ISS Security Alert Summary for June 15, 1999.
c02712ce21709ca8a9b5c1fd8c72129a0dbc8e559feded53c9cd7f2a55a0902aInternet Security Systems (ISS) X-Force has discovered a vulnerability in KDE's K-Mail mail user agent software. KDE is a very popular window manager available for most Unix platforms, and provides an easy-to-use interface and a number of graphical front ends to common command-line Unix applications. K-Mail contains a vulnerability that may allow local attackers to compromise the UID of whoever is running K-Mail. The mail client creates insecure temporary directories that are used to store MIME encoded files.
005a0ae5547ee2c1fde9b7b26bf775a5e727ace2ef200113d1dfbae25d16acaaiss.99-05-06.oracle8
58d0369b1d0bbd3bf4f81dd3dd4ccf6338466d53ccaf4672f7b25fb4b1195fe5ISS Security Alert Summary for April 15, 1999.
bf32f134f1052215edfef86e1386123419805da35b1df063e35266d9747c0e00ISS Security Alert Summary for April 1, 1999.
46eef4819def61413ef2d879eb70220ba6968f68d35b4a4834a3079b29ca3e9dRamp Networks (http://www.rampnet.com/) WebRamp Internet access devices allow multiple computers to share a dialup connection. The WebRamp family of Internet access devices are designed for small businesses that require cost-effective, high-speed Internet access on every desktop.
33cab2feac5d1c3d199030d4f89a160a5d1e65264000bb10cff3f0bc30d3635eInternet Security Systems (ISS) X-Force has discovered several vulnerabilities in Cisco Catalyst Series Ethernet Switches running the Cisco fixed configuration switch software. Cisco Catalyst switches are commonly used in high volume production environments supporting high-end servers and virtual LAN configurations.
48e3f2a6e76e64e2f9f554d67956faf85d1d1f56a81006fcaf8dcc1ff9af41c8Slackware Linux is one of the major distributions of the Linux operating system and supporting utilities. CD-ROM distributions are available from Walnut Creek, InfoMagic, LinuxMall, and other suppliers. It can also be downloaded from a number of archive and mirror sites. Some of these sites offer NFS access to Slackware (and other) distributions for direct installation from the network.
ee9264bdde5ee3e21c805d9bd17cd17851c6ba7691101d680a63fa2cae045b11ISS Security Alert Summary for March 17, 1999.
50b668c0280ee9f59581f1240532f5db3ec5c7e384e1e300cfa8bf39032e90aeInternet Security Systems (ISS) X-Force has discovered several vulnerabilities in Cisco Series 700 routers. The Cisco 700 series is popular among corporate users and telecommuters. It is used to support networks in small offices or home offices. It is also recommended by Internet Service Providers (ISPs) for personal ISDN connectivity. Remote attackers may issue commands to the router without authentication. Remote attackers may also deny network connectivity by forcing the router to reboot.
ec18f8630adbdcb9eddafd6c28302af79c7b7e7ac3b1498eb8e451b8c84b8561ISS X-Force has discovered a buffer overflow exploit against Microsoft Exchange's LDAP (Lightweight Directory Access Protocol) server which allows read access to the Exchange server directory by using an LDAP client. This buffer overflow consists of a malformed bind request that overflows the buffer and can execute arbitrary code. This attack can also cause the Exchange LDAP service to crash. This vulnerability exists in Microsoft Exchange Server version 5.5.
7cc4f2cda9e3d56aabfe8ea736c0d7a2e9be2646b048a7a44a6c5ca955f2aaeeISS Security Alert Summary for March 3, 1999.
9fa9c9771a1c4e19885ced334e39542bde6095a2b61e0e924854adbad09b0ccbThis advisory is a quarterly update on backdoors for the Windows 9x and Windows NT operating systems. The focus of this advisory is NetBus 2.0 Pro. The final version of NetBus 2.0 Pro was released on February 19. The new version of NetBus is not distributed as a backdoor, but as a Remote Administration and Spy Tool. Due to the proliferation of NetBus and its common use in attacks across the Internet, NetBus 2.0 poses a significant risk with its new functionality and enhanced network communication obfuscation. The default installation of NetBus 2.0 Pro (NB2) does not hide itself from the user, but it does support an Invisible Mode to prevent users of infected machines from noticing the software. The version of NB2 available on the Internet notifies users upon installation, however attackers can easily hide the installation with slight modification.
cd10cdf945a84b52cb74e1c0118d944bbca9ce7af38baf9d4d6419a07b3eae76Internet Security Systems (ISS) X-Force has discovered a vulnerability in the system administration utility, Super. Super is used by administrators to allow certain users to execute commands with root privileges. The vulnerability is distributed with Debian Linux. It may allow local attackers to compromise root access. Super is a GNU copylefted package that is distributed with recent Debian Linux distributions, but it can be installed and configured for many Unix variants.
