Linux Today: Linux News On Internet Time.

More on LinuxToday

Security Linux News for Feb 28, 2002

  • IBM developerWorks: OpenSSH key management, Part 3 (Agent forwarding and keychain improvements) (2002-02-28 21:09:26)
    "If you can't run ssh-agent on untrusted hosts, then how do you establish secure, passwordless ssh connections from these systems? The answer is to only use ssh-agent and keychain on trusted hosts, and to use OpenSSH's new authentication forwarding abilities to extend passwordless authentication to any untrusted hosts."

  • internetnews.com: Security Flaws Found in PHP (2002-02-28 17:44:17)
    "The Computer Emergency Response Team Coordination Center (CERT/CC) Wednesday warned of multiple vulnerabilities in the PHP scripting language which would allow a remote attacker to execute arbitrary code with the privileges of the PHP process on a victim's system."

  • Debian Security Advisory: snmp (2002-02-28 16:07:44)
    "Some of the changes made in the DSA-111-1 security fix for SNMP changed the API and ABI for the SNMP library which broke some other applications."

  • eSecurityPlanet.com: Updated Open Source Security Testing Manual Available (2002-02-28 12:17:13)
    "Created by Pete Herzog, 'director of ideas' at Ideahamster, the OSSTMM is an open-standard methodology for security testing. While Herzog conceived of the idea, the document now contains ideas from more than 150 contributors, 33 of them regular contributors to the project. "

  • Red Hat Security Advisory: Updated 2.4 kernel available (2002-02-28 05:22:42)
    "The Linux Netfilter team has found a problem in the "IRC connection tracking" component of the firewall within the linux kernel. This problem affects Red Hat Linux versions 7.1 and 7.2."