ISS Security Alert Summary AS03-41
From: X-Force (xforce_at_iss.net)
Date: 10/13/03
- Previous message: X-Force: "ISS Security Alert Summary AS03-40"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: alert@iss.net Date: Mon, 13 Oct 2003 13:45:55 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE-----
Internet Security Systems Security Alert Summary AS03-41
October 13, 2003
X-Force Vulnerability and Threat Database:
http://xforce.iss.net/
To receive these Alert Summaries, as well as other Alerts and
Advisories, subscribe to the Internet Security Systems Alert
mailing list at:
https://atla-mm1.iss.net/mailman/listinfo/alert
This summary is available at the following address:
http://xforce.iss.net/xforce/alerts/id/AS03-41
_____
Contents:
* 44 Reported Vulnerabilities
* Risk Factor Key
_____
Date Reported: 10/04/2003
Brief Description: Access Runner could allow an attacker to bypass
login restrictions
Risk Factor: High
Attack Type: Network Based
Platforms: Access Runner 3.21, Windows NT Any version, Windows
XP Any version
Vulnerability: access-runner-login-bypass
X-Force URL: http://xforce.iss.net/xforce/xfdb/13349
Date Reported: 10/04/2003
Brief Description: EMML could allow an attacker to include PHP files
Risk Factor: Medium
Attack Type: Network Based
Platforms: EternalMart Mailing List Manager 1.32, Linux Any
version, Windows Any version
Vulnerability: emml-php-file-include
X-Force URL: http://xforce.iss.net/xforce/xfdb/13350
Date Reported: 10/03/2003
Brief Description: Cisco PIX Firewall sending large amount of ICMP
echo requests causes denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Cisco PIX Firewall 6.3
Vulnerability: cisco-pix-icmprequest-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/13351
Date Reported: 10/04/2003
Brief Description: EMGB could allow an attacker to include PHP files
Risk Factor: Medium
Attack Type: Network Based
Platforms: Eternalmart Guestbook 1.1, Linux Any version,
Windows Any version
Vulnerability: emgb-php-file-include
X-Force URL: http://xforce.iss.net/xforce/xfdb/13352
Date Reported: 10/06/2003
Brief Description: PHP Prayer Board prayerborad.php or
prayerboard_db.php cross-site scripting
Risk Factor: Medium
Attack Type: Host Based
Platforms: Linux Any version, PHP Prayer Board prior to 0.52,
Unix Any version, Windows Any version
Vulnerability: phpprayerboard-multiple-xss
X-Force URL: http://xforce.iss.net/xforce/xfdb/13353
Date Reported: 10/06/2003
Brief Description: slocate heap buffer overflow
Risk Factor: High
Attack Type: Host Based
Platforms: Red Hat Linux Any version, slocate 2.6
Vulnerability: slocate-heap-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/13354
Date Reported: 10/06/2003
Brief Description: SuSE javarunt symlink attack
Risk Factor: High
Attack Type: Host Based
Platforms: SuSE Linux 7.3Pro
Vulnerability: suse-javarunt-symlink
X-Force URL: http://xforce.iss.net/xforce/xfdb/13355
Date Reported: 10/06/2003
Brief Description: SuSE Linux susewm symlink attack
Risk Factor: High
Attack Type: Host Based
Platforms: SuSE Linux 8.2Pro
Vulnerability: suse-susewm-symlink
X-Force URL: http://xforce.iss.net/xforce/xfdb/13356
Date Reported: 10/05/2003
Brief Description: JBoss SQL injection
Risk Factor: High
Attack Type: Network Based
Platforms: JBoss 3.0.8, JBoss 3.2.1, Sun JDK 1.4.x, Windows
Any version
Vulnerability: jboss-sql-injection
X-Force URL: http://xforce.iss.net/xforce/xfdb/13357
Date Reported: 10/06/2003
Brief Description: XShisen -KCONV command line option buffer overflow
Risk Factor: High
Attack Type: Host Based
Platforms: HP-UX Any version, Linux Any version, Windows Any
version, Xshisen 1.51
Vulnerability: xshisen-kconv-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/13358
Date Reported: 10/06/2003
Brief Description: XShisen XSHISENLIB environment variable buffer
overflow
Risk Factor: High
Attack Type: Host Based
Platforms: HP-UX Any version, Linux Any version, Windows Any
version, Xshisen 1.51
Vulnerability: xshisen-xshisenlib-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/13359
Date Reported: 10/04/2003
Brief Description: Easy File Sharing Web Server Title field denial of
service
Risk Factor: Low
Attack Type: Network Based
Platforms: Easy File Sharing Web Server 1.2, Windows Any
version
Vulnerability: easyfilesharing-title-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/13360
Date Reported: 10/04/2003
Brief Description: Easy File Sharing Web Server Your Message field
buffer overflow
Risk Factor: Low
Attack Type: Network Based
Platforms: Easy File Sharing Web Server 1.2, Windows Any
version
Vulnerability: easyfilesharing-yourmessage-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/13361
Date Reported: 10/04/2003
Brief Description: Easy File Sharing Web Server HTTP request to log
file or option.ini file information disclosure
Risk Factor: Medium
Attack Type: Network Based
Platforms: Easy File Sharing Web Server 1.2, Windows Any
version
Vulnerability: easyfilesharing-obtain-information
X-Force URL: http://xforce.iss.net/xforce/xfdb/13362
Date Reported: 10/04/2003
Brief Description: PHP-Nuke WebMail could allow an attacker to include
PHP files
Risk Factor: Medium
Attack Type: Network Based
Platforms: PHP-Nuke 6.7, Windows Any version
Vulnerability: phpnuke-webmail-file-include
X-Force URL: http://xforce.iss.net/xforce/xfdb/13363
Date Reported: 10/04/2003
Brief Description: PrimeBase SQL Database Server primebase file has
insecure permissions
Risk Factor: High
Attack Type: Host Based
Platforms: AIX Any version, Linux Any version, Mac OS Any
version, PrimeBase SQL Database Server 4.2, Solaris
Any version, Windows Any version
Vulnerability: primebase-file-insecure-permissions
X-Force URL: http://xforce.iss.net/xforce/xfdb/13365
Date Reported: 10/07/2003
Brief Description: Adobe SVG Viewer allows attacker to bypass Active
Scripting settings
Risk Factor: Medium
Attack Type: Network Based
Platforms: Adobe SVG Viewer (ASV) 3.0 and earlier, Adobe SVG
Viewer (ASV) 3.0 and earlier, Adobe SVG Viewer
(ASV) 3.0 and earlier, Windows Any version
Vulnerability: adobe-svg-scripting-bypass
X-Force URL: http://xforce.iss.net/xforce/xfdb/13366
Date Reported: 10/04/2003
Brief Description: PrimeBase SQL Database Server allows PrimeBase.log
file to be overwritten
Risk Factor: Medium
Attack Type: Host Based
Platforms: AIX Any version, Linux Any version, Mac OS Any
version, PrimeBase SQL Database Server 4.2, Solaris
Any version, Windows Any version
Vulnerability: primebase-file-overwrite
X-Force URL: http://xforce.iss.net/xforce/xfdb/13367
Date Reported: 10/07/2003
Brief Description: Adobe SVG Viewer JavaScript alert function allows
attacker to access domains
Risk Factor: Medium
Attack Type: Network Based
Platforms: Adobe SVG Viewer (ASV) 3.0 and earlier, Adobe SVG
Viewer (ASV) 3.0 and earlier, Adobe SVG Viewer
(ASV) 3.0 and earlier, Windows Any version
Vulnerability: adobe-svg-domain-access
X-Force URL: http://xforce.iss.net/xforce/xfdb/13371
Date Reported: 10/07/2003
Brief Description: PeopleSoft PeopleTools .xls search results are
saved in an insecure file
Risk Factor: Medium
Attack Type: Network Based
Platforms: PeopleSoft PeopleTools 8.42, Windows 2000 Any
version, Windows NT Any version
Vulnerability: peoplesoft-file-access
X-Force URL: http://xforce.iss.net/xforce/xfdb/13372
Date Reported: 10/07/2003
Brief Description: Medieval: Total War broadcast denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Medieval: Total War 1.1 and earlier, Windows Any
version
Vulnerability: medievaltotalwar-broadcast-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/13373
Date Reported: 10/06/2003
Brief Description: Microsoft Windows Media Player Dynamic HTML
behaviors allows an attacker to execute code
Risk Factor: High
Attack Type: Network Based
Platforms: Windows 98 Second Edition, Windows Me, Windows 2000
Any version, Windows 2003 Server, Windows Media
Player 6.4, Windows Media Player 7.1, Windows Media
Player 9 Series, Windows Media Player for Windows
XP, Windows XP Any version
Vulnerability: mediaplayer-dhtml-code-execution
X-Force URL: http://xforce.iss.net/xforce/xfdb/13375
Date Reported: 10/06/2003
Brief Description: Microsoft Internet Explorer Dynamic HTML behaviors
allows an attacker to execute code
Risk Factor: High
Attack Type: Network Based
Platforms: Microsoft Internet Explorer 5.01 SP3, Microsoft
Internet Explorer 5.01 SP4, Microsoft Internet
Explorer 5.5 SP2, Microsoft Internet Explorer 6.0
Gold, Microsoft Internet Explorer 6.0 SP1, Windows
Any version
Vulnerability: ie-dhtml-code-execution
X-Force URL: http://xforce.iss.net/xforce/xfdb/13376
Date Reported: 10/07/2003
Brief Description: Medieval: Total War long nickname denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Medieval: Total War 1.1 and earlier, Windows Any
version
Vulnerability: medievaltotalwar-long-nickname-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/13377
Date Reported: 10/07/2003
Brief Description: Adobe SVG Viewer postURL and getURL information
disclosure
Risk Factor: Medium
Attack Type: Network Based
Platforms: Adobe SVG Viewer (ASV) 3.0 and earlier, Adobe SVG
Viewer (ASV) 3.0 and earlier, Adobe SVG Viewer
(ASV) 3.0 and earlier, Windows Any version
Vulnerability: adobe-svg-view-files
X-Force URL: http://xforce.iss.net/xforce/xfdb/13378
Date Reported: 10/06/2003
Brief Description: File-Sharing for net Subject and Your Message
fields cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: File-Sharing for net 1.5, Windows 2000 Any version,
Windows XP Any version
Vulnerability: filesharingfornet-subject-xss
X-Force URL: http://xforce.iss.net/xforce/xfdb/13379
Date Reported: 10/02/2003
Brief Description: Earth Station 5 Search Service file deletion
Risk Factor: Medium
Attack Type: Network Based
Platforms: Earth Station 5 1.08 b1266, Earth Station 5 1.08
b2180, Windows Any version
Vulnerability: earthstation5-search-delete-file
X-Force URL: http://xforce.iss.net/xforce/xfdb/13382
Date Reported: 10/08/2003
Brief Description: FirstClass Internet Server long HTTP GET request
causes denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: FirstClass build 133 (SP3), FirstClass build 133
(SP3), FirstClass build 133 (SP3), Mac OS Any
version, Windows Any version
Vulnerability: firstclass-httpget-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/13383
Date Reported: 10/08/2003
Brief Description: PayPal Store Front index.php PHP file include
Risk Factor: Medium
Attack Type: Network Based
Platforms: PayPal Store Front 3.0, Unix Any version
Vulnerability: paypal-index-file-include
X-Force URL: http://xforce.iss.net/xforce/xfdb/13384
Date Reported: 10/08/2003
Brief Description: Microsoft Windows Server 2003 "dot dot" directory
traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms: Windows 2003 Server
Vulnerability: win2003-dotdot-directory-traversal
X-Force URL: http://xforce.iss.net/xforce/xfdb/13385
Date Reported: 10/08/2003
Brief Description: HP-UX dtprintinfo DISPLAY variable buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms: HP-UX 11.00
Vulnerability: hp-dtprintinfo-display-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/13387
Date Reported: 10/07/2003
Brief Description: PeopleSoft PeopleTools Control J hot key
information disclosure
Risk Factor: Medium
Attack Type: Network Based
Platforms: PeopleSoft PeopleTools 8.42, Windows 2000 Any
version, Windows NT Any version
Vulnerability: peoplesoft-controlj-obtain-information
X-Force URL: http://xforce.iss.net/xforce/xfdb/13388
Date Reported: 10/08/2003
Brief Description: ltrace search_for_command buffer overflow
Risk Factor: High
Attack Type: Host Based
Platforms: Linux Any version, ltrace 0.3.10-12, Unix Any
version
Vulnerability: ltrace-searchforcommand-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/13389
Date Reported: 10/07/2003
Brief Description: PeopleSoft PeopleTools long values in LONGCHAR or
VARCHAR fields can cause denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: PeopleSoft PeopleTools 8.42, Windows 2000 Any
version, Windows NT Any version
Vulnerability: peoplesoft-longchar-varchar-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/13390
Date Reported: 10/09/2003
Brief Description: DeskPRO multiple scripts allow SQL injection
Risk Factor: Medium
Attack Type: Network Based
Platforms: DeskPRO 1.1.0 and earlier, Linux Any version,
Windows Any version
Vulnerability: deskpro-multiple-sql-injection
X-Force URL: http://xforce.iss.net/xforce/xfdb/13391
Date Reported: 10/09/2003
Brief Description: DeskPRO administrator name and specific password
allows administrative access
Risk Factor: High
Attack Type: Network Based
Platforms: DeskPRO 1.1.0 and earlier, Linux Any version,
Windows Any version
Vulnerability: deskpro-login-admin-access
X-Force URL: http://xforce.iss.net/xforce/xfdb/13394
Date Reported: 10/05/2003
Brief Description: GuppY cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: GuppY 2.4p3, Linux Any version, Unix Any version,
Windows Any version
Vulnerability: guppy-xss
X-Force URL: http://xforce.iss.net/xforce/xfdb/13395
Date Reported: 10/05/2003
Brief Description: GuppY tinymsg.php could allow an attacker to add
data
Risk Factor: Medium
Attack Type: Network Based
Platforms: GuppY 2.4p3, Linux Any version, Unix Any version,
Windows Any version
Vulnerability: guppy-tinymsg-add-data
X-Force URL: http://xforce.iss.net/xforce/xfdb/13396
Date Reported: 10/09/2003
Brief Description: Hummingbird CyberDocs DocsFusion server files
containing source script code can be accessed
Risk Factor: Medium
Attack Type: Network Based
Platforms: Hummingbird CyberDocs DocsFusion server 2.12 and
earlier, Windows Any version
Vulnerability: Hummingbird-docsfusionserver-file-access
X-Force URL: http://xforce.iss.net/xforce/xfdb/13397
Date Reported: 10/09/2003
Brief Description: Hummingbird CyberDocs DocsFusion server invalid
login attempt information disclosure
Risk Factor: Medium
Attack Type: Network Based
Platforms: Hummingbird CyberDocs DocsFusion server 4.0 and
earlier, Windows Any version
Vulnerability: Hummingbird-docsfusionserver-disclose-path
X-Force URL: http://xforce.iss.net/xforce/xfdb/13398
Date Reported: 10/09/2003
Brief Description: Hummingbird CyberDocs DocsFusion server multiple
scripts cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Hummingbird CyberDocs DocsFusion server 4.0 and
earlier, Windows Any version
Vulnerability: hummingbird-docsfusionserver-multiple-xss
X-Force URL: http://xforce.iss.net/xforce/xfdb/13399
Date Reported: 10/09/2003
Brief Description: Hummingbird CyberDocs DocsFusion server
loginact.asp SQL injection
Risk Factor: Medium
Attack Type: Network Based
Platforms: Hummingbird CyberDocs DocsFusion server prior to
3.9, Windows Any version
Vulnerability: hummingbird-docsfusionserver-sql-injection
X-Force URL: http://xforce.iss.net/xforce/xfdb/13401
Date Reported: 10/09/2003
Brief Description: TinyWeb HTTP GET request denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: TinyWeb 1.9, Windows Any version
Vulnerability: tinyweb-httpget-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/13402
Date Reported: 10/08/2003
Brief Description: HP Securitycontrol Manager multiple vulnerabilities
in MySQL could allow execution of code
Risk Factor: High
Attack Type: Network Based
Platforms: HP Servicecontrol Manager (SCM) 3.0, HP
Servicecontrol Manager (SCM) 3.0, HP Servicecontrol
Manager (SCM) 3.0, HP-UX B.11.00, HP-UX B.11.11,
HP9000 Any version, Linux Any version, MySQL
3.23.54
Vulnerability: scm-multiple-execute-code
X-Force URL: http://xforce.iss.net/xforce/xfdb/13404
_____
Risk Factor Key:
High Security issues that allow immediate remote, or local access
or immediate execution of code or commands, with unauthorized
privileges. Examples are most buffer overflows, backdoors,
default or no password, and bypassing security on firewalls
or other network components.
Medium Security issues that have the potential of granting access or
allowing code execution by means of complex or lengthy exploit
procedures, or low risk issues applied to major Internet
components. Examples are cross-site scripting, man-in-the-middle
attacks, SQL injection, denial of service of major applications,
and denial of service resulting in system information disclosure
(such as core files).
Low Security issues that deny service or provide non-system
information that could be used to formulate structured attacks
on a target, but not directly gain unauthorized access. Examples
are brute force attacks, non-system information disclosure
(configurations, paths, etc.), and denial of service attacks.
______
About Internet Security Systems (ISS)
Founded in 1994, Internet Security Systems (ISS) (Nasdaq: ISSX) is a
pioneer and world leader in software and services that protect critical
online resources from an ever-changing spectrum of threats and misuse.
Internet Security Systems is headquartered in Atlanta, GA, with
additional operations throughout the Americas, Asia, Australia, Europe
and the Middle East.
Copyright (c) 2003 Internet Security Systems, Inc. All rights reserved
worldwide.
Permission is hereby granted for the electronic redistribution of this
document. It is not to be edited or altered in any way without the
express written consent of the Internet Security Systems X-Force. If you
wish to reprint the whole or any part of this document in any other
medium excluding electronic media, please email xforce@iss.net for
permission.
Disclaimer: The information within this paper may change without notice. Internet
Security Systems provides this information on an AS IS basis with NO warranties,
implied or otherwise. Any use of this information is at the user’s risk. In no event
shall Internet Security Systems be held liable for any damages whatsoever arising
out of or in connection with the use or dissemination of this information.
X-Force PGP Key available on MIT's PGP key server and PGP.com's key server,
as well as at http://xforce.iss.net/xforce/sensitive.php
Please send suggestions, updates, and comments to: X-Force
xforce@iss.net of Internet Security Systems, Inc.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBP4rksTRfJiV99eG9AQEr5gQAk6Zg2Ch5T1FPUGuofTBT/HT5QbmY60uA
2fv0ajE9RSxzuTnJjecicMonZ8qhMw3o2ZcorGwsZi0P6D6GvBfYt4jLtqoTEEMC
RkzVb6NriTGBshVOlF1vJo93DWsJs46LfuraBiYwhksbQ0n91HRbu2G+2Cwr0Yma
Jf1+gv36N8c=
=3kw7
-----END PGP SIGNATURE-----
- Previous message: X-Force: "ISS Security Alert Summary AS03-40"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
