Date Reported: 04/16/2002
Brief Description: Microsoft Internet Explorer and Office for
Macintosh HTML file:// directive buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Microsoft Internet Explorer 5.1 for Macintosh,
Microsoft Office 1998 for Macintosh, Microsoft
Office 2001 for Macintosh, Microsoft Office v. X
Vulnerability: ms-mac-html-file-bo
X-Force URL: http://www.iss.net/security_center/static/8850.php
Date Reported: 04/16/2002
Brief Description: Microsoft Internet Explorer for Macintosh could
allow remote AppleScript execution
Risk Factor: High
Attack Type: Network Based
Platforms: Microsoft Internet Explorer 5.1 for Macintosh
Vulnerability: ie-mac-applescript-execution
X-Force URL: http://www.iss.net/security_center/static/8851.php
> Date Reported: 04/14/2002
> Brief Description: Internet Explorer history allows URLs using the
> JavaScript protocol
> Risk Factor: High
> Attack Type: Network Based
> Platforms: Microsoft Internet Explorer 6.0
> Vulnerability: ie-history-javascript-urls
> X-Force URL: http://www.iss.net/security_center/static/8844.php
____________________________________________________________
\
/ Scott Fosseen - Systems Engineer - Arrowhead AEA 5
\ www.aea5.k12.ia.us/aeaphone.nsf/Web/FosseenScott
/____________________________________________________________
----- Original Message -----
From: "X-Force" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, April 22, 2002 3:05 PM
Subject: ISSalert: ISS Security Alert Summary AS02-16
>
> TO UNSUBSCRIBE: email "unsubscribe alert" in the body of your message to
> [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems!
> --------------------------------------------------------------------------
-
>
> -----BEGIN PGP SIGNED MESSAGE-----
>
> Internet Security Systems Security Alert Summary AS02-16
> April 22, 2002
>
> X-Force Vulnerability and Threat Database:
> http://www.iss.net/security_center
>
> To receive these Alert Summaries, as well as other Alerts and
> Advisories, subscribe to the Internet Security Systems Alert
> mailing list at:
> http://www.iss.net/security_center/maillists
>
> This summary is available at the following address:
> http://www.iss.net/security_center/alerts/AS02-16.php
> _____
> Contents:
> * 51 Reported Vulnerabilities
> * Risk Factor Key
> _____
>
>
> Date Reported: 04/09/2002
> Brief Description: ASP-Nuke image tag cross-site scripting
> Risk Factor: Medium
> Attack Type: Network Based
> Platforms: ASP-Nuke RC1
> Vulnerability: aspnuke-image-css
> X-Force URL: http://www.iss.net/security_center/static/8829.php
>
> Date Reported: 04/09/2002
> Brief Description: ASP-Nuke downloads.asp and post.asp cross-site
> scripting
> Risk Factor: Medium
> Attack Type: Network Based
> Platforms: ASP-Nuke RC1, ASP-Nuke RC2
> Vulnerability: aspnuke-downloads-post-css
> X-Force URL: http://www.iss.net/security_center/static/8830.php
>
> Date Reported: 04/09/2002
> Brief Description: ASP-Nuke user profiles.asp cross-site scripting
> Risk Factor: Medium
> Attack Type: Network Based
> Platforms: ASP-Nuke RC1, ASP-Nuke RC2
> Vulnerability: aspnuke-user-profile-css
> X-Force URL: http://www.iss.net/security_center/static/8831.php
>
> Date Reported: 04/09/2002
> Brief Description: ASP-Nuke local cookie modification could allow
> account hijacking
> Risk Factor: Medium
> Attack Type: Network Based
> Platforms: ASP-Nuke RC1, ASP-Nuke RC2
> Vulnerability: aspnuke-account-hijacking
> X-Force URL: http://www.iss.net/security_center/static/8832.php
>
> Date Reported: 04/09/2002
> Brief Description: ASP-Nuke invalid cookie could reveal sensitive
> information
> Risk Factor: Low
> Attack Type: Network Based
> Platforms: ASP-Nuke RC1, ASP-Nuke RC2
> Vulnerability: aspnuke-cookie-reveal-information
> X-Force URL: http://www.iss.net/security_center/static/8833.php
>
> Date Reported: 04/11/2002
> Brief Description: INN rnews and inews format string
> Risk Factor: High
> Attack Type: Host Based
> Platforms: INN 2.2.3 and earlier
> Vulnerability: inn-rnews-inews-format-string
> X-Force URL: http://www.iss.net/security_center/static/8834.php
>
> Date Reported: 04/11/2002
> Brief Description: SGI IRIX mail -r core dump
> Risk Factor: Medium
> Attack Type: Host Based / Network Based
> Platforms: IRIX 6.5 to 6.5.15f
> Vulnerability: irix-mail-core-dump
> X-Force URL: http://www.iss.net/security_center/static/8835.php
>
> Date Reported: 04/10/2002
> Brief Description: EMU Webmail allows local attacker to execute
> arbitrary programs using a malicious HTTP Host
> value
> Risk Factor: High
> Attack Type: Host Based
> Platforms: EMU Webmail 4.5.x, EMU Webmail 5.1
> Vulnerability: emumail-http-host-execute
> X-Force URL: http://www.iss.net/security_center/static/8836.php
>
> Date Reported: 04/15/2002
> Brief Description: Webalizer reverse DNS lookup buffer overflow
> Risk Factor: High
> Attack Type: Network Based
> Platforms: Webalizer 2.01-06, Webalizer 2.01-09
> Vulnerability: webalizer-reverse-dns-bo
> X-Force URL: http://www.iss.net/security_center/static/8837.php
>
> Date Reported: 04/08/2002
> Brief Description: SOAP::Lite allows an attacker to execute Perl
> functions
> Risk Factor: Medium
> Attack Type: Host Based
> Platforms: SOAP::Lite All versions
> Vulnerability: soap-perl-execute-functions
> X-Force URL: http://www.iss.net/security_center/static/8838.php
>
> Date Reported: 04/15/2002
> Brief Description: SGI IRIX XFS application denial service
> Risk Factor: Low
> Attack Type: Host Based
> Platforms: IRIX 6.5 to 6.5.11f
> Vulnerability: irix-xfs-dos
> X-Force URL: http://www.iss.net/security_center/static/8839.php
>
> Date Reported: 04/13/2002
> Brief Description: SunShop Shopping Cart new customer registration
> cross-site scripting
> Risk Factor: High
> Attack Type: Network Based
> Platforms: SunShop Shopping Cart 2.5
> Vulnerability: sunshop-new-cust-css
> X-Force URL: http://www.iss.net/security_center/static/8840.php
>
> Date Reported: 04/13/2002
> Brief Description: Burning Board BBS cross-site scripting
> Risk Factor: Medium
> Attack Type: Network Based
> Platforms: Burning Board 1.1.1
> Vulnerability: burningboard-bbs-css
> X-Force URL: http://www.iss.net/security_center/static/8841.php
>
> Date Reported: 04/14/2002
> Brief Description: Melange Chat Server /yell buffer overflow
> Risk Factor: High
> Attack Type: Network Based
> Platforms: Melange Chat System 2.02-beta
> Vulnerability: melange-chat-yell-bo
> X-Force URL: http://www.iss.net/security_center/static/8842.php
>
> Date Reported: 04/14/2002
> Brief Description: ICQ .hpf file access denial of service
> Risk Factor: Low
> Attack Type: Host Based / Network Based
> Platforms: ICQ 2000a Build 3722
> Vulnerability: icq-hpf-access-dos
> X-Force URL: http://www.iss.net/security_center/static/8843.php
>
> Date Reported: 04/14/2002
> Brief Description: Internet Explorer history allows URLs using the
> JavaScript protocol
> Risk Factor: High
> Attack Type: Network Based
> Platforms: Microsoft Internet Explorer 6.0
> Vulnerability: ie-history-javascript-urls
> X-Force URL: http://www.iss.net/security_center/static/8844.php
>
