ISS Security Alert Summary AS03-46

From: X-Force (xforce_at_iss.net)
Date: 11/17/03

  • Next message: X-Force: "ISS Security Alert Summary AS03-47"
    To: alert@iss.net
    Date: Mon, 17 Nov 2003 13:55:47 -0500 (EST)
    
    

    -----BEGIN PGP SIGNED MESSAGE-----

    Internet Security Systems Security Alert Summary AS03-46
    November 17, 2003

    X-Force Vulnerability and Threat Database:
    http://xforce.iss.net/

    To receive these Alert Summaries, as well as other Alerts and
    Advisories, subscribe to the Internet Security Systems Alert
    mailing list at:
    https://atla-mm1.iss.net/mailman/listinfo/alert

    This summary is available at the following address:
    http://xforce.iss.net/xforce/alerts/id/AS03-46
    _____
    Contents:
    * 51 Reported Vulnerabilities
    * Risk Factor Key
    _____

    Date Reported: 11/10/2003
    Brief Description: HylaFAX format string attack
    Risk Factor: High
    Attack Type: Network Based
    Platforms: Debian Linux 3.0, HylaFAX 4.1.7, Mandrake Linux
                        9.0, Mandrake Linux 9.1, Mandrake Linux 9.2,
                        Mandrake Linux Corporate Server 2.1, SuSE Linux
                        7.3, SuSE Linux 8.0, SuSE Linux 8.1, SuSE Linux
                        8.2, SuSE Linux 9.0, SuSE Linux Standard Server 8,
                        SuSE Linux Desktop 1.0, SuSE Linux Enterprise
                        Server 7, SuSE Linux Office Server Any version
    Vulnerability: hylafax-format-string
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13642

    Date Reported: 11/08/2003
    Brief Description: SimpleWebServer "dot dot dot" directory traversal
    Risk Factor: Medium
    Attack Type: Host Based / Network Based
    Platforms: SimpleWebServer 2.13.31027Build 3289, Windows Any
                        version
    Vulnerability: simplewebserver-directory-traversal
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13643

    Date Reported: 11/09/2003
    Brief Description: nCUBE Server Manager "dot dot" directory traversal
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: nCUBE 1.0, Windows Any version
    Vulnerability: ncube-dotdot-directory-traversal
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13645

    Date Reported: 11/09/2003
    Brief Description: Overkill $HOME environment variable buffer overflow
    Risk Factor: High
    Attack Type: Host Based
    Platforms: Linux Any version, OS/2 Any version, Overkill 0.16,
                        Windows Any version
    Vulnerability: overkill-home-bo
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13646

    Date Reported: 11/10/2003
    Brief Description: Eudora From or Reply to header buffer overflow
    Risk Factor: High
    Attack Type: Network Based
    Platforms: Eudora 5.1-J, Eudora 5.2.0.9, Eudora 5.2.1, Windows
                        Any version
    Vulnerability: eudora-from-replyto-bo
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13647

    Date Reported: 11/09/2003
    Brief Description: DailyDose dose.pl could allow an attacker to view
                        files
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: DailyDose 1.1, Unix Any version, Windows NT Any
                        version
    Vulnerability: daily-dose-view-files
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13648

    Date Reported: 11/10/2003
    Brief Description: Bugzilla Web feature could allow an attacker to
                        obtain information
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Bugzilla 2.17.5, Linux Any version, Unix Any
                        version, Windows Any version
    Vulnerability: bugzilla-feature-obtain-information
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13650

    Date Reported: 11/09/2003
    Brief Description: UnAce invalid file name request buffer overflow
    Risk Factor: Low
    Attack Type: Host Based
    Platforms: Linux Any version, UnAce 2.2
    Vulnerability: unace-invalid-file-bo
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13653

    Date Reported: 11/11/2003
    Brief Description: omega-rpg buffer overflow
    Risk Factor: High
    Attack Type: Host Based
    Platforms: Debian Linux 3.0, omega-rpg prior to 0.90-pa9-7
    Vulnerability: omega-rpg-bo
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13654

    Date Reported: 11/11/2003
    Brief Description: wmapm system call privilege escalation
    Risk Factor: High
    Attack Type: Host Based
    Platforms: Linux Any version, wmapm 3.1
    Vulnerability: wmapm-system-privilege-escalation
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13655

