Re: Vulernability in /cgi-bin/shopper.exe?

From: David Kennedy CISSP (david.kennedy@acm.org)
Date: 07/27/01


Message-Id: <3.0.5.32.20010727033056.008fd720@pop.fuse.net>
Date: Fri, 27 Jul 2001 03:30:56 -0400
To: <mike@responsible.com>, <INCIDENTS@securityfocus.com>
From: David Kennedy CISSP <david.kennedy@acm.org>
Subject: Re: Vulernability in /cgi-bin/shopper.exe?


-----BEGIN PGP SIGNED MESSAGE-----

At 12:38 PM 7/26/01 -0700, Michael Katz wrote:
>I have been unable to find any specific vulnerabilities with
>shopper.exe.
>
>I believe that there are either new unpubished vulnerabilities in
>the shopper.exe executable or attackers are looking to exploit the
>existing vulnerabilities listed above.
>
>If you have PDGSoft's Shopping Cart package, be warned.

http://www.nipc.gov/warnings/advisories/2001/01-007.htm

ADVISORY 01-007

"PDG Shopping Cart Software" Vulnerability Affecting E-Commerce
Issued
04/06/2001

Downloading the W32 version of the patch, a new version of
shopper.exe is in the archive.

To give a little credit where credit is due, AFAIK this was the only
time NIPC issued an advisory before a problem was common knowledge by
anyone not living in a cave. To what extent there were already
victims of the problem is something we'll probably never know. I do
wonder if it had anything to do with their investigation that yielded
one of their "DOH" advisories:
http://www.nipc.gov/warnings/advisories/2001/01-003.htm

-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.8
Comment: hacker=cybercriminal the definition has changed; get over it

iQCVAwUBO2EYe/GfiIQsciJtAQHUAgQAxiNOcW5vdLNMO9Lp7Tmd0Ngt9SRuP94c
2qWhKavXOUgIj5e3stfIHqtnguuyVn3qoB4AeKDNGWoz1pok2vjcozNl8C0ToFZW
fPnkvyymqGW9Vga44dqeR6Cu3opblHuQ74mFubNtlPFseju0erj1CcDDwyE6Hkm9
PNpAV/WVAls=
=KEDL
-----END PGP SIGNATURE-----

-- 
Regards,

David Kennedy CISSP Director of Research Services, TruSecure Corp. http://www.trusecure.com Protect what you connect. Look both ways before crossing the Net.

---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com



Relevant Pages

  • [NEWS] Vulnerability Issues in Implementations of the H.323 Protocol (Generic)
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Get your security news from a reliable source. ... discovered a number of implementation specific vulnerabilities in the ... The severity of these vulnerabilities varies by vendor. ...
    (Securiteam)
  • [NEWS] Openfire Multiple Vulnerabilities
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Openfire Multiple Vulnerabilities ...
    (Securiteam)
  • Re: SECUNIA warning:[SA16041] Kerberos V5 Multiple Vulnerabilities
    ... the Kerberos v5 specification, done by Microsoft. ... Kerberos V5 Multiple Vulnerabilities ... > Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- ... > SECUNIA ADVISORY ID: ...
    (microsoft.public.security)
  • RE: php pack() security update
    ... I'm waiting for redhat to release updates for php on as3. ... SECUNIA ADVISORY ID: ... Multiple vulnerabilities have been reported in PHP, ... Successful exploitation requires that PHP runs on a multi-threaded ...
    (RedHat)
  • Simple PHP Blog Multiple Vulnerabilities
    ... Secure Network - Security Research Advisory ... Simple PHP Blog is a blogging application that was written with simplicity of installation and maintenance in mind. ... Multiple vulnerabilities have been reported in the latest version of this web application; probably all previous versions are affected to the same issues. ...
    (Bugtraq)