|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: X-Force (xforce_at_iss.net)
Date: Mon Jan 27 2003 - 13:21:35 CST
-----BEGIN PGP SIGNED MESSAGE-----
Internet Security Systems Security Alert Summary AS03-04
January 27, 2003
X-Force Vulnerability and Threat Database:
http://www.iss.net/security_center
To receive these Alert Summaries, as well as other Alerts and
Advisories, subscribe to the Internet Security Systems Alert
mailing list at:
http://www.iss.net/security_center/maillists
This summary is available at the following address:
http://www.iss.net/security_center/alerts/AS03-04.php
_____
Contents:
* 55 Reported Vulnerabilities
* Risk Factor Key
_____
Date Reported: 01/13/2003
Brief Description: CyBoards PHP Lite cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Unix Any version, CyBoards PHP
Lite 1.21, CyBoards PHP Lite 1.25
Vulnerability: cyboards-php-xss
X-Force URL: http://www.iss.net/security_center/static/11098.php
Date Reported: 01/13/2003
Brief Description: CyBoards PHP Lite could allow a remote attacker
to include PHP files
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Unix Any version, CyBoards PHP
Lite 1.21, CyBoards PHP Lite 1.25
Vulnerability: cyboards-php-file-include
X-Force URL: http://www.iss.net/security_center/static/11099.php
Date Reported: 01/13/2003
Brief Description: phpPass accesscontrol.php script SQL injection
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Windows Any version, Unix Any
version, phpPass 2
Vulnerability: phppass-accesscontrol-sql-injection
X-Force URL: http://www.iss.net/security_center/static/11112.php
Date Reported: 01/14/2003
Brief Description: vAuthenticate chgpwd.php or index.php script SQL
injection
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Windows Any version, Unix Any
version, vAuthenticate 2.8
Vulnerability: vauthenticate-chgpwd-sql-injection
X-Force URL: http://www.iss.net/security_center/static/11110.php
Date Reported: 01/14/2003
Brief Description: vSignup chgpwd.php or index.php script SQL
injection
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Windows Any version, Unix Any
version, vSignup 2.1
Vulnerability: vsignup-chgpwd-sql-injection
X-Force URL: http://www.iss.net/security_center/static/11111.php
Date Reported: 01/15/2003
Brief Description: PHP-Nuke mailattach.php script could allow an
attacker to include remote PHP files
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Windows Any version, Unix Any
version, PHP-Nuke 6.0, PHP-Nuke 6.5
Vulnerability: phpnuke-mailattach-file-include
X-Force URL: http://www.iss.net/security_center/static/11109.php
Date Reported: 01/15/2003
Brief Description: Gabber clients could leak information during log in
or log out
Risk Factor: Low
Attack Type: Network Based
Platforms: Linux Any version, Gabber 0.8.7
Vulnerability: gabber-information-leak
X-Force URL: http://www.iss.net/security_center/static/11115.php
Date Reported: 01/15/2003
Brief Description: PHP TopSites body tag HTML Injection
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Windows Any version, Unix Any
version, PHP TopSites FREE 2.0b and earlier, PHP
TopSites PRO 2.2 and earlier
Vulnerability: php-topsites-html-injection
X-Force URL: http://www.iss.net/security_center/static/11123.php
Date Reported: 01/16/2003
Brief Description: Outreach Project Tool news post cross-site
scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Windows Any version, Unix Any
version, Outreach Project Tool 0.946b
Vulnerability: opt-news-post-xss
X-Force URL: http://www.iss.net/security_center/static/11096.php
Date Reported: 01/16/2003
Brief Description: Outreach Project Tool OPT_remote_IP() function
could allow an attacker to spoof source IP address
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Windows Any version, Unix Any
version, Outreach Project Tool 0.946b
Vulnerability: opt-optremoteip-ip-spoofing
X-Force URL: http://www.iss.net/security_center/static/11097.php
Date Reported: 01/16/2003
Brief Description: mpg123 negative framesize buffer calculation could
allow code execution
Risk Factor: High
Attack Type: Network Based
Platforms: Linux Any version, Unix Any version, mpg123 0.59r,
mpg123 pre0.59s
Vulnerability: mpg123-neg-framesize-buffer
X-Force URL: http://www.iss.net/security_center/static/11100.php
Date Reported: 01/16/2003
Brief Description: phpLinks add.php form field cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Windows Any version, Unix Any
version, phpLinks 2.1.2
Vulnerability: phplinks-add-xss
X-Force URL: http://www.iss.net/security_center/static/11113.php
Date Reported: 01/16/2003
Brief Description: phpLinks search.php cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Windows Any version, Unix Any
version, phpLinks 2.1.2
Vulnerability: phplinks-search-xss
X-Force URL: http://www.iss.net/security_center/static/11114.php
Date Reported: 01/17/2003
Brief Description: HP-UX sort utility incorrectly handles files
Risk Factor: Medium
Attack Type: Host Based
Platforms: HP-UX 10.01, HP-UX 10.10, HP-UX 11.00, HP-UX 10.20,
HP-UX 11.04, HP-UX 11.11
Vulnerability: hpux-sort-file-handling
X-Force URL: http://www.iss.net/security_center/static/11107.php
Date Reported: 01/17/2003
Brief Description: fnord httpd.c source file overly long CGI request
buffer overflow
Risk Factor: Low
Attack Type: Network Based
Platforms: Linux Any version, Gentoo Linux Any version, fnord
1.6
Vulnerability: fnord-httpdc-cgi-bo
X-Force URL: http://www.iss.net/security_center/static/11121.php
Date Reported: 01/17/2003
Brief Description: MetaFrame could allow users to inherit privileges
Risk Factor: High
Attack Type: Network Based
Platforms: Windows 2000 Workstation Any version, Citrix
MetaFrame Server XPe
Vulnerability: metaframe-inherit-privileges
X-Force URL: http://www.iss.net/security_center/static/11130.php
Date Reported: 01/17/2003
Brief Description: Multiple FTP servers could allow an attacker to
delete files
Risk Factor: Medium
Attack Type: Network Based
Platforms: Unix Any version, NcFTPd Server 2.7.1, ProFTPD 1.2.7
Vulnerability: multiple-ftp-delete-files
X-Force URL: http://www.iss.net/security_center/static/11142.php
Date Reported: 01/18/2003
Brief Description: RomPager embedded Web server cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: RomPager 2.00, RomPager 2.10, Any network device
Any version
Vulnerability: rompager-xss
X-Force URL: http://www.iss.net/security_center/static/11103.php
Date Reported: 01/18/2003
Brief Description: MYROOM save_item.php script could allow an attacker
to upload files
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Unix Any version, MYROOM 3.5
GOLD
Vulnerability: myroom-saveitem-file-upload
X-Force URL: http://www.iss.net/security_center/static/11106.php
Date Reported: 01/19/2003
Brief Description: Sambar Server search request cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Windows Any version, Sambar Server Any version
Vulnerability: sambar-search-xss
X-Force URL: http://www.iss.net/security_center/static/11128.php
Date Reported: 01/19/2003
Brief Description: PHP My Pub adminpub cookie modification could allow
administrator access
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Windows Any version, Unix Any
version, PHP My Pub 1.2.0
Vulnerability: phpmypub-adminpub-cookie-access
X-Force URL: http://www.iss.net/security_center/static/11131.php
Date Reported: 01/20/2003
Brief Description: PeopleSoft Application Messaging Gateway XML
External Entities (XXE) attack can be used to read
files
Risk Factor: Medium
Attack Type: Network Based
Platforms: Windows NT Any version, Windows 2000 Any version,
PeopleSoft PeopleTools 8.1x prior to 8.19
Vulnerability: peoplesoft-xxe-read-files
X-Force URL: http://www.iss.net/security_center/static/10520.php
Date Reported: 01/20/2003
Brief Description: CVS malformed directory name "double free" memory
corruption
Risk Factor: High
Attack Type: Network Based
Platforms: Linux Any version, Windows Any version, Unix Any
version, Red Hat Linux 6.2, Debian Linux 2.2, Red
Hat Linux 7.0, Mandrake Linux 7.2, Conectiva Linux
6.0, Red Hat Linux 7.1, Mandrake Linux 8.0,
Mandrake Single Network Firewall 7.2, Conectiva
Linux 7.0, Mandrake Linux 8.1, Red Hat Linux 7.2,
OpenPKG 1.0, Mandrake Linux 8.2, Conectiva Linux
8.0, Red Hat Linux 7.3, Debian Linux 3.0, Red Hat
Linux 7.x, Slackware Linux 8.1, OpenPKG CURRENT,
Gentoo Linux Any version, Red Hat Linux 8.0,
OpenPKG 1.1, Mandrake Linux 9.0, CVS 1.11.4 and
earlier, Slackware Linux current
Vulnerability: cvs-doublefree-memory-corruption
X-Force URL: http://www.iss.net/security_center/static/11108.php
Date Reported: 01/20/2003
Brief Description: susehelp CGI scripts remote code execution
Risk Factor: Medium
Attack Type: Network Based
Platforms: SuSE Linux Office Server Any version, SuSE Linux
8.1, SuSE Linux Enterprise Server 8, SuSE Linux
Openexchange Server 4
Vulnerability: susehelp-cgi-code-execution
X-Force URL: http://www.iss.net/security_center/static/11137.php
Date Reported: 01/20/2003
Brief Description: Astaro Security Linux HTTP CONNECT method mail
relaying
Risk Factor: Low
Attack Type: Network Based
Platforms: Linux Any version, Astaro Security Linux Any
version
Vulnerability: astaro-httpconnect-mail-relay
X-Force URL: http://www.iss.net/security_center/static/11143.php
Date Reported: 01/20/2003
Brief Description: ModLogAn url_decode() function log entry heap
corruption
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Windows Any version, Unix Any
version, ModLogAn 0.8.2 and 0.8.3
Vulnerability: modlogan-urldecode-heap-corruption
X-Force URL: http://www.iss.net/security_center/static/11145.php
Date Reported: 01/20/2003
Brief Description: Multiple vendor Web servers HTTP TRACE method
information disclosure
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Windows Any version, Unix Any
version, Apache HTTP Server Any version, Microsoft
IIS Any version
Vulnerability: http-trace-information-disclosure
X-Force URL: http://www.iss.net/security_center/static/11149.php
Date Reported: 01/21/2003
Brief Description: Mandrake Linux mtink binary HOME environment
variable buffer overflow
Risk Factor: High
Attack Type: Host Based
Platforms: Mandrake Linux 8.0, Mandrake Linux 8.1, Mandrake
Linux 8.2, Mandrake Linux 9.0
Vulnerability: mandrake-mtink-home-bo
X-Force URL: http://www.iss.net/security_center/static/11118.php
Date Reported: 01/21/2003
Brief Description: Mandrake Linux escputil binary printer name command
line buffer overflow
Risk Factor: High
Attack Type: Host Based
Platforms: Mandrake Linux 8.0, Mandrake Linux 8.1, Mandrake
Linux 8.2, Mandrake Linux 9.0
Vulnerability: mandrake-escputil-commandline-bo
X-Force URL: http://www.iss.net/security_center/static/11119.php
Date Reported: 01/21/2003
Brief Description: Mandrake Linux m185p binary /tmp file race
condition
Risk Factor: Medium
Attack Type: Host Based
Platforms: Mandrake Linux 8.0, Mandrake Linux 8.1, Mandrake
Linux 8.2, Mandrake Linux 9.0
Vulnerability: mandrake-ml85p-race-condition
X-Force URL: http://www.iss.net/security_center/static/11120.php
Date Reported: 01/21/2003
Brief Description: Enceladus Server Suite FTP server DIR or LS command
directory traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms: Windows Any version, Enceladus Server Suite 3.9
Vulnerability: enceladus-dir-directory-traversal
X-Force URL: http://www.iss.net/security_center/static/11122.php
Date Reported: 01/21/2003
Brief Description: Blackboard search.pl script could disclose password
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Windows Any version, Unix Any
version, Blackboard 5.x
Vulnerability: blackboard-search-password-disclosure
X-Force URL: http://www.iss.net/security_center/static/11127.php
Date Reported: 01/21/2003
Brief Description: WinRAR file extension buffer overflow
Risk Factor: High
Attack Type: Host Based
Platforms: Windows Any version, WinRAR 3.10 and earlier
Vulnerability: winrar-file-extension-bo
X-Force URL: http://www.iss.net/security_center/static/11134.php
Date Reported: 01/21/2003
Brief Description: YaBB SE Packages.php script could allow an attacker
to include malicious PHP files
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Windows Any version, Unix Any
version, YaBB SE prior to 1.5.0
Vulnerability: yabb-packages-file-include
X-Force URL: http://www.iss.net/security_center/static/11136.php
Date Reported: 01/22/2003
Brief Description: Apache HTTP Server DOS device name denial of
service
Risk Factor: Low
Attack Type: Network Based
Platforms: Windows 95, Windows 98, Windows Me, Apache HTTP
Server 2.0.43 and earlier
Vulnerability: apache-device-name-dos
X-Force URL: http://www.iss.net/security_center/static/11124.php
Date Reported: 01/22/2003
Brief Description: Apache HTTP Server DOS device name HTTP POST code
execution
Risk Factor: High
Attack Type: Network Based
Platforms: Windows 95, Windows 98, Windows Me, Apache HTTP
Server 2.0.43 and earlier
Vulnerability: apache-device-code-execution
X-Force URL: http://www.iss.net/security_center/static/11125.php
Date Reported: 01/22/2003
Brief Description: Apache HTTP Server illegal character file
