Linux worm causes peer pressure

Security 10929 Published by Philipp Esselbach 0

CNET News has put up another article about Slapper worm:

The Linux Slapper worm had compromised more than 6,700 servers as of early Monday morning, and it continues to create a peer-to-peer attack network that could shut down even corporate Internet connections.

Read more

Sun Cobalt RaQ and Slapper

Security 10929 Published by Philipp Esselbach 0

Michael Stauber has posted a temporary hotfix for the Slapper worm on Sun's supportforum:

"As root and from within SSH (or Telnet, which you should have disabled as a security precaution) issue the following command:

chmod 700 /usr/bin/gcc

It will remove most of the executable bits from the GCC compiler so that the compiler is only available to user root, but not to ordinary users or the httpd process. The more drastic approach would be to deny the compiler to all users including root:

chmod 600 /usr/bin/gcc

As said: The worm can still exploit the Apache hole to get in, but it then won't be able to compile the exploit code on the RaQ."

Read more

Linux worm creating P2P attack network

Security 10929 Published by Philipp Esselbach 0

CNet News has posted another article on the new Linux Worm "Slapper":

The worm seems to spreading fairly rapidly, according to security firm Symantec, which early Friday detected about 2,000 infected computers actively attacking, a number that climbed to 3,500 late Friday. The company's security personnel could not be contacted for comment Saturday.

Read more

Linux server worm exploits known flaw

Security 10929 Published by Philipp Esselbach 0

Saw over CNET News:

"Designated "Linux.Slapper.Worm" by security firm Symantec, the self-replicating program may have originated in Europe and threatens Linux servers that offer an encryption feature known as Secure Sockets Layer, the standard method for encrypting sensitive Web traffic, through a common extension to the open-source Apache Web server."

Read more

New wordtrans packages for Red Hat 7.3

Security 10929 Published by Philipp Esselbach 0

New wordtrans packages for Red Hat Linux 7.3 has been released:

Updated wordtrans packages are now available for Red Hat Linux 7.3 which fix remote vulnerabilities in wordtrans-web.

The wordtrans-web package provides an interface to query multilingual dictionaries via a web browser. Guardent discovered vulnerabilities which affect versions of wordtrans up to and including 1.1pre8.

Read more

Ethereal Update for Debian

Security 10929 Published by Philipp Esselbach 0

An Ethereal update for Debian GNU/Linux has been released:

"Ethereal developers discovered a buffer overflow in the ISIS protocol dissector. It may be possible to make Ethereal crash or hang by injecting a purposefully malformed packet onto the wire, or by convincing someone to read a malformed packet trace file. It may be possible to make Ethereal run arbitrary code by exploiting the buffer and pointer problems.

This problem has been fixed in version 0.9.4-1woody2 for the current stable distribution (woody), in version 0.8.0-4potato.1 for the old stable distribution (potato) and in version 0.9.6-1 for the unstable distribution (sid)."

Read more

New Mantis Package for Debian

Security 10929 Published by Philipp Esselbach 0

A new updated Mantis package for Debian GNU/Linux has been released:

"A problem with user privileges has been discovered in the Mantis package, a PHP based bug tracking system. The Mantis system didn't check whether a user is permitted to view a bug, but displays it right away if the user entered a valid bug id."

Read more

New Security Updates for Debian & SuSE

Security 10929 Published by Philipp Esselbach 0

New security updates for Debian GNU/Linux and SuSE Linux are available

Debian GNU/Linux:
DSA-160-1 scrollkeeper -- insecure temporary file creation

Spybreak discovered a problem in scrollkeeper, a free electronic cataloging system for documentation. The scrollkeeper-get-cl program creates temporary files in an insecure manner in /tmp using guessable filenames. Since scrollkeeper is called automatically when a user logs into a Gnome session, an attacker with local access can easily create and overwrite files as another user.

Read more

SuSE Linux:
glibc: local/remote privilege escalation

An integer overflow has been discovered in the xdr_array() function, contained in the Sun Microsystems RPC/XDR library, which is part of the glibc library package on all SuSE products. This overflow allows a remote attacker to overflow a buffer, leading to remote execution of arbitrary code supplied by the attacker.

Read more

PXE Server Update for Red Hat

Security 10929 Published by Philipp Esselbach 0

Red Hat has released a new security update for Red Hat Linux:

"Updated PXE packages are now available for Red Hat Linux which fix a vulnerability that can crash the PXE server using certain DHCP packets.

The PXE package contains the PXE (Preboot eXecution Environment) server and code needed for Linux to boot from a boot disk image on a
Linux PXE server.

It was found that the PXE server could be crashed using DHCP packets from some Voice Over IP (VOIP) phones. This bug could be used to cause a denial of service attack on remote systems by using malicious packets."

Read more

Python Security Update for Debian

Security 10929 Published by Philipp Esselbach 0

A new updated Python packages has been released for Debian GNU/Linux:

"Zack Weinberg discovered an insecure use of a temporary file in os._execvpe from os.py. It uses a predictable name which could lead execution of arbitrary code.

This problem has been fixed in several versions of Python: For the current stable distribution (woody) it has been fixed in version 1.5.2-23.1 of Python 1.5, in version 2.1.3-3.1 of Python 2.1 and in version 2.2.1-4.1 of Python 2.2. For the old stable distribution (potato) this has been fixed in version 1.5.2-10potato12 for Python 1.5. For the unstable distribution (sid) this has been fixed in version 1.5.2-24 of Python 1.5, in version 2.1.3-6a of Python 2.1 and in version 2.2.1-8 of Python 2.2. Python 2.3 is not affected by this problem."

Read more

Security Updates for Debian & Red Hat

Security 10929 Published by Philipp Esselbach 0

New security updates for Debian GNU/Linux and Red Hat Linux are available.

Debian GNU/Linux:
DSA-155-1 kdelibs -- privacy escalation with Konqueror
"Due to a security engineering oversight, the SSL library from KDE, which Konqueror uses, doesn't check whether an intermediate certificate for a connection is signed by the certificate authority as safe for the purpose, but accepts it when it is signed. This makes it possible for anyone with a valid VeriSign SSL site certificate to forge any other VeriSign SSL site certificate, and abuse Konqueror users."

Read more

Red Hat Linux:
New kernel update available, fixes i810 video oops, several security issues
"Updated kernel packages are now available which fix an oops in the i810 3D kernel code. This kernel update also fixes a difficult to trigger race in the dcache (filesystem cache) code, as well as some potential security holes, although we are not currently aware of any exploits."

Read more

Previous Page

Next Page

Windows

Linux

macOS

Community

  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...