ISS Security Alert Summary June 1, 2000 - 78 new vulnerabilities have been reported in this quarter. This document has links to more information and full advisories on each. Includes: linux-cdrecord-execute, xlock-bo-read-passwd, bsd-syscall-cpu-dos, win-browser-hostannouncement, nai-webshield-config-mod, nai-webshield-bo, mdbms-bo, mailsite-get-overflow, hp-jetadmin-malformed-url-dos, hp-jetadmin-directory-traversal, deerfield-mdaemon-dos, cayman-dsl-dos, carello-file-duplication, netscape-ssl-certificate, cobalt-cgiwrap-bypass, gnome-gdm-bo, linux-fdmount-bo, qualcomm-qpopper-euidl, cart32-price-change, gauntlet-cyberdaemon-bo, ip-fragment-reassembly-dos, domino-doc-modify, domino-web-apps-access, axent-netprowler-ipfrag-dos, lotus-domino-esmtp-bo, linux-masquerading-dos, netice-icecap-alert-execute, netice-icecap-default, beos-tcp-frag-dos, ie-frame-domain-verification, ie-malformed-component-attribute, kerberos-krb-rd-req-bo, kerberos-krb425-conv-principal-bo, kerberos-ksu-bo, kscd-shell-env-variable, cproxy-http-dos, emurl-account-access, eudora-long-attachment-filename, ie-active-movie-control, antisniff-dns-overflow, delphi-ics-dot-attack, netscape-invalid-ssl-sessions, sol-netpr-bo, ie-cookie-disclosure, iis-malformed-information-extension, iis-url-extension-data-dos, netscape-import-certificate-symlink, ssh-zedz-consultants, coldfusion-cfcache-dos, http-cgi-formmail-environment, libmytinfo-bo, netopia-snmp-comm-strings, gnapster-view-files, netstructure-root-compromise, netstructure-wizard-mode, allaire-clustercats-url-redirect, aolim-file-path, iis-shtml-reveal-path, http-cgi-dbman-db, http-cgi-dnews-bo, ultraboard-cgi-dos, aladdin-etoken-pin-reset, http-cgi-dmailweb-bo, interscan-viruswall-bo, quake3-auto-download, ultraboard-printabletopic-fileread, cart32-expdate, cisco-online-help, hp-shutdown-privileges, http-cgi-listserv-wa-bo, aaabase-execute-dot-files, aaabase-file-deletion, macos-appleshare-invalid-range, win-netbios-source-null, linux-knfsd-dos, macos-filemaker-anonymous-email, and macos-filemaker-email. ISS X-Force homepage here.
4db0d03fb6271c35418d4d58ecec415169ad7a59e0467e9f65044a7c79068f6eresecure was created out of the need for a program to re-chmod and chflag literally hundreds of files after system upgrades. This program was created on OpenBSD and NetBSD, your mileage may (and will) vary on other operating systems.
cf268a40cda3c253f74847e77badba0f59b3062ca9c016564d1266b4e2b47c2fSecurity Point Advisory #001 - Java Internet Shop allows users to change the prices on items. The Danish Shopexpress, and the English Zilron StoreCreator version 3.0 and below are vulnerable, an estimated 2500 online shops are running this software.
259866f2adad0030783104f4b506b750a78f941517845084f067935aba3a0cf3NetBSD Security Advisory 2000-006 - Untrusted local processes can hog cpu and kernel memory by tricking the kernel into running exclusively on their behalf, denying other processes the CPU.
cac750a58cf9b85d2630794215188083198ea320a7a11c55b56b766d530a2deaNetBSD Security Advisory 2000-005 - Untrusted local processes can hog cpu and kernel memory by tricking the kernel into running exclusively on their behalf, denying other processes the CPU.
f386ac97b48ce8e1bd94b4c276d31ed35256067003b8a2673f30c9f9fe95f974NetBSD Security Advisory 2000-004 - An undocumented system call permits any user process to lock up the entire semaphore subsystem, preventing processes using semaphores from locking or unlocking them, and preventing processes holding semaphores from exiting.
c73d42a54f6b2912c562ac008d2fceb0d23730edbc94c5372e844549d8e71073Red Hat Security Advisory RHSA-2000:005-05 - New majordomo packages are available to fix local security problems in majordomo. A vulnerability in /usr/lib/majordomo/resend and /usr/lib/majordomo/wrapper will allow execution of arbitrary commands with elevated privileges.
335a18f69e394b56f77517ae17b776dfea41714d7b2f7061ba20ed1b34fc910fIRC plugin for BO2K v1.0. It is an IRC client, Channel Bot style. Is fully customizable and once logged into an IRC server, it is remotely administrable through the IRC /msg or /query commands. The bot will rejoin any channel where get kicked, reconnect on disconnect, generate random nicks on raw 432 or 433, can delete, list, copy, spawn files on remote machine through irc. Archive password is set to p4ssw0rd. Use at your own risk.
