ISS Security Alert Summary AS02-47
From: X-Force (xforce@iss.net)
Date: 11/25/02
- Previous message: ISS Customer Relations: "[Customerconnect] Announcing Service Release for RealSecure ICEcap Manager Now Available!"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: alert@iss.net From: X-Force <xforce@iss.net> Date: Mon, 25 Nov 2002 14:24:24 -0500 (EST)
-----BEGIN PGP SIGNED MESSAGE-----
Internet Security Systems Security Alert Summary AS02-47
November 25, 2002
X-Force Vulnerability and Threat Database:
http://www.iss.net/security_center
To receive these Alert Summaries, as well as other Alerts and
Advisories, subscribe to the Internet Security Systems Alert
mailing list at:
http://www.iss.net/security_center/maillists
This summary is available at the following address:
http://www.iss.net/security_center/alerts/AS02-47.php
_____
Contents:
* 35 Reported Vulnerabilities
* Risk Factor Key
_____
Date Reported: 11/16/2002
Brief Description: NeoBook NBActiveX.ocx ActiveX control could allow
an attacker to execute programs
Risk Factor: High
Attack Type: Network Based
Platforms: Windows Any version, NeoBook 4
Vulnerability: neobook-nbaactivex-execute-programs
X-Force URL: http://www.iss.net/security_center/static/10645.php
Date Reported: 11/17/2002
Brief Description: tftp32 GET or PUT request directory traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms: Windows Any version, tftp32 2.50.2 and earlier
Vulnerability: tftp32-directory-traversal
X-Force URL: http://www.iss.net/security_center/static/10646.php
Date Reported: 11/17/2002
Brief Description: tftp32 file name buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Windows Any version, tftp32 2.21 and earlier
Vulnerability: tftp32-filename-bo
X-Force URL: http://www.iss.net/security_center/static/10647.php
Date Reported: 11/17/2002
Brief Description: AOL Instant Messenger "Get Buddy Info" screenname
denial of service
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms: Windows Any version, AOL Instant Messenger 5.1.3036
Vulnerability: aim-getbuddyinfo-screenname-dos
X-Force URL: http://www.iss.net/security_center/static/10648.php
Date Reported: 11/17/2002
Brief Description: MailEnable POP3 server denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Windows Any version, MailEnable Any version
Vulnerability: mailenable-pop3-server-dos
X-Force URL: http://www.iss.net/security_center/static/10652.php
Date Reported: 11/18/2002
Brief Description: nullmailer non-existent user denial of service
Risk Factor: Low
Attack Type: Host Based
Platforms: Debian Linux 3.0, nullmailer Any version
Vulnerability: nullmailer-nonexistent-user-dos
X-Force URL: http://www.iss.net/security_center/static/10649.php
Date Reported: 11/18/2002
Brief Description: Macromedia Flash OCX ActiveX SWRemote parameter
buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Windows Any version, Macromedia Flash Player for IE
6
Vulnerability: flash-activex-swremote-bo
X-Force URL: http://www.iss.net/security_center/static/10650.php
Date Reported: 11/18/2002
Brief Description: Linksys XML entry in mailcap file could allow
unauthorized administrative access
Risk Factor: High
Attack Type: Network Based
Platforms: Linksys EtherFast BEFSR41 1.41 through 1.43,
Linksys EtherFast BEFSR11 1.41 through 1.43,
Linksys EtherFast BEFSRU31 1.41 through 1.43,
Linksys EtherFast BEFW11S4 1.42.7 through 1.43
Vulnerability: linksys-xml-admin-access
X-Force URL: http://www.iss.net/security_center/static/10651.php
Date Reported: 11/18/2002
Brief Description: phpBB viewtopic.php cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Windows Any version, Unix Any
version, phpBB 2.0.3
Vulnerability: phpbb-viewtopic-script-xss
X-Force URL: http://www.iss.net/security_center/static/10653.php
Date Reported: 11/18/2002
Brief Description: QNX RTOS improper permissions
Risk Factor: Medium
Attack Type: Host Based
Platforms: QNX RTOS 6.2.0
Vulnerability: qnx-rtos-improper-permissions
X-Force URL: http://www.iss.net/security_center/static/10656.php
Date Reported: 11/18/2002
Brief Description: Gordano GMS Mail JUCE add-on email filter can be
bypassed
Risk Factor: Medium
Attack Type: Network Based
Platforms: Windows NT Any version, Windows 2000 Any version,
Windows XP Any version, GMS Mail 8
Vulnerability: gmsmail-juce-filter-bypass
X-Force URL: http://www.iss.net/security_center/static/10657.php
Date Reported: 11/18/2002
Brief Description: DHCP client daemon dhcpcd .info file command
execution
Risk Factor: High
Attack Type: Network Based
Platforms: Linux Any version, dhcpcd prior to 1.3.22-p12
Vulnerability: dhcpcd-info-execute-commands
X-Force URL: http://www.iss.net/security_center/static/10663.php
Date Reported: 11/18/2002
Brief Description: Internet Explorer IFRAME dialogArguments object can
access a user's local security zone
Risk Factor: Medium
Attack Type: Network Based
Platforms: Windows Any version, Microsoft Internet Explorer
5.5, Microsoft Internet Explorer 6.0
Vulnerability: ie-iframe-dialogarguments-access
X-Force URL: http://www.iss.net/security_center/static/10674.php
Date Reported: 11/19/2002
Brief Description: Linksys EtherFast overly long password denial of
service
Risk Factor: Low
Attack Type: Network Based
Platforms: Linksys EtherFast BEFSR41 prior to 1.43.3, Linksys
EtherFast BEFW11S4 prior to 1.43.3, Linksys
EtherFast BEFSR11 prior to 1.43.3, Linksys
EtherFast BEFSRU31 prior to 1.43.3
Vulnerability: linksys-etherfast-password-dos
X-Force URL: http://www.iss.net/security_center/static/10654.php
Date Reported: 11/19/2002
Brief Description: Netscape user preferences file could be obtained
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Windows Any version, Macintosh
Any version, Netscape Communicator 4.x
Vulnerability: netscape-preferences-file
X-Force URL: http://www.iss.net/security_center/static/10655.php
Date Reported: 11/19/2002
Brief Description: QNX RTOS Photon microGUI could allow an attacker to
view a user's clipboard
Risk Factor: Medium
Attack Type: Host Based
Platforms: QNX RTOS 6.2.0
Vulnerability: qnx-photon-view-clipboard
X-Force URL: http://www.iss.net/security_center/static/10658.php
Date Reported: 11/19/2002
Brief Description: Open WebMail could disclose sensitive information
Risk Factor: Low
Attack Type: Network Based
Platforms: Linux Any version, Unix Any version, Open WebMail
1.71
Vulnerability: open-webmail-information-disclosure
X-Force URL: http://www.iss.net/security_center/static/10684.php
Date Reported: 11/20/2002
Brief Description: Microsoft Data Access Components RDS Data Stub
server heap buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Windows NT 4.0, Windows 98, Windows 98 Second
Edition, Windows 2000 Any version, Windows Me,
Microsoft Data Access Components (MDAC) 2.5,
Microsoft Data Access Components (MDAC) 2.6,
Microsoft Data Access Components (MDAC) 2.1
Vulnerability: mdac-rds-server-bo
X-Force URL: http://www.iss.net/security_center/static/10659.php
Date Reported: 11/20/2002
Brief Description: Cisco PIX Firewall duplicate ISAKMP SA VPN session
man-in-the-middle attack
Risk Factor: Medium
Attack Type: Network Based
Platforms: Cisco PIX Firewall 6.0.3 and earlier, Cisco PIX
Firewall 6.1.3 and earlier
Vulnerability: cisco-pix-isakmp-sa-mitm
X-Force URL: http://www.iss.net/security_center/static/10660.php
Date Reported: 11/20/2002
Brief Description: Cisco PIX Firewall TACACS+ or RADIUS HTTP traffic
authentication denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Cisco PIX Firewall 5.2.8 and earlier, Cisco PIX
Firewall 6.0.3 and earlier, Cisco PIX Firewall
6.1.3 and earlier, Cisco PIX Firewall 6.2.1 and
earlier
Vulnerability: cisco-pix-http-dos
X-Force URL: http://www.iss.net/security_center/static/10661.php
Date Reported: 11/20/2002
Brief Description: Microsoft Internet Explorer PNG image buffer
overflow
Risk Factor: Low
Attack Type: Network Based
Platforms: Windows Any version, Microsoft Internet Explorer
5.01, Microsoft Internet Explorer 5.5, Microsoft
Internet Explorer 6.0
Vulnerability: ie-png-bo
X-Force URL: http://www.iss.net/security_center/static/10662.php
Date Reported: 11/20/2002
Brief Description: Microsoft Internet Explorer OBJECT tag could be
used to read TIF folder name
Risk Factor: Medium
Attack Type: Network Based
Platforms: Windows Any version, Microsoft Internet Explorer
5.01, Microsoft Internet Explorer 5.5, Microsoft
Internet Explorer 6.0
Vulnerability: ie-object-read-tif
X-Force URL: http://www.iss.net/security_center/static/10665.php
Date Reported: 11/20/2002
Brief Description: Microsoft Data Access Components RDS Data Stub
client heap buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Windows NT 4.0, Windows 98, Windows 98 Second
Edition, Windows 2000 Any version, Windows Me,
Microsoft Data Access Components (MDAC) 2.5,
Microsoft Data Access Components (MDAC) 2.6,
Microsoft Data Access Components (MDAC) 2.1
Vulnerability: mdac-rds-client-bo
X-Force URL: http://www.iss.net/security_center/static/10669.php
Date Reported: 11/20/2002
Brief Description: Opera Squid HTTPS request denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Linux Any version, Opera prior to 6.10
Vulnerability: opera-squid-https-dos
X-Force URL: http://www.iss.net/security_center/static/10673.php
Date Reported: 11/20/2002
Brief Description: Allied Telesyn AT-8024 and Rapier 24 switches zero
stream denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Allied Telesyn Rapier 24 Any version, Allied
Telesyn AT-8024 Any version
Vulnerability: telesyn-zero-stream-dos
X-Force URL: http://www.iss.net/security_center/static/10680.php
Date Reported: 11/20/2002
Brief Description: Samba encrypted password change request buffer
overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Conectiva Linux 6.0, SuSE Linux 7.2, Conectiva
Linux 7.0, SuSE Linux 7.3, SuSE Linux Firewall Any
version, SuSE Linux Database Server Any version,
SuSE eMail Server III Any version, SuSE Linux
Connectivity Server Any version, SuSE Linux 8.0,
Conectiva Linux 8.0, Red Hat Linux 7.3, SuSE Linux
Enterprise Server Any version, Gentoo Linux Any
version, SuSE Linux Office Server Any Version, Red
Hat Linux 8.0, SuSE eMail Server 3.1, SuSE Linux
8.1, Samba 2.2.2, Samba 2.2.3, Samba 2.2.4, Samba
2.2.5, Samba 2.2.6
Vulnerability: samba-password-change-bo
X-Force URL: http://www.iss.net/security_center/static/10683.php
Date Reported: 11/21/2002
Brief Description: Alcatel OmniSwitch Alcatel Operating System (AOS)
Telnet backdoor
Risk Factor: High
Attack Type: Network Based
Platforms: Alcatel OmniSwitch 7700, Alcatel OmniSwitch 7800,
Alcatel Operating System (AOS) 5.1.1
Vulnerability: alcatel-omniswitch-backdoor
X-Force URL: http://www.iss.net/security_center/static/10664.php
Date Reported: 11/21/2002
Brief Description: Zeroo "dot dot" directory traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Windows Any version, Unix Any
version, Zeroo HTTP Server Any version
Vulnerability: zeroo-dotdot-directory-traversal
X-Force URL: http://www.iss.net/security_center/static/10672.php
Date Reported: 11/21/2002
Brief Description: vBulletin memberlist.php cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Windows Any version, Unix Any
version, vBulletin 2.2.9 and earlier
Vulnerability: vbulletin-memberlist-xss
X-Force URL: http://www.iss.net/security_center/static/10679.php
Date Reported: 11/22/2002
Brief Description: ClearCase TCP port scan denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Linux Any version, Unix Any version, ClearCase 4.1,
ClearCase 2002.05
Vulnerability: clearcase-tcp-scan-dos
X-Force URL: http://www.iss.net/security_center/static/10675.php
Date Reported: 11/22/2002
Brief Description: RealPlayer SMIL parameter RealPlay.exe heap buffer
overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Windows Any version, RealPlayer Any version,
RealOne Player Any version
Vulnerability: realplayer-smil-parameter-bo
X-Force URL: http://www.iss.net/security_center/static/10676.php
Date Reported: 11/22/2002
Brief Description: RealPlayer rtsp:// file name parameter RealPlay.exe
