ISS Security Alert Summary 5.3 - Summary of vulnerabilities discovered in March, 2000. Contains 33 reported vulnerabilities - windmail-pipe-command, windmail-fileread, simpleserver-exception-dos, linux-domain-socket-dos, linux-gpm-root, outlook-manipulate-hidden-drives, vqserver-dir-traverse, vqserver-passwd-plaintext, iis-chunked-encoding-dos, nav-email-gateway-dos, netscape-server-directory-indexing, mercur-webview-get-dos, officescan-admin-pw-plaintext, officescan-admin-access, linux-kreatecd-path, win-dos-devicename-dos, wmcdplay-bo, nt-registry-permissions, staroffice-scheduler-fileread, staroffice-scheduler-bo, iis-root-enum, mssql-query-abuse, clipart-cil-bo, oracle-installer, linux-rpm-query, thebat-mua-attach, irix-infosrch-fname, linux-dosemu-config, coldfusion-reveal-pathname, netscape-enterprise-command-bo, nmh-execute-code, htdig-remote-read, and ie-html-shortcut.
73a4d14101964f3e30048066a698907d3a3a447cd3fd69d5e08ddd23f575d71c
Internet Security Systems (ISS) has identified a vulnerability in the encryption used to conceal the password and login ID of a registered SQL Server user in Enterprise Manager for Microsoft SQL Server 7.0. When registering a new SQL Server in the Enterprise Manager or editing the SQL Server registration properties, the login name that will be used by the Enterprise Manager for the connection must be specified. If a SQL Server login name is used instead of a Widows Domain user name and the Always prompt for login name and password checkbox is not set, the login ID and password are weakly encrypted and stored in the registry.
a9b3ac0aadd5b79df35825305233bd3833e09c5e6281fa3a3dce365b9a84405f
ISS Security Alert Summary 5.2 - Summary of vulnerabilities discovered in February, 2000. Contains information on vulnerabilities in trin00-dos, netgear-multiple-dos, sambar-batfiles, win-media-dos, win-active-setup, siteserver-sitebuilder, netbsd-ptrace, netbsd-procfs, ie-image-source-redirect, sco-openserver-arc-symlink, iis-frontpage-info, and outlook-active-script-read.
89cecfdb05cb343985151b82b3473e9791dfd89baa14bde9b015b5bf1524206d
A new version of trin00 that runs on Microsoft Windows machines has been discovered. Trin00 was first discussed in the ISS Security Alert Denial of Service Attack Using the trin00 and Tribe Flood Network Programs on December 7, 1999, and available at http://xforce.iss.net/alerts/advise40.php3. The executable that has been found is a trin00 daemon. It is unclear if there is a Windows version of the trin00 master or if the Windows daemons are controlled by a Unix master.
25716f277d518f1a75f7ae6452ef437d5e20029ae1b50ad57b2e586b3d43a99c
A new form of Distributed Denial of Service (DDoS) attack has been discovered following the release of the trin00 and Tribe Flood Network (TFN) denial of service programs (see December 7, 1999 ISS Security Alert at http://xforce.iss.net/alerts/advise40.php3). These attacks are more powerful than any previous denial of service attack observed on the Internet. A Distributed Denial of Service attack is designed to bring a network down by flooding target machines with large amounts of traffic. This traffic can originate from many compromised machines, and can be managed remotely using a client program. ISS X-Force considers this attack a high risk since it can potentially impact a large number of organizations. DDoS attacks have proven to be successful and are difficult to defend against.
b62da56635635d524817aaca0d701afa8f1d51b1075b2f5942b15e54cba18a0e
ISS Security Alert Summary 5.1 - Summary of vulnerabilities discovered in January, and thier severity levels. Contains information on vulnerabilities in http-indexserver-dirtrans, linux-vmware-symlink, nt-rdisk-enum-file, win-malformed-rtf-control-word, nt-spoofed-lpc-port, linux-corel-update, icq-url-bo, winamp-playlist-bo, hp-aserver, and sun-sadmind.
94fb2951fd704cba13198318be5d25023cb00319bac2996dce14d3615ec91a94
There are form tampering vulnerabilities present in several web-based shopping cart applications. Over the past couple of years, form tampering vulnerabilities have been discussed on security forums. ISS X-Force has continued to research this area due to the constant increase in e-commerce. ISS X-Force has identified eleven shopping cart applications that are vulnerable to price changing using form tampering. It is possible for an attacker to take advantage of the form tampering vulnerabilities and order items at a reduced price on an e-commerce site. The web store operator should verify the price of each item ordered in the shopping cart application database or email invoice.
4e49ddcf76c7d43aff54b6f35b14fa8d635f0a485568afd5cbfc1c5163eeb820
ISS has discovered a remotely exploitable buffer overflow condition in the Solaris Snoop application. Snoop is a network sniffing tool that ships with all Solaris 2.x operating systems. This overflow allows a knowledgeable attacker to seize control of the Snoop application. Solaris 2.4, 2.5, 2.5.1, 2.6, and 2.7 were found to be vulnerable. Patches available here.
a1d2755292b515270cb0dd4ff0785d9a6d748540e6a896312a75cc12a04ea23b
Netscape Enterprise Server and Netscape FastTrack Server are widely used Internet web servers. Internet Security Systems (ISS) X-Force has discovered a vulnerability in Netscape Enterprise Server and Netscape FastTrack Server, as well as in the Administration Server supplied with both. There is a buffer overflow in the HTTP Basic Authentication that can be used to execute code on the machine as SYSTEM in Windows NT or as root or nobody in Unix, without requiring authentication. The Administration Service runs as root in Unix, the Application Server runs as the user nobody by default.
8187b5e0d5711bc5d702c33784339ce21a06c2477828919f768b1d4d8b39cbf0
ISS Security Alert Summary for September 15, 1999.
911ca0b54f8dcde38c03700f3b97858a14c8deae99a4ef0346109d1b8698f0ec
Internet Security Systems (ISS) X-Force has discovered a vulnerability in the Netscape Enterprise Server and Netscape FastTrack Server. Netscape produces web servers and web browsers for individuals, small workgroups, and business professionals. An attacker can send the web server an overly long HTTP GET request, overflowing a buffer in the Netscape httpd service and overwriting the process's stack. This allows a sophisticated attacker to force the machine to execute any program code that is sent. The ISS X-Force has demonstrated that it is possible to use this vulnerability to execute arbitrary code as SYSTEM on the server, giving an attacker full control of the machine.
f4ae6ee6acba815fe55a0fe312f8a98c4954127617bd9c6457ee5560cd9f6897
Internet Security Systems (ISS) X-Force has discovered additional local vulnerabilities in the Oracle Intelligent Agent that may lead to root compromise. Local attackers may use these vulnerabilities to execute arbitrary commands as root, as well as create root-owned world-writable files anywhere on the file system.
b4c7007361061b0c9b49fa5f9c01d795290c6aec86d020f87565d5e2b4b0e414
Internet Security Systems (ISS) X-Force has discovered vulnerabilities in superuser owned executables that may allow local root compromise. Attackers may uses these vulnerabilities to create, destroy, or modify any file on the system, including files owned by the superuser. This attack may be particularly useful to gain complete control of the database system, to manipulate Oracle database files, or to deny service.
a0c7c030a737f6939d10ed9581dc9750037d12245313248801f08f9c85c940b2
Lotus Domino Server is an integrated messaging and web application server. An attacker can crash the Lotus Notes Domino server and stop e-mail and other services that Domino provides for an organization.
8227aba9a12aa60e0a38674bc014c052811274a3f938ad3c81bb834f31cda77a
ISS Security Alert Summary for August 15, 1999.
aea040939f5a04ee9a04044715bfa9bc64dd231351f542d0dd1bd31f8d67bcac
iss.99-08-09.dos_nt
e615eafd469332b8936e31ae81d32f341d05d3a4da4cddc40b89149e4038e73d
ISS Security Alert Summary for November 19, 1997.
42fa73bee2162383cc7015e140ce290f5aa433d145dd630a1d361c6fb22f9c2d
ISS Security Alert Summary for August 26, 1997.
86e1a689aa70de82a116b84d435e79c7348434a282e84d23d782ea7a7056aa60
ISS Security Alert Summary for September 10, 1997.
5c5e5c0971e6dbf1ff78cc4689c22d388cdb34489cef892446796a441b19d4ed
ISS Security Alert Summary for September 24, 1997.
114976fe397ca0f5fad7e260fec067f6afb4dc380793c3333058315411b9bace
ISS Security Alert Summary for October 22, 1997.
2030f480cdf1721cda90d14598466800ea444fda058e504ef7f0bdc435642cbc
ISS Security Alert Summary for November 5, 1997.
3038a9619464c01ec344f166326bb8d1732c39f74e9583cbddee0c79460d389b
ISS Security Alert Summary for December 3, 1997.
384188a7b63ce8fe48315ff122b2acb9263ecafe599b323199ba14021437d321
ISS Security Alert Summary for December 17, 1997.
770ebb434119a936daf96bb90d41df85f0b14bd8de70f8f65e05327d9e7483ab
ISS Security Alert Summary for January 7, 1998.
1749ffdb7113015a66ddcd6d0b2326ce0095a3e0622df159783fe43ae854313e