ISS Security Alert Summary AS03-30

From: X-Force (xforce_at_iss.net)
Date: 07/28/03

  • Next message: X-Force: "ISS X-Force Utility: MS03-026 RPC DCOM Assessment Tool"
    To: alert@iss.net
    Date: Mon, 28 Jul 2003 15:50:22 -0400 (EDT)
    
    

    -----BEGIN PGP SIGNED MESSAGE-----

    Internet Security Systems Security Alert Summary AS03-30
    July 28, 2003

    X-Force Vulnerability and Threat Database:
    http://xforce.iss.net/

    To receive these Alert Summaries, as well as other Alerts and
    Advisories, subscribe to the Internet Security Systems Alert
    mailing list at:
    https://atla-mm1.iss.net/mailman/listinfo/alert

    This summary is available at the following address:
    http://xforce.iss.net/xforce/alerts/id/AS03-30
    _____
    Contents:
    * 58 Reported Vulnerabilities
    * Risk Factor Key
    _____

    Date Reported: 07/17/2003
    Brief Description: WatchGuard ServerLock \Device\PhysicalMemory
                        symlink attack
    Risk Factor: Medium
    Attack Type: Host Based
    Platforms: ServerLock prior to 2.0.4, Windows 2000 Any version
    Vulnerability: serverlock-physicalmemory-symlink
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12666

    Date Reported: 07/20/2003
    Brief Description: SurfControl E-mail Filter for SMTP rules engine 16
                        or more .zip files filter bypass
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: SurfControl E-mail Filter for SMTP 4.6, Windows
                        2000 Advanced Server SP3, Windows 2000 Server SP3,
                        Windows 2003 Server
    Vulnerability: surfcontrol-rulesengine-bypass-filter
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12667

    Date Reported: 07/20/2003
    Brief Description: NetTerm FTP server denial of service
    Risk Factor: Low
    Attack Type: Network Based
    Platforms: NetTerm 4.2.8 and earlier, Windows Any version
    Vulnerability: netterm-ftp-dos
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12668

    Date Reported: 07/20/2003
    Brief Description: CGI.pm start_form or start_multipart_form function
                        cross-site scripting
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: CGI.pm prior to 2.94, Linux Any version, Unix Any
                        version, Windows Any version
    Vulnerability: cgi-startform-xss
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12669

    Date Reported: 07/20/2003
    Brief Description: Comfortable FTP HOME environment variable buffer
                        overflow
    Risk Factor: Low
    Attack Type: Network Based
    Platforms: cftp 0.12 and earlier, Linux Any version, Unix Any
                        version
    Vulnerability: cftp-home-bo
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12670

    Date Reported: 07/21/2003
    Brief Description: Drupal cross-site scripting
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Drupal 4.2.0 RC, Linux Any version, Unix Any
                        version, Windows Any version
    Vulnerability: drupal-xss
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12671

    Date Reported: 07/21/2003
    Brief Description: AtomicBoard error message path disclosure
    Risk Factor: Low
    Attack Type: Network Based
    Platforms: AtomicBoard 0.6.2, Linux Any version, Unix Any
                        version, Windows Any version
    Vulnerability: atomicboard-error-path-disclosure
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12672

    Date Reported: 07/21/2003
    Brief Description: AtomicBoard "dot dot" directory traversal
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: AtomicBoard 0.6.2, Linux Any version, Unix Any
                        version, Windows Any version
    Vulnerability: atomicboard-dotdot-directory-traversal
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12673

    Date Reported: 07/20/2003
    Brief Description: Microsoft Windows RPC DCOM denial of service
    Risk Factor: High
    Attack Type: Network Based
    Platforms: Windows 2000 Any version
    Vulnerability: win-rpc-dcom-dos
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12679

    Date Reported: 07/21/2003
    Brief Description: Sun Solaris IPv6 packet denial of service
    Risk Factor: Medium
    Attack Type: Host Based / Network Based
    Platforms: Solaris 8
    Vulnerability: solaris-ipv6-packet-dos
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12680

