Details of VAR-200102-0052

ID

VAR-200102-0052

CVE

CVE-2001-0080

TITLE

Oracle Internet Directory LDAP Daemon does not check write permissions properly

Trust: 0.8

sources: CERT/CC: VU#610904

DESCRIPTION

Cisco Catalyst 6000, 5000, or 4000 switches allow remote attackers to cause a denial of service by connecting to the SSH service with a non-SSH client, which generates a protocol mismatch error. The Oracle LDAP Daemon (oidldapd version 2.1.1.1), which ships with Oracle version 8i for Linux version 8.1.7, does not check write permissions properly. This can allow a local user to delete or write to any file on the system. There is a buffer overflow in the IBM AIX setclock command that may allow local attackers to gain root privileges. Cisco Catalyst 6000, 5000, or 4000 switches are vulnerable. This vulnerability results in a protocol mismatch. -----BEGIN PGP SIGNED MESSAGE----- Internet Security Systems Security Alert Summary January 1, 2001 Volume 6 Number 2 The following computer security issues have been publicly reported and documented in the X-Force Vulnerability and Threat Database (http://xforce.iss.net). This document is available at http://xforce.iss.net/alerts/vol-06_num-02.php. To receive these Alert Summaries: - - Subscribe to the Alert mailing list from http://xforce.iss.net/maillists/index.php - - Or send an email to majordomo@iss.net, and within the body of the message type: - - 'subscribe alert' (without the quotes). _____ Contents 115 Reported Vulnerabilities Risk Factor Key _____ Date Reported: 12/31/00 Vulnerability: exmh-error-symlink Platforms Affected: exmh 2.2 and earlier Risk Factor: High Attack Type: Host Based Brief Description: exmh error message symlink X-Force URL: http://xforce.iss.net/static/5829.php _____ Date Reported: 12/30/00 Vulnerability: informix-webdriver-symlink Platforms Affected: Informix Webdriver Risk Factor: High Attack Type: Host Based Brief Description: Informix Webdriver symbolic link X-Force URL: http://xforce.iss.net/static/5827.php _____ Date Reported: 12/30/00 Vulnerability: informix-webdriver-admin-access Platforms Affected: Informix Webdriver Risk Factor: High Attack Type: Network Based Brief Description: Informix Webdriver remote Admin access X-Force URL: http://xforce.iss.net/static/5833.php _____ Date Reported: 12/29/00 Vulnerability: zonealarm-mutex-dos Platforms Affected: ZoneAlarm Pro Risk Factor: Medium Attack Type: Host Based Brief Description: ZoneAlarm and ZoneAlarm Pro Mutex creation denial of service X-Force URL: http://xforce.iss.net/static/5821.php _____ Date Reported: 12/29/00 Vulnerability: zonealarm-batfile-dos Platforms Affected: ZoneAlarm Pro Risk Factor: Medium Attack Type: Host Based Brief Description: ZoneAlarm and ZoneAlarm Pro can be taken down with a batch file X-Force URL: http://xforce.iss.net/static/5822.php _____ Date Reported: 12/29/00 Vulnerability: shockwave-flash-swf-bo Platforms Affected: Shockwave Plugin 8.0 and prior Risk Factor: High Attack Type: Network/Host Based Brief Description: Shockwave Flash SWF file buffer overflow X-Force URL: http://xforce.iss.net/static/5826.php _____ Date Reported: 12/29/00 Vulnerability: macos-multiple-users Platforms Affected: MacOS 9.0 Risk Factor: High Attack Type: Host Based Brief Description: Mac OS 'Multiple Users' bypass password X-Force URL: http://xforce.iss.net/static/5830.php _____ Date Reported: 12/28/00 Vulnerability: http-cgi-ikonboard Platforms Affected: Ikonboard 2.1.7b and prior Risk Factor: High Attack Type: Host Based Brief Description: Ikonboard allows remote attacker to execute commands X-Force URL: http://xforce.iss.net/static/5819.php _____ Date Reported: 12/27/00 Vulnerability: http-cgi-technote-main Platforms Affected: TECH-NOTE (000, 2001, Pro) Risk Factor: High Attack Type: Network Based Brief Description: TECH-NOTE main.cgi reveals files X-Force URL: http://xforce.iss.net/static/5813.php _____ Date Reported: 12/26/00 Vulnerability: xwindows-char-dos Platforms Affected: XFree86 Risk Factor: Low Attack Type: Network/Host Based Brief Description: X Windows multiple character denial of service X-Force URL: http://xforce.iss.net/static/5834.php _____ Date Reported: 12/25/00 Vulnerability: 1stup-mail-server-bo Platforms Affected: 1st Up Mail Server 4.1 Risk Factor: Medium Attack Type: Network Based Brief Description: 1st Up Mail Server buffer overflow X-Force URL: http://xforce.iss.net/static/5808.php _____ Date Reported: 12/25/00 Vulnerability: dialog-symlink Platforms Affected: Linux Debian 2.2 Risk Factor: High Attack Type: Host Based Brief Description: Linux dialog package symlink attack X-Force URL: http://xforce.iss.net/static/5809.php _____ Date Reported: 12/25/00 Vulnerability: ibm-wcs-admin Platforms Affected: IBM Websphere Commerce Suite Risk Factor: High Attack Type: Host Based Brief Description: IBM WCS admin.config allows user to execute arbitrary commands X-Force URL: http://xforce.iss.net/static/5831.php _____ Date Reported: 12/23/00 Vulnerability: http-cgi-technote-print Platforms Affected: TECH-NOTE (2000, 2001, Pro) Risk Factor: Medium Attack Type: Network Based Brief Description: TECH-NOTE print.cgi reveals files X-Force URL: http://xforce.iss.net/static/5815.php _____ Date Reported: 12/22/00 Vulnerability: iis-web-form-submit Platforms Affected: IIS (4.0, 5.0) Risk Factor: Medium Attack Type: Network/Host Based Brief Description: IIS Web form submission X-Force URL: http://xforce.iss.net/static/5823.php _____ Date Reported: 12/21/00 Vulnerability: hpux-kermit-bo Platforms Affected: HPUX (10.01, 10.10, 10.20, 11.00) Risk Factor: Medium Attack Type: Host Based Brief Description: HP-UX kermit buffer overflow X-Force URL: http://xforce.iss.net/static/5793.php _____ Date Reported: 12/21/00 Vulnerability: bsguest-cgi-execute-commands Platforms Affected: Linux Risk Factor: Medium Attack Type: Network Based Brief Description: bsguest.cgi allows remote execution of commands on server X-Force URL: http://xforce.iss.net/static/5796.php _____ Date Reported: 12/21/00 Vulnerability: bslist-cgi-execute-commands Platforms Affected: Linux Risk Factor: Medium Attack Type: Network Based Brief Description: bslist.cgi allows remote execution of commands on server X-Force URL: http://xforce.iss.net/static/5797.php _____ Date Reported: 12/21/00 Vulnerability: infinite-interchange-dos Platforms Affected: Infinite Interchange 3.61 Risk Factor: Medium Attack Type: Network/Host Based Brief Description: Infinite InterChange denial of service X-Force URL: http://xforce.iss.net/static/5798.php _____ Date Reported: 12/21/00 Vulnerability: oracle-execute-plsql Platforms Affected: Oracle Application Server Risk Factor: Medium Attack Type: Network Based Brief Description: Oracle remote procedure execution X-Force URL: http://xforce.iss.net/static/5817.php _____ Date Reported: 12/21/00 Vulnerability: ksh-redirection-symlink Platforms Affected: IRIX (6.2, 6.5.x) Solaris (2.5.1, 2.6, 7) HPUX 9.00 Digital Unix 5.0 Risk Factor: High Attack Type: Host Based Brief Description: ksh redirection symlink attack X-Force URL: http://xforce.iss.net/static/5811.php _____ Date Reported: 12/21/00 Vulnerability: oracle-webdb-admin-access Platforms Affected: Oracle Internet Application Server 3.0.7 Risk Factor: High Attack Type: Network/Host Based Brief Description: Oracle IAS allows administrative access X-Force URL: http://xforce.iss.net/static/5818.php _____ Date Reported: 12/21/00 Vulnerability: infinite-interchange-dos Platforms Affected: Infinite Interchange 3.61 Risk Factor: Web Scan Attack Type: Network/Host Based Brief Description: Infinite InterChange denial of service X-Force URL: http://xforce.iss.net/static/5798.php _____ Date Reported: 12/20/00 Vulnerability: gnupg-detached-sig-modify Platforms Affected: GnuPG (1.0, 1.0.1, 1.0.2, 1.0.3) Risk Factor: Medium Attack Type: Host Based Brief Description: GnuPG allows users to modify signed messages with detached signatures X-Force URL: http://xforce.iss.net/static/5802.php _____ Date Reported: 12/20/00 Vulnerability: gnupg-reveal-private Platforms Affected: GnuPG (1.0, 1.0.1, 1.0.2, 1.0.3) Risk Factor: Medium Attack Type: Host Based Brief Description: GnuPG will import private keys along with public keys X-Force URL: http://xforce.iss.net/static/5803.php _____ Date Reported: 12/20/00 Vulnerability: zonealarm-nmap-scans Platforms Affected: ZoneAlarm Risk Factor: High Attack Type: Network Based Brief Description: ZoneAlarm does not detect NMAP scans X-Force URL: http://xforce.iss.net/static/5799.php _____ Date Reported: 12/20/00 Vulnerability: zonealarm-open-shares Platforms Affected: ZoneAlarm Risk Factor: High Attack Type: Network Based Brief Description: ZoneAlarm open shares X-Force URL: http://xforce.iss.net/static/5825.php _____ Date Reported: 12/19/00 Vulnerability: win2k-index-service-activex Platforms Affected: Windows 2000 Risk Factor: Low Attack Type: Network/Host Based Brief Description: Windows 2000 Index Service ActiveX controls allow unauthorized access to file information X-Force URL: http://xforce.iss.net/static/5800.php _____ Date Reported: 12/19/00 Vulnerability: proftpd-size-memory-leak Platforms Affected: Proftpd Risk Factor: Low Attack Type: Network/Host Based Brief Description: proftpd memory leak when using SIZE command X-Force URL: http://xforce.iss.net/static/5801.php _____ Date Reported: 12/19/00 Vulnerability: weblogic-dot-bo Platforms Affected: WebLogic Risk Factor: Medium Attack Type: Network Based Brief Description: BEA WebLogic Server "dotdot" URL buffer overflow X-Force URL: http://xforce.iss.net/static/5782.php _____ Date Reported: 12/19/00 Vulnerability: mdaemon-imap-dos Platforms Affected: MDaemon Risk Factor: Medium Attack Type: Network/Host Based Brief Description: MDaemon IMAP buffer overflow denial of service X-Force URL: http://xforce.iss.net/static/5805.php _____ Date Reported: 12/19/00 Vulnerability: zope-calculate-roles Platforms Affected: Zp[e Risk Factor: High Attack Type: Host Based Brief Description: zope package in Linux calculates local roles incorrectly X-Force URL: http://xforce.iss.net/static/5777.php _____ Date Reported: 12/19/00 Vulnerability: itetris-svgalib-path Platforms Affected: svgalib Risk Factor: High Attack Type: Host Based Brief Description: Itetris svgalib PATH X-Force URL: http://xforce.iss.net/static/5795.php _____ Date Reported: 12/18/00 Vulnerability: bsd-ftpd-replydirname-bo Platforms Affected: BSD Based Operating Systems Risk Factor: High Attack Type: Network Based Brief Description: BSD ftpd replydirname() function buffer overflow X-Force URL: http://xforce.iss.net/static/5776.php _____ Date Reported: 12/18/00 Vulnerability: sonata-command-execute Platforms Affected: Sonata Risk Factor: High Attack Type: Host Based Brief Description: Sonata argument command line execution X-Force URL: http://xforce.iss.net/static/5787.php _____ Date Reported: 12/18/00 Vulnerability: solaris-catman-symlink Platforms Affected: Solaris Risk Factor: High Attack Type: Host Based Brief Description: Solaris catman command symlink attack X-Force URL: http://xforce.iss.net/static/5788.php _____ Date Reported: 12/18/00 Vulnerability: solaris-patchadd-symlink Platforms Affected: Solaris Risk Factor: High Attack Type: Host Based Brief Description: Solaris patchadd symlink attack X-Force URL: http://xforce.iss.net/static/5789.php _____ Date Reported: 12/18/00 Vulnerability: stunnel-format-logfile Platforms Affected: Stunnel Risk Factor: High Attack Type: Network Based Brief Description: Stunnel format allows user to write to logfile X-Force URL: http://xforce.iss.net/static/5807.php _____ Date Reported: 12/17/00 Vulnerability: hp-top-sys-files Platforms Affected: HPUX Risk Factor: Low Attack Type: Host Based Brief Description: HP-UX top command could be used to overwrite files X-Force URL: http://xforce.iss.net/static/5773.php _____ Date Reported: 12/16/00 Vulnerability: zope-legacy-names Platforms Affected: Zope Risk Factor: Medium Attack Type: Network Based Brief Description: Linux zope package "legacy" names X-Force URL: http://xforce.iss.net/static/5824.php _____ Date Reported: 12/15/00 Vulnerability: mrj-runtime-malicious-applets Platforms Affected: MRJ Risk Factor: Low Attack Type: Host Based Brief Description: MRJ runtime environment could allow malicious applets to be executed X-Force URL: http://xforce.iss.net/static/5784.php _____ Date Reported: 12/14/00 Vulnerability: coffeecup-ftp-weak-encryption Platforms Affected: CoffeeCup FTP Risk Factor: Low Attack Type: Host Based Brief Description: CoffeeCup FTP client has weak password encryption X-Force URL: http://xforce.iss.net/static/5744.php _____ Date Reported: 12/14/00 Vulnerability: watchguard-soho-fragmented-packets Platforms Affected: WatchGuard Risk Factor: Medium Attack Type: Network Based Brief Description: WatchGuard SOHO Firewall fragmented IP packet attack X-Force URL: http://xforce.iss.net/static/5749.php _____ Date Reported: 12/14/00 Vulnerability: jpilot-perms Platforms Affected: J-Pilot Risk Factor: Medium Attack Type: Host Based Brief Description: J-Pilot permissions could reveal sensitive information X-Force URL: http://xforce.iss.net/static/5762.php _____ Date Reported: 12/14/00 Vulnerability: mediaservices-dropped-connection-dos Platforms Affected: Microsoft Media Services Risk Factor: Medium Attack Type: Network/Host Based Brief Description: Microsoft Media Services dropped connection denial of service X-Force URL: http://xforce.iss.net/static/5785.php _____ Date Reported: 12/14/00 Vulnerability: watchguard-soho-web-auth Platforms Affected: WatchGuard Risk Factor: High Attack Type: Network Based Brief Description: WatchGuard SOHO Web config server could allow unauthenticated access X-Force URL: http://xforce.iss.net/static/5554.php _____ Date Reported: 12/14/00 Vulnerability: watchguard-soho-passcfg-reset Platforms Affected: WatchGuard Risk Factor: High Attack Type: Network Based Brief Description: WatchGuard SOHO administrator password can be remotely reset X-Force URL: http://xforce.iss.net/static/5742.php _____ Date Reported: 12/14/00 Vulnerability: http-cgi-simplestguest Platforms Affected: simplestguest.cgi Risk Factor: High Attack Type: Network Based Brief Description: simplestguest.cgi input validation error X-Force URL: http://xforce.iss.net/static/5743.php _____ Date Reported: 12/14/00 Vulnerability: safeword-palm-pin-extraction Platforms Affected: SafeWord e.iD Palm Authenticator Risk Factor: High Attack Type: Network/Host Based Brief Description: SafeWord and e.iD Palm Authenticator allows attacker to clone Palm device X-Force URL: http://xforce.iss.net/static/5753.php _____ Date Reported: 12/14/00 Vulnerability: mdaemon-lock-bypass-password Platforms Affected: MDaemon Risk Factor: High Attack Type: Host Based Brief Description: MDaemon "lock" bypass password X-Force URL: http://xforce.iss.net/static/5763.php _____ Date Reported: 12/13/00 Vulnerability: cisco-catalyst-ssh-mismatch Platforms Affected: Cisco Catalyst Risk Factor: Low Attack Type: Network Based Brief Description: Cisco Catalyst SSH protocol mismatch X-Force URL: http://xforce.iss.net/static/5760.php _____ Date Reported: 12/13/00 Vulnerability: microsoft-iis-file-disclosure Platforms Affected: IIS Risk Factor: Medium Attack Type: Network/Host Based Brief Description: Microsoft IIS Far East editions file disclosure X-Force URL: http://xforce.iss.net/static/5729.php _____ Date Reported: 12/13/00 Vulnerability: ezshopper-cgi-file-disclosure Platforms Affected: loadpage.cgi Risk Factor: Medium Attack Type: Network Based Brief Description: EZshopper loadpage.cgi file disclosure X-Force URL: http://xforce.iss.net/static/5740.php _____ Date Reported: 12/13/00 Vulnerability: winnt-mstask-dos Platforms Affected: Windows NT Risk Factor: Medium Attack Type: Network/Host Based Brief Description: Windows NT MSTask.exe denial of service X-Force URL: http://xforce.iss.net/static/5746.php _____ Date Reported: 12/13/00 Vulnerability: bftpd-site-chown-bo Platforms Affected: BFTPD Risk Factor: High Attack Type: Network Based Brief Description: BFTPD SITE CHOWN buffer overflow X-Force URL: http://xforce.iss.net/static/5775.php _____ Date Reported: 12/12/00 Vulnerability: aim-remote-bo Platforms Affected: AOL Instant Messenger Risk Factor: Medium Attack Type: Network Based Brief Description: AOL Instant Messenger buffer overflow X-Force URL: http://xforce.iss.net/static/5732.php _____ Date Reported: 12/12/00 Vulnerability: subscribemelite-gain-admin-access Platforms Affected: Subscribe Me Lite Risk Factor: Medium Attack Type: Network Based Brief Description: Subscribe Me Lite mailing list manager unauthorized access X-Force URL: http://xforce.iss.net/static/5735.php _____ Date Reported: 12/12/00 Vulnerability: zope-image-file Platforms Affected: Zope Risk Factor: Medium Attack Type: Host Based Brief Description: Linux zope package Image and File objects X-Force URL: http://xforce.iss.net/static/5778.php _____ Date Reported: 12/12/00 Vulnerability: http-cgi-everythingform Platforms Affected: everythingform.cgi Risk Factor: High Attack Type: Network Based Brief Description: everythingform.cgi input validation error X-Force URL: http://xforce.iss.net/static/5736.php _____ Date Reported: 12/12/00 Vulnerability: http-cgi-simplestmail Platforms Affected: simplestmail.cgi Risk Factor: High Attack Type: Network Based Brief Description: simplestmail.cgi input validation error X-Force URL: http://xforce.iss.net/static/5739.php _____ Date Reported: 12/12/00 Vulnerability: http-cgi-ad Platforms Affected: ad.cgi Risk Factor: High Attack Type: Network Based Brief Description: ad.cgi input validation error X-Force URL: http://xforce.iss.net/static/5741.php _____ Date Reported: 12/12/00 Vulnerability: kde-kmail-weak-encryption Platforms Affected: KDE KMail Risk Factor: High Attack Type: Network/Host Based Brief Description: KDE KMail weak password encryption X-Force URL: http://xforce.iss.net/static/5761.php _____ Date Reported: 12/12/00 Vulnerability: aolim-buddyicon-bo Platforms Affected: AOL Instant Messenger Risk Factor: High Attack Type: Network/Host Based Brief Description: AOL Instant Messenger Buddy Icon buffer overflow X-Force URL: http://xforce.iss.net/static/5786.php _____ Date Reported: 12/12/00 Vulnerability: aim-remote-bo Platforms Affected: AOL Instant Messenger Risk Factor: Medium Attack Type: Network Based Brief Description: AOL Instant Messenger buffer overflow X-Force URL: http://xforce.iss.net/static/5732.php _____ Date Reported: 12/11/00 Vulnerability: rppppoe-zero-length-dos Platforms Affected: rp-pppoe Risk Factor: Medium Attack Type: Network Based Brief Description: rp-pppoe "zero-length" option denial of service X-Force URL: http://xforce.iss.net/static/5727.php _____ Date Reported: 12/11/00 Vulnerability: proftpd-modsqlpw-unauth-access Platforms Affected: ProFTPd Risk Factor: Medium Attack Type: Network Based Brief Description: ProFTPD system using mod_sqlpw unauthorized access X-Force URL: http://xforce.iss.net/static/5737.php _____ Date Reported: 12/11/00 Vulnerability: gnu-ed-symlink Platforms Affected: GNU ed Risk Factor: High Attack Type: Host Based Brief Description: GNU ed symlink X-Force URL: http://xforce.iss.net/static/5723.php _____ Date Reported: 12/11/00 Vulnerability: oops-ftputils-bo Platforms Affected: Oops Proxy Server Risk Factor: High Attack Type: Network/Host Based Brief Description: Oops Proxy Server ftp_utils buffer overflow X-Force URL: http://xforce.iss.net/static/5725.php _____ Date Reported: 12/11/00 Vulnerability: oracle-oidldap-write-permission Platforms Affected: Oracle Internet Directory Risk Factor: High Attack Type: Host Based Brief Description: Oracle Internet Directory write permission X-Force URL: http://xforce.iss.net/static/5804.php _____ Date Reported: 12/9/00 Vulnerability: foolproof-security-bypass Platforms Affected: FoolProof Risk Factor: High Attack Type: Host Based Brief Description: FoolProof Security restriction bypass using FTP X-Force URL: http://xforce.iss.net/static/5758.php _____ Date Reported: 12/8/00 Vulnerability: broadvision-bv1to1-reveal-path Platforms Affected: BroadVision One-To-One Enterprise Server Risk Factor: Low Attack Type: Network Based Brief Description: BroadVision One-To-One Enterprise Server reveals path to server X-Force URL: http://xforce.iss.net/static/5661.php _____ Date Reported: 12/8/00 Vulnerability: ssldump-format-strings Platforms Affected: ssldump Risk Factor: Medium Attack Type: Network Based Brief Description: ssldump format string could allow arbitrary execution of code X-Force URL: http://xforce.iss.net/static/5717.php _____ Date Reported: 12/8/00 Vulnerability: coldfusion-sample-dos Platforms Affected: ColdFusion Risk Factor: Medium Attack Type: Network/Host