|
|
Security Linux News for Jun 05, 2000
-
ZDNet UK: Secure open source Web server debuts at Linux expo (Jun 05, 2000, 22:14)
"The Stronghold Secure Web server proves that access to source
code need not affect security."
-
Debian Security Advisory: Package: splitvt (update) (Jun 05, 2000, 22:04)
"This is an update to the previous splitvt advisory. The
previous release had incorrrect addresses for the updates for
Debian GNU/Linux potato."
-
LinuxDev.net: Open Source: Is it Safe? (Jun 05, 2000, 20:32)
"Physical money is easy to protect. Armored safes, armed guards,
and alarm monitoring systems all make keeping hard currency safe an
easier job. But when there is no hard currency, what can protect
your funds?"
-
Debian Security Advisory: Package: splitvt (Jun 05, 2000, 19:37)
"The version of splitvt distributed in Debian GNU/Linux 2.1
(a.k.a. slink), as well as in the frozen (potato) and unstable
(woody) distributions, is vulnerable to a local buffer overflow.
This could be exploited to give a shell running as root."
-
Debian Security Advisory: Package: mailx (Jun 05, 2000, 18:48)
"The version of mailx distributed in Debian GNU/Linux 2.1
(a.k.a. slink), as well as in the frozen (potato) and unstable
(woody) distributions is vulnerable to a local buffer overflow
while sending messages. This could be exploited to give a shell
running with group "mail."
-
RootPrompt.org: Response to the feature on IPv6 vs. SSL (Jun 05, 2000, 16:54)
"Reto Haeni's paper on IPv6 and SSL explains a number of
fundamental differences between the two protocols but fails to
communicate why they are different. It is also quite out of date
(it appears to have been written in 1996) and as a result some of
its facts are no longer true. The paper is misleading (though
clearly not intentionally) due to its age and its failure to
address the differences between SSL and IPv6 adequately."
-
LinuxSecurity.com: Linux Security Week, June 5th 2000 (Jun 05, 2000, 11:27)
"Greetings, issue number 5 is already here! We would like to
take a moment to thank our readers for all of your support. The
response has been tremendous for both our newsletter and website,
LinuxSecurity.com If you have any suggestions regarding the
website, newsletter, or anything else, please let us know! We are
here to serve the open-source community; your voice should be
heard."
-
Linux.com: Who's Sniffing Your Network? (Jun 05, 2000, 02:02)
"As we have seen, sniffer attacks are difficult to detect and
thwart because sniffers are passive programs. They don't generate
an evidence trail (logs), and when used properly, they don't use a
lot of disk and memory resources."
|
