Security

CERT and SecurityFocus provide Microsoft and UNIX fixes

The usual suspects (Microsoft and Novell) were quiet this week, so Exterminator turned to CERT to find a Microsoft DNS Server vulnerability and to SecurityFocus for a Linux/FreeBSD e-mail bug. Trend Micro also released info on two dangerous viruses.


Exterminator brings you weekly updates on bug fixes, virus recovery, service release announcements, and security notices for Windows, Novell, Linux, and other systems.

Microsoft issues
Regarding: Microsoft Windows NT/2000 with DNS Server
Date posted: Aug. 31, 2001
Patch URL: Click here for workaround information.
Information URL: Click here for more information.

This week's Microsoft alert comes not from Redmond but from CERT. It has received reports about cache corruption on Microsoft DNS Server systems. Once bad data is cached in your server, either through malicious intent or simple error, erroneous data will be returned.

Linux/UNIX issues
Regarding: procmail
Date posted: Sept. 24, 2001
Information URL: Click here for more information.

This just in from SecurityFocus: If you're running procmail prior to version 3.20, you're vulnerable to a potentially serious bug. These earlier versions of procmail performed unsafe actions while in the signal handlers with the potential of allowing superuser access to an unauthorized user. Detailed instructions for eliminating the problem are available at the above link.

Virus updates from Trend Micro
Virus/Worm: PE_NIMDA.A
Posted: Sept. 24, 2001
Risk: High
Information URL: Click here for more information on this virus.

Virus/Worm: TROJ_VOTE.A
Posted: Sept. 25, 2001
Risk: Medium
Information URL: Click here for more information on this virus.

Virus/Worm: TROJ_MUSTARD.A
Posted: Sept. 17, 2001
Risk: Low
Information URL: Click here for more information on this virus.

Stay current on virus information
Have you been keeping up with the latest virus information and patches from Microsoft and Novell? If not, visit the Exterminator archive for past columns with information on bugs and patches you may have missed.

 

Exterminator brings you weekly updates on bug fixes, virus recovery, service release announcements, and security notices for Windows, Novell, Linux, and other systems.

Microsoft issues
Regarding: Microsoft Windows NT/2000 with DNS Server
Date posted: Aug. 31, 2001
Patch URL: Click here for workaround information.
Information URL: Click here for more information.

This week's Microsoft alert comes not from Redmond but from CERT. It has received reports about cache corruption on Microsoft DNS Server systems. Once bad data is cached in your server, either through malicious intent or simple error, erroneous data will be returned.

Linux/UNIX issues
Regarding: procmail
Date posted: Sept. 24, 2001
Information URL: Click here for more information.

This just in from SecurityFocus: If you're running procmail prior to version 3.20, you're vulnerable to a potentially serious bug. These earlier versions of procmail performed unsafe actions while in the signal handlers with the potential of allowing superuser access to an unauthorized user. Detailed instructions for eliminating the problem are available at the above link.

Virus updates from Trend Micro
Virus/Worm: PE_NIMDA.A
Posted: Sept. 24, 2001
Risk: High
Information URL: Click here for more information on this virus.

Virus/Worm: TROJ_VOTE.A
Posted: Sept. 25, 2001
Risk: Medium
Information URL: Click here for more information on this virus.

Virus/Worm: TROJ_MUSTARD.A
Posted: Sept. 17, 2001
Risk: Low
Information URL: Click here for more information on this virus.

Stay current on virus information
Have you been keeping up with the latest virus information and patches from Microsoft and Novell? If not, visit the Exterminator archive for past columns with information on bugs and patches you may have missed.

 

Editor's Picks

Free Newsletters, In your Inbox