Red Hat NETSCAPE ENTREPRISE SERVER 6.1 - 08-2002 ADMINISTRATOR Uživatelský manuál stáhnout pdf (Strana 4)

NIPC CyberNotes #2002-12 Page 4 of 33 06/17/2002

Vendor

Operating

System

Software

Name

Vulnerability/

Impact

Patches/Workarounds/

Alerts

Common

Name

Risk*

Attacks/

Scripts

CGIScript.

net

Unix csPassword

1.0

Multiple vulnerabilities exist:

a vulnerability exists in

'.htpasswd' files because they

are generated in the same

folder as the '.htaccess' files,

which could let a malicious

user obtain usernames and

passwords; a vulnerability

exists in the 'csPassword.cgi'

script, which could let a

malicious user add directives

and make changes to the

generated '.htaccess file;' and

a vulnerability exists in the

'csPassword.cgi' script, which

could let a malicious user

obtain sensitive information.

Customers are advised to

contact the vendor for

patch information.

csPassword

Multiple

Vulnerabilities

Medium Bug discussed

in newsgroups

and websites.

There is no

exploit code

required.

Datalex

Multiple Bookit!

Consumer

2.0

A vulnerability exists because

password information is

stored and passed in plain

text, which could let a

malicious user obtain

sensitive information.

Upgrade available at:

http://www.datalex.com/pro

ducts_consumer24.asp

Bookit!

Consumer

Plaintext

Password

Information

Medium Bug discussed

in newsgroups

and websites.

There is no

exploit code

required.

Debian

Unix Debian

Linux 2.2

sparc,

powerpc,

Linux 2.2

IA-32,

Linux 2.2

arm, alpha,

Linux 2.2

68k

A vulnerability exists because

‘in.uucpd’ does not properly

truncate strings, which could

let a remote malicious user

cause a Denial of Service.

Update available at:

http://security.debian.org/dis

ts/stable/updates/main/

Debian

IN.UUCP

Remote

Denial of

Service

Low Bug discussed

in newsgroups

and websites.

Double

Precision

Incorpor-

ated

Unix Courier

MTA

0.38.1

A remote Denial of Service

vulnerability exists in the

MTA when messages that

contain an excessively large

year are handled.

No workaround or patch

available at time of

publishing.

Courier MTA

Remote

Denial of

Service

Low Bug discussed

in newsgroups

and websites.

Bugtraq, May 29, 2002.

iDEFENSE Security Advisory, 06.10.2002, June 10, 2002.

Debian Security Advisory, DSA-129-1, May 27, 2002.

Securiteam, June 3, 2002.

1 2 3 4 5 6 7 8 9 ... 32 33

Komentáře k této Příručce

Žádné komentáře

Red Hat NETSCAPE ENTREPRISE SERVER 6.1 - 08-2002 ADMINISTRATOR Uživatelský manuál Strana 4

Komentáře k této Příručce

Související produkty a manuály pro Servery Red Hat NETSCAPE ENTREPRISE SERVER 6.1 - 08-2002 ADMINISTRATOR