CERT Advisory CA-2002-03 - Multiple vulnerabilities have been discovered in various Simple Network Management Protocol (SNMP) implementations. These vulnerabilities may allow unauthorized privileged access, denial-of-service attacks, or cause unstable behavior. It is urged that administrators turn off SNMP altogether if it is not currently necessary. Research and discovery made by the University of OULU.
89a7c63a1e39898658787058aa9492ce71bd791a973e34c9d9294c8fbb3cc5aeThere is a remotely exploitable buffer overflow in ICQ v2001A and below. Attackers that are able to exploit the vulnerability can execute arbitrary code with the privileges of the victim user. There are 122 million vulnerable clients. Full details are discussed in VU#570167. An exploit is known to exist. Voice Video & Games plugin installed with AOL Mirabilis ICQ Versions 2001B Beta v5.18 Build #3659 and prior is also vulnerable.
b76478c875f3e3639885e152c0e431077274669ba8875919014f2fd0c3eb15c4CERT Advisory CA-99-16 - Buffer Overflow in solaris sadmind. The sadmind program is installed by default in Solaris 2.5, 2.6, and 7.
91e3ccb53dada317e1d9eb7fb117db045ea4dab85eb4219206c1ebfaece31491CERT Advisory CA-2001-18 - Several implementations of the Lightweight Directory Access Protocol (LDAP) protocol contain vulnerabilities that may allow denial-of-service attacks and unauthorized privileged access. Vulnerable services include the iPlanet directory server, IBM SecureWay running under Solaris and Windows 2000, Lotus Domino R5 Servers, Teamware Office for Windows NT and Solaris, Qualcomm Eudora WorldMail for Windows NT, Microsoft Exchange 5.5 LDAP Service, Network Associates PGP Keyserver 7.0, prior to Hotfix 2, Oracle 8i Enterprise Edition, and OpenLDAP, 1.x prior to 1.2.12 and 2.x prior to 2.0.8.
9e19cd7d66a55eef48a071019853306af25f3e45626db8738dc134913870e60fCERT Quarterly Summary for May, 2001. Since the last regularly scheduled CERT summary, issued in February 2001 (CS-2001-01), we have seen a significant increase in reconnaissance activity, a number of self-propagating worms, and active exploitation of vulnerabilities in snmpxdmid, BIND and IIS by intruders.
4a4c69c74f9f9dfbf99e62d106c6b336a191d5792a093ca4b01aa1079a25f3c2CERT Advisory CA-2001-12 - A serious vulnerability in Microsoft IIS allows remote intruders to execute commands on an IIS web server, as discussed in ms01-026. This vulnerability closely resembles a previous vulnerability in IIS that was widely exploited.
2cadddd3da04743c36a3a52741d938f5153d72e781d14f364e28bbc175735689Cert Advisory CA-2001-11 - A worm which uses the sadmind overflow and the IIS unicode bug is propagating on the internet. Solaris systems compromised by this worm are being used to scan and compromise other Solaris and IIS systems. IIS systems compromised by this worm can suffer modified web content.
b7fd1b3c4d68118378d002763085fde45537233ded7492d3360c662fb0f27415CERT Advisory CA-2001-10 - Buffer Overflow Vulnerability in Microsoft IIS 5.0. A vulnerability exists in Microsoft IIS 5.0 running on Windows 2000 that allows a remote intruder to run arbitrary code on the victim machine, allowing them to gain complete administrative control of the machine.
f215451f6d6376e8b5ed3f0beb0666e204a7f74278f6a383259175da5237fb79Cert Advisory CA-2001-09 - Many systems are vulnerable to Initial Sequence Number (ISN) attacks, allowing attackers to manipulate and spoof tcp connections. Many systems use the Central Limit Theorem to protect the ISN, however these machines are still vulnerable to statistical attack. If the ISNs of future connections of a system are guessed exactly, an attacker will be able to complete a TCP three-way handshake, establish a phantom connection, and spoof TCP packets delivered to a victim. Affected systems include Cisco, FreeBSD prior to 4.3-RELEASE, OpenBSD prior to 2.8-current, Fujitsu, HP/UX, and SGI.
a5cf495414857e9c5fa8708b2e706b102950f10f44a8a44da848af3b556213e6CERT Advisory CA-2001-08 - The Alcatel Speed Touch Asymmetric Digital Subscriber Line (ADSL) modem has weak authentication and access control policies, allowing remote attackers to do many things, including unauthorized access, unauthorized monitoring, information leakage, denial of service, and permanent disability of affected devices. More information available here.
76b0c6926e286e0683d4a884673f336687a50efce904712c932438d0066b9ad6CERT Advisory CA-2001-07 - Many FTP servers have remote vulnerabilities in filename expansion due to the glob() function which allow arbitrary code execution. Vulnerable FTP servers include OpenBSD, NetBSD, FreeBSD, Irix, HPUX 11, and Solaris 8.
809c9d0e40e40d5ec796bd833496f52b16bd9671042bef29959a533565d6676bCERT Advisory CA-2001-06 - All versions of Microsoft Internet Explorer 5.5 SP1 or earlier and any software which utilizes vulnerable versions of Internet Explorer to render HTML allows an intruder to construct malicious content that, when viewed in Internet Explorer (or any program that uses the IE HTML rendering engine), can execute arbitrary code.
