You are here: silicon.com > Software > Security Strategy

Security Strategy

FBI warning over Unix loophole

The Federal Bureau of Investigation today warned Unix users of a potential security loophole that could allow malicious hackers to take control of their computer systems.

Printer Friendly Email Story RSS

By Chris Holbrook

Published: 2 May 2001 09:43 BST

The problem arises through a vulnerability in a program called 'lpd/LPRng' that controls printer requests across a Unix network, coupled with Sun Microsystems' remote procedure call software which allows networks to communicate with each other.

The defect, known as format string vulnerability, may allow unauthorised remote users to execute arbitrary code on a machine, or start a denial of service attack on the vulnerable system.

The FBI's cybercrime unit, the National Infrastructure Protection Centre (NIPC), raised the alarm after they noticed a significant increase in attempts to take advantage of the flaw through the popular platform.

According to the NIPC, the solution is to upgrade to the non-vulnerable version of LPRng, disallow access to printer service ports 515/tcp or employ packet-filtering technology such as a firewall.

For more details on this security hole, visit http://www.kb.cert.org/vuls/id/382365

Add Comment Add comment  Printer Friendly Print story with   Email Story Email story  
In
Applications

Operating Systems

SOA/Web Services

Malware

Security Strategy


Related Links

Unauthorised surfers going down down under

Cybercrime costs US business $378m

Hackers tear apart US sites - FBI issues public warning

Explorer glitch leaves Microsoft users vulnerable

Corporations riddled with security holes

  1. Zones
  2. Management
  3. Networks
  4. Software
  5. IT Services
  6. Hardware
  1. Verticals
  2. Public Sector
  3. Financial Services
  4. Retail & Leisure

Peter Cochrane Peter Cochrane's Blog: Is convergence a fiction? Or could it finally be happening…

Clive Longbottom Quocirca's Straight Talking: A game of two halves Microsoft Virtualisation scores while its SOA bores...

Viacom vs Google: YouTube privacy fears

Google Talk finds a home on iPhone

ePassport upgrade scaled back

Barclays gives online users free security software

Probe into loss of 21,000 hospital patient details

Zittrain: Android holds the key to free future


  • Jobs
Security Consultant Ethical Hacking / Penetration Testing - London

Responsibilities: - Deliver security assessment services including network scanning, vulnerability testing, penetration testing, search engine ...

Systems Engineer, Windows 2003 / Cisco / Linux / VMWare- Oxfordshire

With over 1000 servers and 20 data centres, our mission-critical infrastructure is technically complex and encompasses solutions such as email, web ...

Security/Quality Analyst-00055189

Respond to requests and queries from the client as required. Maintain open a communication channel with the corporate risk management team regarding ...

CIO50 2008
The silicon.com CIO50 2008 profiles the most influential and innovative tech chiefs in the UK across all industries and organisation size, from the biggest FTSE100 companies to high growth dot-com start ups and the public sector. The list was voted on by the UK CIO community and a panel of experts. Find out more in our latest special report.

College classrooms go high-tech

Travis Perkins builds its tech future

Thin clients switch on digitally excluded

MSDN Webcast: Demystifying Office Business Applications for the Developer (Level...

Understanding SOA and Business Mashups: Automate. Coordinate. Collaborate. No coding...

Tips and Tricks for Office 2007

MSDN Webcast: Demystifying Office Business Applications for the Business Analyst...

Stories from the web...


Peter Cochrane's Video Blog: Power outrage

Business agility through flexible IT

What are you really saying?


London data centres hit by credit crunch

Ofcom: Mobile broadband driving interest in fibre

3G iPhone to storm enterprise world, says O2

MoD IT - late and over budget

Terrorists turning to tech, warns gov't




Quick Sitemap Links: