ISS Security Alert Summary for October 10, 2000. 91 new vulnerablities were reported this month. This document has links to more information and full advisories on each. Includes: apache-rewrite-view-files, win2k-simplified-chinese-ime, xinitrc-bypass-xauthority, slashcode-default-admin-passwords, quotaadvisor-quota-bypass, hinet-ipphone-get-bo, netscape-ie-password-dos, traceroute-heap-overflow, glibc-unset-symlink, lpr-checkremote-format-string, netscape-messaging-list-dos, palm-weak-encryption, mediaplayer-outlook-dos, unixware-scohelp-format, ie-getobject-expose-files, webplus-example-script, lprng-format-string, openview-nmm-snmp-bo, alabanza-unauthorized-access, pine-check-mail-bo, ciscosecure-tacacs-dos, suse-installed-packages-exposed, ciscosecure-csadmin-bo, ciscosecure-ldap-bypass-authentication, rbs-isp-directory-traversal, wincom-lpd-dos, webplus-reveal-path, webplus-expose-internal-ip, webplus-reveal-source-code, du-kdebugd-write-access, glint-symlink, mdaemon-url-dos, browsegate-http-dos, klogd-format-string, office-dll-execution, cisco-pix-smtp-filtering, horde-imp-sendmail-command, exchange-store-dos, doublevision-dvtermtype-bo, sambar-search-view-folder, camshot-password-bo, websphere-header-dos, win2k-telnet-ntlm-authentication, http-cgi-multihtml, hp-openview-nnm-scripts, freebsd-eject-port, webtv-udp-dos, imp-attach-file, fastream-ftp-dos, fur-get-dos, 602prolan-telnet-dos, 602prolan-smtp-dos, as400-firewall-dos, eftp-bo, eftp-newline-dos, sco-help-view-files, win2k-rpc-dos, mailform-attach-file, linux-mod-perl, pam-authentication-bo, siteminder-bypass-authentication, mailto-piped-address, winsmtp-helo-bo, yabb-file-access, linux-tmpwatch-fork-dos, muh-log-dos, documentdirect-username-bo, documentdirect-get-bo, documentdirect-user-agent-bo, interbase-query-dos, suse-apache-cgi-source-code, phpphoto-dir-traverse, apache-webdav-directory-listings, eudora-path-disclosure, phpphotoalbum-getalbum-directory-traversal, lpplus-permissions-dos, lpplus-process-perms-dos, lpplus-dccscan-file-read, xmail-long-apop-bo, xmail-long-user-bo, w2k-still-image-service, irc-trinity, wftpd-long-string-dos, wftpd-path-disclosure, iis-invald-url-dos, screen-format-string, ntmail-incomplete-http-requests, wavelink-authentication, php-file-upload, unix-locale-format-string, and aix-clear-netstat.
c216ccfd7bb412d411ec6ce30d33d782e379f3b95c50042b517f1d53c6b4cbc5-----BEGIN PGP SIGNED MESSAGE-----
Internet Security Systems Security Alert Summary
October 10, 2000
Volume 5 Number 9
X-Force Vulnerability and Threat Database: http://xforce.iss.net/ To
receive these Alert Summaries as well as other Alerts and Advisories,
subscribe to the Internet Security Systems Alert mailing list at:
http://xforce.iss.net/maillists/index.php
_____
Contents
91 Reported Vulnerabilities
Risk Factor Key
_____
Date Reported: 9/29/00
Vulnerability: apache-rewrite-view-files
Platforms Affected: Apache
Risk Factor: Medium
Attack Type: Host Based
Brief Decription: Apache mod_rewrite allows attacker to view arbitrary files
X-Force URL: http://xforce.iss.net/static/5310.php
_____
Date Reported: 9/29/00
Vulnerability: win2k-simplified-chinese-ime
Platforms Affected: Windows 2000
Risk Factor: High
Attack Type: Host Based
Brief Decription: Windows 2000 Simplified Chinese IME State Recognition
X-Force URL: http://xforce.iss.net/static/5301.php
_____
Date Reported: 9/29/00
Vulnerability: xinitrc-bypass-xauthority
Platforms Affected: Linux Mandrake 7.0
Linux Mandrake 7.1
Xfce Desktop Environment 3.5.1
Risk Factor: High
Attack Type: Host Based
Brief Decription: xinitrc package in Unix allows attacker to bypass Xauthority
X-Force URL: http://xforce.iss.net/static/5305.php
_____
Date Reported: 9/29/00
Vulnerability: slashcode-default-admin-passwords
Platforms Affected: Slashcode prior to 2.0 Alpha
Risk Factor: High
Attack Type: Host Based
Brief Decription: Slashcode does not prompt to change default Admin passwords
X-Force URL: http://xforce.iss.net/static/5306.php
_____
Date Reported: 9/28/00
Vulnerability: quotaadvisor-quota-bypass
Platforms Affected: QuotaAdvisor 4.1
Risk Factor: Low
Attack Type: Host Based
Brief Decription: QuotaAdvisor quota bypass
X-Force URL: http://xforce.iss.net/static/5302.php
_____
Date Reported: 9/28/00
Vulnerability: hinet-ipphone-get-bo
Platforms Affected: Siemens HiNet IP-phone LP5100
Risk Factor: Medium
Attack Type: Network Based
Brief Decription: HiNet LP5100 IP-phone GET buffer overflow
X-Force URL: http://xforce.iss.net/static/5298.php
_____
Date Reported: 9/28/00
Vulnerability: netscape-ie-password-dos
Platforms Affected: Netscape Communicator 4.5
Netscape Communicator 4.05
Netscape Communicator 4.51
Netscape Communicator 4.6
Netscape Communicator 4.61
Netscape Communicator 4.0
Netscape Communicator 4.7
Internet Explorer 5.01
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Decription: Netscape and IE password overflow denial of service
X-Force URL: http://xforce.iss.net/static/5303.php
_____
Date Reported: 9/28/00
Vulnerability: traceroute-heap-overflow
Platforms Affected: LBNL traceroute 1.4a5
Risk Factor: High
Attack Type: Host Based
Brief Decription: Traceroute heap overflow
X-Force URL: http://xforce.iss.net/static/5311.php
_____
Date Reported: 9/27/00
Vulnerability: glibc-unset-symlink
Platforms Affected: glibc 2.1.3 and earlier
Risk Factor: Medium
Attack Type: Network Based
Brief Decription: Glibc2 file overwrite
X-Force URL: http://xforce.iss.net/static/5299.php
_____
Date Reported: 9/26/00
Vulnerability: lpr-checkremote-format-string
Platforms Affected: OpenBSD 2.7
Risk Factor: Low
Attack Type: Network/Host Based
Brief Decription: lpr checkremote() format string
X-Force URL: http://xforce.iss.net/static/5286.php
_____
Date Reported: 9/26/00
Vulnerability: netscape-messaging-list-dos
Platforms Affected: Netscape Messaging Server 4.0
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Decription: Netscape Messaging Server list overflow denial of service
X-Force URL: http://xforce.iss.net/static/5292.php
_____
Date Reported: 9/26/00
Vulnerability: palm-weak-encryption
Platforms Affected: Palm OS 3.5.2
Risk Factor: Medium
Attack Type: Host Based
Brief Decription: PalmOS weak encryption vulnerability
X-Force URL: http://xforce.iss.net/static/5308.php
_____
Date Reported: 9/26/00
Vulnerability: mediaplayer-outlook-dos
Platforms Affected: Media Player 7
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Decription: Media Player OCX control email could crash Outlook
X-Force URL: http://xforce.iss.net/static/5309.php
_____
Date Reported: 9/26/00
Vulnerability: unixware-scohelp-format
Platforms Affected: SCO UnixWare 7.0.0
Risk Factor: High
Attack Type: Network/Host Based
Brief Decription: Unixware scohelp malformed URL allows remote file application
X-Force URL: http://xforce.iss.net/static/5291.php
_____
Date Reported: 9/26/00
Vulnerability: ie-getobject-expose-files
Platforms Affected: Internet Explorer 5.x
Outlook Express 5.x
Risk Factor: High
Attack Type: Network Based
Brief Decription: Internet Explorer and Outlook Express exposes user's files
X-Force URL: http://xforce.iss.net/static/5293.php
_____
Date Reported: 9/26/00
Vulnerability: webplus-example-script
Platforms Affected: Web+ Application Server 4.6
Risk Factor: High
Attack Type: Host Based
Brief Decription: Web+ example script allows attacker to execute commands or read files
X-Force URL: http://xforce.iss.net/static/5297.php
_____
Date Reported: 9/25/00
Vulnerability: lprng-format-string
Platforms Affected: OpenLinux 2.3
OpenLinux 2.4
Risk Factor: High
Attack Type: Network Based
Brief Decription: LPRng format string
X-Force URL: http://xforce.iss.net/static/5287.php
_____
Date Reported: 9/24/00
Vulnerability: openview-nmm-snmp-bo
Platforms Affected: Windows NT
Solaris 2.x
HPUX 10.x
HPUX 11.00
Windows 2000
HP Openview Network Node Manager 6.1
HP Openview Network Node Manager 5.01
HP Openview Network Node Manager 4.11
Risk Factor: Medium
Attack Type: Host Based
Brief Decription: HP OpenView Network Node Manager snmp.exe buffer overflow
X-Force URL: http://xforce.iss.net/static/5282.php
_____
Date Reported: 9/24/00
Vulnerability: alabanza-unauthorized-access
Platforms Affected: Alabanza
Risk Factor: High
Attack Type: Network/Host Based
Brief Decription: Alabanza allows attacker to gain unauthorized access to Control Panel
X-Force URL: http://xforce.iss.net/static/5284.php
_____
Date Reported: 9/22/00
Vulnerability: pine-check-mail-bo
Platforms Affected: PINE 4.21
Risk Factor: High
Attack Type: Network/Host Based
Brief Decription: PINE buffer overflow in portion of code in charge of peroidically checking email
X-Force URL: http://xforce.iss.net/static/5283.php
_____
Date Reported: 9/21/00
Vulnerability: ciscosecure-tacacs-dos
Platforms Affected:
Risk Factor: Medium
Attack Type: Network Based
Brief Decription: CiscoSecure ACS oversized TACACS+ packet denial of service
X-Force URL: http://xforce.iss.net/static/5273.php
_____
Date Reported: 9/21/00
Vulnerability: suse-installed-packages-exposed
Platforms Affected:
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Decription: SuSE exposes installed packages
X-Force URL: http://xforce.iss.net/static/5276.php
_____
Date Reported: 9/21/00
Vulnerability: ciscosecure-csadmin-bo
Platforms Affected: CiscoSecure
Risk Factor: High
Attack Type: Network Based
Brief Decription: CiscoSecure ACS CSAdmin buffer overflow
X-Force URL: http://xforce.iss.net/static/5272.php
_____
Date Reported: 9/21/00
Vulnerability: ciscosecure-ldap-bypass-authentication
Platforms Affected: Ciscosecure
Risk Factor: High
Attack Type: Network/Host Based
Brief Decription: CiscoSecure ACS and LDAP servers allow attacker to bypass authentication
X-Force URL: http://xforce.iss.net/static/5274.php
_____
Date Reported: 9/21/00
Vulnerability: rbs-isp-directory-traversal
Platforms Affected: Extent RBS ISP 2.63 and earlier
Risk Factor: High
Attack Type: Network Based
Brief Decription: Extent RBS ISP directory traversal
X-Force URL: http://xforce.iss.net/static/5275.php
_____
Date Reported: 9/19/00
Vulnerability: wincom-lpd-dos
Platforms Affected: WinCOM LPD 1.00.90
Risk Factor: Low
Attack Type: Network/Host Based
Brief Decription: WinCOM LPD denial of service
X-Force URL: http://xforce.iss.net/static/5258.php
_____
Date Reported: 9/19/00
Vulnerability: webplus-reveal-path
Platforms Affected: Web+ Application Server 4.6
Risk Factor: Low
Attack Type: Network Based
Brief Decription: Web+ reveals physical path
X-Force URL: http://xforce.iss.net/static/5288.php
_____
Date Reported: 9/19/00
Vulnerability: webplus-expose-internal-ip
Platforms Affected: Web+ Application Server 4.6
Risk Factor: Low
Attack Type: Network Based
Brief Decription: Web+ exposes internal IP address
X-Force URL: http://xforce.iss.net/static/5289.php
_____
Date Reported: 9/19/00
Vulnerability: webplus-reveal-source-code
Platforms Affected: Web+ Application Server 4.6
Risk Factor: Medium
Attack Type: Network Based
Brief Decription: Web+ reveals source code of WML files
X-Force URL: http://xforce.iss.net/static/5290.php
_____
Date Reported: 9/19/00
Vulnerability: du-kdebugd-write-access
Platforms Affected: Digital Unix 4.0D
Digital Unix 4.0E
Digital Unix 4.0F
Digital Unix 5.0
Risk Factor: High
Attack Type: Network/Host Based
Brief Decription: Tru64 kdebugd allows remote attackers write access
X-Force URL: http://xforce.iss.net/static/5262.php
_____
Date Reported: 9/19/00
Vulnerability: glint-symlink
Platforms Affected: Linux Red Hat 5.2
Risk Factor: High
Attack Type: Host Based
Brief Decription: glint /tmp symlink
X-Force URL: http://xforce.iss.net/static/5271.php
_____
Date Reported: 9/18/00
Vulnerability: mdaemon-url-dos
Platforms Affected: MDaemon 3.1.1
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Decription: Alt-N Mdaemon URL denial of service
X-Force URL: http://xforce.iss.net/static/5250.php
_____
Date Reported: 9/18/00
Vulnerability: browsegate-http-dos
Platforms Affected: BrowseGate Home 2.80
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Decription: BrowseGate HTTP denial of service
X-Force URL: http://xforce.iss.net/static/5270.php
_____
Date Reported: 9/18/00
Vulnerability: klogd-format-string
Platforms Affected: Linux Red Hat
Linux Debian
Linux Slackware
Linux Mandrake
Trustix Secure Linux 1.1
Risk Factor: High
Attack Type: Host Based
Brief Decription: klogd format string
X-Force URL: http://xforce.iss.net/static/5259.php
_____
Date Reported: 9/18/00
Vulnerability: office-dll-execution
Platforms Affected: Microsoft Office 2000
Risk Factor: High
Attack Type: Network/Host Based
Brief Decription: Office 2000 executes .dll without user's knowledge
X-Force URL: http://xforce.iss.net/static/5263.php
_____
Date Reported: 9/18/00
Vulnerability: cisco-pix-smtp-filtering
Platforms Affected: Cisco PIX Firewall 5.0
Cisco PIX Firewall 5.1
Cisco PIX Firewall 5.2
Cisco PIX Firewall 4.4(4)
Cisco PIX Firewall 4.3
Cisco PIX Firewall 4.2.2
Cisco PIX Firewall 4.2.1
Cisco PIX Firewall 4.2.5
Risk Factor: High
Attack Type: Network/Host Based
Brief Decription: Cisco PIX Firewall could allow attackers to execute forbidden SMTP commands
X-Force URL: http://xforce.iss.net/static/5277.php
_____
Date Reported: 9/18/00
Vulnerability: horde-imp-sendmail-command
Platforms Affected: IMP prior to 2.2.1
Risk Factor: High
Attack Type: Network/Host Based
Brief Decription: Horde IMP could allow remote attacker to execute commands using sendmail
X-Force URL: http://xforce.iss.net/static/5278.php
_____
Date Reported: 9/16/00
Vulnerability: exchange-store-dos
Platforms Affected: Microsoft Exchange 5.5
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Decription: Exchange Server Information Store (store.exe) denial of service
X-Force URL: http://xforce.iss.net/static/5265.php
_____
Date Reported: 9/16/00
Vulnerability: doublevision-dvtermtype-bo
Platforms Affected: DoubleVision 3.07 (Unix)
Risk Factor: High
Attack Type: Host Based
Brief Decription: DoubleVision dvtermtype buffer overflow
X-Force URL: http://xforce.iss.net/static/5261.php
_____
Date Reported: 9/15/00
Vulnerability: sambar-search-view-folder
Platforms Affected: Sambar Server 4.4 BETA3
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Decription: Sambar search.dll allows attacker to view folders on the system
X-Force URL: http://xforce.iss.net/static/5247.php
_____
Date Reported: 9/15/00
Vulnerability: camshot-password-bo
Platforms Affected: CamShot WebCam 2.6 Trial
Risk Factor: High
Attack Type: Network/Host Based
Brief Decription: CamShot long password buffer overflow
X-Force URL: http://xforce.iss.net/static/5246.php
_____
Date Reported: 9/15/00
Vulnerability: websphere-header-dos
Platforms Affected: WebSphere Application Server 3.0.2
Risk Factor: High
Attack Type: Network/Host Based
Brief Decription: WebSphere Application Server Host: header denial of service
X-Force URL: http://xforce.iss.net/static/5252.php
_____
Date Reported: 9/14/00
Vulnerability: win2k-telnet-ntlm-authentication
Platforms Affected: Windows 2000
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Decription: Windows 2000 Telnet Client NTLM Authentication
X-Force URL: http://xforce.iss.net/static/5242.php
_____
Date Reported: 9/13/00
Vulnerability: http-cgi-multihtml
Platforms Affected: MultiHTML
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Decription: MultiHTML CGI allows remote file retrieval
X-Force URL: http://xforce.iss.net/static/5285.php
_____
Date Reported: 9/13/00
Vulnerability: hp-openview-nnm-scripts
Platforms Affected: Solaris 2.x
HPUX 10.x
HPUX 11.x
HP Openview Network Node Manager 6.1
HP Openview Network Node Manager 5.01
HP Openview Network Node Manager 4.11
Risk Factor: High
Attack Type: Host Based
Brief Decription: HP OpenView NNM configuration scripts
X-Force URL: http://xforce.iss.net/static/5229.php
_____
Date Reported: 9/13/00
Vulnerability: freebsd-eject-port
Platforms Affected: FreeBSD 3.0
FreeBSD 4.0
FreeBSD 5.0 alpha
FreeBSD 5.0
Risk Factor: High
Attack Type: Host Based
Brief Decription: FreeBSD eject port local root
X-Force URL: http://xforce.iss.net/static/5248.php
_____
Date Reported: 9/12/00
Vulnerability: webtv-udp-dos
Platforms Affected: WebTV 98 Installation
Risk Factor: Medium
Attack Type: Network Based
Brief Decription: WebTV UDP packet will cause a denial of service
X-Force URL: http://xforce.iss.net/static/5216.php
_____
Date Reported: 9/12/00
Vulnerability: imp-attach-file
Platforms Affected: IMP prior to 2.2.1
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Decription: IMP allows attacker to attach any file to an email
X-Force URL: http://xforce.iss.net/static/5227.php
_____
Date Reported: 9/12/00
Vulnerability: fastream-ftp-dos
Platforms Affected: Fastream FTP++ Simple FTP Server 2.0
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Decription: Fastream FTP denial of service
X-Force URL: http://xforce.iss.net/static/5235.php
_____
Date Reported: 9/12/00
Vulnerability: fur-get-dos
Platforms Affected: FUR HTTP Server 1.0b
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Decription: FUR HTTP Sever GET denial of service
X-Force URL: http://xforce.iss.net/static/5237.php
_____
Date Reported: 9/12/00
Vulnerability: 602prolan-telnet-dos
Platforms Affected: 602ProLAN Suite Lite 2.00a
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Decription: 602ProLAN Suite Lite TELNET denial of service
X-Force URL: http://xforce.iss.net/static/5238.php
_____
Date Reported: 9/12/00
Vulnerability: 602prolan-smtp-dos
Platforms Affected: 602ProLAN Suite Lite 2.00a
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Decription: 602ProLAN Suite Lite SMTP denial of service
X-Force URL: http://xforce.iss.net/static/5239.php
_____
Date Reported: 9/12/00
Vulnerability: as400-firewall-dos
Platforms Affected: IBM AS/400 Firewall
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Decription: IBM AS/400 Firewall denial of service
X-Force URL: http://xforce.iss.net/static/5266.php
_____
Date Reported: 9/11/00
Vulnerability: eftp-bo
Platforms Affected: EFTP
Risk Factor: Low
Attack Type: Network/Host Based
Brief Decription: EFTP buffer overflow
X-Force URL: http://xforce.iss.net/static/5219.php
_____
Date Reported: 9/11/00
Vulnerability: eftp-newline-dos
Platforms Affected: EFTP
Risk Factor: Low
Attack Type: Network/Host Based
Brief Decription: EFTP newline denial of service
X-Force URL: http://xforce.iss.net/static/5220.php
_____
Date Reported: 9/11/00
Vulnerability: sco-help-view-files
Platforms Affected: SCO UnixWare 7.0.0
Risk Factor: Low
Attack Type: Network/Host Based
Brief Decription: SCO UnixWare help system allows attacker to view files
X-Force URL: http://xforce.iss.net/static/5226.php
_____
Date Reported: 9/11/00
Vulnerability: win2k-rpc-dos
Platforms Affected: Windows 2000
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Decription: Windows 2000 malformed RPC packet denial of service
X-Force URL: http://xforce.iss.net/static/5222.php
_____
Date Reported: 9/11/00
Vulnerability: mailform-attach-file
Platforms Affected: MailForm 2.0
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Decription: MailForm allows attacker to attach any file to an email
X-Force URL: http://xforce.iss.net/static/5224.php
_____
Date Reported: 9/11/00
Vulnerability: linux-mod-perl
Platforms Affected: Linux Mandrake
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Decription: mod_perl package configuration file allows remote browsing of perl directory
X-Force URL: http://xforce.iss.net/static/5257.php
_____
Date Reported: 9/11/00
Vulnerability: pam-authentication-bo
