Date Reported: 03/07/2002
Brief Description: Windows 2000 allows an attacker to bypass password
policy
Risk Factor: Medium
Attack Type: Network Based
Platforms: Windows 2000 All versions
Vulnerability: win2k-password-bypass-policy
X-Force URL: http://www.iss.net/security_center/static/8402.php
____________________________________________________________
\
/ Scott Fosseen - Systems Engineer - Arrowhead AEA 5
\ www.aea5.k12.ia.us/aeaphone.nsf/Web/FosseenScott
/____________________________________________________________
----- Original Message -----
From: "X-Force" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, March 18, 2002 5:38 PM
Subject: ISSalert: ISS Security Alert Summary AS02-11
>
> TO UNSUBSCRIBE: email "unsubscribe alert" in the body of your message to
> [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems!
> --------------------------------------------------------------------------
-
>
> -----BEGIN PGP SIGNED MESSAGE-----
>
> Internet Security Systems Security Alert Summary AS02-11
> March 18, 2002
>
> X-Force Vulnerability and Threat Database:
> http://www.iss.net/security_center
>
> To receive these Alert Summaries, as well as other Alerts and
> Advisories, subscribe to the Internet Security Systems Alert
> mailing list at:
> http://www.iss.net/security_center/maillists
>
> This summary is available at the following address:
> http://www.iss.net/security_center/alerts/AS02-11.php
> _____
> Contents:
> * 35 Reported Vulnerabilities
> * Risk Factor Key
> _____
>
>
> Date Reported: 03/06/2002
> Brief Description: Windows NT Server with IIS 4.0 could allow users to
> bypass "User cannot change password" security
> policy
> Risk Factor: Low
> Attack Type: Host Based / Network Based
> Platforms: Microsoft IIS 4.0, Windows NT 4.0
> Vulnerability: winnt-pw-policy-bypass
> X-Force URL: http://www.iss.net/security_center/static/8388.php
>
> Date Reported: 03/07/2002
> Brief Description: Norton AntiVirus 2002 incoming email scan can be
> bypassed using a NULL character
> Risk Factor: Medium
> Attack Type: Network Based
> Platforms: Norton AntiVirus 2002
> Vulnerability: nav-nullchar-bypass-protection
> X-Force URL: http://www.iss.net/security_center/static/8389.php
>
> Date Reported: 03/07/2002
> Brief Description: Norton AntiVirus 2002 incoming email scan can be
> bypassed by embedding malicious code in non-RFC
> compliant MIME messages
> Risk Factor: Medium
> Attack Type: Network Based
> Platforms: Norton AntiVirus 2002
> Vulnerability: nav-nonrfc-bypass-protection
> X-Force URL: http://www.iss.net/security_center/static/8390.php
>
> Date Reported: 03/07/2002
> Brief Description: Norton AntiVirus 2002 .nch and .dbx file types can
> be used to bypass protection
> Risk Factor: Medium
> Attack Type: Network Based
> Platforms: Norton AntiVirus 2002
> Vulnerability: nav-filetype-bypass-protection
> X-Force URL: http://www.iss.net/security_center/static/8391.php
>
> Date Reported: 03/07/2002
> Brief Description: Norton AntiVirus 2002 incoming email scan can be
> bypassed by changing the file name in the Content-
> Type header
> Risk Factor: Medium
> Attack Type: Network Based
> Platforms: Norton AntiVirus 2002
> Vulnerability: nav-contenttype-bypass-protection
> X-Force URL: http://www.iss.net/security_center/static/8392.php
>
> Date Reported: 03/06/2002
> Brief Description: mIRC DCC "100 testing" command could reveal the
> nickname and the number of IRC servers the victim
> is connected to
> Risk Factor: Low
> Attack Type: Network Based
> Platforms: mIRC All versions
> Vulnerability: mirc-dcc-reveal-info
> X-Force URL: http://www.iss.net/security_center/static/8393.php
>
> Date Reported: 03/08/2002
> Brief Description: Linksys EtherFast BEFVP41 Cable/DSL VPN Router weak
> key encryption
> Risk Factor: Low
> Attack Type: Network Based
> Platforms: Linksys EtherFast BEFVP41
> Vulnerability: linksys-etherfast-weak-encryption
> X-Force URL: http://www.iss.net/security_center/static/8397.php
>
> Date Reported: 03/05/2002
> Brief Description: Kaffe OpenVM NoClassDefFoundError format string
> Risk Factor: Low
> Attack Type: Host Based
> Platforms: Kaffe OpenVM 1.0.6 and prior
> Vulnerability: openvm-class-format-strings
> X-Force URL: http://www.iss.net/security_center/static/8399.php
>
> Date Reported: 03/07/2002
> Brief Description: Apache HTTP Server mod_frontpage buffer overflows
> Risk Factor: High
> Attack Type: Network Based
> Platforms: FreeBSD Ports Collection All versions, Mandrake
> Linux 8.0, Mandrake Linux 8.1
> Vulnerability: apache-modfrontpage-bo
> X-Force URL: http://www.iss.net/security_center/static/8400.php
>
> Date Reported: 03/07/2002
> Brief Description: Windows 2000 allows an attacker to bypass password
> policy
> Risk Factor: Medium
> Attack Type: Network Based
> Platforms: Windows 2000 All versions
> Vulnerability: win2k-password-bypass-policy
> X-Force URL: http://www.iss.net/security_center/static/8402.php
>
> Date Reported: 03/04/2002
> Brief Description: KAME forged packet forwarding
> Risk Factor: Low
> Attack Type: Network Based
> Platforms: FreeBSD 4.5-RELEASE, FreeBSD 4.5-STABLE, NetBSD
> 1.5.2
> Vulnerability: kame-forged-packet-forwarding
> X-Force URL: http://www.iss.net/security_center/static/8416.php
>
> Date Reported: 03/08/2002
> Brief Description: Xerver multiple 'C:/' requests denial of service
> Risk Factor: Low
> Attack Type: Network Based
> Platforms: Xerver 2.10
> Vulnerability: xerver-multiple-request-dos
> X-Force URL: http://www.iss.net/security_center/static/8419.php
>
> Date Reported: 03/08/2002
> Brief Description: Xerver "../" directory traversal
> Risk Factor: Low
> Attack Type: Network Based
> Platforms: Xerver 2.10
> Vulnerability: xerver-dot-directory-traversal
> X-Force URL: http://www.iss.net/security_center/static/8421.php
>
> Date Reported: 03/09/2002
> Brief Description: XTux server random character denial of service
> Risk Factor: Low
> Attack Type: Network Based
> Platforms: XTux 20010601
> Vulnerability: xtux-server-dos
> X-Force URL: http://www.iss.net/security_center/static/8422.php
>
> Date Reported: 03/08/2002
> Brief Description: FireWall-1 SecuRemote/SecuClient authentication
> allows remote users to bypass "timeouts"
> Risk Factor: Low
> Attack Type: Network Based
> Platforms: Check Point FireWall-1 4.0, Check Point FireWall-1
> 4.1
> Vulnerability: fw1-authentication-bypass-timeouts
> X-Force URL: http://www.iss.net/security_center/static/8423.php
>
> Date Reported: 03/09/2002
> Brief Description: SurfControl SuperScout Email Filter long HELO or
> RCPT TO: command denial of service
> Risk Factor: Low
> Attack Type: Network Based
> Platforms: SuperScout Email Filter 3.5.1
> Vulnerability: surfcontrol-superscout-helo-dos
> X-Force URL: http://www.iss.net/security_center/static/8424.php
>
> Date Reported: 03/10/2002
> Brief Description: InterScan VirusWall could allow virus infected Web
> pages to bypass the HTTP proxy filtering
> Risk Factor: Medium
> Attack Type: Network Based
> Platforms: InterScan VirusWall 3.6.x
> Vulnerability: interscan-viruswall-http-proxy-bypass
> X-Force URL: http://www.iss.net/security_center/static/8425.php
>
> Date Reported: 03/09/2002
> Brief Description: Citadel/UX long HELO command buffer overflow
> Risk Factor: Low
> Attack Type: Network Based
> Platforms: Citadel/UX 5.90 and prior
> Vulnerability: citadel-helo-bo
> X-Force URL: http://www.iss.net/security_center/static/8426.php
>
> Date Reported: 03/11/2002
> Brief Description: zlib "double free" memory corruption
> Risk Factor: High
> Attack Type: Host Based / Network Based
> Platforms: Debian Linux 2.2, EnGarde Secure Linux Community
> Edition, Mandrake Linux 7.1, Mandrake Linux 7.2,
> Mandrake Linux 8.0, Mandrake Linux 8.1, Mandrake
> Linux Corporate Server 1.0.1, Mandrake Single
> Network Firewall 7.2, OpenPKG 1.0, Red Hat Linux
> 6.2, Red Hat Linux 7.0, Red Hat Linux 7.1, Red Hat
> Linux 7.2, Red Hat Powertools 6.2, Red Hat
> Powertools 7.0, Red Hat Powertools 7.1, SuSE eMail
> Server III All versions, SuSE Linux 6.4, SuSE Linux
> 7.0, SuSE Linux 7.1, SuSE Linux 7.2, SuSE Linux
> 7.3, SuSE Linux Connectivity Server All versions,
> SuSE Linux Database Server All versions, SuSE Linux
> Enterprise Server 7, SuSE Linux Firewall All
> versions, zlib 1.1.3 and earlier
> Vulnerability: zlib-doublefree-memory-corruption
> X-Force URL: http://www.iss.net/security_center/static/8427.php
>
> Date Reported: 03/10/2002
> Brief Description: Pi3Web Server 404 error page Web root directory
> disclosure
> Risk Factor: Low
> Attack Type: Network Based
> Platforms: Pi3Web 2.0
> Vulnerability: pi3web-error-disclosure
> X-Force URL: http://www.iss.net/security_center/static/8428.php
>
> Date Reported: 03/10/2002
> Brief Description: Pi3Web asterisk (*) allows remote attacker to view
> files
> Risk Factor: Low
> Attack Type: Network Based
> Platforms: Pi3Web 2.0
> Vulnerability: pi3web-asterisk-view-files
> X-Force URL: http://www.iss.net/security_center/static/8429.php
>
> Date Reported: 03/11/2002
> Brief Description: CaupoShop user information page cross-site
> scripting
> Risk Factor: Medium
> Attack Type: Network Based
> Platforms: CaupoShop 1.30a
> Vulnerability: cauposhop-user-info-css
> X-Force URL: http://www.iss.net/security_center/static/8431.php
>
> Date Reported: 03/10/2002
> Brief Description: GNU fileutils race condition
> Risk Factor: Medium
> Attack Type: Host Based
> Platforms: GNU fileutils 4.0 up to 4.1.6
> Vulnerability: gnu-fileutils-race-condition
> X-Force URL: http://www.iss.net/security_center/static/8432.php
>
> Date Reported: 03/11/2002
> Brief Description: SMS Server Tools format string attack
> Risk Factor: High
> Attack Type: Host Based / Network Based
> Platforms: SMS Server Tools 1.4.7 and earlier
> Vulnerability: sms-tools-format-string
> X-Force URL: http://www.iss.net/security_center/static/8433.php
>
> Date Reported: 03/12/2002
> Brief Description: PHP FirstPost path disclosure
> Risk Factor: Low
> Attack Type: Network Based
> Platforms: PHP FirstPost 0.1
> Vulnerability: phpfirstpost-path-disclosure
> X-Force URL: http://www.iss.net/security_center/static/8434.php
>
> Date Reported: 03/11/2002
> Brief Description: SunSolve CGI scripts could allow remote command
> execution
> Risk Factor: High
> Attack Type: Network Based
> Platforms: Solaris 7, Solaris 8
> Vulnerability: sunsolve-cd-command-execution
> X-Force URL: http://www.iss.net/security_center/static/8435.php
>
> Date Reported: 03/11/2002
> Brief Description: ZyXEL ZyWALL 10 malformed ARP packet denial of
> service
> Risk Factor: Low
> Attack Type: Network Based
> Platforms: ZyWALL 10 prior to V3.50(WA.2)
> Vulnerability: zyxel-zywall10-arp-dos
> X-Force URL: http://www.iss.net/security_center/static/8436.php
>
> Date Reported: 03/12/2002
> Brief Description: Black Tie Project non-existent category ID path
> disclosure
> Risk Factor: Low
> Attack Type: Network Based
> Platforms: Black Tie Project (BTP) 0.4b, Black Tie Project
> (BTP) 0.5, Black Tie Project (BTP) 0.5b
> Vulnerability: btp-cid-path-disclosure
> X-Force URL: http://www.iss.net/security_center/static/8439.php
>
> Date Reported: 03/10/2002
> Brief Description: Marcus Xenakis directory.php allows malicious user
> to execute commands
> Risk Factor: High
> Attack Type: Network Based
> Platforms: directory.php All versions
> Vulnerability: xenakis-directory-execute-commands
> X-Force URL: http://www.iss.net/security_center/static/8440.php
>
> Date Reported: 03/11/2002
> Brief Description: PHP ImgList "../" directory traversal
> Risk Factor: Low
> Attack Type: Network Based
> Platforms: PHP ImgList prior to 1.2.2
> Vulnerability: phpimglist-dot-directory-traversal
> X-Force URL: http://www.iss.net/security_center/static/8441.php
>
> Date Reported: 03/11/2002
> Brief Description: Caldera OpenServer dlvr_audit buffer overflow
> Risk Factor: High
> Attack Type: Host Based
> Platforms: Caldera OpenServer 5.0.5, Caldera OpenServer 5.0.6
> Vulnerability: openserver-dlvraudit-bo
> X-Force URL: http://www.iss.net/security_center/static/8442.php
>
> Date Reported: 03/10/2002
> Brief Description: Ecartis does not drop root privileges
> Risk Factor: High
> Attack Type: Host Based
> Platforms: Ecartis 1.0.0 and prior
> Vulnerability: ecartis-root-privileges
> X-Force URL: http://www.iss.net/security_center/static/8444.php
>
> Date Reported: 03/10/2002
> Brief Description: Ecartis local buffer overflows in moderate.c and
> lcgi.c
> Risk Factor: High
> Attack Type: Host Based
> Platforms: Ecartis prior to 1.0.0
> Vulnerability: ecartis-local-bo
> X-Force URL: http://www.iss.net/security_center/static/8445.php
>
> Date Reported: 03/13/2002
> Brief Description: Web+ long WML script request buffer overflow
> Risk Factor: High
> Attack Type: Network Based
> Platforms: Web+ 4.6, Web+ 5.0
> Vulnerability: webplus-wml-bo
> X-Force URL: http://www.iss.net/security_center/static/8446.php
>
> Date Reported: 03/13/2002
> Brief Description: PHProjekt filemanager module allows attacker to
> include remote files
> Risk Factor: Medium
> Attack Type: Host Based / Network Based
> Platforms: PHProjekt 3.1, PHProjekt 3.1a
> Vulnerability: phpprojekt-filemanager-include-files
> X-Force URL: http://www.iss.net/security_center/static/8448.php
>
> _____
>
> Risk Factor Key:
>
> High Any vulnerability that provides an attacker with immediate
> access into a machine, gains superuser access, or bypasses
> a firewall. Example: A vulnerable Sendmail 8.6.5 version
> that allows an intruder to execute commands on mail server.
> Medium Any vulnerability that provides information that has a high
> potential of giving system access to an intruder. Example:
> A misconfigured TFTP or vulnerable NIS server that allows
> an intruder to get the password file that could contain an
> account with a guessable password.
> Low Any vulnerability that provides information that could
> potentially lead to a compromise. Example: A finger that
> allows an intruder to find out who is online and potential
> accounts to attempt to crack passwords via brute force
> methods.
>
> ______
>
> About Internet Security Systems (ISS)
> Founded in 1994, Internet Security Systems (ISS) (Nasdaq: ISSX) is a
> pioneer and world leader in software and services that protect critical
> online resources from an ever-changing spectrum of threats and misuse.
> Internet Security Systems is headquartered in Atlanta, GA, with
> additional operations throughout the Americas, Asia, Australia, Europe
> and the Middle East.
>
> Copyright (c) 2002 Internet Security Systems, Inc. All rights reserved
> worldwide.
>
> Permission is hereby granted for the electronic redistribution of this
> document. It is not to be edited or altered in any way without the
> express written consent of the Internet Security Systems X-Force. If you
> wish to reprint the whole or any part of this document in any other
> medium excluding electronic media, please email [EMAIL PROTECTED] for
> permission.
>
> Disclaimer: The information within this paper may change without notice.
> Use of this information constitutes acceptance for use in an AS IS
> condition. There are NO warranties, implied or otherwise, with regard to
> this information or its use. Any use of this information is at the
> user's risk. In no event shall the author/distributor (Internet Security
> Systems X-Force) be held liable for any damages whatsoever arising out
> of or in connection with the use or spread of this information.
>
> X-Force PGP Key available on MIT's PGP key server and PGP.com's key
server,
> as well as at http://www.iss.net/security_center/sensitive.php
>
> Please send suggestions, updates, and comments to: X-Force
> [EMAIL PROTECTED] of Internet Security Systems, Inc.
>
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.3a
> Charset: noconv
>
> iQCVAwUBPJZ6PjRfJiV99eG9AQE77QP+P1SYgMPKR19MovNoxt3dcxOt4yVQ8vEz
> MwIblnIJ7HdwxMT/ncSw3LU+02+Xg7+eYezGxqqzRUL0QCiZnVxf2dS5ImTkwcDP
> u8t6pTzIAldUgfl1pm+EM/qmRMqQQsGYY8DphCqjpBhhXX6HxH0qSWCYVua/X15R
> IXsasnQdLWI=
> =jEWz
> -----END PGP SIGNATURE-----
>
>
---------------------------------------------------------
Archived messages from this list can be found at:
http://www.mail-archive.com/tech-cord@aea5.k12.ia.us/
---------------------------------------------------------
