ISS Security Alert Summary AS03-34
From: X-Force (xforce_at_iss.net)
Date: 08/25/03
- Previous message: X-Force: "ISS Security Brief: UPDATED Sobig.F Mass-Email Worm - Trojan Horse Functionality"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: alert@iss.net Date: Mon, 25 Aug 2003 15:18:57 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE-----
Internet Security Systems Security Alert Summary AS03-34
August 25, 2003
Latest Gigabit and 100Mbps IDS Test Results Available. The NSS Group, one of the world’s foremost independent security testing facilities, has released its study of the latest Gigabit and 100Mbps intrusion detection solutions. Read how ISS’ RealSecure and Proventia solutions came out on top. http://www.iss.net/mktg/NSSGroupResults/
X-Force Vulnerability and Threat Database:
http://xforce.iss.net/
To receive these Alert Summaries, as well as other Alerts and
Advisories, subscribe to the Internet Security Systems Alert
mailing list at:
https://atla-mm1.iss.net/mailman/listinfo/alert
This summary is available at the following address:
http://xforce.iss.net/xforce/alerts/id/AS03-34
_____
Contents:
* 51 Reported Vulnerabilities
* Risk Factor Key
_____
Date Reported: 08/18/2003
Brief Description: Sun ONE Web Server denial of service
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms: Sun ONE Web Server 6.0 SP3 through SP5, Windows Any
version
Vulnerability: sunone-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/12926
Date Reported: 08/18/2003
Brief Description: Dropbear login using format specifier causes format
string
Risk Factor: High
Attack Type: Network Based
Platforms: Dropbear SSH Server 0.34 and earlier, Linux Any
version
Vulnerability: dropbear-login-format-string
X-Force URL: http://xforce.iss.net/xforce/xfdb/12927
Date Reported: 08/18/2003
Brief Description: Ecartis multiple buffer overflows
Risk Factor: High
Attack Type: Network Based
Platforms: Ecartis 1.0.0, Linux Any version, Unix Any version
Vulnerability: ecartis-multiple-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/12928
Date Reported: 08/18/2003
Brief Description: Ecartis subscribe command password disclosure
Risk Factor: Medium
Attack Type: Network Based
Platforms: Ecartis 1.0.0, Linux Any version, Unix Any version
Vulnerability: ecartis-subscribe-password-disclosure
X-Force URL: http://xforce.iss.net/xforce/xfdb/12929
Date Reported: 08/18/2003
Brief Description: eMule, xMule, and Lmule OP-SERVERMESSAGE function
format string attack
Risk Factor: High
Attack Type: Network Based
Platforms: eMule 0.29a and earlier, Linux Any version, Lmule
1.3.1 and earlier, Unix Any version, Windows Any
version, xMule 1.4.3 and earlier, xMule 1.5.4 and
earlier
Vulnerability: emule-opservermessage-format-string
X-Force URL: http://xforce.iss.net/xforce/xfdb/12930
Date Reported: 08/18/2003
Brief Description: OpenSLP slpd initscript symlink
Risk Factor: Medium
Attack Type: Host Based
Platforms: Conectiva Linux 9.0, OpenSLP 1.0.11
Vulnerability: openslp-slpd-symlink
X-Force URL: http://xforce.iss.net/xforce/xfdb/12931
Date Reported: 08/18/2003
Brief Description: eMule, xMule, and Lmule OP_SERVERIDENT messages
heap overflow
Risk Factor: High
Attack Type: Network Based
Platforms: eMule 0.29a and earlier, Linux Any version, Lmule
1.3.1 and earlier, Unix Any version, Windows Any
version, xMule 1.4.3 and earlier, xMule 1.5.4 and
earlier
Vulnerability: emule-opserverident-heap-overflow
X-Force URL: http://xforce.iss.net/xforce/xfdb/12934
Date Reported: 08/18/2003
Brief Description: eMule, xMule, and Lmule server name format string
attack
Risk Factor: Low
Attack Type: Network Based
Platforms: eMule 0.29c and earlier, Lmule 1.3.1 and earlier,
xMule 1.4.2 and earlier, xMule 1.5.5 and earlier
Vulnerability: emule-servername-format-string
X-Force URL: http://xforce.iss.net/xforce/xfdb/12935
Date Reported: 08/15/2003
Brief Description: MatrikzGB index.php could allow an attacker to gain
administrative privileges
Risk Factor: High
Attack Type: Network Based
Platforms: Linux Any version, MatrikzGB 2.0 and earlier, Unix
Any version, Windows Any version
Vulnerability: matrikzgb-index-admin-privileges
