|
|
Enron Mail |
NETWORK WORLD NEWSLETTER: JASON MESERVE
on SECURITY AND BUG PATCH ALERT 10/04/01 - Today's focus: Novell to release security flaw details Dear Wincenty Kaminski, In this issue: * Patches and alerts for Novell GroupWise, Citrix MetaFrame, Zope, others * Viruses, including one that preys on recent anthrax scares * Microsoft's call to end information anarchy, plus other interesting reading _______________________________________________________________ SO, WHAT DO YOU THINK? Give us your opinion on 5 different banner advertisements and enter to win $500! Take the Banner Concepts survey at http://www.rresults.com/bannerconcept/index.cgi _______________________________________________________________ Today's focus: Novell to release security flaw details By Jason Meserve Novell has sent out a warning to GroupWise users that it will soon be unveiling details of the security flaw in its Padlock product. Back in August, the company announced that it had discovered a problem in the application and issued a patch. The company says 85% of its customers have downloaded the patch and is urging the rest to do so before Nov. 23, when it details what the flaw entails. The remaining 15% of users can download the appropriate patch from: http://support.novell.com/padlock Novell claims none of its customers have reported any security breaches as a result of this flaw. The announcement comes as Microsoft's Security Response Center published a column about how vulnerability information is shared and what should be done to change the current system. It's an interesting read: http://www.microsoft.com/technet/ttreeview/default.asp?url=/tecnet/columns/s ecurity/noarch.asp Today's bug patches and security alerts: * ISS: Citrix MetaFrame has remote denial of service vulnerability A vulnerability in Citrix MetaFrame, which works with Windows Terminal Services, could allow a remote user to crash the affected machine, requiring the machine to be restarted manually. A hotfix for this problem is available via the Citrix Support page at: http://www.citrix.com/support * GroupWise file viewing vulnerability According to an alert from Foundstone, a flaw in Novell's GroupWise server product could be exploited to view files anywhere on the affected machine, including the root directory. For more information on this vulnerability and ways to minimize its impact, visit: http://www.foundstone.com/cgi-bin/display.cgi?Content_ID=327 * Linux-Mandrake updates Zope Zope, the open-source applications server, contains a security check flaw that could allow a malicious user to force the application to call methods to which it would not normally have access. Linux-Mandrake has issued an update that fixes this problem: http://www.linux-mandrake.com/en/ftp.php3 * Openssh patches available A flaw in the way multiple keys are handled in various openssh implementations could allow key-based logins from unauthorized hosts. For more on this problem and a link to patches, go to: Linux-Mandrake: http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-081.php3 Red Hat source code: 7.0: ftp://updates.redhat.com/7.0/en/os/SRPMS/openssh-2.9p2-8.7.src.rpm 7.1: ftp://updates.redhat.com/7.1/en/os/SRPMS/openssh-2.9p2-8.7.src.rpm Trustix: http://www.trustix.org/pipermail/tsl-announce/2001-October/000031.html * Red Hat, Trustix offer patches for /bin/login's PAM A flaw in the /bin/login PAM code could allow a user to receive another user's credentials when logging into a server. For more information: Red Hat: http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=51646 Trustix: http://www.trustix.org/pipermail/tsl-announce/2001-October/000030.html * Caldera patches SCO Unix dtterm A buffer overflow vulnerability in the SCO Unix dtterm module could be exploited to gain elevated privileges. Download the fix for this problem from: ftp://stage.caldera.com/pub/security/openunix/CSSA-2001-SCO.26/ * SCO FTP daemon updated Caldera has fixed a vulnerability in the SCO FTP daemon that could have been used to execute arbitrary commands on the affected system. The fix can be downloaded from: ftp://stage.caldera.com/pub/security/unixware/CSSA-2001-SCO.27/ * Vulnerability in snes9x A buffer overflow vulnerability has been discovered in the snes9x emulator for FreeBSD, NetBSD, OpenBSD and Linux. Anyone exploiting the flaw could gain root privileges. It is recommended that users upgrade their snes9x packages: http://www.snes9x.com * Cisco recalls 95,000 ADSL power adapters Cisco is recalling about 95,000 power adapters it sold worldwide because of overheating problems, a U.S. consumer safety group said Tuesday. http://www.nwfusion.com/news/2001/1017cisco.html IDG News Service, 10/17/01 Today's roundup of virus alerts: * Flawed Anthrax worm hits 'Net A new mass mailer worm, purporting to provide information about the disease anthrax, has appeared on the Internet but is being hampered because of a flaw in its design, antivirus companies said Wednesday. http://www.nwfusion.com/news/2001/1017anthrax.html IDG News Service, 10/17/01 * WM97/Myna-AZ - This is one of those Word macro viruses with no malicious payload. (Sophos) * Dark Machine - A self-propagating worm that spreads via e- mail. It comes in a message with varying subject lines and body text that reads, "heh. I tell ya this is nuts! You gotta check it out!" Attachment names include Si.exe, UserConf.exe, Disk.exe, Rede.exe and Common.exe. (SecureWorks) <From the interesting reading department: * It's time to end information anarchy It's high time the security community stopped providing blueprints for building these weapons. And it's high time computer users insisted that the security community live up to its obligation to protect them. We can and should discuss security vulnerabilities, but we should be smart, prudent and responsible in the way we do it. http://www.microsoft.com/technet/treeview/default.asp?url=/technet/columns/s ecurity/noarch.asp Microsoft, October 2001 * Wireless nets could allow attacks of fixed networks A security study Monday sounded another call to arms for network administrators to secure wireless networks, showing how hackers can use traditional methods to attack otherwise secure fixed networks from a wireless entry point. http://www.nwfusion.com/news/2001/1015wireless.html IDG News Service, 10/15/01 * Opinion: Don't be lulled by firewalls The recent Nimda virus caused untold damage to companies throughout the world. IT administrators spent days disinfecting and patching infected systems, as well as belatedly applying current security patches to systems running Microsoft's Internet Information Server software. Nimda did an incredibly thorough job of finding systems running IIS, even if those systems weren't really Web servers. http://www.nwfusion.com/columnists/2001/1015works.html Network World, 10/15/01 * Court reinstates guilty verdict on computer saboteur The Third Circuit Court of Appeals in Philadelphia Friday reinstated the guilty verdict in the case of a former network administrator who had been convicted in May 2000 in the first prosecution of computer sabotage. http://www.nwfusion.com/news/2001/1015guilty.html Network World Fusion, 10/15/01 * WatchGuard upgrades Firebox security software Looking to expand the range of services offered and protected by its Firebox line of security appliances, WatchGuard Technologies Monday announced an upgrade to the software that runs its Firebox security hardware, adding DNS security, expanded VPN support and integration with intrusion detection systems. http://www.nwfusion.com/news/2001/1015watchguard.html IDG News Service, 10/15/01 * ISS aids management with RealSecure SiteProtector Looking to offer its customers a single console from which to manage their desktop, server and network security products, not to mention improve their effectiveness, Internet Security Systems Monday announced its RealSecure SiteProtector software. http://www.nwfusion.com/news/2001/1015realsecure.html IDG News Service, 10/15/01 * Microsoft to prioritize security bugs In an effort to help customers better respond to security threats, Microsoft said it will begin adding severity ratings to its security bulletins. Under the new severity rating system, vulnerabilities in Microsoft's products will henceforth be classified as either "critical," "moderate" or "low," according to a document released by the company's Security Response Center. http://www.newsbytes.com/news/01/171111.html Newsbytes, 10/15/01 * CERT/CC Statistics 1988-2001 CERT has just released updated numbers showing an increase in the number of reported security problems for the first nine months of 2001. Get all the numbers at: http://www.cert.org/stats/cert_stats.html * Free archives Take a vacation recently and need to catch up on your newsletter reading? Check out our archives at: http://www.nwfusion.com/newsletters/bug/index.html _______________________________________________________________ To contact Jason Meserve: Jason Meserve is the Multimedia Editor of Network World Fusion and writes about streaming media, search engines and IP Multicast. Jason can be reached at mailto:jmeserve@nww.com. _______________________________________________________________ FEATURED READER RESOURCE Audio Primers Are you behind on the basics of technologies such as ATM, IP Multicast and VPNs? Check out our library of audio primers - quick explanations of networking topics and technologies, including IPv6, SANs and DSL vs. cable. These less-than-10- minute primers will not only explain how these technologies work, but they'll also show you through slides and diagrams. http://www.nwfusion.com/primers/index.html _______________________________________________________________ May We Send You a Free Print Subscription? You've got the technology snapshot of your choice delivered at your fingertips each day. Now, extend your knowledge by receiving 51 FREE issues to our print publication. Apply today at http://www.nwwsubscribe.com/nl _______________________________________________________________ SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World e-mail newsletters, go to: http://www.nwwsubscribe.com/news/scripts/notprinteditnews.asp To unsubscribe from promotional e-mail go to: http://www.nwwsubscribe.com/ep To change your e-mail address, go to: http://www.nwwsubscribe.com/news/scripts/changeemail.asp Subscription questions? Contact Customer Service by replying to this message. Have editorial comments? Write Jeff Caruso, Newsletter Editor, at: mailto:jcaruso@nww.com For advertising information, write Jamie Kalbach, Fusion Sales Manager, at: mailto:jkalbach@nww.com Copyright Network World, Inc., 2001 ------------------------ This message was sent to: vkamins@enron.com
|