67dce6cd66e8aba84870b80ca864c1e6da87e58a9d0b3d36d4aa6b0deabedc5bRemote Explorer is an application that runs on Microsoft Windows NT(tm) systems and is capable of behaving as either a virus or a worm. The virus has only been found on limited portions of one corporate network. At this time, there are no confirmed reports of Remote Explorer being found on any other networks.
a2cde0ea8ae5f05e44f1c904cf4a858a6b9957466f2a450e2474b06c647af09bInternet Security Systems (ISS) X-Force discovered three vulnerabilities in the Computer Associates ControlIT enterprise management software package. ControlIT contains vulnerabilities that allow an attacker with local access to a network or machine on which ControlIT operates to obtain username and password information or reboot machines without authorization.
10f82611da3e456519583a4603766002201aae1b13f39f27298b433f413e573bInternet Security Systems (ISS) X-Force discovered a vulnerability in the BackWeb Technologies (http://www.backweb.com/home.html) BackWeb Polite Agent Protocol that allows a user on a local network on which BackWeb clients operate to spoof a BackWeb server. Hardware and software vendors often include BackWeb software in their distribution to facilitate remote distribution of software updates.
ae269c6d4072280c3da1cd55a1677f932247aa4a7b941f1c4bf98508410b7bc3This advisory covers a number of miscellaneous issues regarding HP JetDirect printer interface cards and print servers of various vintage. HP has addressed many of these issues in newer JetDirect print server products (Fall 98). More information about newer products and upgrades are available from HP contact representatives.
bb3aa5cce539f0e7457f2fbfb8038dd15874927d5cb8cb36a88de0f03b09bbb9One or more operating systems, popular for use in intelligent embedded controllers or PLCs (Programmed Logic Controllers), may have network protocol stacks which are vulnerable to certain classes of ICMP Redirect attacks. Vulnerable controllers are prone to hang or shutdown shortly after receiving the attacking packets. The failure can extend even to their non-network functionality and can cause the controlled equipment to fail. There exists a significant possibility of the controlled equipment being left in a non-safe or inoperable condition, possibly leading to physical damage.
d8b2d01b1c279c093c6b2dcfa4da13bd984eb153946fc7d2317bba01b044ed8cInternet Security Systems (ISS) X-Force has researched a hidden SNMP community string that exists in HP OpenView. This community may allow unauthorized access to certain SNMP variables. Attackers may use this hidden community to learn about network topology as well as modify MIB variables.
c4509bb8bc0c9bb4b1232aee4c6d674e2cad3ead96cd10394a1c92336b597242Internet Security System (ISS) X-Force has discovered a serious vulnerability in Sun Microsystems Solstice Enterprise Agent and the Solaris operating system. This vulnerability allows attackers to execute arbitrary commands with root privileges, manipulate system parameters and kill processes.
ca12cba252d336bc70bfbd46f53e05129b8411dc2a71dc6573efe3a05745712eInternet Security Systems (ISS) X-Force has discovered a vulnerability in BMC Software PATROL(r) Patrol network management software. PATROL contains a vulnerability that may allow local attackers to compromise root access. The agent creates insecure temporary files that may lead to a symbolic link attack.
29ecb6f4b747f7c28a77b20303c49118d6a787bd9d6e2aa92801c18b435b8fa1Internet Security System (ISS) X-Force has discovered a serious vulnerability in Sun Microsystems(r) Solstice(tm) Enterprise Agent(tm) and the Solaris operating system. This SNMP hidden community string is hard coded into the binary and can not be configured nor is it in the configuration files. The hidden Sun SNMP community word is not the same as the hidden HP SNMP community string. This vulnerability allows attackers to execute arbitrary commands with root privileges, manipulate system parameters, and kill processes.
fa2c0d6650b5ab8ee495be17e45d85317a231a811378a40855a25a0d83a0aa61The ISS X-Force has been researching a denial of service attack against the Windows NT RPC service. This attack allows an attacker with minimal resources to cause a remote NT system to consume 100% CPU Usage for an indefinite period of time. It also allows a remote attacker to utilize a very large amount of bandwidth on a remote NT network by inducing vulnerable systems to engage in a continuous bounce of packets between all combinations of systems. This attack is similar to those found in the Smurf and Fraggle exploits, and is known as the Snork attack.
92c1762b8cc155948c68250eac63dc1ebee01106589b09e732e19dc6b5c1a3caThis advisory is an update of our cDc Back Orifice advisory, which was released August 6, 1998.
c3d9b24c7838cafd712d3327a11d4a989228375b8171a0f71ce571b5d2b2dfad
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed