|
|
Enron Mail |
NETWORK WORLD NEWSLETTER: JASON MESERVE
on SECURITY AND BUG PATCH ALERT 06/04/01 - Today's focus: Windows Terminal Server bug Dear Wincenty Kaminski, In this issue: * Patches and alerts for Microsoft, Cisco, GuildFTPD, others * Viruses, including Trojan Horses that take over infected PCs * Apache.org gets hacked, plus other interesting reading _______________________________________________________________ TECHNOLOGY & VENDOR NEWS ALERTS! You have very specific information needs about a technology or technology vendor and you subscribe to a newsletter or go on- line to find out about the strategic developments in this specific area. But how do you stay up with the late-breaking news? Network World now offers six very focused News Alerts to keep you abreast of the most significant developments of the week on LANs, Storage, Network/Systems Management, The Edge, Cisco and Microsoft. As an added service, if there's impactful, late-breaking news about one of these specific technologies or vendors, by subscribing to our News Alerts, we'll let you know what it is within hours. Subscribe today at http://nww1.com/go/ad082.html _______________________________________________________________ Today's focus: Windows Terminal Server bug By Jason Meserve (write me at jmeserve@nww.com) Today's bug patches and security alerts: * Bug bites Windows Terminal Services An independent tester says he has uncovered a bug that causes a total collapse of Windows Terminal Services running on Windows 2000 at specific processor speeds, but Microsoft is trying to debunk the claim that the problem is with Windows 2000. The bug appears when Terminal Services runs on a dual-processor computer with 933-MHz or 1-GHz clock speeds. Other clock speeds do not trigger the bug. Terminal Services is built into Windows 2000 to support multiuser thin-client computing. http://www.nwfusion.com/news/2001/0604infra.html * Cisco Content Service Switch 11000 series flaw A hole in the Cisco Content Service Switch 11000 series authentication module could allow a user to gain unauthorized access to the switch. The switch normally redirects users to a management console URL after authentication. But unauthorized users can bypass the security by directly connecting to the management console URL. For more information: http://www.cisco.com/warp/public/707/arrowpoint-webmgmt-vuln-pub.shtml * GuildFTPD server vulnerabilities found A number of flaws have been discovered in GuildFTPD, a free FTP server for the Windows platform. The vulnerabilities include unencrypted password files, buffer overflow errors that could lead to execution of arbitrary code, memory problems that could cause a denial of service, and directory transversal problems. No patch is available at the moment, so it is recommended that the service be stopped until a patch is available. A new version of the program should be posted at: http://guildftpd.ztnet.com/index.html * IMP Webmail temporary file flaw uncovered The IMP Webmail program for Linux and Unix contains a flaw in the way it stores attachments in temporary files. This flaw could be used in a symlink attack to overwrite files on the affected system. Download Version 2.2.5 to fix the problem: http://www.horde.org/imp/ * Trustix releases new version of GnuPG A flaw in GnuPG, the open-source version of PGP, could allow a user's private key to be compromised. Trustix users can download patches for this problem from: http://www.trustix.net/pub/Trustix/updates/ ftp://ftp.trustix.net/pub/Trustix/updates/ * Caldera reports flaw in Webmin A problem starting system daemons from the Webmin Web-based tool could allow a malicious user to dump all of the system variables to a file. This information could be exploited by a hacker to gain access to the affected system. Download patches from: OpenLinux eServer 2.3.1 and OpenLinux eBuilder for ECential 3.0: ftp://ftp.caldera.com/pub/updates/eServer/2.3/current/RPMS/ OpenLinux eDesktop 2.4: ftp://ftp.caldera.com/pub/updates/eDesktop/2.4/current/RPMS/ Today's round up of virus alerts: * Trojan.Binghe.Srv - This backdoor virus can connect to another computer, open a chat session, create screen captures and manage e-mail. (Panda Software) * Backdoor/Cafeini.09 - Like Trojan.Binghe.Srv, this Trojan Horse has the added capability of copying, deleting and running files, and can open the user's browser at a specific page. (Panda Software) * Trojan/Megabyte - An MS-DOS-based virus that attempts to overwrite the infected machine's CMOS. (Panda Software) * Trojan/Megachar - This MS-DOS-based virus overwrites the master boot record on the infected machine's hard drive. (Panda Software) * Trojan/Megaword - A Trojan virus that overwrites the "COMP.DLL" on MS-DOS-based machines. (Panda Software) * WM/Alex.E:Tw - A Word macro virus that displays messages on the screen and attempts to delete such files as autoexec.bat and config.sys. (Panda Software) * VBS/VBSWG.AC - This Visual Basic virus transmits via e-mail and writes itself to a file called "alert.vbs" in the Windows System directory. (Panda Software) * June 1 virus hoax damage can be repaired If you fell for the June 1 virus hoax and dutifully deleted the SULFNBK.EXE file from your Windows 98 operating system, don't panic. Chances are good that you won't notice that the file has been removed. Its loss won't harm Windows 98, and the file can be replaced easily. http://www.nwfusion.com/news/2001/0601hoax.html <From the interesting reading department: * Apache.org hacked; source code not compromised Earlier this month, a public server of the Apache Software Foundation was illegally accessed by unknown crackers. The intrusion into this server, which handles the public mail lists, web services and the source code repositories of all Apache Software Foundation projects, was quickly discovered, and the server immediately taken offline. Security specialists and administrators determined the extent of the intrusion, repaired the damage, and brought the server back into public service. http://www.apache.org/info/hack-20010519.html * Encrypted mobile phone hits market A specially modified mobile phone that encrypts conversations is now available worldwide, offering business executives, government officials and law enforcement officers the ability to talk via a secure connection even while on the move. http://www.nwfusion.com/news/2001/0531encrypt.html * Tech spending drops for sixth straight month Technology spending growth declined for the sixth straight month, according to a new poll of CIOs and other professionals by CIO magazine and Yardeni.com. http://www.nwfusion.com/news/2001/0601techspend.html * Archives online What was that Windows 2000 bug we wrote about a couple weeks back? Look it up in our newsletter archives: http://www.nwfusion.com/newsletters/bug/index.html _______________________________________________________________ To contact Jason Meserve: Jason Meserve is the Multimedia Editor of Network World Fusion and writes about streaming media, search engines and IP Multicast. Jason can be reached at mailto:jmeserve@nww.com. _______________________________________________________________ FEATURED READER RESOURCE User Excellence Award If you've completed an interesting network project in the last 12 to 18 months, here's your chance to gain industry recognition for it. Network World is currently accepting nominations for its annual User Excellence Award. For more information and an online nomination form, go to http://www.nwfusion.com/nw/awards.html#excellence Deadline for submission is June 11. _______________________________________________________________ SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World e-mail newsletters, go to: http://www.nwwsubscribe.com/news/scripts/notprinteditnews.asp To unsubscribe from promotional e-mail go to: http://www.nwwsubscribe.com/ep To change your e-mail address, go to: http://www.nwwsubscribe.com/news/scripts/changeemail.asp Subscription questions? Contact Customer Service by replying to this message. Have editorial comments? Write Jeff Caruso, Newsletter Editor, at: mailto:jcaruso@nww.com For advertising information, write Jamie Kalbach, Fusion Sales Manager, at: mailto:jkalbach@nww.com Copyright Network World, Inc., 2001 ------------------------ This message was sent to: vkamins@enron.com
|