian, “Steve Kemp discovered a buffer overflow in marbles, when processing the HOME environment variable.  This vulnerability could be exploited by a local user to gain gid ‘games’.” For more, go to:


DoS flaw in SGI’s dced

A denial-of-service vulnerability has been found in SGI’s DCE daemon (dced). According to SGI, certain Microsoft RPC scanning can cause dced to abort, creating the denial of service. For more, go to:


Today’s roundup of virus alerts:

W32/Dumaru-E – Another worm that spreads under the guise of a Microsoft-issued patch. Like previous variants, the infected message looks like it’s from “” with a subject line of “Use this patch immediately !” and an attachment called “patch.exe.” The virus attempts to disrupt security applications on the infected machine and opens port 2283 and 10000 for backdoor access. (Sophos)

Opaserv.Y – A virus that spreads via port 137 and attempts to exploit a “share level password” vulnerability in Windows 95, 98 and ME. (Panda Software)

Colevo.A – This virus spreads to everyone listed in an MSN Messenger contact list. It uses its own SMTP engine to send infected messages and opens port 2536 to allow an attacker access to the infected machine. (Panda Software)

W32/Randex-G – Another network worm that spreads via IRC channels and can provide an attacker with remote access to the infected machine. (Sophos)


From the interesting reading department:

Spyware removal tools stop snoopers

Staying one step ahead of spyware creators requires a dedicated removal tool. Network World, 09/29/03.

Security made simple

Security appliances are the latest rage, thanks to their easy deployment and high reliability. Network World, 09/29/03.

Worms sent via IM pose serious, growing threat

Virulent new worms that exploit vulnerable instant messaging (IM) clients and could infect hundreds of thousands of computers in seconds are a real threat for Internet users worldwide, according to two security researchers from Symantec. IDG News Service, 09/26/03.

Juvenile arrested for creating Blaster variant

Another person has been arrested in relation to the Blaster worm that infected computers worldwide last month. This time the individual is a juvenile, prosecutors in Seattle said Friday, which in the U.S. typically means under the age of 18. IDG News Service, 09/26/03.

Ramping up remote access for all

Two insurance firms turn to SSL VPN to extend secure access to tens of thousands. Network World, 09/29/03.