Security Portal: Weekly Linux Security Roundup - 2000/04/10 to 2000/04/16Apr 17, 2000, 03:25 (2 Talkback[s])
(Other stories by Kurt Seifried)
WEBINAR: On-demand Event
Replace Oracle with the NoSQL Engagement Database: Why and how leading companies are making the switch REGISTER >
"Vendors are still playing catch up, Red Hat and Mandrake finally released patches for the gpm root hack, but apart from that not a whole has happened. A shopping cart cgi was found to report on usage and had a backdoor that allowed the author (or anyone that figured out what the password is) to run arbitrary commands on the remote server. When buying software (especially if it is OpenSource) you should check it for things like that as this proves that some vendors are not completely trustworthy."
"We lead off with general advisories, then vendor advisories (distributions, then any major software ones), then mailing list related traffic, any interesting tidbits and then the tip of the week. Most things are in alphabetical order. If we're missing a Linux vendor's advisory please tell us, ditto for any Linux related security alerts. The long strings of hex in front of package names are MD5 signatures."
0 Talkback[s] (click to add your comment)