Formmail.pl used for spam mailings
 
|
|||
 | |||
|
Sign up to receive this and other networking newsletters in your inbox.
I got a call from Baltimore Technologies this week regarding a mention in last week's newsletter titled "Kerberos 4/5 problem found" (www.nwfusion.com/newsletters/bug/2001/00519077.html). The newsletter mentioned a problem in Baltimore Technologies' Websweeper product that had been reported by Defcom Labs. According to the vendor, there is no flaw, and the alert is the result of a miscommunication between the company and Defcom Labs.
So those Websweeper customers looking for a patch can relax and have a nice weekend.
Advertisement: |
Today's bug patch and security alerts:
Spam bug in Formmail.pl reported
Formmail.pl, one of the most-used programs on the Web, is designed to send data entered into a Web form to an e-mail address. A flaw in the way the program works could be exploited by a malicious user who could use Formmail as a spam server. Panda Software recommends users fix the recipient e-mail address in the Perl file and set the source code to be inaccessible by outside users. Panda Software can be found at:
Vulnerability in Redi stock-trading program found
Redi, a real-time stock-trading application, transmits passwords and user information in clear text. This information could be gathered to gain access to trading accounts. A patch is available from:
Microsoft responds to IIS flaw discovered by Guniniski
A week or two ago I mentioned that Georgi Guniniski had discovered a possible flaw in Microsoft's Internet Information Server 5.0 that could be exploited to restart system services remotely. Microsoft has issued a statement saying this flaw was fixed in a previously released patch. The patch can be downloaded from:
www.microsoft.com/technet/security/bulletin/MS01-016.asp
Conectiva patches cups
The cups printing system for Linux contains a couple of buffer-overflow and insecure, temporary-file handling vulnerabilities. Though cups is not installed by default in Conectiva's flavor of Linux, the company is still urging users to upgrade:
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/cups-1.1.6-6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/cups-libs-1.1.6-6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/cups-doc-1.1.6-6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/cups-devel-static-1.1.6-6cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/cups-devel-1.1.6-6cl.i386.rpm
Conectiva releases slrn patch
As we reported in our last edition, there's a buffer-overflow vulnerability in the slrn newsreader for Linux. Conectiva users can download the source code for the fix from:
ftp://atualizacoes.conectiva.com.br/4.0/SRPMS/slrn-0.9.6.3-1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/4.0es/SRPMS/slrn-0.9.6.3-1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/4.1/SRPMS/slrn-0.9.6.3-1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/4.2/SRPMS/slrn-0.9.6.3-1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/5.0/SRPMS/slrn-0.9.6.3-1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/5.1/SRPMS/slrn-0.9.6.3-1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/6.0/SRPMS/slrn-0.9.6.3-1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/SRPMS/slrn-0.9.6.3-1cl.src.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/SRPMS/slrn-0.9.6.3-1cl.src.rpm
Conectiva issues patch for icecast
The freeware icecast audio server for Linux contains buffer-overflow and format-string vulnerabilities that may be remotely exploitable. Conectiva users can download updated packages from:
ftp://atualizacoes.conectiva.com.br/4.1/SRPMS/icecast-1.3.9-2cl.src.rpm
ftp://atualizacoes.conectiva.com.br/4.1/i386/icecast-1.3.9-2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.2/SRPMS/icecast-1.3.9-2cl.src.rpm
ftp://atualizacoes.conectiva.com.br/4.2/i386/icecast-1.3.9-2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.0/SRPMS/icecast-1.3.9-2cl.src.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/icecast-1.3.9-2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/SRPMS/icecast-1.3.9-2cl.src.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/icecast-1.3.9-2cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/6.0/SRPMS/icecast-1.3.9-2cl.src.rpm
ftp://atualizacoes.conectiva.com.br/6.0/RPMS/icecast-1.3.9-2cl.i386.rpm
Conectiva issues patch for Zope
Zope, the open source application server, contains a number of permission flaws that could allow malicious users to gain elevated privileges or modify source code. Conectiva has released its version of the fix:
ftp://atualizacoes.conectiva.com.br/4.2/SRPMS/Zope-2.1.7-10cl.src.rpm
ftp://atualizacoes.conectiva.com.br/5.0/SRPMS/Zope-2.1.7-10cl.src.rpm
ftp://atualizacoes.conectiva.com.br/5.1/SRPMS/Zope-2.1.7-10cl.src.rpm
ftp://atualizacoes.conectiva.com.br/6.0/SRPMS/Zope-2.1.7-10cl.src.rpm
Linux-Mandrake, Conectiva, Trustix release mutt patches
A format-string vulnerability has been discovered in mutt, an Internet Message Access Protocol mail client for Linux. This can affect most versions of Linux. Linux-Mandrake users can download new version of mutt from:
www.linux-mandrake.com/en/ftp.php3
Conectiva users download source code here:
ftp://atualizacoes.conectiva.com.br/4.0/SRPMS/mutt-1.2.5-6cl.src.rpm
ftp://atualizacoes.conectiva.com.br/4.0es/SRPMS/mutt-1.2.5-6cl.src.rpm
ftp://atualizacoes.conectiva.com.br/4.1/SRPMS/mutt-1.2.5-6cl.src.rpm
ftp://atualizacoes.conectiva.com.br/4.2/SRPMS/mutt-1.2.5-6cl.src.rpm
ftp://atualizacoes.conectiva.com.br/5.0/SRPMS/mutt-1.2.5-6cl.src.rpm
ftp://atualizacoes.conectiva.com.br/5.1/SRPMS/mutt-1.2.5-6cl.src.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/SRPMS/mutt-1.2.5-6cl.src.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/SRPMS/mutt-1.2.5-6cl.src.rpm
Trustix users can find updates at:
www.trusix.net/pub/Trustix/updates/
ftp://ftp.trusix.net/pub/Trustix/updates/
Linux-Mandrake releases sgml-tools fix
As we reported earlier this week, a vulnerability in the way temporary files are handled by sgml-tools in a multiuser system could allow documents to be accessed by unauthorized viewers. Linux-Mandrake has released a patch for the problem that can be downloaded from:
www.linux-mandrake.com/en/ftp.php3
Patch available for licq
The licq client for Linux-Mandrake contains a security vulnerability in the way it passes URLs to a browser. The URLs are not properly checked and could included piped commands that can be used to execute arbitrary commands on the affected system. Linux-Mandrake users can download the appropriate patch from:
www.linux-mandrake.com/en/ftp.php3
Today's roundup of virus alerts:
New 'Injustice' virus spreads political message
A new e-mail borne virus designed to spread a pro-Palestinian message is popping up in some North American mail systems, according to alerts from the major virus vendors. Fortunately, this does not cause any malicious damage to the computer it infects. Network World Fusion, 03/20/01.
www.nwfusion.com/news/2001/0320injustice.html
WM97/Flop-A: This virus infects Word documents stored on floppy disks. (Sophos)
VBS/Linda-A: This is one of the VBS viruses that overwrites certain file types - in this case, many important file types. Spreads via IRC and Outlook and comes with the subject line "Important message for <recipient name>" and a body text of "This is the attached file you asked from me." The attachment may have a different name each time. (Sophos)
WM97/Marker-GN: A Word macro virus that changes an infected document's summary information. The author and comments fields are changed. (Sophos)
WM97/Ded-M: Another Word macro virus spawned from the combination of the WM97/Ded-B and WM97/Class viruses. No word on what type of damage it could cause. (Sophos)
WM97/Opey-X: This Word macro virus activates if the month is after July and at certain times of the day. It changes Word's user information and the infected document's summary information. It will also display messages and cause Word to exit suddenly. (Sophos)
From the interesting reading department:
Results of the recent Honeynet Project Forensic Challenge released
The Honeynet Project, a group of security officials dedicated to researching hacking techniques (and a way to stop them), has released the latest results from its Forensic Challenge. They can be viewed at:
project.honeynet.org/challenge/results/
Microsoft preps security features for IE
The next version of the Microsoft's Internet Explorer Web browser will integrate new privacy protocols, giving Web surfers more control over what kinds of cookies to accept, according to a Microsoft release on Wednesday. IDG News Service, 03/21/01.
www.nwfusion.com/news/2001/0321iesec.html
FBI names new chief for computer security division
The Federal Bureau of Investigations announced the appointment of a new chief for the National Infrastructure Protection Center, the office responsible for protecting the nation's computer networks against hackers and cyberterrorists. IDG News Service, 03/21/01.
www.nwfusion.com/news/2001/0321fbichief.html
SSH inventor denied trademark request
The Internet engineering community rebuffed one of its own security gurus this week, by rejecting a request from the inventor of the popular Secure Shell protocol to change the technology's acronym to protect his company's trademark on the term. Network World Fusion, 03/21/01.
www.nwfusion.com/news/2001/0321ssh.html
Archives available
For dedicated readers of Security and Bug Patch Alert who need to refer back to something written in this space for the past year, we have a searchable index:
www.nwfusion.com/newsletters/bug/index.html
RELATED LINKS
Jason Meserve is the Multimedia Editor of Network World Fusion and writes about streaming media, search engines and IP Multicast. Jason can be reached at jmeserve@nww.com.
Security and Bug Patch Alert archive
Past newsletters.
