[LWN Logo]
[LWN.net]

Sections:
 Main page
 Linux in the news
 Security
 Kernel
 Distributions
 Development
 Commerce
 Announcements
 Back page
All in one big page

See also: last week's Security page.

Security


News

Microsoft's security challenge, in which they put a Windows 2000 system on the net and asked people to try to take it down, turned out to be a bit of an embarrassment for them. The system went down several times in the first day, and Microsoft's explanations of the problem didn't hold a whole lot of water.

Meanwhile, the LinuxPPC folks set up a security challenge of their own, with an offer to give the LinuxPPC box to anybody who was able to compromise it. As of this writing, the prize remains unclaimed. This is certainly a testament to Linux security. It also helps, though, that the box in question was running a PowerPC processor. Most easy buffer overrun attacks are harder to do, since the exploits were developed for Intel systems....

Security Reports

Another problem with Gnumeric was reported by Miguel de Icaza. It seems that the Guile plugin would allow the execution of arbitrary commands, meaning that nastiness could be embedded into a spreadsheet. Thus far, there is not much exchange of Gnumeric sheets going on, and relatively few developers of malware using that medium. However, people using Gnumeric might want to look at the postingand upgrade.

Updates

A new version of cfingerd, the configurable finger daemon, has been announced. It allows extensive control over the information returned by finger, and contains a number of security fixes.

FCheck v2.07.37 has been released. FCheck is a perl system which performs system integrity checking and intrusion detection on a number of different platforms. See the announcement for details.

Section Editor: Liz Coolbaugh


August 12, 1999


Secure Linux Projects
Bastille Linux
Khaos Linux
Secure Linux

Security List Archives
Bugtraq Archive
Firewall Wizards Archive
ISN Archive

Distribution-specific links
Caldera Advisories
Debian Alerts
Red Hat Errata
SuSE Announcements

Miscellaneous Resources
CERT
CIAC
Comp Sec News Daily
Crypto-GRAM
Linux Security Audit Project
OpenSEC
Security Focus
SecurityPortal

 

Next: Kernel

 
Eklektix, Inc. Linux powered! Copyright © 1999 Eklektix, Inc., all rights reserved
Linux ® is a registered trademark of Linus Torvalds