NIPC CyberNotes #2002-12 Page 3 of 33 06/17/2002
Vendor
Operating
System
Software
Name
Vulnerability/
Impact
Patches/Workarounds/
Alerts
Common
Name
Risk*
Attacks/
Scripts
Caldera
11
Unix OpenUnix
8.0,
UnixWare
7.1.1
A vulnerability exits when the
FTP server is in PASV mode
because predictable PASV
mode port numbers are
selected, which could let a
remote malicious user hijack
data connections and retrieve
data before the client can.
Patch available at:
ftp://stage.caldera.com/pub/s
ecurity/openunix/CSSA-
2002-
SCO.23/erg501602b.pkg.Z
Open Unix /
UnixWare ftpd
PASV Mode
Hijacking
Medium Bug discussed
in newsgroups
and websites.
There is no
exploit code
required.
Caldera
Interna-
tional,
Inc.
12
Unix OpenServer
5.0.5, 5.0.6
A format string vulnerability
exists in the ‘crontab’
implementation when an error
message is issued as a result
of an invalid filename
argument, which could let a
malicious user execute
arbitrary code and obtain
elevate privileges.
Temporary workaround
(SRT):
Disable the setgid
permissions.
OpenServer
crontab
Format String
High
Bug discussed
in newsgroups
and websites.
Caldera
Interna-
tional,
Inc
.13
Unix Volution
Manager
1.1
A vulnerability exists because
the unencrypted Directory
Administrator's password is
stored in the
/etc/ldap/slapd.conf file,
which could let a malicious
user obtain sensitive
information.
This vulnerability will be
corrected in the next
release of Volution
Manager. Please see
advisory CSSA-2002-
024.0 on how to
implement the encryption
feature located at:
http://www.caldera.com/sup
port/security/2002.html
Volution
Manager
Unencrypted
Password
Medium Bug discussed
in newsgroups
and websites.
There is no
exploit code
required.
CGIScript.
net
14
Multiple csNews
1.0,
csNews
Professiona
l 1.0
Multiple vulnerabilities exist:
a vulnerability exists because
database files may be
accessed by unauthorized
users, which could let a
malicious user obtain
sensitive information; a
vulnerability exists because
users with "public" access to
the system may be able to
view and modify some
administration pages when a
HTTP request is submitted
that contains metacharacters
that are double URL encoded;
and a vulnerability exists
because it is possible for a
malicious user to bypass file
type restrictions on the header
and footer file, which could
let them obtain sensitive
information.
No workaround or patch
available at time of
publishing.
csNews
Multiple
Vulnerabilities
Medium Bug discussed
in newsgroups
and websites.
There is no
exploit code
required for the
database file
vulnerability.
Exploits have
been published
for the “public”
access and
header and
footer file
restrictions
vulnerabilities.
11
Caldera International, Inc. Security Advisory, CSSA-2002-SCO.23, May 30, 2002.
12
Strategic Reconnaissance Team Security Advisory, SRT2002-06-04-1611, June 4, 2002.
13
Caldera International, Inc. Security Advisory, CSSA-2002-024.0, June 3, 2002.
14
Bugtraq, June 11, 2002.
(51 stránky)
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Komentáře k této Příručce