Sections: Main page Linux in the news Security Kernel Distributions Development Commerce Announcements Back page All in one big page See also: last week's Security page. |
SecurityNewsMicrosoft's security challenge, in which they put a Windows 2000 system on the net and asked people to try to take it down, turned out to be a bit of an embarrassment for them. The system went down several times in the first day, and Microsoft's explanations of the problem didn't hold a whole lot of water.Meanwhile, the LinuxPPC folks set up a security challenge of their own, with an offer to give the LinuxPPC box to anybody who was able to compromise it. As of this writing, the prize remains unclaimed. This is certainly a testament to Linux security. It also helps, though, that the box in question was running a PowerPC processor. Most easy buffer overrun attacks are harder to do, since the exploits were developed for Intel systems.... Security ReportsAnother problem with Gnumeric was reported by Miguel de Icaza. It seems that the Guile plugin would allow the execution of arbitrary commands, meaning that nastiness could be embedded into a spreadsheet. Thus far, there is not much exchange of Gnumeric sheets going on, and relatively few developers of malware using that medium. However, people using Gnumeric might want to look at the postingand upgrade.UpdatesA new version of cfingerd, the configurable finger daemon, has been announced. It allows extensive control over the information returned by finger, and contains a number of security fixes.FCheck v2.07.37 has been released. FCheck is a perl system which performs system integrity checking and intrusion detection on a number of different platforms. See the announcement for details. Section Editor: Liz Coolbaugh |
August 12, 1999
|