To print: Click here or Select File and then Print from your browser's menu

This story was printed from silicon.com, located at http://www.silicon.com/

Story URL: http://software.silicon.com/security/0,39024655,11034507,00.htm

Linux and Unix face fresh security threat
CDE vulnerabilities...

By Joey Gardiner

Published: Thursday 11 July 2002

US security authority Cert has uncovered a hole in popular software used to run desktop versions of Linux and Unix.

The news will bring into question the widespread assumption that Linux and Unix are more secure than supposedly flawed Microsoft desktop software.

Cert said it had discovered two vulnerabilities in the Common Desktop Environment (CDE), the popular GUI used to front Linux and Unix operating systems on PC desktops.

Cert said the vulnerabilities could allow a malicious hacker to overwrite files, cause a denial of service or even execute arbitrary code.

Vendors who have issued patches include Caldera, Fujitsu, HP, IBM, SGI and Sun.

Cert said worried users should contact their vendor directly. For more information see the Cert advisory at: http://www.cert.org/advisories/CA-2002-20.html