CRIME FW: [Information_technology] Daily News 2/20/04

From: George Heuston (GeorgeH@private)
Date: Fri Feb 20 2004 - 08:37:23 PST

  • Next message: Ben Barrett: "Re: CRIME [fwd] IT forensics advice"

    -----Original Message-----
    From: information_technology-admin@private
    [mailto:information_technology-admin@private] On Behalf
    Of InfraGard
    Sent: Friday, February 20, 2004 7:52 AM
    To: Information Technology
    Subject: [Information_technology] Daily News 2/20/04
    February 19, CNET - Linux servers at risk from trifecta of
    Three separate security flaws could be used by an ordinary user to gain
    total control of a Linux server or workstation, security researchers
    warned. Two of the vulnerabilities lie in the way the Linux kernel--the
    of the open-source operating system--manages memory. They affect all
    versions of Linux, according to advisories released on Wednesday by iSEC
    Security Research, a Polish security company. The third flaw affects the
    module for the kernel that supports ATI Technologies' Rage 128-bit video
    card. Because Linux is frequently used on shared servers, security holes
    that allow a user to expand their access rights on a computer are
    said Alfred Huger of Symantec. However, they are not as critical as
    that allow an outsider to compromise the computer, he said. The Linux
    Project released a new version of the 2.4 series kernel--version
    fix the vulnerability. Linux companies and projects that package their
    version of Linux have rushed to deliver updates. Red Hat, Novell's SuSE
    Linux, Debian and other Linux distributions had released fixes by
    February 19. Source:
    Internet Alert Dashboard
    Current Alert Levels
    AlertCon: 1 out of 4
    Security Focus
    ThreatCon: 1 out of 4
    Current Virus and Port Attacks
    Virus: #1 Virus in the United States: WORM_LOVGATE.G
    Source:, Trend World Micro Virus
    Tracking Center
    [Infected Computers, North America, Past 24 hours, #1 in United States]
    Top 10 Target Ports
    53 (domain), 21 (ftp), 42 (name), 23 (telnet), 25 (smtp), 57
    (priv?term), 22
    (ssh), 2 (compressnet), 1 (tcpmux), 13 (daytime)
    Source:; Internet Storm Center
    Information_technology mailing list

    This archive was generated by hypermail 2b30 : Fri Feb 20 2004 - 09:09:04 PST