Linux Today: Linux News On Internet Time.

More on LinuxToday

Security Linux News for Sep 07, 2001

  • LinuxSecurity.com: Linux Advisory Watch - September 7th 2001 (2001-09-07 21:45:28)
    "This week, advisories were released for xinet, windowmaker, sendmail, fetchmail, xli, telnetd, rmuser, NetBSD kernel, and fts. The vendors include Conectiva, NetBSD, Mandrake, and SuSE. Mandrake users are especially encouraged to update this week because there is such a great number of advisories."

  • ZDNet: WinXP: an OS for Linux lovers (2001-09-07 18:45:59)
    "The day that we've all feared is soon to arrive: Microsoft has finally made an operating system that Linux users will love: Windows XP."

  • The Register: Linux Trojan spotted in the wild (2001-09-07 15:21:03)
    "Eric Chien, chief researcher at Symantec's antivirus research centre, does not expect the virus to spread, principally because it lacks the self-replication characteristics that made Code Red and the Lion worm (which affected Linux servers) such nuisances... That said users may wish to consider using Qualys' free vulnerability test (registration required). Antivirus vendors are in the process of updating their signature definition files to detect the Trojan."

  • VNUNet: Linux users warned of new Trojan danger (2001-09-07 09:26:25)
    "The so-called Remote Shell Trojan spreads through email as well as replicating itself across the infected system. It installs a backdoor which listens for incoming connections on UDP port 5503 or higher, and allows remote attackers to connect to, and take control of, an infected system."

  • Conectiva Linux Security Announcement - mod_auth_mysql (2001-09-07 06:42:41)
    "mod_auth_mysql" is an authentication module for apache which authenticates users against a MySQL database. RUS-CERT[3] discovered a vulnerability[1][2] in several Apache authentication modules which use SQL databases to retrieve user information. This vulnerability allows a remote attacker to change the query that the module sends to the SQL server and potentially circumvent the authentication process.