Linux Today SECURITY LETTER FOR SEPTEMBER 5, 2000 Latest Security News for the Linux and Open Source Community. ___________________________ Sponsors ________________________________ This newsletter sponsored by: F-Secure Corporations _____________________________________________________________________ ------------------------------------------------------------------ ------------------------------------------------------------------ TODAY'S LINUX SECURITY NEWS: ------------------------------------------------------------------ DEBIAN: NEW VERSION OF SCREEN RELEASED "A format string bug was recently discovered in screen which can be used to gain elevated privileges if screen is setuid." COMPLETE STORY: http://linuxtoday.com/story.php3?sn=27110 ------------------------------------------------------------------ DEBIAN SECURITY ADVISORY: GLIBC UPDATE FOR DEBIAN GNU/LINUX 2.1 "An earlier advisory listed the updates for Debian 2.2/potato. This advisory contains updates for Debian 2.1/slink." COMPLETE STORY: http://linuxtoday.com/story.php3?sn=27114 ------------------------------------------------------------------ SECURITYFOCUS.COM: FALLING APART AT THE SEAMS [SECURITY AND OPEN SOURCE] "Because the new inter-component security flaws differ so substantially from more traditional holes, a different sort of programmer is likely to find them. Open source allows the widest variety of coders to search the source for the flaws that they know best. This can only improve security." COMPLETE STORY: http://www.securityfocus.com/commentary/80 /-------------------------------------------------------------------\ F-Secure Anti-Virus for Linux F-Secure AntiVirus ensures the maximum availability and data integrity on your Linux system. It is an easy-to-use and up-to-date virus scanner that can detect and disinfect viruses effectively. A powerful technology detects and disinfects viruses in real-time from both networked and stand-alone workstations. Get the Anti-Virus solution client and server in one package! \--------------------------------------------------------------adv.-/ ------------------------------------------------------------------ EWEEK: NEW DDOS ATTACK TARGETS CHAT, LINUX MACHINES "Trinity v3 so far has been seen on Linux machines. The binary code is installed on a Linux server at /usr/lib/idle.so. When idle.so is launched, it connects to one of 11 Undernet IRC servers and sets a nickname for itself (which combines the first six letters of the host with three random digits)." COMPLETE STORY: http://www.zdnet.com/eweek/stories/general/0,11011,2624180,00.html ------------------------------------------------------------------ CALDERA SYSTEMS SECURITY ADVISORY: SERIOUS VULNERABILITY IN GLIBC NLS CODE "The GNU C library, glibc, allows users to specify their so-called locale through environment variables such as LANG. The locale determines what language, monetary signs etc to use when communicating with the user." COMPLETE STORY: http://linuxtoday.com/story.php3?sn=27132 ------------------------------------------------------------------ SECURITY PORTAL: WEEKLY LINUX SECURITY DIGEST 2000/08/28 TO 2000/09/03 "The big news this week is a potential glibc hole, for which no exploit code exists - but vendors are issuing fixes. (Dontcha love Linux security? We know there might be an exploitable issue under certain rare circumstances; nobody has seen exploit code yet, but here's the fix)." COMPLETE STORY: http://securityportal.com/topnews/weekly/linux20000904.html ------------------------------------------------------------------ SECURITY PORTAL: FIREWALLS - COMMON CONFIGURATION PROBLEMS "Before any changes are made to a firewall, you should sit down with whoever is responsible and ensure that the changes will not have unintended side effects." COMPLETE STORY: http://securityportal.com/topnews/fw20000905.html ------------------------------------------------------------------ Visit the other sites in the Linux Channel: Linux Planet <http://www.linuxplanet.com>, LinuxStart <http://www.linuxstart.com>, Linux Central <http://www.linuxcentral.com>, and JustLinux <http://www.justlinux.com>. Also, check out the ISP-Linux Moderated Digest <http://isp-lists.isp-planet.com/moderated/isp-linux/>. ------------------------------------------------------------------ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ For information about advertising in this newsletter, contact Frank Fazio, Director of Inside Sales, internet.com Corporation Call (203)662-2997 or write mailto:[EMAIL PROTECTED] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ This newsletter is published by internet.com Corporation http://internet.com - The Internet Industry Portal ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ To learn about other free newsletters offered by internet.com or to change your subscription - http://e-newsletters.internet.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ internet.com's network of more than 100 Websites are organized into 14 channels... Internet Technology http://internet.com/sections/it.html E-Commerce/Marketing http://internet.com/sections/marketing.html Web Developer http://internet.com/sections/webdev.html Windows Internet Technology http://internet.com/sections/win.html Linux/Open Source http://internet.com/sections/linux.html Internet Resources http://internet.com/sections/resources.html Internet Lists http://internet.com/sections/lists.html ISP Resources http://internet.com/sections/isp.html Downloads http://internet.com/sections/downloads.html International http://internet.com/sections/international.html Internet News http://internet.com/sections/news.html Internet Investing http://www.internet.com/sections/stocks.html ASP Resources http://internet.com/sections/asp.html Wireless Internet http://internet.com/sections/wireless.html ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ To find an answer - http://search.internet.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ For information on reprinting or linking to internet.com content: http://internet.com/corporate/permissions.html ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Copyright (c) 2000 internet.com Corporation ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -------------------------------------------------------------------------- Utk berhenti langganan, kirim email ke [EMAIL PROTECTED] Informasi arsip di http://www.linux.or.id/milis.php3 Pengelola dapat dihubungi lewat [EMAIL PROTECTED]
