ISS Security Alert Summary AS04-06
From: X-Force (xforce_at_iss.net)
Date: 02/09/04
- Previous message: X-Force: "ISS Security Brief: Checkpoint VPN-1/SecureClient ISAKMP Buffer Overflow"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: alert@iss.net Date: Mon, 9 Feb 2004 13:45:38 -0500 (EST)
-----BEGIN PGP SIGNED MESSAGE-----
Internet Security Systems Security Alert Summary AS04-06
February 09, 2004
X-Force Vulnerability and Threat Database:
http://xforce.iss.net/
To receive these Alert Summaries, as well as other Alerts and
Advisories, subscribe to the Internet Security Systems Alert
mailing list at:
https://atla-mm1.iss.net/mailman/listinfo/alert
This summary is available at the following address:
http://xforce.iss.net/xforce/alerts/id/AS04-06
_____
Contents:
* 55 Reported Vulnerabilities
* Risk Factor Key
_____
Date Reported: 01/30/2004
Brief Description: Solaris tcsetattr function denial of service
Risk Factor: Low
Attack Type: Host Based
Platforms: Solaris 2.6, Solaris 7, Solaris 8
Vulnerability: solaris-tcsetattr-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/14998
Date Reported: 02/01/2004
Brief Description: Overkill client has multiple buffer overflows
Risk Factor: High
Attack Type: Host Based
Platforms: Linux Any version, OS/2 Any version, Overkill
0.15pre3 and earlier, Windows Any version
Vulnerability: overkill-client-multiple-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/14999
Date Reported: 02/01/2004
Brief Description: Overkill server parse_command_line buffer overflow
Risk Factor: High
Attack Type: Host Based
Platforms: Linux Any version, OS/2 Any version, Overkill
0.15pre3 and earlier, Windows Any version
Vulnerability: overkill-server-parsecommandline-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/15000
Date Reported: 02/02/2004
Brief Description: SurgeFTP Web interface denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Any operating system Any version, SurgeFTP Server
2.2k1
Vulnerability: surgeftp-web-interface-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/15001
Date Reported: 02/02/2004
Brief Description: BaSoMail Server multiple connection denial of
service
Risk Factor: Low
Attack Type: Network Based
Platforms: BaSoMail Server 1.24, Windows Any version
Vulnerability: basomail-multiple-connection-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/15002
Date Reported: 02/02/2004
Brief Description: Application Access Server Long HTTP Request Denial
of Service
Risk Factor: Low
Attack Type: Network Based
Platforms: A-A-S Application Access Server 1.0.37, Windows Any
version
Vulnerability: aas-longhttp-request-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/15003
Date Reported: 02/02/2004
Brief Description: Caravan Business Server sample_showcode directory
traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms: Caravan 2.00/03d, Linux Any version, OS/2 Any
version, Windows Any version
Vulnerability: caravan-dotdot-directory-traveral
X-Force URL: http://xforce.iss.net/xforce/xfdb/15004
Date Reported: 01/30/2004
Brief Description: FreeBSD mksnap_ffs security bypass
Risk Factor: Medium
Attack Type: Host Based
Platforms: FreeBSD 5.1-RELEASE, FreeBSD 5.2-RELEASE
Vulnerability: freebsd-mksnapffs-bypass-security
X-Force URL: http://xforce.iss.net/xforce/xfdb/15005
Date Reported: 01/30/2004
Brief Description: thePHOTOtool login.asp script SQL injection
Risk Factor: Medium
Attack Type: Network Based
Platforms: thePHOTOtool Any version, Windows 2000 Any version,
Windows NT Any version
Vulnerability: thephototool-login-sql-injection
X-Force URL: http://xforce.iss.net/xforce/xfdb/15007
Date Reported: 02/03/2004
Brief Description: PhotoPost PHP Pro SQL injection
Risk Factor: Medium
Attack Type: Network Based
Platforms: Any operating system Any version, PhotoPost PHP Pro
4.6 and earlier
Vulnerability: photopostphp-sql-injection
X-Force URL: http://xforce.iss.net/xforce/xfdb/15008
Date Reported: 02/02/2004
Brief Description: iSearch isearch.inc.php script PHP file include
Risk Factor: Medium
Attack Type: Network Based
Platforms: iSearch Any version, Linux Any version, Unix Any
version, Windows Any version
