Linux Today: Linux News On Internet Time.

More on LinuxToday

Security Linux News for Jan 14, 2000

  • SuSE Security Announcement - lprold (Jan 14, 2000, 20:34)
    If the hosts.lpd mechanism is used to permit printing to remote hosts, this can be circumvented if the attacker controls a DNS server, because no double-reverse lookup was done the IP address.
    A second vulnerability involves the manipulating the control file of a print job in a way, that statements are sent to sendmail as arguments where an attacker could specify a sendmail config file of his own.

  • 32BitsOnline: Major Flaw In Secure Web Server Technology Uncovered (Jan 14, 2000, 17:10)
    "A group of key IT security specialists have uncovered, what they say is, a major security failing with modern so-called secure Web server software from Microsoft...Netscape...and Apache."