Code Red bug hits Microsoft security update site
Code Red bug hits Microsoft security update site. The Register Jul 20 2001 9:06PM ET [Computer security news]
Archive for the ‘security’ Category.
Anti-virus software vendors warn against Sircam
Anti-virus software vendors warn against Sircam. IDG Jul 20 2001 4:08PM ET [Computer security news]
New Worm Keeps Them Guessing
New Worm Keeps Them Guessing. A new e-mail infection is spreading fast across the globe — probably faster than anything since Anna K. So fast in fact, the antivirus companies can’t agree on what it does. By Leander Kahney. [Wired News]
IIS virus triggers Red alert
IIS virus triggers Red alert. VNU Jul 18 2001 5:16PM ET
A worm bearing strong similarities to the sadmind virus, which hit over 9000 IIS websites back in May, has been doing the rounds, exploiting a vulnerability which is over a month old.
The worm exploits a known buffer overflow vulnerability – an ISAPI extension in the Index Server of Windows 2000 and XP beta – for which Microsoft released a patch in June that it believed had fixed the problem.
Red Hat Security Advisory: Updated openssl packages available
Red Hat Security Advisory: Updated openssl packages available
Versions of OpenSSL prior to 0.9.6a suffer from potential security
problems. These include potential leakage of information after SSL
version 3 key exchanges, imperfect distribution of random numbers used
when generating signatures, honoring of sensitive environment variables
in library functions in setuid or setgid applications, and not taking
precautions to counter effects of potential hardware glitches when
generating digital signatures.A flaw has also been found in the pseudo-random number generator used
in versions of OpenSSL prior to 0.9.6b. The OpenSSL Project Team has
released a patch which corrects this problem.
JOnAS open source EJB implementation
Groupe Bull: JOnAS open source EJB implementation;
Part of ObjectWeb, a European open source middleware repository.
IBM develops wireless security auditor
“IBM research announced that it developed a wireless security auditor running on a Compaq iPAQ with Linux. The pictures on the IBM web page are much more revealing than the press release. Apparently the auditor can handle GPS input (correlate access points with GPS coordinates?) and associate with access points on demand.” The main product webpage has more information about the capabilities, and notes that IBM hasn’t decided yet whether to release it as a commercial product or a free tool.
[via Slashdot]
Radius 2.1.va.1 (Default)
Radius 2.1.va.1 (Default). Remote Authentication Dial In User Service [freshmeat.net]
