Weekly Newsletter from Help Net Security - Covers weekly roundups of security events that were in the news the past week. In this issue: The phpinfo() function in PHP gives out lots of server information, NAV misses certain folers, JRun problems with web-inf directory, JRun 2.3 arbitrary file retrieval and command execution, Microsoft Session ID cookie marking bug patch, Hotjava Browser 3.0 Javascript bug, Windows ME printer sharing vulnerability, SuSE ncurses vulnerability, NetBSD global 3.55 vulnerability, NetBSD GNU CFEngine remote vulnerability, Cisco VCO/4000 SNMP bug, PAM_MYSQL local and remote bugs, cisco catalyst 3500 xl remote command execution. Security news: Virus threats getting worse, final vote on secret searches expected, protecting freedom of expression, islamic attackers crash israeli web sites, global hacker agreement could affect bug hunters, and more.
7946ce1e34bb08f6ee159d00e5bccf582526f5ce73138c2b15024beed0e4b20bUSSR Advisory #56 - The Ultraseek search engine v3.1 and 3.1.10 is vulnerable to a denial of service attack on many platforms.
90c4e91688a86ece22a4ad94f1018be2229bf35b7ed5ded7017f91face078428FreeBSD Security Advisory FreeBSD-SA-00:60 - The boa port, versions after 0.92 but prior to 0.94.8.3, contains a vulnerability which allows remote users to view arbitrary files outside the document root, because it did not correctly restrict URL-encoded requests containing ".." in the path. In addition, if CGI support is enabled, a request for any file ending in .cgi will result in the file being executed with the privileges of the user id running the web server, allowing untrusted binary execution.
62dc6503a4f7104ca90055b77c10f1e33e686c834aef01bda51f317de99c4cb4FreeBSD Security Advisory - The pine4 port, versions 4.21 and before, contains a buffer overflow vulnerability which allows a remote user to execute arbitrary code on the local client by the sending of a special-crafted email message. The overflow occurs during the periodic "new mail" checking of an open folder.
22f95fa5a1bb94352d57dbff940db325531e61a409d28dea0615f9726b8a7e94FreeBSD Security Advisory FreeBSD-SA-00:58 - Passwd, chfn, chpass, chsh, ypchfn, ypchpass, and ypchsh are suid root utilities for changing account information. Format string buffer overflow vulnerabilities have been found in code shared by these commands which allows local users to obtain root access.
0239919c44b289f0c7136f858a10eef64a286094e512d74b2268e52d62481e96Sscan2k is a remote auditing tool which scans for more than 200 known vulnerabilities that are able to be found remotely. Features remote OS detection to prevent unecessary bandwidth usage, a scripting language, modules, improved multiple host scanning, and easy configuration.
3523683cf6c1ec13cc211610d4c5467915a0ef2f6ce1ec789979c6fd67fc545cEmailScan checks incoming multipart e-mails for bad file types, filenames, trojans, and viruses using procmail, calling Norton AntiVirus for scanning.
bd0d234ad1eab9bd06ac25d7a2e211ac83c0fc4595fbf936cbf974562f1da50dAtstake security advisory - This advisory describes a vulnerability that exists in Cisco Systems Virtual Central Office 4000 (VCO/4K). There is a vulnerability in the SNMP interface that allows an attacker to enumerate username and obfuscated password pairs for the Telnet interface. Since the obfuscation method used on the passwords is reversible, administrative access to the VCO/4K can be obtained. Perl proof of concept exploit included.
7efd12964efef16b759d3fcdb2af9a30829c39d81b2e68ec5426c943032bfa96Core SDI Advisory CORE-20001026 - Netscape iPlanet webserver contains a directory traversal vulnerability and the administrator password is stores in clear text.
300fb8de9aa07985bdbd7012195021afed7dec5be63cb0b052c0a0dcd55162b7NetBSD Security Advisory 2000-015 - The pw_error() function of the system libutil library, used by several programs including the setuid passwd program, was vulnerable to a format string attack resulting in local root compromise.
0bd58837c2ea7980937b6ae199b243b9a170c7e4f70bff757e2e5df990146a4bNetBSD Security Advisory 2000-014 - Global-3.55 and below allows remote users to execute arbitrary commands.
e00899c0e255208ded76f38b9812dad970932a7c963afdc4d518d7ba7d807b8fNetBSD Security Advisory 2000-013 - The cfd daemon in GNU CFEngine port contains several format string vulnerabilities in syslog() calls. This could permit remote hosts to inject the network daemon with a message causing a segmentation fault. As cfd is almost always run as root due to its nature (centralized configuration management), this could lead to a root compromise.
a392e1028967dfd74f1427f253727f5d9d7dae1b650ec93ed68da41cb984d632NetBSD Security Advisory 2000-012 - NIS client nodes may be vulnerable to a remote buffer overflow attack. If the node is configured to use NIS for hostname lookups, and a rogue NIS server is in a position to respond to a hostname lookup request, a malformed response could cause a denial of service due to abnormal program termination. In the worst case, an account could be hijacked.
9690fedf1029bc414ba63b720b85705df2c468f2335478a505a2da0e0ca9449dRed Hat Security Advisory - Security bugs in versions of Apache prior to 1.3.14 also affect Secure Web Server. A new release which incorporates 1.3.14 is now available.
a181d3fd1059016120a792f663ad268dd8d8ff7cedb6c5fa62b4b58a691b45f6Red Hat Security Advisory - A race condition has been found in the nss_ldap package. On a system running nscd, a malicious user can cause the system to hang.
b0ff2e8318af3671349742cf35fd68147fca878ced41e292fef56b78503daa80Georgi Guninski security advisory #26 - Using specially designed URLs, IIS 5.0 may return user specified content to the browser. This poses great security risk, especially if the browser is JavaScript enabled and the problem is greater in IE. By clicking on links, just visiting hostile web pages or opening HTML email the target IIS sever may return user defined malicous active content. This is a bug in IIS 5.0, but it affects end users and is exploited with a browser. A typical exploit scenario is stealing cookies which may contain sensitive information.
6b6ccfbe0c8d541e629a7ae9731b71c0ae8c45f405aa6e7a7b3f0a9674808daaAps is a small tool for analyzing network traffic. It prints out a great deal of information about the relevant protocols including TCP, UDP, and ICMP. It allows you to filter IP addresses, hardware addresses, ports, and specific protocols. Includes a GTK gui to display each protocols packet counters.
9f7c3cd569295c1cdf4136d97f28173acc1350d76768bab6baf4f6bccdf849f8Remote Task Manager is a system control interface that can be run from any Windows 2000/NT computer. The simple-to-use, tabbed interface separates applications, services, processes, events, shared resources and performance monitor, making each of these very easy to manage.
569b203ef3cd5f767a2ed01a8147892888393a27b455ff27fa0647469fcc9e42Devicelock gives network administrators control over which users can access what removable devices (floppies, Magneto-Optical disks, CD-ROMs, ZIPs, etc.) on a local computer. It can protect network and local computers against viruses, trojans and other malicious programs often injected from removable disks. This version is for Windows 2000/NT. Windows ME version available here.
d634043d9e5c0f3c4702b759f31442d2b3ccdf37da90d802f092bd01cb2fce91
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed