* Patches from SGI, Red Hat, others * Beware virus that spreads via e-mail with subject line "Saludos" * Privacy concerns dog initial RFID plans, and other interesting reading A number of Network World reporters, myself included, will be in Las Vegas this week covering NetWorld+Interop. We’ll keep you up to date on all the show happenings via our breaking news page and our N+I Weblog:Breaking news page:https://www.nwfusion.com/news/2003/ni2003.htmlWeblog: https://www.nwfusion.com/weblogs/ni/2003/Today’s bug patches and security alerts: Cisco releases Catalyst software updateA flaw in Version 7.5(1) of the Cisco Catalyst software could allow a malicious user to gain access to enable mode without a password. Once inside the system, the attacker can gain higher levels of access by bypassing password authentication. Catalyst users should upgrade to software Version 7.6(1) to fix the problem. For more, go to:https://www.cisco.com/warp/public/707/cisco-sa-20030424-catos.shtml**********New version of Bugzilla availableVersions of Bugzilla prior to 2.16.3 contain a vulnerability that could echo raw HTML back to a user, a flaw that could be exploited in a symlink attack. Version 2.16.3 fixes the problem. For more, go to: https://ftp.mozilla.org/pub/webtools/**********Debian, SuSE release new KDE/kdelibs packagesA flaw in the way KDE and kdelibs uses Ghostscript software to process PostScript and PDF files could be exploited to run arbitrary code on the affected machine. An attacker would have to provide a malicious PostScript or PDF file via e-mail or a Web server. For more, go to: Debian:https://www.debian.org/security/2003/dsa-293SuSE:https://www.suse.com/de/security/2003_026_kde.html**********Mandrake Linux updates etherealA number of vulnerabilities have been found in ethereal, a network monitoring application. The flaws could be exploited in a denial-of-service attack or to run arbitrary code on the affected machine. For more, go to:https://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:051**********SGI patches password flaw in Irix LDAPSGI’s implementation of LDAP for its Irix operating system contains a flaw in the way certain passwords are verified. Current implementations do not check whether LDAP server provides the “Userpassword” attribute for each entry in the password database. A malicious user could exploit this to log on without a password. For more, go to:https://www.networkworld.com/ftp://patches.sgi.com/support/free/security/advisories/20030407-01-PSGI updates patch for BSD LPR SubsystemA previous patch for the BSD LPR Subsystem implementation for Irix did not properly fix the vulnerabilities in the code. A new patch is available with all the proper updates. For more, go to:https://www.networkworld.com/ftp://patches.sgi.com/support/free/security/advisories/20030406-01-P**********Red Hat patches mICQVersion 0.4.9 and earlier of mICQ, a messaging and conferencing program, contain a vulnerability that could be exploited in a denial-of-service attack. The denial-of-service could be caused by sending malformed ICQ packets to the affected mICQ client. For more, go to:https://rhn.redhat.com/errata/RHSA-2003-118.htmlRed Hat releases patch for LPRng packageA temporary file vulnerability has been found in the LPRng print spooler package. An attacker could use a symbolic link attack to write arbitrary files with the privileges of “lp”. For more, go to:https://rhn.redhat.com/errata/RHSA-2003-142.htmlRed Hat fixes cross-scripting flaw in squirrelmailA number of cross-scripting vulnerabilities have been found in squirrelmail, a PHP-based Webmail package. The flaws could be exploited by a remote attacker to run scripts on the affected machine. For more, go to:https://rhn.redhat.com/errata/RHSA-2003-112.html**********Today’s roundup of virus alerts:Opex – This worm spreads through peer-to-peer file sharing networks by making copies itself on the infected machine with names that make the file look like a utility application. (Panda Software)Tavo – A virus that spreads mainly via e-mail messages with a subject line of “Saludos” and an attachment called “IESRACK.VBS”. On the 11th of each month, the virus displays a message. On 12/1, it deletes file in My Documents and on 12/9 it displays more messages. Finally, every 8 minutes, the virus checks the floppy drive for a writeable disk to infect. (Panda Software)Morb – This Trojan horse spreads through e-mail, IRC and peer-to-peer networks. It replies to all messages in the infected machine’s inbox with a copy of itself attached. It also opens port 81 to allow access by a remote attacker. (Panda Software)Alor – Another Trojan horse that allows an attacker to access the infected machine via port 12345. The attacker could carry out several actions on the machine. (Panda Software)**********From the interesting reading department:Windows Server 2003 Security Guide:https://go.microsoft.com/fwlink/?LinkId=14845Review: WatchGuard Firebox V200 firewall/VPNWatchGuard Technologies, a leader in small office/home office firewall/ VPN appliances, is targeting the big boys with a high-end device aimed squarely at Cisco’s PIX 535 and NetScreen Technologies’ NetScreen-5200. Network World, 04/28/03.https://www.nwfusion.com/reviews/2003/0428rev.htmlRenewData uncovers, prevents ‘smoking guns’Start-up RenewData is at the center of a ripe and growing business thanks to government regulations aimed at uncovering corporate malfeasance. The company is focused on recovering e-mail messages and files attorneys and clients request from the hundreds of tapes that businesses keep offsite. Network World Fusion, 04/24/03.https://www.nwfusion.com/news/2003/0424renewdata.htmlPrivacy concerns dog initial RFID plansNow Benetton appears to be retreating from its RFID endorsement after privacy objections. This month the company declared that no microchips are present in the garments it produces and sells, and that it hasn’t made any decisions about using RFID. Network World, 04/28/03.https://www.nwfusion.com/news/2003/0428rfid.htmlWireless security is rising, but it’s not fully baked yetIn interoperability testing that NetWorld+Interop’s iLabs Wireless Security team conducted earlier this month, we found that products supporting 802.1X – the proposed standard for authentication in wireless networks – worked well together most of the time, but we identified some problem areas that need attention from standards bodies and vendors alike. Network World, 04/28/03.https://www.nwfusion.com/research/2003/0428ilabs8021x.html Related content news analysis IBM cloud service aims to deliver secure, multicloud connectivity IBM Hybrid Cloud Mesh is a multicloud networking service that includes IT discovery, security, monitoring and traffic-engineering capabilities. By Michael Cooney Dec 07, 2023 3 mins Network Security Cloud Computing Networking news Gartner: Just 12% of IT infrastructure pros outpace CIO expectations Budget constraints, security concerns, and lack of talent can hamstring infrastructure and operations (I&O) professionals. By Denise Dubie Dec 07, 2023 4 mins Network Security Data Center Industry feature Data centers unprepared for new European energy efficiency regulations Regulatory pressure is driving IT teams to invest in more efficient servers and storage and improve their data-center reporting capabilities. By Maria Korolov Dec 07, 2023 7 mins Enterprise Storage Green IT Servers news analysis AMD launches Instinct AI accelerator to compete with Nvidia AMD enters the AI acceleration game with broad industry support. First shipping product is the Dell PowerEdge XE9680 with AMD Instinct MI300X. By Andy Patrizio Dec 07, 2023 6 mins CPUs and Processors Generative AI Data Center Podcasts Videos Resources Events NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe