Americas

  • United States

New version of Apache available

Opinion
Apr 03, 20035 mins
NetworkingSecurity

* Patches from Red Hat, HP, Gentoo, others * Beware of attachment called "BlueMountaineCard.pif" * Network Associates to buy IntruVert for $100 million, and other interesting reading

Today’s bug patches and security alerts:

Apache 2.0.45 now available

The Apache Software Foundation has released Version 2.0.45 of the popular Apache Web server. This version is primarily contains bug and security fixes. Users can download the new version from:

Source code:

https://www.apache.org/dist/httpd/

Binaries:

https://www.apache.org/dist/httpd/binaries/

OS2 users note: A denial-of-service vulnerability still exists in this latest version. OS2 users should also apply this patch:

https://cvs.apache.org/viewcvs/apr/file_io/os2/filestat.c.diff?r1=1.34&r2=1.35

**********

Red Hat releases updated dhcp package

A flaw Red Hat’s dhcp client implementation could be exploited in a denial-of-service attack against the affected machine. For more, go to:

https://rhn.redhat.com/errata/RHSA-2003-034.html

Red Hat releases updated vsftpd patches

A flaw in the way the vsftpd FTP daemon for Red Hat 9.0 was compiled could lead to errors. Red Hat 9.0 users should download a new version. For more, go to:

https://rhn.redhat.com/errata/RHSA-2003-084.html

**********

More sendmail patches available

As we reported in our last newsletter, there is another vulnerability in the sendmail mail transfer agent. This one is a buffer overflow in the way long e-mail addresses in a message header is parsed. An attacker could exploit the flaw to run arbitrary code on the affected machine. For more, go to:

Gentoo:

https://forums.gentoo.org/viewtopic.php?t=44892

Red Hat:

https://rhn.redhat.com/errata/RHSA-2003-120.html

OpenPKG:

https://www.openpkg.org/security/OpenPKG-SA-2003.027-sendmail.html

**********

More kerberos fixes available

A number of vulnerabilities have been found in Kerberos packages based on MIT’s implementation of the code. Patches are available:

Red Hat 9.0:

https://rhn.redhat.com/errata/RHSA-2003-091.html

Gentoo:

https://forums.gentoo.org/viewtopic.php?t=44893

**********

Immunix releases samba update

A flaw in the open-source Samba file server could be exploited to run arbitrary code on the affected machine. Immunix has issues a fix for this problem. Updated packages can be downloaded from:

https://www.networkworld.com/ftp://ftp.ibiblio.org/pub/Linux/distributions/immunix/

**********

Flaw in HP Instant TopTools

A flaw in the HP Instant TopTools for Windows NT and 2000 could be exploited in a denial-of-service attack against the affected machine. A patch is available from HP:

https://h20004.www2.hp.com/soar_rnotes/bsdmatrix/matrix50459en_US.html#Utility%20-%20HP%20Instant%20Toptools

**********

Gentoo patches openafs

The OpenAFS package for Gentoo relies on Kerberos 4 encryption. However a weak encryption scheme in Kerberos 4 leads to vulnerabilities in OpenASF. A patch is available for this problem:

https://forums.gentoo.org/viewtopic.php?t=44890

**********

Mandrake Linux patches Eterm

A number of vulnerabilities have been found in Eterm, some of which could lead to a system compromise. A patch is available from Mandrake Linux. For more, go to:

https://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:040

**********

Vulnerability in Apple QuickTime player

A buffer overflow in the way Version 5.x and 6.0 of the Apple QuickTime player for Windows handles URLs could be exploited to run arbitrary code on the affected machine. Version 6.1 fixes the problem:

https://www.apple.com/quicktime/download/

Related iDefense advisory:

https://www.idefense.com/advisory/03.31.03.txt

**********

Today’s roundup of virus alerts:

W32/Cult-B – A virus that spreads via e-mail and the Kazaa file-sharing network. The e-mailed virus comes with a subject line of “Hi, I sent you an eCard from BlueMountain.com” and an attachment called “BlueMountaineCard.pif”. The virus launched denial-of-service attacks against www.chat-planet.nl or chat.planet.nl. (Sophos)

XM97/Morx-A – An Excel virus that adds a Rom add-in to the Excel Tools menu. (Sophos)

**********

From the interesting reading department:

Network Associates to buy IntruVert for $100 million

Network Associates said it has entered into an agreement to purchase IntruVert Networks for $100 million in cash, an acquisition that will give NAI a line of products as well as underlying technology for intrusion prevention. Network World Fusion, 04/02/03.

https://www.nwfusion.com/news/2003/0402intru.html

Virus costs keep rising

Firms are taking more time to recover from virus attacks, according to a new report, and costs are rising. However, they are now more likely to suffer from a string of small attacks throughout the year, rather than from a single major attack. VNUnet, 03/31/03.

https://www.vnunet.com/News/1139852

Report: Large companies worried about Microsoft security

A majority of leading security experts said that the security of Microsoft’s products is a top concern, but the company still deserves credit for its efforts to tackle the problem, according to a report released by Forrester Research. IDG News Service, 04/01/03.

https://www.nwfusion.com/news/2003/0401reporlarge.html

President’s cybersecurity chief defends agenda

President George W. Bush’s top cybersecurity advisor defended his boss’s Internet security agenda but called for help from everyone from large corporations to individual Internet users to protect the U.S. homeland by protecting their own little piece of cyber turf. IDG News Service, 04/01/03.

https://www.nwfusion.com/news/2003/0401presicyber.html

CFP puts spotlight on privacy post-Sept. 11

Given the backdrop of war, tightened national security, and new legislation aimed at expanding government powers, the discussions and debates due to take place at the 13th Annual Conference on Computers, Freedom and Privacy in New York this week promises to be lively. IDG News Service, 04/01/03.

https://www.nwfusion.com/news/2003/0401presicyber.html