* Patches from SCO, Red Hat, Conectiva, others * Beware "Mother's Day Virus" * Check Point digs deep into packets, and other interesting reading Today’s bug patches and security alerts:Cisco reports VPN vulnerabilitiesCisco Wednesday warned customers of three vulnerabilities in its Cisco VPN 3000 Series concentrators and VPN 3002 Hardware Client that could allow attackers to see private data or carry out a denial-of-service attack. There are workarounds to mitigate the effects of these vulnerabilities, and users can protect against them by upgrading to the latest version of code for the devices, according to an advisory from Cisco. The Cisco 3005, 3015, 3030, 3060 and 3080 VPN Concentrators and the Cisco VPN 3002 Hardware Client all may be affected by the vulnerabilities. IDG News Service, 05/08/03.Story: https://www.nwfusion.com/news/2003/0508ciscorepor.htmlCisco advisory: https://www.cisco.com/warp/public/707/cisco-sa-20030507-vpn3k.shtml**********SCO warns of tcp packet handling flaw in OpenLinuxAccording to an alert from SCO, “Allowing TCP packets with both the SYN and FIN bits set significantly improve an attacker’s chances of circumventing a firewall.” For more, go to:ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-019.0.txtSCO patches file command A buffer overflow in OpenLinux’s file command could be exploited by providing a malicious binary file to examine. A patch is available for the vulnerability. For more, go to:ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-018.0.txtSCO: Several vulnerabilities in SambaSCO has released an updated version of Samba for OpenLinux that fixes a number of serious vulnerabilities in earlier versions of the code. The flaws could be exploited to execute arbitrary commands on the affected machine. For more, go to: ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-017.0.txt**********New redhat-config-network package fixes bugsA number of bugs have been found in the redhat-config-network, a package for configuring network access in Red Hat Linux 7.3. The bugs are less security related and more performance related. For more, go to:https://rhn.redhat.com/errata/RHBA-2002-257.html**********Conectiva patches buffer overflow in slocateA buffer overflow vulnerability exists in slocate, a utility for indexing and finding files, that could be exploited to gain the privileges of the slocate user. A fix is available. For more, go to:https://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000643**********Mandrake Linux patches kopeteA flaw in the GnuPG plug-in for kopete, a KDE instant messenger client, could be exploited to run arbitrary commands on the affected machine. For more, go to:https://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:055**********Today’s roundup of virus alerts:W32/Randon-I – A worm that spreads via network shares and an open port 445. The virus looks to exploit poorly configured usernames and passwords. It allows access to the infected machine to unauthorized users via IRC channels. (Sophos)W32/Fizzer-A – Another worm that acts as a Trojan horse as well. The virus spreads via Outlook and provides access to the infected machine via IRC channels. (Sophos, Central Command)Troj/Boa-A – This is a key logging Trojan horse that periodically sends what it logs to its author. Usernames and passwords, as well as other sensitive information, could be swept up by this Trojan. (Sophos)W32/Kickin-A – A virus that spreads via e-mail – using a variety of subject lines, messages and attachment names – and peer-to-peer applications. The virus tries to open IE every 5 minutes and points at one of three Web sites. (Sophos)Troj/Sdbot-Fam – A family of Trojan horse programs that provide access to the infected machine via IRC. The Trojan’s run as a background process waiting for a connection. (Sophos)CERT warns of Mother’s Day threatThe CERT Coordination Center is warning Internet users to beware of a new e-mail-borne threat that could allow an attacker to run malicious code on a victim’s computer. The new threat, known as “Peido-B,” “VBS/Inor.B” or “Mother’s Day Virus” arrives in an e-mail that masquerades as an administrative message. IDG News Service, 05/09/03.https://www.nwfusion.com/news/2003/0509certwarns.html**********From the interesting reading department:Symantec releases security toolsSymantec this week will announce two software packages intended to prevent security breaches. Vulnerability Assessment 1.0 is a host-based scanning tool that resides on servers and desktops. It continuously checks software for vulnerabilities so it can be patched or protected by temporarily blocking ports. Network World, 05/12/03.https://www.nwfusion.com/news/2003/0512symantec.htmlCheck Point digs deep into packetsCheck Point next month is set to give its firewall customers the ability to detect and block application-layer attacks such as Code Red, Nimda and SQL slammer worms. Network World, 05/12/03.https://www.nwfusion.com/news/2003/0512checkpoint.htmlPassport flaw leaves user info up for grabsMicrosoft has scrambled to shut down a flaw in its Passport service that could potentially reveal users’ critical personal information, a company spokesman confirmed Thursday. The flaw, which was reported to the company late Wednesday, was located in the service’s password recovery system and would allow attackers to change an account password if they knew the user name. IDG News Service, 05/08/03.https://www.nwfusion.com/news/2003/0508passpflaw.htmlPassport woes point to process, credibility problemsThe disclosure Wednesday of a serious security vulnerability in the .Net Passport service underscored shortcomings with the development and management of the single sign-on technology and may undermine Microsoft’s efforts to win wider adoption of Passport among businesses and individuals, an industry analyst said. IDG News Service, 05/09/03.https://www.nwfusion.com/news/2003/0509passpwoes.htmlFluffi Bunni worked for SiemensA man reputed to be the leader of an international hacking ring worked in the U.K. offices of Siemens Communications, according to a statement released by the company. IDG News Service, 05/08/03.https://www.nwfusion.com/news/2003/0508fluffbunni.htmlIBM spinoff aims to secure serversStart-up 14 South Networks – an IBM spinoff – this week is scheduled to debut a blade that slides into PCI-based servers and provides firewall and VPN protection based on Check Point technology. Network World, 05/12/03.https://www.nwfusion.com/news/2003/051214south.html Related content news analysis Western Digital keeps HDDs relevant with major capacity boost Western Digital and rival Seagate are finding new ways to pack data onto disk platters, keeping them relevant in the age of solid-state drives (SSD). By Andy Patrizio Dec 06, 2023 4 mins Enterprise Storage Data Center news analysis Global network outage report and internet health check Cisco subsidiary ThousandEyes, which tracks internet and cloud traffic, provides Network World with weekly updates on the performance of ISPs, cloud service providers, and UCaaS providers. By Ann Bednarz and Tim Greene Dec 06, 2023 286 mins Networking news analysis Cisco uncorks AI-based security assistant to streamline enterprise protection With Cisco AI Assistant for Security, enterprises can use natural language to discover policies and get rule recommendations, identify misconfigured policies, and simplify complex workflows. By Michael Cooney Dec 06, 2023 3 mins Firewalls Generative AI Network Security news Nvidia’s new chips for China to be compliant with US curbs: Jensen Huang Nvidia’s AI-focused H20 GPUs bypass US restrictions on China’s silicon access, including limits on-chip performance and density. By Anirban Ghoshal Dec 06, 2023 3 mins CPUs and Processors Technology Industry Podcasts Videos Resources Events NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe