Section: .. / advisories / cert /
|
See the CERT website for more information.
|
| /// File Name: |
CA-2002-18.openssh |
Description:
|
CERT Advisory CA-2002-18 - Openssh v2.3.1p1 to 3.3 contains two related vulnerabilities. A vulnerability in the PAM modules that use interactive keyboard authentication (PAMAuthenticationViaKbdInt) can allow remote execution of code. In addition, challenge response configuration option is set to yes and the system is using SKEY or BSD_AUTH, an intruder can execute code remotely.
| | Homepage: | http://www.cert.org | | File Size: | 17273 | | Last Modified: | Jun 29 19:50:09 2002 |
| MD5 Checksum: | 0c96f5bb1420a25e4545fcee7cee3a22 |
|
| /// File Name: |
CA-2002-19.resolver |
Description:
|
CERT Advisory CA-2002-19 - A buffer overflow vulnerability exists in multiple implementations of DNS resolver libraries (libc and libbind) allows remote attackers who are able to send malicious DNS responses to exploit this vulnerability to execute arbitrary code or cause a denial of service. Most versions of BIND, FreeBSD, NetBSD, and OpenBSD are vulnerable.
| | Homepage: | http://www.cert.org | | File Size: | 11562 | | Last Modified: | Jun 29 20:14:30 2002 |
| MD5 Checksum: | f43e323b7d300233377911efea2586a9 |
|
| /// File Name: |
CA-2002-20.tooltalk |
Description:
|
CERT Advisory CA-2002-20 - Two serious remote vulnerabilities have been found in systems running CDE ToolTalk (rpc.ttdbserverd). The first vulnerability allows remote attackers to delete arbitrary files, cause a denial of service, or possibly execute arbitrary code or commands. The second vulnerability allows local attackers to overwrite arbitrary files with contents of the attacker's choice.
| | Homepage: | http://www.cert.org | | File Size: | 17922 | | Last Modified: | Jul 11 07:22:45 2002 |
| MD5 Checksum: | 6a38d6225c1b007e7f1505ba7f2f71e8 |
|
| /// File Name: |
CA-2002-21.php |
Description:
|
CERT Advisory CA-2002-21 - Another file upload vulnerability has been discovered in PHP which can allow remote code execution. X86 systems are difficult to remotely execute code on but can still be crashed.
| | Homepage: | http://www.cert.org | | File Size: | 11397 | | Last Modified: | Jul 23 19:31:52 2002 |
| MD5 Checksum: | e6a875b4bd735f98cafc7f3932823ebd |
|
| /// File Name: |
CA-2002-22.mssql |
Description:
|
CERT Advisory CA-2002-22 - Microsoft SQL Server 7.0, 2000, and Desktop Engine 2000 contains a dozen serious vulnerabilities that allow remote attackers to obtain sensitive information, alter database content, compromise SQL servers, and compromise server hosts.
| | Homepage: | http://www.cert.org | | File Size: | 18025 | | Last Modified: | Jul 30 10:39:22 2002 |
| MD5 Checksum: | d92fb15df3feab5a01cd6cf2cc95093c |
|
| /// File Name: |
CA-2002-23.openssl |
Description:
|
CERT Advisory CA-2002-23 - OpenSSL prior to 0.9.6e, up to and including pre-release 0.9.7-beta2 contains four remotely exploitable buffer overflows. Overflows exist during the SSLv2 handshake process, SSLv3 handshake process, Kerberos SSLv3 handshakes, and holding of ASCII representations of integers. Denial of service vulnerabilities exist in the handing of ASN.1 encoding. Version 0.9.6e of OpenSSL is recommended.
| | Homepage: | http://www.cert.org | | File Size: | 11749 | | Last Modified: | Jul 31 08:10:20 2002 |
| MD5 Checksum: | 5a3c9112a299983104f3207c37a604b8 |
|
| /// File Name: |
CA-2002-24.openssh.trojan |
Description:
|
CERT Advisory CA-2002-24 - OpenSSH was trojaned from July 30 to Aug 1, allowing remote attackers to execute commands over a port 6667 connection. Versions openssh-3.2.2p1.tar.gz, openssh-3.4.tgz, and openssh-3.4p1.tar.gz were replaced. In the future check the GPG signature.
| | Homepage: | http://www.cert.org | | File Size: | 7614 | | Last Modified: | Aug 6 07:11:42 2002 |
| MD5 Checksum: | e84c9dfca68a40aa713fe8ebdcdc6d75 |
|
| /// File Name: |
CA-2002-25.xdr |
Description:
|
CERT Advisory CA-2002-25 - The Sun Microsystems XDR library contains overflows which lead to exploitable vulnerabilities in many applications. The xdr_array() function commonly used in RPC calls is the source of the vulnerabilities. Specific impacts reported include the ability to execute arbitrary code with root privileges (by exploiting dmispd, rpc.cmsd, or kadmind, for example). In addition, intruders who exploit the XDR overflow in MIT KRB5 kadmind may be able to gain control of a Key Distribution Center (KDC) and improperly authenticate to other services within a trusted Kerberos realm.
| | Homepage: | http://www.cert.org | | File Size: | 14450 | | Related CVE(s): | CAN-2002-0391 | | Last Modified: | Aug 6 08:09:27 2002 |
| MD5 Checksum: | bf6565a3708b0fc74081256d5054d6dd |
|
| /// File Name: |
CA-2002-26.tooltalk |
Description:
|
CERT Advisory CA-2002-26 - The Common Desktop Environment (CDE) ToolTalk RPC database server contains a heap overflow vulnerability that could allows remote attackers to execute arbitrary code.
| | Homepage: | http://www.cert.org | | File Size: | 14456 | | Related CVE(s): | CAN-2002-0679 | | Last Modified: | Aug 13 08:33:39 2002 |
| MD5 Checksum: | 82c668c15b22cbde6c13d68197828cdc |
|
| /// File Name: |
CA-2002-27.sslworm |
Description:
|
Cert Advisory CA-2002-27 - Linux systems running Apache with mod_ssl accessing SSLv2-enabled OpenSSL 0.9.6d or earlier on Intel x86 architectures are being automatically exploited by a worm which takes advantage of VU#102795 in OpenSSL. The worm scans for vulnerable systems on port 80, then sends exploit code over port 443. The worm also functions as a ddos network which communicates over TCP port 2002. Infected systems can be identified by the presence of /tmp/.bugtraq.c. Fix available here.
| | Homepage: | http://www.cert.org | | File Size: | 10709 | | Last Modified: | Sep 16 08:49:18 2002 |
| MD5 Checksum: | b9252e793f07959aadcae76697f1158f |
|
| /// File Name: |
CA-2002-28.sendmail |
Description:
|
CERT Advisory CA-2002-28 - Sendmail 8.12.6 was backdoored on September 28, 2002 to include a trojan which executes commands via outbound port 6667 connections.
| | Homepage: | http://www.cert.org | | File Size: | 9461 | | Last Modified: | Oct 10 02:21:03 2002 |
| MD5 Checksum: | f6a94b46de29c16173327843a102489e |
|
| /// File Name: |
CA-2002-29.kerberos |
Description:
|
CERT Advisory CA-2002-29 - Multiple Kerberos distributions contain a remotely exploitable buffer overflow in the Kerberos administration daemon. A remote attacker could exploit this vulnerability to gain root privileges.
| | Homepage: | http://www.cert.org | | File Size: | 1391 | | Last Modified: | Oct 30 08:56:09 2002 |
| MD5 Checksum: | 5bc3502dfd425743f5896240e081ff72 |
|
| /// File Name: |
CA-2002-30.trojan |
Description:
|
CERT Advisory CA-2002-30 - Released source code distributions of the libpcap and tcpdump packages were modified by an intruder and contain a trojan horse which, upon compile time, remote grabs a file from a fixed IP address which it then compiles and runs. The binary then goes to a fixed IP address and gets a one character response which enables the remote machine to trigger the spawning of a shell to the remote machine. The backdoor also explicitly ignores all traffic on port 1963.
| | Homepage: | http://www.cert.org/ | | File Size: | 8715 | | Last Modified: | Nov 15 09:02:19 2002 |
| MD5 Checksum: | e54c4be958885a0de93635a5937a757f |
|
| /// File Name: |
CA-2002-31.bind |
Description:
|
CERT Advisory CA-2002-31 - BIND 8 has vulnerabilities that may allow remote attackers to execute arbitrary code with the privileges of the user running named which is usually root, or with the privileges of vulnerable client applications. The other vulnerabilities will allow remote attackers to disrupt the normal operation of DNS name service running on victim servers.
| | Homepage: | http://www.cert.org/ | | File Size: | 15378 | | Last Modified: | Nov 15 09:21:15 2002 |
| MD5 Checksum: | 7911dbfee02e3e41e0f329b0d8fdff46 |
|
| /// File Name: |
CA-2002-32.alcatel |
Description:
|
CERT Advisory CA-2002-32 - Backdoor in Alcatel OmniSwitch 7700 and 7800 AOS version 5.1.1. A telnet server listens on TCP port number 6778, a backdoor that was originally used during development to access the Wind River Vx-Works operating system. Due to an oversight, this access was not removed prior to product release.
| | Homepage: | http://www.cert.org | | File Size: | 5298 | | Last Modified: | Nov 24 02:16:00 2002 |
| MD5 Checksum: | bb91a5a0f11171433192ade8fc82b9cc |
|
| /// File Name: |
CA-2002-33.MDAC |
Description:
|
CERT Advisory CA-2002-33 - Heap Overflow Vulnerability in Microsoft Data. A routine in the RDS component, specifically the RDS Data Stub function, contains an unchecked buffer. The RDS Data Stub function's purpose is to parse incoming HTTP requests and generate RDS commands. This unchecked buffer could be exploited to cause a heap overflow.
| | Homepage: | http://www.cert.org | | File Size: | 7392 | | Last Modified: | Nov 24 02:18:56 2002 |
| MD5 Checksum: | b5c22892f43bdc3b7483e26eba6523ce |
|
| /// File Name: |
CA-2002-34.xfs |
Description:
|
CERT Advisory CA-2002-34 - The Solaris X Window Font Service (XFS) daemon (fs.auto) on Solaris 2.5.1 - 9 contains a remotely exploitable user nobody buffer overflow on Sparc and X86. More information available here.
| | Homepage: | http://www.cert.org | | File Size: | 7331 | | Related CVE(s): | CAN-2002-1317 | | Last Modified: | Nov 30 12:08:28 2002 |
| MD5 Checksum: | e6268b7f2e6e9e048615738ffeb05c49 |
|
| /// File Name: |
CA-2002-35.raq4 |
Description:
|
CERT Advisory CA-2002-35 - Cobalt Raq4 systems with the Security Hardening Package installed allow remote attackers to execute code as root because overflow.cgi does not adequately filter input destined for the email variable.
| | Homepage: | http://www.cert.org | | File Size: | 6638 | | Last Modified: | Dec 12 16:49:28 2002 |
| MD5 Checksum: | 026cbf3d80a30a687e152121d00ddeb6 |
|
| /// File Name: |
CA-2002-36.ssh |
Description:
|
CERT Advisory CA-2002-36 - Multiple vendors' implementations of the secure shell (SSH) transport layer protocol contain vulnerabilities that could allow a remote attacker to execute arbitrary code with the privileges of the SSH process or cause a denial of service. The vulnerabilities affect SSH clients and servers, and they occur before user authentication takes place. OpenSSH is not vulnerable. More information available here.
| | Homepage: | http://www.cert.org | | File Size: | 11191 | | Last Modified: | Dec 21 11:23:09 2002 |
| MD5 Checksum: | 393e90df79d2e0d58203125c9bb58ff0 |
|
| /// File Name: |
CA-2002-37.windows.shell |
Description:
|
CERT Advisory CA-2002-37 - A buffer overflow vulnerability in the Microsoft Windows Shell allows remote attackers to execute arbitrary code via malicious email message, malicious web page, or browsing through a folder containing a malicious .MP3 or .WMA file. More information available here.
| | Homepage: | http://www.cert.org | | File Size: | 6098 | | Related CVE(s): | CAN-2002-1327 | | Last Modified: | Dec 21 11:28:18 2002 |
| MD5 Checksum: | e94145ac24db820aa7d84da855aa5755 |
|
| /// File Name: |
CA-2003-01.dhcpd |
Description:
|
CERT Advisory CA-2003-01 - There are multiple stack-based buffer overflows in ISC DHCP that are exploitable by sending a DHCP message containing a large hostname value allowing remote attackers to execute code with the privileges of the user running dhcpd.
| | Homepage: | http://www.cert.org | | File Size: | 10570 | | Related CVE(s): | CAN-2003-0026 | | Last Modified: | Jan 17 09:24:05 2003 |
| MD5 Checksum: | d17c624c49bad511e5dac22b8cce69a6 |
|
| /// File Name: |
CA-2003-02.cvs |
Description:
|
CERT Advisory CA-2003-02 - Systems running CVS Home project versions of CVS prior to 1.11.5 allow non-authenticated remote attackers with read only access to execute arbitrary code. Vendor status information available here.
| | Homepage: | http://www.cert.org | | File Size: | 11935 | | Last Modified: | Jan 23 09:25:39 2003 |
| MD5 Checksum: | 96bcee114c70021a72d131f47f8011d4 |
|
| /// File Name: |
CA-2003-03.windows.locator |
Description:
|
CERT Advisory CA-2003-03 - Windows NT, 2000, and XP contains a buffer overflow in the Windows Locator service that allows remote attackers to execute arbitrary code via the netbios ports. More information available here and in ms03-001.
| | Homepage: | http://www.cert.org | | File Size: | 8111 | | Last Modified: | Jan 24 08:07:05 2003 |
| MD5 Checksum: | e25389d4f4430a44f678578aad102a83 |
|
| /// File Name: |
CA-2003-04.mssql.worm |
Description:
|
CERT Advisory CA-2003-04 - A quickly spreading Microsoft SQL worm exploits two vulnerabilities in Microsoft SQL Server 2000 over udp port 1434.
| | Homepage: | http://www.cert.org | | File Size: | 7874 | | Last Modified: | Jan 26 19:38:07 2003 |
| MD5 Checksum: | 9a3232db2280856d044de3dc8eaac1af |
|
| /// File Name: |
CA-2003-05.oracle |
Description:
|
CERT Advisory CA-2003-05 - Systems running Oracle8 Database v 8.0.6, 8.1.7, Oracle9i Database (Release 1 and 2), and Oracle9i Application Server (Release 9.0.2 and 9.0.3) contain multiple remote vulnerabilities which can lead to the execution of arbitrary code, allow users to modify database records, or cause a denial of service, breaking the database.
| | Homepage: | http://www.cert.org | | File Size: | 8514 | | Last Modified: | Feb 20 10:20:39 2003 |
| MD5 Checksum: | 22a4447df0df965497ab612a64c1a15a |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
