ISS Security Alert Summary AS03-43

From: X-Force (xforce_at_iss.net)
Date: 10/27/03

Previous message: X-Force: "ISS Security Alert Summary AS03-42"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: alert@iss.net
Date: Mon, 27 Oct 2003 14:40:31 -0500 (EST)

-----BEGIN PGP SIGNED MESSAGE-----

Internet Security Systems Security Alert Summary AS03-43
October 27, 2003

X-Force Vulnerability and Threat Database:
http://xforce.iss.net/

To receive these Alert Summaries, as well as other Alerts and
Advisories, subscribe to the Internet Security Systems Alert
mailing list at:
https://atla-mm1.iss.net/mailman/listinfo/alert

This summary is available at the following address:
http://xforce.iss.net/xforce/alerts/id/AS03-43
_____
Contents:
* 30 Reported Vulnerabilities
* Risk Factor Key
_____

Date Reported: 10/15/2003
Brief Description: Novell iChain RETR denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: iChain 2.2 prior to SP2 b1, Linux Any version,
Solaris Any version, Windows Any version
Vulnerability: ichain-retr-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/13454

Date Reported: 10/15/2003
Brief Description: Novell iChain could allow session hijacking
Risk Factor: Medium
Attack Type: Network Based
Platforms: iChain 2.2 prior to SP2 b1, Linux Any version,
Solaris Any version, Windows Any version
Vulnerability: ichain-session-hijacking
X-Force URL: http://xforce.iss.net/xforce/xfdb/13455

Date Reported: 10/19/2003
Brief Description: ByteHoard "dot dot" directory traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms: ByteHoard 0.7, Linux Any version, Windows Any
version
Vulnerability: bytehoard-dotdot-directory-traversal
X-Force URL: http://xforce.iss.net/xforce/xfdb/13456

Date Reported: 10/19/2003
Brief Description: cpCommerce _functions.php script PHP file include
Risk Factor: Medium
Attack Type: Network Based
Platforms: cpCommerce Any version, Unix Any version
Vulnerability: cpCommerce-functionsphp-file-include
X-Force URL: http://xforce.iss.net/xforce/xfdb/13457

Date Reported: 10/20/2003
Brief Description: Opera escape heap overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Linux Any version, Opera 7.11, Opera 7.20, Windows
Any version
Vulnerability: opera-escape-heap-overflow
X-Force URL: http://xforce.iss.net/xforce/xfdb/13458

Date Reported: 10/20/2003
Brief Description: VPOP3 login page cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: VPOP3 2.0.0e, VPOP3 2.0.0f, Windows Any version
Vulnerability: vpop3-login-xss
X-Force URL: http://xforce.iss.net/xforce/xfdb/13459

Date Reported: 10/19/2003
Brief Description: Resin name and comment cross-scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Resin 2.x, Unix Any version, Windows Any version
Vulnerability: resin-name-comment-xss
X-Force URL: http://xforce.iss.net/xforce/xfdb/13460

Date Reported: 10/20/2003
Brief Description: Dansie Shopping Cart cart.pl script path disclosure
Risk Factor: Medium
Attack Type: Network Based
Platforms: Dansie Shopping Cart Any version, Linux Any
version, Unix Any version, Windows Any version
Vulnerability: dansie-cartpl-path-disclosure
X-Force URL: http://xforce.iss.net/xforce/xfdb/13461

Date Reported: 10/14/2003
Brief Description: Geeklog reqid SQL injection
Risk Factor: Medium
Attack Type: Network Based
Platforms: Geeklog 1.3.8, Linux Any version, Windows Any
version
Vulnerability: geeklog-reqid-sql-injection
X-Force URL: http://xforce.iss.net/xforce/xfdb/13462

Date Reported: 10/19/2003
Brief Description: eMule long password denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: eMule 0.29c, Windows Any version
Vulnerability: emule-long-password-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/13464

Date Reported: 10/17/2003
Brief Description: Goldlink variables.php could allow an attacker to
gain administrative access
Risk Factor: Medium
Attack Type: Network Based
Platforms: Goldlink 3.0, Linux Any version, Unix Any version
Vulnerability: goldlink-variables-gain-access
X-Force URL: http://xforce.iss.net/xforce/xfdb/13465

Date Reported: 10/20/2003
Brief Description: Java Plug-in unsigned applet sandbox restriction
bypass
Risk Factor: Medium
Attack Type: Network Based
Platforms: Java Plug-In 1.4.2_01, Linux Any version, Solaris
Any version, Windows Any version
Vulnerability: javaplugin-applet-sandbox-bypass
X-Force URL: http://xforce.iss.net/xforce/xfdb/13466

Date Reported: 10/19/2003
Brief Description: HP OpenView Network Node Manager packet denial of
                    service
Risk Factor: Medium
Attack Type: Network Based
Platforms: HP OpenView Network Node Manager 6.2, HP OpenView
                    Network Node Manager 6.4, HP-UX 10.20, HP-UX 11.00,
                    HP-UX 11.11, Solaris 2.x, Windows 2000 Any version,
                    Windows NT 4.0
Vulnerability: openview-nnm-packet-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/13467

Date Reported: 10/21/2003
Brief Description: MERCUR Mailserver long AUTH command denial of
                    service
Risk Factor: Low
Attack Type: Network Based
Platforms: MERCUR Mailserver 4.2 without SP3a, Windows 2000
                    Any version, Windows NT Any version, Windows XP Any
                    version
Vulnerability: mercur-auth-command-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/13468

Date Reported: 10/20/2003
Brief Description: Gast Arbeiter could allow an attacker to upload files
Risk Factor: Medium
Attack Type: Network Based
Platforms: Gast Arbeiter 1.3 and earlier, Linux Any version,
Unix Any version, Windows Any version
Vulnerability: gast-arbeiter-file-upload
X-Force URL: http://xforce.iss.net/xforce/xfdb/13469

Date Reported: 10/21/2003
Brief Description: My Classifieds email variable SQL injection
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, My Classifieds 2.11, Unix Any
version, Windows Any version
Vulnerability: myclassifieds-email-sql-injection
X-Force URL: http://xforce.iss.net/xforce/xfdb/13470

Date Reported: 10/18/2003
Brief Description: PHP-Nuke name variable in modules.php information
disclosure
Risk Factor: Medium
Attack Type: Network Based
Platforms: PHP-Nuke 7.0, Windows Any version
Vulnerability: phpnuke-modulesphp-path-disclosure
X-Force URL: http://xforce.iss.net/xforce/xfdb/13483

Date Reported: 10/21/2003
Brief Description: OpenServer symlink attack
Risk Factor: Medium
Attack Type: Host Based
Platforms: Caldera OpenServer 5.0.5
Vulnerability: openserver-symlink
X-Force URL: http://xforce.iss.net/xforce/xfdb/13484

Date Reported: 10/21/2003
Brief Description: Sun JRE/SDK untrusted applet allows attacker to
                    gain privileges
Risk Factor: High
Attack Type: Network Based
Platforms: Linux Any version, Solaris Any version, Sun JRE
                    1.2.2_015 - earlier, Sun JRE 1.3.1_08 and earlier,
                    Sun JRE 1.4.1_03 and earlier, Sun SDK 1.2.2_015 -
                    earlier, Sun SDK 1.3.1_08 and earlier, Sun SDK
                    1.4.1_03 and earlier, Windows Any version
Vulnerability: sun-applet-gain-privileges
X-Force URL: http://xforce.iss.net/xforce/xfdb/13485

Date Reported: 10/22/2003
Brief Description: Web Wiz Forums cross-site scripting in
forum_members.asp, members.asp, and
pm_buddy_list.asp scripts
Risk Factor: Medium
Attack Type: Network Based
Platforms: Web Wiz Forums 7.01, Windows Any version
Vulnerability: webwizforums-multiple-scripts-xss
X-Force URL: http://xforce.iss.net/xforce/xfdb/13486

Date Reported: 10/21/2003
Brief Description: phpGroupWare multiple vulnerabilities
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, phpGroupWare prior to
0.9.14.007, Unix Any version, Windows Any version
Vulnerability: phpgroupware-multiple-vulnerabilities
X-Force URL: http://xforce.iss.net/xforce/xfdb/13489

Date Reported: 10/22/2003
Brief Description: PGPDisk information disclosure
Risk Factor: Medium
Attack Type: Network Based
Platforms: PGPDisk Any version, Windows XP Any version
Vulnerability: pgpdisk-obtain-information
X-Force URL: http://xforce.iss.net/xforce/xfdb/13490

Date Reported: 10/15/2003
Brief Description: Macromedia ColdFusion MX SQL error cross-site
scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: ColdFusion MX 6.0, Linux Any version, Unix Any
version, Windows Any version
Vulnerability: coldfusion-sql-error-xss
X-Force URL: http://xforce.iss.net/xforce/xfdb/13491

Date Reported: 10/21/2003
Brief Description: HP Web-enabled management agents could allow an
                    attacker to gain privileges
Risk Factor: High
Attack Type: Host Based / Network Based
Platforms: Insight Management for Clients 3.5 through 5.0,
                    Insight Manager LC 1.00 - 1.60, Remote Diagnostics
                    Enabling Agent Any version, Windows 9x, Windows
                    2000 Any version, Windows NT Any version, Windows
                    XP Any version
Vulnerability: hp-management-gain-privileges
X-Force URL: http://xforce.iss.net/xforce/xfdb/13496

Date Reported: 10/22/2003
Brief Description: My Photo Gallery unknown vulnerabilities
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, My Photo Gallery prior to 3.6,
Unix Any version
Vulnerability: myphotogallery-unknown-vulnerabilities
X-Force URL: http://xforce.iss.net/xforce/xfdb/13498

Date Reported: 10/23/2003
Brief Description: Apache Cocoon directory traversal allows
                    downloading of boot.ini file
Risk Factor: Medium
Attack Type: Network Based
Platforms: Apache Cocoon 2.1 prior 10/22/2003, Apache Cocoon
                    2.1.2, Apache Cocoon 2.2 prior 10/22/2003, Windows
                    Any version
Vulnerability: apachecocoon-directory-traversal-bootini
X-Force URL: http://xforce.iss.net/xforce/xfdb/13499

Date Reported: 10/22/2003
Brief Description: CensorNet CGI script cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: CensorNet Any version, Linux Any version
Vulnerability: censornet-cgi-xss
X-Force URL: http://xforce.iss.net/xforce/xfdb/13507

Date Reported: 10/22/2003
Brief Description: Sylpheed and Sylpheed-Claws SMTP error message
format string attack
Risk Factor: High
Attack Type: Network Based
Platforms: Linux Any version, Sylpheed prior to 0.9.7,
Sylpheed-Claws prior to 0.9.7, Unix Any version
Vulnerability: sylpheed-smtp-format-string
X-Force URL: http://xforce.iss.net/xforce/xfdb/13508

Date Reported: 10/23/2003
Brief Description: Microsoft Windows HTML Help could allow an attacker
to gain privileges
Risk Factor: High
Attack Type: Host Based
Platforms: Windows Any version
Vulnerability: win-htmlhelp-gain-privileges
X-Force URL: http://xforce.iss.net/xforce/xfdb/13509

Date Reported: 10/24/2003
Brief Description: SiteKiosk could allow an attacker to bypass the
billing system
Risk Factor: Medium
Attack Type: Host Based
Platforms: SiteKiosk 5.5 and earlier, Windows Any version
Vulnerability: sitekiosk-billing-system-bypass
X-Force URL: http://xforce.iss.net/xforce/xfdb/13512

_____

Risk Factor Key:

     High Security issues that allow immediate remote, or local access
              or immediate execution of code or commands, with unauthorized
              privileges. Examples are most buffer overflows, backdoors,
              default or no password, and bypassing security on firewalls
              or other network components.
     Medium Security issues that have the potential of granting access or
              allowing code execution by means of complex or lengthy exploit
              procedures, or low risk issues applied to major Internet
              components. Examples are cross-site scripting, man-in-the-middle
              attacks, SQL injection, denial of service of major applications,
              and denial of service resulting in system information disclosure
              (such as core files).
     Low Security issues that deny service or provide non-system
              information that could be used to formulate structured attacks
              on a target, but not directly gain unauthorized access. Examples
              are brute force attacks, non-system information disclosure
              (configurations, paths, etc.), and denial of service attacks.

______

About Internet Security Systems (ISS)
Founded in 1994, Internet Security Systems (ISS) (Nasdaq: ISSX) is a
pioneer and world leader in software and services that protect critical
online resources from an ever-changing spectrum of threats and misuse.
Internet Security Systems is headquartered in Atlanta, GA, with
additional operations throughout the Americas, Asia, Australia, Europe
and the Middle East.

Permission is hereby granted for the electronic redistribution of this
document. It is not to be edited or altered in any way without the
express written consent of the Internet Security Systems X-Force. If you
wish to reprint the whole or any part of this document in any other
medium excluding electronic media, please email xforce@iss.net for
permission.

Disclaimer: The information within this paper may change without notice. Internet
Security Systems provides this information on an AS IS basis with NO warranties,
implied or otherwise. Any use of this information is at the user�s risk. In no event
shall Internet Security Systems be held liable for any damages whatsoever arising
out of or in connection with the use or dissemination of this information.

X-Force PGP Key available on MIT's PGP key server and PGP.com's key server,
as well as at http://xforce.iss.net/xforce/sensitive.php

Please send suggestions, updates, and comments to: X-Force

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBP510njRfJiV99eG9AQEeugP/SP2FlfepmrVAL0A9iYsSsltwOQI61ew0
4BQ7C5bd33mUiHCYUNbByQ0SWnICpBFQY0hpGKH6vbKDOQXcVhm8tCxnUgfJY0yL
IzEfhBAkqpwE3Vvv1OvOyYvM2htPvMqOZ7psKPqiD1vkVkKsWSeOjwiLCMceDGue
AskVwIP9e1c=
=BZAt
-----END PGP SIGNATURE-----

Previous message: X-Force: "ISS Security Alert Summary AS03-42"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]