disclosure
Risk Factor: Medium
Attack Type: Network Based
Platforms: Windows Any version, Apache HTTP Server 2.0.43 and
earlier
Vulnerability: apache-character-file-disclosure
X-Force URL: http://www.iss.net/security_center/static/11126.php
Date Reported: 01/22/2003
Brief Description: Solaris kcms_server KCS_OPEN_PROFILE directory
traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms: Solaris 2.5.1, Solaris 2.6, Solaris 7, Solaris 8,
Solaris 9
Vulnerability: solaris-kcms-directory-traversal
X-Force URL: http://www.iss.net/security_center/static/11129.php
Date Reported: 01/22/2003
Brief Description: Microsoft Windows Locator service buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Windows NT Any version, Windows NT 4.0, Windows NT
4.0 TSE, Windows 2000 Any version, Windows XP Any
version
Vulnerability: win-locator-bo
X-Force URL: http://www.iss.net/security_center/static/11132.php
Date Reported: 01/22/2003
Brief Description: Outlook 2002 using V1 Exchange Server Security
certificates transmits plaintext emails
Risk Factor: Medium
Attack Type: Network Based
Platforms: Windows Any version, Microsoft Outlook 2002
Vulnerability: outlook-v1-certificate-plaintext
X-Force URL: http://www.iss.net/security_center/static/11133.php
Date Reported: 01/22/2003
Brief Description: Zorum include.php script could allow an attacker to
include PHP files
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Windows Any version, Unix Any
version, Zorum 3.0 through 3.2
Vulnerability: zorum-include-file-include
X-Force URL: http://www.iss.net/security_center/static/11135.php
Date Reported: 01/22/2003
Brief Description: Sygate Personal Firewall open UDP ports
Risk Factor: Medium
Attack Type: Network Based
Platforms: Windows Any version, Sygate Personal Firewall PRO
5.0
Vulnerability: sygate-firewall-open-ports
X-Force URL: http://www.iss.net/security_center/static/11138.php
Date Reported: 01/22/2003
Brief Description: Palm HotSync Manager network HotSync enabled denial
of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Windows Any version, Mac OS X Any version, HotSync
Manager 4.0.4.0
Vulnerability: palm-hotsync-network-dos
X-Force URL: http://www.iss.net/security_center/static/11147.php
Date Reported: 01/23/2003
Brief Description: ZyXEL Prestige 645 Series ADSL modems have default
accounts
Risk Factor: High
Attack Type: Network Based
Platforms: ZyXEL Prestige 645 Series
Vulnerability: zyxel-adsl-default-accounts
X-Force URL: http://www.iss.net/security_center/static/11140.php
Date Reported: 01/23/2003
Brief Description: Windows 2000 Terminal Services MSGINA.DLL denial of
service
Risk Factor: Low
Attack Type: Network Based
Platforms: Windows 2000 Server
Vulnerability: win2k-terminal-msgina-dos
X-Force URL: http://www.iss.net/security_center/static/11141.php
Date Reported: 01/23/2003
Brief Description: SpamAssassin spamc BSMTP -B off-by-one buffer
overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Linux Any version, Unix Any version, SpamAssassin
2.40 to 2.43
Vulnerability: spamassassin-spamc-offbyone-bo
X-Force URL: http://www.iss.net/security_center/static/11154.php
Date Reported: 01/24/2003
Brief Description: YaBB SE News.php script could allow an attacker to
execute code
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Windows Any version, Unix Any
version, YaBB SE 1.5.1 and earlier
Vulnerability: yabb-news-execute-code
X-Force URL: http://www.iss.net/security_center/static/11148.php
Date Reported: 01/24/2003
Brief Description: slocate -c and -r command line argument buffer
overflow
Risk Factor: High
Attack Type: Host Based
Platforms: Red Hat Linux 7.2, Red Hat Linux 7.3, slocate 2.6-1
Vulnerability: slocate-command-line-bo
X-Force URL: http://www.iss.net/security_center/static/11151.php
Date Reported: 01/24/2003
Brief Description: Mailman email variable cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Mailman 2.1
Vulnerability: mailman-email-variable-xss
X-Force URL: http://www.iss.net/security_center/static/11152.php
Date Reported: 01/24/2003
Brief Description: FTLS.org Guestbook multiple form field cross-site
scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Windows Any version, Unix Any
version, Guestbook 1.1
Vulnerability: guestbook-multiple-field-xss
X-Force URL: http://www.iss.net/security_center/static/11155.php
Date Reported: 01/24/2003
Brief Description: List Site PRO account hijacking
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, Windows Any version, Unix Any
version, List Site PRO 2
Vulnerability: listsitepro-account-hijacking
X-Force URL: http://www.iss.net/security_center/static/11156.php
Date Reported: 01/24/2003
Brief Description: EditTag CGI encoded "dot dot" directory traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms: Unix Any version, EditTag 1.1, Linux Any version,
Windows Any version
Vulnerability: edittag-dotdot-directory-traversal
X-Force URL: http://www.iss.net/security_center/static/11159.php
Date Reported: 01/25/2003
Brief Description: SQL Slammer worm propogation
Risk Factor: High
Attack Type: Network Based
Platforms: Windows NT Any version, Windows 2000 Any version,
Microsoft SQL Server 2000, Microsoft MSDE 2000
Vulnerability: sql-slammer-worm
X-Force URL: http://www.iss.net/security_center/static/11153.php
Date Reported: 01/26/2003
Brief Description: Hypermail long mail attachment buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Linux Any version, Unix Any version, Hypermail
2.1.3, Hypermail 2.1.4, Hypermail 2.1.5
Vulnerability: hypermail-mail-attachment-bo
X-Force URL: http://www.iss.net/security_center/static/11157.php
Date Reported: 01/26/2003
Brief Description: Hypermail long hostname buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Linux Any version, Unix Any version, Hypermail
2.1.3, Hypermail 2.1.4, Hypermail 2.1.5
Vulnerability: hypermail-long-hostname-bo
X-Force URL: http://www.iss.net/security_center/static/11158.php
_____
Risk Factor Key:
High Security issues that allow immediate remote, or local access
or immediate execution of code or commands, with unauthorized
privileges. Examples are most buffer overflows, backdoors,
default or no password, and bypassing security on firewalls
or other network components.
Medium Security issues that have the potential of granting access or
allowing code execution by means of complex or lengthy exploit
procedures, or low risk issues applied to major Internet
components. Examples are cross-site scripting, man-in-the-middle
attacks, SQL injection, denial of service of major applications,
and denial of service resulting in system information disclosure
(such as core files).
Low Security issues that deny service or provide non-system
information that could be used to formulate structured attacks
on a target, but not directly gain unauthorized access. Examples
are brute force attacks, non-system information disclosure
(configurations, paths, etc.), and denial of service attacks.
______
About Internet Security Systems (ISS)
Founded in 1994, Internet Security Systems (ISS) (Nasdaq: ISSX) is a
pioneer and world leader in software and services that protect critical
online resources from an ever-changing spectrum of threats and misuse.
Internet Security Systems is headquartered in Atlanta, GA, with
additional operations throughout the Americas, Asia, Australia, Europe
and the Middle East.
Copyright (c) 2003 Internet Security Systems, Inc. All rights reserved
worldwide.
Permission is hereby granted for the electronic redistribution of this
document. It is not to be edited or altered in any way without the
express written consent of the Internet Security Systems X-Force. If you
wish to reprint the whole or any part of this document in any other
medium excluding electronic media, please email xforce
iss.net for
permission.
Disclaimer: The information within this paper may change without notice. Internet
Security Systems provides this information on an AS IS basis with NO warranties,
implied or otherwise. Any use of this information is at the user’s risk. In no event
shall Internet Security Systems be held liable for any damages whatsoever arising
out of or in connection with the use or dissemination of this information.
X-Force PGP Key available on MIT's PGP key server and PGP.com's key server,
as well as at http://www.iss.net/security_center/sensitive.php
Please send suggestions, updates, and comments to: X-Force
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBPjWGnDRfJiV99eG9AQG3fQP/YICBYxjD181AO067C2jsTyYIurJ5mCPj
Ng38UmvBRanu+o14ltmCkkDgmb1xtVPDsNqSRAM4eh+RbyVnp4MCizDlfjVUPbWt
GqXGFzHdyJNXOSQAnII8fuqdQax5zZdcl/l5dQRuZmJcl1T8cInYoTuCgbRHNzjZ
KCFg0zgVTZI=
=UgB0
-----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]