|
|
Enron Mail |
NETWORK WORLD NEWSLETTER: JASON MESERVE
on SECURITY AND BUG PATCH ALERT 10/29/01 - Today's focus: Hanging Cisco firewalls Dear Wincenty Kaminski, In this issue: * Hardware flaws reported in Cisco firewalls * Patches and alerts for Linux-Mandrake and SuSE kernel, Red Hat print spooler, others * The infamous Ethan Frome virus * Tivoli aims to plug security holes, plus other interesting reading _______________________________________________________________ This newsletter sponsored by Microsoft GET AND STAY SECURE WITH MICROSOFT. At Microsoft, our highest priority is the safety and security of the Internet and your data. Our commitment to you is that we will not rest until your business is secure. Period. Call 1- 866-PC SAFETY for FREE Virus-Related IT Support. Click here to learn more: http://nww1.com/go/3504898a.html _______________________________________________________________ TIME IS MONEY The adage is as true for teleworkers as it is for anyone else. Check out our "Telework Top 10" series where we provide you with a clear picture of the interrelated capabilities of today's critical, must-have technologies, and how your adoption of those technologies can help or hurt your bottom line. http://nww1.com/go/ad168.html _______________________________________________________________ Today's focus: Hanging Cisco firewalls By Jason Meserve Today's bug patches and security alerts: * Hardware flaws hang some Cisco firewalls Hardware flaws in some Cisco firewalls for corporate central and branch offices have caused the systems to hang or shut themselves down and forced Cisco to replace the affected boxes. Some Cisco Pix 515, 515-DC and 506 Firewalls have suffered system hangs when traffic on the network becomes too heavy, requiring IS staff to manually restart the firewall, Cisco reported in an Oct. 18 field notice on its Web site. http://www.nwfusion.com/news/2001/1029cisfire.html IDG News Service, 10/29/01 * Linux-Mandrake releases new version of kernel 2.2 A flaw in the ptrace module of the Linux kernel version 2.2 could lead to a local user gaining root privileges. The kernel is also vulnerable to a symlink attack that could lead to a denial of service. Linux-Mandrake users should download this kernel update: http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-082.php3 * SuSE patches kernel SuSE's kernel suffers from the same ptrace root privileges and symlink denial-of-service attack vulnerabilities as other Linux flavors. Kernel versions 2.2 and 2.4 have been updated: http://lists2.suse.com/archive/suse-security-announce/2001-Oct/0003.html * New RWhois patch available ARIN Engineering has released an updated version of its RWhois code to fix a recently discovered vulnerability. The patch can be downloaded from: ftp://ftp.arin.net/pub/rwhois/rwhoisd-1.5.7-1.tar.gz * Red Hat patches print spool According to a Red Hat alert, when used in a spooling environment, it is inappropriate to allow programs to read arbitrary files as a result of print requests. Ghostscript, a postscript interpreter, can read arbitrary system files with the same permissions as the print spooler, potentially exposing the system to an information compromise. For more and links to the appropriate patch, go to: http://www.redhat.com/support/errata/RHSA-2001-112.html Today's roundup of virus alerts: * W32/Antset - This Windows virus comes as an attachment called "ants3set.exe" in a message titled "ANTS Version 3.0." It spreads by sending itself to everyone listed in an Outlook address book as well as by searching Web-related files for e- mail addresses. The virus uses the infected user's SMTP server as well as a number of hard-coded servers. (Panda Software, Computer Associates, Sophos) Troj/Septer - This is the Trojan Horse program that pretends to be a Red Cross donation system. It steals credit card data and other personal information. (Sophos) I-Worm/Redesi.A - A worm that displays a dialog box on the infected machine's screen and e-mails itself out to everyone in the computer's address book. Its cousin, Redesi-B, also modifies the autoexec.bat system to reformat the C: drive on Nov. 11, 2001. (Panda Software) W32/Toal@MM - An e-mail worm that spreads via an attachment called "BINLADEN_BRASIL.EXE." It creates several files in the Windows directory of the infected machine. No word on what other damage it causes. (Panda Software) Win32/Krn132 or Win32/Klez - A Windows virus that comes in a randomly named e-mail with random attachment names from a list of specific addresses. The worm spreads via e-mail and open network shares. (Computer Associates, Sophos) W98/Elkern - This virus is dropped by Win32/Klez (see above). It only infects Windows 98 and ME machines. (Sophos) WM97/Thus-FB - A Word macro virus that displays the following message on the 12th of any month: "It's TOO much violence in this world! Have MOT to stop it!" (Sophos) WM97/Marker-JT - Another Word macro virus that has a 1-in-3 chance of changing a document's summary information so that the title will read "Ethan Frome," the author will be listed as "EW/KN/CB" and the keywords field will show up as "Ethan." (Sophos) <From the interesting reading department: * Tivoli aims to plug security holes IBM software subsidiary Tivoli Systems last week unveiled products to automate user approval and authorization, and help network managers find and plug security holes. http://www.nwfusion.com/archive/2001/126817_10-29-2001.html Network World, 10/29/01 * McAfee horns in on Norton antivirus turf Network Associates' McAfee division next week will unveil an updated version of its antivirus management console that now exerts policy control over its main competitor, Symantec's Norton AntiVirus. http://www.nwfusion.com/archive/2001/126815_10-29-2001.html Network World, 10/29/01 * President Bush signs antiterrorism bill President George W. Bush Friday signed into law an antiterrorism measure designed to heighten national security and to temporarily give U.S. law enforcement officials and investigators more provisions for tracking down and detaining suspected terrorists. http://www.nwfusion.com/news/2001/1026bushbill.html IDG News Service, 10/26/01 * Archives online Find out which virus changes a Word document's author information to "Ethan Frome" in our online archives: http://www.nwfusion.com/newsletters/bug/index.html _______________________________________________________________ To contact Jason Meserve: Jason Meserve is the Multimedia Editor of Network World Fusion and writes about streaming media, search engines and IP Multicast. Jason can be reached at mailto:jmeserve@nww.com. _______________________________________________________________ Outsource your next IT project with Buy IT! Thousands of qualified vendors are listed in the directory and you choose the one you want to work with. Post a project, review proposals, and get your project done right. It's that easy! http://www.nwfusion.newmediary.com/091201nwwbuyernwltr2 _______________________________________________________________ FEATURED READER RESOURCE Network World Fusion's The Edge site Network World Fusion's The Edge is a resource devoted to the advances in service-provider networks that are shaking up the old telecom order. In classic Network World fashion, we focus on the hardware, software and services coming to market - but this time from the vendors targeting legacy carriers, new alternative local carriers, ISPs and application service providers. http://www.nwfusion.com/edge/index.html _______________________________________________________________ May We Send You a Free Print Subscription? You've got the technology snapshot of your choice delivered at your fingertips each day. Now, extend your knowledge by receiving 51 FREE issues to our print publication. Apply today at http://www.nwwsubscribe.com/nl _______________________________________________________________ SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World e-mail newsletters, go to: http://www.nwwsubscribe.com/news/scripts/notprinteditnews.asp To unsubscribe from promotional e-mail go to: http://www.nwwsubscribe.com/ep To change your e-mail address, go to: http://www.nwwsubscribe.com/news/scripts/changeemail.asp Subscription questions? Contact Customer Service by replying to this message. Have editorial comments? Write Jeff Caruso, Newsletter Editor, at: mailto:jcaruso@nww.com For advertising information, write Jamie Kalbach, Fusion Sales Manager, at: mailto:jkalbach@nww.com Copyright Network World, Inc., 2001 ------------------------ This message was sent to: vkamins@enron.com
|