ISS Security Alert Summary for January 1, 2001 - Volume 6 Number 2. 115 new vulnerabilities were reported this month. This document has links to more information and full advisories on each. Includes: exmh-error-symlink, informix-webdriver-symlink, informix-webdriver-admin-access, zonealarm-mutex-dos, zonealarm-batfile-dos, shockwave-flash-swf-bo, macos-multiple-users, http-cgi-ikonboard, http-cgi-technote-main, xwindows-char-dos, 1stup-mail-server-bo, dialog-symlink, ibm-wcs-admin, http-cgi-technote-print, iis-web-form-submit, hpux-kermit-bo, bsguest-cgi-execute-commands, bslist-cgi-execute-commands, infinite-interchange-dos, oracle-execute-plsql, ksh-redirection-symlink, oracle-webdb-admin-access, infinite-interchange-dos, gnupg-detached-sig-modify, gnupg-reveal-private, zonealarm-nmap-scans, zonealarm-open-shares, win2k-index-service-activex, proftpd-size-memory-leak, weblogic-dot-bo, mdaemon-imap-dos, zope-calculate-roles, itetris-svgalib-path, bsd-ftpd-replydirname-bo, sonata-command-execute, solaris-catman-symlink, solaris-patchadd-symlink, stunnel-format-logfile, hp-top-sys-files, zope-legacy-names, mrj-runtime-malicious-applets, coffeecup-ftp-weak-encryption, watchguard-soho-fragmented-packets, jpilot-perms, mediaservices-dropped-connection-dos, watchguard-soho-web-auth, watchguard-soho-passcfg-reset, http-cgi-simplestguest, safeword-palm-pin-extraction, mdaemon-lock-bypass-password, cisco-catalyst-ssh-mismatch, microsoft-iis-file-disclosure, ezshopper-cgi-file-disclosure, winnt-mstask-dos, bftpd-site-chown-bo, aim-remote-bo, subscribemelite-gain-admin-access, zope-image-file, http-cgi-everythingform, http-cgi-simplestmail, http-cgi-ad, kde-kmail-weak-encryption, aolim-buddyicon-bo, aim-remote-bo, rppppoe-zero-length-dos, proftpd-modsqlpw-unauth-access, gnu-ed-symlink, oops-ftputils-bo, oracle-oidldap-write-permission, foolproof-security-bypass, broadvision-bv1to1-reveal-path, ssldump-format-strings, coldfusion-sample-dos, kerberos4-arbitrary-proxy, kerberos4-auth-packet-overflow, kerberos4-user-config, kerberos4-tmpfile-dos, homeseer-directory-traversal, offline-explorer-reveal-files, imail-smtp-auth-dos, apc-apcupsd-dos, cisco-catalyst-telnet-dos, ultraseek-reveal-path, irc-dreamforge-dns-dos, mailman-alternate-templates, markvision-printer-driver-bo, nt-ras-reg-perms, nt-snmp-reg-perms, nt-mts-reg-perms, irc-bitchx-dns-bo, ibm-db2-gain-access, ibm-db2-dos, vsu-source-routing, vsu-ip-bridging, ftp-servu-homedir-travers, cisco-cbos-web-access, watchguard-soho-get-dos, phone-book-service-bo, cisco-cbos-syn-packets, cisco-cbos-invalid-login, cisco-cbos-icmp-echo, linux-diskcheck-race-symlink, ie-form-file-upload, mssql-xp-paraminfo-bo, majordomo-auth-execute-commands, ie-print-template, aix-piobe-bo, aix-pioout-bo, aix-setclock-bo, aix-enq-bo, aix-digest-bo, and aix-setsenv-bo.
5e663d9821efd059b23f294cdfa745ad9b5a6aab6c5de4ec2febfa417d586623
-----BEGIN PGP SIGNED MESSAGE-----
Internet Security Systems Security Alert Summary
January 1, 2001
Volume 6 Number 2
The following computer security issues have been publicly reported and
documented in the X-Force Vulnerability and Threat Database
(http://xforce.iss.net).
This document is available at
http://xforce.iss.net/alerts/vol-06_num-02.php. To receive these Alert
Summaries:
- - Subscribe to the Alert mailing list from
http://xforce.iss.net/maillists/index.php
- - Or send an email to majordomo@iss.net, and within the body of the
message type:
- - 'subscribe alert' (without the quotes).
_____
Contents
115 Reported Vulnerabilities
Risk Factor Key
_____
Date Reported: 12/31/00
Vulnerability: exmh-error-symlink
Platforms Affected: exmh 2.2 and earlier
Risk Factor: High
Attack Type: Host Based
Brief Description: exmh error message symlink
X-Force URL: http://xforce.iss.net/static/5829.php
_____
Date Reported: 12/30/00
Vulnerability: informix-webdriver-symlink
Platforms Affected: Informix Webdriver
Risk Factor: High
Attack Type: Host Based
Brief Description: Informix Webdriver symbolic link
X-Force URL: http://xforce.iss.net/static/5827.php
_____
Date Reported: 12/30/00
Vulnerability: informix-webdriver-admin-access
Platforms Affected: Informix Webdriver
Risk Factor: High
Attack Type: Network Based
Brief Description: Informix Webdriver remote Admin access
X-Force URL: http://xforce.iss.net/static/5833.php
_____
Date Reported: 12/29/00
Vulnerability: zonealarm-mutex-dos
Platforms Affected: ZoneAlarm Pro
Risk Factor: Medium
Attack Type: Host Based
Brief Description: ZoneAlarm and ZoneAlarm Pro Mutex creation denial
of service
X-Force URL: http://xforce.iss.net/static/5821.php
_____
Date Reported: 12/29/00
Vulnerability: zonealarm-batfile-dos
Platforms Affected: ZoneAlarm Pro
Risk Factor: Medium
Attack Type: Host Based
Brief Description: ZoneAlarm and ZoneAlarm Pro can be taken down with
a batch file
X-Force URL: http://xforce.iss.net/static/5822.php
_____
Date Reported: 12/29/00
Vulnerability: shockwave-flash-swf-bo
Platforms Affected: Shockwave Plugin 8.0 and prior
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Shockwave Flash SWF file buffer overflow
X-Force URL: http://xforce.iss.net/static/5826.php
_____
Date Reported: 12/29/00
Vulnerability: macos-multiple-users
Platforms Affected: MacOS 9.0
Risk Factor: High
Attack Type: Host Based
Brief Description: Mac OS 'Multiple Users' bypass password
X-Force URL: http://xforce.iss.net/static/5830.php
_____
Date Reported: 12/28/00
Vulnerability: http-cgi-ikonboard
Platforms Affected: Ikonboard 2.1.7b and prior
Risk Factor: High
Attack Type: Host Based
Brief Description: Ikonboard allows remote attacker to execute
commands
X-Force URL: http://xforce.iss.net/static/5819.php
_____
Date Reported: 12/27/00
Vulnerability: http-cgi-technote-main
Platforms Affected: TECH-NOTE (000, 2001, Pro)
Risk Factor: High
Attack Type: Network Based
Brief Description: TECH-NOTE main.cgi reveals files
X-Force URL: http://xforce.iss.net/static/5813.php
_____
Date Reported: 12/26/00
Vulnerability: xwindows-char-dos
Platforms Affected: XFree86
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: X Windows multiple character denial of service
X-Force URL: http://xforce.iss.net/static/5834.php
_____
Date Reported: 12/25/00
Vulnerability: 1stup-mail-server-bo
Platforms Affected: 1st Up Mail Server 4.1
Risk Factor: Medium
Attack Type: Network Based
Brief Description: 1st Up Mail Server buffer overflow
X-Force URL: http://xforce.iss.net/static/5808.php
_____
Date Reported: 12/25/00
Vulnerability: dialog-symlink
Platforms Affected: Linux Debian 2.2
Risk Factor: High
Attack Type: Host Based
Brief Description: Linux dialog package symlink attack
X-Force URL: http://xforce.iss.net/static/5809.php
_____
Date Reported: 12/25/00
Vulnerability: ibm-wcs-admin
Platforms Affected: IBM Websphere Commerce Suite
Risk Factor: High
Attack Type: Host Based
Brief Description: IBM WCS admin.config allows user to execute
arbitrary commands
X-Force URL: http://xforce.iss.net/static/5831.php
_____
Date Reported: 12/23/00
Vulnerability: http-cgi-technote-print
Platforms Affected: TECH-NOTE (2000, 2001, Pro)
Risk Factor: Medium
Attack Type: Network Based
Brief Description: TECH-NOTE print.cgi reveals files
X-Force URL: http://xforce.iss.net/static/5815.php
_____
Date Reported: 12/22/00
Vulnerability: iis-web-form-submit
Platforms Affected: IIS (4.0, 5.0)
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: IIS Web form submission
X-Force URL: http://xforce.iss.net/static/5823.php
_____
Date Reported: 12/21/00
Vulnerability: hpux-kermit-bo
Platforms Affected: HPUX (10.01, 10.10, 10.20, 11.00)
Risk Factor: Medium
Attack Type: Host Based
Brief Description: HP-UX kermit buffer overflow
X-Force URL: http://xforce.iss.net/static/5793.php
_____
Date Reported: 12/21/00
Vulnerability: bsguest-cgi-execute-commands
Platforms Affected: Linux
Risk Factor: Medium
Attack Type: Network Based
Brief Description: bsguest.cgi allows remote execution of commands on
server
X-Force URL: http://xforce.iss.net/static/5796.php
_____
Date Reported: 12/21/00
Vulnerability: bslist-cgi-execute-commands
Platforms Affected: Linux
Risk Factor: Medium
Attack Type: Network Based
Brief Description: bslist.cgi allows remote execution of commands on
server
X-Force URL: http://xforce.iss.net/static/5797.php
_____
Date Reported: 12/21/00
Vulnerability: infinite-interchange-dos
Platforms Affected: Infinite Interchange 3.61
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Infinite InterChange denial of service
X-Force URL: http://xforce.iss.net/static/5798.php
_____
Date Reported: 12/21/00
Vulnerability: oracle-execute-plsql
Platforms Affected: Oracle Application Server
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Oracle remote procedure execution
X-Force URL: http://xforce.iss.net/static/5817.php
_____
Date Reported: 12/21/00
Vulnerability: ksh-redirection-symlink
Platforms Affected: IRIX (6.2, 6.5.x)
Solaris (2.5.1, 2.6, 7)
HPUX 9.00
Digital Unix 5.0
Risk Factor: High
Attack Type: Host Based
Brief Description: ksh redirection symlink attack
X-Force URL: http://xforce.iss.net/static/5811.php
_____
Date Reported: 12/21/00
Vulnerability: oracle-webdb-admin-access
Platforms Affected: Oracle Internet Application Server 3.0.7
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Oracle IAS allows administrative access
X-Force URL: http://xforce.iss.net/static/5818.php
_____
Date Reported: 12/21/00
Vulnerability: infinite-interchange-dos
Platforms Affected: Infinite Interchange 3.61
Risk Factor: Web Scan
Attack Type: Network/Host Based
Brief Description: Infinite InterChange denial of service
X-Force URL: http://xforce.iss.net/static/5798.php
_____
Date Reported: 12/20/00
Vulnerability: gnupg-detached-sig-modify
Platforms Affected: GnuPG (1.0, 1.0.1, 1.0.2, 1.0.3)
Risk Factor: Medium
Attack Type: Host Based
Brief Description: GnuPG allows users to modify signed messages with
detached signatures
X-Force URL: http://xforce.iss.net/static/5802.php
_____
Date Reported: 12/20/00
Vulnerability: gnupg-reveal-private
Platforms Affected: GnuPG (1.0, 1.0.1, 1.0.2, 1.0.3)
Risk Factor: Medium
Attack Type: Host Based
Brief Description: GnuPG will import private keys along with public
keys
X-Force URL: http://xforce.iss.net/static/5803.php
_____
Date Reported: 12/20/00
Vulnerability: zonealarm-nmap-scans
Platforms Affected: ZoneAlarm
Risk Factor: High
Attack Type: Network Based
Brief Description: ZoneAlarm does not detect NMAP scans
X-Force URL: http://xforce.iss.net/static/5799.php
_____
Date Reported: 12/20/00
Vulnerability: zonealarm-open-shares
Platforms Affected: ZoneAlarm
Risk Factor: High
Attack Type: Network Based
Brief Description: ZoneAlarm open shares
X-Force URL: http://xforce.iss.net/static/5825.php
_____
Date Reported: 12/19/00
Vulnerability: win2k-index-service-activex
Platforms Affected: Windows 2000
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: Windows 2000 Index Service ActiveX controls allow
unauthorized access to file information
X-Force URL: http://xforce.iss.net/static/5800.php
_____
Date Reported: 12/19/00
Vulnerability: proftpd-size-memory-leak
Platforms Affected: Proftpd
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: proftpd memory leak when using SIZE command
X-Force URL: http://xforce.iss.net/static/5801.php
_____
Date Reported: 12/19/00
Vulnerability: weblogic-dot-bo
Platforms Affected: WebLogic
Risk Factor: Medium
Attack Type: Network Based
Brief Description: BEA WebLogic Server "dotdot" URL buffer overflow
X-Force URL: http://xforce.iss.net/static/5782.php
_____
Date Reported: 12/19/00
Vulnerability: mdaemon-imap-dos
Platforms Affected: MDaemon
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: MDaemon IMAP buffer overflow denial of service
X-Force URL: http://xforce.iss.net/static/5805.php
_____
Date Reported: 12/19/00
Vulnerability: zope-calculate-roles
Platforms Affected: Zp[e
Risk Factor: High
Attack Type: Host Based
Brief Description: zope package in Linux calculates local roles
incorrectly
X-Force URL: http://xforce.iss.net/static/5777.php
_____
Date Reported: 12/19/00
Vulnerability: itetris-svgalib-path
Platforms Affected: svgalib
Risk Factor: High
Attack Type: Host Based
Brief Description: Itetris svgalib PATH
X-Force URL: http://xforce.iss.net/static/5795.php
_____
Date Reported: 12/18/00
Vulnerability: bsd-ftpd-replydirname-bo
Platforms Affected: BSD Based Operating Systems
Risk Factor: High
Attack Type: Network Based
Brief Description: BSD ftpd replydirname() function buffer overflow
X-Force URL: http://xforce.iss.net/static/5776.php
_____
Date Reported: 12/18/00
Vulnerability: sonata-command-execute
Platforms Affected: Sonata
Risk Factor: High
Attack Type: Host Based
Brief Description: Sonata argument command line execution
X-Force URL: http://xforce.iss.net/static/5787.php
_____
Date Reported: 12/18/00
Vulnerability: solaris-catman-symlink
Platforms Affected: Solaris
Risk Factor: High
Attack Type: Host Based
Brief Description: Solaris catman command symlink attack
X-Force URL: http://xforce.iss.net/static/5788.php
_____
Date Reported: 12/18/00
Vulnerability: solaris-patchadd-symlink
Platforms Affected: Solaris
Risk Factor: High
Attack Type: Host Based
Brief Description: Solaris patchadd symlink attack
X-Force URL: http://xforce.iss.net/static/5789.php
_____
Date Reported: 12/18/00
Vulnerability: stunnel-format-logfile
Platforms Affected: Stunnel
Risk Factor: High
Attack Type: Network Based
Brief Description: Stunnel format allows user to write to logfile
X-Force URL: http://xforce.iss.net/static/5807.php
_____
Date Reported: 12/17/00
Vulnerability: hp-top-sys-files
Platforms Affected: HPUX
Risk Factor: Low
Attack Type: Host Based
Brief Description: HP-UX top command could be used to overwrite files
X-Force URL: http://xforce.iss.net/static/5773.php
_____
Date Reported: 12/16/00
Vulnerability: zope-legacy-names
Platforms Affected: Zope
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Linux zope package "legacy" names
X-Force URL: http://xforce.iss.net/static/5824.php
_____
Date Reported: 12/15/00
Vulnerability: mrj-runtime-malicious-applets
Platforms Affected: MRJ
Risk Factor: Low
Attack Type: Host Based
Brief Description: MRJ runtime environment could allow malicious
applets to be executed
X-Force URL: http://xforce.iss.net/static/5784.php
_____
Date Reported: 12/14/00
Vulnerability: coffeecup-ftp-weak-encryption
Platforms Affected: CoffeeCup FTP
Risk Factor: Low
Attack Type: Host Based
Brief Description: CoffeeCup FTP client has weak password encryption
X-Force URL: http://xforce.iss.net/static/5744.php
_____
Date Reported: 12/14/00
Vulnerability: watchguard-soho-fragmented-packets
Platforms Affected: WatchGuard
Risk Factor: Medium
Attack Type: Network Based
Brief Description: WatchGuard SOHO Firewall fragmented IP packet
attack
X-Force URL: http://xforce.iss.net/static/5749.php
_____
Date Reported: 12/14/00
Vulnerability: jpilot-perms
Platforms Affected: J-Pilot
Risk Factor: Medium
Attack Type: Host Based
Brief Description: J-Pilot permissions could reveal sensitive
information
X-Force URL: http://xforce.iss.net/static/5762.php
_____
Date Reported: 12/14/00
Vulnerability: mediaservices-dropped-connection-dos
Platforms Affected: Microsoft Media Services
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Microsoft Media Services dropped connection denial
of service
X-Force URL: http://xforce.iss.net/static/5785.php
_____
Date Reported: 12/14/00
Vulnerability: watchguard-soho-web-auth
Platforms Affected: WatchGuard
Risk Factor: High
Attack Type: Network Based
Brief Description: WatchGuard SOHO Web config server could allow
unauthenticated access
X-Force URL: http://xforce.iss.net/static/5554.php
_____
Date Reported: 12/14/00
Vulnerability: watchguard-soho-passcfg-reset
Platforms Affected: WatchGuard
Risk Factor: High
Attack Type: Network Based
Brief Description: WatchGuard SOHO administrator password can be
remotely reset
X-Force URL: http://xforce.iss.net/static/5742.php
_____
Date Reported: 12/14/00
Vulnerability: http-cgi-simplestguest
Platforms Affected: simplestguest.cgi
Risk Factor: High
Attack Type: Network Based
Brief Description: simplestguest.cgi input validation error
X-Force URL: http://xforce.iss.net/static/5743.php
_____
Date Reported: 12/14/00
Vulnerability: safeword-palm-pin-extraction
Platforms Affected: SafeWord
e.iD Palm Authenticator
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: SafeWord and e.iD Palm Authenticator allows
attacker to clone Palm device
X-Force URL: http://xforce.iss.net/static/5753.php
_____
Date Reported: 12/14/00
Vulnerability: mdaemon-lock-bypass-password
Platforms Affected: MDaemon
Risk Factor: High
Attack Type: Host Based
Brief Description: MDaemon "lock" bypass password
X-Force URL: http://xforce.iss.net/static/5763.php
_____
Date Reported: 12/13/00
Vulnerability: cisco-catalyst-ssh-mismatch
Platforms Affected: Cisco Catalyst
Risk Factor: Low
Attack Type: Network Based
Brief Description: Cisco Catalyst SSH protocol mismatch
X-Force URL: http://xforce.iss.net/static/5760.php
_____
Date Reported: 12/13/00
Vulnerability: microsoft-iis-file-disclosure
Platforms Affected: IIS
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Microsoft IIS Far East editions file disclosure
X-Force URL: http://xforce.iss.net/static/5729.php
_____
Date Reported: 12/13/00
Vulnerability: ezshopper-cgi-file-disclosure
Platforms Affected: loadpage.cgi
Risk Factor: Medium
Attack Type: Network Based
Brief Description: EZshopper loadpage.cgi file disclosure
X-Force URL: http://xforce.iss.net/static/5740.php
_____
Date Reported: 12/13/00
Vulnerability: winnt-mstask-dos
Platforms Affected: Windows NT
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Windows NT MSTask.exe denial of service
X-Force URL: http://xforce.iss.net/static/5746.php
_____
Date Reported: 12/13/00
Vulnerability: bftpd-site-chown-bo
Platforms Affected: BFTPD
Risk Factor: High
Attack Type: Network Based
Brief Description: BFTPD SITE CHOWN buffer overflow
X-Force URL: http://xforce.iss.net/static/5775.php
_____
Date Reported: 12/12/00
Vulnerability: aim-remote-bo
Platforms Affected: AOL Instant Messenger
Risk Factor: Medium
Attack Type: Network Based
Brief Description: AOL Instant Messenger buffer overflow
X-Force URL: http://xforce.iss.net/static/5732.php
_____
Date Reported: 12/12/00
Vulnerability: subscribemelite-gain-admin-access
Platforms Affected: Subscribe Me Lite
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Subscribe Me Lite mailing list manager
unauthorized access
X-Force URL: http://xforce.iss.net/static/5735.php
_____
Date Reported: 12/12/00
Vulnerability: zope-image-file
Platforms Affected: Zope
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Linux zope package Image and File objects
X-Force URL: http://xforce.iss.net/static/5778.php
_____
Date Reported: 12/12/00
Vulnerability: http-cgi-everythingform
Platforms Affected: everythingform.cgi
Risk Factor: High
Attack Type: Network Based
Brief Description: everythingform.cgi input validation error
X-Force URL: http://xforce.iss.net/static/5736.php
_____
Date Reported: 12/12/00
Vulnerability: http-cgi-simplestmail
Platforms Affected: simplestmail.cgi
Risk Factor: High
Attack Type: Network Based
Brief Description: simplestmail.cgi input validation error
X-Force URL: http://xforce.iss.net/static/5739.php
_____
Date Reported: 12/12/00
Vulnerability: http-cgi-ad
Platforms Affected: ad.cgi
Risk Factor: High
Attack Type: Network Based
Brief Description: ad.cgi input validation error
X-Force URL: http://xforce.iss.net/static/5741.php
_____
Date Reported: 12/12/00
Vulnerability: kde-kmail-weak-encryption
Platforms Affected: KDE KMail
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: KDE KMail weak password encryption
X-Force URL: http://xforce.iss.net/static/5761.php
_____
Date Reported: 12/12/00
Vulnerability: aolim-buddyicon-bo
Platforms Affected: AOL Instant Messenger
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: AOL Instant Messenger Buddy Icon buffer overflow
X-Force URL: http://xforce.iss.net/static/5786.php
_____
Date Reported: 12/12/00
Vulnerability: aim-remote-bo
Platforms Affected: AOL Instant Messenger
Risk Factor: Medium
Attack Type: Network Based
Brief Description: AOL Instant Messenger buffer overflow
X-Force URL: http://xforce.iss.net/static/5732.php
_____
Date Reported: 12/11/00
Vulnerability: rppppoe-zero-length-dos
Platforms Affected: rp-pppoe
Risk Factor: Medium
Attack Type: Network Based
Brief Description: rp-pppoe "zero-length" option denial of service
X-Force URL: http://xforce.iss.net/static/5727.php
_____
Date Reported: 12/11/00
Vulnerability: proftpd-modsqlpw-unauth-access
Platforms Affected: ProFTPd
Risk Factor: Medium
Attack Type: Network Based
Brief Description: ProFTPD system using mod_sqlpw unauthorized access
X-Force URL: http://xforce.iss.net/static/5737.php
_____
Date Reported: 12/11/00
Vulnerability: gnu-ed-symlink
Platforms Affected: GNU ed
Risk Factor: High
Attack Type: Host Based
Brief Description: GNU ed symlink
X-Force URL: http://xforce.iss.net/static/5723.php
_____
Date Reported: 12/11/00
Vulnerability: oops-ftputils-bo
Platforms Affected: Oops Proxy Server
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Oops Proxy Server ftp_utils buffer overflow
X-Force URL: http://xforce.iss.net/static/5725.php
_____
Date Reported: 12/11/00
Vulnerability: oracle-oidldap-write-permission
Platforms Affected: Oracle Internet Directory
Risk Factor: High
Attack Type: Host Based
Brief Description: Oracle Internet Directory write permission
X-Force URL: http://xforce.iss.net/static/5804.php
_____
Date Reported: 12/9/00
Vulnerability: foolproof-security-bypass
Platforms Affected: FoolProof
Risk Factor: High
Attack Type: Host Based
Brief Description: FoolProof Security restriction bypass using FTP
X-Force URL: http://xforce.iss.net/static/5758.php
_____
Date Reported: 12/8/00
Vulnerability: broadvision-bv1to1-reveal-path
Platforms Affected: BroadVision One-To-One Enterprise Server
Risk Factor: Low
Attack Type: Network Based
Brief Description: BroadVision One-To-One Enterprise Server reveals
path to server
X-Force URL: http://xforce.iss.net/static/5661.php
_____
Date Reported: 12/8/00
Vulnerability: ssldump-format-strings
Platforms Affected: ssldump
Risk Factor: Medium
Attack Type: Network Based
Brief Description: ssldump format string could allow arbitrary
execution of code
X-Force URL: http://xforce.iss.net/static/5717.php
_____
Date Reported: 12/8/00
Vulnerability: coldfusion-sample-dos
Platforms Affected: ColdFusion
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: ColdFusion sample script denial of service
X-Force URL: http://xforce.iss.net/static/5755.php
_____
Date Reported: 12/8/00
Vulnerability: kerberos4-arbitrary-proxy
Platforms Affected: Kerberos 4
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: KTH Kerberos 4 arbitrary proxy enviornment
variable
X-Force URL: http://xforce.iss.net/static/5733.php
_____
Date Reported: 12/8/00
Vulnerability: kerberos4-auth-packet-overflow
Platforms Affected: Kerberos 4
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: KTH Kerberos 4 authentication packet buffer
overflow
X-Force URL: http://xforce.iss.net/static/5734.php
_____
Date Reported: 12/8/00
Vulnerability: kerberos4-user-config
Platforms Affected: Kerberos 4
Risk Factor: High
Attack Type: Host Based
Brief Description: KTH Kerberos 4 user supplied configuration files
X-Force URL: http://xforce.iss.net/static/5738.php
_____
Date Reported: 12/8/00
Vulnerability: kerberos4-tmpfile-dos
Platforms Affected: Kerberos 4
Risk Factor: High
Attack Type: Host Based
Brief Description: KTH Kerberos 4 race condition
X-Force URL: http://xforce.iss.net/static/5754.php
_____
Date Reported: 12/7/00
Vulnerability: homeseer-directory-traversal
Platforms Affected: HomeSeer
Risk Factor: Low
Attack Type: Network Based
Brief Description: HomeSeer allows directory traversal
X-Force URL: http://xforce.iss.net/static/5663.php
_____
Date Reported: 12/7/00
Vulnerability: offline-explorer-reveal-files
Platforms Affected: MetaProducts Offline Explorer
Risk Factor: Low
Attack Type: Network/Host Based
Brief Description: MetaProducts Offline Explorer can reveal file
system
X-Force URL: http://xforce.iss.net/static/5728.php
_____
Date Reported: 12/7/00
Vulnerability: imail-smtp-auth-dos
Platforms Affected: IMail
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: IMail SMTP auth denial of service
X-Force URL: http://xforce.iss.net/static/5674.php
_____
Date Reported: 12/6/00
Vulnerability: apc-apcupsd-dos
Platforms Affected: APC apcupsd
Risk Factor: Medium
Attack Type: Host Based
Brief Description: APC apcupsd denial of service
X-Force URL: http://xforce.iss.net/static/5654.php
_____
Date Reported: 12/6/00
Vulnerability: cisco-catalyst-telnet-dos
Platforms Affected: Cisco Catalyst
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Cisco Catalyst telnet server memory leak denial of
service
X-Force URL: http://xforce.iss.net/static/5656.php
_____
Date Reported: 12/6/00
Vulnerability: apache-php-disclose-files
Platforms Affected: Apache Web server
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Apache Web server discloses files when used with
php script
X-Force URL: http://xforce.iss.net/static/5659.php
_____
Date Reported: 12/6/00
Vulnerability: ultraseek-reveal-path
Platforms Affected: Ultraseek
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Ultraseek Server can reveal the path and source
code to certain files
X-Force URL: http://xforce.iss.net/static/5660.php
_____
Date Reported: 12/6/00
Vulnerability: irc-dreamforge-dns-dos
Platforms Affected: DreamForge IRCd
Risk Factor: Medium
Attack Type: Network Based
Brief Description: DreamForge IRCd DNS denial of service
X-Force URL: http://xforce.iss.net/static/5721.php
_____
Date Reported: 12/6/00
Vulnerability: mailman-alternate-templates
Platforms Affected: MailMan
Risk Factor: High
Attack Type: Network Based
Brief Description: MailMan Alternate Templates form variable allows
remote attacker to execute commands
X-Force URL: http://xforce.iss.net/static/5649.php
_____
Date Reported: 12/6/00
Vulnerability: phpgroupware-include-files
Platforms Affected:
Risk Factor: High
Attack Type: Network Based
Brief Description: phpGroupWare include files allows remote attacker
to execute commands
X-Force URL: http://xforce.iss.net/static/5650.php
_____
Date Reported: 12/6/00
Vulnerability: markvision-printer-driver-bo
Platforms Affected: Lexmark MarkVision
Risk Factor: High
Attack Type: Host Based
Brief Description: Lexmark MarkVision printer drivers for Unix buffer
overflows
X-Force URL: http://xforce.iss.net/static/5651.php
_____
Date Reported: 12/6/00
Vulnerability: nt-ras-reg-perms
Platforms Affected: Windows NT
Risk Factor: High
Attack Type: Host Based
Brief Description: Windows NT RAS registry permissions
X-Force URL: http://xforce.iss.net/static/5671.php
_____
Date Reported: 12/6/00
Vulnerability: nt-snmp-reg-perms
Platforms Affected: Windows NT
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Windows NT SNMP registry permissions
X-Force URL: http://xforce.iss.net/static/5672.php
_____
Date Reported: 12/6/00
Vulnerability: nt-mts-reg-perms
Platforms Affected: Windows NT
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Windows NT MTS registry permissions
X-Force URL: http://xforce.iss.net/static/5673.php
_____
Date Reported: 12/6/00
Vulnerability: irc-bitchx-dns-bo
Platforms Affected: BitchX
Risk Factor: High
Attack Type: Network Based
Brief Description: BitchX IRC DNS buffer overflow
X-Force URL: http://xforce.iss.net/static/5701.php
_____
Date Reported: 12/5/00
Vulnerability: ibm-db2-gain-access
Platforms Affected: IBM DB2
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: IBM DB2 Universal Database can give access through
default username and password
X-Force URL: http://xforce.iss.net/static/5662.php
_____
Date Reported: 12/5/00
Vulnerability: ibm-db2-dos
Platforms Affected: IBM DB2
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: IBM DB2 Universal Database denial of service
X-Force URL: http://xforce.iss.net/static/5664.php
_____
Date Reported: 12/5/00
Vulnerability: vsu-source-routing
Platforms Affected: VSU
Risk Factor: Medium
Attack Type: Network Based
Brief Description: VPNet VSU gateways contain source routing
X-Force URL: http://xforce.iss.net/static/5667.php
_____
Date Reported: 12/5/00
Vulnerability: vsu-ip-bridging
Platforms Affected: VSU
Risk Factor: Medium
Attack Type: Network Based
Brief Description: VPNet VSU gateways contain bridging code
X-Force URL: http://xforce.iss.net/static/5670.php
_____
Date Reported: 12/5/00
Vulnerability: ftp-servu-homedir-travers
Platforms Affected: Serv-U FTP
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: FTP Serv-U home directory traversal could allow
access to FTProot
X-Force URL: http://xforce.iss.net/static/5639.php
_____
Date Reported: 12/4/00
Vulnerability: cisco-cbos-web-access
Platforms Affected: CISCO CBOS
Risk Factor: Medium
Attack Type: Network Based
Brief Description: Cisco CBOS Web access enabled denial of service
X-Force URL: http://xforce.iss.net/static/5626.php
_____
Date Reported: 12/4/00
Vulnerability: watchguard-soho-get-dos
Platforms Affected: WatchGuard SOHO
Risk Factor: Medium
Attack Type: Network Based
Brief Description: WatchGuard SOHO Firewall multiple GET requests
denial of service
X-Force URL: http://xforce.iss.net/static/5665.php
_____
Date Reported: 12/4/00
Vulnerability: phone-book-service-bo
Platforms Affected: Windows 2000
Windows NT
Risk Factor: High
Attack Type: Network Based
Brief Description: Windows NT and 2000 Phone Book service buffer
overflow
X-Force URL: http://xforce.iss.net/static/5623.php
_____
Date Reported: 12/4/00
Vulnerability: cisco-cbos-syn-packets
Platforms Affected: CISCO CBOS
Risk Factor: High
Attack Type: Network Based
Brief Description: Cisco CBOS SYN packets denial of service
X-Force URL: http://xforce.iss.net/static/5627.php
_____
Date Reported: 12/4/00
Vulnerability: cisco-cbos-invalid-login
Platforms Affected: CISCO CBOS
Risk Factor: High
Attack Type: Network Based
Brief Description: Cisco CBOS does not log invalid logins
X-Force URL: http://xforce.iss.net/static/5628.php
_____
Date Reported: 12/4/00
Vulnerability: cisco-cbos-icmp-echo
Platforms Affected: CISCO CBOS
Risk Factor: High
Attack Type: Network Based
Brief Description: Cisco CBOS large ICMP ECHO packet denial of
service
X-Force URL: http://xforce.iss.net/static/5629.php
_____
Date Reported: 12/2/00
Vulnerability: phpweblog-bypass-authentication
Platforms Affected: phpWebLog
Risk Factor: High
Attack Type: Host Based
Brief Description: phpWebLog allows users to bypass authentication
X-Force URL: http://xforce.iss.net/static/5625.php
_____
Date Reported: 12/1/00
Vulnerability: linux-diskcheck-race-symlink
Platforms Affected: Linux
Risk Factor: Low
Attack Type: Host Based
Brief Description: Linux diskcheck race condition could allow a tmp
file symbolic link attack
X-Force URL: http://xforce.iss.net/static/5624.php
_____
Date Reported: 12/1/00
Vulnerability: ie-form-file-upload
Platforms Affected: Microsoft Internet Explorer
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Description: Internet Explorer file upload form
X-Force URL: http://xforce.iss.net/static/5615.php
_____
Date Reported: 12/1/00
Vulnerability: mssql-xp-paraminfo-bo
Platforms Affected:
Risk Factor: Medium
Attack Type: Host Based
Brief Description: Microsoft SQL XP srv_paraminfo() buffer overflow
X-Force URL: http://xforce.iss.net/static/5622.php
_____
Date Reported: 12/1/00
Vulnerability: majordomo-auth-execute-commands
Platforms Affected: Majordomo
Risk Factor: High
Attack Type: Network Based
Brief Description: Majordomo allows administrative access without
password
X-Force URL: http://xforce.iss.net/static/5611.php
_____
Date Reported: 12/1/00
Vulnerability: ie-print-template
Platforms Affected: Microsoft Internet Explorer
Risk Factor: High
Attack Type: Network/Host Based
Brief Description: Internet Explorer print template
X-Force URL: http://xforce.iss.net/static/5614.php
_____
Date Reported: 12/1/00
Vulnerability: aix-piobe-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX piobe buffer overflow
X-Force URL: http://xforce.iss.net/static/5616.php
_____
Date Reported: 12/1/00
Vulnerability: aix-pioout-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX pioout buffer overflow
X-Force URL: http://xforce.iss.net/static/5617.php
_____
Date Reported: 12/1/00
Vulnerability: aix-setclock-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX setclock buffer overflow
X-Force URL: http://xforce.iss.net/static/5618.php
_____
Date Reported: 12/1/00
Vulnerability: aix-enq-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX enq buffer overflow
X-Force URL: http://xforce.iss.net/static/5619.php
_____
Date Reported: 12/1/00
Vulnerability: aix-digest-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX digest buffer overflow
X-Force URL: http://xforce.iss.net/static/5620.php
_____
Date Reported: 12/1/00
Vulnerability: aix-setsenv-bo
Platforms Affected: AIX
Risk Factor: High
Attack Type: Host Based
Brief Description: AIX setsenv buffer overflow
X-Force URL: http://xforce.iss.net/static/5621.php
Risk Factor Key:
High Any vulnerability that provides an attacker with immediate
access into a machine, gains superuser access, or bypasses
a firewall. Example: A vulnerable Sendmail 8.6.5 version
that allows an intruder to execute commands on mail
server.
Medium Any vulnerability that provides information that has a
high potential of giving system access to an intruder.
Example: A misconfigured TFTP or vulnerable NIS server
that allows an intruder to get the password file that
could contain an account with a guessable password.
Low Any vulnerability that provides information that
potentially could lead to a compromise. Example: A
finger that allows an intruder to find out who is online
and potential accounts to attempt to crack passwords
via brute force methods.
_____
Additional Information
This document is available at http://xforce.iss.net/alerts/advisennn.php.
To receive these Alerts and Advisories:
- - Subscribe to the Alert mailing list from
http://xforce.iss.net/maillists/index.php
- - Or send an email to majordomo@iss.net, and within the body of the
message type:
'subscribe alert' (without the quotes).
About Internet Security Systems (ISS)
Internet Security Systems, Inc. (ISS) (NASDAQ: ISSX) is the leading
global provider of security management solutions for the Internet.
By combining best of breed products, security management services,
aggressive research and development, and comprehensive educational
and consulting services, ISS is the trusted security advisor for
thousands of organizations around the world looking to protect their
mission critical information and networks.
Copyright (c) 2001 by Internet Security Systems, Inc.
Permission is hereby granted for the redistribution of this Alert
electronically. It is not to be edited in any way without express consent
of the X-Force. If you wish to reprint the whole or any part of this
Alert in any other medium excluding electronic medium, please e-mail
xforce@iss.net for permission.
Disclaimer
The information within this paper may change without notice. Use of this
information constitutes acceptance for use in an AS IS condition. There
are NO warranties with regard to this information. In no event shall the
author be liable for any damages whatsoever arising out of or in
connection with the use or spread of this information. Any use of this
information is at the user's own risk.
X-Force PGP Key available at: http://xforce.iss.net/sensitive.php as
well as on MIT's PGP key server and PGP.com's key server.
Please send suggestions, updates, and comments to: X-Force xforce@iss.net
of Internet Security Systems, Inc.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a
Charset: noconv
iQCVAwUBOmd8xjRfJiV99eG9AQHGkAQAgX36zVSxItnmE160WG5ws5c6tp0F0Sr0
LLmTWkj7iiYUNv2dKxsw0L4IxItVyilHBYDDrQtjpD76ABE1YhaU2qxlFCeNqMoL
r21MXXYy0JZWfMCU+t7dk7VNtDzy/0EpbZIcBqziisvQJYgUin3viD54QK+gsYIw
jbM10AXVSHw=
=5U+8
-----END PGP SIGNATURE-----