Avaya Labs Research has released Libsafe 2.0, the latest version of its free security software for Linux systems, the company announced this week at CeBIT.
The new version of Libsafe shields servers from both buffer overflow and format string attacks, Avaya said in a statement. Such attacks occur when unauthorized users take advantage of loopholes in software running on servers, allowing the attackers to override existing codes in a running program with their own code. This gives the hackers control over the affected server software, allowing them to access confidential information that may be in the system.
The CERT Coordination Center at Carnegie Mellon University, which researches Internet security issues, on its Web site cites domain name server utility BIND (Berkeley Internet Name Domain), among other software, as having vulnerabilities that could leave it open to such hacker attacks.
Avaya Labs is the research and development arm of New Jersey-based Avaya Inc.
Avaya Labs, in Basking Ridge, New Jersey, can be reached online at http://www.avayalabs.com. The CERT Coordination Center at Carnegie Mellon University, in Pittsburgh, Pennsylvania, can be reached at +1-412-268-6989 or http://www.cert.org.