Platforms Affected: pam_smb module prior to 1.1.6
pam_ntdom module prior to 0.24
Risk Factor: High
Attack Type: Network/Host Based
Brief Decription: pam_smb and pam_ntdom modules buffer overflow
X-Force URL: http://xforce.iss.net/static/5225.php
_____
Date Reported: 9/11/00
Vulnerability: siteminder-bypass-authentication
Platforms Affected: SiteMinder prior to 4.11
Risk Factor: High
Attack Type: Network/Host Based
Brief Decription: SiteMinder allows attacker to bypass authentication
X-Force URL: http://xforce.iss.net/static/5230.php
_____
Date Reported: 9/11/00
Vulnerability: mailto-piped-address
Platforms Affected: Mail-to and Credit Card Orderform prior to 2.0
Risk Factor: High
Attack Type: Network/Host Based
Brief Decription: Combination Mail-to and Credit Card Orderform Piped Address
X-Force URL: http://xforce.iss.net/static/5241.php
_____
Date Reported: 9/11/00
Vulnerability: winsmtp-helo-bo
Platforms Affected: WinSMTP 1.6f
WinSMTP 2.x
Risk Factor: High
Attack Type: Network/Host Based
Brief Decription: WinSMTP buffer overflow
X-Force URL: http://xforce.iss.net/static/5255.php
_____
Date Reported: 9/10/00
Vulnerability: yabb-file-access
Platforms Affected: YaBB 9.1.2000
Risk Factor: Medium
Attack Type: Network Based
Brief Decription: YaBB bulletin board file access
X-Force URL: http://xforce.iss.net/static/5254.php
_____
Date Reported: 9/9/00
Vulnerability: linux-tmpwatch-fork-dos
Platforms Affected: Linux Red Hat 6.1
Risk Factor: Medium
Attack Type: Host Based
Brief Decription: Linux tmpwatch multiple directory denial of service
X-Force URL: http://xforce.iss.net/static/5217.php
_____
Date Reported: 9/9/00
Vulnerability: muh-log-dos
Platforms Affected: Muh 2.05d
Risk Factor: High
Attack Type: Network Based
Brief Decription: Muh IRC bouncer log denial of service
X-Force URL: http://xforce.iss.net/static/5215.php
_____
Date Reported: 9/8/00
Vulnerability: documentdirect-username-bo
Platforms Affected: DocumentDirect for the Internet 1.2
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Decription: DocumentDirect long username buffer overflow
X-Force URL: http://xforce.iss.net/static/5211.php
_____
Date Reported: 9/8/00
Vulnerability: documentdirect-get-bo
Platforms Affected: DocumentDirect for the Internet 1.2
Risk Factor: High
Attack Type: Network/Host Based
Brief Decription: DocumentDirect GET buffer overflow
X-Force URL: http://xforce.iss.net/static/5210.php
_____
Date Reported: 9/8/00
Vulnerability: documentdirect-user-agent-bo
Platforms Affected: DocumentDirect for the Internet 1.2
Risk Factor: High
Attack Type: Network/Host Based
Brief Decription: DocumentDirect "User-Agent" buffer overflow
X-Force URL: http://xforce.iss.net/static/5212.php
_____
Date Reported: 9/7/00
Vulnerability: interbase-query-dos
Platforms Affected: Interbase SuperServer 6.0
Risk Factor: Low
Attack Type: Network/Host Based
Brief Decription: Interbase query denial of service
X-Force URL: http://xforce.iss.net/static/5205.php
_____
Date Reported: 9/7/00
Vulnerability: suse-apache-cgi-source-code
Platforms Affected: Apache
Linux SuSE 6.3
Linux SuSE 6.4
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Decription: Apache web server reveals CGI script source code
X-Force URL: http://xforce.iss.net/static/5197.php
_____
Date Reported: 9/7/00
Vulnerability: phpphoto-dir-traverse
Platforms Affected: phpPhotoAlbum 0.9.9
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Decription: phpPhotoAlbum explorer.php directory traversal
X-Force URL: http://xforce.iss.net/static/5198.php
_____
Date Reported: 9/7/00
Vulnerability: apache-webdav-directory-listings
Platforms Affected: Apache
Linux SuSE
Risk Factor: Medium
Attack Type: Host Based
Brief Decription: Apache WebDAV directory listings
X-Force URL: http://xforce.iss.net/static/5204.php
_____
Date Reported: 9/7/00
Vulnerability: eudora-path-disclosure
Platforms Affected: Eudora
