ISS Security Alert Summary AS04-11

From: X-Force (xforce_at_iss.net)
Date: 03/15/04

  • Next message: Brito, Nelson (ISS Brazil): "RE: nids for ipv6"
    Date: Mon, 15 Mar 2004 13:47:01 -0500 (EST)
    To: alert@iss.net
    
    

    -----BEGIN PGP SIGNED MESSAGE-----

    Internet Security Systems Security Alert Summary AS04-11
    March 15, 2004

    X-Force Vulnerability and Threat Database:
    http://xforce.iss.net/

    To receive these Alert Summaries, as well as other Alerts and
    Advisories, subscribe to the Internet Security Systems Alert
    mailing list at:
    https://atla-mm1.iss.net/mailman/listinfo/alert

    This summary is available at the following address:
    http://xforce.iss.net/xforce/alerts/id/AS04-11
    _____
    Contents:
    * 46 Reported Vulnerabilities
    * Risk Factor Key
    _____

    Date Reported: 03/09/2004
    Brief Description: Microsoft Windows 2000 Server Windows Media
                        Services denial of service
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Windows 2000 Any version, Windows 2000 Server SP2,
                        Windows 2000 Server SP3, Windows 2000 Server SP4
    Vulnerability: win-media-services-dos
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15038

    Date Reported: 03/05/2004
    Brief Description: VirtuaNews Admin Panel multiple cross-site
                        scripting
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Any operating system Any version, VirtuaNews 1.0.3
                        Pro
    Vulnerability: virtuanews-multiple-xss
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15402

    Date Reported: 03/05/2004
    Brief Description: Invision Power Board cross-site scripting
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Any operating system Any version, Invision Power
                        Board 1.3 Final
    Vulnerability: invision-xss
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15403

    Date Reported: 03/08/2004
    Brief Description: PWebServer dot dot directory traversal
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Any operating system Any version, PWebServer 0.3.3
    Vulnerability: pwebserver-dotdot-directory-traversal
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15404

    Date Reported: 03/05/2004
    Brief Description: SURECOM Web configuration denial of service
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: SURECOM Internet Mini Broadband Router EP-4504AX,
                        SURECOM Wireless Access Point Router EP-9510AX
    Vulnerability: surecom-webconfig-dos
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15405

    Date Reported: 03/05/2004
    Brief Description: NTP integer buffer overflow
    Risk Factor: Low
    Attack Type: Network Based
    Platforms: Linux Any version, NTP prior to 4.0, Unix Any
                        version
    Vulnerability: ntp-integer-bo
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15406

    Date Reported: 03/08/2004
    Brief Description: GNU Automake Makefile.in symlink attack
    Risk Factor: High
    Attack Type: Host Based
    Platforms: GNU Automake prior to 1.8.3, Linux Any version,
                        Unix Any version
    Vulnerability: gnu-automake-makefile-symlink
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15407

    Date Reported: 03/09/2004
    Brief Description: Python getaddrinfo function buffer overflow
    Risk Factor: High
    Attack Type: Network Based
    Platforms: Debian Linux 3.0, Linux Any version, Python 2.2,
                        Python 2.2.1, Unix Any version, Windows Any version
    Vulnerability: python-getaddrinfo-bo
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15409

    Date Reported: 03/02/2004
    Brief Description: ArGoSoft FTP Server SITE ZIP and SITE COPY buffer
                        overflows
    Risk Factor: High
    Attack Type: Network Based
    Platforms: ArGoSoft FTP Server 1.4.1.5 and earlier, Windows
                        Any version
    Vulnerability: argosoftftp-site-bo
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15410

    Date Reported: 03/02/2004
    Brief Description: ArGoSoft FTP Server SITE UNZIP file disclosure
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: ArGoSoft FTP Server 1.4.1.5 and earlier, Windows
                        Any version
    Vulnerability: argosoftftp-unzip-file-disclosure
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15411

    Date Reported: 03/02/2004
    Brief Description: ArGoSoft FTP Server SITE PASS denial of service
    Risk Factor: Low
    Attack Type: Network Based
    Platforms: ArGoSoft FTP Server 1.4.1.5 and earlier, Windows
                        Any version
    Vulnerability: argosoftftp-site-pass-dos
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15412

    Date Reported: 03/06/2004
    Brief Description: Safari Web browser application large array denial
                        of service
    Risk Factor: Low
    Attack Type: Network Based
    Platforms: Mac OS X Any version, Safari 1.2 and earlier
    Vulnerability: safari-array-dos
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15413

    Date Reported: 03/09/2004
    Brief Description: Microsoft Outlook 2002 mailto URL allows execution
                        of code
    Risk Factor: High
    Attack Type: Network Based
    Platforms: Microsoft Office XP SP2, Microsoft Outlook 2002,
                        Windows Any version
    Vulnerability: outlook-mailtourl-execute-code
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15414

    Date Reported: 03/09/2004
    Brief Description: MSN Messenger request view files
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Microsoft MSN Messenger 6.0, Microsoft MSN
                        Messenger 6.1, Windows Any version
    Vulnerability: msn-request-view-files
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15415

    Date Reported: 03/09/2004
    Brief Description: Chat Anywhere bypass administrative features
    Risk Factor: Low
    Attack Type: Network Based
    Platforms: Chat Anywhere prior to 2.72, Windows Any version
    Vulnerability: chat-anywhere-admin-bypass
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15416

    Date Reported: 03/09/2004
    Brief Description: Confixx db_mysql_loeschen2.php SQL injection
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Confixx 2.0.xx, Linux Any version
    Vulnerability: confixx-dbmysqllloeschen2-sql-injection
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15417

    Date Reported: 03/05/2004
    Brief Description: nfs-utils DNS configuration denial of service
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: nfs-utils prior to 1.0.6, Trustix Secure Linux 2.0
    Vulnerability: nfs-utils-dns-dos
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15418

    Date Reported: 03/09/2004
    Brief Description: Apache HTTP Server mod_ssl plain HTTP request
                        denial of service
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Any operating system Any version, Apache HTTP
                        Server 2.0.35 thru 2.0.48
    Vulnerability: apache-modssl-plain-dos
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15419

    Date Reported: 03/09/2004
    Brief Description: IBM DB2 Remote Command Server allows elevated
                        privileges
    Risk Factor: High
    Attack Type: Host Based / Network Based
    Platforms: AIX Any version, IBM DB2 UDB 8.1
    Vulnerability: db2-rcs-gain-privileges
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15420

    Date Reported: 03/05/2004
    Brief Description: Norton AntiVirus 2002 bypass Auto-Protect Engine
    Risk Factor: Medium
    Attack Type: Host Based
    Platforms: Norton AntiVirus 2002, Windows Any version
    Vulnerability: nav-autoprotect-bypass
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15421

    Date Reported: 03/08/2004
    Brief Description: Apache HTTP Server mod_access information
                        disclosure
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Apache HTTP Server 1.3.29 and earlier, Linux Any
                        version, Unix Any version
    Vulnerability: apache-modaccess-obtain-information
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15422

    Date Reported: 03/08/2004
    Brief Description: WU-FTPD bypass restricted-gid option allows
                        unauthorized access
    Risk Factor: High
    Attack Type: Network Based
    Platforms: Debian Linux 3.0, Linux Any version, Red Hat
                        Advanced Workstation 2.1, Red Hat Enterprise Linux
                        2.1AS, Red Hat Enterprise Linux 2.1ES, wu-ftpd 2.x
    Vulnerability: wuftpd-restrictedgid-gain-access
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15423

    Date Reported: 03/10/2004
    Brief Description: Multiple vendor Web browsers bypass cookie path
                        restriction
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Any operating system Any version, Debian Linux 3.0,
                        KDE Any version, Konqueror Embedded Any version,
                        Mandrake Linux 9.1, Mandrake Linux 9.2, Microsoft
                        Internet Explorer Any version, Mozilla Any version,
                        Opera Any version, Red Hat Linux 9, Safari Any
                        version
    Vulnerability: web-browser-cookie-bypass
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15424

    Date Reported: 03/10/2004
    Brief Description: Solaris uucp multiple buffer overflows
    Risk Factor: High
    Attack Type: Host Based
    Platforms: Solaris 2.6, Solaris 2.6 x86, Solaris 7 SPARC,
                        Solaris 7 x86, Solaris 8 SPARC, Solaris 8 x86,
                        Solaris 9 SPARC, Solaris 9 x86
    Vulnerability: solaris-uucp-multiple-bo
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15425

    Date Reported: 03/10/2004
    Brief Description: GdkPixbuf bitmap file denial of service
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Evolution Any version, GdkPixbuf prior to 0.20,
                        Mandrake Linux Corporate Server 2.1, Red Hat Linux
                        9
    Vulnerability: gdk-pixbuf-bitmap-dos
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15426

    Date Reported: 03/10/2004
    Brief Description: sysstat post and trigger scripts symlink attack
    Risk Factor: High
    Attack Type: Host Based
    Platforms: Red Hat Linux 9, sysstat Any version
    Vulnerability: sysstat-post-trigger-symlink
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15428

