|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
ISS Security Alert Summary AS03-47
From: X-Force (xforce
iss.net)
Date: Mon Nov 24 2003 - 12:55:03 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
-----BEGIN PGP SIGNED MESSAGE-----
Internet Security Systems Security Alert Summary AS03-47
November 24, 2003
X-Force Vulnerability and Threat Database:
http://xforce.iss.net/
To receive these Alert Summaries, as well as other Alerts and
Advisories, subscribe to the Internet Security Systems Alert
mailing list at:
https://atla-mm1.iss.net/mailman/listinfo/alert
This summary is available at the following address:
http://xforce.iss.net/xforce/alerts/id/AS03-47
_____
Contents:
* 38 Reported Vulnerabilities
* Risk Factor Key
_____
Date Reported: 11/17/2003
Brief Description: MediaWiki $IP PHP file include
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, MediaWiki 20031107, Unix Any
version, Windows Any version
Vulnerability: mediawiki-ip-file-include
X-Force URL: http://xforce.iss.net/xforce/xfdb/13764
Date Reported: 11/17/2003
Brief Description: SAP DB NETAPI32.DLL could allow elevated privileges
Risk Factor: High
Attack Type: Host Based
Platforms: Compaq Tru64 UNIX Any version, HP-UX Any version,
Linux Any version, SAP DB 7.4.03.27 - earlier,
Solaris Any version, Windows 2000 Any version,
Windows NT 4.0, Windows XP Any version
Vulnerability: sapdb-NETAPI32-gain-privileges
X-Force URL: http://xforce.iss.net/xforce/xfdb/13765
Date Reported: 11/17/2003
Brief Description: SAP DB niserver interface buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Compaq Tru64 UNIX Any version, HP-UX Any version,
Linux Any version, SAP DB 7.4.03.27 - earlier,
Solaris Any version, Windows 2000 Any version,
Windows NT 4.0, Windows XP Any version
Vulnerability: sap-db-niserver-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/13766
Date Reported: 11/16/2003
Brief Description: PostMaster HTTP request cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: PostMaster 3.16.1, Windows 98, Windows 2000 Any
version, Windows NT 4.0, Windows XP Any version
Vulnerability: postmaster-http-request-xss
X-Force URL: http://xforce.iss.net/xforce/xfdb/13767
Date Reported: 11/14/2003
Brief Description: monopd setPlayerToken race condition
Risk Factor: Low
Attack Type: Network Based
Platforms: Linux Any version, monopd prior to 0.8.3
Vulnerability: monopd-setplayertoken-race-condition
X-Force URL: http://xforce.iss.net/xforce/xfdb/13768
Date Reported: 11/17/2003
Brief Description: SAP DB web-tools "dot dot" directory traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms: Compaq Tru64 UNIX Any version, HP-UX Any version,
Linux Any version, SAP DB prior to 7.4.03.30,
Solaris Any version, Windows 2000 Any version,
Windows NT 4.0, Windows XP Any version
Vulnerability: sapdb-webtools-directory-traversal
X-Force URL: http://xforce.iss.net/xforce/xfdb/13769
Date Reported: 11/17/2003
Brief Description: SAP DB Web Agent Administration allows unauthorized
access
Risk Factor: Medium
Attack Type: Network Based
Platforms: Compaq Tru64 UNIX Any version, HP-UX Any version,
Linux Any version, SAP DB prior to 7.4.03.30,
Solaris Any version, Windows 2000 Any version,
Windows NT 4.0, Windows XP Any version
Vulnerability: sapdb-webagent-unauth-access
X-Force URL: http://xforce.iss.net/xforce/xfdb/13770
Date Reported: 11/17/2003
Brief Description: SAP DB web-tools installation has default services
Risk Factor: Medium
Attack Type: Network Based
Platforms: Compaq Tru64 UNIX Any version, HP-UX Any version,
Linux Any version, SAP DB prior to 7.4.03.30,
Solaris Any version, Windows 2000 Any version,
Windows NT 4.0, Windows XP Any version
Vulnerability: sapdb-webtools-default-services
X-Force URL: http://xforce.iss.net/xforce/xfdb/13772
Date Reported: 11/17/2003
Brief Description: SAP DB waecho service long HTTP request buffer
overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Compaq Tru64 UNIX Any version, HP-UX Any version,
Linux Any version, SAP DB prior to 7.4.03.30,
Solaris Any version, Windows 2000 Any version,
Windows NT 4.0, Windows XP Any version
Vulnerability: sapdb-waecho-long-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/13773
Date Reported: 11/17/2003
Brief Description: SAP DB Web Database Manager generates predictable
session IDs
Risk Factor: Medium
Attack Type: Network Based
Platforms: Compaq Tru64 UNIX Any version, HP-UX Any version,
Linux Any version, SAP DB prior to 7.4.03.30,
Solaris Any version, Windows 2000 Any version,
Windows NT 4.0, Windows XP Any version
Vulnerability: sapdb-manager-sessionid-predictable
X-Force URL: http://xforce.iss.net/xforce/xfdb/13774
Date Reported: 11/14/2003
Brief Description: phpWebFileManager index.php "dot dot" directory
traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, phpWebFileManager 2.0.0, Unix
Any version, Windows Any version
Vulnerability: phpwebfilemanager-index-directory-traversal
X-Force URL: http://xforce.iss.net/xforce/xfdb/13775
Date Reported: 11/17/2003
Brief Description: NetServe "dot dot" directory traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms: NetServe 1.0.7, Windows Any version
Vulnerability: netserve-dotdot-directory-traversal
X-Force URL: http://xforce.iss.net/xforce/xfdb/13776
Date Reported: 11/17/2003
Brief Description: NetServe administrative password disclosure
Risk Factor: Medium
Attack Type: Network Based
Platforms: NetServe 1.0.7, Windows Any version
Vulnerability: netserve-obtain-admin-password
X-Force URL: http://xforce.iss.net/xforce/xfdb/13778
Date Reported: 11/16/2003
Brief Description: Rolis Guestbook PHP file include
Risk Factor: Medium
Attack Type: Network Based
Platforms: Rolis Guestbook 1.0, Windows NT Any version
Vulnerability: rolisguestbook-file-include
X-Force URL: http://xforce.iss.net/xforce/xfdb/13780
Date Reported: 11/17/2003
Brief Description: SqWebMail session hijacking
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux Any version, SqWebMail Any version, Unix Any
version
Vulnerability: sqwebmail-session-hijacking
X-Force URL: http://xforce.iss.net/xforce/xfdb/13781
Date Reported: 11/17/2003
Brief Description: dtmailpr buffer overflow
Risk Factor: High
Attack Type: Host Based
Platforms: HP-UX 11.00, HP-UX 11.11, HP-UX 11.22, HP-UX 11.23
Vulnerability: dtmailpr-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/13782
Date Reported: 11/17/2003
Brief Description: HP-UX DCE network traffic denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: HP-UX 11.00, HP-UX 11.11
Vulnerability: hp-dce-traffic-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/13783
Date Reported: 11/17/2003
Brief Description: OpenBSD compat_ibcs2 buffer overflow
Risk Factor: High
Attack Type: Host Based
Platforms: OpenBSD 3.4 and earlier
Vulnerability: openbsd-compatibcs-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/13787
Date Reported: 11/19/2003
Brief Description: Kerio WinRoute Firewall proxy-authorization header
information disclosure
Risk Factor: Medium
Attack Type: Network Based
Platforms: Kerio WinRoute Firewall 5.1.0, Windows Any version
Vulnerability: kerio-header-obtain-information
X-Force URL: http://xforce.iss.net/xforce/xfdb/13788
Date Reported: 11/19/2003
Brief Description: Mac OS X sudo allows unauthorized access
Risk Factor: Medium
Attack Type: Host Based
Platforms: Mac OS X 10.2.3, Mac OS X 10.2.7, Mac OS X 10.3
Vulnerability: macos-sudo-gain-access
X-Force URL: http://xforce.iss.net/xforce/xfdb/13789
Date Reported: 11/19/2003
Brief Description: Half-Life Server allowdownload enabled could
disclose sensitive information
Risk Factor: Medium
Attack Type: Network Based
Platforms: Half-Life Dedicated Server 47 1.1, Linux Any
version, Windows Any version
Vulnerability: halflife-allowdownload-obtain-information
X-Force URL: http://xforce.iss.net/xforce/xfdb/13790
Date Reported: 11/19/2003
