ISS Security Alert Summary AS04-13

From: X-Force (xforce_at_iss.net)
Date: 03/29/04

  • Next message: Palmer, Paul (ISSAtlanta): "RE: Difference between Protocol Analyzers -> Packet Sniffers"
    Date: Mon, 29 Mar 2004 13:46:51 -0500 (EST)
    To: alert@iss.net
    
    

    -----BEGIN PGP SIGNED MESSAGE-----

    Here's the draft alert summary for this week. Let me know if you have any comments or questions.

    Thanks,
    Dewayne

    Internet Security Systems Security Alert Summary AS04-13
    March 29, 2004

    X-Force Vulnerability and Threat Database: http://xforce.iss.net/

    To receive these Alert Summaries, as well as other Alerts and Advisories, subscribe to the Internet Security Systems Alert mailing list at:
    https://atla-mm1.iss.net/mailman/listinfo/alert

    This summary is available at the following address: http://xforce.iss.net/xforce/alerts/id/AS04-13
    _____
    Contents:
    * 76 Reported Vulnerabilities
    * Risk Factor Key
    _____

    Date Reported: 03/23/2004
    Brief Description: cPanel dodelautores.html or addhandle.html cross-
                        site scripting
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: cPanel 9.1.0-STABLE 93, Linux Any version
    Vulnerability: cpanel-dodelautores-addhandle-xss
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15517

    Date Reported: 03/19/2004
    Brief Description: Internet Explorer shell: command denial of service
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Microsoft Internet Explorer 6.0.2600, Windows XP
                        Professional
    Vulnerability: ie-shell-dos
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15544

    Date Reported: 03/19/2004
    Brief Description: Samba smbprint.log symlink attack
    Risk Factor: High
    Attack Type: Host Based
    Platforms: Linux Any version, Samba 3.0.2
    Vulnerability: samba-smbprint-symlink
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15545

    Date Reported: 03/19/2004
    Brief Description: InterBase admin.ib allows elevated privileges
    Risk Factor: High
    Attack Type: Host Based
    Platforms: InterBase 7.1, Linux Any version
    Vulnerability: interbase-admin-gain-privileges
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15546

    Date Reported: 03/20/2004
    Brief Description: Apache mod_disk_cache local information disclosure
    Risk Factor: Medium
    Attack Type: Host Based
    Platforms: Any operating system Any version, Apache HTTP
                        Server 2.0.48, Apache HTTP Server 2.0.49, Gentoo
                        Linux Any version
    Vulnerability: apache-moddiskcache-obtain-info
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15547

    Date Reported: 03/22/2004
    Brief Description: News Manager Lite cross-site scripting
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: News Manager Lite 2.5, Windows 2000 Any version,
                        Windows 2003 Any version, Windows NT Any version,
                        Windows XP Professional, Windows XP Server
    Vulnerability: news-manager-xss
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15548

    Date Reported: 03/22/2004
    Brief Description: News Manager Lite SQL injection
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: News Manager Lite 2.5, Windows 2000 Any version,
                        Windows 2003 Any version, Windows NT Any version,
                        Windows XP Professional, Windows XP Server
    Vulnerability: news-manager-sql-injection
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15549

    Date Reported: 03/22/2004
    Brief Description: News Manager Lite administrative session allows
                        unauthorized access
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: News Manager Lite 2.5, Windows 2000 Any version,
                        Windows 2003 Any version, Windows NT Any version,
                        Windows XP Professional, Windows XP Server
    Vulnerability: news-manager-admin-access
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15550

    Date Reported: 03/20/2004
    Brief Description: Member Management System ID parameter SQL injection
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Member Management System 2.1, Windows 2000 Any
                        version, Windows 2003 Any version, Windows NT Any
                        version, Windows XP Any version
    Vulnerability: mms-id-sql-injection
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15551

    Date Reported: 03/20/2004
    Brief Description: Member Management System cross-site scripting
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Member Management System 2.1, Windows 2000 Any
                        version, Windows 2003 Any version, Windows NT Any
                        version, Windows XP Any version
    Vulnerability: mms-xss
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15552

    Date Reported: 03/22/2004
    Brief Description: Clam AntiVirus RAR archive denial of service
    Risk Factor: Low
    Attack Type: Network Based
    Platforms: Clam AntiVirus prior to 0.68, Linux Any version,
                        Unix Any version
    Vulnerability: clam-antivirus-rar-dos
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15553

    Date Reported: 03/22/2004
    Brief Description: IBM AIX make utility CC option buffer overflow
    Risk Factor: High
    Attack Type: Host Based
    Platforms: AIX 4.3.3
    Vulnerability: aix-make-cc-bo
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15554

    Date Reported: 03/22/2004
    Brief Description: IBM AIX getlvcb and putlvcb utilities buffer
                        overflow
    Risk Factor: High
    Attack Type: Host Based
    Platforms: AIX 4.3.3
    Vulnerability: aix-getlvcb-putlvcb-bo
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15555

    Date Reported: 03/20/2004
    Brief Description: Tarantella Enterprise ttaarchives.cgi and
                        ttacab.cgi CGI utilities cross-site scripting
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Any operating system Any version, Tarantella
                        Enterprise 3.2x, Tarantella Enterprise 3.3x,
                        Tarantella Enterprise 3.40
    Vulnerability: tarantella-ttaarchives-ttacab-xss
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15556

    Date Reported: 03/22/2004
    Brief Description: ReGet "dot dot" file upload
    Risk Factor: Low
    Attack Type: Network Based
    Platforms: ReGet Deluxe 3.0 Build 121, Windows Any version
    Vulnerability: reget-dotdot-file-upload
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15557

    Date Reported: 03/23/2004
    Brief Description: WS_FTP Server SITE allows elevated privileges
    Risk Factor: High
    Attack Type: Host Based / Network Based
    Platforms: Windows 2000 Any version, Windows 2003 Any version,
                        Windows NT 4.0, Windows XP Any version, WS_FTP
                        Server 4.0.2
    Vulnerability: wftp-site-gain-priviliege
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15558

    Date Reported: 03/21/2004
    Brief Description: phpBB admin_smilies.php script and admin_styles.php
                        script SQL injection
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Any operating system Any version, phpBB 2.0.7a and
                        earlier
    Vulnerability: phpbb-multiple-sql-injection
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15559

    Date Reported: 03/23/2004
    Brief Description: WS_FTP Server REST denial of service
    Risk Factor: Low
    Attack Type: Host Based / Network Based
    Platforms: Windows 2000 Any version, Windows 2003 Server,
                        Windows NT 4.0, Windows XP Any version, WS_FTP
                        Server 4.0.2
    Vulnerability: wsftp-rest-dos
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15560

    Date Reported: 03/22/2004
    Brief Description: WS_FTP Server ALLO handler buffer overflow
    Risk Factor: High
    Attack Type: Host Based / Network Based
    Platforms: Windows 2000 Any version, Windows 2003 Server,
                        Windows NT 4.0, Windows XP Any version, WS_FTP
                        Server 4.0.2
    Vulnerability: wsftp-allo-bo
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15561

    Date Reported: 03/21/2004
    Brief Description: phpBB admin_smilies.php and the admin_styles.php
                        scripts cross-site scripting
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Any operating system Any version, phpBB 2.0.7a and
                        earlier
    Vulnerability: phpbb-multiple-adminscripts-xss
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15562

    Date Reported: 03/21/2004
    Brief Description: phpBB unchecked session IDs allow command execution
    Risk Factor: High
    Attack Type: Network Based
    Platforms: Any operating system Any version, phpBB 2.0.7a and
                        earlier
    Vulnerability: phpbb-sessionid-command-execution
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15563

    Date Reported: 03/20/2004
    Brief Description: xine xine-bugreport and xine-check symlink attack
    Risk Factor: High
    Attack Type: Host Based
    Platforms: Linux Any version, Unix Any version, xine Any
                        version
    Vulnerability: xine-xinebugreport-xinecheck-symlink
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15564

    Date Reported: 03/20/2004
    Brief Description: phpBB profile.php cross-site scripting
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Linux Any version, phpBB 2.0.6d, Unix Any version,
                        Windows Any version
    Vulnerability: phpbb-profile-xss
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15565

    Date Reported: 03/22/2004
    Brief Description: Invision Gallery index.php SQL injection
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Any operating system Any version, Invision Gallery
                        1.0.1
    Vulnerability: invision-gallery-sql-injection
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15566

    Date Reported: 03/20/2004
    Brief Description: xweb "dot dot" directory traversal
    Risk Factor: Low
    Attack Type: Network Based
    Platforms: Linux Any version, Unix Any version, xweb 1.0
    Vulnerability: xweb-dotdot-directory-traversal
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15567

    Date Reported: 03/22/2004
    Brief Description: Invision Power Top Site List id SQL injection
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Invision Power Top Site List 1.1 RC2 and earlier,
                        Linux Any version, Unix Any version, Windows Any
                        version
    Vulnerability: invision-id-sql-injection
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15568

    Date Reported: 03/22/2004
    Brief Description: Ethereal multiple dissectors buffer overflows
    Risk Factor: High
    Attack Type: Network Based
    Platforms: Ethereal 0.8.13 to 0.10.2, Linux Any version, Unix
                        Any version, Windows Any version
    Vulnerability: ethereal-multiple-dissectors-bo
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15569

    Date Reported: 03/22/2004
    Brief Description: Ethereal zero-length presentation protocol selector
                        denial of service
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Ethereal 0.8.13 to 0.10.2, Linux Any version, Unix
                        Any version, Windows Any version
    Vulnerability: ethereal-zero-presentation-dos
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15570

    Date Reported: 03/22/2004
    Brief Description: Ethereal RADIUS packet denial of service
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Ethereal 0.8.13 to 0.10.2, Linux Any version, Unix
                        Any version, Windows Any version
    Vulnerability: ethereal-radius-dos
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15571

    Date Reported: 03/22/2004
    Brief Description: Ethereal colour filter file denial of service
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Ethereal 0.8.13 to 0.10.2, Linux Any version, Unix
                        Any version, Windows Any version
    Vulnerability: ethereal-colour-filter-dos
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15572

    Date Reported: 03/23/2004
    Brief Description: FirstClass TargetName cross-site scripting
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: FirstClass 7.1, Mac OS Any version, Mac OS X Server
                        Any version, Windows Any version
    Vulnerability: firstclass-targetname-xss
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15573

    Date Reported: 03/23/2004
    Brief Description: MS Analysis error message discloses directory path
    Risk Factor: Low
    Attack Type: Network Based
    Platforms: Any operating system Any version, MS Analysis 2.0
    Vulnerability: msanalysis-error-path-disclosure
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15574

    Date Reported: 03/23/2004
    Brief Description: MS Analysis modules.php and title.php cross-site
                        scripting
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Any operating system Any version, MS Analysis 2.0
    Vulnerability: msanalysis-modules-title-xss
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15575

    Date Reported: 03/23/2004
    Brief Description: MS Analysis referer header SQL injection
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Any operating system Any version, MS Analysis 2.0
    Vulnerability: msanalysis-referer-sql-injection
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15576

    Date Reported: 03/20/2004
    Brief Description: Linux Kernel kmod signals denial of service
    Risk Factor: Medium
    Attack Type: Host Based
    Platforms: Conectiva Linux 8.0, Conectiva Linux 9.0, Linux
                        kernel 2.4, SuSE eMail Server 3.1, SuSE eMail
                        Server III Any1, version, SuSE Linux 7.3, SuSE Linux
                        8.0, SuSE Linux 8. SuSE Linux 8.2, SuSE Linux
                        9.0, SuSE Linux Database Server Any version, SuSE
                        Linux Enterprise Server 7, SuSE Linux Firewall Any
                        version, SuSE Linux Office Server Any version, SuSE
                        Linux School Server Any version
    Vulnerability: linux-kmod-signals-dos
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15577

    Date Reported: 03/22/2004
    Brief Description: phpBB admin_words.php SQL injection
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Any operating system Any version, phpBB 2.0.6c
    Vulnerability: phpbb-adminwords-sql-injection
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15578

    Date Reported: 03/22/2004
    Brief Description: phpBB admin_words.php cross-site scripting
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Any operating system Any version, phpBB 2.0.6c
    Vulnerability: phpbb-adminwords-xss
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15579

    Date Reported: 03/23/2004
    Brief Description: HiGuest higuest.pl script allows cross-site
                        scripting
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: HiGuest Any version, Linux Any version, Unix Any
                        version, Windows Any version
    Vulnerability: higuest-xss
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15580

    Date Reported: 03/23/2004
    Brief Description: Common Desktop Environment dtlogin utility double-
                        free
    Risk Factor: High
    Attack Type: Network Based
    Platforms: Common Desktop Environment (CDE) Any version,
                        Solaris 8, Unix Any version
    Vulnerability: cde-dtlogin-double-free
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15581

    Date Reported: 03/22/2004
    Brief Description: Mod_Survey cross-site scripting
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Any operating system Any version, Mod_Survey Any
                        version
    Vulnerability: modsurvey-xss
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15582

    Date Reported: 03/22/2004
    Brief Description: squidGuard '%00' character ACL bypass
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Linux Any version, squidGuard Any version, Unix Any
                        version
    Vulnerability: squidguard-acl-bypass
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15583

    Date Reported: 03/23/2004
    Brief Description: The Rage packet can cause denial of service
    Risk Factor: Low
    Attack Type: Network Based
    Platforms: The Rage 1.01 and earlier, Windows Any version
    Vulnerability: therage-packet-dos
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15584

    Date Reported: 03/23/2004
    Brief Description: SSH Tectia Server password change plug-in race
                        condition
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: SSH Tectia Server 4.0.3, SSH Tectia Server 4.0.4,
                        Unix Any version
    Vulnerability: sshtectiaserver-passwdplugin-race-condition
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15585

    Date Reported: 03/23/2004
    Brief Description: DameWare Mini Remote Control transmits encryption
                        key in plain text
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: DameWare Mini Remote Control 4.1.0.0, Windows Any
                        version
    Vulnerability: dameware-encryption-key-plaintext
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15586

    Date Reported: 03/23/2004
    Brief Description: DameWare Mini Remote Control uses weak random
                        generator
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: DameWare Mini Remote Control 4.1.0.0, Windows Any
                        version
    Vulnerability: dameware-random-generator-weak
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15587

    Date Reported: 03/24/2004
    Brief Description: VP-ASP catalogid SQL injection
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Linux Any version, Unix Any version, VP-ASP 3.x,
                        VP-ASP 4.x, VP-ASP 5 prior to 7/10/2004, Windows
                        Any version
    Vulnerability: vpasp-catalogid-sql-injection
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15588

    Date Reported: 03/24/2004
    Brief Description: Microsoft Windows allows elevated privileges
    Risk Factor: High
    Attack Type: Host Based
    Platforms: Windows 2000 Any version, Windows NT 4.0, Windows
                        Server 2003 Any version, Windows XP Any version
    Vulnerability: win-gain-privileges
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15589

    Date Reported: 03/24/2004
    Brief Description: InterScan VirusWall "dot dot" directory traversal
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: InterScan VirusWall 3.5x, Windows Any version
    Vulnerability: interscan-dotdot-directory-traversal
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15590

    Date Reported: 03/24/2004
    Brief Description: Microsoft Visual Studio and Microsoft Visual C++
                        denial of service
    Risk Factor: Low
    Attack Type: Network Based
    Platforms: Microsoft Visual C plus plus 6.0, Microsoft Visual
                        Studio 6.0 Enterprise Ed., Microsoft Visual Studio
                        6.0 Professional Ed., Windows Any version
    Vulnerability: ms-visual-dos
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15591

    Date Reported: 03/24/2004
    Brief Description: Kerio MailServer SPAM filter buffer overflow
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Kerio MailServer prior to 5.7.7, Windows 2000 Any
                        version, Windows NT Any version, Windows XP Any
                        version
    Vulnerability: keriomailserver-spam-filter-bo
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15592

    Date Reported: 03/24/2004
    Brief Description: Kerio WinRoute Firewall HTTP headers denial of
                        service
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Kerio WinRoute Firewall prior to 5.1.10, Windows
                        Any version
    Vulnerability: kerio-http-header-dos
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15593

    Date Reported: 03/24/2004
    Brief Description: Nexgen FTP Server "dot dot" directory traversal
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Nexgen FTP Server Any version, Windows 2000 Any
                        version, Windows NT Any version, Windows XP Any
                        version
    Vulnerability: nexgen-dotdot-directory-traversal
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15594

    Date Reported: 03/24/2004
    Brief Description: PicoPhone logging function buffer overflow
    Risk Factor: High
    Attack Type: Network Based
    Platforms: PicoPhone 1.63 and earlier, Windows Any version
    Vulnerability: picophone-logging-function-bo
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15595

    Date Reported: 03/22/2004
    Brief Description: PHP-Nuke IMG tag allows elevated privileges
    Risk Factor: High
    Attack Type: Network Based
    Platforms: Any operating system Any version, PHP-Nuke 6.x
                        through 7.1.0
    Vulnerability: phpnuke-img-gain-privileges
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15596

    Date Reported: 03/23/2004
    Brief Description: Dark Age of Camelot login.dll man-in-the-middle
                        attack
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Dark Age of Camelot prior to 1.68, Windows Any
                        version
    Vulnerability: daoc-login-mitm
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15597

    Date Reported: 03/16/2004
    Brief Description: WS_FTP Pro ASCII buffer overflow
    Risk Factor: High
    Attack Type: Host Based / Network Based
    Platforms: Windows Any version, WS_FTP Server 8.03
    Vulnerability: wsftppro-ascii-bo
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15598

    Date Reported: 03/24/2004
    Brief Description: a.shopKart could allow access to the scart.mdb
                        database file
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: a.shopKart 2.0, Windows Any version
    Vulnerability: ashopkart-database-file-access
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15599

    Date Reported: 03/24/2004
    Brief Description: Novell NetWare installation log files information
                        disclosure
    Risk Factor: Medium
    Attack Type: Host Based
    Platforms: Novell NetWare 6.5 SP 1.1
    Vulnerability: netware-installation-file-disclosure
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15600

    Date Reported: 03/24/2004
    Brief Description: emil email multiple buffer overflows
    Risk Factor: High
    Attack Type: Network Based
    Platforms: Debian Linux 3.0, emil 2.0.4, emil 2.0.5, emil
                        2.1.0-beta9
    Vulnerability: emil-email-bo
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15601

    Date Reported: 03/24/2004
    Brief Description: emil format string attack
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Debian Linux 3.0, emil 2.1.0-beta9
    Vulnerability: emil-format-string
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15602

    Date Reported: 03/24/2004
    Brief Description: Random Ident server (ridentd) rident.pid symlink
                        attack
    Risk Factor: High
    Attack Type: Host Based
    Platforms: Linux Any version, Random Ident server (ridentd)
                        0.9.1b, Unix Any version
    Vulnerability: ridentd-symlink
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15603

    Date Reported: 03/24/2004
    Brief Description: HP JetAdmin file upload
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: HP JetAdmin 7.5.2546, Windows Any version
    Vulnerability: hp-jetadmin-file-upload
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15605

    Date Reported: 03/24/2004
    Brief Description: HP JetAdmin setinfo.hts directory traversal
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: HP JetAdmin 7.5.2546, Windows Any version
    Vulnerability: hp-jetadmin-setinfo-directory-traversal
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15606

    Date Reported: 03/24/2004
    Brief Description: HP JetAdmin command execution
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: HP JetAdmin 7.5.2546, Windows Any version
    Vulnerability: hp-jetadmin-command-execution
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15607

    Date Reported: 03/25/2004
    Brief Description: Winamp in_midi.dll buffer overflow
    Risk Factor: Low
    Attack Type: Host Based
    Platforms: Winamp 5.01 and earlier, Windows Any version
    Vulnerability: winamp-inmidi-bo
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15610

    Date Reported: 03/25/2004
    Brief Description: Winamp winampmb.htm local file manipulation
    Risk Factor: Low
    Attack Type: Host Based
    Platforms: Winamp 5.01 and earlier, Windows Any version
    Vulnerability: winamp-winampmb-file-manipulation
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15612

    Date Reported: 03/24/2004
    Brief Description: MySQL mysqlbug script symlink attack
    Risk Factor: High
    Attack Type: Host Based
    Platforms: Any operating system Any version, MySQL Any version
    Vulnerability: mysql-mysqlbug-symlink
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15617

    Date Reported: 03/25/2004
    Brief Description: Etherlords 1 packet denial of service
    Risk Factor: Low
    Attack Type: Network Based
    Platforms: Etherlords 1 1.07 and prior, Windows Any version
    Vulnerability: etherlords1-packet-dos
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15618

    Date Reported: 03/25/2004
    Brief Description: Etherlords 2 packet denial of service
    Risk Factor: Low
    Attack Type: Network Based
    Platforms: Etherlords 2 1.03 and prior, Windows Any version
    Vulnerability: etherlords2-packet-dos
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15619

    Date Reported: 03/26/2004
    Brief Description: IBM AIX invscoutd allows elevated privileges
    Risk Factor: High
    Attack Type: Host Based
    Platforms: AIX 4.3.3, AIX 5.1
    Vulnerability: aix-invscoutd-gain-privileges
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15620

    Date Reported: 03/25/2004
    Brief Description: NetSupport School Pro Client32.ini file weak
                        encryption algorithm
    Risk Factor: Medium
    Attack Type: Host Based
    Platforms: NetSupport School Pro Any version, Windows Any
                        version
    Vulnerability: netsupportschoolpro-weak-encryption
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15621

    Date Reported: 03/26/2004
    Brief Description: oftpd PORT denial of service
    Risk Factor: Low
    Attack Type: Network Based
    Platforms: Linux Any version, oftpd 0.3.6, Unix Any version
    Vulnerability: oftpd-port-dos
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15622

    Date Reported: 03/17/2004
    Brief Description: OpenBSD ISAKMP IPSEC SA payload denial of service
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: OpenBSD 3.3, OpenBSD 3.4
    Vulnerability: openbsd-isakmp-ipsec-dos
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15628

    Date Reported: 03/17/2004
    Brief Description: OpenBSD ISAKMP Cert Request payload integer
                        underflow
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: OpenBSD 3.3, OpenBSD 3.4
    Vulnerability: openbsd-isakmp-integer-underflow
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15629

    Date Reported: 03/17/2004
    Brief Description: OpenBSD ISAKMP delete payload denial of service
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: OpenBSD 3.3, OpenBSD 3.4
    Vulnerability: openbsd-isakmp-delete-dos
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15630

    Date Reported: 03/26/2004
    Brief Description: phpBB privmsg.php SQL injection
    Risk Factor: Medium
    Attack Type: Network Based
    Platforms: Any operating system Any version, phpBB 2.0.8 and
                        earlier
    Vulnerability: phpbb-priv-sql-injection
    X-Force URL: http://xforce.iss.net/xforce/xfdb/15631

    _____

    Risk Factor Key:

         High Security issues that allow immediate remote, or local access
                  or immediate execution of code or commands, with unauthorized
                  privileges. Examples are most buffer overflows, backdoors,
                  default or no password, and bypassing security on firewalls
                  or other network components.
         Medium Security issues that have the potential of granting access or
                  allowing code execution by means of complex or lengthy exploit
                  procedures, or low risk issues applied to major Internet
                  components. Examples are cross-site scripting, man-in-the-middle
                  attacks, SQL injection, denial of service of major applications,
                  and denial of service resulting in system information disclosure
                  (such as core files).
         Low Security issues that deny service or provide non-system
                  information that could be used to formulate structured attacks
                  on a target, but not directly gain unauthorized access. Examples
                  are brute force attacks, non-system information disclosure
                  (configurations, paths, etc.), and denial of service attacks.

    ______

    About Internet Security Systems (ISS)
    Founded in 1994, Internet Security Systems (ISS) (Nasdaq: ISSX) is a pioneer and world leader in software and services that protect critical online resources from an ever-changing spectrum of threats and misuse. Internet Security Systems is headquartered in Atlanta, GA, with additional operations throughout the Americas, Asia, Australia, Europe and the Middle East.

    Copyright (c) 2004 Internet Security Systems, Inc. All rights reserved worldwide.

    Permission is hereby granted for the electronic redistribution of this document. It is not to be edited or altered in any way without the express written consent of the Internet Security Systems X-Force. If you wish to reprint the whole or any part of this document in any other medium excluding electronic media, please email xforce@iss.net for permission.

    Disclaimer: The information within this paper may change without notice. Internet Security Systems provides this information on an AS IS basis with NO warranties, implied or otherwise. Any use of this information is at the user's risk. In no event shall Internet Security Systems be held liable for any damages whatsoever arising out of or in connection with the use or dissemination of this information.

    X-Force PGP Key available on MIT's PGP key server and PGP.com's key server, as well as at http://xforce.iss.net/xforce/sensitive.php

    Please send suggestions, updates, and comments to: X-Force xforce@iss.net of Internet Security Systems, Inc.

    -----BEGIN PGP SIGNATURE-----
    Version: 2.6.2

    iQCVAwUBQGhvATRfJiV99eG9AQGz+wP6Ao6+CKBXu4rjXXA82iSldBdrbN46oFBq
    nRZs0vzmP128vH0wa0u0A2lt3HJ9FSpf6qdYIrj6ht84032mJxXSdkcASNWeA0dP
    PAJCfaQv9zxApDw4aiWX+8lQH8JpJzjYOtPC8N5NjbZtnPW/xle0GhI4M+pB8MdE
    wzZH4BnYI5w=
    =8sGW
    -----END PGP SIGNATURE-----


  • Next message: Palmer, Paul (ISSAtlanta): "RE: Difference between Protocol Analyzers -> Packet Sniffers"