|
|
Enron Mail |
NETWORK WORLD NEWSLETTER: JASON MESERVE on
SECURITY AND BUG PATCH ALERT 01/10/02 Today's focus: Panda: Virus authors getting trickier Dear Wincenty Kaminski, In this issue: * Virus news from Panda and SiliconValley.com * Patches and alerts for mutt, Cisco SN 5420, SGI NQE, others * New viruses aimed at Shockwave Flash, Microsoft .Net * Many U.S. companies at risk for cyber attacks, plus other interesting reading _______________________________________________________________ This newsletter sponsored by Akaba NEW! Network Security Validation System Check your Firewalls, Servers and Applications. The people who designed Firewalls and VPN devices for Novell, Avaya (VPNet) and Alcatel (Internet Devices) have developed a powerful network scanning system. See how the next generation in Security technology will ensure confidence in your network. Get the "Network Security Validation:2002" White Paper. http://nww1.com/go/3797703a.html _______________________________________________________________ PRODUCT INFO IN ONE CONVENIENT LOCATION! Heard about a new product launch? Curious to find out if the features and benefits of this new product will meet your critical business needs? Network World Fusion's Product Central section includes all the info you need to make informed decision about new products and also includes a product finder function. Check it out at http://nww1.com/go/ad216.html _______________________________________________________________ Today's focus: Panda: Virus authors getting trickier By Jason Meserve I got a couple of interesting items in my inbox this week. The first was an antivirus vendor press release doing the annual look-back-at-last-year and look-forward-to-this-year pitch. The Panda Software release says virus authors are getting more tricky in their attempts to spread viruses, using social engineering techniques to get unsuspecting users to open their malicious wares. Panda is hoping that 2002 will not be a repeat of 2001, when a number of simple "bait" messages caused mass mailing viruses to spread like wildfire. Panda also suspects that viruses in 2002 will go after known system exploits like buffer overflows to run code on infected machines. Users are urged to keep systems and antivirus software up-to-date with the latest patches and updates. Sounds like common sense to me. For more, go to: http://www.pandasoftware.com/ The second item was an e-mail alert sent around by the authors of the SiliconValley.com newsletter warning that their systems had been hacked and used to send messages infected with Magistr.B virus. Not good when a major media outlet's systems are hacked and used to attack unsuspecting readers. Let's hope Network World's systems never suffer such a fate. Today's bug patches and security alerts: * More mutt updates available from Linux vendors A buffer overflow in mutt's e-mail address parser could be exploited by a malicious user to overwrite arbitrary bytes in memory. Red Hat users can download new versions of mutt from: https://www.redhat.com/support/errata/RHSA-2002-003.html Linux-Mandrake users can get more from: http://www.mandrakesecure.net/en/advisories/2002/MDKSA-2002-002.php Conectiva users: http://distro.conectiva.com.br/atualizacoes/?id=a&;anuncio=000449 SuSE users: http://lists2.suse.com/archive/suse-security-announce/2002-Jan/0000.html Trustix users: http://www.trustix.org/pipermail/tsl-announce/2002-January/000045.html * Cisco SN 5420 Storage Router vulnerability According to an alert from Cisco, three vulnerabilities have been discovered in Cisco SN 5420 Storage Router software releases up to and including 1.1(5). Two of the vulnerabilities can cause a denial-of-service attack. The other allows access to the SN 5420 configuration if it has been previously saved on the router. There is no workaround for these vulnerabilities. For more, go to: http://www.cisco.com/warp/public/707/SN-multiple-pub.shtml * SGI reports NQE vulnerability The Network Queuing Environment (NQE) that shipped in the past with SGI contains a remotely exploitable buffer overflow vulnerability that could lead to a malicious user gaining root access. SGI considers this product retired and will not be releasing a patch for the problem. For more, go to: ftp://patches.sgi.com/support/free/security/advisories/20020101-01-I * Sun releases patch for CDE Subprocess Control Service A buffer overflow flaw in the CDE Subprocess Control Service (dtspcd) daemon could be exploited by a malicious user to gain root access on the affected system. Sun users can download the appropriate patch from: http://sunsolve.sun.com/securitypatch * Debian patches libgtop Two flaws in the libgtop daemon could allow a malicious user to gain privileges of the application, usually those for the "nobody" user. Debian users can get more information and patches from: http://www.debian.org/security/2002/dsa-098 * Microsoft investigating alleged flaw in IE browser Microsoft said it's investigating an alleged flaw in recent versions of its Internet Explorer browser software that could allow attackers to spoof legitimate Web sites, steal content from browser cookies and gain access to certain types of files on a victim's system. http://www.nwfusion.com/news/2002/0108ieflaw.html Computerworld, 01/08/02 * Linux-Mandrake updates BIND Previous versions of BIND 9.x that shipped with Linux-Mandrake 8.0 and 8.1 contain insecure permissions, configuration files and executables. This new release tightens things up a bit. For more, go to: http://www.mandrakesecure.net/en/advisories/2002/MDKSA-2002-001.php * Red Hat fixes exim A flaw in the way exim handles some incoming data could expose the affected system to arbitrary malicious code. For more, go to: https://www.redhat.com/support/errata/RHSA-2001-176.html * Patch available for stunnel Red Hat has released a patch for stunnel to fix a format string vulnerability that could be exploited to execute arbitrary code on the affected system. For more, go to: https://www.redhat.com/support/errata/RHSA-2002-002.html * Conectiva patches proftpd Two vulnerabilities in proftpd could allow a malicious user to bypass some security features or launch a denial-of-service attack against the affected machine. For more, go to: http://distro.conectiva.com.br/atualizacoes/?id=a&;anuncio=000450 Today's roundup of virus alerts: * First virus identified that infects Shockwave Flash files Antivirus software vendors say they have spotted the first computer virus that uses Macromedia's Shockwave Flash files to transmit itself once a victim clicks to run the Flash movie. Identified as SWF/LFM-926 by antivirus software vendor Sophos, this virus is not yet "in the wild," infecting computers. The Shockwave Flash virus was sent to Sophos as a sample via anonymous e-mail, and this specimen is now being shared and analyzed among several antivirus vendors. http://www.nwfusion.com/news/2002/0108flashvirus.html Network World, 01/08/02 * XM97/Bdoc2-A - An Excel macro virus that displays a message on April 26 and attempts to shut down the current Windows session if the day is a multiple of 5. (Sophos) * WM97/Opey-AX - A Word macro virus that changes user summary information in the infected document. It also makes changes to the autoexec.bat file to display a Happy Birthday message on certain days of the year. (Sophos) * W32.Donut - A virus only Homer Simpson could love. Symantec reports this is a concept virus designed to test potential weaknesses in Microsoft's .Net architecture. (Symantec) <From the interesting reading department: * Suggested fix for AIM hole has back door, spyware Software recommended by security group w00w00 to plug a hole in AOL's Instant Messenger opens the user's system to hacker attacks and can direct the user's Web browser to pornographic Web sites," w00w00 said Tuesday. http://www.nwfusion.com/news/2002/0109aimhole.html IDG News Service, 01/09/02 * Many U.S. companies at risk for cyberattacks U.S. computer systems are increasingly vulnerable to cyberattacks, partly because companies are not implementing security measures already available, according to a new report released Tuesday. http://digitalmass.boston.com/news/2002/01/08/cyber_attack.html Reuters, 01/08/02 * Wireless LAN security fix on tap from IEEE group Network executives worried about the security of their wireless LANs may soon be able to sleep a little easier: The standards committee responsible for the broken wireless LAN encryption algorithm, Wired Equivalent Privacy, has approved a fix to the system that can be applied to existing equipment. http://www.nwfusion.com/news/2002/128615_01-07-2002.html Network World, 01/07/02 * McAfee touts antivirus pack for NetWare 6.0 Network Associates' McAfee division this week becomes the first vendor to offer antivirus software for Novell's NetWare 6.0 server, although others, including Computer Associates, expect to have competing products ready within weeks. http://www.nwfusion.com/news/2002/128752_01-07-2002.html Network World, 01/07/02 * Panda introduces Exchange antivirus tool to the U.S. In the wake of a rash of nasty e-mail viruses over the past year, European antivirus tools vendor Panda Software this week made the first U.S. release of its Panda Antivirus for Exchange 2000 software available. http://www.nwfusion.com/news/2002/0104panda.html Network World Fusion, 01/04/02 * Check Point adds security assessment to OPSEC Leading firewall and virtual private network vendor Check Point Software Tuesday announced an expansion of its OPSEC security initiative, adding assessment tools to the framework. http://www.nwfusion.com/news/2002/0108checkpoint.html IDG News Service, 01/08/02 * Secure IM software proliferates The market for secure, business-grade instant messaging software is picking up steam, with several start-ups now offering packages that automatically encrypt real-time chat sessions between users. However, these packages do not yet offer secure communications with users of popular consumer- oriented IM systems from AOL, Microsoft and others. http://www.nwfusion.com/news/2002/0109secureim.html Network World Fusion, 01/09/02 * NetScreen offers new VPN-firewall gear NetScreen this week introduced VPN gear that makes it possible for users to tailor-fit protection for specific network resources without having to buy multiple boxes. Four new NetScreen VPN appliances have at least four 10/100 Ethernet ports, each of which can oversee a separate, independently configured security domain. http://www.nwfusion.com/news/2002/0109netscreen.html Network World Fusion, 01/09/02 * Archives: It is 2002 now. Look back on all the events of 2001 at: http://www.nwfusion.com/newsletters/bug/ _______________________________________________________________ To contact Jason Meserve: Jason Meserve is the Multimedia Editor of Network World Fusion and writes about streaming media, search engines and IP Multicast. Jason can be reached at mailto:jmeserve@nww.com. _______________________________________________________________ Promote your services and generate qualified leads! Register on Buy IT, NW Fusion's Vendor Directory and RFP Center. It's cost-effective and eliminates the headaches of finding new business. List your company today and access millions of dollars in RFPs posted by active buyers. Go to NW Fusion now! http://www.nwfusion.newmediary.com/091201nwwprovnwltr1 _______________________________________________________________ FEATURED READER RESOURCE Network World Fusion's Net.Worker site Whether your company is growing larger or scaling back, corporate managers are looking for ways to cut costs while retaining and recruiting star employees. One smart solution - at least on paper - is to let some employees work from home. Network World's Net.Worker Web site bridges the gap between the telework concept and the hardware, software and services needed to make it happen. We bring you news and reviews, sound advice and keen insight into the technologies and solutions you need to manage a remote and mobile workforce. Visit http://www.nwfusion.com/net.worker/index.html _______________________________________________________________ May We Send You a Free Print Subscription? You've got the technology snapshot of your choice delivered at your fingertips each day. Now, extend your knowledge by receiving 51 FREE issues to our print publication. Apply today at http://www.nwwsubscribe.com/nl _______________________________________________________________ SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World e-mail newsletters, go to: http://www.nwwsubscribe.com/news/scripts/notprinteditnews.asp To unsubscribe from promotional e-mail go to: http://www.nwwsubscribe.com/ep To change your e-mail address, go to: http://www.nwwsubscribe.com/news/scripts/changeemail.asp Subscription questions? Contact Customer Service by replying to this message. Have editorial comments? Write Jeff Caruso, Newsletter Editor, at: mailto:jcaruso@nww.com For advertising information, write Jamie Kalbach, Director of Online Sales, at: mailto:jkalbach@nww.com Copyright Network World, Inc., 2002 ------------------------ This message was sent to: vkamins@enron.com
|