ISS Security Alert Summary AS03-20
From: X-Force (xforce_at_iss.net)
Date: 05/19/03
- Previous message: X-Force: "ISS Security Alert Summary AS03-19"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: alert@iss.net Date: Mon, 19 May 2003 14:59:06 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE-----
Internet Security Systems Security Alert Summary AS03-20
May 19, 2003
X-Force Vulnerability and Threat Database:
http://www.iss.net/security_center
To receive these Alert Summaries, as well as other Alerts and
Advisories, subscribe to the Internet Security Systems Alert
mailing list at:
http://www.iss.net/security_center/maillists
This summary is available at the following address:
http://www.iss.net/security_center/alerts/AS03-20.php
_____
Contents:
* 37 Reported Vulnerabilities
* Risk Factor Key
_____
Date Reported: 05/08/2003
Brief Description: miniPortail cookie could allow administrative
access
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, miniPortail 1.9, miniPortail
2.0, miniPortail 2.1, miniPortail 2.2, Unix Any
version, Windows Any version
Vulnerability: miniportail-cookie-admin-access
X-Force URL: http://www.iss.net/security_center/static/11976.php
Date Reported: 05/09/2003
Brief Description: Firebird INTERBASE environment variable buffer
overflow
Risk Factor: High
Attack Type: Host Based
Platforms: BSD Any version, Firebird 1.0.0, Firebird 1.0.2,
Linux Any version
Vulnerability: firebird-interbase-bo
X-Force URL: http://www.iss.net/security_center/static/11977.php
Date Reported: 05/08/2003
Brief Description: LTris buffer overflow
Risk Factor: High
Attack Type: Host Based
Platforms: FreeBSD Ports Collection 2003-02-25 - earlier,
Linux Any version, LTris 1.0.1
Vulnerability: ltris-bo
X-Force URL: http://www.iss.net/security_center/static/11978.php
Date Reported: 05/08/2003
Brief Description: slashem-tty has insecure file permissions
Risk Factor: High
Attack Type: Host Based
Platforms: FreeBSD Ports Collection 2003-02-25 - earlier,
slashem-tty 0.0.6E.4F.8
Vulnerability: slashem-tty-insecure-permissions
X-Force URL: http://www.iss.net/security_center/static/11979.php
Date Reported: 05/12/2003
Brief Description: Apple's AirPort Base Station authentication
credentials disclosure
Risk Factor: Medium
Attack Type: Network Based
Platforms: AirPort Base Station Any version
Vulnerability: airport-auth-credentials-disclosure
X-Force URL: http://www.iss.net/security_center/static/11980.php
Date Reported: 05/12/2003
Brief Description: Snitz Forums 2000 register.asp SQL injection
Risk Factor: Medium
Attack Type: Network Based
Platforms: Snitz Forums 2000 3.3.03, Unix Any version, Windows
Any version
Vulnerability: snitz-register-sql-injection
X-Force URL: http://www.iss.net/security_center/static/11981.php
Date Reported: 05/09/2003
Brief Description: NetBus Server could allow an attacker to bypass
password authentication
Risk Factor: Medium
Attack Type: Network Based
Platforms: NetBus Server 1.x, Windows 95, Windows 98, Windows
NT Any version
Vulnerability: netbus-password-authentication-bypass
X-Force URL: http://www.iss.net/security_center/static/11982.php
Date Reported: 05/09/2003
Brief Description: PowerLink Boa HTTPD server could allow an attacker
to access files
Risk Factor: Medium
Attack Type: Network Based
Platforms: PowerLink 1.7.3.1
Vulnerability: powerlink-boa-file-access
X-Force URL: http://www.iss.net/security_center/static/11983.php
Date Reported: 05/12/2003
Brief Description: PHP-Nuke Web_Links module SQL injection
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, PHP-Nuke 5.x, PHP-Nuke 6.x, Unix
Any version, Windows Any version
Vulnerability: phpnuke-web-sql-injection
X-Force URL: http://www.iss.net/security_center/static/11984.php
Date Reported: 05/12/2003
Brief Description: BEA WebLogic SSL CA-signed certificate spoofing
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Tuxedo 8.0, Tuxedo 8.1, Unix Any
version, WebLogic Enterprise 5.0.1, WebLogic
Enterprise 5.1, WebLogic Express 5.1, WebLogic
Express 6.1, WebLogic Express 7.0, WebLogic Express
