Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 04:10:46 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1487086567&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2Fadvisories%2Fiss%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1487086567.1338178246.1338178246.1338178246.1%3B%2B__utmz%3D32867617.1338178246.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/30865/iss.snort-rpc.txt http://packetstormsecurity.org/files/30865/iss.snort-rpc.txt http://packetstormsecurity.org/files/30865/iss.snort-rpc.txt.html Mon, 10 Mar 2003 23:26:56 GMT ISS Security Advisory - Snort v1.8 through 1.9.0 contains a remote root vulnerability in the processing of fragmented RPC traffic. Since fragment sizes are not properly checked against the remaining buffer space, remote attackers can execute arbitrary code as root by sending a packet to any IP in network space a snort sensor is listening to. Successful exploitation does not generate log entries, and non-executable stacks do not offer protection. http://packetstormsecurity.org/files/30751/iss.slammer.worm.txt http://packetstormsecurity.org/files/30751/iss.slammer.worm.txt http://packetstormsecurity.org/files/30751/iss.slammer.worm.txt.html Sat, 25 Jan 2003 18:10:08 GMT ISS Security Advisory - The "Microsoft SQL Slammer Worm" is spreading via unpatched SQL servers. Once a vulnerable computer is compromised, the worm will infect that target, randomly select a new target, and resend the exploit and propagation code to that host sending a large amount of network traffic in the process which crashes some network equipment. http://packetstormsecurity.org/files/30000/iss.bind4-8.txt http://packetstormsecurity.org/files/30000/iss.bind4-8.txt http://packetstormsecurity.org/files/30000/iss.bind4-8.txt.html Wed, 13 Nov 2002 11:48:50 GMT ISS Security Advisory - Bind 8 v8.3.3-REL and below and Bind 4 v4.9.10-REL and below contain a flaw in the formation of DNS responses containing SIG resource records (RR) that allows remote code execution. Two denial of service vulnerabilities exist as well. A workaround is available by turning off recursive DNS functionality. http://packetstormsecurity.org/files/29666/iss.iss.txt http://packetstormsecurity.org/files/29666/iss.iss.txt http://packetstormsecurity.org/files/29666/iss.iss.txt.html Wed, 18 Sep 2002 21:34:33 GMT ISS Security Advisory - A vulnerability found in the manner used by Internet Scanner to parse certain types of non-standard HTTP responses can result in a remotely exploitable buffer overflow condition. This affects Internet Scanner version 6.2.1 for Windows (NT/2000) and has been corrected with X-Press Update 6.17. http://packetstormsecurity.org/files/29560/iss.polycom.txt http://packetstormsecurity.org/files/29560/iss.polycom.txt http://packetstormsecurity.org/files/29560/iss.polycom.txt.html Thu, 05 Sep 2002 07:07:21 GMT ISS Security Advisory - Polycom ViewStation videoconferencing products contain several remote vulnerabilities which allow attackers to gather information about the device, retrieve files, crash the device, and monitor videoconferences. Polycom ViewStation 7.2 and earlier and Polycom ViewStation FX/VS 4000 version 4.1.5 and below are affected. http://packetstormsecurity.org/files/29518/iss.smb-dos.txt http://packetstormsecurity.org/files/29518/iss.smb-dos.txt http://packetstormsecurity.org/files/29518/iss.smb-dos.txt.html Fri, 30 Aug 2002 18:50:36 GMT ISS Security Advisory - Windows NT, 2000, and XP can be crashed remotely by sending a malformed packet to port 139, triggering a heap overflow. MS02-045. http://packetstormsecurity.org/files/26471/iss.exchange.txt http://packetstormsecurity.org/files/26471/iss.exchange.txt http://packetstormsecurity.org/files/26471/iss.exchange.txt.html Thu, 25 Jul 2002 05:53:51 GMT ISS Security Advisory - Microsoft Exchange Server v5.5 contains a remotely exploitable buffer overflow. This flaw allows attackers to either crash Exchange and block all inbound and outbound email delivery or allow an attacker to gain complete control of the server. http://packetstormsecurity.org/files/25466/iss.01-11-20.rlpdaemon http://packetstormsecurity.org/files/25466/iss.01-11-20.rlpdaemon http://packetstormsecurity.org/files/25466/iss.01-11-20.rlpdaemon.html Tue, 20 Nov 2001 23:19:37 GMT ISS Security Advisory - ISS X-Force has discovered a vulnerability in the HP-UX line printer daemon (rlpdaemon) that allows a remote or local user to execute arbitrary code with root privileges. Affected versions include HP-UX 10.01, 10.10, 10.20, 11.00, and 11.11. http://packetstormsecurity.org/files/25431/iss.01-11-12.dtspcd http://packetstormsecurity.org/files/25431/iss.01-11-12.dtspcd http://packetstormsecurity.org/files/25431/iss.01-11-12.dtspcd.html Mon, 12 Nov 2001 23:31:54 GMT ISS discovered a buffer overflow vulnerability in the Subprocess Control Server (dtspcd) in all Unix variants running CDE (Common Desktop Environment) system. The vulnerability in the dtspcd daemon allows remote attackers to execute arbitrary commands on a target system as root. Many unix flavors are affected. http://packetstormsecurity.org/files/25357/iss.01-10-16.citrix http://packetstormsecurity.org/files/25357/iss.01-10-16.citrix http://packetstormsecurity.org/files/25357/iss.01-10-16.citrix.html Wed, 17 Oct 2001 06:50:39 GMT ISS Security Advisory - A remote denial of service vulnerability has been found in Citrix MetaFrame, an application server that works with Windows Terminal Services. This vulnerability causes a MetaFrame installation to crash or "blue screen" and requires an affected system to be restarted manually. http://packetstormsecurity.org/files/25334/iss.01-10-02.ttdbserverd http://packetstormsecurity.org/files/25334/iss.01-10-02.ttdbserverd http://packetstormsecurity.org/files/25334/iss.01-10-02.ttdbserverd.html Thu, 04 Oct 2001 06:38:32 GMT ISS Security Advisory - A format string vulnerability has been found in the tooltalk service (rpc.ttdbserverd) on multiple versions of HP-UX, IBM AIX, IRIX, DG-UX, and Solaris. ToolTalk contains a "syslog()" call that will interpret user-supplied formatting arguments. This call is insecure and allows remote attackers to control formatting and manipulate data at arbitrary locations in the memory of the running executable. http://packetstormsecurity.org/files/25241/iss.01-08-29.bsd-lpr http://packetstormsecurity.org/files/25241/iss.01-08-29.bsd-lpr http://packetstormsecurity.org/files/25241/iss.01-08-29.bsd-lpr.html Thu, 30 Aug 2001 05:23:03 GMT ISS Security Advisory - A buffer overflow has been discovered in the line printer daemon of several BSD implementations. (in.lpd or lpd) A remote or local attacker can execute arbitrary code as root. The vulnerability presents itself when an attacker submits a specially crafted print job and then requests a display of the printer queue to trigger the overflow. Affected versions include OpenBSD CURRENT and earlier, FreeBSD 4.3 and earlier, NetBSD 1.5.1 and earlier, and BSD/OS 4.1 and earlier. http://packetstormsecurity.org/files/25230/iss.01-08-27.hp.lpr http://packetstormsecurity.org/files/25230/iss.01-08-27.hp.lpr http://packetstormsecurity.org/files/25230/iss.01-08-27.hp.lpr.html Tue, 28 Aug 2001 06:55:03 GMT ISS Security Advisory - A buffer overflow has been discovered in the HP-UX line printer daemon (rlpdaemon) which allows a remote or local attacker to execute arbitrary code with superuser privilege. Affected versions include HP-UX 10.01, 10.10, 10.20, 11.00, and 11.11. Rlpdaemon is configured to run by default even if it is not being used. http://packetstormsecurity.org/files/24982/iss.01-07-05.radius http://packetstormsecurity.org/files/24982/iss.01-07-05.radius http://packetstormsecurity.org/files/24982/iss.01-07-05.radius.html Thu, 12 Jul 2001 12:42:53 GMT ISS Security Advisory - X-Force has discovered buffer overflow vulnerabilities in two popular Remote Authentication Dial-In User Server (RADIUS) implementations. The vulnerabilities in this advisory allow attackers to launch Denial of Service (DoS) attacks against critical network components, bypass 802.11 WLAN access control, and compromise and control protected network resources. Affected versions include Merit 3.6b RADIUS and Lucent 2.1-2 RADIUS. Prior releases are also vulnerable. http://packetstormsecurity.org/files/24851/iss.01-05-15.iis.url.decode http://packetstormsecurity.org/files/24851/iss.01-05-15.iis.url.decode http://packetstormsecurity.org/files/24851/iss.01-05-15.iis.url.decode.html Thu, 17 May 2001 20:57:56 GMT ISS Security Alert - A flaw exists in Microsoft Internet Information Server (IIS) that may allow remote attackers to view directory structures, view and delete files, execute arbitrary commands, and deny service to the server. It is possible for attackers to craft URLs that take advantage of a flaw in IIS URL decoding routines. Security mechanisms within these routines can be bypassed. All recent versions of IIS are affected by this vulnerability. http://packetstormsecurity.org/files/24839/iss.01-05-09.irix.espd http://packetstormsecurity.org/files/24839/iss.01-05-09.irix.espd http://packetstormsecurity.org/files/24839/iss.01-05-09.irix.espd.html Thu, 17 May 2001 19:49:21 GMT ISS Security Advisory - A buffer overflow has been discovered in IRIX rpc.espd, which is installed by default on all current SGI IRIX installations. Remote attackers without accounts can execute commands as root. Patch available here. http://packetstormsecurity.org/files/24836/iss.summary.6.6 http://packetstormsecurity.org/files/24836/iss.summary.6.6 http://packetstormsecurity.org/files/24836/iss.summary.6.6.html Wed, 16 May 2001 01:07:09 GMT ISS Security Alert Summary for May 10, 2001 - Volume 6 Number 6. 120 new vulnerabilities were reported this month. This document has links to more information and full advisories on each. Includes: thebat-masked-file-type, php-nuke-url-redirect, orinoco-rg1000-wep-key, navision-server-dos, ustorekeeper-retrieve-files, resin-view-javabean, bpftp-obtain-credentials, ntpd-remote-bo, cisco-css-elevate-privileges, bea-tuxedo-remote-access, ultimatebb-bypass-authentication, bintec-x4000-nmap-dos, firebox-kernel-dos, cisco-pix-tacacs-dos, ipfilter-access-ports, veritas-netbackup-nc-dos, nai-pgp-split-keys, solaris-kcms-command-bo, talkback-cgi-read-files, ftp-glob-implementation, pine-tmp-file-symlink, ftp-glob-expansion, netscape-javascript-access-data, strip-weak-passwords, solaris-xsun-home-bo, compaq-activex-dos, alcatel-expert-account, alcatel-tftp-lan-access, alcatel-tftp-wan-access, oracle-appserver-ndwfn4-bo, alcatel-blank-password, solaris-dtsession-bo, solaris-kcssunwiosolf-bo, lightwave-consoleserver-brute-force, nph-maillist-execute-code, ghost-configuration-server-dos, lotus-domino-device-dos, lotus-domino-header-dos, lotus-domino-url-dos, lotus-domino-corba-dos, ghost-database-engine-dos, cfingerd-remote-format-string, lotus-domino-unicode-dos, mkpasswd-weak-passwords, solaris-ipcs-bo, interscan-viruswall-isadmin-bo, hylafax-hfaxd-format-string, cisco-vpn-ip-dos, ibm-websphere-reveals-path, qpc-ftpd-bo, qpc-ftpd-directory-traversal, qpc-popd-bo, ncm-content-database-access, netscape-smartdownload-sdph20-bo, sco-openserver-accept-bo, sco-openserver-cancel-bo, sco-openserver-disable-bo, sco-openserver-enable-bo, sco-openserver-lp-bo, sco-openserver-lpfilter-bo, sco-openserver-lpstat-bo, sco-openserver-reject-bo, sco-openserver-rmail-bo, sco-openserver-tput-bo, ibm-websphere-macro-dos, sco-openserver-lpmove-bo, reliant-unix-ppd-symlink, exuberant-ctags-symlink, processit-cgi-view-info, isa-web-proxy-dos, ie-clsid-execute-files, cisco-catalyst-8021x-dos, bubblemon-elevate-privileges, dcforum-az-directory-traversal, dcforum-az-file-upload, dcforum-az-expr, linux-netfilter-iptables, xitami-server-dos, samba-tmpfile-symlink, goahead-aux-dos, analogx-simpleserver-aux-dos, viking-hex-directory-traversal, solaris-ftp-shadow-recovery, thebat-pop3-dos, eudora-plain-text-attachment, vmware-mount-symlink, kfm-tmpfile-symlink, cyberscheduler-timezone-bo, ms-dacipp-webdav-access, oracle-tnslsnr80-dos, innfeed-c-bo, iplanet-calendar-plaintext-password, nedit-print-symlink, checkbo-tcp-bo, hp-pcltotiff-insecure-permissions, netopia-timbuktu-gain-access, cisco-cbos-gain-information, ie-xml-stylesheets-scripting, gftp-format-string, bordermanager-vpn-syn-dos, saft-sendfiled-execute-code, mercury-mta-bo, qnx-fat-file-read, viking-dot-directory-traversal, netcruiser-server-path-disclosure, perl-webserver-directory-traversal, small-http-aux-dos, ipswitch-imail-smtp-bo, kerberos-inject-base64-encode, irix-netprint-shared-library, webxq-dot-directory-traversal, raidenftpd-dot-directory-traversal, perlcal-calmake-directory-traversal, icq-webfront-dos, alex-ftp-directory-traversal, webweaver-ftp-path-disclosure, webweaver-web-directory-traversal, winamp-aip-bo, bearshare-dot-download-files, and iis-isapi-bo. http://packetstormsecurity.org/files/24788/iss.05-02-01.iis5 http://packetstormsecurity.org/files/24788/iss.05-02-01.iis5 http://packetstormsecurity.org/files/24788/iss.05-02-01.iis5.html Thu, 03 May 2001 02:07:09 GMT ISS Security Advisory - Windows 2000 running IIS 5.0 has a serious remote vulnerability in the ISAPI printer extension. More information available here. http://packetstormsecurity.org/files/24597/iss.summary.6.5 http://packetstormsecurity.org/files/24597/iss.summary.6.5 http://packetstormsecurity.org/files/24597/iss.summary.6.5.html Mon, 09 Apr 2001 05:30:06 GMT ISS Security Alert Summary for April 5, 2001 - Volume 6 Number 5. 80 new vulnerabilities were reported this month. This document has links to more information and full advisories on each. Includes: palm-debug-bypass-password, exchange-malformed-url-dos, mailx-bo, sunftp-gain-access, winzip-zipandemail-bo, broker-ftp-delete-files, broker-ftp-list-directories, indexu-gain-access, fastream-ftp-directory-traversal, slimserve-httpd-directory-traversal, wftpd-pro-bo, irc-tkserv-bo, warftp-directory-traversal, ie-telnet-execute-commands, cisco-aironet-web-access, netscape-directory-server-bo, proftpd-postinst-root, proftpd-var-symlink, man2html-remote-dos, linux-eperl-bo, novell-netware-unauthorized-access, sgmltools-symlink, hp-asecure-dos, ascdc-afterstep-bo, iis-webdav-dos, websweeper-http-dos, foldoc-cgi-execute-commands, slrn-wrapping-bo, mutt-imap-format-string, formmail-anonymous-flooding, halflife-config-file-bo, halflife-exec-bo, halflife-map-bo, halflife-map-format-string, ikonboard-cgi-read-files, timed-remote-dos, imap-ipop2d-ipop3d-bo, rwhod-remote-dos, snmpd-argv-bo, mesa-utahglx-symlink, ftpfs-bo, solaris-snmpxdmid-bo, vbulletin-php-elevate-privileges, mdaemon-webservices-dos, ssh-ssheloop-dos, eudora-html-execute-code, aspseek-scgi-bo, hslctf-http-dos, licq-url-execute-commands, superscout-bypass-filtering, dgux-lpsched-bo, rediplus-weak-security, fcheck-open-execute-commands, ntmail-long-url-dos, vim-elevate-privileges, ufs-ext2fs-data-disclosure, microsoft-invalid-digital-certificates, akopia-interchange-gain-access, solaris-perfmon-create-files, win-userdmp-insecure-permission, compaq-wbm-bypass-proxy, mdaemon-imap-command-dos, hp-newgrp-additional-privileges, lan-suite-webprox-dos, weblogic-browse-directories, solaris-tip-bo, sonicwall-ike-shared-keys, anaconda-clipper-directory-traversal, visual-studio-vbtsql-bo, sco-openserver-deliver-bo, sco-openserver-lpadmin-bo, sco-openserver-lpforms-bo, sco-openserver-lpshut-bo, sco-openserver-lpusers-bo, sco-openserver-recon-bo, sco-openserver-sendmail-bo, inframail-post-dos, cisco-vpn-telnet-dos, website-pro-remote-dos, and win-compressed-password-recovery. http://packetstormsecurity.org/files/24486/iss.00-03-14.stick http://packetstormsecurity.org/files/24486/iss.00-03-14.stick http://packetstormsecurity.org/files/24486/iss.00-03-14.stick.html Fri, 16 Mar 2001 22:42:14 GMT The Stick ddos tool overloads IDS systems with false positives, causing them to fail. Paper on stick available here. http://packetstormsecurity.org/files/24431/iss.summary.6.4 http://packetstormsecurity.org/files/24431/iss.summary.6.4 http://packetstormsecurity.org/files/24431/iss.summary.6.4.html Tue, 13 Mar 2001 23:54:42 GMT ISS Security Alert Summary for March 5, 2001 - Volume 6 Number 4. 90 new vulnerabilities were reported this month. This document has links to more information and full advisories on each. Includes: a1-server-dos, a1-server-directory-traversal, webreflex-web-server-dos, sedum-http-dos, tru64-inetd-dos, outlook-vcard-bo, ultimatebb-cookie-member-number, ultimatebb-cookie-gain-privileges, sendmail-elevate-privileges, jre-jdk-execute-commands, licq-remote-port-dos, pgp4pine-expired-keys, chilisoft-asp-view-files, win2k-domain-controller-dos, asx-remote-dos, vshell-port-forwarding-rule, pi3web-isapi-bo, pi3web-reveal-path, bajie-execute-shell, bajie-directory-traversal, resin-directory-traversal, netware-mitm-recover-passwords, firebox-pptp-dos, hp-virtualvault-iws-dos, kicq-execute-commands, hp-text-editor-bo, sendtemp-pl-read-files, analog-alias-bo, elm-long-string-bo, winnt-pptp-dos, startinnfeed-format-string, his-auktion-cgi-url, wayboard-cgi-view-files, muskat-empower-url-dir, icq-icu-rtf-dos, commerce-cgi-view-files, roads-search-view-files, webpage-cgi-view-info, webspirs-cgi-view-files, webpals-library-cgi-url, cobol-apptrack-nolicense-permissions, cobol-apptrack-nolicense-symlink, vixie-crontab-bo, novell-groupwise-bypass-policies, infobot-calc-gain-access, linux-sysctl-read-memory, openssh-bypass-authentication, lotus-notes-stored-forms, linux-ptrace-modify-process, ssh-deattack-overwrite-memory, dc20ctrl-port-bo, ja-xklock-bo, ja-elvis-elvrec-bo, ko-helvis-elvrec-bo, serverworx-directory-traversal, ntlm-ssp-elevate-privileges, ssh-session-key-recovery, aolserver-directory-traversal, chilisoft-asp-elevate-privileges, win-udp-dos, ssh-daemon-failed-login, picserver-directory-traversal, biblioweb-directory-traversal, biblioweb-get-dos, ibm-netcommerce-reveal-information, win-dde-elevate-privileges, hsweb-directory-browsing, sedum-directory-traversal, free-java-directory-traversal, goahead-directory-traversal, gnuserv-tcp-cookie-overflow, xmail-ctrlserver-bo, netscape-webpublisher-acl-permissions, cups-httpgets-dos, prospero-get-pin, and prospero-weak-permissions. http://packetstormsecurity.org/files/24294/iss.summary.6.3 http://packetstormsecurity.org/files/24294/iss.summary.6.3 http://packetstormsecurity.org/files/24294/iss.summary.6.3.html Wed, 14 Feb 2001 07:13:47 GMT ISS Security Alert Summary for February 6, 2001 - Volume 6 Number 3. 120 new vulnerabilities were reported this month. This document has links to more information and full advisories on each. Includes: win2k-rdp-dos, cisco-ccs-file-access, quicktime-embedded-tag-bo, solaris-ximp40-bo, cisco-ccs-cli-dos, slimserve-httpd-dos, crazywwwboard-qdecoder-bo, virusbuster-mua-bo, iis-isapi-obtain-code, bind-inverse-query-disclosure, hp-man-dos, sort-temp-file-abort, bind-complain-format-string, bind-complain-bo, winvnc-client-bo, winvnc-server-bo, guestserver-cgi-execute-commands, bind-tsig-bo, hyperseek-cgi-reveal-info, newsdaemon-gain-admin-access, mars-nwe-format-string, mars-nwe-format-string, planetintra-pi-bo, borderware-ping-dos, aol-malformed-url-dos, mirc-bypass-password, netscape-enterprise-revlog-dos, aim-execute-code, netscape-enterprise-list-directories, winnt-mutex-dos, jrun-webinf-file-retrieval, ipfw-bypass-firewall, netopia-telnet-dos, wuftp-debug-format-string, kde2-kdesu-retrieve-passwords, easycom-safecom-url-bo, easycom-safecom-printguide-dos, easycom-safecom-ftp-dos, vnc-weak-authentication, lotus-domino-smtp-bo, linux-sash-shadow-readable, powerpoint-execute-code, icecast-format-string, oracle-handlers-directory-traversal, oracle-handlers-execute-jsp, netscape-enterprise-dot-dos, goodtech-ftp-dos, netscape-fasttrack-cache-dos, eeye-iris-dos, watchguard-firebox-obtain-passphrase, fastream-ftp-server-dos, fastream-ftp-path-disclosure, localweb2k-directory-traversal, win2k-efs-recover-data, linux-bing-bo, micq-sprintf-remote-bo, mysql-select-bo, shoutcast-description-bo, fw1-limited-license-dos, fw1-limited-license-dos, hp-stm-dos, linux-webmin-tmpfiles, tinyproxy-remote-bo, postaci-sql-command-injection, wwwwais-cgi-dos, mime-header-attachment, ssh-rpc-private-key, linux-glibc-preload-overwrite, inn-tmpfile-symlink, interscan-viruswall-insecure-password, interscan-viruswall-weak-authentication, ie-mshtml-dos, dhcp-format-string, win-mediaplayer-arbitrary-code, veritas-backupexec-dos, interscan-viruswall-symlink, omnihttpd-statsconfig-corrupt-files, omnihttpd-statsconfig-execute-code, icmp-pmtu-dos, icmp-pmtu-dos, splitvt-perserc-format-string, splitvt-perserc-format-string, flash-module-bo, rctab-elevate-privileges, ultraboard-cgi-perm, compaq-web-management-bo, php-htaccess-unauth-access, basilix-webmail-retrieve-files, solaris-arp-bo, php-view-source-code, wec-ntlm-authentication, spamcop-url-seq-predict, linux-wuftpd-privatepw-symlink, rdist-symlink, squid-email-symlink, linux-diffutils-sdiff-symlimk, tcpdump-arpwatch-symlink, linuxconf-vpop3d-symlink, shadow-utils-useradd-symlink, linux-glibc-read-files, gettyps-symlink, linux-gpm-symlink, linux-mgetty-symlink, linux-apache-symlink, linux-inn-symlink, conferenceroom-developer-dos, oracle-xsql-execute-code, netscreen-webui-bo, suse-reiserfs-long-filenames, interbase-backdoor-account, interbase-hidden-function-dos, brickserver-thttpd-dos, solaris-exrecover-bo, hp-inetd-swait-dos, microsoft-iis-read-files, ibm-websphere-dos, storagesoft-imagecast-dos, nai-pgp-replace-keys, http-cgi-bbs-forum, lotus-domino-directory-traversal, http-cgi-fastgraf, newsdesk-cgi-read-files, gtk-module-execute-code, and linux-tty-writable-dos. http://packetstormsecurity.org/files/24185/iss.01-01-29.bind http://packetstormsecurity.org/files/24185/iss.01-01-29.bind http://packetstormsecurity.org/files/24185/iss.01-01-29.bind.html Thu, 01 Feb 2001 00:15:43 GMT ISS Security Alert - Remote Vulnerabilities in BIND versions 4 and 8. Bind 8 has a buffer overflow in the TSIG handling code - Bind 4 has several buffer overflows. Affected versions include v4.9.3 through 4.9.7 and 8.2 through 8.2.3-T9B. Fix available here. http://packetstormsecurity.org/files/24097/iss.01-01-18.ramen http://packetstormsecurity.org/files/24097/iss.01-01-18.ramen http://packetstormsecurity.org/files/24097/iss.01-01-18.ramen.html Tue, 23 Jan 2001 00:23:23 GMT ISS Security Alert - Ramen Linux Worm. A self-propagating worm known as Ramen is currently exploiting well-known holes (wu-ftp, rpc.statd, and LPRng) in unpatched Red Hat Linux 6.2 systems and in early versions of Red Hat 7.0. In addition to scanning for additional systems and propagating to vulnerable systems, the worm also defaces Web servers it encounters by replacing the "index.html" file. It may also interfere with some networks supporting multicasting. http://packetstormsecurity.org/files/24096/iss.summary.6.2 http://packetstormsecurity.org/files/24096/iss.summary.6.2 http://packetstormsecurity.org/files/24096/iss.summary.6.2.html Mon, 22 Jan 2001 23:24:05 GMT ISS Security Alert Summary for January 1, 2001 - Volume 6 Number 2. 115 new vulnerabilities were reported this month. This document has links to more information and full advisories on each. Includes: exmh-error-symlink, informix-webdriver-symlink, informix-webdriver-admin-access, zonealarm-mutex-dos, zonealarm-batfile-dos, shockwave-flash-swf-bo, macos-multiple-users, http-cgi-ikonboard, http-cgi-technote-main, xwindows-char-dos, 1stup-mail-server-bo, dialog-symlink, ibm-wcs-admin, http-cgi-technote-print, iis-web-form-submit, hpux-kermit-bo, bsguest-cgi-execute-commands, bslist-cgi-execute-commands, infinite-interchange-dos, oracle-execute-plsql, ksh-redirection-symlink, oracle-webdb-admin-access, infinite-interchange-dos, gnupg-detached-sig-modify, gnupg-reveal-private, zonealarm-nmap-scans, zonealarm-open-shares, win2k-index-service-activex, proftpd-size-memory-leak, weblogic-dot-bo, mdaemon-imap-dos, zope-calculate-roles, itetris-svgalib-path, bsd-ftpd-replydirname-bo, sonata-command-execute, solaris-catman-symlink, solaris-patchadd-symlink, stunnel-format-logfile, hp-top-sys-files, zope-legacy-names, mrj-runtime-malicious-applets, coffeecup-ftp-weak-encryption, watchguard-soho-fragmented-packets, jpilot-perms, mediaservices-dropped-connection-dos, watchguard-soho-web-auth, watchguard-soho-passcfg-reset, http-cgi-simplestguest, safeword-palm-pin-extraction, mdaemon-lock-bypass-password, cisco-catalyst-ssh-mismatch, microsoft-iis-file-disclosure, ezshopper-cgi-file-disclosure, winnt-mstask-dos, bftpd-site-chown-bo, aim-remote-bo, subscribemelite-gain-admin-access, zope-image-file, http-cgi-everythingform, http-cgi-simplestmail, http-cgi-ad, kde-kmail-weak-encryption, aolim-buddyicon-bo, aim-remote-bo, rppppoe-zero-length-dos, proftpd-modsqlpw-unauth-access, gnu-ed-symlink, oops-ftputils-bo, oracle-oidldap-write-permission, foolproof-security-bypass, broadvision-bv1to1-reveal-path, ssldump-format-strings, coldfusion-sample-dos, kerberos4-arbitrary-proxy, kerberos4-auth-packet-overflow, kerberos4-user-config, kerberos4-tmpfile-dos, homeseer-directory-traversal, offline-explorer-reveal-files, imail-smtp-auth-dos, apc-apcupsd-dos, cisco-catalyst-telnet-dos, ultraseek-reveal-path, irc-dreamforge-dns-dos, mailman-alternate-templates, markvision-printer-driver-bo, nt-ras-reg-perms, nt-snmp-reg-perms, nt-mts-reg-perms, irc-bitchx-dns-bo, ibm-db2-gain-access, ibm-db2-dos, vsu-source-routing, vsu-ip-bridging, ftp-servu-homedir-travers, cisco-cbos-web-access, watchguard-soho-get-dos, phone-book-service-bo, cisco-cbos-syn-packets, cisco-cbos-invalid-login, cisco-cbos-icmp-echo, linux-diskcheck-race-symlink, ie-form-file-upload, mssql-xp-paraminfo-bo, majordomo-auth-execute-commands, ie-print-template, aix-piobe-bo, aix-pioout-bo, aix-setclock-bo, aix-enq-bo, aix-digest-bo, and aix-setsenv-bo.