|
|
Enron Mail |
NETWORK WORLD NEWSLETTER: JASON MESERVE
on SECURITY AND BUG PATCH ALERT 05/31/01 - Today's focus: Jennifer Lopez naked? Dear Wincenty Kaminski, In this issue: * Patches and alerts for NetBSD, FreeBSD, Linux-Mandrake, Immunix, others * Viruses, including a backdoor virus left by the sadmind/IIS worm * A new version of SuSE Linux, plus other interesting reading _______________________________________________________________ NEWS ALERTS NOW AVAILABLE FROM NETWORK WORLD! You have very specific information needs about a technology or technology vendor and you subscribe to a newsletter or go on- line to find out about the strategic developments in this specific area. But how do you stay up with the late-breaking news? Network World now offers six very focused News Alerts to keep you abreast of the most significant developments of the week on LANs, Storage, Network/Systems Management, The Edge, Cisco and Microsoft. As an added service, if there's impactful, late-breaking news about one of these specific technologies or vendors, by subscribing to our News Alerts, we'll let you know what it is within hours. Subscribe today at http://nww1.com/go/ad082.html _______________________________________________________________ Today's focus: Jennifer Lopez naked? By Jason Meserve (write me at jmeserve@nww.com) Oh boy, this one has the potential to be a big virus: A new version of the LoveLetter virus is "in the wild" that comes with an attachment claiming to be a naked picture of movie/music star Jennifer Lopez. The recent Anna Kournikova virus proved that sex sells, even if it is a virus. The particulars on this one include a subject line of "Where are you?", body text of "This is my pic in the beach!" and an attachment called "JENNIFERLOPEZ_NAKED.JPG.vbs". If you really want to see Jennifer Lopez sans clothing, just watch the next major awards show - she's bound to show up without clothes eventually. In other virus news, a hoax is going around that could convince Windows 95 and 98 users to delete an innocuous file off their systems. According to a story published by the IDG News Service, "The warning tells users to delete the sulfnbk.exe file, a utility used to restore long file names. The file isn't usually infected, and running a virus check on it will prove fruitless, which just adds to the hoax's credibility. The message warns people that it's a virus undetectable by antivirus software. Diligent users who search for the file and find it may presume the warning was accurate and delete it." For more on the hoax: http://www.nwfusion.com/news/2001/0530virus.html Today's bug patches and security alerts: * NetBSD warns of denial of service vulnerability NetBSD says it is possible to stop a NetBSD node from communicating by bombarding it with fragmented IPv4 packets. The NetBSD advisory says that for the attack to be effective, the attacker needs to have good network connectivity to the victim node (such as being logged onto the victim machine itself or connected by a fat LAN). For more information: ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-006.txt.as c * IP filter bypass possible According to a NetBSD alert, "IP Filter (ipf) - the IP packet filtering software in NetBSD - has a bug where the checks on a fragmented packet are incomplete and it may be possible to abuse this to bypass filter rules." For more information on this: ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-007.txt.as c * NetBSD patches sh3 According to NetBSD, "Missing validation of user-supplied arguments to a system call can allow user applications on the sh3 platform to execute code with supervisor privileges, bypassing normal system protections. This problem is only present on the sh3 platform, which includes the dreamcast, evbsh3, hpcsh and mmeye ports." For more: ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-008.txt.as c * FreeBSD warns of security holes in icecast FreeBSD is urging users to upgrade to the latest version of icecast, an application for serving up MP3 audio files. Previous releases contained number format string vulnerabilities that could allow a malicious user to run arbitrary code on the affected system. Intel processor users can download new icecast packages from: ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/audio/icecast -1.3.10.tgz ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-5-current/audio/icecas t-1.3.10.tgz * Samba fix available for FreeBSD Samba, the service message block protocol used in Linux operating systems, contains a temporary file race condition. This flaw could be exploited to overwrite arbitrary files on the affected system. Intel processor users can download new Samba packages from: ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/net/samba-2.0 .9.tgz ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-5-current/net/samba-2. 0.9.tgz ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/net/samba-dev el-2.2.0.tgz ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-5-current/net/samba-de vel-2.2.0.tgz * Linux-Mandrake, Immunix release gnupg patches A patch is available to Linux-Mandrake and ImmunixOS users that fixes a format string vulnerability in gnupg, an open source version of PGP for Linux. The flaw could be exploited to invoke shell commands with the privileges of the logged in user. For more information and to download a patch, Linux-Mandrake users can point to: http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-053.php3 Immunix users can get more information and links to patches at: http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-023-01 General information can be found at: http://www.gnupg.org/download.html * SuSE, Immunix patch man packages A couple of bugs in man (a tool for looking up online manual pages on Linux and Unix systems) could allow a malicious user to gain root access to the affected machine. More information will be available shortly for SuSE users, including links to patches, at: http://www.suse.com/us/support/security/index.html ImmunixOS users can get more information and patches from: http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-021-01 * Immunix updates Kerberos package According to an Immunix alert, there is "a possible buffer overflow in the kerberos gssapi-aware ftpd in the krb5- workstation package that is included in all versions of Immunix OS." Immunix believes StackGuard will protect against this flaw, but is urging users to upgrade anyway. For more information and download links: http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-022-01 Today's round up of virus alerts: * Vigilante warns of improperly cleaned backdoor virus Security software vendor Vigilante is warning that system administrators may not be properly removing the sadmind/IIS worm from their systems. The worm can be used as a backdoor for hackers to enter an infected machine and deface Web pages as well as cause other damage. It turns out that some people have cleaned the initial virus, but did not remove the backdoor program the virus drops, leaving the system vulnerable. For more information on this: http://www.cert.org/advisories/CA-2001-11.html * WM97/Marker-HL -- A Word macro virus that infects documents and creates a non-viral file called "version.dat". (Sophos) <From the interesting reading department: * SuSE enhances multimedia, security of Linux OS Linux vendor SuSE Linux Tuesday announced it would release an upgrade to the SuSE Linux 7.1 operating system. SuSE Linux 7.2 will be available directly from the company and software retailers starting June 15, the company said. http://www.nwfusion.com/news/2001/0530suslin.html * Microsoft says upgrade now or pay big later IT executives could face millions of dollars in extra costs to upgrade to the newest version of Microsoft Office, which ships this week, if they don't buy upgrade packages before the software giant's new license and maintenance program begins in four months. http://www.nwfusion.com/news/2001/0528office.html * Free archives All our newsletters are archived on Fusion, where you can access them for free. Yes, free! So come on down: http://www.nwfusion.com/newsletters/bug/index.html _______________________________________________________________ To contact Jason Meserve: Jason Meserve is the Multimedia Editor of Network World Fusion and writes about streaming media, search engines and IP Multicast. Jason can be reached at mailto:jmeserve@nww.com. ______________________________________________________________ FEATURED READER RESOURCE User Excellence Award If you've completed an interesting network project in the last 12 to 18 months, here's your chance to gain industry recognition for it. Network World is currently accepting nominations for its annual User Excellence Award. For more information and an online nomination form, go to http://www.nwfusion.com/nw/awards.html#excellence Deadline for submission is June 11. _______________________________________________________________ SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World e-mail newsletters, go to: http://www.nwwsubscribe.com/news/scripts/notprinteditnews.asp To unsubscribe from promotional e-mail go to: http://www.nwwsubscribe.com/ep To change your e-mail address, go to: http://www.nwwsubscribe.com/news/scripts/changeemail.asp Subscription questions? Contact Customer Service by replying to this message. Have editorial comments? Write Jeff Caruso, Newsletter Editor, at: mailto:jcaruso@nww.com For advertising information, write Jamie Kalbach, Fusion Sales Manager, at: mailto:jkalbach@nww.com Copyright Network World, Inc., 2001 ------------------------ This message was sent to: vkamins@enron.com
|