    Date Reported: 07/22/2003
    Brief Description: Apache HTTP Server mod_proxy could allow mail
                        relaying
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Apache HTTP Server 1.3.27, Linux Any version, Unix
                        Any version, Windows Any version
    Vulnerability: apache-modproxy-mail-relay
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12681

    Date Reported: 07/21/2003
    Brief Description: Merge /usr/lib/merge/display could allow an
                        attacker to gain root access
    Risk Factor: High
    Attack Type: Host Based
    Platforms: Caldera OpenServer 5.0.6, Caldera OpenServer 5.0.7,
                        Caldera UnixWare 7.1.2, Caldera UnixWare 7.1.3,
                        Merge prior to 5.3.23a
    Vulnerability: merge-display-gain-access
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12682

    Date Reported: 07/22/2003
    Brief Description: ashnews ashnews.php and ashheadlines.php script PHP
                        file include
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: ashnews 0.83, Linux Any version, Unix Any version,
                        Windows Any version
    Vulnerability: ashnews-multiple-file-include
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12683

    Date Reported: 07/21/2003
    Brief Description: Microsoft Exchange Server OWA Outlook 2003 denial
                        of service
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Microsoft Exchange 5.5, Windows 2000 Any version,
                        Windows 2003 Server, Windows NT Any version,
                        Windows XP Any version
    Vulnerability: exchange-owa-outlook-dos
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12684

    Date Reported: 07/23/2003
    Brief Description: FDClone /tmp directory allows attacker to gain
                        access to files
    Risk Factor: High
    Attack Type: Host Based
    Platforms: Debian Linux 3.0, FDClone 2.x, Linux Any version,
                        Unix Any version
    Vulnerability: fdclone-tmpdirectory-gain-access
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12685

    Date Reported: 07/22/2003
    Brief Description: Microsoft IIS Remote Administration Tool could
                        allow an attacker to obtain valid session IDs
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Microsoft IIS 6.0, Windows 2003 Server
    Vulnerability: iis-admin-session-id
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12686

    Date Reported: 07/22/2003
    Brief Description: IIS Remote Administration Tool allows attacker to
                        reset administrative password
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Microsoft IIS 6.0, Windows 2003 Server
    Vulnerability: iis-admin-password-reset
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12687

    Date Reported: 07/18/2003
    Brief Description: Sun Solaris plaintext proxy password
    Risk Factor: High
    Attack Type: Host Based
    Platforms: Solaris 8
    Vulnerability: solaris-plaintext-proxy-password
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12688

    Date Reported: 07/22/2003
    Brief Description: Microsoft Windows XP stores ODBC passwords and
                        usernames in plain text
    Risk Factor: Medium
    Attack Type: Host Based
    Platforms: Windows XP Any version
    Vulnerability: winxp-odbc-password-plaintext
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12689

    Date Reported: 07/22/2003
    Brief Description: QuickTime and Darwin Streaming Server DOS device
                        reference could cause denial of service
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Darwin Streaming Server prior to 4.1.3f, QuickTime
                        Streaming Server prior to 4.1.3f, Windows Any
                        version
    Vulnerability: quicktime-darwin-device-dos
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12690

    Date Reported: 07/22/2003
    Brief Description: QuickTime and Darwin Streaming Server "dot dot" DOS
                        device denial of service
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Darwin Streaming Server 4.1.3f and earlier,
                        QuickTime Streaming Server 4.1.3f and earlier,
                        Windows Any version
    Vulnerability: quicktime-darwin-dotdot-dos
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12691

    Date Reported: 07/22/2003
    Brief Description: QuickTime and Darwin Streaming Server parse_xml.cgi
                        source disclosure
    Risk Factor: Low
    Attack Type: Network Based
    Platforms: Linux Any version, Mac OS X Any version, QuickTime
                        Streaming Server 4.1.3g and earlier, Windows Any
                        version
    Vulnerability: quicktime-darwin-source-disclosure
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12692

    Date Reported: 07/22/2003
    Brief Description: QuickTime and Darwin Streaming Server
                        view_broadcast.cgi script denial of service
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Darwin Streaming Server 4.1.3e and earlier,
                        QuickTime Streaming Server 4.1.3e and earlier,
                        Windows Any version
    Vulnerability: quicktime-darwin-viewbroadcast-dos
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12693

    Date Reported: 07/22/2003
    Brief Description: QuickTime and Darwin Streaming Server hexadecimal
                        URL encoded source code disclosure
    Risk Factor: Low
    Attack Type: Network Based
    Platforms: Darwin Streaming Server 4.1.3e and earlier,
                        QuickTime Streaming Server 4.1.3e and earlier,
                        Windows Any version
    Vulnerability: quicktime-hexadecimal-source-disclosure
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12694

    Date Reported: 07/22/2003
    Brief Description: QuickTime and Darwin Streaming Server "dot dot dot"
                        directory traversal
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Darwin Streaming Server prior to 4.1.3f, QuickTime
                        Streaming Server prior to 4.1.3f, Windows Any
                        version
    Vulnerability: quicktime-darwin-directory-traversal
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12695

    Date Reported: 07/22/2003
    Brief Description: QuickTime and Darwin Streaming Server could allow
                        an attacker to set administrative password
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Darwin Streaming Server 4.1.3e and earlier, Mac OS
                        X Any version, QuickTime Streaming Server 4.1.3e
                        and earlier
    Vulnerability: quicktime-darwin-set-password
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12696

    Date Reported: 07/23/2003
    Brief Description: XAVi HTTP GET request buffer overflow
    Risk Factor: Low
    Attack Type: Network Based
    Platforms: XAVi X7028r Wireless ASDL Router Any version
    Vulnerability: xavi-get-bo
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12697

    Date Reported: 07/23/2003
    Brief Description: Opera M2 email client bypass external embeds
                        feature
    Risk Factor: Low
    Attack Type: Network Based
    Platforms: Linux Any version, M2 Any version, Opera 7.20 Beta
                        1 build 2981, Unix Any version, Windows Any version
    Vulnerability: operam2-bypass-external-embeds
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12698

    Date Reported: 07/19/2003
    Brief Description: GnuPG installed setgid could allow attacker to
                        overwrite files
    Risk Factor: Medium
    Attack Type: Host Based
    Platforms: Gentoo Linux Any version, GnuPG (GNU Privacy Guard)
                        1.2.2-r1
    Vulnerability: gnupg-setgid-overwrite-files
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12699

    Date Reported: 07/23/2003
    Brief Description: Microsoft SQL Server named pipe denial of service
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Microsoft Desktop Engine 1.0, Microsoft Desktop
                        Engine 2000, Microsoft SQL Server 2000, Microsoft
                        SQL Server 7.0, Microsoft SQL Server Desktop Engine
                        2000, Windows 2000 Any version, Windows NT Any
                        version, Windows XP Any version
    Vulnerability: mssql-named-pipe-dos
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12700

    Date Reported: 07/23/2003
    Brief Description: Microsoft Windows NT 4.0 Server file management
                        function denial of service
    Risk Factor: Medium
    Attack Type: Host Based / Network Based
    Platforms: Windows NT 4.0 Server, Windows NT 4.0 TSE
    Vulnerability: winnt-file-management-dos
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12701

    Date Reported: 07/23/2003
    Brief Description: Microsoft DirectX MIDI buffer overflows
    Risk Factor: High
    Attack Type: Network Based
    Platforms: Microsoft DirectX 5.2, Microsoft DirectX 6.1,
                        Microsoft DirectX 7.0, Microsoft DirectX 7.0a,
                        Microsoft DirectX 8.1, Microsoft DirectX 9.0a,
                        Windows Any version
    Vulnerability: ms-directx-midi-bo
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12702

    Date Reported: 07/23/2003
    Brief Description: Microsoft SQL Server LPC buffer overflow
    Risk Factor: High
    Attack Type: Host Based
    Platforms: Microsoft Desktop Engine 1.0, Microsoft Desktop
                        Engine 2000, Microsoft SQL Server 2000, Microsoft
                        SQL Server 7.0, Microsoft SQL Server Desktop Engine
                        2000, Windows 2000 Any version, Windows NT Any
                        version, Windows XP Any version
    Vulnerability: mssql-lpc-bo
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12703

    Date Reported: 07/24/2003
    Brief Description: gopherd do_command buffer overflow
    Risk Factor: High
    Attack Type: Network Based
    Platforms: gopherd 3.0.5 and earlier, Linux Any version, Unix
                        Any version
    Vulnerability: gopherd-docommand-bo
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12705

    Date Reported: 07/23/2003
    Brief Description: Novell NetWare Enterprise Web Server PERL handler
                        buffer overflow
    Risk Factor: High
    Attack Type: Network Based
    Platforms: Novell NetWare 5.1, Novell NetWare 6, Novell
                        NetWare Enterprise Web Server Any version
    Vulnerability: netware-enterprise-perl-bo
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12706

    Date Reported: 07/23/2003
    Brief Description: VMware GSX Server and VMware Workstation
                        environment variable code execution
    Risk Factor: High
    Attack Type: Network Based
    Platforms: Linux Any version, VMware GSX Server 2.5.1 build
                        4968 and prior, VMware Workstation 4.0 and prior
    Vulnerability: vmware-environment-code-execution
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12707

    Date Reported: 07/21/2003
    Brief Description: Linux kernel /proc/tty/driver/serial could allow
                        attacker to obtain information
    Risk Factor: Medium
    Attack Type: Host Based
    Platforms: Linux kernel prior to 2.4.21, Red Hat Linux 7.1,
                        Red Hat Linux 7.2, Red Hat Linux 7.3, Red Hat Linux
                        8.0, Red Hat Linux 9
    Vulnerability: linux-serial-obtain-information
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12708

    Date Reported: 07/21/2003
    Brief Description: Linux kernel execve function race condition
    Risk Factor: Medium
    Attack Type: Host Based
    Platforms: EnGarde Secure Linux Community Edition, EnGarde
                        Secure Linux Professional Edition, Linux kernel
                        prior to 2.4.21, Mandrake Linux 9.1, Red Hat Linux
                        7.1, Red Hat Linux 7.2, Red Hat Linux 7.3, Red Hat
                        Linux 8.0, Red Hat Linux 9
    Vulnerability: linux-execve-race-condition
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12709

    Date Reported: 07/21/2003
    Brief Description: Linux kernel reuse flag enabled could allow
                        unauthorized access to services
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Linux kernel prior to 2.4.21, Red Hat Linux 7.1,
                        Red Hat Linux 7.2, Red Hat Linux 7.3, Red Hat Linux
                        8.0, Red Hat Linux 9
    Vulnerability: linux-reuse-gain-access
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12710

    Date Reported: 07/21/2003
    Brief Description: Linux kernel STP could allow an attacker to modify
                        bridge topology
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Linux kernel prior to 2.4.21, Red Hat Linux 7.1,
                        Red Hat Linux 7.2, Red Hat Linux 7.3, Red Hat Linux
                        8.0, Red Hat Linux 9
    Vulnerability: linux-stp-modify-topology
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12711

    Date Reported: 07/21/2003
    Brief Description: Linux kernel could allow an attacker to spoof the
                        IP Forwarding Table
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Linux kernel prior to 2.4.21, Red Hat Linux 7.1,
                        Red Hat Linux 7.2, Red Hat Linux 7.3, Red Hat Linux
                        8.0, Red Hat Linux 9
    Vulnerability: linux-forwarding-table-spoof
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12713

    Date Reported: 07/16/2003
    Brief Description: PHP include and require functions safemode bypass
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Linux Any version, PHP 4.3 to 4.3.2, Unix Any
                        version, Windows Any version
    Vulnerability: php-multiple-safemode-bypass
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12714

    Date Reported: 07/23/2003
    Brief Description: Gästebuch guestbookdat database file information
                        disclosure
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Gästebuch 1.60 Beta, Linux Any version, Unix Any
                        version, Windows Any version
    Vulnerability: gästebuch-guestbookdat-obtain-information
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12715

    Date Reported: 07/24/2003
    Brief Description: Gästebuch pwd file password disclosure
    Risk Factor: Low
    Attack Type: Network Based
    Platforms: Gästebuch 1.60 Beta, Linux Any version, Unix Any
                        version, Windows Any version
    Vulnerability: gästebuch-pwd-password-disclosure
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12716

    Date Reported: 07/24/2003
    Brief Description: paFileDB file.php upload command execution
    Risk Factor: High
    Attack Type: Network Based
    Platforms: Linux Any version, paFileDB 3.1 and earlier, Unix
                        Any version, Windows Any version
    Vulnerability: pafiledb-upload-command-execution
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12717

    Date Reported: 07/23/2003
    Brief Description: Oracle FNDWRR buffer overflow
    Risk Factor: High
    Attack Type: Network Based
    Platforms: Linux Any version, Oracle E-Business Suite 11i
                        Releases 5.1-5.8, Unix Any version, Windows Any
                        version
    Vulnerability: oracle-fndwrr-bo
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12718

    Date Reported: 07/23/2003
    Brief Description: Oracle AOL/J Setup Test allows attacker to obtain
                        information
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Linux Any version, Oracle E-Business Suite 11i
                        Releases 5.1-5.8, Unix Any version, Windows Any
                        version
    Vulnerability: oracle-aolj-obtain-information
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12719

    Date Reported: 07/24/2003
    Brief Description: MIT Kerberos has an incorrect ETYPE-INFO2
                        implementation
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Linux Any version, MIT Kerberos 5 5-1.3, Unix Any
                        version
    Vulnerability: kerberos-incorrect-etype-info2
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12720

    Date Reported: 07/23/2003
    Brief Description: Oracle Database Server EXTPROC executable buffer
                        overflow
    Risk Factor: High
    Attack Type: Network Based
    Platforms: Linux Any version, Oracle8i Database Server 8.1.x,
                        Oracle9i Database Server Release 1 Any version,
                        Oracle9i Database Server Release 2 Any version,
                        Unix Any version, Windows Any version
    Vulnerability: oracle-extrproc-bo
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12721

    Date Reported: 07/24/2003
    Brief Description: HP Color LaserJet 4550 administration interface
                        cross-site scripting
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: HP Color LaserJet 4550 Any version
    Vulnerability: hp-laserjet-admin-xss
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12722

    Date Reported: 07/24/2003
    Brief Description: HP Color LaserJet 4550 allows an attacker to gain
                        access to Web administration interface
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: HP Color LaserJet 4550 Any version
    Vulnerability: hp-laserjet-gain-access
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12723

    Date Reported: 07/23/2003
    Brief Description: Microsoft Windows Media Player ASF file could allow
                        code execution
    Risk Factor: High
    Attack Type: Network Based
    Platforms: Windows Any version, Windows Media Player 8 and
                        earlier
    Vulnerability: mediaplayer-asf-code-execution
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12724

    Date Reported: 07/25/2003
    Brief Description: PBLang message cross-site scripting
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Linux Any version, PBLang 4.0 and earlier, Unix Any
                        version, Windows Any version
    Vulnerability: pblang-message-xss
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12726

    Date Reported: 07/23/2003
    Brief Description: Mac OS X Workgroup Manager could allow an attacker
                        to gain access to an account
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Mac OS X 10.2 and later
    Vulnerability: macos-workgroup-gain-access
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12728

    Date Reported: 07/22/2003
    Brief Description: guanxiCRM PHP file include
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: guanxiCRM 0.9.1, Linux Any version, Unix Any
                        version, Windows Any version
    Vulnerability: guanxicrm-php-file-include
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12730

    Date Reported: 07/17/2003
    Brief Description: Message Foundry name field cross-site scripting
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Message Foundry 2.75.0003, Windows Any version
    Vulnerability: messagefoundry-name-xss
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12731

    Date Reported: 07/17/2003
    Brief Description: Message Foundry MF.ini file stores administrative
                        password in plain text
    Risk Factor: Medium
    Attack Type: Host Based
    Platforms: Message Foundry 2.75.0003, Windows Any version
    Vulnerability: messagefoundry-mf-plaintext-password
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12733

    Date Reported: 07/17/2003
    Brief Description: Message Foundry Edit Profile section allows
                        password to be changed
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Message Foundry 2.75.0003, Windows Any version
    Vulnerability: messagefoundry-editprofile-change-password
    X-Force URL: http://xforce.iss.net/xforce/xfdb/12734

    _____

    Risk Factor Key:

         High Security issues that allow immediate remote, or local access
                  or immediate execution of code or commands, with unauthorized
                  privileges. Examples are most buffer overflows, backdoors,
                  default or no password, and bypassing security on firewalls
                  or other network components.
         Medium Security issues that have the potential of granting access or
                  allowing code execution by means of complex or lengthy exploit
                  procedures, or low risk issues applied to major Internet
                  components. Examples are cross-site scripting, man-in-the-middle
                  attacks, SQL injection, denial of service of major applications,
                  and denial of service resulting in system information disclosure
                  (such as core files).
         Low Security issues that deny service or provide non-system
                  information that could be used to formulate structured attacks
                  on a target, but not directly gain unauthorized access. Examples
                  are brute force attacks, non-system information disclosure
                  (configurations, paths, etc.), and denial of service attacks.

    ______

    About Internet Security Systems (ISS)
    Founded in 1994, Internet Security Systems (ISS) (Nasdaq: ISSX) is a
    pioneer and world leader in software and services that protect critical
    online resources from an ever-changing spectrum of threats and misuse.
    Internet Security Systems is headquartered in Atlanta, GA, with
    additional operations throughout the Americas, Asia, Australia, Europe
    and the Middle East.

    Copyright (c) 2003 Internet Security Systems, Inc. All rights reserved
    worldwide.

    Permission is hereby granted for the electronic redistribution of this
    document. It is not to be edited or altered in any way without the
    express written consent of the Internet Security Systems X-Force. If you
    wish to reprint the whole or any part of this document in any other
    medium excluding electronic media, please email xforce@iss.net for
    permission.

    Disclaimer: The information within this paper may change without notice. Internet
    Security Systems provides this information on an AS IS basis with NO warranties,
    implied or otherwise. Any use of this information is at the user.s risk. In no event
    shall Internet Security Systems be held liable for any damages whatsoever arising
    out of or in connection with the use or dissemination of this information.

    X-Force PGP Key available on MIT's PGP key server and PGP.com's key server,
    as well as at http://xforce.iss.net/xforce/sensitive.php

    Please send suggestions, updates, and comments to: X-Force
    xforce@iss.net of Internet Security Systems, Inc.

    -----BEGIN PGP SIGNATURE-----
    Version: 2.6.2

    iQCVAwUBPyV+XzRfJiV99eG9AQEVFwP9GUBEF6U1s2hu+itenF/3Tqqkiy2xBH2e
    LMBmJPSJ0WwqKPUvfVp1uWVL3EVPXeZQHb3IXfLl8RnHyM2LPVtCljnAp/kVgmHM
    tNoVgPCR9qWcydN7F2mKNhgvJC0m2ne/YNeQVoHvjw3kkIIkzvOvGc17jpJ0E8X0
    WKsEz0YHHqk=
    =e87l
    -----END PGP SIGNATURE-----


  • Next message: X-Force: "ISS X-Force Utility: MS03-026 RPC DCOM Assessment Tool"