According to an advisory released by Gentoo, a bug in Usermin, a widely used Unix and Linux administration console, can allow malicious code to be executed by specially crafted e-mail. In addition, a bug in the installation script of Webmin and Usermin can allow local users to execute a symlink attack at installation. Security experts say the Usermin functionality, including the vulnerability, is included in the Webmin software, which is shipped with Linux distributions such as SuSE, Mandrake, and Gentoo. Users are advised to upgrade to the latest versions of Usermin and Webmin.
Freegate is not Trojan horse, says Symantec
Symantec has announced that Freegate will no longer be classified as a Trojan by its anti-virus software. In a statement, Symantec said researchers noticed similarities in how Freegate used open proxies to penetrate firewalls used to block websites, and mistakenly deemed it malign. On further investigation, the security firm has concluded the software is not malicious, and will remove it from their virus definitions. Freegate, which uses a range of proxy servers assigned to changeable internet addresses to access websites blocked by the Chinese government, is estimated to have 200,000 users.