ISS Security Alert Summary 5.3 - Summary of vulnerabilities discovered in March, 2000. Contains 33 reported vulnerabilities - windmail-pipe-command, windmail-fileread, simpleserver-exception-dos, linux-domain-socket-dos, linux-gpm-root, outlook-manipulate-hidden-drives, vqserver-dir-traverse, vqserver-passwd-plaintext, iis-chunked-encoding-dos, nav-email-gateway-dos, netscape-server-directory-indexing, mercur-webview-get-dos, officescan-admin-pw-plaintext, officescan-admin-access, linux-kreatecd-path, win-dos-devicename-dos, wmcdplay-bo, nt-registry-permissions, staroffice-scheduler-fileread, staroffice-scheduler-bo, iis-root-enum, mssql-query-abuse, clipart-cil-bo, oracle-installer, linux-rpm-query, thebat-mua-attach, irix-infosrch-fname, linux-dosemu-config, coldfusion-reveal-pathname, netscape-enterprise-command-bo, nmh-execute-code, htdig-remote-read, and ie-html-shortcut.
73a4d14101964f3e30048066a698907d3a3a447cd3fd69d5e08ddd23f575d71cInternet Security Systems (ISS) has identified a vulnerability in the encryption used to conceal the password and login ID of a registered SQL Server user in Enterprise Manager for Microsoft SQL Server 7.0. When registering a new SQL Server in the Enterprise Manager or editing the SQL Server registration properties, the login name that will be used by the Enterprise Manager for the connection must be specified. If a SQL Server login name is used instead of a Widows Domain user name and the Always prompt for login name and password checkbox is not set, the login ID and password are weakly encrypted and stored in the registry.
a9b3ac0aadd5b79df35825305233bd3833e09c5e6281fa3a3dce365b9a84405fISS Security Alert Summary 5.2 - Summary of vulnerabilities discovered in February, 2000. Contains information on vulnerabilities in trin00-dos, netgear-multiple-dos, sambar-batfiles, win-media-dos, win-active-setup, siteserver-sitebuilder, netbsd-ptrace, netbsd-procfs, ie-image-source-redirect, sco-openserver-arc-symlink, iis-frontpage-info, and outlook-active-script-read.
89cecfdb05cb343985151b82b3473e9791dfd89baa14bde9b015b5bf1524206dA new version of trin00 that runs on Microsoft Windows machines has been discovered. Trin00 was first discussed in the ISS Security Alert Denial of Service Attack Using the trin00 and Tribe Flood Network Programs on December 7, 1999, and available at http://xforce.iss.net/alerts/advise40.php3. The executable that has been found is a trin00 daemon. It is unclear if there is a Windows version of the trin00 master or if the Windows daemons are controlled by a Unix master.
25716f277d518f1a75f7ae6452ef437d5e20029ae1b50ad57b2e586b3d43a99cA new form of Distributed Denial of Service (DDoS) attack has been discovered following the release of the trin00 and Tribe Flood Network (TFN) denial of service programs (see December 7, 1999 ISS Security Alert at http://xforce.iss.net/alerts/advise40.php3). These attacks are more powerful than any previous denial of service attack observed on the Internet. A Distributed Denial of Service attack is designed to bring a network down by flooding target machines with large amounts of traffic. This traffic can originate from many compromised machines, and can be managed remotely using a client program. ISS X-Force considers this attack a high risk since it can potentially impact a large number of organizations. DDoS attacks have proven to be successful and are difficult to defend against.
b62da56635635d524817aaca0d701afa8f1d51b1075b2f5942b15e54cba18a0eISS Security Alert Summary 5.1 - Summary of vulnerabilities discovered in January, and thier severity levels. Contains information on vulnerabilities in http-indexserver-dirtrans, linux-vmware-symlink, nt-rdisk-enum-file, win-malformed-rtf-control-word, nt-spoofed-lpc-port, linux-corel-update, icq-url-bo, winamp-playlist-bo, hp-aserver, and sun-sadmind.
94fb2951fd704cba13198318be5d25023cb00319bac2996dce14d3615ec91a94There are form tampering vulnerabilities present in several web-based shopping cart applications. Over the past couple of years, form tampering vulnerabilities have been discussed on security forums. ISS X-Force has continued to research this area due to the constant increase in e-commerce. ISS X-Force has identified eleven shopping cart applications that are vulnerable to price changing using form tampering. It is possible for an attacker to take advantage of the form tampering vulnerabilities and order items at a reduced price on an e-commerce site. The web store operator should verify the price of each item ordered in the shopping cart application database or email invoice.
4e49ddcf76c7d43aff54b6f35b14fa8d635f0a485568afd5cbfc1c5163eeb820ISS has discovered a remotely exploitable buffer overflow condition in the Solaris Snoop application. Snoop is a network sniffing tool that ships with all Solaris 2.x operating systems. This overflow allows a knowledgeable attacker to seize control of the Snoop application. Solaris 2.4, 2.5, 2.5.1, 2.6, and 2.7 were found to be vulnerable. Patches available here.
a1d2755292b515270cb0dd4ff0785d9a6d748540e6a896312a75cc12a04ea23bNetscape Enterprise Server and Netscape FastTrack Server are widely used Internet web servers. Internet Security Systems (ISS) X-Force has discovered a vulnerability in Netscape Enterprise Server and Netscape FastTrack Server, as well as in the Administration Server supplied with both. There is a buffer overflow in the HTTP Basic Authentication that can be used to execute code on the machine as SYSTEM in Windows NT or as root or nobody in Unix, without requiring authentication. The Administration Service runs as root in Unix, the Application Server runs as the user nobody by default.
8187b5e0d5711bc5d702c33784339ce21a06c2477828919f768b1d4d8b39cbf0ISS Security Alert Summary for September 15, 1999.
911ca0b54f8dcde38c03700f3b97858a14c8deae99a4ef0346109d1b8698f0ecInternet Security Systems (ISS) X-Force has discovered a vulnerability in the Netscape Enterprise Server and Netscape FastTrack Server. Netscape produces web servers and web browsers for individuals, small workgroups, and business professionals. An attacker can send the web server an overly long HTTP GET request, overflowing a buffer in the Netscape httpd service and overwriting the process's stack. This allows a sophisticated attacker to force the machine to execute any program code that is sent. The ISS X-Force has demonstrated that it is possible to use this vulnerability to execute arbitrary code as SYSTEM on the server, giving an attacker full control of the machine.
f4ae6ee6acba815fe55a0fe312f8a98c4954127617bd9c6457ee5560cd9f6897Internet Security Systems (ISS) X-Force has discovered additional local vulnerabilities in the Oracle Intelligent Agent that may lead to root compromise. Local attackers may use these vulnerabilities to execute arbitrary commands as root, as well as create root-owned world-writable files anywhere on the file system.
b4c7007361061b0c9b49fa5f9c01d795290c6aec86d020f87565d5e2b4b0e414Internet Security Systems (ISS) X-Force has discovered vulnerabilities in superuser owned executables that may allow local root compromise. Attackers may uses these vulnerabilities to create, destroy, or modify any file on the system, including files owned by the superuser. This attack may be particularly useful to gain complete control of the database system, to manipulate Oracle database files, or to deny service.
a0c7c030a737f6939d10ed9581dc9750037d12245313248801f08f9c85c940b2Lotus Domino Server is an integrated messaging and web application server. An attacker can crash the Lotus Notes Domino server and stop e-mail and other services that Domino provides for an organization.
8227aba9a12aa60e0a38674bc014c052811274a3f938ad3c81bb834f31cda77aISS Security Alert Summary for August 15, 1999.
aea040939f5a04ee9a04044715bfa9bc64dd231351f542d0dd1bd31f8d67bcaciss.99-08-09.dos_nt
e615eafd469332b8936e31ae81d32f341d05d3a4da4cddc40b89149e4038e73dISS Security Alert Summary for November 19, 1997.
42fa73bee2162383cc7015e140ce290f5aa433d145dd630a1d361c6fb22f9c2dISS Security Alert Summary for August 26, 1997.
86e1a689aa70de82a116b84d435e79c7348434a282e84d23d782ea7a7056aa60ISS Security Alert Summary for September 10, 1997.
5c5e5c0971e6dbf1ff78cc4689c22d388cdb34489cef892446796a441b19d4edISS Security Alert Summary for September 24, 1997.
114976fe397ca0f5fad7e260fec067f6afb4dc380793c3333058315411b9baceISS Security Alert Summary for October 22, 1997.
2030f480cdf1721cda90d14598466800ea444fda058e504ef7f0bdc435642cbcISS Security Alert Summary for November 5, 1997.
3038a9619464c01ec344f166326bb8d1732c39f74e9583cbddee0c79460d389bISS Security Alert Summary for December 3, 1997.
384188a7b63ce8fe48315ff122b2acb9263ecafe599b323199ba14021437d321ISS Security Alert Summary for December 17, 1997.
770ebb434119a936daf96bb90d41df85f0b14bd8de70f8f65e05327d9e7483abISS Security Alert Summary for January 7, 1998.
1749ffdb7113015a66ddcd6d0b2326ce0095a3e0622df159783fe43ae854313e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed