ISSalert: ISS Security Alert Summary AS01-06

From: X-Force (xforce@iss.net)
Date: 11/13/01


Date: Mon, 12 Nov 2001 23:51:07 -0500
Message-Id: <200111130451.XAA02488@amber.iss.net>
To: alert@iss.net
From: X-Force <xforce@iss.net>
Subject: ISSalert: ISS Security Alert Summary AS01-06


TO UNSUBSCRIBE: email "unsubscribe alert" in the body of your message to
majordomo@iss.net Contact alert-owner@iss.net for help with any problems!
---------------------------------------------------------------------------

-----BEGIN PGP SIGNED MESSAGE-----

Internet Security Systems Security Alert Summary AS01-06
November 12, 2001

X-Force Vulnerability and Threat Database: http://xforce.iss.net

To receive these Alert Summaries, as well as other Alerts and
Advisories, subscribe to the Internet Security Systems Alert
mailing list at: http://xforce.iss.net/maillists/index.php

This summary is available at the following address:
http://xforce.iss.net/alerts/AS01-06.php

_____
Contents:
* 18 Reported Vulnerabilities
* Risk Factor Key
_____

Date Reported: 10/30/2001
Brief Description: Book of Guests CGI unfiltered shell
                        metacharacters could allow remote command
                        execution
Risk Factor: High
Attack Type: Network Based
Platforms Affected: Book of Guests 1.0
Vulnerability: bookofguests-cgi-command-execution
X-Force URL: http://xforce.iss.net/static/7434.php

Date Reported: 10/30/2001
Brief Description: Ikonboard improper authentication cookie
                        filtering could allow BBS administrator
                        privileges
Risk Factor: High
Attack Type: Network Based
Platforms Affected: Ikonboard 2.1.9 and earlier
Vulnerability: ikonboard-cookie-auth-privileges
X-Force URL: http://xforce.iss.net/static/7433.php

Date Reported: 10/30/2001
Brief Description: Leoboard LB5000 improper authentication cookie
                        filtering could allow BBS administrator
                        privileges
Risk Factor: High
Attack Type: Network Based
Platforms Affected: Leoboard LB5000 1029.0
Vulnerability: leoboard-cookie-auth-privileges
X-Force URL: http://xforce.iss.net/static/7436.php

Date Reported: 10/30/2001
Brief Description: Post-It! CGI unfiltered shell metacharacters
                        could allow remote command execution
Risk Factor: High
Attack Type: Network Based
Platforms Affected: Post-It! 1.0
Vulnerability: postit-cgi-command-execution
X-Force URL: http://xforce.iss.net/static/7435.php

Date Reported: 10/30/2001
Brief Description: Web Crossing WebX could allow session hijacking
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: WebX All versions
Vulnerability: webcrossing-webx-session-hijack
X-Force URL: http://xforce.iss.net/static/7458.php

Date Reported: 10/31/2001
Brief Description: FuseTalk 'join.cfm' form could allow the
                        execution of malicious SQL queries
Risk Factor: High
Attack Type: Network Based
Platforms Affected: FuseTalk 3.0
Vulnerability: fusetalk-joincfm-sql-execution
X-Force URL: http://xforce.iss.net/static/7445.php

Date Reported: 11/01/2001
Brief Description: Cyrus-SASL library internal logging function
                        format string
Risk Factor: High
Attack Type: Network Based
Platforms Affected: Cyrus-SASL 1.5.26 and earlier
Vulnerability: cyrus-sasl-format-string
X-Force URL: http://xforce.iss.net/static/7443.php

Date Reported: 11/01/2001
Brief Description: Viralator CGI unfiltered shell metacharacters
                        could allow remote command execution
Risk Factor: High
Attack Type: Network Based
Platforms Affected: Viralator 0.8, Viralator 0.9pre1, Viralator 0.7
Vulnerability: viralator-cgi-command-execution
X-Force URL: http://xforce.iss.net/static/7440.php

Date Reported: 11/02/2001
Brief Description: Microsoft ISA Server fragmented UDP packet flood
                        denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Microsoft ISA Server 2000
Vulnerability: isa-udp-flood-dos
X-Force URL: http://xforce.iss.net/static/7446.php

Date Reported: 11/02/2001
Brief Description: Progress Database PROMSGS format string
Risk Factor: High
Attack Type: Host Based
Platforms Affected: Progress Database 9.1C
Vulnerability: progress-promsgs-format-string
X-Force URL: http://xforce.iss.net/static/7457.php

Date Reported: 11/02/2001
Brief Description: Linux kernel using syn cookies could allow an
                        attacker to bypass filtering
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Red Hat Linux 7.2, Red Hat Linux 7.1, Red Hat
                        Linux 7.0, Red Hat Linux 6.2, SuSE Linux 7.3,
                        SuSE Linux 7.2, SuSE Linux 7.1, SuSE Linux 7.0,
                        SuSE Linux 6.4, SuSE Linux 6.3
Vulnerability: linux-syncookie-bypass-filter
X-Force URL: http://xforce.iss.net/static/7461.php

Date Reported: 11/05/2001
Brief Description: Entrust GetAccess shell scripts allows directory
                        traversal and file retrieval
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Entrust GetAccess All versions
Vulnerability: getaccess-shellscripts-retrieve-files
X-Force URL: http://xforce.iss.net/static/7474.php

Date Reported: 11/05/2001
Brief Description: PHP-Nuke 'case.filemanager.php' allows an
                        attacker to obtain unauthorized privileges
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: PHP-Nuke 5.2
Vulnerability: phpnuke-filemanager-gain-privileges
X-Force URL: http://xforce.iss.net/static/7478.php

Date Reported: 11/05/2001
Brief Description: Raptor Firewall zero length UDP packets remote
                        denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: Raptor Firewalls All versions
Vulnerability: raptor-udp-zero-dos
X-Force URL: http://xforce.iss.net/static/7484.php

Date Reported: 11/05/2001
Brief Description: Linux TUX HTTP server long Host: header denial
                        of service
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: Red Hat Linux 6.2, Red Hat Linux 7.0, Red Hat
                        Linux 7.1, Red Hat Linux 7.2, TUX HTTP Server
                        2.1.0-2
Vulnerability: tux-http-host-dos
X-Force URL: http://xforce.iss.net/static/7464.php

Date Reported: 11/05/2001
Brief Description: WS_FTP Server long STAT command buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms Affected: WS_FTP Server 2.0.3 and earlier
Vulnerability: wsftp-stat-bo
X-Force URL: http://xforce.iss.net/static/7472.php

Date Reported: 11/06/2001
Brief Description: ZoneAlarm identical IP address allows host
                        access with local security settings
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: ZoneAlarm 2.6
Vulnerability: zonealarm-ip-local-settings
X-Force URL: http://xforce.iss.net/static/7485.php

Date Reported: 11/08/2001
Brief Description: Internet Explorer 'about:' allows an attacker to
                        access cookie information
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Microsoft Internet Explorer 5.5, Microsoft
                        Internet Explorer 6
Vulnerability: ie-about-cookie-information
X-Force URL: http://xforce.iss.net/static/7486.php

_____

Risk Factor Key:

     High Any vulnerability that provides an attacker with immediate
              access into a machine, gains superuser access, or bypasses
              a firewall. Example: A vulnerable Sendmail 8.6.5 version
              that allows an intruder to execute commands on mail server.
     Medium Any vulnerability that provides information that has a high
              potential of giving system access to an intruder. Example:
              A misconfigured TFTP or vulnerable NIS server that allows
              an intruder to get the password file that could contain an
              account with a guessable password.
     Low Any vulnerability that provides information that could
              potentially lead to a compromise. Example: A finger that
              allows an intruder to find out who is online and potential
              accounts to attempt to crack passwords via brute force
              methods.

______

About Internet Security Systems (ISS)
Internet Security Systems is a leading global provider of security
management solutions for the Internet, protecting digital assets and
ensuring safe and uninterrupted e-business. With its industry-leading
intrusion detection and vulnerability assessment, remote managed
security services, and strategic consulting and education offerings, ISS
is a trusted security provider to more than 8,000 customers worldwide
including 21 of the 25 largest U.S. commercial banks and the top 10 U.S.
telecommunications companies. Founded in 1994, ISS is headquartered in
Atlanta, GA, with additional offices throughout North America and
international operations in Asia, Australia, Europe, Latin America and
the Middle East. For more information, visit the Internet Security
Systems web site at www.iss.net or call 888-901-7477.

Copyright (c) 2001 Internet Security Systems, Inc. All rights reserved
worldwide.

Permission is hereby granted for the redistribution of this Alert
electronically. It is not to be edited in any way without express consent of
the X-Force. If you wish to reprint the whole or any part of this Alert in
any other medium excluding electronic medium, please e-mail xforce@iss.net
for permission.

Disclaimer

The information within this paper may change without notice. Use of this
information constitutes acceptance for use in an AS IS condition. There are
NO warranties with regard to this information. In no event shall the author
be liable for any damages whatsoever arising out of or in connection with
the use or spread of this information. Any use of this information is at the
user's own risk.

X-Force PGP Key available at: http://xforce.iss.net/sensitive.php
as well as on MIT's PGP key server and PGP.com's key server.

Please send suggestions, updates, and comments to: X-Force
xforce@iss.net of Internet Security Systems, Inc.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a
Charset: noconv

iQCVAwUBO/CmgTRfJiV99eG9AQFBZwP/QCDVO85J4/X0RtEhCM03O5IpBFPwr5/R
v/ypWH/2kD/l+TpdB6kEBbeg//BhTAktxwvRhTgOZF3s83+TRv1YYCMzelYhzdnR
czBlE1M0qoDb8xEdb74d7dlTi1ND00oaRgs1GsxFKpJLFl26HCwaxEOHoTcVTdJK
t1BIkplpdOs=
=4ieW
-----END PGP SIGNATURE-----