Weekly Newsletter from Help Net Security - Covers weekly roundups of security events that were in the news the past week. In this issue: The FrontPage Server Extensions are vulnerable to a remote denial of service, a buffer overflow memory problem in the rpc module of the Pragma TelnetServer 2000, webserver Pro 2.3.7 vulnerability, Mandrake Linux Xchat update, ld.so problem that allows local users to obtain super user privilege, IIS Cross-Site Scripting patched, Microsoft Money password vulnerability patched, MGetty local compromise, and Kerberos password authentication issues.
41a3d0d05b3290fcc821f93f043a30e580de167d85445843559dbda0f11021eeFreeBSD Security Advisory FreeBSD-SA-00:43 - The brouted port is incorrectly installed setgid kmem, and contains several exploitable buffer overflows in command-line arguments. An attacker exploiting these to gain kmem privilege can easily upgrade to full root access by manipulating kernel memory
11e91750b070a2da94c3d5310490bb38f633a7be33705f3f6dee2e94d8eca474FreebSD Security Advisory FreeBSD-SA-00:42 - The linux binary-compatability module implements a "shadow" filesystem hierarchy rooted in /compat/linux, which is overlayed against the regular filesystem hierarchy so that Linux binaries "see" files in the shadow hierarchy which can mask the native files. Filenames in this shadow hierarchy are treated incorrectly by the linux kernel module under certain circumstances, and a kernel stack overflow leading to a system compromise by an unprivileged user may be possible when very long filenames are used. ~
17e4a4ac716ec87e9f9ec1303ae1ee1e09d2c29f571974e1f8d434cb3024a5d1floppyfw is a router and simple firewall on one single floppy. It uses Linux basic firewall capabilities and have a very simple packaging system. It is perfect for masquerading and securing networks on ADSL and cable lines using both static IP and DHCP. It has a simple installation, mostly only needed to edit one file on the floppy.
740e90710fcfcc2a2606b81d3715be69d3a20eb83c3fc2f37fa85cbfe9c1b276FreeBSD Security Advisory FreeBSD-SA-00:41 - The ELF image activator did not perform sufficient sanity checks on the ELF image header, and when confronted with an invalid or truncated header it suffered a sign overflow bug which caused the CPU to enter into a very long loop in the kernel. The system will appear to lock up for an extended period of time before control returns. This bug is exploitable by unprivileged local users
8b84f4395969831a9355a1550f9b432dd8dda128b1a0bf5df10f135e44dd85efFreeBSD Security Advisory FreeBSD-SA-00:40 - The mopd port contains several remotely exploitable vulnerabilities. An attacker exploiting these can execute arbitrary code on the local machine as root.
1361bf9e9ae11924e134e948f9e29eb35f02b08131b525421e6fb66cb839c30eFreeBSD Security Advisory FreeBSD-SA-00:39 - the issue involve two security problems involving netscape. A client-side exploit may be possible through a buffer overflow in JPEG-handling code and The Java Virtual Machine implementation has security vulnerabilities allowing a remote user to read the contents of local files accessible to the user running netscape, and to allow these files to be transmitted to any user on the internet.
dbd5f1922da156eff88cd8217ccfd27f3113cec30671c4be81e4fd7da29d55bcMicrosoft Security Bulletin - Microsoft has released a patch for a security vulnerability in Windows 2000. The vulnerability could allow a malicious user to corrupt parts of a Windows 2000 system's local security policy resulting in a disruption in the domain membership and trust relationship information. Frequently asked questions and the patch can be found here
22a1c62e4ac363550cdcc35d32a04eb111bfd2886d9b6ae7fa2816c399470a69Remote Nmap is a python client/server package which allows many clients to connect to a centralized nmap server to do their port scanning. This could be useful for security companies who want to have all thier scans come from a dedicated machine.
b31e1a6d98ea501333450188c4631ad0766c21de7f6da385e080af09f53e77b5Cgiscanner.pl is a CGI Scanner written in PERL and in Spanish.
1950c5342e1dfddb55b7e76918e2c7c1aa206a56cbf5d5bc48ab39b3f139b687This is the CERT quarterly summary which focuses on the types of attacks reported to their incident response team, as well as other noteworthy incident and vulnerability information. This quarter CERT focuses on the input validation vulnerability in rpc.statd, multiple vulnerabilities in FTP daemons, ActiveX control vulnerabilities, exploitation of hidden file extensions, the Outlook and Outlook Express cache bypass vulnerability, chat clients and network security
4bf51de8888d1e0758c6a87a82f98451db5052c4790df7688c13d096dc65859aFreeVeracity is a general-purpose data integrity tool that uses cryptographic hashes to detect changes in files. This is the GNU/linux version, FreeBSD, NetBSD, and OpenBSD versions available here.
523dfb613433dcd498cc8ae482bb0f23a0c42d47eaa5f1c475031afbce356b34Vigilante Advisory #7 - A malicious user can crash an Intel Express 550F or a host behind it by sending a packet with a malformed header. To restart the box you need remove it from it's power source as the reset button loses functionality as well. Affected systems: Intel Express Switch 550F - Firmware version 2.63 - Firmware version 2.64.
e5543dcadd99ee203a752f663a687366bd68f30736388f7036df6793e11c9e4cBubonic.c is a denial of service tool that sends random TCP packets with random settings. Tested against Windows 2000 and RedHat Zoot.
2013c97c64a142d7b60cf7fb0c87cfb2051a655e1a6bbacda27c715de28a58c4Dameonic.c is a theoretical router based denial of service attack that exploits a weakness within the Border Gateway Protocol (BGP). If a malicious user sends spoofed malformed packets to a neighboring router, the peer will ignore it and possibly kill the session entirely. Written on a Ultra 5 running Linux Zoot, this has been compiled on Linux, OpenBSD, Solaris without problems.
087027be1ed28b34dfed0504b156c7b5365220433158b9462f5e771cc9c446cd
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed