Neowin.net - Security flaw hits Windows, Mac, Linux

Security flaw hits Windows, Mac, Linux

Posted by aco on 07 August 2002 - 13:53 · 9 comments & 117 views

Security researchers have warned of a flaw in communications software that could allow attackers to take over computers running Windows, Unix-based operating systems and Mac OS X, as well as Kerberos authentication systems.

The problem is widespread because it affects some implementations of XDR (external data representation) libraries, used by many applications as a way of sending data from one system process to another, regardless of the system's architecture. CERT warned on Tuesday that systems using the affected code should immediately apply patches or disable the affected services.

A function in Sun's XDR library contains an integer overflow that can lead to buffer overflows, according to CERT security researchers Jeffrey Havrilla and Cory Cohen. These buffer overflows can allow an attacker to crash the system, execute malicious code or steal sensitive information, Havrilla and Cohen said.

The problem also affects the administration system of Kerberos 5, a widely-used authentication tool, which could allow attackers to gain control of Kerberos Key Distribution Center authentication functions. This could allow an attacker to gain false authentication with other services. Kerberos is included in Windows 2000.

...Microsoft said it is still investigating how Windows is affected by the problem. :P

News source: ZDNet

View: CERT Advisory Page (with links to patches)

The following are the changes for the new beta:
- added anti-cheat protection
- fixed textures problem in basic.wad
- fixed para round timer not ending round on 0:00
- fixed +Use exploit
- added garandcarbine selection to light inf. in normal dod gameplay
- added thompsongrease gun selection to assault inf. in normal dod
gameplay
- added k43kar selection to light inf. in normal dod gameplay
- took away 1 grenade from axis light inf.
- fixed switching classes while dying sets reinforcements to 0:00
- added K43 normal gameplay sleeve texture in coding
- addedEdited Vgui class menus and pics
- new Bar model tweak

Hide additional information

About the Author
Full name: Unknown
Forum name: vet

aco
Contact: via forum PM
Submissions: Normal · Headline

Total votes: 0

Bookmark on del.icio.us

Advertisement

Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!

Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.

Scroll to the Top