heap buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Windows Any version, RealPlayer Any version,
RealOne Player Any version
Vulnerability: realplayer-rtsp-filename-bo
X-Force URL: http://www.iss.net/security_center/static/10677.php
Date Reported: 11/22/2002
Brief Description: RealPlayer long file name "Edit Clip info" or
"Select copy to my Library" buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Windows Any version, RealPlayer Any version,
RealOne Player Any version
Vulnerability: realplayer-filename-playing-bo
X-Force URL: http://www.iss.net/security_center/static/10678.php
Date Reported: 11/23/2002
Brief Description: acFTP could allow an attacker to bypass
authentication
Risk Factor: High
Attack Type: Network Based
Platforms: Windows Any version, acFTP Any version
Vulnerability: acftp-authentication-bypass
X-Force URL: http://www.iss.net/security_center/static/10681.php
Date Reported: 11/23/2002
Brief Description: acFP error page cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Windows Any version, acFP Any version
Vulnerability: acfp-error-page-xss
X-Force URL: http://www.iss.net/security_center/static/10682.php
_____
Risk Factor Key:
High Any vulnerability that provides an attacker with immediate
access into a machine, gains superuser access, or bypasses
a firewall. Example: A vulnerable Sendmail 8.6.5 version
that allows an intruder to execute commands on mail server.
Medium Any vulnerability that provides information that has a high
potential of giving system access to an intruder. Example:
A misconfigured TFTP or vulnerable NIS server that allows
an intruder to get the password file that could contain an
account with a guessable password.
Low Any vulnerability that provides information that could
potentially lead to a compromise. Example: A finger that
allows an intruder to find out who is online and potential
accounts to attempt to crack passwords via brute force
methods.
______
About Internet Security Systems (ISS)
Founded in 1994, Internet Security Systems (ISS) (Nasdaq: ISSX) is a
pioneer and world leader in software and services that protect critical
online resources from an ever-changing spectrum of threats and misuse.
Internet Security Systems is headquartered in Atlanta, GA, with
additional operations throughout the Americas, Asia, Australia, Europe
and the Middle East.
Copyright (c) 2002 Internet Security Systems, Inc. All rights reserved
worldwide.
Permission is hereby granted for the electronic redistribution of this
document. It is not to be edited or altered in any way without the
express written consent of the Internet Security Systems X-Force. If you
wish to reprint the whole or any part of this document in any other
medium excluding electronic media, please email xforce@iss.net for
permission.
Disclaimer: The information within this paper may change without notice. Internet
Security Systems provides this information on an AS IS basis with NO warranties,
implied or otherwise. Any use of this information is at the user’s risk. In no event
shall Internet Security Systems be held liable for any damages whatsoever arising
out of or in connection with the use or dissemination of this information.
X-Force PGP Key available on MIT's PGP key server and PGP.com's key server,
as well as at http://www.iss.net/security_center/sensitive.php
Please send suggestions, updates, and comments to: X-Force
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBPeJ4ZjRfJiV99eG9AQFQ/gQAqpaTguWhElWmePLpyr2YjVBe6A1wGbiP
/b+1nT46e/hJFKRBkqXiPS3sWNdpNi4Hnyk9GRCExC8OniDUtLFaHkeMSyCm+T5j
m2Q5ePtXnHXWYpzh7JV+CpRuj1XaeRUZUBQv+8wwvMsX0pZ8fgrku6OLdLJfcI9N
UsmirZbKeho=
=lPUa
-----END PGP SIGNATURE-----
- Next message: ISS Customer Relations: "[Customerconnect] Announcing Service Release for RealSecure Guard, Sentry, Desktop Protector, and BlackICE Agent for Server Now Available!"
- Previous message: ISS Customer Relations: "[Customerconnect] Announcing Service Release for RealSecure ICEcap Manager Now Available!"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
