* Patches from Conectiva, Immunix, others * Beware four new variants of the Minmail virus * Mazu upgrades security offering, and other interesting reading Today’s bug patches and security alerts:VMware patches OpenSSL vulnerabilityUsers of VMware’s GSX Server and ESX Server are being urged to download an update that patches a vulnerability in OpenSSL that could be exploited in denial-of-service attack. For more, go to:GSX Server patch installation instructions are at: https://www.vmware.com/support/kb/enduser/std_adp.php?p_faqid=1164ESX Server patch installation instructions are at: https://www.vmware.com/support/kb/enduser/std_adp.php?p_faqid=1167**********Conectiva patches libnidsCode for Conectiva’s libnids, part of an intrusion detection system, contains a buffer overflow that could be exploited to run arbitrary code on the affected machine. A fix is available. For more, go to:https://www.nwfusion.com/go2/1103bug1a.html********** SuSE releases fix for thttpdA flaw in the tiny http server (thttpd) for SuSE could be exploited to by pass the virtual-hosting mechanism to read arbitrary files on the affected machine. For more, go to:https://www.suse.com/de/security/2003_044_thttpd.html********** OpenPKG issues fix for postgresqlTwo bugs found in the postgresql database code could be exploited to trigger a buffer overflow, which could be used to run malicious code on the affected server. For more, go to:https://www.nwfusion.com/go2/1103bug1b.html**********Immunix patches fileutilsA buffer overflow vulnerability has been found in Immunix’s “ls” directory listing command found the fileutils package. The flaw could be exploited in a denial-of-service attack. The fix can be downloaded here:https://www.nwfusion.com/go2/1103bug1c.html**********Gentoo releases Apache updateVersion 2.0.48 of the Apache Web server is primarily a bug fix release, according to an alert from Gentoo. It also fixes a CGI path redirect flaw and a buffer overflow in the mod_alias and mod_rewrite. For more, go to:https://bugs.gentoo.org/show_bug.cgi?id=32271**********Today’s roundup of virus alerts:Mimail-C,E,F and H – Four new variants of the Mimail virus are circulating, turning infected machines into Spam sending zombies. Three of the variants spread via an e-mail with an attachment called “readnow.zip”. The fourth (C) comes with in at attachment called “photos.zip”. (Sophos)W32/Agobot-AG – This virus spreads via network shares by exploiting weak or non-existent passwords. The virus disables certain anti-virus applications and uses an IRC channel to allow an attacker to run commands on the infected machine. (Sophos)**********From the interesting reading department:Mazu upgrades security offeringMazu Networks has upgraded its security-analysis platform to help customers find worms and unauthorized behavior that previously might have gone undetected by its gear. Network World, 11/03/03.https://www.nwfusion.com/news/2003/1103mazu.htmlNetScaler debuts SSL appliance for the little guyNetScaler this week unveiled an entry-level security appliance that could add application acceleration, hacker protection, Secure Sockets Layer-based VPNs and content cashing to an enterprise. Network World Fusion, 10/31/03.https://www.nwfusion.com/news/2003/1031netscaler.htmlMicrosoft eyes ID managementMicrosoft is working on identity technology for its future Longhorn operating system that it hopes will evolve into a cross-platform, standard format that companies can use to secure digital relationships and share resources. Network World, 11/03/03.https://www.nwfusion.com/news/2003/1103msindentity.htmlNEC to step up battle against PC viruses, wormsNEC is taking recent computer virus and security problems to heart and has begun notifying users when potential security problems exist on their PCs. IDG News Service, 10/31/03.https://www.nwfusion.com/news/2003/1031nectost.htmlKaspersky Labs offers new Linux/Unix anti-virus softwareKaspersky Labs, a Moscow security software developer, has released a new version of its anti-virus software for mail servers running on Linux and Unix operating systems. IDG News Service, 10/31/03.https://www.nwfusion.com/news/2003/1031kaspelabs.html Related content how-to Doing tricks on the Linux command line Linux tricks can make even the more complicated Linux commands easier, more fun and more rewarding. By Sandra Henry-Stocker Dec 08, 2023 5 mins Linux news TSMC bets on AI chips for revival of growth in semiconductor demand Executives at the chip manufacturer are still optimistic about the revenue potential of AI, as Nvidia and its partners say new GPUs have a lead time of up to 52 weeks. By Sam Reynolds Dec 08, 2023 3 mins CPUs and Processors Technology Industry news End of road for VMware’s end-user computing and security units: Broadcom Broadcom is refocusing VMWare on creating private and hybrid cloud environments for large enterprises and divesting its non-core assets. By Sam Reynolds Dec 08, 2023 3 mins Mergers and Acquisitions news analysis IBM cloud service aims to deliver secure, multicloud connectivity IBM Hybrid Cloud Mesh is a multicloud networking service that includes IT discovery, security, monitoring and traffic-engineering capabilities. By Michael Cooney Dec 07, 2023 3 mins Network Security Cloud Computing Networking Podcasts Videos Resources Events NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe