Security Linux News for Jul 18, 2000
Trustix Security Advisory - nfs-utils (Jul 18, 2000, 22:01)
"A bug recently discovered in the nfs-utils package can
theoretically be used for gaining remote root. While there is
currently no known exploits for this hole "in the wild", we suggest
that all users of Trustix Secure Linux 1.0x and 1.1 upgrade."
Conectiva Linux Security Announcement - nfs-utils (Jul 18, 2000, 21:56)
"There is a problem in the nfs-utils packag that could lead to a
remote root exploit."
Techweb: Dangerous New Microsoft Vulnerability Revealed (Jul 18, 2000, 20:22)
"Users running Windows 95, 98, 2000, or NT 4.0 are vulnerable to
a total compromise when they preview or read an infected e-mail,
without having to open an attachment."
eWeek: Openhack database gets cracked (Jul 18, 2000, 19:55)
"When we installed Oracle 8i 2.0 on a Sun Enterprise E4500
server running Solaris 8, we accidentally missed changing the
default password for this account."
CNET News.com: Microsoft patches bugs amid criticism (Jul 18, 2000, 14:21)
"Microsoft has addressed security vulnerabilities in its Office
2000 applications, including one an Internet security group
described as perhaps the "most dangerous programming error" by the
software company to date."
Security Portal: Securing Your Home Network (Jul 18, 2000, 07:42)
"If you don't take an active part in securing your home network,
then you're at risk. Don't dismiss the likelihood of a stranger
accessing your computers. If you have a high-speed connection to
the Internet, then you're probably scanned for common
vulnerabilities much more frequently than you would expect."
Red Hat Security Advisory: Updated package for nfs-utils available (Jul 18, 2000, 00:09)
"The rpc.statd daemon in the nfs-utils package shipped in Red
Hat Linux 6.0, 6.1, and 6.2 contains a flaw that could lead to a
remote root break-in."