Submitted by ep on
http://secunia.com/advisories/29773/
http://www.kb.cert.org/vuls/id/593409
Multiple vulnerabilities in Adobe Acrobat/Reader in versions <8.1.3
could lead to arbitrary code execution when a user opens a malicious PDF
file.
There are known exploits for these vulnerabilities. Users should use
caution when opening PDF files and upgrade to version 8.1.3 or 9 of
Adobe Acrobat/Reader.
Submitted by ep on
Fedora updated the kernel to 2.6.26.5-45 over the weekend. I ran into many of the issues that I had before with getting VMware-server-1.0.7 working with the new kernel.
I was able to compile it using the same vmware-any-any-117-itpsycho patches, but it crashed the system whenever I tried to start a VM.
Toward the end of September, VMware released their VMware 2.0 product. I had tried a pre-release version, but it was not working well at that time. I decided to give the production version a try before reverting back to an older kernel.
Submitted by ep on
A lively discussion in the NANOG mailing list just recently ended with the disconnection of Intercage/Atrivo hosting company. This hosting company has been known to host customers with varying ethical standards.
One of the fallouts of this disconnection is that many malware websites are no longer reachable. This means if your computer has been compromised in the past, it may not be able to find its controller anymore. Sometimes, this means your computer won't work at all anymore.
Submitted by ep on
Whenever there is a new kernel that comes out for Fedora, it is a treat to try and get VMware-server working again. For some reason the vmware modules need to be patched before they will compile.
For this last batch, I found that I had to upgrade to VMware-server-1.0.7 and apply the vmware-any-any-update117-itpsycho patch. Typically a vmware-any-any patch has solved these types of problems in the past, however, this one was tough to find. Here are the two articles that I finally found that put me on the correct path.
Submitted by ep on
September 9th was Microsoft's Patch Tuesday. This is the day when they update Windows with the latest fixes to vulnerabilities from the previous month.
Make sure your computer is up to date with the latest patches to avoid vulnerability issues.
SA08-253A: Microsoft Updates for Multiple Vulnerabilities - Microsoft Updates for Multiple Vulnerabilities [US-CERT Cyber Security Alerts]
Submitted by ep on
http://www.redhat.com/security/data/openssh-blacklist.html - RedHats distribution servers were infiltrated and some openssh packages were compromised. There is a small possibility that some RHEL4 and RHEL5 systems who updated during the compromise have installed malicious openssh packages. RedHat has released a script to determine if the system has been compromised. It is suggested that the script (available at the URL above) be run on all RHEL4 and RHEL5 machines to determine compromise.
Submitted by ep on
http://www.isc.org/index.pl?/sw/bind/bind-security.php - A weakness in the DNS protocol could lead to DNS poisoning of caching recursive name servers. This affects all non-DNSSEC protected domains. Newer versions of BIND utilize Query Port Randomization for BIND 9 which helps to mitigate the problem, but is not a full solution. The only proven solution to protect your domain from this attack is to implement DNSSEC on your authoritative name servers.
Submitted by ep on
http://lists.debian.org/debian-security-announce/2008/msg00152.html - Debian released this announcement today pertaining to their openssl libraries. It has been determined that a Debian specific patch to openssl has been using a weak and easily determined pseudo random number generator for creating ssl certificates. This patch was made to fix CVE-2008-0166, but ended up creating a new issue. This was introduced into Debians testing environment in September 2006, and was moved into their etch release.
Submitted by ep on
http://secunia.com/advisories/29965/ - Two vulnerabilities have been discovered, one which can lead to authentication bypass (if account registration is enabled) and another which can lead to arbitrary HTML and code execution on the clients web browser. This could appear to be a defacement, but is executed locally on the users computer, not on the server itself. Test and update to v2.5.1 when possible.
Submitted by ep on
http://secunia.com/advisories/29988/ - Sun has acknowledged some vulnerabilities in Solaris, which can be exploited by malicious people to conduct cross-site scripting attacks. This affects Apache 1.3.x and 2.0.x running on Solaris 8, 9 and 10 on SPARC and x86. Some vendor patches are available. Please test and apply these patches when available.