    Date Reported: 11/10/2003
    Brief Description: PDT 8100 Series allows access using default WiFI
                        keys and shared secret
    Risk Factor: High
    Attack Type: Host Based
    Platforms: Palm OS Home, Pocket PC Any version, Windows CE
    Vulnerability: pdt8100series-gain-access
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13656

    Date Reported: 11/11/2003
    Brief Description: Microsoft FrontPage Server Extensions debug buffer
                        overflow
    Risk Factor: High
    Attack Type: Network Based
    Platforms: Microsoft FrontPage Server Extensions 2000,
                        Microsoft FrontPage Server Extensions 2002,
                        Microsoft Office XP, Windows 2000 SP2, Windows 2000
                        SP3, Windows XP Any version
    Vulnerability: fpse-debug-bo
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13674

    Date Reported: 11/11/2003
    Brief Description: Microsoft Internet Explorer ExecCommand zone bypass
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Microsoft Internet Explorer 5.01, Microsoft
                        Internet Explorer 5.5, Microsoft Internet Explorer
                        6.0, Windows Any version
    Vulnerability: ie-execcommand-zone-bypass
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13675

    Date Reported: 11/11/2003
    Brief Description: Microsoft Internet Explorer function pointer
                        override zone bypass
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Microsoft Internet Explorer 5.01, Microsoft
                        Internet Explorer 5.5, Microsoft Internet Explorer
                        6.0, Windows Any version
    Vulnerability: ie-pointer-zone-bypass
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13676

    Date Reported: 11/11/2003
    Brief Description: Microsoft Internet Explorer script URLs zone bypass
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Microsoft Internet Explorer 5.01, Microsoft
                        Internet Explorer 5.5, Microsoft Internet Explorer
                        6.0, Windows Any version
    Vulnerability: ie-script-zone-bypass
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13677

    Date Reported: 11/11/2003
    Brief Description: Microsoft Internet Explorer XML object could allow
                        an attacker to obtain information
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Microsoft Internet Explorer 5.01, Microsoft
                        Internet Explorer 5.5, Microsoft Internet Explorer
                        6.0, Windows Any version
    Vulnerability: ie-xml-obain-info
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13678

    Date Reported: 11/11/2003
    Brief Description: Microsoft Internet Explorer drag and drop could
                        allow an attacker to save file to local system
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Microsoft Internet Explorer 5.01, Microsoft
                        Internet Explorer 5.5, Microsoft Internet Explorer
                        6.0, Windows Any version
    Vulnerability: ie-dragdrop-file-save
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13679

    Date Reported: 11/11/2003
    Brief Description: Microsoft FrontPage Server Extensions SmartHTML
                        Interpreter denial of service
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Microsoft FrontPage Server Extensions 2000,
                        Microsoft FrontPage Server Extensions 2002,
                        Microsoft Office XP, Windows 2000 SP2, Windows 2000
                        SP3, Windows XP Any version
    Vulnerability: fpse-smarthtml-dos
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13680

    Date Reported: 11/11/2003
    Brief Description: Microsoft Excel macro allows attacker to execute
                        code
    Risk Factor: High
    Attack Type: Network Based
    Platforms: Microsoft Excel 2000, Microsoft Excel 2002,
                        Microsoft Excel 97, Windows Any version
    Vulnerability: excel-macro-execute-code
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13681

    Date Reported: 11/11/2003
    Brief Description: PHP-Coolfile action.php script allows unauthorized
                        administrative access
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: PHP-Coolfile 1.4, Unix Any version
    Vulnerability: phpcoolfile-action-admin-access
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13683

    Date Reported: 11/12/2003
    Brief Description: Cerberus FTP Server unspecified buffer overflow
    Risk Factor: High
    Attack Type: Network Based
    Platforms: Cerberus FTP Server 2.x, Windows Any version
    Vulnerability: cerberus-ftp-server-bo
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13713

    Date Reported: 11/11/2003
    Brief Description: tsworks attachment buffer overflow
    Risk Factor: High
    Attack Type: Network Based
    Platforms: tsworks 3.0, Windows Any version
    Vulnerability: tsworks-attachment-bo
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13728

    Date Reported: 11/12/2003
    Brief Description: Eudora email with Attachment Converted line denial
                        of service
    Risk Factor: Low
    Attack Type: Network Based
    Platforms: Eudora prior to 6.0.1, Windows Any version
    Vulnerability: eudora-email-attachmentconverted-dos
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13732

