• United States

VMware patches OpenSSL vulnerability

Nov 03, 20034 mins

* Patches from Conectiva, Immunix, others * Beware four new variants of the Minmail virus * Mazu upgrades security offering, and other interesting reading

Today’s bug patches and security alerts:

VMware patches OpenSSL vulnerability

Users of VMware’s GSX Server and ESX Server are being urged to download an update that patches a vulnerability in OpenSSL that could be exploited in denial-of-service attack. For more, go to:

GSX Server patch installation instructions are at:

ESX Server patch installation instructions are at:


Conectiva patches libnids

Code for Conectiva’s libnids, part of an intrusion detection system, contains a buffer overflow that could be exploited to run arbitrary code on the affected machine. A fix is available. For more, go to:


SuSE releases fix for thttpd

A flaw in the tiny http server (thttpd) for SuSE could be exploited to by pass the virtual-hosting mechanism to read arbitrary files on the affected machine. For more, go to:


OpenPKG issues fix for postgresql

Two bugs found in the postgresql database code could be exploited to trigger a buffer overflow, which could be used to run malicious code on the affected server. For more, go to:


Immunix patches fileutils

A buffer overflow vulnerability has been found in Immunix’s “ls” directory listing command found the fileutils package. The flaw could be exploited in a denial-of-service attack. The fix can be downloaded here:


Gentoo releases Apache update

Version 2.0.48 of the Apache Web server is primarily a bug fix release, according to an alert from Gentoo. It also fixes a CGI path redirect flaw and a buffer overflow in the mod_alias and mod_rewrite. For more, go to:


Today’s roundup of virus alerts:

Mimail-C,E,F and H – Four new variants of the Mimail virus are circulating, turning infected machines into Spam sending zombies. Three of the variants spread via an e-mail with an attachment called “”. The fourth (C) comes with in at attachment called “”. (Sophos)

W32/Agobot-AG – This virus spreads via network shares by exploiting weak or non-existent passwords. The virus disables certain anti-virus applications and uses an IRC channel to allow an attacker to run commands on the infected machine. (Sophos)


From the interesting reading department:

Mazu upgrades security offering

Mazu Networks has upgraded its security-analysis platform to help customers find worms and unauthorized behavior that previously might have gone undetected by its gear. Network World, 11/03/03.

NetScaler debuts SSL appliance for the little guy

NetScaler this week unveiled an entry-level security appliance that could add application acceleration, hacker protection, Secure Sockets Layer-based VPNs and content cashing to an enterprise. Network World Fusion, 10/31/03.

Microsoft eyes ID management

Microsoft is working on identity technology for its future Longhorn operating system that it hopes will evolve into a cross-platform, standard format that companies can use to secure digital relationships and share resources. Network World, 11/03/03.

NEC to step up battle against PC viruses, worms

NEC is taking recent computer virus and security problems to heart and has begun notifying users when potential security problems exist on their PCs. IDG News Service, 10/31/03.

Kaspersky Labs offers new Linux/Unix anti-virus software

Kaspersky Labs, a Moscow security software developer, has released a new version of its anti-virus software for mail servers running on Linux and Unix operating systems. IDG News Service, 10/31/03.