    Date Reported: 03/10/2004
    Brief Description: Unreal Tournament Server class name format string
                        attack
    Risk Factor: High
    Attack Type: Network Based
    Platforms: Linux Any version, Mac OS Any version, Unreal
                        Tournament Server Any version, Unreal Tournament
                        Server 2003 Any version, Windows Any version
    Vulnerability: ut-class-format-string
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15430

    Date Reported: 03/10/2004
    Brief Description: F-Secure Anti-Virus for Linux protection bypass
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: F-Secure Anti-Virus for Linux prior to 4.52Hotfix3,
                        Linux Any version
    Vulnerability: fsecure-antivirus-protection-bypass
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15432

    Date Reported: 03/10/2004
    Brief Description: Symantec Norton Personal Firewalls denial of
                        service
    Risk Factor: Low
    Attack Type: Network Based
    Platforms: Norton Internet Security 2004, Norton Internet
                        Security 2004 Pro, Norton Personal Firewall 2004,
                        Windows Any version
    Vulnerability: norton-firewalls-dos
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15433

    Date Reported: 03/11/2004
    Brief Description: Courier Japanese codeset converter buffer overflow
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Courier prior to 0.45, Courier-IMAP prior to 3.0.0,
                        Linux Any version, SqWebMail prior to 4.0.0, Unix
                        Any version
    Vulnerability: courier-codeset-converter-bo
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15434

    Date Reported: 03/11/2004
    Brief Description: Pegasi Web Server "dot dot" directory traversal
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Any operating system Any version, Pegasi Web Server
                        (PWS) 0.2.2
    Vulnerability: pws-dotdot-directory-traversal
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15435

    Date Reported: 03/11/2004
    Brief Description: Pegasi Web Server cross-site scripting
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Any operating system Any version, Pegasi Web Server
                        (PWS) 0.2.2
    Vulnerability: pws-xss
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15436

    Date Reported: 03/10/2004
    Brief Description: sysstat isag utility symlink attack
    Risk Factor: High
    Attack Type: Host Based
    Platforms: Linux Any version, Red Hat Enterprise Linux 2.1AS,
                        Red Hat Enterprise Linux 2.1ES, Red Hat Enterprise
                        Linux 2.1WS, Red Hat Enterprise Linux 3AS, Red Hat
                        Enterprise Linux 3ES, Red Hat Enterprise Linux 3WS,
                        sysstat prior to 5.0.2
    Vulnerability: sysstat-isag-symlink
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15437

    Date Reported: 03/11/2004
    Brief Description: MyProxy cross-site scripting
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Any operating system Any version, MyProxy 20030629
    Vulnerability: myproxy-xss
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15438

    Date Reported: 03/11/2004
    Brief Description: cPanel resetpass section allows execution of
                        commands
    Risk Factor: High
    Attack Type: Network Based
    Platforms: cPanel 9.1.0build34andprior, Linux Any version
    Vulnerability: cpanel-resetpass-execute-commands
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15443

    Date Reported: 03/12/2004
    Brief Description: Open WebMail userstat.pl allows execution of
                        commands
    Risk Factor: High
    Attack Type: Network Based
    Platforms: Linux Any version, Open WebMail 2.30 and earlier
    Vulnerability: openwebmail-userstatpl-execute-commands
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15444

    Date Reported: 03/09/2004
    Brief Description: Confixx Perl Debugger information disclosure
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Confixx 2.0.xx, Linux Any version
    Vulnerability: confixx-debugger-view-files
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15445

    Date Reported: 03/12/2004
    Brief Description: vHost cross-site scripting
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Linux Any version, vHost prior to 3.10r
    Vulnerability: vhost-xss
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15446

    Date Reported: 03/08/2004
    Brief Description: Invision Power Board index.php cross-site scripting
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Any operating system Any version, Invision Power
                        Board 1.3 Final
    Vulnerability: invision-indexphp-xss
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15448

    Date Reported: 03/09/2004
    Brief Description: IBM DFSMS/MVS tape utility unknown issue
    Risk Factor: Medium
    Attack Type: Host Based / Network Based
    Platforms: Any operating system Any version, DFSMS/MVS Any
                        version
    Vulnerability: dfsmsmvs-tapeutility-unknown
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15449

    Date Reported: 03/09/2004
    Brief Description: IBM WebSphere unknown issue
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Any operating system Any version, IBM WebSphere
                        Application Server z/OS Any version
    Vulnerability: websphere-unknown
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15450

    Date Reported: 03/11/2004
    Brief Description: EMU Webmail emumail.fcgi cross-site scripting
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: EMU Webmail 5.2.7, Windows 2000 SP3 and earlier,
                        Windows NT 4.0, Windows XP Any version
    Vulnerability: emu-webmail-emumail-xss
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15451

    Date Reported: 03/11/2004
    Brief Description: EMU Webmail login cross-site scripting
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: EMU Webmail 5.2.7, Windows 2000 SP3 and earlier,
                        Windows NT 4.0, Windows XP Any version
    Vulnerability: emu-webmail-login-xss
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15452

    Date Reported: 03/11/2004
    Brief Description: EMU Webmail init.emu path disclosure
    Risk Factor: Low
    Attack Type: Network Based
    Platforms: EMU Webmail 5.2.7, Unix Any version, Windows Any
                        version
    Vulnerability: emu-init-path-disclosure
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15453

    Date Reported: 03/09/2004
    Brief Description: IBM rexecd allows elevated privileges
    Risk Factor: High
    Attack Type: Network Based
    Platforms: AIX 4.3.3
    Vulnerability: rexecd-gain-privileges
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15455

    Date Reported: 03/12/2004
    Brief Description: Metamail extcompose symlink attack
    Risk Factor: High
    Attack Type: Host Based
    Platforms: Linux Any version, Metamail Any version
    Vulnerability: metamail-extcompose-symlink
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15460

    _____

    Risk Factor Key:

         High Security issues that allow immediate remote, or local access
                  or immediate execution of code or commands, with unauthorized
                  privileges. Examples are most buffer overflows, backdoors,
                  default or no password, and bypassing security on firewalls
                  or other network components.
         Medium Security issues that have the potential of granting access or
                  allowing code execution by means of complex or lengthy exploit
                  procedures, or low risk issues applied to major Internet
                  components. Examples are cross-site scripting, man-in-the-middle
                  attacks, SQL injection, denial of service of major applications,
                  and denial of service resulting in system information disclosure
                  (such as core files).
         Low Security issues that deny service or provide non-system
                  information that could be used to formulate structured attacks
                  on a target, but not directly gain unauthorized access. Examples
                  are brute force attacks, non-system information disclosure
                  (configurations, paths, etc.), and denial of service attacks.

    ______

    About Internet Security Systems (ISS)
    Founded in 1994, Internet Security Systems (ISS) (Nasdaq: ISSX) is a
    pioneer and world leader in software and services that protect critical
    online resources from an ever-changing spectrum of threats and misuse.
    Internet Security Systems is headquartered in Atlanta, GA, with
    additional operations throughout the Americas, Asia, Australia, Europe
    and the Middle East.

    Copyright (c) 2004 Internet Security Systems, Inc. All rights reserved
    worldwide.

    Permission is hereby granted for the electronic redistribution of this
    document. It is not to be edited or altered in any way without the
    express written consent of the Internet Security Systems X-Force. If you
    wish to reprint the whole or any part of this document in any other
    medium excluding electronic media, please email xforce@iss.net for
    permission.

    Disclaimer: The information within this paper may change without notice. Internet
    Security Systems provides this information on an AS IS basis with NO warranties,
    implied or otherwise. Any use of this information is at the user's risk. In no event
    shall Internet Security Systems be held liable for any damages whatsoever arising
    out of or in connection with the use or dissemination of this information.

    X-Force PGP Key available on MIT's PGP key server and PGP.com's key server,
    as well as at http://xforce.iss.net/xforce/sensitive.php

    Please send suggestions, updates, and comments to: X-Force
    xforce@iss.net of Internet Security Systems, Inc.

    _______________________________________________
    TO SUBSCRIBE, UNSUBSCRIBE, OR CHANGE YOUR SUBSCRIPTION, go to
    https://atla-mm1.iss.net/mailman/listinfo/alert

    To contact the ISS Alert List Administrator, send email to
    mod-alert@iss.net

    The ISS Alert mailing list is hosted and managed by Internet Security
    Systems, 6303 Barfield Road, Atlanta, Georgia, USA 30328.

    -----BEGIN PGP SIGNATURE-----
    Version: 2.6.2

    iQCVAwUBQFX6CjRfJiV99eG9AQHMCQP+JwLsuYmbK/ZYXBlMA8BpYZfi95y85gz4
    Q49zw7OpEZu+VV6QiLVkyNtW8vfaG3HM75VKLs+Xjft1mActXJHIeBjuH/3mkMTp
    JDBxLIZVStWu9kX0X7Vt4Wi1Q2/Gy+Rfh5NzY9SOKW+oy7x14RBlmOzR5OpFoTZT
    wGTmyB5ymUI=
    =EZAl
    -----END PGP SIGNATURE-----


  • Next message: Brito, Nelson (ISS Brazil): "RE: nids for ipv6"