|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: X-Force (xforce_at_iss.net)
Date: Mon Aug 05 2002 - 13:49:33 CDT
TO UNSUBSCRIBE: email "unsubscribe alert" in the body of your message to
majordomo
iss.net Contact alert-owneriss.net for help with any problems!
---------------------------------------------------------------------------
-----BEGIN PGP SIGNED MESSAGE-----
Internet Security Systems Security Alert Summary AS02-31
August 5, 2002
X-Force Vulnerability and Threat Database:
http://www.iss.net/security_center
To receive these Alert Summaries, as well as other Alerts and
Advisories, subscribe to the Internet Security Systems Alert
mailing list at:
http://www.iss.net/security_center/maillists
This summary is available at the following address:
http://www.iss.net/security_center/alerts/AS02-31.php
_____
Contents:
* 50 Reported Vulnerabilities
* Risk Factor Key
_____
Date Reported: 07/31/2002
Brief Description: SunRPC xdr_array buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Solaris 2.5.1, Solaris 2.6, Solaris 7, Solaris 8,
Solaris 9
Vulnerability: sunrpc-xdr-array-bo
X-Force URL: http://www.iss.net/security_center/static/9170.php
Date Reported: 07/27/2002
Brief Description: phpBB Gender MOD could allow an attacker to gain
administrative privileges
Risk Factor: Medium
Attack Type: Network Based
Platforms: Gender Mod 1.1.3, phpBB All versions, Unix All
versions, Windows All versions
Vulnerability: phpbb-gendermod-admin-privileges
X-Force URL: http://www.iss.net/security_center/static/9692.php
Date Reported: 07/27/2002
Brief Description: HP JetDirect SNMP READ could expose sensitive
information
Risk Factor: Medium
Attack Type: Network Based
Platforms: HP JetDirect Firmware All versions
Vulnerability: hp-jetdirect-snmp-read
X-Force URL: http://www.iss.net/security_center/static/9693.php
Date Reported: 07/27/2002
Brief Description: HP ChaiVM could allow unauthorized access to
services
Risk Factor: Medium
Attack Type: Host Based
Platforms: HP ChaiVM All versions
Vulnerability: hp-chaivm-unauth-access
X-Force URL: http://www.iss.net/security_center/static/9694.php
Date Reported: 07/27/2002
Brief Description: HP ChaiVM EZloader improper signature verification
could allow an attacker to add malicious services
Risk Factor: Medium
Attack Type: Host Based
Platforms: HP ChaiVM All versions
Vulnerability: hp-chaivm-add-services
X-Force URL: http://www.iss.net/security_center/static/9695.php
Date Reported: 07/27/2002
Brief Description: Easy Homepage could allow an attacker to gain
unauthorized access
Risk Factor: High
Attack Type: Network Based
Platforms: Advanced Easy Homepage Creator 1.0, Unix All
versions
Vulnerability: easy-homepage-gain-access
X-Force URL: http://www.iss.net/security_center/static/9696.php
Date Reported: 07/27/2002
Brief Description: Easy Guestbook could allow an attacker to gain
unauthorized access
Risk Factor: High
Attack Type: Network Based
Platforms: Easy Guestbook 1.0, Unix All versions
Vulnerability: easy-guestbook-gain-access
X-Force URL: http://www.iss.net/security_center/static/9697.php
Date Reported: 07/25/2002
Brief Description: ezContents could allow an attacker to upload any
file
Risk Factor: Medium
Attack Type: Network Based
Platforms: ezContents prior to 1.41, Linux All versions
Vulnerability: ezcontents-image-file-upload
X-Force URL: http://www.iss.net/security_center/static/9698.php
Date Reported: 07/27/2002
Brief Description: Cisco IOS TFTP long file name buffer overflow
Risk Factor: Low
Attack Type: Network Based
Platforms: Cisco IOS prior to 12.0, TFTP All versions
Vulnerability: cisco-tftp-filename-bo
X-Force URL: http://www.iss.net/security_center/static/9700.php
Date Reported: 07/27/2002
Brief Description: Brother NC-3100h administrative password buffer
overflow
Risk Factor: Low
Attack Type: Network Based
Platforms: Brother NC-3100h
Vulnerability: brother-nc-password-bo
X-Force URL: http://www.iss.net/security_center/static/9701.php
Date Reported: 07/27/2002
Brief Description: SEH IC9 Pocket Print Server administrative password
buffer overflow
Risk Factor: Low
Attack Type: Network Based
Platforms: SEH IC9 Pocket Printer Server firmware 7.1.30, SEH
IC9 Pocket Printer Server firmware 7.1.36f
Vulnerability: seh-ic9-password-bo
X-Force URL: http://www.iss.net/security_center/static/9702.php
Date Reported: 07/27/2002
Brief Description: D-Link DP-300+ Web interface POST request denial of
service
Risk Factor: Low
Attack Type: Network Based
Platforms: D-Link Print Server DP-300+
Vulnerability: dlink-dp-post-dos
X-Force URL: http://www.iss.net/security_center/static/9703.php
Date Reported: 07/27/2002
Brief Description: Multiple Lucent router UDP port 9 could disclose
sensitive information
Risk Factor: Low
Attack Type: Network Based
Platforms: Lucent Ascend All versions, Lucent DSL-Terminator
All versions, Lucent MAX All versions, Lucent
Pipeline All versions
Vulnerability: lucent-port9-information-disclosure
X-Force URL: http://www.iss.net/security_center/static/9704.php
Date Reported: 07/27/2002
Brief Description: Lucent Access Point IP Services Router HTTP GET
denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Lucent Access Point IP Services Router All versions
Vulnerability: lucent-ap-get-dos
X-Force URL: http://www.iss.net/security_center/static/9705.php
Date Reported: 07/27/2002
Brief Description: Lucent Brick VPN Firewall critical device IP
address blocking denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Lucent Brick VPN Firewall All versions
Vulnerability: lucent-brick-ip-block
X-Force URL: http://www.iss.net/security_center/static/9706.php
Date Reported: 07/27/2002
Brief Description: Lucent Brick VPN Firewall allows ARP traffic
forwarding
Risk Factor: Low
Attack Type: Network Based
Platforms: Lucent Brick VPN Firewall All versions
Vulnerability: lucent-brick-arp-forwarding
X-Force URL: http://www.iss.net/security_center/static/9707.php
Date Reported: 07/27/2002
Brief Description: HP Procurve SNMP variable write denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: HP Procurve Switch 4000M All versions
Vulnerability: hp-procurve-snmp-write-dos
X-Force URL: http://www.iss.net/security_center/static/9708.php
Date Reported: 07/29/2002
Brief Description: util-linux chfn and chsh race condition and
file locking could allow elevated privileges
Risk Factor: Medium
Attack Type: Host Based
Platforms: Red Hat Linux 6.2, Red Hat Linux 7.0, Red Hat Linux
7.1, Red Hat Linux 7.2, Red Hat Linux 7.3, util-
linux All versions
Vulnerability: utillinux-chfn-race-condition
X-Force URL: http://www.iss.net/security_center/static/9709.php
Date Reported: 07/25/2002
Brief Description: ezContents Maintain Images function "dot dot"
directory traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms: ezContents 1.40, ezContents 1.41, Linux All
versions
Vulnerability: ezcontents-dotdot-directory-traversal
X-Force URL: http://www.iss.net/security_center/static/9710.php
Date Reported: 07/25/2002
Brief Description: ezContents VerifyLogin() function could allow an
attacker to post data
Risk Factor: Medium
Attack Type: Network Based
Platforms: ezContents 1.40, ezContents 1.41, Linux All
versions
Vulnerability: ezcontents-verifylogin-post-data
X-Force URL: http://www.iss.net/security_center/static/9711.php
Date Reported: 07/25/2002
Brief Description: ezContents diary entry cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: ezContents 1.40, ezContents 1.41, Linux All
versions
Vulnerability: ezcontents-diary-entry-xss
X-Force URL: http://www.iss.net/security_center/static/9712.php
Date Reported: 07/25/2002
Brief Description: ezContents could allow SQL injection
Risk Factor: Medium
Attack Type: Network Based
Platforms: ezContents 1.40, ezContents 1.41, Linux All
versions
Vulnerability: ezcontents-sql-injection
X-Force URL: http://www.iss.net/security_center/static/9713.php
Date Reported: 07/30/2002
Brief Description: OpenSSL SSL2 master key buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Debian Linux 2.2, Debian Linux 3.0, EnGarde Secure
Linux Community Edition, OpenPKG 1.0, OpenSSL
0.9.6d and earlier, OpenSSL 0.9.7-b2 and earlier,
Red Hat Linux 6.2, Red Hat Linux 7.0, Red Hat Linux
7.1, Red Hat Linux 7.2, Red Hat Linux 7.3, Trustix
Secure Linux 1.1, Trustix Secure Linux 1.2, Trustix
Secure Linux 1.5
Vulnerability: openssl-ssl2-masterkey-bo
X-Force URL: http://www.iss.net/security_center/static/9714.php
Date Reported: 07/30/2002
Brief Description: OpenSSL with Kerberos enabled SSL3 master key
buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Debian Linux 2.2, Debian Linux 3.0, EnGarde Secure
Linux Community Edition, OpenPKG 1.0, OpenSSL 0.9.7
- 0.9.7-beta2, Red Hat Linux 6.2, Red Hat Linux
7.0, Red Hat Linux 7.1, Red Hat Linux 7.2, Red Hat
Linux 7.3, Trustix Secure Linux 1.1, Trustix Secure
Linux 1.2, Trustix Secure Linux 1.5
Vulnerability: openssl-ssl3-masterkey-bo
X-Force URL: http://www.iss.net/security_center/static/9715.php
Date Reported: 07/30/2002
Brief Description: OpenSSL SSL3 client session ID buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Debian Linux 2.2, Debian Linux 3.0, EnGarde Secure
Linux Community Edition, EnGarde Secure Linux
Professional Edition, OpenPKG 1.0, OpenSSL 0.9.6d
and earlier, OpenSSL 0.9.7-b2 and earlier, Red Hat
Linux 6.2, Red Hat Linux 7.0, Red Hat Linux 7.1,
Red Hat Linux 7.2, Red Hat Linux 7.3, Trustix
Secure Linux 1.1, Trustix Secure Linux 1.2, Trustix
Secure Linux 1.5
Vulnerability: openssl-ssl3-sessionid-bo
X-Force URL: http://www.iss.net/security_center/static/9716.php
Date Reported: 07/30/2002
Brief Description: OpenSSL ASCII integer buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Debian Linux 2.2, Debian Linux 3.0, EnGarde Secure
Linux Community Edition, EnGarde Secure Linux
Professional Edition, OpenPKG 1.0, OpenSSL 0.9.6d
and earlier, OpenSSL 0.9.7-b2 and earlier, Red Hat
Linux 6.2, Red Hat Linux 7.0, Red Hat Linux 7.1,
Red Hat Linux 7.2, Red Hat Linux 7.3, Trustix
Secure Linux 1.1, Trustix Secure Linux 1.2, Trustix
Secure Linux 1.5
Vulnerability: openssl-ascii-int-bo
X-Force URL: http://www.iss.net/security_center/static/9717.php
Date Reported: 07/30/2002
Brief Description: OpenSSL ASN1 parser invalid encodings denial of
service
Risk Factor: Low
Attack Type: Network Based
Platforms: Debian Linux 2.2, Debian Linux 3.0, EnGarde Secure
Linux Community Edition, EnGarde Secure Linux
Professional Edition, FreeBSD All versions, OpenPKG
1.0, OpenSSL 0.9.6d and earlier, OpenSSL 0.9.7-b2
and earlier, Red Hat Linux 6.2, Red Hat Linux 7.0,
Red Hat Linux 7.1, Red Hat Linux 7.2, Red Hat Linux
7.3, Trustix Secure Linux 1.1, Trustix Secure Linux
1.2, Trustix Secure Linux 1.5
Vulnerability: openssl-asn1-parser-dos
X-Force URL: http://www.iss.net/security_center/static/9718.php
Date Reported: 07/29/2002
Brief Description: mm tmpfile symlink attack
Risk Factor: Medium
Attack Type: Host Based
Platforms: Debian Linux 2.2, Debian Linux 3.0, Mandrake Linux
7.1, Mandrake Linux 7.2, Mandrake Linux 8.0,
Mandrake Linux 8.1, Mandrake Linux Corporate Server
1.0.1, Mandrake Single Network Firewall 7.2, mm
prior to 1.2.0, OpenPKG 1.0, OpenPKG CURRENT
Vulnerability: mm-tmpfile-symlink
X-Force URL: http://www.iss.net/security_center/static/9719.php
Date Reported: 07/28/2002
Brief Description: dotproject specially-crafted cookie could allow
administrative access
Risk Factor: Medium
Attack Type: Network Based
Platforms: dotproject 0.2.1.5, Unix All versions
Vulnerability: dotproject-admin-access
X-Force URL: http://www.iss.net/security_center/static/9720.php
Date Reported: 07/29/2002
Brief Description: Abyss Web Server slash ("/") directory traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms: Abyss Web Server 1.0.3, Windows All versions
Vulnerability: abyss-slash-directory-traversal
X-Force URL: http://www.iss.net/security_center/static/9721.php
Date Reported: 07/30/2002
Brief Description: Ipswitch IMail Web Calendaring (iwebcal) empty
Content-Length POST denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: IMail Server 7.11 and earlier, Windows 2000,
Windows NT
Vulnerability: imail-iwebcal-content-length-dos
X-Force URL: http://www.iss.net/security_center/static/9722.php
Date Reported: 07/30/2002
Brief Description: Sympoll PHP could allow an attacker to view files
on the server
Risk Factor: Medium
Attack Type: Network Based
Platforms: Sympoll 1.2, Unix All versions, Windows All
versions
Vulnerability: sympoll-php-view-files
X-Force URL: http://www.iss.net/security_center/static/9723.php
Date Reported: 07/27/2002
Brief Description: Microsoft Outlook Express could allow the execution
of XML files within the Temporary Internet File
(TIF) directory
Risk Factor: Medium
Attack Type: Network Based
Platforms: Microsoft Outlook Express 6.0, Windows All versions
Vulnerability: outlook-xml-file-execution
X-Force URL: http://www.iss.net/security_center/static/9724.php
Date Reported: 07/30/2002
Brief Description: sendform.cgi BlurbFilePath parameter directory
traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms: sendform.cgi prior to 1.45, Unix All versions
Vulnerability: sendform-blurbfile-directory-traversal
X-Force URL: http://www.iss.net/security_center/static/9725.php
Date Reported: 07/29/2002
Brief Description: Multiple vendor Web browsers JavaScript "Same
Origin Policy" could be used to bypass firewalls
Risk Factor: Medium
Attack Type: Network Based
Platforms: Microsoft Internet Explorer 5.0, Microsoft Internet
Explorer 5.01, Microsoft Internet Explorer 5.5,
Microsoft Internet Explorer 6.0, Mozilla 1.0 and
earlier, Netscape Certificate Server 4.12, Netscape
Communicator All versions, Netscape Navigator All
versions, Windows All versions
Vulnerability: javascript-sop-firewall-bypass
X-Force URL: http://www.iss.net/security_center/static/9726.php
Date Reported: 07/30/2002
Brief Description: Windows Media Player mplay32 long file name buffer
overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Windows XP, Windows Media Player for Windows XP
Vulnerability: mediaplayer-mplay32-filename-bo
X-Force URL: http://www.iss.net/security_center/static/9727.php
Date Reported: 07/29/2002
Brief Description: HylaFAX faxgetty TSI format string denial of
service
Risk Factor: Low
Attack Type: Network Based
Platforms: HylaFAX 4.1.2 and earlier, Unix All versions
Vulnerability: hylafax-faxgetty-tsi-dos
X-Force URL: http://www.iss.net/security_center/static/9728.php
Date Reported: 07/29/2002
Brief Description: HylaFAX faxgetty large image line buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: HylaFAX 4.1.2 and earlier, Unix All versions
Vulnerability: hylafax-faxgetty-image-bo
X-Force URL: http://www.iss.net/security_center/static/9729.php
Date Reported: 07/29/2002
Brief Description: Fake Identd has multiple buffer overflows
Risk Factor: High
Attack Type: Network Based
Platforms: Fake Identd prior to 1.5, Unix All versions
Vulnerability: fake-identd-bo
X-Force URL: http://www.iss.net/security_center/static/9731.php
Date Reported: 07/30/2002
Brief Description: eUpload passwordtxt file could allow a remote
attacker to overwrite files
Risk Factor: Medium
Attack Type: Network Based
Platforms: eUpload 1.0, Linux All versions, Unix All versions,
Windows All versions
Vulnerability: eupload-passwordtxt-overwrite-files
X-Force URL: http://www.iss.net/security_center/static/9733.php
Date Reported: 07/31/2002
Brief Description: Microsoft SQL Server MDAC OpenRowSet buffer
overflow
Risk Factor: High
Attack Type: Host Based / Network Based
Platforms: Microsoft Data Access Components (MDAC) 2.5,
Microsoft Data Access Components (MDAC) 2.6,
Microsoft Data Access Components (MDAC) 2.7,
Microsoft SQL Server 2000, Microsoft SQL Server
7.0, Windows 2000, Windows NT
Vulnerability: mssql-mdac-openrowset-bo
X-Force URL: http://www.iss.net/security_center/static/9734.php
Date Reported: 07/31/2002
Brief Description: ParaChat Server no logoff denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: FreeBSD All versions, Linux All versions, ParaChat
Server 4.0, Unix All versions, Windows All versions
Vulnerability: parachat-no-logoff-dos
X-Force URL: http://www.iss.net/security_center/static/9735.php
Date Reported: 07/31/2002
Brief Description: IBM U2 UniVerse invalid query denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: IBM U2 UniVerse All versions, Linux All versions,
Unix All versions, Windows 2000, Windows NT
Vulnerability: ibm-universe-invalid-query-dos
X-Force URL: http://www.iss.net/security_center/static/9736.php
Date Reported: 07/31/2002
Brief Description: Gallery GALLERY_BASEDIR could be used to execute
remote commands
Risk Factor: High
Attack Type: Network Based
Platforms: Debian Linux 3.0, Gallery 1.1 through 1.3, Linux
All versions
Vulnerability: gallery-basedir-execute-commands
X-Force URL: http://www.iss.net/security_center/static/9737.php
Date Reported: 07/29/2002
Brief Description: pppd daemon race condition could allow an attacker
to gain elevated privileges
Risk Factor: Medium
Attack Type: Host Based
Platforms: FreeBSD 4.0 through 4.6, OpenBSD 3.0, OpenBSD 3.1
Vulnerability: pppd-race-condition
X-Force URL: http://www.iss.net/security_center/static/9738.php
Date Reported: 07/29/2002
Brief Description: shoutBOX $site variable could allow HTML injection
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux All versions, shoutBOX 1.2, Unix All
versions, Windows All versions
Vulnerability: shoutbox-site-html-injection
X-Force URL: http://www.iss.net/security_center/static/9739.php
Date Reported: 07/30/2002
Brief Description: Adobe eBook Reader allows user to bypass activation
code
Risk Factor: Low
Attack Type: Host Based
Platforms: eBook Reader 2.1, eBook Reader 2.2, Macintosh All
versions, Windows All versions
Vulnerability: adobe-ebook-bypass-activation
X-Force URL: http://www.iss.net/security_center/static/9740.php
Date Reported: 07/31/2002
Brief Description: Super syslog() format string could allow attacker
to gain unauthorized root access
Risk Factor: High
Attack Type: Host Based
Platforms: Debian Linux 2.2, Debian Linux 3.0, Linux All
versions, Super 3.18
Vulnerability: super-syslog-format-string
X-Force URL: http://www.iss.net/security_center/static/9741.php
Date Reported: 08/01/2002
Brief Description: libpng datastream buffer overflow
Risk Factor: High
Attack Type: Host Based / Network Based
Platforms: Debian Linux 3.0
Vulnerability: libpng-datastream-bo
X-Force URL: http://www.iss.net/security_center/static/9744.php
Date Reported: 08/01/2002
Brief Description: HTML Help item parameter buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Windows 2000 Professional, Windows 2000 Server,
Windows 2000 Workstation All versions
Vulnerability: htmlhelp-item-bo
X-Force URL: http://www.iss.net/security_center/static/9746.php
_____
Risk Factor Key:
High Any vulnerability that provides an attacker with immediate
access into a machine, gains superuser access, or bypasses
a firewall. Example: A vulnerable Sendmail 8.6.5 version
that allows an intruder to execute commands on mail server.
Medium Any vulnerability that provides information that has a high
potential of giving system access to an intruder. Example:
A misconfigured TFTP or vulnerable NIS server that allows
an intruder to get the password file that could contain an
account with a guessable password.
Low Any vulnerability that provides information that could
potentially lead to a compromise. Example: A finger that
allows an intruder to find out who is online and potential
accounts to attempt to crack passwords via brute force
methods.
______
About Internet Security Systems (ISS)
Founded in 1994, Internet Security Systems (ISS) (Nasdaq: ISSX) is a
pioneer and world leader in software and services that protect critical
online resources from an ever-changing spectrum of threats and misuse.
Internet Security Systems is headquartered in Atlanta, GA, with
additional operations throughout the Americas, Asia, Australia, Europe
and the Middle East.
Copyright (c) 2002 Internet Security Systems, Inc. All rights reserved
worldwide.
Permission is hereby granted for the electronic redistribution of this
document. It is not to be edited or altered in any way without the
express written consent of the Internet Security Systems X-Force. If you
wish to reprint the whole or any part of this document in any other
medium excluding electronic media, please email xforceiss.net for
permission.
Disclaimer: The information within this paper may change without notice. Internet
Security Systems provides this information on an AS IS basis with NO warranties,
implied or otherwise. Any use of this information is at the user’s risk. In no event
shall Internet Security Systems be held liable for any damages whatsoever arising
out of or in connection with the use or dissemination of this information.
X-Force PGP Key available on MIT's PGP key server and PGP.com's key server,
as well as at http://www.iss.net/security_center/sensitive.php
Please send suggestions, updates, and comments to: X-Force
xforceiss.net of Internet Security Systems, Inc.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBPU7IhjRfJiV99eG9AQEzfAQAsa+ou8s1B6RJmidh5bR2uQ++6KfjGJRD
thRt4CJIBVjGBV9ubzZBNVFE7n0FklXsNbqQie+K8+JlZJHEFKSwf+1T9EDMEmrk
aW9ICezfr4cnT0wrE0Skl+9phB5sg3kCS02vTpH3oU0A9y6JuudRPYnwKDCFSjZ3
wmvyao6MKaU=
=HI9x
-----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]