• United States

More sendmail patches available

Apr 07, 20036 mins

* Patches from Red Hat, SuSE, Conectiva, others * Beware a three-part Trojan * Security start-up to block Trojans, and other interesting reading

Today’s bug patches and security alerts:

More sendmail patches available

As we reported last week, there is another vulnerability in the sendmail mail transfer agent. This one is a buffer overflow in the way long e-mail addresses in a message header is parsed. An attacker could exploit the flaw to run arbitrary code on the affected machine. For more, go to:






Red Hat releases Eye of GNOME update

A vulnerability in the Eye of GNOME package for Red Hat could be exploited by a remote user sending a specially crafted filename to the affected system. By exploiting this flaw, the attacker could run arbitrary code on the affected machine. For more, go to:

Red Hat releases new mutt and balsa products

New versions of balsa and mutt are available that fix a potential buffer overflow vulnerability. For more, go to:

Red Hat patches NetPBM

A flaw in the NetPBM image viewing code could be exploited to run arbitrary code on the affected machine. Attackers would need to craft special images to take advantage of this vulnerability. For more, go to:


NetBSD Kerberos fix available

A number of vulnerabilities have been found in Kerberos packages based on MIT’s implementation of the code. NetBSD users can get the appropriate patch from:


SuSE patches openssl

A flaw in the openssl package used in many Unix/Linux implementations could allow TSL/SSL communications to be passed in plain text. SuSE users can get more information and a patch from:


Debian patches apcupsd

A buffer overflow in the apcupsd daemon for APC’s Unbreakable Power Supplies could be exploited by a remote user to gain root privileges on the affected machine. For more, go to:

Debian releases fix for S/390 kernels

As we’ve reported over the past couple weeks, a number of Linux vendors have released update kernels to fix a variety of problems. The most serious could lead to a local user gaining root privileges on the affected system. SuSE has released a patch for its kernel implementation. For more, go to:


Conectiva updates snort

A flaw in the snort open-source network monitoring software could be exploited by an attacker feeding specially crafted RPC traffic into the network stream. The malicious RPC packets could crash the sensor and potentially be used to run arbitrary code on the affected machine. For more, go to:

Conectiva patches dhcp

A denial-of-service vulnerability exists in Conectiva’s dhcp client implementation. An attacker could send a storm of packets to the affected client, causing it to crash. For more, go to:

Conectiva releases file patch

A flaw in file, a command line tool for determining a file’s content, could be exploited to cause a buffer overflow on the affected machine. For more, go to:

Conectiva issues samba patch

A flaw in the open-source Samba file server could be exploited to run arbitrary code on the affected machine. Conectiva has issues a fix for this problem. Updated packages can be downloaded from:


CA warns of Day Light savings time problem in antivirus packages

Computer Associates late last week warned users that the INOTASK function could start using 100% of the processor utilization if tasks were scheduled to run between 2 a.m. and 3 a.m. Sunday morning. You’d know by now if this affects you. For more, customers can logon to CA support below:


Today’s roundup of virus alerts:

Trj/Kamuflao3 – A three-part Trojan horse that allows an intruder access to the infected machine. (Panda Software)

Grimgram – This worm spreads via e-mail and the Kazaa file-sharing network. It e-mails sensitive information from the infected machine to (Panda Software)


From the interesting reading department:

Report finds 84% jump in security incidents

The number of computer security incidents and attacks detected at businesses worldwide soared by 84% between the fourth quarter of 2002 and the first quarter of this year, fueled in part by a surge in the number of mass-mailing worms, according to a report due out Monday from Internet Security Systems. IDG News Service, 04/04/03.

Latest Apache release fixes DOS vulnerability

The latest release of Apache 2.0 fixes a number of security vulnerabilities including an as-yet-undisclosed flaw that could be used to launch a denial of service attack against machines running the popular Web server, according to information released by the Apache Software Foundation (ASF). IDG News Service, 04/03/03.

Texan charged with breaching Yale computer system

A Texan is accused of breaking into Yale University’s computer system from home. Jason Jarrell, 19, who lives with his mother in Coppell, Texas, was arraigned in New Haven Superior Court Thursday and charged with six counts of computer crime. He is accused of tapping into computers at five university centers, including two computer systems used to research AIDS, cancer, heart disease and Alzheimer’s disease., 04/04/03.

Security start-up to block Trojans

Start-up WholeSecurity debuts this week with Web server software designed to prevent remote-access Trojans or eavesdropping software from penetrating the network during e-commerce or employee interactions over the Internet. Network World, 04/07/03.

Box speeds SSL traffic, balances loads

Nauticus says its N2000 and N2000V intelligent switches will help customers reduce costs and improve data center performance. Network World, 04/07/03.

Fortinet uncorks security mgmt. app

Fortinet this week is introducing a management appliance that claims to make it simpler for customers to configure, create policies for and administer the large groups of the company’s multifaceted FortiGate security appliances. Network World, 04/07/03.

Errors in IBM’s DB2 cause outage at Danske Bank

Flaws in IBM’s DB2 database software were responsible for a chain of glitches that turned a routine hardware repair into a weeklong operational crisis, Danske Bank said Thursday in a report on an outage it suffered in March. IDG News Service, 04/04/03.

Network Associates buys two start-ups

Making good on a recent pledge to expand into new segments of the security industry, Network Associates last week bought its way into the emerging intrusion-prevention system market by agreeing to acquire two start-ups for a combined $220 million. Network World, 04/07/03.