Based Brief Description: ColdFusion sample script denial of service X-Force URL: http://xforce.iss.net/static/5755.php _____ Date Reported: 12/8/00 Vulnerability: kerberos4-arbitrary-proxy Platforms Affected: Kerberos 4 Risk Factor: High Attack Type: Network/Host Based Brief Description: KTH Kerberos 4 arbitrary proxy enviornment variable X-Force URL: http://xforce.iss.net/static/5733.php _____ Date Reported: 12/8/00 Vulnerability: kerberos4-auth-packet-overflow Platforms Affected: Kerberos 4 Risk Factor: High Attack Type: Network/Host Based Brief Description: KTH Kerberos 4 authentication packet buffer overflow X-Force URL: http://xforce.iss.net/static/5734.php _____ Date Reported: 12/8/00 Vulnerability: kerberos4-user-config Platforms Affected: Kerberos 4 Risk Factor: High Attack Type: Host Based Brief Description: KTH Kerberos 4 user supplied configuration files X-Force URL: http://xforce.iss.net/static/5738.php _____ Date Reported: 12/8/00 Vulnerability: kerberos4-tmpfile-dos Platforms Affected: Kerberos 4 Risk Factor: High Attack Type: Host Based Brief Description: KTH Kerberos 4 race condition X-Force URL: http://xforce.iss.net/static/5754.php _____ Date Reported: 12/7/00 Vulnerability: homeseer-directory-traversal Platforms Affected: HomeSeer Risk Factor: Low Attack Type: Network Based Brief Description: HomeSeer allows directory traversal X-Force URL: http://xforce.iss.net/static/5663.php _____ Date Reported: 12/7/00 Vulnerability: offline-explorer-reveal-files Platforms Affected: MetaProducts Offline Explorer Risk Factor: Low Attack Type: Network/Host Based Brief Description: MetaProducts Offline Explorer can reveal file system X-Force URL: http://xforce.iss.net/static/5728.php _____ Date Reported: 12/7/00 Vulnerability: imail-smtp-auth-dos Platforms Affected: IMail Risk Factor: Medium Attack Type: Network/Host Based Brief Description: IMail SMTP auth denial of service X-Force URL: http://xforce.iss.net/static/5674.php _____ Date Reported: 12/6/00 Vulnerability: apc-apcupsd-dos Platforms Affected: APC apcupsd Risk Factor: Medium Attack Type: Host Based Brief Description: APC apcupsd denial of service X-Force URL: http://xforce.iss.net/static/5654.php _____ Date Reported: 12/6/00 Vulnerability: cisco-catalyst-telnet-dos Platforms Affected: Cisco Catalyst Risk Factor: Medium Attack Type: Network/Host Based Brief Description: Cisco Catalyst telnet server memory leak denial of service X-Force URL: http://xforce.iss.net/static/5656.php _____ Date Reported: 12/6/00 Vulnerability: apache-php-disclose-files Platforms Affected: Apache Web server Risk Factor: Medium Attack Type: Network/Host Based Brief Description: Apache Web server discloses files when used with php script X-Force URL: http://xforce.iss.net/static/5659.php _____ Date Reported: 12/6/00 Vulnerability: ultraseek-reveal-path Platforms Affected: Ultraseek Risk Factor: Medium Attack Type: Network Based Brief Description: Ultraseek Server can reveal the path and source code to certain files X-Force URL: http://xforce.iss.net/static/5660.php _____ Date Reported: 12/6/00 Vulnerability: irc-dreamforge-dns-dos Platforms Affected: DreamForge IRCd Risk Factor: Medium Attack Type: Network Based Brief Description: DreamForge IRCd DNS denial of service X-Force URL: http://xforce.iss.net/static/5721.php _____ Date Reported: 12/6/00 Vulnerability: mailman-alternate-templates Platforms Affected: MailMan Risk Factor: High Attack Type: Network Based Brief Description: MailMan Alternate Templates form variable allows remote attacker to execute commands X-Force URL: http://xforce.iss.net/static/5649.php _____ Date Reported: 12/6/00 Vulnerability: phpgroupware-include-files Platforms Affected: Risk Factor: High Attack Type: Network Based Brief Description: phpGroupWare include files allows remote attacker to execute commands X-Force URL: http://xforce.iss.net/static/5650.php _____ Date Reported: 12/6/00 Vulnerability: markvision-printer-driver-bo Platforms Affected: Lexmark MarkVision Risk Factor: High Attack Type: Host Based Brief Description: Lexmark MarkVision printer drivers for Unix buffer overflows X-Force URL: http://xforce.iss.net/static/5651.php _____ Date Reported: 12/6/00 Vulnerability: nt-ras-reg-perms Platforms Affected: Windows NT Risk Factor: High Attack Type: Host Based Brief Description: Windows NT RAS registry permissions X-Force URL: http://xforce.iss.net/static/5671.php _____ Date Reported: 12/6/00 Vulnerability: nt-snmp-reg-perms Platforms Affected: Windows NT Risk Factor: High Attack Type: Network/Host Based Brief Description: Windows NT SNMP registry permissions X-Force URL: http://xforce.iss.net/static/5672.php _____ Date Reported: 12/6/00 Vulnerability: nt-mts-reg-perms Platforms Affected: Windows NT Risk Factor: High Attack Type: Network/Host Based Brief Description: Windows NT MTS registry permissions X-Force URL: http://xforce.iss.net/static/5673.php _____ Date Reported: 12/6/00 Vulnerability: irc-bitchx-dns-bo Platforms Affected: BitchX Risk Factor: High Attack Type: Network Based Brief Description: BitchX IRC DNS buffer overflow X-Force URL: http://xforce.iss.net/static/5701.php _____ Date Reported: 12/5/00 Vulnerability: ibm-db2-gain-access Platforms Affected: IBM DB2 Risk Factor: Medium Attack Type: Network/Host Based Brief Description: IBM DB2 Universal Database can give access through default username and password X-Force URL: http://xforce.iss.net/static/5662.php _____ Date Reported: 12/5/00 Vulnerability: ibm-db2-dos Platforms Affected: IBM DB2 Risk Factor: Medium Attack Type: Network/Host Based Brief Description: IBM DB2 Universal Database denial of service X-Force URL: http://xforce.iss.net/static/5664.php _____ Date Reported: 12/5/00 Vulnerability: vsu-source-routing Platforms Affected: VSU Risk Factor: Medium Attack Type: Network Based Brief Description: VPNet VSU gateways contain source routing X-Force URL: http://xforce.iss.net/static/5667.php _____ Date Reported: 12/5/00 Vulnerability: vsu-ip-bridging Platforms Affected: VSU Risk Factor: Medium Attack Type: Network Based Brief Description: VPNet VSU gateways contain bridging code X-Force URL: http://xforce.iss.net/static/5670.php _____ Date Reported: 12/5/00 Vulnerability: ftp-servu-homedir-travers Platforms Affected: Serv-U FTP Risk Factor: High Attack Type: Network/Host Based Brief Description: FTP Serv-U home directory traversal could allow access to FTProot X-Force URL: http://xforce.iss.net/static/5639.php _____ Date Reported: 12/4/00 Vulnerability: cisco-cbos-web-access Platforms Affected: CISCO CBOS Risk Factor: Medium Attack Type: Network Based Brief Description: Cisco CBOS Web access enabled denial of service X-Force URL: http://xforce.iss.net/static/5626.php _____ Date Reported: 12/4/00 Vulnerability: watchguard-soho-get-dos Platforms Affected: WatchGuard SOHO Risk Factor: Medium Attack Type: Network Based Brief Description: WatchGuard SOHO Firewall multiple GET requests denial of service X-Force URL: http://xforce.iss.net/static/5665.php _____ Date Reported: 12/4/00 Vulnerability: phone-book-service-bo Platforms Affected: Windows 2000 Windows NT Risk Factor: High Attack Type: Network Based Brief Description: Windows NT and 2000 Phone Book service buffer overflow X-Force URL: http://xforce.iss.net/static/5623.php _____ Date Reported: 12/4/00 Vulnerability: cisco-cbos-syn-packets Platforms Affected: CISCO CBOS Risk Factor: High Attack Type: Network Based Brief Description: Cisco CBOS SYN packets denial of service X-Force URL: http://xforce.iss.net/static/5627.php _____ Date Reported: 12/4/00 Vulnerability: cisco-cbos-invalid-login Platforms Affected: CISCO CBOS Risk Factor: High Attack Type: Network Based Brief Description: Cisco CBOS does not log invalid logins X-Force URL: http://xforce.iss.net/static/5628.php _____ Date Reported: 12/4/00 Vulnerability: cisco-cbos-icmp-echo Platforms Affected: CISCO CBOS Risk Factor: High Attack Type: Network Based Brief Description: Cisco CBOS large ICMP ECHO packet denial of service X-Force URL: http://xforce.iss.net/static/5629.php _____ Date Reported: 12/2/00 Vulnerability: phpweblog-bypass-authentication Platforms Affected: phpWebLog Risk Factor: High Attack Type: Host Based Brief Description: phpWebLog allows users to bypass authentication X-Force URL: http://xforce.iss.net/static/5625.php _____ Date Reported: 12/1/00 Vulnerability: linux-diskcheck-race-symlink Platforms Affected: Linux Risk Factor: Low Attack Type: Host Based Brief Description: Linux diskcheck race condition could allow a tmp file symbolic link attack X-Force URL: http://xforce.iss.net/static/5624.php _____ Date Reported: 12/1/00 Vulnerability: ie-form-file-upload Platforms Affected: Microsoft Internet Explorer Risk Factor: Medium Attack Type: Network/Host Based Brief Description: Internet Explorer file upload form X-Force URL: http://xforce.iss.net/static/5615.php _____ Date Reported: 12/1/00 Vulnerability: mssql-xp-paraminfo-bo Platforms Affected: Risk Factor: Medium Attack Type: Host Based Brief Description: Microsoft SQL XP srv_paraminfo() buffer overflow X-Force URL: http://xforce.iss.net/static/5622.php _____ Date Reported: 12/1/00 Vulnerability: majordomo-auth-execute-commands Platforms Affected: Majordomo Risk Factor: High Attack Type: Network Based Brief Description: Majordomo allows administrative access without password X-Force URL: http://xforce.iss.net/static/5611.php _____ Date Reported: 12/1/00 Vulnerability: ie-print-template Platforms Affected: Microsoft Internet Explorer Risk Factor: High Attack Type: Network/Host Based Brief Description: Internet Explorer print template X-Force URL: http://xforce.iss.net/static/5614.php _____ Date Reported: 12/1/00 Vulnerability: aix-piobe-bo Platforms Affected: AIX Risk Factor: High Attack Type: Host Based Brief Description: AIX piobe buffer overflow X-Force URL: http://xforce.iss.net/static/5616.php _____ Date Reported: 12/1/00 Vulnerability: aix-pioout-bo Platforms Affected: AIX Risk Factor: High Attack Type: Host Based Brief Description: AIX pioout buffer overflow X-Force URL: http://xforce.iss.net/static/5617.php _____ Date Reported: 12/1/00 Vulnerability: aix-setclock-bo Platforms Affected: AIX Risk Factor: High Attack Type: Host Based Brief Description: AIX setclock buffer overflow X-Force URL: http://xforce.iss.net/static/5618.php _____ Date Reported: 12/1/00 Vulnerability: aix-enq-bo Platforms Affected: AIX Risk Factor: High Attack Type: Host Based Brief Description: AIX enq buffer overflow X-Force URL: http://xforce.iss.net/static/5619.php _____ Date Reported: 12/1/00 Vulnerability: aix-digest-bo Platforms Affected: AIX Risk Factor: High Attack Type: Host Based Brief Description: AIX digest buffer overflow X-Force URL: http://xforce.iss.net/static/5620.php _____ Date Reported: 12/1/00 Vulnerability: aix-setsenv-bo Platforms Affected: AIX Risk Factor: High Attack Type: Host Based Brief Description: AIX setsenv buffer overflow X-Force URL: http://xforce.iss.net/static/5621.php Risk Factor Key: High Any vulnerability that provides an attacker with immediate access into a machine, gains superuser access, or bypasses a firewall. Example: A vulnerable Sendmail 8.6.5 version that allows an intruder to execute commands on mail server. Medium Any vulnerability that provides information that has a high potential of giving system access to an intruder. Example: A misconfigured TFTP or vulnerable NIS server that allows an intruder to get the password file that could contain an account with a guessable password. Low Any vulnerability that provides information that potentially could lead to a compromise. Example: A finger that allows an intruder to find out who is online and potential accounts to attempt to crack passwords via brute force methods. _____ Additional Information This document is available at http://xforce.iss.net/alerts/advisennn.php. To receive these Alerts and Advisories: - - Subscribe to the Alert mailing list from http://xforce.iss.net/maillists/index.php - - Or send an email to majordomo@iss.net, and within the body of the message type: 'subscribe alert' (without the quotes). About Internet Security Systems (ISS) Internet Security Systems, Inc. (ISS) (NASDAQ: ISSX) is the leading global provider of security management solutions for the Internet. By combining best of breed products, security management services, aggressive research and development, and comprehensive educational and consulting services, ISS is the trusted security advisor for thousands of organizations around the world looking to protect their mission critical information and networks. Copyright (c) 2001 by Internet Security Systems, Inc. Permission is hereby granted for the redistribution of this Alert electronically. It is not to be edited in any way without express consent of the X-Force. If you wish to reprint the whole or any part of this Alert in any other medium excluding electronic medium, please e-mail xforce@iss.net for permission. Disclaimer The information within this paper may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties with regard to this information. In no event shall the author be liable for any damages whatsoever arising out of or in connection with the use or spread of this information. Any use of this information is at the user's own risk. X-Force PGP Key available at: http://xforce.iss.net/sensitive.php as well as on MIT's PGP key server and PGP.com's key server. Please send suggestions, updates, and comments to: X-Force xforce@iss.net of Internet Security Systems, Inc. -----BEGIN PGP SIGNATURE----- Version: 2.6.3a Charset: noconv iQCVAwUBOmd8xjRfJiV99eG9AQHGkAQAgX36zVSxItnmE160WG5ws5c6tp0F0Sr0 LLmTWkj7iiYUNv2dKxsw0L4IxItVyilHBYDDrQtjpD76ABE1YhaU2qxlFCeNqMoL r21MXXYy0JZWfMCU+t7dk7VNtDzy/0EpbZIcBqziisvQJYgUin3viD54QK+gsYIw jbM10AXVSHw= =5U+8 -----END PGP SIGNATURE-----

Trust: 4.68

sources: NVD: CVE-2001-0080 // CERT/CC: VU#610904 // CERT/CC: VU#739201 // CERT/CC: VU#808633 // CERT/CC: VU#872257 // CERT/CC: VU#886953 // VULHUB: VHN-2902 // PACKETSTORM: 24096

AFFECTED PRODUCTS

vendor:	ibm	model:	-	scope:	-	version:	-	Trust: 2.4
vendor:	cisco	model:	catalyst 4000	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	catalyst 5000	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	catalyst 6000	scope:	eq	version:	*	Trust: 1.0
vendor:	oracle	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	catalyst 5000	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	catalyst 4000	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	catalyst 6000	scope:	-	version:	-	Trust: 0.6

sources: CERT/CC: VU#610904 // CERT/CC: VU#739201 // CERT/CC: VU#808633 // CERT/CC: VU#886953 // CNNVD: CNNVD-200102-072 // NVD: CVE-2001-0080

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD:	CVE-2001-0080
value:	MEDIUM
Trust: 1.0
CARNEGIE MELLON:	VU#610904
value:	3.00
Trust: 0.8
CARNEGIE MELLON:	VU#739201
value:	7.09
Trust: 0.8
CARNEGIE MELLON:	VU#808633
value:	5.36
Trust: 0.8
CARNEGIE MELLON:	VU#872257
value:	7.09
Trust: 0.8
CARNEGIE MELLON:	VU#886953
value:	15.19
Trust: 0.8
CNNVD:	CNNVD-200102-072
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-2902
value:	MEDIUM
Trust: 0.1

NVD:
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	FALSE
obtainAllPrivilege:	FALSE
obtainUserPrivilege:	FALSE
obtainOtherPrivilege:	FALSE
userInteractionRequired:	FALSE
version:	2.0
Trust: 1.0
VULHUB:	VHN-2902
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CERT/CC: VU#610904 // CERT/CC: VU#739201 // CERT/CC: VU#808633 // CERT/CC: VU#872257 // CERT/CC: VU#886953 // VULHUB: VHN-2902 // CNNVD: CNNVD-200102-072 // NVD: CVE-2001-0080

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2001-0080

THREAT TYPE

remote

Trust: 0.7

sources: PACKETSTORM: 24096 // CNNVD: CNNVD-200102-072

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200102-072

CONFIGURATIONS

sources: NVD: CVE-2001-0080

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-2902

EXTERNAL IDS

db:	BID	id:	2117	Trust: 1.7
db:	NVD	id:	CVE-2001-0080	Trust: 1.7
db:	XF	id:	5804	Trust: 0.9
db:	XF	id:	5618	Trust: 0.9
db:	XF	id:	5620	Trust: 0.9
db:	XF	id:	5619	Trust: 0.9
db:	XF	id:	5621	Trust: 0.9
db:	CERT/CC	id:	VU#610904	Trust: 0.8
db:	BID	id:	2035	Trust: 0.8
db:	CERT/CC	id:	VU#739201	Trust: 0.8
db:	BID	id:	2033	Trust: 0.8
db:	CERT/CC	id:	VU#808633	Trust: 0.8
db:	BID	id:	2034	Trust: 0.8
db:	CERT/CC	id:	VU#872257	Trust: 0.8
db:	BID	id:	2032	Trust: 0.8
db:	CERT/CC	id:	VU#886953	Trust: 0.8
db:	CNNVD	id:	CNNVD-200102-072	Trust: 0.7
db:	XF	id:	5760	Trust: 0.7
db:	CISCO	id:	20001213 CISCO CATALYST SSH PROTOCOL MISMATCH VULNERABILITY	Trust: 0.6
db:	EXPLOIT-DB	id:	20509	Trust: 0.1
db:	SEEBUG	id:	SSVID-74382	Trust: 0.1
db:	VULHUB	id:	VHN-2902	Trust: 0.1
db:	XF	id:	5629	Trust: 0.1
db:	XF	id:	5825	Trust: 0.1
db:	XF	id:	5626	Trust: 0.1
db:	XF	id:	5776	Trust: 0.1
db:	XF	id:	5616	Trust: 0.1
db:	XF	id:	5797	Trust: 0.1
db:	XF	id:	5740	Trust: 0.1
db:	XF	id:	5831	Trust: 0.1
db:	XF	id:	5827	Trust: 0.1
db:	XF	id:	5823	Trust: 0.1
db:	XF	id:	5758	Trust: 0.1
db:	XF	id:	5777	Trust: 0.1
db:	XF	id:	5664	Trust: 0.1
db:	XF	id:	5611	Trust: 0.1
db:	XF	id:	5650	Trust: 0.1
db:	XF	id:	5818	Trust: 0.1
db:	XF	id:	5738	Trust: 0.1
db:	XF	id:	5662	Trust: 0.1
db:	XF	id:	5732	Trust: 0.1
db:	XF	id:	5739	Trust: 0.1
db:	XF	id:	5785	Trust: 0.1
db:	XF	id:	5787	Trust: 0.1
db:	XF	id:	5734	Trust: 0.1
db:	XF	id:	5743	Trust: 0.1
db:	XF	id:	5821	Trust: 0.1
db:	XF	id:	5639	Trust: 0.1
db:	XF	id:	5622	Trust: 0.1
db:	XF	id:	5796	Trust: 0.1
db:	XF	id:	5829	Trust: 0.1
db:	XF	id:	5755	Trust: 0.1
db:	XF	id:	5625	Trust: 0.1
db:	XF	id:	5833	Trust: 0.1
db:	XF	id:	5778	Trust: 0.1
db:	XF	id:	5773	Trust: 0.1
db:	XF	id:	5717	Trust: 0.1
db:	XF	id:	5617	Trust: 0.1
db:	XF	id:	5728	Trust: 0.1
db:	XF	id:	5736	Trust: 0.1
db:	XF	id:	5753	Trust: 0.1
db:	XF	id:	5627	Trust: 0.1
db:	XF	id:	5651	Trust: 0.1
db:	XF	id:	5815	Trust: 0.1
db:	XF	id:	5822	Trust: 0.1
db:	XF	id:	5744	Trust: 0.1
db:	XF	id:	5834	Trust: 0.1
db:	XF	id:	5554	Trust: 0.1
db:	XF	id:	5789	Trust: 0.1
db:	XF	id:	5615	Trust: 0.1
db:	XF	id:	5742	Trust: 0.1
db:	XF	id:	5741	Trust: 0.1
db:	XF	id:	5824	Trust: 0.1
db:	XF	id:	5793	Trust: 0.1
db:	XF	id:	5614	Trust: 0.1
db:	XF	id:	5763	Trust: 0.1
db:	XF	id:	5674	Trust: 0.1
db:	XF	id:	5723	Trust: 0.1
db:	XF	id:	5654	Trust: 0.1
db:	XF	id:	5826	Trust: 0.1
db:	XF	id:	5782	Trust: 0.1
db:	XF	id:	5663	Trust: 0.1
db:	XF	id:	5628	Trust: 0.1
db:	XF	id:	5805	Trust: 0.1
db:	XF	id:	5798	Trust: 0.1
db:	XF	id:	5762	Trust: 0.1
db:	XF	id:	5721	Trust: 0.1
db:	XF	id:	5784	Trust: 0.1
db:	XF	id:	5671	Trust: 0.1
db:	XF	id:	5623	Trust: 0.1
db:	XF	id:	5725	Trust: 0.1
db:	XF	id:	5809	Trust: 0.1
db:	XF	id:	5795	Trust: 0.1
db:	XF	id:	5673	Trust: 0.1
db:	XF	id:	5801	Trust: 0.1
db:	XF	id:	5729	Trust: 0.1
db:	XF	id:	5830	Trust: 0.1
db:	XF	id:	5817	Trust: 0.1
db:	XF	id:	5701	Trust: 0.1
db:	XF	id:	5788	Trust: 0.1
db:	XF	id:	5808	Trust: 0.1
db:	XF	id:	5735	Trust: 0.1
db:	XF	id:	5819	Trust: 0.1
db:	XF	id:	5754	Trust: 0.1
db:	XF	id:	5649	Trust: 0.1
db:	XF	id:	5807	Trust: 0.1
db:	XF	id:	5660	Trust: 0.1
db:	XF	id:	5661	Trust: 0.1
db:	XF	id:	5746	Trust: 0.1
db:	XF	id:	5624	Trust: 0.1
db:	XF	id:	5775	Trust: 0.1
db:	XF	id:	5761	Trust: 0.1
db:	XF	id:	5733	Trust: 0.1
db:	XF	id:	5727	Trust: 0.1
db:	XF	id:	5813	Trust: 0.1
db:	XF	id:	5656	Trust: 0.1
db:	XF	id:	5799	Trust: 0.1
db:	XF	id:	5665	Trust: 0.1
db:	XF	id:	5737	Trust: 0.1
db:	XF	id:	5659	Trust: 0.1
db:	XF	id:	5667	Trust: 0.1
db:	XF	id:	5672	Trust: 0.1
db:	XF	id:	5749	Trust: 0.1
db:	XF	id:	5803	Trust: 0.1
db:	XF	id:	5811	Trust: 0.1
db:	XF	id:	5786	Trust: 0.1
db:	XF	id:	5802	Trust: 0.1
db:	XF	id:	5800	Trust: 0.1
db:	XF	id:	5670	Trust: 0.1
db:	PACKETSTORM	id:	24096	Trust: 0.1

sources: CERT/CC: VU#610904 // CERT/CC: VU#739201 // CERT/CC: VU#808633 // CERT/CC: VU#872257 // CERT/CC: VU#886953 // VULHUB: VHN-2902 // PACKETSTORM: 24096 // CNNVD: CNNVD-200102-072 // NVD: CVE-2001-0080

REFERENCES

url:	http://www.securityfocus.com/bid/2117	Trust: 1.7
url:	http://www.cisco.com/warp/public/707/catalyst-ssh-protocolmismatch-pub.shtml	Trust: 1.7
url:	http://techsupport.services.ibm.com/rs6000/aix.uhuic_getrec?args=dvhuron.boulder.ibm.com+dbaix+da139925+stiy08143+usbin	Trust: 1.6
url:	http://techsupport.services.ibm.com/support/rs6000.support/fixsearch?fixdb=aix4&srchtype=apar&query=iy08143	Trust: 1.6
url:	http://techsupport.services.ibm.com/rs6000/aix.uhuic_getrec?args=dvhuron.boulder.ibm.com+dbaix+da137627+stiy08287+usbin	Trust: 1.6
url:	http://techsupport.services.ibm.com/support/rs6000.support/fixsearch?fixdb=aix4&srchtype=apar&query=iy08287	Trust: 1.6
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/5760	Trust: 1.1
url:	http://xforce.iss.net/static/5804.php	Trust: 0.9
url:	http://xforce.iss.net/static/5618.php	Trust: 0.9
url:	http://xforce.iss.net/static/5620.php	Trust: 0.9
url:	http://xforce.iss.net/static/5619.php	Trust: 0.9
url:	http://xforce.iss.net/static/5621.php	Trust: 0.9
url:	http://www.securityfocus.com/templates/archive.pike?list=1&mid=152620	Trust: 0.8
url:	http://www.securityfocus.com/bid/2035	Trust: 0.8
url:	http://techsupport.services.ibm.com/rs6000/aix.uhuic_getrec?args=dvhuron.boulder.ibm.com+dbaix+da139817+stiy07831+usbin	Trust: 0.8
url:	http://techsupport.services.ibm.com/support/rs6000.support/fixsearch?fixdb=aix4&srchtype=apar&query=iy07831	Trust: 0.8
url:	http://techsupport.services.ibm.com/rs6000/aix.uhuic_getrec?args=dvhuron.boulder.ibm.com+dbaix+da137621+stiy07790+usbin	Trust: 0.8
url:	http://techsupport.services.ibm.com/support/rs6000.support/fixsearch?fixdb=aix4&srchtype=apar&query=iy07790	Trust: 0.8
url:	http://www.securityfocus.com/bid/2033	Trust: 0.8
url:	http://www.rs6000.ibm.com/idd500/usr/share/man/info/en_us/a_doc_lib/cmds/aixcmds2/digest.htm#a26p05a6	Trust: 0.8
url:	http://www.securityfocus.com/bid/2034	Trust: 0.8
url:	http://www.rs6000.ibm.com/idd500/usr/share/man/info/en_us/a_doc_lib/cmds/aixcmds2/enq.htm#a200977f	Trust: 0.8
url:	http://www.securityfocus.com/bid/2032	Trust: 0.8
url:	http://techsupport.services.ibm.com/rs6000/aix.uhuic_getrec?args=dvhuron.boulder.ibm.com+dbaix+da114623+stiy10721+usbin	Trust: 0.8
url:	http://techsupport.services.ibm.com/support/rs6000.support/fixsearch?fixdb=aix4&srchtype=apar&query=iy10721	Trust: 0.8
url:	http://techsupport.services.ibm.com/rs6000/aix.uhuic_getrec?args=dvhuron.boulder.ibm.com+dbaix+da123587+stiy08812+usbin	Trust: 0.8
url:	http://techsupport.services.ibm.com/support/rs6000.support/fixsearch?fixdb=aix4&srchtype=apar&query=iy08812	Trust: 0.8
url:	http://www.rs6000.ibm.com/doc_link/en_us/a_doc_lib/cmds/aixcmds5/setsenv.htm#wpg2f0frit	Trust: 0.8
url:	http://xforce.iss.net/static/5760.php	Trust: 0.7
url:	http://xforce.iss.net/static/5742.php	Trust: 0.1
url:	http://xforce.iss.net/static/5775.php	Trust: 0.1
url:	http://xforce.iss.net/static/5795.php	Trust: 0.1
url:	http://xforce.iss.net/static/5701.php	Trust: 0.1
url:	http://xforce.iss.net/static/5813.php	Trust: 0.1
url:	http://xforce.iss.net/static/5639.php	Trust: 0.1
url:	http://xforce.iss.net/static/5762.php	Trust: 0.1
url:	http://xforce.iss.net/static/5830.php	Trust: 0.1
url:	http://xforce.iss.net/static/5754.php	Trust: 0.1
url:	http://xforce.iss.net).	Trust: 0.1
url:	http://xforce.iss.net/static/5778.php	Trust: 0.1
url:	http://xforce.iss.net/static/5624.php	Trust: 0.1
url:	http://xforce.iss.net/static/5739.php	Trust: 0.1
url:	http://xforce.iss.net/static/5802.php	Trust: 0.1
url:	http://xforce.iss.net/static/5650.php	Trust: 0.1
url:	http://xforce.iss.net/static/5651.php	Trust: 0.1
url:	http://xforce.iss.net/static/5793.php	Trust: 0.1
url:	http://xforce.iss.net/static/5788.php	Trust: 0.1
url:	http://xforce.iss.net/static/5717.php	Trust: 0.1
url:	http://xforce.iss.net/static/5800.php	Trust: 0.1
url:	http://xforce.iss.net/static/5773.php	Trust: 0.1
url:	http://xforce.iss.net/static/5822.php	Trust: 0.1
url:	http://xforce.iss.net/static/5728.php	Trust: 0.1
url:	http://xforce.iss.net/static/5789.php	Trust: 0.1
url:	http://xforce.iss.net/static/5815.php	Trust: 0.1
url:	http://xforce.iss.net/static/5625.php	Trust: 0.1
url:	http://xforce.iss.net/static/5662.php	Trust: 0.1
url:	http://xforce.iss.net/static/5663.php	Trust: 0.1
url:	http://xforce.iss.net/static/5721.php	Trust: 0.1
url:	http://xforce.iss.net/static/5626.php	Trust: 0.1
url:	http://xforce.iss.net/static/5805.php	Trust: 0.1
url:	http://xforce.iss.net/static/5799.php	Trust: 0.1
url:	http://xforce.iss.net/static/5827.php	Trust: 0.1
url:	http://xforce.iss.net/static/5777.php	Trust: 0.1
url:	http://xforce.iss.net/static/5649.php	Trust: 0.1
url:	http://xforce.iss.net/static/5819.php	Trust: 0.1
url:	http://xforce.iss.net/static/5786.php	Trust: 0.1
url:	http://xforce.iss.net/static/5744.php	Trust: 0.1
url:	http://xforce.iss.net/static/5808.php	Trust: 0.1
url:	http://xforce.iss.net/static/5797.php	Trust: 0.1
url:	http://xforce.iss.net/static/5738.php	Trust: 0.1
url:	http://xforce.iss.net/static/5664.php	Trust: 0.1
url:	http://xforce.iss.net/static/5628.php	Trust: 0.1
url:	http://xforce.iss.net/static/5809.php	Trust: 0.1
url:	http://xforce.iss.net/static/5622.php	Trust: 0.1
url:	http://xforce.iss.net/static/5732.php	Trust: 0.1
url:	http://xforce.iss.net/static/5740.php	Trust: 0.1
url:	http://xforce.iss.net/static/5670.php	Trust: 0.1
url:	http://xforce.iss.net/static/5776.php	Trust: 0.1
url:	http://xforce.iss.net/static/5784.php	Trust: 0.1
url:	http://xforce.iss.net/static/5803.php	Trust: 0.1
url:	http://xforce.iss.net/static/5659.php	Trust: 0.1
url:	http://xforce.iss.net/static/5671.php	Trust: 0.1
url:	http://xforce.iss.net/static/5734.php	Trust: 0.1
url:	http://xforce.iss.net/static/5611.php	Trust: 0.1
url:	http://xforce.iss.net/static/5785.php	Trust: 0.1
url:	http://xforce.iss.net/static/5616.php	Trust: 0.1
url:	http://xforce.iss.net/static/5672.php	Trust: 0.1
url:	http://xforce.iss.net/static/5743.php	Trust: 0.1
url:	http://xforce.iss.net/static/5674.php	Trust: 0.1
url:	http://xforce.iss.net/static/5614.php	Trust: 0.1
url:	http://xforce.iss.net/static/5763.php	Trust: 0.1
url:	http://xforce.iss.net/alerts/vol-06_num-02.php.	Trust: 0.1
url:	http://xforce.iss.net/static/5627.php	Trust: 0.1
url:	http://xforce.iss.net/static/5617.php	Trust: 0.1
url:	http://xforce.iss.net/static/5727.php	Trust: 0.1
url:	http://xforce.iss.net/static/5824.php	Trust: 0.1
url:	http://xforce.iss.net/static/5818.php	Trust: 0.1
url:	http://xforce.iss.net/static/5660.php	Trust: 0.1
url:	http://xforce.iss.net/static/5796.php	Trust: 0.1
url:	http://xforce.iss.net/static/5615.php	Trust: 0.1
url:	http://xforce.iss.net/static/5725.php	Trust: 0.1
url:	http://xforce.iss.net/static/5833.php	Trust: 0.1
url:	http://xforce.iss.net/static/5787.php	Trust: 0.1
url:	http://xforce.iss.net/static/5761.php	Trust: 0.1
url:	http://xforce.iss.net/static/5811.php	Trust: 0.1
url:	http://xforce.iss.net/static/5729.php	Trust: 0.1
url:	http://xforce.iss.net/static/5629.php	Trust: 0.1
url:	http://xforce.iss.net/static/5723.php	Trust: 0.1
url:	http://xforce.iss.net/static/5829.php	Trust: 0.1
url:	http://xforce.iss.net/static/5749.php	Trust: 0.1
url:	http://xforce.iss.net/static/5801.php	Trust: 0.1
url:	http://xforce.iss.net/static/5755.php	Trust: 0.1
url:	http://xforce.iss.net/static/5821.php	Trust: 0.1
url:	http://xforce.iss.net/static/5656.php	Trust: 0.1
url:	http://xforce.iss.net/static/5834.php	Trust: 0.1
url:	http://xforce.iss.net/static/5736.php	Trust: 0.1
url:	http://xforce.iss.net/static/5623.php	Trust: 0.1
url:	http://xforce.iss.net/static/5735.php	Trust: 0.1
url:	http://xforce.iss.net/static/5673.php	Trust: 0.1
url:	http://xforce.iss.net/static/5825.php	Trust: 0.1
url:	http://xforce.iss.net/static/5753.php	Trust: 0.1
url:	http://xforce.iss.net/static/5798.php	Trust: 0.1
url:	http://xforce.iss.net/static/5667.php	Trust: 0.1
url:	http://xforce.iss.net/maillists/index.php	Trust: 0.1
url:	http://xforce.iss.net/static/5654.php	Trust: 0.1
url:	http://xforce.iss.net/static/5817.php	Trust: 0.1
url:	http://xforce.iss.net/alerts/advisennn.php.	Trust: 0.1
url:	http://xforce.iss.net/static/5823.php	Trust: 0.1
url:	http://xforce.iss.net/static/5826.php	Trust: 0.1
url:	http://xforce.iss.net/sensitive.php	Trust: 0.1
url:	http://xforce.iss.net/static/5554.php	Trust: 0.1
url:	http://xforce.iss.net/static/5831.php	Trust: 0.1
url:	http://xforce.iss.net/static/5665.php	Trust: 0.1
url:	http://xforce.iss.net/static/5741.php	Trust: 0.1
url:	http://xforce.iss.net/static/5733.php	Trust: 0.1
url:	http://xforce.iss.net/static/5782.php	Trust: 0.1
url:	http://xforce.iss.net/static/5807.php	Trust: 0.1
url:	http://xforce.iss.net/static/5758.php	Trust: 0.1
url:	http://xforce.iss.net/static/5661.php	Trust: 0.1
url:	http://xforce.iss.net/static/5737.php	Trust: 0.1
url:	http://xforce.iss.net/static/5746.php	Trust: 0.1

CREDITS

First published in a Cisco security advisory regarding the issue on Nov 13, 2000.

Trust: 0.6

sources: CNNVD: CNNVD-200102-072

SOURCES

db:	CERT/CC	id:	VU#610904
db:	CERT/CC	id:	VU#739201
db:	CERT/CC	id:	VU#808633
db:	CERT/CC	id:	VU#872257
db:	CERT/CC	id:	VU#886953
db:	VULHUB	id:	VHN-2902
db:	PACKETSTORM	id:	24096
db:	CNNVD	id:	CNNVD-200102-072
db:	NVD	id:	CVE-2001-0080

LAST UPDATE DATE

2024-04-20T22:51:10.476000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#610904	date:	2001-07-09T00:00:00
db:	CERT/CC	id:	VU#739201	date:	2001-09-28T00:00:00
db:	CERT/CC	id:	VU#808633	date:	2001-09-28T00:00:00
db:	CERT/CC	id:	VU#872257	date:	2001-09-28T00:00:00
db:	CERT/CC	id:	VU#886953	date:	2001-09-28T00:00:00
db:	VULHUB	id:	VHN-2902	date:	2017-10-10T00:00:00
db:	CNNVD	id:	CNNVD-200102-072	date:	2005-05-02T00:00:00
db:	NVD	id:	CVE-2001-0080	date:	2017-10-10T01:29:34.607

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#610904	date:	2001-07-09T00:00:00
db:	CERT/CC	id:	VU#739201	date:	2001-09-28T00:00:00
db:	CERT/CC	id:	VU#808633	date:	2001-09-28T00:00:00
db:	CERT/CC	id:	VU#872257	date:	2001-09-28T00:00:00
db:	CERT/CC	id:	VU#886953	date:	2001-09-28T00:00:00
db:	VULHUB	id:	VHN-2902	date:	2001-02-12T00:00:00
db:	PACKETSTORM	id:	24096	date:	2001-01-22T23:24:05
db:	CNNVD	id:	CNNVD-200102-072	date:	2001-02-12T00:00:00
db:	NVD	id:	CVE-2001-0080	date:	2001-02-12T05:00:00