18cd597a1c6e11fcc902e1acf7ffa0538203c48f8ea6ba475b97f1cc3139c423Elm 2.4 PL25 local GID mail exploit. Tested under Slackware 3.6, 4.0, Redhat 5.0, and 5.1.
558a726bce68d1bb599a32adc7f23c60678255c07a67495d810c8a54c8097694Mailx local exploit - Tested on Slackware 3.6, 4.0, and 7.0 and Debian 2.0r2, 2.1, 2.2. Gives GID mail shell.
a39f3080841f007cde7492636ec28cae360eb3bb27286828a964f551aab0e2c5TSS v1.0beta1 is a shell script to check the local security of a Red Hat 6.0 / 6.1 / 6.2 machine. It checks for crontab, userhelper, shadow passwords, and the piranha account.
9fa3b6ef947a7571137474a5b4bf84a40a8686f6ff8439281116a26b4c4cad24This document provides specifications for the Austrailian Calling Line Identification presentation for Analogue (CLIPA) service. The service may also be as Calling Number Display or Caller ID. Thanks to Biftek
42494334b00e46047d8803c98d10d0c7bc403c4d1dcd2298b5688d9197519881MDBMS V0.96b6 remote root exploit - This code demonstrates a MDBMS v0.96b6 vulnerability which allows any remote user to exec a root shell. Tested on Linux SuSE 6.3.
de6ae98a613246fac73e111c7f8a950caf984cf19ee3796d0a0406e994e6fd8aA remote buffer overflow has been disvovered in the Simple Network Time Sync daemon and client version 1.0, tested on Redhat 6.1. Possible remote root compromise - denial of service exploit included.
55b117d15f47c9c6692c959b4980c558e51d2b5eb35a168825c610287185c171Windows Security Update - May 31, 2000. In this issue: Think You're Safe from Sniffing?, Windows Computer Browser Denial of Service, Master Browser Denial of Service, WebShield SMTP Buffer Overflow Condition, Buffer Overflows in PDGSoft Shopping Cart, Mailsite Buffer Overflow, News: Beware of Killer Resumes, News: Microsoft Delays Outlook Security Update, Tip: Microsoft's Online Security Papers, and Windows 2000 Security: Creating a Custom Password-Reset MMC.
484221b76e8570ae37972f242cef601dbca92c164131328b25d3201000aaae4dLinux FreeS/WAN provides IPSEC (IP Security, which is both encryption and authentication) kernel extensions and an IKE (Internet Key Exchange, keying and encrypted routing daemon) allowing you to build secure tunnels through untrusted networks. The 1.00 version can work with with other IPSEC and IKE systems already deployed by other vendors such as OpenBSD.
7ce8735430b823650c4c4f20631372405c2421e0ed3a37d258f050957ec2a17b/usr/bin/Mail local linux exploit which gives gid=12 shell. Tested against Slackware 3.6 and 7.0.
fed3606029a826006dd84ce7fd68f8f7eb73b112fa86dd79c0364186eaf429cfhammer2k.c v0.8 is a simple denial of service tool which makes multiple open connections to a destination host/port.
3db6d684de52e8e44e6cfa3a11986fd7ca4fe6eda5993221e841496a363a7549motion uses a video4linux device as a motion detector. It will make snapshots of the movement it sees, making it usable as an observation or security system. It can send out email and SMS messages when detecting motion.
441eef8eb61edb77f26df740256f7b34baa2eb5960ecbfe547741c607c31efd4KDbg is a graphical user interface to gdb, the GNU debugger. It provides an intuitive interface for setting breakpoints, inspecting variables, and stepping through code.
f27294a1a3939c2f7b928d6c143799e533f840cc88ee7a4f439ed3073340ba0bMagdalena.pl is a small utility written in perl that will scan a list of hostnames for a certain CGI. It lets the user define a string to match rather than just relying on HTTP codes.
ccc299ad0540b9e3f12b44614383906c104dcf932edf981963b113749e28fa08WordMake is a dictionary file creator. It takes a text file and makes dictionary files from them.
e741416659649408bd045bbcd4e66fd8dee9dcc602fa6b1a6867ce6bb2b61e89The mailinglist software majordomo has several local vulnerabilties. Local commands can be run wuth the UID and GID equal to the one used for majordomo. Exploit details and patch included.
e5ee7bb2c827ab5e443ead682e7790a52f4edeadd0ca30218cadd5031c86e15bThe PHP firewall generator is a simple PHP script that generates a firewall script for ipchains-based firewalls. The aim is to support an easily configurable rule set similar to those supported by commercial firewall systems.
75870a3ad66d565d8ec1e15c416368805578c8f019f751eb48ebfaa0683fbbe0B0g Issue 5 - In this issue: Interview with rfp, how to beat credit card verifications and all about credit card algorythms, The truth about ICQ, Programming your Nokia cellphone, Coding GTK+ and GNOME, and much more.
0ac488742cceb9a224cc8f6cf5ade5557185405aaa74c9379cf2688d37ea82b8
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed