CRIME FW: [Information_technology] Daily News 2/20/04

From: George Heuston (GeorgeH@private)
Date: Fri Feb 20 2004 - 08:37:23 PST

  • Next message: Ben Barrett: "Re: CRIME [fwd] IT forensics advice"

    -----Original Message-----
    From: information_technology-admin@private
    [mailto:information_technology-admin@private] On Behalf
    Of InfraGard
    Sent: Friday, February 20, 2004 7:52 AM
    To: Information Technology
    Subject: [Information_technology] Daily News 2/20/04
    
    February 19, CNET News.com - Linux servers at risk from trifecta of
    flaws.
    Three separate security flaws could be used by an ordinary user to gain
    total control of a Linux server or workstation, security researchers
    have
    warned. Two of the vulnerabilities lie in the way the Linux kernel--the
    core
    of the open-source operating system--manages memory. They affect all
    current
    versions of Linux, according to advisories released on Wednesday by iSEC
    Security Research, a Polish security company. The third flaw affects the
    module for the kernel that supports ATI Technologies' Rage 128-bit video
    card. Because Linux is frequently used on shared servers, security holes
    that allow a user to expand their access rights on a computer are
    serious,
    said Alfred Huger of Symantec. However, they are not as critical as
    flaws
    that allow an outsider to compromise the computer, he said. The Linux
    Kernel
    Project released a new version of the 2.4 series kernel--version
    2.4.25--to
    fix the vulnerability. Linux companies and projects that package their
    own
    version of Linux have rushed to deliver updates. Red Hat, Novell's SuSE
    Linux, Debian and other Linux distributions had released fixes by
    Thursday,
    February 19. Source:
    http://news.com.com/2100-1002_3-5162055.html?tag=nefd_top
    
    
    Internet Alert Dashboard
    Current Alert Levels
    AlertCon: 1 out of 4
    https://gtoc.iss.net
    
    Security Focus
    ThreatCon: 1 out of 4
    http://analyzer.securityfocus.com/
    
    Current Virus and Port Attacks
    Virus: #1 Virus in the United States: WORM_LOVGATE.G
    Source: http://wtc.trendmicro.com/wtc/wmap.html, Trend World Micro Virus
    Tracking Center
    [Infected Computers, North America, Past 24 hours, #1 in United States]
    
    Top 10 Target Ports
    53 (domain), 21 (ftp), 42 (name), 23 (telnet), 25 (smtp), 57
    (priv?term), 22
    (ssh), 2 (compressnet), 1 (tcpmux), 13 (daytime)
    Source: http://isc.incidents.org/top10.html; Internet Storm Center
    
    
    _______________________________________________
    Information_technology mailing list
    Information_technology@listserv
    



    This archive was generated by hypermail 2b30 : Fri Feb 20 2004 - 09:09:04 PST