|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: X-Force (xforce_at_iss.net)
Date: Mon Jul 15 2002 - 14:47:42 CDT
TO UNSUBSCRIBE: email "unsubscribe alert" in the body of your message to
majordomo
iss.net Contact alert-owneriss.net for help with any problems!
---------------------------------------------------------------------------
-----BEGIN PGP SIGNED MESSAGE-----
Internet Security Systems Security Alert Summary AS02-28
July 15, 2002
X-Force Vulnerability and Threat Database:
http://www.iss.net/security_center
To receive these Alert Summaries, as well as other Alerts and
Advisories, subscribe to the Internet Security Systems Alert
mailing list at:
http://www.iss.net/security_center/maillists
This summary is available at the following address:
http://www.iss.net/security_center/alerts/AS02-28.php
_____
Contents:
* 43 Reported Vulnerabilities
* Risk Factor Key
_____
Date Reported: 07/05/2002
Brief Description: Winamp automatic version update check buffer
overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Winamp 2.80 and earlier, Windows All versions
Vulnerability: winamp-auto-update-bo
X-Force URL: http://www.iss.net/security_center/static/9488.php
Date Reported: 07/01/2002
Brief Description: Solaris /dev/poll system panic denial of service
Risk Factor: Low
Attack Type: Host Based
Platforms: Solaris 8
Vulnerability: solaris-poll-dos
X-Force URL: http://www.iss.net/security_center/static/9489.php
Date Reported: 07/04/2002
Brief Description: Worldspan Res Manager malformed packet denial of
service
Risk Factor: Low
Attack Type: Network Based
Platforms: Windows All versions, Worldspan Res Manager 4.1
Vulnerability: worldspan-res-manager-dos
X-Force URL: http://www.iss.net/security_center/static/9490.php
Date Reported: 07/04/2002
Brief Description: nn NNTP error message format string
Risk Factor: High
Attack Type: Network Based
Platforms: nn 6.6.3 and earlier, Unix All versions
Vulnerability: nn-error-msg-format-string
X-Force URL: http://www.iss.net/security_center/static/9491.php
Date Reported: 07/01/2002
Brief Description: Solaris System Serial Console could allow an
attacker to recover keystrokes
Risk Factor: Medium
Attack Type: Host Based
Platforms: Solaris 2.5.1, Solaris 2.6, Solaris 7
Vulnerability: solaris-serial-console-information
X-Force URL: http://www.iss.net/security_center/static/9492.php
Date Reported: 07/07/2002
Brief Description: KF Web Server NULL byte character could allow an
attacker to view directory contents
Risk Factor: Medium
Attack Type: Network Based
Platforms: KF Web Server 1.0.2, Windows 2000, Windows 98,
Windows ME, Windows XP
Vulnerability: kfwebserver-null-view-dir
X-Force URL: http://www.iss.net/security_center/static/9500.php
Date Reported: 07/03/2002
Brief Description: MyWebServer long URL buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: MyWebServer 1.0.2, Windows All versions
Vulnerability: mywebserver-long-url-bo
X-Force URL: http://www.iss.net/security_center/static/9501.php
Date Reported: 07/07/2002
Brief Description: Mac OS X SoftwareUpdate HTTP connection has no
authentication
Risk Factor: Medium
Attack Type: Network Based
Platforms: MacOS X 10.1.x
Vulnerability: macos-softwareupdate-no-auth
X-Force URL: http://www.iss.net/security_center/static/9502.php
Date Reported: 07/07/2002
Brief Description: Webresolve long hostname buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Linux All versions, Webresolve 0.1.0 and earlier
Vulnerability: webresolve-hostname-bo
X-Force URL: http://www.iss.net/security_center/static/9503.php
Date Reported: 07/05/2002
Brief Description: ROX-Filer has insecure file permissions
Risk Factor: Medium
Attack Type: Host Based
Platforms: Linux All versions, ROX-Filer prior to 1.2.1, Unix
All versions
Vulnerability: rox-filer-insecure-permissions
X-Force URL: http://www.iss.net/security_center/static/9504.php
Date Reported: 07/03/2002
Brief Description: Pen netlog() buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Linux All versions, Pen 0.9.2 and earlier, Unix All
versions, Windows All versions
Vulnerability: pen-netlog-bo
X-Force URL: http://www.iss.net/security_center/static/9505.php
Date Reported: 07/09/2002
Brief Description: iPlanet Web Server search enabled NS-rel-doc-name
buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: HP-UX 11.00, HP-UX 11i, iPlanet Web Server 4.1,
iPlanet Web Server 6.0, Red Hat Linux 6.2, Solaris
2.6, Solaris 7, Solaris 8, Tru64 DIGITAL UNIX 5.0A,
Tru64 DIGITAL UNIX 5.1, Tru64 DIGITAL UNIX 5.1A,
Windows 2000, Windows NT 4.0
Vulnerability: iplanet-search-bo
X-Force URL: http://www.iss.net/security_center/static/9506.php
Date Reported: 07/05/2002
Brief Description: kmMail "safe" tag cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: kmMail prior to 1.0b.1, Linux All versions, Unix
All versions, Windows All versions
Vulnerability: kmmail-safe-tag-xss
X-Force URL: http://www.iss.net/security_center/static/9507.php
Date Reported: 07/04/2002
Brief Description: Nagios plugin shell metacharacter command execution
Risk Factor: High
Attack Type: Network Based
Platforms: Linux All versions, Nagios 1.0b3 and earlier
Vulnerability: nagios-plugin-command-execution
X-Force URL: http://www.iss.net/security_center/static/9508.php
Date Reported: 07/09/2002
Brief Description: WatchGuard Firebox DVCP denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: WatchGuard Firebox 5.x.x
Vulnerability: firebox-dvcp-dos
X-Force URL: http://www.iss.net/security_center/static/9509.php
Date Reported: 07/03/2002
Brief Description: Share360 cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: FreeBSD All versions, Linux All versions, Share360
1.1, Windows All versions
Vulnerability: share360-xss
X-Force URL: http://www.iss.net/security_center/static/9510.php
Date Reported: 07/01/2002
Brief Description: WatchGuard Firebox SOHO insecure FTP authentication
Risk Factor: Medium
Attack Type: Network Based
Platforms: WatchGuard Firebox SOHO 5.0.35a
Vulnerability: firebox-soho-ftp-insecure
X-Force URL: http://www.iss.net/security_center/static/9511.php
Date Reported: 07/08/2002
Brief Description: BadBlue cleanSearchString() cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: BadBlue Personal Edition 1.7.3, Windows All
versions
Vulnerability: badblue-cleansearchstring-xss
X-Force URL: http://www.iss.net/security_center/static/9514.php
Date Reported: 07/07/2002
Brief Description: Linux kernel NR_RESERVED_FILES limit exceeded
denial of service
Risk Factor: Low
Attack Type: Host Based
Platforms: Linux kernel 2.4.x
Vulnerability: linux-file-limit-dos
X-Force URL: http://www.iss.net/security_center/static/9515.php
Date Reported: 07/07/2002
Brief Description: XiRCON large client command denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Windows All versions, XiRCON 1.0 Beta 4
Vulnerability: xircon-client-command-dos
X-Force URL: http://www.iss.net/security_center/static/9516.php
Date Reported: 07/09/2002
Brief Description: iPlanet Web Server search engine NS-query-pat
command can be used to view any file
Risk Factor: Medium
Attack Type: Network Based
Platforms: iPlanet Web Server 4.1, iPlanet Web Server 6.0,
Windows 2000, Windows NT
Vulnerability: iplanet-search-view-files
X-Force URL: http://www.iss.net/security_center/static/9517.php
Date Reported: 07/10/2002
Brief Description: GoAhead WebServer 404 message cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: GoAhead WebServer 2.1, Linux All versions, Novell
NetWare All versions, Windows 95, Windows 98,
Windows CE, Windows NT
Vulnerability: goahead-error-msg-xss
X-Force URL: http://www.iss.net/security_center/static/9518.php
Date Reported: 07/10/2002
Brief Description: GoAhead WebServer hexadecimal URL encoded "dot dot"
directory traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms: GoAhead WebServer 2.1, Linux All versions, Novell
NetWare All versions, Windows 95, Windows 98,
Windows CE, Windows NT
Vulnerability: goahead-encoded-directory-traversal
X-Force URL: http://www.iss.net/security_center/static/9519.php
Date Reported: 07/10/2002
Brief Description: Apache Tomcat /servlet/ mapping cross-site
scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux All versions, Tomcat 4.0.3, Windows All
versions
Vulnerability: tomcat-servlet-xss
X-Force URL: http://www.iss.net/security_center/static/9520.php
Date Reported: 07/10/2002
Brief Description: Carello Shopping Cart hidden form fields could be
used to call arbitrary executable files
Risk Factor: High
Attack Type: Network Based
Platforms: Carello 1.3, Windows 2000, Windows NT
Vulnerability: carello-local-file-execution
X-Force URL: http://www.iss.net/security_center/static/9521.php
Date Reported: 07/10/2002
Brief Description: Microsoft SQL Server bulk data insert buffer
overflow
Risk Factor: High
Attack Type: Host Based / Network Based
Platforms: Microsoft SQL Server 2000, Microsoft SQL Server
Desktop Engine 2000, Windows 2000, Windows NT
Vulnerability: mssql-bulk-insert-bo
X-Force URL: http://www.iss.net/security_center/static/9522.php
Date Reported: 07/10/2002
Brief Description: Microsoft SQL Server service account insecure
registry permissions
Risk Factor: High
Attack Type: Host Based / Network Based
Platforms: Microsoft SQL Server 2000, Microsoft SQL Server
Desktop Engine 2000, Windows 2000, Windows NT
Vulnerability: mssql-registry-insecure-permissions
X-Force URL: http://www.iss.net/security_center/static/9523.php
Date Reported: 07/10/2002
Brief Description: Microsoft SQL Server could store some passwords
insecurely
Risk Factor: Medium
Attack Type: Host Based / Network Based
Platforms: Microsoft MSDE 1.0, Microsoft SQL Server 2000,
Microsoft SQL Server 7.0, Windows 2000, Windows NT
Vulnerability: mssql-insecure-password-storage
X-Force URL: http://www.iss.net/security_center/static/9524.php
Date Reported: 07/10/2002
Brief Description: PGP Outlook plug-in heap buffer overflow could
allow remote code execution
Risk Factor: High
Attack Type: Network Based
Platforms: PGP Desktop Security 7.0.4, PGP Freeware 7.0.3, PGP
Personal Security 7.0.3, Windows All versions
Vulnerability: pgp-outlook-heap-overflow
X-Force URL: http://www.iss.net/security_center/static/9525.php
Date Reported: 07/10/2002
Brief Description: CDE ToolTalk rpc.ttdbserverd _TT_ISCLOSE() improper
validation
Risk Factor: High
Attack Type: Host Based / Network Based
Platforms: AIX 4.3.3, AIX 5.1, Caldera OpenUnix 8.0.0, Caldera
UnixWare 7.1.1, deXtop CDE 2.1, HP-UX 10.10, HP-UX
10.20, HP-UX 11.00, HP-UX 11.11, Solaris 2.5.1,
Solaris 2.6, Solaris 7, Solaris 8, Solaris 9, Tru64
DIGITAL UNIX All versions
Vulnerability: tooltalk-ttdbserverd-ttisclose-validation
X-Force URL: http://www.iss.net/security_center/static/9526.php
Date Reported: 07/10/2002
Brief Description: CDE ToolTalk rpc.ttdbserverd _TT_TRANSACTION()
symlink
Risk Factor: High
Attack Type: Host Based
Platforms: AIX 4.3.3, AIX 5.1, Caldera OpenUnix 8.0.0, Caldera
UnixWare 7.1.1, deXtop CDE 2.1, Solaris 2.5.1,
Solaris 2.6, Solaris 7, Solaris 8, Solaris 9, Tru64
DIGITAL UNIX All versions
Vulnerability: tooltalk-ttdbserverd-tttransaction-symlink
X-Force URL: http://www.iss.net/security_center/static/9527.php
Date Reported: 07/09/2002
Brief Description: BadBlue malformed GET request denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: BadBlue Personal Edition 1.7.3, Windows All
versions
Vulnerability: badblue-get-dos
X-Force URL: http://www.iss.net/security_center/static/9528.php
Date Reported: 07/09/2002
Brief Description: BadBlue ISAPI denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: BadBlue Personal Edition 1.7.3, Windows All
versions
Vulnerability: badblue-isapi-dos
X-Force URL: http://www.iss.net/security_center/static/9529.php
Date Reported: 07/09/2002
Brief Description: Icecast "dot dot" sequences could be used to
determine sensitive information
Risk Factor: Low
Attack Type: Network Based
Platforms: Icecast 1.3.12, Linux All versions, Windows All
versions
Vulnerability: icecast-dotdot-information-disclosure
X-Force URL: http://www.iss.net/security_center/static/9530.php
Date Reported: 07/07/2002
Brief Description: Double Choco Latte allows HTML injection
Risk Factor: Medium
Attack Type: Network Based
Platforms: BSD All versions, Double Choco Latte prior to
20020706, Linux All versions, Unix All versions,
Windows All versions
Vulnerability: dcl-html-injection
X-Force URL: http://www.iss.net/security_center/static/9532.php
Date Reported: 07/10/2002
Brief Description: Fluid Dynamics Search Engine "Rank" and "Match"
cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Fluid Dynamics Search Engine 2.0.0.0054 and prior,
Linux All versions, Unix All versions, Windows All
versions
Vulnerability: fd-search-xss
X-Force URL: http://www.iss.net/security_center/static/9533.php
Date Reported: 07/10/2002
Brief Description: Sharp Zaurus uses insecure FTP permissions
Risk Factor: High
Attack Type: Network Based
Platforms: Zaurus SL-5000D, Zaurus SL-5500
Vulnerability: zaurus-insecure-ftp-permissions
X-Force URL: http://www.iss.net/security_center/static/9534.php
Date Reported: 07/10/2002
Brief Description: Sharp Zaurus passcode uses weak encryption
algorithm
Risk Factor: Medium
Attack Type: Host Based
Platforms: Zaurus SL-5000D, Zaurus SL-5500
Vulnerability: zaurus-passcode-weak-encryption
X-Force URL: http://www.iss.net/security_center/static/9535.php
Date Reported: 07/10/2002
Brief Description: HP Advanced Server/9000 RFC-NetBIOS denial of
service
Risk Factor: Low
Attack Type: Network Based
Platforms: HP Advanced Server/9000 B.04.05 to B.04.09, HP-UX
11.04, HP-UX 11.11
Vulnerability: hp-as-rfcnetbios-dos
X-Force URL: http://www.iss.net/security_center/static/9536.php
Date Reported: 07/10/2002
Brief Description: Internet Explorer WebBrowser control OBJECT
property could allow cross domain scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Microsoft Internet Explorer 5.5, Microsoft Internet
Explorer 6.0, Windows 2000, Windows 98, Windows NT,
Windows XP
Vulnerability: ie-object-scripting
X-Force URL: http://www.iss.net/security_center/static/9537.php
Date Reported: 07/12/2002
Brief Description: RealOne Player Gold and RealJukebox2 RJS skin file
"CONTROLnImage" buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: RealJukebox2 1.0.2.340, RealJukebox2 1.0.2.379,
RealJukebox2 Plus 1.0.2.340, RealJukebox2 Plus
1.0.2.379, RealOne Player Gold 6.0.10.505, Windows
All versions
Vulnerability: realplayer-rjs-controlnimage-bo
X-Force URL: http://www.iss.net/security_center/static/9538.php
Date Reported: 07/12/2002
Brief Description: RealOne Player Gold and RealJukebox2 RJS skin file
download and execution
Risk Factor: Medium
Attack Type: Network Based
Platforms: RealJukebox2 1.0.2.340, RealJukebox2 1.0.2.379,
RealJukebox2 Plus 1.0.2.340, RealJukebox2 Plus
1.0.2.379, RealOne Player Gold 6.0.10.505, Windows
All versions
Vulnerability: realplayer-rjs-file-download
X-Force URL: http://www.iss.net/security_center/static/9539.php
Date Reported: 07/12/2002
Brief Description: ActivWebserver HTML tag cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: ActivWebserver All versions, Windows All versions
Vulnerability: activwebserver-html-xss
X-Force URL: http://www.iss.net/security_center/static/9540.php
_____
Risk Factor Key:
High Any vulnerability that provides an attacker with immediate
access into a machine, gains superuser access, or bypasses
a firewall. Example: A vulnerable Sendmail 8.6.5 version
that allows an intruder to execute commands on mail server.
Medium Any vulnerability that provides information that has a high
potential of giving system access to an intruder. Example:
A misconfigured TFTP or vulnerable NIS server that allows
an intruder to get the password file that could contain an
account with a guessable password.
Low Any vulnerability that provides information that could
potentially lead to a compromise. Example: A finger that
allows an intruder to find out who is online and potential
accounts to attempt to crack passwords via brute force
methods.
______
About Internet Security Systems (ISS)
Founded in 1994, Internet Security Systems (ISS) (Nasdaq: ISSX) is a
pioneer and world leader in software and services that protect critical
online resources from an ever-changing spectrum of threats and misuse.
Internet Security Systems is headquartered in Atlanta, GA, with
additional operations throughout the Americas, Asia, Australia, Europe
and the Middle East.
Copyright (c) 2002 Internet Security Systems, Inc. All rights reserved
worldwide.
Permission is hereby granted for the electronic redistribution of this
document. It is not to be edited or altered in any way without the
express written consent of the Internet Security Systems X-Force. If you
wish to reprint the whole or any part of this document in any other
medium excluding electronic media, please email xforceiss.net for
permission.
Disclaimer: The information within this paper may change without notice. Internet
Security Systems provides this information on an AS IS basis with NO warranties,
implied or otherwise. Any use of this information is at the user’s risk. In no event
shall Internet Security Systems be held liable for any damages whatsoever arising
out of or in connection with the use or dissemination of this information.
X-Force PGP Key available on MIT's PGP key server and PGP.com's key server,
as well as at http://www.iss.net/security_center/sensitive.php
Please send suggestions, updates, and comments to: X-Force
xforceiss.net of Internet Security Systems, Inc.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBPTMj3TRfJiV99eG9AQFFNgQAm2t3ZIfMgKfmTn+q62IYTlA0EX/BCgCC
iizWNyfrrF2+zHNNHtFPZ6LMXWuTq3BU1zkPvOEcN+OdLxtBceMlcS5SmlcwP8PN
UBqpzyFBZCd6HiZSSfCD8kktl8P5Tk43LRUZsNTVXDQjjR2sDMaU/7OasE4ZSHAb
CTElZpFq4bA=
=Ogg1
-----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]