• United States

Another Samba flaw reported

Apr 10, 20035 mins

* Patches from Microsoft, Red Hat, others * Beware Excel macro virus * SonicWall tackles wireless LAN protection, and other interesting reading

Today’s bug patches and security alerts:

Another Samba flaw

For those of you that just recently upgrade to Samba 2.2.8 to fix a previous vulnerability it’s time to upgrade again. A new flaw has been found in Samba that could allow an anonymous user to gain root access on the affected machine. Users should upgrade to version 2.2.8a to fix the current problem. For more, go to:


Red Hat:


Immunix (patch repository):




Microsoft warns of virtual machine vulnerability

Microsoft warned users on Wednesday about two new security vulnerabilities affecting its Microsoft Virtual Machine, Microsoft Proxy Server 2.0 and Microsoft ISA Server 2000 products. IDG News Service, 04/09/03.


Microsoft advisory:

Microsoft: Flaw In Winsock Proxy Service And ISA firewall service

A flaw in Microsoft Proxy Server 2.0 and the Microsoft Firewall service in ISA could be exploited by an internal network user to cause a denial of service against the two services. Both services would stop responding to internal and external traffic. For more, including a patch, go to:

Microsoft updates Indexing Services Cross Site Scripting’ vulnerability patch

A previous releases of this patch was never included in the NT 4.0 Option Pack. NT 4.0 users can get more information and download the update from:


Red Hat patches mgetty

A couple of buffer overflow flaws have been found in mgetty, a getty replacement for use with data and fax modems. One of the flaws could be used to overwrite certain files. For more, go to:


Updated Apache packages available

A denial of service vulnerability has been found in the Apache Versions 2.0 through 2.0.44. For more information, go to:

iDenfense advisory:

Red Hat:



Debian releases sendmail patch

As we’ve been reporting, there is another vulnerability in the sendmail mail transfer agent. This one is a buffer overflow in the way long e-mail addresses in a message header is parsed. An attacker could exploit the flaw to run arbitrary code on the affected machine. For more, go to:

Debian patches metrics

A flaw in the metrics, a software metrics program, could allow an attacker to overwrite files owned by the user running scripts, including root. For more, go to:


SGI patches RPC function library

A number of vulnerabilities have been found in the IRIX RPC library. The flaws could be exploited in a denial-of-service attack or to gain elevated privileges on the affected machine. For more, go to:


Conectiva releases kernel update

As we’ve reported over the past couple weeks, a number of Linux vendors have released update kernels to fix a variety of problems. The most serious could lead to a local user gaining root privileges on the affected system. Conectiva has released a patch for its kernel implementation. For more, go to:


SETI@Home client and server software

Flaw found in

A buffer overflow in the way SETI@Home client and server receive responses from each other could be exploited on the server side to gain control over all SETI@Home clients. For this reason, users have been urged to upgrade to version 3.08 of the client:

Related alerts:




Today’s roundup of virus alerts:

XM97/Baris-AG – On April 24th between 2p and 3p, this Excel macro virus will activate and walk the user through a roll-playing game using dialog boxes. If the user answers incorrectly, all the cells in the open spreadsheet will be erased. (Sophos)


From the interesting reading department:

SonicWall tackles wireless LAN protection

SonicWall is marrying a VPN appliance to a wireless access point in an attempt to make it easier to set up and secure wireless LANs at small corporate offices. Network World Fusion, 04/09/03.

Forum: Gartner and SIM

It’s time for another “Magic Quadrant” from Gartner Group. In case you haven’t heard of the “Magic Quadrant,” it’s not a rock group, but one of those studies that Gartner puts out from time to time on any particular segment of the information technology market to assess product leaders and laggards. This particular one is about “security information management,” or SIM for short. Network World Fusion.

Dr. Internet: Reading data from a network sniffer

We downloaded a Windows network sniffer program as you suggested to troubleshoot a network slowdown. Now what? We see the results, but without some idea of what we’re looking for it’s like reading a foreign language. Network World, 04/07/03.