Linux Today: Linux News On Internet Time.

More on LinuxToday

Security Linux News for Sep 06, 2000

  • ComputerWorld: Maryland's UCITA May Have National Reach (2000-09-06 20:50:09)
    "But vendors can still cite Maryland law as their "choice of law" in a licensing contract, no matter where the vendor and licensee are located...The key point is, you don't need any connection with Maryland, at least under UCITA."

  • AllLinuxDevices: Editor's Note: Those Little Boxes Can Bite! (2000-09-06 20:16:46)
    "Two of these incidents, while having absolutely nothing to do with Linux, or even open source computing in general, are useful reminders that as our toys and appliances get smarter, we have to treat them as something other than the hermetically sealed and largely static devices consumer electronics have been to this point."

  • Slackware Security Advisory: glibc 2.1.3 vulnerabilities patched (2000-09-06 19:26:36)
    "Three locale-related vulnerabilities with glibc 2.1.3 were recently reported on BugTraq. These vulnerabilities could allow local users to gain root access."

  • SuSE Security Announcement: shlibs (glibc) (2000-09-06 19:14:57)
    "The glibc implementations in all SuSE distributions starting with SuSE-6.0 have multiple security problems where at least one of them allows any local user to gain root access to the system."

  • SuSE Security Announcement: screen (2000-09-06 19:05:52)
    "By supplying a thoughtfully designed string as the visual bell message, local users can obtain root privilege. Exploit information has been published on security forums."

  • Security Portal: Why sulogin is Useless on Its Own (2000-09-06 15:13:27)
    "...even with a secure LILO configuration, sulogin, and every security patch, it is still possible for a local user to get a root prompt simply by booting the machine from a Linux rescue floppy disk... To fix this you must of course put a password on the BIOS, and lock the boot order to C: first."