Brief Description: Half-Life Server allowdownload denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Half-Life Dedicated Server 47 1.1, Unix Any
version, Windows Any version
Vulnerability: halflife-allowdownload-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/13791
Date Reported: 11/19/2003
Brief Description: Sun Solaris PGX32 frame buffer could allow root
privileges
Risk Factor: High
Attack Type: Host Based
Platforms: Solaris 2.5.1, Solaris 2.6, Solaris 7, Solaris 8,
Solaris 9
Vulnerability: solaris-pgx32-gain-privileges
X-Force URL: http://xforce.iss.net/xforce/xfdb/13792
Date Reported: 11/19/2003
Brief Description: Yak! has default username
Risk Factor: Medium
Attack Type: Network Based
Platforms: Windows Any version, Yak! 2.1.0
Vulnerability: yak-username-default
X-Force URL: http://xforce.iss.net/xforce/xfdb/13793
Date Reported: 11/20/2003
Brief Description: phpFriendlyAdmin cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Any operating system Any version,
phpFriendlyAdmin 1.4 and earlier
Vulnerability: phpfriendlyadmin-xss
X-Force URL: http://xforce.iss.net/xforce/xfdb/13794
Date Reported: 11/19/2003
Brief Description: Microsoft SharePoint settings.htm authentication
bypass
Risk Factor: Medium
Attack Type: Network Based
Platforms: Microsoft SharePoint Any version, Windows Any
version
Vulnerability: sharepoint-settings-bypass-authentication
X-Force URL: http://xforce.iss.net/xforce/xfdb/13795
Date Reported: 11/14/2003
Brief Description: KDE configuration files have insecure permissions
Risk Factor: Medium
Attack Type: Host Based
Platforms: K Desktop Environment (KDE) 3.1, K Desktop
Environment (KDE) 3.1, K Desktop Environment (KDE)
3.1, SuSE Linux 8.2
Vulnerability: kde-configuration-insecure-permissions
X-Force URL: http://xforce.iss.net/xforce/xfdb/13796
Date Reported: 11/20/2003
Brief Description: EffectOffice Server buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: EffectOffice Server 2.9, Windows 98, Windows 2000
Any version, Windows NT Any version
Vulnerability: effectoffice-server-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/13798
Date Reported: 11/20/2003
Brief Description: SIRCD set usermode could allow elevated privileges
Risk Factor: High
Attack Type: Network Based
Platforms: FreeBSD Ports Collection Any version, Linux Any
version, SIRCD 0.5.2 and 0.5.3, Solaris Any
version, Windows 2000 Any version, Windows NT Any
version
Vulnerability: sircd-usermode-gain-privileges
X-Force URL: http://xforce.iss.net/xforce/xfdb/13799
Date Reported: 11/20/2003
Brief Description: Sybase Adaptive Server TDS LOGINREC password array
buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Linux Any version, Macintosh Any version, Sybase
Adaptive Server 12.5, Unix Any version, Windows Any
version
Vulnerability: sybase-passwordarray-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/13800
Date Reported: 11/20/2003
Brief Description: FreeRADIUS UDP packet heap overflow
Risk Factor: Medium
Attack Type: Network Based
Platforms: FreeRADIUS 0.9.2 and earlier, Linux Any version,
Unix Any version
Vulnerability: freeradius-udp-heap-overflow
X-Force URL: http://xforce.iss.net/xforce/xfdb/13801
Date Reported: 11/20/2003
Brief Description: IBM AIX rcp command buffer overflow
Risk Factor: High
Attack Type: Host Based
Platforms: AIX 4.3.3, AIX 5.1, AIX 5.2
Vulnerability: aix-rcp-bo
X-Force URL: http://xforce.iss.net/xforce/xfdb/13802
Date Reported: 11/21/2003
Brief Description: Xitami POST request denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Linux Any version, Unix Any version, Windows Any
version, Xitami 2.5 and earlier
Vulnerability: xitami-post-request-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/13803
Date Reported: 11/16/2003
Brief Description: HP IPFilter B9901AA insecure protection
Risk Factor: Low
Attack Type: Network Based
Platforms: HP-UX 11.00, HP-UX 11.11, HP-UX 11.22, HP-UX 11.23
Vulnerability: hp-ipfilter-insecure-protection
X-Force URL: http://xforce.iss.net/xforce/xfdb/13804
Date Reported: 11/21/2003
Brief Description: MSN Messenger file transfer invitation request IP
address disclosure
Risk Factor: Medium
Attack Type: Network Based
Platforms: Microsoft MSN Messenger 1.0 through 6.0.0602,
Windows Any version
Vulnerability: msn-filetransfer-obtain-information
X-Force URL: http://xforce.iss.net/xforce/xfdb/13805
Date Reported: 11/21/2003
Brief Description: FreeRADIUS access packet with Tunnel-Password
attribute denial of service
Risk Factor: High
Attack Type: Network Based
Platforms: FreeRADIUS prior to 0.9.2, Unix Any version
Vulnerability: freeradius-accesspacket-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/13806
Date Reported: 11/21/2003
Brief Description: rpc.mountd MOUNT request access allowed
Risk Factor: Medium
Attack Type: Network Based
Platforms: IRIX 6.5 to 6.5.22
Vulnerability: rpcmountd-mount-gain-access
X-Force URL: http://xforce.iss.net/xforce/xfdb/13807
Date Reported: 11/21/2003
Brief Description: rpc.mountd denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: IRIX 6.5 to 6.5.22
Vulnerability: rpcmountd-dos
X-Force URL: http://xforce.iss.net/xforce/xfdb/13808
_____
Risk Factor Key:
High Security issues that allow immediate remote, or local access
or immediate execution of code or commands, with unauthorized
privileges. Examples are most buffer overflows, backdoors,
default or no password, and bypassing security on firewalls
or other network components.
Medium Security issues that have the potential of granting access or
allowing code execution by means of complex or lengthy exploit
procedures, or low risk issues applied to major Internet
components. Examples are cross-site scripting, man-in-the-middle
attacks, SQL injection, denial of service of major applications,
and denial of service resulting in system information disclosure
(such as core files).
Low Security issues that deny service or provide non-system
information that could be used to formulate structured attacks
on a target, but not directly gain unauthorized access. Examples
are brute force attacks, non-system information disclosure
(configurations, paths, etc.), and denial of service attacks.
______
About Internet Security Systems (ISS)
Founded in 1994, Internet Security Systems (ISS) (Nasdaq: ISSX) is a
pioneer and world leader in software and services that protect critical
online resources from an ever-changing spectrum of threats and misuse.
Internet Security Systems is headquartered in Atlanta, GA, with
additional operations throughout the Americas, Asia, Australia, Europe
and the Middle East.
Copyright (c) 2003 Internet Security Systems, Inc. All rights reserved
worldwide.
Permission is hereby granted for the electronic redistribution of this
document. It is not to be edited or altered in any way without the
express written consent of the Internet Security Systems X-Force. If you
wish to reprint the whole or any part of this document in any other
medium excluding electronic media, please email xforceiss.net for
permission.
Disclaimer: The information within this paper may change without notice. Internet
Security Systems provides this information on an AS IS basis with NO warranties,
implied or otherwise. Any use of this information is at the user’s risk. In no event
shall Internet Security Systems be held liable for any damages whatsoever arising
out of or in connection with the use or dissemination of this information.
X-Force PGP Key available on MIT's PGP key server and PGP.com's key server,
as well as at http://xforce.iss.net/xforce/sensitive.php
Please send suggestions, updates, and comments to: X-Force
xforceiss.net of Internet Security Systems, Inc.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBP8JT7zRfJiV99eG9AQHnBQP/chDNy2GMgFpHti4gdn/Cj/BooUQgOOAS
GBcvYzOM2I8NshRk2/oJ9WzDZdv0EkZYQSWo2at/31/U6T+Dyb8/uxoMkPSN4hsM
EpOdRZ6PRvkQ4obr1ImvRr/1VBZqJd9y+wx90I32fhikih4DWYw4H+yWpZPHODtX
xWn3vlMLm10=
=DlT4
-----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]