VARIoT IoT vulnerabilities database
| VAR-200102-0007 | CVE-2000-0896 | IBM AIX setclock buffer overflow in remote timeserver argument |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
WatchGuard SOHO firewall allows remote attackers to cause a denial of service via a flood of fragmented IP packets, which causes the firewall to drop connections and stop forwarding packets. There is a buffer overflow in the IBM AIX setclock command that may allow local attackers to gain root privileges. Vulnerabilities exist in the WatchGuard SOHO firewall. Microsoft Internet Explorer DBCS Remote Memory Corruption Vulnerability
By Sowhat of Nevis Labs
Date: 2006.04.11
http://www.nevisnetworks.com
http://secway.org/advisory/AD20060411.txt
http://www.microsoft.com/technet/security/bulletin/MS06-013.mspx
CVE: CVE-2006-1189
Vendor
Microsoft Inc.
Products affected:
Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4
and Microsoft Windows XP Service Pack 1
Internet Explorer 6 for Microsoft Windows XP Service Pack 2
Internet Explorer 6 for Microsoft Windows Server 2003
Internet Explorer 6 Service Pack 1 on Microsoft Windows 98, Microsoft
Windows 98 SE, and Microsoft Windows Millennium Edition
This vulnerability affects systems that use Double-Byte Character Sets.
Systems that are affected are Windows language versions that use a
Double Byte Character Set language. Examples of languages that use DBCS
are Chinese, Japanese, and Korean languages. Customers using
other language versions of Windows might also be affected if "Language
for non-Unicode programs" has been set to a Double Byte Character Set
language.
Overview:
There exists a buffer overflow in Microsoft Internet Explorer in the
parsing of DBCS URLS.
This vulnerability could allow an attacker to execute arbitrary code on the
victim's system when the victim visits a web page or views an HTML email
message.
This attack may be utilized wherever IE parses HTML, such as webpages, email,
newsgroups, and within applications utilizing web-browsing functionality.
Details:
URLMON.DLL does not properly validate IDN containing double-byte character
sets (DBCS), which may lead to remote code execution.
Exploiting this vulnerability seems to need a lot of more work but we
believe that
exploitation is possible.
POC:
No PoC will be released for this.
FIX:
Microsoft has released an update for Internet Explorer which is
set to address this issue. This can be downloaded from:
http://www.microsoft.com/technet/security/bulletin/MS06-013.mspx
Vendor Response:
2005.12.29 Vendor notified via secure@microsoft.com
2005.12.29 Vendor responded
2006.04.11 Vendor released MS06-0xx patch
2006.04.11 Advisory released
Common Vulnerabilities and Exposures (CVE) Information:
The Common Vulnerabilities and Exposures (CVE) project has assigned
the following names to these issues. These are candidates for
inclusion in the CVE list (http://cve.mitre.org), which standardizes
names for security problems.
CVE-2006-1189
Greetings to Lennart@MS, Chi, OYXin, Narasimha Datta, all Nevis Labs guys,
all XFocus and 0x557 guys :)
References:
1. http://www.microsoft.com/technet/security/bulletin/MS06-013.mspx
2. http://www.nsfocus.com/english/homepage/research/0008.htm
3. http://xforce.iss.net/xforce/xfdb/5729
4. http://www.securityfocus.com/bid/2100/discuss
5. http://www.inter-locale.com/whitepaper/IUC27-a303.html
6. http://blogs.msdn.com/michkap/archive/2005/10/28/486034.aspx
7. [Mozilla Firefox IDN "Host:" Buffer Overflow]
http://www.security-protocols.com/advisory/sp-x17-advisory.txt
8. [Mozilla Firefox 1.5 Beta 1 IDN Buffer Overflow]
http://www.security-protocols.com/advisory/sp-x18-advisory.txt
9. http://72.14.203.104/search?q=cache:Dxn-V4fil1IJ:developer.novell.com
/research/devnotes/1995/may/02/05.htm
--
Sowhat
http://secway.org
"Life is like a bug, Do you know how to exploit it ?"
| VAR-200102-0052 | CVE-2001-0080 |
IBM AIX setclock buffer overflow in remote timeserver argument
Related entries in the VARIoT exploits database: VAR-E-200012-0073 |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Cisco Catalyst 6000, 5000, or 4000 switches allow remote attackers to cause a denial of service by connecting to the SSH service with a non-SSH client, which generates a protocol mismatch error. There is a buffer overflow in the IBM AIX setclock command that may allow local attackers to gain root privileges. Cisco Catalyst 6000, 5000, or 4000 switches are vulnerable. This vulnerability results in a protocol mismatch. Microsoft Internet Explorer DBCS Remote Memory Corruption Vulnerability
By Sowhat of Nevis Labs
Date: 2006.04.11
http://www.nevisnetworks.com
http://secway.org/advisory/AD20060411.txt
http://www.microsoft.com/technet/security/bulletin/MS06-013.mspx
CVE: CVE-2006-1189
Vendor
Microsoft Inc.
Products affected:
Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4
and Microsoft Windows XP Service Pack 1
Internet Explorer 6 for Microsoft Windows XP Service Pack 2
Internet Explorer 6 for Microsoft Windows Server 2003
Internet Explorer 6 Service Pack 1 on Microsoft Windows 98, Microsoft
Windows 98 SE, and Microsoft Windows Millennium Edition
This vulnerability affects systems that use Double-Byte Character Sets.
Systems that are affected are Windows language versions that use a
Double Byte Character Set language. Examples of languages that use DBCS
are Chinese, Japanese, and Korean languages. Customers using
other language versions of Windows might also be affected if "Language
for non-Unicode programs" has been set to a Double Byte Character Set
language.
Overview:
There exists a buffer overflow in Microsoft Internet Explorer in the
parsing of DBCS URLS.
This vulnerability could allow an attacker to execute arbitrary code on the
victim's system when the victim visits a web page or views an HTML email
message.
This attack may be utilized wherever IE parses HTML, such as webpages, email,
newsgroups, and within applications utilizing web-browsing functionality.
Details:
URLMON.DLL does not properly validate IDN containing double-byte character
sets (DBCS), which may lead to remote code execution.
Exploiting this vulnerability seems to need a lot of more work but we
believe that
exploitation is possible.
POC:
No PoC will be released for this.
FIX:
Microsoft has released an update for Internet Explorer which is
set to address this issue. This can be downloaded from:
http://www.microsoft.com/technet/security/bulletin/MS06-013.mspx
Vendor Response:
2005.12.29 Vendor notified via secure@microsoft.com
2005.12.29 Vendor responded
2006.04.11 Vendor released MS06-0xx patch
2006.04.11 Advisory released
Common Vulnerabilities and Exposures (CVE) Information:
The Common Vulnerabilities and Exposures (CVE) project has assigned
the following names to these issues. These are candidates for
inclusion in the CVE list (http://cve.mitre.org), which standardizes
names for security problems.
CVE-2006-1189
Greetings to Lennart@MS, Chi, OYXin, Narasimha Datta, all Nevis Labs guys,
all XFocus and 0x557 guys :)
References:
1. http://www.microsoft.com/technet/security/bulletin/MS06-013.mspx
2. http://www.nsfocus.com/english/homepage/research/0008.htm
3. http://xforce.iss.net/xforce/xfdb/5729
4. http://www.securityfocus.com/bid/2100/discuss
5. http://www.inter-locale.com/whitepaper/IUC27-a303.html
6. http://blogs.msdn.com/michkap/archive/2005/10/28/486034.aspx
7. [Mozilla Firefox IDN "Host:" Buffer Overflow]
http://www.security-protocols.com/advisory/sp-x17-advisory.txt
8. [Mozilla Firefox 1.5 Beta 1 IDN Buffer Overflow]
http://www.security-protocols.com/advisory/sp-x18-advisory.txt
9. http://72.14.203.104/search?q=cache:Dxn-V4fil1IJ:developer.novell.com
/research/devnotes/1995/may/02/05.htm
--
Sowhat
http://secway.org
"Life is like a bug, Do you know how to exploit it ?"
| VAR-200102-0040 | CVE-2001-0068 | IBM AIX setclock buffer overflow in remote timeserver argument |
CVSS V2: 2.6 CVSS V3: - Severity: LOW |
Mac OS Runtime for Java (MRJ) 2.2.3 allows remote attackers to use malicious applets to read files outside of the CODEBASE context via the ARCHIVE applet parameter. There is a buffer overflow in the IBM AIX setclock command that may allow local attackers to gain root privileges. Macintosh Runtime for Java is prone to a remote security vulnerability. Microsoft Internet Explorer DBCS Remote Memory Corruption Vulnerability
By Sowhat of Nevis Labs
Date: 2006.04.11
http://www.nevisnetworks.com
http://secway.org/advisory/AD20060411.txt
http://www.microsoft.com/technet/security/bulletin/MS06-013.mspx
CVE: CVE-2006-1189
Vendor
Microsoft Inc.
Products affected:
Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4
and Microsoft Windows XP Service Pack 1
Internet Explorer 6 for Microsoft Windows XP Service Pack 2
Internet Explorer 6 for Microsoft Windows Server 2003
Internet Explorer 6 Service Pack 1 on Microsoft Windows 98, Microsoft
Windows 98 SE, and Microsoft Windows Millennium Edition
This vulnerability affects systems that use Double-Byte Character Sets.
Systems that are affected are Windows language versions that use a
Double Byte Character Set language. Examples of languages that use DBCS
are Chinese, Japanese, and Korean languages. Customers using
other language versions of Windows might also be affected if "Language
for non-Unicode programs" has been set to a Double Byte Character Set
language.
Overview:
There exists a buffer overflow in Microsoft Internet Explorer in the
parsing of DBCS URLS.
This vulnerability could allow an attacker to execute arbitrary code on the
victim's system when the victim visits a web page or views an HTML email
message.
This attack may be utilized wherever IE parses HTML, such as webpages, email,
newsgroups, and within applications utilizing web-browsing functionality.
Details:
URLMON.DLL does not properly validate IDN containing double-byte character
sets (DBCS), which may lead to remote code execution.
Exploiting this vulnerability seems to need a lot of more work but we
believe that
exploitation is possible.
POC:
No PoC will be released for this.
FIX:
Microsoft has released an update for Internet Explorer which is
set to address this issue. This can be downloaded from:
http://www.microsoft.com/technet/security/bulletin/MS06-013.mspx
Vendor Response:
2005.12.29 Vendor notified via secure@microsoft.com
2005.12.29 Vendor responded
2006.04.11 Vendor released MS06-0xx patch
2006.04.11 Advisory released
Common Vulnerabilities and Exposures (CVE) Information:
The Common Vulnerabilities and Exposures (CVE) project has assigned
the following names to these issues. These are candidates for
inclusion in the CVE list (http://cve.mitre.org), which standardizes
names for security problems.
CVE-2006-1189
Greetings to Lennart@MS, Chi, OYXin, Narasimha Datta, all Nevis Labs guys,
all XFocus and 0x557 guys :)
References:
1. http://www.microsoft.com/technet/security/bulletin/MS06-013.mspx
2. http://www.nsfocus.com/english/homepage/research/0008.htm
3. http://xforce.iss.net/xforce/xfdb/5729
4. http://www.securityfocus.com/bid/2100/discuss
5. http://www.inter-locale.com/whitepaper/IUC27-a303.html
6. http://blogs.msdn.com/michkap/archive/2005/10/28/486034.aspx
7. [Mozilla Firefox IDN "Host:" Buffer Overflow]
http://www.security-protocols.com/advisory/sp-x17-advisory.txt
8. [Mozilla Firefox 1.5 Beta 1 IDN Buffer Overflow]
http://www.security-protocols.com/advisory/sp-x18-advisory.txt
9. http://72.14.203.104/search?q=cache:Dxn-V4fil1IJ:developer.novell.com
/research/devnotes/1995/may/02/05.htm
--
Sowhat
http://secway.org
"Life is like a bug, Do you know how to exploit it ?"
| VAR-200102-0098 | CVE-2001-0096 | IBM AIX setclock buffer overflow in remote timeserver argument |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
FrontPage Server Extensions (FPSE) in IIS 4.0 and 5.0 allows remote attackers to cause a denial of service via a malformed form, aka the "Malformed Web Form Submission" vulnerability. There is a buffer overflow in the IBM AIX setclock command that may allow local attackers to gain root privileges. Microsoft Internet Explorer DBCS Remote Memory Corruption Vulnerability
By Sowhat of Nevis Labs
Date: 2006.04.11
http://www.nevisnetworks.com
http://secway.org/advisory/AD20060411.txt
http://www.microsoft.com/technet/security/bulletin/MS06-013.mspx
CVE: CVE-2006-1189
Vendor
Microsoft Inc.
Products affected:
Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4
and Microsoft Windows XP Service Pack 1
Internet Explorer 6 for Microsoft Windows XP Service Pack 2
Internet Explorer 6 for Microsoft Windows Server 2003
Internet Explorer 6 Service Pack 1 on Microsoft Windows 98, Microsoft
Windows 98 SE, and Microsoft Windows Millennium Edition
This vulnerability affects systems that use Double-Byte Character Sets.
Systems that are affected are Windows language versions that use a
Double Byte Character Set language. Examples of languages that use DBCS
are Chinese, Japanese, and Korean languages. Customers using
other language versions of Windows might also be affected if "Language
for non-Unicode programs" has been set to a Double Byte Character Set
language.
Overview:
There exists a buffer overflow in Microsoft Internet Explorer in the
parsing of DBCS URLS.
This vulnerability could allow an attacker to execute arbitrary code on the
victim's system when the victim visits a web page or views an HTML email
message.
This attack may be utilized wherever IE parses HTML, such as webpages, email,
newsgroups, and within applications utilizing web-browsing functionality.
Details:
URLMON.DLL does not properly validate IDN containing double-byte character
sets (DBCS), which may lead to remote code execution.
Exploiting this vulnerability seems to need a lot of more work but we
believe that
exploitation is possible.
POC:
No PoC will be released for this.
FIX:
Microsoft has released an update for Internet Explorer which is
set to address this issue. This can be downloaded from:
http://www.microsoft.com/technet/security/bulletin/MS06-013.mspx
Vendor Response:
2005.12.29 Vendor notified via secure@microsoft.com
2005.12.29 Vendor responded
2006.04.11 Vendor released MS06-0xx patch
2006.04.11 Advisory released
Common Vulnerabilities and Exposures (CVE) Information:
The Common Vulnerabilities and Exposures (CVE) project has assigned
the following names to these issues. These are candidates for
inclusion in the CVE list (http://cve.mitre.org), which standardizes
names for security problems.
CVE-2006-1189
Greetings to Lennart@MS, Chi, OYXin, Narasimha Datta, all Nevis Labs guys,
all XFocus and 0x557 guys :)
References:
1. http://www.microsoft.com/technet/security/bulletin/MS06-013.mspx
2. http://www.nsfocus.com/english/homepage/research/0008.htm
3. http://xforce.iss.net/xforce/xfdb/5729
4. http://www.securityfocus.com/bid/2100/discuss
5. http://www.inter-locale.com/whitepaper/IUC27-a303.html
6. http://blogs.msdn.com/michkap/archive/2005/10/28/486034.aspx
7. [Mozilla Firefox IDN "Host:" Buffer Overflow]
http://www.security-protocols.com/advisory/sp-x17-advisory.txt
8. [Mozilla Firefox 1.5 Beta 1 IDN Buffer Overflow]
http://www.security-protocols.com/advisory/sp-x18-advisory.txt
9. http://72.14.203.104/search?q=cache:Dxn-V4fil1IJ:developer.novell.com
/research/devnotes/1995/may/02/05.htm
--
Sowhat
http://secway.org
"Life is like a bug, Do you know how to exploit it ?"
| VAR-200112-0219 | CVE-2001-1480 | Sun JRE/SDK Clipboard popup vulnerability |
CVSS V2: 7.5 CVSS V3: - Severity: HIGH |
Java Runtime Environment (JRE) and SDK 1.2 through 1.3.0_04 allows untrusted applets to access the system clipboard. In the default java security model for applets, this access should not be granted
| VAR-200102-0055 | CVE-2001-0019 | Cisco Content service Switch Very long filename service denial vulnerability |
CVSS V2: 2.1 CVSS V3: - Severity: LOW |
Arrowpoint (aka Cisco Content Services, or CSS) allows local users to cause a denial of service via a long argument to the "show script," "clear script," "show archive," "clear archive," "show log," or "clear log" commands. The Cisco Content Services (CSS) switches are hardware designed to provide enhanced web services for e-commerece and Web Content delivery using the Cisco Web Network Services (Web NS). The CSS switch is distributed by Cisco Systems.
A problem in the CSS could allow a local user to deny service to legitimate users. The problem occurs in the handling of input by local users. A user must have access to the switch command line interface prior to launching an attack, but not have administrative privileges. Upon connecting to a non-privileged account, a user can locally execute a command on the switch which requires a file name as an argument. Upon specifying a filename that is the maximum size of the filename buffer, the switch reboots and starts system checks.
This vulnerability makes it possible for a user with malicious intentions to connect to a switch granting sufficient privileges, and execute a command that could deny service to legitimate network users. This vulnerability affects CSS switches 11050, 11150, and 11800
| VAR-200102-0027 | CVE-2001-0055 | Oracle Internet Directory LDAP Daemon does not check write permissions properly |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
CBOS 2.4.1 and earlier in Cisco 600 routers allows remote attackers to cause a denial of service via a slow stream of TCP SYN packets. The Oracle LDAP Daemon (oidldapd version 2.1.1.1), which ships with Oracle version 8i for Linux version 8.1.7, does not check write permissions properly. This can allow a local user to delete or write to any file on the system. There is a buffer overflow in the IBM AIX setclock command that may allow local attackers to gain root privileges. Broadband Operating System is prone to a denial-of-service vulnerability. CBOS 2.4.1 and earlier versions of the Cisco 600 router are vulnerable. -----BEGIN PGP SIGNED MESSAGE-----
Internet Security Systems Security Alert Summary
January 1, 2001
Volume 6 Number 2
The following computer security issues have been publicly reported and
documented in the X-Force Vulnerability and Threat Database
(http://xforce.iss.net).
This document is available at
http://xforce.iss.net/alerts/vol-06_num-02.php. To receive these Alert
Summaries:
- - Subscribe to the Alert mailing list from
http://xforce.iss.net/maillists/index.php
- - Or send an email to majordomo@iss.net, and within the body of the
message type:
- - 'subscribe alert' (without the quotes).
_____
Contents
115 Reported Vulnerabilities
Risk Factor Key
_____
Date Reported: 12/31/00
Vulnerability: exmh-error-symlink
Platforms Affected: exmh 2.2 and earlier
Risk Factor: High
Attack Type: Host Based
Brief Description: exmh error message symlink
X-Force URL: http://xforce.iss.net/static/5829.php
_____
Date Reported: 12/30/00
Vulnerability: informix-webdriver-symlink
Platforms Affected: Informix Webdriver
Risk Factor: High
Attack Type: Host Based
Brief Description: Informix Webdriver symbolic link
X-Force URL: http://xforce.iss.net/static/5827.php
_____
Date Reported: 12/30/00
Vulnerability: informix-webdriver-admin-access
Platforms Affected: Informix Webdriver
Risk Factor: High
Attack Type: Network Based
Brief Description: Informix Webdriver remote Admin access
X-Force URL: http://xforce.iss.net/static/5833.php
_____
Date Reported: 12/29/00
Vulnerability: zonealarm-mutex-dos
Platforms Affected: ZoneAlarm Pro
Risk Factor: Medium
Attack Type: Host Based
Brief Description: ZoneAlarm and ZoneAlarm Pro Mutex creation denial
of service
X-Force URL: http://xforce.iss.net/static/5821.php
_____
Date Reported: 12/29/00
Vulnerability: zonealarm-batfile-dos
Platforms Affected: ZoneAlarm Pro
Risk Factor: Medium
Attack Type: Host Based
Brief Description: ZoneAlarm and ZoneAlarm Pro can be taken down with
a batch file
X-Force URL: http://xforce.iss.net/static/5822.php
_____
Date Reported: 12/29/00
Vulnerability: shockwave-flash-swf-bo
Platforms Affected: Shockwave Plugin 8.0 and prior
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Shockwave Flash SWF file buffer overflow
X-Force URL: http://xforce.iss.net/static/5826.php
_____
Date Reported: 12/29/00
Vulnerability: macos-multiple-users
Platforms Affected: MacOS 9.0
Risk Factor: High
Attack Type: Host Based
Brief Description: Mac OS 'Multiple Users' bypass password
X-Force URL: http://xforce.iss.net/static/5830.php
_____
Date Reported: 12/28/00
Vulnerability: http-cgi-ikonboard
Platforms Affected: Ikonboard 2.1.7b and prior
Risk Factor: High
Attack Type: Host Based
Brief Description: Ikonboard allows remote attacker to execute
commands
X-Force URL: http://xforce.iss.net/static/5819.php
_____
Date Reported: 12/27/00
Vulnerability: http-cgi-technote-main
Platforms Affected: TECH-NOTE (000, 2001, Pro)
Risk Factor: High
Attack Type: Network Based
Brief Description: TECH-NOTE main.cgi reveals files
X-Force URL: http://xforce.iss.net/static/5813.php
_____
Date Reported: 12/26/00
Vulnerability: xwindows-char-dos
Platforms Affected: XFree86
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: X Windows multiple character denial of service
X-Force URL: http://xforce.iss.net/static/5834.php
_____
Date Reported: 12/25/00
Vulnerability: 1stup-mail-server-bo
Platforms Affected: 1st Up Mail Server 4.1
Risk Factor: Medium
Attack Type: Network Based
Brief Description: 1st Up Mail Server buffer overflow
X-Force URL: http://xforce.iss.net/static/5808.php
_____
Date Reported: 12/25/00
Vulnerability: dialog-symlink
Platforms Affected: Linux Debian 2.2
Risk Factor: High
Attack Type: Host Based
Brief Description: Linux dialog package symlink attack
X-Force URL: http://xforce.iss.net/static/5809.php
_____
Date Reported: 12/25/00
Vulnerability: ibm-wcs-admin
Platforms Affected: IBM Websphere Commerce Suite
Risk Factor: High
Attack Type: Host Based
Brief Description: IBM WCS admin.config allows user to execute
arbitrary commands
X-Force URL: http://xforce.iss.net/static/5831.php
_____
Date Reported: 12/23/00
Vulnerability: http-cgi-technote-print
Platforms Affected: TECH-NOTE (2000, 2001, Pro)
Risk Factor: Medium
Attack Type: Network Based
Brief Description: TECH-NOTE print.cgi reveals files
X-Force URL: http://xforce.iss.net/static/5815.php
_____
Date Reported: 12/22/00
Vulnerability: iis-web-form-submit
Platforms Affected: IIS (4.0, 5.0)
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: IIS Web form submission
X-Force URL: http://xforce.iss.net/static/5823.php
_____
Date Reported: 12/21/00
Vulnerability: hpux-kermit-bo
Platforms Affected: HPUX (10.01, 10.10, 10.20, 11.00)
Risk Factor: Medium
Attack Type: Host Based
Brief Description: HP-UX kermit buffer overflow
X-Force URL: http://xforce.iss.net/static/5793.php
_____
Date Reported: 12/21/00
Vulnerability: bsguest-cgi-execute-commands
Platforms Affected: Linux
Risk Factor: Medium
Attack Type: Network Based
Brief Description: bsguest.cgi allows remote execution of commands on
server
X-Force URL: http://xforce.iss.net/static/5796.php
_____
Date Reported: 12/21/00
Vulnerability: bslist-cgi-execute-commands
Platforms Affected: Linux
Risk Factor: Medium
Attack Type: Network Based
Brief Description: bslist.cgi allows remote execution of commands on
server
X-Force URL: http://xforce.iss.net/static/5797.php
_____
Date Reported: 12/21/00
Vulnerability: infinite-interchange-dos
Platforms Affected: Infinite Interchange 3.61
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Infinite InterChange denial of service
X-Force URL: http://xforce.iss.net/static/5798.php
_____
Date Reported: 12/21/00
Vulnerability: oracle-execute-plsql
Platforms Affected: Oracle Application Server
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Oracle remote procedure execution
X-Force URL: http://xforce.iss.net/static/5817.php
_____
Date Reported: 12/21/00
Vulnerability: ksh-redirection-symlink
Platforms Affected: IRIX (6.2, 6.5.x)
Solaris (2.5.1, 2.6, 7)
HPUX 9.00
Digital Unix 5.0
Risk Factor: High
Attack Type: Host Based
Brief Description: ksh redirection symlink attack
X-Force URL: http://xforce.iss.net/static/5811.php
_____
Date Reported: 12/21/00
Vulnerability: oracle-webdb-admin-access
Platforms Affected: Oracle Internet Application Server 3.0.7
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Oracle IAS allows administrative access
X-Force URL: http://xforce.iss.net/static/5818.php
_____
Date Reported: 12/21/00
Vulnerability: infinite-interchange-dos
Platforms Affected: Infinite Interchange 3.61
Risk Factor: Web Scan
Attack Type: Network/Host Based
Brief Description: Infinite InterChange denial of service
X-Force URL: http://xforce.iss.net/static/5798.php
_____
Date Reported: 12/20/00
Vulnerability: gnupg-detached-sig-modify
Platforms Affected: GnuPG (1.0, 1.0.1, 1.0.2, 1.0.3)
Risk Factor: Medium
Attack Type: Host Based
Brief Description: GnuPG allows users to modify signed messages with
detached signatures
X-Force URL: http://xforce.iss.net/static/5802.php
_____
Date Reported: 12/20/00
Vulnerability: gnupg-reveal-private
Platforms Affected: GnuPG (1.0, 1.0.1, 1.0.2, 1.0.3)
Risk Factor: Medium
Attack Type: Host Based
Brief Description: GnuPG will import private keys along with public
keys
X-Force URL: http://xforce.iss.net/static/5803.php
_____
Date Reported: 12/20/00
Vulnerability: zonealarm-nmap-scans
Platforms Affected: ZoneAlarm
Risk Factor: High
Attack Type: Network Based
Brief Description: ZoneAlarm does not detect NMAP scans
X-Force URL: http://xforce.iss.net/static/5799.php
_____
Date Reported: 12/20/00
Vulnerability: zonealarm-open-shares
Platforms Affected: ZoneAlarm
Risk Factor: High
Attack Type: Network Based
Brief Description: ZoneAlarm open shares
X-Force URL: http://xforce.iss.net/static/5825.php
_____
Date Reported: 12/19/00
Vulnerability: win2k-index-service-activex
Platforms Affected: Windows 2000
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: Windows 2000 Index Service ActiveX controls allow
unauthorized access to file information
X-Force URL: http://xforce.iss.net/static/5800.php
_____
Date Reported: 12/19/00
Vulnerability: proftpd-size-memory-leak
Platforms Affected: Proftpd
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: proftpd memory leak when using SIZE command
X-Force URL: http://xforce.iss.net/static/5801.php
_____
Date Reported: 12/19/00
Vulnerability: weblogic-dot-bo
Platforms Affected: WebLogic
Risk Factor: Medium
Attack Type: Network Based
Brief Description: BEA WebLogic Server "dotdot" URL buffer overflow
X-Force URL: http://xforce.iss.net/static/5782.php
_____
Date Reported: 12/19/00
Vulnerability: mdaemon-imap-dos
Platforms Affected: MDaemon
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: MDaemon IMAP buffer overflow denial of service
X-Force URL: http://xforce.iss.net/static/5805.php
_____
Date Reported: 12/19/00
Vulnerability: zope-calculate-roles
Platforms Affected: Zp[e
Risk Factor: High
Attack Type: Host Based
Brief Description: zope package in Linux calculates local roles
incorrectly
X-Force URL: http://xforce.iss.net/static/5777.php
_____
Date Reported: 12/19/00
Vulnerability: itetris-svgalib-path
Platforms Affected: svgalib
Risk Factor: High
Attack Type: Host Based
Brief Description: Itetris svgalib PATH
X-Force URL: http://xforce.iss.net/static/5795.php
_____
Date Reported: 12/18/00
Vulnerability: bsd-ftpd-replydirname-bo
Platforms Affected: BSD Based Operating Systems
Risk Factor: High
Attack Type: Network Based
Brief Description: BSD ftpd replydirname() function buffer overflow
X-Force URL: http://xforce.iss.net/static/5776.php
_____
Date Reported: 12/18/00
Vulnerability: sonata-command-execute
Platforms Affected: Sonata
Risk Factor: High
Attack Type: Host Based
Brief Description: Sonata argument command line execution
X-Force URL: http://xforce.iss.net/static/5787.php
_____
Date Reported: 12/18/00
Vulnerability: solaris-catman-symlink
Platforms Affected: Solaris
Risk Factor: High
Attack Type: Host Based
Brief Description: Solaris catman command symlink attack
X-Force URL: http://xforce.iss.net/static/5788.php
_____
Date Reported: 12/18/00
Vulnerability: solaris-patchadd-symlink
Platforms Affected: Solaris
Risk Factor: High
Attack Type: Host Based
Brief Description: Solaris patchadd symlink attack
X-Force URL: http://xforce.iss.net/static/5789.php
_____
Date Reported: 12/18/00
Vulnerability: stunnel-format-logfile
Platforms Affected: Stunnel
Risk Factor: High
Attack Type: Network Based
Brief Description: Stunnel format allows user to write to logfile
X-Force URL: http://xforce.iss.net/static/5807.php
_____
Date Reported: 12/17/00
Vulnerability: hp-top-sys-files
Platforms Affected: HPUX
Risk Factor: Low
Attack Type: Host Based
Brief Description: HP-UX top command could be used to overwrite files
X-Force URL: http://xforce.iss.net/static/5773.php
_____
Date Reported: 12/16/00
Vulnerability: zope-legacy-names
Platforms Affected: Zope
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Linux zope package "legacy" names
X-Force URL: http://xforce.iss.net/static/5824.php
_____
Date Reported: 12/15/00
Vulnerability: mrj-runtime-malicious-applets
Platforms Affected: MRJ
Risk Factor: Low
Attack Type: Host Based
Brief Description: MRJ runtime environment could allow malicious
applets to be executed
X-Force URL: http://xforce.iss.net/static/5784.php
_____
Date Reported: 12/14/00
Vulnerability: coffeecup-ftp-weak-encryption
Platforms Affected: CoffeeCup FTP
Risk Factor: Low
Attack Type: Host Based
Brief Description: CoffeeCup FTP client has weak password encryption
X-Force URL: http://xforce.iss.net/static/5744.php
_____
Date Reported: 12/14/00
Vulnerability: watchguard-soho-fragmented-packets
Platforms Affected: WatchGuard
Risk Factor: Medium
Attack Type: Network Based
Brief Description: WatchGuard SOHO Firewall fragmented IP packet
attack
X-Force URL: http://xforce.iss.net/static/5749.php
_____
Date Reported: 12/14/00
Vulnerability: jpilot-perms
Platforms Affected: J-Pilot
Risk Factor: Medium
Attack Type: Host Based
Brief Description: J-Pilot permissions could reveal sensitive
information
X-Force URL: http://xforce.iss.net/static/5762.php
_____
Date Reported: 12/14/00
Vulnerability: mediaservices-dropped-connection-dos
Platforms Affected: Microsoft Media Services
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Microsoft Media Services dropped connection denial
of service
X-Force URL: http://xforce.iss.net/static/5785.php
_____
Date Reported: 12/14/00
Vulnerability: watchguard-soho-web-auth
Platforms Affected: WatchGuard
Risk Factor: High
Attack Type: Network Based
Brief Description: WatchGuard SOHO Web config server could allow
unauthenticated access
X-Force URL: http://xforce.iss.net/static/5554.php
_____
Date Reported: 12/14/00
Vulnerability: watchguard-soho-passcfg-reset
Platforms Affected: WatchGuard
Risk Factor: High
Attack Type: Network Based
Brief Description: WatchGuard SOHO administrator password can be
remotely reset
X-Force URL: http://xforce.iss.net/static/5742.php
_____
Date Reported: 12/14/00
Vulnerability: http-cgi-simplestguest
Platforms Affected: simplestguest.cgi
Risk Factor: High
Attack Type: Network Based
Brief Description: simplestguest.cgi input validation error
X-Force URL: http://xforce.iss.net/static/5743.php
_____
Date Reported: 12/14/00
Vulnerability: safeword-palm-pin-extraction
Platforms Affected: SafeWord
e.iD Palm Authenticator
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: SafeWord and e.iD Palm Authenticator allows
attacker to clone Palm device
X-Force URL: http://xforce.iss.net/static/5753.php
_____
Date Reported: 12/14/00
Vulnerability: mdaemon-lock-bypass-password
Platforms Affected: MDaemon
Risk Factor: High
Attack Type: Host Based
Brief Description: MDaemon "lock" bypass password
X-Force URL: http://xforce.iss.net/static/5763.php
_____
Date Reported: 12/13/00
Vulnerability: cisco-catalyst-ssh-mismatch
Platforms Affected: Cisco Catalyst
Risk Factor: Low
Attack Type: Network Based
Brief Description: Cisco Catalyst SSH protocol mismatch
X-Force URL: http://xforce.iss.net/static/5760.php
_____
Date Reported: 12/13/00
Vulnerability: microsoft-iis-file-disclosure
Platforms Affected: IIS
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Microsoft IIS Far East editions file disclosure
X-Force URL: http://xforce.iss.net/static/5729.php
_____
Date Reported: 12/13/00
Vulnerability: ezshopper-cgi-file-disclosure
Platforms Affected: loadpage.cgi
Risk Factor: Medium
Attack Type: Network Based
Brief Description: EZshopper loadpage.cgi file disclosure
X-Force URL: http://xforce.iss.net/static/5740.php
_____
Date Reported: 12/13/00
Vulnerability: winnt-mstask-dos
Platforms Affected: Windows NT
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Windows NT MSTask.exe denial of service
X-Force URL: http://xforce.iss.net/static/5746.php
_____
Date Reported: 12/13/00
Vulnerability: bftpd-site-chown-bo
Platforms Affected: BFTPD
Risk Factor: High
Attack Type: Network Based
Brief Description: BFTPD SITE CHOWN buffer overflow
X-Force URL: http://xforce.iss.net/static/5775.php
_____
Date Reported: 12/12/00
Vulnerability: aim-remote-bo
Platforms Affected: AOL Instant Messenger
Risk Factor: Medium
Attack Type: Network Based
Brief Description: AOL Instant Messenger buffer overflow
X-Force URL: http://xforce.iss.net/static/5732.php
_____
Date Reported: 12/12/00
Vulnerability: subscribemelite-gain-admin-access
Platforms Affected: Subscribe Me Lite
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Subscribe Me Lite mailing list manager
unauthorized access
X-Force URL: http://xforce.iss.net/static/5735.php
_____
Date Reported: 12/12/00
Vulnerability: zope-image-file
Platforms Affected: Zope
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux zope package Image and File objects
X-Force URL: http://xforce.iss.net/static/5778.php
_____
Date Reported: 12/12/00
Vulnerability: http-cgi-everythingform
Platforms Affected: everythingform.cgi
Risk Factor: High
Attack Type: Network Based
Brief Description: everythingform.cgi input validation error
X-Force URL: http://xforce.iss.net/static/5736.php
_____
Date Reported: 12/12/00
Vulnerability: http-cgi-simplestmail
Platforms Affected: simplestmail.cgi
Risk Factor: High
Attack Type: Network Based
Brief Description: simplestmail.cgi input validation error
X-Force URL: http://xforce.iss.net/static/5739.php
_____
Date Reported: 12/12/00
Vulnerability: http-cgi-ad
Platforms Affected: ad.cgi
Risk Factor: High
Attack Type: Network Based
Brief Description: ad.cgi input validation error
X-Force URL: http://xforce.iss.net/static/5741.php
_____
Date Reported: 12/12/00
Vulnerability: kde-kmail-weak-encryption
Platforms Affected: KDE KMail
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: KDE KMail weak password encryption
X-Force URL: http://xforce.iss.net/static/5761.php
_____
Date Reported: 12/12/00
Vulnerability: aolim-buddyicon-bo
Platforms Affected: AOL Instant Messenger
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: AOL Instant Messenger Buddy Icon buffer overflow
X-Force URL: http://xforce.iss.net/static/5786.php
_____
Date Reported: 12/12/00
Vulnerability: aim-remote-bo
Platforms Affected: AOL Instant Messenger
Risk Factor: Medium
Attack Type: Network Based
Brief Description: AOL Instant Messenger buffer overflow
X-Force URL: http://xforce.iss.net/static/5732.php
_____
Date Reported: 12/11/00
Vulnerability: rppppoe-zero-length-dos
Platforms Affected: rp-pppoe
Risk Factor: Medium
Attack Type: Network Based
Brief Description: rp-pppoe "zero-length" option denial of service
X-Force URL: http://xforce.iss.net/static/5727.php
_____
Date Reported: 12/11/00
Vulnerability: proftpd-modsqlpw-unauth-access
Platforms Affected: ProFTPd
Risk Factor: Medium
Attack Type: Network Based
Brief Description: ProFTPD system using mod_sqlpw unauthorized access
X-Force URL: http://xforce.iss.net/static/5737.php
_____
Date Reported: 12/11/00
Vulnerability: gnu-ed-symlink
Platforms Affected: GNU ed
Risk Factor: High
Attack Type: Host Based
Brief Description: GNU ed symlink
X-Force URL: http://xforce.iss.net/static/5723.php
_____
Date Reported: 12/11/00
Vulnerability: oops-ftputils-bo
Platforms Affected: Oops Proxy Server
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Oops Proxy Server ftp_utils buffer overflow
X-Force URL: http://xforce.iss.net/static/5725.php
_____
Date Reported: 12/11/00
Vulnerability: oracle-oidldap-write-permission
Platforms Affected: Oracle Internet Directory
Risk Factor: High
Attack Type: Host Based
Brief Description: Oracle Internet Directory write permission
X-Force URL: http://xforce.iss.net/static/5804.php
_____
Date Reported: 12/9/00
Vulnerability: foolproof-security-bypass
Platforms Affected: FoolProof
Risk Factor: High
Attack Type: Host Based
Brief Description: FoolProof Security restriction bypass using FTP
X-Force URL: http://xforce.iss.net/static/5758.php
_____
Date Reported: 12/8/00
Vulnerability: broadvision-bv1to1-reveal-path
Platforms Affected: BroadVision One-To-One Enterprise Server
Risk Factor: Low
Attack Type: Network Based
Brief Description: BroadVision One-To-One Enterprise Server reveals
path to server
X-Force URL: http://xforce.iss.net/static/5661.php
_____
Date Reported: 12/8/00
Vulnerability: ssldump-format-strings
Platforms Affected: ssldump
Risk Factor: Medium
Attack Type: Network Based
Brief Description: ssldump format string could allow arbitrary
execution of code
X-Force URL: http://xforce.iss.net/static/5717.php
_____
Date Reported: 12/8/00
Vulnerability: coldfusion-sample-dos
Platforms Affected: ColdFusion
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: ColdFusion sample script denial of service
X-Force URL: http://xforce.iss.net/static/5755.php
_____
Date Reported: 12/8/00
Vulnerability: kerberos4-arbitrary-proxy
Platforms Affected: Kerberos 4
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: KTH Kerberos 4 arbitrary proxy enviornment
variable
X-Force URL: http://xforce.iss.net/static/5733.php
_____
Date Reported: 12/8/00
Vulnerability: kerberos4-auth-packet-overflow
Platforms Affected: Kerberos 4
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: KTH Kerberos 4 authentication packet buffer
overflow
X-Force URL: http://xforce.iss.net/static/5734.php
_____
Date Reported: 12/8/00
Vulnerability: kerberos4-user-config
Platforms Affected: Kerberos 4
Risk Factor: High
Attack Type: Host Based
Brief Description: KTH Kerberos 4 user supplied configuration files
X-Force URL: http://xforce.iss.net/static/5738.php
_____
Date Reported: 12/8/00
Vulnerability: kerberos4-tmpfile-dos
Platforms Affected: Kerberos 4
Risk Factor: High
Attack Type: Host Based
Brief Description: KTH Kerberos 4 race condition
X-Force URL: http://xforce.iss.net/static/5754.php
_____
Date Reported: 12/7/00
Vulnerability: homeseer-directory-traversal
Platforms Affected: HomeSeer
Risk Factor: Low
Attack Type: Network Based
Brief Description: HomeSeer allows directory traversal
X-Force URL: http://xforce.iss.net/static/5663.php
_____
Date Reported: 12/7/00
Vulnerability: offline-explorer-reveal-files
Platforms Affected: MetaProducts Offline Explorer
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: MetaProducts Offline Explorer can reveal file
system
X-Force URL: http://xforce.iss.net/static/5728.php
_____
Date Reported: 12/7/00
Vulnerability: imail-smtp-auth-dos
Platforms Affected: IMail
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: IMail SMTP auth denial of service
X-Force URL: http://xforce.iss.net/static/5674.php
_____
Date Reported: 12/6/00
Vulnerability: apc-apcupsd-dos
Platforms Affected: APC apcupsd
Risk Factor: Medium
Attack Type: Host Based
Brief Description: APC apcupsd denial of service
X-Force URL: http://xforce.iss.net/static/5654.php
_____
Date Reported: 12/6/00
Vulnerability: cisco-catalyst-telnet-dos
Platforms Affected: Cisco Catalyst
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Cisco Catalyst telnet server memory leak denial of
service
X-Force URL: http://xforce.iss.net/static/5656.php
_____
Date Reported: 12/6/00
Vulnerability: apache-php-disclose-files
Platforms Affected: Apache Web server
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Apache Web server discloses files when used with
php script
X-Force URL: http://xforce.iss.net/static/5659.php
_____
Date Reported: 12/6/00
Vulnerability: ultraseek-reveal-path
Platforms Affected: Ultraseek
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Ultraseek Server can reveal the path and source
code to certain files
X-Force URL: http://xforce.iss.net/static/5660.php
_____
Date Reported: 12/6/00
Vulnerability: irc-dreamforge-dns-dos
Platforms Affected: DreamForge IRCd
Risk Factor: Medium
Attack Type: Network Based
Brief Description: DreamForge IRCd DNS denial of service
X-Force URL: http://xforce.iss.net/static/5721.php
_____
Date Reported: 12/6/00
Vulnerability: mailman-alternate-templates
Platforms Affected: MailMan
Risk Factor: High
Attack Type: Network Based
Brief Description: MailMan Alternate Templates form variable allows
remote attacker to execute commands
X-Force URL: http://xforce.iss.net/static/5649.php
_____
Date Reported: 12/6/00
Vulnerability: phpgroupware-include-files
Platforms Affected:
Risk Factor: High
Attack Type: Network Based
Brief Description: phpGroupWare include files allows remote attacker
to execute commands
X-Force URL: http://xforce.iss.net/static/5650.php
_____
Date Reported: 12/6/00
Vulnerability: markvision-printer-driver-bo
Platforms Affected: Lexmark MarkVision
Risk Factor: High
Attack Type: Host Based
Brief Description: Lexmark MarkVision printer drivers for Unix buffer
overflows
X-Force URL: http://xforce.iss.net/static/5651.php
_____
Date Reported: 12/6/00
Vulnerability: nt-ras-reg-perms
Platforms Affected: Windows NT
Risk Factor: High
Attack Type: Host Based
Brief Description: Windows NT RAS registry permissions
X-Force URL: http://xforce.iss.net/static/5671.php
_____
Date Reported: 12/6/00
Vulnerability: nt-snmp-reg-perms
Platforms Affected: Windows NT
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Windows NT SNMP registry permissions
X-Force URL: http://xforce.iss.net/static/5672.php
_____
Date Reported: 12/6/00
Vulnerability: nt-mts-reg-perms
Platforms Affected: Windows NT
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Windows NT MTS registry permissions
X-Force URL: http://xforce.iss.net/static/5673.php
_____
Date Reported: 12/6/00
Vulnerability: irc-bitchx-dns-bo
Platforms Affected: BitchX
Risk Factor: High
Attack Type: Network Based
Brief Description: BitchX IRC DNS buffer overflow
X-Force URL: http://xforce.iss.net/static/5701.php
_____
Date Reported: 12/5/00
Vulnerability: ibm-db2-gain-access
Platforms Affected: IBM DB2
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: IBM DB2 Universal Database can give access through
default username and password
X-Force URL: http://xforce.iss.net/static/5662.php
_____
Date Reported: 12/5/00
Vulnerability: ibm-db2-dos
Platforms Affected: IBM DB2
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: IBM DB2 Universal Database denial of service
X-Force URL: http://xforce.iss.net/static/5664.php
_____
Date Reported: 12/5/00
Vulnerability: vsu-source-routing
Platforms Affected: VSU
Risk Factor: Medium
Attack Type: Network Based
Brief Description: VPNet VSU gateways contain source routing
X-Force URL: http://xforce.iss.net/static/5667.php
_____
Date Reported: 12/5/00
Vulnerability: vsu-ip-bridging
Platforms Affected: VSU
Risk Factor: Medium
Attack Type: Network Based
Brief Description: VPNet VSU gateways contain bridging code
X-Force URL: http://xforce.iss.net/static/5670.php
_____
Date Reported: 12/5/00
Vulnerability: ftp-servu-homedir-travers
Platforms Affected: Serv-U FTP
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: FTP Serv-U home directory traversal could allow
access to FTProot
X-Force URL: http://xforce.iss.net/static/5639.php
_____
Date Reported: 12/4/00
Vulnerability: cisco-cbos-web-access
Platforms Affected: CISCO CBOS
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Cisco CBOS Web access enabled denial of service
X-Force URL: http://xforce.iss.net/static/5626.php
_____
Date Reported: 12/4/00
Vulnerability: watchguard-soho-get-dos
Platforms Affected: WatchGuard SOHO
Risk Factor: Medium
Attack Type: Network Based
Brief Description: WatchGuard SOHO Firewall multiple GET requests
denial of service
X-Force URL: http://xforce.iss.net/static/5665.php
_____
Date Reported: 12/4/00
Vulnerability: phone-book-service-bo
Platforms Affected: Windows 2000
Windows NT
Risk Factor: High
Attack Type: Network Based
Brief Description: Windows NT and 2000 Phone Book service buffer
overflow
X-Force URL: http://xforce.iss.net/static/5623.php
_____
Date Reported: 12/4/00
Vulnerability: cisco-cbos-syn-packets
Platforms Affected: CISCO CBOS
Risk Factor: High
Attack Type: Network Based
Brief Description: Cisco CBOS SYN packets denial of service
X-Force URL: http://xforce.iss.net/static/5627.php
_____
Date Reported: 12/4/00
Vulnerability: cisco-cbos-invalid-login
Platforms Affected: CISCO CBOS
Risk Factor: High
Attack Type: Network Based
Brief Description: Cisco CBOS does not log invalid logins
X-Force URL: http://xforce.iss.net/static/5628.php
_____
Date Reported: 12/4/00
Vulnerability: cisco-cbos-icmp-echo
Platforms Affected: CISCO CBOS
Risk Factor: High
Attack Type: Network Based
Brief Description: Cisco CBOS large ICMP ECHO packet denial of
service
X-Force URL: http://xforce.iss.net/static/5629.php
_____
Date Reported: 12/2/00
Vulnerability: phpweblog-bypass-authentication
Platforms Affected: phpWebLog
Risk Factor: High
Attack Type: Host Based
Brief Description: phpWebLog allows users to bypass authentication
X-Force URL: http://xforce.iss.net/static/5625.php
_____
Date Reported: 12/1/00
Vulnerability: linux-diskcheck-race-symlink
Platforms Affected: Linux
Risk Factor: Low
Attack Type: Host Based
Brief Description: Linux diskcheck race condition could allow a tmp
file symbolic link attack
X-Force URL: http://xforce.iss.net/static/5624.php
_____
Date Reported: 12/1/00
Vulnerability: ie-form-file-upload
Platforms Affected: Microsoft Internet Explorer
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Internet Explorer file upload form
X-Force URL: http://xforce.iss.net/static/5615.php
_____
Date Reported: 12/1/00
Vulnerability: mssql-xp-paraminfo-bo
Platforms Affected:
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Microsoft SQL XP srv_paraminfo() buffer overflow
X-Force URL: http://xforce.iss.net/static/5622.php
_____
Date Reported: 12/1/00
Vulnerability: majordomo-auth-execute-commands
Platforms Affected: Majordomo
Risk Factor: High
Attack Type: Network Based
Brief Description: Majordomo allows administrative access without
password
X-Force URL: http://xforce.iss.net/static/5611.php
_____
Date Reported: 12/1/00
Vulnerability: ie-print-template
Platforms Affected: Microsoft Internet Explorer
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Internet Explorer print template
X-Force URL: http://xforce.iss.net/static/5614.php
_____
Date Reported: 12/1/00
Vulnerability: aix-piobe-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX piobe buffer overflow
X-Force URL: http://xforce.iss.net/static/5616.php
_____
Date Reported: 12/1/00
Vulnerability: aix-pioout-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX pioout buffer overflow
X-Force URL: http://xforce.iss.net/static/5617.php
_____
Date Reported: 12/1/00
Vulnerability: aix-setclock-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX setclock buffer overflow
X-Force URL: http://xforce.iss.net/static/5618.php
_____
Date Reported: 12/1/00
Vulnerability: aix-enq-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX enq buffer overflow
X-Force URL: http://xforce.iss.net/static/5619.php
_____
Date Reported: 12/1/00
Vulnerability: aix-digest-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX digest buffer overflow
X-Force URL: http://xforce.iss.net/static/5620.php
_____
Date Reported: 12/1/00
Vulnerability: aix-setsenv-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX setsenv buffer overflow
X-Force URL: http://xforce.iss.net/static/5621.php
Risk Factor Key:
High Any vulnerability that provides an attacker with immediate
access into a machine, gains superuser access, or bypasses
a firewall. Example: A vulnerable Sendmail 8.6.5 version
that allows an intruder to execute commands on mail
server.
Medium Any vulnerability that provides information that has a
high potential of giving system access to an intruder.
Example: A misconfigured TFTP or vulnerable NIS server
that allows an intruder to get the password file that
could contain an account with a guessable password.
Low Any vulnerability that provides information that
potentially could lead to a compromise. Example: A
finger that allows an intruder to find out who is online
and potential accounts to attempt to crack passwords
via brute force methods.
_____
Additional Information
This document is available at http://xforce.iss.net/alerts/advisennn.php.
To receive these Alerts and Advisories:
- - Subscribe to the Alert mailing list from
http://xforce.iss.net/maillists/index.php
- - Or send an email to majordomo@iss.net, and within the body of the
message type:
'subscribe alert' (without the quotes).
About Internet Security Systems (ISS)
Internet Security Systems, Inc. (ISS) (NASDAQ: ISSX) is the leading
global provider of security management solutions for the Internet.
By combining best of breed products, security management services,
aggressive research and development, and comprehensive educational
and consulting services, ISS is the trusted security advisor for
thousands of organizations around the world looking to protect their
mission critical information and networks.
Copyright (c) 2001 by Internet Security Systems, Inc.
Permission is hereby granted for the redistribution of this Alert
electronically. It is not to be edited in any way without express consent
of the X-Force. If you wish to reprint the whole or any part of this
Alert in any other medium excluding electronic medium, please e-mail
xforce@iss.net for permission.
Disclaimer
The information within this paper may change without notice. Use of this
information constitutes acceptance for use in an AS IS condition. There
are NO warranties with regard to this information. In no event shall the
author be liable for any damages whatsoever arising out of or in
connection with the use or spread of this information. Any use of this
information is at the user's own risk.
X-Force PGP Key available at: http://xforce.iss.net/sensitive.php as
well as on MIT's PGP key server and PGP.com's key server.
Please send suggestions, updates, and comments to: X-Force xforce@iss.net
of Internet Security Systems, Inc.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a
Charset: noconv
iQCVAwUBOmd8xjRfJiV99eG9AQHGkAQAgX36zVSxItnmE160WG5ws5c6tp0F0Sr0
LLmTWkj7iiYUNv2dKxsw0L4IxItVyilHBYDDrQtjpD76ABE1YhaU2qxlFCeNqMoL
r21MXXYy0JZWfMCU+t7dk7VNtDzy/0EpbZIcBqziisvQJYgUin3viD54QK+gsYIw
jbM10AXVSHw=
=5U+8
-----END PGP SIGNATURE-----
| VAR-200102-0028 | CVE-2001-0056 | Oracle Internet Directory LDAP Daemon does not check write permissions properly |
CVSS V2: 7.5 CVSS V3: - Severity: HIGH |
The Cisco Web Management interface in routers running CBOS 2.4.1 and earlier does not log invalid logins, which allows remote attackers to guess passwords without detection. The Oracle LDAP Daemon (oidldapd version 2.1.1.1), which ships with Oracle version 8i for Linux version 8.1.7, does not check write permissions properly. This can allow a local user to delete or write to any file on the system. There is a buffer overflow in the IBM AIX setclock command that may allow local attackers to gain root privileges. Broadband Operating System is prone to a remote security vulnerability. A remote attacker can guess the password without even knowing it. -----BEGIN PGP SIGNED MESSAGE-----
Internet Security Systems Security Alert Summary
January 1, 2001
Volume 6 Number 2
The following computer security issues have been publicly reported and
documented in the X-Force Vulnerability and Threat Database
(http://xforce.iss.net).
This document is available at
http://xforce.iss.net/alerts/vol-06_num-02.php. To receive these Alert
Summaries:
- - Subscribe to the Alert mailing list from
http://xforce.iss.net/maillists/index.php
- - Or send an email to majordomo@iss.net, and within the body of the
message type:
- - 'subscribe alert' (without the quotes).
_____
Contents
115 Reported Vulnerabilities
Risk Factor Key
_____
Date Reported: 12/31/00
Vulnerability: exmh-error-symlink
Platforms Affected: exmh 2.2 and earlier
Risk Factor: High
Attack Type: Host Based
Brief Description: exmh error message symlink
X-Force URL: http://xforce.iss.net/static/5829.php
_____
Date Reported: 12/30/00
Vulnerability: informix-webdriver-symlink
Platforms Affected: Informix Webdriver
Risk Factor: High
Attack Type: Host Based
Brief Description: Informix Webdriver symbolic link
X-Force URL: http://xforce.iss.net/static/5827.php
_____
Date Reported: 12/30/00
Vulnerability: informix-webdriver-admin-access
Platforms Affected: Informix Webdriver
Risk Factor: High
Attack Type: Network Based
Brief Description: Informix Webdriver remote Admin access
X-Force URL: http://xforce.iss.net/static/5833.php
_____
Date Reported: 12/29/00
Vulnerability: zonealarm-mutex-dos
Platforms Affected: ZoneAlarm Pro
Risk Factor: Medium
Attack Type: Host Based
Brief Description: ZoneAlarm and ZoneAlarm Pro Mutex creation denial
of service
X-Force URL: http://xforce.iss.net/static/5821.php
_____
Date Reported: 12/29/00
Vulnerability: zonealarm-batfile-dos
Platforms Affected: ZoneAlarm Pro
Risk Factor: Medium
Attack Type: Host Based
Brief Description: ZoneAlarm and ZoneAlarm Pro can be taken down with
a batch file
X-Force URL: http://xforce.iss.net/static/5822.php
_____
Date Reported: 12/29/00
Vulnerability: shockwave-flash-swf-bo
Platforms Affected: Shockwave Plugin 8.0 and prior
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Shockwave Flash SWF file buffer overflow
X-Force URL: http://xforce.iss.net/static/5826.php
_____
Date Reported: 12/29/00
Vulnerability: macos-multiple-users
Platforms Affected: MacOS 9.0
Risk Factor: High
Attack Type: Host Based
Brief Description: Mac OS 'Multiple Users' bypass password
X-Force URL: http://xforce.iss.net/static/5830.php
_____
Date Reported: 12/28/00
Vulnerability: http-cgi-ikonboard
Platforms Affected: Ikonboard 2.1.7b and prior
Risk Factor: High
Attack Type: Host Based
Brief Description: Ikonboard allows remote attacker to execute
commands
X-Force URL: http://xforce.iss.net/static/5819.php
_____
Date Reported: 12/27/00
Vulnerability: http-cgi-technote-main
Platforms Affected: TECH-NOTE (000, 2001, Pro)
Risk Factor: High
Attack Type: Network Based
Brief Description: TECH-NOTE main.cgi reveals files
X-Force URL: http://xforce.iss.net/static/5813.php
_____
Date Reported: 12/26/00
Vulnerability: xwindows-char-dos
Platforms Affected: XFree86
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: X Windows multiple character denial of service
X-Force URL: http://xforce.iss.net/static/5834.php
_____
Date Reported: 12/25/00
Vulnerability: 1stup-mail-server-bo
Platforms Affected: 1st Up Mail Server 4.1
Risk Factor: Medium
Attack Type: Network Based
Brief Description: 1st Up Mail Server buffer overflow
X-Force URL: http://xforce.iss.net/static/5808.php
_____
Date Reported: 12/25/00
Vulnerability: dialog-symlink
Platforms Affected: Linux Debian 2.2
Risk Factor: High
Attack Type: Host Based
Brief Description: Linux dialog package symlink attack
X-Force URL: http://xforce.iss.net/static/5809.php
_____
Date Reported: 12/25/00
Vulnerability: ibm-wcs-admin
Platforms Affected: IBM Websphere Commerce Suite
Risk Factor: High
Attack Type: Host Based
Brief Description: IBM WCS admin.config allows user to execute
arbitrary commands
X-Force URL: http://xforce.iss.net/static/5831.php
_____
Date Reported: 12/23/00
Vulnerability: http-cgi-technote-print
Platforms Affected: TECH-NOTE (2000, 2001, Pro)
Risk Factor: Medium
Attack Type: Network Based
Brief Description: TECH-NOTE print.cgi reveals files
X-Force URL: http://xforce.iss.net/static/5815.php
_____
Date Reported: 12/22/00
Vulnerability: iis-web-form-submit
Platforms Affected: IIS (4.0, 5.0)
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: IIS Web form submission
X-Force URL: http://xforce.iss.net/static/5823.php
_____
Date Reported: 12/21/00
Vulnerability: hpux-kermit-bo
Platforms Affected: HPUX (10.01, 10.10, 10.20, 11.00)
Risk Factor: Medium
Attack Type: Host Based
Brief Description: HP-UX kermit buffer overflow
X-Force URL: http://xforce.iss.net/static/5793.php
_____
Date Reported: 12/21/00
Vulnerability: bsguest-cgi-execute-commands
Platforms Affected: Linux
Risk Factor: Medium
Attack Type: Network Based
Brief Description: bsguest.cgi allows remote execution of commands on
server
X-Force URL: http://xforce.iss.net/static/5796.php
_____
Date Reported: 12/21/00
Vulnerability: bslist-cgi-execute-commands
Platforms Affected: Linux
Risk Factor: Medium
Attack Type: Network Based
Brief Description: bslist.cgi allows remote execution of commands on
server
X-Force URL: http://xforce.iss.net/static/5797.php
_____
Date Reported: 12/21/00
Vulnerability: infinite-interchange-dos
Platforms Affected: Infinite Interchange 3.61
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Infinite InterChange denial of service
X-Force URL: http://xforce.iss.net/static/5798.php
_____
Date Reported: 12/21/00
Vulnerability: oracle-execute-plsql
Platforms Affected: Oracle Application Server
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Oracle remote procedure execution
X-Force URL: http://xforce.iss.net/static/5817.php
_____
Date Reported: 12/21/00
Vulnerability: ksh-redirection-symlink
Platforms Affected: IRIX (6.2, 6.5.x)
Solaris (2.5.1, 2.6, 7)
HPUX 9.00
Digital Unix 5.0
Risk Factor: High
Attack Type: Host Based
Brief Description: ksh redirection symlink attack
X-Force URL: http://xforce.iss.net/static/5811.php
_____
Date Reported: 12/21/00
Vulnerability: oracle-webdb-admin-access
Platforms Affected: Oracle Internet Application Server 3.0.7
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Oracle IAS allows administrative access
X-Force URL: http://xforce.iss.net/static/5818.php
_____
Date Reported: 12/21/00
Vulnerability: infinite-interchange-dos
Platforms Affected: Infinite Interchange 3.61
Risk Factor: Web Scan
Attack Type: Network/Host Based
Brief Description: Infinite InterChange denial of service
X-Force URL: http://xforce.iss.net/static/5798.php
_____
Date Reported: 12/20/00
Vulnerability: gnupg-detached-sig-modify
Platforms Affected: GnuPG (1.0, 1.0.1, 1.0.2, 1.0.3)
Risk Factor: Medium
Attack Type: Host Based
Brief Description: GnuPG allows users to modify signed messages with
detached signatures
X-Force URL: http://xforce.iss.net/static/5802.php
_____
Date Reported: 12/20/00
Vulnerability: gnupg-reveal-private
Platforms Affected: GnuPG (1.0, 1.0.1, 1.0.2, 1.0.3)
Risk Factor: Medium
Attack Type: Host Based
Brief Description: GnuPG will import private keys along with public
keys
X-Force URL: http://xforce.iss.net/static/5803.php
_____
Date Reported: 12/20/00
Vulnerability: zonealarm-nmap-scans
Platforms Affected: ZoneAlarm
Risk Factor: High
Attack Type: Network Based
Brief Description: ZoneAlarm does not detect NMAP scans
X-Force URL: http://xforce.iss.net/static/5799.php
_____
Date Reported: 12/20/00
Vulnerability: zonealarm-open-shares
Platforms Affected: ZoneAlarm
Risk Factor: High
Attack Type: Network Based
Brief Description: ZoneAlarm open shares
X-Force URL: http://xforce.iss.net/static/5825.php
_____
Date Reported: 12/19/00
Vulnerability: win2k-index-service-activex
Platforms Affected: Windows 2000
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: Windows 2000 Index Service ActiveX controls allow
unauthorized access to file information
X-Force URL: http://xforce.iss.net/static/5800.php
_____
Date Reported: 12/19/00
Vulnerability: proftpd-size-memory-leak
Platforms Affected: Proftpd
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: proftpd memory leak when using SIZE command
X-Force URL: http://xforce.iss.net/static/5801.php
_____
Date Reported: 12/19/00
Vulnerability: weblogic-dot-bo
Platforms Affected: WebLogic
Risk Factor: Medium
Attack Type: Network Based
Brief Description: BEA WebLogic Server "dotdot" URL buffer overflow
X-Force URL: http://xforce.iss.net/static/5782.php
_____
Date Reported: 12/19/00
Vulnerability: mdaemon-imap-dos
Platforms Affected: MDaemon
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: MDaemon IMAP buffer overflow denial of service
X-Force URL: http://xforce.iss.net/static/5805.php
_____
Date Reported: 12/19/00
Vulnerability: zope-calculate-roles
Platforms Affected: Zp[e
Risk Factor: High
Attack Type: Host Based
Brief Description: zope package in Linux calculates local roles
incorrectly
X-Force URL: http://xforce.iss.net/static/5777.php
_____
Date Reported: 12/19/00
Vulnerability: itetris-svgalib-path
Platforms Affected: svgalib
Risk Factor: High
Attack Type: Host Based
Brief Description: Itetris svgalib PATH
X-Force URL: http://xforce.iss.net/static/5795.php
_____
Date Reported: 12/18/00
Vulnerability: bsd-ftpd-replydirname-bo
Platforms Affected: BSD Based Operating Systems
Risk Factor: High
Attack Type: Network Based
Brief Description: BSD ftpd replydirname() function buffer overflow
X-Force URL: http://xforce.iss.net/static/5776.php
_____
Date Reported: 12/18/00
Vulnerability: sonata-command-execute
Platforms Affected: Sonata
Risk Factor: High
Attack Type: Host Based
Brief Description: Sonata argument command line execution
X-Force URL: http://xforce.iss.net/static/5787.php
_____
Date Reported: 12/18/00
Vulnerability: solaris-catman-symlink
Platforms Affected: Solaris
Risk Factor: High
Attack Type: Host Based
Brief Description: Solaris catman command symlink attack
X-Force URL: http://xforce.iss.net/static/5788.php
_____
Date Reported: 12/18/00
Vulnerability: solaris-patchadd-symlink
Platforms Affected: Solaris
Risk Factor: High
Attack Type: Host Based
Brief Description: Solaris patchadd symlink attack
X-Force URL: http://xforce.iss.net/static/5789.php
_____
Date Reported: 12/18/00
Vulnerability: stunnel-format-logfile
Platforms Affected: Stunnel
Risk Factor: High
Attack Type: Network Based
Brief Description: Stunnel format allows user to write to logfile
X-Force URL: http://xforce.iss.net/static/5807.php
_____
Date Reported: 12/17/00
Vulnerability: hp-top-sys-files
Platforms Affected: HPUX
Risk Factor: Low
Attack Type: Host Based
Brief Description: HP-UX top command could be used to overwrite files
X-Force URL: http://xforce.iss.net/static/5773.php
_____
Date Reported: 12/16/00
Vulnerability: zope-legacy-names
Platforms Affected: Zope
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Linux zope package "legacy" names
X-Force URL: http://xforce.iss.net/static/5824.php
_____
Date Reported: 12/15/00
Vulnerability: mrj-runtime-malicious-applets
Platforms Affected: MRJ
Risk Factor: Low
Attack Type: Host Based
Brief Description: MRJ runtime environment could allow malicious
applets to be executed
X-Force URL: http://xforce.iss.net/static/5784.php
_____
Date Reported: 12/14/00
Vulnerability: coffeecup-ftp-weak-encryption
Platforms Affected: CoffeeCup FTP
Risk Factor: Low
Attack Type: Host Based
Brief Description: CoffeeCup FTP client has weak password encryption
X-Force URL: http://xforce.iss.net/static/5744.php
_____
Date Reported: 12/14/00
Vulnerability: watchguard-soho-fragmented-packets
Platforms Affected: WatchGuard
Risk Factor: Medium
Attack Type: Network Based
Brief Description: WatchGuard SOHO Firewall fragmented IP packet
attack
X-Force URL: http://xforce.iss.net/static/5749.php
_____
Date Reported: 12/14/00
Vulnerability: jpilot-perms
Platforms Affected: J-Pilot
Risk Factor: Medium
Attack Type: Host Based
Brief Description: J-Pilot permissions could reveal sensitive
information
X-Force URL: http://xforce.iss.net/static/5762.php
_____
Date Reported: 12/14/00
Vulnerability: mediaservices-dropped-connection-dos
Platforms Affected: Microsoft Media Services
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Microsoft Media Services dropped connection denial
of service
X-Force URL: http://xforce.iss.net/static/5785.php
_____
Date Reported: 12/14/00
Vulnerability: watchguard-soho-web-auth
Platforms Affected: WatchGuard
Risk Factor: High
Attack Type: Network Based
Brief Description: WatchGuard SOHO Web config server could allow
unauthenticated access
X-Force URL: http://xforce.iss.net/static/5554.php
_____
Date Reported: 12/14/00
Vulnerability: watchguard-soho-passcfg-reset
Platforms Affected: WatchGuard
Risk Factor: High
Attack Type: Network Based
Brief Description: WatchGuard SOHO administrator password can be
remotely reset
X-Force URL: http://xforce.iss.net/static/5742.php
_____
Date Reported: 12/14/00
Vulnerability: http-cgi-simplestguest
Platforms Affected: simplestguest.cgi
Risk Factor: High
Attack Type: Network Based
Brief Description: simplestguest.cgi input validation error
X-Force URL: http://xforce.iss.net/static/5743.php
_____
Date Reported: 12/14/00
Vulnerability: safeword-palm-pin-extraction
Platforms Affected: SafeWord
e.iD Palm Authenticator
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: SafeWord and e.iD Palm Authenticator allows
attacker to clone Palm device
X-Force URL: http://xforce.iss.net/static/5753.php
_____
Date Reported: 12/14/00
Vulnerability: mdaemon-lock-bypass-password
Platforms Affected: MDaemon
Risk Factor: High
Attack Type: Host Based
Brief Description: MDaemon "lock" bypass password
X-Force URL: http://xforce.iss.net/static/5763.php
_____
Date Reported: 12/13/00
Vulnerability: cisco-catalyst-ssh-mismatch
Platforms Affected: Cisco Catalyst
Risk Factor: Low
Attack Type: Network Based
Brief Description: Cisco Catalyst SSH protocol mismatch
X-Force URL: http://xforce.iss.net/static/5760.php
_____
Date Reported: 12/13/00
Vulnerability: microsoft-iis-file-disclosure
Platforms Affected: IIS
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Microsoft IIS Far East editions file disclosure
X-Force URL: http://xforce.iss.net/static/5729.php
_____
Date Reported: 12/13/00
Vulnerability: ezshopper-cgi-file-disclosure
Platforms Affected: loadpage.cgi
Risk Factor: Medium
Attack Type: Network Based
Brief Description: EZshopper loadpage.cgi file disclosure
X-Force URL: http://xforce.iss.net/static/5740.php
_____
Date Reported: 12/13/00
Vulnerability: winnt-mstask-dos
Platforms Affected: Windows NT
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Windows NT MSTask.exe denial of service
X-Force URL: http://xforce.iss.net/static/5746.php
_____
Date Reported: 12/13/00
Vulnerability: bftpd-site-chown-bo
Platforms Affected: BFTPD
Risk Factor: High
Attack Type: Network Based
Brief Description: BFTPD SITE CHOWN buffer overflow
X-Force URL: http://xforce.iss.net/static/5775.php
_____
Date Reported: 12/12/00
Vulnerability: aim-remote-bo
Platforms Affected: AOL Instant Messenger
Risk Factor: Medium
Attack Type: Network Based
Brief Description: AOL Instant Messenger buffer overflow
X-Force URL: http://xforce.iss.net/static/5732.php
_____
Date Reported: 12/12/00
Vulnerability: subscribemelite-gain-admin-access
Platforms Affected: Subscribe Me Lite
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Subscribe Me Lite mailing list manager
unauthorized access
X-Force URL: http://xforce.iss.net/static/5735.php
_____
Date Reported: 12/12/00
Vulnerability: zope-image-file
Platforms Affected: Zope
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux zope package Image and File objects
X-Force URL: http://xforce.iss.net/static/5778.php
_____
Date Reported: 12/12/00
Vulnerability: http-cgi-everythingform
Platforms Affected: everythingform.cgi
Risk Factor: High
Attack Type: Network Based
Brief Description: everythingform.cgi input validation error
X-Force URL: http://xforce.iss.net/static/5736.php
_____
Date Reported: 12/12/00
Vulnerability: http-cgi-simplestmail
Platforms Affected: simplestmail.cgi
Risk Factor: High
Attack Type: Network Based
Brief Description: simplestmail.cgi input validation error
X-Force URL: http://xforce.iss.net/static/5739.php
_____
Date Reported: 12/12/00
Vulnerability: http-cgi-ad
Platforms Affected: ad.cgi
Risk Factor: High
Attack Type: Network Based
Brief Description: ad.cgi input validation error
X-Force URL: http://xforce.iss.net/static/5741.php
_____
Date Reported: 12/12/00
Vulnerability: kde-kmail-weak-encryption
Platforms Affected: KDE KMail
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: KDE KMail weak password encryption
X-Force URL: http://xforce.iss.net/static/5761.php
_____
Date Reported: 12/12/00
Vulnerability: aolim-buddyicon-bo
Platforms Affected: AOL Instant Messenger
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: AOL Instant Messenger Buddy Icon buffer overflow
X-Force URL: http://xforce.iss.net/static/5786.php
_____
Date Reported: 12/12/00
Vulnerability: aim-remote-bo
Platforms Affected: AOL Instant Messenger
Risk Factor: Medium
Attack Type: Network Based
Brief Description: AOL Instant Messenger buffer overflow
X-Force URL: http://xforce.iss.net/static/5732.php
_____
Date Reported: 12/11/00
Vulnerability: rppppoe-zero-length-dos
Platforms Affected: rp-pppoe
Risk Factor: Medium
Attack Type: Network Based
Brief Description: rp-pppoe "zero-length" option denial of service
X-Force URL: http://xforce.iss.net/static/5727.php
_____
Date Reported: 12/11/00
Vulnerability: proftpd-modsqlpw-unauth-access
Platforms Affected: ProFTPd
Risk Factor: Medium
Attack Type: Network Based
Brief Description: ProFTPD system using mod_sqlpw unauthorized access
X-Force URL: http://xforce.iss.net/static/5737.php
_____
Date Reported: 12/11/00
Vulnerability: gnu-ed-symlink
Platforms Affected: GNU ed
Risk Factor: High
Attack Type: Host Based
Brief Description: GNU ed symlink
X-Force URL: http://xforce.iss.net/static/5723.php
_____
Date Reported: 12/11/00
Vulnerability: oops-ftputils-bo
Platforms Affected: Oops Proxy Server
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Oops Proxy Server ftp_utils buffer overflow
X-Force URL: http://xforce.iss.net/static/5725.php
_____
Date Reported: 12/11/00
Vulnerability: oracle-oidldap-write-permission
Platforms Affected: Oracle Internet Directory
Risk Factor: High
Attack Type: Host Based
Brief Description: Oracle Internet Directory write permission
X-Force URL: http://xforce.iss.net/static/5804.php
_____
Date Reported: 12/9/00
Vulnerability: foolproof-security-bypass
Platforms Affected: FoolProof
Risk Factor: High
Attack Type: Host Based
Brief Description: FoolProof Security restriction bypass using FTP
X-Force URL: http://xforce.iss.net/static/5758.php
_____
Date Reported: 12/8/00
Vulnerability: broadvision-bv1to1-reveal-path
Platforms Affected: BroadVision One-To-One Enterprise Server
Risk Factor: Low
Attack Type: Network Based
Brief Description: BroadVision One-To-One Enterprise Server reveals
path to server
X-Force URL: http://xforce.iss.net/static/5661.php
_____
Date Reported: 12/8/00
Vulnerability: ssldump-format-strings
Platforms Affected: ssldump
Risk Factor: Medium
Attack Type: Network Based
Brief Description: ssldump format string could allow arbitrary
execution of code
X-Force URL: http://xforce.iss.net/static/5717.php
_____
Date Reported: 12/8/00
Vulnerability: coldfusion-sample-dos
Platforms Affected: ColdFusion
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: ColdFusion sample script denial of service
X-Force URL: http://xforce.iss.net/static/5755.php
_____
Date Reported: 12/8/00
Vulnerability: kerberos4-arbitrary-proxy
Platforms Affected: Kerberos 4
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: KTH Kerberos 4 arbitrary proxy enviornment
variable
X-Force URL: http://xforce.iss.net/static/5733.php
_____
Date Reported: 12/8/00
Vulnerability: kerberos4-auth-packet-overflow
Platforms Affected: Kerberos 4
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: KTH Kerberos 4 authentication packet buffer
overflow
X-Force URL: http://xforce.iss.net/static/5734.php
_____
Date Reported: 12/8/00
Vulnerability: kerberos4-user-config
Platforms Affected: Kerberos 4
Risk Factor: High
Attack Type: Host Based
Brief Description: KTH Kerberos 4 user supplied configuration files
X-Force URL: http://xforce.iss.net/static/5738.php
_____
Date Reported: 12/8/00
Vulnerability: kerberos4-tmpfile-dos
Platforms Affected: Kerberos 4
Risk Factor: High
Attack Type: Host Based
Brief Description: KTH Kerberos 4 race condition
X-Force URL: http://xforce.iss.net/static/5754.php
_____
Date Reported: 12/7/00
Vulnerability: homeseer-directory-traversal
Platforms Affected: HomeSeer
Risk Factor: Low
Attack Type: Network Based
Brief Description: HomeSeer allows directory traversal
X-Force URL: http://xforce.iss.net/static/5663.php
_____
Date Reported: 12/7/00
Vulnerability: offline-explorer-reveal-files
Platforms Affected: MetaProducts Offline Explorer
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: MetaProducts Offline Explorer can reveal file
system
X-Force URL: http://xforce.iss.net/static/5728.php
_____
Date Reported: 12/7/00
Vulnerability: imail-smtp-auth-dos
Platforms Affected: IMail
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: IMail SMTP auth denial of service
X-Force URL: http://xforce.iss.net/static/5674.php
_____
Date Reported: 12/6/00
Vulnerability: apc-apcupsd-dos
Platforms Affected: APC apcupsd
Risk Factor: Medium
Attack Type: Host Based
Brief Description: APC apcupsd denial of service
X-Force URL: http://xforce.iss.net/static/5654.php
_____
Date Reported: 12/6/00
Vulnerability: cisco-catalyst-telnet-dos
Platforms Affected: Cisco Catalyst
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Cisco Catalyst telnet server memory leak denial of
service
X-Force URL: http://xforce.iss.net/static/5656.php
_____
Date Reported: 12/6/00
Vulnerability: apache-php-disclose-files
Platforms Affected: Apache Web server
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Apache Web server discloses files when used with
php script
X-Force URL: http://xforce.iss.net/static/5659.php
_____
Date Reported: 12/6/00
Vulnerability: ultraseek-reveal-path
Platforms Affected: Ultraseek
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Ultraseek Server can reveal the path and source
code to certain files
X-Force URL: http://xforce.iss.net/static/5660.php
_____
Date Reported: 12/6/00
Vulnerability: irc-dreamforge-dns-dos
Platforms Affected: DreamForge IRCd
Risk Factor: Medium
Attack Type: Network Based
Brief Description: DreamForge IRCd DNS denial of service
X-Force URL: http://xforce.iss.net/static/5721.php
_____
Date Reported: 12/6/00
Vulnerability: mailman-alternate-templates
Platforms Affected: MailMan
Risk Factor: High
Attack Type: Network Based
Brief Description: MailMan Alternate Templates form variable allows
remote attacker to execute commands
X-Force URL: http://xforce.iss.net/static/5649.php
_____
Date Reported: 12/6/00
Vulnerability: phpgroupware-include-files
Platforms Affected:
Risk Factor: High
Attack Type: Network Based
Brief Description: phpGroupWare include files allows remote attacker
to execute commands
X-Force URL: http://xforce.iss.net/static/5650.php
_____
Date Reported: 12/6/00
Vulnerability: markvision-printer-driver-bo
Platforms Affected: Lexmark MarkVision
Risk Factor: High
Attack Type: Host Based
Brief Description: Lexmark MarkVision printer drivers for Unix buffer
overflows
X-Force URL: http://xforce.iss.net/static/5651.php
_____
Date Reported: 12/6/00
Vulnerability: nt-ras-reg-perms
Platforms Affected: Windows NT
Risk Factor: High
Attack Type: Host Based
Brief Description: Windows NT RAS registry permissions
X-Force URL: http://xforce.iss.net/static/5671.php
_____
Date Reported: 12/6/00
Vulnerability: nt-snmp-reg-perms
Platforms Affected: Windows NT
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Windows NT SNMP registry permissions
X-Force URL: http://xforce.iss.net/static/5672.php
_____
Date Reported: 12/6/00
Vulnerability: nt-mts-reg-perms
Platforms Affected: Windows NT
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Windows NT MTS registry permissions
X-Force URL: http://xforce.iss.net/static/5673.php
_____
Date Reported: 12/6/00
Vulnerability: irc-bitchx-dns-bo
Platforms Affected: BitchX
Risk Factor: High
Attack Type: Network Based
Brief Description: BitchX IRC DNS buffer overflow
X-Force URL: http://xforce.iss.net/static/5701.php
_____
Date Reported: 12/5/00
Vulnerability: ibm-db2-gain-access
Platforms Affected: IBM DB2
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: IBM DB2 Universal Database can give access through
default username and password
X-Force URL: http://xforce.iss.net/static/5662.php
_____
Date Reported: 12/5/00
Vulnerability: ibm-db2-dos
Platforms Affected: IBM DB2
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: IBM DB2 Universal Database denial of service
X-Force URL: http://xforce.iss.net/static/5664.php
_____
Date Reported: 12/5/00
Vulnerability: vsu-source-routing
Platforms Affected: VSU
Risk Factor: Medium
Attack Type: Network Based
Brief Description: VPNet VSU gateways contain source routing
X-Force URL: http://xforce.iss.net/static/5667.php
_____
Date Reported: 12/5/00
Vulnerability: vsu-ip-bridging
Platforms Affected: VSU
Risk Factor: Medium
Attack Type: Network Based
Brief Description: VPNet VSU gateways contain bridging code
X-Force URL: http://xforce.iss.net/static/5670.php
_____
Date Reported: 12/5/00
Vulnerability: ftp-servu-homedir-travers
Platforms Affected: Serv-U FTP
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: FTP Serv-U home directory traversal could allow
access to FTProot
X-Force URL: http://xforce.iss.net/static/5639.php
_____
Date Reported: 12/4/00
Vulnerability: cisco-cbos-web-access
Platforms Affected: CISCO CBOS
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Cisco CBOS Web access enabled denial of service
X-Force URL: http://xforce.iss.net/static/5626.php
_____
Date Reported: 12/4/00
Vulnerability: watchguard-soho-get-dos
Platforms Affected: WatchGuard SOHO
Risk Factor: Medium
Attack Type: Network Based
Brief Description: WatchGuard SOHO Firewall multiple GET requests
denial of service
X-Force URL: http://xforce.iss.net/static/5665.php
_____
Date Reported: 12/4/00
Vulnerability: phone-book-service-bo
Platforms Affected: Windows 2000
Windows NT
Risk Factor: High
Attack Type: Network Based
Brief Description: Windows NT and 2000 Phone Book service buffer
overflow
X-Force URL: http://xforce.iss.net/static/5623.php
_____
Date Reported: 12/4/00
Vulnerability: cisco-cbos-syn-packets
Platforms Affected: CISCO CBOS
Risk Factor: High
Attack Type: Network Based
Brief Description: Cisco CBOS SYN packets denial of service
X-Force URL: http://xforce.iss.net/static/5627.php
_____
Date Reported: 12/4/00
Vulnerability: cisco-cbos-invalid-login
Platforms Affected: CISCO CBOS
Risk Factor: High
Attack Type: Network Based
Brief Description: Cisco CBOS does not log invalid logins
X-Force URL: http://xforce.iss.net/static/5628.php
_____
Date Reported: 12/4/00
Vulnerability: cisco-cbos-icmp-echo
Platforms Affected: CISCO CBOS
Risk Factor: High
Attack Type: Network Based
Brief Description: Cisco CBOS large ICMP ECHO packet denial of
service
X-Force URL: http://xforce.iss.net/static/5629.php
_____
Date Reported: 12/2/00
Vulnerability: phpweblog-bypass-authentication
Platforms Affected: phpWebLog
Risk Factor: High
Attack Type: Host Based
Brief Description: phpWebLog allows users to bypass authentication
X-Force URL: http://xforce.iss.net/static/5625.php
_____
Date Reported: 12/1/00
Vulnerability: linux-diskcheck-race-symlink
Platforms Affected: Linux
Risk Factor: Low
Attack Type: Host Based
Brief Description: Linux diskcheck race condition could allow a tmp
file symbolic link attack
X-Force URL: http://xforce.iss.net/static/5624.php
_____
Date Reported: 12/1/00
Vulnerability: ie-form-file-upload
Platforms Affected: Microsoft Internet Explorer
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Internet Explorer file upload form
X-Force URL: http://xforce.iss.net/static/5615.php
_____
Date Reported: 12/1/00
Vulnerability: mssql-xp-paraminfo-bo
Platforms Affected:
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Microsoft SQL XP srv_paraminfo() buffer overflow
X-Force URL: http://xforce.iss.net/static/5622.php
_____
Date Reported: 12/1/00
Vulnerability: majordomo-auth-execute-commands
Platforms Affected: Majordomo
Risk Factor: High
Attack Type: Network Based
Brief Description: Majordomo allows administrative access without
password
X-Force URL: http://xforce.iss.net/static/5611.php
_____
Date Reported: 12/1/00
Vulnerability: ie-print-template
Platforms Affected: Microsoft Internet Explorer
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Internet Explorer print template
X-Force URL: http://xforce.iss.net/static/5614.php
_____
Date Reported: 12/1/00
Vulnerability: aix-piobe-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX piobe buffer overflow
X-Force URL: http://xforce.iss.net/static/5616.php
_____
Date Reported: 12/1/00
Vulnerability: aix-pioout-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX pioout buffer overflow
X-Force URL: http://xforce.iss.net/static/5617.php
_____
Date Reported: 12/1/00
Vulnerability: aix-setclock-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX setclock buffer overflow
X-Force URL: http://xforce.iss.net/static/5618.php
_____
Date Reported: 12/1/00
Vulnerability: aix-enq-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX enq buffer overflow
X-Force URL: http://xforce.iss.net/static/5619.php
_____
Date Reported: 12/1/00
Vulnerability: aix-digest-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX digest buffer overflow
X-Force URL: http://xforce.iss.net/static/5620.php
_____
Date Reported: 12/1/00
Vulnerability: aix-setsenv-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX setsenv buffer overflow
X-Force URL: http://xforce.iss.net/static/5621.php
Risk Factor Key:
High Any vulnerability that provides an attacker with immediate
access into a machine, gains superuser access, or bypasses
a firewall. Example: A vulnerable Sendmail 8.6.5 version
that allows an intruder to execute commands on mail
server.
Medium Any vulnerability that provides information that has a
high potential of giving system access to an intruder.
Example: A misconfigured TFTP or vulnerable NIS server
that allows an intruder to get the password file that
could contain an account with a guessable password.
Low Any vulnerability that provides information that
potentially could lead to a compromise. Example: A
finger that allows an intruder to find out who is online
and potential accounts to attempt to crack passwords
via brute force methods.
_____
Additional Information
This document is available at http://xforce.iss.net/alerts/advisennn.php.
To receive these Alerts and Advisories:
- - Subscribe to the Alert mailing list from
http://xforce.iss.net/maillists/index.php
- - Or send an email to majordomo@iss.net, and within the body of the
message type:
'subscribe alert' (without the quotes).
About Internet Security Systems (ISS)
Internet Security Systems, Inc. (ISS) (NASDAQ: ISSX) is the leading
global provider of security management solutions for the Internet.
By combining best of breed products, security management services,
aggressive research and development, and comprehensive educational
and consulting services, ISS is the trusted security advisor for
thousands of organizations around the world looking to protect their
mission critical information and networks.
Copyright (c) 2001 by Internet Security Systems, Inc.
Permission is hereby granted for the redistribution of this Alert
electronically. It is not to be edited in any way without express consent
of the X-Force. If you wish to reprint the whole or any part of this
Alert in any other medium excluding electronic medium, please e-mail
xforce@iss.net for permission.
Disclaimer
The information within this paper may change without notice. Use of this
information constitutes acceptance for use in an AS IS condition. There
are NO warranties with regard to this information. In no event shall the
author be liable for any damages whatsoever arising out of or in
connection with the use or spread of this information. Any use of this
information is at the user's own risk.
X-Force PGP Key available at: http://xforce.iss.net/sensitive.php as
well as on MIT's PGP key server and PGP.com's key server.
Please send suggestions, updates, and comments to: X-Force xforce@iss.net
of Internet Security Systems, Inc.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a
Charset: noconv
iQCVAwUBOmd8xjRfJiV99eG9AQHGkAQAgX36zVSxItnmE160WG5ws5c6tp0F0Sr0
LLmTWkj7iiYUNv2dKxsw0L4IxItVyilHBYDDrQtjpD76ABE1YhaU2qxlFCeNqMoL
r21MXXYy0JZWfMCU+t7dk7VNtDzy/0EpbZIcBqziisvQJYgUin3viD54QK+gsYIw
jbM10AXVSHw=
=5U+8
-----END PGP SIGNATURE-----
| VAR-200102-0029 | CVE-2001-0057 | Oracle Internet Directory LDAP Daemon does not check write permissions properly |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Cisco 600 routers running CBOS 2.4.1 and earlier allow remote attackers to cause a denial of service via a large ICMP echo (ping) packet. The Oracle LDAP Daemon (oidldapd version 2.1.1.1), which ships with Oracle version 8i for Linux version 8.1.7, does not check write permissions properly. This can allow a local user to delete or write to any file on the system. There is a buffer overflow in the IBM AIX setclock command that may allow local attackers to gain root privileges. Broadband Operating System is prone to a denial-of-service vulnerability. The vulnerability exists in Cisco 600 routers running CBOS 2.4.1 and earlier versions. -----BEGIN PGP SIGNED MESSAGE-----
Internet Security Systems Security Alert Summary
January 1, 2001
Volume 6 Number 2
The following computer security issues have been publicly reported and
documented in the X-Force Vulnerability and Threat Database
(http://xforce.iss.net).
This document is available at
http://xforce.iss.net/alerts/vol-06_num-02.php. To receive these Alert
Summaries:
- - Subscribe to the Alert mailing list from
http://xforce.iss.net/maillists/index.php
- - Or send an email to majordomo@iss.net, and within the body of the
message type:
- - 'subscribe alert' (without the quotes).
_____
Contents
115 Reported Vulnerabilities
Risk Factor Key
_____
Date Reported: 12/31/00
Vulnerability: exmh-error-symlink
Platforms Affected: exmh 2.2 and earlier
Risk Factor: High
Attack Type: Host Based
Brief Description: exmh error message symlink
X-Force URL: http://xforce.iss.net/static/5829.php
_____
Date Reported: 12/30/00
Vulnerability: informix-webdriver-symlink
Platforms Affected: Informix Webdriver
Risk Factor: High
Attack Type: Host Based
Brief Description: Informix Webdriver symbolic link
X-Force URL: http://xforce.iss.net/static/5827.php
_____
Date Reported: 12/30/00
Vulnerability: informix-webdriver-admin-access
Platforms Affected: Informix Webdriver
Risk Factor: High
Attack Type: Network Based
Brief Description: Informix Webdriver remote Admin access
X-Force URL: http://xforce.iss.net/static/5833.php
_____
Date Reported: 12/29/00
Vulnerability: zonealarm-mutex-dos
Platforms Affected: ZoneAlarm Pro
Risk Factor: Medium
Attack Type: Host Based
Brief Description: ZoneAlarm and ZoneAlarm Pro Mutex creation denial
of service
X-Force URL: http://xforce.iss.net/static/5821.php
_____
Date Reported: 12/29/00
Vulnerability: zonealarm-batfile-dos
Platforms Affected: ZoneAlarm Pro
Risk Factor: Medium
Attack Type: Host Based
Brief Description: ZoneAlarm and ZoneAlarm Pro can be taken down with
a batch file
X-Force URL: http://xforce.iss.net/static/5822.php
_____
Date Reported: 12/29/00
Vulnerability: shockwave-flash-swf-bo
Platforms Affected: Shockwave Plugin 8.0 and prior
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Shockwave Flash SWF file buffer overflow
X-Force URL: http://xforce.iss.net/static/5826.php
_____
Date Reported: 12/29/00
Vulnerability: macos-multiple-users
Platforms Affected: MacOS 9.0
Risk Factor: High
Attack Type: Host Based
Brief Description: Mac OS 'Multiple Users' bypass password
X-Force URL: http://xforce.iss.net/static/5830.php
_____
Date Reported: 12/28/00
Vulnerability: http-cgi-ikonboard
Platforms Affected: Ikonboard 2.1.7b and prior
Risk Factor: High
Attack Type: Host Based
Brief Description: Ikonboard allows remote attacker to execute
commands
X-Force URL: http://xforce.iss.net/static/5819.php
_____
Date Reported: 12/27/00
Vulnerability: http-cgi-technote-main
Platforms Affected: TECH-NOTE (000, 2001, Pro)
Risk Factor: High
Attack Type: Network Based
Brief Description: TECH-NOTE main.cgi reveals files
X-Force URL: http://xforce.iss.net/static/5813.php
_____
Date Reported: 12/26/00
Vulnerability: xwindows-char-dos
Platforms Affected: XFree86
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: X Windows multiple character denial of service
X-Force URL: http://xforce.iss.net/static/5834.php
_____
Date Reported: 12/25/00
Vulnerability: 1stup-mail-server-bo
Platforms Affected: 1st Up Mail Server 4.1
Risk Factor: Medium
Attack Type: Network Based
Brief Description: 1st Up Mail Server buffer overflow
X-Force URL: http://xforce.iss.net/static/5808.php
_____
Date Reported: 12/25/00
Vulnerability: dialog-symlink
Platforms Affected: Linux Debian 2.2
Risk Factor: High
Attack Type: Host Based
Brief Description: Linux dialog package symlink attack
X-Force URL: http://xforce.iss.net/static/5809.php
_____
Date Reported: 12/25/00
Vulnerability: ibm-wcs-admin
Platforms Affected: IBM Websphere Commerce Suite
Risk Factor: High
Attack Type: Host Based
Brief Description: IBM WCS admin.config allows user to execute
arbitrary commands
X-Force URL: http://xforce.iss.net/static/5831.php
_____
Date Reported: 12/23/00
Vulnerability: http-cgi-technote-print
Platforms Affected: TECH-NOTE (2000, 2001, Pro)
Risk Factor: Medium
Attack Type: Network Based
Brief Description: TECH-NOTE print.cgi reveals files
X-Force URL: http://xforce.iss.net/static/5815.php
_____
Date Reported: 12/22/00
Vulnerability: iis-web-form-submit
Platforms Affected: IIS (4.0, 5.0)
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: IIS Web form submission
X-Force URL: http://xforce.iss.net/static/5823.php
_____
Date Reported: 12/21/00
Vulnerability: hpux-kermit-bo
Platforms Affected: HPUX (10.01, 10.10, 10.20, 11.00)
Risk Factor: Medium
Attack Type: Host Based
Brief Description: HP-UX kermit buffer overflow
X-Force URL: http://xforce.iss.net/static/5793.php
_____
Date Reported: 12/21/00
Vulnerability: bsguest-cgi-execute-commands
Platforms Affected: Linux
Risk Factor: Medium
Attack Type: Network Based
Brief Description: bsguest.cgi allows remote execution of commands on
server
X-Force URL: http://xforce.iss.net/static/5796.php
_____
Date Reported: 12/21/00
Vulnerability: bslist-cgi-execute-commands
Platforms Affected: Linux
Risk Factor: Medium
Attack Type: Network Based
Brief Description: bslist.cgi allows remote execution of commands on
server
X-Force URL: http://xforce.iss.net/static/5797.php
_____
Date Reported: 12/21/00
Vulnerability: infinite-interchange-dos
Platforms Affected: Infinite Interchange 3.61
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Infinite InterChange denial of service
X-Force URL: http://xforce.iss.net/static/5798.php
_____
Date Reported: 12/21/00
Vulnerability: oracle-execute-plsql
Platforms Affected: Oracle Application Server
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Oracle remote procedure execution
X-Force URL: http://xforce.iss.net/static/5817.php
_____
Date Reported: 12/21/00
Vulnerability: ksh-redirection-symlink
Platforms Affected: IRIX (6.2, 6.5.x)
Solaris (2.5.1, 2.6, 7)
HPUX 9.00
Digital Unix 5.0
Risk Factor: High
Attack Type: Host Based
Brief Description: ksh redirection symlink attack
X-Force URL: http://xforce.iss.net/static/5811.php
_____
Date Reported: 12/21/00
Vulnerability: oracle-webdb-admin-access
Platforms Affected: Oracle Internet Application Server 3.0.7
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Oracle IAS allows administrative access
X-Force URL: http://xforce.iss.net/static/5818.php
_____
Date Reported: 12/21/00
Vulnerability: infinite-interchange-dos
Platforms Affected: Infinite Interchange 3.61
Risk Factor: Web Scan
Attack Type: Network/Host Based
Brief Description: Infinite InterChange denial of service
X-Force URL: http://xforce.iss.net/static/5798.php
_____
Date Reported: 12/20/00
Vulnerability: gnupg-detached-sig-modify
Platforms Affected: GnuPG (1.0, 1.0.1, 1.0.2, 1.0.3)
Risk Factor: Medium
Attack Type: Host Based
Brief Description: GnuPG allows users to modify signed messages with
detached signatures
X-Force URL: http://xforce.iss.net/static/5802.php
_____
Date Reported: 12/20/00
Vulnerability: gnupg-reveal-private
Platforms Affected: GnuPG (1.0, 1.0.1, 1.0.2, 1.0.3)
Risk Factor: Medium
Attack Type: Host Based
Brief Description: GnuPG will import private keys along with public
keys
X-Force URL: http://xforce.iss.net/static/5803.php
_____
Date Reported: 12/20/00
Vulnerability: zonealarm-nmap-scans
Platforms Affected: ZoneAlarm
Risk Factor: High
Attack Type: Network Based
Brief Description: ZoneAlarm does not detect NMAP scans
X-Force URL: http://xforce.iss.net/static/5799.php
_____
Date Reported: 12/20/00
Vulnerability: zonealarm-open-shares
Platforms Affected: ZoneAlarm
Risk Factor: High
Attack Type: Network Based
Brief Description: ZoneAlarm open shares
X-Force URL: http://xforce.iss.net/static/5825.php
_____
Date Reported: 12/19/00
Vulnerability: win2k-index-service-activex
Platforms Affected: Windows 2000
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: Windows 2000 Index Service ActiveX controls allow
unauthorized access to file information
X-Force URL: http://xforce.iss.net/static/5800.php
_____
Date Reported: 12/19/00
Vulnerability: proftpd-size-memory-leak
Platforms Affected: Proftpd
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: proftpd memory leak when using SIZE command
X-Force URL: http://xforce.iss.net/static/5801.php
_____
Date Reported: 12/19/00
Vulnerability: weblogic-dot-bo
Platforms Affected: WebLogic
Risk Factor: Medium
Attack Type: Network Based
Brief Description: BEA WebLogic Server "dotdot" URL buffer overflow
X-Force URL: http://xforce.iss.net/static/5782.php
_____
Date Reported: 12/19/00
Vulnerability: mdaemon-imap-dos
Platforms Affected: MDaemon
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: MDaemon IMAP buffer overflow denial of service
X-Force URL: http://xforce.iss.net/static/5805.php
_____
Date Reported: 12/19/00
Vulnerability: zope-calculate-roles
Platforms Affected: Zp[e
Risk Factor: High
Attack Type: Host Based
Brief Description: zope package in Linux calculates local roles
incorrectly
X-Force URL: http://xforce.iss.net/static/5777.php
_____
Date Reported: 12/19/00
Vulnerability: itetris-svgalib-path
Platforms Affected: svgalib
Risk Factor: High
Attack Type: Host Based
Brief Description: Itetris svgalib PATH
X-Force URL: http://xforce.iss.net/static/5795.php
_____
Date Reported: 12/18/00
Vulnerability: bsd-ftpd-replydirname-bo
Platforms Affected: BSD Based Operating Systems
Risk Factor: High
Attack Type: Network Based
Brief Description: BSD ftpd replydirname() function buffer overflow
X-Force URL: http://xforce.iss.net/static/5776.php
_____
Date Reported: 12/18/00
Vulnerability: sonata-command-execute
Platforms Affected: Sonata
Risk Factor: High
Attack Type: Host Based
Brief Description: Sonata argument command line execution
X-Force URL: http://xforce.iss.net/static/5787.php
_____
Date Reported: 12/18/00
Vulnerability: solaris-catman-symlink
Platforms Affected: Solaris
Risk Factor: High
Attack Type: Host Based
Brief Description: Solaris catman command symlink attack
X-Force URL: http://xforce.iss.net/static/5788.php
_____
Date Reported: 12/18/00
Vulnerability: solaris-patchadd-symlink
Platforms Affected: Solaris
Risk Factor: High
Attack Type: Host Based
Brief Description: Solaris patchadd symlink attack
X-Force URL: http://xforce.iss.net/static/5789.php
_____
Date Reported: 12/18/00
Vulnerability: stunnel-format-logfile
Platforms Affected: Stunnel
Risk Factor: High
Attack Type: Network Based
Brief Description: Stunnel format allows user to write to logfile
X-Force URL: http://xforce.iss.net/static/5807.php
_____
Date Reported: 12/17/00
Vulnerability: hp-top-sys-files
Platforms Affected: HPUX
Risk Factor: Low
Attack Type: Host Based
Brief Description: HP-UX top command could be used to overwrite files
X-Force URL: http://xforce.iss.net/static/5773.php
_____
Date Reported: 12/16/00
Vulnerability: zope-legacy-names
Platforms Affected: Zope
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Linux zope package "legacy" names
X-Force URL: http://xforce.iss.net/static/5824.php
_____
Date Reported: 12/15/00
Vulnerability: mrj-runtime-malicious-applets
Platforms Affected: MRJ
Risk Factor: Low
Attack Type: Host Based
Brief Description: MRJ runtime environment could allow malicious
applets to be executed
X-Force URL: http://xforce.iss.net/static/5784.php
_____
Date Reported: 12/14/00
Vulnerability: coffeecup-ftp-weak-encryption
Platforms Affected: CoffeeCup FTP
Risk Factor: Low
Attack Type: Host Based
Brief Description: CoffeeCup FTP client has weak password encryption
X-Force URL: http://xforce.iss.net/static/5744.php
_____
Date Reported: 12/14/00
Vulnerability: watchguard-soho-fragmented-packets
Platforms Affected: WatchGuard
Risk Factor: Medium
Attack Type: Network Based
Brief Description: WatchGuard SOHO Firewall fragmented IP packet
attack
X-Force URL: http://xforce.iss.net/static/5749.php
_____
Date Reported: 12/14/00
Vulnerability: jpilot-perms
Platforms Affected: J-Pilot
Risk Factor: Medium
Attack Type: Host Based
Brief Description: J-Pilot permissions could reveal sensitive
information
X-Force URL: http://xforce.iss.net/static/5762.php
_____
Date Reported: 12/14/00
Vulnerability: mediaservices-dropped-connection-dos
Platforms Affected: Microsoft Media Services
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Microsoft Media Services dropped connection denial
of service
X-Force URL: http://xforce.iss.net/static/5785.php
_____
Date Reported: 12/14/00
Vulnerability: watchguard-soho-web-auth
Platforms Affected: WatchGuard
Risk Factor: High
Attack Type: Network Based
Brief Description: WatchGuard SOHO Web config server could allow
unauthenticated access
X-Force URL: http://xforce.iss.net/static/5554.php
_____
Date Reported: 12/14/00
Vulnerability: watchguard-soho-passcfg-reset
Platforms Affected: WatchGuard
Risk Factor: High
Attack Type: Network Based
Brief Description: WatchGuard SOHO administrator password can be
remotely reset
X-Force URL: http://xforce.iss.net/static/5742.php
_____
Date Reported: 12/14/00
Vulnerability: http-cgi-simplestguest
Platforms Affected: simplestguest.cgi
Risk Factor: High
Attack Type: Network Based
Brief Description: simplestguest.cgi input validation error
X-Force URL: http://xforce.iss.net/static/5743.php
_____
Date Reported: 12/14/00
Vulnerability: safeword-palm-pin-extraction
Platforms Affected: SafeWord
e.iD Palm Authenticator
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: SafeWord and e.iD Palm Authenticator allows
attacker to clone Palm device
X-Force URL: http://xforce.iss.net/static/5753.php
_____
Date Reported: 12/14/00
Vulnerability: mdaemon-lock-bypass-password
Platforms Affected: MDaemon
Risk Factor: High
Attack Type: Host Based
Brief Description: MDaemon "lock" bypass password
X-Force URL: http://xforce.iss.net/static/5763.php
_____
Date Reported: 12/13/00
Vulnerability: cisco-catalyst-ssh-mismatch
Platforms Affected: Cisco Catalyst
Risk Factor: Low
Attack Type: Network Based
Brief Description: Cisco Catalyst SSH protocol mismatch
X-Force URL: http://xforce.iss.net/static/5760.php
_____
Date Reported: 12/13/00
Vulnerability: microsoft-iis-file-disclosure
Platforms Affected: IIS
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Microsoft IIS Far East editions file disclosure
X-Force URL: http://xforce.iss.net/static/5729.php
_____
Date Reported: 12/13/00
Vulnerability: ezshopper-cgi-file-disclosure
Platforms Affected: loadpage.cgi
Risk Factor: Medium
Attack Type: Network Based
Brief Description: EZshopper loadpage.cgi file disclosure
X-Force URL: http://xforce.iss.net/static/5740.php
_____
Date Reported: 12/13/00
Vulnerability: winnt-mstask-dos
Platforms Affected: Windows NT
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Windows NT MSTask.exe denial of service
X-Force URL: http://xforce.iss.net/static/5746.php
_____
Date Reported: 12/13/00
Vulnerability: bftpd-site-chown-bo
Platforms Affected: BFTPD
Risk Factor: High
Attack Type: Network Based
Brief Description: BFTPD SITE CHOWN buffer overflow
X-Force URL: http://xforce.iss.net/static/5775.php
_____
Date Reported: 12/12/00
Vulnerability: aim-remote-bo
Platforms Affected: AOL Instant Messenger
Risk Factor: Medium
Attack Type: Network Based
Brief Description: AOL Instant Messenger buffer overflow
X-Force URL: http://xforce.iss.net/static/5732.php
_____
Date Reported: 12/12/00
Vulnerability: subscribemelite-gain-admin-access
Platforms Affected: Subscribe Me Lite
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Subscribe Me Lite mailing list manager
unauthorized access
X-Force URL: http://xforce.iss.net/static/5735.php
_____
Date Reported: 12/12/00
Vulnerability: zope-image-file
Platforms Affected: Zope
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux zope package Image and File objects
X-Force URL: http://xforce.iss.net/static/5778.php
_____
Date Reported: 12/12/00
Vulnerability: http-cgi-everythingform
Platforms Affected: everythingform.cgi
Risk Factor: High
Attack Type: Network Based
Brief Description: everythingform.cgi input validation error
X-Force URL: http://xforce.iss.net/static/5736.php
_____
Date Reported: 12/12/00
Vulnerability: http-cgi-simplestmail
Platforms Affected: simplestmail.cgi
Risk Factor: High
Attack Type: Network Based
Brief Description: simplestmail.cgi input validation error
X-Force URL: http://xforce.iss.net/static/5739.php
_____
Date Reported: 12/12/00
Vulnerability: http-cgi-ad
Platforms Affected: ad.cgi
Risk Factor: High
Attack Type: Network Based
Brief Description: ad.cgi input validation error
X-Force URL: http://xforce.iss.net/static/5741.php
_____
Date Reported: 12/12/00
Vulnerability: kde-kmail-weak-encryption
Platforms Affected: KDE KMail
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: KDE KMail weak password encryption
X-Force URL: http://xforce.iss.net/static/5761.php
_____
Date Reported: 12/12/00
Vulnerability: aolim-buddyicon-bo
Platforms Affected: AOL Instant Messenger
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: AOL Instant Messenger Buddy Icon buffer overflow
X-Force URL: http://xforce.iss.net/static/5786.php
_____
Date Reported: 12/12/00
Vulnerability: aim-remote-bo
Platforms Affected: AOL Instant Messenger
Risk Factor: Medium
Attack Type: Network Based
Brief Description: AOL Instant Messenger buffer overflow
X-Force URL: http://xforce.iss.net/static/5732.php
_____
Date Reported: 12/11/00
Vulnerability: rppppoe-zero-length-dos
Platforms Affected: rp-pppoe
Risk Factor: Medium
Attack Type: Network Based
Brief Description: rp-pppoe "zero-length" option denial of service
X-Force URL: http://xforce.iss.net/static/5727.php
_____
Date Reported: 12/11/00
Vulnerability: proftpd-modsqlpw-unauth-access
Platforms Affected: ProFTPd
Risk Factor: Medium
Attack Type: Network Based
Brief Description: ProFTPD system using mod_sqlpw unauthorized access
X-Force URL: http://xforce.iss.net/static/5737.php
_____
Date Reported: 12/11/00
Vulnerability: gnu-ed-symlink
Platforms Affected: GNU ed
Risk Factor: High
Attack Type: Host Based
Brief Description: GNU ed symlink
X-Force URL: http://xforce.iss.net/static/5723.php
_____
Date Reported: 12/11/00
Vulnerability: oops-ftputils-bo
Platforms Affected: Oops Proxy Server
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Oops Proxy Server ftp_utils buffer overflow
X-Force URL: http://xforce.iss.net/static/5725.php
_____
Date Reported: 12/11/00
Vulnerability: oracle-oidldap-write-permission
Platforms Affected: Oracle Internet Directory
Risk Factor: High
Attack Type: Host Based
Brief Description: Oracle Internet Directory write permission
X-Force URL: http://xforce.iss.net/static/5804.php
_____
Date Reported: 12/9/00
Vulnerability: foolproof-security-bypass
Platforms Affected: FoolProof
Risk Factor: High
Attack Type: Host Based
Brief Description: FoolProof Security restriction bypass using FTP
X-Force URL: http://xforce.iss.net/static/5758.php
_____
Date Reported: 12/8/00
Vulnerability: broadvision-bv1to1-reveal-path
Platforms Affected: BroadVision One-To-One Enterprise Server
Risk Factor: Low
Attack Type: Network Based
Brief Description: BroadVision One-To-One Enterprise Server reveals
path to server
X-Force URL: http://xforce.iss.net/static/5661.php
_____
Date Reported: 12/8/00
Vulnerability: ssldump-format-strings
Platforms Affected: ssldump
Risk Factor: Medium
Attack Type: Network Based
Brief Description: ssldump format string could allow arbitrary
execution of code
X-Force URL: http://xforce.iss.net/static/5717.php
_____
Date Reported: 12/8/00
Vulnerability: coldfusion-sample-dos
Platforms Affected: ColdFusion
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: ColdFusion sample script denial of service
X-Force URL: http://xforce.iss.net/static/5755.php
_____
Date Reported: 12/8/00
Vulnerability: kerberos4-arbitrary-proxy
Platforms Affected: Kerberos 4
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: KTH Kerberos 4 arbitrary proxy enviornment
variable
X-Force URL: http://xforce.iss.net/static/5733.php
_____
Date Reported: 12/8/00
Vulnerability: kerberos4-auth-packet-overflow
Platforms Affected: Kerberos 4
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: KTH Kerberos 4 authentication packet buffer
overflow
X-Force URL: http://xforce.iss.net/static/5734.php
_____
Date Reported: 12/8/00
Vulnerability: kerberos4-user-config
Platforms Affected: Kerberos 4
Risk Factor: High
Attack Type: Host Based
Brief Description: KTH Kerberos 4 user supplied configuration files
X-Force URL: http://xforce.iss.net/static/5738.php
_____
Date Reported: 12/8/00
Vulnerability: kerberos4-tmpfile-dos
Platforms Affected: Kerberos 4
Risk Factor: High
Attack Type: Host Based
Brief Description: KTH Kerberos 4 race condition
X-Force URL: http://xforce.iss.net/static/5754.php
_____
Date Reported: 12/7/00
Vulnerability: homeseer-directory-traversal
Platforms Affected: HomeSeer
Risk Factor: Low
Attack Type: Network Based
Brief Description: HomeSeer allows directory traversal
X-Force URL: http://xforce.iss.net/static/5663.php
_____
Date Reported: 12/7/00
Vulnerability: offline-explorer-reveal-files
Platforms Affected: MetaProducts Offline Explorer
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: MetaProducts Offline Explorer can reveal file
system
X-Force URL: http://xforce.iss.net/static/5728.php
_____
Date Reported: 12/7/00
Vulnerability: imail-smtp-auth-dos
Platforms Affected: IMail
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: IMail SMTP auth denial of service
X-Force URL: http://xforce.iss.net/static/5674.php
_____
Date Reported: 12/6/00
Vulnerability: apc-apcupsd-dos
Platforms Affected: APC apcupsd
Risk Factor: Medium
Attack Type: Host Based
Brief Description: APC apcupsd denial of service
X-Force URL: http://xforce.iss.net/static/5654.php
_____
Date Reported: 12/6/00
Vulnerability: cisco-catalyst-telnet-dos
Platforms Affected: Cisco Catalyst
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Cisco Catalyst telnet server memory leak denial of
service
X-Force URL: http://xforce.iss.net/static/5656.php
_____
Date Reported: 12/6/00
Vulnerability: apache-php-disclose-files
Platforms Affected: Apache Web server
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Apache Web server discloses files when used with
php script
X-Force URL: http://xforce.iss.net/static/5659.php
_____
Date Reported: 12/6/00
Vulnerability: ultraseek-reveal-path
Platforms Affected: Ultraseek
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Ultraseek Server can reveal the path and source
code to certain files
X-Force URL: http://xforce.iss.net/static/5660.php
_____
Date Reported: 12/6/00
Vulnerability: irc-dreamforge-dns-dos
Platforms Affected: DreamForge IRCd
Risk Factor: Medium
Attack Type: Network Based
Brief Description: DreamForge IRCd DNS denial of service
X-Force URL: http://xforce.iss.net/static/5721.php
_____
Date Reported: 12/6/00
Vulnerability: mailman-alternate-templates
Platforms Affected: MailMan
Risk Factor: High
Attack Type: Network Based
Brief Description: MailMan Alternate Templates form variable allows
remote attacker to execute commands
X-Force URL: http://xforce.iss.net/static/5649.php
_____
Date Reported: 12/6/00
Vulnerability: phpgroupware-include-files
Platforms Affected:
Risk Factor: High
Attack Type: Network Based
Brief Description: phpGroupWare include files allows remote attacker
to execute commands
X-Force URL: http://xforce.iss.net/static/5650.php
_____
Date Reported: 12/6/00
Vulnerability: markvision-printer-driver-bo
Platforms Affected: Lexmark MarkVision
Risk Factor: High
Attack Type: Host Based
Brief Description: Lexmark MarkVision printer drivers for Unix buffer
overflows
X-Force URL: http://xforce.iss.net/static/5651.php
_____
Date Reported: 12/6/00
Vulnerability: nt-ras-reg-perms
Platforms Affected: Windows NT
Risk Factor: High
Attack Type: Host Based
Brief Description: Windows NT RAS registry permissions
X-Force URL: http://xforce.iss.net/static/5671.php
_____
Date Reported: 12/6/00
Vulnerability: nt-snmp-reg-perms
Platforms Affected: Windows NT
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Windows NT SNMP registry permissions
X-Force URL: http://xforce.iss.net/static/5672.php
_____
Date Reported: 12/6/00
Vulnerability: nt-mts-reg-perms
Platforms Affected: Windows NT
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Windows NT MTS registry permissions
X-Force URL: http://xforce.iss.net/static/5673.php
_____
Date Reported: 12/6/00
Vulnerability: irc-bitchx-dns-bo
Platforms Affected: BitchX
Risk Factor: High
Attack Type: Network Based
Brief Description: BitchX IRC DNS buffer overflow
X-Force URL: http://xforce.iss.net/static/5701.php
_____
Date Reported: 12/5/00
Vulnerability: ibm-db2-gain-access
Platforms Affected: IBM DB2
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: IBM DB2 Universal Database can give access through
default username and password
X-Force URL: http://xforce.iss.net/static/5662.php
_____
Date Reported: 12/5/00
Vulnerability: ibm-db2-dos
Platforms Affected: IBM DB2
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: IBM DB2 Universal Database denial of service
X-Force URL: http://xforce.iss.net/static/5664.php
_____
Date Reported: 12/5/00
Vulnerability: vsu-source-routing
Platforms Affected: VSU
Risk Factor: Medium
Attack Type: Network Based
Brief Description: VPNet VSU gateways contain source routing
X-Force URL: http://xforce.iss.net/static/5667.php
_____
Date Reported: 12/5/00
Vulnerability: vsu-ip-bridging
Platforms Affected: VSU
Risk Factor: Medium
Attack Type: Network Based
Brief Description: VPNet VSU gateways contain bridging code
X-Force URL: http://xforce.iss.net/static/5670.php
_____
Date Reported: 12/5/00
Vulnerability: ftp-servu-homedir-travers
Platforms Affected: Serv-U FTP
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: FTP Serv-U home directory traversal could allow
access to FTProot
X-Force URL: http://xforce.iss.net/static/5639.php
_____
Date Reported: 12/4/00
Vulnerability: cisco-cbos-web-access
Platforms Affected: CISCO CBOS
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Cisco CBOS Web access enabled denial of service
X-Force URL: http://xforce.iss.net/static/5626.php
_____
Date Reported: 12/4/00
Vulnerability: watchguard-soho-get-dos
Platforms Affected: WatchGuard SOHO
Risk Factor: Medium
Attack Type: Network Based
Brief Description: WatchGuard SOHO Firewall multiple GET requests
denial of service
X-Force URL: http://xforce.iss.net/static/5665.php
_____
Date Reported: 12/4/00
Vulnerability: phone-book-service-bo
Platforms Affected: Windows 2000
Windows NT
Risk Factor: High
Attack Type: Network Based
Brief Description: Windows NT and 2000 Phone Book service buffer
overflow
X-Force URL: http://xforce.iss.net/static/5623.php
_____
Date Reported: 12/4/00
Vulnerability: cisco-cbos-syn-packets
Platforms Affected: CISCO CBOS
Risk Factor: High
Attack Type: Network Based
Brief Description: Cisco CBOS SYN packets denial of service
X-Force URL: http://xforce.iss.net/static/5627.php
_____
Date Reported: 12/4/00
Vulnerability: cisco-cbos-invalid-login
Platforms Affected: CISCO CBOS
Risk Factor: High
Attack Type: Network Based
Brief Description: Cisco CBOS does not log invalid logins
X-Force URL: http://xforce.iss.net/static/5628.php
_____
Date Reported: 12/4/00
Vulnerability: cisco-cbos-icmp-echo
Platforms Affected: CISCO CBOS
Risk Factor: High
Attack Type: Network Based
Brief Description: Cisco CBOS large ICMP ECHO packet denial of
service
X-Force URL: http://xforce.iss.net/static/5629.php
_____
Date Reported: 12/2/00
Vulnerability: phpweblog-bypass-authentication
Platforms Affected: phpWebLog
Risk Factor: High
Attack Type: Host Based
Brief Description: phpWebLog allows users to bypass authentication
X-Force URL: http://xforce.iss.net/static/5625.php
_____
Date Reported: 12/1/00
Vulnerability: linux-diskcheck-race-symlink
Platforms Affected: Linux
Risk Factor: Low
Attack Type: Host Based
Brief Description: Linux diskcheck race condition could allow a tmp
file symbolic link attack
X-Force URL: http://xforce.iss.net/static/5624.php
_____
Date Reported: 12/1/00
Vulnerability: ie-form-file-upload
Platforms Affected: Microsoft Internet Explorer
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Internet Explorer file upload form
X-Force URL: http://xforce.iss.net/static/5615.php
_____
Date Reported: 12/1/00
Vulnerability: mssql-xp-paraminfo-bo
Platforms Affected:
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Microsoft SQL XP srv_paraminfo() buffer overflow
X-Force URL: http://xforce.iss.net/static/5622.php
_____
Date Reported: 12/1/00
Vulnerability: majordomo-auth-execute-commands
Platforms Affected: Majordomo
Risk Factor: High
Attack Type: Network Based
Brief Description: Majordomo allows administrative access without
password
X-Force URL: http://xforce.iss.net/static/5611.php
_____
Date Reported: 12/1/00
Vulnerability: ie-print-template
Platforms Affected: Microsoft Internet Explorer
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Internet Explorer print template
X-Force URL: http://xforce.iss.net/static/5614.php
_____
Date Reported: 12/1/00
Vulnerability: aix-piobe-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX piobe buffer overflow
X-Force URL: http://xforce.iss.net/static/5616.php
_____
Date Reported: 12/1/00
Vulnerability: aix-pioout-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX pioout buffer overflow
X-Force URL: http://xforce.iss.net/static/5617.php
_____
Date Reported: 12/1/00
Vulnerability: aix-setclock-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX setclock buffer overflow
X-Force URL: http://xforce.iss.net/static/5618.php
_____
Date Reported: 12/1/00
Vulnerability: aix-enq-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX enq buffer overflow
X-Force URL: http://xforce.iss.net/static/5619.php
_____
Date Reported: 12/1/00
Vulnerability: aix-digest-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX digest buffer overflow
X-Force URL: http://xforce.iss.net/static/5620.php
_____
Date Reported: 12/1/00
Vulnerability: aix-setsenv-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX setsenv buffer overflow
X-Force URL: http://xforce.iss.net/static/5621.php
Risk Factor Key:
High Any vulnerability that provides an attacker with immediate
access into a machine, gains superuser access, or bypasses
a firewall. Example: A vulnerable Sendmail 8.6.5 version
that allows an intruder to execute commands on mail
server.
Medium Any vulnerability that provides information that has a
high potential of giving system access to an intruder.
Example: A misconfigured TFTP or vulnerable NIS server
that allows an intruder to get the password file that
could contain an account with a guessable password.
Low Any vulnerability that provides information that
potentially could lead to a compromise. Example: A
finger that allows an intruder to find out who is online
and potential accounts to attempt to crack passwords
via brute force methods.
_____
Additional Information
This document is available at http://xforce.iss.net/alerts/advisennn.php.
To receive these Alerts and Advisories:
- - Subscribe to the Alert mailing list from
http://xforce.iss.net/maillists/index.php
- - Or send an email to majordomo@iss.net, and within the body of the
message type:
'subscribe alert' (without the quotes).
About Internet Security Systems (ISS)
Internet Security Systems, Inc. (ISS) (NASDAQ: ISSX) is the leading
global provider of security management solutions for the Internet.
By combining best of breed products, security management services,
aggressive research and development, and comprehensive educational
and consulting services, ISS is the trusted security advisor for
thousands of organizations around the world looking to protect their
mission critical information and networks.
Copyright (c) 2001 by Internet Security Systems, Inc.
Permission is hereby granted for the redistribution of this Alert
electronically. It is not to be edited in any way without express consent
of the X-Force. If you wish to reprint the whole or any part of this
Alert in any other medium excluding electronic medium, please e-mail
xforce@iss.net for permission.
Disclaimer
The information within this paper may change without notice. Use of this
information constitutes acceptance for use in an AS IS condition. There
are NO warranties with regard to this information. In no event shall the
author be liable for any damages whatsoever arising out of or in
connection with the use or spread of this information. Any use of this
information is at the user's own risk.
X-Force PGP Key available at: http://xforce.iss.net/sensitive.php as
well as on MIT's PGP key server and PGP.com's key server.
Please send suggestions, updates, and comments to: X-Force xforce@iss.net
of Internet Security Systems, Inc.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a
Charset: noconv
iQCVAwUBOmd8xjRfJiV99eG9AQHGkAQAgX36zVSxItnmE160WG5ws5c6tp0F0Sr0
LLmTWkj7iiYUNv2dKxsw0L4IxItVyilHBYDDrQtjpD76ABE1YhaU2qxlFCeNqMoL
r21MXXYy0JZWfMCU+t7dk7VNtDzy/0EpbZIcBqziisvQJYgUin3viD54QK+gsYIw
jbM10AXVSHw=
=5U+8
-----END PGP SIGNATURE-----
| VAR-200102-0030 | CVE-2001-0058 | Oracle Internet Directory LDAP Daemon does not check write permissions properly |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
The Web interface to Cisco 600 routers running CBOS 2.4.1 and earlier allow remote attackers to cause a denial of service via a URL that does not end in a space character. The Oracle LDAP Daemon (oidldapd version 2.1.1.1), which ships with Oracle version 8i for Linux version 8.1.7, does not check write permissions properly. This can allow a local user to delete or write to any file on the system. There is a buffer overflow in the IBM AIX setclock command that may allow local attackers to gain root privileges. -----BEGIN PGP SIGNED MESSAGE-----
Internet Security Systems Security Alert Summary
January 1, 2001
Volume 6 Number 2
The following computer security issues have been publicly reported and
documented in the X-Force Vulnerability and Threat Database
(http://xforce.iss.net).
This document is available at
http://xforce.iss.net/alerts/vol-06_num-02.php. To receive these Alert
Summaries:
- - Subscribe to the Alert mailing list from
http://xforce.iss.net/maillists/index.php
- - Or send an email to majordomo@iss.net, and within the body of the
message type:
- - 'subscribe alert' (without the quotes).
_____
Contents
115 Reported Vulnerabilities
Risk Factor Key
_____
Date Reported: 12/31/00
Vulnerability: exmh-error-symlink
Platforms Affected: exmh 2.2 and earlier
Risk Factor: High
Attack Type: Host Based
Brief Description: exmh error message symlink
X-Force URL: http://xforce.iss.net/static/5829.php
_____
Date Reported: 12/30/00
Vulnerability: informix-webdriver-symlink
Platforms Affected: Informix Webdriver
Risk Factor: High
Attack Type: Host Based
Brief Description: Informix Webdriver symbolic link
X-Force URL: http://xforce.iss.net/static/5827.php
_____
Date Reported: 12/30/00
Vulnerability: informix-webdriver-admin-access
Platforms Affected: Informix Webdriver
Risk Factor: High
Attack Type: Network Based
Brief Description: Informix Webdriver remote Admin access
X-Force URL: http://xforce.iss.net/static/5833.php
_____
Date Reported: 12/29/00
Vulnerability: zonealarm-mutex-dos
Platforms Affected: ZoneAlarm Pro
Risk Factor: Medium
Attack Type: Host Based
Brief Description: ZoneAlarm and ZoneAlarm Pro Mutex creation denial
of service
X-Force URL: http://xforce.iss.net/static/5821.php
_____
Date Reported: 12/29/00
Vulnerability: zonealarm-batfile-dos
Platforms Affected: ZoneAlarm Pro
Risk Factor: Medium
Attack Type: Host Based
Brief Description: ZoneAlarm and ZoneAlarm Pro can be taken down with
a batch file
X-Force URL: http://xforce.iss.net/static/5822.php
_____
Date Reported: 12/29/00
Vulnerability: shockwave-flash-swf-bo
Platforms Affected: Shockwave Plugin 8.0 and prior
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Shockwave Flash SWF file buffer overflow
X-Force URL: http://xforce.iss.net/static/5826.php
_____
Date Reported: 12/29/00
Vulnerability: macos-multiple-users
Platforms Affected: MacOS 9.0
Risk Factor: High
Attack Type: Host Based
Brief Description: Mac OS 'Multiple Users' bypass password
X-Force URL: http://xforce.iss.net/static/5830.php
_____
Date Reported: 12/28/00
Vulnerability: http-cgi-ikonboard
Platforms Affected: Ikonboard 2.1.7b and prior
Risk Factor: High
Attack Type: Host Based
Brief Description: Ikonboard allows remote attacker to execute
commands
X-Force URL: http://xforce.iss.net/static/5819.php
_____
Date Reported: 12/27/00
Vulnerability: http-cgi-technote-main
Platforms Affected: TECH-NOTE (000, 2001, Pro)
Risk Factor: High
Attack Type: Network Based
Brief Description: TECH-NOTE main.cgi reveals files
X-Force URL: http://xforce.iss.net/static/5813.php
_____
Date Reported: 12/26/00
Vulnerability: xwindows-char-dos
Platforms Affected: XFree86
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: X Windows multiple character denial of service
X-Force URL: http://xforce.iss.net/static/5834.php
_____
Date Reported: 12/25/00
Vulnerability: 1stup-mail-server-bo
Platforms Affected: 1st Up Mail Server 4.1
Risk Factor: Medium
Attack Type: Network Based
Brief Description: 1st Up Mail Server buffer overflow
X-Force URL: http://xforce.iss.net/static/5808.php
_____
Date Reported: 12/25/00
Vulnerability: dialog-symlink
Platforms Affected: Linux Debian 2.2
Risk Factor: High
Attack Type: Host Based
Brief Description: Linux dialog package symlink attack
X-Force URL: http://xforce.iss.net/static/5809.php
_____
Date Reported: 12/25/00
Vulnerability: ibm-wcs-admin
Platforms Affected: IBM Websphere Commerce Suite
Risk Factor: High
Attack Type: Host Based
Brief Description: IBM WCS admin.config allows user to execute
arbitrary commands
X-Force URL: http://xforce.iss.net/static/5831.php
_____
Date Reported: 12/23/00
Vulnerability: http-cgi-technote-print
Platforms Affected: TECH-NOTE (2000, 2001, Pro)
Risk Factor: Medium
Attack Type: Network Based
Brief Description: TECH-NOTE print.cgi reveals files
X-Force URL: http://xforce.iss.net/static/5815.php
_____
Date Reported: 12/22/00
Vulnerability: iis-web-form-submit
Platforms Affected: IIS (4.0, 5.0)
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: IIS Web form submission
X-Force URL: http://xforce.iss.net/static/5823.php
_____
Date Reported: 12/21/00
Vulnerability: hpux-kermit-bo
Platforms Affected: HPUX (10.01, 10.10, 10.20, 11.00)
Risk Factor: Medium
Attack Type: Host Based
Brief Description: HP-UX kermit buffer overflow
X-Force URL: http://xforce.iss.net/static/5793.php
_____
Date Reported: 12/21/00
Vulnerability: bsguest-cgi-execute-commands
Platforms Affected: Linux
Risk Factor: Medium
Attack Type: Network Based
Brief Description: bsguest.cgi allows remote execution of commands on
server
X-Force URL: http://xforce.iss.net/static/5796.php
_____
Date Reported: 12/21/00
Vulnerability: bslist-cgi-execute-commands
Platforms Affected: Linux
Risk Factor: Medium
Attack Type: Network Based
Brief Description: bslist.cgi allows remote execution of commands on
server
X-Force URL: http://xforce.iss.net/static/5797.php
_____
Date Reported: 12/21/00
Vulnerability: infinite-interchange-dos
Platforms Affected: Infinite Interchange 3.61
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Infinite InterChange denial of service
X-Force URL: http://xforce.iss.net/static/5798.php
_____
Date Reported: 12/21/00
Vulnerability: oracle-execute-plsql
Platforms Affected: Oracle Application Server
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Oracle remote procedure execution
X-Force URL: http://xforce.iss.net/static/5817.php
_____
Date Reported: 12/21/00
Vulnerability: ksh-redirection-symlink
Platforms Affected: IRIX (6.2, 6.5.x)
Solaris (2.5.1, 2.6, 7)
HPUX 9.00
Digital Unix 5.0
Risk Factor: High
Attack Type: Host Based
Brief Description: ksh redirection symlink attack
X-Force URL: http://xforce.iss.net/static/5811.php
_____
Date Reported: 12/21/00
Vulnerability: oracle-webdb-admin-access
Platforms Affected: Oracle Internet Application Server 3.0.7
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Oracle IAS allows administrative access
X-Force URL: http://xforce.iss.net/static/5818.php
_____
Date Reported: 12/21/00
Vulnerability: infinite-interchange-dos
Platforms Affected: Infinite Interchange 3.61
Risk Factor: Web Scan
Attack Type: Network/Host Based
Brief Description: Infinite InterChange denial of service
X-Force URL: http://xforce.iss.net/static/5798.php
_____
Date Reported: 12/20/00
Vulnerability: gnupg-detached-sig-modify
Platforms Affected: GnuPG (1.0, 1.0.1, 1.0.2, 1.0.3)
Risk Factor: Medium
Attack Type: Host Based
Brief Description: GnuPG allows users to modify signed messages with
detached signatures
X-Force URL: http://xforce.iss.net/static/5802.php
_____
Date Reported: 12/20/00
Vulnerability: gnupg-reveal-private
Platforms Affected: GnuPG (1.0, 1.0.1, 1.0.2, 1.0.3)
Risk Factor: Medium
Attack Type: Host Based
Brief Description: GnuPG will import private keys along with public
keys
X-Force URL: http://xforce.iss.net/static/5803.php
_____
Date Reported: 12/20/00
Vulnerability: zonealarm-nmap-scans
Platforms Affected: ZoneAlarm
Risk Factor: High
Attack Type: Network Based
Brief Description: ZoneAlarm does not detect NMAP scans
X-Force URL: http://xforce.iss.net/static/5799.php
_____
Date Reported: 12/20/00
Vulnerability: zonealarm-open-shares
Platforms Affected: ZoneAlarm
Risk Factor: High
Attack Type: Network Based
Brief Description: ZoneAlarm open shares
X-Force URL: http://xforce.iss.net/static/5825.php
_____
Date Reported: 12/19/00
Vulnerability: win2k-index-service-activex
Platforms Affected: Windows 2000
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: Windows 2000 Index Service ActiveX controls allow
unauthorized access to file information
X-Force URL: http://xforce.iss.net/static/5800.php
_____
Date Reported: 12/19/00
Vulnerability: proftpd-size-memory-leak
Platforms Affected: Proftpd
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: proftpd memory leak when using SIZE command
X-Force URL: http://xforce.iss.net/static/5801.php
_____
Date Reported: 12/19/00
Vulnerability: weblogic-dot-bo
Platforms Affected: WebLogic
Risk Factor: Medium
Attack Type: Network Based
Brief Description: BEA WebLogic Server "dotdot" URL buffer overflow
X-Force URL: http://xforce.iss.net/static/5782.php
_____
Date Reported: 12/19/00
Vulnerability: mdaemon-imap-dos
Platforms Affected: MDaemon
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: MDaemon IMAP buffer overflow denial of service
X-Force URL: http://xforce.iss.net/static/5805.php
_____
Date Reported: 12/19/00
Vulnerability: zope-calculate-roles
Platforms Affected: Zp[e
Risk Factor: High
Attack Type: Host Based
Brief Description: zope package in Linux calculates local roles
incorrectly
X-Force URL: http://xforce.iss.net/static/5777.php
_____
Date Reported: 12/19/00
Vulnerability: itetris-svgalib-path
Platforms Affected: svgalib
Risk Factor: High
Attack Type: Host Based
Brief Description: Itetris svgalib PATH
X-Force URL: http://xforce.iss.net/static/5795.php
_____
Date Reported: 12/18/00
Vulnerability: bsd-ftpd-replydirname-bo
Platforms Affected: BSD Based Operating Systems
Risk Factor: High
Attack Type: Network Based
Brief Description: BSD ftpd replydirname() function buffer overflow
X-Force URL: http://xforce.iss.net/static/5776.php
_____
Date Reported: 12/18/00
Vulnerability: sonata-command-execute
Platforms Affected: Sonata
Risk Factor: High
Attack Type: Host Based
Brief Description: Sonata argument command line execution
X-Force URL: http://xforce.iss.net/static/5787.php
_____
Date Reported: 12/18/00
Vulnerability: solaris-catman-symlink
Platforms Affected: Solaris
Risk Factor: High
Attack Type: Host Based
Brief Description: Solaris catman command symlink attack
X-Force URL: http://xforce.iss.net/static/5788.php
_____
Date Reported: 12/18/00
Vulnerability: solaris-patchadd-symlink
Platforms Affected: Solaris
Risk Factor: High
Attack Type: Host Based
Brief Description: Solaris patchadd symlink attack
X-Force URL: http://xforce.iss.net/static/5789.php
_____
Date Reported: 12/18/00
Vulnerability: stunnel-format-logfile
Platforms Affected: Stunnel
Risk Factor: High
Attack Type: Network Based
Brief Description: Stunnel format allows user to write to logfile
X-Force URL: http://xforce.iss.net/static/5807.php
_____
Date Reported: 12/17/00
Vulnerability: hp-top-sys-files
Platforms Affected: HPUX
Risk Factor: Low
Attack Type: Host Based
Brief Description: HP-UX top command could be used to overwrite files
X-Force URL: http://xforce.iss.net/static/5773.php
_____
Date Reported: 12/16/00
Vulnerability: zope-legacy-names
Platforms Affected: Zope
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Linux zope package "legacy" names
X-Force URL: http://xforce.iss.net/static/5824.php
_____
Date Reported: 12/15/00
Vulnerability: mrj-runtime-malicious-applets
Platforms Affected: MRJ
Risk Factor: Low
Attack Type: Host Based
Brief Description: MRJ runtime environment could allow malicious
applets to be executed
X-Force URL: http://xforce.iss.net/static/5784.php
_____
Date Reported: 12/14/00
Vulnerability: coffeecup-ftp-weak-encryption
Platforms Affected: CoffeeCup FTP
Risk Factor: Low
Attack Type: Host Based
Brief Description: CoffeeCup FTP client has weak password encryption
X-Force URL: http://xforce.iss.net/static/5744.php
_____
Date Reported: 12/14/00
Vulnerability: watchguard-soho-fragmented-packets
Platforms Affected: WatchGuard
Risk Factor: Medium
Attack Type: Network Based
Brief Description: WatchGuard SOHO Firewall fragmented IP packet
attack
X-Force URL: http://xforce.iss.net/static/5749.php
_____
Date Reported: 12/14/00
Vulnerability: jpilot-perms
Platforms Affected: J-Pilot
Risk Factor: Medium
Attack Type: Host Based
Brief Description: J-Pilot permissions could reveal sensitive
information
X-Force URL: http://xforce.iss.net/static/5762.php
_____
Date Reported: 12/14/00
Vulnerability: mediaservices-dropped-connection-dos
Platforms Affected: Microsoft Media Services
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Microsoft Media Services dropped connection denial
of service
X-Force URL: http://xforce.iss.net/static/5785.php
_____
Date Reported: 12/14/00
Vulnerability: watchguard-soho-web-auth
Platforms Affected: WatchGuard
Risk Factor: High
Attack Type: Network Based
Brief Description: WatchGuard SOHO Web config server could allow
unauthenticated access
X-Force URL: http://xforce.iss.net/static/5554.php
_____
Date Reported: 12/14/00
Vulnerability: watchguard-soho-passcfg-reset
Platforms Affected: WatchGuard
Risk Factor: High
Attack Type: Network Based
Brief Description: WatchGuard SOHO administrator password can be
remotely reset
X-Force URL: http://xforce.iss.net/static/5742.php
_____
Date Reported: 12/14/00
Vulnerability: http-cgi-simplestguest
Platforms Affected: simplestguest.cgi
Risk Factor: High
Attack Type: Network Based
Brief Description: simplestguest.cgi input validation error
X-Force URL: http://xforce.iss.net/static/5743.php
_____
Date Reported: 12/14/00
Vulnerability: safeword-palm-pin-extraction
Platforms Affected: SafeWord
e.iD Palm Authenticator
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: SafeWord and e.iD Palm Authenticator allows
attacker to clone Palm device
X-Force URL: http://xforce.iss.net/static/5753.php
_____
Date Reported: 12/14/00
Vulnerability: mdaemon-lock-bypass-password
Platforms Affected: MDaemon
Risk Factor: High
Attack Type: Host Based
Brief Description: MDaemon "lock" bypass password
X-Force URL: http://xforce.iss.net/static/5763.php
_____
Date Reported: 12/13/00
Vulnerability: cisco-catalyst-ssh-mismatch
Platforms Affected: Cisco Catalyst
Risk Factor: Low
Attack Type: Network Based
Brief Description: Cisco Catalyst SSH protocol mismatch
X-Force URL: http://xforce.iss.net/static/5760.php
_____
Date Reported: 12/13/00
Vulnerability: microsoft-iis-file-disclosure
Platforms Affected: IIS
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Microsoft IIS Far East editions file disclosure
X-Force URL: http://xforce.iss.net/static/5729.php
_____
Date Reported: 12/13/00
Vulnerability: ezshopper-cgi-file-disclosure
Platforms Affected: loadpage.cgi
Risk Factor: Medium
Attack Type: Network Based
Brief Description: EZshopper loadpage.cgi file disclosure
X-Force URL: http://xforce.iss.net/static/5740.php
_____
Date Reported: 12/13/00
Vulnerability: winnt-mstask-dos
Platforms Affected: Windows NT
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Windows NT MSTask.exe denial of service
X-Force URL: http://xforce.iss.net/static/5746.php
_____
Date Reported: 12/13/00
Vulnerability: bftpd-site-chown-bo
Platforms Affected: BFTPD
Risk Factor: High
Attack Type: Network Based
Brief Description: BFTPD SITE CHOWN buffer overflow
X-Force URL: http://xforce.iss.net/static/5775.php
_____
Date Reported: 12/12/00
Vulnerability: aim-remote-bo
Platforms Affected: AOL Instant Messenger
Risk Factor: Medium
Attack Type: Network Based
Brief Description: AOL Instant Messenger buffer overflow
X-Force URL: http://xforce.iss.net/static/5732.php
_____
Date Reported: 12/12/00
Vulnerability: subscribemelite-gain-admin-access
Platforms Affected: Subscribe Me Lite
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Subscribe Me Lite mailing list manager
unauthorized access
X-Force URL: http://xforce.iss.net/static/5735.php
_____
Date Reported: 12/12/00
Vulnerability: zope-image-file
Platforms Affected: Zope
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux zope package Image and File objects
X-Force URL: http://xforce.iss.net/static/5778.php
_____
Date Reported: 12/12/00
Vulnerability: http-cgi-everythingform
Platforms Affected: everythingform.cgi
Risk Factor: High
Attack Type: Network Based
Brief Description: everythingform.cgi input validation error
X-Force URL: http://xforce.iss.net/static/5736.php
_____
Date Reported: 12/12/00
Vulnerability: http-cgi-simplestmail
Platforms Affected: simplestmail.cgi
Risk Factor: High
Attack Type: Network Based
Brief Description: simplestmail.cgi input validation error
X-Force URL: http://xforce.iss.net/static/5739.php
_____
Date Reported: 12/12/00
Vulnerability: http-cgi-ad
Platforms Affected: ad.cgi
Risk Factor: High
Attack Type: Network Based
Brief Description: ad.cgi input validation error
X-Force URL: http://xforce.iss.net/static/5741.php
_____
Date Reported: 12/12/00
Vulnerability: kde-kmail-weak-encryption
Platforms Affected: KDE KMail
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: KDE KMail weak password encryption
X-Force URL: http://xforce.iss.net/static/5761.php
_____
Date Reported: 12/12/00
Vulnerability: aolim-buddyicon-bo
Platforms Affected: AOL Instant Messenger
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: AOL Instant Messenger Buddy Icon buffer overflow
X-Force URL: http://xforce.iss.net/static/5786.php
_____
Date Reported: 12/12/00
Vulnerability: aim-remote-bo
Platforms Affected: AOL Instant Messenger
Risk Factor: Medium
Attack Type: Network Based
Brief Description: AOL Instant Messenger buffer overflow
X-Force URL: http://xforce.iss.net/static/5732.php
_____
Date Reported: 12/11/00
Vulnerability: rppppoe-zero-length-dos
Platforms Affected: rp-pppoe
Risk Factor: Medium
Attack Type: Network Based
Brief Description: rp-pppoe "zero-length" option denial of service
X-Force URL: http://xforce.iss.net/static/5727.php
_____
Date Reported: 12/11/00
Vulnerability: proftpd-modsqlpw-unauth-access
Platforms Affected: ProFTPd
Risk Factor: Medium
Attack Type: Network Based
Brief Description: ProFTPD system using mod_sqlpw unauthorized access
X-Force URL: http://xforce.iss.net/static/5737.php
_____
Date Reported: 12/11/00
Vulnerability: gnu-ed-symlink
Platforms Affected: GNU ed
Risk Factor: High
Attack Type: Host Based
Brief Description: GNU ed symlink
X-Force URL: http://xforce.iss.net/static/5723.php
_____
Date Reported: 12/11/00
Vulnerability: oops-ftputils-bo
Platforms Affected: Oops Proxy Server
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Oops Proxy Server ftp_utils buffer overflow
X-Force URL: http://xforce.iss.net/static/5725.php
_____
Date Reported: 12/11/00
Vulnerability: oracle-oidldap-write-permission
Platforms Affected: Oracle Internet Directory
Risk Factor: High
Attack Type: Host Based
Brief Description: Oracle Internet Directory write permission
X-Force URL: http://xforce.iss.net/static/5804.php
_____
Date Reported: 12/9/00
Vulnerability: foolproof-security-bypass
Platforms Affected: FoolProof
Risk Factor: High
Attack Type: Host Based
Brief Description: FoolProof Security restriction bypass using FTP
X-Force URL: http://xforce.iss.net/static/5758.php
_____
Date Reported: 12/8/00
Vulnerability: broadvision-bv1to1-reveal-path
Platforms Affected: BroadVision One-To-One Enterprise Server
Risk Factor: Low
Attack Type: Network Based
Brief Description: BroadVision One-To-One Enterprise Server reveals
path to server
X-Force URL: http://xforce.iss.net/static/5661.php
_____
Date Reported: 12/8/00
Vulnerability: ssldump-format-strings
Platforms Affected: ssldump
Risk Factor: Medium
Attack Type: Network Based
Brief Description: ssldump format string could allow arbitrary
execution of code
X-Force URL: http://xforce.iss.net/static/5717.php
_____
Date Reported: 12/8/00
Vulnerability: coldfusion-sample-dos
Platforms Affected: ColdFusion
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: ColdFusion sample script denial of service
X-Force URL: http://xforce.iss.net/static/5755.php
_____
Date Reported: 12/8/00
Vulnerability: kerberos4-arbitrary-proxy
Platforms Affected: Kerberos 4
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: KTH Kerberos 4 arbitrary proxy enviornment
variable
X-Force URL: http://xforce.iss.net/static/5733.php
_____
Date Reported: 12/8/00
Vulnerability: kerberos4-auth-packet-overflow
Platforms Affected: Kerberos 4
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: KTH Kerberos 4 authentication packet buffer
overflow
X-Force URL: http://xforce.iss.net/static/5734.php
_____
Date Reported: 12/8/00
Vulnerability: kerberos4-user-config
Platforms Affected: Kerberos 4
Risk Factor: High
Attack Type: Host Based
Brief Description: KTH Kerberos 4 user supplied configuration files
X-Force URL: http://xforce.iss.net/static/5738.php
_____
Date Reported: 12/8/00
Vulnerability: kerberos4-tmpfile-dos
Platforms Affected: Kerberos 4
Risk Factor: High
Attack Type: Host Based
Brief Description: KTH Kerberos 4 race condition
X-Force URL: http://xforce.iss.net/static/5754.php
_____
Date Reported: 12/7/00
Vulnerability: homeseer-directory-traversal
Platforms Affected: HomeSeer
Risk Factor: Low
Attack Type: Network Based
Brief Description: HomeSeer allows directory traversal
X-Force URL: http://xforce.iss.net/static/5663.php
_____
Date Reported: 12/7/00
Vulnerability: offline-explorer-reveal-files
Platforms Affected: MetaProducts Offline Explorer
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: MetaProducts Offline Explorer can reveal file
system
X-Force URL: http://xforce.iss.net/static/5728.php
_____
Date Reported: 12/7/00
Vulnerability: imail-smtp-auth-dos
Platforms Affected: IMail
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: IMail SMTP auth denial of service
X-Force URL: http://xforce.iss.net/static/5674.php
_____
Date Reported: 12/6/00
Vulnerability: apc-apcupsd-dos
Platforms Affected: APC apcupsd
Risk Factor: Medium
Attack Type: Host Based
Brief Description: APC apcupsd denial of service
X-Force URL: http://xforce.iss.net/static/5654.php
_____
Date Reported: 12/6/00
Vulnerability: cisco-catalyst-telnet-dos
Platforms Affected: Cisco Catalyst
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Cisco Catalyst telnet server memory leak denial of
service
X-Force URL: http://xforce.iss.net/static/5656.php
_____
Date Reported: 12/6/00
Vulnerability: apache-php-disclose-files
Platforms Affected: Apache Web server
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Apache Web server discloses files when used with
php script
X-Force URL: http://xforce.iss.net/static/5659.php
_____
Date Reported: 12/6/00
Vulnerability: ultraseek-reveal-path
Platforms Affected: Ultraseek
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Ultraseek Server can reveal the path and source
code to certain files
X-Force URL: http://xforce.iss.net/static/5660.php
_____
Date Reported: 12/6/00
Vulnerability: irc-dreamforge-dns-dos
Platforms Affected: DreamForge IRCd
Risk Factor: Medium
Attack Type: Network Based
Brief Description: DreamForge IRCd DNS denial of service
X-Force URL: http://xforce.iss.net/static/5721.php
_____
Date Reported: 12/6/00
Vulnerability: mailman-alternate-templates
Platforms Affected: MailMan
Risk Factor: High
Attack Type: Network Based
Brief Description: MailMan Alternate Templates form variable allows
remote attacker to execute commands
X-Force URL: http://xforce.iss.net/static/5649.php
_____
Date Reported: 12/6/00
Vulnerability: phpgroupware-include-files
Platforms Affected:
Risk Factor: High
Attack Type: Network Based
Brief Description: phpGroupWare include files allows remote attacker
to execute commands
X-Force URL: http://xforce.iss.net/static/5650.php
_____
Date Reported: 12/6/00
Vulnerability: markvision-printer-driver-bo
Platforms Affected: Lexmark MarkVision
Risk Factor: High
Attack Type: Host Based
Brief Description: Lexmark MarkVision printer drivers for Unix buffer
overflows
X-Force URL: http://xforce.iss.net/static/5651.php
_____
Date Reported: 12/6/00
Vulnerability: nt-ras-reg-perms
Platforms Affected: Windows NT
Risk Factor: High
Attack Type: Host Based
Brief Description: Windows NT RAS registry permissions
X-Force URL: http://xforce.iss.net/static/5671.php
_____
Date Reported: 12/6/00
Vulnerability: nt-snmp-reg-perms
Platforms Affected: Windows NT
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Windows NT SNMP registry permissions
X-Force URL: http://xforce.iss.net/static/5672.php
_____
Date Reported: 12/6/00
Vulnerability: nt-mts-reg-perms
Platforms Affected: Windows NT
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Windows NT MTS registry permissions
X-Force URL: http://xforce.iss.net/static/5673.php
_____
Date Reported: 12/6/00
Vulnerability: irc-bitchx-dns-bo
Platforms Affected: BitchX
Risk Factor: High
Attack Type: Network Based
Brief Description: BitchX IRC DNS buffer overflow
X-Force URL: http://xforce.iss.net/static/5701.php
_____
Date Reported: 12/5/00
Vulnerability: ibm-db2-gain-access
Platforms Affected: IBM DB2
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: IBM DB2 Universal Database can give access through
default username and password
X-Force URL: http://xforce.iss.net/static/5662.php
_____
Date Reported: 12/5/00
Vulnerability: ibm-db2-dos
Platforms Affected: IBM DB2
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: IBM DB2 Universal Database denial of service
X-Force URL: http://xforce.iss.net/static/5664.php
_____
Date Reported: 12/5/00
Vulnerability: vsu-source-routing
Platforms Affected: VSU
Risk Factor: Medium
Attack Type: Network Based
Brief Description: VPNet VSU gateways contain source routing
X-Force URL: http://xforce.iss.net/static/5667.php
_____
Date Reported: 12/5/00
Vulnerability: vsu-ip-bridging
Platforms Affected: VSU
Risk Factor: Medium
Attack Type: Network Based
Brief Description: VPNet VSU gateways contain bridging code
X-Force URL: http://xforce.iss.net/static/5670.php
_____
Date Reported: 12/5/00
Vulnerability: ftp-servu-homedir-travers
Platforms Affected: Serv-U FTP
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: FTP Serv-U home directory traversal could allow
access to FTProot
X-Force URL: http://xforce.iss.net/static/5639.php
_____
Date Reported: 12/4/00
Vulnerability: cisco-cbos-web-access
Platforms Affected: CISCO CBOS
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Cisco CBOS Web access enabled denial of service
X-Force URL: http://xforce.iss.net/static/5626.php
_____
Date Reported: 12/4/00
Vulnerability: watchguard-soho-get-dos
Platforms Affected: WatchGuard SOHO
Risk Factor: Medium
Attack Type: Network Based
Brief Description: WatchGuard SOHO Firewall multiple GET requests
denial of service
X-Force URL: http://xforce.iss.net/static/5665.php
_____
Date Reported: 12/4/00
Vulnerability: phone-book-service-bo
Platforms Affected: Windows 2000
Windows NT
Risk Factor: High
Attack Type: Network Based
Brief Description: Windows NT and 2000 Phone Book service buffer
overflow
X-Force URL: http://xforce.iss.net/static/5623.php
_____
Date Reported: 12/4/00
Vulnerability: cisco-cbos-syn-packets
Platforms Affected: CISCO CBOS
Risk Factor: High
Attack Type: Network Based
Brief Description: Cisco CBOS SYN packets denial of service
X-Force URL: http://xforce.iss.net/static/5627.php
_____
Date Reported: 12/4/00
Vulnerability: cisco-cbos-invalid-login
Platforms Affected: CISCO CBOS
Risk Factor: High
Attack Type: Network Based
Brief Description: Cisco CBOS does not log invalid logins
X-Force URL: http://xforce.iss.net/static/5628.php
_____
Date Reported: 12/4/00
Vulnerability: cisco-cbos-icmp-echo
Platforms Affected: CISCO CBOS
Risk Factor: High
Attack Type: Network Based
Brief Description: Cisco CBOS large ICMP ECHO packet denial of
service
X-Force URL: http://xforce.iss.net/static/5629.php
_____
Date Reported: 12/2/00
Vulnerability: phpweblog-bypass-authentication
Platforms Affected: phpWebLog
Risk Factor: High
Attack Type: Host Based
Brief Description: phpWebLog allows users to bypass authentication
X-Force URL: http://xforce.iss.net/static/5625.php
_____
Date Reported: 12/1/00
Vulnerability: linux-diskcheck-race-symlink
Platforms Affected: Linux
Risk Factor: Low
Attack Type: Host Based
Brief Description: Linux diskcheck race condition could allow a tmp
file symbolic link attack
X-Force URL: http://xforce.iss.net/static/5624.php
_____
Date Reported: 12/1/00
Vulnerability: ie-form-file-upload
Platforms Affected: Microsoft Internet Explorer
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Internet Explorer file upload form
X-Force URL: http://xforce.iss.net/static/5615.php
_____
Date Reported: 12/1/00
Vulnerability: mssql-xp-paraminfo-bo
Platforms Affected:
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Microsoft SQL XP srv_paraminfo() buffer overflow
X-Force URL: http://xforce.iss.net/static/5622.php
_____
Date Reported: 12/1/00
Vulnerability: majordomo-auth-execute-commands
Platforms Affected: Majordomo
Risk Factor: High
Attack Type: Network Based
Brief Description: Majordomo allows administrative access without
password
X-Force URL: http://xforce.iss.net/static/5611.php
_____
Date Reported: 12/1/00
Vulnerability: ie-print-template
Platforms Affected: Microsoft Internet Explorer
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Internet Explorer print template
X-Force URL: http://xforce.iss.net/static/5614.php
_____
Date Reported: 12/1/00
Vulnerability: aix-piobe-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX piobe buffer overflow
X-Force URL: http://xforce.iss.net/static/5616.php
_____
Date Reported: 12/1/00
Vulnerability: aix-pioout-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX pioout buffer overflow
X-Force URL: http://xforce.iss.net/static/5617.php
_____
Date Reported: 12/1/00
Vulnerability: aix-setclock-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX setclock buffer overflow
X-Force URL: http://xforce.iss.net/static/5618.php
_____
Date Reported: 12/1/00
Vulnerability: aix-enq-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX enq buffer overflow
X-Force URL: http://xforce.iss.net/static/5619.php
_____
Date Reported: 12/1/00
Vulnerability: aix-digest-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX digest buffer overflow
X-Force URL: http://xforce.iss.net/static/5620.php
_____
Date Reported: 12/1/00
Vulnerability: aix-setsenv-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX setsenv buffer overflow
X-Force URL: http://xforce.iss.net/static/5621.php
Risk Factor Key:
High Any vulnerability that provides an attacker with immediate
access into a machine, gains superuser access, or bypasses
a firewall. Example: A vulnerable Sendmail 8.6.5 version
that allows an intruder to execute commands on mail
server.
Medium Any vulnerability that provides information that has a
high potential of giving system access to an intruder.
Example: A misconfigured TFTP or vulnerable NIS server
that allows an intruder to get the password file that
could contain an account with a guessable password.
Low Any vulnerability that provides information that
potentially could lead to a compromise. Example: A
finger that allows an intruder to find out who is online
and potential accounts to attempt to crack passwords
via brute force methods.
_____
Additional Information
This document is available at http://xforce.iss.net/alerts/advisennn.php.
To receive these Alerts and Advisories:
- - Subscribe to the Alert mailing list from
http://xforce.iss.net/maillists/index.php
- - Or send an email to majordomo@iss.net, and within the body of the
message type:
'subscribe alert' (without the quotes).
About Internet Security Systems (ISS)
Internet Security Systems, Inc. (ISS) (NASDAQ: ISSX) is the leading
global provider of security management solutions for the Internet.
By combining best of breed products, security management services,
aggressive research and development, and comprehensive educational
and consulting services, ISS is the trusted security advisor for
thousands of organizations around the world looking to protect their
mission critical information and networks.
Copyright (c) 2001 by Internet Security Systems, Inc.
Permission is hereby granted for the redistribution of this Alert
electronically. It is not to be edited in any way without express consent
of the X-Force. If you wish to reprint the whole or any part of this
Alert in any other medium excluding electronic medium, please e-mail
xforce@iss.net for permission.
Disclaimer
The information within this paper may change without notice. Use of this
information constitutes acceptance for use in an AS IS condition. There
are NO warranties with regard to this information. In no event shall the
author be liable for any damages whatsoever arising out of or in
connection with the use or spread of this information. Any use of this
information is at the user's own risk.
X-Force PGP Key available at: http://xforce.iss.net/sensitive.php as
well as on MIT's PGP key server and PGP.com's key server.
Please send suggestions, updates, and comments to: X-Force xforce@iss.net
of Internet Security Systems, Inc.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a
Charset: noconv
iQCVAwUBOmd8xjRfJiV99eG9AQHGkAQAgX36zVSxItnmE160WG5ws5c6tp0F0Sr0
LLmTWkj7iiYUNv2dKxsw0L4IxItVyilHBYDDrQtjpD76ABE1YhaU2qxlFCeNqMoL
r21MXXYy0JZWfMCU+t7dk7VNtDzy/0EpbZIcBqziisvQJYgUin3viD54QK+gsYIw
jbM10AXVSHw=
=5U+8
-----END PGP SIGNATURE-----
| VAR-200102-0104 | CVE-2001-0102 | Oracle Internet Directory LDAP Daemon does not check write permissions properly |
CVSS V2: 7.2 CVSS V3: - Severity: HIGH |
"Multiple Users" Control Panel in Mac OS 9 allows Normal users to gain Owner privileges by removing the Users & Groups Data File, which effectively removes the Owner password and allows the Normal user to log in as the Owner account without a password. The Oracle LDAP Daemon (oidldapd version 2.1.1.1), which ships with Oracle version 8i for Linux version 8.1.7, does not check write permissions properly. This can allow a local user to delete or write to any file on the system. There is a buffer overflow in the IBM AIX setclock command that may allow local attackers to gain root privileges. Apple Mac OS is prone to a local security vulnerability. -----BEGIN PGP SIGNED MESSAGE-----
Internet Security Systems Security Alert Summary
January 1, 2001
Volume 6 Number 2
The following computer security issues have been publicly reported and
documented in the X-Force Vulnerability and Threat Database
(http://xforce.iss.net).
This document is available at
http://xforce.iss.net/alerts/vol-06_num-02.php. To receive these Alert
Summaries:
- - Subscribe to the Alert mailing list from
http://xforce.iss.net/maillists/index.php
- - Or send an email to majordomo@iss.net, and within the body of the
message type:
- - 'subscribe alert' (without the quotes).
_____
Contents
115 Reported Vulnerabilities
Risk Factor Key
_____
Date Reported: 12/31/00
Vulnerability: exmh-error-symlink
Platforms Affected: exmh 2.2 and earlier
Risk Factor: High
Attack Type: Host Based
Brief Description: exmh error message symlink
X-Force URL: http://xforce.iss.net/static/5829.php
_____
Date Reported: 12/30/00
Vulnerability: informix-webdriver-symlink
Platforms Affected: Informix Webdriver
Risk Factor: High
Attack Type: Host Based
Brief Description: Informix Webdriver symbolic link
X-Force URL: http://xforce.iss.net/static/5827.php
_____
Date Reported: 12/30/00
Vulnerability: informix-webdriver-admin-access
Platforms Affected: Informix Webdriver
Risk Factor: High
Attack Type: Network Based
Brief Description: Informix Webdriver remote Admin access
X-Force URL: http://xforce.iss.net/static/5833.php
_____
Date Reported: 12/29/00
Vulnerability: zonealarm-mutex-dos
Platforms Affected: ZoneAlarm Pro
Risk Factor: Medium
Attack Type: Host Based
Brief Description: ZoneAlarm and ZoneAlarm Pro Mutex creation denial
of service
X-Force URL: http://xforce.iss.net/static/5821.php
_____
Date Reported: 12/29/00
Vulnerability: zonealarm-batfile-dos
Platforms Affected: ZoneAlarm Pro
Risk Factor: Medium
Attack Type: Host Based
Brief Description: ZoneAlarm and ZoneAlarm Pro can be taken down with
a batch file
X-Force URL: http://xforce.iss.net/static/5822.php
_____
Date Reported: 12/29/00
Vulnerability: shockwave-flash-swf-bo
Platforms Affected: Shockwave Plugin 8.0 and prior
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Shockwave Flash SWF file buffer overflow
X-Force URL: http://xforce.iss.net/static/5826.php
_____
Date Reported: 12/29/00
Vulnerability: macos-multiple-users
Platforms Affected: MacOS 9.0
Risk Factor: High
Attack Type: Host Based
Brief Description: Mac OS 'Multiple Users' bypass password
X-Force URL: http://xforce.iss.net/static/5830.php
_____
Date Reported: 12/28/00
Vulnerability: http-cgi-ikonboard
Platforms Affected: Ikonboard 2.1.7b and prior
Risk Factor: High
Attack Type: Host Based
Brief Description: Ikonboard allows remote attacker to execute
commands
X-Force URL: http://xforce.iss.net/static/5819.php
_____
Date Reported: 12/27/00
Vulnerability: http-cgi-technote-main
Platforms Affected: TECH-NOTE (000, 2001, Pro)
Risk Factor: High
Attack Type: Network Based
Brief Description: TECH-NOTE main.cgi reveals files
X-Force URL: http://xforce.iss.net/static/5813.php
_____
Date Reported: 12/26/00
Vulnerability: xwindows-char-dos
Platforms Affected: XFree86
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: X Windows multiple character denial of service
X-Force URL: http://xforce.iss.net/static/5834.php
_____
Date Reported: 12/25/00
Vulnerability: 1stup-mail-server-bo
Platforms Affected: 1st Up Mail Server 4.1
Risk Factor: Medium
Attack Type: Network Based
Brief Description: 1st Up Mail Server buffer overflow
X-Force URL: http://xforce.iss.net/static/5808.php
_____
Date Reported: 12/25/00
Vulnerability: dialog-symlink
Platforms Affected: Linux Debian 2.2
Risk Factor: High
Attack Type: Host Based
Brief Description: Linux dialog package symlink attack
X-Force URL: http://xforce.iss.net/static/5809.php
_____
Date Reported: 12/25/00
Vulnerability: ibm-wcs-admin
Platforms Affected: IBM Websphere Commerce Suite
Risk Factor: High
Attack Type: Host Based
Brief Description: IBM WCS admin.config allows user to execute
arbitrary commands
X-Force URL: http://xforce.iss.net/static/5831.php
_____
Date Reported: 12/23/00
Vulnerability: http-cgi-technote-print
Platforms Affected: TECH-NOTE (2000, 2001, Pro)
Risk Factor: Medium
Attack Type: Network Based
Brief Description: TECH-NOTE print.cgi reveals files
X-Force URL: http://xforce.iss.net/static/5815.php
_____
Date Reported: 12/22/00
Vulnerability: iis-web-form-submit
Platforms Affected: IIS (4.0, 5.0)
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: IIS Web form submission
X-Force URL: http://xforce.iss.net/static/5823.php
_____
Date Reported: 12/21/00
Vulnerability: hpux-kermit-bo
Platforms Affected: HPUX (10.01, 10.10, 10.20, 11.00)
Risk Factor: Medium
Attack Type: Host Based
Brief Description: HP-UX kermit buffer overflow
X-Force URL: http://xforce.iss.net/static/5793.php
_____
Date Reported: 12/21/00
Vulnerability: bsguest-cgi-execute-commands
Platforms Affected: Linux
Risk Factor: Medium
Attack Type: Network Based
Brief Description: bsguest.cgi allows remote execution of commands on
server
X-Force URL: http://xforce.iss.net/static/5796.php
_____
Date Reported: 12/21/00
Vulnerability: bslist-cgi-execute-commands
Platforms Affected: Linux
Risk Factor: Medium
Attack Type: Network Based
Brief Description: bslist.cgi allows remote execution of commands on
server
X-Force URL: http://xforce.iss.net/static/5797.php
_____
Date Reported: 12/21/00
Vulnerability: infinite-interchange-dos
Platforms Affected: Infinite Interchange 3.61
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Infinite InterChange denial of service
X-Force URL: http://xforce.iss.net/static/5798.php
_____
Date Reported: 12/21/00
Vulnerability: oracle-execute-plsql
Platforms Affected: Oracle Application Server
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Oracle remote procedure execution
X-Force URL: http://xforce.iss.net/static/5817.php
_____
Date Reported: 12/21/00
Vulnerability: ksh-redirection-symlink
Platforms Affected: IRIX (6.2, 6.5.x)
Solaris (2.5.1, 2.6, 7)
HPUX 9.00
Digital Unix 5.0
Risk Factor: High
Attack Type: Host Based
Brief Description: ksh redirection symlink attack
X-Force URL: http://xforce.iss.net/static/5811.php
_____
Date Reported: 12/21/00
Vulnerability: oracle-webdb-admin-access
Platforms Affected: Oracle Internet Application Server 3.0.7
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Oracle IAS allows administrative access
X-Force URL: http://xforce.iss.net/static/5818.php
_____
Date Reported: 12/21/00
Vulnerability: infinite-interchange-dos
Platforms Affected: Infinite Interchange 3.61
Risk Factor: Web Scan
Attack Type: Network/Host Based
Brief Description: Infinite InterChange denial of service
X-Force URL: http://xforce.iss.net/static/5798.php
_____
Date Reported: 12/20/00
Vulnerability: gnupg-detached-sig-modify
Platforms Affected: GnuPG (1.0, 1.0.1, 1.0.2, 1.0.3)
Risk Factor: Medium
Attack Type: Host Based
Brief Description: GnuPG allows users to modify signed messages with
detached signatures
X-Force URL: http://xforce.iss.net/static/5802.php
_____
Date Reported: 12/20/00
Vulnerability: gnupg-reveal-private
Platforms Affected: GnuPG (1.0, 1.0.1, 1.0.2, 1.0.3)
Risk Factor: Medium
Attack Type: Host Based
Brief Description: GnuPG will import private keys along with public
keys
X-Force URL: http://xforce.iss.net/static/5803.php
_____
Date Reported: 12/20/00
Vulnerability: zonealarm-nmap-scans
Platforms Affected: ZoneAlarm
Risk Factor: High
Attack Type: Network Based
Brief Description: ZoneAlarm does not detect NMAP scans
X-Force URL: http://xforce.iss.net/static/5799.php
_____
Date Reported: 12/20/00
Vulnerability: zonealarm-open-shares
Platforms Affected: ZoneAlarm
Risk Factor: High
Attack Type: Network Based
Brief Description: ZoneAlarm open shares
X-Force URL: http://xforce.iss.net/static/5825.php
_____
Date Reported: 12/19/00
Vulnerability: win2k-index-service-activex
Platforms Affected: Windows 2000
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: Windows 2000 Index Service ActiveX controls allow
unauthorized access to file information
X-Force URL: http://xforce.iss.net/static/5800.php
_____
Date Reported: 12/19/00
Vulnerability: proftpd-size-memory-leak
Platforms Affected: Proftpd
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: proftpd memory leak when using SIZE command
X-Force URL: http://xforce.iss.net/static/5801.php
_____
Date Reported: 12/19/00
Vulnerability: weblogic-dot-bo
Platforms Affected: WebLogic
Risk Factor: Medium
Attack Type: Network Based
Brief Description: BEA WebLogic Server "dotdot" URL buffer overflow
X-Force URL: http://xforce.iss.net/static/5782.php
_____
Date Reported: 12/19/00
Vulnerability: mdaemon-imap-dos
Platforms Affected: MDaemon
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: MDaemon IMAP buffer overflow denial of service
X-Force URL: http://xforce.iss.net/static/5805.php
_____
Date Reported: 12/19/00
Vulnerability: zope-calculate-roles
Platforms Affected: Zp[e
Risk Factor: High
Attack Type: Host Based
Brief Description: zope package in Linux calculates local roles
incorrectly
X-Force URL: http://xforce.iss.net/static/5777.php
_____
Date Reported: 12/19/00
Vulnerability: itetris-svgalib-path
Platforms Affected: svgalib
Risk Factor: High
Attack Type: Host Based
Brief Description: Itetris svgalib PATH
X-Force URL: http://xforce.iss.net/static/5795.php
_____
Date Reported: 12/18/00
Vulnerability: bsd-ftpd-replydirname-bo
Platforms Affected: BSD Based Operating Systems
Risk Factor: High
Attack Type: Network Based
Brief Description: BSD ftpd replydirname() function buffer overflow
X-Force URL: http://xforce.iss.net/static/5776.php
_____
Date Reported: 12/18/00
Vulnerability: sonata-command-execute
Platforms Affected: Sonata
Risk Factor: High
Attack Type: Host Based
Brief Description: Sonata argument command line execution
X-Force URL: http://xforce.iss.net/static/5787.php
_____
Date Reported: 12/18/00
Vulnerability: solaris-catman-symlink
Platforms Affected: Solaris
Risk Factor: High
Attack Type: Host Based
Brief Description: Solaris catman command symlink attack
X-Force URL: http://xforce.iss.net/static/5788.php
_____
Date Reported: 12/18/00
Vulnerability: solaris-patchadd-symlink
Platforms Affected: Solaris
Risk Factor: High
Attack Type: Host Based
Brief Description: Solaris patchadd symlink attack
X-Force URL: http://xforce.iss.net/static/5789.php
_____
Date Reported: 12/18/00
Vulnerability: stunnel-format-logfile
Platforms Affected: Stunnel
Risk Factor: High
Attack Type: Network Based
Brief Description: Stunnel format allows user to write to logfile
X-Force URL: http://xforce.iss.net/static/5807.php
_____
Date Reported: 12/17/00
Vulnerability: hp-top-sys-files
Platforms Affected: HPUX
Risk Factor: Low
Attack Type: Host Based
Brief Description: HP-UX top command could be used to overwrite files
X-Force URL: http://xforce.iss.net/static/5773.php
_____
Date Reported: 12/16/00
Vulnerability: zope-legacy-names
Platforms Affected: Zope
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Linux zope package "legacy" names
X-Force URL: http://xforce.iss.net/static/5824.php
_____
Date Reported: 12/15/00
Vulnerability: mrj-runtime-malicious-applets
Platforms Affected: MRJ
Risk Factor: Low
Attack Type: Host Based
Brief Description: MRJ runtime environment could allow malicious
applets to be executed
X-Force URL: http://xforce.iss.net/static/5784.php
_____
Date Reported: 12/14/00
Vulnerability: coffeecup-ftp-weak-encryption
Platforms Affected: CoffeeCup FTP
Risk Factor: Low
Attack Type: Host Based
Brief Description: CoffeeCup FTP client has weak password encryption
X-Force URL: http://xforce.iss.net/static/5744.php
_____
Date Reported: 12/14/00
Vulnerability: watchguard-soho-fragmented-packets
Platforms Affected: WatchGuard
Risk Factor: Medium
Attack Type: Network Based
Brief Description: WatchGuard SOHO Firewall fragmented IP packet
attack
X-Force URL: http://xforce.iss.net/static/5749.php
_____
Date Reported: 12/14/00
Vulnerability: jpilot-perms
Platforms Affected: J-Pilot
Risk Factor: Medium
Attack Type: Host Based
Brief Description: J-Pilot permissions could reveal sensitive
information
X-Force URL: http://xforce.iss.net/static/5762.php
_____
Date Reported: 12/14/00
Vulnerability: mediaservices-dropped-connection-dos
Platforms Affected: Microsoft Media Services
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Microsoft Media Services dropped connection denial
of service
X-Force URL: http://xforce.iss.net/static/5785.php
_____
Date Reported: 12/14/00
Vulnerability: watchguard-soho-web-auth
Platforms Affected: WatchGuard
Risk Factor: High
Attack Type: Network Based
Brief Description: WatchGuard SOHO Web config server could allow
unauthenticated access
X-Force URL: http://xforce.iss.net/static/5554.php
_____
Date Reported: 12/14/00
Vulnerability: watchguard-soho-passcfg-reset
Platforms Affected: WatchGuard
Risk Factor: High
Attack Type: Network Based
Brief Description: WatchGuard SOHO administrator password can be
remotely reset
X-Force URL: http://xforce.iss.net/static/5742.php
_____
Date Reported: 12/14/00
Vulnerability: http-cgi-simplestguest
Platforms Affected: simplestguest.cgi
Risk Factor: High
Attack Type: Network Based
Brief Description: simplestguest.cgi input validation error
X-Force URL: http://xforce.iss.net/static/5743.php
_____
Date Reported: 12/14/00
Vulnerability: safeword-palm-pin-extraction
Platforms Affected: SafeWord
e.iD Palm Authenticator
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: SafeWord and e.iD Palm Authenticator allows
attacker to clone Palm device
X-Force URL: http://xforce.iss.net/static/5753.php
_____
Date Reported: 12/14/00
Vulnerability: mdaemon-lock-bypass-password
Platforms Affected: MDaemon
Risk Factor: High
Attack Type: Host Based
Brief Description: MDaemon "lock" bypass password
X-Force URL: http://xforce.iss.net/static/5763.php
_____
Date Reported: 12/13/00
Vulnerability: cisco-catalyst-ssh-mismatch
Platforms Affected: Cisco Catalyst
Risk Factor: Low
Attack Type: Network Based
Brief Description: Cisco Catalyst SSH protocol mismatch
X-Force URL: http://xforce.iss.net/static/5760.php
_____
Date Reported: 12/13/00
Vulnerability: microsoft-iis-file-disclosure
Platforms Affected: IIS
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Microsoft IIS Far East editions file disclosure
X-Force URL: http://xforce.iss.net/static/5729.php
_____
Date Reported: 12/13/00
Vulnerability: ezshopper-cgi-file-disclosure
Platforms Affected: loadpage.cgi
Risk Factor: Medium
Attack Type: Network Based
Brief Description: EZshopper loadpage.cgi file disclosure
X-Force URL: http://xforce.iss.net/static/5740.php
_____
Date Reported: 12/13/00
Vulnerability: winnt-mstask-dos
Platforms Affected: Windows NT
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Windows NT MSTask.exe denial of service
X-Force URL: http://xforce.iss.net/static/5746.php
_____
Date Reported: 12/13/00
Vulnerability: bftpd-site-chown-bo
Platforms Affected: BFTPD
Risk Factor: High
Attack Type: Network Based
Brief Description: BFTPD SITE CHOWN buffer overflow
X-Force URL: http://xforce.iss.net/static/5775.php
_____
Date Reported: 12/12/00
Vulnerability: aim-remote-bo
Platforms Affected: AOL Instant Messenger
Risk Factor: Medium
Attack Type: Network Based
Brief Description: AOL Instant Messenger buffer overflow
X-Force URL: http://xforce.iss.net/static/5732.php
_____
Date Reported: 12/12/00
Vulnerability: subscribemelite-gain-admin-access
Platforms Affected: Subscribe Me Lite
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Subscribe Me Lite mailing list manager
unauthorized access
X-Force URL: http://xforce.iss.net/static/5735.php
_____
Date Reported: 12/12/00
Vulnerability: zope-image-file
Platforms Affected: Zope
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux zope package Image and File objects
X-Force URL: http://xforce.iss.net/static/5778.php
_____
Date Reported: 12/12/00
Vulnerability: http-cgi-everythingform
Platforms Affected: everythingform.cgi
Risk Factor: High
Attack Type: Network Based
Brief Description: everythingform.cgi input validation error
X-Force URL: http://xforce.iss.net/static/5736.php
_____
Date Reported: 12/12/00
Vulnerability: http-cgi-simplestmail
Platforms Affected: simplestmail.cgi
Risk Factor: High
Attack Type: Network Based
Brief Description: simplestmail.cgi input validation error
X-Force URL: http://xforce.iss.net/static/5739.php
_____
Date Reported: 12/12/00
Vulnerability: http-cgi-ad
Platforms Affected: ad.cgi
Risk Factor: High
Attack Type: Network Based
Brief Description: ad.cgi input validation error
X-Force URL: http://xforce.iss.net/static/5741.php
_____
Date Reported: 12/12/00
Vulnerability: kde-kmail-weak-encryption
Platforms Affected: KDE KMail
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: KDE KMail weak password encryption
X-Force URL: http://xforce.iss.net/static/5761.php
_____
Date Reported: 12/12/00
Vulnerability: aolim-buddyicon-bo
Platforms Affected: AOL Instant Messenger
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: AOL Instant Messenger Buddy Icon buffer overflow
X-Force URL: http://xforce.iss.net/static/5786.php
_____
Date Reported: 12/12/00
Vulnerability: aim-remote-bo
Platforms Affected: AOL Instant Messenger
Risk Factor: Medium
Attack Type: Network Based
Brief Description: AOL Instant Messenger buffer overflow
X-Force URL: http://xforce.iss.net/static/5732.php
_____
Date Reported: 12/11/00
Vulnerability: rppppoe-zero-length-dos
Platforms Affected: rp-pppoe
Risk Factor: Medium
Attack Type: Network Based
Brief Description: rp-pppoe "zero-length" option denial of service
X-Force URL: http://xforce.iss.net/static/5727.php
_____
Date Reported: 12/11/00
Vulnerability: proftpd-modsqlpw-unauth-access
Platforms Affected: ProFTPd
Risk Factor: Medium
Attack Type: Network Based
Brief Description: ProFTPD system using mod_sqlpw unauthorized access
X-Force URL: http://xforce.iss.net/static/5737.php
_____
Date Reported: 12/11/00
Vulnerability: gnu-ed-symlink
Platforms Affected: GNU ed
Risk Factor: High
Attack Type: Host Based
Brief Description: GNU ed symlink
X-Force URL: http://xforce.iss.net/static/5723.php
_____
Date Reported: 12/11/00
Vulnerability: oops-ftputils-bo
Platforms Affected: Oops Proxy Server
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Oops Proxy Server ftp_utils buffer overflow
X-Force URL: http://xforce.iss.net/static/5725.php
_____
Date Reported: 12/11/00
Vulnerability: oracle-oidldap-write-permission
Platforms Affected: Oracle Internet Directory
Risk Factor: High
Attack Type: Host Based
Brief Description: Oracle Internet Directory write permission
X-Force URL: http://xforce.iss.net/static/5804.php
_____
Date Reported: 12/9/00
Vulnerability: foolproof-security-bypass
Platforms Affected: FoolProof
Risk Factor: High
Attack Type: Host Based
Brief Description: FoolProof Security restriction bypass using FTP
X-Force URL: http://xforce.iss.net/static/5758.php
_____
Date Reported: 12/8/00
Vulnerability: broadvision-bv1to1-reveal-path
Platforms Affected: BroadVision One-To-One Enterprise Server
Risk Factor: Low
Attack Type: Network Based
Brief Description: BroadVision One-To-One Enterprise Server reveals
path to server
X-Force URL: http://xforce.iss.net/static/5661.php
_____
Date Reported: 12/8/00
Vulnerability: ssldump-format-strings
Platforms Affected: ssldump
Risk Factor: Medium
Attack Type: Network Based
Brief Description: ssldump format string could allow arbitrary
execution of code
X-Force URL: http://xforce.iss.net/static/5717.php
_____
Date Reported: 12/8/00
Vulnerability: coldfusion-sample-dos
Platforms Affected: ColdFusion
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: ColdFusion sample script denial of service
X-Force URL: http://xforce.iss.net/static/5755.php
_____
Date Reported: 12/8/00
Vulnerability: kerberos4-arbitrary-proxy
Platforms Affected: Kerberos 4
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: KTH Kerberos 4 arbitrary proxy enviornment
variable
X-Force URL: http://xforce.iss.net/static/5733.php
_____
Date Reported: 12/8/00
Vulnerability: kerberos4-auth-packet-overflow
Platforms Affected: Kerberos 4
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: KTH Kerberos 4 authentication packet buffer
overflow
X-Force URL: http://xforce.iss.net/static/5734.php
_____
Date Reported: 12/8/00
Vulnerability: kerberos4-user-config
Platforms Affected: Kerberos 4
Risk Factor: High
Attack Type: Host Based
Brief Description: KTH Kerberos 4 user supplied configuration files
X-Force URL: http://xforce.iss.net/static/5738.php
_____
Date Reported: 12/8/00
Vulnerability: kerberos4-tmpfile-dos
Platforms Affected: Kerberos 4
Risk Factor: High
Attack Type: Host Based
Brief Description: KTH Kerberos 4 race condition
X-Force URL: http://xforce.iss.net/static/5754.php
_____
Date Reported: 12/7/00
Vulnerability: homeseer-directory-traversal
Platforms Affected: HomeSeer
Risk Factor: Low
Attack Type: Network Based
Brief Description: HomeSeer allows directory traversal
X-Force URL: http://xforce.iss.net/static/5663.php
_____
Date Reported: 12/7/00
Vulnerability: offline-explorer-reveal-files
Platforms Affected: MetaProducts Offline Explorer
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: MetaProducts Offline Explorer can reveal file
system
X-Force URL: http://xforce.iss.net/static/5728.php
_____
Date Reported: 12/7/00
Vulnerability: imail-smtp-auth-dos
Platforms Affected: IMail
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: IMail SMTP auth denial of service
X-Force URL: http://xforce.iss.net/static/5674.php
_____
Date Reported: 12/6/00
Vulnerability: apc-apcupsd-dos
Platforms Affected: APC apcupsd
Risk Factor: Medium
Attack Type: Host Based
Brief Description: APC apcupsd denial of service
X-Force URL: http://xforce.iss.net/static/5654.php
_____
Date Reported: 12/6/00
Vulnerability: cisco-catalyst-telnet-dos
Platforms Affected: Cisco Catalyst
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Cisco Catalyst telnet server memory leak denial of
service
X-Force URL: http://xforce.iss.net/static/5656.php
_____
Date Reported: 12/6/00
Vulnerability: apache-php-disclose-files
Platforms Affected: Apache Web server
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Apache Web server discloses files when used with
php script
X-Force URL: http://xforce.iss.net/static/5659.php
_____
Date Reported: 12/6/00
Vulnerability: ultraseek-reveal-path
Platforms Affected: Ultraseek
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Ultraseek Server can reveal the path and source
code to certain files
X-Force URL: http://xforce.iss.net/static/5660.php
_____
Date Reported: 12/6/00
Vulnerability: irc-dreamforge-dns-dos
Platforms Affected: DreamForge IRCd
Risk Factor: Medium
Attack Type: Network Based
Brief Description: DreamForge IRCd DNS denial of service
X-Force URL: http://xforce.iss.net/static/5721.php
_____
Date Reported: 12/6/00
Vulnerability: mailman-alternate-templates
Platforms Affected: MailMan
Risk Factor: High
Attack Type: Network Based
Brief Description: MailMan Alternate Templates form variable allows
remote attacker to execute commands
X-Force URL: http://xforce.iss.net/static/5649.php
_____
Date Reported: 12/6/00
Vulnerability: phpgroupware-include-files
Platforms Affected:
Risk Factor: High
Attack Type: Network Based
Brief Description: phpGroupWare include files allows remote attacker
to execute commands
X-Force URL: http://xforce.iss.net/static/5650.php
_____
Date Reported: 12/6/00
Vulnerability: markvision-printer-driver-bo
Platforms Affected: Lexmark MarkVision
Risk Factor: High
Attack Type: Host Based
Brief Description: Lexmark MarkVision printer drivers for Unix buffer
overflows
X-Force URL: http://xforce.iss.net/static/5651.php
_____
Date Reported: 12/6/00
Vulnerability: nt-ras-reg-perms
Platforms Affected: Windows NT
Risk Factor: High
Attack Type: Host Based
Brief Description: Windows NT RAS registry permissions
X-Force URL: http://xforce.iss.net/static/5671.php
_____
Date Reported: 12/6/00
Vulnerability: nt-snmp-reg-perms
Platforms Affected: Windows NT
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Windows NT SNMP registry permissions
X-Force URL: http://xforce.iss.net/static/5672.php
_____
Date Reported: 12/6/00
Vulnerability: nt-mts-reg-perms
Platforms Affected: Windows NT
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Windows NT MTS registry permissions
X-Force URL: http://xforce.iss.net/static/5673.php
_____
Date Reported: 12/6/00
Vulnerability: irc-bitchx-dns-bo
Platforms Affected: BitchX
Risk Factor: High
Attack Type: Network Based
Brief Description: BitchX IRC DNS buffer overflow
X-Force URL: http://xforce.iss.net/static/5701.php
_____
Date Reported: 12/5/00
Vulnerability: ibm-db2-gain-access
Platforms Affected: IBM DB2
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: IBM DB2 Universal Database can give access through
default username and password
X-Force URL: http://xforce.iss.net/static/5662.php
_____
Date Reported: 12/5/00
Vulnerability: ibm-db2-dos
Platforms Affected: IBM DB2
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: IBM DB2 Universal Database denial of service
X-Force URL: http://xforce.iss.net/static/5664.php
_____
Date Reported: 12/5/00
Vulnerability: vsu-source-routing
Platforms Affected: VSU
Risk Factor: Medium
Attack Type: Network Based
Brief Description: VPNet VSU gateways contain source routing
X-Force URL: http://xforce.iss.net/static/5667.php
_____
Date Reported: 12/5/00
Vulnerability: vsu-ip-bridging
Platforms Affected: VSU
Risk Factor: Medium
Attack Type: Network Based
Brief Description: VPNet VSU gateways contain bridging code
X-Force URL: http://xforce.iss.net/static/5670.php
_____
Date Reported: 12/5/00
Vulnerability: ftp-servu-homedir-travers
Platforms Affected: Serv-U FTP
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: FTP Serv-U home directory traversal could allow
access to FTProot
X-Force URL: http://xforce.iss.net/static/5639.php
_____
Date Reported: 12/4/00
Vulnerability: cisco-cbos-web-access
Platforms Affected: CISCO CBOS
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Cisco CBOS Web access enabled denial of service
X-Force URL: http://xforce.iss.net/static/5626.php
_____
Date Reported: 12/4/00
Vulnerability: watchguard-soho-get-dos
Platforms Affected: WatchGuard SOHO
Risk Factor: Medium
Attack Type: Network Based
Brief Description: WatchGuard SOHO Firewall multiple GET requests
denial of service
X-Force URL: http://xforce.iss.net/static/5665.php
_____
Date Reported: 12/4/00
Vulnerability: phone-book-service-bo
Platforms Affected: Windows 2000
Windows NT
Risk Factor: High
Attack Type: Network Based
Brief Description: Windows NT and 2000 Phone Book service buffer
overflow
X-Force URL: http://xforce.iss.net/static/5623.php
_____
Date Reported: 12/4/00
Vulnerability: cisco-cbos-syn-packets
Platforms Affected: CISCO CBOS
Risk Factor: High
Attack Type: Network Based
Brief Description: Cisco CBOS SYN packets denial of service
X-Force URL: http://xforce.iss.net/static/5627.php
_____
Date Reported: 12/4/00
Vulnerability: cisco-cbos-invalid-login
Platforms Affected: CISCO CBOS
Risk Factor: High
Attack Type: Network Based
Brief Description: Cisco CBOS does not log invalid logins
X-Force URL: http://xforce.iss.net/static/5628.php
_____
Date Reported: 12/4/00
Vulnerability: cisco-cbos-icmp-echo
Platforms Affected: CISCO CBOS
Risk Factor: High
Attack Type: Network Based
Brief Description: Cisco CBOS large ICMP ECHO packet denial of
service
X-Force URL: http://xforce.iss.net/static/5629.php
_____
Date Reported: 12/2/00
Vulnerability: phpweblog-bypass-authentication
Platforms Affected: phpWebLog
Risk Factor: High
Attack Type: Host Based
Brief Description: phpWebLog allows users to bypass authentication
X-Force URL: http://xforce.iss.net/static/5625.php
_____
Date Reported: 12/1/00
Vulnerability: linux-diskcheck-race-symlink
Platforms Affected: Linux
Risk Factor: Low
Attack Type: Host Based
Brief Description: Linux diskcheck race condition could allow a tmp
file symbolic link attack
X-Force URL: http://xforce.iss.net/static/5624.php
_____
Date Reported: 12/1/00
Vulnerability: ie-form-file-upload
Platforms Affected: Microsoft Internet Explorer
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Internet Explorer file upload form
X-Force URL: http://xforce.iss.net/static/5615.php
_____
Date Reported: 12/1/00
Vulnerability: mssql-xp-paraminfo-bo
Platforms Affected:
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Microsoft SQL XP srv_paraminfo() buffer overflow
X-Force URL: http://xforce.iss.net/static/5622.php
_____
Date Reported: 12/1/00
Vulnerability: majordomo-auth-execute-commands
Platforms Affected: Majordomo
Risk Factor: High
Attack Type: Network Based
Brief Description: Majordomo allows administrative access without
password
X-Force URL: http://xforce.iss.net/static/5611.php
_____
Date Reported: 12/1/00
Vulnerability: ie-print-template
Platforms Affected: Microsoft Internet Explorer
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Internet Explorer print template
X-Force URL: http://xforce.iss.net/static/5614.php
_____
Date Reported: 12/1/00
Vulnerability: aix-piobe-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX piobe buffer overflow
X-Force URL: http://xforce.iss.net/static/5616.php
_____
Date Reported: 12/1/00
Vulnerability: aix-pioout-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX pioout buffer overflow
X-Force URL: http://xforce.iss.net/static/5617.php
_____
Date Reported: 12/1/00
Vulnerability: aix-setclock-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX setclock buffer overflow
X-Force URL: http://xforce.iss.net/static/5618.php
_____
Date Reported: 12/1/00
Vulnerability: aix-enq-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX enq buffer overflow
X-Force URL: http://xforce.iss.net/static/5619.php
_____
Date Reported: 12/1/00
Vulnerability: aix-digest-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX digest buffer overflow
X-Force URL: http://xforce.iss.net/static/5620.php
_____
Date Reported: 12/1/00
Vulnerability: aix-setsenv-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX setsenv buffer overflow
X-Force URL: http://xforce.iss.net/static/5621.php
Risk Factor Key:
High Any vulnerability that provides an attacker with immediate
access into a machine, gains superuser access, or bypasses
a firewall. Example: A vulnerable Sendmail 8.6.5 version
that allows an intruder to execute commands on mail
server.
Medium Any vulnerability that provides information that has a
high potential of giving system access to an intruder.
Example: A misconfigured TFTP or vulnerable NIS server
that allows an intruder to get the password file that
could contain an account with a guessable password.
Low Any vulnerability that provides information that
potentially could lead to a compromise. Example: A
finger that allows an intruder to find out who is online
and potential accounts to attempt to crack passwords
via brute force methods.
_____
Additional Information
This document is available at http://xforce.iss.net/alerts/advisennn.php.
To receive these Alerts and Advisories:
- - Subscribe to the Alert mailing list from
http://xforce.iss.net/maillists/index.php
- - Or send an email to majordomo@iss.net, and within the body of the
message type:
'subscribe alert' (without the quotes).
About Internet Security Systems (ISS)
Internet Security Systems, Inc. (ISS) (NASDAQ: ISSX) is the leading
global provider of security management solutions for the Internet.
By combining best of breed products, security management services,
aggressive research and development, and comprehensive educational
and consulting services, ISS is the trusted security advisor for
thousands of organizations around the world looking to protect their
mission critical information and networks.
Copyright (c) 2001 by Internet Security Systems, Inc.
Permission is hereby granted for the redistribution of this Alert
electronically. It is not to be edited in any way without express consent
of the X-Force. If you wish to reprint the whole or any part of this
Alert in any other medium excluding electronic medium, please e-mail
xforce@iss.net for permission.
Disclaimer
The information within this paper may change without notice. Use of this
information constitutes acceptance for use in an AS IS condition. There
are NO warranties with regard to this information. In no event shall the
author be liable for any damages whatsoever arising out of or in
connection with the use or spread of this information. Any use of this
information is at the user's own risk.
X-Force PGP Key available at: http://xforce.iss.net/sensitive.php as
well as on MIT's PGP key server and PGP.com's key server.
Please send suggestions, updates, and comments to: X-Force xforce@iss.net
of Internet Security Systems, Inc.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a
Charset: noconv
iQCVAwUBOmd8xjRfJiV99eG9AQHGkAQAgX36zVSxItnmE160WG5ws5c6tp0F0Sr0
LLmTWkj7iiYUNv2dKxsw0L4IxItVyilHBYDDrQtjpD76ABE1YhaU2qxlFCeNqMoL
r21MXXYy0JZWfMCU+t7dk7VNtDzy/0EpbZIcBqziisvQJYgUin3viD54QK+gsYIw
jbM10AXVSHw=
=5U+8
-----END PGP SIGNATURE-----
| VAR-200412-1185 | CVE-2004-1790 | Edimax AR-6004 ADSL Router Management Interface Cross-Site Scripting Vulnerability |
CVSS V2: 4.3 CVSS V3: - Severity: MEDIUM |
Cross-site scripting (XSS) vulnerability in the web management interface in Edimax AR-6004 ADSL Routers allows remote attackers to inject arbitrary web script or HTML via the URL. The secure-RPC feature of the SSH1 client in Solaris sometimes encrypts the SSH private key file with a weak passphrase, which can be determined by an attacker and used to recover the SSH private keys. Other versions of the SSH client running on non-Solaris platforms are not affected by this vulnerability. NewsDaemon prior to version 0.21b contains a vulnerability allowing remote attackers to gain administrative access to the web site. getty_ps is an open-source software package designed to support logons to the console and terminals. Some implementations create temporary files insecurely with predictable names, leading to corruption of arbitrary files via symbolic link attack. An attacker could exploit this issue by enticing a victim user to follow a malicious link to a site hosting the software that contains embedded HTML and script code. The embedded code may be rendered in the web browser of the victim user.
This could potentially be exploited to steal cookie-based authentication credentials from legitimate users. Other attacks are also possible. getty_ps is an open source, freely available, publicly maintained software package shipped with many distributions of Linux.
A problem in the getty_ps software package could make it vulnerable to a symbolic link attack. The problem occurs in the creation and handling of files in the /tmp directory by the getty_ps program. Under certain circumstances, getty_ps will create files in the /tmp filesystem in an insecure manner. The program uses a naming scheme that could make it possible to guess the filename of future files in the /tmp directory, and does not check for the existance of the file before attempting to create it. A malicious user could use this vulnerability to overwrite or append to and corrupt system files. SSH is a package designed to encrypt traffic between two end points using the IETF specified SSH protocol. The SSH1 package is distributed and maintained by SSH Communications Security.
A problem exists which could allow the discovery of the secret key used to encrypt traffic on the local host. When using SUN-DES-1 to share keys with other hosts on the network to facilitate secure communication via protocols such as NFS and NIS+, the keys are shared between hosts using the private key of the user and a cryptographic algorithm to secure the contents of the key, which is stored on the NIS+ primary. The problem occurs when the key is encrypted with the SUN-DES-1 magic phrase prior to having done a keylogin (the keyserv does not have the users DH private key). A design flaw in the software that shares the key with the NIS+ master will inconsistently return the correct value for an attempted keyshare that has failed. A step in the private key encryption process is skipped, and the users private key is then encrypted only with the public key of the target server and the SUN-DES-1 magic phrase, a phrase that is guessable due to the way it is generated. A user from the same host can then execute a function that returns another users magic phrase, and use this to decrypt the private key of the victim. This makes it possible for a user with malicious intent to gain knowledge of a users secret key, and decrypt sensitive traffic between two hosts, with the possibility of gaining access and elevated privileges on the hosts and/or NIS+ domain. This reportedly affects the SSH2 series of the software package.
TO UNSUBSCRIBE: email "unsubscribe alert" in the body of your message to
majordomo@iss.net Contact alert-owner@iss.net for help with any problems!
---------------------------------------------------------------------------
-----BEGIN PGP SIGNED MESSAGE-----
Internet Security Systems Security Alert Summary
February 6, 2001
Volume 6 Number 3
X-Force Vulnerability and Threat Database: http://xforce.iss.net/ To
receive these Alert Summaries as well as other Alerts and Advisories,
subscribe to the Internet Security Systems Alert mailing list at:
http://xforce.iss.net/maillists/index.php
_____
Contents
120 Reported Vulnerabilities
Risk Factor Key
_____
Date Reported: 1/31/01
Vulnerability: win2k-rdp-dos
Platforms Affected: Windows 2000
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Windows 2000 Server RDP denial of service
X-Force URL: http://xforce.iss.net/static/6035.php
_____
Date Reported: 1/31/01
Vulnerability: cisco-ccs-file-access
Platforms Affected: Cisco Content Services Switch
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Cisco CCS command line interface could allow read access to files and directories
X-Force URL: http://xforce.iss.net/static/6031.php
_____
Date Reported: 1/31/01
Vulnerability: quicktime-embedded-tag-bo
Platforms Affected: Quicktime 4.1.2
Risk Factor: High
Attack Type: Host Based
Brief Description: QuickTime Player EMBED tag buffer overflow
X-Force URL: http://xforce.iss.net/static/6040.php
_____
Date Reported: 1/31/01
Vulnerability: solaris-ximp40-bo
Platforms Affected: Solaris (7, 8)
Risk Factor: High
Attack Type: Host Based
Brief Description: Solaris "ximp40" shared library buffer overflow
X-Force URL: http://xforce.iss.net/static/6039.php
_____
Date Reported: 1/31/01
Vulnerability: cisco-ccs-cli-dos
Platforms Affected: Cisco Content Services Switch
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Cisco CCS command line interface denial of service
X-Force URL: http://xforce.iss.net/static/6030.php
_____
Date Reported: 1/30/01
Vulnerability: slimserve-httpd-dos
Platforms Affected: SlimServe 1.0
Risk Factor: Medium
Attack Type: Network Based
Brief Description: SlimServe HTTPd denial of service
X-Force URL: http://xforce.iss.net/static/6028.php
_____
Date Reported: 1/30/01
Vulnerability: crazywwwboard-qdecoder-bo
Platforms Affected: CrazyWWWBoard prior to 2000LEp5-1
Risk Factor: Medium
Attack Type: Network Based
Brief Description: CrazyWWWBoard qDecoder buffer overflow
X-Force URL: http://xforce.iss.net/static/6033.php
_____
Date Reported: 1/30/01
Vulnerability: virusbuster-mua-bo
Platforms Affected:
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Virus Buster 2001 Mail User Agent (MUA) buffer overflow
X-Force URL: http://xforce.iss.net/static/6034.php
_____
Date Reported: 1/29/01
Vulnerability: iis-isapi-obtain-code
Platforms Affected: IIS (4.0, 5.0)
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: IIS allows remote attacker to obtain code fragments using .htr ISAPI extensions
X-Force URL: http://xforce.iss.net/static/6032.php
_____
Date Reported: 1/29/01
Vulnerability: bind-inverse-query-disclosure
Platforms Affected: Bind (4.x, 8.2.x)
Risk Factor: Medium
Attack Type: Network Based
Brief Description: BIND 4.x and 8.2.x exposes environment variables
X-Force URL: http://xforce.iss.net/static/6018.php
_____
Date Reported: 1/29/01
Vulnerability: hp-man-dos
Platforms Affected: HPUX
Risk Factor: Medium
Attack Type: Host Based
Brief Description: HP man command denial of service
X-Force URL: http://xforce.iss.net/static/6014.php
_____
Date Reported: 1/29/01
Vulnerability: sort-temp-file-abort
Platforms Affected: FreeBSD
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Sort temporary files denial of service
X-Force URL: http://xforce.iss.net/static/6038.php
_____
Date Reported: 1/29/01
Vulnerability: bind-complain-format-string
Platforms Affected: BIND 4.x
Risk Factor: Medium
Attack Type: Network Based
Brief Description: BIND 4.x nslookupComplain() format string
X-Force URL: http://xforce.iss.net/static/6017.php
_____
Date Reported: 1/29/01
Vulnerability: bind-complain-bo
Platforms Affected: BIND 4.x
Risk Factor: Medium
Attack Type: Network Based
Brief Description: BIND 4.x nslookupComplain() buffer overflow
X-Force URL: http://xforce.iss.net/static/6016.php
_____
Date Reported: 1/29/01
Vulnerability: winvnc-client-bo
Platforms Affected: WinVNC
Risk Factor: High
Attack Type: Network Based
Brief Description: WinVNC client buffer overflow
X-Force URL: http://xforce.iss.net/static/6025.php
_____
Date Reported: 1/29/01
Vulnerability: winvnc-server-bo
Platforms Affected: WinVNC
Risk Factor: High
Attack Type: Network Based
Brief Description: WinVNC server buffer overflow
X-Force URL: http://xforce.iss.net/static/6026.php
_____
Date Reported: 1/29/01
Vulnerability: guestserver-cgi-execute-commands
Platforms Affected: Guestserver 4.12 and earlier
Risk Factor: High
Attack Type: Network Based
Brief Description: Guestserver.cgi allows remote command execution
X-Force URL: http://xforce.iss.net/static/6027.php
_____
Date Reported: 1/29/01
Vulnerability: bind-tsig-bo
Platforms Affected: BIND 8.2.x
Risk Factor: Unauthorized Access Attempt
Attack Type: Network/Host Based
Brief Description: BIND 8.2.x transaction signature (TSIG) buffer overflow
X-Force URL: http://xforce.iss.net/static/6015.php
_____
Date Reported: 1/28/01
Vulnerability: hyperseek-cgi-reveal-info
Platforms Affected: Hyperseek Search Engine 2000
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Hyperseek CGI could reveal listings of directories and files
X-Force URL: http://xforce.iss.net/static/6012.php
_____
Date Reported: 1/26/01
Vulnerability: newsdaemon-gain-admin-access
Platforms Affected: NewsDaemon prior to 0.21b
Risk Factor: High
Attack Type: Network Based
Brief Description: NewsDaemon allows remote users to gain administrative access
X-Force URL: http://xforce.iss.net/static/6010.php
_____
Date Reported: 1/26/01
Vulnerability: mars-nwe-format-string
Platforms Affected: Mars_nwe 0.99.pl19
Risk Factor: High
Attack Type: Network Based
Brief Description: Mars_nwe format string
X-Force URL: http://xforce.iss.net/static/6019.php
_____
Date Reported: 1/26/01
Vulnerability: mars-nwe-format-string
Platforms Affected: Mars_nwe 0.99.pl19
Risk Factor: High
Attack Type: Network Based
Brief Description: Mars_nwe format string
X-Force URL: http://xforce.iss.net/static/6019.php
_____
Date Reported: 1/25/01
Vulnerability: planetintra-pi-bo
Platforms Affected: Planet Intra LAN Intranet 2.5
Risk Factor: High
Attack Type: Network Based
Brief Description: Planet Intra 'pi' binary buffer oveflow
X-Force URL: http://xforce.iss.net/static/6002.php
_____
Date Reported: 1/25/01
Vulnerability: borderware-ping-dos
Platforms Affected: BorderWare Firewall Server 6.1.2
Risk Factor: High
Attack Type: Network Based
Brief Description: BorderWare ping denial of service
X-Force URL: http://xforce.iss.net/static/6004.php
_____
Date Reported: 1/25/01
Vulnerability: aol-malformed-url-dos
Platforms Affected: AOL 5.0
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: AOL malformed URL denial of service
X-Force URL: http://xforce.iss.net/static/6009.php
_____
Date Reported: 1/25/01
Vulnerability: mirc-bypass-password
Platforms Affected: mIRC
Risk Factor: High
Attack Type: Host Based
Brief Description: mIRC allows malicious user to bypass password
X-Force URL: http://xforce.iss.net/static/6013.php
_____
Date Reported: 1/25/01
Vulnerability: netscape-enterprise-revlog-dos
Platforms Affected: Netscape Enterprise Server
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Netscape Enterprise Server REVLOG denial of service
X-Force URL: http://xforce.iss.net/static/6003.php
_____
Date Reported: 1/24/01
Vulnerability: aim-execute-code
Platforms Affected: AOL Instant Messenger 4.1 and later
Risk Factor: High
Attack Type: Host Based
Brief Description: AOL Instant Messenger execution of code in modified images
X-Force URL: http://xforce.iss.net/static/6005.php
_____
Date Reported: 1/24/01
Vulnerability: netscape-enterprise-list-directories
Platforms Affected: Netscape Enterprise Server (3.0, 4.0)
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Netscape Enterprise Server allows remote directory listing
X-Force URL: http://xforce.iss.net/static/5997.php
_____
Date Reported: 1/24/01
Vulnerability: winnt-mutex-dos
Platforms Affected: Windows NT 4.0
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Windows NT mutex denial of service
X-Force URL: http://xforce.iss.net/static/6006.php
_____
Date Reported: 1/24/01
Vulnerability: jrun-webinf-file-retrieval
Platforms Affected: JRun
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: JRun malformed URL file retrieval
X-Force URL: http://xforce.iss.net/static/6008.php
_____
Date Reported: 1/23/01
Vulnerability: ipfw-bypass-firewall
Platforms Affected: FreeBSD (3.x, 4.x)
Risk Factor: High
Attack Type: Network Based
Brief Description: ipfw/ip6fw allows remote attacker to bypass firewall
X-Force URL: http://xforce.iss.net/static/5998.php
_____
Date Reported: 1/23/01
Vulnerability: netopia-telnet-dos
Platforms Affected: Netopia R-series router
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Netopia R9100 allows remote user to crash the router using telnet
X-Force URL: http://xforce.iss.net/static/6001.php
_____
Date Reported: 1/23/01
Vulnerability: wuftp-debug-format-string
Platforms Affected: Wu-ftpd
Risk Factor: High
Attack Type: Network Based
Brief Description: Wu-ftpd debug mode format string
X-Force URL: http://xforce.iss.net/static/6020.php
_____
Date Reported: 1/23/01
Vulnerability: kde2-kdesu-retrieve-passwords
Platforms Affected: Linux: Caldera eDesktop 2.4
Risk Factor: High
Attack Type: Host Based
Brief Description: KDE2 kdesu program allows users to retrieve passwords
X-Force URL: http://xforce.iss.net/static/5995.php
_____
Date Reported: 1/23/01
Vulnerability: easycom-safecom-url-bo
Platforms Affected: Easycom/Safecom firmware 404.590
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Easycom/Safecom print server long URL buffer overflow
X-Force URL: http://xforce.iss.net/static/5988.php
_____
Date Reported: 1/23/01
Vulnerability: easycom-safecom-printguide-dos
Platforms Affected: Easycom/Safecom firmware 404.590
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Easycom/Safecom PrintGuide denial of service
X-Force URL: http://xforce.iss.net/static/5989.php
_____
Date Reported: 1/23/01
Vulnerability: easycom-safecom-ftp-dos
Platforms Affected: Easycom/Safecom firmware 404.590
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Easycom/Safecom FTP denial of service
X-Force URL: http://xforce.iss.net/static/5990.php
_____
Date Reported: 1/23/01
Vulnerability: vnc-weak-authentication
Platforms Affected: VNC 3.3.3 and earlier
Risk Factor: Medium
Attack Type: Network Based
Brief Description: VNC weak authentication could allow unauthorized access
X-Force URL: http://xforce.iss.net/static/5992.php
_____
Date Reported: 1/23/01
Vulnerability: lotus-domino-smtp-bo
Platforms Affected: Lotus Domino 5.0
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Lotus Domino SMTP Server policy feature buffer overflow
X-Force URL: http://xforce.iss.net/static/5993.php
_____
Date Reported: 1/23/01
Vulnerability: linux-sash-shadow-readable
Platforms Affected: sash prior to 3.4-4
Risk Factor: High
Attack Type: Host Based
Brief Description: Linux sash /etc/shadow directory world-readable
X-Force URL: http://xforce.iss.net/static/5994.php
_____
Date Reported: 1/22/01
Vulnerability: powerpoint-execute-code
Platforms Affected: Microsoft PowerPoint 2000
Risk Factor: High
Attack Type: Host Based
Brief Description: PowerPoint could allow code execution on another user's computer
X-Force URL: http://xforce.iss.net/static/5996.php
_____
Date Reported: 1/22/01
Vulnerability: icecast-format-string
Platforms Affected: Icecast 1.3.8beta2 and prior
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Icecast format string could allow arbitrary code execution
X-Force URL: http://xforce.iss.net/static/5978.php
_____
Date Reported: 1/22/01
Vulnerability: oracle-handlers-directory-traversal
Platforms Affected: Oracle 8.1.7
Risk Factor: High
Attack Type: Network Based
Brief Description: Oracle JSP/SQLJP handlers directory traversal
X-Force URL: http://xforce.iss.net/static/5986.php
_____
Date Reported: 1/22/01
Vulnerability: oracle-handlers-execute-jsp
Platforms Affected: Oracle 8.1.7
Risk Factor: High
Attack Type: Network Based
Brief Description: Oracle JSP/SQLJP handlers allows remote attacker to execute .jsp files
X-Force URL: http://xforce.iss.net/static/5987.php
_____
Date Reported: 1/22/01
Vulnerability: netscape-enterprise-dot-dos
Platforms Affected: Netscape Enterprise Server 4.1 SP5
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Netscape Enterprise Server "/../" denial of service
X-Force URL: http://xforce.iss.net/static/5983.php
_____
Date Reported: 1/22/01
Vulnerability: goodtech-ftp-dos
Platforms Affected: GoodTech FTP 3.0.1.2.1.0
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: GoodTech FTP server denial of service
X-Force URL: http://xforce.iss.net/static/5984.php
_____
Date Reported: 1/22/01
Vulnerability: netscape-fasttrack-cache-dos
Platforms Affected: Netscape FastTrack
Risk Factor: Low
Attack Type: Host Based
Brief Description: Netscape FastTrack Server cache denial of service
X-Force URL: http://xforce.iss.net/static/5985.php
_____
Date Reported: 1/21/01
Vulnerability: eeye-iris-dos
Platforms Affected: Iris Network Analyzer 1.01beta
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Iris denial of service
X-Force URL: http://xforce.iss.net/static/5981.php
_____
Date Reported: 1/20/01
Vulnerability: watchguard-firebox-obtain-passphrase
Platforms Affected: Firebox II
Risk Factor: High
Attack Type: Network Based
Brief Description: WatchGuard Firebox allows remote user to obtain passphrase
X-Force URL: http://xforce.iss.net/static/5979.php
_____
Date Reported: 1/19/01
Vulnerability: fastream-ftp-server-dos
Platforms Affected: Fastream FTP++ Simple FTP Server 2.0
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Fastream FTP denial of service
X-Force URL: http://xforce.iss.net/static/5976.php
_____
Date Reported: 1/19/01
Vulnerability: fastream-ftp-path-disclosure
Platforms Affected: Fastream FTP++ Simple FTP Server 2.0
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Fastream FTP path disclosure
X-Force URL: http://xforce.iss.net/static/5977.php
_____
Date Reported: 1/19/01
Vulnerability: localweb2k-directory-traversal
Platforms Affected: LocalWEB2000 HTTP Server 1.1.0
Risk Factor: Medium
Attack Type: Network Based
Brief Description: LocalWEB2000 directory traversal
X-Force URL: http://xforce.iss.net/static/5982.php
_____
Date Reported: 1/19/01
Vulnerability: win2k-efs-recover-data
Platforms Affected: Windows 2000
Risk Factor: High
Attack Type: Host Based
Brief Description: Windows 2000 EFS allows local user to recover sensitive data
X-Force URL: http://xforce.iss.net/static/5973.php
_____
Date Reported: 1/19/01
Vulnerability: linux-bing-bo
Platforms Affected: Linux
Risk Factor: High
Attack Type: Host Based
Brief Description: Bing host name buffer overflow
X-Force URL: http://xforce.iss.net/static/6036.php
_____
Date Reported: 1/18/01
Vulnerability: micq-sprintf-remote-bo
Platforms Affected: Matt's ICQ Clone 0.4.6
Risk Factor: High
Attack Type: Network Based
Brief Description: ICQ clone for Linux sprintf() remote buffer overflow
X-Force URL: http://xforce.iss.net/static/5962.php
_____
Date Reported: 1/18/01
Vulnerability: mysql-select-bo
Platforms Affected: MySQL prior to 3.23.31
Risk Factor: High
Attack Type: Host Based
Brief Description: MySQL select buffer overflow
X-Force URL: http://xforce.iss.net/static/5969.php
_____
Date Reported: 1/18/01
Vulnerability: shoutcast-description-bo
Platforms Affected: SHOUTcast DNAS 1.7.1
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: Shoutcast Server for Linux description buffer overflow
X-Force URL: http://xforce.iss.net/static/5965.php
_____
Date Reported: 1/17/01
Vulnerability: fw1-limited-license-dos
Platforms Affected: Check Point Firewall-1 4.1
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: FireWall-1 limited-IP license denial of service
X-Force URL: http://xforce.iss.net/static/5966.php
_____
Date Reported: 1/17/01
Vulnerability: fw1-limited-license-dos
Platforms Affected: Check Point Firewall-1 4.1
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: FireWall-1 limited-IP license denial of service
X-Force URL: http://xforce.iss.net/static/5966.php
_____
Date Reported: 1/17/01
Vulnerability: hp-stm-dos
Platforms Affected: HPUX
Risk Factor: Medium
Attack Type: Host Based
Brief Description: HP-UX Support Tools Manager denial of service
X-Force URL: http://xforce.iss.net/static/5957.php
_____
Date Reported: 1/17/01
Vulnerability: linux-webmin-tmpfiles
Platforms Affected: OpenLinux (2.3, 2.4)
Risk Factor: High
Attack Type: Host Based
Brief Description: Webmin use of tmpfiles could allow a local user to overwrite files
X-Force URL: http://xforce.iss.net/static/6011.php
_____
Date Reported: 1/17/01
Vulnerability: tinyproxy-remote-bo
Platforms Affected: tinyproxy 1.3.2 and 1.3.3
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Tinyproxy remote buffer overflow
X-Force URL: http://xforce.iss.net/static/5954.php
_____
Date Reported: 1/17/01
Vulnerability: postaci-sql-command-injection
Platforms Affected: PostACI
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Postaci SQL command injection
X-Force URL: http://xforce.iss.net/static/5972.ph p
_____
Date Reported: 1/17/01
Vulnerability: wwwwais-cgi-dos
Platforms Affected: wwwwais.c 25
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: wwwwais CGI based program denial of service
X-Force URL: http://xforce.iss.net/static/5980.php
_____
Date Reported: 1/17/01
Vulnerability: mime-header-attachment
Platforms Affected: MIME 1.0
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: MIME headers could allow spoofed file attachment
X-Force URL: http://xforce.iss.net/static/5991.php
_____
Date Reported: 1/16/01
Vulnerability: ssh-rpc-private-key
Platforms Affected: SSH
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: SSH secure-RPC could generate a passphrase that exposes a user's private key
X-Force URL: http://xforce.iss.net/static/5963.php
_____
Date Reported: 1/16/01
Vulnerability: linux-glibc-preload-overwrite
Platforms Affected: Linux
Risk Factor: Low
Attack Type: Host Based
Brief Description: Linux glibc LD_PRELOAD file overwrite
X-Force URL: http://xforce.iss.net/static/5971.php
_____
Date Reported: 1/16/01
Vulnerability: inn-tmpfile-symlink
Platforms Affected: InterNet News (INN)
Risk Factor: High
Attack Type: Host Based
Brief Description: INN tmpfile symbolic link
X-Force URL: http://xforce.iss.net/static/5974.php
_____
Date Reported: 1/15/01
Vulnerability: interscan-viruswall-insecure-password
Platforms Affected: InterScan VirusWall (3.0.1, 3.6.x)
Risk Factor: High
Attack Type: Network Based
Brief Description: InterScan VirusWall for Unix password change insecure
X-Force URL: http://xforce.iss.net/static/5944.php
_____
Date Reported: 1/15/01
Vulnerability: interscan-viruswall-weak-authentication
Platforms Affected: InterScan VirusWall (3.0.1, 3.6.x)
Risk Factor: Medium
Attack Type: Network Based
Brief Description: InterScan VirusWall for Unix uses weak authentication
X-Force URL: http://xforce.iss.net/static/5946.php
_____
Date Reported: 1/15/01
Vulnerability: ie-mshtml-dos
Platforms Affected: Internet Explorer 4.0 and later
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Internet Explorer mshtml.dll denial of service
X-Force URL: http://xforce.iss.net/static/5938.php
_____
Date Reported: 1/15/01
Vulnerability: dhcp-format-string
Platforms Affected: Caldera OpenLinux Desktop (2.3, 2.3.1, 2.4)
Risk Factor: High
Attack Type: Network Based
Brief Description: Caldera DHCP format string
X-Force URL: http://xforce.iss.net/static/5953.php
_____
Date Reported: 1/15/01
Vulnerability: win-mediaplayer-arbitrary-code
Platforms Affected: Windows Media Player 7.0
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Windows Media Player skins can be used execute arbitrary code
X-Force URL: http://xforce.iss.net/static/5937.php
_____
Date Reported: 1/15/01
Vulnerability: veritas-backupexec-dos
Platforms Affected: Backup Exec 4.5
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Veritas Backup Exec denial of service
X-Force URL: http://xforce.iss.net/static/5941.php
_____
Date Reported: 1/15/01
Vulnerability: interscan-viruswall-symlink
Platforms Affected: InterScan VirusWall (3.0.1, 3.6.x)
Risk Factor: High
Attack Type: Host Based
Brief Description: InterScan VirusWall for Unix symbolic link
X-Force URL: http://xforce.iss.net/static/5947.php
_____
Date Reported: 1/15/01
Vulnerability: omnihttpd-statsconfig-corrupt-files
Platforms Affected: OmniHTTPd
Risk Factor: Medium
Attack Type: Network Based
Brief Description: OmniHTTPd statsconfig.pl corrupt any file on the system
X-Force URL: http://xforce.iss.net/static/5955.php
_____
Date Reported: 1/15/01
Vulnerability: omnihttpd-statsconfig-execute-code
Platforms Affected: OmniHTTPd
Risk Factor: High
Attack Type: Network Based
Brief Description: OmniHTTPD statsconfig.pl allows code execution
X-Force URL: http://xforce.iss.net/static/5956.php
_____
Date Reported: 1/15/01
Vulnerability: icmp-pmtu-dos
Platforms Affected: Linux
BSD
Risk Factor: Medium
Attack Type: Network Based
Brief Description: ICMP PMTU denial of service
X-Force URL: http://xforce.iss.net/static/5975.php
_____
Date Reported: 1/15/01
Vulnerability: icmp-pmtu-dos
Platforms Affected: Linux
BSD
Risk Factor: Medium
Attack Type: Network Based
Brief Description: ICMP PMTU denial of service
X-Force URL: http://xforce.iss.net/static/5975.php
_____
Date Reported: 1/14/01
Vulnerability: splitvt-perserc-format-string
Platforms Affected: splitvt 1.6.4 and earlier
Risk Factor: High
Attack Type: Host Based
Brief Description: Splitvt perserc.c module format string
X-Force URL: http://xforce.iss.net/static/5948.php
_____
Date Reported: 1/14/01
Vulnerability: splitvt-perserc-format-string
Platforms Affected: splitvt 1.6.4 and earlier
Risk Factor: High
Attack Type: Host Based
Brief Description: Splitvt perserc.c module format string
X-Force URL: http://xforce.iss.net/static/5948.php
_____
Date Reported: 1/14/01
Vulnerability: flash-module-bo
Platforms Affected: Oliver Debon Flash plugin 0.4.9 and earlier
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Flash browser module buffer overflow
X-Force URL: http://xforce.iss.net/static/5952.php
_____
Date Reported: 1/13/01
Vulnerability: rctab-elevate-privileges
Platforms Affected: Linux SuSE
Risk Factor: Medium
Attack Type: Host Based
Brief Description: rctab in SuSE Linux could allow privilege elevation
X-Force URL: http://xforce.iss.net/static/5945.php
_____
Date Reported: 1/12/01
Vulnerability: ultraboard-cgi-perm
Platforms Affected: UltraBoard 2000B
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: UltraBoard CGI weak permissions
X-Force URL: http://xforce.iss.net/static/5931.php
_____
Date Reported: 1/12/01
Vulnerability: compaq-web-management-bo
Platforms Affected: Compaq Web-Based Management
Risk Factor: High
Attack Type: Network Based
Brief Description: Compaq Web-Based Management program buffer overflow
X-Force URL: http://xforce.iss.net/static/5935.php
_____
Date Reported: 1/12/01
Vulnerability: php-htaccess-unauth-access
Platforms Affected: PHP (4.0.0, 4.0.4)
Risk Factor: Low
Attack Type: Network Based
Brief Description: PHP could allow unauthorized access to restricted files
X-Force URL: http://xforce.iss.net/static/5940.php
_____
Date Reported: 1/12/01
Vulnerability: basilix-webmail-retrieve-files
Platforms Affected: Basilix Webmail 0.9.7beta
Risk Factor: Low
Attack Type: Network Based
Brief Description: Basilix Webmail System allows unauthorized users to retrieve files
X-Force URL: http://xforce.iss.net/static/5934.php
_____
Date Reported: 1/12/01
Vulnerability: solaris-arp-bo
Platforms Affected: Solaris
Risk Factor: High
Attack Type: Host Based
Brief Description: Solaris arp buffer overflow
X-Force URL: http://xforce.iss.net/static/5928.php
_____
Date Reported: 1/12/01
Vulnerability: php-view-source-code
Platforms Affected: PHP (4.0.0, 4.0.4)
Risk Factor: Low
Attack Type: Network Based
Brief Description: PHP could allow remote viewing of source code
X-Force URL: http://xforce.iss.net/static/5939.php
_____
Date Reported: 1/11/01
Vulnerability: wec-ntlm-authentication
Platforms Affected: Windows 2000
Microsoft Office 2000
Windows ME
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Web Extender Client (WEC) NTLM authentication
X-Force URL: http://xforce.iss.net/static/5920.php
_____
Date Reported: 1/11/01
Vulnerability: spamcop-url-seq-predict
Platforms Affected: SpamCop
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: SpamCop URL number increment sequence prediction
X-Force URL: http://xforce.iss.net/static/5933.php
_____
Date Reported: 1/10/01
Vulnerability: linux-wuftpd-privatepw-symlink
Platforms Affected: Linux
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux wu-ftpd privatepw symbolic link
X-Force URL: http://xforce.iss.net/static/5915.php
_____
Date Reported: 1/10/01
Vulnerability: rdist-symlink
Platforms Affected: rdist
Risk Factor: High
Attack Type: Host Based
Brief Description: rdist symbolic link
X-Force URL: http://xforce.iss.net/static/5925.php
_____
Date Reported: 1/10/01
Vulnerability: squid-email-symlink
Platforms Affected: squid
Risk Factor: High
Attack Type: Host Based
Brief Description: squid email notification symbolic link
X-Force URL: http://xforce.iss.net/static/5921.php
_____
Date Reported: 1/10/01
Vulnerability: linux-diffutils-sdiff-symlimk
Platforms Affected: Linux
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux diffutils sdiff symbolic link
X-Force URL: http://xforce.iss.net/static/5914.php
_____
Date Reported: 1/10/01
Vulnerability: tcpdump-arpwatch-symlink
Platforms Affected: arpwatch
Risk Factor: High
Attack Type: Host Based
Brief Description: tcpdump arpwatch symbolic link
X-Force URL: http://xforce.iss.net/static/5922.php
_____
Date Reported: 1/10/01
Vulnerability: linuxconf-vpop3d-symlink
Platforms Affected: linuxconf
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linuxconf vpop3d symbolic link
X-Force URL: http://xforce.iss.net/static/5923.php
_____
Date Reported: 1/10/01
Vulnerability: shadow-utils-useradd-symlink
Platforms Affected: shadow-utils
Risk Factor: High
Attack Type: Host Based
Brief Description: shadow-utils useradd symbolic link
X-Force URL: http://xforce.iss.net/static/5927.php
_____
Date Reported: 1/10/01
Vulnerability: linux-glibc-read-files
Platforms Affected: Linux glibc
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux glibc library can allow users to read restricted files
X-Force URL: http://xforce.iss.net/static/5907.php
_____
Date Reported: 1/10/01
Vulnerability: gettyps-symlink
Platforms Affected: gettyps
Risk Factor: High
Attack Type: Host Based
Brief Description: getty_ps symbolic link
X-Force URL: http://xforce.iss.net/static/5924.php
_____
Date Reported: 1/10/01
Vulnerability: linux-gpm-symlink
Platforms Affected: gpm
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux gpm symbolic link attack
X-Force URL: http://xforce.iss.net/static/5917.php
_____
Date Reported: 1/10/01
Vulnerability: linux-mgetty-symlink
Platforms Affected: mgetty
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux mgetty symbolic link attack
X-Force URL: http://xforce.iss.net/static/5918.php
_____
Date Reported: 1/10/01
Vulnerability: linux-apache-symlink
Platforms Affected: Apache
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux Apache symbolic link
X-Force URL: http://xforce.iss.net/static/5926.php
_____
Date Reported: 1/10/01
Vulnerability: linux-inn-symlink
Platforms Affected: inn
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux INN tmp directory symbolic link
X-Force URL: http://xforce.iss.net/static/5916.php
_____
Date Reported: 1/10/01
Vulnerability: conferenceroom-developer-dos
Platforms Affected: ConferenceRoom Professional Edition
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: ConferenceRoom Developer Edition denial of service
X-Force URL: http://xforce.iss.net/static/5909.php
_____
Date Reported: 1/9/01
Vulnerability: oracle-xsql-execute-code
Platforms Affected: Oracle 8.1.7
Risk Factor: High
Attack Type: Network Based
Brief Description: Oracle XSQL servlet and xml-stylesheet allows code execution on server
X-Force URL: http://xforce.iss.net/static/5905.php
_____
Date Reported: 1/9/01
Vulnerability: netscreen-webui-bo
Platforms Affected: NetScreen
Risk Factor: Medium
Attack Type: Network Based
Brief Description: NetScreen Firewall WebUI buffer overflow
X-Force URL: http://xforce.iss.net/static/5908.php
_____
Date Reported: 1/9/01
Vulnerability: suse-reiserfs-long-filenames
Platforms Affected: SuSE 7.0
Risk Factor: High
Attack Type: Host Based
Brief Description: SuSE reiserfs long file name denial of service
X-Force URL: http://xforce.iss.net/static/5910.php
_____
Date Reported: 1/9/01
Vulnerability: interbase-backdoor-account
Platforms Affected: InterBase 6.01 and earlier
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: InterBase built-in backdoor account
X-Force URL: http://xforce.iss.net/static/5911.php
_____
Date Reported: 1/9/01
Vulnerability: interbase-hidden-function-dos
Platforms Affected: InterBase 6.01
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: InterBase hidden function denial of service
X-Force URL: http://xforce.iss.net/static/5912.php
_____
Date Reported: 1/9/01
Vulnerability: brickserver-thttpd-dos
Platforms Affected: BRICKServer Small Business
Risk Factor: Medium
Attack Type: Network Based
Brief Description: BRICKServer thttpd denial of service
X-Force URL: http://xforce.iss.net/static/5919.php
_____
Date Reported: 1/9/01
Vulnerability: solaris-exrecover-bo
Platforms Affected: Solaris (2.4, 2.5, 2.5.1, 2.6)
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Solaris exrecover buffer overflow
X-Force URL: http://xforce.iss.net/static/5913.php
_____
Date Reported: 1/9/01
Vulnerability: hp-inetd-swait-dos
Platforms Affected: HPUX
Risk Factor: Medium
Attack Type: Host Based
Brief Description: HP-UX inetd swait denial of service
X-Force URL: http://xforce.iss.net/static/5904.php
_____
Date Reported: 1/8/01
Vulnerability: microsoft-iis-read-files
Platforms Affected: IIS (4.0, 5.0)
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Microsoft IIS 5.0 allows the viewing of files through malformed URL
X-Force URL: http://xforce.iss.net/static/5903.php
_____
Date Reported: 1/8/01
Vulnerability: ibm-websphere-dos
Platforms Affected: IBM Websphere 3.52
IBM HTTP Server 1.3.12
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: IBM WebSphere denial of service
X-Force URL: http://xforce.iss.net/static/5900.php
_____
Date Reported: 1/8/01
Vulnerability: storagesoft-imagecast-dos
Platforms Affected: ImageCast 4.1
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: StorageSoft ImageCast denial of service
X-Force URL: http://xforce.iss.net/static/5901.php
_____
Date Reported: 1/8/01
Vulnerability: nai-pgp-replace-keys
Platforms Affected: PGP 7.0
Risk Factor: Medium
Attack Type: Host Based
Brief Description: PGP users may replace signed exported key blocks with arbitrary keys
X-Force URL: http://xforce.iss.net/static/5902.php
_____
Date Reported: 1/7/01
Vulnerability: http-cgi-bbs-forum
Platforms Affected: WebBBS 1.0
Risk Factor: High
Attack Type: Network Based
Brief Description: bbs_forum.cgi allows remote command execution
X-Force URL: http://xforce.iss.net/static/5906.php
_____
Date Reported: 1/5/01
Vulnerability: lotus-domino-directory-traversal
Platforms Affected: Lotus Domino 5.0.x
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Lotus Domino 5.0.x .nsf, .box, and .ns4 directory traversal
X-Force URL: http://xforce.iss.net/static/5899.php
_____
Date Reported: 1/5/01
Vulnerability: http-cgi-fastgraf
Platforms Affected: FASTGRAF
Risk Factor: High
Attack Type: Network Based
Brief Description: Fastgraf CGI scripts allow remote command execution
X-Force URL: http://xforce.iss.net/static/5897.php
_____
Date Reported: 1/4/01
Vulnerability: newsdesk-cgi-read-files
Platforms Affected: Newsdesk 1.2
Risk Factor: High
Attack Type: Network Based
Brief Description: Newsdesk.cgi allows read access to files
X-Force URL: http://xforce.iss.net/static/5898.php
_____
Date Reported: 1/1/01
Vulnerability: gtk-module-execute-code
Platforms Affected: GTK+ 1.2.8 and earlier
Risk Factor: High
Attack Type: Host Based
Brief Description: GTK+ arbitrary code execution using custom loadable module
X-Force URL: http://xforce.iss.net/static/5832.php
_____
Date Reported: 1/1/01
Vulnerability: linux-tty-writable-dos
Platforms Affected: Linux
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux writable TTY denial of service
X-Force URL: http://xforce.iss.net/static/5896.php
_____
Risk Factor Key:
High Any vulnerability that provides an attacker with immediate
access into a machine, gains superuser access, or bypasses
a firewall. Example: A vulnerable Sendmail 8.6.5 version
that allows an intruder to execute commands on mail
server.
Medium Any vulnerability that provides information that has a
high potential of giving system access to an intruder.
Example: A misconfigured TFTP or vulnerable NIS server
that allows an intruder to get the password file that
could contain an account with a guessable password.
Low Any vulnerability that provides information that
potentially could lead to a compromise. Example: A
finger that allows an intruder to find out who is online
and potential accounts to attempt to crack passwords
via brute force methods.
_____
Additional Information
This document is available at http://xforce.iss.net/alerts/advisennn.php.
To receive these Alerts and Advisories:
- - Subscribe to the Alert mailing list from
http://xforce.iss.net/maillists/index.php
- - Or send an email to majordomo@iss.net, and within the body of the
message type:
'subscribe alert' (without the quotes).
About Internet Security Systems (ISS)
Internet Security Systems, Inc. (ISS) (NASDAQ: ISSX) is the leading
global provider of security management solutions for the Internet.
By combining best of breed products, security management services,
aggressive research and development, and comprehensive educational
and consulting services, ISS is the trusted security advisor for
thousands of organizations around the world looking to protect their
mission critical information and networks.
Copyright (c) 2001 by Internet Security Systems, Inc.
Permission is hereby granted for the redistribution of this Alert
electronically. It is not to be edited in any way without express consent
of the X-Force. If you wish to reprint the whole or any part of this
Alert in any other medium excluding electronic medium, please e-mail
xforce@iss.net for permission.
Disclaimer
The information within this paper may change without notice. Use of this
information constitutes acceptance for use in an AS IS condition. There
are NO warranties with regard to this information. In no event shall the
author be liable for any damages whatsoever arising out of or in
connection with the use or spread of this information. Any use of this
information is at the user's own risk.
X-Force PGP Key available at: http://xforce.iss.net/sensitive.php as
well as on MIT's PGP key server and PGP.com's key server.
Please send suggestions, updates, and comments to: X-Force xforce@iss.net
of Internet Security Systems, Inc.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a
Charset: noconv
iQCVAwUBOogB2jRfJiV99eG9AQESogP9HsIDfUmYkJuWUmNqPhb22a6CVpi/TiG9
7mvhdGc3ySS6LqrvTZgXrBzAcxFlHrdTSmNka8yGiLvYAb0lnghFRZ2OxxRfK11m
AV9VS9/Yty/Qk8BnA/7tx4DIcM4Nhry1kTqTbDkpbcfXOb2LI2WUGnMHF/xkc1ge
3mV5zJXCUM4=
=ClrQ
-----END PGP SIGNATURE-----
| VAR-200106-0104 | CVE-2001-0313 | SSH1 may generate weak passphrase when using Secure RPC |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Borderware Firewall Server 6.1.2 allows remote attackers to cause a denial of service via a ping to the broadcast address of the public network on which the server is placed, which causes the server to continuously send pings (echo requests) to the network. The secure-RPC feature of the SSH1 client in Solaris sometimes encrypts the SSH private key file with a weak passphrase, which can be determined by an attacker and used to recover the SSH private keys. Other versions of the SSH client running on non-Solaris platforms are not affected by this vulnerability. NewsDaemon prior to version 0.21b contains a vulnerability allowing remote attackers to gain administrative access to the web site. getty_ps is an open-source software package designed to support logons to the console and terminals. Some implementations create temporary files insecurely with predictable names, leading to corruption of arbitrary files via symbolic link attack. getty_ps is an open source, freely available, publicly maintained software package shipped with many distributions of Linux.
A problem in the getty_ps software package could make it vulnerable to a symbolic link attack. The problem occurs in the creation and handling of files in the /tmp directory by the getty_ps program. Under certain circumstances, getty_ps will create files in the /tmp filesystem in an insecure manner. The program uses a naming scheme that could make it possible to guess the filename of future files in the /tmp directory, and does not check for the existance of the file before attempting to create it. A malicious user could use this vulnerability to overwrite or append to and corrupt system files. SSH is a package designed to encrypt traffic between two end points using the IETF specified SSH protocol. The SSH1 package is distributed and maintained by SSH Communications Security.
A problem exists which could allow the discovery of the secret key used to encrypt traffic on the local host. When using SUN-DES-1 to share keys with other hosts on the network to facilitate secure communication via protocols such as NFS and NIS+, the keys are shared between hosts using the private key of the user and a cryptographic algorithm to secure the contents of the key, which is stored on the NIS+ primary. The problem occurs when the key is encrypted with the SUN-DES-1 magic phrase prior to having done a keylogin (the keyserv does not have the users DH private key). A design flaw in the software that shares the key with the NIS+ master will inconsistently return the correct value for an attempted keyshare that has failed. A step in the private key encryption process is skipped, and the users private key is then encrypted only with the public key of the target server and the SUN-DES-1 magic phrase, a phrase that is guessable due to the way it is generated. A user from the same host can then execute a function that returns another users magic phrase, and use this to decrypt the private key of the victim. This makes it possible for a user with malicious intent to gain knowledge of a users secret key, and decrypt sensitive traffic between two hosts, with the possibility of gaining access and elevated privileges on the hosts and/or NIS+ domain. This reportedly affects the SSH2 series of the software package. Firewall Server is prone to a denial-of-service vulnerability.
TO UNSUBSCRIBE: email "unsubscribe alert" in the body of your message to
majordomo@iss.net Contact alert-owner@iss.net for help with any problems!
---------------------------------------------------------------------------
-----BEGIN PGP SIGNED MESSAGE-----
Internet Security Systems Security Alert Summary
February 6, 2001
Volume 6 Number 3
X-Force Vulnerability and Threat Database: http://xforce.iss.net/ To
receive these Alert Summaries as well as other Alerts and Advisories,
subscribe to the Internet Security Systems Alert mailing list at:
http://xforce.iss.net/maillists/index.php
_____
Contents
120 Reported Vulnerabilities
Risk Factor Key
_____
Date Reported: 1/31/01
Vulnerability: win2k-rdp-dos
Platforms Affected: Windows 2000
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Windows 2000 Server RDP denial of service
X-Force URL: http://xforce.iss.net/static/6035.php
_____
Date Reported: 1/31/01
Vulnerability: cisco-ccs-file-access
Platforms Affected: Cisco Content Services Switch
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Cisco CCS command line interface could allow read access to files and directories
X-Force URL: http://xforce.iss.net/static/6031.php
_____
Date Reported: 1/31/01
Vulnerability: quicktime-embedded-tag-bo
Platforms Affected: Quicktime 4.1.2
Risk Factor: High
Attack Type: Host Based
Brief Description: QuickTime Player EMBED tag buffer overflow
X-Force URL: http://xforce.iss.net/static/6040.php
_____
Date Reported: 1/31/01
Vulnerability: solaris-ximp40-bo
Platforms Affected: Solaris (7, 8)
Risk Factor: High
Attack Type: Host Based
Brief Description: Solaris "ximp40" shared library buffer overflow
X-Force URL: http://xforce.iss.net/static/6039.php
_____
Date Reported: 1/31/01
Vulnerability: cisco-ccs-cli-dos
Platforms Affected: Cisco Content Services Switch
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Cisco CCS command line interface denial of service
X-Force URL: http://xforce.iss.net/static/6030.php
_____
Date Reported: 1/30/01
Vulnerability: slimserve-httpd-dos
Platforms Affected: SlimServe 1.0
Risk Factor: Medium
Attack Type: Network Based
Brief Description: SlimServe HTTPd denial of service
X-Force URL: http://xforce.iss.net/static/6028.php
_____
Date Reported: 1/30/01
Vulnerability: crazywwwboard-qdecoder-bo
Platforms Affected: CrazyWWWBoard prior to 2000LEp5-1
Risk Factor: Medium
Attack Type: Network Based
Brief Description: CrazyWWWBoard qDecoder buffer overflow
X-Force URL: http://xforce.iss.net/static/6033.php
_____
Date Reported: 1/30/01
Vulnerability: virusbuster-mua-bo
Platforms Affected:
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Virus Buster 2001 Mail User Agent (MUA) buffer overflow
X-Force URL: http://xforce.iss.net/static/6034.php
_____
Date Reported: 1/29/01
Vulnerability: iis-isapi-obtain-code
Platforms Affected: IIS (4.0, 5.0)
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: IIS allows remote attacker to obtain code fragments using .htr ISAPI extensions
X-Force URL: http://xforce.iss.net/static/6032.php
_____
Date Reported: 1/29/01
Vulnerability: bind-inverse-query-disclosure
Platforms Affected: Bind (4.x, 8.2.x)
Risk Factor: Medium
Attack Type: Network Based
Brief Description: BIND 4.x and 8.2.x exposes environment variables
X-Force URL: http://xforce.iss.net/static/6018.php
_____
Date Reported: 1/29/01
Vulnerability: hp-man-dos
Platforms Affected: HPUX
Risk Factor: Medium
Attack Type: Host Based
Brief Description: HP man command denial of service
X-Force URL: http://xforce.iss.net/static/6014.php
_____
Date Reported: 1/29/01
Vulnerability: sort-temp-file-abort
Platforms Affected: FreeBSD
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Sort temporary files denial of service
X-Force URL: http://xforce.iss.net/static/6038.php
_____
Date Reported: 1/29/01
Vulnerability: bind-complain-format-string
Platforms Affected: BIND 4.x
Risk Factor: Medium
Attack Type: Network Based
Brief Description: BIND 4.x nslookupComplain() format string
X-Force URL: http://xforce.iss.net/static/6017.php
_____
Date Reported: 1/29/01
Vulnerability: bind-complain-bo
Platforms Affected: BIND 4.x
Risk Factor: Medium
Attack Type: Network Based
Brief Description: BIND 4.x nslookupComplain() buffer overflow
X-Force URL: http://xforce.iss.net/static/6016.php
_____
Date Reported: 1/29/01
Vulnerability: winvnc-client-bo
Platforms Affected: WinVNC
Risk Factor: High
Attack Type: Network Based
Brief Description: WinVNC client buffer overflow
X-Force URL: http://xforce.iss.net/static/6025.php
_____
Date Reported: 1/29/01
Vulnerability: winvnc-server-bo
Platforms Affected: WinVNC
Risk Factor: High
Attack Type: Network Based
Brief Description: WinVNC server buffer overflow
X-Force URL: http://xforce.iss.net/static/6026.php
_____
Date Reported: 1/29/01
Vulnerability: guestserver-cgi-execute-commands
Platforms Affected: Guestserver 4.12 and earlier
Risk Factor: High
Attack Type: Network Based
Brief Description: Guestserver.cgi allows remote command execution
X-Force URL: http://xforce.iss.net/static/6027.php
_____
Date Reported: 1/29/01
Vulnerability: bind-tsig-bo
Platforms Affected: BIND 8.2.x
Risk Factor: Unauthorized Access Attempt
Attack Type: Network/Host Based
Brief Description: BIND 8.2.x transaction signature (TSIG) buffer overflow
X-Force URL: http://xforce.iss.net/static/6015.php
_____
Date Reported: 1/28/01
Vulnerability: hyperseek-cgi-reveal-info
Platforms Affected: Hyperseek Search Engine 2000
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Hyperseek CGI could reveal listings of directories and files
X-Force URL: http://xforce.iss.net/static/6012.php
_____
Date Reported: 1/26/01
Vulnerability: newsdaemon-gain-admin-access
Platforms Affected: NewsDaemon prior to 0.21b
Risk Factor: High
Attack Type: Network Based
Brief Description: NewsDaemon allows remote users to gain administrative access
X-Force URL: http://xforce.iss.net/static/6010.php
_____
Date Reported: 1/26/01
Vulnerability: mars-nwe-format-string
Platforms Affected: Mars_nwe 0.99.pl19
Risk Factor: High
Attack Type: Network Based
Brief Description: Mars_nwe format string
X-Force URL: http://xforce.iss.net/static/6019.php
_____
Date Reported: 1/26/01
Vulnerability: mars-nwe-format-string
Platforms Affected: Mars_nwe 0.99.pl19
Risk Factor: High
Attack Type: Network Based
Brief Description: Mars_nwe format string
X-Force URL: http://xforce.iss.net/static/6019.php
_____
Date Reported: 1/25/01
Vulnerability: planetintra-pi-bo
Platforms Affected: Planet Intra LAN Intranet 2.5
Risk Factor: High
Attack Type: Network Based
Brief Description: Planet Intra 'pi' binary buffer oveflow
X-Force URL: http://xforce.iss.net/static/6002.php
_____
Date Reported: 1/25/01
Vulnerability: borderware-ping-dos
Platforms Affected: BorderWare Firewall Server 6.1.2
Risk Factor: High
Attack Type: Network Based
Brief Description: BorderWare ping denial of service
X-Force URL: http://xforce.iss.net/static/6004.php
_____
Date Reported: 1/25/01
Vulnerability: aol-malformed-url-dos
Platforms Affected: AOL 5.0
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: AOL malformed URL denial of service
X-Force URL: http://xforce.iss.net/static/6009.php
_____
Date Reported: 1/25/01
Vulnerability: mirc-bypass-password
Platforms Affected: mIRC
Risk Factor: High
Attack Type: Host Based
Brief Description: mIRC allows malicious user to bypass password
X-Force URL: http://xforce.iss.net/static/6013.php
_____
Date Reported: 1/25/01
Vulnerability: netscape-enterprise-revlog-dos
Platforms Affected: Netscape Enterprise Server
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Netscape Enterprise Server REVLOG denial of service
X-Force URL: http://xforce.iss.net/static/6003.php
_____
Date Reported: 1/24/01
Vulnerability: aim-execute-code
Platforms Affected: AOL Instant Messenger 4.1 and later
Risk Factor: High
Attack Type: Host Based
Brief Description: AOL Instant Messenger execution of code in modified images
X-Force URL: http://xforce.iss.net/static/6005.php
_____
Date Reported: 1/24/01
Vulnerability: netscape-enterprise-list-directories
Platforms Affected: Netscape Enterprise Server (3.0, 4.0)
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Netscape Enterprise Server allows remote directory listing
X-Force URL: http://xforce.iss.net/static/5997.php
_____
Date Reported: 1/24/01
Vulnerability: winnt-mutex-dos
Platforms Affected: Windows NT 4.0
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Windows NT mutex denial of service
X-Force URL: http://xforce.iss.net/static/6006.php
_____
Date Reported: 1/24/01
Vulnerability: jrun-webinf-file-retrieval
Platforms Affected: JRun
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: JRun malformed URL file retrieval
X-Force URL: http://xforce.iss.net/static/6008.php
_____
Date Reported: 1/23/01
Vulnerability: ipfw-bypass-firewall
Platforms Affected: FreeBSD (3.x, 4.x)
Risk Factor: High
Attack Type: Network Based
Brief Description: ipfw/ip6fw allows remote attacker to bypass firewall
X-Force URL: http://xforce.iss.net/static/5998.php
_____
Date Reported: 1/23/01
Vulnerability: netopia-telnet-dos
Platforms Affected: Netopia R-series router
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Netopia R9100 allows remote user to crash the router using telnet
X-Force URL: http://xforce.iss.net/static/6001.php
_____
Date Reported: 1/23/01
Vulnerability: wuftp-debug-format-string
Platforms Affected: Wu-ftpd
Risk Factor: High
Attack Type: Network Based
Brief Description: Wu-ftpd debug mode format string
X-Force URL: http://xforce.iss.net/static/6020.php
_____
Date Reported: 1/23/01
Vulnerability: kde2-kdesu-retrieve-passwords
Platforms Affected: Linux: Caldera eDesktop 2.4
Risk Factor: High
Attack Type: Host Based
Brief Description: KDE2 kdesu program allows users to retrieve passwords
X-Force URL: http://xforce.iss.net/static/5995.php
_____
Date Reported: 1/23/01
Vulnerability: easycom-safecom-url-bo
Platforms Affected: Easycom/Safecom firmware 404.590
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Easycom/Safecom print server long URL buffer overflow
X-Force URL: http://xforce.iss.net/static/5988.php
_____
Date Reported: 1/23/01
Vulnerability: easycom-safecom-printguide-dos
Platforms Affected: Easycom/Safecom firmware 404.590
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Easycom/Safecom PrintGuide denial of service
X-Force URL: http://xforce.iss.net/static/5989.php
_____
Date Reported: 1/23/01
Vulnerability: easycom-safecom-ftp-dos
Platforms Affected: Easycom/Safecom firmware 404.590
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Easycom/Safecom FTP denial of service
X-Force URL: http://xforce.iss.net/static/5990.php
_____
Date Reported: 1/23/01
Vulnerability: vnc-weak-authentication
Platforms Affected: VNC 3.3.3 and earlier
Risk Factor: Medium
Attack Type: Network Based
Brief Description: VNC weak authentication could allow unauthorized access
X-Force URL: http://xforce.iss.net/static/5992.php
_____
Date Reported: 1/23/01
Vulnerability: lotus-domino-smtp-bo
Platforms Affected: Lotus Domino 5.0
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Lotus Domino SMTP Server policy feature buffer overflow
X-Force URL: http://xforce.iss.net/static/5993.php
_____
Date Reported: 1/23/01
Vulnerability: linux-sash-shadow-readable
Platforms Affected: sash prior to 3.4-4
Risk Factor: High
Attack Type: Host Based
Brief Description: Linux sash /etc/shadow directory world-readable
X-Force URL: http://xforce.iss.net/static/5994.php
_____
Date Reported: 1/22/01
Vulnerability: powerpoint-execute-code
Platforms Affected: Microsoft PowerPoint 2000
Risk Factor: High
Attack Type: Host Based
Brief Description: PowerPoint could allow code execution on another user's computer
X-Force URL: http://xforce.iss.net/static/5996.php
_____
Date Reported: 1/22/01
Vulnerability: icecast-format-string
Platforms Affected: Icecast 1.3.8beta2 and prior
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Icecast format string could allow arbitrary code execution
X-Force URL: http://xforce.iss.net/static/5978.php
_____
Date Reported: 1/22/01
Vulnerability: oracle-handlers-directory-traversal
Platforms Affected: Oracle 8.1.7
Risk Factor: High
Attack Type: Network Based
Brief Description: Oracle JSP/SQLJP handlers directory traversal
X-Force URL: http://xforce.iss.net/static/5986.php
_____
Date Reported: 1/22/01
Vulnerability: oracle-handlers-execute-jsp
Platforms Affected: Oracle 8.1.7
Risk Factor: High
Attack Type: Network Based
Brief Description: Oracle JSP/SQLJP handlers allows remote attacker to execute .jsp files
X-Force URL: http://xforce.iss.net/static/5987.php
_____
Date Reported: 1/22/01
Vulnerability: netscape-enterprise-dot-dos
Platforms Affected: Netscape Enterprise Server 4.1 SP5
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Netscape Enterprise Server "/../" denial of service
X-Force URL: http://xforce.iss.net/static/5983.php
_____
Date Reported: 1/22/01
Vulnerability: goodtech-ftp-dos
Platforms Affected: GoodTech FTP 3.0.1.2.1.0
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: GoodTech FTP server denial of service
X-Force URL: http://xforce.iss.net/static/5984.php
_____
Date Reported: 1/22/01
Vulnerability: netscape-fasttrack-cache-dos
Platforms Affected: Netscape FastTrack
Risk Factor: Low
Attack Type: Host Based
Brief Description: Netscape FastTrack Server cache denial of service
X-Force URL: http://xforce.iss.net/static/5985.php
_____
Date Reported: 1/21/01
Vulnerability: eeye-iris-dos
Platforms Affected: Iris Network Analyzer 1.01beta
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Iris denial of service
X-Force URL: http://xforce.iss.net/static/5981.php
_____
Date Reported: 1/20/01
Vulnerability: watchguard-firebox-obtain-passphrase
Platforms Affected: Firebox II
Risk Factor: High
Attack Type: Network Based
Brief Description: WatchGuard Firebox allows remote user to obtain passphrase
X-Force URL: http://xforce.iss.net/static/5979.php
_____
Date Reported: 1/19/01
Vulnerability: fastream-ftp-server-dos
Platforms Affected: Fastream FTP++ Simple FTP Server 2.0
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Fastream FTP denial of service
X-Force URL: http://xforce.iss.net/static/5976.php
_____
Date Reported: 1/19/01
Vulnerability: fastream-ftp-path-disclosure
Platforms Affected: Fastream FTP++ Simple FTP Server 2.0
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Fastream FTP path disclosure
X-Force URL: http://xforce.iss.net/static/5977.php
_____
Date Reported: 1/19/01
Vulnerability: localweb2k-directory-traversal
Platforms Affected: LocalWEB2000 HTTP Server 1.1.0
Risk Factor: Medium
Attack Type: Network Based
Brief Description: LocalWEB2000 directory traversal
X-Force URL: http://xforce.iss.net/static/5982.php
_____
Date Reported: 1/19/01
Vulnerability: win2k-efs-recover-data
Platforms Affected: Windows 2000
Risk Factor: High
Attack Type: Host Based
Brief Description: Windows 2000 EFS allows local user to recover sensitive data
X-Force URL: http://xforce.iss.net/static/5973.php
_____
Date Reported: 1/19/01
Vulnerability: linux-bing-bo
Platforms Affected: Linux
Risk Factor: High
Attack Type: Host Based
Brief Description: Bing host name buffer overflow
X-Force URL: http://xforce.iss.net/static/6036.php
_____
Date Reported: 1/18/01
Vulnerability: micq-sprintf-remote-bo
Platforms Affected: Matt's ICQ Clone 0.4.6
Risk Factor: High
Attack Type: Network Based
Brief Description: ICQ clone for Linux sprintf() remote buffer overflow
X-Force URL: http://xforce.iss.net/static/5962.php
_____
Date Reported: 1/18/01
Vulnerability: mysql-select-bo
Platforms Affected: MySQL prior to 3.23.31
Risk Factor: High
Attack Type: Host Based
Brief Description: MySQL select buffer overflow
X-Force URL: http://xforce.iss.net/static/5969.php
_____
Date Reported: 1/18/01
Vulnerability: shoutcast-description-bo
Platforms Affected: SHOUTcast DNAS 1.7.1
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: Shoutcast Server for Linux description buffer overflow
X-Force URL: http://xforce.iss.net/static/5965.php
_____
Date Reported: 1/17/01
Vulnerability: fw1-limited-license-dos
Platforms Affected: Check Point Firewall-1 4.1
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: FireWall-1 limited-IP license denial of service
X-Force URL: http://xforce.iss.net/static/5966.php
_____
Date Reported: 1/17/01
Vulnerability: fw1-limited-license-dos
Platforms Affected: Check Point Firewall-1 4.1
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: FireWall-1 limited-IP license denial of service
X-Force URL: http://xforce.iss.net/static/5966.php
_____
Date Reported: 1/17/01
Vulnerability: hp-stm-dos
Platforms Affected: HPUX
Risk Factor: Medium
Attack Type: Host Based
Brief Description: HP-UX Support Tools Manager denial of service
X-Force URL: http://xforce.iss.net/static/5957.php
_____
Date Reported: 1/17/01
Vulnerability: linux-webmin-tmpfiles
Platforms Affected: OpenLinux (2.3, 2.4)
Risk Factor: High
Attack Type: Host Based
Brief Description: Webmin use of tmpfiles could allow a local user to overwrite files
X-Force URL: http://xforce.iss.net/static/6011.php
_____
Date Reported: 1/17/01
Vulnerability: tinyproxy-remote-bo
Platforms Affected: tinyproxy 1.3.2 and 1.3.3
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Tinyproxy remote buffer overflow
X-Force URL: http://xforce.iss.net/static/5954.php
_____
Date Reported: 1/17/01
Vulnerability: postaci-sql-command-injection
Platforms Affected: PostACI
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Postaci SQL command injection
X-Force URL: http://xforce.iss.net/static/5972.ph p
_____
Date Reported: 1/17/01
Vulnerability: wwwwais-cgi-dos
Platforms Affected: wwwwais.c 25
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: wwwwais CGI based program denial of service
X-Force URL: http://xforce.iss.net/static/5980.php
_____
Date Reported: 1/17/01
Vulnerability: mime-header-attachment
Platforms Affected: MIME 1.0
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: MIME headers could allow spoofed file attachment
X-Force URL: http://xforce.iss.net/static/5991.php
_____
Date Reported: 1/16/01
Vulnerability: ssh-rpc-private-key
Platforms Affected: SSH
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: SSH secure-RPC could generate a passphrase that exposes a user's private key
X-Force URL: http://xforce.iss.net/static/5963.php
_____
Date Reported: 1/16/01
Vulnerability: linux-glibc-preload-overwrite
Platforms Affected: Linux
Risk Factor: Low
Attack Type: Host Based
Brief Description: Linux glibc LD_PRELOAD file overwrite
X-Force URL: http://xforce.iss.net/static/5971.php
_____
Date Reported: 1/16/01
Vulnerability: inn-tmpfile-symlink
Platforms Affected: InterNet News (INN)
Risk Factor: High
Attack Type: Host Based
Brief Description: INN tmpfile symbolic link
X-Force URL: http://xforce.iss.net/static/5974.php
_____
Date Reported: 1/15/01
Vulnerability: interscan-viruswall-insecure-password
Platforms Affected: InterScan VirusWall (3.0.1, 3.6.x)
Risk Factor: High
Attack Type: Network Based
Brief Description: InterScan VirusWall for Unix password change insecure
X-Force URL: http://xforce.iss.net/static/5944.php
_____
Date Reported: 1/15/01
Vulnerability: interscan-viruswall-weak-authentication
Platforms Affected: InterScan VirusWall (3.0.1, 3.6.x)
Risk Factor: Medium
Attack Type: Network Based
Brief Description: InterScan VirusWall for Unix uses weak authentication
X-Force URL: http://xforce.iss.net/static/5946.php
_____
Date Reported: 1/15/01
Vulnerability: ie-mshtml-dos
Platforms Affected: Internet Explorer 4.0 and later
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Internet Explorer mshtml.dll denial of service
X-Force URL: http://xforce.iss.net/static/5938.php
_____
Date Reported: 1/15/01
Vulnerability: dhcp-format-string
Platforms Affected: Caldera OpenLinux Desktop (2.3, 2.3.1, 2.4)
Risk Factor: High
Attack Type: Network Based
Brief Description: Caldera DHCP format string
X-Force URL: http://xforce.iss.net/static/5953.php
_____
Date Reported: 1/15/01
Vulnerability: win-mediaplayer-arbitrary-code
Platforms Affected: Windows Media Player 7.0
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Windows Media Player skins can be used execute arbitrary code
X-Force URL: http://xforce.iss.net/static/5937.php
_____
Date Reported: 1/15/01
Vulnerability: veritas-backupexec-dos
Platforms Affected: Backup Exec 4.5
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Veritas Backup Exec denial of service
X-Force URL: http://xforce.iss.net/static/5941.php
_____
Date Reported: 1/15/01
Vulnerability: interscan-viruswall-symlink
Platforms Affected: InterScan VirusWall (3.0.1, 3.6.x)
Risk Factor: High
Attack Type: Host Based
Brief Description: InterScan VirusWall for Unix symbolic link
X-Force URL: http://xforce.iss.net/static/5947.php
_____
Date Reported: 1/15/01
Vulnerability: omnihttpd-statsconfig-corrupt-files
Platforms Affected: OmniHTTPd
Risk Factor: Medium
Attack Type: Network Based
Brief Description: OmniHTTPd statsconfig.pl corrupt any file on the system
X-Force URL: http://xforce.iss.net/static/5955.php
_____
Date Reported: 1/15/01
Vulnerability: omnihttpd-statsconfig-execute-code
Platforms Affected: OmniHTTPd
Risk Factor: High
Attack Type: Network Based
Brief Description: OmniHTTPD statsconfig.pl allows code execution
X-Force URL: http://xforce.iss.net/static/5956.php
_____
Date Reported: 1/15/01
Vulnerability: icmp-pmtu-dos
Platforms Affected: Linux
BSD
Risk Factor: Medium
Attack Type: Network Based
Brief Description: ICMP PMTU denial of service
X-Force URL: http://xforce.iss.net/static/5975.php
_____
Date Reported: 1/15/01
Vulnerability: icmp-pmtu-dos
Platforms Affected: Linux
BSD
Risk Factor: Medium
Attack Type: Network Based
Brief Description: ICMP PMTU denial of service
X-Force URL: http://xforce.iss.net/static/5975.php
_____
Date Reported: 1/14/01
Vulnerability: splitvt-perserc-format-string
Platforms Affected: splitvt 1.6.4 and earlier
Risk Factor: High
Attack Type: Host Based
Brief Description: Splitvt perserc.c module format string
X-Force URL: http://xforce.iss.net/static/5948.php
_____
Date Reported: 1/14/01
Vulnerability: splitvt-perserc-format-string
Platforms Affected: splitvt 1.6.4 and earlier
Risk Factor: High
Attack Type: Host Based
Brief Description: Splitvt perserc.c module format string
X-Force URL: http://xforce.iss.net/static/5948.php
_____
Date Reported: 1/14/01
Vulnerability: flash-module-bo
Platforms Affected: Oliver Debon Flash plugin 0.4.9 and earlier
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Flash browser module buffer overflow
X-Force URL: http://xforce.iss.net/static/5952.php
_____
Date Reported: 1/13/01
Vulnerability: rctab-elevate-privileges
Platforms Affected: Linux SuSE
Risk Factor: Medium
Attack Type: Host Based
Brief Description: rctab in SuSE Linux could allow privilege elevation
X-Force URL: http://xforce.iss.net/static/5945.php
_____
Date Reported: 1/12/01
Vulnerability: ultraboard-cgi-perm
Platforms Affected: UltraBoard 2000B
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: UltraBoard CGI weak permissions
X-Force URL: http://xforce.iss.net/static/5931.php
_____
Date Reported: 1/12/01
Vulnerability: compaq-web-management-bo
Platforms Affected: Compaq Web-Based Management
Risk Factor: High
Attack Type: Network Based
Brief Description: Compaq Web-Based Management program buffer overflow
X-Force URL: http://xforce.iss.net/static/5935.php
_____
Date Reported: 1/12/01
Vulnerability: php-htaccess-unauth-access
Platforms Affected: PHP (4.0.0, 4.0.4)
Risk Factor: Low
Attack Type: Network Based
Brief Description: PHP could allow unauthorized access to restricted files
X-Force URL: http://xforce.iss.net/static/5940.php
_____
Date Reported: 1/12/01
Vulnerability: basilix-webmail-retrieve-files
Platforms Affected: Basilix Webmail 0.9.7beta
Risk Factor: Low
Attack Type: Network Based
Brief Description: Basilix Webmail System allows unauthorized users to retrieve files
X-Force URL: http://xforce.iss.net/static/5934.php
_____
Date Reported: 1/12/01
Vulnerability: solaris-arp-bo
Platforms Affected: Solaris
Risk Factor: High
Attack Type: Host Based
Brief Description: Solaris arp buffer overflow
X-Force URL: http://xforce.iss.net/static/5928.php
_____
Date Reported: 1/12/01
Vulnerability: php-view-source-code
Platforms Affected: PHP (4.0.0, 4.0.4)
Risk Factor: Low
Attack Type: Network Based
Brief Description: PHP could allow remote viewing of source code
X-Force URL: http://xforce.iss.net/static/5939.php
_____
Date Reported: 1/11/01
Vulnerability: wec-ntlm-authentication
Platforms Affected: Windows 2000
Microsoft Office 2000
Windows ME
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Web Extender Client (WEC) NTLM authentication
X-Force URL: http://xforce.iss.net/static/5920.php
_____
Date Reported: 1/11/01
Vulnerability: spamcop-url-seq-predict
Platforms Affected: SpamCop
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: SpamCop URL number increment sequence prediction
X-Force URL: http://xforce.iss.net/static/5933.php
_____
Date Reported: 1/10/01
Vulnerability: linux-wuftpd-privatepw-symlink
Platforms Affected: Linux
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux wu-ftpd privatepw symbolic link
X-Force URL: http://xforce.iss.net/static/5915.php
_____
Date Reported: 1/10/01
Vulnerability: rdist-symlink
Platforms Affected: rdist
Risk Factor: High
Attack Type: Host Based
Brief Description: rdist symbolic link
X-Force URL: http://xforce.iss.net/static/5925.php
_____
Date Reported: 1/10/01
Vulnerability: squid-email-symlink
Platforms Affected: squid
Risk Factor: High
Attack Type: Host Based
Brief Description: squid email notification symbolic link
X-Force URL: http://xforce.iss.net/static/5921.php
_____
Date Reported: 1/10/01
Vulnerability: linux-diffutils-sdiff-symlimk
Platforms Affected: Linux
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux diffutils sdiff symbolic link
X-Force URL: http://xforce.iss.net/static/5914.php
_____
Date Reported: 1/10/01
Vulnerability: tcpdump-arpwatch-symlink
Platforms Affected: arpwatch
Risk Factor: High
Attack Type: Host Based
Brief Description: tcpdump arpwatch symbolic link
X-Force URL: http://xforce.iss.net/static/5922.php
_____
Date Reported: 1/10/01
Vulnerability: linuxconf-vpop3d-symlink
Platforms Affected: linuxconf
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linuxconf vpop3d symbolic link
X-Force URL: http://xforce.iss.net/static/5923.php
_____
Date Reported: 1/10/01
Vulnerability: shadow-utils-useradd-symlink
Platforms Affected: shadow-utils
Risk Factor: High
Attack Type: Host Based
Brief Description: shadow-utils useradd symbolic link
X-Force URL: http://xforce.iss.net/static/5927.php
_____
Date Reported: 1/10/01
Vulnerability: linux-glibc-read-files
Platforms Affected: Linux glibc
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux glibc library can allow users to read restricted files
X-Force URL: http://xforce.iss.net/static/5907.php
_____
Date Reported: 1/10/01
Vulnerability: gettyps-symlink
Platforms Affected: gettyps
Risk Factor: High
Attack Type: Host Based
Brief Description: getty_ps symbolic link
X-Force URL: http://xforce.iss.net/static/5924.php
_____
Date Reported: 1/10/01
Vulnerability: linux-gpm-symlink
Platforms Affected: gpm
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux gpm symbolic link attack
X-Force URL: http://xforce.iss.net/static/5917.php
_____
Date Reported: 1/10/01
Vulnerability: linux-mgetty-symlink
Platforms Affected: mgetty
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux mgetty symbolic link attack
X-Force URL: http://xforce.iss.net/static/5918.php
_____
Date Reported: 1/10/01
Vulnerability: linux-apache-symlink
Platforms Affected: Apache
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux Apache symbolic link
X-Force URL: http://xforce.iss.net/static/5926.php
_____
Date Reported: 1/10/01
Vulnerability: linux-inn-symlink
Platforms Affected: inn
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux INN tmp directory symbolic link
X-Force URL: http://xforce.iss.net/static/5916.php
_____
Date Reported: 1/10/01
Vulnerability: conferenceroom-developer-dos
Platforms Affected: ConferenceRoom Professional Edition
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: ConferenceRoom Developer Edition denial of service
X-Force URL: http://xforce.iss.net/static/5909.php
_____
Date Reported: 1/9/01
Vulnerability: oracle-xsql-execute-code
Platforms Affected: Oracle 8.1.7
Risk Factor: High
Attack Type: Network Based
Brief Description: Oracle XSQL servlet and xml-stylesheet allows code execution on server
X-Force URL: http://xforce.iss.net/static/5905.php
_____
Date Reported: 1/9/01
Vulnerability: netscreen-webui-bo
Platforms Affected: NetScreen
Risk Factor: Medium
Attack Type: Network Based
Brief Description: NetScreen Firewall WebUI buffer overflow
X-Force URL: http://xforce.iss.net/static/5908.php
_____
Date Reported: 1/9/01
Vulnerability: suse-reiserfs-long-filenames
Platforms Affected: SuSE 7.0
Risk Factor: High
Attack Type: Host Based
Brief Description: SuSE reiserfs long file name denial of service
X-Force URL: http://xforce.iss.net/static/5910.php
_____
Date Reported: 1/9/01
Vulnerability: interbase-backdoor-account
Platforms Affected: InterBase 6.01 and earlier
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: InterBase built-in backdoor account
X-Force URL: http://xforce.iss.net/static/5911.php
_____
Date Reported: 1/9/01
Vulnerability: interbase-hidden-function-dos
Platforms Affected: InterBase 6.01
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: InterBase hidden function denial of service
X-Force URL: http://xforce.iss.net/static/5912.php
_____
Date Reported: 1/9/01
Vulnerability: brickserver-thttpd-dos
Platforms Affected: BRICKServer Small Business
Risk Factor: Medium
Attack Type: Network Based
Brief Description: BRICKServer thttpd denial of service
X-Force URL: http://xforce.iss.net/static/5919.php
_____
Date Reported: 1/9/01
Vulnerability: solaris-exrecover-bo
Platforms Affected: Solaris (2.4, 2.5, 2.5.1, 2.6)
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Solaris exrecover buffer overflow
X-Force URL: http://xforce.iss.net/static/5913.php
_____
Date Reported: 1/9/01
Vulnerability: hp-inetd-swait-dos
Platforms Affected: HPUX
Risk Factor: Medium
Attack Type: Host Based
Brief Description: HP-UX inetd swait denial of service
X-Force URL: http://xforce.iss.net/static/5904.php
_____
Date Reported: 1/8/01
Vulnerability: microsoft-iis-read-files
Platforms Affected: IIS (4.0, 5.0)
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Microsoft IIS 5.0 allows the viewing of files through malformed URL
X-Force URL: http://xforce.iss.net/static/5903.php
_____
Date Reported: 1/8/01
Vulnerability: ibm-websphere-dos
Platforms Affected: IBM Websphere 3.52
IBM HTTP Server 1.3.12
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: IBM WebSphere denial of service
X-Force URL: http://xforce.iss.net/static/5900.php
_____
Date Reported: 1/8/01
Vulnerability: storagesoft-imagecast-dos
Platforms Affected: ImageCast 4.1
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: StorageSoft ImageCast denial of service
X-Force URL: http://xforce.iss.net/static/5901.php
_____
Date Reported: 1/8/01
Vulnerability: nai-pgp-replace-keys
Platforms Affected: PGP 7.0
Risk Factor: Medium
Attack Type: Host Based
Brief Description: PGP users may replace signed exported key blocks with arbitrary keys
X-Force URL: http://xforce.iss.net/static/5902.php
_____
Date Reported: 1/7/01
Vulnerability: http-cgi-bbs-forum
Platforms Affected: WebBBS 1.0
Risk Factor: High
Attack Type: Network Based
Brief Description: bbs_forum.cgi allows remote command execution
X-Force URL: http://xforce.iss.net/static/5906.php
_____
Date Reported: 1/5/01
Vulnerability: lotus-domino-directory-traversal
Platforms Affected: Lotus Domino 5.0.x
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Lotus Domino 5.0.x .nsf, .box, and .ns4 directory traversal
X-Force URL: http://xforce.iss.net/static/5899.php
_____
Date Reported: 1/5/01
Vulnerability: http-cgi-fastgraf
Platforms Affected: FASTGRAF
Risk Factor: High
Attack Type: Network Based
Brief Description: Fastgraf CGI scripts allow remote command execution
X-Force URL: http://xforce.iss.net/static/5897.php
_____
Date Reported: 1/4/01
Vulnerability: newsdesk-cgi-read-files
Platforms Affected: Newsdesk 1.2
Risk Factor: High
Attack Type: Network Based
Brief Description: Newsdesk.cgi allows read access to files
X-Force URL: http://xforce.iss.net/static/5898.php
_____
Date Reported: 1/1/01
Vulnerability: gtk-module-execute-code
Platforms Affected: GTK+ 1.2.8 and earlier
Risk Factor: High
Attack Type: Host Based
Brief Description: GTK+ arbitrary code execution using custom loadable module
X-Force URL: http://xforce.iss.net/static/5832.php
_____
Date Reported: 1/1/01
Vulnerability: linux-tty-writable-dos
Platforms Affected: Linux
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux writable TTY denial of service
X-Force URL: http://xforce.iss.net/static/5896.php
_____
Risk Factor Key:
High Any vulnerability that provides an attacker with immediate
access into a machine, gains superuser access, or bypasses
a firewall. Example: A vulnerable Sendmail 8.6.5 version
that allows an intruder to execute commands on mail
server.
Medium Any vulnerability that provides information that has a
high potential of giving system access to an intruder.
Example: A misconfigured TFTP or vulnerable NIS server
that allows an intruder to get the password file that
could contain an account with a guessable password.
Low Any vulnerability that provides information that
potentially could lead to a compromise. Example: A
finger that allows an intruder to find out who is online
and potential accounts to attempt to crack passwords
via brute force methods.
_____
Additional Information
This document is available at http://xforce.iss.net/alerts/advisennn.php.
To receive these Alerts and Advisories:
- - Subscribe to the Alert mailing list from
http://xforce.iss.net/maillists/index.php
- - Or send an email to majordomo@iss.net, and within the body of the
message type:
'subscribe alert' (without the quotes).
About Internet Security Systems (ISS)
Internet Security Systems, Inc. (ISS) (NASDAQ: ISSX) is the leading
global provider of security management solutions for the Internet.
By combining best of breed products, security management services,
aggressive research and development, and comprehensive educational
and consulting services, ISS is the trusted security advisor for
thousands of organizations around the world looking to protect their
mission critical information and networks.
Copyright (c) 2001 by Internet Security Systems, Inc.
Permission is hereby granted for the redistribution of this Alert
electronically. It is not to be edited in any way without express consent
of the X-Force. If you wish to reprint the whole or any part of this
Alert in any other medium excluding electronic medium, please e-mail
xforce@iss.net for permission.
Disclaimer
The information within this paper may change without notice. Use of this
information constitutes acceptance for use in an AS IS condition. There
are NO warranties with regard to this information. In no event shall the
author be liable for any damages whatsoever arising out of or in
connection with the use or spread of this information. Any use of this
information is at the user's own risk.
X-Force PGP Key available at: http://xforce.iss.net/sensitive.php as
well as on MIT's PGP key server and PGP.com's key server.
Please send suggestions, updates, and comments to: X-Force xforce@iss.net
of Internet Security Systems, Inc.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a
Charset: noconv
iQCVAwUBOogB2jRfJiV99eG9AQESogP9HsIDfUmYkJuWUmNqPhb22a6CVpi/TiG9
7mvhdGc3ySS6LqrvTZgXrBzAcxFlHrdTSmNka8yGiLvYAb0lnghFRZ2OxxRfK11m
AV9VS9/Yty/Qk8BnA/7tx4DIcM4Nhry1kTqTbDkpbcfXOb2LI2WUGnMHF/xkc1ge
3mV5zJXCUM4=
=ClrQ
-----END PGP SIGNATURE-----
| VAR-200103-0098 | CVE-2001-0182 | SSH1 may generate weak passphrase when using Secure RPC |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
FireWall-1 4.1 with a limited-IP license allows remote attackers to cause a denial of service by sending a large number of spoofed IP packets with various source addresses to the inside interface, which floods the console with warning messages and consumes CPU resources. The secure-RPC feature of the SSH1 client in Solaris sometimes encrypts the SSH private key file with a weak passphrase, which can be determined by an attacker and used to recover the SSH private keys. Other versions of the SSH client running on non-Solaris platforms are not affected by this vulnerability. NewsDaemon prior to version 0.21b contains a vulnerability allowing remote attackers to gain administrative access to the web site. getty_ps is an open-source software package designed to support logons to the console and terminals. Some implementations create temporary files insecurely with predictable names, leading to corruption of arbitrary files via symbolic link attack. CPU There is a vulnerability that consumes a large amount of resources.System disrupts service operation (DoS) It may be in a state. getty_ps is an open source, freely available, publicly maintained software package shipped with many distributions of Linux.
A problem in the getty_ps software package could make it vulnerable to a symbolic link attack. The problem occurs in the creation and handling of files in the /tmp directory by the getty_ps program. Under certain circumstances, getty_ps will create files in the /tmp filesystem in an insecure manner. The program uses a naming scheme that could make it possible to guess the filename of future files in the /tmp directory, and does not check for the existance of the file before attempting to create it. A malicious user could use this vulnerability to overwrite or append to and corrupt system files. SSH is a package designed to encrypt traffic between two end points using the IETF specified SSH protocol. The SSH1 package is distributed and maintained by SSH Communications Security.
A problem exists which could allow the discovery of the secret key used to encrypt traffic on the local host. When using SUN-DES-1 to share keys with other hosts on the network to facilitate secure communication via protocols such as NFS and NIS+, the keys are shared between hosts using the private key of the user and a cryptographic algorithm to secure the contents of the key, which is stored on the NIS+ primary. The problem occurs when the key is encrypted with the SUN-DES-1 magic phrase prior to having done a keylogin (the keyserv does not have the users DH private key). A design flaw in the software that shares the key with the NIS+ master will inconsistently return the correct value for an attempted keyshare that has failed. A step in the private key encryption process is skipped, and the users private key is then encrypted only with the public key of the target server and the SUN-DES-1 magic phrase, a phrase that is guessable due to the way it is generated. A user from the same host can then execute a function that returns another users magic phrase, and use this to decrypt the private key of the victim. This makes it possible for a user with malicious intent to gain knowledge of a users secret key, and decrypt sensitive traffic between two hosts, with the possibility of gaining access and elevated privileges on the hosts and/or NIS+ domain. This reportedly affects the SSH2 series of the software package. Firewall-1 is a firewall software package that provides many advanced features such as content filtering and network address translation. It is distributed by Check Point Software Technologies, and designed to run on various systems such as Sparc/Solaris or the Nokia Firewall Modules.
A problem with the license manager used with the Firewall-1 package could allow a Denial of Service. The problem manifests itself when the internal interface receives a large number of packets that are source routed and containing ficticious (or even valid) addresses. With each error message generated, the load on the Firewall system CPU raises.
Check Point Software has acknowledged this vulnerability and a workaround is available. For the workaround, see the solution section of this vulnerability database entry. This issue will be resolved in the next service pack. There is a vulnerability in FireWall-1 version 4.1 with limited-IP license. This vulnerability can cause console congestion warning messages and CPU resource consumption.
TO UNSUBSCRIBE: email "unsubscribe alert" in the body of your message to
majordomo@iss.net Contact alert-owner@iss.net for help with any problems!
---------------------------------------------------------------------------
-----BEGIN PGP SIGNED MESSAGE-----
Internet Security Systems Security Alert Summary
February 6, 2001
Volume 6 Number 3
X-Force Vulnerability and Threat Database: http://xforce.iss.net/ To
receive these Alert Summaries as well as other Alerts and Advisories,
subscribe to the Internet Security Systems Alert mailing list at:
http://xforce.iss.net/maillists/index.php
_____
Contents
120 Reported Vulnerabilities
Risk Factor Key
_____
Date Reported: 1/31/01
Vulnerability: win2k-rdp-dos
Platforms Affected: Windows 2000
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Windows 2000 Server RDP denial of service
X-Force URL: http://xforce.iss.net/static/6035.php
_____
Date Reported: 1/31/01
Vulnerability: cisco-ccs-file-access
Platforms Affected: Cisco Content Services Switch
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Cisco CCS command line interface could allow read access to files and directories
X-Force URL: http://xforce.iss.net/static/6031.php
_____
Date Reported: 1/31/01
Vulnerability: quicktime-embedded-tag-bo
Platforms Affected: Quicktime 4.1.2
Risk Factor: High
Attack Type: Host Based
Brief Description: QuickTime Player EMBED tag buffer overflow
X-Force URL: http://xforce.iss.net/static/6040.php
_____
Date Reported: 1/31/01
Vulnerability: solaris-ximp40-bo
Platforms Affected: Solaris (7, 8)
Risk Factor: High
Attack Type: Host Based
Brief Description: Solaris "ximp40" shared library buffer overflow
X-Force URL: http://xforce.iss.net/static/6039.php
_____
Date Reported: 1/31/01
Vulnerability: cisco-ccs-cli-dos
Platforms Affected: Cisco Content Services Switch
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Cisco CCS command line interface denial of service
X-Force URL: http://xforce.iss.net/static/6030.php
_____
Date Reported: 1/30/01
Vulnerability: slimserve-httpd-dos
Platforms Affected: SlimServe 1.0
Risk Factor: Medium
Attack Type: Network Based
Brief Description: SlimServe HTTPd denial of service
X-Force URL: http://xforce.iss.net/static/6028.php
_____
Date Reported: 1/30/01
Vulnerability: crazywwwboard-qdecoder-bo
Platforms Affected: CrazyWWWBoard prior to 2000LEp5-1
Risk Factor: Medium
Attack Type: Network Based
Brief Description: CrazyWWWBoard qDecoder buffer overflow
X-Force URL: http://xforce.iss.net/static/6033.php
_____
Date Reported: 1/30/01
Vulnerability: virusbuster-mua-bo
Platforms Affected:
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Virus Buster 2001 Mail User Agent (MUA) buffer overflow
X-Force URL: http://xforce.iss.net/static/6034.php
_____
Date Reported: 1/29/01
Vulnerability: iis-isapi-obtain-code
Platforms Affected: IIS (4.0, 5.0)
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: IIS allows remote attacker to obtain code fragments using .htr ISAPI extensions
X-Force URL: http://xforce.iss.net/static/6032.php
_____
Date Reported: 1/29/01
Vulnerability: bind-inverse-query-disclosure
Platforms Affected: Bind (4.x, 8.2.x)
Risk Factor: Medium
Attack Type: Network Based
Brief Description: BIND 4.x and 8.2.x exposes environment variables
X-Force URL: http://xforce.iss.net/static/6018.php
_____
Date Reported: 1/29/01
Vulnerability: hp-man-dos
Platforms Affected: HPUX
Risk Factor: Medium
Attack Type: Host Based
Brief Description: HP man command denial of service
X-Force URL: http://xforce.iss.net/static/6014.php
_____
Date Reported: 1/29/01
Vulnerability: sort-temp-file-abort
Platforms Affected: FreeBSD
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Sort temporary files denial of service
X-Force URL: http://xforce.iss.net/static/6038.php
_____
Date Reported: 1/29/01
Vulnerability: bind-complain-format-string
Platforms Affected: BIND 4.x
Risk Factor: Medium
Attack Type: Network Based
Brief Description: BIND 4.x nslookupComplain() format string
X-Force URL: http://xforce.iss.net/static/6017.php
_____
Date Reported: 1/29/01
Vulnerability: bind-complain-bo
Platforms Affected: BIND 4.x
Risk Factor: Medium
Attack Type: Network Based
Brief Description: BIND 4.x nslookupComplain() buffer overflow
X-Force URL: http://xforce.iss.net/static/6016.php
_____
Date Reported: 1/29/01
Vulnerability: winvnc-client-bo
Platforms Affected: WinVNC
Risk Factor: High
Attack Type: Network Based
Brief Description: WinVNC client buffer overflow
X-Force URL: http://xforce.iss.net/static/6025.php
_____
Date Reported: 1/29/01
Vulnerability: winvnc-server-bo
Platforms Affected: WinVNC
Risk Factor: High
Attack Type: Network Based
Brief Description: WinVNC server buffer overflow
X-Force URL: http://xforce.iss.net/static/6026.php
_____
Date Reported: 1/29/01
Vulnerability: guestserver-cgi-execute-commands
Platforms Affected: Guestserver 4.12 and earlier
Risk Factor: High
Attack Type: Network Based
Brief Description: Guestserver.cgi allows remote command execution
X-Force URL: http://xforce.iss.net/static/6027.php
_____
Date Reported: 1/29/01
Vulnerability: bind-tsig-bo
Platforms Affected: BIND 8.2.x
Risk Factor: Unauthorized Access Attempt
Attack Type: Network/Host Based
Brief Description: BIND 8.2.x transaction signature (TSIG) buffer overflow
X-Force URL: http://xforce.iss.net/static/6015.php
_____
Date Reported: 1/28/01
Vulnerability: hyperseek-cgi-reveal-info
Platforms Affected: Hyperseek Search Engine 2000
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Hyperseek CGI could reveal listings of directories and files
X-Force URL: http://xforce.iss.net/static/6012.php
_____
Date Reported: 1/26/01
Vulnerability: newsdaemon-gain-admin-access
Platforms Affected: NewsDaemon prior to 0.21b
Risk Factor: High
Attack Type: Network Based
Brief Description: NewsDaemon allows remote users to gain administrative access
X-Force URL: http://xforce.iss.net/static/6010.php
_____
Date Reported: 1/26/01
Vulnerability: mars-nwe-format-string
Platforms Affected: Mars_nwe 0.99.pl19
Risk Factor: High
Attack Type: Network Based
Brief Description: Mars_nwe format string
X-Force URL: http://xforce.iss.net/static/6019.php
_____
Date Reported: 1/26/01
Vulnerability: mars-nwe-format-string
Platforms Affected: Mars_nwe 0.99.pl19
Risk Factor: High
Attack Type: Network Based
Brief Description: Mars_nwe format string
X-Force URL: http://xforce.iss.net/static/6019.php
_____
Date Reported: 1/25/01
Vulnerability: planetintra-pi-bo
Platforms Affected: Planet Intra LAN Intranet 2.5
Risk Factor: High
Attack Type: Network Based
Brief Description: Planet Intra 'pi' binary buffer oveflow
X-Force URL: http://xforce.iss.net/static/6002.php
_____
Date Reported: 1/25/01
Vulnerability: borderware-ping-dos
Platforms Affected: BorderWare Firewall Server 6.1.2
Risk Factor: High
Attack Type: Network Based
Brief Description: BorderWare ping denial of service
X-Force URL: http://xforce.iss.net/static/6004.php
_____
Date Reported: 1/25/01
Vulnerability: aol-malformed-url-dos
Platforms Affected: AOL 5.0
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: AOL malformed URL denial of service
X-Force URL: http://xforce.iss.net/static/6009.php
_____
Date Reported: 1/25/01
Vulnerability: mirc-bypass-password
Platforms Affected: mIRC
Risk Factor: High
Attack Type: Host Based
Brief Description: mIRC allows malicious user to bypass password
X-Force URL: http://xforce.iss.net/static/6013.php
_____
Date Reported: 1/25/01
Vulnerability: netscape-enterprise-revlog-dos
Platforms Affected: Netscape Enterprise Server
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Netscape Enterprise Server REVLOG denial of service
X-Force URL: http://xforce.iss.net/static/6003.php
_____
Date Reported: 1/24/01
Vulnerability: aim-execute-code
Platforms Affected: AOL Instant Messenger 4.1 and later
Risk Factor: High
Attack Type: Host Based
Brief Description: AOL Instant Messenger execution of code in modified images
X-Force URL: http://xforce.iss.net/static/6005.php
_____
Date Reported: 1/24/01
Vulnerability: netscape-enterprise-list-directories
Platforms Affected: Netscape Enterprise Server (3.0, 4.0)
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Netscape Enterprise Server allows remote directory listing
X-Force URL: http://xforce.iss.net/static/5997.php
_____
Date Reported: 1/24/01
Vulnerability: winnt-mutex-dos
Platforms Affected: Windows NT 4.0
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Windows NT mutex denial of service
X-Force URL: http://xforce.iss.net/static/6006.php
_____
Date Reported: 1/24/01
Vulnerability: jrun-webinf-file-retrieval
Platforms Affected: JRun
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: JRun malformed URL file retrieval
X-Force URL: http://xforce.iss.net/static/6008.php
_____
Date Reported: 1/23/01
Vulnerability: ipfw-bypass-firewall
Platforms Affected: FreeBSD (3.x, 4.x)
Risk Factor: High
Attack Type: Network Based
Brief Description: ipfw/ip6fw allows remote attacker to bypass firewall
X-Force URL: http://xforce.iss.net/static/5998.php
_____
Date Reported: 1/23/01
Vulnerability: netopia-telnet-dos
Platforms Affected: Netopia R-series router
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Netopia R9100 allows remote user to crash the router using telnet
X-Force URL: http://xforce.iss.net/static/6001.php
_____
Date Reported: 1/23/01
Vulnerability: wuftp-debug-format-string
Platforms Affected: Wu-ftpd
Risk Factor: High
Attack Type: Network Based
Brief Description: Wu-ftpd debug mode format string
X-Force URL: http://xforce.iss.net/static/6020.php
_____
Date Reported: 1/23/01
Vulnerability: kde2-kdesu-retrieve-passwords
Platforms Affected: Linux: Caldera eDesktop 2.4
Risk Factor: High
Attack Type: Host Based
Brief Description: KDE2 kdesu program allows users to retrieve passwords
X-Force URL: http://xforce.iss.net/static/5995.php
_____
Date Reported: 1/23/01
Vulnerability: easycom-safecom-url-bo
Platforms Affected: Easycom/Safecom firmware 404.590
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Easycom/Safecom print server long URL buffer overflow
X-Force URL: http://xforce.iss.net/static/5988.php
_____
Date Reported: 1/23/01
Vulnerability: easycom-safecom-printguide-dos
Platforms Affected: Easycom/Safecom firmware 404.590
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Easycom/Safecom PrintGuide denial of service
X-Force URL: http://xforce.iss.net/static/5989.php
_____
Date Reported: 1/23/01
Vulnerability: easycom-safecom-ftp-dos
Platforms Affected: Easycom/Safecom firmware 404.590
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Easycom/Safecom FTP denial of service
X-Force URL: http://xforce.iss.net/static/5990.php
_____
Date Reported: 1/23/01
Vulnerability: vnc-weak-authentication
Platforms Affected: VNC 3.3.3 and earlier
Risk Factor: Medium
Attack Type: Network Based
Brief Description: VNC weak authentication could allow unauthorized access
X-Force URL: http://xforce.iss.net/static/5992.php
_____
Date Reported: 1/23/01
Vulnerability: lotus-domino-smtp-bo
Platforms Affected: Lotus Domino 5.0
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Lotus Domino SMTP Server policy feature buffer overflow
X-Force URL: http://xforce.iss.net/static/5993.php
_____
Date Reported: 1/23/01
Vulnerability: linux-sash-shadow-readable
Platforms Affected: sash prior to 3.4-4
Risk Factor: High
Attack Type: Host Based
Brief Description: Linux sash /etc/shadow directory world-readable
X-Force URL: http://xforce.iss.net/static/5994.php
_____
Date Reported: 1/22/01
Vulnerability: powerpoint-execute-code
Platforms Affected: Microsoft PowerPoint 2000
Risk Factor: High
Attack Type: Host Based
Brief Description: PowerPoint could allow code execution on another user's computer
X-Force URL: http://xforce.iss.net/static/5996.php
_____
Date Reported: 1/22/01
Vulnerability: icecast-format-string
Platforms Affected: Icecast 1.3.8beta2 and prior
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Icecast format string could allow arbitrary code execution
X-Force URL: http://xforce.iss.net/static/5978.php
_____
Date Reported: 1/22/01
Vulnerability: oracle-handlers-directory-traversal
Platforms Affected: Oracle 8.1.7
Risk Factor: High
Attack Type: Network Based
Brief Description: Oracle JSP/SQLJP handlers directory traversal
X-Force URL: http://xforce.iss.net/static/5986.php
_____
Date Reported: 1/22/01
Vulnerability: oracle-handlers-execute-jsp
Platforms Affected: Oracle 8.1.7
Risk Factor: High
Attack Type: Network Based
Brief Description: Oracle JSP/SQLJP handlers allows remote attacker to execute .jsp files
X-Force URL: http://xforce.iss.net/static/5987.php
_____
Date Reported: 1/22/01
Vulnerability: netscape-enterprise-dot-dos
Platforms Affected: Netscape Enterprise Server 4.1 SP5
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Netscape Enterprise Server "/../" denial of service
X-Force URL: http://xforce.iss.net/static/5983.php
_____
Date Reported: 1/22/01
Vulnerability: goodtech-ftp-dos
Platforms Affected: GoodTech FTP 3.0.1.2.1.0
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: GoodTech FTP server denial of service
X-Force URL: http://xforce.iss.net/static/5984.php
_____
Date Reported: 1/22/01
Vulnerability: netscape-fasttrack-cache-dos
Platforms Affected: Netscape FastTrack
Risk Factor: Low
Attack Type: Host Based
Brief Description: Netscape FastTrack Server cache denial of service
X-Force URL: http://xforce.iss.net/static/5985.php
_____
Date Reported: 1/21/01
Vulnerability: eeye-iris-dos
Platforms Affected: Iris Network Analyzer 1.01beta
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Iris denial of service
X-Force URL: http://xforce.iss.net/static/5981.php
_____
Date Reported: 1/20/01
Vulnerability: watchguard-firebox-obtain-passphrase
Platforms Affected: Firebox II
Risk Factor: High
Attack Type: Network Based
Brief Description: WatchGuard Firebox allows remote user to obtain passphrase
X-Force URL: http://xforce.iss.net/static/5979.php
_____
Date Reported: 1/19/01
Vulnerability: fastream-ftp-server-dos
Platforms Affected: Fastream FTP++ Simple FTP Server 2.0
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Fastream FTP denial of service
X-Force URL: http://xforce.iss.net/static/5976.php
_____
Date Reported: 1/19/01
Vulnerability: fastream-ftp-path-disclosure
Platforms Affected: Fastream FTP++ Simple FTP Server 2.0
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Fastream FTP path disclosure
X-Force URL: http://xforce.iss.net/static/5977.php
_____
Date Reported: 1/19/01
Vulnerability: localweb2k-directory-traversal
Platforms Affected: LocalWEB2000 HTTP Server 1.1.0
Risk Factor: Medium
Attack Type: Network Based
Brief Description: LocalWEB2000 directory traversal
X-Force URL: http://xforce.iss.net/static/5982.php
_____
Date Reported: 1/19/01
Vulnerability: win2k-efs-recover-data
Platforms Affected: Windows 2000
Risk Factor: High
Attack Type: Host Based
Brief Description: Windows 2000 EFS allows local user to recover sensitive data
X-Force URL: http://xforce.iss.net/static/5973.php
_____
Date Reported: 1/19/01
Vulnerability: linux-bing-bo
Platforms Affected: Linux
Risk Factor: High
Attack Type: Host Based
Brief Description: Bing host name buffer overflow
X-Force URL: http://xforce.iss.net/static/6036.php
_____
Date Reported: 1/18/01
Vulnerability: micq-sprintf-remote-bo
Platforms Affected: Matt's ICQ Clone 0.4.6
Risk Factor: High
Attack Type: Network Based
Brief Description: ICQ clone for Linux sprintf() remote buffer overflow
X-Force URL: http://xforce.iss.net/static/5962.php
_____
Date Reported: 1/18/01
Vulnerability: mysql-select-bo
Platforms Affected: MySQL prior to 3.23.31
Risk Factor: High
Attack Type: Host Based
Brief Description: MySQL select buffer overflow
X-Force URL: http://xforce.iss.net/static/5969.php
_____
Date Reported: 1/18/01
Vulnerability: shoutcast-description-bo
Platforms Affected: SHOUTcast DNAS 1.7.1
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: Shoutcast Server for Linux description buffer overflow
X-Force URL: http://xforce.iss.net/static/5965.php
_____
Date Reported: 1/17/01
Vulnerability: fw1-limited-license-dos
Platforms Affected: Check Point Firewall-1 4.1
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: FireWall-1 limited-IP license denial of service
X-Force URL: http://xforce.iss.net/static/5966.php
_____
Date Reported: 1/17/01
Vulnerability: fw1-limited-license-dos
Platforms Affected: Check Point Firewall-1 4.1
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: FireWall-1 limited-IP license denial of service
X-Force URL: http://xforce.iss.net/static/5966.php
_____
Date Reported: 1/17/01
Vulnerability: hp-stm-dos
Platforms Affected: HPUX
Risk Factor: Medium
Attack Type: Host Based
Brief Description: HP-UX Support Tools Manager denial of service
X-Force URL: http://xforce.iss.net/static/5957.php
_____
Date Reported: 1/17/01
Vulnerability: linux-webmin-tmpfiles
Platforms Affected: OpenLinux (2.3, 2.4)
Risk Factor: High
Attack Type: Host Based
Brief Description: Webmin use of tmpfiles could allow a local user to overwrite files
X-Force URL: http://xforce.iss.net/static/6011.php
_____
Date Reported: 1/17/01
Vulnerability: tinyproxy-remote-bo
Platforms Affected: tinyproxy 1.3.2 and 1.3.3
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Tinyproxy remote buffer overflow
X-Force URL: http://xforce.iss.net/static/5954.php
_____
Date Reported: 1/17/01
Vulnerability: postaci-sql-command-injection
Platforms Affected: PostACI
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Postaci SQL command injection
X-Force URL: http://xforce.iss.net/static/5972.ph p
_____
Date Reported: 1/17/01
Vulnerability: wwwwais-cgi-dos
Platforms Affected: wwwwais.c 25
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: wwwwais CGI based program denial of service
X-Force URL: http://xforce.iss.net/static/5980.php
_____
Date Reported: 1/17/01
Vulnerability: mime-header-attachment
Platforms Affected: MIME 1.0
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: MIME headers could allow spoofed file attachment
X-Force URL: http://xforce.iss.net/static/5991.php
_____
Date Reported: 1/16/01
Vulnerability: ssh-rpc-private-key
Platforms Affected: SSH
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: SSH secure-RPC could generate a passphrase that exposes a user's private key
X-Force URL: http://xforce.iss.net/static/5963.php
_____
Date Reported: 1/16/01
Vulnerability: linux-glibc-preload-overwrite
Platforms Affected: Linux
Risk Factor: Low
Attack Type: Host Based
Brief Description: Linux glibc LD_PRELOAD file overwrite
X-Force URL: http://xforce.iss.net/static/5971.php
_____
Date Reported: 1/16/01
Vulnerability: inn-tmpfile-symlink
Platforms Affected: InterNet News (INN)
Risk Factor: High
Attack Type: Host Based
Brief Description: INN tmpfile symbolic link
X-Force URL: http://xforce.iss.net/static/5974.php
_____
Date Reported: 1/15/01
Vulnerability: interscan-viruswall-insecure-password
Platforms Affected: InterScan VirusWall (3.0.1, 3.6.x)
Risk Factor: High
Attack Type: Network Based
Brief Description: InterScan VirusWall for Unix password change insecure
X-Force URL: http://xforce.iss.net/static/5944.php
_____
Date Reported: 1/15/01
Vulnerability: interscan-viruswall-weak-authentication
Platforms Affected: InterScan VirusWall (3.0.1, 3.6.x)
Risk Factor: Medium
Attack Type: Network Based
Brief Description: InterScan VirusWall for Unix uses weak authentication
X-Force URL: http://xforce.iss.net/static/5946.php
_____
Date Reported: 1/15/01
Vulnerability: ie-mshtml-dos
Platforms Affected: Internet Explorer 4.0 and later
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Internet Explorer mshtml.dll denial of service
X-Force URL: http://xforce.iss.net/static/5938.php
_____
Date Reported: 1/15/01
Vulnerability: dhcp-format-string
Platforms Affected: Caldera OpenLinux Desktop (2.3, 2.3.1, 2.4)
Risk Factor: High
Attack Type: Network Based
Brief Description: Caldera DHCP format string
X-Force URL: http://xforce.iss.net/static/5953.php
_____
Date Reported: 1/15/01
Vulnerability: win-mediaplayer-arbitrary-code
Platforms Affected: Windows Media Player 7.0
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Windows Media Player skins can be used execute arbitrary code
X-Force URL: http://xforce.iss.net/static/5937.php
_____
Date Reported: 1/15/01
Vulnerability: veritas-backupexec-dos
Platforms Affected: Backup Exec 4.5
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Veritas Backup Exec denial of service
X-Force URL: http://xforce.iss.net/static/5941.php
_____
Date Reported: 1/15/01
Vulnerability: interscan-viruswall-symlink
Platforms Affected: InterScan VirusWall (3.0.1, 3.6.x)
Risk Factor: High
Attack Type: Host Based
Brief Description: InterScan VirusWall for Unix symbolic link
X-Force URL: http://xforce.iss.net/static/5947.php
_____
Date Reported: 1/15/01
Vulnerability: omnihttpd-statsconfig-corrupt-files
Platforms Affected: OmniHTTPd
Risk Factor: Medium
Attack Type: Network Based
Brief Description: OmniHTTPd statsconfig.pl corrupt any file on the system
X-Force URL: http://xforce.iss.net/static/5955.php
_____
Date Reported: 1/15/01
Vulnerability: omnihttpd-statsconfig-execute-code
Platforms Affected: OmniHTTPd
Risk Factor: High
Attack Type: Network Based
Brief Description: OmniHTTPD statsconfig.pl allows code execution
X-Force URL: http://xforce.iss.net/static/5956.php
_____
Date Reported: 1/15/01
Vulnerability: icmp-pmtu-dos
Platforms Affected: Linux
BSD
Risk Factor: Medium
Attack Type: Network Based
Brief Description: ICMP PMTU denial of service
X-Force URL: http://xforce.iss.net/static/5975.php
_____
Date Reported: 1/15/01
Vulnerability: icmp-pmtu-dos
Platforms Affected: Linux
BSD
Risk Factor: Medium
Attack Type: Network Based
Brief Description: ICMP PMTU denial of service
X-Force URL: http://xforce.iss.net/static/5975.php
_____
Date Reported: 1/14/01
Vulnerability: splitvt-perserc-format-string
Platforms Affected: splitvt 1.6.4 and earlier
Risk Factor: High
Attack Type: Host Based
Brief Description: Splitvt perserc.c module format string
X-Force URL: http://xforce.iss.net/static/5948.php
_____
Date Reported: 1/14/01
Vulnerability: splitvt-perserc-format-string
Platforms Affected: splitvt 1.6.4 and earlier
Risk Factor: High
Attack Type: Host Based
Brief Description: Splitvt perserc.c module format string
X-Force URL: http://xforce.iss.net/static/5948.php
_____
Date Reported: 1/14/01
Vulnerability: flash-module-bo
Platforms Affected: Oliver Debon Flash plugin 0.4.9 and earlier
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Flash browser module buffer overflow
X-Force URL: http://xforce.iss.net/static/5952.php
_____
Date Reported: 1/13/01
Vulnerability: rctab-elevate-privileges
Platforms Affected: Linux SuSE
Risk Factor: Medium
Attack Type: Host Based
Brief Description: rctab in SuSE Linux could allow privilege elevation
X-Force URL: http://xforce.iss.net/static/5945.php
_____
Date Reported: 1/12/01
Vulnerability: ultraboard-cgi-perm
Platforms Affected: UltraBoard 2000B
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: UltraBoard CGI weak permissions
X-Force URL: http://xforce.iss.net/static/5931.php
_____
Date Reported: 1/12/01
Vulnerability: compaq-web-management-bo
Platforms Affected: Compaq Web-Based Management
Risk Factor: High
Attack Type: Network Based
Brief Description: Compaq Web-Based Management program buffer overflow
X-Force URL: http://xforce.iss.net/static/5935.php
_____
Date Reported: 1/12/01
Vulnerability: php-htaccess-unauth-access
Platforms Affected: PHP (4.0.0, 4.0.4)
Risk Factor: Low
Attack Type: Network Based
Brief Description: PHP could allow unauthorized access to restricted files
X-Force URL: http://xforce.iss.net/static/5940.php
_____
Date Reported: 1/12/01
Vulnerability: basilix-webmail-retrieve-files
Platforms Affected: Basilix Webmail 0.9.7beta
Risk Factor: Low
Attack Type: Network Based
Brief Description: Basilix Webmail System allows unauthorized users to retrieve files
X-Force URL: http://xforce.iss.net/static/5934.php
_____
Date Reported: 1/12/01
Vulnerability: solaris-arp-bo
Platforms Affected: Solaris
Risk Factor: High
Attack Type: Host Based
Brief Description: Solaris arp buffer overflow
X-Force URL: http://xforce.iss.net/static/5928.php
_____
Date Reported: 1/12/01
Vulnerability: php-view-source-code
Platforms Affected: PHP (4.0.0, 4.0.4)
Risk Factor: Low
Attack Type: Network Based
Brief Description: PHP could allow remote viewing of source code
X-Force URL: http://xforce.iss.net/static/5939.php
_____
Date Reported: 1/11/01
Vulnerability: wec-ntlm-authentication
Platforms Affected: Windows 2000
Microsoft Office 2000
Windows ME
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Web Extender Client (WEC) NTLM authentication
X-Force URL: http://xforce.iss.net/static/5920.php
_____
Date Reported: 1/11/01
Vulnerability: spamcop-url-seq-predict
Platforms Affected: SpamCop
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: SpamCop URL number increment sequence prediction
X-Force URL: http://xforce.iss.net/static/5933.php
_____
Date Reported: 1/10/01
Vulnerability: linux-wuftpd-privatepw-symlink
Platforms Affected: Linux
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux wu-ftpd privatepw symbolic link
X-Force URL: http://xforce.iss.net/static/5915.php
_____
Date Reported: 1/10/01
Vulnerability: rdist-symlink
Platforms Affected: rdist
Risk Factor: High
Attack Type: Host Based
Brief Description: rdist symbolic link
X-Force URL: http://xforce.iss.net/static/5925.php
_____
Date Reported: 1/10/01
Vulnerability: squid-email-symlink
Platforms Affected: squid
Risk Factor: High
Attack Type: Host Based
Brief Description: squid email notification symbolic link
X-Force URL: http://xforce.iss.net/static/5921.php
_____
Date Reported: 1/10/01
Vulnerability: linux-diffutils-sdiff-symlimk
Platforms Affected: Linux
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux diffutils sdiff symbolic link
X-Force URL: http://xforce.iss.net/static/5914.php
_____
Date Reported: 1/10/01
Vulnerability: tcpdump-arpwatch-symlink
Platforms Affected: arpwatch
Risk Factor: High
Attack Type: Host Based
Brief Description: tcpdump arpwatch symbolic link
X-Force URL: http://xforce.iss.net/static/5922.php
_____
Date Reported: 1/10/01
Vulnerability: linuxconf-vpop3d-symlink
Platforms Affected: linuxconf
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linuxconf vpop3d symbolic link
X-Force URL: http://xforce.iss.net/static/5923.php
_____
Date Reported: 1/10/01
Vulnerability: shadow-utils-useradd-symlink
Platforms Affected: shadow-utils
Risk Factor: High
Attack Type: Host Based
Brief Description: shadow-utils useradd symbolic link
X-Force URL: http://xforce.iss.net/static/5927.php
_____
Date Reported: 1/10/01
Vulnerability: linux-glibc-read-files
Platforms Affected: Linux glibc
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux glibc library can allow users to read restricted files
X-Force URL: http://xforce.iss.net/static/5907.php
_____
Date Reported: 1/10/01
Vulnerability: gettyps-symlink
Platforms Affected: gettyps
Risk Factor: High
Attack Type: Host Based
Brief Description: getty_ps symbolic link
X-Force URL: http://xforce.iss.net/static/5924.php
_____
Date Reported: 1/10/01
Vulnerability: linux-gpm-symlink
Platforms Affected: gpm
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux gpm symbolic link attack
X-Force URL: http://xforce.iss.net/static/5917.php
_____
Date Reported: 1/10/01
Vulnerability: linux-mgetty-symlink
Platforms Affected: mgetty
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux mgetty symbolic link attack
X-Force URL: http://xforce.iss.net/static/5918.php
_____
Date Reported: 1/10/01
Vulnerability: linux-apache-symlink
Platforms Affected: Apache
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux Apache symbolic link
X-Force URL: http://xforce.iss.net/static/5926.php
_____
Date Reported: 1/10/01
Vulnerability: linux-inn-symlink
Platforms Affected: inn
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux INN tmp directory symbolic link
X-Force URL: http://xforce.iss.net/static/5916.php
_____
Date Reported: 1/10/01
Vulnerability: conferenceroom-developer-dos
Platforms Affected: ConferenceRoom Professional Edition
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: ConferenceRoom Developer Edition denial of service
X-Force URL: http://xforce.iss.net/static/5909.php
_____
Date Reported: 1/9/01
Vulnerability: oracle-xsql-execute-code
Platforms Affected: Oracle 8.1.7
Risk Factor: High
Attack Type: Network Based
Brief Description: Oracle XSQL servlet and xml-stylesheet allows code execution on server
X-Force URL: http://xforce.iss.net/static/5905.php
_____
Date Reported: 1/9/01
Vulnerability: netscreen-webui-bo
Platforms Affected: NetScreen
Risk Factor: Medium
Attack Type: Network Based
Brief Description: NetScreen Firewall WebUI buffer overflow
X-Force URL: http://xforce.iss.net/static/5908.php
_____
Date Reported: 1/9/01
Vulnerability: suse-reiserfs-long-filenames
Platforms Affected: SuSE 7.0
Risk Factor: High
Attack Type: Host Based
Brief Description: SuSE reiserfs long file name denial of service
X-Force URL: http://xforce.iss.net/static/5910.php
_____
Date Reported: 1/9/01
Vulnerability: interbase-backdoor-account
Platforms Affected: InterBase 6.01 and earlier
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: InterBase built-in backdoor account
X-Force URL: http://xforce.iss.net/static/5911.php
_____
Date Reported: 1/9/01
Vulnerability: interbase-hidden-function-dos
Platforms Affected: InterBase 6.01
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: InterBase hidden function denial of service
X-Force URL: http://xforce.iss.net/static/5912.php
_____
Date Reported: 1/9/01
Vulnerability: brickserver-thttpd-dos
Platforms Affected: BRICKServer Small Business
Risk Factor: Medium
Attack Type: Network Based
Brief Description: BRICKServer thttpd denial of service
X-Force URL: http://xforce.iss.net/static/5919.php
_____
Date Reported: 1/9/01
Vulnerability: solaris-exrecover-bo
Platforms Affected: Solaris (2.4, 2.5, 2.5.1, 2.6)
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Solaris exrecover buffer overflow
X-Force URL: http://xforce.iss.net/static/5913.php
_____
Date Reported: 1/9/01
Vulnerability: hp-inetd-swait-dos
Platforms Affected: HPUX
Risk Factor: Medium
Attack Type: Host Based
Brief Description: HP-UX inetd swait denial of service
X-Force URL: http://xforce.iss.net/static/5904.php
_____
Date Reported: 1/8/01
Vulnerability: microsoft-iis-read-files
Platforms Affected: IIS (4.0, 5.0)
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Microsoft IIS 5.0 allows the viewing of files through malformed URL
X-Force URL: http://xforce.iss.net/static/5903.php
_____
Date Reported: 1/8/01
Vulnerability: ibm-websphere-dos
Platforms Affected: IBM Websphere 3.52
IBM HTTP Server 1.3.12
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: IBM WebSphere denial of service
X-Force URL: http://xforce.iss.net/static/5900.php
_____
Date Reported: 1/8/01
Vulnerability: storagesoft-imagecast-dos
Platforms Affected: ImageCast 4.1
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: StorageSoft ImageCast denial of service
X-Force URL: http://xforce.iss.net/static/5901.php
_____
Date Reported: 1/8/01
Vulnerability: nai-pgp-replace-keys
Platforms Affected: PGP 7.0
Risk Factor: Medium
Attack Type: Host Based
Brief Description: PGP users may replace signed exported key blocks with arbitrary keys
X-Force URL: http://xforce.iss.net/static/5902.php
_____
Date Reported: 1/7/01
Vulnerability: http-cgi-bbs-forum
Platforms Affected: WebBBS 1.0
Risk Factor: High
Attack Type: Network Based
Brief Description: bbs_forum.cgi allows remote command execution
X-Force URL: http://xforce.iss.net/static/5906.php
_____
Date Reported: 1/5/01
Vulnerability: lotus-domino-directory-traversal
Platforms Affected: Lotus Domino 5.0.x
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Lotus Domino 5.0.x .nsf, .box, and .ns4 directory traversal
X-Force URL: http://xforce.iss.net/static/5899.php
_____
Date Reported: 1/5/01
Vulnerability: http-cgi-fastgraf
Platforms Affected: FASTGRAF
Risk Factor: High
Attack Type: Network Based
Brief Description: Fastgraf CGI scripts allow remote command execution
X-Force URL: http://xforce.iss.net/static/5897.php
_____
Date Reported: 1/4/01
Vulnerability: newsdesk-cgi-read-files
Platforms Affected: Newsdesk 1.2
Risk Factor: High
Attack Type: Network Based
Brief Description: Newsdesk.cgi allows read access to files
X-Force URL: http://xforce.iss.net/static/5898.php
_____
Date Reported: 1/1/01
Vulnerability: gtk-module-execute-code
Platforms Affected: GTK+ 1.2.8 and earlier
Risk Factor: High
Attack Type: Host Based
Brief Description: GTK+ arbitrary code execution using custom loadable module
X-Force URL: http://xforce.iss.net/static/5832.php
_____
Date Reported: 1/1/01
Vulnerability: linux-tty-writable-dos
Platforms Affected: Linux
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux writable TTY denial of service
X-Force URL: http://xforce.iss.net/static/5896.php
_____
Risk Factor Key:
High Any vulnerability that provides an attacker with immediate
access into a machine, gains superuser access, or bypasses
a firewall. Example: A vulnerable Sendmail 8.6.5 version
that allows an intruder to execute commands on mail
server.
Medium Any vulnerability that provides information that has a
high potential of giving system access to an intruder.
Example: A misconfigured TFTP or vulnerable NIS server
that allows an intruder to get the password file that
could contain an account with a guessable password.
Low Any vulnerability that provides information that
potentially could lead to a compromise. Example: A
finger that allows an intruder to find out who is online
and potential accounts to attempt to crack passwords
via brute force methods.
_____
Additional Information
This document is available at http://xforce.iss.net/alerts/advisennn.php.
To receive these Alerts and Advisories:
- - Subscribe to the Alert mailing list from
http://xforce.iss.net/maillists/index.php
- - Or send an email to majordomo@iss.net, and within the body of the
message type:
'subscribe alert' (without the quotes).
About Internet Security Systems (ISS)
Internet Security Systems, Inc. (ISS) (NASDAQ: ISSX) is the leading
global provider of security management solutions for the Internet.
By combining best of breed products, security management services,
aggressive research and development, and comprehensive educational
and consulting services, ISS is the trusted security advisor for
thousands of organizations around the world looking to protect their
mission critical information and networks.
Copyright (c) 2001 by Internet Security Systems, Inc.
Permission is hereby granted for the redistribution of this Alert
electronically. It is not to be edited in any way without express consent
of the X-Force. If you wish to reprint the whole or any part of this
Alert in any other medium excluding electronic medium, please e-mail
xforce@iss.net for permission.
Disclaimer
The information within this paper may change without notice. Use of this
information constitutes acceptance for use in an AS IS condition. There
are NO warranties with regard to this information. In no event shall the
author be liable for any damages whatsoever arising out of or in
connection with the use or spread of this information. Any use of this
information is at the user's own risk.
X-Force PGP Key available at: http://xforce.iss.net/sensitive.php as
well as on MIT's PGP key server and PGP.com's key server.
Please send suggestions, updates, and comments to: X-Force xforce@iss.net
of Internet Security Systems, Inc.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a
Charset: noconv
iQCVAwUBOogB2jRfJiV99eG9AQESogP9HsIDfUmYkJuWUmNqPhb22a6CVpi/TiG9
7mvhdGc3ySS6LqrvTZgXrBzAcxFlHrdTSmNka8yGiLvYAb0lnghFRZ2OxxRfK11m
AV9VS9/Yty/Qk8BnA/7tx4DIcM4Nhry1kTqTbDkpbcfXOb2LI2WUGnMHF/xkc1ge
3mV5zJXCUM4=
=ClrQ
-----END PGP SIGNATURE-----
| VAR-200103-0101 | CVE-2001-0185 | Netopia R9100 Router Denial of Service Vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Netopia R9100 router version 4.6 allows authenticated users to cause a denial of service by using the router's telnet program to connect to the router's IP address, which causes a crash. The secure-RPC feature of the SSH1 client in Solaris sometimes encrypts the SSH private key file with a weak passphrase, which can be determined by an attacker and used to recover the SSH private keys. Other versions of the SSH client running on non-Solaris platforms are not affected by this vulnerability. NewsDaemon prior to version 0.21b contains a vulnerability allowing remote attackers to gain administrative access to the web site. getty_ps is an open-source software package designed to support logons to the console and terminals. Some implementations create temporary files insecurely with predictable names, leading to corruption of arbitrary files via symbolic link attack. getty_ps is an open source, freely available, publicly maintained software package shipped with many distributions of Linux.
A problem in the getty_ps software package could make it vulnerable to a symbolic link attack. The problem occurs in the creation and handling of files in the /tmp directory by the getty_ps program. Under certain circumstances, getty_ps will create files in the /tmp filesystem in an insecure manner. The program uses a naming scheme that could make it possible to guess the filename of future files in the /tmp directory, and does not check for the existance of the file before attempting to create it. A malicious user could use this vulnerability to overwrite or append to and corrupt system files. SSH is a package designed to encrypt traffic between two end points using the IETF specified SSH protocol. The SSH1 package is distributed and maintained by SSH Communications Security.
A problem exists which could allow the discovery of the secret key used to encrypt traffic on the local host. When using SUN-DES-1 to share keys with other hosts on the network to facilitate secure communication via protocols such as NFS and NIS+, the keys are shared between hosts using the private key of the user and a cryptographic algorithm to secure the contents of the key, which is stored on the NIS+ primary. The problem occurs when the key is encrypted with the SUN-DES-1 magic phrase prior to having done a keylogin (the keyserv does not have the users DH private key). A design flaw in the software that shares the key with the NIS+ master will inconsistently return the correct value for an attempted keyshare that has failed. A step in the private key encryption process is skipped, and the users private key is then encrypted only with the public key of the target server and the SUN-DES-1 magic phrase, a phrase that is guessable due to the way it is generated. A user from the same host can then execute a function that returns another users magic phrase, and use this to decrypt the private key of the victim. This makes it possible for a user with malicious intent to gain knowledge of a users secret key, and decrypt sensitive traffic between two hosts, with the possibility of gaining access and elevated privileges on the hosts and/or NIS+ domain. This reportedly affects the SSH2 series of the software package.
Under very specific circumstances, an attacker can cause the affected router to stop. By attempting to make a looped connection from the router's IP address back to the same address, the unit will crash. A manual restart is required to resume operation.
An attack prevents user-disconnect logging and may help the attacker carry out further attacks on the affected host or other systems on its network.
Netopia R9100 Router running firmware version 4.6 is vulnerable; subsequent (and current) versions are not vulnerable.
TO UNSUBSCRIBE: email "unsubscribe alert" in the body of your message to
majordomo@iss.net Contact alert-owner@iss.net for help with any problems!
---------------------------------------------------------------------------
-----BEGIN PGP SIGNED MESSAGE-----
Internet Security Systems Security Alert Summary
February 6, 2001
Volume 6 Number 3
X-Force Vulnerability and Threat Database: http://xforce.iss.net/ To
receive these Alert Summaries as well as other Alerts and Advisories,
subscribe to the Internet Security Systems Alert mailing list at:
http://xforce.iss.net/maillists/index.php
_____
Contents
120 Reported Vulnerabilities
Risk Factor Key
_____
Date Reported: 1/31/01
Vulnerability: win2k-rdp-dos
Platforms Affected: Windows 2000
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Windows 2000 Server RDP denial of service
X-Force URL: http://xforce.iss.net/static/6035.php
_____
Date Reported: 1/31/01
Vulnerability: cisco-ccs-file-access
Platforms Affected: Cisco Content Services Switch
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Cisco CCS command line interface could allow read access to files and directories
X-Force URL: http://xforce.iss.net/static/6031.php
_____
Date Reported: 1/31/01
Vulnerability: quicktime-embedded-tag-bo
Platforms Affected: Quicktime 4.1.2
Risk Factor: High
Attack Type: Host Based
Brief Description: QuickTime Player EMBED tag buffer overflow
X-Force URL: http://xforce.iss.net/static/6040.php
_____
Date Reported: 1/31/01
Vulnerability: solaris-ximp40-bo
Platforms Affected: Solaris (7, 8)
Risk Factor: High
Attack Type: Host Based
Brief Description: Solaris "ximp40" shared library buffer overflow
X-Force URL: http://xforce.iss.net/static/6039.php
_____
Date Reported: 1/31/01
Vulnerability: cisco-ccs-cli-dos
Platforms Affected: Cisco Content Services Switch
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Cisco CCS command line interface denial of service
X-Force URL: http://xforce.iss.net/static/6030.php
_____
Date Reported: 1/30/01
Vulnerability: slimserve-httpd-dos
Platforms Affected: SlimServe 1.0
Risk Factor: Medium
Attack Type: Network Based
Brief Description: SlimServe HTTPd denial of service
X-Force URL: http://xforce.iss.net/static/6028.php
_____
Date Reported: 1/30/01
Vulnerability: crazywwwboard-qdecoder-bo
Platforms Affected: CrazyWWWBoard prior to 2000LEp5-1
Risk Factor: Medium
Attack Type: Network Based
Brief Description: CrazyWWWBoard qDecoder buffer overflow
X-Force URL: http://xforce.iss.net/static/6033.php
_____
Date Reported: 1/30/01
Vulnerability: virusbuster-mua-bo
Platforms Affected:
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Virus Buster 2001 Mail User Agent (MUA) buffer overflow
X-Force URL: http://xforce.iss.net/static/6034.php
_____
Date Reported: 1/29/01
Vulnerability: iis-isapi-obtain-code
Platforms Affected: IIS (4.0, 5.0)
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: IIS allows remote attacker to obtain code fragments using .htr ISAPI extensions
X-Force URL: http://xforce.iss.net/static/6032.php
_____
Date Reported: 1/29/01
Vulnerability: bind-inverse-query-disclosure
Platforms Affected: Bind (4.x, 8.2.x)
Risk Factor: Medium
Attack Type: Network Based
Brief Description: BIND 4.x and 8.2.x exposes environment variables
X-Force URL: http://xforce.iss.net/static/6018.php
_____
Date Reported: 1/29/01
Vulnerability: hp-man-dos
Platforms Affected: HPUX
Risk Factor: Medium
Attack Type: Host Based
Brief Description: HP man command denial of service
X-Force URL: http://xforce.iss.net/static/6014.php
_____
Date Reported: 1/29/01
Vulnerability: sort-temp-file-abort
Platforms Affected: FreeBSD
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Sort temporary files denial of service
X-Force URL: http://xforce.iss.net/static/6038.php
_____
Date Reported: 1/29/01
Vulnerability: bind-complain-format-string
Platforms Affected: BIND 4.x
Risk Factor: Medium
Attack Type: Network Based
Brief Description: BIND 4.x nslookupComplain() format string
X-Force URL: http://xforce.iss.net/static/6017.php
_____
Date Reported: 1/29/01
Vulnerability: bind-complain-bo
Platforms Affected: BIND 4.x
Risk Factor: Medium
Attack Type: Network Based
Brief Description: BIND 4.x nslookupComplain() buffer overflow
X-Force URL: http://xforce.iss.net/static/6016.php
_____
Date Reported: 1/29/01
Vulnerability: winvnc-client-bo
Platforms Affected: WinVNC
Risk Factor: High
Attack Type: Network Based
Brief Description: WinVNC client buffer overflow
X-Force URL: http://xforce.iss.net/static/6025.php
_____
Date Reported: 1/29/01
Vulnerability: winvnc-server-bo
Platforms Affected: WinVNC
Risk Factor: High
Attack Type: Network Based
Brief Description: WinVNC server buffer overflow
X-Force URL: http://xforce.iss.net/static/6026.php
_____
Date Reported: 1/29/01
Vulnerability: guestserver-cgi-execute-commands
Platforms Affected: Guestserver 4.12 and earlier
Risk Factor: High
Attack Type: Network Based
Brief Description: Guestserver.cgi allows remote command execution
X-Force URL: http://xforce.iss.net/static/6027.php
_____
Date Reported: 1/29/01
Vulnerability: bind-tsig-bo
Platforms Affected: BIND 8.2.x
Risk Factor: Unauthorized Access Attempt
Attack Type: Network/Host Based
Brief Description: BIND 8.2.x transaction signature (TSIG) buffer overflow
X-Force URL: http://xforce.iss.net/static/6015.php
_____
Date Reported: 1/28/01
Vulnerability: hyperseek-cgi-reveal-info
Platforms Affected: Hyperseek Search Engine 2000
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Hyperseek CGI could reveal listings of directories and files
X-Force URL: http://xforce.iss.net/static/6012.php
_____
Date Reported: 1/26/01
Vulnerability: newsdaemon-gain-admin-access
Platforms Affected: NewsDaemon prior to 0.21b
Risk Factor: High
Attack Type: Network Based
Brief Description: NewsDaemon allows remote users to gain administrative access
X-Force URL: http://xforce.iss.net/static/6010.php
_____
Date Reported: 1/26/01
Vulnerability: mars-nwe-format-string
Platforms Affected: Mars_nwe 0.99.pl19
Risk Factor: High
Attack Type: Network Based
Brief Description: Mars_nwe format string
X-Force URL: http://xforce.iss.net/static/6019.php
_____
Date Reported: 1/26/01
Vulnerability: mars-nwe-format-string
Platforms Affected: Mars_nwe 0.99.pl19
Risk Factor: High
Attack Type: Network Based
Brief Description: Mars_nwe format string
X-Force URL: http://xforce.iss.net/static/6019.php
_____
Date Reported: 1/25/01
Vulnerability: planetintra-pi-bo
Platforms Affected: Planet Intra LAN Intranet 2.5
Risk Factor: High
Attack Type: Network Based
Brief Description: Planet Intra 'pi' binary buffer oveflow
X-Force URL: http://xforce.iss.net/static/6002.php
_____
Date Reported: 1/25/01
Vulnerability: borderware-ping-dos
Platforms Affected: BorderWare Firewall Server 6.1.2
Risk Factor: High
Attack Type: Network Based
Brief Description: BorderWare ping denial of service
X-Force URL: http://xforce.iss.net/static/6004.php
_____
Date Reported: 1/25/01
Vulnerability: aol-malformed-url-dos
Platforms Affected: AOL 5.0
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: AOL malformed URL denial of service
X-Force URL: http://xforce.iss.net/static/6009.php
_____
Date Reported: 1/25/01
Vulnerability: mirc-bypass-password
Platforms Affected: mIRC
Risk Factor: High
Attack Type: Host Based
Brief Description: mIRC allows malicious user to bypass password
X-Force URL: http://xforce.iss.net/static/6013.php
_____
Date Reported: 1/25/01
Vulnerability: netscape-enterprise-revlog-dos
Platforms Affected: Netscape Enterprise Server
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Netscape Enterprise Server REVLOG denial of service
X-Force URL: http://xforce.iss.net/static/6003.php
_____
Date Reported: 1/24/01
Vulnerability: aim-execute-code
Platforms Affected: AOL Instant Messenger 4.1 and later
Risk Factor: High
Attack Type: Host Based
Brief Description: AOL Instant Messenger execution of code in modified images
X-Force URL: http://xforce.iss.net/static/6005.php
_____
Date Reported: 1/24/01
Vulnerability: netscape-enterprise-list-directories
Platforms Affected: Netscape Enterprise Server (3.0, 4.0)
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Netscape Enterprise Server allows remote directory listing
X-Force URL: http://xforce.iss.net/static/5997.php
_____
Date Reported: 1/24/01
Vulnerability: winnt-mutex-dos
Platforms Affected: Windows NT 4.0
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Windows NT mutex denial of service
X-Force URL: http://xforce.iss.net/static/6006.php
_____
Date Reported: 1/24/01
Vulnerability: jrun-webinf-file-retrieval
Platforms Affected: JRun
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: JRun malformed URL file retrieval
X-Force URL: http://xforce.iss.net/static/6008.php
_____
Date Reported: 1/23/01
Vulnerability: ipfw-bypass-firewall
Platforms Affected: FreeBSD (3.x, 4.x)
Risk Factor: High
Attack Type: Network Based
Brief Description: ipfw/ip6fw allows remote attacker to bypass firewall
X-Force URL: http://xforce.iss.net/static/5998.php
_____
Date Reported: 1/23/01
Vulnerability: netopia-telnet-dos
Platforms Affected: Netopia R-series router
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Netopia R9100 allows remote user to crash the router using telnet
X-Force URL: http://xforce.iss.net/static/6001.php
_____
Date Reported: 1/23/01
Vulnerability: wuftp-debug-format-string
Platforms Affected: Wu-ftpd
Risk Factor: High
Attack Type: Network Based
Brief Description: Wu-ftpd debug mode format string
X-Force URL: http://xforce.iss.net/static/6020.php
_____
Date Reported: 1/23/01
Vulnerability: kde2-kdesu-retrieve-passwords
Platforms Affected: Linux: Caldera eDesktop 2.4
Risk Factor: High
Attack Type: Host Based
Brief Description: KDE2 kdesu program allows users to retrieve passwords
X-Force URL: http://xforce.iss.net/static/5995.php
_____
Date Reported: 1/23/01
Vulnerability: easycom-safecom-url-bo
Platforms Affected: Easycom/Safecom firmware 404.590
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Easycom/Safecom print server long URL buffer overflow
X-Force URL: http://xforce.iss.net/static/5988.php
_____
Date Reported: 1/23/01
Vulnerability: easycom-safecom-printguide-dos
Platforms Affected: Easycom/Safecom firmware 404.590
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Easycom/Safecom PrintGuide denial of service
X-Force URL: http://xforce.iss.net/static/5989.php
_____
Date Reported: 1/23/01
Vulnerability: easycom-safecom-ftp-dos
Platforms Affected: Easycom/Safecom firmware 404.590
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Easycom/Safecom FTP denial of service
X-Force URL: http://xforce.iss.net/static/5990.php
_____
Date Reported: 1/23/01
Vulnerability: vnc-weak-authentication
Platforms Affected: VNC 3.3.3 and earlier
Risk Factor: Medium
Attack Type: Network Based
Brief Description: VNC weak authentication could allow unauthorized access
X-Force URL: http://xforce.iss.net/static/5992.php
_____
Date Reported: 1/23/01
Vulnerability: lotus-domino-smtp-bo
Platforms Affected: Lotus Domino 5.0
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Lotus Domino SMTP Server policy feature buffer overflow
X-Force URL: http://xforce.iss.net/static/5993.php
_____
Date Reported: 1/23/01
Vulnerability: linux-sash-shadow-readable
Platforms Affected: sash prior to 3.4-4
Risk Factor: High
Attack Type: Host Based
Brief Description: Linux sash /etc/shadow directory world-readable
X-Force URL: http://xforce.iss.net/static/5994.php
_____
Date Reported: 1/22/01
Vulnerability: powerpoint-execute-code
Platforms Affected: Microsoft PowerPoint 2000
Risk Factor: High
Attack Type: Host Based
Brief Description: PowerPoint could allow code execution on another user's computer
X-Force URL: http://xforce.iss.net/static/5996.php
_____
Date Reported: 1/22/01
Vulnerability: icecast-format-string
Platforms Affected: Icecast 1.3.8beta2 and prior
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Icecast format string could allow arbitrary code execution
X-Force URL: http://xforce.iss.net/static/5978.php
_____
Date Reported: 1/22/01
Vulnerability: oracle-handlers-directory-traversal
Platforms Affected: Oracle 8.1.7
Risk Factor: High
Attack Type: Network Based
Brief Description: Oracle JSP/SQLJP handlers directory traversal
X-Force URL: http://xforce.iss.net/static/5986.php
_____
Date Reported: 1/22/01
Vulnerability: oracle-handlers-execute-jsp
Platforms Affected: Oracle 8.1.7
Risk Factor: High
Attack Type: Network Based
Brief Description: Oracle JSP/SQLJP handlers allows remote attacker to execute .jsp files
X-Force URL: http://xforce.iss.net/static/5987.php
_____
Date Reported: 1/22/01
Vulnerability: netscape-enterprise-dot-dos
Platforms Affected: Netscape Enterprise Server 4.1 SP5
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Netscape Enterprise Server "/../" denial of service
X-Force URL: http://xforce.iss.net/static/5983.php
_____
Date Reported: 1/22/01
Vulnerability: goodtech-ftp-dos
Platforms Affected: GoodTech FTP 3.0.1.2.1.0
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: GoodTech FTP server denial of service
X-Force URL: http://xforce.iss.net/static/5984.php
_____
Date Reported: 1/22/01
Vulnerability: netscape-fasttrack-cache-dos
Platforms Affected: Netscape FastTrack
Risk Factor: Low
Attack Type: Host Based
Brief Description: Netscape FastTrack Server cache denial of service
X-Force URL: http://xforce.iss.net/static/5985.php
_____
Date Reported: 1/21/01
Vulnerability: eeye-iris-dos
Platforms Affected: Iris Network Analyzer 1.01beta
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Iris denial of service
X-Force URL: http://xforce.iss.net/static/5981.php
_____
Date Reported: 1/20/01
Vulnerability: watchguard-firebox-obtain-passphrase
Platforms Affected: Firebox II
Risk Factor: High
Attack Type: Network Based
Brief Description: WatchGuard Firebox allows remote user to obtain passphrase
X-Force URL: http://xforce.iss.net/static/5979.php
_____
Date Reported: 1/19/01
Vulnerability: fastream-ftp-server-dos
Platforms Affected: Fastream FTP++ Simple FTP Server 2.0
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Fastream FTP denial of service
X-Force URL: http://xforce.iss.net/static/5976.php
_____
Date Reported: 1/19/01
Vulnerability: fastream-ftp-path-disclosure
Platforms Affected: Fastream FTP++ Simple FTP Server 2.0
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Fastream FTP path disclosure
X-Force URL: http://xforce.iss.net/static/5977.php
_____
Date Reported: 1/19/01
Vulnerability: localweb2k-directory-traversal
Platforms Affected: LocalWEB2000 HTTP Server 1.1.0
Risk Factor: Medium
Attack Type: Network Based
Brief Description: LocalWEB2000 directory traversal
X-Force URL: http://xforce.iss.net/static/5982.php
_____
Date Reported: 1/19/01
Vulnerability: win2k-efs-recover-data
Platforms Affected: Windows 2000
Risk Factor: High
Attack Type: Host Based
Brief Description: Windows 2000 EFS allows local user to recover sensitive data
X-Force URL: http://xforce.iss.net/static/5973.php
_____
Date Reported: 1/19/01
Vulnerability: linux-bing-bo
Platforms Affected: Linux
Risk Factor: High
Attack Type: Host Based
Brief Description: Bing host name buffer overflow
X-Force URL: http://xforce.iss.net/static/6036.php
_____
Date Reported: 1/18/01
Vulnerability: micq-sprintf-remote-bo
Platforms Affected: Matt's ICQ Clone 0.4.6
Risk Factor: High
Attack Type: Network Based
Brief Description: ICQ clone for Linux sprintf() remote buffer overflow
X-Force URL: http://xforce.iss.net/static/5962.php
_____
Date Reported: 1/18/01
Vulnerability: mysql-select-bo
Platforms Affected: MySQL prior to 3.23.31
Risk Factor: High
Attack Type: Host Based
Brief Description: MySQL select buffer overflow
X-Force URL: http://xforce.iss.net/static/5969.php
_____
Date Reported: 1/18/01
Vulnerability: shoutcast-description-bo
Platforms Affected: SHOUTcast DNAS 1.7.1
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: Shoutcast Server for Linux description buffer overflow
X-Force URL: http://xforce.iss.net/static/5965.php
_____
Date Reported: 1/17/01
Vulnerability: fw1-limited-license-dos
Platforms Affected: Check Point Firewall-1 4.1
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: FireWall-1 limited-IP license denial of service
X-Force URL: http://xforce.iss.net/static/5966.php
_____
Date Reported: 1/17/01
Vulnerability: fw1-limited-license-dos
Platforms Affected: Check Point Firewall-1 4.1
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: FireWall-1 limited-IP license denial of service
X-Force URL: http://xforce.iss.net/static/5966.php
_____
Date Reported: 1/17/01
Vulnerability: hp-stm-dos
Platforms Affected: HPUX
Risk Factor: Medium
Attack Type: Host Based
Brief Description: HP-UX Support Tools Manager denial of service
X-Force URL: http://xforce.iss.net/static/5957.php
_____
Date Reported: 1/17/01
Vulnerability: linux-webmin-tmpfiles
Platforms Affected: OpenLinux (2.3, 2.4)
Risk Factor: High
Attack Type: Host Based
Brief Description: Webmin use of tmpfiles could allow a local user to overwrite files
X-Force URL: http://xforce.iss.net/static/6011.php
_____
Date Reported: 1/17/01
Vulnerability: tinyproxy-remote-bo
Platforms Affected: tinyproxy 1.3.2 and 1.3.3
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Tinyproxy remote buffer overflow
X-Force URL: http://xforce.iss.net/static/5954.php
_____
Date Reported: 1/17/01
Vulnerability: postaci-sql-command-injection
Platforms Affected: PostACI
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Postaci SQL command injection
X-Force URL: http://xforce.iss.net/static/5972.ph p
_____
Date Reported: 1/17/01
Vulnerability: wwwwais-cgi-dos
Platforms Affected: wwwwais.c 25
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: wwwwais CGI based program denial of service
X-Force URL: http://xforce.iss.net/static/5980.php
_____
Date Reported: 1/17/01
Vulnerability: mime-header-attachment
Platforms Affected: MIME 1.0
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: MIME headers could allow spoofed file attachment
X-Force URL: http://xforce.iss.net/static/5991.php
_____
Date Reported: 1/16/01
Vulnerability: ssh-rpc-private-key
Platforms Affected: SSH
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: SSH secure-RPC could generate a passphrase that exposes a user's private key
X-Force URL: http://xforce.iss.net/static/5963.php
_____
Date Reported: 1/16/01
Vulnerability: linux-glibc-preload-overwrite
Platforms Affected: Linux
Risk Factor: Low
Attack Type: Host Based
Brief Description: Linux glibc LD_PRELOAD file overwrite
X-Force URL: http://xforce.iss.net/static/5971.php
_____
Date Reported: 1/16/01
Vulnerability: inn-tmpfile-symlink
Platforms Affected: InterNet News (INN)
Risk Factor: High
Attack Type: Host Based
Brief Description: INN tmpfile symbolic link
X-Force URL: http://xforce.iss.net/static/5974.php
_____
Date Reported: 1/15/01
Vulnerability: interscan-viruswall-insecure-password
Platforms Affected: InterScan VirusWall (3.0.1, 3.6.x)
Risk Factor: High
Attack Type: Network Based
Brief Description: InterScan VirusWall for Unix password change insecure
X-Force URL: http://xforce.iss.net/static/5944.php
_____
Date Reported: 1/15/01
Vulnerability: interscan-viruswall-weak-authentication
Platforms Affected: InterScan VirusWall (3.0.1, 3.6.x)
Risk Factor: Medium
Attack Type: Network Based
Brief Description: InterScan VirusWall for Unix uses weak authentication
X-Force URL: http://xforce.iss.net/static/5946.php
_____
Date Reported: 1/15/01
Vulnerability: ie-mshtml-dos
Platforms Affected: Internet Explorer 4.0 and later
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Internet Explorer mshtml.dll denial of service
X-Force URL: http://xforce.iss.net/static/5938.php
_____
Date Reported: 1/15/01
Vulnerability: dhcp-format-string
Platforms Affected: Caldera OpenLinux Desktop (2.3, 2.3.1, 2.4)
Risk Factor: High
Attack Type: Network Based
Brief Description: Caldera DHCP format string
X-Force URL: http://xforce.iss.net/static/5953.php
_____
Date Reported: 1/15/01
Vulnerability: win-mediaplayer-arbitrary-code
Platforms Affected: Windows Media Player 7.0
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Windows Media Player skins can be used execute arbitrary code
X-Force URL: http://xforce.iss.net/static/5937.php
_____
Date Reported: 1/15/01
Vulnerability: veritas-backupexec-dos
Platforms Affected: Backup Exec 4.5
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Veritas Backup Exec denial of service
X-Force URL: http://xforce.iss.net/static/5941.php
_____
Date Reported: 1/15/01
Vulnerability: interscan-viruswall-symlink
Platforms Affected: InterScan VirusWall (3.0.1, 3.6.x)
Risk Factor: High
Attack Type: Host Based
Brief Description: InterScan VirusWall for Unix symbolic link
X-Force URL: http://xforce.iss.net/static/5947.php
_____
Date Reported: 1/15/01
Vulnerability: omnihttpd-statsconfig-corrupt-files
Platforms Affected: OmniHTTPd
Risk Factor: Medium
Attack Type: Network Based
Brief Description: OmniHTTPd statsconfig.pl corrupt any file on the system
X-Force URL: http://xforce.iss.net/static/5955.php
_____
Date Reported: 1/15/01
Vulnerability: omnihttpd-statsconfig-execute-code
Platforms Affected: OmniHTTPd
Risk Factor: High
Attack Type: Network Based
Brief Description: OmniHTTPD statsconfig.pl allows code execution
X-Force URL: http://xforce.iss.net/static/5956.php
_____
Date Reported: 1/15/01
Vulnerability: icmp-pmtu-dos
Platforms Affected: Linux
BSD
Risk Factor: Medium
Attack Type: Network Based
Brief Description: ICMP PMTU denial of service
X-Force URL: http://xforce.iss.net/static/5975.php
_____
Date Reported: 1/15/01
Vulnerability: icmp-pmtu-dos
Platforms Affected: Linux
BSD
Risk Factor: Medium
Attack Type: Network Based
Brief Description: ICMP PMTU denial of service
X-Force URL: http://xforce.iss.net/static/5975.php
_____
Date Reported: 1/14/01
Vulnerability: splitvt-perserc-format-string
Platforms Affected: splitvt 1.6.4 and earlier
Risk Factor: High
Attack Type: Host Based
Brief Description: Splitvt perserc.c module format string
X-Force URL: http://xforce.iss.net/static/5948.php
_____
Date Reported: 1/14/01
Vulnerability: splitvt-perserc-format-string
Platforms Affected: splitvt 1.6.4 and earlier
Risk Factor: High
Attack Type: Host Based
Brief Description: Splitvt perserc.c module format string
X-Force URL: http://xforce.iss.net/static/5948.php
_____
Date Reported: 1/14/01
Vulnerability: flash-module-bo
Platforms Affected: Oliver Debon Flash plugin 0.4.9 and earlier
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Flash browser module buffer overflow
X-Force URL: http://xforce.iss.net/static/5952.php
_____
Date Reported: 1/13/01
Vulnerability: rctab-elevate-privileges
Platforms Affected: Linux SuSE
Risk Factor: Medium
Attack Type: Host Based
Brief Description: rctab in SuSE Linux could allow privilege elevation
X-Force URL: http://xforce.iss.net/static/5945.php
_____
Date Reported: 1/12/01
Vulnerability: ultraboard-cgi-perm
Platforms Affected: UltraBoard 2000B
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: UltraBoard CGI weak permissions
X-Force URL: http://xforce.iss.net/static/5931.php
_____
Date Reported: 1/12/01
Vulnerability: compaq-web-management-bo
Platforms Affected: Compaq Web-Based Management
Risk Factor: High
Attack Type: Network Based
Brief Description: Compaq Web-Based Management program buffer overflow
X-Force URL: http://xforce.iss.net/static/5935.php
_____
Date Reported: 1/12/01
Vulnerability: php-htaccess-unauth-access
Platforms Affected: PHP (4.0.0, 4.0.4)
Risk Factor: Low
Attack Type: Network Based
Brief Description: PHP could allow unauthorized access to restricted files
X-Force URL: http://xforce.iss.net/static/5940.php
_____
Date Reported: 1/12/01
Vulnerability: basilix-webmail-retrieve-files
Platforms Affected: Basilix Webmail 0.9.7beta
Risk Factor: Low
Attack Type: Network Based
Brief Description: Basilix Webmail System allows unauthorized users to retrieve files
X-Force URL: http://xforce.iss.net/static/5934.php
_____
Date Reported: 1/12/01
Vulnerability: solaris-arp-bo
Platforms Affected: Solaris
Risk Factor: High
Attack Type: Host Based
Brief Description: Solaris arp buffer overflow
X-Force URL: http://xforce.iss.net/static/5928.php
_____
Date Reported: 1/12/01
Vulnerability: php-view-source-code
Platforms Affected: PHP (4.0.0, 4.0.4)
Risk Factor: Low
Attack Type: Network Based
Brief Description: PHP could allow remote viewing of source code
X-Force URL: http://xforce.iss.net/static/5939.php
_____
Date Reported: 1/11/01
Vulnerability: wec-ntlm-authentication
Platforms Affected: Windows 2000
Microsoft Office 2000
Windows ME
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Web Extender Client (WEC) NTLM authentication
X-Force URL: http://xforce.iss.net/static/5920.php
_____
Date Reported: 1/11/01
Vulnerability: spamcop-url-seq-predict
Platforms Affected: SpamCop
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: SpamCop URL number increment sequence prediction
X-Force URL: http://xforce.iss.net/static/5933.php
_____
Date Reported: 1/10/01
Vulnerability: linux-wuftpd-privatepw-symlink
Platforms Affected: Linux
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux wu-ftpd privatepw symbolic link
X-Force URL: http://xforce.iss.net/static/5915.php
_____
Date Reported: 1/10/01
Vulnerability: rdist-symlink
Platforms Affected: rdist
Risk Factor: High
Attack Type: Host Based
Brief Description: rdist symbolic link
X-Force URL: http://xforce.iss.net/static/5925.php
_____
Date Reported: 1/10/01
Vulnerability: squid-email-symlink
Platforms Affected: squid
Risk Factor: High
Attack Type: Host Based
Brief Description: squid email notification symbolic link
X-Force URL: http://xforce.iss.net/static/5921.php
_____
Date Reported: 1/10/01
Vulnerability: linux-diffutils-sdiff-symlimk
Platforms Affected: Linux
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux diffutils sdiff symbolic link
X-Force URL: http://xforce.iss.net/static/5914.php
_____
Date Reported: 1/10/01
Vulnerability: tcpdump-arpwatch-symlink
Platforms Affected: arpwatch
Risk Factor: High
Attack Type: Host Based
Brief Description: tcpdump arpwatch symbolic link
X-Force URL: http://xforce.iss.net/static/5922.php
_____
Date Reported: 1/10/01
Vulnerability: linuxconf-vpop3d-symlink
Platforms Affected: linuxconf
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linuxconf vpop3d symbolic link
X-Force URL: http://xforce.iss.net/static/5923.php
_____
Date Reported: 1/10/01
Vulnerability: shadow-utils-useradd-symlink
Platforms Affected: shadow-utils
Risk Factor: High
Attack Type: Host Based
Brief Description: shadow-utils useradd symbolic link
X-Force URL: http://xforce.iss.net/static/5927.php
_____
Date Reported: 1/10/01
Vulnerability: linux-glibc-read-files
Platforms Affected: Linux glibc
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux glibc library can allow users to read restricted files
X-Force URL: http://xforce.iss.net/static/5907.php
_____
Date Reported: 1/10/01
Vulnerability: gettyps-symlink
Platforms Affected: gettyps
Risk Factor: High
Attack Type: Host Based
Brief Description: getty_ps symbolic link
X-Force URL: http://xforce.iss.net/static/5924.php
_____
Date Reported: 1/10/01
Vulnerability: linux-gpm-symlink
Platforms Affected: gpm
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux gpm symbolic link attack
X-Force URL: http://xforce.iss.net/static/5917.php
_____
Date Reported: 1/10/01
Vulnerability: linux-mgetty-symlink
Platforms Affected: mgetty
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux mgetty symbolic link attack
X-Force URL: http://xforce.iss.net/static/5918.php
_____
Date Reported: 1/10/01
Vulnerability: linux-apache-symlink
Platforms Affected: Apache
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux Apache symbolic link
X-Force URL: http://xforce.iss.net/static/5926.php
_____
Date Reported: 1/10/01
Vulnerability: linux-inn-symlink
Platforms Affected: inn
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux INN tmp directory symbolic link
X-Force URL: http://xforce.iss.net/static/5916.php
_____
Date Reported: 1/10/01
Vulnerability: conferenceroom-developer-dos
Platforms Affected: ConferenceRoom Professional Edition
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: ConferenceRoom Developer Edition denial of service
X-Force URL: http://xforce.iss.net/static/5909.php
_____
Date Reported: 1/9/01
Vulnerability: oracle-xsql-execute-code
Platforms Affected: Oracle 8.1.7
Risk Factor: High
Attack Type: Network Based
Brief Description: Oracle XSQL servlet and xml-stylesheet allows code execution on server
X-Force URL: http://xforce.iss.net/static/5905.php
_____
Date Reported: 1/9/01
Vulnerability: netscreen-webui-bo
Platforms Affected: NetScreen
Risk Factor: Medium
Attack Type: Network Based
Brief Description: NetScreen Firewall WebUI buffer overflow
X-Force URL: http://xforce.iss.net/static/5908.php
_____
Date Reported: 1/9/01
Vulnerability: suse-reiserfs-long-filenames
Platforms Affected: SuSE 7.0
Risk Factor: High
Attack Type: Host Based
Brief Description: SuSE reiserfs long file name denial of service
X-Force URL: http://xforce.iss.net/static/5910.php
_____
Date Reported: 1/9/01
Vulnerability: interbase-backdoor-account
Platforms Affected: InterBase 6.01 and earlier
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: InterBase built-in backdoor account
X-Force URL: http://xforce.iss.net/static/5911.php
_____
Date Reported: 1/9/01
Vulnerability: interbase-hidden-function-dos
Platforms Affected: InterBase 6.01
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: InterBase hidden function denial of service
X-Force URL: http://xforce.iss.net/static/5912.php
_____
Date Reported: 1/9/01
Vulnerability: brickserver-thttpd-dos
Platforms Affected: BRICKServer Small Business
Risk Factor: Medium
Attack Type: Network Based
Brief Description: BRICKServer thttpd denial of service
X-Force URL: http://xforce.iss.net/static/5919.php
_____
Date Reported: 1/9/01
Vulnerability: solaris-exrecover-bo
Platforms Affected: Solaris (2.4, 2.5, 2.5.1, 2.6)
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Solaris exrecover buffer overflow
X-Force URL: http://xforce.iss.net/static/5913.php
_____
Date Reported: 1/9/01
Vulnerability: hp-inetd-swait-dos
Platforms Affected: HPUX
Risk Factor: Medium
Attack Type: Host Based
Brief Description: HP-UX inetd swait denial of service
X-Force URL: http://xforce.iss.net/static/5904.php
_____
Date Reported: 1/8/01
Vulnerability: microsoft-iis-read-files
Platforms Affected: IIS (4.0, 5.0)
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Microsoft IIS 5.0 allows the viewing of files through malformed URL
X-Force URL: http://xforce.iss.net/static/5903.php
_____
Date Reported: 1/8/01
Vulnerability: ibm-websphere-dos
Platforms Affected: IBM Websphere 3.52
IBM HTTP Server 1.3.12
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: IBM WebSphere denial of service
X-Force URL: http://xforce.iss.net/static/5900.php
_____
Date Reported: 1/8/01
Vulnerability: storagesoft-imagecast-dos
Platforms Affected: ImageCast 4.1
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: StorageSoft ImageCast denial of service
X-Force URL: http://xforce.iss.net/static/5901.php
_____
Date Reported: 1/8/01
Vulnerability: nai-pgp-replace-keys
Platforms Affected: PGP 7.0
Risk Factor: Medium
Attack Type: Host Based
Brief Description: PGP users may replace signed exported key blocks with arbitrary keys
X-Force URL: http://xforce.iss.net/static/5902.php
_____
Date Reported: 1/7/01
Vulnerability: http-cgi-bbs-forum
Platforms Affected: WebBBS 1.0
Risk Factor: High
Attack Type: Network Based
Brief Description: bbs_forum.cgi allows remote command execution
X-Force URL: http://xforce.iss.net/static/5906.php
_____
Date Reported: 1/5/01
Vulnerability: lotus-domino-directory-traversal
Platforms Affected: Lotus Domino 5.0.x
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Lotus Domino 5.0.x .nsf, .box, and .ns4 directory traversal
X-Force URL: http://xforce.iss.net/static/5899.php
_____
Date Reported: 1/5/01
Vulnerability: http-cgi-fastgraf
Platforms Affected: FASTGRAF
Risk Factor: High
Attack Type: Network Based
Brief Description: Fastgraf CGI scripts allow remote command execution
X-Force URL: http://xforce.iss.net/static/5897.php
_____
Date Reported: 1/4/01
Vulnerability: newsdesk-cgi-read-files
Platforms Affected: Newsdesk 1.2
Risk Factor: High
Attack Type: Network Based
Brief Description: Newsdesk.cgi allows read access to files
X-Force URL: http://xforce.iss.net/static/5898.php
_____
Date Reported: 1/1/01
Vulnerability: gtk-module-execute-code
Platforms Affected: GTK+ 1.2.8 and earlier
Risk Factor: High
Attack Type: Host Based
Brief Description: GTK+ arbitrary code execution using custom loadable module
X-Force URL: http://xforce.iss.net/static/5832.php
_____
Date Reported: 1/1/01
Vulnerability: linux-tty-writable-dos
Platforms Affected: Linux
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux writable TTY denial of service
X-Force URL: http://xforce.iss.net/static/5896.php
_____
Risk Factor Key:
High Any vulnerability that provides an attacker with immediate
access into a machine, gains superuser access, or bypasses
a firewall. Example: A vulnerable Sendmail 8.6.5 version
that allows an intruder to execute commands on mail
server.
Medium Any vulnerability that provides information that has a
high potential of giving system access to an intruder.
Example: A misconfigured TFTP or vulnerable NIS server
that allows an intruder to get the password file that
could contain an account with a guessable password.
Low Any vulnerability that provides information that
potentially could lead to a compromise. Example: A
finger that allows an intruder to find out who is online
and potential accounts to attempt to crack passwords
via brute force methods.
_____
Additional Information
This document is available at http://xforce.iss.net/alerts/advisennn.php.
To receive these Alerts and Advisories:
- - Subscribe to the Alert mailing list from
http://xforce.iss.net/maillists/index.php
- - Or send an email to majordomo@iss.net, and within the body of the
message type:
'subscribe alert' (without the quotes).
About Internet Security Systems (ISS)
Internet Security Systems, Inc. (ISS) (NASDAQ: ISSX) is the leading
global provider of security management solutions for the Internet.
By combining best of breed products, security management services,
aggressive research and development, and comprehensive educational
and consulting services, ISS is the trusted security advisor for
thousands of organizations around the world looking to protect their
mission critical information and networks.
Copyright (c) 2001 by Internet Security Systems, Inc.
Permission is hereby granted for the redistribution of this Alert
electronically. It is not to be edited in any way without express consent
of the X-Force. If you wish to reprint the whole or any part of this
Alert in any other medium excluding electronic medium, please e-mail
xforce@iss.net for permission.
Disclaimer
The information within this paper may change without notice. Use of this
information constitutes acceptance for use in an AS IS condition. There
are NO warranties with regard to this information. In no event shall the
author be liable for any damages whatsoever arising out of or in
connection with the use or spread of this information. Any use of this
information is at the user's own risk.
X-Force PGP Key available at: http://xforce.iss.net/sensitive.php as
well as on MIT's PGP key server and PGP.com's key server.
Please send suggestions, updates, and comments to: X-Force xforce@iss.net
of Internet Security Systems, Inc.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a
Charset: noconv
iQCVAwUBOogB2jRfJiV99eG9AQESogP9HsIDfUmYkJuWUmNqPhb22a6CVpi/TiG9
7mvhdGc3ySS6LqrvTZgXrBzAcxFlHrdTSmNka8yGiLvYAb0lnghFRZ2OxxRfK11m
AV9VS9/Yty/Qk8BnA/7tx4DIcM4Nhry1kTqTbDkpbcfXOb2LI2WUGnMHF/xkc1ge
3mV5zJXCUM4=
=ClrQ
-----END PGP SIGNATURE-----
| VAR-200102-0056 | CVE-2001-0020 | SSH1 may generate weak passphrase when using Secure RPC |
CVSS V2: 2.1 CVSS V3: - Severity: LOW |
Directory traversal vulnerability in Arrowpoint (aka Cisco Content Services, or CSS) allows local unprivileged users to read arbitrary files via a .. (dot dot) attack. The secure-RPC feature of the SSH1 client in Solaris sometimes encrypts the SSH private key file with a weak passphrase, which can be determined by an attacker and used to recover the SSH private keys. Other versions of the SSH client running on non-Solaris platforms are not affected by this vulnerability. NewsDaemon prior to version 0.21b contains a vulnerability allowing remote attackers to gain administrative access to the web site. getty_ps is an open-source software package designed to support logons to the console and terminals. Some implementations create temporary files insecurely with predictable names, leading to corruption of arbitrary files via symbolic link attack. getty_ps is an open source, freely available, publicly maintained software package shipped with many distributions of Linux.
A problem in the getty_ps software package could make it vulnerable to a symbolic link attack. The problem occurs in the creation and handling of files in the /tmp directory by the getty_ps program. Under certain circumstances, getty_ps will create files in the /tmp filesystem in an insecure manner. The program uses a naming scheme that could make it possible to guess the filename of future files in the /tmp directory, and does not check for the existance of the file before attempting to create it. A malicious user could use this vulnerability to overwrite or append to and corrupt system files. SSH is a package designed to encrypt traffic between two end points using the IETF specified SSH protocol. The SSH1 package is distributed and maintained by SSH Communications Security.
A problem exists which could allow the discovery of the secret key used to encrypt traffic on the local host. When using SUN-DES-1 to share keys with other hosts on the network to facilitate secure communication via protocols such as NFS and NIS+, the keys are shared between hosts using the private key of the user and a cryptographic algorithm to secure the contents of the key, which is stored on the NIS+ primary. The problem occurs when the key is encrypted with the SUN-DES-1 magic phrase prior to having done a keylogin (the keyserv does not have the users DH private key). A design flaw in the software that shares the key with the NIS+ master will inconsistently return the correct value for an attempted keyshare that has failed. A step in the private key encryption process is skipped, and the users private key is then encrypted only with the public key of the target server and the SUN-DES-1 magic phrase, a phrase that is guessable due to the way it is generated. A user from the same host can then execute a function that returns another users magic phrase, and use this to decrypt the private key of the victim. This makes it possible for a user with malicious intent to gain knowledge of a users secret key, and decrypt sensitive traffic between two hosts, with the possibility of gaining access and elevated privileges on the hosts and/or NIS+ domain. This reportedly affects the SSH2 series of the software package. The Cisco Content Services (CSS) switches are hardware designed to provide enhanced web services for e-commerece and Web Content delivery using the Cisco Web Network Services (Web NS). The CSS switch is distributed by Cisco Systems. CSS switches allow users access to certain functions on the switch, while enforcing access control to prevent the reading and change of configuration on the switch. Due to a problem in the handling of input, it is possible for a user to gain information on the structure of the directory by executing commands requesting non-existent filenames. Once the structure of the directory is know, it is then possible to read files within the directory.
This problem makes it possible for a malicious local user to map the directory tree, and read files that may contain sensitive information.
TO UNSUBSCRIBE: email "unsubscribe alert" in the body of your message to
majordomo@iss.net Contact alert-owner@iss.net for help with any problems!
---------------------------------------------------------------------------
-----BEGIN PGP SIGNED MESSAGE-----
Internet Security Systems Security Alert Summary
February 6, 2001
Volume 6 Number 3
X-Force Vulnerability and Threat Database: http://xforce.iss.net/ To
receive these Alert Summaries as well as other Alerts and Advisories,
subscribe to the Internet Security Systems Alert mailing list at:
http://xforce.iss.net/maillists/index.php
_____
Contents
120 Reported Vulnerabilities
Risk Factor Key
_____
Date Reported: 1/31/01
Vulnerability: win2k-rdp-dos
Platforms Affected: Windows 2000
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Windows 2000 Server RDP denial of service
X-Force URL: http://xforce.iss.net/static/6035.php
_____
Date Reported: 1/31/01
Vulnerability: cisco-ccs-file-access
Platforms Affected: Cisco Content Services Switch
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Cisco CCS command line interface could allow read access to files and directories
X-Force URL: http://xforce.iss.net/static/6031.php
_____
Date Reported: 1/31/01
Vulnerability: quicktime-embedded-tag-bo
Platforms Affected: Quicktime 4.1.2
Risk Factor: High
Attack Type: Host Based
Brief Description: QuickTime Player EMBED tag buffer overflow
X-Force URL: http://xforce.iss.net/static/6040.php
_____
Date Reported: 1/31/01
Vulnerability: solaris-ximp40-bo
Platforms Affected: Solaris (7, 8)
Risk Factor: High
Attack Type: Host Based
Brief Description: Solaris "ximp40" shared library buffer overflow
X-Force URL: http://xforce.iss.net/static/6039.php
_____
Date Reported: 1/31/01
Vulnerability: cisco-ccs-cli-dos
Platforms Affected: Cisco Content Services Switch
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Cisco CCS command line interface denial of service
X-Force URL: http://xforce.iss.net/static/6030.php
_____
Date Reported: 1/30/01
Vulnerability: slimserve-httpd-dos
Platforms Affected: SlimServe 1.0
Risk Factor: Medium
Attack Type: Network Based
Brief Description: SlimServe HTTPd denial of service
X-Force URL: http://xforce.iss.net/static/6028.php
_____
Date Reported: 1/30/01
Vulnerability: crazywwwboard-qdecoder-bo
Platforms Affected: CrazyWWWBoard prior to 2000LEp5-1
Risk Factor: Medium
Attack Type: Network Based
Brief Description: CrazyWWWBoard qDecoder buffer overflow
X-Force URL: http://xforce.iss.net/static/6033.php
_____
Date Reported: 1/30/01
Vulnerability: virusbuster-mua-bo
Platforms Affected:
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Virus Buster 2001 Mail User Agent (MUA) buffer overflow
X-Force URL: http://xforce.iss.net/static/6034.php
_____
Date Reported: 1/29/01
Vulnerability: iis-isapi-obtain-code
Platforms Affected: IIS (4.0, 5.0)
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: IIS allows remote attacker to obtain code fragments using .htr ISAPI extensions
X-Force URL: http://xforce.iss.net/static/6032.php
_____
Date Reported: 1/29/01
Vulnerability: bind-inverse-query-disclosure
Platforms Affected: Bind (4.x, 8.2.x)
Risk Factor: Medium
Attack Type: Network Based
Brief Description: BIND 4.x and 8.2.x exposes environment variables
X-Force URL: http://xforce.iss.net/static/6018.php
_____
Date Reported: 1/29/01
Vulnerability: hp-man-dos
Platforms Affected: HPUX
Risk Factor: Medium
Attack Type: Host Based
Brief Description: HP man command denial of service
X-Force URL: http://xforce.iss.net/static/6014.php
_____
Date Reported: 1/29/01
Vulnerability: sort-temp-file-abort
Platforms Affected: FreeBSD
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Sort temporary files denial of service
X-Force URL: http://xforce.iss.net/static/6038.php
_____
Date Reported: 1/29/01
Vulnerability: bind-complain-format-string
Platforms Affected: BIND 4.x
Risk Factor: Medium
Attack Type: Network Based
Brief Description: BIND 4.x nslookupComplain() format string
X-Force URL: http://xforce.iss.net/static/6017.php
_____
Date Reported: 1/29/01
Vulnerability: bind-complain-bo
Platforms Affected: BIND 4.x
Risk Factor: Medium
Attack Type: Network Based
Brief Description: BIND 4.x nslookupComplain() buffer overflow
X-Force URL: http://xforce.iss.net/static/6016.php
_____
Date Reported: 1/29/01
Vulnerability: winvnc-client-bo
Platforms Affected: WinVNC
Risk Factor: High
Attack Type: Network Based
Brief Description: WinVNC client buffer overflow
X-Force URL: http://xforce.iss.net/static/6025.php
_____
Date Reported: 1/29/01
Vulnerability: winvnc-server-bo
Platforms Affected: WinVNC
Risk Factor: High
Attack Type: Network Based
Brief Description: WinVNC server buffer overflow
X-Force URL: http://xforce.iss.net/static/6026.php
_____
Date Reported: 1/29/01
Vulnerability: guestserver-cgi-execute-commands
Platforms Affected: Guestserver 4.12 and earlier
Risk Factor: High
Attack Type: Network Based
Brief Description: Guestserver.cgi allows remote command execution
X-Force URL: http://xforce.iss.net/static/6027.php
_____
Date Reported: 1/29/01
Vulnerability: bind-tsig-bo
Platforms Affected: BIND 8.2.x
Risk Factor: Unauthorized Access Attempt
Attack Type: Network/Host Based
Brief Description: BIND 8.2.x transaction signature (TSIG) buffer overflow
X-Force URL: http://xforce.iss.net/static/6015.php
_____
Date Reported: 1/28/01
Vulnerability: hyperseek-cgi-reveal-info
Platforms Affected: Hyperseek Search Engine 2000
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Hyperseek CGI could reveal listings of directories and files
X-Force URL: http://xforce.iss.net/static/6012.php
_____
Date Reported: 1/26/01
Vulnerability: newsdaemon-gain-admin-access
Platforms Affected: NewsDaemon prior to 0.21b
Risk Factor: High
Attack Type: Network Based
Brief Description: NewsDaemon allows remote users to gain administrative access
X-Force URL: http://xforce.iss.net/static/6010.php
_____
Date Reported: 1/26/01
Vulnerability: mars-nwe-format-string
Platforms Affected: Mars_nwe 0.99.pl19
Risk Factor: High
Attack Type: Network Based
Brief Description: Mars_nwe format string
X-Force URL: http://xforce.iss.net/static/6019.php
_____
Date Reported: 1/26/01
Vulnerability: mars-nwe-format-string
Platforms Affected: Mars_nwe 0.99.pl19
Risk Factor: High
Attack Type: Network Based
Brief Description: Mars_nwe format string
X-Force URL: http://xforce.iss.net/static/6019.php
_____
Date Reported: 1/25/01
Vulnerability: planetintra-pi-bo
Platforms Affected: Planet Intra LAN Intranet 2.5
Risk Factor: High
Attack Type: Network Based
Brief Description: Planet Intra 'pi' binary buffer oveflow
X-Force URL: http://xforce.iss.net/static/6002.php
_____
Date Reported: 1/25/01
Vulnerability: borderware-ping-dos
Platforms Affected: BorderWare Firewall Server 6.1.2
Risk Factor: High
Attack Type: Network Based
Brief Description: BorderWare ping denial of service
X-Force URL: http://xforce.iss.net/static/6004.php
_____
Date Reported: 1/25/01
Vulnerability: aol-malformed-url-dos
Platforms Affected: AOL 5.0
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: AOL malformed URL denial of service
X-Force URL: http://xforce.iss.net/static/6009.php
_____
Date Reported: 1/25/01
Vulnerability: mirc-bypass-password
Platforms Affected: mIRC
Risk Factor: High
Attack Type: Host Based
Brief Description: mIRC allows malicious user to bypass password
X-Force URL: http://xforce.iss.net/static/6013.php
_____
Date Reported: 1/25/01
Vulnerability: netscape-enterprise-revlog-dos
Platforms Affected: Netscape Enterprise Server
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Netscape Enterprise Server REVLOG denial of service
X-Force URL: http://xforce.iss.net/static/6003.php
_____
Date Reported: 1/24/01
Vulnerability: aim-execute-code
Platforms Affected: AOL Instant Messenger 4.1 and later
Risk Factor: High
Attack Type: Host Based
Brief Description: AOL Instant Messenger execution of code in modified images
X-Force URL: http://xforce.iss.net/static/6005.php
_____
Date Reported: 1/24/01
Vulnerability: netscape-enterprise-list-directories
Platforms Affected: Netscape Enterprise Server (3.0, 4.0)
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Netscape Enterprise Server allows remote directory listing
X-Force URL: http://xforce.iss.net/static/5997.php
_____
Date Reported: 1/24/01
Vulnerability: winnt-mutex-dos
Platforms Affected: Windows NT 4.0
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Windows NT mutex denial of service
X-Force URL: http://xforce.iss.net/static/6006.php
_____
Date Reported: 1/24/01
Vulnerability: jrun-webinf-file-retrieval
Platforms Affected: JRun
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: JRun malformed URL file retrieval
X-Force URL: http://xforce.iss.net/static/6008.php
_____
Date Reported: 1/23/01
Vulnerability: ipfw-bypass-firewall
Platforms Affected: FreeBSD (3.x, 4.x)
Risk Factor: High
Attack Type: Network Based
Brief Description: ipfw/ip6fw allows remote attacker to bypass firewall
X-Force URL: http://xforce.iss.net/static/5998.php
_____
Date Reported: 1/23/01
Vulnerability: netopia-telnet-dos
Platforms Affected: Netopia R-series router
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Netopia R9100 allows remote user to crash the router using telnet
X-Force URL: http://xforce.iss.net/static/6001.php
_____
Date Reported: 1/23/01
Vulnerability: wuftp-debug-format-string
Platforms Affected: Wu-ftpd
Risk Factor: High
Attack Type: Network Based
Brief Description: Wu-ftpd debug mode format string
X-Force URL: http://xforce.iss.net/static/6020.php
_____
Date Reported: 1/23/01
Vulnerability: kde2-kdesu-retrieve-passwords
Platforms Affected: Linux: Caldera eDesktop 2.4
Risk Factor: High
Attack Type: Host Based
Brief Description: KDE2 kdesu program allows users to retrieve passwords
X-Force URL: http://xforce.iss.net/static/5995.php
_____
Date Reported: 1/23/01
Vulnerability: easycom-safecom-url-bo
Platforms Affected: Easycom/Safecom firmware 404.590
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Easycom/Safecom print server long URL buffer overflow
X-Force URL: http://xforce.iss.net/static/5988.php
_____
Date Reported: 1/23/01
Vulnerability: easycom-safecom-printguide-dos
Platforms Affected: Easycom/Safecom firmware 404.590
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Easycom/Safecom PrintGuide denial of service
X-Force URL: http://xforce.iss.net/static/5989.php
_____
Date Reported: 1/23/01
Vulnerability: easycom-safecom-ftp-dos
Platforms Affected: Easycom/Safecom firmware 404.590
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Easycom/Safecom FTP denial of service
X-Force URL: http://xforce.iss.net/static/5990.php
_____
Date Reported: 1/23/01
Vulnerability: vnc-weak-authentication
Platforms Affected: VNC 3.3.3 and earlier
Risk Factor: Medium
Attack Type: Network Based
Brief Description: VNC weak authentication could allow unauthorized access
X-Force URL: http://xforce.iss.net/static/5992.php
_____
Date Reported: 1/23/01
Vulnerability: lotus-domino-smtp-bo
Platforms Affected: Lotus Domino 5.0
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Lotus Domino SMTP Server policy feature buffer overflow
X-Force URL: http://xforce.iss.net/static/5993.php
_____
Date Reported: 1/23/01
Vulnerability: linux-sash-shadow-readable
Platforms Affected: sash prior to 3.4-4
Risk Factor: High
Attack Type: Host Based
Brief Description: Linux sash /etc/shadow directory world-readable
X-Force URL: http://xforce.iss.net/static/5994.php
_____
Date Reported: 1/22/01
Vulnerability: powerpoint-execute-code
Platforms Affected: Microsoft PowerPoint 2000
Risk Factor: High
Attack Type: Host Based
Brief Description: PowerPoint could allow code execution on another user's computer
X-Force URL: http://xforce.iss.net/static/5996.php
_____
Date Reported: 1/22/01
Vulnerability: icecast-format-string
Platforms Affected: Icecast 1.3.8beta2 and prior
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Icecast format string could allow arbitrary code execution
X-Force URL: http://xforce.iss.net/static/5978.php
_____
Date Reported: 1/22/01
Vulnerability: oracle-handlers-directory-traversal
Platforms Affected: Oracle 8.1.7
Risk Factor: High
Attack Type: Network Based
Brief Description: Oracle JSP/SQLJP handlers directory traversal
X-Force URL: http://xforce.iss.net/static/5986.php
_____
Date Reported: 1/22/01
Vulnerability: oracle-handlers-execute-jsp
Platforms Affected: Oracle 8.1.7
Risk Factor: High
Attack Type: Network Based
Brief Description: Oracle JSP/SQLJP handlers allows remote attacker to execute .jsp files
X-Force URL: http://xforce.iss.net/static/5987.php
_____
Date Reported: 1/22/01
Vulnerability: netscape-enterprise-dot-dos
Platforms Affected: Netscape Enterprise Server 4.1 SP5
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Netscape Enterprise Server "/../" denial of service
X-Force URL: http://xforce.iss.net/static/5983.php
_____
Date Reported: 1/22/01
Vulnerability: goodtech-ftp-dos
Platforms Affected: GoodTech FTP 3.0.1.2.1.0
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: GoodTech FTP server denial of service
X-Force URL: http://xforce.iss.net/static/5984.php
_____
Date Reported: 1/22/01
Vulnerability: netscape-fasttrack-cache-dos
Platforms Affected: Netscape FastTrack
Risk Factor: Low
Attack Type: Host Based
Brief Description: Netscape FastTrack Server cache denial of service
X-Force URL: http://xforce.iss.net/static/5985.php
_____
Date Reported: 1/21/01
Vulnerability: eeye-iris-dos
Platforms Affected: Iris Network Analyzer 1.01beta
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Iris denial of service
X-Force URL: http://xforce.iss.net/static/5981.php
_____
Date Reported: 1/20/01
Vulnerability: watchguard-firebox-obtain-passphrase
Platforms Affected: Firebox II
Risk Factor: High
Attack Type: Network Based
Brief Description: WatchGuard Firebox allows remote user to obtain passphrase
X-Force URL: http://xforce.iss.net/static/5979.php
_____
Date Reported: 1/19/01
Vulnerability: fastream-ftp-server-dos
Platforms Affected: Fastream FTP++ Simple FTP Server 2.0
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Fastream FTP denial of service
X-Force URL: http://xforce.iss.net/static/5976.php
_____
Date Reported: 1/19/01
Vulnerability: fastream-ftp-path-disclosure
Platforms Affected: Fastream FTP++ Simple FTP Server 2.0
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Fastream FTP path disclosure
X-Force URL: http://xforce.iss.net/static/5977.php
_____
Date Reported: 1/19/01
Vulnerability: localweb2k-directory-traversal
Platforms Affected: LocalWEB2000 HTTP Server 1.1.0
Risk Factor: Medium
Attack Type: Network Based
Brief Description: LocalWEB2000 directory traversal
X-Force URL: http://xforce.iss.net/static/5982.php
_____
Date Reported: 1/19/01
Vulnerability: win2k-efs-recover-data
Platforms Affected: Windows 2000
Risk Factor: High
Attack Type: Host Based
Brief Description: Windows 2000 EFS allows local user to recover sensitive data
X-Force URL: http://xforce.iss.net/static/5973.php
_____
Date Reported: 1/19/01
Vulnerability: linux-bing-bo
Platforms Affected: Linux
Risk Factor: High
Attack Type: Host Based
Brief Description: Bing host name buffer overflow
X-Force URL: http://xforce.iss.net/static/6036.php
_____
Date Reported: 1/18/01
Vulnerability: micq-sprintf-remote-bo
Platforms Affected: Matt's ICQ Clone 0.4.6
Risk Factor: High
Attack Type: Network Based
Brief Description: ICQ clone for Linux sprintf() remote buffer overflow
X-Force URL: http://xforce.iss.net/static/5962.php
_____
Date Reported: 1/18/01
Vulnerability: mysql-select-bo
Platforms Affected: MySQL prior to 3.23.31
Risk Factor: High
Attack Type: Host Based
Brief Description: MySQL select buffer overflow
X-Force URL: http://xforce.iss.net/static/5969.php
_____
Date Reported: 1/18/01
Vulnerability: shoutcast-description-bo
Platforms Affected: SHOUTcast DNAS 1.7.1
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: Shoutcast Server for Linux description buffer overflow
X-Force URL: http://xforce.iss.net/static/5965.php
_____
Date Reported: 1/17/01
Vulnerability: fw1-limited-license-dos
Platforms Affected: Check Point Firewall-1 4.1
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: FireWall-1 limited-IP license denial of service
X-Force URL: http://xforce.iss.net/static/5966.php
_____
Date Reported: 1/17/01
Vulnerability: fw1-limited-license-dos
Platforms Affected: Check Point Firewall-1 4.1
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: FireWall-1 limited-IP license denial of service
X-Force URL: http://xforce.iss.net/static/5966.php
_____
Date Reported: 1/17/01
Vulnerability: hp-stm-dos
Platforms Affected: HPUX
Risk Factor: Medium
Attack Type: Host Based
Brief Description: HP-UX Support Tools Manager denial of service
X-Force URL: http://xforce.iss.net/static/5957.php
_____
Date Reported: 1/17/01
Vulnerability: linux-webmin-tmpfiles
Platforms Affected: OpenLinux (2.3, 2.4)
Risk Factor: High
Attack Type: Host Based
Brief Description: Webmin use of tmpfiles could allow a local user to overwrite files
X-Force URL: http://xforce.iss.net/static/6011.php
_____
Date Reported: 1/17/01
Vulnerability: tinyproxy-remote-bo
Platforms Affected: tinyproxy 1.3.2 and 1.3.3
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Tinyproxy remote buffer overflow
X-Force URL: http://xforce.iss.net/static/5954.php
_____
Date Reported: 1/17/01
Vulnerability: postaci-sql-command-injection
Platforms Affected: PostACI
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Postaci SQL command injection
X-Force URL: http://xforce.iss.net/static/5972.ph p
_____
Date Reported: 1/17/01
Vulnerability: wwwwais-cgi-dos
Platforms Affected: wwwwais.c 25
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: wwwwais CGI based program denial of service
X-Force URL: http://xforce.iss.net/static/5980.php
_____
Date Reported: 1/17/01
Vulnerability: mime-header-attachment
Platforms Affected: MIME 1.0
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: MIME headers could allow spoofed file attachment
X-Force URL: http://xforce.iss.net/static/5991.php
_____
Date Reported: 1/16/01
Vulnerability: ssh-rpc-private-key
Platforms Affected: SSH
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: SSH secure-RPC could generate a passphrase that exposes a user's private key
X-Force URL: http://xforce.iss.net/static/5963.php
_____
Date Reported: 1/16/01
Vulnerability: linux-glibc-preload-overwrite
Platforms Affected: Linux
Risk Factor: Low
Attack Type: Host Based
Brief Description: Linux glibc LD_PRELOAD file overwrite
X-Force URL: http://xforce.iss.net/static/5971.php
_____
Date Reported: 1/16/01
Vulnerability: inn-tmpfile-symlink
Platforms Affected: InterNet News (INN)
Risk Factor: High
Attack Type: Host Based
Brief Description: INN tmpfile symbolic link
X-Force URL: http://xforce.iss.net/static/5974.php
_____
Date Reported: 1/15/01
Vulnerability: interscan-viruswall-insecure-password
Platforms Affected: InterScan VirusWall (3.0.1, 3.6.x)
Risk Factor: High
Attack Type: Network Based
Brief Description: InterScan VirusWall for Unix password change insecure
X-Force URL: http://xforce.iss.net/static/5944.php
_____
Date Reported: 1/15/01
Vulnerability: interscan-viruswall-weak-authentication
Platforms Affected: InterScan VirusWall (3.0.1, 3.6.x)
Risk Factor: Medium
Attack Type: Network Based
Brief Description: InterScan VirusWall for Unix uses weak authentication
X-Force URL: http://xforce.iss.net/static/5946.php
_____
Date Reported: 1/15/01
Vulnerability: ie-mshtml-dos
Platforms Affected: Internet Explorer 4.0 and later
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Internet Explorer mshtml.dll denial of service
X-Force URL: http://xforce.iss.net/static/5938.php
_____
Date Reported: 1/15/01
Vulnerability: dhcp-format-string
Platforms Affected: Caldera OpenLinux Desktop (2.3, 2.3.1, 2.4)
Risk Factor: High
Attack Type: Network Based
Brief Description: Caldera DHCP format string
X-Force URL: http://xforce.iss.net/static/5953.php
_____
Date Reported: 1/15/01
Vulnerability: win-mediaplayer-arbitrary-code
Platforms Affected: Windows Media Player 7.0
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Windows Media Player skins can be used execute arbitrary code
X-Force URL: http://xforce.iss.net/static/5937.php
_____
Date Reported: 1/15/01
Vulnerability: veritas-backupexec-dos
Platforms Affected: Backup Exec 4.5
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Veritas Backup Exec denial of service
X-Force URL: http://xforce.iss.net/static/5941.php
_____
Date Reported: 1/15/01
Vulnerability: interscan-viruswall-symlink
Platforms Affected: InterScan VirusWall (3.0.1, 3.6.x)
Risk Factor: High
Attack Type: Host Based
Brief Description: InterScan VirusWall for Unix symbolic link
X-Force URL: http://xforce.iss.net/static/5947.php
_____
Date Reported: 1/15/01
Vulnerability: omnihttpd-statsconfig-corrupt-files
Platforms Affected: OmniHTTPd
Risk Factor: Medium
Attack Type: Network Based
Brief Description: OmniHTTPd statsconfig.pl corrupt any file on the system
X-Force URL: http://xforce.iss.net/static/5955.php
_____
Date Reported: 1/15/01
Vulnerability: omnihttpd-statsconfig-execute-code
Platforms Affected: OmniHTTPd
Risk Factor: High
Attack Type: Network Based
Brief Description: OmniHTTPD statsconfig.pl allows code execution
X-Force URL: http://xforce.iss.net/static/5956.php
_____
Date Reported: 1/15/01
Vulnerability: icmp-pmtu-dos
Platforms Affected: Linux
BSD
Risk Factor: Medium
Attack Type: Network Based
Brief Description: ICMP PMTU denial of service
X-Force URL: http://xforce.iss.net/static/5975.php
_____
Date Reported: 1/15/01
Vulnerability: icmp-pmtu-dos
Platforms Affected: Linux
BSD
Risk Factor: Medium
Attack Type: Network Based
Brief Description: ICMP PMTU denial of service
X-Force URL: http://xforce.iss.net/static/5975.php
_____
Date Reported: 1/14/01
Vulnerability: splitvt-perserc-format-string
Platforms Affected: splitvt 1.6.4 and earlier
Risk Factor: High
Attack Type: Host Based
Brief Description: Splitvt perserc.c module format string
X-Force URL: http://xforce.iss.net/static/5948.php
_____
Date Reported: 1/14/01
Vulnerability: splitvt-perserc-format-string
Platforms Affected: splitvt 1.6.4 and earlier
Risk Factor: High
Attack Type: Host Based
Brief Description: Splitvt perserc.c module format string
X-Force URL: http://xforce.iss.net/static/5948.php
_____
Date Reported: 1/14/01
Vulnerability: flash-module-bo
Platforms Affected: Oliver Debon Flash plugin 0.4.9 and earlier
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Flash browser module buffer overflow
X-Force URL: http://xforce.iss.net/static/5952.php
_____
Date Reported: 1/13/01
Vulnerability: rctab-elevate-privileges
Platforms Affected: Linux SuSE
Risk Factor: Medium
Attack Type: Host Based
Brief Description: rctab in SuSE Linux could allow privilege elevation
X-Force URL: http://xforce.iss.net/static/5945.php
_____
Date Reported: 1/12/01
Vulnerability: ultraboard-cgi-perm
Platforms Affected: UltraBoard 2000B
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: UltraBoard CGI weak permissions
X-Force URL: http://xforce.iss.net/static/5931.php
_____
Date Reported: 1/12/01
Vulnerability: compaq-web-management-bo
Platforms Affected: Compaq Web-Based Management
Risk Factor: High
Attack Type: Network Based
Brief Description: Compaq Web-Based Management program buffer overflow
X-Force URL: http://xforce.iss.net/static/5935.php
_____
Date Reported: 1/12/01
Vulnerability: php-htaccess-unauth-access
Platforms Affected: PHP (4.0.0, 4.0.4)
Risk Factor: Low
Attack Type: Network Based
Brief Description: PHP could allow unauthorized access to restricted files
X-Force URL: http://xforce.iss.net/static/5940.php
_____
Date Reported: 1/12/01
Vulnerability: basilix-webmail-retrieve-files
Platforms Affected: Basilix Webmail 0.9.7beta
Risk Factor: Low
Attack Type: Network Based
Brief Description: Basilix Webmail System allows unauthorized users to retrieve files
X-Force URL: http://xforce.iss.net/static/5934.php
_____
Date Reported: 1/12/01
Vulnerability: solaris-arp-bo
Platforms Affected: Solaris
Risk Factor: High
Attack Type: Host Based
Brief Description: Solaris arp buffer overflow
X-Force URL: http://xforce.iss.net/static/5928.php
_____
Date Reported: 1/12/01
Vulnerability: php-view-source-code
Platforms Affected: PHP (4.0.0, 4.0.4)
Risk Factor: Low
Attack Type: Network Based
Brief Description: PHP could allow remote viewing of source code
X-Force URL: http://xforce.iss.net/static/5939.php
_____
Date Reported: 1/11/01
Vulnerability: wec-ntlm-authentication
Platforms Affected: Windows 2000
Microsoft Office 2000
Windows ME
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Web Extender Client (WEC) NTLM authentication
X-Force URL: http://xforce.iss.net/static/5920.php
_____
Date Reported: 1/11/01
Vulnerability: spamcop-url-seq-predict
Platforms Affected: SpamCop
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: SpamCop URL number increment sequence prediction
X-Force URL: http://xforce.iss.net/static/5933.php
_____
Date Reported: 1/10/01
Vulnerability: linux-wuftpd-privatepw-symlink
Platforms Affected: Linux
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux wu-ftpd privatepw symbolic link
X-Force URL: http://xforce.iss.net/static/5915.php
_____
Date Reported: 1/10/01
Vulnerability: rdist-symlink
Platforms Affected: rdist
Risk Factor: High
Attack Type: Host Based
Brief Description: rdist symbolic link
X-Force URL: http://xforce.iss.net/static/5925.php
_____
Date Reported: 1/10/01
Vulnerability: squid-email-symlink
Platforms Affected: squid
Risk Factor: High
Attack Type: Host Based
Brief Description: squid email notification symbolic link
X-Force URL: http://xforce.iss.net/static/5921.php
_____
Date Reported: 1/10/01
Vulnerability: linux-diffutils-sdiff-symlimk
Platforms Affected: Linux
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux diffutils sdiff symbolic link
X-Force URL: http://xforce.iss.net/static/5914.php
_____
Date Reported: 1/10/01
Vulnerability: tcpdump-arpwatch-symlink
Platforms Affected: arpwatch
Risk Factor: High
Attack Type: Host Based
Brief Description: tcpdump arpwatch symbolic link
X-Force URL: http://xforce.iss.net/static/5922.php
_____
Date Reported: 1/10/01
Vulnerability: linuxconf-vpop3d-symlink
Platforms Affected: linuxconf
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linuxconf vpop3d symbolic link
X-Force URL: http://xforce.iss.net/static/5923.php
_____
Date Reported: 1/10/01
Vulnerability: shadow-utils-useradd-symlink
Platforms Affected: shadow-utils
Risk Factor: High
Attack Type: Host Based
Brief Description: shadow-utils useradd symbolic link
X-Force URL: http://xforce.iss.net/static/5927.php
_____
Date Reported: 1/10/01
Vulnerability: linux-glibc-read-files
Platforms Affected: Linux glibc
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux glibc library can allow users to read restricted files
X-Force URL: http://xforce.iss.net/static/5907.php
_____
Date Reported: 1/10/01
Vulnerability: gettyps-symlink
Platforms Affected: gettyps
Risk Factor: High
Attack Type: Host Based
Brief Description: getty_ps symbolic link
X-Force URL: http://xforce.iss.net/static/5924.php
_____
Date Reported: 1/10/01
Vulnerability: linux-gpm-symlink
Platforms Affected: gpm
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux gpm symbolic link attack
X-Force URL: http://xforce.iss.net/static/5917.php
_____
Date Reported: 1/10/01
Vulnerability: linux-mgetty-symlink
Platforms Affected: mgetty
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux mgetty symbolic link attack
X-Force URL: http://xforce.iss.net/static/5918.php
_____
Date Reported: 1/10/01
Vulnerability: linux-apache-symlink
Platforms Affected: Apache
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux Apache symbolic link
X-Force URL: http://xforce.iss.net/static/5926.php
_____
Date Reported: 1/10/01
Vulnerability: linux-inn-symlink
Platforms Affected: inn
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux INN tmp directory symbolic link
X-Force URL: http://xforce.iss.net/static/5916.php
_____
Date Reported: 1/10/01
Vulnerability: conferenceroom-developer-dos
Platforms Affected: ConferenceRoom Professional Edition
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: ConferenceRoom Developer Edition denial of service
X-Force URL: http://xforce.iss.net/static/5909.php
_____
Date Reported: 1/9/01
Vulnerability: oracle-xsql-execute-code
Platforms Affected: Oracle 8.1.7
Risk Factor: High
Attack Type: Network Based
Brief Description: Oracle XSQL servlet and xml-stylesheet allows code execution on server
X-Force URL: http://xforce.iss.net/static/5905.php
_____
Date Reported: 1/9/01
Vulnerability: netscreen-webui-bo
Platforms Affected: NetScreen
Risk Factor: Medium
Attack Type: Network Based
Brief Description: NetScreen Firewall WebUI buffer overflow
X-Force URL: http://xforce.iss.net/static/5908.php
_____
Date Reported: 1/9/01
Vulnerability: suse-reiserfs-long-filenames
Platforms Affected: SuSE 7.0
Risk Factor: High
Attack Type: Host Based
Brief Description: SuSE reiserfs long file name denial of service
X-Force URL: http://xforce.iss.net/static/5910.php
_____
Date Reported: 1/9/01
Vulnerability: interbase-backdoor-account
Platforms Affected: InterBase 6.01 and earlier
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: InterBase built-in backdoor account
X-Force URL: http://xforce.iss.net/static/5911.php
_____
Date Reported: 1/9/01
Vulnerability: interbase-hidden-function-dos
Platforms Affected: InterBase 6.01
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: InterBase hidden function denial of service
X-Force URL: http://xforce.iss.net/static/5912.php
_____
Date Reported: 1/9/01
Vulnerability: brickserver-thttpd-dos
Platforms Affected: BRICKServer Small Business
Risk Factor: Medium
Attack Type: Network Based
Brief Description: BRICKServer thttpd denial of service
X-Force URL: http://xforce.iss.net/static/5919.php
_____
Date Reported: 1/9/01
Vulnerability: solaris-exrecover-bo
Platforms Affected: Solaris (2.4, 2.5, 2.5.1, 2.6)
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Solaris exrecover buffer overflow
X-Force URL: http://xforce.iss.net/static/5913.php
_____
Date Reported: 1/9/01
Vulnerability: hp-inetd-swait-dos
Platforms Affected: HPUX
Risk Factor: Medium
Attack Type: Host Based
Brief Description: HP-UX inetd swait denial of service
X-Force URL: http://xforce.iss.net/static/5904.php
_____
Date Reported: 1/8/01
Vulnerability: microsoft-iis-read-files
Platforms Affected: IIS (4.0, 5.0)
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Microsoft IIS 5.0 allows the viewing of files through malformed URL
X-Force URL: http://xforce.iss.net/static/5903.php
_____
Date Reported: 1/8/01
Vulnerability: ibm-websphere-dos
Platforms Affected: IBM Websphere 3.52
IBM HTTP Server 1.3.12
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: IBM WebSphere denial of service
X-Force URL: http://xforce.iss.net/static/5900.php
_____
Date Reported: 1/8/01
Vulnerability: storagesoft-imagecast-dos
Platforms Affected: ImageCast 4.1
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: StorageSoft ImageCast denial of service
X-Force URL: http://xforce.iss.net/static/5901.php
_____
Date Reported: 1/8/01
Vulnerability: nai-pgp-replace-keys
Platforms Affected: PGP 7.0
Risk Factor: Medium
Attack Type: Host Based
Brief Description: PGP users may replace signed exported key blocks with arbitrary keys
X-Force URL: http://xforce.iss.net/static/5902.php
_____
Date Reported: 1/7/01
Vulnerability: http-cgi-bbs-forum
Platforms Affected: WebBBS 1.0
Risk Factor: High
Attack Type: Network Based
Brief Description: bbs_forum.cgi allows remote command execution
X-Force URL: http://xforce.iss.net/static/5906.php
_____
Date Reported: 1/5/01
Vulnerability: lotus-domino-directory-traversal
Platforms Affected: Lotus Domino 5.0.x
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Lotus Domino 5.0.x .nsf, .box, and .ns4 directory traversal
X-Force URL: http://xforce.iss.net/static/5899.php
_____
Date Reported: 1/5/01
Vulnerability: http-cgi-fastgraf
Platforms Affected: FASTGRAF
Risk Factor: High
Attack Type: Network Based
Brief Description: Fastgraf CGI scripts allow remote command execution
X-Force URL: http://xforce.iss.net/static/5897.php
_____
Date Reported: 1/4/01
Vulnerability: newsdesk-cgi-read-files
Platforms Affected: Newsdesk 1.2
Risk Factor: High
Attack Type: Network Based
Brief Description: Newsdesk.cgi allows read access to files
X-Force URL: http://xforce.iss.net/static/5898.php
_____
Date Reported: 1/1/01
Vulnerability: gtk-module-execute-code
Platforms Affected: GTK+ 1.2.8 and earlier
Risk Factor: High
Attack Type: Host Based
Brief Description: GTK+ arbitrary code execution using custom loadable module
X-Force URL: http://xforce.iss.net/static/5832.php
_____
Date Reported: 1/1/01
Vulnerability: linux-tty-writable-dos
Platforms Affected: Linux
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux writable TTY denial of service
X-Force URL: http://xforce.iss.net/static/5896.php
_____
Risk Factor Key:
High Any vulnerability that provides an attacker with immediate
access into a machine, gains superuser access, or bypasses
a firewall. Example: A vulnerable Sendmail 8.6.5 version
that allows an intruder to execute commands on mail
server.
Medium Any vulnerability that provides information that has a
high potential of giving system access to an intruder.
Example: A misconfigured TFTP or vulnerable NIS server
that allows an intruder to get the password file that
could contain an account with a guessable password.
Low Any vulnerability that provides information that
potentially could lead to a compromise. Example: A
finger that allows an intruder to find out who is online
and potential accounts to attempt to crack passwords
via brute force methods.
_____
Additional Information
This document is available at http://xforce.iss.net/alerts/advisennn.php.
To receive these Alerts and Advisories:
- - Subscribe to the Alert mailing list from
http://xforce.iss.net/maillists/index.php
- - Or send an email to majordomo@iss.net, and within the body of the
message type:
'subscribe alert' (without the quotes).
About Internet Security Systems (ISS)
Internet Security Systems, Inc. (ISS) (NASDAQ: ISSX) is the leading
global provider of security management solutions for the Internet.
By combining best of breed products, security management services,
aggressive research and development, and comprehensive educational
and consulting services, ISS is the trusted security advisor for
thousands of organizations around the world looking to protect their
mission critical information and networks.
Copyright (c) 2001 by Internet Security Systems, Inc.
Permission is hereby granted for the redistribution of this Alert
electronically. It is not to be edited in any way without express consent
of the X-Force. If you wish to reprint the whole or any part of this
Alert in any other medium excluding electronic medium, please e-mail
xforce@iss.net for permission.
Disclaimer
The information within this paper may change without notice. Use of this
information constitutes acceptance for use in an AS IS condition. There
are NO warranties with regard to this information. In no event shall the
author be liable for any damages whatsoever arising out of or in
connection with the use or spread of this information. Any use of this
information is at the user's own risk.
X-Force PGP Key available at: http://xforce.iss.net/sensitive.php as
well as on MIT's PGP key server and PGP.com's key server.
Please send suggestions, updates, and comments to: X-Force xforce@iss.net
of Internet Security Systems, Inc.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a
Charset: noconv
iQCVAwUBOogB2jRfJiV99eG9AQESogP9HsIDfUmYkJuWUmNqPhb22a6CVpi/TiG9
7mvhdGc3ySS6LqrvTZgXrBzAcxFlHrdTSmNka8yGiLvYAb0lnghFRZ2OxxRfK11m
AV9VS9/Yty/Qk8BnA/7tx4DIcM4Nhry1kTqTbDkpbcfXOb2LI2WUGnMHF/xkc1ge
3mV5zJXCUM4=
=ClrQ
-----END PGP SIGNATURE-----
| VAR-200105-0010 | CVE-2001-0198 | SSH1 may generate weak passphrase when using Secure RPC |
CVSS V2: 7.6 CVSS V3: - Severity: HIGH |
Buffer overflow in QuickTime Player plugin 4.1.2 (Japanese) allows remote attackers to execute arbitrary commands via a long HREF parameter in an EMBED tag. The secure-RPC feature of the SSH1 client in Solaris sometimes encrypts the SSH private key file with a weak passphrase, which can be determined by an attacker and used to recover the SSH private keys. Other versions of the SSH client running on non-Solaris platforms are not affected by this vulnerability. NewsDaemon prior to version 0.21b contains a vulnerability allowing remote attackers to gain administrative access to the web site. getty_ps is an open-source software package designed to support logons to the console and terminals. Some implementations create temporary files insecurely with predictable names, leading to corruption of arbitrary files via symbolic link attack. getty_ps is an open source, freely available, publicly maintained software package shipped with many distributions of Linux.
A problem in the getty_ps software package could make it vulnerable to a symbolic link attack. The problem occurs in the creation and handling of files in the /tmp directory by the getty_ps program. Under certain circumstances, getty_ps will create files in the /tmp filesystem in an insecure manner. The program uses a naming scheme that could make it possible to guess the filename of future files in the /tmp directory, and does not check for the existance of the file before attempting to create it. A malicious user could use this vulnerability to overwrite or append to and corrupt system files. SSH is a package designed to encrypt traffic between two end points using the IETF specified SSH protocol. The SSH1 package is distributed and maintained by SSH Communications Security.
A problem exists which could allow the discovery of the secret key used to encrypt traffic on the local host. When using SUN-DES-1 to share keys with other hosts on the network to facilitate secure communication via protocols such as NFS and NIS+, the keys are shared between hosts using the private key of the user and a cryptographic algorithm to secure the contents of the key, which is stored on the NIS+ primary. The problem occurs when the key is encrypted with the SUN-DES-1 magic phrase prior to having done a keylogin (the keyserv does not have the users DH private key). A design flaw in the software that shares the key with the NIS+ master will inconsistently return the correct value for an attempted keyshare that has failed. A step in the private key encryption process is skipped, and the users private key is then encrypted only with the public key of the target server and the SUN-DES-1 magic phrase, a phrase that is guessable due to the way it is generated. A user from the same host can then execute a function that returns another users magic phrase, and use this to decrypt the private key of the victim. This makes it possible for a user with malicious intent to gain knowledge of a users secret key, and decrypt sensitive traffic between two hosts, with the possibility of gaining access and elevated privileges on the hosts and/or NIS+ domain. This reportedly affects the SSH2 series of the software package. Apple Quicktime plugin for Windows is vulnerable to a remote buffer overflow.
A maliciously-constructed web link statement in a remote HTML document, which contains excess data argumenting an EMBED tag, could permit execution of hostile code.
TO UNSUBSCRIBE: email "unsubscribe alert" in the body of your message to
majordomo@iss.net Contact alert-owner@iss.net for help with any problems!
---------------------------------------------------------------------------
-----BEGIN PGP SIGNED MESSAGE-----
Internet Security Systems Security Alert Summary
February 6, 2001
Volume 6 Number 3
X-Force Vulnerability and Threat Database: http://xforce.iss.net/ To
receive these Alert Summaries as well as other Alerts and Advisories,
subscribe to the Internet Security Systems Alert mailing list at:
http://xforce.iss.net/maillists/index.php
_____
Contents
120 Reported Vulnerabilities
Risk Factor Key
_____
Date Reported: 1/31/01
Vulnerability: win2k-rdp-dos
Platforms Affected: Windows 2000
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Windows 2000 Server RDP denial of service
X-Force URL: http://xforce.iss.net/static/6035.php
_____
Date Reported: 1/31/01
Vulnerability: cisco-ccs-file-access
Platforms Affected: Cisco Content Services Switch
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Cisco CCS command line interface could allow read access to files and directories
X-Force URL: http://xforce.iss.net/static/6031.php
_____
Date Reported: 1/31/01
Vulnerability: quicktime-embedded-tag-bo
Platforms Affected: Quicktime 4.1.2
Risk Factor: High
Attack Type: Host Based
Brief Description: QuickTime Player EMBED tag buffer overflow
X-Force URL: http://xforce.iss.net/static/6040.php
_____
Date Reported: 1/31/01
Vulnerability: solaris-ximp40-bo
Platforms Affected: Solaris (7, 8)
Risk Factor: High
Attack Type: Host Based
Brief Description: Solaris "ximp40" shared library buffer overflow
X-Force URL: http://xforce.iss.net/static/6039.php
_____
Date Reported: 1/31/01
Vulnerability: cisco-ccs-cli-dos
Platforms Affected: Cisco Content Services Switch
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Cisco CCS command line interface denial of service
X-Force URL: http://xforce.iss.net/static/6030.php
_____
Date Reported: 1/30/01
Vulnerability: slimserve-httpd-dos
Platforms Affected: SlimServe 1.0
Risk Factor: Medium
Attack Type: Network Based
Brief Description: SlimServe HTTPd denial of service
X-Force URL: http://xforce.iss.net/static/6028.php
_____
Date Reported: 1/30/01
Vulnerability: crazywwwboard-qdecoder-bo
Platforms Affected: CrazyWWWBoard prior to 2000LEp5-1
Risk Factor: Medium
Attack Type: Network Based
Brief Description: CrazyWWWBoard qDecoder buffer overflow
X-Force URL: http://xforce.iss.net/static/6033.php
_____
Date Reported: 1/30/01
Vulnerability: virusbuster-mua-bo
Platforms Affected:
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Virus Buster 2001 Mail User Agent (MUA) buffer overflow
X-Force URL: http://xforce.iss.net/static/6034.php
_____
Date Reported: 1/29/01
Vulnerability: iis-isapi-obtain-code
Platforms Affected: IIS (4.0, 5.0)
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: IIS allows remote attacker to obtain code fragments using .htr ISAPI extensions
X-Force URL: http://xforce.iss.net/static/6032.php
_____
Date Reported: 1/29/01
Vulnerability: bind-inverse-query-disclosure
Platforms Affected: Bind (4.x, 8.2.x)
Risk Factor: Medium
Attack Type: Network Based
Brief Description: BIND 4.x and 8.2.x exposes environment variables
X-Force URL: http://xforce.iss.net/static/6018.php
_____
Date Reported: 1/29/01
Vulnerability: hp-man-dos
Platforms Affected: HPUX
Risk Factor: Medium
Attack Type: Host Based
Brief Description: HP man command denial of service
X-Force URL: http://xforce.iss.net/static/6014.php
_____
Date Reported: 1/29/01
Vulnerability: sort-temp-file-abort
Platforms Affected: FreeBSD
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Sort temporary files denial of service
X-Force URL: http://xforce.iss.net/static/6038.php
_____
Date Reported: 1/29/01
Vulnerability: bind-complain-format-string
Platforms Affected: BIND 4.x
Risk Factor: Medium
Attack Type: Network Based
Brief Description: BIND 4.x nslookupComplain() format string
X-Force URL: http://xforce.iss.net/static/6017.php
_____
Date Reported: 1/29/01
Vulnerability: bind-complain-bo
Platforms Affected: BIND 4.x
Risk Factor: Medium
Attack Type: Network Based
Brief Description: BIND 4.x nslookupComplain() buffer overflow
X-Force URL: http://xforce.iss.net/static/6016.php
_____
Date Reported: 1/29/01
Vulnerability: winvnc-client-bo
Platforms Affected: WinVNC
Risk Factor: High
Attack Type: Network Based
Brief Description: WinVNC client buffer overflow
X-Force URL: http://xforce.iss.net/static/6025.php
_____
Date Reported: 1/29/01
Vulnerability: winvnc-server-bo
Platforms Affected: WinVNC
Risk Factor: High
Attack Type: Network Based
Brief Description: WinVNC server buffer overflow
X-Force URL: http://xforce.iss.net/static/6026.php
_____
Date Reported: 1/29/01
Vulnerability: guestserver-cgi-execute-commands
Platforms Affected: Guestserver 4.12 and earlier
Risk Factor: High
Attack Type: Network Based
Brief Description: Guestserver.cgi allows remote command execution
X-Force URL: http://xforce.iss.net/static/6027.php
_____
Date Reported: 1/29/01
Vulnerability: bind-tsig-bo
Platforms Affected: BIND 8.2.x
Risk Factor: Unauthorized Access Attempt
Attack Type: Network/Host Based
Brief Description: BIND 8.2.x transaction signature (TSIG) buffer overflow
X-Force URL: http://xforce.iss.net/static/6015.php
_____
Date Reported: 1/28/01
Vulnerability: hyperseek-cgi-reveal-info
Platforms Affected: Hyperseek Search Engine 2000
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Hyperseek CGI could reveal listings of directories and files
X-Force URL: http://xforce.iss.net/static/6012.php
_____
Date Reported: 1/26/01
Vulnerability: newsdaemon-gain-admin-access
Platforms Affected: NewsDaemon prior to 0.21b
Risk Factor: High
Attack Type: Network Based
Brief Description: NewsDaemon allows remote users to gain administrative access
X-Force URL: http://xforce.iss.net/static/6010.php
_____
Date Reported: 1/26/01
Vulnerability: mars-nwe-format-string
Platforms Affected: Mars_nwe 0.99.pl19
Risk Factor: High
Attack Type: Network Based
Brief Description: Mars_nwe format string
X-Force URL: http://xforce.iss.net/static/6019.php
_____
Date Reported: 1/26/01
Vulnerability: mars-nwe-format-string
Platforms Affected: Mars_nwe 0.99.pl19
Risk Factor: High
Attack Type: Network Based
Brief Description: Mars_nwe format string
X-Force URL: http://xforce.iss.net/static/6019.php
_____
Date Reported: 1/25/01
Vulnerability: planetintra-pi-bo
Platforms Affected: Planet Intra LAN Intranet 2.5
Risk Factor: High
Attack Type: Network Based
Brief Description: Planet Intra 'pi' binary buffer oveflow
X-Force URL: http://xforce.iss.net/static/6002.php
_____
Date Reported: 1/25/01
Vulnerability: borderware-ping-dos
Platforms Affected: BorderWare Firewall Server 6.1.2
Risk Factor: High
Attack Type: Network Based
Brief Description: BorderWare ping denial of service
X-Force URL: http://xforce.iss.net/static/6004.php
_____
Date Reported: 1/25/01
Vulnerability: aol-malformed-url-dos
Platforms Affected: AOL 5.0
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: AOL malformed URL denial of service
X-Force URL: http://xforce.iss.net/static/6009.php
_____
Date Reported: 1/25/01
Vulnerability: mirc-bypass-password
Platforms Affected: mIRC
Risk Factor: High
Attack Type: Host Based
Brief Description: mIRC allows malicious user to bypass password
X-Force URL: http://xforce.iss.net/static/6013.php
_____
Date Reported: 1/25/01
Vulnerability: netscape-enterprise-revlog-dos
Platforms Affected: Netscape Enterprise Server
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Netscape Enterprise Server REVLOG denial of service
X-Force URL: http://xforce.iss.net/static/6003.php
_____
Date Reported: 1/24/01
Vulnerability: aim-execute-code
Platforms Affected: AOL Instant Messenger 4.1 and later
Risk Factor: High
Attack Type: Host Based
Brief Description: AOL Instant Messenger execution of code in modified images
X-Force URL: http://xforce.iss.net/static/6005.php
_____
Date Reported: 1/24/01
Vulnerability: netscape-enterprise-list-directories
Platforms Affected: Netscape Enterprise Server (3.0, 4.0)
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Netscape Enterprise Server allows remote directory listing
X-Force URL: http://xforce.iss.net/static/5997.php
_____
Date Reported: 1/24/01
Vulnerability: winnt-mutex-dos
Platforms Affected: Windows NT 4.0
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Windows NT mutex denial of service
X-Force URL: http://xforce.iss.net/static/6006.php
_____
Date Reported: 1/24/01
Vulnerability: jrun-webinf-file-retrieval
Platforms Affected: JRun
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: JRun malformed URL file retrieval
X-Force URL: http://xforce.iss.net/static/6008.php
_____
Date Reported: 1/23/01
Vulnerability: ipfw-bypass-firewall
Platforms Affected: FreeBSD (3.x, 4.x)
Risk Factor: High
Attack Type: Network Based
Brief Description: ipfw/ip6fw allows remote attacker to bypass firewall
X-Force URL: http://xforce.iss.net/static/5998.php
_____
Date Reported: 1/23/01
Vulnerability: netopia-telnet-dos
Platforms Affected: Netopia R-series router
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Netopia R9100 allows remote user to crash the router using telnet
X-Force URL: http://xforce.iss.net/static/6001.php
_____
Date Reported: 1/23/01
Vulnerability: wuftp-debug-format-string
Platforms Affected: Wu-ftpd
Risk Factor: High
Attack Type: Network Based
Brief Description: Wu-ftpd debug mode format string
X-Force URL: http://xforce.iss.net/static/6020.php
_____
Date Reported: 1/23/01
Vulnerability: kde2-kdesu-retrieve-passwords
Platforms Affected: Linux: Caldera eDesktop 2.4
Risk Factor: High
Attack Type: Host Based
Brief Description: KDE2 kdesu program allows users to retrieve passwords
X-Force URL: http://xforce.iss.net/static/5995.php
_____
Date Reported: 1/23/01
Vulnerability: easycom-safecom-url-bo
Platforms Affected: Easycom/Safecom firmware 404.590
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Easycom/Safecom print server long URL buffer overflow
X-Force URL: http://xforce.iss.net/static/5988.php
_____
Date Reported: 1/23/01
Vulnerability: easycom-safecom-printguide-dos
Platforms Affected: Easycom/Safecom firmware 404.590
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Easycom/Safecom PrintGuide denial of service
X-Force URL: http://xforce.iss.net/static/5989.php
_____
Date Reported: 1/23/01
Vulnerability: easycom-safecom-ftp-dos
Platforms Affected: Easycom/Safecom firmware 404.590
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Easycom/Safecom FTP denial of service
X-Force URL: http://xforce.iss.net/static/5990.php
_____
Date Reported: 1/23/01
Vulnerability: vnc-weak-authentication
Platforms Affected: VNC 3.3.3 and earlier
Risk Factor: Medium
Attack Type: Network Based
Brief Description: VNC weak authentication could allow unauthorized access
X-Force URL: http://xforce.iss.net/static/5992.php
_____
Date Reported: 1/23/01
Vulnerability: lotus-domino-smtp-bo
Platforms Affected: Lotus Domino 5.0
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Lotus Domino SMTP Server policy feature buffer overflow
X-Force URL: http://xforce.iss.net/static/5993.php
_____
Date Reported: 1/23/01
Vulnerability: linux-sash-shadow-readable
Platforms Affected: sash prior to 3.4-4
Risk Factor: High
Attack Type: Host Based
Brief Description: Linux sash /etc/shadow directory world-readable
X-Force URL: http://xforce.iss.net/static/5994.php
_____
Date Reported: 1/22/01
Vulnerability: powerpoint-execute-code
Platforms Affected: Microsoft PowerPoint 2000
Risk Factor: High
Attack Type: Host Based
Brief Description: PowerPoint could allow code execution on another user's computer
X-Force URL: http://xforce.iss.net/static/5996.php
_____
Date Reported: 1/22/01
Vulnerability: icecast-format-string
Platforms Affected: Icecast 1.3.8beta2 and prior
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Icecast format string could allow arbitrary code execution
X-Force URL: http://xforce.iss.net/static/5978.php
_____
Date Reported: 1/22/01
Vulnerability: oracle-handlers-directory-traversal
Platforms Affected: Oracle 8.1.7
Risk Factor: High
Attack Type: Network Based
Brief Description: Oracle JSP/SQLJP handlers directory traversal
X-Force URL: http://xforce.iss.net/static/5986.php
_____
Date Reported: 1/22/01
Vulnerability: oracle-handlers-execute-jsp
Platforms Affected: Oracle 8.1.7
Risk Factor: High
Attack Type: Network Based
Brief Description: Oracle JSP/SQLJP handlers allows remote attacker to execute .jsp files
X-Force URL: http://xforce.iss.net/static/5987.php
_____
Date Reported: 1/22/01
Vulnerability: netscape-enterprise-dot-dos
Platforms Affected: Netscape Enterprise Server 4.1 SP5
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Netscape Enterprise Server "/../" denial of service
X-Force URL: http://xforce.iss.net/static/5983.php
_____
Date Reported: 1/22/01
Vulnerability: goodtech-ftp-dos
Platforms Affected: GoodTech FTP 3.0.1.2.1.0
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: GoodTech FTP server denial of service
X-Force URL: http://xforce.iss.net/static/5984.php
_____
Date Reported: 1/22/01
Vulnerability: netscape-fasttrack-cache-dos
Platforms Affected: Netscape FastTrack
Risk Factor: Low
Attack Type: Host Based
Brief Description: Netscape FastTrack Server cache denial of service
X-Force URL: http://xforce.iss.net/static/5985.php
_____
Date Reported: 1/21/01
Vulnerability: eeye-iris-dos
Platforms Affected: Iris Network Analyzer 1.01beta
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Iris denial of service
X-Force URL: http://xforce.iss.net/static/5981.php
_____
Date Reported: 1/20/01
Vulnerability: watchguard-firebox-obtain-passphrase
Platforms Affected: Firebox II
Risk Factor: High
Attack Type: Network Based
Brief Description: WatchGuard Firebox allows remote user to obtain passphrase
X-Force URL: http://xforce.iss.net/static/5979.php
_____
Date Reported: 1/19/01
Vulnerability: fastream-ftp-server-dos
Platforms Affected: Fastream FTP++ Simple FTP Server 2.0
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Fastream FTP denial of service
X-Force URL: http://xforce.iss.net/static/5976.php
_____
Date Reported: 1/19/01
Vulnerability: fastream-ftp-path-disclosure
Platforms Affected: Fastream FTP++ Simple FTP Server 2.0
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Fastream FTP path disclosure
X-Force URL: http://xforce.iss.net/static/5977.php
_____
Date Reported: 1/19/01
Vulnerability: localweb2k-directory-traversal
Platforms Affected: LocalWEB2000 HTTP Server 1.1.0
Risk Factor: Medium
Attack Type: Network Based
Brief Description: LocalWEB2000 directory traversal
X-Force URL: http://xforce.iss.net/static/5982.php
_____
Date Reported: 1/19/01
Vulnerability: win2k-efs-recover-data
Platforms Affected: Windows 2000
Risk Factor: High
Attack Type: Host Based
Brief Description: Windows 2000 EFS allows local user to recover sensitive data
X-Force URL: http://xforce.iss.net/static/5973.php
_____
Date Reported: 1/19/01
Vulnerability: linux-bing-bo
Platforms Affected: Linux
Risk Factor: High
Attack Type: Host Based
Brief Description: Bing host name buffer overflow
X-Force URL: http://xforce.iss.net/static/6036.php
_____
Date Reported: 1/18/01
Vulnerability: micq-sprintf-remote-bo
Platforms Affected: Matt's ICQ Clone 0.4.6
Risk Factor: High
Attack Type: Network Based
Brief Description: ICQ clone for Linux sprintf() remote buffer overflow
X-Force URL: http://xforce.iss.net/static/5962.php
_____
Date Reported: 1/18/01
Vulnerability: mysql-select-bo
Platforms Affected: MySQL prior to 3.23.31
Risk Factor: High
Attack Type: Host Based
Brief Description: MySQL select buffer overflow
X-Force URL: http://xforce.iss.net/static/5969.php
_____
Date Reported: 1/18/01
Vulnerability: shoutcast-description-bo
Platforms Affected: SHOUTcast DNAS 1.7.1
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: Shoutcast Server for Linux description buffer overflow
X-Force URL: http://xforce.iss.net/static/5965.php
_____
Date Reported: 1/17/01
Vulnerability: fw1-limited-license-dos
Platforms Affected: Check Point Firewall-1 4.1
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: FireWall-1 limited-IP license denial of service
X-Force URL: http://xforce.iss.net/static/5966.php
_____
Date Reported: 1/17/01
Vulnerability: fw1-limited-license-dos
Platforms Affected: Check Point Firewall-1 4.1
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: FireWall-1 limited-IP license denial of service
X-Force URL: http://xforce.iss.net/static/5966.php
_____
Date Reported: 1/17/01
Vulnerability: hp-stm-dos
Platforms Affected: HPUX
Risk Factor: Medium
Attack Type: Host Based
Brief Description: HP-UX Support Tools Manager denial of service
X-Force URL: http://xforce.iss.net/static/5957.php
_____
Date Reported: 1/17/01
Vulnerability: linux-webmin-tmpfiles
Platforms Affected: OpenLinux (2.3, 2.4)
Risk Factor: High
Attack Type: Host Based
Brief Description: Webmin use of tmpfiles could allow a local user to overwrite files
X-Force URL: http://xforce.iss.net/static/6011.php
_____
Date Reported: 1/17/01
Vulnerability: tinyproxy-remote-bo
Platforms Affected: tinyproxy 1.3.2 and 1.3.3
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Tinyproxy remote buffer overflow
X-Force URL: http://xforce.iss.net/static/5954.php
_____
Date Reported: 1/17/01
Vulnerability: postaci-sql-command-injection
Platforms Affected: PostACI
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Postaci SQL command injection
X-Force URL: http://xforce.iss.net/static/5972.ph p
_____
Date Reported: 1/17/01
Vulnerability: wwwwais-cgi-dos
Platforms Affected: wwwwais.c 25
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: wwwwais CGI based program denial of service
X-Force URL: http://xforce.iss.net/static/5980.php
_____
Date Reported: 1/17/01
Vulnerability: mime-header-attachment
Platforms Affected: MIME 1.0
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: MIME headers could allow spoofed file attachment
X-Force URL: http://xforce.iss.net/static/5991.php
_____
Date Reported: 1/16/01
Vulnerability: ssh-rpc-private-key
Platforms Affected: SSH
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: SSH secure-RPC could generate a passphrase that exposes a user's private key
X-Force URL: http://xforce.iss.net/static/5963.php
_____
Date Reported: 1/16/01
Vulnerability: linux-glibc-preload-overwrite
Platforms Affected: Linux
Risk Factor: Low
Attack Type: Host Based
Brief Description: Linux glibc LD_PRELOAD file overwrite
X-Force URL: http://xforce.iss.net/static/5971.php
_____
Date Reported: 1/16/01
Vulnerability: inn-tmpfile-symlink
Platforms Affected: InterNet News (INN)
Risk Factor: High
Attack Type: Host Based
Brief Description: INN tmpfile symbolic link
X-Force URL: http://xforce.iss.net/static/5974.php
_____
Date Reported: 1/15/01
Vulnerability: interscan-viruswall-insecure-password
Platforms Affected: InterScan VirusWall (3.0.1, 3.6.x)
Risk Factor: High
Attack Type: Network Based
Brief Description: InterScan VirusWall for Unix password change insecure
X-Force URL: http://xforce.iss.net/static/5944.php
_____
Date Reported: 1/15/01
Vulnerability: interscan-viruswall-weak-authentication
Platforms Affected: InterScan VirusWall (3.0.1, 3.6.x)
Risk Factor: Medium
Attack Type: Network Based
Brief Description: InterScan VirusWall for Unix uses weak authentication
X-Force URL: http://xforce.iss.net/static/5946.php
_____
Date Reported: 1/15/01
Vulnerability: ie-mshtml-dos
Platforms Affected: Internet Explorer 4.0 and later
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Internet Explorer mshtml.dll denial of service
X-Force URL: http://xforce.iss.net/static/5938.php
_____
Date Reported: 1/15/01
Vulnerability: dhcp-format-string
Platforms Affected: Caldera OpenLinux Desktop (2.3, 2.3.1, 2.4)
Risk Factor: High
Attack Type: Network Based
Brief Description: Caldera DHCP format string
X-Force URL: http://xforce.iss.net/static/5953.php
_____
Date Reported: 1/15/01
Vulnerability: win-mediaplayer-arbitrary-code
Platforms Affected: Windows Media Player 7.0
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Windows Media Player skins can be used execute arbitrary code
X-Force URL: http://xforce.iss.net/static/5937.php
_____
Date Reported: 1/15/01
Vulnerability: veritas-backupexec-dos
Platforms Affected: Backup Exec 4.5
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Veritas Backup Exec denial of service
X-Force URL: http://xforce.iss.net/static/5941.php
_____
Date Reported: 1/15/01
Vulnerability: interscan-viruswall-symlink
Platforms Affected: InterScan VirusWall (3.0.1, 3.6.x)
Risk Factor: High
Attack Type: Host Based
Brief Description: InterScan VirusWall for Unix symbolic link
X-Force URL: http://xforce.iss.net/static/5947.php
_____
Date Reported: 1/15/01
Vulnerability: omnihttpd-statsconfig-corrupt-files
Platforms Affected: OmniHTTPd
Risk Factor: Medium
Attack Type: Network Based
Brief Description: OmniHTTPd statsconfig.pl corrupt any file on the system
X-Force URL: http://xforce.iss.net/static/5955.php
_____
Date Reported: 1/15/01
Vulnerability: omnihttpd-statsconfig-execute-code
Platforms Affected: OmniHTTPd
Risk Factor: High
Attack Type: Network Based
Brief Description: OmniHTTPD statsconfig.pl allows code execution
X-Force URL: http://xforce.iss.net/static/5956.php
_____
Date Reported: 1/15/01
Vulnerability: icmp-pmtu-dos
Platforms Affected: Linux
BSD
Risk Factor: Medium
Attack Type: Network Based
Brief Description: ICMP PMTU denial of service
X-Force URL: http://xforce.iss.net/static/5975.php
_____
Date Reported: 1/15/01
Vulnerability: icmp-pmtu-dos
Platforms Affected: Linux
BSD
Risk Factor: Medium
Attack Type: Network Based
Brief Description: ICMP PMTU denial of service
X-Force URL: http://xforce.iss.net/static/5975.php
_____
Date Reported: 1/14/01
Vulnerability: splitvt-perserc-format-string
Platforms Affected: splitvt 1.6.4 and earlier
Risk Factor: High
Attack Type: Host Based
Brief Description: Splitvt perserc.c module format string
X-Force URL: http://xforce.iss.net/static/5948.php
_____
Date Reported: 1/14/01
Vulnerability: splitvt-perserc-format-string
Platforms Affected: splitvt 1.6.4 and earlier
Risk Factor: High
Attack Type: Host Based
Brief Description: Splitvt perserc.c module format string
X-Force URL: http://xforce.iss.net/static/5948.php
_____
Date Reported: 1/14/01
Vulnerability: flash-module-bo
Platforms Affected: Oliver Debon Flash plugin 0.4.9 and earlier
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Flash browser module buffer overflow
X-Force URL: http://xforce.iss.net/static/5952.php
_____
Date Reported: 1/13/01
Vulnerability: rctab-elevate-privileges
Platforms Affected: Linux SuSE
Risk Factor: Medium
Attack Type: Host Based
Brief Description: rctab in SuSE Linux could allow privilege elevation
X-Force URL: http://xforce.iss.net/static/5945.php
_____
Date Reported: 1/12/01
Vulnerability: ultraboard-cgi-perm
Platforms Affected: UltraBoard 2000B
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: UltraBoard CGI weak permissions
X-Force URL: http://xforce.iss.net/static/5931.php
_____
Date Reported: 1/12/01
Vulnerability: compaq-web-management-bo
Platforms Affected: Compaq Web-Based Management
Risk Factor: High
Attack Type: Network Based
Brief Description: Compaq Web-Based Management program buffer overflow
X-Force URL: http://xforce.iss.net/static/5935.php
_____
Date Reported: 1/12/01
Vulnerability: php-htaccess-unauth-access
Platforms Affected: PHP (4.0.0, 4.0.4)
Risk Factor: Low
Attack Type: Network Based
Brief Description: PHP could allow unauthorized access to restricted files
X-Force URL: http://xforce.iss.net/static/5940.php
_____
Date Reported: 1/12/01
Vulnerability: basilix-webmail-retrieve-files
Platforms Affected: Basilix Webmail 0.9.7beta
Risk Factor: Low
Attack Type: Network Based
Brief Description: Basilix Webmail System allows unauthorized users to retrieve files
X-Force URL: http://xforce.iss.net/static/5934.php
_____
Date Reported: 1/12/01
Vulnerability: solaris-arp-bo
Platforms Affected: Solaris
Risk Factor: High
Attack Type: Host Based
Brief Description: Solaris arp buffer overflow
X-Force URL: http://xforce.iss.net/static/5928.php
_____
Date Reported: 1/12/01
Vulnerability: php-view-source-code
Platforms Affected: PHP (4.0.0, 4.0.4)
Risk Factor: Low
Attack Type: Network Based
Brief Description: PHP could allow remote viewing of source code
X-Force URL: http://xforce.iss.net/static/5939.php
_____
Date Reported: 1/11/01
Vulnerability: wec-ntlm-authentication
Platforms Affected: Windows 2000
Microsoft Office 2000
Windows ME
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Web Extender Client (WEC) NTLM authentication
X-Force URL: http://xforce.iss.net/static/5920.php
_____
Date Reported: 1/11/01
Vulnerability: spamcop-url-seq-predict
Platforms Affected: SpamCop
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: SpamCop URL number increment sequence prediction
X-Force URL: http://xforce.iss.net/static/5933.php
_____
Date Reported: 1/10/01
Vulnerability: linux-wuftpd-privatepw-symlink
Platforms Affected: Linux
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux wu-ftpd privatepw symbolic link
X-Force URL: http://xforce.iss.net/static/5915.php
_____
Date Reported: 1/10/01
Vulnerability: rdist-symlink
Platforms Affected: rdist
Risk Factor: High
Attack Type: Host Based
Brief Description: rdist symbolic link
X-Force URL: http://xforce.iss.net/static/5925.php
_____
Date Reported: 1/10/01
Vulnerability: squid-email-symlink
Platforms Affected: squid
Risk Factor: High
Attack Type: Host Based
Brief Description: squid email notification symbolic link
X-Force URL: http://xforce.iss.net/static/5921.php
_____
Date Reported: 1/10/01
Vulnerability: linux-diffutils-sdiff-symlimk
Platforms Affected: Linux
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux diffutils sdiff symbolic link
X-Force URL: http://xforce.iss.net/static/5914.php
_____
Date Reported: 1/10/01
Vulnerability: tcpdump-arpwatch-symlink
Platforms Affected: arpwatch
Risk Factor: High
Attack Type: Host Based
Brief Description: tcpdump arpwatch symbolic link
X-Force URL: http://xforce.iss.net/static/5922.php
_____
Date Reported: 1/10/01
Vulnerability: linuxconf-vpop3d-symlink
Platforms Affected: linuxconf
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linuxconf vpop3d symbolic link
X-Force URL: http://xforce.iss.net/static/5923.php
_____
Date Reported: 1/10/01
Vulnerability: shadow-utils-useradd-symlink
Platforms Affected: shadow-utils
Risk Factor: High
Attack Type: Host Based
Brief Description: shadow-utils useradd symbolic link
X-Force URL: http://xforce.iss.net/static/5927.php
_____
Date Reported: 1/10/01
Vulnerability: linux-glibc-read-files
Platforms Affected: Linux glibc
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux glibc library can allow users to read restricted files
X-Force URL: http://xforce.iss.net/static/5907.php
_____
Date Reported: 1/10/01
Vulnerability: gettyps-symlink
Platforms Affected: gettyps
Risk Factor: High
Attack Type: Host Based
Brief Description: getty_ps symbolic link
X-Force URL: http://xforce.iss.net/static/5924.php
_____
Date Reported: 1/10/01
Vulnerability: linux-gpm-symlink
Platforms Affected: gpm
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux gpm symbolic link attack
X-Force URL: http://xforce.iss.net/static/5917.php
_____
Date Reported: 1/10/01
Vulnerability: linux-mgetty-symlink
Platforms Affected: mgetty
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux mgetty symbolic link attack
X-Force URL: http://xforce.iss.net/static/5918.php
_____
Date Reported: 1/10/01
Vulnerability: linux-apache-symlink
Platforms Affected: Apache
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux Apache symbolic link
X-Force URL: http://xforce.iss.net/static/5926.php
_____
Date Reported: 1/10/01
Vulnerability: linux-inn-symlink
Platforms Affected: inn
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux INN tmp directory symbolic link
X-Force URL: http://xforce.iss.net/static/5916.php
_____
Date Reported: 1/10/01
Vulnerability: conferenceroom-developer-dos
Platforms Affected: ConferenceRoom Professional Edition
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: ConferenceRoom Developer Edition denial of service
X-Force URL: http://xforce.iss.net/static/5909.php
_____
Date Reported: 1/9/01
Vulnerability: oracle-xsql-execute-code
Platforms Affected: Oracle 8.1.7
Risk Factor: High
Attack Type: Network Based
Brief Description: Oracle XSQL servlet and xml-stylesheet allows code execution on server
X-Force URL: http://xforce.iss.net/static/5905.php
_____
Date Reported: 1/9/01
Vulnerability: netscreen-webui-bo
Platforms Affected: NetScreen
Risk Factor: Medium
Attack Type: Network Based
Brief Description: NetScreen Firewall WebUI buffer overflow
X-Force URL: http://xforce.iss.net/static/5908.php
_____
Date Reported: 1/9/01
Vulnerability: suse-reiserfs-long-filenames
Platforms Affected: SuSE 7.0
Risk Factor: High
Attack Type: Host Based
Brief Description: SuSE reiserfs long file name denial of service
X-Force URL: http://xforce.iss.net/static/5910.php
_____
Date Reported: 1/9/01
Vulnerability: interbase-backdoor-account
Platforms Affected: InterBase 6.01 and earlier
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: InterBase built-in backdoor account
X-Force URL: http://xforce.iss.net/static/5911.php
_____
Date Reported: 1/9/01
Vulnerability: interbase-hidden-function-dos
Platforms Affected: InterBase 6.01
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: InterBase hidden function denial of service
X-Force URL: http://xforce.iss.net/static/5912.php
_____
Date Reported: 1/9/01
Vulnerability: brickserver-thttpd-dos
Platforms Affected: BRICKServer Small Business
Risk Factor: Medium
Attack Type: Network Based
Brief Description: BRICKServer thttpd denial of service
X-Force URL: http://xforce.iss.net/static/5919.php
_____
Date Reported: 1/9/01
Vulnerability: solaris-exrecover-bo
Platforms Affected: Solaris (2.4, 2.5, 2.5.1, 2.6)
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Solaris exrecover buffer overflow
X-Force URL: http://xforce.iss.net/static/5913.php
_____
Date Reported: 1/9/01
Vulnerability: hp-inetd-swait-dos
Platforms Affected: HPUX
Risk Factor: Medium
Attack Type: Host Based
Brief Description: HP-UX inetd swait denial of service
X-Force URL: http://xforce.iss.net/static/5904.php
_____
Date Reported: 1/8/01
Vulnerability: microsoft-iis-read-files
Platforms Affected: IIS (4.0, 5.0)
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Microsoft IIS 5.0 allows the viewing of files through malformed URL
X-Force URL: http://xforce.iss.net/static/5903.php
_____
Date Reported: 1/8/01
Vulnerability: ibm-websphere-dos
Platforms Affected: IBM Websphere 3.52
IBM HTTP Server 1.3.12
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: IBM WebSphere denial of service
X-Force URL: http://xforce.iss.net/static/5900.php
_____
Date Reported: 1/8/01
Vulnerability: storagesoft-imagecast-dos
Platforms Affected: ImageCast 4.1
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: StorageSoft ImageCast denial of service
X-Force URL: http://xforce.iss.net/static/5901.php
_____
Date Reported: 1/8/01
Vulnerability: nai-pgp-replace-keys
Platforms Affected: PGP 7.0
Risk Factor: Medium
Attack Type: Host Based
Brief Description: PGP users may replace signed exported key blocks with arbitrary keys
X-Force URL: http://xforce.iss.net/static/5902.php
_____
Date Reported: 1/7/01
Vulnerability: http-cgi-bbs-forum
Platforms Affected: WebBBS 1.0
Risk Factor: High
Attack Type: Network Based
Brief Description: bbs_forum.cgi allows remote command execution
X-Force URL: http://xforce.iss.net/static/5906.php
_____
Date Reported: 1/5/01
Vulnerability: lotus-domino-directory-traversal
Platforms Affected: Lotus Domino 5.0.x
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Lotus Domino 5.0.x .nsf, .box, and .ns4 directory traversal
X-Force URL: http://xforce.iss.net/static/5899.php
_____
Date Reported: 1/5/01
Vulnerability: http-cgi-fastgraf
Platforms Affected: FASTGRAF
Risk Factor: High
Attack Type: Network Based
Brief Description: Fastgraf CGI scripts allow remote command execution
X-Force URL: http://xforce.iss.net/static/5897.php
_____
Date Reported: 1/4/01
Vulnerability: newsdesk-cgi-read-files
Platforms Affected: Newsdesk 1.2
Risk Factor: High
Attack Type: Network Based
Brief Description: Newsdesk.cgi allows read access to files
X-Force URL: http://xforce.iss.net/static/5898.php
_____
Date Reported: 1/1/01
Vulnerability: gtk-module-execute-code
Platforms Affected: GTK+ 1.2.8 and earlier
Risk Factor: High
Attack Type: Host Based
Brief Description: GTK+ arbitrary code execution using custom loadable module
X-Force URL: http://xforce.iss.net/static/5832.php
_____
Date Reported: 1/1/01
Vulnerability: linux-tty-writable-dos
Platforms Affected: Linux
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux writable TTY denial of service
X-Force URL: http://xforce.iss.net/static/5896.php
_____
Risk Factor Key:
High Any vulnerability that provides an attacker with immediate
access into a machine, gains superuser access, or bypasses
a firewall. Example: A vulnerable Sendmail 8.6.5 version
that allows an intruder to execute commands on mail
server.
