Microsoft

There?s a new Trin in town

Worries of DDoS attacks continue to make headlines, and for good reason. Many administrators are reporting suspicious behavior to monitoring sites. Catch the latest on a new Trin program, and more, in this week's Exterminator.


Count on Exterminator!
Each Friday, Exterminator brings you news of important bug fixes, virus recovery information, service release announcements, security notices, and more, from the prior week.

According to an Internet Security Systems report, a new version of Trin00 is on the loose. The new incarnation runs on Windows-based systems and can be used to coordinate Denial of Service attacks.

The Windows Trin00 variant is similar to its UNIX counterpart. The daemon service with the Windows version listens to port 34555, but it does not attempt to contact a master server.

ISS believes Trin00 is being used in conjunction with BackOrifice and SubSeven to launch attacks. More information is available from ISS.

NetWare 4.1 updates
LIPUP4J.EXE is available for NetWare 4.1 networks. The new file, released Feb. 23, 2000, updates CLIB and DSAPI v4.11r libraries.

According to Novell, the following fixes are included with the update:
  • CLIB: Fixed calculations for out-of-range month days in NormalizeStructTM().
  • NLMLIB: NWRConvertLocalFileHandle now returns the correct handle for a remote file handle.

You'll find more information on Novell’s Web site .

ManageWise updates
Virus signature updates have been published for ManageWise for both the Windows 9x and Windows NT platforms. You can download the signatures, available for ManageWise versions 2.5 and 2.6, directly from Novell .

Linux vulnerabilities
The CERT Coordination Center is reporting that multiple vulnerabilities exist in the Cron clock daemon software developed by Paul Vixie. Increased hacker activity related to these vulnerabilities prompted CERT to distribute an advisory to UNIX administrators.

Multiple patches and security reports have targeted these vulnerabilities. For a list, and for more information, visit the CERT Coordination Center .

Holy FreeBSD!
Two holes have been identified in FreeBSD.

The U.S. Department of Energy’s Computer Incident Advisory Capability site is warning that the third-party Delegate Proxy Server software may permit hackers to execute arbitrary code. There are no patches currently available. More information can be found on the CIAC site.

A pair of vulnerabilities has also been discovered in the asmon and ascpu utilities published by Afterstep. These holes could also allow hackers to execute arbitrary code, according to CIAC. Upgrading the software can eliminate the security risk, which CIAC rates as low. More details are available here .

Have a comment?
If you'd like to share your opinion, please post a comment below or send the editor an e-mail.

 

Editor's Picks

Free Newsletters, In your Inbox