> Date Reported: 04/14/2002
> Brief Description: Melange Chat System long lines in melange.conf
> buffer overflow
> Risk Factor: High
> Attack Type: Host Based
> Platforms: Melange Chat System 2.02-beta
> Vulnerability: melange-chat-config-bo
> X-Force URL: http://www.iss.net/security_center/static/8845.php
>
> Date Reported: 04/14/2002
> Brief Description: Melange Chat System long file name buffer overflow
> Risk Factor: High
> Attack Type: Host Based / Network Based
> Platforms: Melange Chat System 2.02-beta
> Vulnerability: melange-chat-filename-bo
> X-Force URL: http://www.iss.net/security_center/static/8846.php
>
> Date Reported: 04/15/2002
> Brief Description: Raptor Firewall FTP bounce attack
> Risk Factor: Medium
> Attack Type: Network Based
> Platforms: Raptor Firewall 6.5.3i
> Vulnerability: raptor-firewall-ftp-bounce
> X-Force URL: http://www.iss.net/security_center/static/8847.php
>
> Date Reported: 04/13/2002
> Brief Description: Nortel CVX-1800 default public SNMP community string
> Risk Factor: High
> Attack Type: Network Based
> Platforms: Nortel CVX-1800 3.6.3p24 and prior
> Vulnerability: nortel-default-snmp-string
> X-Force URL: http://www.iss.net/security_center/static/8848.php
>
> Date Reported: 04/12/2002
> Brief Description: StepWeb Search (SWS) insecure admin page
> Risk Factor: Medium
> Attack Type: Network Based
> Platforms: StepWeb Search 2.5
> Vulnerability: sws-insecure-admin-page
> X-Force URL: http://www.iss.net/security_center/static/8849.php
>
> Date Reported: 04/16/2002
> Brief Description: Microsoft Internet Explorer and Office for
> Macintosh HTML file:// directive buffer overflow
> Risk Factor: High
> Attack Type: Network Based
> Platforms: Microsoft Internet Explorer 5.1 for Macintosh,
> Microsoft Office 1998 for Macintosh, Microsoft
> Office 2001 for Macintosh, Microsoft Office v. X
> Vulnerability: ms-mac-html-file-bo
> X-Force URL: http://www.iss.net/security_center/static/8850.php
>
> Date Reported: 04/16/2002
> Brief Description: Microsoft Internet Explorer for Macintosh could
> allow remote AppleScript execution
> Risk Factor: High
> Attack Type: Network Based
> Platforms: Microsoft Internet Explorer 5.1 for Macintosh
> Vulnerability: ie-mac-applescript-execution
> X-Force URL: http://www.iss.net/security_center/static/8851.php
>
> Date Reported: 04/17/2002
> Brief Description: XPilot server buffer overflow
> Risk Factor: High
> Attack Type: Network Based
> Platforms: Debian Linux 2.2, XPilot prior to 4.5.1
> Vulnerability: xpilot-server-bo
> X-Force URL: http://www.iss.net/security_center/static/8852.php
>
> Date Reported: 04/17/2002
> Brief Description: IIS CodeBrws.asp sample script can be used to view
> arbitrary file source code
> Risk Factor: Low
> Attack Type: Network Based
> Platforms: Microsoft IIS 5.0
> Vulnerability: iis-codebrws-view-source
> X-Force URL: http://www.iss.net/security_center/static/8853.php
>
> Date Reported: 04/15/2002
> Brief Description: PureSecure allows user to bypass login using SQL
> injection attack
> Risk Factor: High
> Attack Type: Network Based
> Platforms: PureSecure 1.05
> Vulnerability: puresecure-sql-injection
> X-Force URL: http://www.iss.net/security_center/static/8854.php
>
> Date Reported: 04/16/2002
> Brief Description: Oracle ANSI outer join syntax in SQL queries can be
> used to bypass ACLs
> Risk Factor: Medium
> Attack Type: Network Based
> Platforms: Oracle9i Database Server 9.0.1.x
> Vulnerability: oracle-ansi-sql-bypass-acl
> X-Force URL: http://www.iss.net/security_center/static/8855.php
>
> Date Reported: 04/14/2002
> Brief Description: HP Photosmart Mac OS X driver uses weak permissions
> Risk Factor: High
> Attack Type: Host Based
> Platforms: HP Photosmart driver 1.2.1, MacOS X All versions
> Vulnerability: macos-photosmart-weak-permissions
> X-Force URL: http://www.iss.net/security_center/static/8856.php
>
> Date Reported: 04/16/2002
> Brief Description: FileSeek.cgi command execution
> Risk Factor: High
> Attack Type: Network Based
> Platforms: FileSeek.cgi All versions, FileSeek2.cgi All
> versions
> Vulnerability: fileseek-cgi-command-execution
> X-Force URL: http://www.iss.net/security_center/static/8857.php
>
> Date Reported: 04/16/2002
> Brief Description: FileSeek.cgi "dot dot" directory traversal
> Risk Factor: Medium
> Attack Type: Network Based
> Platforms: FileSeek.cgi All versions, FileSeek2.cgi All
> versions
> Vulnerability: fileseek-cgi-directory-traversal
> X-Force URL: http://www.iss.net/security_center/static/8858.php
>
> Date Reported: 04/16/2002
> Brief Description: Norton Personal Firewall allows remote attacker to
> bypass portscan protection using SYN/FIN scan
> Risk Factor: Low
> Attack Type: Network Based
> Platforms: Norton Personal Firewall 2002 All versions
> Vulnerability: norton-bypass-portscan-protection
> X-Force URL: http://www.iss.net/security_center/static/8859.php
>
> Date Reported: 04/16/2002
> Brief Description: AOLserver DB proxy daemon libnspd.a library
> Ns_PdLog() format string
> Risk Factor: High
> Attack Type: Network Based
> Platforms: AOLserver 3.0 - 3.4.2
> Vulnerability: aolserver-dbproxy-format-string
> X-Force URL: http://www.iss.net/security_center/static/8860.php
>
> Date Reported: 04/17/2002
> Brief Description: Web+ long cookie buffer overflow
> Risk Factor: High
> Attack Type: Network Based
> Platforms: Web+ 4.6, Web+ 5.0, Windows 2000 All versions,
> Windows NT All versions
> Vulnerability: webplus-long-cookie-bop
> X-Force URL: http://www.iss.net/security_center/static/8861.php
>
> Date Reported: 04/17/2002
> Brief Description: Microsoft BackOffice Server allows attacker to
> bypass authentication for Web administration pages
> Risk Factor: High
> Attack Type: Network Based
> Platforms: Microsoft BackOffice Server 4.0, Microsoft
> BackOffice Server 5.0
> Vulnerability: backoffice-bypass-authentication
> X-Force URL: http://www.iss.net/security_center/static/8862.php
>
> Date Reported: 04/17/2002
> Brief Description: libc LANG and LOCPATH buffer overflow
> Risk Factor: High
> Attack Type: Host Based
> Platforms: Tru64 DIGITAL UNIX 4.0F, Tru64 DIGITAL UNIX 5.0,
> Tru64 DIGITAL UNIX 5.1, Tru64 DIGITAL UNIX 5.1A
> Vulnerability: libc-lang-locpath-bo
> X-Force URL: http://www.iss.net/security_center/static/8863.php
>
> Date Reported: 04/17/2002
> Brief Description: WebTrends Reporting Center long string buffer
> overflow
> Risk Factor: High
> Attack Type: Network Based
> Platforms: WebTrends Reporting Center 4.0d
> Vulnerability: webtrends-long-string-bo
> X-Force URL: http://www.iss.net/security_center/static/8864.php
>
> Date Reported: 04/17/2002
> Brief Description: WebTrends Reporting Center profile variable real
> path disclosure
> Risk Factor: Low
> Attack Type: Network Based
> Platforms: WebTrends Reporting Center 4.0d
> Vulnerability: webtrends-profile-path-disclosure
> X-Force URL: http://www.iss.net/security_center/static/8865.php
>
> Date Reported: 04/18/2002
> Brief Description: ColdFusion DOS device request path disclosure
> Risk Factor: Low
> Attack Type: Network Based
> Platforms: ColdFusion 5.0
> Vulnerability: coldfusion-dos-device-path-disclosure
> X-Force URL: http://www.iss.net/security_center/static/8866.php
>
> Date Reported: 04/17/2002
> Brief Description: Windows 2000 LanMan denial of service
> Risk Factor: Low
> Attack Type: Network Based
> Platforms: Windows 2000 All versions
> Vulnerability: win2k-lanman-dos
> X-Force URL: http://www.iss.net/security_center/static/8867.php
>
> Date Reported: 04/16/2002
> Brief Description: Internet Explorer dialog window cross-site
> scripting
> Risk Factor: High
> Attack Type: Network Based
> Platforms: Microsoft Internet Explorer 5.0, Microsoft Internet
> Explorer 5.5, Microsoft Internet Explorer 6.0
> Vulnerability: ie-dialog-window-css
> X-Force URL: http://www.iss.net/security_center/static/8868.php
>
> Date Reported: 04/14/2002
> Brief Description: xNewsletter email subscription form improperly
> validates input
> Risk Factor: Medium
> Attack Type: Network Based
> Platforms: xNewsletter 1.0
> Vulnerability: xnewsletter-email-subscription-validation
> X-Force URL: http://www.iss.net/security_center/static/8869.php
>
> Date Reported: 04/16/2002
> Brief Description: AOL Instant Messenger "Direct Connection" allows
> remote attacker to create files
> Risk Factor: Medium
> Attack Type: Network Based
> Platforms: AOL Instant Messenger 4.8 beta and earlier
> Vulnerability: aim-direct-connection-files
> X-Force URL: http://www.iss.net/security_center/static/8870.php
>
> Date Reported: 04/14/2002
> Brief Description: xGB HTML image tag cross-site scripting
> Risk Factor: Medium
> Attack Type: Network Based
> Platforms: xGB All versions
> Vulnerability: xgb-img-css
> X-Force URL: http://www.iss.net/security_center/static/8871.php
>
> Date Reported: 04/14/2002
> Brief Description: xGB PHP script can be used to execute commands
> Risk Factor: Medium
> Attack Type: Network Based
> Platforms: xGB All versions
> Vulnerability: xgb-php-command-execution
> X-Force URL: http://www.iss.net/security_center/static/8872.php
>
> Date Reported: 04/16/2002
> Brief Description: FreeBSD syncookie "NULL" pointer denial of service
> Risk Factor: Low
> Attack Type: Host Based
> Platforms: FreeBSD 4.5-RELEASE, FreeBSD 4.5-STABLE
> Vulnerability: bsd-syncookie-pointer-dos
> X-Force URL: http://www.iss.net/security_center/static/8873.php
>
> Date Reported: 04/17/2002
> Brief Description: Pipermail could allow an attacker to view private
> mailing list archives
> Risk Factor: Low
> Attack Type: Host Based
> Platforms: Pipermail All versions
> Vulnerability: pipermail-view-archives
> X-Force URL: http://www.iss.net/security_center/static/8874.php
>
> Date Reported: 04/16/2002
> Brief Description: FreeBSD syncache "inpcb" pointer denial of service
> Risk Factor: Low
> Attack Type: Host Based
> Platforms: FreeBSD 4.5-RELEASE, FreeBSD 4.5-STABLE
> Vulnerability: bsd-syncache-inpcb-dos
> X-Force URL: http://www.iss.net/security_center/static/8875.php
>
> Date Reported: 04/18/2002
> Brief Description: Sambar Server Perl script source disclosure
> Risk Factor: Low
> Attack Type: Network Based
> Platforms: Sambar Server 5.1p
> Vulnerability: sambar-script-source-disclosure
> X-Force URL: http://www.iss.net/security_center/static/8876.php
>
> Date Reported: 04/18/2002
> Brief Description: PVote could allow an attacker to add or delete
> arbitrary polls
> Risk Factor: Low
> Attack Type: Network Based
> Platforms: PVote prior to 1.9
> Vulnerability: pvote-add-delete-polls
> X-Force URL: http://www.iss.net/security_center/static/8877.php
>
> Date Reported: 04/18/2002
> Brief Description: PVote could allow an attacker to change the
> administrator password
> Risk Factor: Medium
> Attack Type: Network Based
> Platforms: PVote prior to 1.9
> Vulnerability: pvote-change-admin-password
> X-Force URL: http://www.iss.net/security_center/static/8878.php
>
> Date Reported: 04/19/2002
> Brief Description: IncrediBB HTML tag cross-site scripting
> Risk Factor: Medium
> Attack Type: Network Based
> Platforms: IncrediBB 1.1
> Vulnerability: incredibb-html-css
> X-Force URL: http://www.iss.net/security_center/static/8879.php
>
> _____
>
> Risk Factor Key:
>
> High Any vulnerability that provides an attacker with immediate
> access into a machine, gains superuser access, or bypasses
> a firewall. Example: A vulnerable Sendmail 8.6.5 version
> that allows an intruder to execute commands on mail server.
> Medium Any vulnerability that provides information that has a high
> potential of giving system access to an intruder. Example:
> A misconfigured TFTP or vulnerable NIS server that allows
> an intruder to get the password file that could contain an
> account with a guessable password.
> Low Any vulnerability that provides information that could
> potentially lead to a compromise. Example: A finger that
> allows an intruder to find out who is online and potential
> accounts to attempt to crack passwords via brute force
> methods.
>
> ______
>
> About Internet Security Systems (ISS)
> Founded in 1994, Internet Security Systems (ISS) (Nasdaq: ISSX) is a
> pioneer and world leader in software and services that protect critical
> online resources from an ever-changing spectrum of threats and misuse.
> Internet Security Systems is headquartered in Atlanta, GA, with
> additional operations throughout the Americas, Asia, Australia, Europe
> and the Middle East.
>
> Copyright (c) 2002 Internet Security Systems, Inc. All rights reserved
> worldwide.
>
> Permission is hereby granted for the electronic redistribution of this
> document. It is not to be edited or altered in any way without the
> express written consent of the Internet Security Systems X-Force. If you
> wish to reprint the whole or any part of this document in any other
> medium excluding electronic media, please email [EMAIL PROTECTED] for
> permission.
>
> Disclaimer: The information within this paper may change without notice.
> Use of this information constitutes acceptance for use in an AS IS
> condition. There are NO warranties, implied or otherwise, with regard to
> this information or its use. Any use of this information is at the
> user's risk. In no event shall the author/distributor (Internet Security
> Systems X-Force) be held liable for any damages whatsoever arising out
> of or in connection with the use or spread of this information.
>
> X-Force PGP Key available on MIT's PGP key server and PGP.com's key
server,
> as well as at http://www.iss.net/security_center/sensitive.php
>
> Please send suggestions, updates, and comments to: X-Force
> [EMAIL PROTECTED] of Internet Security Systems,
>
> -----BEGIN PGP SIGNATURE-----
> Version: 2.6.2
>
> iQCVAwUBPMRsvTRfJiV99eG9AQG6uAP/bLkIVeliD14fraIKg1nZgTwJt9wxGHNB
> lTaj/wZJlTZ3LN/n4RJHznDiyEZH2GMKcGlLeLVSuxFupWbgBrfMnyHpfyigFbdt
> txogCQe+6n9ia6lvjtllc2NpLvxZscdojbpcdB19l8M4bAIWO3as+tFjsEcS2lJU
> R3C8CgUpBUg=
> =FqUi
> -----END PGP SIGNATURE-----
>
>
---------------------------------------------------------
Archived messages from this list can be found at:
http://www.mail-archive.com/tech-cord@aea5.k12.ia.us/
---------------------------------------------------------
