ISS Security Alert Summary AS04-22
From: X-Force (xforce_at_iss.net)
Date: 06/01/04
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 1 Jun 2004 13:48:57 -0400 (EDT) To: alert@iss.net
-----BEGIN PGP SIGNED MESSAGE-----
Internet Security Systems Security Alert Summary AS04-22
June 01, 2004
X-Force Vulnerability and Threat Database: http://xforce.iss.net/
Attention ISS Alert subscribers: In an effort to reserve communication via this mailing list for high priority security issues only, Internet Security Systems will discontinue the weekly Alert Summary report at the end of June, 2004. The June 28th edition will be the last Alert Summary published. ISS will continue to release high priority Alerts and Advisories via this mailing list after that date. ISS X-Force will send Alerts when X-Force learns of a serious vulnerability or threat posing significant risk to customers and the public, and Advisories will contain vulnerability information stemming from original, internal X-Force research. Subscribers to our X-Force Threat Analysis Service (XFTAS) can access the information currently contained in the weekly Alert Summary in addition to current and forecast assessments with links to recommended fixes and security advice for active vulnerabilities, viruses, worms, and threats. To subscribe to XFTAS, please visit http://xforce.is!
s.net/xftas/ or contact sales@iss.net.
This summary is available at the following address:
http://xforce.iss.net/xforce/alerts/id/AS04-22
Contents:
* 27 Reported Vulnerabilities
* Risk Factor Key
_____
Date Reported: 05/22/2004
Brief Description: Liferay Enterprise Portal message cross-site
scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Any operating system Any version, Liferay
Enterprise Portal Any version
Vulnerability: liferay-message-xss
X-Force URL: http://xforce.iss.net/xforce/xfdb/16232
Date Reported: 05/23/2004
Brief Description: PimenGest2 rowLatex.inc.php view database password
Risk Factor: Medium
Attack Type: Network Based
Platforms: Debian Linux Any version
Vulnerability: pimengest2-rowlatex-view-password
X-Force URL: http://xforce.iss.net/xforce/xfdb/16234
Date Reported: 05/22/2004
Brief Description: xpcd xpcd-svga pcd_open buffer overflow
Risk Factor: High
Attack Type: Host Based
Platforms: Debian Linux 3.0, xpcd Any version
Vulnerability: xpcd-svga-pcdopen-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/16236
Date Reported: 05/24/2004
Brief Description: Mollensoft FTP Server CWD command buffer overflow
Risk Factor: Low
Attack Type: Network Based
Platforms: Mollensoft Lightweight FTP Server 3.6, Windows Any
version
Vulnerability: mollensoft-cwd-command-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/16237
Date Reported: 05/24/2004
Brief Description: NETGEAR RP114 long URL filter bypass
Risk Factor: Medium
Attack Type: Network Based
Platforms: NETGEAR RP114 any version
Vulnerability: netgearrp114-long-url-filter-bypass
X-Force URL: http://xforce.iss.net/xforce/xfdb/16238
Date Reported: 05/23/2004
Brief Description: cPanel mod_phpsuexec allows command execution
Risk Factor: High
Attack Type: Host Based
Platforms: cPanel any version, Linux Any version, Unix Any
version
Vulnerability: cpanel-modphpsuexec-execute-commands
X-Force URL: http://xforce.iss.net/xforce/xfdb/16239
Date Reported: 05/24/2004
Brief Description: VocalTec Telephony Gateway denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: VocalTec Gateway 120, VocalTec Gateway 480, VxWorks
Any version
Vulnerability: vocaltec-gateway-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/16240
Date Reported: 05/25/2004
Brief Description: e107 user.php cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Any operating system Any version, e107 Any version
Vulnerability: e107-user-xss
X-Force URL: http://xforce.iss.net/xforce/xfdb/16241
Date Reported: 05/24/2004
Brief Description: Mac OS X SSH URL handler code execution
Risk Factor: Medium
Attack Type: Network Based
Platforms: Mac OS 10.x
Vulnerability: macos-ssh-code-execution
X-Force URL: http://xforce.iss.net/xforce/xfdb/16242
Date Reported: 05/25/2004
Brief Description: F-Secure Anti-Virus bypass Sober.D and Sober.G
detection
Risk Factor: Medium
Attack Type: Network Based
Platforms: Any operating system Any version, F-Secure Anti-
Virus 5.41, F-Secure Anti-Virus 5.42, F-Secure
Anti-Virus Client Security 5.50 and 5.52
Vulnerability: fsecure-sober-detection-bypass
X-Force URL: http://xforce.iss.net/xforce/xfdb/16243
Date Reported: 05/21/2004
Brief Description: UCD-SNMPD command buffer overflow
Risk Factor: High
Attack Type: Host Based
Platforms: Linux Any version, UCD-SNMPD 4.2.6 and earlier,
Unix Any version
Vulnerability: ucd-snmpd-command-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/16245
Date Reported: 05/21/2004
Brief Description: Eudora To: field denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Eudora prior to 6.1.1, Windows Any version
Vulnerability: eudora-to-field-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/16246
Date Reported: 05/26/2004
Brief Description: HP OpenView Select Access gain access
Risk Factor: Medium
Attack Type: Network Based
Platforms: HP OpenView Select Access 5.0, HP OpenView Select
Access 5.1, HP OpenView Select Access 5.2, HP
OpenView Select Access 6.0, HP-UX 11, Red Hat Linux
7.0, Solaris 2.8 and later, Windows 2000 Any
version, Windows NT 4.0
Vulnerability: openview-select-gain-access
X-Force URL: http://xforce.iss.net/xforce/xfdb/16247
Date Reported: 05/25/2004
Brief Description: Orenosv HTTP/FTP Server HTTP GET denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Orenosv 0.5.9f, Windows Any version
Vulnerability: orenosv-http-get-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/16250
Date Reported: 05/26/2004
Brief Description: HP Integrated Lights-Out port zero denial of
service
Risk Factor: Low
Attack Type: Network Based
Platforms: Any operating system Any version, HP Integrated
Lights-Out (iLO) prior to 1.55
Vulnerability: ilo-port-zero-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/16251
Date Reported: 05/24/2004
Brief Description: BigIP TCP SYN cookie denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: BigIP 4.5 through 4.5.10, BSD Any version
Vulnerability: bigip-syn-cookie-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/16253
Date Reported: 05/26/2004
Brief Description: FreeBSD msync allows elevated privileges
Risk Factor: High
Attack Type: Host Based
Platforms: FreeBSD 4.10-RELEASE, FreeBSD 4.10-STABLE, FreeBSD
4.8-RELEASE-p22, FreeBSD 4.9-RELEASE-p9, FreeBSD
5.2.1-RELEASE-p8, FreeBSD RELENG_4, FreeBSD
RELENG_4_10, FreeBSD RELENG_4_8, FreeBSD
RELENG_4_9, FreeBSD RELENG_5_2
Vulnerability: freebsd-msync-gain-privileges
X-Force URL: http://xforce.iss.net/xforce/xfdb/16254
Date Reported: 05/26/2004
Brief Description: GNU Mailman obtain password
Risk Factor: Medium
Attack Type: Network Based
Platforms: Conectiva Linux 8.0, Conectiva Linux 9.0, GNU
Mailman prior to 2.1.5
Vulnerability: mailman-obtain-password
X-Force URL: http://xforce.iss.net/xforce/xfdb/16256
Date Reported: 05/26/2004
Brief Description: 3Com OfficeConnect Telnet escape sequence buffer
overflow
Risk Factor: Low
Attack Type: Network Based
Platforms: 3Com OfficeConnect 812 ADSL Router 1.1.9
Vulnerability: 3com-officeconnect-telnet-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/16257
Date Reported: 05/26/2004
Brief Description: F-Secure Anti-Virus LHA archive buffer overflow
Risk Factor: Low
Attack Type: Network Based
Platforms: Any operating system Any version, F-Secure Anti-
Virus 2004 and earlier, F-Secure Anti-Virus Client
Security 5.52 and earlier, F-Secure Anti-Virus for
Linux 4.52 and earlier, F-Secure Anti-Virus for
MIMEsweeper 5.42 and earlier, F-Secure Anti-Virus
for MS Exchange 6.21 and earlier, F-Secure Anti-
Virus for Samba Servers 4.60, F-Secure Anti-Virus
for Windows Servers 5.42 and earlier, F-Secure
Anti-Virus for Workstations 5.42 and earlier, F-
Secure for Firewalls 6.20 and earlier, F-Secure
Internet Gatekeeper 6.32 and earlier, F-Secure
Internet Security 2004 and earlier
Vulnerability: fsecure-lha-archive-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/16258
Date Reported: 05/26/2004
Brief Description: SGI IRIX cpr allows elevated privileges
Risk Factor: High
Attack Type: Host Based
Platforms: IRIX 6.5.20 to 6.5.24
Vulnerability: irix-cpr-gain-privileges
X-Force URL: http://xforce.iss.net/xforce/xfdb/16259
Date Reported: 05/26/2004
Brief Description: MiniShare GET and HEAD requests denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: MiniShare 1.3.2, Windows Any version
Vulnerability: minishare-get-head-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/16260
Date Reported: 05/26/2004
Brief Description: Canon imageRUNNER 210 port scan denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Canon imageRUNNER 210
Vulnerability: canon-imagerunner-scan-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/16261
Date Reported: 05/26/2004
Brief Description: Isoqlog parcer.c allows elevated privileges
Risk Factor: High
Attack Type: Host Based
Platforms: Isoqlog 2.2-BETA, Linux Any version, Unix Any
version
Vulnerability: isoqlog-parcer-gain-privileges
X-Force URL: http://xforce.iss.net/xforce/xfdb/16262
Date Reported: 05/27/2004
Brief Description: xdm open socket allows access
Risk Factor: High
Attack Type: Network Based
Platforms: Linux Any version, Unix Any version, xdm Any
version
Vulnerability: xdm-socket-gain-access
X-Force URL: http://xforce.iss.net/xforce/xfdb/16264
Date Reported: 05/27/2004
Brief Description: WildTangent WTHoster and WebDriver buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: WildTangent Web Driver 4.0, Windows Any version
Vulnerability: wildtangent-wthoster-webdriver-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/16266
Date Reported: 05/27/2004
Brief Description: 3com OfficeConnect allows elevated access
Risk Factor: High
Attack Type: Network Based
Platforms: 3Com OfficeConnect 812 ADSL Router Any version
Vulnerability: 3com-officeconnect-gain-access
X-Force URL: http://xforce.iss.net/xforce/xfdb/16267
_____
Risk Factor Key:
High Security issues that allow immediate remote, or local access
or immediate execution of code or commands, with unauthorized
privileges. Examples are most buffer overflows, backdoors,
default or no password, and bypassing security on firewalls
or other network components.
Medium Security issues that have the potential of granting access or
allowing code execution by means of complex or lengthy exploit
procedures, or low risk issues applied to major Internet
components. Examples are cross-site scripting, man-in-the-middle
attacks, SQL injection, denial of service of major applications,
and denial of service resulting in system information disclosure
(such as core files).
Low Security issues that deny service or provide non-system
information that could be used to formulate structured attacks
on a target, but not directly gain unauthorized access. Examples
are brute force attacks, non-system information disclosure
(configurations, paths, etc.), and denial of service attacks.
______
About Internet Security Systems (ISS)
Founded in 1994, Internet Security Systems (ISS) (Nasdaq: ISSX) is a pioneer and
world leader in software and services that protect critical online resources from
an ever-changing spectrum of threats and misuse. Internet Security Systems is
headquartered in Atlanta, GA, with additional operations throughout the Americas,
Asia, Australia, Europe and the Middle East.
Copyright (c) 2004 Internet Security Systems, Inc. All rights reserved worldwide.
Permission is hereby granted for the electronic redistribution of this document.
It is not to be edited or altered in any way without the express written consent
of the Internet Security Systems X-Force. If you wish to reprint the whole or any
part of this document in any other medium excluding electronic media, please email
xforce@iss.net for permission.
Disclaimer: The information within this paper may change without notice. Internet
Security Systems provides this information on an AS IS basis with NO warranties,
implied or otherwise. Any use of this information is at the user's risk. In no
event shall Internet Security Systems be held liable for any damages whatsoever
arising out of or in connection with the use or dissemination of this information.
X-Force PGP Key available on MIT's PGP key server and PGP.com's key server, as
well as at http://xforce.iss.net/xforce/sensitive.php
Please send suggestions, updates, and comments to: X-Force xforce@iss.net of
Internet Security Systems, Inc.
_______________________________________________
TO SUBSCRIBE, UNSUBSCRIBE, OR CHANGE YOUR SUBSCRIPTION, go to
https://atla-mm1.iss.net/mailman/listinfo/alert
To contact the ISS Alert List Administrator, send email to
mod-alert@iss.net
The ISS Alert mailing list is hosted and managed by Internet Security
Systems, 6303 Barfield Road, Atlanta, Georgia, USA 30328.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBQLzBaDRfJiV99eG9AQHVvwQAqDtwp3eV4VsFQCD/CueZEmVCi29ATc/A
rsUjBwPOCgGBMXgmCGkFSlyec5vz0BRs2yH8DZ91+EvIst2kftBi62w8km1kQFsy
zqe7lA6+U0z7DiFRBYHiuRzTM/Ns0y8/auADZkMEfCfjMI+6vaPsrqbpm4C5fSUd
sQ6iks6+ExU=
=k7q7
-----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