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Decription: Eudora client reveals path
X-Force URL: http://xforce.iss.net/static/5206.php
_____
Date Reported: 9/7/00
Vulnerability: phpphotoalbum-getalbum-directory-traversal
Platforms Affected: phpPhotoAlbum prior to 0.9.9
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Decription: phpPhotoAlbum getalbum.php script allows attacker to browse directories
X-Force URL: http://xforce.iss.net/static/5209.php
_____
Date Reported: 9/6/00
Vulnerability: lpplus-permissions-dos
Platforms Affected: LPPlus 3.2.2
LPPlus 3.3
Risk Factor: Medium
Attack Type: Host Based
Brief Decription: LPPLus binaries are suid root and 4755
X-Force URL: http://xforce.iss.net/static/5199.php
_____
Date Reported: 9/6/00
Vulnerability: lpplus-process-perms-dos
Platforms Affected: LPPlus 3.2.2
LPPlus 3.3
Risk Factor: Medium
Attack Type: Host Based
Brief Decription: LPPlus process is mode 777 and allows any user to kill other processes
X-Force URL: http://xforce.iss.net/static/5200.php
_____
Date Reported: 9/6/00
Vulnerability: lpplus-dccscan-file-read
Platforms Affected: LPPlus 3.2.2
LPPlus 3.3
Risk Factor: Medium
Attack Type: Host Based
Brief Decription: LPPlus dccscan is suid root which allows user to print any file
X-Force URL: http://xforce.iss.net/static/5201.php
_____
Date Reported: 9/6/00
Vulnerability: xmail-long-apop-bo
Platforms Affected: Xmail prior to 0.59
Risk Factor: High
Attack Type: Network/Host Based
Brief Decription: XMail long APOP buffer overflow
X-Force URL: http://xforce.iss.net/static/5191.php
_____
Date Reported: 9/6/00
Vulnerability: xmail-long-user-bo
Platforms Affected: Xmail prior to 0.59
Risk Factor: High
Attack Type: Network/Host Based
Brief Decription: XMail long USER buffer overflow
X-Force URL: http://xforce.iss.net/static/5192.php
_____
Date Reported: 9/6/00
Vulnerability: w2k-still-image-service
Platforms Affected: Windows 2000
Risk Factor: High
Attack Type: Host Based
Brief Decription: Windows 2000 still image service
X-Force URL: http://xforce.iss.net/static/5203.php
_____
Date Reported: 9/6/00
Vulnerability: irc-trinity
Platforms Affected: Linux
Risk Factor: High
Attack Type: Host Based
Brief Decription: Trinity distributed denial of service tool
X-Force URL: http://xforce.iss.net/static/5256.php
_____
Date Reported: 9/5/00
Vulnerability: wftpd-long-string-dos
Platforms Affected: WFTPD/WFTPD Pro 2.41 RC12 and prior
Risk Factor: Low
Attack Type: Network/Host Based
Brief Decription: WFTPD long string denial of service
X-Force URL: http://xforce.iss.net/static/5194.php
_____
Date Reported: 9/5/00
Vulnerability: wftpd-path-disclosure
Platforms Affected: WFTPD/WFTPD Pro 2.41 RC12 and prior
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Decription: WFTPD %C reveals full path
X-Force URL: http://xforce.iss.net/static/5196.php
_____
Date Reported: 9/5/00
Vulnerability: iis-invald-url-dos
Platforms Affected: IIS 4.0
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Decription: IIS invalid URL allows user to crash service
X-Force URL: http://xforce.iss.net/static/5202.php
_____
Date Reported: 9/5/00
Vulnerability: screen-format-string
Platforms Affected: screen 3.9.5 and earlier
Risk Factor: High
Attack Type: Host Based
Brief Decription: screen allows local users to obtain root privileges
X-Force URL: http://xforce.iss.net/static/5188.php
_____
Date Reported: 9/4/00
Vulnerability: ntmail-incomplete-http-requests
Platforms Affected: NTMail 5
NTMail 6
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Decription: NTMail incomplete HTTP requests denial of service
X-Force URL: http://xforce.iss.net/static/5182.php
_____
Date Reported: 9/4/00
Vulnerability: wavelink-authentication
Platforms Affected: WaveLink 2458
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Decription: WaveLink transmits usernames and passwords in cleartext
X-Force URL: http://xforce.iss.net/static/5185.php
_____
Date Reported: 9/4/00
Vulnerability: php-file-upload
Platforms Affected: PHP
Risk Factor: Medium
Attack Type: Network/Host Based
Brief Decription: PHP file upload feature could allow remote arbitrary file retrieval
X-Force URL: http://xforce.iss.net/static/5190.php
_____
Date Reported: 9/4/00
Vulnerability: unix-locale-format-string
Platforms Affected: IRIX
Solaris
Linux Red Hat
Linux Debian
Linux Conectiva
Risk Factor: High
Attack Type: Network/Host Based
Brief Decription: Unix input validation
X-Force URL: http://xforce.iss.net/static/5176.php
_____
Date Reported: 9/3/00
Vulnerability: aix-clear-netstat
Platforms Affected: AIX 4.2.x
AIX 4.3.x
Risk Factor: Low
Attack Type: Host Based
Brief Decription: AIX allows unauthorized user to clear interface statistics
X-Force URL: http://xforce.iss.net/static/5214.php
____
Risk Factor Key:
High Any vulnerability that provides an attacker with immediate
access into a machine, gains superuser access, or bypasses
a firewall. Example: A vulnerable Sendmail 8.6.5 version
that allows an intruder to execute commands on mail
server.
Medium Any vulnerability that provides information that has a
high potential of giving system access to an intruder.
Example: A misconfigured TFTP or vulnerable NIS server
that allows an intruder to get the password file that
could contain an account with a guessable password.
Low Any vulnerability that provides information that
potentially could lead to a compromise. Example: A
finger that allows an intruder to find out who is online
and potential accounts to attempt to crack passwords
via brute force methods.
_____
About Internet Security Systems
ISS is a leading global provider of security management solutions for
e-business. By offering best-of-breed SAFEsuite(tm) security software,
comprehensive ePatrol(tm) monitoring services and industry-leading
expertise, ISS serves as its customers' trusted security provider
protecting digital assets and ensuring the availability, confidentiality and
integrity of computer systems and information critical to e-business
success. ISS' security management solutions protect more than 5,000
customers including 21 of the 25 largest U.S. commercial banks, 9 of the 10
largest telecommunications companies and over 35 government agencies.
Founded in 1994, ISS is headquartered in Atlanta, GA, with additional
offices throughout North America and international operations in Asia,
Australia, Europe and Latin America. For more information, visit the ISS Web
site at www.iss.net or call 800-776-2362.
Copyright (c) 2000 by Internet Security Systems, Inc.
Permission is hereby granted for the redistribution of this Alert
electronically. It is not to be edited in any way without express consent
of the X-Force. If you wish to reprint the whole or any part of this Alert
in any other medium excluding electronic medium, please e-mail
xforce@iss.net for permission.
Disclaimer
The information within this paper may change without notice. Use of this
information constitutes acceptance for use in an AS IS condition. There are
NO warranties with regard to this information. In no event shall the author
be liable for any damages whatsoever arising out of or in connection with
the use or spread of this information. Any use of this information is at the
user's own risk.
X-Force PGP Key available at: http://xforce.iss.net/sensitive.php as
well as on MIT's PGP key server and PGP.com's key server.
Please send suggestions, updates, and comments to: X-Force xforce@iss.net
of Internet Security Systems, Inc.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a
Charset: noconv
iQCVAwUBOeMfQjRfJiV99eG9AQGsVAP/Wm9n/cURn4sKoE3aFugrR3mKhqa/KrzL
ocekf23yaiDsHUYJV16pWlagYf6NeUFNLq+tjyv+i1I5bQrV0CpyEcN9MY82b6OQ
RZY8a7Ah/RuLgKG4LajOBgGseLNO7dd7faMdKfaHEExKnWCfI/GCj7hzl0SiRbET
v8ePnOfYByQ=
=sef5
-----END PGP SIGNATURE-----
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed