Date Reported: 11/02/2001
Brief Description: Microsoft ISA Server fragmented UDP packet flood
denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Microsoft ISA Server 2000
Vulnerability: isa-udp-flood-dos
X-Force URL: http://xforce.iss.net/static/7446.php
____________________________________________________________
\
/ Scott Fosseen - Systems Engineer - Arrowhead AEA 5
\ www.aea5.k12.ia.us/aeaphone.nsf/Web/FosseenScott
/____________________________________________________________
----- Original Message -----
From: "X-Force" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, November 12, 2001 10:51 PM
Subject: ISSalert: ISS Security Alert Summary AS01-06
>
> TO UNSUBSCRIBE: email "unsubscribe alert" in the body of your message to
> [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems!
> --------------------------------------------------------------------------
-
>
> -----BEGIN PGP SIGNED MESSAGE-----
>
> Internet Security Systems Security Alert Summary AS01-06
> November 12, 2001
>
> X-Force Vulnerability and Threat Database: http://xforce.iss.net
>
> To receive these Alert Summaries, as well as other Alerts and
> Advisories, subscribe to the Internet Security Systems Alert
> mailing list at: http://xforce.iss.net/maillists/index.php
>
> This summary is available at the following address:
> http://xforce.iss.net/alerts/AS01-06.php
>
> _____
> Contents:
> * 18 Reported Vulnerabilities
> * Risk Factor Key
> _____
>
> Date Reported: 10/30/2001
> Brief Description: Book of Guests CGI unfiltered shell
> metacharacters could allow remote command
> execution
> Risk Factor: High
> Attack Type: Network Based
> Platforms Affected: Book of Guests 1.0
> Vulnerability: bookofguests-cgi-command-execution
> X-Force URL: http://xforce.iss.net/static/7434.php
>
> Date Reported: 10/30/2001
> Brief Description: Ikonboard improper authentication cookie
> filtering could allow BBS administrator
> privileges
> Risk Factor: High
> Attack Type: Network Based
> Platforms Affected: Ikonboard 2.1.9 and earlier
> Vulnerability: ikonboard-cookie-auth-privileges
> X-Force URL: http://xforce.iss.net/static/7433.php
>
> Date Reported: 10/30/2001
> Brief Description: Leoboard LB5000 improper authentication cookie
> filtering could allow BBS administrator
> privileges
> Risk Factor: High
> Attack Type: Network Based
> Platforms Affected: Leoboard LB5000 1029.0
> Vulnerability: leoboard-cookie-auth-privileges
> X-Force URL: http://xforce.iss.net/static/7436.php
>
> Date Reported: 10/30/2001
> Brief Description: Post-It! CGI unfiltered shell metacharacters
> could allow remote command execution
> Risk Factor: High
> Attack Type: Network Based
> Platforms Affected: Post-It! 1.0
> Vulnerability: postit-cgi-command-execution
> X-Force URL: http://xforce.iss.net/static/7435.php
>
> Date Reported: 10/30/2001
> Brief Description: Web Crossing WebX could allow session hijacking
> Risk Factor: Medium
> Attack Type: Network Based
> Platforms Affected: WebX All versions
> Vulnerability: webcrossing-webx-session-hijack
> X-Force URL: http://xforce.iss.net/static/7458.php
>
> Date Reported: 10/31/2001
> Brief Description: FuseTalk 'join.cfm' form could allow the
> execution of malicious SQL queries
> Risk Factor: High
> Attack Type: Network Based
> Platforms Affected: FuseTalk 3.0
> Vulnerability: fusetalk-joincfm-sql-execution
> X-Force URL: http://xforce.iss.net/static/7445.php
>
> Date Reported: 11/01/2001
> Brief Description: Cyrus-SASL library internal logging function
> format string
> Risk Factor: High
> Attack Type: Network Based
> Platforms Affected: Cyrus-SASL 1.5.26 and earlier
> Vulnerability: cyrus-sasl-format-string
> X-Force URL: http://xforce.iss.net/static/7443.php
>
> Date Reported: 11/01/2001
> Brief Description: Viralator CGI unfiltered shell metacharacters
> could allow remote command execution
> Risk Factor: High
> Attack Type: Network Based
> Platforms Affected: Viralator 0.8, Viralator 0.9pre1, Viralator 0.7
> Vulnerability: viralator-cgi-command-execution
> X-Force URL: http://xforce.iss.net/static/7440.php
>
> Date Reported: 11/02/2001
> Brief Description: Microsoft ISA Server fragmented UDP packet flood
> denial of service
> Risk Factor: Medium
> Attack Type: Network Based
> Platforms Affected: Microsoft ISA Server 2000
> Vulnerability: isa-udp-flood-dos
> X-Force URL: http://xforce.iss.net/static/7446.php
>
> Date Reported: 11/02/2001
> Brief Description: Progress Database PROMSGS format string
> Risk Factor: High
> Attack Type: Host Based
> Platforms Affected: Progress Database 9.1C
> Vulnerability: progress-promsgs-format-string
> X-Force URL: http://xforce.iss.net/static/7457.php
>
> Date Reported: 11/02/2001
> Brief Description: Linux kernel using syn cookies could allow an
> attacker to bypass filtering
> Risk Factor: Medium
> Attack Type: Network Based
> Platforms Affected: Red Hat Linux 7.2, Red Hat Linux 7.1, Red Hat
> Linux 7.0, Red Hat Linux 6.2, SuSE Linux 7.3,
> SuSE Linux 7.2, SuSE Linux 7.1, SuSE Linux 7.0,
> SuSE Linux 6.4, SuSE Linux 6.3
> Vulnerability: linux-syncookie-bypass-filter
> X-Force URL: http://xforce.iss.net/static/7461.php
>
> Date Reported: 11/05/2001
> Brief Description: Entrust GetAccess shell scripts allows directory
> traversal and file retrieval
> Risk Factor: Medium
> Attack Type: Network Based
> Platforms Affected: Entrust GetAccess All versions
> Vulnerability: getaccess-shellscripts-retrieve-files
> X-Force URL: http://xforce.iss.net/static/7474.php
>
> Date Reported: 11/05/2001
> Brief Description: PHP-Nuke 'case.filemanager.php' allows an
> attacker to obtain unauthorized privileges
> Risk Factor: Medium
> Attack Type: Network Based
> Platforms Affected: PHP-Nuke 5.2
> Vulnerability: phpnuke-filemanager-gain-privileges
> X-Force URL: http://xforce.iss.net/static/7478.php
>
> Date Reported: 11/05/2001
> Brief Description: Raptor Firewall zero length UDP packets remote
> denial of service
> Risk Factor: Low
> Attack Type: Network Based
> Platforms Affected: Raptor Firewalls All versions
> Vulnerability: raptor-udp-zero-dos
> X-Force URL: http://xforce.iss.net/static/7484.php
>
> Date Reported: 11/05/2001
> Brief Description: Linux TUX HTTP server long Host: header denial
> of service
> Risk Factor: Low
> Attack Type: Network Based
> Platforms Affected: Red Hat Linux 6.2, Red Hat Linux 7.0, Red Hat
> Linux 7.1, Red Hat Linux 7.2, TUX HTTP Server
> 2.1.0-2
> Vulnerability: tux-http-host-dos
> X-Force URL: http://xforce.iss.net/static/7464.php
>
> Date Reported: 11/05/2001
> Brief Description: WS_FTP Server long STAT command buffer overflow
> Risk Factor: High
> Attack Type: Network Based
> Platforms Affected: WS_FTP Server 2.0.3 and earlier
> Vulnerability: wsftp-stat-bo
> X-Force URL: http://xforce.iss.net/static/7472.php
>
> Date Reported: 11/06/2001
> Brief Description: ZoneAlarm identical IP address allows host
> access with local security settings
> Risk Factor: Medium
> Attack Type: Network Based
> Platforms Affected: ZoneAlarm 2.6
> Vulnerability: zonealarm-ip-local-settings
> X-Force URL: http://xforce.iss.net/static/7485.php
>
> Date Reported: 11/08/2001
> Brief Description: Internet Explorer 'about:' allows an attacker to
> access cookie information
> Risk Factor: Medium
> Attack Type: Network Based
> Platforms Affected: Microsoft Internet Explorer 5.5, Microsoft
> Internet Explorer 6
> Vulnerability: ie-about-cookie-information
> X-Force URL: http://xforce.iss.net/static/7486.php
>
> _____
>
> Risk Factor Key:
>
> High Any vulnerability that provides an attacker with immediate
> access into a machine, gains superuser access, or bypasses
> a firewall. Example: A vulnerable Sendmail 8.6.5 version
> that allows an intruder to execute commands on mail server.
> Medium Any vulnerability that provides information that has a high
> potential of giving system access to an intruder. Example:
> A misconfigured TFTP or vulnerable NIS server that allows
> an intruder to get the password file that could contain an
> account with a guessable password.
> Low Any vulnerability that provides information that could
> potentially lead to a compromise. Example: A finger that
> allows an intruder to find out who is online and potential
> accounts to attempt to crack passwords via brute force
> methods.
>
> ______
>
> About Internet Security Systems (ISS)
> Internet Security Systems is a leading global provider of security
> management solutions for the Internet, protecting digital assets and
> ensuring safe and uninterrupted e-business. With its industry-leading
> intrusion detection and vulnerability assessment, remote managed
> security services, and strategic consulting and education offerings, ISS
> is a trusted security provider to more than 8,000 customers worldwide
> including 21 of the 25 largest U.S. commercial banks and the top 10 U.S.
> telecommunications companies. Founded in 1994, ISS is headquartered in
> Atlanta, GA, with additional offices throughout North America and
> international operations in Asia, Australia, Europe, Latin America and
> the Middle East. For more information, visit the Internet Security
> Systems web site at www.iss.net or call 888-901-7477.
>
> Copyright (c) 2001 Internet Security Systems, Inc. All rights reserved
> worldwide.
>
> Permission is hereby granted for the redistribution of this Alert
> electronically. It is not to be edited in any way without express consent
of
> the X-Force. If you wish to reprint the whole or any part of this Alert in
> any other medium excluding electronic medium, please e-mail [EMAIL PROTECTED]
> for permission.
>
> Disclaimer
>
> The information within this paper may change without notice. Use of this
> information constitutes acceptance for use in an AS IS condition. There
are
> NO warranties with regard to this information. In no event shall the
author
> be liable for any damages whatsoever arising out of or in connection with
> the use or spread of this information. Any use of this information is at
the
> user's own risk.
>
> X-Force PGP Key available at: http://xforce.iss.net/sensitive.php
> as well as on MIT's PGP key server and PGP.com's key server.
>
> Please send suggestions, updates, and comments to: X-Force
> [EMAIL PROTECTED] of Internet Security Systems, Inc.
>
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.3a
> Charset: noconv
>
> iQCVAwUBO/CmgTRfJiV99eG9AQFBZwP/QCDVO85J4/X0RtEhCM03O5IpBFPwr5/R
> v/ypWH/2kD/l+TpdB6kEBbeg//BhTAktxwvRhTgOZF3s83+TRv1YYCMzelYhzdnR
> czBlE1M0qoDb8xEdb74d7dlTi1ND00oaRgs1GsxFKpJLFl26HCwaxEOHoTcVTdJK
> t1BIkplpdOs=
> =4ieW
> -----END PGP SIGNATURE-----
>
>
---------------------------------------------------------
Archived messages from this list can be found at:
http://www.mail-archive.com/tech-cord@aea5.k12.ia.us/
---------------------------------------------------------