    Date Reported: 11/12/2003
    Brief Description: Eudora allows attacker to obtain information in
                        email attachments and images
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Eudora prior to 6.0.1, Windows Any version
    Vulnerability: eudora-email-obtain-information
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13734

    Date Reported: 11/12/2003
    Brief Description: Nokia Network Voyager log file cross-site scripting
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Nokia IPSO 3.5, Nokia IPSO 3.6, Nokia IPSO 3.7
    Vulnerability: nokianetworkvoyager-log-file-xss
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13737

    Date Reported: 11/12/2003
    Brief Description: Opera "dot dot" directory traversal
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Linux Any version, Opera 7.21 and earlier, Windows
                        Any version
    Vulnerability: opera-dotdot-directory-traversal
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13738

    Date Reported: 11/12/2003
    Brief Description: Opera MIME types automatic file download
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Linux Any version, Opera 7.21 and earlier, Windows
                        Any version
    Vulnerability: opera-mime-file-download
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13739

    Date Reported: 11/11/2003
    Brief Description: Sun Cobalt RaQ information disclosure
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Cobalt RaQ 550
    Vulnerability: colbalt-raq-obtain-information
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13740

    Date Reported: 11/11/2003
    Brief Description: Clam AntiVirus "Mail From:" field format string
                        attack
    Risk Factor: High
    Attack Type: Network Based
    Platforms: Clam AntiVirus 0.60 through 0.60p, Linux Any
                        version, Unix Any version
    Vulnerability: clam-antivirus-format-string
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13741

    Date Reported: 11/12/2003
    Brief Description: Fortigate administrative interface cross-site
                        scripting can disclose admin password
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Fortigate prior to 2.50 MR4
    Vulnerability: fortigate-admin-interface-xss
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13742

    Date Reported: 11/12/2003
    Brief Description: MyServer GET resource name buffer overflow
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Linux Any version, MyServer 0.5, Windows Any
                        version
    Vulnerability: myserver-get-resource-bo
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13743

    Date Reported: 11/10/2003
    Brief Description: Gaim g_get_user_name function could disclose
                        username
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Gaim 0.72, Linux Any version, Windows Any version
    Vulnerability: gaim-ggetusername-username-disclosure
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13744

    Date Reported: 11/13/2003
    Brief Description: WebLogic proxy plug-in causes denial of service
    Risk Factor: Low
    Attack Type: Network Based
    Platforms: AIX 4.3.3, HP-UX 11.00, HP-UX 11i, Red Hat Linux
                        for Intel Pentium, Solaris 2.6, Solaris 2.7,
                        Solaris 8, WebLogic Server and Express 6.1,
                        WebLogic Server and Express 7.0, WebLogic Server
                        and Express 8.1, Windows 2000 Any version, Windows
                        2000 Professional, Windows NT 4.0, Windows XP Any
                        version
    Vulnerability: weblogic-proxy-plugin-dos
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13745

    Date Reported: 11/13/2003
    Brief Description: PeopleSoft PeopleTools IScript cross-site scripting
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: PeopleSoft PeopleTools 8.43 and earlier, Windows
                        2000 Any version, Windows NT Any version
    Vulnerability: peoplesoft-iscript-xss
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13746

    Date Reported: 11/13/2003
    Brief Description: BEA WebLogic Server and Express using the T3S
                        protocol allows network monitoring to obtain
                        information
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: AIX 4.3.3, HP-UX 11.00, HP-UX 11i, Red Hat Linux
                        for Intel Pentium, Solaris 2.6, Solaris 2.7,
                        Solaris 8, WebLogic Server and Express 7.0,
                        WebLogic Server and Express 7.0.0.1, WebLogic
                        Server and Express 8.1, Windows 2000 Any version,
                        Windows 2000 Professional, Windows NT 4.0, Windows
                        XP Any version
    Vulnerability: weblogic-t3s-obtain-information
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13747

    Date Reported: 11/11/2003
    Brief Description: Caldera UnixWare and OpenUnix procfs descriptors
                        allows attacker to gain privileges
    Risk Factor: High
    Attack Type: Host Based
    Platforms: Caldera OpenUnix 8.0.0, Caldera UnixWare 7.1.1,
                        Caldera UnixWare 7.1.3
    Vulnerability: unixware-procfs-gain-privileges
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13748

    Date Reported: 11/13/2003
    Brief Description: BEA WebLogic malicious data causes denial of
                        service of Node Manager
    Risk Factor: Low
    Attack Type: Network Based
    Platforms: AIX 4.3.3, HP-UX 11.00, HP-UX 11i, Red Hat Linux
                        for Intel Pentium, Solaris 2.6, Solaris 2.7,
                        Solaris 8, WebLogic Server and Express 6.1,
                        WebLogic Server and Express 7.0, WebLogic Server
                        and Express 7.0.0.1, WebLogic Server and Express
                        8.1, Windows 2000 Any version, Windows 2000
                        Professional, Windows NT 4.0, Windows XP Any
                        version
    Vulnerability: weblogic-node-manager-dos
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13749

    Date Reported: 11/13/2003
    Brief Description: BEA WebLogic foreign Java Messaging Service
                        provider password is stored in plain text
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: AIX 4.3.3, HP-UX 11.00, HP-UX 11i, Red Hat Linux
                        for Intel Pentium, Solaris 2.6, Solaris 2.7,
                        Solaris 8, WebLogic Server and Express 8.1, Windows
                        2000 Any version, Windows 2000 Professional,
                        Windows NT 4.0, Windows XP Any version
    Vulnerability: weblogic-foreignjms-plaintext-password
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13750

    Date Reported: 11/12/2003
    Brief Description: Multiple vendor programs Netlink interface spoofed
                        message denial of service
    Risk Factor: Low
    Attack Type: Host Based
    Platforms: Red Hat Advanced Workstation 2.1, Red Hat
                        Enterprise Linux 2.1AS, Red Hat Enterprise Linux
                        2.1ES, Red Hat Enterprise Linux 2.1WS, Red Hat
                        Enterprise Linux 3AS, Red Hat Enterprise Linux 3ES,
                        Red Hat Enterprise Linux 3WS, Red Hat Linux 7.1,
                        Red Hat Linux 7.2, Red Hat Linux 7.3, Red Hat Linux
                        8.0, Red Hat Linux 9
    Vulnerability: netlink-interface-spoofed-dos
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13751

    Date Reported: 11/13/2003
    Brief Description: BEA WebLogic MBeanHome allows attacker to obtain
                        configuration information
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: AIX 4.3.3, HP-UX 11.00, HP-UX 11i, Red Hat Linux
                        for Intel Pentium, Solaris 2.6, Solaris 2.7,
                        Solaris 8, WebLogic Server and Express 6.1,
                        WebLogic Server and Express 7.0, WebLogic Server
                        and Express 8.1, Windows 2000 Any version, Windows
                        2000 Professional, Windows NT 4.0, Windows XP Any
                        version
    Vulnerability: weblogic-mbeanhome-obtain-information
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13752

    Date Reported: 11/13/2003
    Brief Description: PeopleSoft gateway.administration servlet path
                        disclosure
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: PeopleSoft PeopleTools 8.43 and earlier, Windows
                        2000 Any version, Windows NT Any version
    Vulnerability: peoplesoft-servlet-path-disclosure
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13753

    Date Reported: 11/13/2003
    Brief Description: PeopleSoft PeopleTools Search CGI application
                        directory traversal or denial of service
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: PeopleSoft PeopleTools 8.43 and earlier, Windows
                        2000 Any version, Windows NT Any version
    Vulnerability: peoplesoft-searchcgi-directory-traversal
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13754

    Date Reported: 11/13/2003
    Brief Description: Symantec pcAnywhere help interface allows attacker
                        to gain SYSTEM privileges
    Risk Factor: High
    Attack Type: Host Based
    Platforms: pcAnywhere 10.x, pcAnywhere 11.x, Windows Any
                        version
    Vulnerability: pcanywhere-help-gain-privileges
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13755

    Date Reported: 11/13/2003
    Brief Description: WebWasher Classic proxy port cross-site scripting
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: WebWasher 3.3Build44 and 2.2.1, Windows Any version
    Vulnerability: webwasher-classic-proxy-port-xss
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13756

    Date Reported: 11/12/2003
    Brief Description: HP-UX parmgr fails to properly validate
                        certificates
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: HP-UX 11.23
    Vulnerability: hp-parmgr-improper-validation
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13757

    Date Reported: 11/13/2003
    Brief Description: Zebra telnet management service denial of service
    Risk Factor: Low
    Attack Type: Network Based
    Platforms: Quagga prior to 0.96.4, Red Hat Linux 7.2, Red Hat
                        Linux 7.3, Red Hat Linux 8.0, Red Hat Linux 9,
                        Zebra Any version
    Vulnerability: zebra-telnet-mngmt-dos
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13758

    Date Reported: 11/13/2003
    Brief Description: Web Wiz Forums register_new_user.asp and
                        register.asp cross-site scripting
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Web Wiz Forums 7.01, Windows Any version
    Vulnerability: webwizforums-register-xss
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13759

    Date Reported: 11/11/2003
    Brief Description: Sun JRE/SDK ServerSocket.accept could allow
                        untrusted Applet to accept connections
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Sun JDK 1.1.x, Sun JRE 1.1.x
    Vulnerability: sun-serverSocketaccept-accept-connection
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13760

    Date Reported: 11/14/2003
    Brief Description: PHPlist PHP file include
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Any application Any version, PHPlist 2.6.2 and
                        earlier
    Vulnerability: phplist-php-file-include
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13761

    Date Reported: 11/17/2003
    Brief Description: minimalist command execution
    Risk Factor: High
    Attack Type: Network Based
    Platforms: Debian Linux 3.0, minimalist prior to 2.4-1
    Vulnerability: minimalist-command-execution
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13762

    Date Reported: 11/16/2003
    Brief Description: AutoIndex PHP Script ?dir cross-site scripting
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Any application Any version, AutoIndex PHP Script
                        1.2.3
    Vulnerability: autoindex-dir-xss
    X-Force URL: http://xforce.iss.net/xforce/xfdb/13763

    _____

    Risk Factor Key:

         High Security issues that allow immediate remote, or local access
                  or immediate execution of code or commands, with unauthorized
                  privileges. Examples are most buffer overflows, backdoors,
                  default or no password, and bypassing security on firewalls
                  or other network components.
         Medium Security issues that have the potential of granting access or
                  allowing code execution by means of complex or lengthy exploit
                  procedures, or low risk issues applied to major Internet
                  components. Examples are cross-site scripting, man-in-the-middle
                  attacks, SQL injection, denial of service of major applications,
                  and denial of service resulting in system information disclosure
                  (such as core files).
         Low Security issues that deny service or provide non-system
                  information that could be used to formulate structured attacks
                  on a target, but not directly gain unauthorized access. Examples
                  are brute force attacks, non-system information disclosure
                  (configurations, paths, etc.), and denial of service attacks.

    ______

    About Internet Security Systems (ISS)
    Founded in 1994, Internet Security Systems (ISS) (Nasdaq: ISSX) is a
    pioneer and world leader in software and services that protect critical
    online resources from an ever-changing spectrum of threats and misuse.
    Internet Security Systems is headquartered in Atlanta, GA, with
    additional operations throughout the Americas, Asia, Australia, Europe
    and the Middle East.

    Copyright (c) 2003 Internet Security Systems, Inc. All rights reserved
    worldwide.

    Permission is hereby granted for the electronic redistribution of this
    document. It is not to be edited or altered in any way without the
    express written consent of the Internet Security Systems X-Force. If you
    wish to reprint the whole or any part of this document in any other
    medium excluding electronic media, please email xforce@iss.net for
    permission.

    Disclaimer: The information within this paper may change without notice. Internet
    Security Systems provides this information on an AS IS basis with NO warranties,
    implied or otherwise. Any use of this information is at the userís risk. In no event
    shall Internet Security Systems be held liable for any damages whatsoever arising
    out of or in connection with the use or dissemination of this information.

    X-Force PGP Key available on MIT's PGP key server and PGP.com's key server,
    as well as at http://xforce.iss.net/xforce/sensitive.php

    Please send suggestions, updates, and comments to: X-Force

    -----BEGIN PGP SIGNATURE-----
    Version: 2.6.2

    iQCVAwUBP7kVfTRfJiV99eG9AQHuxQP/bHhmMvL1mnprnOaGPhJ0va/9ssHksTmS
    Z32ma0KvRfzdif4ROVGGScTHPGMCLArdLVpW3rNT8Q4d//pGAxao4mUdGb+GIfX9
    xyej3lBNLB73mkotBquwCHFjipzLihHGpUsNrrr9vfFEyoSpIQVu4fd9X2RaM78e
    r991sGBuHC4=
    =Ol2f
    -----END PGP SIGNATURE-----


  • Next message: X-Force: "ISS Security Alert Summary AS03-47"