Untitled Document
www.expresscomputeronline.com WEEKLY INSIGHT FOR TECHNOLOGY PROFESSIONALS
14 February 2005  
Untitled Document
Sections

Market
Management
Nasscom 2005
Technology
Technology Life

Columns

Between The Bytes

Services
Subscribe/Renew
Archives
Search
Contact Us
Network Sites
Network Magazine India
Exp. Hotelier & Caterer
Exp. Travel & Tourism
feBusiness Traveller
Exp. Pharma Pulse
Exp. Healthcare Mgmt.
Exp. Textile
Group Sites
ExpressIndia
Indian Express
Financial Express
Home - Technology - Article

Updates

A compilation of the latest information about Virus, Security and Patches which could be vital for your system

Cisco patches VoIP vulnerability

The company has released updates that address flaws in its Internetwork Operating System (IOS). The flaws could potentially allow hackers to mount denial of service attacks. The vulnerability-affected versions of Cisco’s IOS are configured for the Cisco CallManager Express and Cisco IOS Telephony services. Hackers can send programmed control messages, which can cause the vulnerable software to reload. Cisco has updated the affected versions of its software to block this.

Juniper router vulnerability

Routers running Juniper’s proprietary JUNOS software contain a vulnerability that lets remote hackers mount denial of service attacks. The vulnerability occurs due to a memory leak within the IPv6 packet forwarding engine when the software processes certain IPv6 packets. A successful exploit can consume all available memory and cause the software to reboot. A remote hacker by supplying specially crafted IPv6 network packets can force a denial of service. The vulnerability affects all routers running JUNOS. Juniper has released a patch to address this vulnerability which can be downloaded from:

www.juniper.net/alerts/v...2004-06-009&actionBtn=Search

Worm targets MySQL on Windows

Security firm Symantec has sounded an alert for a new variant of the W32.Spybot worm. This worm targets MySQL database servers that run on Windows server. The worm is spreading rapidly as Symantec reports that more than 4,000 machines worldwide have been infected by the Spybot variant. It recommends restricting incoming connections to the MySQL database to trusted or internal hosts only.

Buffer overflow vulnerability in Red Hat Linux

Security firms have reported a vulnerability in Red Hat Enterprise Linux 3, which can be exploited to cause a buffer overflow. The vulnerability is caused due to the way the software handles binary files. A hacker can trick a user to open a specifically created binary file and compromise the system. Updates can be downloaded from:

rhn.redhat.com

Mandrake fixes Evolution vulnerability

MandrakeSoft, a Linux vendor, has issued an update for the Evolution groupware client. The patch fixes a vulnerability that can be used to compromise a user’s system and gain escalated privileges. More details can be found at:

www.mandrakesoft.com/security/advisories?name=MDKSA-2005:024

Malware - Top 10

1. WORM_NETSKY.P
2. HTML_NETSKY.P
3. JAVA_BYTEVER.A
4. WORM_NETSKY.D
5. SPYW_GATOR.D
6. WORM_NETSKY.B
7. WORM_NETSKY.C
8. DOS_AGOBOT.GEN
9. SPYW_GATOR.C
10. TROJ_ISTBAR.GM

Source : Trend Micro (from January 21 to January 27, 2005)

 


UNSUBSCRIBE HERE
Untitled Document
© Copyright 2001: Indian Express Newspapers (Bombay) Limited (Mumbai, India). All rights reserved throughout the world. This entire site is compiled in Mumbai by the Business Publications Division (BPD) of the Indian Express Newspapers (Bombay) Limited. Site managed by BPD.