7.0.0.1, WebLogic Server 5.1, WebLogic Server 6.1,
WebLogic Server 7.0, WebLogic Server 7.0.0.1,
Windows Any version
Vulnerability: weblogic-ca-certificate-spoofing
X-Force URL: http://www.iss.net/security_center/static/11985.php
Date Reported: 05/13/2003
Brief Description: IP Messenger long file name buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: IP Messenger for Win 2.00 through 2.02, Windows Any
version
Vulnerability: ip-messenger-filename-bo
X-Force URL: http://www.iss.net/security_center/static/11986.php
Date Reported: 05/12/2003
Brief Description: Happymall "dot dot" directory traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms: Happymall 4.3 and 4.4, Linux Any version, Unix Any
version
Vulnerability: happymall-dotdot-directory-traversal
X-Force URL: http://www.iss.net/security_center/static/11987.php
Date Reported: 05/12/2003
Brief Description: Happymall normal_html.cgi cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Happymall 4.3 and 4.4, Linux Any version, Unix Any
version
Vulnerability: happymall-normalhtml-xss
X-Force URL: http://www.iss.net/security_center/static/11988.php
Date Reported: 05/12/2003
Brief Description: BEA WebLogic JDBCConnectionPoolRuntimeMBean
password displayed in plain text
Risk Factor: Medium
Attack Type: Host Based
Platforms: Linux Any version, Unix Any version, WebLogic
Server and Express 7.0, WebLogic Server and Express
7.0.0.1, Windows Any version
Vulnerability: webLogic-jdbc-plaintext-password
X-Force URL: http://www.iss.net/security_center/static/11989.php
Date Reported: 05/12/2003
Brief Description: BEA WebLogic CredentialMapper stores passwords in
plain text
Risk Factor: Medium
Attack Type: Host Based
Platforms: Linux Any version, Unix Any version, WebLogic
Server and Express 7.0, WebLogic Server and Express
7.0.0.1, Windows Any version
Vulnerability: weblogic-credential-plaintext-passwords
X-Force URL: http://www.iss.net/security_center/static/11990.php
Date Reported: 05/12/2003
Brief Description: BEA WebLogic information disclosure
Risk Factor: Medium
Attack Type: Host Based
Platforms: Linux Any version, Unix Any version, WebLogic
Server and Express 7.0, WebLogic Server and Express
7.0.0.1, Windows Any version
Vulnerability: weblogic-information-disclosure
X-Force URL: http://www.iss.net/security_center/static/11991.php
Date Reported: 05/13/2003
Brief Description: IBM AIX sendmail.cf could allow an attacker to
perform mail relaying
Risk Factor: Medium
Attack Type: Network Based
Platforms: AIX Any version
Vulnerability: aix-sendmail-mail-relay
X-Force URL: http://www.iss.net/security_center/static/11993.php
Date Reported: 05/11/2003
Brief Description: PHP-Nuke modules.php cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, PHP-Nuke 6.5 FINAL, Unix Any
version, Windows Any version
Vulnerability: phpnuke-modules-xss
X-Force URL: http://www.iss.net/security_center/static/11994.php
Date Reported: 05/12/2003
Brief Description: Drag And Zip long file name buffer overflow
Risk Factor: Low
Attack Type: Network Based
Platforms: Drag And Zip 3.0, Windows Any version
Vulnerability: dragzip-long-filename-bo
X-Force URL: http://www.iss.net/security_center/static/11996.php
Date Reported: 05/12/2003
Brief Description: Instant Virtual Extranet (IVE) CGI script cross-
site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Instant Virtual Extranet (IVE) 3.01 and earlier,
Linux Any version, Unix Any version, Windows Any
version
Vulnerability: ive-cgi-xss
X-Force URL: http://www.iss.net/security_center/static/11997.php
Date Reported: 05/07/2003
Brief Description: NetEngine 6100-4 TFTP packet denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: NetEngine 6100-4 3.4.8
Vulnerability: netengine6100-tftp-packet-dos
X-Force URL: http://www.iss.net/security_center/static/11998.php
Date Reported: 05/13/2003
Brief Description: 3Com OfficeConnect memory leak
Risk Factor: Medium
Attack Type: Network Based
Platforms: 3Com OfficeConnect 812 ADSL Router 1.1.7, 3Com
OfficeConnect 812 ADSL Router 1.1.9
Vulnerability: 3com-officeconnect-memory-leak
X-Force URL: http://www.iss.net/security_center/static/11999.php
Date Reported: 05/13/2003
Brief Description: IBM AIX print utilities format string attack
Risk Factor: High
Attack Type: Host Based
Platforms: AIX 4.3.3, AIX 5.1, AIX 5.2
Vulnerability: aix-print-format-string
X-Force URL: http://www.iss.net/security_center/static/12000.php
Date Reported: 05/12/2003
Brief Description: Movable Type comment cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Movable Type 2.63 and earlier,
Unix Any version, Windows Any version
Vulnerability: movable-type-comment-xss
X-Force URL: http://www.iss.net/security_center/static/12003.php
Date Reported: 05/09/2003
Brief Description: UnZip "dot dot" directory traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms: FreeBSD Any version, Gentoo Linux Any version,
UnZip 5.50
Vulnerability: unzip-dotdot-directory-traversal
X-Force URL: http://www.iss.net/security_center/static/12004.php
Date Reported: 05/09/2003
Brief Description: YaBB SE SSI.php script could allow an attacker to
include PHP files
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Unix Any version, Windows Any
version, YaBB SE prior to 1.5.2
Vulnerability: yabb-ssi-file-include
X-Force URL: http://www.iss.net/security_center/static/12005.php
Date Reported: 05/14/2003
Brief Description: Cisco 1760 Modular Access Router ACL bypass
Risk Factor: Medium
Attack Type: Network Based
Platforms: Cisco 1760 Modular Access Router Any version
Vulnerability: cisco-acl-bypass
X-Force URL: http://www.iss.net/security_center/static/12006.php
Date Reported: 05/13/2003
Brief Description: cdrtools scsiopen.c file format string attack
Risk Factor: High
Attack Type: Host Based
Platforms: cdrtools 2.0, Gentoo Linux Any version, Mandrake
Linux 8.2, Mandrake Linux 9.0, Mandrake Linux 9.1,
Mandrake Linux Corporate Server 2.1
Vulnerability: cdrtools-scsiopen-format-string
X-Force URL: http://www.iss.net/security_center/static/12007.php
Date Reported: 05/10/2003
Brief Description: BitchX mode change denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: BitchX 1.0 c20cvs - earlier, Linux Any version,
Unix Any version, Windows Any version
Vulnerability: bitchx-mode-change-dos
X-Force URL: http://www.iss.net/security_center/static/12008.php
Date Reported: 05/14/2003
Brief Description: Linux kernel ioperm system call could allow
unauthorized access to I/O ports
Risk Factor: High
Attack Type: Host Based
Platforms: EnGarde Secure Linux Community Edition, EnGarde
Secure Linux Professional Edition, Linux kernel
2.4.20 and earlier, Red Hat Linux 7.1, Red Hat
Linux 7.2, Red Hat Linux 7.3, Red Hat Linux 8.0,
Red Hat Linux 9.0
Vulnerability: linux-ioperm-unauth-access
X-Force URL: http://www.iss.net/security_center/static/12010.php
Date Reported: 05/14/2003
Brief Description: Palm OS ICMP_ECHO packets denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Palm OS Any version
Vulnerability: palmos-icmp-echo-dos
X-Force URL: http://www.iss.net/security_center/static/12011.php
Date Reported: 05/13/2003
Brief Description: Unreal Tournament Server spoofed UDP packet
negative index value denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Linux Any version, Unreal Tournament Server 2003
2199 and 2206, Windows Any version
Vulnerability: ut-negative-udp-dos
X-Force URL: http://www.iss.net/security_center/static/12012.php
Date Reported: 05/15/2003
Brief Description: Red Hat Linux tcpdump fails to drop permissions
Risk Factor: High
Attack Type: Network Based
Platforms: Red Hat Linux 7.1, Red Hat Linux 7.2, Red Hat Linux
7.3, Red Hat Linux 8.0, Red Hat Linux 9.0
Vulnerability: tcpdum-drop-permissions-failure
X-Force URL: http://www.iss.net/security_center/static/12013.php
Date Reported: 05/15/2003
Brief Description: Cisco IOS malformed SAA packet denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms: Cisco IOS 12.0S, Cisco IOS 12.0SC, Cisco IOS
12.0SL, Cisco IOS 12.0SP, Cisco IOS 12.0ST, Cisco
IOS 12.0SX, Cisco IOS 12.1, Cisco IOS 12.1E, Cisco
IOS 12.1EA, Cisco IOS 12.1EC, Cisco IOS 12.1EX,
Cisco IOS 12.1EY, Cisco IOS 12.2, Cisco IOS 12.2DA,
Cisco IOS 12.2S
Vulnerability: cisco-ios-saa-dos
X-Force URL: http://www.iss.net/security_center/static/12014.php
Date Reported: 05/14/2003
Brief Description: vBulletin private.php cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Unix Any version, vBulletin
3.0.0 Beta 2, Windows Any version
Vulnerability: vbulletin-private-xss
X-Force URL: http://www.iss.net/security_center/static/12016.php
Date Reported: 05/16/2003
Brief Description: lv arbitrary program execution
Risk Factor: High
Attack Type: Host Based
Platforms: Debian Linux 2.2, Debian Linux 3.0, lv Any version,
Red Hat Linux 7.1, Red Hat Linux 7.2, Red Hat Linux
7.3, Red Hat Linux 8.0, Red Hat Linux 9.0
Vulnerability: lv-program-execution
X-Force URL: http://www.iss.net/security_center/static/12017.php
Date Reported: 05/15/2003
Brief Description: Debian Linux sendmail creates temporary files
insecurely
Risk Factor: High
Attack Type: Host Based
Platforms: Debian Linux 2.2, Debian Linux 3.0
Vulnerability: sendmail-tmpfile-insecure
X-Force URL: http://www.iss.net/security_center/static/12018.php
_____
Risk Factor Key:
High Security issues that allow immediate remote, or local access
or immediate execution of code or commands, with unauthorized
privileges. Examples are most buffer overflows, backdoors,
default or no password, and bypassing security on firewalls
or other network components.
Medium Security issues that have the potential of granting access or
allowing code execution by means of complex or lengthy exploit
procedures, or low risk issues applied to major Internet
components. Examples are cross-site scripting, man-in-the-middle
attacks, SQL injection, denial of service of major applications,
and denial of service resulting in system information disclosure
(such as core files).
Low Security issues that deny service or provide non-system
information that could be used to formulate structured attacks
on a target, but not directly gain unauthorized access. Examples
are brute force attacks, non-system information disclosure
(configurations, paths, etc.), and denial of service attacks.
______
About Internet Security Systems (ISS)
Founded in 1994, Internet Security Systems (ISS) (Nasdaq: ISSX) is a
pioneer and world leader in software and services that protect critical
online resources from an ever-changing spectrum of threats and misuse.
Internet Security Systems is headquartered in Atlanta, GA, with
additional operations throughout the Americas, Asia, Australia, Europe
and the Middle East.
Copyright (c) 2003 Internet Security Systems, Inc. All rights reserved
worldwide.
Permission is hereby granted for the electronic redistribution of this
document. It is not to be edited or altered in any way without the
express written consent of the Internet Security Systems X-Force. If you
wish to reprint the whole or any part of this document in any other
medium excluding electronic media, please email xforce@iss.net for
permission.
Disclaimer: The information within this paper may change without notice. Internet
Security Systems provides this information on an AS IS basis with NO warranties,
implied or otherwise. Any use of this information is at the user’s risk. In no event
shall Internet Security Systems be held liable for any damages whatsoever arising
out of or in connection with the use or dissemination of this information.
X-Force PGP Key available on MIT's PGP key server and PGP.com's key server,
as well as at http://www.iss.net/security_center/sensitive.php
Please send suggestions, updates, and comments to: X-Force
xforce@iss.net of Internet Security Systems, Inc.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBPskpWzRfJiV99eG9AQGd4wQAgc0MihGUU/dYC4GS2012EbxT87f3xQuI
kqFmZGqiZGBYvhz1b0Sam1qpVpJgSRFvTKJhIUCn5eJnFVZwOCgb+RbstFBfN7J/
Ddym+kLiWtTxCeF2O/T0J4ttnn7cj9wpSHxLoxjcmTvZsEDoN24gtTI88nCpOswG
dxiXOmdcnh0=
=LsDI
-----END PGP SIGNATURE-----
- Previous message: X-Force: "ISS Security Alert Summary AS03-19"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