Medium Any vulnerability that provides information that has a
high potential of giving system access to an intruder.
Example: A misconfigured TFTP or vulnerable NIS server
that allows an intruder to get the password file that
could contain an account with a guessable password.
Low Any vulnerability that provides information that
potentially could lead to a compromise. Example: A
finger that allows an intruder to find out who is online
and potential accounts to attempt to crack passwords
via brute force methods.
_____
Additional Information
This document is available at http://xforce.iss.net/alerts/advisennn.php.
To receive these Alerts and Advisories:
- - Subscribe to the Alert mailing list from
http://xforce.iss.net/maillists/index.php
- - Or send an email to majordomo@iss.net, and within the body of the
message type:
'subscribe alert' (without the quotes).
About Internet Security Systems (ISS)
Internet Security Systems, Inc. (ISS) (NASDAQ: ISSX) is the leading
global provider of security management solutions for the Internet.
By combining best of breed products, security management services,
aggressive research and development, and comprehensive educational
and consulting services, ISS is the trusted security advisor for
thousands of organizations around the world looking to protect their
mission critical information and networks.
Copyright (c) 2001 by Internet Security Systems, Inc.
Permission is hereby granted for the redistribution of this Alert
electronically. It is not to be edited in any way without express consent
of the X-Force. If you wish to reprint the whole or any part of this
Alert in any other medium excluding electronic medium, please e-mail
xforce@iss.net for permission.
Disclaimer
The information within this paper may change without notice. Use of this
information constitutes acceptance for use in an AS IS condition. There
are NO warranties with regard to this information. In no event shall the
author be liable for any damages whatsoever arising out of or in
connection with the use or spread of this information. Any use of this
information is at the user's own risk.
X-Force PGP Key available at: http://xforce.iss.net/sensitive.php as
well as on MIT's PGP key server and PGP.com's key server.
Please send suggestions, updates, and comments to: X-Force xforce@iss.net
of Internet Security Systems, Inc.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a
Charset: noconv
iQCVAwUBOogB2jRfJiV99eG9AQESogP9HsIDfUmYkJuWUmNqPhb22a6CVpi/TiG9
7mvhdGc3ySS6LqrvTZgXrBzAcxFlHrdTSmNka8yGiLvYAb0lnghFRZ2OxxRfK11m
AV9VS9/Yty/Qk8BnA/7tx4DIcM4Nhry1kTqTbDkpbcfXOb2LI2WUGnMHF/xkc1ge
3mV5zJXCUM4=
=ClrQ
-----END PGP SIGNATURE-----
| VAR-200102-0009 | CVE-2001-0004 | Microsoft Internet Information Server (IIS) discloses contents of files via crafted request containing "%3F+.htr" |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
IIS 5.0 and 4.0 allows remote attackers to read the source code for executable web server programs by appending "%3F+.htr" to the requested URL, which causes the files to be parsed by the .HTR ISAPI extension, aka a variant of the "File Fragment Reading via .HTR" vulnerability. A vulnerability exists in Microsoft Information Server (IIS) in which a crafted HTTP GET request may return the contents of a file on the affected server. A possible target of such a request might be a script that should only be executable (not readable) by unauthenticated remote users. The contents of such a file might contain sensitive information such as user credentials for access to a back-end database.This is a variation of the vulnerability discussed in VU#35085 and Microsoft Security Bulletin MS00-031 and more recently in VU#28565 and Microsoft Security Bulletin MS00-044. The secure-RPC feature of the SSH1 client in Solaris sometimes encrypts the SSH private key file with a weak passphrase, which can be determined by an attacker and used to recover the SSH private keys. Other versions of the SSH client running on non-Solaris platforms are not affected by this vulnerability. NewsDaemon prior to version 0.21b contains a vulnerability allowing remote attackers to gain administrative access to the web site. getty_ps is an open-source software package designed to support logons to the console and terminals. Some implementations create temporary files insecurely with predictable names, leading to corruption of arbitrary files via symbolic link attack. getty_ps is an open source, freely available, publicly maintained software package shipped with many distributions of Linux.
A problem in the getty_ps software package could make it vulnerable to a symbolic link attack. The problem occurs in the creation and handling of files in the /tmp directory by the getty_ps program. Under certain circumstances, getty_ps will create files in the /tmp filesystem in an insecure manner. The program uses a naming scheme that could make it possible to guess the filename of future files in the /tmp directory, and does not check for the existance of the file before attempting to create it. A malicious user could use this vulnerability to overwrite or append to and corrupt system files. SSH is a package designed to encrypt traffic between two end points using the IETF specified SSH protocol. The SSH1 package is distributed and maintained by SSH Communications Security.
A problem exists which could allow the discovery of the secret key used to encrypt traffic on the local host. When using SUN-DES-1 to share keys with other hosts on the network to facilitate secure communication via protocols such as NFS and NIS+, the keys are shared between hosts using the private key of the user and a cryptographic algorithm to secure the contents of the key, which is stored on the NIS+ primary. The problem occurs when the key is encrypted with the SUN-DES-1 magic phrase prior to having done a keylogin (the keyserv does not have the users DH private key). A design flaw in the software that shares the key with the NIS+ master will inconsistently return the correct value for an attempted keyshare that has failed. A step in the private key encryption process is skipped, and the users private key is then encrypted only with the public key of the target server and the SUN-DES-1 magic phrase, a phrase that is guessable due to the way it is generated. A user from the same host can then execute a function that returns another users magic phrase, and use this to decrypt the private key of the victim. This makes it possible for a user with malicious intent to gain knowledge of a users secret key, and decrypt sensitive traffic between two hosts, with the possibility of gaining access and elevated privileges on the hosts and/or NIS+ domain. This reportedly affects the SSH2 series of the software package. It is possible for a remote attacker to view segments of a requested file.
TO UNSUBSCRIBE: email "unsubscribe alert" in the body of your message to
majordomo@iss.net Contact alert-owner@iss.net for help with any problems!
---------------------------------------------------------------------------
-----BEGIN PGP SIGNED MESSAGE-----
Internet Security Systems Security Alert Summary
February 6, 2001
Volume 6 Number 3
X-Force Vulnerability and Threat Database: http://xforce.iss.net/ To
receive these Alert Summaries as well as other Alerts and Advisories,
subscribe to the Internet Security Systems Alert mailing list at:
http://xforce.iss.net/maillists/index.php
_____
Contents
120 Reported Vulnerabilities
Risk Factor Key
_____
Date Reported: 1/31/01
Vulnerability: win2k-rdp-dos
Platforms Affected: Windows 2000
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Windows 2000 Server RDP denial of service
X-Force URL: http://xforce.iss.net/static/6035.php
_____
Date Reported: 1/31/01
Vulnerability: cisco-ccs-file-access
Platforms Affected: Cisco Content Services Switch
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Cisco CCS command line interface could allow read access to files and directories
X-Force URL: http://xforce.iss.net/static/6031.php
_____
Date Reported: 1/31/01
Vulnerability: quicktime-embedded-tag-bo
Platforms Affected: Quicktime 4.1.2
Risk Factor: High
Attack Type: Host Based
Brief Description: QuickTime Player EMBED tag buffer overflow
X-Force URL: http://xforce.iss.net/static/6040.php
_____
Date Reported: 1/31/01
Vulnerability: solaris-ximp40-bo
Platforms Affected: Solaris (7, 8)
Risk Factor: High
Attack Type: Host Based
Brief Description: Solaris "ximp40" shared library buffer overflow
X-Force URL: http://xforce.iss.net/static/6039.php
_____
Date Reported: 1/31/01
Vulnerability: cisco-ccs-cli-dos
Platforms Affected: Cisco Content Services Switch
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Cisco CCS command line interface denial of service
X-Force URL: http://xforce.iss.net/static/6030.php
_____
Date Reported: 1/30/01
Vulnerability: slimserve-httpd-dos
Platforms Affected: SlimServe 1.0
Risk Factor: Medium
Attack Type: Network Based
Brief Description: SlimServe HTTPd denial of service
X-Force URL: http://xforce.iss.net/static/6028.php
_____
Date Reported: 1/30/01
Vulnerability: crazywwwboard-qdecoder-bo
Platforms Affected: CrazyWWWBoard prior to 2000LEp5-1
Risk Factor: Medium
Attack Type: Network Based
Brief Description: CrazyWWWBoard qDecoder buffer overflow
X-Force URL: http://xforce.iss.net/static/6033.php
_____
Date Reported: 1/30/01
Vulnerability: virusbuster-mua-bo
Platforms Affected:
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Virus Buster 2001 Mail User Agent (MUA) buffer overflow
X-Force URL: http://xforce.iss.net/static/6034.php
_____
Date Reported: 1/29/01
Vulnerability: iis-isapi-obtain-code
Platforms Affected: IIS (4.0, 5.0)
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: IIS allows remote attacker to obtain code fragments using .htr ISAPI extensions
X-Force URL: http://xforce.iss.net/static/6032.php
_____
Date Reported: 1/29/01
Vulnerability: bind-inverse-query-disclosure
Platforms Affected: Bind (4.x, 8.2.x)
Risk Factor: Medium
Attack Type: Network Based
Brief Description: BIND 4.x and 8.2.x exposes environment variables
X-Force URL: http://xforce.iss.net/static/6018.php
_____
Date Reported: 1/29/01
Vulnerability: hp-man-dos
Platforms Affected: HPUX
Risk Factor: Medium
Attack Type: Host Based
Brief Description: HP man command denial of service
X-Force URL: http://xforce.iss.net/static/6014.php
_____
Date Reported: 1/29/01
Vulnerability: sort-temp-file-abort
Platforms Affected: FreeBSD
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Sort temporary files denial of service
X-Force URL: http://xforce.iss.net/static/6038.php
_____
Date Reported: 1/29/01
Vulnerability: bind-complain-format-string
Platforms Affected: BIND 4.x
Risk Factor: Medium
Attack Type: Network Based
Brief Description: BIND 4.x nslookupComplain() format string
X-Force URL: http://xforce.iss.net/static/6017.php
_____
Date Reported: 1/29/01
Vulnerability: bind-complain-bo
Platforms Affected: BIND 4.x
Risk Factor: Medium
Attack Type: Network Based
Brief Description: BIND 4.x nslookupComplain() buffer overflow
X-Force URL: http://xforce.iss.net/static/6016.php
_____
Date Reported: 1/29/01
Vulnerability: winvnc-client-bo
Platforms Affected: WinVNC
Risk Factor: High
Attack Type: Network Based
Brief Description: WinVNC client buffer overflow
X-Force URL: http://xforce.iss.net/static/6025.php
_____
Date Reported: 1/29/01
Vulnerability: winvnc-server-bo
Platforms Affected: WinVNC
Risk Factor: High
Attack Type: Network Based
Brief Description: WinVNC server buffer overflow
X-Force URL: http://xforce.iss.net/static/6026.php
_____
Date Reported: 1/29/01
Vulnerability: guestserver-cgi-execute-commands
Platforms Affected: Guestserver 4.12 and earlier
Risk Factor: High
Attack Type: Network Based
Brief Description: Guestserver.cgi allows remote command execution
X-Force URL: http://xforce.iss.net/static/6027.php
_____
Date Reported: 1/29/01
Vulnerability: bind-tsig-bo
Platforms Affected: BIND 8.2.x
Risk Factor: Unauthorized Access Attempt
Attack Type: Network/Host Based
Brief Description: BIND 8.2.x transaction signature (TSIG) buffer overflow
X-Force URL: http://xforce.iss.net/static/6015.php
_____
Date Reported: 1/28/01
Vulnerability: hyperseek-cgi-reveal-info
Platforms Affected: Hyperseek Search Engine 2000
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Hyperseek CGI could reveal listings of directories and files
X-Force URL: http://xforce.iss.net/static/6012.php
_____
Date Reported: 1/26/01
Vulnerability: newsdaemon-gain-admin-access
Platforms Affected: NewsDaemon prior to 0.21b
Risk Factor: High
Attack Type: Network Based
Brief Description: NewsDaemon allows remote users to gain administrative access
X-Force URL: http://xforce.iss.net/static/6010.php
_____
Date Reported: 1/26/01
Vulnerability: mars-nwe-format-string
Platforms Affected: Mars_nwe 0.99.pl19
Risk Factor: High
Attack Type: Network Based
Brief Description: Mars_nwe format string
X-Force URL: http://xforce.iss.net/static/6019.php
_____
Date Reported: 1/26/01
Vulnerability: mars-nwe-format-string
Platforms Affected: Mars_nwe 0.99.pl19
Risk Factor: High
Attack Type: Network Based
Brief Description: Mars_nwe format string
X-Force URL: http://xforce.iss.net/static/6019.php
_____
Date Reported: 1/25/01
Vulnerability: planetintra-pi-bo
Platforms Affected: Planet Intra LAN Intranet 2.5
Risk Factor: High
Attack Type: Network Based
Brief Description: Planet Intra 'pi' binary buffer oveflow
X-Force URL: http://xforce.iss.net/static/6002.php
_____
Date Reported: 1/25/01
Vulnerability: borderware-ping-dos
Platforms Affected: BorderWare Firewall Server 6.1.2
Risk Factor: High
Attack Type: Network Based
Brief Description: BorderWare ping denial of service
X-Force URL: http://xforce.iss.net/static/6004.php
_____
Date Reported: 1/25/01
Vulnerability: aol-malformed-url-dos
Platforms Affected: AOL 5.0
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: AOL malformed URL denial of service
X-Force URL: http://xforce.iss.net/static/6009.php
_____
Date Reported: 1/25/01
Vulnerability: mirc-bypass-password
Platforms Affected: mIRC
Risk Factor: High
Attack Type: Host Based
Brief Description: mIRC allows malicious user to bypass password
X-Force URL: http://xforce.iss.net/static/6013.php
_____
Date Reported: 1/25/01
Vulnerability: netscape-enterprise-revlog-dos
Platforms Affected: Netscape Enterprise Server
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Netscape Enterprise Server REVLOG denial of service
X-Force URL: http://xforce.iss.net/static/6003.php
_____
Date Reported: 1/24/01
Vulnerability: aim-execute-code
Platforms Affected: AOL Instant Messenger 4.1 and later
Risk Factor: High
Attack Type: Host Based
Brief Description: AOL Instant Messenger execution of code in modified images
X-Force URL: http://xforce.iss.net/static/6005.php
_____
Date Reported: 1/24/01
Vulnerability: netscape-enterprise-list-directories
Platforms Affected: Netscape Enterprise Server (3.0, 4.0)
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Netscape Enterprise Server allows remote directory listing
X-Force URL: http://xforce.iss.net/static/5997.php
_____
Date Reported: 1/24/01
Vulnerability: winnt-mutex-dos
Platforms Affected: Windows NT 4.0
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Windows NT mutex denial of service
X-Force URL: http://xforce.iss.net/static/6006.php
_____
Date Reported: 1/24/01
Vulnerability: jrun-webinf-file-retrieval
Platforms Affected: JRun
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: JRun malformed URL file retrieval
X-Force URL: http://xforce.iss.net/static/6008.php
_____
Date Reported: 1/23/01
Vulnerability: ipfw-bypass-firewall
Platforms Affected: FreeBSD (3.x, 4.x)
Risk Factor: High
Attack Type: Network Based
Brief Description: ipfw/ip6fw allows remote attacker to bypass firewall
X-Force URL: http://xforce.iss.net/static/5998.php
_____
Date Reported: 1/23/01
Vulnerability: netopia-telnet-dos
Platforms Affected: Netopia R-series router
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Netopia R9100 allows remote user to crash the router using telnet
X-Force URL: http://xforce.iss.net/static/6001.php
_____
Date Reported: 1/23/01
Vulnerability: wuftp-debug-format-string
Platforms Affected: Wu-ftpd
Risk Factor: High
Attack Type: Network Based
Brief Description: Wu-ftpd debug mode format string
X-Force URL: http://xforce.iss.net/static/6020.php
_____
Date Reported: 1/23/01
Vulnerability: kde2-kdesu-retrieve-passwords
Platforms Affected: Linux: Caldera eDesktop 2.4
Risk Factor: High
Attack Type: Host Based
Brief Description: KDE2 kdesu program allows users to retrieve passwords
X-Force URL: http://xforce.iss.net/static/5995.php
_____
Date Reported: 1/23/01
Vulnerability: easycom-safecom-url-bo
Platforms Affected: Easycom/Safecom firmware 404.590
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Easycom/Safecom print server long URL buffer overflow
X-Force URL: http://xforce.iss.net/static/5988.php
_____
Date Reported: 1/23/01
Vulnerability: easycom-safecom-printguide-dos
Platforms Affected: Easycom/Safecom firmware 404.590
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Easycom/Safecom PrintGuide denial of service
X-Force URL: http://xforce.iss.net/static/5989.php
_____
Date Reported: 1/23/01
Vulnerability: easycom-safecom-ftp-dos
Platforms Affected: Easycom/Safecom firmware 404.590
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Easycom/Safecom FTP denial of service
X-Force URL: http://xforce.iss.net/static/5990.php
_____
Date Reported: 1/23/01
Vulnerability: vnc-weak-authentication
Platforms Affected: VNC 3.3.3 and earlier
Risk Factor: Medium
Attack Type: Network Based
Brief Description: VNC weak authentication could allow unauthorized access
X-Force URL: http://xforce.iss.net/static/5992.php
_____
Date Reported: 1/23/01
Vulnerability: lotus-domino-smtp-bo
Platforms Affected: Lotus Domino 5.0
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Lotus Domino SMTP Server policy feature buffer overflow
X-Force URL: http://xforce.iss.net/static/5993.php
_____
Date Reported: 1/23/01
Vulnerability: linux-sash-shadow-readable
Platforms Affected: sash prior to 3.4-4
Risk Factor: High
Attack Type: Host Based
Brief Description: Linux sash /etc/shadow directory world-readable
X-Force URL: http://xforce.iss.net/static/5994.php
_____
Date Reported: 1/22/01
Vulnerability: powerpoint-execute-code
Platforms Affected: Microsoft PowerPoint 2000
Risk Factor: High
Attack Type: Host Based
Brief Description: PowerPoint could allow code execution on another user's computer
X-Force URL: http://xforce.iss.net/static/5996.php
_____
Date Reported: 1/22/01
Vulnerability: icecast-format-string
Platforms Affected: Icecast 1.3.8beta2 and prior
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Icecast format string could allow arbitrary code execution
X-Force URL: http://xforce.iss.net/static/5978.php
_____
Date Reported: 1/22/01
Vulnerability: oracle-handlers-directory-traversal
Platforms Affected: Oracle 8.1.7
Risk Factor: High
Attack Type: Network Based
Brief Description: Oracle JSP/SQLJP handlers directory traversal
X-Force URL: http://xforce.iss.net/static/5986.php
_____
Date Reported: 1/22/01
Vulnerability: oracle-handlers-execute-jsp
Platforms Affected: Oracle 8.1.7
Risk Factor: High
Attack Type: Network Based
Brief Description: Oracle JSP/SQLJP handlers allows remote attacker to execute .jsp files
X-Force URL: http://xforce.iss.net/static/5987.php
_____
Date Reported: 1/22/01
Vulnerability: netscape-enterprise-dot-dos
Platforms Affected: Netscape Enterprise Server 4.1 SP5
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Netscape Enterprise Server "/../" denial of service
X-Force URL: http://xforce.iss.net/static/5983.php
_____
Date Reported: 1/22/01
Vulnerability: goodtech-ftp-dos
Platforms Affected: GoodTech FTP 3.0.1.2.1.0
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: GoodTech FTP server denial of service
X-Force URL: http://xforce.iss.net/static/5984.php
_____
Date Reported: 1/22/01
Vulnerability: netscape-fasttrack-cache-dos
Platforms Affected: Netscape FastTrack
Risk Factor: Low
Attack Type: Host Based
Brief Description: Netscape FastTrack Server cache denial of service
X-Force URL: http://xforce.iss.net/static/5985.php
_____
Date Reported: 1/21/01
Vulnerability: eeye-iris-dos
Platforms Affected: Iris Network Analyzer 1.01beta
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Iris denial of service
X-Force URL: http://xforce.iss.net/static/5981.php
_____
Date Reported: 1/20/01
Vulnerability: watchguard-firebox-obtain-passphrase
Platforms Affected: Firebox II
Risk Factor: High
Attack Type: Network Based
Brief Description: WatchGuard Firebox allows remote user to obtain passphrase
X-Force URL: http://xforce.iss.net/static/5979.php
_____
Date Reported: 1/19/01
Vulnerability: fastream-ftp-server-dos
Platforms Affected: Fastream FTP++ Simple FTP Server 2.0
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Fastream FTP denial of service
X-Force URL: http://xforce.iss.net/static/5976.php
_____
Date Reported: 1/19/01
Vulnerability: fastream-ftp-path-disclosure
Platforms Affected: Fastream FTP++ Simple FTP Server 2.0
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Fastream FTP path disclosure
X-Force URL: http://xforce.iss.net/static/5977.php
_____
Date Reported: 1/19/01
Vulnerability: localweb2k-directory-traversal
Platforms Affected: LocalWEB2000 HTTP Server 1.1.0
Risk Factor: Medium
Attack Type: Network Based
Brief Description: LocalWEB2000 directory traversal
X-Force URL: http://xforce.iss.net/static/5982.php
_____
Date Reported: 1/19/01
Vulnerability: win2k-efs-recover-data
Platforms Affected: Windows 2000
Risk Factor: High
Attack Type: Host Based
Brief Description: Windows 2000 EFS allows local user to recover sensitive data
X-Force URL: http://xforce.iss.net/static/5973.php
_____
Date Reported: 1/19/01
Vulnerability: linux-bing-bo
Platforms Affected: Linux
Risk Factor: High
Attack Type: Host Based
Brief Description: Bing host name buffer overflow
X-Force URL: http://xforce.iss.net/static/6036.php
_____
Date Reported: 1/18/01
Vulnerability: micq-sprintf-remote-bo
Platforms Affected: Matt's ICQ Clone 0.4.6
Risk Factor: High
Attack Type: Network Based
Brief Description: ICQ clone for Linux sprintf() remote buffer overflow
X-Force URL: http://xforce.iss.net/static/5962.php
_____
Date Reported: 1/18/01
Vulnerability: mysql-select-bo
Platforms Affected: MySQL prior to 3.23.31
Risk Factor: High
Attack Type: Host Based
Brief Description: MySQL select buffer overflow
X-Force URL: http://xforce.iss.net/static/5969.php
_____
Date Reported: 1/18/01
Vulnerability: shoutcast-description-bo
Platforms Affected: SHOUTcast DNAS 1.7.1
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: Shoutcast Server for Linux description buffer overflow
X-Force URL: http://xforce.iss.net/static/5965.php
_____
Date Reported: 1/17/01
Vulnerability: fw1-limited-license-dos
Platforms Affected: Check Point Firewall-1 4.1
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: FireWall-1 limited-IP license denial of service
X-Force URL: http://xforce.iss.net/static/5966.php
_____
Date Reported: 1/17/01
Vulnerability: fw1-limited-license-dos
Platforms Affected: Check Point Firewall-1 4.1
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: FireWall-1 limited-IP license denial of service
X-Force URL: http://xforce.iss.net/static/5966.php
_____
Date Reported: 1/17/01
Vulnerability: hp-stm-dos
Platforms Affected: HPUX
Risk Factor: Medium
Attack Type: Host Based
Brief Description: HP-UX Support Tools Manager denial of service
X-Force URL: http://xforce.iss.net/static/5957.php
_____
Date Reported: 1/17/01
Vulnerability: linux-webmin-tmpfiles
Platforms Affected: OpenLinux (2.3, 2.4)
Risk Factor: High
Attack Type: Host Based
Brief Description: Webmin use of tmpfiles could allow a local user to overwrite files
X-Force URL: http://xforce.iss.net/static/6011.php
_____
Date Reported: 1/17/01
Vulnerability: tinyproxy-remote-bo
Platforms Affected: tinyproxy 1.3.2 and 1.3.3
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Tinyproxy remote buffer overflow
X-Force URL: http://xforce.iss.net/static/5954.php
_____
Date Reported: 1/17/01
Vulnerability: postaci-sql-command-injection
Platforms Affected: PostACI
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Postaci SQL command injection
X-Force URL: http://xforce.iss.net/static/5972.ph p
_____
Date Reported: 1/17/01
Vulnerability: wwwwais-cgi-dos
Platforms Affected: wwwwais.c 25
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: wwwwais CGI based program denial of service
X-Force URL: http://xforce.iss.net/static/5980.php
_____
Date Reported: 1/17/01
Vulnerability: mime-header-attachment
Platforms Affected: MIME 1.0
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: MIME headers could allow spoofed file attachment
X-Force URL: http://xforce.iss.net/static/5991.php
_____
Date Reported: 1/16/01
Vulnerability: ssh-rpc-private-key
Platforms Affected: SSH
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: SSH secure-RPC could generate a passphrase that exposes a user's private key
X-Force URL: http://xforce.iss.net/static/5963.php
_____
Date Reported: 1/16/01
Vulnerability: linux-glibc-preload-overwrite
Platforms Affected: Linux
Risk Factor: Low
Attack Type: Host Based
Brief Description: Linux glibc LD_PRELOAD file overwrite
X-Force URL: http://xforce.iss.net/static/5971.php
_____
Date Reported: 1/16/01
Vulnerability: inn-tmpfile-symlink
Platforms Affected: InterNet News (INN)
Risk Factor: High
Attack Type: Host Based
Brief Description: INN tmpfile symbolic link
X-Force URL: http://xforce.iss.net/static/5974.php
_____
Date Reported: 1/15/01
Vulnerability: interscan-viruswall-insecure-password
Platforms Affected: InterScan VirusWall (3.0.1, 3.6.x)
Risk Factor: High
Attack Type: Network Based
Brief Description: InterScan VirusWall for Unix password change insecure
X-Force URL: http://xforce.iss.net/static/5944.php
_____
Date Reported: 1/15/01
Vulnerability: interscan-viruswall-weak-authentication
Platforms Affected: InterScan VirusWall (3.0.1, 3.6.x)
Risk Factor: Medium
Attack Type: Network Based
Brief Description: InterScan VirusWall for Unix uses weak authentication
X-Force URL: http://xforce.iss.net/static/5946.php
_____
Date Reported: 1/15/01
Vulnerability: ie-mshtml-dos
Platforms Affected: Internet Explorer 4.0 and later
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Internet Explorer mshtml.dll denial of service
X-Force URL: http://xforce.iss.net/static/5938.php
_____
Date Reported: 1/15/01
Vulnerability: dhcp-format-string
Platforms Affected: Caldera OpenLinux Desktop (2.3, 2.3.1, 2.4)
Risk Factor: High
Attack Type: Network Based
Brief Description: Caldera DHCP format string
X-Force URL: http://xforce.iss.net/static/5953.php
_____
Date Reported: 1/15/01
Vulnerability: win-mediaplayer-arbitrary-code
Platforms Affected: Windows Media Player 7.0
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Windows Media Player skins can be used execute arbitrary code
X-Force URL: http://xforce.iss.net/static/5937.php
_____
Date Reported: 1/15/01
Vulnerability: veritas-backupexec-dos
Platforms Affected: Backup Exec 4.5
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Veritas Backup Exec denial of service
X-Force URL: http://xforce.iss.net/static/5941.php
_____
Date Reported: 1/15/01
Vulnerability: interscan-viruswall-symlink
Platforms Affected: InterScan VirusWall (3.0.1, 3.6.x)
Risk Factor: High
Attack Type: Host Based
Brief Description: InterScan VirusWall for Unix symbolic link
X-Force URL: http://xforce.iss.net/static/5947.php
_____
Date Reported: 1/15/01
Vulnerability: omnihttpd-statsconfig-corrupt-files
Platforms Affected: OmniHTTPd
Risk Factor: Medium
Attack Type: Network Based
Brief Description: OmniHTTPd statsconfig.pl corrupt any file on the system
X-Force URL: http://xforce.iss.net/static/5955.php
_____
Date Reported: 1/15/01
Vulnerability: omnihttpd-statsconfig-execute-code
Platforms Affected: OmniHTTPd
Risk Factor: High
Attack Type: Network Based
Brief Description: OmniHTTPD statsconfig.pl allows code execution
X-Force URL: http://xforce.iss.net/static/5956.php
_____
Date Reported: 1/15/01
Vulnerability: icmp-pmtu-dos
Platforms Affected: Linux
BSD
Risk Factor: Medium
Attack Type: Network Based
Brief Description: ICMP PMTU denial of service
X-Force URL: http://xforce.iss.net/static/5975.php
_____
Date Reported: 1/15/01
Vulnerability: icmp-pmtu-dos
Platforms Affected: Linux
BSD
Risk Factor: Medium
Attack Type: Network Based
Brief Description: ICMP PMTU denial of service
X-Force URL: http://xforce.iss.net/static/5975.php
_____
Date Reported: 1/14/01
Vulnerability: splitvt-perserc-format-string
Platforms Affected: splitvt 1.6.4 and earlier
Risk Factor: High
Attack Type: Host Based
Brief Description: Splitvt perserc.c module format string
X-Force URL: http://xforce.iss.net/static/5948.php
_____
Date Reported: 1/14/01
Vulnerability: splitvt-perserc-format-string
Platforms Affected: splitvt 1.6.4 and earlier
Risk Factor: High
Attack Type: Host Based
Brief Description: Splitvt perserc.c module format string
X-Force URL: http://xforce.iss.net/static/5948.php
_____
Date Reported: 1/14/01
Vulnerability: flash-module-bo
Platforms Affected: Oliver Debon Flash plugin 0.4.9 and earlier
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Flash browser module buffer overflow
X-Force URL: http://xforce.iss.net/static/5952.php
_____
Date Reported: 1/13/01
Vulnerability: rctab-elevate-privileges
Platforms Affected: Linux SuSE
Risk Factor: Medium
Attack Type: Host Based
Brief Description: rctab in SuSE Linux could allow privilege elevation
X-Force URL: http://xforce.iss.net/static/5945.php
_____
Date Reported: 1/12/01
Vulnerability: ultraboard-cgi-perm
Platforms Affected: UltraBoard 2000B
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: UltraBoard CGI weak permissions
X-Force URL: http://xforce.iss.net/static/5931.php
_____
Date Reported: 1/12/01
Vulnerability: compaq-web-management-bo
Platforms Affected: Compaq Web-Based Management
Risk Factor: High
Attack Type: Network Based
Brief Description: Compaq Web-Based Management program buffer overflow
X-Force URL: http://xforce.iss.net/static/5935.php
_____
Date Reported: 1/12/01
Vulnerability: php-htaccess-unauth-access
Platforms Affected: PHP (4.0.0, 4.0.4)
Risk Factor: Low
Attack Type: Network Based
Brief Description: PHP could allow unauthorized access to restricted files
X-Force URL: http://xforce.iss.net/static/5940.php
_____
Date Reported: 1/12/01
Vulnerability: basilix-webmail-retrieve-files
Platforms Affected: Basilix Webmail 0.9.7beta
Risk Factor: Low
Attack Type: Network Based
Brief Description: Basilix Webmail System allows unauthorized users to retrieve files
X-Force URL: http://xforce.iss.net/static/5934.php
_____
Date Reported: 1/12/01
Vulnerability: solaris-arp-bo
Platforms Affected: Solaris
Risk Factor: High
Attack Type: Host Based
Brief Description: Solaris arp buffer overflow
X-Force URL: http://xforce.iss.net/static/5928.php
_____
Date Reported: 1/12/01
Vulnerability: php-view-source-code
Platforms Affected: PHP (4.0.0, 4.0.4)
Risk Factor: Low
Attack Type: Network Based
Brief Description: PHP could allow remote viewing of source code
X-Force URL: http://xforce.iss.net/static/5939.php
_____
Date Reported: 1/11/01
Vulnerability: wec-ntlm-authentication
Platforms Affected: Windows 2000
Microsoft Office 2000
Windows ME
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Web Extender Client (WEC) NTLM authentication
X-Force URL: http://xforce.iss.net/static/5920.php
_____
Date Reported: 1/11/01
Vulnerability: spamcop-url-seq-predict
Platforms Affected: SpamCop
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: SpamCop URL number increment sequence prediction
X-Force URL: http://xforce.iss.net/static/5933.php
_____
Date Reported: 1/10/01
Vulnerability: linux-wuftpd-privatepw-symlink
Platforms Affected: Linux
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux wu-ftpd privatepw symbolic link
X-Force URL: http://xforce.iss.net/static/5915.php
_____
Date Reported: 1/10/01
Vulnerability: rdist-symlink
Platforms Affected: rdist
Risk Factor: High
Attack Type: Host Based
Brief Description: rdist symbolic link
X-Force URL: http://xforce.iss.net/static/5925.php
_____
Date Reported: 1/10/01
Vulnerability: squid-email-symlink
Platforms Affected: squid
Risk Factor: High
Attack Type: Host Based
Brief Description: squid email notification symbolic link
X-Force URL: http://xforce.iss.net/static/5921.php
_____
Date Reported: 1/10/01
Vulnerability: linux-diffutils-sdiff-symlimk
Platforms Affected: Linux
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux diffutils sdiff symbolic link
X-Force URL: http://xforce.iss.net/static/5914.php
_____
Date Reported: 1/10/01
Vulnerability: tcpdump-arpwatch-symlink
Platforms Affected: arpwatch
Risk Factor: High
Attack Type: Host Based
Brief Description: tcpdump arpwatch symbolic link
X-Force URL: http://xforce.iss.net/static/5922.php
_____
Date Reported: 1/10/01
Vulnerability: linuxconf-vpop3d-symlink
Platforms Affected: linuxconf
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linuxconf vpop3d symbolic link
X-Force URL: http://xforce.iss.net/static/5923.php
_____
Date Reported: 1/10/01
Vulnerability: shadow-utils-useradd-symlink
Platforms Affected: shadow-utils
Risk Factor: High
Attack Type: Host Based
Brief Description: shadow-utils useradd symbolic link
X-Force URL: http://xforce.iss.net/static/5927.php
_____
Date Reported: 1/10/01
Vulnerability: linux-glibc-read-files
Platforms Affected: Linux glibc
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux glibc library can allow users to read restricted files
X-Force URL: http://xforce.iss.net/static/5907.php
_____
Date Reported: 1/10/01
Vulnerability: gettyps-symlink
Platforms Affected: gettyps
Risk Factor: High
Attack Type: Host Based
Brief Description: getty_ps symbolic link
X-Force URL: http://xforce.iss.net/static/5924.php
_____
Date Reported: 1/10/01
Vulnerability: linux-gpm-symlink
Platforms Affected: gpm
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux gpm symbolic link attack
X-Force URL: http://xforce.iss.net/static/5917.php
_____
Date Reported: 1/10/01
Vulnerability: linux-mgetty-symlink
Platforms Affected: mgetty
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux mgetty symbolic link attack
X-Force URL: http://xforce.iss.net/static/5918.php
_____
Date Reported: 1/10/01
Vulnerability: linux-apache-symlink
Platforms Affected: Apache
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux Apache symbolic link
X-Force URL: http://xforce.iss.net/static/5926.php
_____
Date Reported: 1/10/01
Vulnerability: linux-inn-symlink
Platforms Affected: inn
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux INN tmp directory symbolic link
X-Force URL: http://xforce.iss.net/static/5916.php
_____
Date Reported: 1/10/01
Vulnerability: conferenceroom-developer-dos
Platforms Affected: ConferenceRoom Professional Edition
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: ConferenceRoom Developer Edition denial of service
X-Force URL: http://xforce.iss.net/static/5909.php
_____
Date Reported: 1/9/01
Vulnerability: oracle-xsql-execute-code
Platforms Affected: Oracle 8.1.7
Risk Factor: High
Attack Type: Network Based
Brief Description: Oracle XSQL servlet and xml-stylesheet allows code execution on server
X-Force URL: http://xforce.iss.net/static/5905.php
_____
Date Reported: 1/9/01
Vulnerability: netscreen-webui-bo
Platforms Affected: NetScreen
Risk Factor: Medium
Attack Type: Network Based
Brief Description: NetScreen Firewall WebUI buffer overflow
X-Force URL: http://xforce.iss.net/static/5908.php
_____
Date Reported: 1/9/01
Vulnerability: suse-reiserfs-long-filenames
Platforms Affected: SuSE 7.0
Risk Factor: High
Attack Type: Host Based
Brief Description: SuSE reiserfs long file name denial of service
X-Force URL: http://xforce.iss.net/static/5910.php
_____
Date Reported: 1/9/01
Vulnerability: interbase-backdoor-account
Platforms Affected: InterBase 6.01 and earlier
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: InterBase built-in backdoor account
X-Force URL: http://xforce.iss.net/static/5911.php
_____
Date Reported: 1/9/01
Vulnerability: interbase-hidden-function-dos
Platforms Affected: InterBase 6.01
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: InterBase hidden function denial of service
X-Force URL: http://xforce.iss.net/static/5912.php
_____
Date Reported: 1/9/01
Vulnerability: brickserver-thttpd-dos
Platforms Affected: BRICKServer Small Business
Risk Factor: Medium
Attack Type: Network Based
Brief Description: BRICKServer thttpd denial of service
X-Force URL: http://xforce.iss.net/static/5919.php
_____
Date Reported: 1/9/01
Vulnerability: solaris-exrecover-bo
Platforms Affected: Solaris (2.4, 2.5, 2.5.1, 2.6)
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Solaris exrecover buffer overflow
X-Force URL: http://xforce.iss.net/static/5913.php
_____
Date Reported: 1/9/01
Vulnerability: hp-inetd-swait-dos
Platforms Affected: HPUX
Risk Factor: Medium
Attack Type: Host Based
Brief Description: HP-UX inetd swait denial of service
X-Force URL: http://xforce.iss.net/static/5904.php
_____
Date Reported: 1/8/01
Vulnerability: microsoft-iis-read-files
Platforms Affected: IIS (4.0, 5.0)
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Microsoft IIS 5.0 allows the viewing of files through malformed URL
X-Force URL: http://xforce.iss.net/static/5903.php
_____
Date Reported: 1/8/01
Vulnerability: ibm-websphere-dos
Platforms Affected: IBM Websphere 3.52
IBM HTTP Server 1.3.12
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: IBM WebSphere denial of service
X-Force URL: http://xforce.iss.net/static/5900.php
_____
Date Reported: 1/8/01
Vulnerability: storagesoft-imagecast-dos
Platforms Affected: ImageCast 4.1
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: StorageSoft ImageCast denial of service
X-Force URL: http://xforce.iss.net/static/5901.php
_____
Date Reported: 1/8/01
Vulnerability: nai-pgp-replace-keys
Platforms Affected: PGP 7.0
Risk Factor: Medium
Attack Type: Host Based
Brief Description: PGP users may replace signed exported key blocks with arbitrary keys
X-Force URL: http://xforce.iss.net/static/5902.php
_____
Date Reported: 1/7/01
Vulnerability: http-cgi-bbs-forum
Platforms Affected: WebBBS 1.0
Risk Factor: High
Attack Type: Network Based
Brief Description: bbs_forum.cgi allows remote command execution
X-Force URL: http://xforce.iss.net/static/5906.php
_____
Date Reported: 1/5/01
Vulnerability: lotus-domino-directory-traversal
Platforms Affected: Lotus Domino 5.0.x
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Lotus Domino 5.0.x .nsf, .box, and .ns4 directory traversal
X-Force URL: http://xforce.iss.net/static/5899.php
_____
Date Reported: 1/5/01
Vulnerability: http-cgi-fastgraf
Platforms Affected: FASTGRAF
Risk Factor: High
Attack Type: Network Based
Brief Description: Fastgraf CGI scripts allow remote command execution
X-Force URL: http://xforce.iss.net/static/5897.php
_____
Date Reported: 1/4/01
Vulnerability: newsdesk-cgi-read-files
Platforms Affected: Newsdesk 1.2
Risk Factor: High
Attack Type: Network Based
Brief Description: Newsdesk.cgi allows read access to files
X-Force URL: http://xforce.iss.net/static/5898.php
_____
Date Reported: 1/1/01
Vulnerability: gtk-module-execute-code
Platforms Affected: GTK+ 1.2.8 and earlier
Risk Factor: High
Attack Type: Host Based
Brief Description: GTK+ arbitrary code execution using custom loadable module
X-Force URL: http://xforce.iss.net/static/5832.php
_____
Date Reported: 1/1/01
Vulnerability: linux-tty-writable-dos
Platforms Affected: Linux
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux writable TTY denial of service
X-Force URL: http://xforce.iss.net/static/5896.php
_____
Risk Factor Key:
High Any vulnerability that provides an attacker with immediate
access into a machine, gains superuser access, or bypasses
a firewall. Example: A vulnerable Sendmail 8.6.5 version
that allows an intruder to execute commands on mail
server.
Medium Any vulnerability that provides information that has a
high potential of giving system access to an intruder.
Example: A misconfigured TFTP or vulnerable NIS server
that allows an intruder to get the password file that
could contain an account with a guessable password.
Low Any vulnerability that provides information that
potentially could lead to a compromise. Example: A
finger that allows an intruder to find out who is online
and potential accounts to attempt to crack passwords
via brute force methods.
_____
Additional Information
This document is available at http://xforce.iss.net/alerts/advisennn.php.
To receive these Alerts and Advisories:
- - Subscribe to the Alert mailing list from
http://xforce.iss.net/maillists/index.php
- - Or send an email to majordomo@iss.net, and within the body of the
message type:
'subscribe alert' (without the quotes).
About Internet Security Systems (ISS)
Internet Security Systems, Inc. (ISS) (NASDAQ: ISSX) is the leading
global provider of security management solutions for the Internet.
By combining best of breed products, security management services,
aggressive research and development, and comprehensive educational
and consulting services, ISS is the trusted security advisor for
thousands of organizations around the world looking to protect their
mission critical information and networks.
Copyright (c) 2001 by Internet Security Systems, Inc.
Permission is hereby granted for the redistribution of this Alert
electronically. It is not to be edited in any way without express consent
of the X-Force. If you wish to reprint the whole or any part of this
Alert in any other medium excluding electronic medium, please e-mail
xforce@iss.net for permission.
Disclaimer
The information within this paper may change without notice. Use of this
information constitutes acceptance for use in an AS IS condition. There
are NO warranties with regard to this information. In no event shall the
author be liable for any damages whatsoever arising out of or in
connection with the use or spread of this information. Any use of this
information is at the user's own risk.
X-Force PGP Key available at: http://xforce.iss.net/sensitive.php as
well as on MIT's PGP key server and PGP.com's key server.
Please send suggestions, updates, and comments to: X-Force xforce@iss.net
of Internet Security Systems, Inc.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a
Charset: noconv
iQCVAwUBOogB2jRfJiV99eG9AQESogP9HsIDfUmYkJuWUmNqPhb22a6CVpi/TiG9
7mvhdGc3ySS6LqrvTZgXrBzAcxFlHrdTSmNka8yGiLvYAb0lnghFRZ2OxxRfK11m
AV9VS9/Yty/Qk8BnA/7tx4DIcM4Nhry1kTqTbDkpbcfXOb2LI2WUGnMHF/xkc1ge
3mV5zJXCUM4=
=ClrQ
-----END PGP SIGNATURE-----
| VAR-200101-0072 | CVE-2000-1098 | SonicWALL SOHO Firewall web Server service denial vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
The web server for the SonicWALL SOHO firewall allows remote attackers to cause a denial of service via an empty GET or POST request. Soho Firewall is prone to a denial-of-service vulnerability
| VAR-200101-0078 | CVE-2000-1104 | MS:MS00-060 (CVE-2000-0746) variant "IIS Cross-site scripting " Vulnerability |
CVSS V2: 7.5 CVSS V3: - Severity: HIGH |
Variant of the "IIS Cross-Site Scripting" vulnerability as originally discussed in MS:MS00-060 (CVE-2000-0746) allows a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client. The client then executes those scripts in the same context as the trusted site. IIS Far East Edition is prone to a cross-site scripting vulnerability