ISSalert: ISS Security Alert Summary: v6 n9
From: X-Force (xforce@iss.net)Date: 08/09/01
- Previous message: CustomerRelations: "Internet Scanner FlexCheck for Code Red Backdoor Now Available"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 9 Aug 2001 15:37:06 -0400 Message-Id: <200108091937.PAA06563@amber.iss.net> To: alert@iss.net From: X-Force <xforce@iss.net> Subject: ISSalert: ISS Security Alert Summary: v6 n9
TO UNSUBSCRIBE: email "unsubscribe alert" in the body of your message to
majordomo@iss.net Contact alert-owner@iss.net for help with any problems!
---------------------------------------------------------------------------
-----BEGIN PGP SIGNED MESSAGE-----
Internet Security Systems Security Alert Summary
August 7, 2001
Volume 6 Number 9
X-Force Vulnerability and Threat Database: http://xforce.iss.net
To receive these Alert Summaries, as well as other Alerts and
Advisories, subscribe to the Internet Security Systems Alert
mailing list at: http://xforce.iss.net/maillists/index.php
This summary can be found at:
http://xforce.iss.net/alerts/vol-6_num-9.php
_____
Contents:
* Risk Classification
* 112 Reported Vulnerabilities
* Risk Factor Key
_____
Risk Classification:
Vulnerabilities reported this month by risk level and attack type
High Risk: 34 Network Based, 18 Host Based
Medium Risk: 45 Network Based, 10 Host Based
Low Risk: 06 Network Based, 01 Host Based
Note: Some vulnerabilities are classified as both host based and
network based attack types.
_____
Date Reported: 07/01/2001
Brief Description: Multiple FTP server '.lnk' directory traversal
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: WFTPD 3.00 R5, ArGoSoft FTP Server 1.2.2.2,
Broker FTP Server 5.x, Windows 95 All versions,
Windows 98 All versions, Windows 2000 All
versions, Windows NT All versions
Vulnerability: ftp-lnk-directory-traversal
X-Force URL: http://xforce.iss.net/static/6760.php
Date Reported: 07/01/2001
Brief Description: phpMyAdmin log files allow remote user to
execute php code
Risk Factor: High
Attack Type: Network Based
Platforms Affected: phpMyAdmin 2.1
Vulnerability: phpmyadmin-log-execute-code
X-Force URL: http://xforce.iss.net/static/6773.php
Date Reported: 07/02/2001
Brief Description: Multiple Java Servlet cross-site scripting
Risk Factor: High
Attack Type: Network Based
Platforms Affected: Jakarta Tomcat 4.0 beta, IBM WebSphere 3.02,
VisualAge for Java 3.5 Pro, Resin All versions,
JRun 3.0, IBM WebSphere 3.5 FP2
Vulnerability: java-servlet-crosssite-scripting
X-Force URL: http://xforce.iss.net/static/6793.php
Date Reported: 07/02/2001
Brief Description: xvt command line buffer overflow
Risk Factor: High
Attack Type: Host Based
Platforms Affected: xvt 2.1, Debian Linux All versions
Vulnerability: xvt-command-line-bo
X-Force URL: http://xforce.iss.net/static/6781.php
Date Reported: 07/02/2001
Brief Description: BisonFTP '.bdl' file upload directory traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: BisonFTP V4R1
Vulnerability: bisonftp-bdl-directory-traversal
X-Force URL: http://xforce.iss.net/static/6782.php
Date Reported: 07/02/2001
Brief Description: Lotus Domino cross-site scripting
Risk Factor: High
Attack Type: Network Based
Platforms Affected: Lotus Domino R5 5.0.6
Vulnerability: lotus-domino-crosssite-scripting
X-Force URL: http://xforce.iss.net/static/6789.php
Date Reported: 07/02/2001
Brief Description: HP-UX setrlimit() incorrect core files denial of
service
Risk Factor: Medium
Attack Type: Host Based
Platforms Affected: HP-UX 10.01, HP-UX 10.10, HP-UX 11.00, HP-UX
10.20, HP-UX 11.04, HP-UX 11.11, HP-UX 10.24
Vulnerability: hpux-setrlimit-dos
X-Force URL: http://xforce.iss.net/static/6810.php
Date Reported: 07/03/2001
Brief Description: Cobalt RaQ3 poprelayd allows mail relay using
SMTP
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Cobalt RaQ3 Server All versions
Vulnerability: cobalt-poprelayd-mail-relay
X-Force URL: http://xforce.iss.net/static/6806.php
Date Reported: 07/04/2001
Brief Description: IIS device file request can crash the ASP
processor
Risk Factor: Medium
Attack Type: Host Based / Network Based
Platforms Affected: Microsoft IIS 4.0, Microsoft IIS 5.0
Vulnerability: iis-device-asp-dos
X-Force URL: http://xforce.iss.net/static/6800.php
Date Reported: 07/04/2001
Brief Description: XFree86 xdm brute force cookie attack
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: XFree86 X11R6 3.3.3
Vulnerability: xdm-cookie-brute-force
X-Force URL: http://xforce.iss.net/static/6808.php
Date Reported: 07/05/2001
Brief Description: Lmail temporary file symlink attack
Risk Factor: Medium
Attack Type: Host Based
Platforms Affected: Lmail 2.7
Vulnerability: lmail-tmpfile-symlink
X-Force URL: http://xforce.iss.net/static/6809.php
Date Reported: 07/05/2001
Brief Description: Windows 2000 SMTP service allows mail relaying
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Windows 2000 All versions
Vulnerability: win2k-smtp-mail-relay
X-Force URL: http://xforce.iss.net/static/6803.php
Date Reported: 07/05/2001
Brief Description: Lucent RADIUS implementation contains remote
buffer overflow in authentication routine
Risk Factor: High
Attack Type: Network Based
Platforms Affected: Lucent RADIUS 2.1-2
Vulnerability: lucent-radius-authentication-bo
X-Force URL: http://xforce.iss.net/static/6794.php
Date Reported: 07/05/2001
Brief Description: Solaris whodo buffer overflow could allow
elevated privileges
Risk Factor: High
Attack Type: Host Based
Platforms Affected: SunOS 5.5.1, SunOS 5.7, Solaris 8, SunOS 5.8
Vulnerability: solaris-whodo-bo
X-Force URL: http://xforce.iss.net/static/6802.php
Date Reported: 07/05/2001
Brief Description: Cobalt Qube "dot dot" directory traversal
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: Cobalt Qube 3
Vulnerability: cobalt-qube-directory-traversal
X-Force URL: http://xforce.iss.net/static/6805.php
Date Reported: 07/05/2001
Brief Description: NetCache 'config.http.tunnel.allow_ports' option
default configuration allows remote users to
tunnel to arbitrary ports
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: NetCache C1100 Series, NetCache C3100 Series,
NetCache C6100 Series, NetCache C700 Series
Vulnerability: netcache-tunnel-default-configuration
X-Force URL: http://xforce.iss.net/static/6807.php
Date Reported: 07/05/2001
Brief Description: Merit RADIUS implementation contains remote
buffer overflow in authentication routine
Risk Factor: High
Attack Type: Network Based
Platforms Affected: Merit RADIUS 3.6b
Vulnerability: merit-radius-authentication-bo
X-Force URL: http://xforce.iss.net/static/6812.php
Date Reported: 07/06/2001
Brief Description: Basilix Webmail allows remote attackers to view
arbitrary files
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Basilix Webmail 1.02beta, Basilix Webmail
1.03beta
Vulnerability: basilix-webmail-view-files
X-Force URL: http://xforce.iss.net/static/6873.php
Date Reported: 07/08/2001
Brief Description: Multiple TCP stack implementations MSS option
could allow a remote denial of service attack
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Solaris 8, Windows 2000 All versions, OpenBSD
All versions, HP-UX 11.x, Solaris 2.5.1, NetBSD
All versions, Solaris 7, Linux kernel All
versions, Windows NT All versions, FreeBSD All
versions
Vulnerability: tcp-mss-dos
X-Force URL: http://xforce.iss.net/static/6824.php
Date Reported: 07/09/2001
Brief Description: Tripwire /tmp file symbolic link could be used
to overwrite files
Risk Factor: Medium
Attack Type: Host Based
Platforms Affected: Tripwire 2.3.0, Tripwire ASR-1.3.1, Mandrake
Linux 8.0, Tripwire 2.2.1
Vulnerability: tripwire-tmpfile-symlink
X-Force URL: http://xforce.iss.net/static/6820.php
Date Reported: 07/09/2001
Brief Description: Cayman DSL router port scan denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Cayman 3220-H DSL Router 1.0
Vulnerability: cayman-dsl-portscan-dos
X-Force URL: http://xforce.iss.net/static/6825.php
Date Reported: 07/09/2001
Brief Description: AppletTrap unicode bypasses URL filter
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: AppletTrap 2.0
Vulnerability: applettrap-unicode-bypass-filter
X-Force URL: http://xforce.iss.net/static/6817.php
Date Reported: 07/09/2001
Brief Description: AppletTrap bypass restrictions using zero '0'
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: AppletTrap 2.0
Vulnerability: applettrap-zero-bypass-restrictions
X-Force URL: http://xforce.iss.net/static/6819.php
Date Reported: 07/09/2001
Brief Description: Opera Web browser broken header buffer overflow
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Opera Browser All versions
Vulnerability: opera-browser-header-bo
X-Force URL: http://xforce.iss.net/static/6838.php
Date Reported: 07/09/2001
Brief Description: WAP gateways invalid SSL certificates
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: OpenWave WAP Gateway All versions, CMG WAP
Gateway All versions
Vulnerability: wap-gateway-ssl-certificates
X-Force URL: http://xforce.iss.net/static/6814.php
Date Reported: 07/09/2001
Brief Description: Check Point FireWall-1 faked RDP connections
could bypass the firewall
Risk Factor: High
Attack Type: Network Based
Platforms Affected: Check Point VPN-1/Firewall-1 4.1
Vulnerability: fw1-rdp-bypass
X-Force URL: http://xforce.iss.net/static/6815.php
Date Reported: 07/09/2001
Brief Description: AppletTrap slash (//) bypasses URL filter
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: AppletTrap 2.0
Vulnerability: applettrap-slash-bypass-filter
X-Force URL: http://xforce.iss.net/static/6816.php
Date Reported: 07/09/2001
Brief Description: AppletTrap bypass IP restrictions
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: AppletTrap 2.0
Vulnerability: applettrap-bypass-ip-restrictions
X-Force URL: http://xforce.iss.net/static/6818.php
Date Reported: 07/10/2001
Brief Description: xloadimage FACES buffer overflow could allow
remote code execution
Risk Factor: High
Attack Type: Network Based
Platforms Affected: Red Hat Linux 7.0, Red Hat Linux 7.1, xloadimage
4.1-16 and earlier, Red Hat Linux 6.2
Vulnerability: xloadimage-faces-bo
X-Force URL: http://xforce.iss.net/static/6821.php
Date Reported: 07/10/2001
Brief Description: OpenSSL brute force attack can be used to
determine internal PRNG state
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: Mandrake Linux 8.0, Mandrake Single Network
Firewall 7.2, OpenSSL 0.9.6a and earlier, Red
Hat Linux 7.1, Trustix Secure Linux 1.01,
Trustix Secure Linux 1.2, Mandrake Linux 7.2,
Mandrake Linux Corporate Server 1.0.1, Engarde
Secure Linux 1.0.1, Mandrake Linux 7.1, Trustix
Secure Linux 1.1, Red Hat Linux 6.2, Red Hat
Linux 7.0, Red Hat Linux 7.1
Vulnerability: openssl-prng-brute-force
X-Force URL: http://xforce.iss.net/static/6823.php
Date Reported: 07/10/2001
Brief Description: FreeBSD rfork(RFPROC|RFSIGSHARE) signal handlers
allows local root compromise
Risk Factor: High
Attack Type: Host Based
Platforms Affected: FreeBSD 4.2, FreeBSD 4.3, FreeBSD 4.0, FreeBSD
4.1
Vulnerability: bsd-rfork-signal-handlers
X-Force URL: http://xforce.iss.net/static/6829.php
Date Reported: 07/11/2001
Brief Description: IBM DB2 db2ccs.exe remote denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: IBM DB2 Universal Database 7.0
Vulnerability: ibm-db2-ccs-dos
X-Force URL: http://xforce.iss.net/static/6832.php
Date Reported: 07/11/2001
Brief Description: IBM DB2 db2jds.exe remote denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: IBM DB2 Universal Database 7.0
Vulnerability: ibm-db2-jds-dos
X-Force URL: http://xforce.iss.net/static/6833.php
Date Reported: 07/11/2001
Brief Description: Cisco SN 5420 Storage Router denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Cisco SN 5420 1.1(3) and earlier, Cisco SN 5420
1.1(3) and earlier, Cisco SN 5420 1.1(3) and
earlier
Vulnerability: cisco-sn-dos
X-Force URL: http://xforce.iss.net/static/6826.php
Date Reported: 07/11/2001
Brief Description: Cisco SN 5420 Storage Router could allow an
attacker to gain unauthorized access
Risk Factor: High
Attack Type: Network Based
Platforms Affected: Cisco SN 5420 1.1(3) and earlier, Cisco SN 5420
1.1(3) and earlier, Cisco SN 5420 1.1(3) and
earlier
Vulnerability: cisco-sn-gain-access
X-Force URL: http://xforce.iss.net/static/6827.php
Date Reported: 07/11/2001
Brief Description: Check Point FireWall-1/VPN-1 management station
format string attack
Risk Factor: High
Attack Type: Network Based
Platforms Affected: Check Point VPN-1/Firewall-1 4.1
Vulnerability: fw1-management-format-string
X-Force URL: http://xforce.iss.net/static/6849.php
Date Reported: 07/11/2001
Brief Description: Cayman DSL router insecure default account
permissions
Risk Factor: High
Attack Type: Network Based
Platforms Affected: Cayman 3220-H DSL Router 1.0
Vulnerability: cayman-dsl-insecure-permissions
X-Force URL: http://xforce.iss.net/static/6841.php
Date Reported: 07/11/2001
Brief Description: Multiple CGI programs allow flat file
manipulation
Risk Factor: High
Attack Type: Network Based
Platforms Affected: DCForum 2000 1.0, DCForum 6.0
Vulnerability: http-cgi-flat-file-manipulation
X-Force URL: http://xforce.iss.net/static/6836.php
Date Reported: 07/11/2001
Brief Description: McAfee myCIO HTTP server directory traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: McAfee ASaP VirusScan All versions
Vulnerability: mcafee-mycio-directory-traversal
X-Force URL: http://xforce.iss.net/static/6834.php
Date Reported: 07/11/2001
Brief Description: XFree86 xman MANPATH environment variable buffer
overflow
Risk Factor: High
Attack Type: Host Based
Platforms Affected: XFree86 X11R6 3.3.2, Mandrake Linux 8.0
Vulnerability: xfree86-xman-manpath-bo
X-Force URL: http://xforce.iss.net/static/6853.php
Date Reported: 07/11/2001
Brief Description: Coldfusion may allow unauthorized access to
arbitrary files
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Coldfusion 4.5.1SP2 and earlier
Vulnerability: coldfusion-unauthorized-file-access
X-Force URL: http://xforce.iss.net/static/6839.php
Date Reported: 07/11/2001
Brief Description: AllCommerce creates /tmp files
Risk Factor: Medium
Attack Type: Host Based
Platforms Affected: Engarde Secure Linux 1.0.1
Vulnerability: allcommerce-temp-symlink
X-Force URL: http://xforce.iss.net/static/6830.php
Date Reported: 07/11/2001
Brief Description: Coldfusion could allow remote attackers to
overwrite template files
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Coldfusion 4.5.1SP2 and earlier
Vulnerability: coldfusion-overwrite-template
X-Force URL: http://xforce.iss.net/static/6840.php
Date Reported: 07/12/2001
Brief Description: vipw could leave certain files world-readable
after editing
Risk Factor: High
Attack Type: Host Based
Platforms Affected: Red Hat Linux 7.1, vipw All versions
Vulnerability: vipw-world-readable-files
X-Force URL: http://xforce.iss.net/static/6851.php
Date Reported: 07/12/2001
Brief Description: Outlook "Microsoft Outlook View Control" ActiveX
control
Risk Factor: High
Attack Type: Network Based
Platforms Affected: Microsoft Outlook 2002, Microsoft Outlook 98,
Microsoft Outlook 2000
Vulnerability: outlook-activex-view-control
X-Force URL: http://xforce.iss.net/static/6831.php
Date Reported: 07/12/2001
Brief Description: 3Com telnetd brute force attack
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: 3Com SuperStack II PS Hub 40 All versions
Vulnerability: 3com-telnetd-brute-force
X-Force URL: http://xforce.iss.net/static/6855.php
Date Reported: 07/12/2001
Brief Description: Cisco IOS PPTP denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Cisco IOS 12.1T, Cisco IOS 12.1E, Cisco IOS
12.1EZ, Cisco IOS 12.1YD, Cisco IOS 12.1YC,
Cisco IOS 12.2(x), Cisco IOS 12.2(x), Cisco IOS
12.2(x), Cisco IOS 12.1YA
Vulnerability: cisco-ios-pptp-dos
X-Force URL: http://xforce.iss.net/static/6835.php
Date Reported: 07/12/2001
Brief Description: ArGoSoft FTP Server weak password encryption
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: ArGoSoft FTP Server 1.2.2.2
Vulnerability: argosoft-ftp-weak-encryption
X-Force URL: http://xforce.iss.net/static/6848.php
Date Reported: 07/13/2001
Brief Description: Procmail insecure signal handling functions race
condition
Risk Factor: Medium
Attack Type: Host Based
Platforms Affected: Red Hat Linux 7.1, Red Hat Linux 5.2, Red Hat
Linux 6.2, Red Hat Linux 7.0, procmail All
versions
Vulnerability: procmail-signal-handling-race
X-Force URL: http://xforce.iss.net/static/6872.php
Date Reported: 07/13/2001
Brief Description: AdCycle allows remote attacker to execute SQL
commands as admin
Risk Factor: High
Attack Type: Network Based
Platforms Affected: AdCycle 1.15 and prior
Vulnerability: adcycle-insert-sql-command
X-Force URL: http://xforce.iss.net/static/6837.php
Date Reported: 07/15/2001
Brief Description: Interactive Story 'next' field allows directory
traversal
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: Interactive Story 1.3
Vulnerability: interactive-story-next-directory-traversal
X-Force URL: http://xforce.iss.net/static/6843.php
Date Reported: 07/16/2001
Brief Description: Oracle Internet Directory LDAP buffer overflows
found using PROTOS LDAPv3 test suite
Risk Factor: High
Attack Type: Network Based
Platforms Affected: Oracle Internet Directory 2.1.1, Oracle Internet
Directory 3.0.1
Vulnerability: oracle-ldap-protos-bo
X-Force URL: http://xforce.iss.net/static/6902.php
Date Reported: 07/16/2001
Brief Description: Oracle LDAP format string found using PROTOS
LDAPv3 test suite
Risk Factor: High
Attack Type: Network Based
Platforms Affected: Oracle Internet Directory 2.1.1, Oracle Internet
Directory 3.0.1
Vulnerability: oracle-ldap-protos-format-string
X-Force URL: http://xforce.iss.net/static/6903.php
Date Reported: 07/16/2001
Brief Description: Exchange Server LDAP denial of service found
using PROTOS LDAPv3 test suite
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Microsoft Exchange 5.5, Microsoft Exchange 2000
Vulnerability: exchange-ldap-protos-dos
X-Force URL: http://xforce.iss.net/static/6899.php
Date Reported: 07/16/2001
Brief Description: HP-UX DLKM static kernel symbol table could
allow elevated privileges
Risk Factor: High
Attack Type: Host Based
Platforms Affected: HP-UX 11.11
Vulnerability: hpux-dlkm-gain-privileges
X-Force URL: http://xforce.iss.net/static/6861.php
Date Reported: 07/16/2001
Brief Description: PGP Keyserver LDAP buffer overflows found using
PROTOS LDAPv3 test suite
Risk Factor: High
Attack Type: Network Based
Platforms Affected: Windows NT All versions, PGP Keyserver 7.0,
Solaris All versions
Vulnerability: pgp-keyserver-ldap-bo
X-Force URL: http://xforce.iss.net/static/6900.php
Date Reported: 07/16/2001
Brief Description: OpenLDAP LDAP denial of service found using
PROTOS LDAPv3 test suite
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: OpenLDAP All versions
Vulnerability: openldap-ldap-protos-dos
X-Force URL: http://xforce.iss.net/static/6904.php
Date Reported: 07/16/2001
Brief Description: Quake spoofed client denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: Quake All versions
Vulnerability: quake-spoofed-client-dos
X-Force URL: http://xforce.iss.net/static/6871.php
Date Reported: 07/16/2001
Brief Description: Lotus Domino LDAP format string found using
PROTOS LDAPv3 test suite
Risk Factor: High
Attack Type: Network Based
Platforms Affected: Lotus Domino R5 5.0.x
Vulnerability: domino-ldap-protos-format-string
X-Force URL: http://xforce.iss.net/static/6896.php
Date Reported: 07/16/2001
Brief Description: iPlanet Directory Server LDAP buffer overflows
found using PROTOS LDAPv3 test suite
Risk Factor: High
Attack Type: Network Based
Platforms Affected: iPlanet Directory Server 5.0 Beta, iPlanet
Directory Server 4.13 and prior
Vulnerability: iplanet-ldap-protos-bo
X-Force URL: http://xforce.iss.net/static/6893.php
Date Reported: 07/16/2001
Brief Description: iPlanet Directory Server LDAP format string
found using PROTOS LDAPv3 test suite
Risk Factor: High
Attack Type: Network Based
Platforms Affected: iPlanet Directory Server 5.0 Beta, iPlanet
Directory Server 4.13 and prior
Vulnerability: iplanet-ldap-protos-format-string
X-Force URL: http://xforce.iss.net/static/6898.php
Date Reported: 07/16/2001
Brief Description: Linux kernel init script creates files
insecurely
Risk Factor: High
Attack Type: Host Based
Platforms Affected: Linux kernel 2.4.4, Linux kernel 2.4.5, Linux
kernel 2.4.6, Linux kernel 2.4.3
Vulnerability: linux-init-insecure-files
X-Force URL: http://xforce.iss.net/static/6859.php
Date Reported: 07/16/2001
Brief Description: ELM message-id buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms Affected: ELM All versions, Mandrake Linux Corporate
Server 1.0.1, Red Hat Linux 7.1, Mandrake Linux
8.0, Mandrake Linux 7.1, Red Hat Linux 7.0,
Mandrake Linux 7.2, Red Hat Linux 5.2, Red Hat
Linux 6.2
Vulnerability: elm-messageid-bo
X-Force URL: http://xforce.iss.net/static/6852.php
Date Reported: 07/16/2001
Brief Description: IBM SecureWay Directory Server LDAP denial of
service found using PROTOS LDAPv3 test suite
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Solaris All versions, Windows 2000 All versions,
IBM SecureWay Directory Server 3.2.1
Vulnerability: secureway-ldap-protos-dos
X-Force URL: http://xforce.iss.net/static/6894.php
Date Reported: 07/16/2001
Brief Description: Windows 2000 Task Manager does not terminate
malicious files with the same name as a system
process
Risk Factor: High
Attack Type: Host Based
Platforms Affected: Windows 2000 All versions
Vulnerability: win2k-taskmanager-unkillable-process
X-Force URL: http://xforce.iss.net/static/6919.php
Date Reported: 07/16/2001
Brief Description: Samsung ML-85G printer driver /tmp symlink
Risk Factor: High
Attack Type: Host Based
Platforms Affected: Mandrake Linux All versions, Samsung ML-85G GDI
printer driver Linux
Vulnerability: samsung-printer-temp-symlink
X-Force URL: http://xforce.iss.net/static/6845.php
Date Reported: 07/16/2001
Brief Description: Lotus Domino LDAP buffer overflows found using
PROTOS LDAPv3 test suite
Risk Factor: High
Attack Type: Network Based
Platforms Affected: Lotus Domino R5 5.0.x
Vulnerability: domino-ldap-protos-bo
X-Force URL: http://xforce.iss.net/static/6895.php
Date Reported: 07/16/2001
Brief Description: Teamware Office LDAP buffer overflows found
using PROTOS LDAPv3 test suite
Risk Factor: High
Attack Type: Network Based
Platforms Affected: Solaris All versions, Windows NT All versions,
Teamware Office prior to 5.3ed1
Vulnerability: teamware-ldap-protos-bo
X-Force URL: http://xforce.iss.net/static/6897.php
Date Reported: 07/17/2001
Brief Description: HP-UX login command could allow unauthorized
system access
Risk Factor: High
Attack Type: Host Based
Platforms Affected: HP-UX 11.11, HP-UX 11.00, HP-UX 10.20
Vulnerability: hpux-login-unauthorized-access
X-Force URL: http://xforce.iss.net/static/6860.php
Date Reported: 07/17/2001
Brief Description: Un-CGI "dot dot" directory traversal could allow
remote program execution
Risk Factor: High
Attack Type: Network Based
Platforms Affected: Un-CGI All versions
Vulnerability: uncgi-dot-directory-traversal
X-Force URL: http://xforce.iss.net/static/6846.php
Date Reported: 07/17/2001
Brief Description: Caldera OpenLinux docview httpd command
execution
Risk Factor: High
Attack Type: Network Based
Platforms Affected: Caldera OpenLinux Workstation 3.1, Caldera
OpenLinux Server 3.1
Vulnerability: docview-httpd-command-execution
X-Force URL: http://xforce.iss.net/static/6854.php
Date Reported: 07/17/2001
Brief Description: Un-Cgi could allow the execution of un-
executable CGI scripts
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Un-CGI All versions
Vulnerability: uncgi-unexecutable-cgi
X-Force URL: http://xforce.iss.net/static/6847.php
Date Reported: 07/17/2001
Brief Description: Linux 'man' program cache file symlink attack
Risk Factor: High
Attack Type: Host Based
Platforms Affected: Slackware Linux 7.0, Slackware Linux 7.1,
Slackware Linux 8.0
Vulnerability: linux-man-cache-symlink
X-Force URL: http://xforce.iss.net/static/6878.php
Date Reported: 07/18/2001
Brief Description: AIX 'libi18n' library LANG environment variable
buffer overflow
Risk Factor: High
Attack Type: Host Based
Platforms Affected: AIX 4.3.x, AIX 5.1
Vulnerability: aix-libi18n-lang-bo
X-Force URL: http://xforce.iss.net/static/6863.php
Date Reported: 07/18/2001
Brief Description: HTTProtect protected files can be changed using
a symlink attack
Risk Factor: Medium
Attack Type: Host Based
Platforms Affected: Red Hat Linux 6.2, HTTProtect 1.1.1
Vulnerability: httprotect-protected-file-symlink
X-Force URL: http://xforce.iss.net/static/6880.php
Date Reported: 07/18/2001
Brief Description: Windows 2000 could allow an attacker to change
network passwords
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: Windows 2000 All versions
Vulnerability: win2k-change-network-passwords
X-Force URL: http://xforce.iss.net/static/6876.php
Date Reported: 07/18/2001
Brief Description: Squid HTTP Accelerator could allow unauthorized
port scanning
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: Squid Web Proxy 2.3STABLE4, Mandrake Linux 8.0,
Mandrake Single Network Firewall 7.2, Squid Web
Proxy 2.3STABLE3, Immunix Linux 7.0, Trustix
Secure Linux 1.01, Trustix Secure Linux 1.2,
Immunix Linux 6.2, Immunix Linux 7.0 Beta,
Mandrake Linux Corporate Server 1.0.1, Trustix
Secure Linux 1.1, Red Hat Linux 7.0, Mandrake
Linux 7.1, Mandrake Linux 7.2, Mandrake Linux 8.0
Vulnerability: squid-http-accelerator-portscanning
X-Force URL: http://xforce.iss.net/static/6862.php
Date Reported: 07/18/2001
Brief Description: Check Point FireWall-1 using SecuRemote could
allow remote attackers to gain network
information
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Check Point FireWall-1 All versions
Vulnerability: fw1-securemote-gain-information
X-Force URL: http://xforce.iss.net/static/6857.php
Date Reported: 07/18/2001
Brief Description: Windows 95/98 invalid path in registry could
allow malicious file execution
Risk Factor: High
Attack Type: Host Based
Platforms Affected: Windows 95 All versions, Windows 98 All versions
Vulnerability: win-invalid-path-file-execution
X-Force URL: http://xforce.iss.net/static/6874.php
Date Reported: 07/18/2001
Brief Description: BSD derived telnetd options 'telrcv' buffer
overflow
Risk Factor: High
Attack Type: Network Based
Platforms Affected: FreeBSD 3.x, FreeBSD 4.0, FreeBSD 4.1, NetBSD
1.5, FreeBSD 4.2, FreeBSD 4.3
Vulnerability: telnetd-option-telrcv-bo
X-Force URL: http://xforce.iss.net/static/6875.php
Date Reported: 07/18/2001
Brief Description: ZoneAlarm allows attacker to bypass MailSafe
feature
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: ZoneAlarm All versions, ZoneAlarm Pro All
versions
Vulnerability: zonealarm-bypass-mailsafe
X-Force URL: http://xforce.iss.net/static/6877.php
Date Reported: 07/19/2001
Brief Description: TCL/TK insecure library search path could allow
arbitrary code execution
Risk Factor: High
Attack Type: Host Based
Platforms Affected: Conectiva Linux 7.0, TCL/TK All versions, Red
Hat Linux 7.0, Conectiva Linux 6.0
Vulnerability: tcltk-insecure-library-search
X-Force URL: http://xforce.iss.net/static/6869.php
Date Reported: 07/19/2001
Brief Description: HP VirtualVault 'mkacct' could allow the
elevation of privileges
Risk Factor: High
Attack Type: Host Based
Platforms Affected: HP-UX 11.04, HP VirtualVault 4.0, HP
VirtualVault 4.5
Vulnerability: hp-virtualvault-mkacct-privilege-elevation
X-Force URL: http://xforce.iss.net/static/6867.php
Date Reported: 07/19/2001
Brief Description: 'expect' insecure library search path could
allow arbitrary code execution
Risk Factor: High
Attack Type: Host Based
Platforms Affected: Red Hat Linux 7.0, Conectiva Linux 6.0,
Conectiva Linux 7.0, Expect All versions
Vulnerability: expect-insecure-library-search
X-Force URL: http://xforce.iss.net/static/6870.php
Date Reported: 07/20/2001
Brief Description: SSH3 accounts with password lengths of less than
3 characters could allow unauthorized access
Risk Factor: High
Attack Type: Network Based
Platforms Affected: SSH 3.0.0
Vulnerability: ssh-password-length-unauth-access
X-Force URL: http://xforce.iss.net/static/6868.php
Date Reported: 07/20/2001
Brief Description: NetBSD kernel sendmsg(2) denial of service
Risk Factor: Medium
Attack Type: Host Based
Platforms Affected: NetBSD 1.5, NetBSD 1.4.3, NetBSD-current
pre20010701, NetBSD 1.4.1, NetBSD 1.4.2, NetBSD
1.3.1, NetBSD 1.3.3, NetBSD 1.3.2
Vulnerability: bsd-kernel-sendmsg-dos
X-Force URL: http://xforce.iss.net/static/6908.php
Date Reported: 07/20/2001
Brief Description: IBM alphaWorks TFTP "dot dot" directory
traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: IBM alphaWorks TFTP Server 1.21
Vulnerability: ibm-tftp-directory-traversal
X-Force URL: http://xforce.iss.net/static/6864.php
Date Reported: 07/20/2001
Brief Description: NetWin NWAuth buffer overflows could allow
arbitrary code execution
Risk Factor: High
Attack Type: Network Based
Platforms Affected: SurgeFTP Server 2.0a, SurgeFTP Server 1.0b,
SurgeFTP Server 2.0b, Dmail 2.5d to 2.8i, NWAuth
3.0b, NWAuth 2.0
Vulnerability: netwin-nwauth-bo
X-Force URL: http://xforce.iss.net/static/6865.php
Date Reported: 07/20/2001
Brief Description: NetWin NWAuth weak password encryption
Risk Factor: Medium
Attack Type: Host Based / Network Based
Platforms Affected: SurgeFTP Server 2.0a, SurgeFTP Server 1.0b,
SurgeFTP Server 2.0b, Dmail 2.5d to 2.8i, NWAuth
3.0b, NWAuth 2.0
Vulnerability: netwin-nwauth-weak-encryption
X-Force URL: http://xforce.iss.net/static/6866.php
Date Reported: 07/21/2001
Brief Description: Horde IMP cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: IMP 2.2.5 and earlier, Conectiva Linux 5.0,
Conectiva Linux 5.1, Conectiva Linux 7.0,
Conectiva Linux 6.0, Conectiva Linux 4.1,
Conectiva Linux 4.2
Vulnerability: imp-cross-site-scripting
X-Force URL: http://xforce.iss.net/static/6905.php
Date Reported: 07/21/2001
Brief Description: Horde IMP 'prefs.lang' file could be used to
gain elevated privileges on the Web server
Risk Factor: High
Attack Type: Host Based
Platforms Affected: Conectiva Linux 5.1, Conectiva Linux 7.0,
Conectiva Linux 4.1, Conectiva Linux 4.2,
Conectiva Linux 5.0, Conectiva Linux 6.0, IMP
2.2.4 and earlier
Vulnerability: imp-prefslang-gain-privileges
X-Force URL: http://xforce.iss.net/static/6906.php
Date Reported: 07/21/2001
Brief Description: PHPLIB remote script execution
Risk Factor: High
Attack Type: Network Based
Platforms Affected: Horde 1.2.5 and earlier, IMP 2.2.5 and earlier,
Trustix Secure Linux 1.5, Conectiva Linux 5.0,
Conectiva Linux 5.1, Conectiva Linux 7.0,
Trustix Secure Linux 1.2, Conectiva Linux 4.1,
Conectiva Linux 4.2, Trustix Secure Linux 1.1,
Conectiva Linux 6.0, Trustix Secure Linux 1.01
Vulnerability: phplib-script-execution
X-Force URL: http://xforce.iss.net/static/6892.php
Date Reported: 07/22/2001
Brief Description: CGIWrap cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: CGIWrap 3.6.4 and earlier
Vulnerability: cgiwrap-cross-site-scripting
X-Force URL: http://xforce.iss.net/static/6886.php
Date Reported: 07/22/2001
Brief Description: Sambar Server `pagecount` script can be used to
overwrite arbitrary files
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Sambar Server 5.0 BETA1, Sambar Server 5.0
BETA2, Sambar Server 5.0 BETA3, Sambar Server
5.0 BETA4, Sambar Server 4.4 production
Vulnerability: sambar-pagecount-overwrite-files
X-Force URL: http://xforce.iss.net/static/6916.php
Date Reported: 07/23/2001
Brief Description: Arkeia Server creates files with insecure
permissions
Risk Factor: Medium
Attack Type: Host Based
Platforms Affected: Arkeia Server 4.2.8-2
Vulnerability: arkeia-insecure-file-permissions
X-Force URL: http://xforce.iss.net/static/6885.php
Date Reported: 07/23/2001
Brief Description: Tivoli SecureWay Policy Director URL encoded
"dot dot" directory traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: IBM Tivoli SecureWay Policy Directory 3.6, IBM
Tivoli SecureWay Policy Director 3.7, IBM Tivoli
SecureWay Policy Director 3.7.1, IBM Tivoli
SecureWay Policy Director 3.0.1
Vulnerability: tivoli-secureway-dot-directory-traversal
X-Force URL: http://xforce.iss.net/static/6884.php
Date Reported: 07/24/2001
Brief Description: Solaris dtmail MAIL environment variable buffer
overflow
Risk Factor: High
Attack Type: Host Based
Platforms Affected: Solaris 2.6, Solaris 7
Vulnerability: solaris-dtmail-bo
X-Force URL: http://xforce.iss.net/static/6879.php
Date Reported: 07/24/2001
Brief Description: Mambo Site Server 'PHPSESSID' global variable
allows remote attacker to gain administrator
privileges
Risk Factor: High
Attack Type: Network Based
Platforms Affected: Mambo Site Server 3.0 to 3.0.5
Vulnerability: mambo-phpsessid-gain-privileges
X-Force URL: http://xforce.iss.net/static/6910.php
Date Reported: 07/24/2001
Brief Description: Microsoft SFU NFS denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Windows NT 4.0, Windows 2000 All versions,
Services for Unix 2.0
Vulnerability: sfu-nfs-dos
X-Force URL: http://xforce.iss.net/static/6882.php
Date Reported: 07/24/2001
Brief Description: Microsoft SFU Telnet denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Windows NT 4.0, Windows 2000 All versions,
Services for Unix 2.0
Vulnerability: sfu-telnet-dos
X-Force URL: http://xforce.iss.net/static/6883.php
Date Reported: 07/24/2001
Brief Description: Cisco IOS UDP packet denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Cisco IOS All versions
Vulnerability: cisco-ios-udp-dos
X-Force URL: http://xforce.iss.net/static/6913.php
Date Reported: 07/24/2001
Brief Description: Proxomitron cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Proxomitron Naoko-4 BetaFour and earlier
Vulnerability: proxomitron-cross-site-scripting
X-Force URL: http://xforce.iss.net/static/6887.php
Date Reported: 07/25/2001
Brief Description: Sambar Server insecure password protection
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Sambar Server all
Vulnerability: sambar-insecure-passwords
X-Force URL: http://xforce.iss.net/static/6909.php
Date Reported: 07/25/2001
Brief Description: Windows NT and 2000 Terminal Server RDP data
denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Windows NT 4.0, Windows 2000 All versions
Vulnerability: win-terminal-rdp-dos
X-Force URL: http://xforce.iss.net/static/6912.php
Date Reported: 07/26/2001
Brief Description: WS_FTP Server long command buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms Affected: WS_FTP Server 2.0.2
Vulnerability: wsftp-long-command-bo
X-Force URL: http://xforce.iss.net/static/6911.php
Date Reported: 07/26/2001
Brief Description: Windows Media Player .NSC buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms Affected: Windows Media Player 7.0, Windows Media Player
6.4, Windows Media Player 7.1
Vulnerability: mediaplayer-nsc-bo
X-Force URL: http://xforce.iss.net/static/6907.php
Date Reported: 07/26/2001
Brief Description: Multiple Microsoft products malformed RPC
request denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Windows NT 4.0, Microsoft Exchange 5.5, Windows
2000 All versions, Microsoft SQL Server 7.0,
Microsoft SQL Server 2000, Microsoft Exchange
2000
Vulnerability: ms-malformed-rpc-dos
X-Force URL: http://xforce.iss.net/static/6914.php
Date Reported: 07/26/2001
Brief Description: SnapStream "dot dot" directory traversal could
be used to obtain password file
Risk Factor: High
Attack Type: Network Based
Platforms Affected: Snapstream PVS 1.2a
Vulnerability: snapstream-dot-directory-traversal
X-Force URL: http://xforce.iss.net/static/6917.php
Date Reported: 07/27/2001
Brief Description: Linux groff format string could be used to
execute arbitrary commands
Risk Factor: High
Attack Type: Network Based
Platforms Affected: Red Hat Linux 5.2, Red Hat Linux 7.0, groff
prior to 1.16.1
Vulnerability: linux-groff-format-string
X-Force URL: http://xforce.iss.net/static/6918.php
Date Reported: 07/27/2001
Brief Description: Entrust GetAccess allows remote attacker to
execute commands
Risk Factor: High
Attack Type: Network Based
Platforms Affected: Entrust GetAccess All versions
Vulnerability: entrust-getaccess-execute-commands
X-Force URL: http://xforce.iss.net/static/6915.php
Date Reported: 07/28/2001
Brief Description: PHP-Nuke reviews.php could allow attackers to
modify SQL queries
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: PHP-Nuke 4.4 and earlier
Vulnerability: php-nuke-reviews-modify-sql
X-Force URL: http://xforce.iss.net/static/6922.php
Date Reported: 07/29/2001
Brief Description: AppletTrap allows remote attacker to bypass
filter when filter is enabled for single script
type
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: AppletTrap 2.0
Vulnerability: applettrap-single-filter-bypass
X-Force URL: http://xforce.iss.net/static/6920.php
_____
Risk Factor Key:
High Any vulnerability that provides an attacker with immediate
access into a machine, gains superuser access, or bypasses
a firewall. Example: A vulnerable Sendmail 8.6.5 version
that allows an intruder to execute commands on mail
server.
Medium Any vulnerability that provides information that has a
high potential of giving system access to an intruder.
Example: A misconfigured TFTP or vulnerable NIS server
that allows an intruder to get the password file that
could contain an account with a guessable password.
Low Any vulnerability that provides information that
potentially could lead to a compromise. Example: A
finger that allows an intruder to find out who is online
and potential accounts to attempt to crack passwords
via brute force methods.
______
About Internet Security Systems (ISS)
Internet Security Systems is a leading global provider of security
management solutions for the Internet, protecting digital assets and
ensuring safe and uninterrupted e-business. With its industry-leading
intrusion detection and vulnerability assessment, remote managed
security services, and strategic consulting and education offerings, ISS
is a trusted security provider to more than 8,000 customers worldwide
including 21 of the 25 largest U.S. commercial banks and the top 10 U.S.
telecommunications companies. Founded in 1994, ISS is headquartered in
Atlanta, GA, with additional offices throughout North America and
international operations in Asia, Australia, Europe, Latin America and
the Middle East. For more information, visit the Internet Security
Systems web site at www.iss.net or call 888-901-7477.
Copyright (c) 2001 Internet Security Systems, Inc.
Permission is hereby granted for the redistribution of this Alert
electronically. It is not to be edited in any way without express consent of
the X-Force. If you wish to reprint the whole or any part of this Alert in
any other medium excluding electronic medium, please e-mail xforce@iss.net
for permission.
Disclaimer
The information within this paper may change without notice. Use of this
information constitutes acceptance for use in an AS IS condition. There are
NO warranties with regard to this information. In no event shall the author
be liable for any damages whatsoever arising out of or in connection with
the use or spread of this information. Any use of this information is at the
user's own risk.
X-Force PGP Key available at: http://xforce.iss.net/sensitive.php
as well as on MIT's PGP key server and PGP.com's key server.
Please send suggestions, updates, and comments to: X-Force
xforce@iss.net of Internet Security Systems, Inc.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a
Charset: noconv
iQCVAwUBO3LmITRfJiV99eG9AQHVZwQAqIAb4lGVVrNxLVLaZK/sw5t2bcXcbGzC
lqi9sQbrc6UMDGqbzFzz8k4F4rxq0WUBFBqs2IvxFoNIveqxN2owsKd9dxRtSBwD
2BbgB142oB2dLckFVUFgys5gftiq9Fx0HURr8/Lflv1UQUL4ejng3qPzmHMjTdXA
UqxPT0eQw00=
=z+fq
-----END PGP SIGNATURE-----
- Previous message: CustomerRelations: "Internet Scanner FlexCheck for Code Red Backdoor Now Available"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
