Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs






More on LinuxToday

Security Linux News for Feb 13, 2002

  • LinuxPR: CUPS v1.1.14 Now Available (Feb 13, 2002, 22:02)
    CUPS 1.1.14 is a security release that fixes two buffer overflow bugs in the IPP code.

  • Debian Security Advisory: cupsys (Feb 13, 2002, 19:49)
    "The authors of CUPS, the Common UNIX Printing System, have found a potential buffer overflow bug in the code of the CUPS daemon where it reads the names of attributes. This affects all versions of CUPS."

  • Debian Security Advisory: New Faq-O-Matic packages fix cross-site scripting vulnerability (Feb 13, 2002, 19:34)
    "Due to unescaped HTML code Faq-O-Matic returned unverified scripting code to the browser. With some tweaking this enables an attacker to steal cookies from one of the Faq-O-Matic moderators or the admin."

  • SysAdmin: Encrypted NFS with OpenSSH and Linux (Feb 13, 2002, 16:42)
    "NFS is a widely deployed, mature, and understood protocol that allows computers to share files over a network. The main problems with NFS are that it relies on the inherently insecure UDP protocol, transactions are not encrypted, hosts and users cannot be easily authenticated, and its difficulty in firewalling. This article provides a solution to most of these problems for Linux clients and servers."

  • The Register: The SNMP fiasco: steps you need to take (Feb 13, 2002, 13:01)
    "Obviously, your quickest and surest fix is going to be disabling SNMP if you don't have to run it. Indeed, disabling unnecessary network services is a normal part of system hygeine, so this is a good opportunity to take the time and do a thorough job of it."

  • Red Hat Security Advisory: Update ucd-snmp Packages (Feb 13, 2002, 01:39)
    "Updated ucd-snmp packages are now available for Red Hat Linux 6.2, 7, 7.1, and 7.2. These packages prevent possible denial of service attacks and security breaches as discovered by the Oulu University Secure Programming Group."