X-Force URL: http://xforce.iss.net/xforce/xfdb/12936
Date Reported: 08/15/2003
Brief Description: AntiGen for Exchange files called 'test' could
bypass filter
Risk Factor: Medium
Attack Type: Network Based
Platforms: AntiGen for Exchange Any version, Windows Any
version
Vulnerability: antigen-test-filter-bypass
X-Force URL: http://xforce.iss.net/xforce/xfdb/12937
Date Reported: 08/18/2003
Brief Description: eMule, xMule, and Lmule special sequence of packets
to execute code
Risk Factor: High
Attack Type: Network Based
Platforms: eMule 0.29c and earlier, Linux Any version, Lmule
1.3.1 and earlier, Unix Any version, Windows Any
version, xMule 1.4.2 and earlier, xMule 1.5.6a and
earlier
Vulnerability: emule-packetssequence-execute-code
X-Force URL: http://xforce.iss.net/xforce/xfdb/12938
Date Reported: 08/13/2003
Brief Description: Vonage VOIP could allow an attacker to spoof the
caller ID
Risk Factor: Medium
Attack Type: Network Based
Platforms: Vonage's Voice over IP network Any version
Vulnerability: vonage-voip-callerid-spoof
X-Force URL: http://xforce.iss.net/xforce/xfdb/12939
Date Reported: 08/17/2003
Brief Description: Unix /dev/random device entropy pool keystroke
timing
Risk Factor: Medium
Attack Type: Host Based
Platforms: Unix Any version
Vulnerability: unix-devrandom-keystroke-timing
X-Force URL: http://xforce.iss.net/xforce/xfdb/12940
Date Reported: 08/18/2003
Brief Description: AttilaPHP index.php3 script cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: AttilaPHP 3.0 and earlier, Linux Any version, Unix
Any version, Windows Any version
Vulnerability: attilaphp-index-xss
X-Force URL: http://xforce.iss.net/xforce/xfdb/12941
Date Reported: 08/18/2003
Brief Description: Sun Solaris cachefs patches could overwrite the
inetd.conf(4) file
Risk Factor: Medium
Attack Type: Host Based
Platforms: Solaris 2.6, Solaris 7
Vulnerability: solaris-cachefs-inetdconf-overwrite
X-Force URL: http://xforce.iss.net/xforce/xfdb/12942
Date Reported: 08/18/2003
Brief Description: AttilaPHP print.php3 and index.php3 scripts path
disclosure
Risk Factor: Low
Attack Type: Network Based
Platforms: AttilaPHP 3.0 and earlier, Linux Any version, Unix
Any version, Windows Any version
Vulnerability: attilaphp-multiple-path-disclosure
X-Force URL: http://xforce.iss.net/xforce/xfdb/12943
Date Reported: 08/14/2003
Brief Description: Best Buy's Employee Toolkit could allow command
execution
Risk Factor: High
Attack Type: Host Based
Platforms: Best Buy's Employee Toolkit Any version, Linux Any
version, Unix Any version, Windows Any version
Vulnerability: best-buy-command-execution
X-Force URL: http://xforce.iss.net/xforce/xfdb/12945
Date Reported: 08/14/2003
Brief Description: Best Buy's Employee Toolkit stores 'net use'
password in plain text
Risk Factor: Medium
Attack Type: Host Based
Platforms: Best Buy's Employee Toolkit Any version, Linux Any
version, Unix Any version, Windows Any version
Vulnerability: best-buy-password-plaintext
X-Force URL: http://xforce.iss.net/xforce/xfdb/12946
Date Reported: 08/13/2003
Brief Description: Horde Application Framework could disclose session
ID
Risk Factor: Medium
Attack Type: Network Based
Platforms: Horde Application Framework prior to 2.2.4, Linux
Any version, Unix Any version, Windows Any version
Vulnerability: horde-application-sessionid-disclosure
X-Force URL: http://xforce.iss.net/xforce/xfdb/12947
Date Reported: 08/19/2003
Brief Description: oMail-webmail checklogin function code execution
Risk Factor: High
Attack Type: Network Based
Platforms: Linux Any version, oMail-webmail 0.98.4 and
earlier, Unix Any version
Vulnerability: omailwebmail-checklogin-code-execution
X-Force URL: http://xforce.iss.net/xforce/xfdb/12948
Date Reported: 08/18/2003
Brief Description: Oracle9i Database Server XML database buffer
overflow
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Oracle9i Database Server Release
2, Unix Any version, Windows Any version
Vulnerability: oracle-xml-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/12949
Date Reported: 08/20/2003
Brief Description: DWebPro http.ini file plaintext password
Risk Factor: Medium
Attack Type: Host Based
Platforms: DWebPro 3.4.1, Windows Any version
Vulnerability: dwebpro-http-plaintext-password
X-Force URL: http://xforce.iss.net/xforce/xfdb/12950
Date Reported: 08/18/2003
Brief Description: CheckMail registry key stores passwords in
plaintext
Risk Factor: Medium
Attack Type: Host Based
Platforms: CheckMail 1.2, Windows Any version
Vulnerability: checkmail-registrykey-plaintext-password
X-Force URL: http://xforce.iss.net/xforce/xfdb/12951
Date Reported: 08/20/2003
Brief Description: Starfish Family Mail accounts.db file plaintext
password
Risk Factor: Medium
Attack Type: Host Based
Platforms: Starfish Family Mail 1.2d, Windows Any version
Vulnerability: starfish-accountsdb-plaintext-password
X-Force URL: http://xforce.iss.net/xforce/xfdb/12953
Date Reported: 08/20/2003
Brief Description: Piolet denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Piolet 1.05, Windows Any version
Vulnerability: piolet-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/12954
Date Reported: 08/13/2003
Brief Description: HP Tru64 UNIX ee device driver denial of service
Risk Factor: Low
Attack Type: Host Based
Platforms: Compaq Tru64 UNIX 4.0f, Compaq Tru64 UNIX 4.0g,
Compaq Tru64 UNIX 5.1, Compaq Tru64 UNIX 5.1a,
Compaq Tru64 UNIX 5.1b
Vulnerability: tru64-ee-driver-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/12955
Date Reported: 08/20/2003
Brief Description: NetMail weak password encryption
Risk Factor: Medium
Attack Type: Host Based
Platforms: NetMail 7.05, Windows Any version
Vulnerability: netmail-weak-password-encryption
X-Force URL: http://xforce.iss.net/xforce/xfdb/12956
Date Reported: 08/18/2003
Brief Description: ACMPOP weak password encryption
Risk Factor: Medium
Attack Type: Host Based
Platforms: ACMPOP 1.5, Windows Any version
Vulnerability: acmpop-weak-password-encryption
X-Force URL: http://xforce.iss.net/xforce/xfdb/12957
Date Reported: 08/18/2003
Brief Description: NetServe registry key stores administrative
password in plain text
Risk Factor: Medium
Attack Type: Host Based
Platforms: NetServe 1.0.4, Windows Any version
Vulnerability: netserve-registrykey-plaintext-password
X-Force URL: http://xforce.iss.net/xforce/xfdb/12958
Date Reported: 08/20/2003
Brief Description: Microsoft Data Access Components broadcast request
buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Microsoft Data Access Components (MDAC) 2.5,
Microsoft Data Access Components (MDAC) 2.6,
Microsoft Data Access Components (MDAC) 2.7,
Windows 98, Windows 98 Second Edition, Windows Me,
Windows 2000 Any version, Windows NT 4.0, Windows
XP Any version
Vulnerability: mdac-broadcast-request-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/12959
Date Reported: 08/20/2003
Brief Description: Microsoft Internet Explorer Object Data tags could
allow an attacker to execute code
Risk Factor: High
Attack Type: Network Based
Platforms: Microsoft Internet Explorer 5.01, Microsoft
Internet Explorer 5.5, Microsoft Internet Explorer
6.0, Windows Any version
Vulnerability: ie-object-code-execution
X-Force URL: http://xforce.iss.net/xforce/xfdb/12960
Date Reported: 08/20/2003
Brief Description: Microsoft Internet Explorer browser cache script
injection
Risk Factor: Medium
Attack Type: Network Based
Platforms: Microsoft Internet Explorer 5.01, Microsoft
Internet Explorer 5.5, Microsoft Internet Explorer
6.0, Windows Any version
Vulnerability: ie-cache-script-injection
X-Force URL: http://xforce.iss.net/xforce/xfdb/12961
Date Reported: 08/20/2003
Brief Description: Microsoft Internet Explorer BR549.DLL ActiveX
control buffer overflow
Risk Factor: Medium
Attack Type: Network Based
Platforms: Microsoft Internet Explorer 5.01, Microsoft
Internet Explorer 5.5, Microsoft Internet Explorer
6.0, Windows Any version
Vulnerability: ie-br549-activex-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/12962
Date Reported: 08/20/2003
Brief Description: ViRobot Linux Server CGI script buffer overflow
Risk Factor: High
Attack Type: Host Based
Platforms: Linux Any version, ViRobot Linux Server 2.0
Vulnerability: virobot-linux-cgi-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/12963
Date Reported: 08/18/2003
Brief Description: WebFtp accounts.dat plaintext password
Risk Factor: Medium
Attack Type: Host Based
Platforms: WebFtp 3.0, Windows Any version
Vulnerability: webftp-accounts-plaintext-password
X-Force URL: http://xforce.iss.net/xforce/xfdb/12964
Date Reported: 08/21/2003
Brief Description: Qualcomm Eudora WorldMail Server search cross-site
scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Qualcomm Eudora WorldMail Server 2, Windows Any
version
Vulnerability: eudora-search-xss
X-Force URL: http://xforce.iss.net/xforce/xfdb/12965
Date Reported: 08/21/2003
Brief Description: srcpd conffile buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms: srcpd 2.0, Unix Any version
Vulnerability: srcpd-conffile-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/12966
Date Reported: 08/21/2003
Brief Description: srcpd integer overflow
Risk Factor: Low
Attack Type: Network Based
Platforms: srcpd 2.0, Unix Any version
Vulnerability: srcpd-integer-overflow
X-Force URL: http://xforce.iss.net/xforce/xfdb/12967
Date Reported: 08/21/2003
Brief Description: srcpd multiple functions buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: srcpd 2.0, Unix Any version
Vulnerability: srcpd-multiple-functions-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/12968
Date Reported: 08/19/2003
Brief Description: BitKeeper patch could allow an attacker to execute
code
Risk Factor: High
Attack Type: Network Based
Platforms: BitKeeper 3.0.1 and earlier, Unix Any version,
Windows Any version
Vulnerability: bitkeeper-patch-execute-code
X-Force URL: http://xforce.iss.net/xforce/xfdb/12969
Date Reported: 08/20/2003
Brief Description: Microsoft Internet Explorer DBCS Type property of
Object tag buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Microsoft Internet Explorer 6.1 SP1 JE, Windows Any
version
Vulnerability: ie-dbcs-object-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/12970
Date Reported: 08/21/2003
Brief Description: GDM ~/.xsession-errors file symlink
Risk Factor: Medium
Attack Type: Host Based
Platforms: GDM prior to 2.4.1.6, Mandrake Linux 9.0, Mandrake
Linux 9.1, Mandrake Linux Corporate Server 2.1, Red
Hat Linux 8.0, Red Hat Linux 9
Vulnerability: gdm-xsessions-errors-symlink
X-Force URL: http://xforce.iss.net/xforce/xfdb/12971
Date Reported: 08/21/2003
Brief Description: GDM XDMCP missing 'continue' statement denial of
service
Risk Factor: Low
Attack Type: Host Based
Platforms: GDM prior to 2.4.1.6, Mandrake Linux 9.0, Mandrake
Linux 9.1, Mandrake Linux Corporate Server 2.1, Red
Hat Linux 7.1, Red Hat Linux 7.2, Red Hat Linux
7.3, Red Hat Linux 8.0, Red Hat Linux 9
Vulnerability: gdm-xdmcp-continue-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/12972
Date Reported: 08/21/2003
Brief Description: GDM XDMCP authorization data denial of service
Risk Factor: Low
Attack Type: Host Based
Platforms: GDM prior to 2.4.1.6, Mandrake Linux 9.0, Mandrake
Linux 9.1, Mandrake Linux Corporate Server 2.1, Red
Hat Linux 7.1, Red Hat Linux 7.2, Red Hat Linux
7.3, Red Hat Linux 8.0, Red Hat Linux 9
Vulnerability: gdm-xdmcp-authorization-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/12973
Date Reported: 08/22/2003
Brief Description: Avant Browser long HTTP request buffer overflow
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms: Avant Browser 8.02, Windows Any version
Vulnerability: avantbrowser-http-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/12974
Date Reported: 08/20/2003
Brief Description: Multipoint FTP-Server LIST or GET commands
directory traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms: Multipoint FTP-Server 0.2.3b, Windows Any version
Vulnerability: multipoint-commands-directory-traversal
X-Force URL: http://xforce.iss.net/xforce/xfdb/12975
Date Reported: 08/22/2003
Brief Description: paBox administrative password in plain text
Risk Factor: Medium
Attack Type: Host Based / Network Based
Platforms: Linux Any version, paBox 1.6, Unix Any version,
Windows Any version
Vulnerability: pabox-admin-plaintext-password
X-Force URL: http://xforce.iss.net/xforce/xfdb/12976
Date Reported: 08/13/2003
Brief Description: PHP dlopen function memory disclosure
Risk Factor: Medium
Attack Type: Host Based
Platforms: Linux Any version, PHP Any version, Unix Any
version
Vulnerability: php-dlopen-memory-disclosure
X-Force URL: http://xforce.iss.net/xforce/xfdb/12977
Date Reported: 08/20/2003
Brief Description: OpenBSD semget(2) function buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms: OpenBSD 3.3
Vulnerability: openbsd-semget2-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/12978
Date Reported: 08/22/2003
Brief Description: WIDZ widz_apmon.c could allow an attacker to
execute commands
Risk Factor: High
Attack Type: Network Based
Platforms: Unix Any version, WIDZ 1.5 and earlier
Vulnerability: widz-apmon-command-execution
X-Force URL: http://xforce.iss.net/xforce/xfdb/13003
Date Reported: 08/22/2003
Brief Description: RealNetworks' Helix Universal Server View Source
Plug-in code execution
Risk Factor: High
Attack Type: Network Based
Platforms: Helix Universal Server 9.0 and earlier, Unix Any
version, Windows Any version
Vulnerability: helix-view-code-execution
X-Force URL: http://xforce.iss.net/xforce/xfdb/13004
_____
Risk Factor Key:
High Security issues that allow immediate remote, or local access
or immediate execution of code or commands, with unauthorized
privileges. Examples are most buffer overflows, backdoors,
default or no password, and bypassing security on firewalls
or other network components.
Medium Security issues that have the potential of granting access or
allowing code execution by means of complex or lengthy exploit
procedures, or low risk issues applied to major Internet
components. Examples are cross-site scripting, man-in-the-middle
attacks, SQL injection, denial of service of major applications,
and denial of service resulting in system information disclosure
(such as core files).
Low Security issues that deny service or provide non-system
information that could be used to formulate structured attacks
on a target, but not directly gain unauthorized access. Examples
are brute force attacks, non-system information disclosure
(configurations, paths, etc.), and denial of service attacks.
______
About Internet Security Systems (ISS)
Founded in 1994, Internet Security Systems (ISS) (Nasdaq: ISSX) is a
pioneer and world leader in software and services that protect critical
online resources from an ever-changing spectrum of threats and misuse.
Internet Security Systems is headquartered in Atlanta, GA, with
additional operations throughout the Americas, Asia, Australia, Europe
and the Middle East.
Copyright (c) 2003 Internet Security Systems, Inc. All rights reserved
worldwide.
Permission is hereby granted for the electronic redistribution of this
document. It is not to be edited or altered in any way without the
express written consent of the Internet Security Systems X-Force. If you
wish to reprint the whole or any part of this document in any other
medium excluding electronic media, please email xforce@iss.net for
permission.
Disclaimer: The information within this paper may change without notice. Internet
Security Systems provides this information on an AS IS basis with NO warranties,
implied or otherwise. Any use of this information is at the user’s risk. In no event
shall Internet Security Systems be held liable for any damages whatsoever arising
out of or in connection with the use or dissemination of this information.
X-Force PGP Key available on MIT's PGP key server and PGP.com's key server,
as well as at http://xforce.iss.net/xforce/sensitive.php
Please send suggestions, updates, and comments to: X-Force
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBP0phDDRfJiV99eG9AQFO/wP9GW5vM5CA81V8vSXyIQDEhwdepE2Ppyl5
+HIwSncc04oUgzOYg0iRTffU5VwmodojW6GTGvYoc8eAn+iJBA/7/cxJd3t2YWfs
1XOelHR5xgh0Lh2QcTQhKn4a8Y4uILuHaDzUZhKHbKhvsM/QC4TE0v/F1uFS3eeU
ZNtk54ndWk8=
=eoMh
-----END PGP SIGNATURE-----
- Previous message: X-Force: "ISS Security Brief: UPDATED Sobig.F Mass-Email Worm - Trojan Horse Functionality"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
