ISS Security Alert Summary AS03-06
From: X-Force (xforce@iss.net)
Date: 02/10/03
- Previous message: Graham, Robert (ISS Atlanta): "RE: Protocol Anomaly Detection IDS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: alert@iss.net From: X-Force <xforce@iss.net> Date: Mon, 10 Feb 2003 17:43:27 -0500 (EST)
-----BEGIN PGP SIGNED MESSAGE-----
Internet Security Systems Security Alert Summary AS03-06
February 10, 2003
X-Force Vulnerability and Threat Database:
http://www.iss.net/security_center
To receive these Alert Summaries, as well as other Alerts and
Advisories, subscribe to the Internet Security Systems Alert
mailing list at:
http://www.iss.net/security_center/maillists
This summary is available at the following address:
http://www.iss.net/security_center/alerts/AS03-06.php
_____
Contents:
* 33 Reported Vulnerabilities
* Risk Factor Key
_____
Date Reported: 01/27/2003
Brief Description: Nukebrowser $filhead remote PHP file include
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Windows Any version, Unix Any
version, Nukebrowser 2.1 to 2.41
Vulnerability: nukebrowser-php-file-include
X-Force URL: http://www.iss.net/security_center/static/11217.php
Date Reported: 01/28/2003
Brief Description: WebLogic keystores store plaintext passwords
Risk Factor: Medium
Attack Type: Host Based
Platforms: Windows NT 4.0, Solaris 2.6, HP-UX 11.00, Red Hat
Linux Any version, Solaris 7, Solaris 8, Windows
2000 Server, Windows 2000 Advanced Server, HP-UX
11i, AIX 4.3.3, Windows XP, AIX 5.1L, Windows 2000
Professional, WebLogic Server 7.0, WebLogic Server
7.0.0.1, WebLogic Express 7.0, WebLogic Express
7.0.0.1
Vulnerability: weblogic-keystore-plaintext-passwords
X-Force URL: http://www.iss.net/security_center/static/11220.php
Date Reported: 01/28/2003
Brief Description: WebLogic clustered environment race condition
session sharing
Risk Factor: Medium
Attack Type: Network Based
Platforms: Tru64 UNIX Any version, Windows NT 4.0, Solaris
2.6, HP-UX 11.00, Red Hat Linux Any version, SuSE
Linux Any version, Solaris 7, Solaris 8, Windows
2000 Server, Windows 2000 Advanced Server, WebLogic
Server 6.0, HP-UX 11i, AIX 4.3.3, Windows XP,
WebLogic Express 5.1, Compaq NonStop Himalaya
Servers Any version, AIX 5.1L, Solaris 9, Windows
2000 Professional, OpenVMS Any version, WebLogic
Server 6.1, WebLogic Server 7.0, WebLogic Server
7.0.0.1, WebLogic Express 6.1, WebLogic Express
7.0, WebLogic Express 7.0.0.1, WebLogic Express
6.0, WebLogic Server 5.1, IBM AS/400e OS/400
V4R4/V4R5, IBM Dynix/ptx Any version, IBM S/390
Vulnerability: weblogic-clustered-race-condition
X-Force URL: http://www.iss.net/security_center/static/11221.php
Date Reported: 01/28/2003
Brief Description: IlohaMail compose.php script could allow an
attacker to upload files
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Mac OS X Any version, IlohaMail
prior to 0.7.9
Vulnerability: ilohamail-compose-file-upload
X-Force URL: http://www.iss.net/security_center/static/11251.php
Date Reported: 01/31/2003
Brief Description: SILC stores passwords and session information in
plain text
Risk Factor: Medium
Attack Type: Host Based
Platforms: Linux Any version, Windows Any version, Unix Any
version, SILC Client Any version
Vulnerability: silc-plaintext-account-information
X-Force URL: http://www.iss.net/security_center/static/11244.php
Date Reported: 01/31/2003
Brief Description: SpamProbe HTML tag new line denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Linux Any version, SpamProbe 0.8a
Vulnerability: spamprobe-newlines-href-dos
X-Force URL: http://www.iss.net/security_center/static/11247.php
Date Reported: 02/02/2003
Brief Description: BladeEnc myFseek() code execution
Risk Factor: Medium
Attack Type: Network Based
Platforms: BSD Any version, Linux Any version, Windows Any
version, Unix Any version, Gentoo Linux Any
version, BladeEnc 0.94.2 and earlier
Vulnerability: bladeenc-myfseek-code-execution
X-Force URL: http://www.iss.net/security_center/static/11227.php
Date Reported: 02/02/2003
Brief Description: KaZaA automated advertisement download buffer
overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Windows XP Professional, KaZaA 2.0.2
Vulnerability: kazaa-automated-ad-bo
X-Force URL: http://www.iss.net/security_center/static/11228.php
Date Reported: 02/03/2003
Brief Description: PHP-Nuke avatar field could allow an attacker to
execute code
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Windows Any version, Unix Any
version, PHP-Nuke 6.0 and earlier
Vulnerability: phpnuke-avatar-code-execution
X-Force URL: http://www.iss.net/security_center/static/11229.php
Date Reported: 02/03/2003
Brief Description: OpenBSD chpass user database information disclosure
Risk Factor: Medium
Attack Type: Host Based
Platforms: OpenBSD 2.1, OpenBSD 2.2, OpenBSD 2.3, OpenBSD 2.4,
OpenBSD 2.0, OpenBSD 2.5, OpenBSD 2.6, OpenBSD 2.7,
OpenBSD 2.8, OpenBSD 2.9, OpenBSD 3.0, OpenBSD 3.1,
OpenBSD 3.2
Vulnerability: openbsd-chpass-information-disclosure
X-Force URL: http://www.iss.net/security_center/static/11233.php
Date Reported: 02/03/2003
Brief Description: Majordomo which_access variable set to "open" could
disclose email addresses
Risk Factor: Low
Attack Type: Network Based
Platforms: Unix Any version, Majordomo 2 and earlier
Vulnerability: majordomo-whichaccess-email-disclosure
X-Force URL: http://www.iss.net/security_center/static/11243.php
Date Reported: 02/03/2003
Brief Description: Linux kernel O_DIRECT information leak
Risk Factor: Medium
Attack Type: Host Based
Platforms: Red Hat Linux 7.1, Red Hat Linux 7.2, Red Hat Linux
7.3, Red Hat Linux 8.0, Mandrake Linux 9.0, Linux
kernel 2.4.10 to 2.4.18
Vulnerability: linux-odirect-information-leak
X-Force URL: http://www.iss.net/security_center/static/11249.php
Date Reported: 02/03/2003
Brief Description: Internet Explorer dragDrop() method could be used
to read local files
Risk Factor: Medium
Attack Type: Network Based
Platforms: Windows Any version, Microsoft Internet Explorer
5.5, Microsoft Internet Explorer 6.0, Microsoft
Internet Explorer 6.0 SP1
Vulnerability: ie-dragdrop-read-files
X-Force URL: http://www.iss.net/security_center/static/11250.php
Date Reported: 02/03/2003
Brief Description: Red Hat Linux pam_xauth could allow an attacker to
gain privileges
Risk Factor: High
Attack Type: Host Based
Platforms: Red Hat Linux 7.1, Red Hat Linux 7.2, Red Hat Linux
7.3, Red Hat Linux 8.0
Vulnerability: linux-pamxauth-gain-privileges
X-Force URL: http://www.iss.net/security_center/static/11254.php
Date Reported: 02/04/2003
Brief Description: 32bit FTP banner buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Windows Any version, 32bit FTP 9.49.01
Vulnerability: 32bit-ftp-banner-bo
X-Force URL: http://www.iss.net/security_center/static/11234.php
Date Reported: 02/04/2003
Brief Description: ByteCatcher FTP banner buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Windows Any version, ByteCatcher FTP 1.04b
Vulnerability: bytecatcher-ftp-banner-bo
X-Force URL: http://www.iss.net/security_center/static/11235.php
Date Reported: 02/04/2003
Brief Description: Opera cross-domain security zone access
Risk Factor: Medium
Attack Type: Network Based
Platforms: Windows Any version, Opera 7
Vulnerability: opera-cross-domain-access
X-Force URL: http://www.iss.net/security_center/static/11238.php
Date Reported: 02/04/2003
Brief Description: Opera custom debug message could access files
Risk Factor: Medium
Attack Type: Network Based
Platforms: Windows Any version, Opera 7
Vulnerability: opera-debug-file-access
X-Force URL: http://www.iss.net/security_center/static/11239.php
Date Reported: 02/04/2003