Vulnerability: isearch-isearchincphp-file-include
X-Force URL: http://xforce.iss.net/xforce/xfdb/15009
Date Reported: 02/03/2004
Brief Description: Les Commentaires multiple PHP file include
Risk Factor: Medium
Attack Type: Network Based
Platforms: Les Commentaires 2.0, Windows Any version
Vulnerability: lescommentaires-multiple-file-include
X-Force URL: http://xforce.iss.net/xforce/xfdb/15010
Date Reported: 01/30/2004
Brief Description: ChatterBox denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Any operating system Any version, ChatterBox 2.0
Vulnerability: chatterbox-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/15011
Date Reported: 02/01/2004
Brief Description: suidperl information disclosure
Risk Factor: Medium
Attack Type: Host Based
Platforms: Debian Linux 3.0, Linux Any version, suidperl Any
version, Unix Any version
Vulnerability: suidperl-obtain-information
X-Force URL: http://xforce.iss.net/xforce/xfdb/15012
Date Reported: 02/03/2004
Brief Description: Cisco 6000, 6500, and 7600 series systems frame
containing a packet denial of service
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms: Cisco 6000 Any version, Cisco 6500 Any version,
Cisco 7600 Any version
Vulnerability: cisco-malformed-frame-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/15013
Date Reported: 01/31/2004
Brief Description: Aprox PHP portal index.php script directory
traversal
Risk Factor: Low
Attack Type: Network Based
Platforms: Any operating system Any version, Aprox PHP Portal
Any version
Vulnerability: aproxphpportal-index-directory-traversal
X-Force URL: http://xforce.iss.net/xforce/xfdb/15014
Date Reported: 01/31/2004
Brief Description: Apache httpd server httpd.conf could allow a local
user to bypass restrictions
Risk Factor: Medium
Attack Type: Host Based
Platforms: Apache HTTP Server 2.0.47 and earlier, Red Hat
Linux Any version, Windows XP Any version
Vulnerability: apache-httpd-bypass-restriction
X-Force URL: http://xforce.iss.net/xforce/xfdb/15015
Date Reported: 02/03/2004
Brief Description: util-linux information leak
Risk Factor: Medium
Attack Type: Host Based
Platforms: Red Hat Advanced Workstation 2.1, Red Hat
Enterprise Linux 2.1AS, Red Hat Enterprise Linux
2.1ES, Red Hat Enterprise Linux 2.1WS
Vulnerability: utillinux-information-leak
X-Force URL: http://xforce.iss.net/xforce/xfdb/15016
Date Reported: 02/03/2004
Brief Description: GNU Libtool creates insecure temporary directory
Risk Factor: Medium
Attack Type: Host Based
Platforms: Conectiva Linux 8.0, Conectiva Linux 9.0, GNU
Libtool prior to 1.5.2, Linux Any version
Vulnerability: libtool-insecure-temp-directory
X-Force URL: http://xforce.iss.net/xforce/xfdb/15017
Date Reported: 02/02/2004
Brief Description: Forum Web Server post1.htm or postfile2.htm scripts
cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Forum Web Server 1.6 and earlier, Windows Any
version
Vulnerability: forumwebserver-multiple-xss
X-Force URL: http://xforce.iss.net/xforce/xfdb/15018
Date Reported: 02/03/2004
Brief Description: Web Blog file parameter command execution
Risk Factor: High
Attack Type: Network Based
Platforms: Any operating system Any version, Web Blog 1.1.5
Vulnerability: webblog-file-command-execution
X-Force URL: http://xforce.iss.net/xforce/xfdb/15019
Date Reported: 02/03/2004
Brief Description: Tunez multiple SQL injection
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Tunez prior to 1.20-pre2, Unix
Any version
Vulnerability: tunez-multiple-sql-injection
X-Force URL: http://xforce.iss.net/xforce/xfdb/15020
Date Reported: 02/03/2004
Brief Description: phpMyAdmin "dot dot" Directory Traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, phpMyAdmin 2.5.5-pl1 and prior,
Unix Any version, Windows Any version
Vulnerability: phpmyadmin-dotdot-directory-traversal
X-Force URL: http://xforce.iss.net/xforce/xfdb/15021
Date Reported: 02/03/2004
Brief Description: Web Crossing Content-Length header denial of
service
Risk Factor: Low
Attack Type: Network Based
Platforms: Any operating system Any version, Web Crossing 4.0,
Web Crossing 5.0
Vulnerability: webcrossing-contentlength-post-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/15022
Date Reported: 02/02/2004
Brief Description: Gbook message HTML injection
Risk Factor: Medium
Attack Type: Network Based
Platforms: GBook 1.0, Linux Any version, Unix Any version,
Windows Any version
Vulnerability: gbook-message-html-injection
X-Force URL: http://xforce.iss.net/xforce/xfdb/15027
Date Reported: 02/03/2004
Brief Description: Crob FTP Server dir directory traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms: Crob FTP Server 3.5.1, Windows Any version
Vulnerability: crob-dir-directory-traversal
X-Force URL: http://xforce.iss.net/xforce/xfdb/15028
Date Reported: 01/30/2004
Brief Description: BugPort sensitive information exposure
Risk Factor: Medium
Attack Type: Network Based
Platforms: Any operating system Any version, BugPort prior to
1.099
Vulnerability: bugport-obtain-information
X-Force URL: http://xforce.iss.net/xforce/xfdb/15030
Date Reported: 02/03/2004
Brief Description: Chaser memory denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Chaser 1.50 and earlier, Windows Any version
Vulnerability: chaser-memory-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/15031
Date Reported: 02/03/2004
Brief Description: Linley's Dungeon Crawl long environment variable
buffer overflow
Risk Factor: High
Attack Type: Host Based
Platforms: Debian Linux 3.0, Linley's Dungeon Crawl prior to
4.0.0 b23
Vulnerability: crawl-long-environment-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/15032
Date Reported: 02/03/2004
Brief Description: X-Cart "dot dot" directory traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Unix Any version, Windows Any
version, X-Cart 3.4.3
Vulnerability: xcart-dotdot-directory-traversal
X-Force URL: http://xforce.iss.net/xforce/xfdb/15033
Date Reported: 02/03/2004
Brief Description: X-Cart perl_binary variable command execution
Risk Factor: High
Attack Type: Network Based
Platforms: Linux Any version, Unix Any version, Windows Any
version, X-Cart 3.4.3
Vulnerability: xcart-perlbinary-execute-commands
X-Force URL: http://xforce.iss.net/xforce/xfdb/15034
Date Reported: 02/04/2004
Brief Description: ReviewPost PHP Pro showproduct.php and showcat.php
script SQL injection
Risk Factor: Medium
Attack Type: Network Based
Platforms: Any operating system Any version, ReviewPost Pro
Any version
Vulnerability: reviewpostpro-showproduct-sql-injection
X-Force URL: http://xforce.iss.net/xforce/xfdb/15035
Date Reported: 02/04/2004
Brief Description: X-Cart general.php information disclosure
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Unix Any version, Windows Any
version, X-Cart 3.4.3
Vulnerability: xcart-generalphp-obtain-information
X-Force URL: http://xforce.iss.net/xforce/xfdb/15036
Date Reported: 02/04/2004
Brief Description: RealOne Player multiple file buffer overflows
Risk Factor: High
Attack Type: Network Based
Platforms: Any operating system Any version, RealOne
Enterprise Desktop Any version, RealOne Player 1.0,
RealOne Player 2.0
Vulnerability: realoneplayer-multiple-file-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/15040
Date Reported: 02/03/2004
Brief Description: Basic Security Module (BSM) functionality is
impaired by the removal of the SUNWscpu package
Risk Factor: Low
Attack Type: Host Based
Platforms: Solaris 7 SPARC, Solaris 7 x86, Solaris 8 SPARC,
Solaris 8 x86, Solaris 9 SPARC, Solaris 9 x86
Vulnerability: solaris-bsm-sunwscpu-weak-security
X-Force URL: http://xforce.iss.net/xforce/xfdb/15042
Date Reported: 02/04/2004
Brief Description: RxGoogle query cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: RxGoogle Any version, Unix Any version
Vulnerability: rxgoogle-query-xss
X-Force URL: http://xforce.iss.net/xforce/xfdb/15043
Date Reported: 02/04/2004
Brief Description: OpenBSD IPv6 packet denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: OpenBSD 3.4
Vulnerability: openbsd-ipv6-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/15044
Date Reported: 02/04/2004
Brief Description: Linux kernel 2.4.x ixj telephony card driver buffer
overflow
Risk Factor: Low
Attack Type: Network Based
Platforms: Linux kernel prior to 2.4.20, Red Hat Enterprise
Linux 2.1AS, Red Hat Enterprise Linux 2.1ES, Red
Hat Enterprise Linux 2.1WS
Vulnerability: linux-ixj-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/15045
Date Reported: 02/04/2004
Brief Description: GNU Radius rad_print_request denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms: Any operating system Any version, GNU Radius 1.1
Vulnerability: radius-radprintrequest-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/15046
Date Reported: 02/04/2004
Brief Description: TYPSoft FTP Server empty username denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: TYPSoft FTP Server 1.10, Windows Any version
Vulnerability: typsoft-empty-username-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/15048
Date Reported: 02/03/2004
Brief Description: PHPX subject HTML injection
Risk Factor: Medium
Attack Type: Network Based
Platforms: BSD Any version, Linux Any version, PHPX 3.2.3,
Solaris Any version
Vulnerability: phpx-subject-html-injection
X-Force URL: http://xforce.iss.net/xforce/xfdb/15050
Date Reported: 02/03/2004
Brief Description: PHPX main.inc.php and help.inc.php cross-site
scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: BSD Any version, Linux Any version, PHPX 3.2.3,
Solaris Any version
Vulnerability: phpx-main-help-xss
X-Force URL: http://xforce.iss.net/xforce/xfdb/15051
Date Reported: 02/03/2004
Brief Description: PHPX could allow an attacker to modify cookie to
hijack another user's account
Risk Factor: Medium
Attack Type: Network Based
Platforms: BSD Any version, Linux Any version, PHPX 3.2.3,
Solaris Any version
Vulnerability: phpx-cookie-account-hijacking
X-Force URL: http://xforce.iss.net/xforce/xfdb/15052
Date Reported: 02/02/2004
Brief Description: Microsoft Windows XP and Windows Server 2003
smbmount Linux client denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms: Windows 2003 Server, Windows XP Any version
Vulnerability: win-linux-smbmount-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/15057
Date Reported: 01/31/2004
Brief Description: SqWebMail login error information disclosure
Risk Factor: Low
Attack Type: Network Based
Platforms: Linux Any version, SqWebMail Any version, Unix Any
version
Vulnerability: sqwebmail-login-info-disclosure
X-Force URL: http://xforce.iss.net/xforce/xfdb/15058
Date Reported: 02/05/2004
Brief Description: Oracle Database Server multiple functions buffer
overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Oracle9i Database Server Release 2 prior to
9.2.0.3, Unix Any version, Windows Any version
Vulnerability: oracle-multiple-function-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/15060
Date Reported: 02/05/2004
Brief Description: Multiple vendor BSD platforms allows elevated
privileges
Risk Factor: High
Attack Type: Host Based
Platforms: FreeBSD Any version, NetBSD Any version, OpenBSD
3.x
Vulnerability: bsd-shmat-gain-privileges
X-Force URL: http://xforce.iss.net/xforce/xfdb/15061
Date Reported: 02/05/2004
Brief Description: Mambo Itemid parameter cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Mambo Open Source 4.5, Mambo Open Source 4.6, Unix
Any version, Windows 2000 Any version, Windows XP
Any version
Vulnerability: mambo-itemid-xss
X-Force URL: http://xforce.iss.net/xforce/xfdb/15062
Date Reported: 02/06/2004
Brief Description: CactuShop Lite contains a backdoor
Risk Factor: High
Attack Type: Network Based
Platforms: CactuShop Lite Any version, Windows 2000 Server,
Windows NT Any version
Vulnerability: cactushoplite-backdoor
X-Force URL: http://xforce.iss.net/xforce/xfdb/15063
Date Reported: 02/06/2004
Brief Description: Xlight ftp server long string denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Windows Any version, Xlight ftp server 1.52
Vulnerability: xlight-long-string-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/15064
Date Reported: 02/06/2004
Brief Description: Apache-SSL has a default password
Risk Factor: Medium
Attack Type: Network Based
Platforms: Apache-SSL 1.3.28+1.52 -earlier, Apache-SSL
1.3.28+1.52 -earlier, Apache-SSL 1.3.28+1.52 -
earlier, Linux Any version, Windows Any version
Vulnerability: apachessl-default-password
X-Force URL: http://xforce.iss.net/xforce/xfdb/15065
Date Reported: 02/05/2004
Brief Description: Discuz! Board image tag cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Discuz! Board 2.x, Discuz! Board 3.x, Linux Any
version, Unix Any version, Windows Any version
Vulnerability: discuzboard-image-tag-xss
X-Force URL: http://xforce.iss.net/xforce/xfdb/15066
Date Reported: 02/05/2004
Brief Description: IBM Cloudscape SQL injection
Risk Factor: Medium
Attack Type: Network Based
Platforms: IBM Cloudscape 5.1, Windows XP Any version
Vulnerability: cloudscape-sql-injection
X-Force URL: http://xforce.iss.net/xforce/xfdb/15067
Date Reported: 02/06/2004
Brief Description: Novell iChain default TCP port could allow an
attacker to gain access
Risk Factor: Medium
Attack Type: Network Based
Platforms: iChain prior to 2.2 fp 3b, Linux Any version,
Solaris Any version, Unix Any version
Vulnerability: ichain-tcp-gain-access
X-Force URL: http://xforce.iss.net/xforce/xfdb/15068
Date Reported: 02/06/2004
Brief Description: OpenJournal uid could allow an attacker
administrative access
Risk Factor: Medium
Attack Type: Network Based
Platforms: Any operating system Any version, OpenJournal prior
to 2.06
Vulnerability: openjournal-uid-admin-access
X-Force URL: http://xforce.iss.net/xforce/xfdb/15069
_____
Risk Factor Key:
High Security issues that allow immediate remote, or local access
or immediate execution of code or commands, with unauthorized
privileges. Examples are most buffer overflows, backdoors,
default or no password, and bypassing security on firewalls
or other network components.
Medium Security issues that have the potential of granting access or
allowing code execution by means of complex or lengthy exploit
procedures, or low risk issues applied to major Internet
components. Examples are cross-site scripting, man-in-the-middle
attacks, SQL injection, denial of service of major applications,
and denial of service resulting in system information disclosure
(such as core files).
Low Security issues that deny service or provide non-system
information that could be used to formulate structured attacks
on a target, but not directly gain unauthorized access. Examples
are brute force attacks, non-system information disclosure
(configurations, paths, etc.), and denial of service attacks.
______
About Internet Security Systems (ISS)
Founded in 1994, Internet Security Systems (ISS) (Nasdaq: ISSX) is a
pioneer and world leader in software and services that protect critical
online resources from an ever-changing spectrum of threats and misuse.
Internet Security Systems is headquartered in Atlanta, GA, with
additional operations throughout the Americas, Asia, Australia, Europe
and the Middle East.
Copyright (c) 2004 Internet Security Systems, Inc. All rights reserved
worldwide.
Permission is hereby granted for the electronic redistribution of this
document. It is not to be edited or altered in any way without the
express written consent of the Internet Security Systems X-Force. If you
wish to reprint the whole or any part of this document in any other
medium excluding electronic media, please email xforce@iss.net for
permission.
Disclaimer: The information within this paper may change without notice. Internet
Security Systems provides this information on an AS IS basis with NO warranties,
implied or otherwise. Any use of this information is at the user's risk. In no event
shall Internet Security Systems be held liable for any damages whatsoever arising
out of or in connection with the use or dissemination of this information.
X-Force PGP Key available on MIT's PGP key server and PGP.com's key server,
as well as at http://xforce.iss.net/xforce/sensitive.php
Please send suggestions, updates, and comments to: X-Force
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBQCfVIDRfJiV99eG9AQEpFQP+I5TBksfA7uoGlmmYz5S1y1rMmn/Kzhka
7UNMtPbAcZuRXUSHB93B25GQ56ITr/kbxELUewvgBXTe0tm2EBGLO25oK8i11F0i
4H7t8Tr7TN7rMfi9vEpiXOQiHWwAaYUXhzQLzf7TwDoBj4bL4bJ0o3c5b8VEfd1C
xtm4vDR1zJ0=
=33KO
-----END PGP SIGNATURE-----
- Previous message: X-Force: "ISS Security Brief: Checkpoint VPN-1/SecureClient ISAKMP Buffer Overflow"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
