Security

Security news roundup: November 1

Here's a collection of recent security vulnerabilities and alerts, which cover a vulnerability discovered in Novell's BorderManager 3.8 Client Trust, a memory corruption vulnerability in CUPS, and a new Mac Trojan that masquerades as a video codec for watching pornography.

Here's a collection of recent security vulnerabilities and alerts, which cover a vulnerability discovered in Novell's BorderManager 3.8 Client Trust, a memory corruption vulnerability in CUPS, and a new Mac Trojan that masquerades as a video codec for watching pornography.

  • Novell patches BorderManager 3.8 Client Trust vulnerability

Zero Day Initiative (ZDI) have discovered a security vulnerability that allows remote attackers to execute arbitrary code on vulnerable installations of Novell software which utilize the Novell Client Trust. Authentication is not required to exploit this vulnerability.

You can read more about it here.

Novell has released an update which fixes the vulnerability.

  • Memory corruption vulnerability discovered in CUPS

According to Secunia, a buffer overflow in the CUPS (Common UNIX Printing System) could allow attackers to compromise and take control of a server. The risk of exploitation is slightly lower as CUPS is usually only accessible from local networks.

Excerpt from the Secunia: advisory

The vulnerability is caused due to a boundary error within the "ippReadIO()" function in cups/ipp.c when processing IPP (Internet Printing Protocol) tags. This can be exploited to overwrite one byte on the stack with a zero by sending an IPP request containing specially crafted "textWithLanguage" or "nameWithLanguage" tags.

Patches for the various Linux distributions should be available shortly.

  • New Trojan targets the Mac

A Mac security company, Intego, has issued an alert warning Mac users of a new Trojan, OSX.RSPlug.A, which disguises itself as a video codec. Though listed as "critical," active participation by the user is required for a compromise.

Excerpt from CNET News.com:

But to get infected with the malware, you have to accept the invitation to download "new version of codec," open up the .dmg (disk image) file, click the installer.pkg file, and enter your administrator's password, according to Intego. Once infected, the malware changes your DNS settings to hijack Web traffic and redirect it to phishing sites or ads for porn. And you still won't get to watch the video.

About

Paul Mah is a writer and blogger who lives in Singapore, where he has worked for a number of years in various capacities within the IT industry. Paul enjoys tinkering with tech gadgets, smartphones, and networking devices.