[iwar] Historical posting
From: Fred Cohen
From: fc@all.net
To: iwar@onelist.com
Mon, Jan 1, 1999
fc Mon Jan 1, 1999
Received: (from fc@localhost) by all.net (8.9.3/8.7.3) id FAA15269 for iwar@onelist.com; Tue, 18 Apr 2000 05:21:43 -0700
To: iwar@onelist.com
MIME-Version: 1.0
Mailing-List: list iwar@egroups.com; contact iwar-owner@egroups.com
Delivered-To: mailing list iwar@egroups.com
Precedence: bulk
List-Unsubscribe:
Date: Mon, Jan 1, 1999
From: Fred Cohen
Reply-To: iwar@egroups.com
Subject: [iwar] Historical posting
{00.08.004} Windows 9x denial of service (twinge)
A new denial of service named twinge.c has been made available. The
DoS sends
all possible types of ICMP traffic, making Windows 95 and 98 systems
crash immediately. Windows NT 4.0 and 2000 do not seem to be
vulnerable.
-No patches have been made available. We suggest filtering all
incoming
ICMP traffic via an upstream router/firewall.
Source: Bugtraq
http://localhost/archives/bugtraq/current/0102.html
----
{00.08.011} Timbuktu denial of service
A denial of service has been found in Timbuktu Pro version 2.0b650
whereby
an attacker can make connections to Ports 407 and 1417, causing the
service to hang.
-NO patches have been made available.
Source: Bugtraq
http://localhost/archives/bugtraq/current/0121.html
@---------------------------------------------------------@
Key Area: NetWare
Key Element: Applications
{00.08.001} BorderManager denial of service
The CS Audit Trail Proxy NLM shipped with BorderManager versions 3.0
and
3.5 for NetWare 4.11 and 5.x has been found to contain a denial of
service. An attacker can telnet to Port 2000, which can cause
csatpxy.nlm
to slowly consume memory, possibly crashing the system after an
extended
period of time. There have also been reports of high CPU utilization.
-Novell has released a new ctaspxy.nlm, which limits the memory
consumption; however, a denial of service may still be possible.
Recommendations include limiting access to Port 2000. The patched
ctaspxy1.exe is available from:
http://support.novell.com
Source: Bugtraq
http://localhost/archives/bugtraq/current/0067.html
@---------------------------------------------------------@
Key Area: Linux and BSD
Key Element: Applications
{00.08.005} Linux make creates temporary files
Make version 3.77-44 and prior have been found to create files in /tmp
when passed a makefile on STDIN. An attacker can possibly trojan the
temporary makefiles to execute commands.
-SuSE has released updated packages:
ftp://ftp.suse.com/pub/suse/axp/update/6.1/
d1/make-3.78.1-4.alpha.rpm
ftp://ftp.suse.com/pub/suse/axp/update/6.3/
d1/make-3.78.1-5.alpha.rpm
ftp://ftp.suse.com/pub/suse/i386/update/6.1/
d1/make-3.78.1-3.i386.rpm
ftp://ftp.suse.com/pub/suse/i386/update/6.2/
d1/make-3.78.1-2.i386.rpm
ftp://ftp.suse.com/pub/suse/i386/update/6.3/
d1/make-3.78.1-2.i386.rpm
Other Linux distributions should check with their vendor for patch
information.
Source: SuSE
http://localhost/archives/linux/suse/current/0261.html
----
{00.08.008} Local buffer overflow in Linux mount/umount
Mount and umount are suid applications that contain a buffer overflow
that
let local users run arbitrary commands as root. Mount and umount are
a part of the "utils" package, and all versions prior to 2.10f are
vulnerable.
-SuSE has released updated packages
ftp://ftp.suse.com/pub/suse/axp/update/6.1/
a1/util-2.10f-4.alpha.rpm
ftp://ftp.suse.com/pub/suse/axp/update/6.3/
a1/util-2.10f-0.alpha.rpm
ftp://ftp.suse.com/pub/suse/i386/update/6.1/
a1/util-2.10f-3.i386.rpm
ftp://ftp.suse.com/pub/suse/i386/update/6.2/
a1/util-2.10f-4.i386.rpm
ftp://ftp.suse.com/pub/suse/i386/update/6.3/
a1/util-2.10f-4.i386.rpm
Other Linux distributions are likely to be vulnerable. You should
contact
your vendor to verify when a patch will be made available.
Source: SuSE
http://localhost/archives/linux/suse/current/0270.html
@---------------------------------------------------------@
Key Area: Other
Key Element: Information Publishing
{00.08.010} Attackers can run commands through UltimateBB
UltimateBB is a CGI-based forum software package. A vulnerability has
been found whereby an attacker can submit a specific formatted value
for
"topic," which will cause the perl interpreter to execute commands
under
the UID of the Web server.
-No patches have been made available. Product home page:
http://www.ultimatebb.com
Source: Bugtraq
http://localhost/archives/bugtraq/current/0118.html
Det. Robert W. Miller
Colorado Internet Crimes Against
Children Task Force
Pueblo High Tech. Crime Unit
Pueblo County Sheriff's Office
909 Court St.
Pueblo, CO. 81003
Tel (719)583-4736
FAX (719)583-4732
mailto:snooker@i...
mailto:cicactf@i...
http://www.co.pueblo.co.us/sheriff/
PGP key available at: http://pgpkeys.mit.edu:11371/
search on snooker@i...