VARIoT IoT vulnerabilities database
| VAR-200106-0117 | CVE-2001-0335 | Microsoft IIS FTP service searches all trusted domains for user accounts |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
FTP service in IIS 5.0 and earlier allows remote attackers to enumerate Guest accounts in trusted domains by preceding the username with a special sequence of characters.
A user attempting to authenticate using a valid login name appended with specially chosen characters, will not be required to specify the domain which the account belongs. Once the account is located, the user will have to complete the authentication process. At this point brute force attacks can be used in an attempt to gain access to the domain
| VAR-200107-0127 | CVE-2001-0347 | Microsoft IIS FTP service searches all trusted domains for user accounts |
CVSS V2: 7.5 CVSS V3: - Severity: HIGH |
Information disclosure vulnerability in Microsoft Windows 2000 telnet service allows remote attackers to determine the existence of user accounts such as Guest, or log in to the server without specifying the domain name, via a malformed userid. Microsoft Windows Is Telnet If you use a legitimate user account with a special character string added and there is a flaw in the implementation of the domain authentication operation, you will not be asked for domain authentication when logging in to the domain to which the account belongs. Telnet The service is vulnerable to enumerating server domains and all domains trusted by user accounts instead of authentication.There is a possibility of unauthorized login to the system. Once the account is located, the user will have to complete the authentication process. At this point brute force attacks can be used in an attempt to gain access to the domain
| VAR-200109-0061 | CVE-2001-0650 | Cisco IOS vulnerable to DoS via unrecognized transitive attribute in BGP UPDATE |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Cisco devices IOS 12.0 and earlier allow a remote attacker to cause a crash, or bad route updates, via malformed BGP updates with unrecognized transitive attribute. There is a denial-of-service vulnerability in several specific but common configurations of Cisco IOS. IOS is the firmware designed for Cisco routers. IOS is a router specific firmware designed to allow networkers the ability to configure and control Cisco routers.
A problem in IOS can allow remote users to crash Cisco routers.
This problem makes it possible for a remote user to crash Cisco routers using BGP, and deny service to legitimate users
| VAR-200105-0041 | CVE-2001-1333 | Linux CUPS Unable to handle temporary file vulnerabilities safely |
CVSS V2: 1.2 CVSS V3: - Severity: LOW |
Linux CUPS before 1.1.6 does not securely handle temporary files, possibly due to a symlink vulnerability that could allow local users to overwrite files. CUPS is prone to a local security vulnerability.
A local attacker may exploit this issue to perform unauthorized actions. Common Unix Printing System (CUPS) is a common Unix printing system and a cross-platform printing solution in the Unix environment. It is based on the Internet Printing Protocol and provides most PostScript and raster printer services. This vulnerability is different from CVE-2001-1333
| VAR-200109-0119 | CVE-2001-0508 | Microsoft IIS WebDAV 'Propfind' Server Restart Vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Vulnerability in IIS 5.0 allows remote attackers to cause a denial of service (restart) via a long, invalid WebDAV request. Intruders can disrupt the normal operation of an IIS 5.0 server using a malicious Web Distributed Authoring and Versioning (WebDAV) request. WebDAV contains a flaw in the handling of certain malformed requests. This vulnerability has been known to affect the server performance and could lead to a denial of service condition, however this has not been verified
| VAR-200110-0021 | CVE-2001-0741 | Hot Standby Router Protocol (HSRP) uses weak authentication |
CVSS V2: 2.1 CVSS V3: - Severity: LOW |
Cisco Hot Standby Routing Protocol (HSRP) allows local attackers to cause a denial of service by spoofing HSRP packets. A denial-of-service vulnerability exists in the Hot Standby Router Protocol (HSRP) . It is designed to offer traffic rerouting services to networks when one router within a pool ceases to operate, and users of the network segment aren't using ICMP Router Discovery Protocol to find the new router handling traffic for their segment. By eavesdropping on HSRP management messages sent over the network, it is possible to create a spoofed message that will reroute all network traffic to a particular system. By doing so, it is possible to prevent traffic from entering or leaving that network.
This problem makes it possible for system local to the network to deny service to legitmate users of that network segment
| VAR-200105-0024 | CVE-2001-0228 | GoAhead web server Directory traversal vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Directory traversal vulnerability in GoAhead web server 2.1 and earlier allows remote attackers to read arbitrary files via a .. attack in an HTTP GET request. GoAhead WebServer is prone to a directory traversal vulnerability
| VAR-200105-0097 | CVE-2001-0292 | PHP-Nuke Leak password vulnerability |
CVSS V2: 7.5 CVSS V3: - Severity: HIGH |
PHP-Nuke 4.4.1a allows remote attackers to modify a user's email address and obtain the password by guessing the user id (UID) and calling user.php with the saveuser operator. PHP-Nuke is prone to a remote security vulnerability. PHP-Nuke 4.4.1a is vulnerable
| VAR-200105-0066 | CVE-2001-0320 | PHP-Nuke Permission vulnerability |
CVSS V2: 10.0 CVSS V3: - Severity: HIGH |
bb_smilies.php and bbcode_ref.php in PHP-Nuke 4.4 allows remote attackers to read arbitrary files and gain PHP administrator privileges by inserting a null character and .. (dot dot) sequences into a malformed username argument. PHP-Nuke is prone to a remote security vulnerability. Vulnerabilities exist in bb_smilies.php and bbcode_ref.php in PHP-Nuke version 4.4
| VAR-200412-1218 | CVE-2004-1775 | Cisco IOS/CatOS exposes read-write SNMP community string via traversal of View-based Access Control MIB (VACM) using read-only community string |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Cisco VACM (View-based Access Control MIB) for Catalyst Operating Software (CatOS) 5.5 and 6.1 and IOS 12.0 and 12.1 allows remote attackers to read and modify device configuration via the read-write community string. There is a vulnerability that permits unauthorized access to several switch and router products manufactured by Cisco Systems. An attacker who gains access to an affected device can read and modify its configuration, creating a denial-of-service condition, an information leak, or both. Cisco IOS and CatOS are the network firmware developed and maintained by Cisco.
The problem involves the design of the View Access Control MIB (VACM) used by Cisco firmware. Under some circumstances, it may be possible for a remote user to gain access to the Read-Write password. This could allow an attacker to change configuration settings on the device
| VAR-200104-0018 | No CVE | Microsoft ISA Server Proxy Service Denial of Service Vulnerability |
CVSS V2: - CVSS V3: - Severity: - |
When the length of a certain type of Web request exceeds a certain value, the Web Proxy Service (W3PROXY.EXE) of Microsoft ISA Server cannot properly handle it, a heap overflow occurs, and the service will generate an illegal access and crash. This will block all incoming and outgoing web proxy requests until the service is restarted. This vulnerability can only be exploited from the Internet when the "Web Publishing" feature is turned on, and this feature is disabled by default. An attacker would also be unable to exploit this vulnerability to access protected resources through a firewall. Other services in ISA Server are not affected. & lt; * Source: Richard Reiner, Graham Wiseman, Matthew Siemens, Kent Nicolson & lt; a href = 'http: //www.securexpert.com'> http: //www.securexpert.com< / a> MS01-021: & lt; a href = 'http: //www.microsoft.com/technet/security/bulletin/MS01-021.asp'> http://www.microsoft.com/technet/security/bulletin/MS01-021.asp< ; / a> *>
| VAR-200107-0161 | CVE-2001-0429 | Cisco Catalyst Switch Vulnerability |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Cisco Catalyst 5000 series switches 6.1(2) and earlier will forward an 802.1x frame on a Spanning Tree Protocol (STP) blocked port, which causes a network storm and a denial of service. The Lotus Domino Web Server contains a flaw that could be exploited to cause a denial of service. Due to a problem parsing carriage return/line feeds in RFC822 format mail messages, The Bat! mail client may permaturely detect the end of a mail message, causing an error to occur. This error may prevent the mail user from retrieving other mail messages until the message with the error is removed. "The Bat!" is an MUA for Windows by Rit Research Labs.
"The Bat!" is vulnerable to a remote denial of service attack. Email messages in which carriage return (CR) characters are not followed by a linefeed (LF) can cause "The Bat!" to incorrectly interpret the message's structure. This can lead "The Bat!" to read text in the message body as a response from the POP3 server. The current (corrupt) message will not be deleted from the server, and the mail download process will stop.
As a result, the user will remain unable to receive new email messages from the affected POP3 account. This leads to network instability and denial of service
| VAR-200106-0168 | CVE-2001-0412 | Lotus Domino vulnerable to DoS via large crafted URL request |
CVSS V2: 7.2 CVSS V3: - Severity: HIGH |
Cisco Content Services (CSS) switch products 11800 and earlier, aka Arrowpoint, allows local users to gain privileges by entering debug mode. The Lotus Domino Web Server contains a flaw that could be exploited to cause a denial of service. Due to a problem parsing carriage return/line feeds in RFC822 format mail messages, The Bat! mail client may permaturely detect the end of a mail message, causing an error to occur. This error may prevent the mail user from retrieving other mail messages until the message with the error is removed. "The Bat!" is an MUA for Windows by Rit Research Labs.
"The Bat!" is vulnerable to a remote denial of service attack. Email messages in which carriage return (CR) characters are not followed by a linefeed (LF) can cause "The Bat!" to incorrectly interpret the message's structure. This can lead "The Bat!" to read text in the message body as a response from the POP3 server. The current (corrupt) message will not be deleted from the server, and the mail download process will stop.
As a result, the user will remain unable to receive new email messages from the affected POP3 account
| VAR-200107-0175 | CVE-2001-0385 | Lotus Domino vulnerable to DoS via many large connects sent to 63148/TCP |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
GoAhead webserver 2.1 allows remote attackers to cause a denial of service via an HTTP request to the /aux directory. The Lotus Domino Web Server contains a flaw that could be exploited to cause a denial of service. Due to a problem parsing carriage return/line feeds in RFC822 format mail messages, The Bat! mail client may permaturely detect the end of a mail message, causing an error to occur. This error may prevent the mail user from retrieving other mail messages until the message with the error is removed. The GoAhead Web Server is a freely available, open source software package developed by GoAhead. The GoAhead Web Server offers a multi-platform web server and source code to the community. The process has to be manually restarted to resume normal operation. "The Bat!" is an MUA for Windows by Rit Research Labs.
"The Bat!" is vulnerable to a remote denial of service attack. Email messages in which carriage return (CR) characters are not followed by a linefeed (LF) can cause "The Bat!" to incorrectly interpret the message's structure. This can lead "The Bat!" to read text in the message body as a response from the POP3 server. The current (corrupt) message will not be deleted from the server, and the mail download process will stop.
As a result, the user will remain unable to receive new email messages from the affected POP3 account. GoAhead webserver version 2.1 has a vulnerability
| VAR-200107-0174 | CVE-2001-0384 | Siemens Reliant Unix ppd -T Competitive condition loophole |
CVSS V2: 2.1 CVSS V3: - Severity: LOW |
ppd in Reliant Sinix allows local users to corrupt arbitrary files via a symlink attack in the /tmp/ppd.trace file. Reliant Unix is a variant of the UNIX Operating System distributed by Fujitsu-Siemens. Reliant Unix is a scalable UNIX Operating system designed for use on Siemens servers.
A problem in the operating system could make it possible for a user to deny service to legitimate users. Due to the improper checking of file creation rights by the ppd software package included with the operating system, it is possible for a user to create a symbolic link in /tmp with the name ppd.trace, and overwrite any file on the system.
This vulnerability makes it possible for a local user to overwrite sensitive system files, potentially denying service to legitimate users, and possibly gaining elevated privileges. There is a vulnerability in Reliant Sinix's ppd
| VAR-200107-0019 | CVE-2001-1097 | Lotus Domino vulnerable to DoS via crafted unicode GET request |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Cisco routers and switches running IOS 12.0 through 12.2.1 allows a remote attacker to cause a denial of service via a flood of UDP packets. The Lotus Domino Web Server contains a flaw that could be exploited to cause a denial of service. Due to a problem parsing carriage return/line feeds in RFC822 format mail messages, The Bat! mail client may permaturely detect the end of a mail message, causing an error to occur. This error may prevent the mail user from retrieving other mail messages until the message with the error is removed. Lotus Domino R5 prior to version 5.0.7 are subject to a DoS. A remotely submitted GET request composed of an arbitrary string of unicode characters, will cause the server to stop responding and possibly other applications depending on it. Rebooting the server is required in order to gain normal functionality. A potential denial of service condition may exist in Cisco's IOS firmware.
The problem reportedly occurs when a large number of UDP packets are sent to device running IOS. This causes the system to use all available CPU resources and thus become unresponsive. The device may have to be reset manually if the attack is successful
| VAR-200107-0160 | CVE-2001-0428 | Lotus Domino vulnerable to DoS via crafted unicode GET request |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote attackers to cause a denial of service via an IP packet with an invalid IP option. The Lotus Domino Web Server contains a flaw that could be exploited to cause a denial of service. Due to a problem parsing carriage return/line feeds in RFC822 format mail messages, The Bat! mail client may permaturely detect the end of a mail message, causing an error to occur. This error may prevent the mail user from retrieving other mail messages until the message with the error is removed. Lotus Domino R5 prior to version 5.0.7 are subject to a DoS. A remotely submitted GET request composed of an arbitrary string of unicode characters, will cause the server to stop responding and possibly other applications depending on it. Rebooting the server is required in order to gain normal functionality. Cisco VPN 3000 Series Concentrator versions prior to 2.5.2(F) have a vulnerability. -----BEGIN PGP SIGNED MESSAGE-----
Internet Security Systems Security Alert Summary
May 10, 2001
Volume 6 Number 6
X-Force Vulnerability and Threat Database: http://xforce.iss.net/ To
receive these Alert Summaries as well as other Alerts and Advisories,
subscribe to the Internet Security Systems Alert mailing list at:
http://xforce.iss.net/maillists/index.php
This summary can be found at:
http://xforce.iss.net/alerts/vol-6_num-6.php
_____
Contents:
* 120 Reported Vulnerabilities
* Risk Factor Key
_____
Date Reported: 04/02/2001
Brief Description: The Bat! masked file type in email attachment
could allow execution of code
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms Affected: The Bat! 1.49 and earlier
Vulnerability: thebat-masked-file-type
X-Force URL: http://xforce.iss.net/static/6324.php
Date Reported: 04/02/2001
Brief Description: PHP-Nuke could allow attackers to redirect ad
banner URL links
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: PHP-Nuke 4.4 and earlier
Vulnerability: php-nuke-url-redirect
X-Force URL: http://xforce.iss.net/static/6342.php
Date Reported: 04/03/2001
Brief Description: Orinoco RG-1000 Residential Gateway default SSID
reveals WEP encryption key
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms Affected: Orinoco Residential Gateway RG-1000
Vulnerability: orinoco-rg1000-wep-key
X-Force URL: http://xforce.iss.net/static/6328.php
Date Reported: 04/03/2001
Brief Description: Navision Financials server denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Navision Financials 2.5 and 2.6
Vulnerability: navision-server-dos
X-Force URL: http://xforce.iss.net/static/6318.php
Date Reported: 04/03/2001
Brief Description: uStorekeeper online shopping system allows
remote file retrieval
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: uStorekeeper 1.61
Vulnerability: ustorekeeper-retrieve-files
X-Force URL: http://xforce.iss.net/static/6319.php
Date Reported: 04/03/2001
Brief Description: Resin server allows remote attackers to view
Javabean files
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Resin 1.2.x, Resin 1.3b1
Vulnerability: resin-view-javabean
X-Force URL: http://xforce.iss.net/static/6320.php
Date Reported: 04/03/2001
Brief Description: BPFTP could allow attackers to obtain login
credentials
Risk Factor: High
Attack Type: Network Based
Platforms Affected: BPFTP 2.0
Vulnerability: bpftp-obtain-credentials
X-Force URL: http://xforce.iss.net/static/6330.php
Date Reported: 04/04/2001
Brief Description: Ntpd server readvar control message buffer
overflow
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms Affected: SCO Openserver 5.0.0 to 5.0.6, AIX 5.1,
Slackware Linux 7.1, Engarde Secure Linux 1.0.1,
Progeny Linux, SuSE Linux 7.1, ntpd 4.0.99k and
earlier, FreeBSD 4.2-Stable, Mandrake Linux
Corporate Server 1.0.1, Mandrake Linux 7.2,
Trustix Secure Linux, Immunix Linux 7.0,
NetBSD 1.5, SuSE Linux 7.0, Caldera OpenLinux
eServer 2.3.1
Vulnerability: ntpd-remote-bo
X-Force URL: http://xforce.iss.net/static/6321.php
Date Reported: 04/04/2001
Brief Description: Cisco CSS debug mode allows users to gain
administrative access
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms Affected: Cisco Content Services Switch 11050, Cisco
Content Services Switch 11150, Cisco Content
Services Switch 11800
Vulnerability: cisco-css-elevate-privileges
X-Force URL: http://xforce.iss.net/static/6322.php
Date Reported: 04/04/2001
Brief Description: BEA Tuxedo may allow access to remote services
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: BEA Tuxedo 7.1
Vulnerability: bea-tuxedo-remote-access
X-Force URL: http://xforce.iss.net/static/6326.php
Date Reported: 04/05/2001
Brief Description: Ultimate Bulletin Board could allow attackers to
bypass authentication
Risk Factor: High
Attack Type: Network Based
Platforms Affected: Ultimate Bulletin Board 5.43, Ultimate Bulletin
Board 5.4.7e
Vulnerability: ultimatebb-bypass-authentication
X-Force URL: http://xforce.iss.net/static/6339.php
Date Reported: 04/05/2001
Brief Description: BinTec X4000 NMAP denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: BinTec X4000 5.1.6P10 and prior, BinTec X1000,
BinTec X1200
Vulnerability: bintec-x4000-nmap-dos
X-Force URL: http://xforce.iss.net/static/6323.php
Date Reported: 04/05/2001
Brief Description: WatchGuard Firebox II kernel denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: WatchGuard Firebox II prior to 4.6
Vulnerability: firebox-kernel-dos
X-Force URL: http://xforce.iss.net/static/6327.php
Date Reported: 04/06/2001
Brief Description: Cisco PIX denial of service due to multiple
TACACS+ requests
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Cisco PIX Firewall 5.1.4
Vulnerability: cisco-pix-tacacs-dos
X-Force URL: http://xforce.iss.net/static/6353.php
Date Reported: 04/06/2001
Brief Description: Darren Reed's IP Filter allows attackers to
access UDP and TCP ports
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: IP Filter 3.4.16
Vulnerability: ipfilter-access-ports
X-Force URL: http://xforce.iss.net/static/6331.php
Date Reported: 04/06/2001
Brief Description: Veritas NetBackup nc (netcat) command denial of
service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: NetBackup 3.2
Vulnerability: veritas-netbackup-nc-dos
X-Force URL: http://xforce.iss.net/static/6329.php
Date Reported: 04/08/2001
Brief Description: PGP may allow malicious users to access
authenticated split keys
Risk Factor: Medium
Attack Type: Host Based
Platforms Affected: PGP 7.0
Vulnerability: nai-pgp-split-keys
X-Force URL: http://xforce.iss.net/static/6341.php
Date Reported: 04/09/2001
Brief Description: Solaris kcms_configure command line buffer
overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: Solaris 7, Solaris 8
Vulnerability: solaris-kcms-command-bo
X-Force URL: http://xforce.iss.net/static/6359.php
Date Reported: 04/09/2001
Brief Description: TalkBack CGI script could allow remote attackers
to read files on the Web server
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: TalkBack prior to 1.2
Vulnerability: talkback-cgi-read-files
X-Force URL: http://xforce.iss.net/static/6340.php
Date Reported: 04/09/2001
Brief Description: Multiple FTP glob(3) implementation
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: FreeBSD 4.2, Solaris 8, IRIX 6.5.x, OpenBSD 2.8,
HP-UX 11.00, NetBSD
Vulnerability: ftp-glob-implementation
X-Force URL: http://xforce.iss.net/static/6333.php
Date Reported: 04/09/2001
Brief Description: Pine mail client temp file symbolic link
Risk Factor: Medium
Attack Type: Host Based
Platforms Affected: Pine prior to 4.33, Red Hat Linux 5.2, Red Hat
Linux 6.2, Red Hat Linux 7.0
Vulnerability: pine-tmp-file-symlink
X-Force URL: http://xforce.iss.net/static/6367.php
Date Reported: 04/09/2001
Brief Description: Multiple FTP glob(3) expansion
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: HP-UX 11.00, NetBSD, Solaris 8, IRIX 6.5.x,
OpenBSD 2.8, FreeBSD 4.2, MIT Kerberos 5
Vulnerability: ftp-glob-expansion
X-Force URL: http://xforce.iss.net/static/6332.php
Date Reported: 04/09/2001
Brief Description: Netscape embedded JavaScript in GIF file
comments can be used to access remote data
Risk Factor: Medium
Attack Type: Host Based / Network Based
Platforms Affected: Netscape Communicator 4.76, Red Hat Linux 6.2,
Debian Linux 2.2, Conectiva Linux, Red Hat Linux
7.0, Immunix Linux 6.2, Immunix Linux 7.0 Beta,
Red Hat Linux 7.1
Vulnerability: netscape-javascript-access-data
X-Force URL: http://xforce.iss.net/static/6344.php
Date Reported: 04/09/2001
Brief Description: STRIP generates weak passwords
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: STRIP 0.5 and earlier
Vulnerability: strip-weak-passwords
X-Force URL: http://xforce.iss.net/static/6362.php
Date Reported: 04/10/2001
Brief Description: Solaris Xsun HOME environment variable buffer
overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: Solaris 7
Vulnerability: solaris-xsun-home-bo
X-Force URL: http://xforce.iss.net/static/6343.php
Date Reported: 04/10/2001
Brief Description: Compaq Presario Active X denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: Compaq Presario, Windows 98, Windows ME
Vulnerability: compaq-activex-dos
X-Force URL: http://xforce.iss.net/static/6355.php
Date Reported: 04/10/2001
Brief Description: Alcatel ADSL modems 'EXPERT' account
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms Affected: Alcatel ADSL Network Termination Device 1000,
Alcatel Speed Touch ADSL modem Home
Vulnerability: alcatel-expert-account
X-Force URL: http://xforce.iss.net/static/6354.php
Date Reported: 04/10/2001
Brief Description: Alcatel ADSL modems allow attacker on LAN to
gain access using TFTP
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms Affected: Alcatel ADSL Network Termination Device 1000,
Alcatel Speed Touch ADSL modem Home
Vulnerability: alcatel-tftp-lan-access
X-Force URL: http://xforce.iss.net/static/6336.php
Date Reported: 04/10/2001
Brief Description: Alcatel ADSL modems allow attacker on WAN to
gain access using TFTP
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: Alcatel ADSL Network Termination Device 1000,
Alcatel Speed Touch ADSL modem Home
Vulnerability: alcatel-tftp-wan-access
X-Force URL: http://xforce.iss.net/static/6337.php
Date Reported: 04/10/2001
Brief Description: Oracle Application Server shared library
(ndwfn4.so) buffer overflow
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: iPlanet Web Server 4.x, Oracle Application
Server 4.0.8.2
Vulnerability: oracle-appserver-ndwfn4-bo
X-Force URL: http://xforce.iss.net/static/6334.php
Date Reported: 04/10/2001
Brief Description: Alcatel ADSL modems use blank password by
default
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms Affected: Alcatel ADSL Network Termination Device 1000,
Alcatel Speed Touch ADSL modem Home
Vulnerability: alcatel-blank-password
X-Force URL: http://xforce.iss.net/static/6335.php
Date Reported: 04/11/2001
Brief Description: Solaris dtsession buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: Solaris 7
Vulnerability: solaris-dtsession-bo
X-Force URL: http://xforce.iss.net/static/6366.php
Date Reported: 04/11/2001
Brief Description: Solaris kcsSUNWIOsolf.so buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: Solaris 7, Solaris 8
Vulnerability: solaris-kcssunwiosolf-bo
X-Force URL: http://xforce.iss.net/static/6365.php
Date Reported: 04/11/2001
Brief Description: Lightwave ConsoleServer brute force password
attack
Risk Factor: High
Attack Type: Network Based
Platforms Affected: Lightwave ConsoleServer 3200
Vulnerability: lightwave-consoleserver-brute-force
X-Force URL: http://xforce.iss.net/static/6345.php
Date Reported: 04/11/2001
Brief Description: nph-maillist allows user to execute code
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: Email List Generator 3.5 and earlier
Vulnerability: nph-maillist-execute-code
X-Force URL: http://xforce.iss.net/static/6363.php
Date Reported: 04/11/2001
Brief Description: Symantec Ghost Configuration Server denial of
service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Ghost 6.5
Vulnerability: ghost-configuration-server-dos
X-Force URL: http://xforce.iss.net/static/6357.php
Date Reported: 04/11/2001
Brief Description: Lotus Domino Web Server DOS device denial of
service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Lotus Domino R5 prior to 5.0.7
Vulnerability: lotus-domino-device-dos
X-Force URL: http://xforce.iss.net/static/6348.php
Date Reported: 04/11/2001
Brief Description: Lotus Domino Web Server HTTP header denial of
service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Lotus Domino R5 prior to 5.0.7
Vulnerability: lotus-domino-header-dos
X-Force URL: http://xforce.iss.net/static/6347.php
Date Reported: 04/11/2001
Brief Description: Lotus Domino Web Server URL parsing denial of
service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Lotus Domino R5 prior to 5.0.7
Vulnerability: lotus-domino-url-dos
X-Force URL: http://xforce.iss.net/static/6351.php
Date Reported: 04/11/2001
Brief Description: Lotus Domino Web Server CORBA denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Lotus Domino R5 prior to 5.0.7
Vulnerability: lotus-domino-corba-dos
X-Force URL: http://xforce.iss.net/static/6350.php
Date Reported: 04/11/2001
Brief Description: Symantec Ghost database engine denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Ghost 6.5, Sybase Adaptive Server Database
Engine 6.0.3.2747
Vulnerability: ghost-database-engine-dos
X-Force URL: http://xforce.iss.net/static/6356.php
Date Reported: 04/11/2001
Brief Description: cfingerd daemon remote format string
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: Debian Linux 2.1, Debian Linux 2.2, cfingerd
1.4.3 and earlier
Vulnerability: cfingerd-remote-format-string
X-Force URL: http://xforce.iss.net/static/6364.php
Date Reported: 04/11/2001
Brief Description: Lotus Domino Web Server Unicode denial of
service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Lotus Domino R5 prior to 5.0.7
Vulnerability: lotus-domino-unicode-dos
X-Force URL: http://xforce.iss.net/static/6349.php
Date Reported: 04/11/2001
Brief Description: Linux mkpasswd generates weak passwords
Risk Factor: High
Attack Type: Host Based
Platforms Affected: Red Hat Linux 6.2, Red Hat Linux 7.0, mkpasswd
Vulnerability: mkpasswd-weak-passwords
X-Force URL: http://xforce.iss.net/static/6382.php
Date Reported: 04/12/2001
Brief Description: Solaris ipcs utility buffer overflow
Risk Factor: Medium
Attack Type: Host Based / Network Based
Platforms Affected: Solaris 7
Vulnerability: solaris-ipcs-bo
X-Force URL: http://xforce.iss.net/static/6369.php
Date Reported: 04/12/2001
Brief Description: InterScan VirusWall ISADMIN service buffer
overflow
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: Linux kernel , InterScan VirusWall 3.0.1
Vulnerability: interscan-viruswall-isadmin-bo
X-Force URL: http://xforce.iss.net/static/6368.php
Date Reported: 04/12/2001
Brief Description: HylaFAX hfaxd format string
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms Affected: HylaFAX 4.1B3 and prior, SuSE Linux 6.x, SuSE
Linux 7.0, Mandrake Linux 7.1, FreeBSD 3.5.1,
Mandrake Linux 7.2, Mandrake Linux Corporate
Server 1.0.1, FreeBSD 4.2, SuSE Linux 7.1
Vulnerability: hylafax-hfaxd-format-string
X-Force URL: http://xforce.iss.net/static/6377.php
Date Reported: 04/12/2001
Brief Description: Cisco VPN 3000 Concentrators invalid IP Option
denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Cisco VPN 3000 Concentrators prior to 2.5.2 F
Vulnerability: cisco-vpn-ip-dos
X-Force URL: http://xforce.iss.net/static/6360.php
Date Reported: 04/13/2001
Brief Description: Net.Commerce package in IBM WebSphere reveals
installation path
Risk Factor: High
Attack Type: Network Based
Platforms Affected: IBM Websphere, Solaris 2.6, AIX 4.3.x, Solaris
7, Windows NT 4.0
Vulnerability: ibm-websphere-reveals-path
X-Force URL: http://xforce.iss.net/static/6371.php
Date Reported: 04/13/2001
Brief Description: QPC ftpd buffer overflow
Risk Factor: Medium
Attack Type: Host Based / Network Based
Platforms Affected: QVT/Term 5.0, QVT/Net 5.0
Vulnerability: qpc-ftpd-bo
X-Force URL: http://xforce.iss.net/static/6376.php
Date Reported: 04/13/2001
Brief Description: QPC ftpd directory traversal
Risk Factor: High
Attack Type: Network Based
Platforms Affected: QVT/Net 5.0, QVT/Term 5.0
Vulnerability: qpc-ftpd-directory-traversal
X-Force URL: http://xforce.iss.net/static/6375.php
Date Reported: 04/13/2001
Brief Description: QPC popd buffer overflow
Risk Factor: Medium
Attack Type: Host Based / Network Based
Platforms Affected: QVT/Net 5.0
Vulnerability: qpc-popd-bo
X-Force URL: http://xforce.iss.net/static/6374.php
Date Reported: 04/13/2001
Brief Description: NCM Content Management System access database
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: NCM Content Management System
Vulnerability: ncm-content-database-access
X-Force URL: http://xforce.iss.net/static/6386.php
Date Reported: 04/13/2001
Brief Description: Netscape SmartDownload 'sdph20.dll' buffer overflow
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms Affected: Netscape SmartDownload 1.3, Windows NT, Windows
95, Windows 98
Vulnerability: netscape-smartdownload-sdph20-bo
X-Force URL: http://xforce.iss.net/static/6403.php
Date Reported: 04/13/2001
Brief Description: SCO OpenServer accept buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: SCO Openserver 5.0.0 to 5.0.6
Vulnerability: sco-openserver-accept-bo
X-Force URL: http://xforce.iss.net/static/6404.php
Date Reported: 04/13/2001
Brief Description: SCO OpenServer cancel buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: SCO Openserver 5.0.0 to 5.0.6
Vulnerability: sco-openserver-cancel-bo
X-Force URL: http://xforce.iss.net/static/6406.php
Date Reported: 04/13/2001
Brief Description: SCO OpenServer disable buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: SCO Openserver 5.0.0 to 5.0.6
Vulnerability: sco-openserver-disable-bo
X-Force URL: http://xforce.iss.net/static/6407.php
Date Reported: 04/13/2001
Brief Description: SCO OpenServer enable buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: SCO Openserver 5.0.0 to 5.0.6
Vulnerability: sco-openserver-enable-bo
X-Force URL: http://xforce.iss.net/static/6409.php
Date Reported: 04/13/2001
Brief Description: SCO OpenServer lp buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: SCO Openserver 5.0.0 to 5.0.6
Vulnerability: sco-openserver-lp-bo
X-Force URL: http://xforce.iss.net/static/6410.php
Date Reported: 04/13/2001
Brief Description: SCO OpenServer lpfilter buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: SCO Openserver 5.0.0 to 5.0.6
Vulnerability: sco-openserver-lpfilter-bo
X-Force URL: http://xforce.iss.net/static/6411.php
Date Reported: 04/13/2001
Brief Description: SCO OpenServer lpstat buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: SCO Openserver 5.0.0 to 5.0.6
Vulnerability: sco-openserver-lpstat-bo
X-Force URL: http://xforce.iss.net/static/6413.php
Date Reported: 04/13/2001
Brief Description: SCO OpenServer reject buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: SCO Openserver 5.0.0 to 5.0.6
Vulnerability: sco-openserver-reject-bo
X-Force URL: http://xforce.iss.net/static/6414.php
Date Reported: 04/13/2001
Brief Description: SCO OpenServer rmail buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: SCO Openserver 5.0.0 to 5.0.6
Vulnerability: sco-openserver-rmail-bo
X-Force URL: http://xforce.iss.net/static/6415.php
Date Reported: 04/13/2001
Brief Description: SCO OpenServer tput buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: SCO Openserver 5.0.0 to 5.0.6
Vulnerability: sco-openserver-tput-bo
X-Force URL: http://xforce.iss.net/static/6416.php
Date Reported: 04/13/2001
Brief Description: IBM WebSphere CGI macro denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: IBM Websphere, Windows NT 4.0, Solaris 2.6, AIX
4.3.x, Solaris 7
Vulnerability: ibm-websphere-macro-dos
X-Force URL: http://xforce.iss.net/static/6372.php
Date Reported: 04/13/2001
Brief Description: SCO OpenServer lpmove buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: SCO Openserver 5.0.0 to 5.0.6
Vulnerability: sco-openserver-lpmove-bo
X-Force URL: http://xforce.iss.net/static/6412.php
Date Reported: 04/14/2001
Brief Description: Siemens Reliant Unix ppd -T symlink
Risk Factor: Medium
Attack Type: Host Based
Platforms Affected: Reliant Unix 5.45, Reliant Unix 5.43, Reliant
Unix 5.44
Vulnerability: reliant-unix-ppd-symlink
X-Force URL: http://xforce.iss.net/static/6408.php
Date Reported: 04/15/2001
Brief Description: Linux Exuberant Ctags package symbolic link
Risk Factor: Medium
Attack Type: Host Based
Platforms Affected: Debian Linux 2.2, exuberant-ctags
Vulnerability: exuberant-ctags-symlink
X-Force URL: http://xforce.iss.net/static/6388.php
Date Reported: 04/15/2001
Brief Description: processit.pl CGI could allow attackers to view
sensitive information about the Web server
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: processit.pl
Vulnerability: processit-cgi-view-info
X-Force URL: http://xforce.iss.net/static/6385.php
Date Reported: 04/16/2001
Brief Description: Microsoft ISA Server Web Proxy denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Microsoft ISA Server 2000
Vulnerability: isa-web-proxy-dos
X-Force URL: http://xforce.iss.net/static/6383.php
Date Reported: 04/16/2001
Brief Description: Microsoft Internet Explorer altering CLSID
action allows malicious file execution
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: Windows 2000, Internet Explorer 5.5, Windows 98
Vulnerability: ie-clsid-execute-files
X-Force URL: http://xforce.iss.net/static/6426.php
Date Reported: 04/16/2001
Brief Description: Cisco Catalyst 5000 series switch 802.1x denial
of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Cisco Catalyst 5000 Series
Vulnerability: cisco-catalyst-8021x-dos
X-Force URL: http://xforce.iss.net/static/6379.php
Date Reported: 04/16/2001
Brief Description: BubbleMon allows users to gain elevated
privileges
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: BubbleMon prior to 1.32, FreeBSD
Vulnerability: bubblemon-elevate-privileges
X-Force URL: http://xforce.iss.net/static/6378.php
Date Reported: 04/16/2001
Brief Description: DCForum CGI az= field directory traversal
Risk Factor: High
Attack Type: Network Based
Platforms Affected: DCForum 2000 1.0
Vulnerability: dcforum-az-directory-traversal
X-Force URL: http://xforce.iss.net/static/6391.php
Date Reported: 04/16/2001
Brief Description: DCForum CGI az= field allows attacker to upload
files
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: DCForum 2000 1.0
Vulnerability: dcforum-az-file-upload
X-Force URL: http://xforce.iss.net/static/6393.php
Date Reported: 04/16/2001
Brief Description: DCForum CGI az= field EXPR allows attacker to
execute commands
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: DCForum 2000 1.0
Vulnerability: dcforum-az-expr
X-Force URL: http://xforce.iss.net/static/6392.php
Date Reported: 04/16/2001
Brief Description: Linux NetFilter IPTables
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: Linux kernel 2.4, Red Hat Linux 7.1
Vulnerability: linux-netfilter-iptables
X-Force URL: http://xforce.iss.net/static/6390.php
Date Reported: 04/17/2001
Brief Description: Xitami Web server denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Xitami Web server 2.4d7, Xitami Web server 2.5b4
Vulnerability: xitami-server-dos
X-Force URL: http://xforce.iss.net/static/6389.php
Date Reported: 04/17/2001
Brief Description: Samba tmpfile symlink attack could allow
elevated privileges
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: Trustix Secure Linux 1.2, Mandrake Linux 8.0,
Progeny Linux, Caldera OpenLinux eBuilder,
Trustix Secure Linux 1.01, Mandrake Linux
Corporate Server 1.0.1, FreeBSD 4.2, Immunix
Linux 7.0, Immunix Linux 6.2, Immunix Linux 7.0
Beta, Caldera OpenLinux eServer 2.3.1, Caldera
OpenLinux eDesktop 2.4, FreeBSD 3.5.1
Vulnerability: samba-tmpfile-symlink
X-Force URL: http://xforce.iss.net/static/6396.php
Date Reported: 04/17/2001
Brief Description: GoAhead WebServer "aux" denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: GoAhead Web Server 2.1, Windows 98, Windows ME
Vulnerability: goahead-aux-dos
X-Force URL: http://xforce.iss.net/static/6400.php
Date Reported: 04/17/2001
Brief Description: AnalogX SimpleServer:WWW "aux" denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: SimpleServer:WWW 1.03 to 1.08
Vulnerability: analogx-simpleserver-aux-dos
X-Force URL: http://xforce.iss.net/static/6395.php
Date Reported: 04/17/2001
Brief Description: Viking Server hexadecimal URL encoded format
directory traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Viking Server prior to 1.07-381
Vulnerability: viking-hex-directory-traversal
X-Force URL: http://xforce.iss.net/static/6394.php
Date Reported: 04/17/2001
Brief Description: Solaris FTP server allows attacker to recover
shadow file
Risk Factor: Medium
Attack Type: Host Based
Platforms Affected: Solaris 2.6
Vulnerability: solaris-ftp-shadow-recovery
X-Force URL: http://xforce.iss.net/static/6422.php
Date Reported: 04/18/2001
Brief Description: The Bat! pop3 denial of service
Risk Factor: High
Attack Type: Network Based
Platforms Affected: The Bat! 1.51, Windows
Vulnerability: thebat-pop3-dos
X-Force URL: http://xforce.iss.net/static/6423.php
Date Reported: 04/18/2001
Brief Description: Eudora allows attacker to obtain files using
plain text attachments
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Eudora 5.0.2
Vulnerability: eudora-plain-text-attachment
X-Force URL: http://xforce.iss.net/static/6431.php
Date Reported: 04/18/2001
Brief Description: VMware vmware-mount.pl symlink
Risk Factor: Medium
Attack Type: Host Based
Platforms Affected: VMware
Vulnerability: vmware-mount-symlink
X-Force URL: http://xforce.iss.net/static/6420.php
Date Reported: 04/18/2001
Brief Description: KFM tmpfile symbolic link could allow local
attackers to overwrite files
Risk Factor: Medium
Attack Type: Host Based
Platforms Affected: SuSE Linux 7.0, K File Manager (KFM)
Vulnerability: kfm-tmpfile-symlink
X-Force URL: http://xforce.iss.net/static/6428.php
Date Reported: 04/18/2001
Brief Description: CyberScheduler timezone remote buffer overflow
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: CyberScheduler, Mandrake Linux, Windows 2000,
IIS 5.0, Solaris 8, SuSE Linux, Solaris 7,
Slackware Linux, Red Hat Linux, IIS 4.0, Debian
Linux, Solaris 2.5, Solaris 2.6, Caldera
OpenLinux, Windows NT
Vulnerability: cyberscheduler-timezone-bo
X-Force URL: http://xforce.iss.net/static/6401.php
Date Reported: 04/18/2001
Brief Description: Microsoft Data Access Component Internet
Publishing Provider allows WebDAV access
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Microsoft Data Access Component 8.103.2519.0,
Windows 95, Windows NT 4.0, Windows 98, Windows
98 Second Edition, Windows 2000, Windows ME
Vulnerability: ms-dacipp-webdav-access
X-Force URL: http://xforce.iss.net/static/6405.php
Date Reported: 04/18/2001
Brief Description: Oracle tnslsnr80.exe denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Oracle 8.x, Windows NT 4.0 SP6, Solaris 8
Vulnerability: oracle-tnslsnr80-dos
X-Force URL: http://xforce.iss.net/static/6427.php
Date Reported: 04/18/2001
Brief Description: innfeed -c flag buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: Red Hat Linux, Slackware Linux, Mandrake Linux,
INN prior to 2.3.1
Vulnerability: innfeed-c-bo
X-Force URL: http://xforce.iss.net/static/6398.php
Date Reported: 04/18/2001
Brief Description: iPlanet Calendar Server stores username and
password in plaintext
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: iPlanet Calendar Server 5.0p2
Vulnerability: iplanet-calendar-plaintext-password
X-Force URL: http://xforce.iss.net/static/6402.php
Date Reported: 04/18/2001
Brief Description: Linux NEdit symlink when printing
Risk Factor: High
Attack Type: Host Based
Platforms Affected: SuSE Linux 6.3, SuSE Linux 6.4, Debian Linux
2.2, Mandrake Linux 7.1, Mandrake Linux 7.2,
SuSE Linux 7.0, Mandrake Linux Corporate Server
1.0.1, SuSE Linux 7.1, Mandrake Linux 8.0
Vulnerability: nedit-print-symlink
X-Force URL: http://xforce.iss.net/static/6424.php
Date Reported: 04/19/2001
Brief Description: CheckBO TCP buffer overflow
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: CheckBO 1.56 and earlier
Vulnerability: checkbo-tcp-bo
X-Force URL: http://xforce.iss.net/static/6436.php
Date Reported: 04/19/2001
Brief Description: HP-UX pcltotiff uses insecure permissions
Risk Factor: Medium
Attack Type: Host Based
Platforms Affected: HP-UX 10.01, HP-UX 10.10, HP-UX 10.20,
HP-UX 10.26
Vulnerability: hp-pcltotiff-insecure-permissions
X-Force URL: http://xforce.iss.net/static/6447.php
Date Reported: 04/19/2001
Brief Description: Netopia Timbuktu allows unauthorized system
access
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: Timbuktu Pro, Macintosh OS X
Vulnerability: netopia-timbuktu-gain-access
X-Force URL: http://xforce.iss.net/static/6452.php
Date Reported: 04/20/2001
Brief Description: Cisco CBOS could allow attackers to gain
privileged information
Risk Factor: High
Attack Type: Host Based / Network Based
Platforms Affected: Cisco CBOS 2.4.1, Cisco CBOS 2.3.053
Vulnerability: cisco-cbos-gain-information
X-Force URL: http://xforce.iss.net/static/6453.php
Date Reported: 04/20/2001
Brief Description: Internet Explorer 5.x allows active scripts
using XML stylesheets
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms Affected: Internet Explorer 5.x, Outlook Express 5.x
Vulnerability: ie-xml-stylesheets-scripting
X-Force URL: http://xforce.iss.net/static/6448.php
Date Reported: 04/20/2001
Brief Description: Linux gftp format string
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: gftp prior to 2.0.8, Mandrake Linux 8.0,
Mandrake Linux Corporate Server 1.0.1, Immunix
Linux 7.0, Red Hat Linux 7.1, Mandrake Linux
7.2, Immunix Linux 6.2, Immunix 7.0 beta,
Red Hat Linux 6.2, Mandrake Linux 7.1, Red Hat
Linux 7.0
Vulnerability: gftp-format-string
X-Force URL: http://xforce.iss.net/static/6478.php
Date Reported: 04/20/2001
Brief Description: Novell BorderManager VPN client SYN requests
denial of service
Risk Factor: Medium
Attack Type: Host Based / Network Based
Platforms Affected: Novell BorderManager 3.5
Vulnerability: bordermanager-vpn-syn-dos
X-Force URL: http://xforce.iss.net/static/6429.php
Date Reported: 04/20/2001
Brief Description: SAFT sendfiled could allow the execution of
arbitrary code
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: Debian Linux 2.2, Progeny Linux, sendfile
Vulnerability: saft-sendfiled-execute-code
X-Force URL: http://xforce.iss.net/static/6430.php
Date Reported: 04/21/2001
Brief Description: Mercury MTA for Novell Netware buffer overflow
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Mercury MTA 1.47 and earlier, Novell NetWare
Vulnerability: mercury-mta-bo
X-Force URL: http://xforce.iss.net/static/6444.php
Date Reported: 04/21/2001
Brief Description: QNX allows attacker to read files on FAT
partition
Risk Factor: High
Attack Type: Host Based / Network Based
Platforms Affected: QNX 2.4
Vulnerability: qnx-fat-file-read
X-Force URL: http://xforce.iss.net/static/6437.php
Date Reported: 04/23/2001
Brief Description: Viking Server "dot dot" (\...\) directory
traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Viking Server 1.0.7
Vulnerability: viking-dot-directory-traversal
X-Force URL: http://xforce.iss.net/static/6450.php
Date Reported: 04/24/2001
Brief Description: NetCruiser Web Server could reveal directory
path
Risk Factor: High
Attack Type: Network Based
Platforms Affected: NetCruiser Web Server 0.1.2.8
Vulnerability: netcruiser-server-path-disclosure
X-Force URL: http://xforce.iss.net/static/6468.php
Date Reported: 04/24/2001
Brief Description: Perl Web Server directory traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Perl Web Server 0.3 and prior
Vulnerability: perl-webserver-directory-traversal
X-Force URL: http://xforce.iss.net/static/6451.php
Date Reported: 04/24/2001
Brief Description: Small HTTP Server /aux denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Small HTTP Server 2.03
Vulnerability: small-http-aux-dos
X-Force URL: http://xforce.iss.net/static/6446.php
Date Reported: 04/24/2001
Brief Description: IPSwitch IMail SMTP daemon mailing list handler
buffer overflow
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: IPSwitch Imail 6.06 and earlier
Vulnerability: ipswitch-imail-smtp-bo
X-Force URL: http://xforce.iss.net/static/6445.php
Date Reported: 04/25/2001
Brief Description: MIT Kerberos 5 could allow attacker to gain root
access by injecting base64-encoded data
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: MIT Kerberos 5
Vulnerability: kerberos-inject-base64-encode
X-Force URL: http://xforce.iss.net/static/6454.php
Date Reported: 04/26/2001
Brief Description: IRIX netprint -n allows attacker to access
shared library
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms Affected: IRIX 6.x
Vulnerability: irix-netprint-shared-library
X-Force URL: http://xforce.iss.net/static/6473.php
Date Reported: 04/26/2001
Brief Description: WebXQ "dot dot" directory traversal
Risk Factor: High
Attack Type: Network Based
Platforms Affected: Windows, WebXQ 2.1.204
Vulnerability: webxq-dot-directory-traversal
X-Force URL: http://xforce.iss.net/static/6466.php
Date Reported: 04/26/2001
Brief Description: RaidenFTPD "dot dot" directory traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Windows NT 4.0, Windows 2000, RaidenFTPD 2.1
Vulnerability: raidenftpd-dot-directory-traversal
X-Force URL: http://xforce.iss.net/static/6455.php
Date Reported: 04/27/2001
Brief Description: PerlCal CGI cal_make.pl script directory
traversal
Risk Factor: High
Attack Type: Network Based
Platforms Affected: Unix, PerlCal 2.95 and prior
Vulnerability: perlcal-calmake-directory-traversal
X-Force URL: http://xforce.iss.net/static/6480.php
Date Reported: 04/28/2001
Brief Description: ICQ Web Front plugin denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: ICQ Web Front, ICQ 2000b 3278 and earlier
Vulnerability: icq-webfront-dos
X-Force URL: http://xforce.iss.net/static/6474.php
Date Reported: 04/28/2001
Brief Description: Alex FTP Server "dot dot" directory traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Alex's FTP Server 0.7
Vulnerability: alex-ftp-directory-traversal
X-Force URL: http://xforce.iss.net/static/6475.php
Date Reported: 04/28/2001
Brief Description: BRS WebWeaver FTP path disclosure
Risk Factor: High
Attack Type: Network Based
Platforms Affected: BRS WebWeaver 0.63
Vulnerability: webweaver-ftp-path-disclosure
X-Force URL: http://xforce.iss.net/static/6477.php
Date Reported: 04/28/2001
Brief Description: BRS WebWeaver Web server "dot dot" directory
traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: BRS WebWeaver 0.63
Vulnerability: webweaver-web-directory-traversal
X-Force URL: http://xforce.iss.net/static/6476.php
Date Reported: 04/29/2001
Brief Description: Winamp AIP buffer overflow
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms Affected: Winamp 2.6x and 2.7x
Vulnerability: winamp-aip-bo
X-Force URL: http://xforce.iss.net/static/6479.php
Date Reported: 04/29/2001
Brief Description: BearShare "dot dot" allows remote attacker to traverse
directories and download any file
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: BearShare 2.2.2 and prior, Windows 95, Windows
98, Windows ME
Vulnerability: bearshare-dot-download-files
X-Force URL: http://xforce.iss.net/static/6481.php
Date Reported: 05/01/2001
Brief Description: IIS 5.0 ISAPI extension buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms Affected: IIS 5.0, Windows 2000 Server, Windows 2000
Advanced Server, Windows 2000 Datacenter Server
Vulnerability: iis-isapi-bo
X-Force URL: http://xforce.iss.net/static/6485.php
_____
Risk Factor Key:
High Any vulnerability that provides an attacker with immediate
access into a machine, gains superuser access, or bypasses
a firewall. Example: A vulnerable Sendmail 8.6.5 version
that allows an intruder to execute commands on mail
server.
Medium Any vulnerability that provides information that has a
high potential of giving system access to an intruder.
Example: A misconfigured TFTP or vulnerable NIS server
that allows an intruder to get the password file that
could contain an account with a guessable password.
Low Any vulnerability that provides information that
potentially could lead to a compromise. Example: A
finger that allows an intruder to find out who is online
and potential accounts to attempt to crack passwords
via brute force methods.
________
About Internet Security Systems (ISS)
Internet Security Systems is a leading global provider of security
management solutions for the Internet, protecting digital assets and
ensuring safe and uninterrupted e-business. With its industry-leading
intrusion detection and vulnerability assessment software, remote managed
security services, and strategic consulting and education offerings, ISS
is a trusted security provider to more than 8,000 customers worldwide
including 21 of the 25 largest U.S. commercial banks and the top 10 U.S.
telecommunications companies. Founded in 1994, ISS is headquartered in
Atlanta, GA, with additional offices throughout North America and
international operations in Asia, Australia, Europe, Latin America and the
Middle East. For more information, visit the Internet Security Systems
web site at www.iss.net or call 888-901-7477.
Copyright (c) 2001 by Internet Security Systems, Inc.
Permission is hereby granted for the redistribution of this Alert
electronically. It is not to be edited in any way without express consent
of the X-Force. If you wish to reprint the whole or any part of this Alert
in any other medium excluding electronic medium, please e-mail
xforce@iss.net for permission.
Disclaimer
The information within this paper may change without notice. Use of this
information constitutes acceptance for use in an AS IS condition. There
are NO warranties with regard to this information. In no event shall the
author be liable for any damages whatsoever arising out of or in
connection with the use or spread of this information. Any use of this
information is at the user's own risk.
X-Force PGP Key available at: http://xforce.iss.net/sensitive.php as
well as on MIT's PGP key server and PGP.com's key server.
Please send suggestions, updates, and comments to: X-Force xforce@iss.net
of Internet Security Systems, Inc.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a
Charset: noconv
iQCVAwUBOvrtmTRfJiV99eG9AQFRFwP+NhRj20kY5edBZBvSMBZKAOKEQGpJPPnD
J/YCCB9TkzoWt65a7HR6c2MbimbnCo8YrhkjgFcvPmArCOFMS/68lhcStKd769PO
rbojCoys8l1woaFDwzPnQeWVoNMen83sVvsiy7Bwk5Sm0cjM3gZC+X0vqG8EI59Y
OAtrNiOkj7o=
=kYl+
-----END PGP SIGNATURE-----
| VAR-200107-0173 | CVE-2001-0444 | Lotus Domino vulnerable to DoS via crafted unicode GET request |
CVSS V2: 2.1 CVSS V3: - Severity: LOW |
Cisco CBOS 2.3.0.053 sends output of the "sh nat" (aka "show nat") command to the terminal of the next user who attempts to connect to the router via telnet, which could allow that user to obtain sensitive information. The Lotus Domino Web Server contains a flaw that could be exploited to cause a denial of service. Due to a problem parsing carriage return/line feeds in RFC822 format mail messages, The Bat! mail client may permaturely detect the end of a mail message, causing an error to occur. This error may prevent the mail user from retrieving other mail messages until the message with the error is removed. Lotus Domino R5 prior to version 5.0.7 are subject to a DoS. A remotely submitted GET request composed of an arbitrary string of unicode characters, will cause the server to stop responding and possibly other applications depending on it. Rebooting the server is required in order to gain normal functionality. -----BEGIN PGP SIGNED MESSAGE-----
Internet Security Systems Security Alert Summary
May 10, 2001
Volume 6 Number 6
X-Force Vulnerability and Threat Database: http://xforce.iss.net/ To
receive these Alert Summaries as well as other Alerts and Advisories,
subscribe to the Internet Security Systems Alert mailing list at:
http://xforce.iss.net/maillists/index.php
This summary can be found at:
http://xforce.iss.net/alerts/vol-6_num-6.php
_____
Contents:
* 120 Reported Vulnerabilities
* Risk Factor Key
_____
Date Reported: 04/02/2001
Brief Description: The Bat! masked file type in email attachment
could allow execution of code
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms Affected: The Bat! 1.49 and earlier
Vulnerability: thebat-masked-file-type
X-Force URL: http://xforce.iss.net/static/6324.php
Date Reported: 04/02/2001
Brief Description: PHP-Nuke could allow attackers to redirect ad
banner URL links
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: PHP-Nuke 4.4 and earlier
Vulnerability: php-nuke-url-redirect
X-Force URL: http://xforce.iss.net/static/6342.php
Date Reported: 04/03/2001
Brief Description: Orinoco RG-1000 Residential Gateway default SSID
reveals WEP encryption key
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms Affected: Orinoco Residential Gateway RG-1000
Vulnerability: orinoco-rg1000-wep-key
X-Force URL: http://xforce.iss.net/static/6328.php
Date Reported: 04/03/2001
Brief Description: Navision Financials server denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Navision Financials 2.5 and 2.6
Vulnerability: navision-server-dos
X-Force URL: http://xforce.iss.net/static/6318.php
Date Reported: 04/03/2001
Brief Description: uStorekeeper online shopping system allows
remote file retrieval
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: uStorekeeper 1.61
Vulnerability: ustorekeeper-retrieve-files
X-Force URL: http://xforce.iss.net/static/6319.php
Date Reported: 04/03/2001
Brief Description: Resin server allows remote attackers to view
Javabean files
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Resin 1.2.x, Resin 1.3b1
Vulnerability: resin-view-javabean
X-Force URL: http://xforce.iss.net/static/6320.php
Date Reported: 04/03/2001
Brief Description: BPFTP could allow attackers to obtain login
credentials
Risk Factor: High
Attack Type: Network Based
Platforms Affected: BPFTP 2.0
Vulnerability: bpftp-obtain-credentials
X-Force URL: http://xforce.iss.net/static/6330.php
Date Reported: 04/04/2001
Brief Description: Ntpd server readvar control message buffer
overflow
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms Affected: SCO Openserver 5.0.0 to 5.0.6, AIX 5.1,
Slackware Linux 7.1, Engarde Secure Linux 1.0.1,
Progeny Linux, SuSE Linux 7.1, ntpd 4.0.99k and
earlier, FreeBSD 4.2-Stable, Mandrake Linux
Corporate Server 1.0.1, Mandrake Linux 7.2,
Trustix Secure Linux, Immunix Linux 7.0,
NetBSD 1.5, SuSE Linux 7.0, Caldera OpenLinux
eServer 2.3.1
Vulnerability: ntpd-remote-bo
X-Force URL: http://xforce.iss.net/static/6321.php
Date Reported: 04/04/2001
Brief Description: Cisco CSS debug mode allows users to gain
administrative access
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms Affected: Cisco Content Services Switch 11050, Cisco
Content Services Switch 11150, Cisco Content
Services Switch 11800
Vulnerability: cisco-css-elevate-privileges
X-Force URL: http://xforce.iss.net/static/6322.php
Date Reported: 04/04/2001
Brief Description: BEA Tuxedo may allow access to remote services
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: BEA Tuxedo 7.1
Vulnerability: bea-tuxedo-remote-access
X-Force URL: http://xforce.iss.net/static/6326.php
Date Reported: 04/05/2001
Brief Description: Ultimate Bulletin Board could allow attackers to
bypass authentication
Risk Factor: High
Attack Type: Network Based
Platforms Affected: Ultimate Bulletin Board 5.43, Ultimate Bulletin
Board 5.4.7e
Vulnerability: ultimatebb-bypass-authentication
X-Force URL: http://xforce.iss.net/static/6339.php
Date Reported: 04/05/2001
Brief Description: BinTec X4000 NMAP denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: BinTec X4000 5.1.6P10 and prior, BinTec X1000,
BinTec X1200
Vulnerability: bintec-x4000-nmap-dos
X-Force URL: http://xforce.iss.net/static/6323.php
Date Reported: 04/05/2001
Brief Description: WatchGuard Firebox II kernel denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: WatchGuard Firebox II prior to 4.6
Vulnerability: firebox-kernel-dos
X-Force URL: http://xforce.iss.net/static/6327.php
Date Reported: 04/06/2001
Brief Description: Cisco PIX denial of service due to multiple
TACACS+ requests
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Cisco PIX Firewall 5.1.4
Vulnerability: cisco-pix-tacacs-dos
X-Force URL: http://xforce.iss.net/static/6353.php
Date Reported: 04/06/2001
Brief Description: Darren Reed's IP Filter allows attackers to
access UDP and TCP ports
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: IP Filter 3.4.16
Vulnerability: ipfilter-access-ports
X-Force URL: http://xforce.iss.net/static/6331.php
Date Reported: 04/06/2001
Brief Description: Veritas NetBackup nc (netcat) command denial of
service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: NetBackup 3.2
Vulnerability: veritas-netbackup-nc-dos
X-Force URL: http://xforce.iss.net/static/6329.php
Date Reported: 04/08/2001
Brief Description: PGP may allow malicious users to access
authenticated split keys
Risk Factor: Medium
Attack Type: Host Based
Platforms Affected: PGP 7.0
Vulnerability: nai-pgp-split-keys
X-Force URL: http://xforce.iss.net/static/6341.php
Date Reported: 04/09/2001
Brief Description: Solaris kcms_configure command line buffer
overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: Solaris 7, Solaris 8
Vulnerability: solaris-kcms-command-bo
X-Force URL: http://xforce.iss.net/static/6359.php
Date Reported: 04/09/2001
Brief Description: TalkBack CGI script could allow remote attackers
to read files on the Web server
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: TalkBack prior to 1.2
Vulnerability: talkback-cgi-read-files
X-Force URL: http://xforce.iss.net/static/6340.php
Date Reported: 04/09/2001
Brief Description: Multiple FTP glob(3) implementation
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: FreeBSD 4.2, Solaris 8, IRIX 6.5.x, OpenBSD 2.8,
HP-UX 11.00, NetBSD
Vulnerability: ftp-glob-implementation
X-Force URL: http://xforce.iss.net/static/6333.php
Date Reported: 04/09/2001
Brief Description: Pine mail client temp file symbolic link
Risk Factor: Medium
Attack Type: Host Based
Platforms Affected: Pine prior to 4.33, Red Hat Linux 5.2, Red Hat
Linux 6.2, Red Hat Linux 7.0
Vulnerability: pine-tmp-file-symlink
X-Force URL: http://xforce.iss.net/static/6367.php
Date Reported: 04/09/2001
Brief Description: Multiple FTP glob(3) expansion
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: HP-UX 11.00, NetBSD, Solaris 8, IRIX 6.5.x,
OpenBSD 2.8, FreeBSD 4.2, MIT Kerberos 5
Vulnerability: ftp-glob-expansion
X-Force URL: http://xforce.iss.net/static/6332.php
Date Reported: 04/09/2001
Brief Description: Netscape embedded JavaScript in GIF file
comments can be used to access remote data
Risk Factor: Medium
Attack Type: Host Based / Network Based
Platforms Affected: Netscape Communicator 4.76, Red Hat Linux 6.2,
Debian Linux 2.2, Conectiva Linux, Red Hat Linux
7.0, Immunix Linux 6.2, Immunix Linux 7.0 Beta,
Red Hat Linux 7.1
Vulnerability: netscape-javascript-access-data
X-Force URL: http://xforce.iss.net/static/6344.php
Date Reported: 04/09/2001
Brief Description: STRIP generates weak passwords
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: STRIP 0.5 and earlier
Vulnerability: strip-weak-passwords
X-Force URL: http://xforce.iss.net/static/6362.php
Date Reported: 04/10/2001
Brief Description: Solaris Xsun HOME environment variable buffer
overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: Solaris 7
Vulnerability: solaris-xsun-home-bo
X-Force URL: http://xforce.iss.net/static/6343.php
Date Reported: 04/10/2001
Brief Description: Compaq Presario Active X denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: Compaq Presario, Windows 98, Windows ME
Vulnerability: compaq-activex-dos
X-Force URL: http://xforce.iss.net/static/6355.php
Date Reported: 04/10/2001
Brief Description: Alcatel ADSL modems 'EXPERT' account
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms Affected: Alcatel ADSL Network Termination Device 1000,
Alcatel Speed Touch ADSL modem Home
Vulnerability: alcatel-expert-account
X-Force URL: http://xforce.iss.net/static/6354.php
Date Reported: 04/10/2001
Brief Description: Alcatel ADSL modems allow attacker on LAN to
gain access using TFTP
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms Affected: Alcatel ADSL Network Termination Device 1000,
Alcatel Speed Touch ADSL modem Home
Vulnerability: alcatel-tftp-lan-access
X-Force URL: http://xforce.iss.net/static/6336.php
Date Reported: 04/10/2001
Brief Description: Alcatel ADSL modems allow attacker on WAN to
gain access using TFTP
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: Alcatel ADSL Network Termination Device 1000,
Alcatel Speed Touch ADSL modem Home
Vulnerability: alcatel-tftp-wan-access
X-Force URL: http://xforce.iss.net/static/6337.php
Date Reported: 04/10/2001
Brief Description: Oracle Application Server shared library
(ndwfn4.so) buffer overflow
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: iPlanet Web Server 4.x, Oracle Application
Server 4.0.8.2
Vulnerability: oracle-appserver-ndwfn4-bo
X-Force URL: http://xforce.iss.net/static/6334.php
Date Reported: 04/10/2001
Brief Description: Alcatel ADSL modems use blank password by
default
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms Affected: Alcatel ADSL Network Termination Device 1000,
Alcatel Speed Touch ADSL modem Home
Vulnerability: alcatel-blank-password
X-Force URL: http://xforce.iss.net/static/6335.php
Date Reported: 04/11/2001
Brief Description: Solaris dtsession buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: Solaris 7
Vulnerability: solaris-dtsession-bo
X-Force URL: http://xforce.iss.net/static/6366.php
Date Reported: 04/11/2001
Brief Description: Solaris kcsSUNWIOsolf.so buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: Solaris 7, Solaris 8
Vulnerability: solaris-kcssunwiosolf-bo
X-Force URL: http://xforce.iss.net/static/6365.php
Date Reported: 04/11/2001
Brief Description: Lightwave ConsoleServer brute force password
attack
Risk Factor: High
Attack Type: Network Based
Platforms Affected: Lightwave ConsoleServer 3200
Vulnerability: lightwave-consoleserver-brute-force
X-Force URL: http://xforce.iss.net/static/6345.php
Date Reported: 04/11/2001
Brief Description: nph-maillist allows user to execute code
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: Email List Generator 3.5 and earlier
Vulnerability: nph-maillist-execute-code
X-Force URL: http://xforce.iss.net/static/6363.php
Date Reported: 04/11/2001
Brief Description: Symantec Ghost Configuration Server denial of
service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Ghost 6.5
Vulnerability: ghost-configuration-server-dos
X-Force URL: http://xforce.iss.net/static/6357.php
Date Reported: 04/11/2001
Brief Description: Lotus Domino Web Server DOS device denial of
service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Lotus Domino R5 prior to 5.0.7
Vulnerability: lotus-domino-device-dos
X-Force URL: http://xforce.iss.net/static/6348.php
Date Reported: 04/11/2001
Brief Description: Lotus Domino Web Server HTTP header denial of
service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Lotus Domino R5 prior to 5.0.7
Vulnerability: lotus-domino-header-dos
X-Force URL: http://xforce.iss.net/static/6347.php
Date Reported: 04/11/2001
Brief Description: Lotus Domino Web Server URL parsing denial of
service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Lotus Domino R5 prior to 5.0.7
Vulnerability: lotus-domino-url-dos
X-Force URL: http://xforce.iss.net/static/6351.php
Date Reported: 04/11/2001
Brief Description: Lotus Domino Web Server CORBA denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Lotus Domino R5 prior to 5.0.7
Vulnerability: lotus-domino-corba-dos
X-Force URL: http://xforce.iss.net/static/6350.php
Date Reported: 04/11/2001
Brief Description: Symantec Ghost database engine denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Ghost 6.5, Sybase Adaptive Server Database
Engine 6.0.3.2747
Vulnerability: ghost-database-engine-dos
X-Force URL: http://xforce.iss.net/static/6356.php
Date Reported: 04/11/2001
Brief Description: cfingerd daemon remote format string
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: Debian Linux 2.1, Debian Linux 2.2, cfingerd
1.4.3 and earlier
Vulnerability: cfingerd-remote-format-string
X-Force URL: http://xforce.iss.net/static/6364.php
Date Reported: 04/11/2001
Brief Description: Lotus Domino Web Server Unicode denial of
service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Lotus Domino R5 prior to 5.0.7
Vulnerability: lotus-domino-unicode-dos
X-Force URL: http://xforce.iss.net/static/6349.php
Date Reported: 04/11/2001
Brief Description: Linux mkpasswd generates weak passwords
Risk Factor: High
Attack Type: Host Based
Platforms Affected: Red Hat Linux 6.2, Red Hat Linux 7.0, mkpasswd
Vulnerability: mkpasswd-weak-passwords
X-Force URL: http://xforce.iss.net/static/6382.php
Date Reported: 04/12/2001
Brief Description: Solaris ipcs utility buffer overflow
Risk Factor: Medium
Attack Type: Host Based / Network Based
Platforms Affected: Solaris 7
Vulnerability: solaris-ipcs-bo
X-Force URL: http://xforce.iss.net/static/6369.php
Date Reported: 04/12/2001
Brief Description: InterScan VirusWall ISADMIN service buffer
overflow
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: Linux kernel , InterScan VirusWall 3.0.1
Vulnerability: interscan-viruswall-isadmin-bo
X-Force URL: http://xforce.iss.net/static/6368.php
Date Reported: 04/12/2001
Brief Description: HylaFAX hfaxd format string
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms Affected: HylaFAX 4.1B3 and prior, SuSE Linux 6.x, SuSE
Linux 7.0, Mandrake Linux 7.1, FreeBSD 3.5.1,
Mandrake Linux 7.2, Mandrake Linux Corporate
Server 1.0.1, FreeBSD 4.2, SuSE Linux 7.1
Vulnerability: hylafax-hfaxd-format-string
X-Force URL: http://xforce.iss.net/static/6377.php
Date Reported: 04/12/2001
Brief Description: Cisco VPN 3000 Concentrators invalid IP Option
denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Cisco VPN 3000 Concentrators prior to 2.5.2 F
Vulnerability: cisco-vpn-ip-dos
X-Force URL: http://xforce.iss.net/static/6360.php
Date Reported: 04/13/2001
Brief Description: Net.Commerce package in IBM WebSphere reveals
installation path
Risk Factor: High
Attack Type: Network Based
Platforms Affected: IBM Websphere, Solaris 2.6, AIX 4.3.x, Solaris
7, Windows NT 4.0
Vulnerability: ibm-websphere-reveals-path
X-Force URL: http://xforce.iss.net/static/6371.php
Date Reported: 04/13/2001
Brief Description: QPC ftpd buffer overflow
Risk Factor: Medium
Attack Type: Host Based / Network Based
Platforms Affected: QVT/Term 5.0, QVT/Net 5.0
Vulnerability: qpc-ftpd-bo
X-Force URL: http://xforce.iss.net/static/6376.php
Date Reported: 04/13/2001
Brief Description: QPC ftpd directory traversal
Risk Factor: High
Attack Type: Network Based
Platforms Affected: QVT/Net 5.0, QVT/Term 5.0
Vulnerability: qpc-ftpd-directory-traversal
X-Force URL: http://xforce.iss.net/static/6375.php
Date Reported: 04/13/2001
Brief Description: QPC popd buffer overflow
Risk Factor: Medium
Attack Type: Host Based / Network Based
Platforms Affected: QVT/Net 5.0
Vulnerability: qpc-popd-bo
X-Force URL: http://xforce.iss.net/static/6374.php
Date Reported: 04/13/2001
Brief Description: NCM Content Management System access database
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: NCM Content Management System
Vulnerability: ncm-content-database-access
X-Force URL: http://xforce.iss.net/static/6386.php
Date Reported: 04/13/2001
Brief Description: Netscape SmartDownload 'sdph20.dll' buffer overflow
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms Affected: Netscape SmartDownload 1.3, Windows NT, Windows
95, Windows 98
Vulnerability: netscape-smartdownload-sdph20-bo
X-Force URL: http://xforce.iss.net/static/6403.php
Date Reported: 04/13/2001
Brief Description: SCO OpenServer accept buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: SCO Openserver 5.0.0 to 5.0.6
Vulnerability: sco-openserver-accept-bo
X-Force URL: http://xforce.iss.net/static/6404.php
Date Reported: 04/13/2001
Brief Description: SCO OpenServer cancel buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: SCO Openserver 5.0.0 to 5.0.6
Vulnerability: sco-openserver-cancel-bo
X-Force URL: http://xforce.iss.net/static/6406.php
Date Reported: 04/13/2001
Brief Description: SCO OpenServer disable buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: SCO Openserver 5.0.0 to 5.0.6
Vulnerability: sco-openserver-disable-bo
X-Force URL: http://xforce.iss.net/static/6407.php
Date Reported: 04/13/2001
Brief Description: SCO OpenServer enable buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: SCO Openserver 5.0.0 to 5.0.6
Vulnerability: sco-openserver-enable-bo
X-Force URL: http://xforce.iss.net/static/6409.php
Date Reported: 04/13/2001
Brief Description: SCO OpenServer lp buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: SCO Openserver 5.0.0 to 5.0.6
Vulnerability: sco-openserver-lp-bo
X-Force URL: http://xforce.iss.net/static/6410.php
Date Reported: 04/13/2001
Brief Description: SCO OpenServer lpfilter buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: SCO Openserver 5.0.0 to 5.0.6
Vulnerability: sco-openserver-lpfilter-bo
X-Force URL: http://xforce.iss.net/static/6411.php
Date Reported: 04/13/2001
Brief Description: SCO OpenServer lpstat buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: SCO Openserver 5.0.0 to 5.0.6
Vulnerability: sco-openserver-lpstat-bo
X-Force URL: http://xforce.iss.net/static/6413.php
Date Reported: 04/13/2001
Brief Description: SCO OpenServer reject buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: SCO Openserver 5.0.0 to 5.0.6
Vulnerability: sco-openserver-reject-bo
X-Force URL: http://xforce.iss.net/static/6414.php
Date Reported: 04/13/2001
Brief Description: SCO OpenServer rmail buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: SCO Openserver 5.0.0 to 5.0.6
Vulnerability: sco-openserver-rmail-bo
X-Force URL: http://xforce.iss.net/static/6415.php
Date Reported: 04/13/2001
Brief Description: SCO OpenServer tput buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: SCO Openserver 5.0.0 to 5.0.6
Vulnerability: sco-openserver-tput-bo
X-Force URL: http://xforce.iss.net/static/6416.php
Date Reported: 04/13/2001
Brief Description: IBM WebSphere CGI macro denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: IBM Websphere, Windows NT 4.0, Solaris 2.6, AIX
4.3.x, Solaris 7
Vulnerability: ibm-websphere-macro-dos
X-Force URL: http://xforce.iss.net/static/6372.php
Date Reported: 04/13/2001
Brief Description: SCO OpenServer lpmove buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: SCO Openserver 5.0.0 to 5.0.6
Vulnerability: sco-openserver-lpmove-bo
X-Force URL: http://xforce.iss.net/static/6412.php
Date Reported: 04/14/2001
Brief Description: Siemens Reliant Unix ppd -T symlink
Risk Factor: Medium
Attack Type: Host Based
Platforms Affected: Reliant Unix 5.45, Reliant Unix 5.43, Reliant
Unix 5.44
Vulnerability: reliant-unix-ppd-symlink
X-Force URL: http://xforce.iss.net/static/6408.php
Date Reported: 04/15/2001
Brief Description: Linux Exuberant Ctags package symbolic link
Risk Factor: Medium
Attack Type: Host Based
Platforms Affected: Debian Linux 2.2, exuberant-ctags
Vulnerability: exuberant-ctags-symlink
X-Force URL: http://xforce.iss.net/static/6388.php
Date Reported: 04/15/2001
Brief Description: processit.pl CGI could allow attackers to view
sensitive information about the Web server
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: processit.pl
Vulnerability: processit-cgi-view-info
X-Force URL: http://xforce.iss.net/static/6385.php
Date Reported: 04/16/2001
Brief Description: Microsoft ISA Server Web Proxy denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Microsoft ISA Server 2000
Vulnerability: isa-web-proxy-dos
X-Force URL: http://xforce.iss.net/static/6383.php
Date Reported: 04/16/2001
Brief Description: Microsoft Internet Explorer altering CLSID
action allows malicious file execution
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: Windows 2000, Internet Explorer 5.5, Windows 98
Vulnerability: ie-clsid-execute-files
X-Force URL: http://xforce.iss.net/static/6426.php
Date Reported: 04/16/2001
Brief Description: Cisco Catalyst 5000 series switch 802.1x denial
of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Cisco Catalyst 5000 Series
Vulnerability: cisco-catalyst-8021x-dos
X-Force URL: http://xforce.iss.net/static/6379.php
Date Reported: 04/16/2001
Brief Description: BubbleMon allows users to gain elevated
privileges
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: BubbleMon prior to 1.32, FreeBSD
Vulnerability: bubblemon-elevate-privileges
X-Force URL: http://xforce.iss.net/static/6378.php
Date Reported: 04/16/2001
Brief Description: DCForum CGI az= field directory traversal
Risk Factor: High
Attack Type: Network Based
Platforms Affected: DCForum 2000 1.0
Vulnerability: dcforum-az-directory-traversal
X-Force URL: http://xforce.iss.net/static/6391.php
Date Reported: 04/16/2001
Brief Description: DCForum CGI az= field allows attacker to upload
files
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: DCForum 2000 1.0
Vulnerability: dcforum-az-file-upload
X-Force URL: http://xforce.iss.net/static/6393.php
Date Reported: 04/16/2001
Brief Description: DCForum CGI az= field EXPR allows attacker to
execute commands
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: DCForum 2000 1.0
Vulnerability: dcforum-az-expr
X-Force URL: http://xforce.iss.net/static/6392.php
Date Reported: 04/16/2001
Brief Description: Linux NetFilter IPTables
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: Linux kernel 2.4, Red Hat Linux 7.1
Vulnerability: linux-netfilter-iptables
X-Force URL: http://xforce.iss.net/static/6390.php
Date Reported: 04/17/2001
Brief Description: Xitami Web server denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Xitami Web server 2.4d7, Xitami Web server 2.5b4
Vulnerability: xitami-server-dos
X-Force URL: http://xforce.iss.net/static/6389.php
Date Reported: 04/17/2001
Brief Description: Samba tmpfile symlink attack could allow
elevated privileges
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: Trustix Secure Linux 1.2, Mandrake Linux 8.0,
Progeny Linux, Caldera OpenLinux eBuilder,
Trustix Secure Linux 1.01, Mandrake Linux
Corporate Server 1.0.1, FreeBSD 4.2, Immunix
Linux 7.0, Immunix Linux 6.2, Immunix Linux 7.0
Beta, Caldera OpenLinux eServer 2.3.1, Caldera
OpenLinux eDesktop 2.4, FreeBSD 3.5.1
Vulnerability: samba-tmpfile-symlink
X-Force URL: http://xforce.iss.net/static/6396.php
Date Reported: 04/17/2001
Brief Description: GoAhead WebServer "aux" denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: GoAhead Web Server 2.1, Windows 98, Windows ME
Vulnerability: goahead-aux-dos
X-Force URL: http://xforce.iss.net/static/6400.php
Date Reported: 04/17/2001
Brief Description: AnalogX SimpleServer:WWW "aux" denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: SimpleServer:WWW 1.03 to 1.08
Vulnerability: analogx-simpleserver-aux-dos
X-Force URL: http://xforce.iss.net/static/6395.php
Date Reported: 04/17/2001
Brief Description: Viking Server hexadecimal URL encoded format
directory traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Viking Server prior to 1.07-381
Vulnerability: viking-hex-directory-traversal
X-Force URL: http://xforce.iss.net/static/6394.php
Date Reported: 04/17/2001
Brief Description: Solaris FTP server allows attacker to recover
shadow file
Risk Factor: Medium
Attack Type: Host Based
Platforms Affected: Solaris 2.6
Vulnerability: solaris-ftp-shadow-recovery
X-Force URL: http://xforce.iss.net/static/6422.php
Date Reported: 04/18/2001
Brief Description: The Bat! pop3 denial of service
Risk Factor: High
Attack Type: Network Based
Platforms Affected: The Bat! 1.51, Windows
Vulnerability: thebat-pop3-dos
X-Force URL: http://xforce.iss.net/static/6423.php
Date Reported: 04/18/2001
Brief Description: Eudora allows attacker to obtain files using
plain text attachments
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Eudora 5.0.2
Vulnerability: eudora-plain-text-attachment
X-Force URL: http://xforce.iss.net/static/6431.php
Date Reported: 04/18/2001
Brief Description: VMware vmware-mount.pl symlink
Risk Factor: Medium
Attack Type: Host Based
Platforms Affected: VMware
Vulnerability: vmware-mount-symlink
X-Force URL: http://xforce.iss.net/static/6420.php
Date Reported: 04/18/2001
Brief Description: KFM tmpfile symbolic link could allow local
attackers to overwrite files
Risk Factor: Medium
Attack Type: Host Based
Platforms Affected: SuSE Linux 7.0, K File Manager (KFM)
Vulnerability: kfm-tmpfile-symlink
X-Force URL: http://xforce.iss.net/static/6428.php
Date Reported: 04/18/2001
Brief Description: CyberScheduler timezone remote buffer overflow
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: CyberScheduler, Mandrake Linux, Windows 2000,
IIS 5.0, Solaris 8, SuSE Linux, Solaris 7,
Slackware Linux, Red Hat Linux, IIS 4.0, Debian
Linux, Solaris 2.5, Solaris 2.6, Caldera
OpenLinux, Windows NT
Vulnerability: cyberscheduler-timezone-bo
X-Force URL: http://xforce.iss.net/static/6401.php
Date Reported: 04/18/2001
Brief Description: Microsoft Data Access Component Internet
Publishing Provider allows WebDAV access
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Microsoft Data Access Component 8.103.2519.0,
Windows 95, Windows NT 4.0, Windows 98, Windows
98 Second Edition, Windows 2000, Windows ME
Vulnerability: ms-dacipp-webdav-access
X-Force URL: http://xforce.iss.net/static/6405.php
Date Reported: 04/18/2001
Brief Description: Oracle tnslsnr80.exe denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Oracle 8.x, Windows NT 4.0 SP6, Solaris 8
Vulnerability: oracle-tnslsnr80-dos
X-Force URL: http://xforce.iss.net/static/6427.php
Date Reported: 04/18/2001
Brief Description: innfeed -c flag buffer overflow
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: Red Hat Linux, Slackware Linux, Mandrake Linux,
INN prior to 2.3.1
Vulnerability: innfeed-c-bo
X-Force URL: http://xforce.iss.net/static/6398.php
Date Reported: 04/18/2001
Brief Description: iPlanet Calendar Server stores username and
password in plaintext
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: iPlanet Calendar Server 5.0p2
Vulnerability: iplanet-calendar-plaintext-password
X-Force URL: http://xforce.iss.net/static/6402.php
Date Reported: 04/18/2001
Brief Description: Linux NEdit symlink when printing
Risk Factor: High
Attack Type: Host Based
Platforms Affected: SuSE Linux 6.3, SuSE Linux 6.4, Debian Linux
2.2, Mandrake Linux 7.1, Mandrake Linux 7.2,
SuSE Linux 7.0, Mandrake Linux Corporate Server
1.0.1, SuSE Linux 7.1, Mandrake Linux 8.0
Vulnerability: nedit-print-symlink
X-Force URL: http://xforce.iss.net/static/6424.php
Date Reported: 04/19/2001
Brief Description: CheckBO TCP buffer overflow
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: CheckBO 1.56 and earlier
Vulnerability: checkbo-tcp-bo
X-Force URL: http://xforce.iss.net/static/6436.php
Date Reported: 04/19/2001
Brief Description: HP-UX pcltotiff uses insecure permissions
Risk Factor: Medium
Attack Type: Host Based
Platforms Affected: HP-UX 10.01, HP-UX 10.10, HP-UX 10.20,
HP-UX 10.26
Vulnerability: hp-pcltotiff-insecure-permissions
X-Force URL: http://xforce.iss.net/static/6447.php
Date Reported: 04/19/2001
Brief Description: Netopia Timbuktu allows unauthorized system
access
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: Timbuktu Pro, Macintosh OS X
Vulnerability: netopia-timbuktu-gain-access
X-Force URL: http://xforce.iss.net/static/6452.php
Date Reported: 04/20/2001
Brief Description: Cisco CBOS could allow attackers to gain
privileged information
Risk Factor: High
Attack Type: Host Based / Network Based
Platforms Affected: Cisco CBOS 2.4.1, Cisco CBOS 2.3.053
Vulnerability: cisco-cbos-gain-information
X-Force URL: http://xforce.iss.net/static/6453.php
Date Reported: 04/20/2001
Brief Description: Internet Explorer 5.x allows active scripts
using XML stylesheets
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms Affected: Internet Explorer 5.x, Outlook Express 5.x
Vulnerability: ie-xml-stylesheets-scripting
X-Force URL: http://xforce.iss.net/static/6448.php
Date Reported: 04/20/2001
Brief Description: Linux gftp format string
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: gftp prior to 2.0.8, Mandrake Linux 8.0,
Mandrake Linux Corporate Server 1.0.1, Immunix
Linux 7.0, Red Hat Linux 7.1, Mandrake Linux
7.2, Immunix Linux 6.2, Immunix 7.0 beta,
Red Hat Linux 6.2, Mandrake Linux 7.1, Red Hat
Linux 7.0
Vulnerability: gftp-format-string
X-Force URL: http://xforce.iss.net/static/6478.php
Date Reported: 04/20/2001
Brief Description: Novell BorderManager VPN client SYN requests
denial of service
Risk Factor: Medium
Attack Type: Host Based / Network Based
Platforms Affected: Novell BorderManager 3.5
Vulnerability: bordermanager-vpn-syn-dos
X-Force URL: http://xforce.iss.net/static/6429.php
Date Reported: 04/20/2001
Brief Description: SAFT sendfiled could allow the execution of
arbitrary code
Risk Factor: Low
Attack Type: Host Based
Platforms Affected: Debian Linux 2.2, Progeny Linux, sendfile
Vulnerability: saft-sendfiled-execute-code
X-Force URL: http://xforce.iss.net/static/6430.php
Date Reported: 04/21/2001
Brief Description: Mercury MTA for Novell Netware buffer overflow
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Mercury MTA 1.47 and earlier, Novell NetWare
Vulnerability: mercury-mta-bo
X-Force URL: http://xforce.iss.net/static/6444.php
Date Reported: 04/21/2001
Brief Description: QNX allows attacker to read files on FAT
partition
Risk Factor: High
Attack Type: Host Based / Network Based
Platforms Affected: QNX 2.4
Vulnerability: qnx-fat-file-read
X-Force URL: http://xforce.iss.net/static/6437.php
Date Reported: 04/23/2001
Brief Description: Viking Server "dot dot" (\...\) directory
traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Viking Server 1.0.7
Vulnerability: viking-dot-directory-traversal
X-Force URL: http://xforce.iss.net/static/6450.php
Date Reported: 04/24/2001
Brief Description: NetCruiser Web Server could reveal directory
path
Risk Factor: High
Attack Type: Network Based
Platforms Affected: NetCruiser Web Server 0.1.2.8
Vulnerability: netcruiser-server-path-disclosure
X-Force URL: http://xforce.iss.net/static/6468.php
Date Reported: 04/24/2001
Brief Description: Perl Web Server directory traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Perl Web Server 0.3 and prior
Vulnerability: perl-webserver-directory-traversal
X-Force URL: http://xforce.iss.net/static/6451.php
Date Reported: 04/24/2001
Brief Description: Small HTTP Server /aux denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Small HTTP Server 2.03
Vulnerability: small-http-aux-dos
X-Force URL: http://xforce.iss.net/static/6446.php
Date Reported: 04/24/2001
Brief Description: IPSwitch IMail SMTP daemon mailing list handler
buffer overflow
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: IPSwitch Imail 6.06 and earlier
Vulnerability: ipswitch-imail-smtp-bo
X-Force URL: http://xforce.iss.net/static/6445.php
Date Reported: 04/25/2001
Brief Description: MIT Kerberos 5 could allow attacker to gain root
access by injecting base64-encoded data
Risk Factor: Low
Attack Type: Network Based
Platforms Affected: MIT Kerberos 5
Vulnerability: kerberos-inject-base64-encode
X-Force URL: http://xforce.iss.net/static/6454.php
Date Reported: 04/26/2001
Brief Description: IRIX netprint -n allows attacker to access
shared library
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms Affected: IRIX 6.x
Vulnerability: irix-netprint-shared-library
X-Force URL: http://xforce.iss.net/static/6473.php
Date Reported: 04/26/2001
Brief Description: WebXQ "dot dot" directory traversal
Risk Factor: High
Attack Type: Network Based
Platforms Affected: Windows, WebXQ 2.1.204
Vulnerability: webxq-dot-directory-traversal
X-Force URL: http://xforce.iss.net/static/6466.php
Date Reported: 04/26/2001
Brief Description: RaidenFTPD "dot dot" directory traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Windows NT 4.0, Windows 2000, RaidenFTPD 2.1
Vulnerability: raidenftpd-dot-directory-traversal
X-Force URL: http://xforce.iss.net/static/6455.php
Date Reported: 04/27/2001
Brief Description: PerlCal CGI cal_make.pl script directory
traversal
Risk Factor: High
Attack Type: Network Based
Platforms Affected: Unix, PerlCal 2.95 and prior
Vulnerability: perlcal-calmake-directory-traversal
X-Force URL: http://xforce.iss.net/static/6480.php
Date Reported: 04/28/2001
Brief Description: ICQ Web Front plugin denial of service
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: ICQ Web Front, ICQ 2000b 3278 and earlier
Vulnerability: icq-webfront-dos
X-Force URL: http://xforce.iss.net/static/6474.php
Date Reported: 04/28/2001
Brief Description: Alex FTP Server "dot dot" directory traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: Alex's FTP Server 0.7
Vulnerability: alex-ftp-directory-traversal
X-Force URL: http://xforce.iss.net/static/6475.php
Date Reported: 04/28/2001
Brief Description: BRS WebWeaver FTP path disclosure
Risk Factor: High
Attack Type: Network Based
Platforms Affected: BRS WebWeaver 0.63
Vulnerability: webweaver-ftp-path-disclosure
X-Force URL: http://xforce.iss.net/static/6477.php
Date Reported: 04/28/2001
Brief Description: BRS WebWeaver Web server "dot dot" directory
traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: BRS WebWeaver 0.63
Vulnerability: webweaver-web-directory-traversal
X-Force URL: http://xforce.iss.net/static/6476.php
Date Reported: 04/29/2001
Brief Description: Winamp AIP buffer overflow
Risk Factor: Low
Attack Type: Host Based / Network Based
Platforms Affected: Winamp 2.6x and 2.7x
Vulnerability: winamp-aip-bo
X-Force URL: http://xforce.iss.net/static/6479.php
Date Reported: 04/29/2001
Brief Description: BearShare "dot dot" allows remote attacker to traverse
directories and download any file
Risk Factor: Medium
Attack Type: Network Based
Platforms Affected: BearShare 2.2.2 and prior, Windows 95, Windows
98, Windows ME
Vulnerability: bearshare-dot-download-files
X-Force URL: http://xforce.iss.net/static/6481.php
Date Reported: 05/01/2001
Brief Description: IIS 5.0 ISAPI extension buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms Affected: IIS 5.0, Windows 2000 Server, Windows 2000
Advanced Server, Windows 2000 Datacenter Server
Vulnerability: iis-isapi-bo
X-Force URL: http://xforce.iss.net/static/6485.php
_____
Risk Factor Key:
High Any vulnerability that provides an attacker with immediate
access into a machine, gains superuser access, or bypasses
a firewall. Example: A vulnerable Sendmail 8.6.5 version
that allows an intruder to execute commands on mail
server.
Medium Any vulnerability that provides information that has a
high potential of giving system access to an intruder.
Example: A misconfigured TFTP or vulnerable NIS server
that allows an intruder to get the password file that
could contain an account with a guessable password.
Low Any vulnerability that provides information that
potentially could lead to a compromise. Example: A
finger that allows an intruder to find out who is online
and potential accounts to attempt to crack passwords
via brute force methods.
________
About Internet Security Systems (ISS)
Internet Security Systems is a leading global provider of security
management solutions for the Internet, protecting digital assets and
ensuring safe and uninterrupted e-business. With its industry-leading
intrusion detection and vulnerability assessment software, remote managed
security services, and strategic consulting and education offerings, ISS
is a trusted security provider to more than 8,000 customers worldwide
including 21 of the 25 largest U.S. commercial banks and the top 10 U.S.
telecommunications companies. Founded in 1994, ISS is headquartered in
Atlanta, GA, with additional offices throughout North America and
international operations in Asia, Australia, Europe, Latin America and the
Middle East. For more information, visit the Internet Security Systems
web site at www.iss.net or call 888-901-7477.
Copyright (c) 2001 by Internet Security Systems, Inc.
Permission is hereby granted for the redistribution of this Alert
electronically. It is not to be edited in any way without express consent
of the X-Force. If you wish to reprint the whole or any part of this Alert
in any other medium excluding electronic medium, please e-mail
xforce@iss.net for permission.
Disclaimer
The information within this paper may change without notice. Use of this
information constitutes acceptance for use in an AS IS condition. There
are NO warranties with regard to this information. In no event shall the
author be liable for any damages whatsoever arising out of or in
connection with the use or spread of this information. Any use of this
information is at the user's own risk.
X-Force PGP Key available at: http://xforce.iss.net/sensitive.php as
well as on MIT's PGP key server and PGP.com's key server.
Please send suggestions, updates, and comments to: X-Force xforce@iss.net
of Internet Security Systems, Inc.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a
Charset: noconv
iQCVAwUBOvrtmTRfJiV99eG9AQFRFwP+NhRj20kY5edBZBvSMBZKAOKEQGpJPPnD
J/YCCB9TkzoWt65a7HR6c2MbimbnCo8YrhkjgFcvPmArCOFMS/68lhcStKd769PO
rbojCoys8l1woaFDwzPnQeWVoNMen83sVvsiy7Bwk5Sm0cjM3gZC+X0vqG8EI59Y
OAtrNiOkj7o=
=kYl+
-----END PGP SIGNATURE-----
| VAR-200106-0149 | CVE-2001-0494 | Lotus Domino vulnerable to DoS via crafted unicode GET request |
CVSS V2: 7.5 CVSS V3: - Severity: HIGH |
Buffer overflow in IPSwitch IMail SMTP server 6.06 and possibly prior versions allows remote attackers to execute arbitrary code via a long From: header. The Lotus Domino Web Server contains a flaw that could be exploited to cause a denial of service. Due to a problem parsing carriage return/line feeds in RFC822 format mail messages, The Bat! mail client may permaturely detect the end of a mail message, causing an error to occur. This error may prevent the mail user from retrieving other mail messages until the message with the error is removed. Lotus Domino R5 prior to version 5.0.7 are subject to a DoS. A remotely submitted GET request composed of an arbitrary string of unicode characters, will cause the server to stop responding and possibly other applications depending on it. Rebooting the server is required in order to gain normal functionality
| VAR-200106-0092 | CVE-2001-0375 | Lotus Domino vulnerable to DoS via crafted unicode GET request |
CVSS V2: 5.0 CVSS V3: - Severity: MEDIUM |
Cisco PIX Firewall 515 and 520 with 5.1.4 OS running aaa authentication to a TACACS+ server allows remote attackers to cause a denial of service via a large number of authentication requests. The Lotus Domino Web Server contains a flaw that could be exploited to cause a denial of service. Due to a problem parsing carriage return/line feeds in RFC822 format mail messages, The Bat! mail client may permaturely detect the end of a mail message, causing an error to occur. This error may prevent the mail user from retrieving other mail messages until the message with the error is removed. Lotus Domino R5 prior to version 5.0.7 are subject to a DoS. A remotely submitted GET request composed of an arbitrary string of unicode characters, will cause the server to stop responding and possibly other applications depending on it. Rebooting the server is required in order to gain normal functionality