ISS Security Alert Summary AS04-11
From: X-Force (xforce_at_iss.net)
Date: 03/15/04
- Previous message: X-Force: "ISS Security Alert Summary AS04-10"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 15 Mar 2004 13:47:01 -0500 (EST) To: alert@iss.net
-----BEGIN PGP SIGNED MESSAGE-----
Internet Security Systems Security Alert Summary AS04-11
March 15, 2004
X-Force Vulnerability and Threat Database:
http://xforce.iss.net/
To receive these Alert Summaries, as well as other Alerts and
Advisories, subscribe to the Internet Security Systems Alert
mailing list at:
https://atla-mm1.iss.net/mailman/listinfo/alert
This summary is available at the following address:
http://xforce.iss.net/xforce/alerts/id/AS04-11
_____
Contents:
* 46 Reported Vulnerabilities
* Risk Factor Key
_____
Date Reported: 03/09/2004
Brief Description: Microsoft Windows 2000 Server Windows Media
Services denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms: Windows 2000 Any version, Windows 2000 Server SP2,
Windows 2000 Server SP3, Windows 2000 Server SP4
Vulnerability: win-media-services-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/15038
Date Reported: 03/05/2004
Brief Description: VirtuaNews Admin Panel multiple cross-site
scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Any operating system Any version, VirtuaNews 1.0.3
Pro
Vulnerability: virtuanews-multiple-xss
X-Force URL: http://xforce.iss.net/xforce/xfdb/15402
Date Reported: 03/05/2004
Brief Description: Invision Power Board cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Any operating system Any version, Invision Power
Board 1.3 Final
Vulnerability: invision-xss
X-Force URL: http://xforce.iss.net/xforce/xfdb/15403
Date Reported: 03/08/2004
Brief Description: PWebServer dot dot directory traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms: Any operating system Any version, PWebServer 0.3.3
Vulnerability: pwebserver-dotdot-directory-traversal
X-Force URL: http://xforce.iss.net/xforce/xfdb/15404
Date Reported: 03/05/2004
Brief Description: SURECOM Web configuration denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms: SURECOM Internet Mini Broadband Router EP-4504AX,
SURECOM Wireless Access Point Router EP-9510AX
Vulnerability: surecom-webconfig-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/15405
Date Reported: 03/05/2004
Brief Description: NTP integer buffer overflow
Risk Factor: Low
Attack Type: Network Based
Platforms: Linux Any version, NTP prior to 4.0, Unix Any
version
Vulnerability: ntp-integer-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/15406
Date Reported: 03/08/2004
Brief Description: GNU Automake Makefile.in symlink attack
Risk Factor: High
Attack Type: Host Based
Platforms: GNU Automake prior to 1.8.3, Linux Any version,
Unix Any version
Vulnerability: gnu-automake-makefile-symlink
X-Force URL: http://xforce.iss.net/xforce/xfdb/15407
Date Reported: 03/09/2004
Brief Description: Python getaddrinfo function buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Debian Linux 3.0, Linux Any version, Python 2.2,
Python 2.2.1, Unix Any version, Windows Any version
Vulnerability: python-getaddrinfo-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/15409
Date Reported: 03/02/2004
Brief Description: ArGoSoft FTP Server SITE ZIP and SITE COPY buffer
overflows
Risk Factor: High
Attack Type: Network Based
Platforms: ArGoSoft FTP Server 1.4.1.5 and earlier, Windows
Any version
Vulnerability: argosoftftp-site-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/15410
Date Reported: 03/02/2004
Brief Description: ArGoSoft FTP Server SITE UNZIP file disclosure
Risk Factor: Medium
Attack Type: Network Based
Platforms: ArGoSoft FTP Server 1.4.1.5 and earlier, Windows
Any version
Vulnerability: argosoftftp-unzip-file-disclosure
X-Force URL: http://xforce.iss.net/xforce/xfdb/15411
Date Reported: 03/02/2004
Brief Description: ArGoSoft FTP Server SITE PASS denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: ArGoSoft FTP Server 1.4.1.5 and earlier, Windows
Any version
Vulnerability: argosoftftp-site-pass-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/15412
Date Reported: 03/06/2004
Brief Description: Safari Web browser application large array denial
of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Mac OS X Any version, Safari 1.2 and earlier
Vulnerability: safari-array-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/15413
Date Reported: 03/09/2004
Brief Description: Microsoft Outlook 2002 mailto URL allows execution
of code
Risk Factor: High
Attack Type: Network Based
Platforms: Microsoft Office XP SP2, Microsoft Outlook 2002,
Windows Any version
Vulnerability: outlook-mailtourl-execute-code
X-Force URL: http://xforce.iss.net/xforce/xfdb/15414
Date Reported: 03/09/2004
Brief Description: MSN Messenger request view files
Risk Factor: Medium
Attack Type: Network Based
Platforms: Microsoft MSN Messenger 6.0, Microsoft MSN
Messenger 6.1, Windows Any version
Vulnerability: msn-request-view-files
X-Force URL: http://xforce.iss.net/xforce/xfdb/15415
Date Reported: 03/09/2004
Brief Description: Chat Anywhere bypass administrative features
Risk Factor: Low
Attack Type: Network Based
Platforms: Chat Anywhere prior to 2.72, Windows Any version
Vulnerability: chat-anywhere-admin-bypass
X-Force URL: http://xforce.iss.net/xforce/xfdb/15416
Date Reported: 03/09/2004
Brief Description: Confixx db_mysql_loeschen2.php SQL injection
Risk Factor: Medium
Attack Type: Network Based
Platforms: Confixx 2.0.xx, Linux Any version
Vulnerability: confixx-dbmysqllloeschen2-sql-injection
X-Force URL: http://xforce.iss.net/xforce/xfdb/15417
Date Reported: 03/05/2004
Brief Description: nfs-utils DNS configuration denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms: nfs-utils prior to 1.0.6, Trustix Secure Linux 2.0
Vulnerability: nfs-utils-dns-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/15418
Date Reported: 03/09/2004
Brief Description: Apache HTTP Server mod_ssl plain HTTP request
denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms: Any operating system Any version, Apache HTTP
Server 2.0.35 thru 2.0.48
Vulnerability: apache-modssl-plain-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/15419
Date Reported: 03/09/2004
Brief Description: IBM DB2 Remote Command Server allows elevated
privileges
Risk Factor: High
Attack Type: Host Based / Network Based
Platforms: AIX Any version, IBM DB2 UDB 8.1
Vulnerability: db2-rcs-gain-privileges
X-Force URL: http://xforce.iss.net/xforce/xfdb/15420
Date Reported: 03/05/2004
Brief Description: Norton AntiVirus 2002 bypass Auto-Protect Engine
Risk Factor: Medium
Attack Type: Host Based
Platforms: Norton AntiVirus 2002, Windows Any version
Vulnerability: nav-autoprotect-bypass
X-Force URL: http://xforce.iss.net/xforce/xfdb/15421
Date Reported: 03/08/2004
Brief Description: Apache HTTP Server mod_access information
disclosure
Risk Factor: Medium
Attack Type: Network Based
Platforms: Apache HTTP Server 1.3.29 and earlier, Linux Any
version, Unix Any version
Vulnerability: apache-modaccess-obtain-information
X-Force URL: http://xforce.iss.net/xforce/xfdb/15422
Date Reported: 03/08/2004
Brief Description: WU-FTPD bypass restricted-gid option allows
unauthorized access
Risk Factor: High
Attack Type: Network Based
Platforms: Debian Linux 3.0, Linux Any version, Red Hat
Advanced Workstation 2.1, Red Hat Enterprise Linux
2.1AS, Red Hat Enterprise Linux 2.1ES, wu-ftpd 2.x
Vulnerability: wuftpd-restrictedgid-gain-access
X-Force URL: http://xforce.iss.net/xforce/xfdb/15423
Date Reported: 03/10/2004
Brief Description: Multiple vendor Web browsers bypass cookie path
restriction
Risk Factor: Medium
Attack Type: Network Based
Platforms: Any operating system Any version, Debian Linux 3.0,
KDE Any version, Konqueror Embedded Any version,
Mandrake Linux 9.1, Mandrake Linux 9.2, Microsoft
Internet Explorer Any version, Mozilla Any version,
Opera Any version, Red Hat Linux 9, Safari Any
version
Vulnerability: web-browser-cookie-bypass
X-Force URL: http://xforce.iss.net/xforce/xfdb/15424
Date Reported: 03/10/2004
Brief Description: Solaris uucp multiple buffer overflows
Risk Factor: High
Attack Type: Host Based
Platforms: Solaris 2.6, Solaris 2.6 x86, Solaris 7 SPARC,
Solaris 7 x86, Solaris 8 SPARC, Solaris 8 x86,
Solaris 9 SPARC, Solaris 9 x86
Vulnerability: solaris-uucp-multiple-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/15425
Date Reported: 03/10/2004
Brief Description: GdkPixbuf bitmap file denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms: Evolution Any version, GdkPixbuf prior to 0.20,
Mandrake Linux Corporate Server 2.1, Red Hat Linux
9
Vulnerability: gdk-pixbuf-bitmap-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/15426
Date Reported: 03/10/2004
Brief Description: sysstat post and trigger scripts symlink attack
Risk Factor: High
Attack Type: Host Based
Platforms: Red Hat Linux 9, sysstat Any version
Vulnerability: sysstat-post-trigger-symlink
X-Force URL: http://xforce.iss.net/xforce/xfdb/15428
Date Reported: 03/10/2004
Brief Description: Unreal Tournament Server class name format string
attack
Risk Factor: High
Attack Type: Network Based
Platforms: Linux Any version, Mac OS Any version, Unreal
Tournament Server Any version, Unreal Tournament
Server 2003 Any version, Windows Any version
Vulnerability: ut-class-format-string
X-Force URL: http://xforce.iss.net/xforce/xfdb/15430
Date Reported: 03/10/2004
Brief Description: F-Secure Anti-Virus for Linux protection bypass
Risk Factor: Medium
Attack Type: Network Based
Platforms: F-Secure Anti-Virus for Linux prior to 4.52Hotfix3,
Linux Any version
Vulnerability: fsecure-antivirus-protection-bypass
X-Force URL: http://xforce.iss.net/xforce/xfdb/15432
Date Reported: 03/10/2004
Brief Description: Symantec Norton Personal Firewalls denial of
service
Risk Factor: Low
Attack Type: Network Based
Platforms: Norton Internet Security 2004, Norton Internet
Security 2004 Pro, Norton Personal Firewall 2004,
Windows Any version
Vulnerability: norton-firewalls-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/15433
Date Reported: 03/11/2004
Brief Description: Courier Japanese codeset converter buffer overflow
Risk Factor: Medium
Attack Type: Network Based
Platforms: Courier prior to 0.45, Courier-IMAP prior to 3.0.0,
Linux Any version, SqWebMail prior to 4.0.0, Unix
Any version
Vulnerability: courier-codeset-converter-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/15434
Date Reported: 03/11/2004
Brief Description: Pegasi Web Server "dot dot" directory traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms: Any operating system Any version, Pegasi Web Server
(PWS) 0.2.2
Vulnerability: pws-dotdot-directory-traversal
X-Force URL: http://xforce.iss.net/xforce/xfdb/15435
Date Reported: 03/11/2004
Brief Description: Pegasi Web Server cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Any operating system Any version, Pegasi Web Server
(PWS) 0.2.2
Vulnerability: pws-xss
X-Force URL: http://xforce.iss.net/xforce/xfdb/15436
Date Reported: 03/10/2004
Brief Description: sysstat isag utility symlink attack
Risk Factor: High
Attack Type: Host Based
Platforms: Linux Any version, Red Hat Enterprise Linux 2.1AS,
Red Hat Enterprise Linux 2.1ES, Red Hat Enterprise
Linux 2.1WS, Red Hat Enterprise Linux 3AS, Red Hat
Enterprise Linux 3ES, Red Hat Enterprise Linux 3WS,
sysstat prior to 5.0.2
Vulnerability: sysstat-isag-symlink
X-Force URL: http://xforce.iss.net/xforce/xfdb/15437
Date Reported: 03/11/2004
Brief Description: MyProxy cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Any operating system Any version, MyProxy 20030629
Vulnerability: myproxy-xss
X-Force URL: http://xforce.iss.net/xforce/xfdb/15438
Date Reported: 03/11/2004
Brief Description: cPanel resetpass section allows execution of
commands
Risk Factor: High
Attack Type: Network Based
Platforms: cPanel 9.1.0build34andprior, Linux Any version
Vulnerability: cpanel-resetpass-execute-commands
X-Force URL: http://xforce.iss.net/xforce/xfdb/15443
Date Reported: 03/12/2004
Brief Description: Open WebMail userstat.pl allows execution of
commands
Risk Factor: High
Attack Type: Network Based
Platforms: Linux Any version, Open WebMail 2.30 and earlier
Vulnerability: openwebmail-userstatpl-execute-commands
X-Force URL: http://xforce.iss.net/xforce/xfdb/15444
Date Reported: 03/09/2004
Brief Description: Confixx Perl Debugger information disclosure
Risk Factor: Medium
Attack Type: Network Based
Platforms: Confixx 2.0.xx, Linux Any version
Vulnerability: confixx-debugger-view-files
X-Force URL: http://xforce.iss.net/xforce/xfdb/15445
Date Reported: 03/12/2004
Brief Description: vHost cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, vHost prior to 3.10r
Vulnerability: vhost-xss
X-Force URL: http://xforce.iss.net/xforce/xfdb/15446
Date Reported: 03/08/2004
Brief Description: Invision Power Board index.php cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Any operating system Any version, Invision Power
Board 1.3 Final
Vulnerability: invision-indexphp-xss
X-Force URL: http://xforce.iss.net/xforce/xfdb/15448
Date Reported: 03/09/2004
Brief Description: IBM DFSMS/MVS tape utility unknown issue
Risk Factor: Medium
Attack Type: Host Based / Network Based
Platforms: Any operating system Any version, DFSMS/MVS Any
version
Vulnerability: dfsmsmvs-tapeutility-unknown
X-Force URL: http://xforce.iss.net/xforce/xfdb/15449
Date Reported: 03/09/2004
Brief Description: IBM WebSphere unknown issue
Risk Factor: Medium
Attack Type: Network Based
Platforms: Any operating system Any version, IBM WebSphere
Application Server z/OS Any version
Vulnerability: websphere-unknown
X-Force URL: http://xforce.iss.net/xforce/xfdb/15450
Date Reported: 03/11/2004
Brief Description: EMU Webmail emumail.fcgi cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: EMU Webmail 5.2.7, Windows 2000 SP3 and earlier,
Windows NT 4.0, Windows XP Any version
Vulnerability: emu-webmail-emumail-xss
X-Force URL: http://xforce.iss.net/xforce/xfdb/15451
Date Reported: 03/11/2004
Brief Description: EMU Webmail login cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: EMU Webmail 5.2.7, Windows 2000 SP3 and earlier,
Windows NT 4.0, Windows XP Any version
Vulnerability: emu-webmail-login-xss
X-Force URL: http://xforce.iss.net/xforce/xfdb/15452
Date Reported: 03/11/2004
Brief Description: EMU Webmail init.emu path disclosure
Risk Factor: Low
Attack Type: Network Based
Platforms: EMU Webmail 5.2.7, Unix Any version, Windows Any
version
Vulnerability: emu-init-path-disclosure
X-Force URL: http://xforce.iss.net/xforce/xfdb/15453
Date Reported: 03/09/2004
Brief Description: IBM rexecd allows elevated privileges
Risk Factor: High
Attack Type: Network Based
Platforms: AIX 4.3.3
Vulnerability: rexecd-gain-privileges
X-Force URL: http://xforce.iss.net/xforce/xfdb/15455
Date Reported: 03/12/2004
Brief Description: Metamail extcompose symlink attack
Risk Factor: High
Attack Type: Host Based
Platforms: Linux Any version, Metamail Any version
Vulnerability: metamail-extcompose-symlink
X-Force URL: http://xforce.iss.net/xforce/xfdb/15460
_____
Risk Factor Key:
High Security issues that allow immediate remote, or local access
or immediate execution of code or commands, with unauthorized
privileges. Examples are most buffer overflows, backdoors,
default or no password, and bypassing security on firewalls
or other network components.
Medium Security issues that have the potential of granting access or
allowing code execution by means of complex or lengthy exploit
procedures, or low risk issues applied to major Internet
components. Examples are cross-site scripting, man-in-the-middle
attacks, SQL injection, denial of service of major applications,
and denial of service resulting in system information disclosure
(such as core files).
Low Security issues that deny service or provide non-system
information that could be used to formulate structured attacks
on a target, but not directly gain unauthorized access. Examples
are brute force attacks, non-system information disclosure
(configurations, paths, etc.), and denial of service attacks.
______
About Internet Security Systems (ISS)
Founded in 1994, Internet Security Systems (ISS) (Nasdaq: ISSX) is a
pioneer and world leader in software and services that protect critical
online resources from an ever-changing spectrum of threats and misuse.
Internet Security Systems is headquartered in Atlanta, GA, with
additional operations throughout the Americas, Asia, Australia, Europe
and the Middle East.
Copyright (c) 2004 Internet Security Systems, Inc. All rights reserved
worldwide.
Permission is hereby granted for the electronic redistribution of this
document. It is not to be edited or altered in any way without the
express written consent of the Internet Security Systems X-Force. If you
wish to reprint the whole or any part of this document in any other
medium excluding electronic media, please email xforce@iss.net for
permission.
Disclaimer: The information within this paper may change without notice. Internet
Security Systems provides this information on an AS IS basis with NO warranties,
implied or otherwise. Any use of this information is at the user's risk. In no event
shall Internet Security Systems be held liable for any damages whatsoever arising
out of or in connection with the use or dissemination of this information.
X-Force PGP Key available on MIT's PGP key server and PGP.com's key server,
as well as at http://xforce.iss.net/xforce/sensitive.php
Please send suggestions, updates, and comments to: X-Force
xforce@iss.net of Internet Security Systems, Inc.
_______________________________________________
TO SUBSCRIBE, UNSUBSCRIBE, OR CHANGE YOUR SUBSCRIPTION, go to
https://atla-mm1.iss.net/mailman/listinfo/alert
To contact the ISS Alert List Administrator, send email to
mod-alert@iss.net
The ISS Alert mailing list is hosted and managed by Internet Security
Systems, 6303 Barfield Road, Atlanta, Georgia, USA 30328.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBQFX6CjRfJiV99eG9AQHMCQP+JwLsuYmbK/ZYXBlMA8BpYZfi95y85gz4
Q49zw7OpEZu+VV6QiLVkyNtW8vfaG3HM75VKLs+Xjft1mActXJHIeBjuH/3mkMTp
JDBxLIZVStWu9kX0X7Vt4Wi1Q2/Gy+Rfh5NzY9SOKW+oy7x14RBlmOzR5OpFoTZT
wGTmyB5ymUI=
=EZAl
-----END PGP SIGNATURE-----
- Previous message: X-Force: "ISS Security Alert Summary AS04-10"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
