Feeds

Snort plugs Back Orifice as Oracle issues mega-fix

Enter the matrix

5 things you didn’t know about cloud backup

Patch roundup Wednesday became a busy patching day for sys admins with the release of Oracle's quarterly patch roundup - boasting an impressive 85 software fixes - and an update designed to defend the popular Snort open source intrusion detection application against possible hacker attack.

Oracle's mega update covers a variety of security flaws involving vulnerabilities in its database software and business applications that, at worst, create a means to launch potent SQL injection and cross site scripting hacker attacks. The uber fix also includes less serious security bug fixes and software tweaks unrelated to security issues. Oracle has put together a patching matrix designed to help IT managers to make sense of the importance and impact of these patches within their environments. The vulns were discovered by David Litchfield of NGSSoftware, among others, and summarised by security notification service Secunia here.

Elsewhere there's a buffer overflow vulnerability with the Snort security tool to worry about. A component of the product designed to recognise Back Orifice hacker tool traffic is flawed to such an extent that it might be used to inject hostile code onto affected systems. "A stack-based overflow can be triggered with a single UDP packet, allowing an attacker to fully compromise a Snort or Sourcefire installation," security tools vendor ISS, which unearthed the security glitch, warns. The vulnerability has been reported in Snort version 2.4.0, 2.4.1, and 2.4.2. Users are advised to upgrade to version 2.4.3. Sourcefire, the commercial firm whose technology is based on Snort, issues similar advice here. Possible workarounds and more info can be found in a US-CERT advisory. ®

5 things you didn’t know about cloud backup

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
5 things you didn’t know about cloud backup
IT departments are embracing cloud backup, but there’s a lot you need to know before choosing a service provider. Learn all the critical things you need to know.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?