ISS Security Alert Summary AS03-42
From: X-Force (xforce_at_iss.net)
Date: 10/20/03
- Previous message: Graham, Robert (ISS Atlanta): "MS03-043 Popup Messenger Servce buffer-overflow"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: alert@iss.net Date: Mon, 20 Oct 2003 14:38:57 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE-----
Internet Security Systems Security Alert Summary AS03-42
October 20, 2003
X-Force Vulnerability and Threat Database:
http://xforce.iss.net/
To receive these Alert Summaries, as well as other Alerts and
Advisories, subscribe to the Internet Security Systems Alert
mailing list at:
https://atla-mm1.iss.net/mailman/listinfo/alert
This summary is available at the following address:
http://xforce.iss.net/xforce/alerts/id/AS03-42
_____
Contents:
* 38 Reported Vulnerabilities
* Risk Factor Key
_____
Date Reported: 10/11/2003
Brief Description: mIRC long string supplied to IRC protocol could
allow execution of code
Risk Factor: High
Attack Type: Network Based
Platforms: mIRC 6.1 and earlier, Windows Any version
Vulnerability: mirc-ircprotocol-execute-code
X-Force URL: http://xforce.iss.net/xforce/xfdb/13405
Date Reported: 10/11/2003
Brief Description: TRACKtheCLICK click.cgi script injection
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, TRACKtheCLICK 1.0, Unix Any
version
Vulnerability: tracktheclick-click-script-injection
X-Force URL: http://xforce.iss.net/xforce/xfdb/13406
Date Reported: 10/12/2003
Brief Description: Microsoft Windows 2000 Server mqsvc.exe
MQLocateBegin packet buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Windows 2000 Advanced Server, Windows 2000 Any
version, Windows 2000 Datacenter Server, Windows
2000 Professional, Windows 2000 Server
Vulnerability: win2k-mqsvc-mqlocatebegin-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/13407
Date Reported: 10/12/2003
Brief Description: IRCd buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms: Conectiva Linux 9.0, IRCd 2.10 - 2.10.3p3, Unix Any
version
Vulnerability: ircd-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/13408
Date Reported: 10/12/2003
Brief Description: MyPHPCalendar multiple scripts PHP file include
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, MyPHPCalendar 10192000 Build1
Beta, Unix Any version, Windows Any version
Vulnerability: myphpcalendar-multiple-file-include
X-Force URL: http://xforce.iss.net/xforce/xfdb/13409
Date Reported: 10/15/2003
Brief Description: Microsoft Windows Messenger Service popup buffer
overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Windows 2000 Any version, Windows 2003 Server,
Windows NT 4.0, Windows NT 4.0 Server, Windows NT
4.0 TSE, Windows NT Any version, Windows XP Any
version
Vulnerability: win-messenger-popup-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/13413
Date Reported: 10/15/2003
Brief Description: Dbmail multiple parameters are vulnerable to SQL
injection
Risk Factor: Medium
Attack Type: Network Based
Platforms: Dbmail 1.1, Linux Any version, Unix Any version
Vulnerability: dbmail-multiple-sql-injection
X-Force URL: http://xforce.iss.net/xforce/xfdb/13416
Date Reported: 10/12/2003
Brief Description: MyPHPCalendar setup.php information disclosure
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, MyPHPCalendar 10192000 Build1
Beta, Unix Any version, Windows Any version
Vulnerability: myphpcalendar-setupphp-obtain-information
X-Force URL: http://xforce.iss.net/xforce/xfdb/13417
Date Reported: 10/13/2003
Brief Description: HP Tru64 UNIX dtmailpr could allow an attacker to
gain privileges
Risk Factor: High
Attack Type: Host Based / Network Based
Platforms: Compaq Tru64 UNIX 4.0f, Compaq Tru64 UNIX 4.0g,
Compaq Tru64 UNIX 5.1, Compaq Tru64 UNIX 5.1a,
Compaq Tru64 UNIX 5.1b
Vulnerability: tru64-dtmailpr-gain-privileges
X-Force URL: http://xforce.iss.net/xforce/xfdb/13418
Date Reported: 10/11/2003
Brief Description: Gallery index.php PHP file include
Risk Factor: Medium
Attack Type: Network Based
Platforms: Gallery 1.4 in setup mode, Linux Any version
Vulnerability: gallery-indexphp-file-include
X-Force URL: http://xforce.iss.net/xforce/xfdb/13419
Date Reported: 10/15/2003
Brief Description: Microsoft Windows HSC HCP protocol file buffer
overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Windows Me, Windows 2000 Any version, Windows 2003
Server, Windows NT 4.0, Windows NT 4.0 Server,
Windows NT 4.0 TSE, Windows XP Any version
Vulnerability: win-hsc-hcp-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/13420
Date Reported: 10/15/2003
Brief Description: Microsoft Exchange Server OWA Compose New Message
form cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Microsoft Exchange 5.5, Windows 2000 Any version,
Windows NT Any version, Windows XP Any version
Vulnerability: exchange-owa-message-xss
X-Force URL: http://xforce.iss.net/xforce/xfdb/13421
Date Reported: 10/15/2003
Brief Description: Microsoft Windows Authenticode could allow an
attacker to execute code
Risk Factor: High
Attack Type: Network Based
Platforms: Windows 2000 Any version, Windows 2003 Server,
Windows NT 4.0, Windows NT 4.0 Server, Windows NT
4.0 TSE, Windows XP Any version
Vulnerability: win-authenticode-code-execution
X-Force URL: http://xforce.iss.net/xforce/xfdb/13422
Date Reported: 10/15/2003
Brief Description: Microsoft Windows 2000 Local Troubleshooter ActiveX
control buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Windows 2000 Any version
Vulnerability: win2k-local-troubleshooter-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/13423
Date Reported: 10/15/2003
Brief Description: Microsoft Windows User32.dll ListBox and ComboBox
controls buffer overflow
Risk Factor: High
Attack Type: Host Based
Platforms: Windows 2000 Any version, Windows 2003 Server,
Windows NT 4.0, Windows NT 4.0 Server, Windows NT
4.0 TSE, Windows NT 4.0 Workstation, Windows XP Any
version
Vulnerability: win-user32-control-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/13424
Date Reported: 10/13/2003
Brief Description: IRCd JOIN command buffer overflow
Risk Factor: Low
Attack Type: Network Based
Platforms: IRCd 2.10.3p3, Unix Any version
Vulnerability: ircd-join-command-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/13425
Date Reported: 10/14/2003
Brief Description: Microsoft Windows 2000 and XP RPC race condition
Risk Factor: Medium
Attack Type: Network Based
Platforms: Windows 2000 Any version, Windows XP Any version
Vulnerability: win-rpc-race-condition
X-Force URL: http://xforce.iss.net/xforce/xfdb/13426
Date Reported: 10/14/2003
Brief Description: mIRC Direct Client Connection request can cause
client denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: mIRC 6.11 and earlier, Windows Any version
Vulnerability: mirc-dcc-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/13427
Date Reported: 10/14/2003
Brief Description: WinSyslog long syslog message denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Windows Any version, WinSyslog 4.21 SP1
Vulnerability: winsyslog-long-syslog-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/13428
Date Reported: 10/15/2003
Brief Description: Apache Tomcat non-HTTP request denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms: Debian Linux 3.0, Linux Any version, Tomcat 4.0.x,
Unix Any version, Windows Any version
Vulnerability: tomcat-non-http-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/13429
Date Reported: 10/15/2003
Brief Description: Wrensoft Zoom Search Engine cross-site scripting in
search.php script
Risk Factor: Medium
Attack Type: Network Based
Platforms: Windows Any version, Zoom Search Engine 2.0 Build
1018
Vulnerability: zoom-search-xss
X-Force URL: http://xforce.iss.net/xforce/xfdb/13431
Date Reported: 10/15/2003
Brief Description: Microsoft Exchange SMTP extended verb request
buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Microsoft Exchange 2000, Windows 2000 Any version,
Windows NT Any version, Windows XP Any version
Vulnerability: exchange-smtp-verb-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/13432
Date Reported: 10/15/2003
Brief Description: Microsoft Exchange SMTP extended verb request
denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms: Microsoft Exchange 5.5, Windows 2000 Any version,
Windows NT Any version, Windows XP Any version
Vulnerability: exchange-smtp-verb-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/13433
Date Reported: 10/14/2003
Brief Description: Sun Solaris kernel race condition causes denial of
service
Risk Factor: Low
Attack Type: Host Based
Platforms: Solaris 2.6, Solaris 7, Solaris 8, Solaris 9
Vulnerability: solaris-race-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/13434
Date Reported: 10/14/2003
Brief Description: Sun Solaris sysinfo could allow an attacker to read
memory
Risk Factor: Medium
Attack Type: Host Based
Platforms: Solaris 2.6, Solaris 7, Solaris 8, Solaris 9
Vulnerability: solaris-sysinfo-read-memory
X-Force URL: http://xforce.iss.net/xforce/xfdb/13435
Date Reported: 10/15/2003
Brief Description: Linksys EtherFast Log_Page_Num denial of service
BEFSX41
Risk Factor: Low
Attack Type: Network Based
Platforms: Linksys EtherFast BEFSX41 1.44.3
Vulnerability: linksys-etherfast-logpagenum-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/13436
Date Reported: 10/15/2003
Brief Description: Gaim remote command execution
Risk Factor: High
Attack Type: Network Based
Platforms: Gaim Any version, Linux Any version, Windows Any
version
Vulnerability: gaim-remote-command-execution
X-Force URL: http://xforce.iss.net/xforce/xfdb/13438
Date Reported: 10/15/2003
Brief Description: Microsoft Word long macro name buffer overflow
Risk Factor: Low
Attack Type: Network Based
Platforms: Microsoft Office 2000, Microsoft Office 97,
Microsoft Word 2000, Microsoft Word 97, Windows Any
version
Vulnerability: word-macro-name-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/13439
Date Reported: 10/16/2003
Brief Description: Bajie HTTP Server cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Bajie HTTP Server 0.95zxv4, Linux Any version, Unix
Any version, Windows Any version
Vulnerability: bajie-xss
X-Force URL: http://xforce.iss.net/xforce/xfdb/13442
Date Reported: 10/15/2003
Brief Description: AOL Instant Messenger getfile long screenname
buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: AOL Instant Messenger 5.2.3292, Windows Any version
Vulnerability: aim-getfile-screenname-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/13443
Date Reported: 10/17/2003
Brief Description: Microsoft Windows Non-English patched with MS03-045
denial of service in Sophos Anti-Virus
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms: Windows 2000 Non-English, Windows 2003 Non-English,
Windows NT Non-English, Windows XP Non-English
Vulnerability: winnonenglish-ms03045-applications-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/13444
Date Reported: 10/14/2003
Brief Description: RealOne Player temporary file could allow an
attacker to execute scripts
Risk Factor: High
Attack Type: Network Based
Platforms: Linux Any version, Mac OS X Any version, RealOne
Enterprise Desktop Any version, RealOne Player 2.0,
RealOne Player Any version, RealOne Player for Mac
OS X Any version, Unix Any version, Windows Any
version
Vulnerability: realoneplayer-temporary-script-execution
X-Force URL: http://xforce.iss.net/xforce/xfdb/13445
Date Reported: 10/14/2003
Brief Description: WGSD-1020 switch default administrative account
Risk Factor: Medium
Attack Type: Network Based
Platforms: WGSD-1020 3.08
Vulnerability: wgsd-default-admin-account
X-Force URL: http://xforce.iss.net/xforce/xfdb/13446
Date Reported: 10/16/2003
Brief Description: GDM denial of service
Risk Factor: Low
Attack Type: Host Based
Platforms: Conectiva Linux 8.0, Conectiva Linux 9.0, GDM prior
to 2.4.1.7, Mandrake Linux 9.1, Mandrake Linux 9.2,
Mandrake Linux Corporate Server 2.1
Vulnerability: gdm-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/13447
Date Reported: 10/16/2003
Brief Description: GDM command denial of service
Risk Factor: Low
Attack Type: Host Based
Platforms: Conectiva Linux 8.0, Conectiva Linux 9.0, GDM prior
to 2.4.1.7, Mandrake Linux 9.1, Mandrake Linux 9.2,
Mandrake Linux Corporate Server 2.1
Vulnerability: gdm-command-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/13448
Date Reported: 10/16/2003
Brief Description: Fetchmail email denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Fetchmail 6.2.4, Mandrake Linux 9.2
Vulnerability: fetchmail-email-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/13450
Date Reported: 10/18/2003
Brief Description: Oracle Database Server oracle and oracleO binaries
buffer overflow
Risk Factor: High
Attack Type: Host Based
Platforms: Linux Any version, Oracle9i Database Server
9.2.0.4.0, Unix Any version
Vulnerability: oracle-oracleo-binaries-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/13451
Date Reported: 10/18/2003
Brief Description: Vivísimo Clustering Engine cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Unix Any version, Vivísimo
Clustering Engine Any version, Windows Any version
Vulnerability: vívísimo-clustering-engine-xss
X-Force URL: http://xforce.iss.net/xforce/xfdb/13452
_____
Risk Factor Key:
High Security issues that allow immediate remote, or local access
or immediate execution of code or commands, with unauthorized
privileges. Examples are most buffer overflows, backdoors,
default or no password, and bypassing security on firewalls
or other network components.
Medium Security issues that have the potential of granting access or
allowing code execution by means of complex or lengthy exploit
procedures, or low risk issues applied to major Internet
components. Examples are cross-site scripting, man-in-the-middle
attacks, SQL injection, denial of service of major applications,
and denial of service resulting in system information disclosure
(such as core files).
Low Security issues that deny service or provide non-system
information that could be used to formulate structured attacks
on a target, but not directly gain unauthorized access. Examples
are brute force attacks, non-system information disclosure
(configurations, paths, etc.), and denial of service attacks.
______
About Internet Security Systems (ISS)
Founded in 1994, Internet Security Systems (ISS) (Nasdaq: ISSX) is a
pioneer and world leader in software and services that protect critical
online resources from an ever-changing spectrum of threats and misuse.
Internet Security Systems is headquartered in Atlanta, GA, with
additional operations throughout the Americas, Asia, Australia, Europe
and the Middle East.
Copyright (c) 2003 Internet Security Systems, Inc. All rights reserved
worldwide.
Permission is hereby granted for the electronic redistribution of this
document. It is not to be edited or altered in any way without the
express written consent of the Internet Security Systems X-Force. If you
wish to reprint the whole or any part of this document in any other
medium excluding electronic media, please email xforce@iss.net for
permission.
Disclaimer: The information within this paper may change without notice. Internet
Security Systems provides this information on an AS IS basis with NO warranties,
implied or otherwise. Any use of this information is at the user’s risk. In no event
shall Internet Security Systems be held liable for any damages whatsoever arising
out of or in connection with the use or dissemination of this information.
X-Force PGP Key available on MIT's PGP key server and PGP.com's key server,
as well as at http://xforce.iss.net/xforce/sensitive.php
Please send suggestions, updates, and comments to: X-Force
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBP5QrsDRfJiV99eG9AQGSWgQAnfTZ6YRrAwxYlpNTQ6wO2UiNVDTl77RB
CZpcBhY6Cf/jsq6vi5hjjlSuxbYx/NKRnRHfm7kwufWXoZzA9mY8XdJpCaL5I3/1
rAM08fU2X9qX2AbwyzyStYK46Xn2cncslY2O1FSrWA/nzkdk9XQHRHpFt3XTFjef
OtPGBDv0Mbs=
=lWpi
-----END PGP SIGNATURE-----
- Previous message: Graham, Robert (ISS Atlanta): "MS03-043 Popup Messenger Servce buffer-overflow"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
