Bug Alert: Linux patches galore

Today’s bug patches and security alerts:

Red Hat updates Ethereal package

Red Hat has issued an update for the network-monitoring package Ethereal. Numerous buffer overflow vulnerabilities have been found in the package. These flaws could be exploited in a denial-of-service attack or to run arbitrary code on the affected machine. For more, go to:

https://rhn.redhat.com/errata/RHSA-2002-290.html

Red Hat: Patch available for libpng

A buffer overflow flaw in PNG image handling software libpng could be exploited to run arbitrary code on the affected machine. An attacker would have to craft a PNG file to trigger the overflow. For more, go to:

https://rhn.redhat.com/errata/RHSA-2003-006.html

**********

Caldera patches fetchmail buffer overflow

A buffer overflow in fetchmail’s e-mail address parser could be used by an attacker to run arbitrary code on the affected machine. For more, go to:

ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-001.0.txt’

Caldera fixes ps command flaw

A flaw in the command line tool ps could be exploited to run arbitrary code with elevated privileges on the affected machine. For more, go to:

ftp://ftp.sco.com/pub/updates/OpenUNIX/CSSA-2003-SCO.1

Calerda releases patch for webmin

A cross scripting vulnerability in webmin could allow a remote attacker to insert script into an error page and potentially steal cookie information. For more, go to:

ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-002.0.txt

**********

Mandrake Linux, Debian patch xpdf

An integer overflow in the pdftops filter that’s part of xpdf could be exploited to gain the privileges of the target user, usually “lp”. For more, go to:

Mandrake Linux:

https://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:002

Debian:

https://www.debian.org/security/2003/dsa-226

**********

Mandrake Linux updates dhcpcd

A flaw in the dhcpcd package could be exploited by a malicious user to run arbitrary code on the a DHCP client that requests an IP address from the affected server. For more, go to:

https://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:003

Mandrake Linux issues patch for CUPS

Numerous vulnerabilities have been found in the CUPS printing service for Unix and Linux. These range from local denial-of-service to remote root access vulnerabilities. For more, go to:

https://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:001

Debian: Source disclosure flaw in Tomcat4

A flaw in Apache Tomcat 4.0.x could be exploited by a malicious user using a specially crafted URL that would return an unprocessed JSP page. For more, go to:

https://www.debian.org/security/2003/dsa-225

**********

Today’s roundup of virus alerts:

With many variants of the Lirva (Avril) virus spreading, Panda Software has released a free tool (PQREMOVE) for repairing the damage done by the virus:

https://www.pandasoftware.com/download/utilities/

W32/Sobig-A – An e-mail worm that spreads via infected messages with one of the following attachments: “Document003.pif”, “Sample.pif”, “Untitled1.pif”, or “Movie_0074.pif”. The virus searches certain file types for additional e-mail addresses in which to send infected messages. (Sophos, Computer Associates, Panda Software)

Pornspa.D – A Trojan horse that dials out to a toll-free number. No word on the damage it can cause. (Panda Software)

Peito – A virus that displays messages on the infected machine’s screen and randomly attempts to delete the infected machine’s hard drive. (Panda Software)

WM97/Replog-F – A Word macro virus that attempts to run “I:EudoraSysServer.exe”. No word on any damage caused by this virus. (Sophos)

**********

From the interesting reading department:

Microsoft seeks antivirus fix

Microsoft is working behind the scenes with leading antivirus software vendors to improve the way desktop security software works with its next major operating system, code-named Longhorn. Network World, 01/13/03.

https://www.nwfusion.com/news/2003/0113antivirus.html

Variety of VPN services on tap from Verizon

Verizon is mustering a managed VPN push that will offer customers more advanced service choices and further distance itself from once-close IP partner Genuity. Network World, 01/13/03.

https://www.nwfusion.com/news/2003/0113verizonvpn.html

Review: PoliVec Suite

Establishing and maintaining security policies across an enterprise network is a necessary hassle. The good news is that PoliVec’s suite of security tools – Builder, Scanner, and Enforcer – smoothes out the process. Network World, 01/13/03.

https://www.nwfusion.com/reviews/2003/0113polivecrev.html

Intrusion-detection apps boost security

IDS applications have emerged to strengthen security on the perimeter and maximize the capabilities of already deployed network firewalls. Network World, 01/13/03.

https://www.nwfusion.com/news/tech/2003/0113techupdate.html

VPN software is not created equal

With IP Security VPNs established as a preferred method of remote access, businesses now must weigh an array of options that can make deploying and managing these VPNs less daunting. Network World, 01/13/03.

https://www.nwfusion.com/news/2003/0113vpnclients.html

**********

Archives online:

Nothing more frustrating then getting a newsletter, reading it, deleting it, then need to refer back and can’t find the archives. That’s not a problem here:

https://www.nwfusion.com/newsletters/bug/