9c3e26644a6066867ffa37399fe54ba7c55d1e8341cd7e435a481c4ea6a2c3ebCERT Quarterly Summary for February, 2001 - Since the last regularly scheduled CERT summary, issued in November 2000, bugs in BIND TSIG and LPRng have began to be used on a large scale, while rpc.statd and FTPD continue to be exploited. A new Vulnerability Notes database has been started.
fe50242a328ecc66210ff9c70c8c7c8235963c7b3c118a3f1dbf25678c5876c5CERT Advisory CA-2001-03 - The "VBS/OnTheFly" malicious code is a VBScript virus that spreads via email to users of Microsoft Outlook who have not applied previously available security updates. When the malicious code executes, it attempts to send copies of itself, using Microsoft Outlook, to all entries in each of the address books. Outlook update available here.
857d86f779215cacaef6a95c16b3a5b35d2bc60ec5f355777384615d79db7342CERT Advisory CA-2001-02 - Multiple Vulnerabilities in BIND. Remote bugs have been found in v4.9.x prior to v4.9.8 and v8.2.x prior to v8.2.3 which allow remote attackers to run code as root.
1bdea8eb7f341f28ca1b262aeb53a6023cec0fb45299e0f94f11faeca3235226CERT Advisory CA-2001-01 - Interbase is an open source database package that had previously been distributed in a closed source fashion by Borland/Inprise. Both the open and closed source versions of the Interbase server contain a compiled-in back door account with a known password which allows any local or remote user able to access port 3050/tcp [gds_db] to manipulate any database object and run arbitrary code on the system.
5297ff0a53b5eba8336466e8f9e3e1e95fe113d05804f9acb97fa56acbf32e90CERT Advisory CA-2000-22 - Input Validation Problems in LPRng. A popular replacement software package to the BSD lpd printing service called LPRng contains at least one format string vulnerability in the syslog() function, which allows remote users with access to TCP port 515 to execute arbitrary code on vulnerable systems as root. Fix available here.
7fc230b21bc7c073377322bd6f4f933c974648e8cc9f128acc8e460b7085da36CERT Advisory CA-2000-21 Denial-of-Service Vulnerabilities in TCP/IP Stacks. A variety of denial-of-service vulnerabilities has been explored and documented by BindView's RAZOR Security Team. These vulnerabilities allow attackers to consume limited resources on victim machines. BindView's RAZOR Security Team has referred to these vulnerabilities as Naptha vulnerabilities.
b47973f7beecb7dfd7425f3caeb16f73edb2c3eaa854c743e4966dad8c9f1faaCERT Quarterly Summary for November, 2000 - Since the last regularly scheduled CERT summary, issued in August (CS-2000-03), we have seen continued compromises via rpc.statd and FTPd. We have also seen a number of sites compromised by exploiting a vulnerability in the IRIX telnet daemon. Notable virus activity includes the Loveletter.as worm and the QAZ worm.
e8488c9895d8d674123d6fae983a30e4fa01369e7a25ab353192c987dd4546eeCERT Advisory CA-2000-20 - Name servers running ISC bind v8.2 through 8.2.2-P6 contains two denial of service vulnerabilities. The first vulnerability is referred to by the ISC as the "zxfr bug" and affects ISC BIND version 8.2.2, patch levels 1 through 6. The second vulnerability, the "srv bug", affects ISC BIND versions 8.2 through 8.2.2-P6. More information about these vulnerabilities available here.
cd95a6b1bc9eb41421ec292ed176c6f56b4fb75e5f0998df20e42d7175b1cfbfThis is the CERT quarterly summary which focuses on the types of attacks reported to their incident response team, as well as other noteworthy incident and vulnerability information. This quarter CERT focuses on the input validation vulnerability in rpc.statd, multiple vulnerabilities in FTP daemons, ActiveX control vulnerabilities, exploitation of hidden file extensions, the Outlook and Outlook Express cache bypass vulnerability, chat clients and network security
4bf51de8888d1e0758c6a87a82f98451db5052c4790df7688c13d096dc65859aThere is a serious problem in the handling of certificates when encrypting with PGP versions 5.5.x through 6.5.3. The vulnerability lies within PGP's handling of Additional Decryption Keys (ADK) allowing a malicious user to insert an additional public key into the unsigned part of the user's public key-certificate. The malicious user may then be able to recover the plaintext of any encrypted text sent to the victim using the altered certificate.
c45c55d4466c3c9477b601b686fc803f77c6ef8c46a7777e7ccb7df02ee95223Cert Advisory CA-2000-17 - There is an input validation vulnerability in rpc.statd where the program passes user-supplied data to the syslog() function as a format string. Exploit allows user to execute arbitrary commands with the priviledges of the rpc.statd process, typically root.
e2c09423cd8b0c12f2ae82818c51410ae6fd13469ee6114738f0d90c8cc320bbCERT Advisory CA-2000-16 - Internet Explorer can open Microsoft Access database or project files containing malicious code and execute the code without giving a user prior warning. Access files that are referenced by OBJECT tags in HTML documents can allow attackers to execute arbitrary commands using Visual Basic for Applications (VBA) or macros. A remote intruder can send malicious HTML via an email message, newsgroup posting, or downloaded Web page and may be able to execute arbitrary code on a victim machine.
2ac36051a9e4bac06affdc8d3ca68aa41aa7d1985662ba3cee9f9797a1a045b6CERT Advisory CA-2000-15 - Systems running Netscape Communicator version 4.04 through 4.74 with Java enabled ship with Java classes that allow an unsigned Java applet to access local and remote resources in violation of the security policies for applets.
c0502d385df3d99932fdbd39395f7a2f955cc453b3afcb3aa05087faaa5b0da1
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed