Linux Today: Linux News On Internet Time.

More on LinuxToday

Security Linux News for Dec 04, 2000

  • VNU Net: Shockwave virus hits European businesses (Dec 04, 2000, 21:11)
    "In the past, when these companies have become infected the virus soon reaches Europe, and sure enough our labs have reported six European corporates have been infected. At the moment we're seeing a steady rate of infection, but it could turn into an outbreak..."

  • Red Hat Security Advisory: Updated PAM packages available (Dec 04, 2000, 20:04)
    Red Hat Linux 7 and a previous PAM errata issued for Red Hat Linux 6.x both included a new module, pam_localuser. Although this module is not used in any default configurations, the version included was vulnerable to a buffer overflow. These updates remove this vulnerability and fix various other bugs.

  • Red Hat Security Advisory: Updated tcsh packages are now available for Red Hat Linux (Dec 04, 2000, 19:58)
    Versions 6.09 and below of tcsh are vulnerable to a symbolic link attack. This attack can be used to cause users to destroy the contents of any file to which they have write access.

  • Linux Security Week - December 4th 2000 (Dec 04, 2000, 05:55)
    "In the news this week, CERT warned of looming DoS attacks, IBM claims faster encryption technology, and OpenBSD 2.8 was officially released."

  • Security Portal: Weekly Linux Security Digest 2000/11/27 to 2000/12/03 (Dec 04, 2000, 05:52)
    "Only a few new problems this week; most vendors are left playing catch-up on a number of issues. Bash has a vulnerability in the way tmp files are created for scripts. It is exploitable, but most vendors have issued updated packages. The other major event is a glibc exploit when executing /bin/su. This doesn't appear to work on all systems."