|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: X-Force (xforce
iss.net)Date: Tue Apr 02 2002 - 09:48:34 CST
TO UNSUBSCRIBE: email "unsubscribe alert" in the body of your message to
majordomoiss.net Contact alert-owneriss.net for help with any problems!
---------------------------------------------------------------------------
-----BEGIN PGP SIGNED MESSAGE-----
Internet Security Systems Security Alert Summary AS02-13
April 1, 2002
X-Force Vulnerability and Threat Database:
http://www.iss.net/security_center
To receive these Alert Summaries, as well as other Alerts and
Advisories, subscribe to the Internet Security Systems Alert
mailing list at:
http://www.iss.net/security_center/maillists
This summary is available at the following address:
http://www.iss.net/security_center/alerts/AS02-13.php
_____
Contents:
* 45 Reported Vulnerabilities
* Risk Factor Key
_____
Date Reported: 03/20/2002
Brief Description: Libsafe unimplemented flag character format string
protection bypass
Risk Factor: Medium
Attack Type: Host Based
Platforms: Libsafe 2.0-11 and earlier
Vulnerability: libsafe-flagchar-protection-bypass
X-Force URL: http://www.iss.net/security_center/static/8593.php
Date Reported: 03/20/2002
Brief Description: Libsafe argument number format string protection
bypass
Risk Factor: Medium
Attack Type: Host Based
Platforms: Libsafe 2.0-11 and earlier
Vulnerability: libsafe-argnum-protection-bypass
X-Force URL: http://www.iss.net/security_center/static/8594.php
Date Reported: 03/20/2002
Brief Description: Webmin uses insecure permissions for some
directories
Risk Factor: Low
Attack Type: Host Based
Platforms: Webmin 0.92 and prior RPM
Vulnerability: webmin-directory-permissions
X-Force URL: http://www.iss.net/security_center/static/8595.php
Date Reported: 03/20/2002
Brief Description: Webmin function allows local attacker to execute
script code
Risk Factor: High
Attack Type: Host Based
Platforms: Webmin 0.92 and prior RPM
Vulnerability: webmin-functions-execute-code
X-Force URL: http://www.iss.net/security_center/static/8596.php
Date Reported: 03/20/2002
Brief Description: Caldera OpenUnix and UnixWare rpc.cmsd buffer
overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Caldera OpenUnix 8.0.0, Caldera UnixWare 7.1.1
Vulnerability: openunix-unixware-rpccmsd-bo
X-Force URL: http://www.iss.net/security_center/static/8597.php
Date Reported: 03/21/2002
Brief Description: Webmin stores plaintext usernames and passwords in
the /etc/webmin/servers directory
Risk Factor: High
Attack Type: Host Based
Platforms: Webmin 0.92 and prior RPM
Vulnerability: webmin-servers-plaintext-credentials
X-Force URL: http://www.iss.net/security_center/static/8598.php
Date Reported: 03/21/2002
Brief Description: Linux Directory Penguin Traceroute remote command
execution
Risk Factor: High
Attack Type: Network Based
Platforms: Penguin Traceroute 1.0
Vulnerability: penguin-traceroute-command-execution
X-Force URL: http://www.iss.net/security_center/static/8600.php
Date Reported: 03/22/2002
Brief Description: Linux Directory Penguin NsLookup remote command
execution
Risk Factor: High
Attack Type: Network Based
Platforms: Penguin NsLookup 1.0
Vulnerability: penguin-nslookup-command-execution
X-Force URL: http://www.iss.net/security_center/static/8601.php
Date Reported: 03/21/2002
Brief Description: Microsoft Outlook allows an attacker to execute
JavaScript code by using IFRAME tags to reference
malicious Windows Media Player file
Risk Factor: High
Attack Type: Network Based
Platforms: Microsoft Outlook 2002
Vulnerability: outlook-iframe-javascript
X-Force URL: http://www.iss.net/security_center/static/8604.php
Date Reported: 03/22/2002
Brief Description: PostNuke modules.php and index.php cross-site
scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: PostNuke 0.71 and earlier
Vulnerability: postnuke-modules-index-css
X-Force URL: http://www.iss.net/security_center/static/8605.php
Date Reported: 03/21/2002
Brief Description: HP Praesidium Webproxy could allow unauthorized
remote access
Risk Factor: Medium
Attack Type: Network Based
Platforms: HP Praesidium Webproxy 1.0, HP-UX 11.04 VVOS
Vulnerability: hp-praesidium-unauth-access
X-Force URL: http://www.iss.net/security_center/static/8606.php
Date Reported: 03/21/2002
Brief Description: Gravity Storm Service Pack Manager 2000 hidden
share could give access to system32 directory
Risk Factor: Medium
Attack Type: Host Based / Network Based
Platforms: Service Pack Manager 2000 6.3 and earlier
Vulnerability: sp-manager-insecure-directories
X-Force URL: http://www.iss.net/security_center/static/8607.php
Date Reported: 03/22/2002
Brief Description: "Use Microsoft's viewer" in email clients could
allow an attacker to execute attachments using
t:video tags
Risk Factor: High
Attack Type: Host Based / Network Based
Platforms: Eudora All versions, Microsoft Outlook All
versions, Microsoft Outlook Express All versions
Vulnerability: msviewer-tvideo-execute-attachment
X-Force URL: http://www.iss.net/security_center/static/8609.php
Date Reported: 03/22/2002
Brief Description: NetSupport Manager "dot dot" directory traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms: NetSupport Manager prior to 7.0
Vulnerability: netsupport-manager-directory-traversal
X-Force URL: http://www.iss.net/security_center/static/8610.php
Date Reported: 03/20/2002
Brief Description: Microsoft Outlook IFRAME tags allows malicious Web
sites to embed URLs
Risk Factor: Medium
Attack Type: Network Based
Platforms: Microsoft Outlook 2002
Vulnerability: outlook-iframe-url
X-Force URL: http://www.iss.net/security_center/static/8611.php
Date Reported: 03/22/2002
Brief Description: Intellisol Xpede re-authentication plaintext
password
Risk Factor: Medium
Attack Type: Host Based
Platforms: Intellisol Xpede 4.1, Intellisol Xpede 7.x
Vulnerability: xpede-reauth-plaintext-password
X-Force URL: http://www.iss.net/security_center/static/8612.php
Date Reported: 03/20/2002
Brief Description: Microsoft Outlook allows remote attacker to embed
JavaScript in URLs using HREF attribute
Risk Factor: Medium
Attack Type: Network Based
Platforms: Microsoft Outlook 2002
Vulnerability: outlook-href-url-javascript
X-Force URL: http://www.iss.net/security_center/static/8613.php
Date Reported: 03/22/2002
Brief Description: Intellisol Xpede stores plaintext passwords in
cookies using weak encryption
Risk Factor: Medium
Attack Type: Host Based / Network Based
Platforms: Intellisol Xpede 4.1, Intellisol Xpede 7.x
Vulnerability: xpede-password-weak-encryption
X-Force URL: http://www.iss.net/security_center/static/8614.php
Date Reported: 03/20/2002
Brief Description: Microsoft Outlook image tags allows remote attacker
to bypass cookie settings
Risk Factor: Low
Attack Type: Network Based
Platforms: Microsoft Outlook 2002
Vulnerability: outlook-img-bypass-cookie
X-Force URL: http://www.iss.net/security_center/static/8615.php
Date Reported: 03/20/2002
Brief Description: PHP-Nuke index.php path disclosure
Risk Factor: Low
Attack Type: Network Based
Platforms: PHP-Nuke 5.4 and earlier
Vulnerability: phpnuke-index-path-disclosure
X-Force URL: http://www.iss.net/security_center/static/8618.php
Date Reported: 03/22/2002
Brief Description: vBulletin memberlist.php allows remote attacker to
execute script code
Risk Factor: High
Attack Type: Network Based
Platforms: vBulletin 2.2.4 and prior
Vulnerability: vbulletin-memberlist-execute-code
X-Force URL: http://www.iss.net/security_center/static/8619.php
Date Reported: 03/24/2002
Brief Description: Alguest PHP could allow administrative access to
the guestbook
Risk Factor: Medium
Attack Type: Network Based
Platforms: Alguest 1.0
Vulnerability: alguest-php-admin-access
X-Force URL: http://www.iss.net/security_center/static/8623.php
Date Reported: 03/25/2002
Brief Description: WebSight Directory System cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: WebSight Directory System 0.1
Vulnerability: websight-directory-system-css
X-Force URL: http://www.iss.net/security_center/static/8624.php
Date Reported: 03/19/2002
Brief Description: BSD systems using YP with netgroups in the password
database
Risk Factor: Medium
Attack Type: Host Based
Platforms: OpenBSD 3.0
Vulnerability: bsd-yp-execute-shell
X-Force URL: http://www.iss.net/security_center/static/8625.php
Date Reported: 03/26/2002
Brief Description: SouthWest talk server HTTP port denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: SouthWest 1.0.0
Vulnerability: southwest-http-port-dos
X-Force URL: http://www.iss.net/security_center/static/8626.php
Date Reported: 03/18/2002
Brief Description: JZlib InfBlocks.java denial of service
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms: JZlib prior to 0.0.7
Vulnerability: jzlib-infblocks-dos
X-Force URL: http://www.iss.net/security_center/static/8627.php
Date Reported: 03/26/2002
Brief Description: Squid Web Proxy Cache DSN reply denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: FreeBSD Ports Collection prior to 2002-03-26, Squid
Web Proxy Cache 2.x to 2.4.STABLE4
Vulnerability: squid-dns-reply-dos
X-Force URL: http://www.iss.net/security_center/static/8628.php
Date Reported: 03/25/2002
Brief Description: Apache HTTP Server double-reverse DNS lookup
spoofing
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms: Apache HTTP Server 1.3.23 and earlier
Vulnerability: apache-double-reverse-spoof
X-Force URL: http://www.iss.net/security_center/static/8629.php
Date Reported: 03/18/2002
Brief Description: jo! Web server JSP error message cross-site
scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: jo! 1.0beta6 and earlier
Vulnerability: jo-jsp-css
X-Force URL: http://www.iss.net/security_center/static/8630.php
Date Reported: 03/26/2002
Brief Description: Linux kernel d_path() function truncates path
Risk Factor: Medium
Attack Type: Host Based
Platforms: Linux kernel 2.2.x, Linux kernel 2.3.x, Linux
kernel 2.4.x
Vulnerability: linux-dpath-truncate-path
X-Force URL: http://www.iss.net/security_center/static/8634.php
Date Reported: 03/26/2002
Brief Description: TotalView insecure UID/GID privileges
Risk Factor: Medium
Attack Type: Host Based
Platforms: TotalView 5.0.0-4 for Linux
Vulnerability: totalview-insecure-privileges
X-Force URL: http://www.iss.net/security_center/static/8635.php
Date Reported: 03/25/2002
Brief Description: csSearch allows remote attacker to URL encoded Perl
commands
Risk Factor: Medium
Attack Type: Network Based
Platforms: csSearch 2.3 and prior
Vulnerability: cssearch-url-execute-commands
X-Force URL: http://www.iss.net/security_center/static/8636.php
Date Reported: 03/23/2002
Brief Description: Instant Web Mail could allow the execution of POP3
commands
Risk Factor: High
Attack Type: Network Based
Platforms: Instant Web Mail 0.59 and earlier
Vulnerability: instant-webmail-pop-commands
X-Force URL: http://www.iss.net/security_center/static/8650.php
Date Reported: 03/26/2002
Brief Description: OpenKeyServer Web interface cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: OpenKeyServer 1.2
Vulnerability: openkeyserver-web-interface-css
X-Force URL: http://www.iss.net/security_center/static/8651.php
Date Reported: 03/27/2002
Brief Description: LogWatch /tmp directory race condition
Risk Factor: High
Attack Type: Host Based
Platforms: LogWatch 2.1.1, Red Hat Linux 7.2
Vulnerability: logwatch-tmp-race-condition
X-Force URL: http://www.iss.net/security_center/static/8652.php
Date Reported: 03/27/2002
Brief Description: Posadis contains format string in the logging
function
Risk Factor: Medium
Attack Type: Host Based / Network Based
Platforms: Posadis m5pre1
Vulnerability: posadis-logging-format-string
X-Force URL: http://www.iss.net/security_center/static/8653.php
Date Reported: 03/27/2002
Brief Description: Citrix NFuse boilerplate.asp "dot dot" directory
traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms: Citrix NFuse 1.5
Vulnerability: nfuse-boilerplate-directory-traversal
X-Force URL: http://www.iss.net/security_center/static/8654.php
Date Reported: 03/28/2002
Brief Description: Cisco CallManager CTI memory leak
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms: Cisco CallManager 3.1
Vulnerability: cisco-cti-memory-leak
X-Force URL: http://www.iss.net/security_center/static/8655.php
Date Reported: 03/28/2002
Brief Description: Analog logfile cross-site scripting
Risk Factor: Medium
Attack Type: Host Based / Network Based
Platforms: Analog prior to 5.22, Debian Linux 2.2
Vulnerability: analog-logfile-css
X-Force URL: http://www.iss.net/security_center/static/8656.php
Date Reported: 03/28/2002
Brief Description: Oracle9i TNS Listener one TCP packet can cause a
denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Oracle9i 9.0.1.1
Vulnerability: oracle-tns-onetcp-dos
X-Force URL: http://www.iss.net/security_center/static/8657.php
Date Reported: 03/27/2002
Brief Description: Internet Explorer DYNSRC information disclosure
Risk Factor: Low
Attack Type: Network Based
Platforms: Microsoft Internet Explorer 5.0, Microsoft Internet
Explorer 5.01, Microsoft Internet Explorer 5.5,
Microsoft Internet Explorer 6.0
Vulnerability: ie-dynsrc-information-disclosure
X-Force URL: http://www.iss.net/security_center/static/8658.php
Date Reported: 03/27/2002
Brief Description: Citrix NFuse launch.* cross-site scripting
Risk Factor: High
Attack Type: Network Based
Platforms: Citrix NFuse 1.51, Citrix NFuse 1.6
Vulnerability: nfuse-launch-css
X-Force URL: http://www.iss.net/security_center/static/8659.php
Date Reported: 03/28/2002
Brief Description: WWWIsis improper input validation could allow
remote command execution
Risk Factor: High
Attack Type: Network Based
Platforms: WWWIsis 3.45
Vulnerability: wwwisis-remote-command-execution
X-Force URL: http://www.iss.net/security_center/static/8660.php
Date Reported: 03/27/2002
Brief Description: RCA Cable Modem remote reset denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: RCA Digital Cable Modem DCM225
Vulnerability: rca-cablemodem-reset-dos
X-Force URL: http://www.iss.net/security_center/static/8661.php
Date Reported: 03/27/2002
Brief Description: RCA Digital Cable Modem public SNMP access
Risk Factor: Medium
Attack Type: Network Based
Platforms: RCA Digital Cable Modem DCM225
Vulnerability: rca-cablemodem-snmp-public
X-Force URL: http://www.iss.net/security_center/static/8662.php
_____
Risk Factor Key:
High Any vulnerability that provides an attacker with immediate
access into a machine, gains superuser access, or bypasses
a firewall. Example: A vulnerable Sendmail 8.6.5 version
that allows an intruder to execute commands on mail server.
Medium Any vulnerability that provides information that has a high
potential of giving system access to an intruder. Example:
A misconfigured TFTP or vulnerable NIS server that allows
an intruder to get the password file that could contain an
account with a guessable password.
Low Any vulnerability that provides information that could
potentially lead to a compromise. Example: A finger that
allows an intruder to find out who is online and potential
accounts to attempt to crack passwords via brute force
methods.
______
About Internet Security Systems (ISS)
Founded in 1994, Internet Security Systems (ISS) (Nasdaq: ISSX) is a
pioneer and world leader in software and services that protect critical
online resources from an ever-changing spectrum of threats and misuse.
Internet Security Systems is headquartered in Atlanta, GA, with
additional operations throughout the Americas, Asia, Australia, Europe
and the Middle East.
Copyright (c) 2002 Internet Security Systems, Inc. All rights reserved
worldwide.
Permission is hereby granted for the electronic redistribution of this
document. It is not to be edited or altered in any way without the
express written consent of the Internet Security Systems X-Force. If you
wish to reprint the whole or any part of this document in any other
medium excluding electronic media, please email xforceiss.net for
permission.
Disclaimer: The information within this paper may change without notice.
Use of this information constitutes acceptance for use in an AS IS
condition. There are NO warranties, implied or otherwise, with regard to
this information or its use. Any use of this information is at the
user's risk. In no event shall the author/distributor (Internet Security
Systems X-Force) be held liable for any damages whatsoever arising out
of or in connection with the use or spread of this information.
X-Force PGP Key available on MIT's PGP key server and PGP.com's key server,
as well as at http://www.iss.net/security_center/sensitive.php
Please send suggestions, updates, and comments to: X-Force
xforceiss.net of Internet Security Systems, Inc.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBPKnSsTRfJiV99eG9AQGR5AP9E3zT2gPu8ZDQ2/EzDVYkOa1IrOEpYqoS
zbNL9wIESnEej9toueP9/mY7UrszrAhbLwN7gtqQ4CPntVsW+yS4lmMkKKRLUMe2
mnUfgIyZutNt/lWhkKHIuWFW1pfCVFc/I3wyKLleoIQW9Ze5uelGXcEjVmALZdFD
fy2/iygKdXk=
=mcIG
-----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]