Date Reported: 11/07/2001
Brief Description: Windows 2000 and XP Terminal services allows an
attacker to spoof IP addresses
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: Windows 2000 All versions, Windows XP All
versions
Vulnerability: win-terminal-spoof-address
X-Force URL: http://xforce.iss.net/static/7538.php
| Date Reported: 11/12/2001
| Brief Description: Windows 2000 RunAs service denial of service
| Risk Factor: Low
| Attack Type: Host Based
| Platforms Affected: Windows 2000 All versions
| Vulnerability: win2k-runas-dos
| X-Force URL: http://xforce.iss.net/static/7533.php
|
| Date Reported: 11/12/2001
| Brief Description: Windows 2000 RunAs service allows local attacker
| to bypass pipe authentication
| Risk Factor: Medium
| Attack Type: Host Based
| Platforms Affected: Windows 2000 All versions
| Vulnerability: win2k-runas-pipe-authentication
| X-Force URL: http://xforce.iss.net/static/7532.php
|
| Date Reported: 11/12/2001
| Brief Description: Windows 2000 RunAs service reveals sensitive
| information
| Risk Factor: Medium
| Attack Type: Host Based
| Platforms Affected: Windows 2000 All versions
| Vulnerability: win2k-runas-reveal-information
| X-Force URL: http://xforce.iss.net/static/7531.php
----- Original Message -----
From: "X-Force" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, November 19, 2001 7:03 PM
Subject: ISSalert: ISS Security Alert Summary AS01-07
|
| TO UNSUBSCRIBE: email "unsubscribe alert" in the body of your message to
| [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems!
| --------------------------------------------------------------------------
-
|
| -----BEGIN PGP SIGNED MESSAGE-----
|
| Internet Security Systems Security Alert Summary AS01-07
| November 19, 2001
|
| X-Force Vulnerability and Threat Database: http://xforce.iss.net
|
| To receive these Alert Summaries, as well as other Alerts and
| Advisories, subscribe to the Internet Security Systems Alert
| mailing list at: http://xforce.iss.net/maillists/index.php
|
| This summary will be posted at the following address:
| http://xforce.iss.net/alerts/AS01-07.php
| _____
| Contents:
| * 22 Reported Vulnerabilities
| * Risk Factor Key
| _____
|
| Date Reported: 11/07/2001
| Brief Description: Apache 'mod_usertrack' module generates
| predictable session ID
| Risk Factor: Medium
| Attack Type: Host Based
| Platforms Affected: Apache Web Server 1.3.x
| Vulnerability: apache-modusertrack-predicticable-sessionid
| X-Force URL: http://xforce.iss.net/static/7494.php
|
| Date Reported: 11/07/2001
| Brief Description: Slashcode allows session ID to be obtained using
| brute force attack
| Risk Factor: Medium
| Attack Type: Host Based
| Platforms Affected: Slashcode 2.0
| Vulnerability: slashcode-sessionid-brute-force
| X-Force URL: http://xforce.iss.net/static/7493.php
|
| Date Reported: 11/07/2001
| Brief Description: Windows 2000 and XP Terminal services allows an
| attacker to spoof IP addresses
| Risk Factor: Low
| Attack Type: Network Based
| Platforms Affected: Windows 2000 All versions, Windows XP All
| versions
| Vulnerability: win-terminal-spoof-address
| X-Force URL: http://xforce.iss.net/static/7538.php
|
| Date Reported: 11/08/2001
| Brief Description: IBM HTTP Server discloses source code
| Risk Factor: Low
| Attack Type: Network Based
| Platforms Affected: IBM HTTP Server 1.3.19 and earlier
| Vulnerability: ibm-http-source-disclosure
| X-Force URL: http://xforce.iss.net/static/7490.php
|
| Date Reported: 11/09/2001
| Brief Description: ClearCase db_loader TERM buffer overflow
| Risk Factor: High
| Attack Type: Host Based
| Platforms Affected: ClearCase 4.2, ClearCase 3.2+, ClearCase 4.0,
| ClearCase 4.1
| Vulnerability: clearcase-dbloader-term-bo
| X-Force URL: http://xforce.iss.net/static/7488.php
|
| Date Reported: 11/10/2001
| Brief Description: IMP allows a remote attacker to steal cookie
| information using cross-site scripting
| Risk Factor: Low
| Attack Type: Network Based
| Platforms Affected: IMP 2.2.6 or earlier
| Vulnerability: imp-css-steal-cookies
| X-Force URL: http://xforce.iss.net/static/7496.php
|
| Date Reported: 11/12/2001
| Brief Description: Multi-vendor CDE dtspcd daemon buffer overflow
| Risk Factor: High
| Attack Type: Network Based
| Platforms Affected: AIX 5.1, AIX 4.3, Caldera OpenUnix 8.0, Caldera
| UnixWare 7, HP-UX 11.04, HP-UX 11.11, HP-UX
| 10.24, HP-UX 11.00, HP-UX 10.20, HP-UX 10.10,
| Solaris 8, Solaris 7, Tru64 DIGITAL UNIX 5.1a,
| Tru64 DIGITAL UNIX 5.0a, Tru64 DIGITAL UNIX
| 4.0G, Tru64 DIGITAL UNIX 4.0F
| Vulnerability: cde-dtspcd-bo
| X-Force URL: http://xforce.iss.net/static/7396.php
|
| Date Reported: 11/12/2001
| Brief Description: Windows 2000 RunAs service denial of service
| Risk Factor: Low
| Attack Type: Host Based
| Platforms Affected: Windows 2000 All versions
| Vulnerability: win2k-runas-dos
| X-Force URL: http://xforce.iss.net/static/7533.php
|
| Date Reported: 11/12/2001
| Brief Description: Windows 2000 RunAs service allows local attacker
| to bypass pipe authentication
| Risk Factor: Medium
| Attack Type: Host Based
| Platforms Affected: Windows 2000 All versions
| Vulnerability: win2k-runas-pipe-authentication
| X-Force URL: http://xforce.iss.net/static/7532.php
|
| Date Reported: 11/12/2001
| Brief Description: Windows 2000 RunAs service reveals sensitive
| information
| Risk Factor: Medium
| Attack Type: Host Based
| Platforms Affected: Windows 2000 All versions
| Vulnerability: win2k-runas-reveal-information
| X-Force URL: http://xforce.iss.net/static/7531.php
|
| Date Reported: 11/13/2001
| Brief Description: Thttpd and Mini_Httpd Web server allows remote
| attacker to bypass permissions
| Risk Factor: Low
| Attack Type: Network Based
| Platforms Affected: mini_httpd 1.15c and earlier
| Vulnerability: httpd-bypass-permissions
| X-Force URL: http://xforce.iss.net/static/7541.php
|
| Date Reported: 11/13/2001
| Brief Description: RADIUS message digest calculation buffer
| overflow
| Risk Factor: Low
| Attack Type: Network Based
| Platforms Affected: RADIUS All versions
| Vulnerability: radius-message-digest-bo
| X-Force URL: http://xforce.iss.net/static/7534.php
|
| Date Reported: 11/13/2001
| Brief Description: Linux Korean install contains insecure umask
| Risk Factor: Medium
| Attack Type: Host Based
| Platforms Affected: Red Hat Linux 7.1
| Vulnerability: linux-korean-default-umask
| X-Force URL: http://xforce.iss.net/static/7549.php
|
| Date Reported: 11/14/2001
| Brief Description: Cisco 12000 series routers keyword fragment
| denial of service
| Risk Factor: Low
| Attack Type: Network Based
| Platforms Affected: Cisco 12000 series router
| Vulnerability: cisco-turbo-acl-dos
| X-Force URL: http://xforce.iss.net/static/7552.php
|
| Date Reported: 11/14/2001
| Brief Description: Cisco 12000 series router 'ICMP unreachable'
| packets denial of service
| Risk Factor: Low
| Attack Type: Network Based
| Platforms Affected: Cisco 12000 series router
| Vulnerability: cisco-icmp-unreachable-dos
| X-Force URL: http://xforce.iss.net/static/7536.php
|
| Date Reported: 11/14/2001
| Brief Description: Cisco 12000 series router has input ACL
| configured
| Risk Factor: Low
| Attack Type: Host Based / Network Based
| Platforms Affected: Cisco 12000 series router
| Vulnerability: cisco-input-acl-configured
| X-Force URL: http://xforce.iss.net/static/7554.php
|
| Date Reported: 11/14/2001
| Brief Description: Cisco 12000 series routers "deny ip any any"
| rule ignored in ACL
| Risk Factor: Low
| Attack Type: Network Based
| Platforms Affected: Cisco 12000 series router
| Vulnerability: cisco-acl-deny-ip
| X-Force URL: http://xforce.iss.net/static/7553.php
|
| Date Reported: 11/14/2001
| Brief Description: Cisco 12000 series router does not filter
| keyword fragment
| Risk Factor: Low
| Attack Type: Network Based
| Platforms Affected: Cisco 12000 series router
| Vulnerability: cisco-acl-fragment-bypass
| X-Force URL: http://xforce.iss.net/static/7555.php
|
| Date Reported: 11/14/2001
| Brief Description: Cisco 12000 series router non-initial packet
| fragments denial of service
| Risk Factor: Low
| Attack Type: Host Based
| Platforms Affected: Cisco 12000 series router
| Vulnerability: cisco-acl-noninital-dos
| X-Force URL: http://xforce.iss.net/static/7550.php
|
| Date Reported: 11/14/2001
| Brief Description: Cisco allows fragmented packets in outgoing ACL
| Risk Factor: Low
| Attack Type: Host Based
| Platforms Affected: Cisco 12000 series router
| Vulnerability: cisco-acl-outgoing-fragment
| X-Force URL: http://xforce.iss.net/static/7551.php
|
| Date Reported: 11/15/2001
| Brief Description: ActivePerl perlIS.dll long filename buffer
| overflow
| Risk Factor: High
| Attack Type: Network Based
| Platforms Affected: ActivePerl 5.6.1.629 and prior
| Vulnerability: activeperl-perlis-filename-bo
| X-Force URL: http://xforce.iss.net/static/7539.php
|
| Date Reported: 11/15/2001
| Brief Description: Cisco IOS ARP table can be overwritten
| Risk Factor: Low
| Attack Type: Network Based
| Platforms Affected: Cisco IOS All versions
| Vulnerability: cisco-arp-overwrite-table
| X-Force URL: http://xforce.iss.net/static/7547.php
|
|
| _____
|
| Risk Factor Key:
|
| High Any vulnerability that provides an attacker with immediate
| access into a machine, gains superuser access, or bypasses
| a firewall. Example: A vulnerable Sendmail 8.6.5 version
| that allows an intruder to execute commands on mail server.
| Medium Any vulnerability that provides information that has a high
| potential of giving system access to an intruder. Example:
| A misconfigured TFTP or vulnerable NIS server that allows
| an intruder to get the password file that could contain an
| account with a guessable password.
| Low Any vulnerability that provides information that could
| potentially lead to a compromise. Example: A finger that
| allows an intruder to find out who is online and potential
| accounts to attempt to crack passwords via brute force
| methods.
|
| ______
|
| About Internet Security Systems (ISS)
| Internet Security Systems is a leading global provider of security
| management solutions for the Internet, protecting digital assets and
| ensuring safe and uninterrupted e-business. With its industry-leading
| intrusion detection and vulnerability assessment, remote managed
| security services, and strategic consulting and education offerings, ISS
| is a trusted security provider to more than 8,000 customers worldwide
| including 21 of the 25 largest U.S. commercial banks and the top 10 U.S.
| telecommunications companies. Founded in 1994, ISS is headquartered in
| Atlanta, GA, with additional offices throughout North America and
| international operations in Asia, Australia, Europe, Latin America and
| the Middle East. For more information, visit the Internet Security
| Systems web site at www.iss.net or call 888-901-7477.
|
| Copyright (c) 2001 Internet Security Systems, Inc. All rights reserved
| worldwide.
|
| Permission is hereby granted for the redistribution of this Alert
| electronically. It is not to be edited in any way without express consent
of
| the X-Force. If you wish to reprint the whole or any part of this Alert in
| any other medium excluding electronic medium, please e-mail [EMAIL PROTECTED]
| for permission.
|
| Disclaimer
|
| The information within this paper may change without notice. Use of this
| information constitutes acceptance for use in an AS IS condition. There
are
| NO warranties with regard to this information. In no event shall the
author
| be liable for any damages whatsoever arising out of or in connection with
| the use or spread of this information. Any use of this information is at
the
| user's own risk.
|
| X-Force PGP Key available at: http://xforce.iss.net/sensitive.php
| as well as on MIT's PGP key server and PGP.com's key server.
|
| Please send suggestions, updates, and comments to: X-Force
| [EMAIL PROTECTED] of Internet Security Systems, Inc.
|
| -----BEGIN PGP SIGNATURE-----
| Version: 2.6.3a
| Charset: noconv
|
| iQCVAwUBO/mrTDRfJiV99eG9AQGZogP8D+3nnRRqVVfPxVJS6EFNjm1Khzp8ByR5
| GfgmKFXO7Z3a5a9zIChWS1o2U2Khd19KTvxy86MPwktpTqGar7P9jBqmC4yj9NYm
| Hwij+C7Kz1FDh91tLBkuUKKpFaZAMe+CNU8CZiDMfb9XLqOwsVN9QYMSX3qzHR0P
| Wwj6Z2Azfm4=
| =VhtS
| -----END PGP SIGNATURE-----
|
|
---------------------------------------------------------
Archived messages from this list can be found at:
http://www.mail-archive.com/[email protected]/
---------------------------------------------------------
