ISSalert: ISS Security Alert Summary AS02-15
From: X-Force (xforce@iss.net)Date: 04/15/02
- Previous message: ISS Customer Relations: "[Xpress] Internet Scanner XPU 6.8 Now Available!"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 15 Apr 2002 16:32:10 -0400 (EDT) To: alert@iss.net From: X-Force <xforce@iss.net>
TO UNSUBSCRIBE: email "unsubscribe alert" in the body of your message to
majordomo@iss.net Contact alert-owner@iss.net for help with any problems!
---------------------------------------------------------------------------
-----BEGIN PGP SIGNED MESSAGE-----
Internet Security Systems Security Alert Summary AS02-15
April 15, 2002
X-Force Vulnerability and Threat Database:
http://www.iss.net/security_center
To receive these Alert Summaries, as well as other Alerts and
Advisories, subscribe to the Internet Security Systems Alert
mailing list at:
http://www.iss.net/security_center/maillists
This summary is available at the following address:
http://www.iss.net/security_center/alerts/AS02-15.php
_____
Contents:
* 46 Reported Vulnerabilities
* Risk Factor Key
_____
Date Reported: 04/06/2002
Brief Description: Horde IMP invalid PHP file request could disclose
the Web root path
Risk Factor: Low
Attack Type: Network Based
Platforms: IMP 2.2.7
Vulnerability: imp-php-path-disclosure
X-Force URL: http://www.iss.net/security_center/static/8768.php
Date Reported: 04/06/2002
Brief Description: Horde IMP status.php3 cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: IMP 2.2.7
Vulnerability: imp-status-php3-css
X-Force URL: http://www.iss.net/security_center/static/8769.php
Date Reported: 04/06/2002
Brief Description: Anthill bug tracking system cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Anthill 0.1.6.1 and earlier
Vulnerability: anthill-bug-tracking-css
X-Force URL: http://www.iss.net/security_center/static/8770.php
Date Reported: 04/06/2002
Brief Description: Anthill postbug.php authentication bypass
Risk Factor: Medium
Attack Type: Network Based
Platforms: Anthill 0.1.6.1 and earlier
Vulnerability: anthill-postbug-auth-bypass
X-Force URL: http://www.iss.net/security_center/static/8771.php
Date Reported: 04/01/2002
Brief Description: Oracle8i tnslsnr command line buffer overflow
Risk Factor: High
Attack Type: Host Based
Platforms: Oracle 8.1.5
Vulnerability: oracle-tnslsnr-command-line-bo
X-Force URL: http://www.iss.net/security_center/static/8772.php
Date Reported: 04/08/2002
Brief Description: WatchGuard Firebox SOHO invalid IP options denial
of service
Risk Factor: Low
Attack Type: Network Based
Platforms: WatchGuard Firebox SOHO prior to 5.0.35
Vulnerability: watchguard-soho-ipoptions-dos
X-Force URL: http://www.iss.net/security_center/static/8774.php
Date Reported: 04/05/2002
Brief Description: CA-MLINK /mlclear and /mllock buffer overflows
Risk Factor: High
Attack Type: Host Based
Platforms: CA-MLINK All versions
Vulnerability: ca-mlink-bo
X-Force URL: http://www.iss.net/security_center/static/8776.php
Date Reported: 04/08/2002
Brief Description: Microsoft OWC Spread*** component "=HOST()"
formula could be used to execute arbitrary script
through Internet Explorer
Risk Factor: Medium
Attack Type: Network Based
Platforms: Microsoft Internet Explorer 5.0, Microsoft Internet
Explorer 5.01, Microsoft Internet Explorer 5.5,
Microsoft Internet Explorer 6.0, Microsoft Office
XP, Microsoft Office Web Components 10
Vulnerability: owc-spread***-host-script-execution
X-Force URL: http://www.iss.net/security_center/static/8777.php
Date Reported: 04/08/2002
Brief Description: Microsoft OWC Spread*** component "LoadText"
method could be used to read arbitrary files
through Internet Explorer
Risk Factor: Medium
Attack Type: Network Based
Platforms: Microsoft Internet Explorer 5.0, Microsoft Internet
Explorer 5.01, Microsoft Internet Explorer 5.5,
Microsoft Internet Explorer 6.0, Microsoft Office
2000, Microsoft Office XP, Microsoft Office Web
Components 10, Microsoft Office Web Components 9
Vulnerability: owc-spread***-loadtext-read-files
X-Force URL: http://www.iss.net/security_center/static/8778.php
Date Reported: 04/08/2002
Brief Description: Microsoft OWC Spread*** component "Paste" and
"Copy" method could allow unauthorized clipboard
access through Internet Explorer
Risk Factor: Medium
Attack Type: Network Based
Platforms: Microsoft Internet Explorer 5.0, Microsoft Internet
Explorer 5.01, Microsoft Internet Explorer 5.5,
Microsoft Internet Explorer 6.0, Microsoft Office
2000, Microsoft Office XP, Microsoft Office Web
Components 10, Microsoft Office Web Components 9
Vulnerability: owc-spread***-clipboard-access
X-Force URL: http://www.iss.net/security_center/static/8779.php
Date Reported: 04/01/2002
Brief Description: Oracle Configurator DHTML UI text features cross-
site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Oracle Configurator 11i
Vulnerability: oracle-configurator-dhtml-css
X-Force URL: http://www.iss.net/security_center/static/8780.php
Date Reported: 04/01/2002
Brief Description: Oracle Configurator
'oracle.apps.cz.servlet.UiServlet' servlet cross-
site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Oracle Configurator 11i
Vulnerability: oracle-configurator-uiservlet-css
X-Force URL: http://www.iss.net/security_center/static/8781.php
Date Reported: 04/01/2002
Brief Description: Oracle Configurator
'oracle.apps.cz.servlet.UiServlet' servlet reveals
system information
Risk Factor: Low
Attack Type: Network Based
Platforms: Oracle Configurator 11i
Vulnerability: oracle-configurator-uiservlet-information
X-Force URL: http://www.iss.net/security_center/static/8782.php
Date Reported: 04/08/2002
Brief Description: Microsoft OWC Chart component could allow an
attacker to verify a file's existence using the
"Load" method
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms: Microsoft Office Web Components 10, Microsoft
Office Web Components 9
Vulnerability: owc-chart-load-exist
X-Force URL: http://www.iss.net/security_center/static/8784.php
Date Reported: 04/08/2002
Brief Description: Microsoft OWC Spread*** component could allow an
attacker to verify a file's existence using the
"XMLURL" property
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms: Microsoft Office Web Components 10
Vulnerability: owc-spread***-xmlurl
X-Force URL: http://www.iss.net/security_center/static/8785.php
Date Reported: 04/08/2002
Brief Description: Microsoft OWC DataSourceControl component could
allow an attacker to verify a file's existence
using the "ConnectionFile" property
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms: Microsoft Office Web Components 10
Vulnerability: owc-datasourcecontrol-connectionfile-exist
X-Force URL: http://www.iss.net/security_center/static/8786.php
Date Reported: 04/09/2002
Brief Description: Cisco Aironet telnet denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Cisco Aironet Access Point 340 prior to 11.21,
Cisco Aironet Access Point 350 prior to 11.21,
Cisco Aironet Bridge 350 prior to 11.21
Vulnerability: cisco-aironet-telnet-dos
X-Force URL: http://www.iss.net/security_center/static/8788.php
Date Reported: 04/08/2002
Brief Description: Funk Software Proxy uses insecure permissions
Risk Factor: Medium
Attack Type: Host Based / Network Based
Platforms: Funk Proxy Host 3.x
Vulnerability: funk-proxy-insecure-permissions
X-Force URL: http://www.iss.net/security_center/static/8791.php
Date Reported: 04/08/2002
Brief Description: Funk Software Proxy uses weak passwords
Risk Factor: High
Attack Type: Host Based
Platforms: Funk Proxy Host 3.x
Vulnerability: funk-proxy-weak-password
X-Force URL: http://www.iss.net/security_center/static/8792.php
Date Reported: 04/08/2002
Brief Description: Funk Software Proxy Named Pipe insecure permissions
Risk Factor: Medium
Attack Type: Host Based
Platforms: Funk Proxy Host 3.x
Vulnerability: funk-proxy-named-pipe
X-Force URL: http://www.iss.net/security_center/static/8793.php
Date Reported: 04/10/2002
Brief Description: IIS ASP chunked encoding heap buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Microsoft IIS 4.0, Microsoft IIS 5.0
Vulnerability: iis-asp-chunked-encoding-bo
X-Force URL: http://www.iss.net/security_center/static/8795.php
Date Reported: 04/10/2002
Brief Description: IIS ASP data transfer heap buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Microsoft IIS 4.0, Microsoft IIS 5.0, Microsoft IIS
5.1
Vulnerability: iis-asp-data-transfer-bo
X-Force URL: http://www.iss.net/security_center/static/8796.php
Date Reported: 04/10/2002
Brief Description: IIS ASP HTTP header parsing buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Microsoft IIS 4.0, Microsoft IIS 5.0, Microsoft IIS
5.1
Vulnerability: iis-asp-http-header-bo
X-Force URL: http://www.iss.net/security_center/static/8797.php
Date Reported: 04/10/2002
Brief Description: IIS SSI safety check buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Microsoft IIS 4.0, Microsoft IIS 5.0, Microsoft IIS
5.1
Vulnerability: iis-ssi-safety-check-bo
X-Force URL: http://www.iss.net/security_center/static/8798.php
Date Reported: 04/10/2002
Brief Description: IIS HTR ISAPI ISM.DLL extension buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Microsoft IIS 4.0, Microsoft IIS 5.0
Vulnerability: iis-htr-isapi-bo
X-Force URL: http://www.iss.net/security_center/static/8799.php
Date Reported: 04/10/2002
Brief Description: IIS FrontPage Server Extensions and ASP.NET ISAPI
filter error handling denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Microsoft IIS 4.0, Microsoft IIS 5.0, Microsoft IIS
5.1
Vulnerability: iis-isapi-filter-error-dos
X-Force URL: http://www.iss.net/security_center/static/8800.php
Date Reported: 04/10/2002
Brief Description: IIS FTP session status request denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Microsoft IIS 4.0, Microsoft IIS 5.0, Microsoft IIS
5.1
Vulnerability: iis-ftp-session-status-dos
X-Force URL: http://www.iss.net/security_center/static/8801.php
Date Reported: 04/10/2002
Brief Description: IIS Help File search cross-site scripting
Risk Factor: Medium
Attack Type: Host Based / Network Based
Platforms: Microsoft IIS 5.0, Microsoft IIS 5.1
Vulnerability: iis-help-file-css
X-Force URL: http://www.iss.net/security_center/static/8802.php
Date Reported: 04/10/2002
Brief Description: IIS HTTP error page cross-site scripting
Risk Factor: Medium
Attack Type: Host Based / Network Based
Platforms: Microsoft IIS 4.0, Microsoft IIS 5.0
Vulnerability: iis-http-error-page-css
X-Force URL: http://www.iss.net/security_center/static/8803.php
Date Reported: 04/10/2002
Brief Description: IIS redirected URL error cross-site scripting
Risk Factor: Medium
Attack Type: Host Based / Network Based
Platforms: Microsoft IIS 4.0, Microsoft IIS 5.0, Microsoft IIS
5.1
Vulnerability: iis-redirected-url-error-css
X-Force URL: http://www.iss.net/security_center/static/8804.php
Date Reported: 04/07/2002
Brief Description: Abyss Web Server retrieves configuration file using
hexadecimal URL encoded "dot dot" sequences
Risk Factor: Medium
Attack Type: Network Based
Platforms: Abyss Web Server 1.0
Vulnerability: abyss-unicode-directory-traversal
X-Force URL: http://www.iss.net/security_center/static/8805.php
Date Reported: 04/08/2002
Brief Description: Windows 2000 Terminal Services allows attacker to
bypass group policy settings
Risk Factor: Medium
Attack Type: Network Based
Platforms: Windows 2000 Advanced Server, Windows 2000
Datacenter Server, Windows 2000 Server
Vulnerability: win2k-terminal-bypass-policies
X-Force URL: http://www.iss.net/security_center/static/8813.php
Date Reported: 04/10/2002
Brief Description: WatchGuard Firebox SOHO allows users to bypass IP
restrictions
Risk Factor: Medium
Attack Type: Host Based
Platforms: WatchGuard Firebox SOHO 5.0.35
Vulnerability: watchguard-soho-bypass-restrictions
X-Force URL: http://www.iss.net/security_center/static/8814.php
Date Reported: 04/08/2002
Brief Description: Microsoft VBScript ActiveX Word object denial of
service
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms: Microsoft Internet Explorer 5.0, Microsoft Internet
Explorer 5.01, Microsoft Internet Explorer 5.5,
Microsoft Internet Explorer 6.0, Microsoft Outlook
2000, Microsoft Outlook 2002, Microsoft Outlook
Express 4.0, Microsoft Outlook Express 5.0,
Microsoft Outlook Express 5.5, Microsoft Outlook
Express 6.0, Microsoft Word 2000, Microsoft Word
2002
Vulnerability: ms-activex-word-dos
X-Force URL: http://www.iss.net/security_center/static/8815.php
Date Reported: 04/11/2002
Brief Description: Tivoli Storage Manager client port 1581 buffer
overflow
Risk Factor: High
Attack Type: Network Based
Platforms: IBM Tivoli Storage Manager 4.2.x.x
Vulnerability: tivoli-storagemanager-client-bo
X-Force URL: http://www.iss.net/security_center/static/8817.php
Date Reported: 04/11/2002
Brief Description: OpenBSD /usr/bin/mail in non-interactive mode could
allow local root privileges
Risk Factor: High
Attack Type: Host Based
Platforms: OpenBSD 3.0 and earlier
Vulnerability: openbsd-mail-root-privileges
X-Force URL: http://www.iss.net/security_center/static/8818.php
Date Reported: 04/09/2002
Brief Description: Powerboards local cookie modification could allow
account hijacking
Risk Factor: Medium
Attack Type: Network Based
Platforms: Powerboards 2.2b
Vulnerability: powerboards-account-hijacking
X-Force URL: http://www.iss.net/security_center/static/8819.php
Date Reported: 04/09/2002
Brief Description: Powerboards user file could be used to execute
arbitrary commands
Risk Factor: High
Attack Type: Network Based
Platforms: Powerboards 2.2b
Vulnerability: powerboards-user-file-execution
X-Force URL: http://www.iss.net/security_center/static/8820.php
Date Reported: 04/09/2002
Brief Description: Powerboards error.php cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Powerboards 2.2b
Vulnerability: powerboards-error-css
X-Force URL: http://www.iss.net/security_center/static/8821.php
Date Reported: 04/09/2002
Brief Description: Powerboards could allow an attacker to gain
administrative access
Risk Factor: Medium
Attack Type: Network Based
Platforms: Powerboards 2.2b
Vulnerability: powerboards-admin-access
X-Force URL: http://www.iss.net/security_center/static/8822.php
Date Reported: 04/09/2002
Brief Description: Powerboards could allow an attacker to delete other
user's posts
Risk Factor: Low
Attack Type: Network Based
Platforms: Powerboards 2.2b
Vulnerability: powerboards-delete-posts
X-Force URL: http://www.iss.net/security_center/static/8823.php
Date Reported: 04/09/2002
Brief Description: Powerboards could reveal database path
Risk Factor: Low
Attack Type: Network Based
Platforms: Powerboards 2.2b
Vulnerability: powerboards-path-disclosure
X-Force URL: http://www.iss.net/security_center/static/8824.php
Date Reported: 04/11/2002
Brief Description: Tivoli Storage Manager Web server port 1580 login
buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: IBM Tivoli Storage Manager 4.2.x.x
Vulnerability: tivoli-storagemanager-login-bo
X-Force URL: http://www.iss.net/security_center/static/8825.php
Date Reported: 04/11/2002
Brief Description: IBM Informix Web Datablade Module allows SQL
injection attack
Risk Factor: Medium
Attack Type: Network Based
Platforms: Informix Web Datablade Module 4.12
Vulnerability: informix-wdm-sql-injection
X-Force URL: http://www.iss.net/security_center/static/8826.php
Date Reported: 04/11/2002
Brief Description: IBM Informix Web Datablade Module HTML decoding of
SQL Query
Risk Factor: Medium
Attack Type: Network Based
Platforms: Informix Web Datablade Module 4.12
Vulnerability: informix-wbm-sql-decoding
X-Force URL: http://www.iss.net/security_center/static/8827.php
Date Reported: 04/11/2002
Brief Description: X11 library -xrm option buffer overflow
Risk Factor: High
Attack Type: Host Based
Platforms: Caldera OpenUnix 8.0.0, Caldera UnixWare 7.1.1
Vulnerability: x11-xrm-bo
X-Force URL: http://www.iss.net/security_center/static/8828.php
_____
Risk Factor Key:
High Any vulnerability that provides an attacker with immediate
access into a machine, gains superuser access, or bypasses
a firewall. Example: A vulnerable Sendmail 8.6.5 version
that allows an intruder to execute commands on mail server.
Medium Any vulnerability that provides information that has a high
potential of giving system access to an intruder. Example:
A misconfigured TFTP or vulnerable NIS server that allows
an intruder to get the password file that could contain an
account with a guessable password.
Low Any vulnerability that provides information that could
potentially lead to a compromise. Example: A finger that
allows an intruder to find out who is online and potential
accounts to attempt to crack passwords via brute force
methods.
______
About Internet Security Systems (ISS)
Founded in 1994, Internet Security Systems (ISS) (Nasdaq: ISSX) is a
pioneer and world leader in software and services that protect critical
online resources from an ever-changing spectrum of threats and misuse.
Internet Security Systems is headquartered in Atlanta, GA, with
additional operations throughout the Americas, Asia, Australia, Europe
and the Middle East.
Copyright (c) 2002 Internet Security Systems, Inc. All rights reserved
worldwide.
Permission is hereby granted for the electronic redistribution of this
document. It is not to be edited or altered in any way without the
express written consent of the Internet Security Systems X-Force. If you
wish to reprint the whole or any part of this document in any other
medium excluding electronic media, please email xforce@iss.net for
permission.
Disclaimer: The information within this paper may change without notice.
Use of this information constitutes acceptance for use in an AS IS
condition. There are NO warranties, implied or otherwise, with regard to
this information or its use. Any use of this information is at the
user's risk. In no event shall the author/distributor (Internet Security
Systems X-Force) be held liable for any damages whatsoever arising out
of or in connection with the use or spread of this information.
X-Force PGP Key available on MIT's PGP key server and PGP.com's key server,
as well as at http://www.iss.net/security_center/sensitive.php
Please send suggestions, updates, and comments to: X-Force
xforce@iss.net of Internet Security Systems, Inc.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBPLs4rzRfJiV99eG9AQFgHQP/cc85DkRERJ5pZygO7VIhAHq/ZAEYJDlN
328GAddxlT6aURVa4SgQltHGh2La3FeXktJ3qMMuCNfGaxLKaGEEPQCXun1YlYuO
RP313nb37xTz6jOhmtTVRdKO+dl9+q9YMXCrg67esQb7WgZ8gAcMj+bWEa6QXhmy
5orZElcyH4w=
=ZrQq
-----END PGP SIGNATURE-----
- Previous message: ISS Customer Relations: "[Xpress] Internet Scanner XPU 6.8 Now Available!"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
