Microsoft Corp. has issued a patch file for its Exchange Server 5.5. It plugs a hole that could let a hacker use the server to perform mail relaying, if the server is set up as a gateway via the Internet Messaging Service. While there were safeguards against this happening, gaps could still be exploited. The patch is at ftp://ftp.microsoft.com/bussys/exchange/exchange-public/fixes/Eng/Exchg5.5/PostSP2/imc-fix. Microsoft credits Laurent Frinking of Quark Deutschland GmbH with identifying the vulnerability.
Red Hat Software has released a security advisory with Samba 2.0.5a for Red Hat Linux 6.0. This advisory is designed to rectify security problems in earlier versions of Samba, including a denial-of-service attack and a buffer overflow. The updates for different platforms (Intel, Alpha and Sparc) are at http://www.redhat.com/corp/support/errata/RHSA1999022_02.html.