Brief Description: Opera directive image cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Windows Any version, Opera 7
Vulnerability: opera-image-file-xss
X-Force URL: http://www.iss.net/security_center/static/11240.php
Date Reported: 02/04/2003
Brief Description: Opera could expose a user's browser history
Risk Factor: Low
Attack Type: Network Based
Platforms: Windows Any version, Opera 7
Vulnerability: opera-history-exposure
X-Force URL: http://www.iss.net/security_center/static/11241.php
Date Reported: 02/04/2003
Brief Description: Opera error methods can be used to view visited
URLs
Risk Factor: Low
Attack Type: Network Based
Platforms: Windows Any version, Opera 7
Vulnerability: opera-error-method-access
X-Force URL: http://www.iss.net/security_center/static/11242.php
Date Reported: 02/04/2003
Brief Description: IBM WebSphere uses weak encryption algorithm to
store passwords in an exported XML file
Risk Factor: Medium
Attack Type: Network Based
Platforms: AIX Any version, HP-UX Any version, Linux Any
version, Unix Any version, Windows NT Any version,
Windows 2000 Any version, IBM WebSphere Advanced
Server Edition 4.0.4
Vulnerability: websphere-xml-weak-encryption
X-Force URL: http://www.iss.net/security_center/static/11245.php
Date Reported: 02/04/2003
Brief Description: TOPo in.php or out.php path disclosure
Risk Factor: Low
Attack Type: Network Based
Platforms: Windows Any version, TOPo 1.43 and earlier
Vulnerability: topo-path-disclosure
X-Force URL: http://www.iss.net/security_center/static/11248.php
Date Reported: 02/04/2003
Brief Description: phpMyNewsletter customize.php unauthorized file
access
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Windows Any version, Unix Any
version, phpMyNewsletter 0.6.11
Vulnerability: phpmynewsletter-customize-file-access
X-Force URL: http://www.iss.net/security_center/static/11261.php
Date Reported: 02/04/2003
Brief Description: Windows 2000 NetBIOS continuation packets denial of
service
Risk Factor: Low
Attack Type: Network Based
Platforms: Windows 2000 Server, Windows 2000 Advanced Server,
Windows 2000 Datacenter Server, Windows 2000
Professional, Windows 2000 Terminal Services
Vulnerability: win2k-netbios-continuation-dos
X-Force URL: http://www.iss.net/security_center/static/11274.php
Date Reported: 02/05/2003
Brief Description: Internet Explorer dialog box zone bypass
Risk Factor: Medium
Attack Type: Network Based
Platforms: Windows Any version, Microsoft Internet Explorer
5.01, Microsoft Internet Explorer 5.5, Microsoft
Internet Explorer 6.0
Vulnerability: ie-dialog-zone-bypass
X-Force URL: http://www.iss.net/security_center/static/11258.php
Date Reported: 02/05/2003
Brief Description: Internet Explorer showHelp() zone bypass
Risk Factor: Medium
Attack Type: Network Based
Platforms: Windows Any version, Microsoft Internet Explorer
5.01, Microsoft Internet Explorer 5.5, Microsoft
Internet Explorer 6.0
Vulnerability: ie-showhelp-zone-bypass
X-Force URL: http://www.iss.net/security_center/static/11259.php
Date Reported: 02/05/2003
Brief Description: Windows XP Windows Redirector buffer overflow
Risk Factor: High
Attack Type: Host Based
Platforms: Windows XP
Vulnerability: winxp-windows-redirector-bo
X-Force URL: http://www.iss.net/security_center/static/11260.php
Date Reported: 02/06/2003
Brief Description: AbsoluteTelnet title bar code buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Windows Any version, AbsoluteTelnet 2.00,
AbsoluteTelnet 2.11
Vulnerability: absolutetelnet-title-bar-bo
X-Force URL: http://www.iss.net/security_center/static/11265.php
Date Reported: 02/06/2003
Brief Description: F-Prot FreeBSD for Small Business command line
buffer overflow
Risk Factor: High
Attack Type: Host Based
Platforms: FreeBSD Any version, F-Prot FreeBSD for Small
Business 3.12b
Vulnerability: fprot-command-line-bo
X-Force URL: http://www.iss.net/security_center/static/11271.php
Date Reported: 02/06/2003
Brief Description: CuteFTP long URL clipboard buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms: Windows Any version, CuteFTP 5.0 XP
Vulnerability: cuteftp-url-clipboard-bo
X-Force URL: http://www.iss.net/security_center/static/11275.php
Date Reported: 02/07/2003
Brief Description: HP-UX /usr/sbin/wall buffer overflow
Risk Factor: High
Attack Type: Host Based
Platforms: HP-UX Any version
Vulnerability: hp-wall-bo
X-Force URL: http://www.iss.net/security_center/static/11272.php
Date Reported: 02/07/2003
Brief Description: Red Hat Linux uml_net utility could allow an
attacker to gain privileges
Risk Factor: High
Attack Type: Host Based
Platforms: Red Hat Linux 8.0
Vulnerability: linux-umlnet-gain-privileges
X-Force URL: http://www.iss.net/security_center/static/11276.php
_____
Risk Factor Key:
High Security issues that allow immediate remote, or local access
or immediate execution of code or commands, with unauthorized
privileges. Examples are most buffer overflows, backdoors,
default or no password, and bypassing security on firewalls
or other network components.
Medium Security issues that have the potential of granting access or
allowing code execution by means of complex or lengthy exploit
procedures, or low risk issues applied to major Internet
components. Examples are cross-site scripting, man-in-the-middle
attacks, SQL injection, denial of service of major applications,
and denial of service resulting in system information disclosure
(such as core files).
Low Security issues that deny service or provide non-system
information that could be used to formulate structured attacks
on a target, but not directly gain unauthorized access. Examples
are brute force attacks, non-system information disclosure
(configurations, paths, etc.), and denial of service attacks.
______
About Internet Security Systems (ISS)
Founded in 1994, Internet Security Systems (ISS) (Nasdaq: ISSX) is a
pioneer and world leader in software and services that protect critical
online resources from an ever-changing spectrum of threats and misuse.
Internet Security Systems is headquartered in Atlanta, GA, with
additional operations throughout the Americas, Asia, Australia, Europe
and the Middle East.
Copyright (c) 2003 Internet Security Systems, Inc. All rights reserved
worldwide.
Permission is hereby granted for the electronic redistribution of this
document. It is not to be edited or altered in any way without the
express written consent of the Internet Security Systems X-Force. If you
wish to reprint the whole or any part of this document in any other
medium excluding electronic media, please email xforce@iss.net for
permission.
Disclaimer: The information within this paper may change without notice. Internet
Security Systems provides this information on an AS IS basis with NO warranties,
implied or otherwise. Any use of this information is at the user’s risk. In no event
shall Internet Security Systems be held liable for any damages whatsoever arising
out of or in connection with the use or dissemination of this information.
X-Force PGP Key available on MIT's PGP key server and PGP.com's key server,
as well as at http://www.iss.net/security_center/sensitive.php
Please send suggestions, updates, and comments to: X-Force
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBPkgq8zRfJiV99eG9AQHREQP+K7PpZZFK/v9MkmD/gGuDqMR9j4jIbEmt
EDOWXxku9Z/yflbZQr+V/q6kta5aqfUBc4tEifqwRXi251qjx6/BkTqKizOAJElv
wPg0/bWUG7UwEyiEN9drEKkCUXR2fpy+hl1oaNUccaevCdTdAgtv2DCArkxP/VzY
E+QAgVB2gTs=
=Gg57
-----END PGP SIGNATURE-----
- Next message: Brass, Phil (ISS Atlanta): "RE: SQL injection - get more values"
- Previous message: Graham, Robert (ISS Atlanta): "RE: Protocol Anomaly Detection IDS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
