There were quite a few new network and information security threats uncovered last month. Including some major exploits in some of the most popular operating systems and software packages out there. Thus, I thought our monthly newsletter (below) would be of interest to some folks here. ~Jay -- == Jay Jacobson == Edgeos, Inc. - Security is Critical - http://www.edgeos.com == We help you to easily get control of your network's security. == ...or some hacker can just take control instead. You decide. ---------- Forwarded message ---------- Date: Mon, 2 Sep 2002 21:23:12 -0700 (MST) From: Customer Support To: edgeos-announce@lists.edgeos.com Subject: Network Security Threats Newsletter - August 2002 EdgeSecure Security Updates - 62 threats added during August, 2002. This newsletter provides a brief summary about each of these threats. == == == == == == == == == == == == == == == == == == == == == == == == == All it takes is one attack to spell immediate disaster for you or your business. Right now, you have the power to not become a victim. Protecting your network and confidential data is fast, easy, and surprisingly affordable. Get control of your network's security right now: http://www.edgeos.com Technology VARs, service providers, and professional services companies: Generate new customers, service offerings, and increased revenue. Make network security your business - we'll do all the work. Introducing Edgeos Vendor Services: http://www.edgeos.com/vendor/ == == == == == == == == == == == == == == == == == == == == == == == == == The EdgeSecure database of network security threats is updated every 12 hours and currently contains 1,086 unique vulnerabilities and attacks. You can browse or search the complete EdgeSecure database of at any time. To do so, simply visit the 'security threats' section of our web site at: http://www.edgeos.com/threats/ The following 62 new network security tests were added to EdgeSecure during the month of August, 2002: -------------------------------------------------- Date Added: 2002-08-02 Threat ID: 11057 Threat Name: Raptor Weak ISN Threat Family: Firewalls Threat Risk Factor: High Reference URL: http://edgeos.com/threats/details.php?id=11057 Threat Summary: checks for ISN -------------------------------------------------- Date Added: 2002-08-03 Threat ID: 11059 Threat Name: Trend Micro OfficeScan Denial of service Threat Family: Denial of Service Threat Risk Factor: Medium Reference URL: http://edgeos.com/threats/details.php?id=11059 Threat Summary: Crashes OfficeScan -------------------------------------------------- Date Added: 2002-08-03 Threat ID: 11058 Threat Name: rusersd output Threat Family: RPC Threat Risk Factor: Other Reference URL: http://edgeos.com/threats/details.php?id=11058 Threat Summary: Checks the presence of a RPC service -------------------------------------------------- Date Added: 2002-08-05 Threat ID: 11060 Threat Name: OpenSSL overflow (generic test) Threat Family: Gain a shell remotely Threat Risk Factor: High Reference URL: http://edgeos.com/threats/details.php?id=11060 Threat Summary: Checks for the behavior of OpenSSL -------------------------------------------------- Date Added: 2002-08-06 Threat ID: 11061 Threat Name: HTTP version number overflow Threat Family: Gain root remotely Threat Risk Factor: High Reference URL: http://edgeos.com/threats/details.php?id=11061 Threat Summary: too long HTTP version kills the web server -------------------------------------------------- Date Added: 2002-08-06 Threat ID: 11062 Threat Name: BadBlue invalid GET DoS Threat Family: Denial of Service Threat Risk Factor: Low Reference URL: http://edgeos.com/threats/details.php?id=11062 Threat Summary: Invalid GET kills the BadBlue web server -------------------------------------------------- Date Added: 2002-08-06 Threat ID: 11065 Threat Name: HTTP method overflow Threat Family: Denial of Service Threat Risk Factor: High Reference URL: http://edgeos.com/threats/details.php?id=11065 Threat Summary: too long HTTP method kills the web server -------------------------------------------------- Date Added: 2002-08-06 Threat ID: 11063 Threat Name: LabView web server DoS Threat Family: Denial of Service Threat Risk Factor: Low Reference URL: http://edgeos.com/threats/details.php?id=11063 Threat Summary: Kills the LabView web server -------------------------------------------------- Date Added: 2002-08-06 Threat ID: 11064 Threat Name: BadBlue invalid null byte vulnerability Threat Family: CGI abuses Threat Risk Factor: Medium Reference URL: http://edgeos.com/threats/details.php?id=11064 Threat Summary: Read BadBlue protected configuration file -------------------------------------------------- Date Added: 2002-08-06 Threat ID: 11066 Threat Name: SunSolve CD CGI user input validation Threat Family: CGI abuses Threat Risk Factor: High Reference URL: http://edgeos.com/threats/details.php?id=11066 Threat Summary: SunSolve CD CGI scripts are vulnerable to a few user input validation problems -------------------------------------------------- Date Added: 2002-08-07 Threat ID: 11067 Threat Name: Microsoft's SQL Hello Overflow Threat Family: Windows Threat Risk Factor: High Reference URL: http://edgeos.com/threats/details.php?id=11067 Threat Summary: Microsoft's SQL Hello Overflow -------------------------------------------------- Date Added: 2002-08-09 Threat ID: 11068 Threat Name: iPlanet chunked encoding Threat Family: Gain root remotely Threat Risk Factor: High Reference URL: http://edgeos.com/threats/details.php?id=11068 Threat Summary: Checks for the behavior of iPlanet -------------------------------------------------- Date Added: 2002-08-13 Threat ID: 11070 Threat Name: PGPMail.pl detection Threat Family: CGI abuses Threat Risk Factor: High Reference URL: http://edgeos.com/threats/details.php?id=11070 Threat Summary: Checks for the presence of PGPMail.pl -------------------------------------------------- Date Added: 2002-08-13 Threat ID: 11069 Threat Name: HTTP User-Agent overflow Threat Family: Gain root remotely Threat Risk Factor: High Reference URL: http://edgeos.com/threats/details.php?id=11069 Threat Summary: Too long User-Agent kills the web server -------------------------------------------------- Date Added: 2002-08-14 Threat ID: 11072 Threat Name: Basilix webmail dummy request vulnerability Threat Family: CGI abuses Threat Risk Factor: Low Reference URL: http://edgeos.com/threats/details.php?id=11072 Threat Summary: Checks for the presence of basilix.php3 -------------------------------------------------- Date Added: 2002-08-14 Threat ID: 11078 Threat Name: HTTP header overflow Threat Family: Gain root remotely Threat Risk Factor: High Reference URL: http://edgeos.com/threats/details.php?id=11078 Threat Summary: Too long HTTP header kills the web server -------------------------------------------------- Date Added: 2002-08-14 Threat ID: 11081 Threat Name: Oracle9iAS too long URL Threat Family: Gain root remotely Threat Risk Factor: High Reference URL: http://edgeos.com/threats/details.php?id=11081 Threat Summary: Oracle9iAS buffer overflow -------------------------------------------------- Date Added: 2002-08-14 Threat ID: 11076 Threat Name: Oracle webcache admin interface Threat Family: Denial of Service Threat Risk Factor: Low Reference URL: http://edgeos.com/threats/details.php?id=11076 Threat Summary: Get /. crashes Oracle webcache admin -------------------------------------------------- Date Added: 2002-08-14 Threat ID: 11071 Threat Name: ASP source using %20 trick Threat Family: CGI abuses Threat Risk Factor: High Reference URL: http://edgeos.com/threats/details.php?id=11071 Threat Summary: downloads the source of ASP scripts -------------------------------------------------- Date Added: 2002-08-14 Threat ID: 11075 Threat Name: dwhttpd format string Threat Family: Gain root remotely Threat Risk Factor: High Reference URL: http://edgeos.com/threats/details.php?id=11075 Threat Summary: DynaWeb server vulnerable to format string -------------------------------------------------- Date Added: 2002-08-14 Threat ID: 11074 Threat Name: OfficeScan configuration file disclosure Threat Family: CGI abuses Threat Risk Factor: Low Reference URL: http://edgeos.com/threats/details.php?id=11074 Threat Summary: Checks for the presence of /officescan/hotdownload/ofscan.ini -------------------------------------------------- Date Added: 2002-08-14 Threat ID: 11073 Threat Name: readmsg.php detection Threat Family: CGI abuses Threat Risk Factor: Low Reference URL: http://edgeos.com/threats/details.php?id=11073 Threat Summary: Checks for the presence of Cobal Cube webmail -------------------------------------------------- Date Added: 2002-08-14 Threat ID: 11077 Threat Name: HTTP Cookie overflow Threat Family: Gain root remotely Threat Risk Factor: High Reference URL: http://edgeos.com/threats/details.php?id=11077 Threat Summary: Too big Cookie chokes the web server -------------------------------------------------- Date Added: 2002-08-14 Threat ID: 11080 Threat Name: poprelayd & sendmail authentication problem Threat Family: SMTP problems Threat Risk Factor: Low Reference URL: http://edgeos.com/threats/details.php?id=11080 Threat Summary: Checks if the remote mail server can be used as a spam relay -------------------------------------------------- Date Added: 2002-08-14 Threat ID: 11079 Threat Name: Snapstream PVS web directory traversal Threat Family: CGI abuses Threat Risk Factor: High Reference URL: http://edgeos.com/threats/details.php?id=11079 Threat Summary: Snapstream web directory traversal -------------------------------------------------- Date Added: 2002-08-17 Threat ID: 11091 Threat Name: Windows Network Manager Privilege Elevation (Q326886) Threat Family: Windows Threat Risk Factor: High Reference URL: http://edgeos.com/threats/details.php?id=11091 Threat Summary: Checks for MS Hotfix Q326886, Network Elevated Privilege -------------------------------------------------- Date Added: 2002-08-18 Threat ID: 11087 Threat Name: Sendmail queue manipulation & destruction Threat Family: SMTP problems Threat Risk Factor: Low Reference URL: http://edgeos.com/threats/details.php?id=11087 Threat Summary: Checks the version number for 'queue destruction' -------------------------------------------------- Date Added: 2002-08-18 Threat ID: 11088 Threat Name: Sendmail debug mode leak Threat Family: SMTP problems Threat Risk Factor: Other Reference URL: http://edgeos.com/threats/details.php?id=11088 Threat Summary: Checks the version number for 'debug mode leak' -------------------------------------------------- Date Added: 2002-08-18 Threat ID: 11092 Threat Name: Apache 2.0.39 Win32 directory traversal Threat Family: CGI abuses Threat Risk Factor: High Reference URL: http://edgeos.com/threats/details.php?id=11092 Threat Summary: Apache 2.0.39 Win32 directory traversal -------------------------------------------------- Date Added: 2002-08-18 Threat ID: 11086 Threat Name: Sendmail custom configuration file Threat Family: SMTP problems Threat Risk Factor: High Reference URL: http://edgeos.com/threats/details.php?id=11086 Threat Summary: Checks the version number for 'custom config file' -------------------------------------------------- Date Added: 2002-08-18 Threat ID: 11089 Threat Name: Webseal denial of service Threat Family: Denial of Service Threat Risk Factor: High Reference URL: http://edgeos.com/threats/details.php?id=11089 Threat Summary: Request ending with %2E kills WebSeal -------------------------------------------------- Date Added: 2002-08-18 Threat ID: 11090 Threat Name: AppSocket DoS Threat Family: Denial of Service Threat Risk Factor: Low Reference URL: http://edgeos.com/threats/details.php?id=11090 Threat Summary: Too many AppSocket connections -------------------------------------------------- Date Added: 2002-08-18 Threat ID: 11085 Threat Name: Personal Web Sharing overflow Threat Family: Gain root remotely Threat Risk Factor: High Reference URL: http://edgeos.com/threats/details.php?id=11085 Threat Summary: Too long request kills PWS -------------------------------------------------- Date Added: 2002-08-18 Threat ID: 11083 Threat Name: ibillpm.pl Threat Family: CGI abuses Threat Risk Factor: Low Reference URL: http://edgeos.com/threats/details.php?id=11083 Threat Summary: Checks for the presence of /cgi-bin/ibillpm.pl -------------------------------------------------- Date Added: 2002-08-18 Threat ID: 11082 Threat Name: Boozt index.cgi overflow Threat Family: Gain root remotely Threat Risk Factor: High Reference URL: http://edgeos.com/threats/details.php?id=11082 Threat Summary: Buffer overflow in Boozt AdBanner index.cgi -------------------------------------------------- Date Added: 2002-08-18 Threat ID: 11093 Threat Name: EFTP installation directory disclosure Threat Family: FTP Threat Risk Factor: Low Reference URL: http://edgeos.com/threats/details.php?id=11093 Threat Summary: EFTP installation directory disclosure -------------------------------------------------- Date Added: 2002-08-19 Threat ID: 11084 Threat Name: Infinite HTTP request Threat Family: Denial of Service Threat Risk Factor: High Reference URL: http://edgeos.com/threats/details.php?id=11084 Threat Summary: Infinite HTTP request kills the web server -------------------------------------------------- Date Added: 2002-08-21 Threat ID: 11095 Threat Name: webcart.cgi Threat Family: CGI abuses Threat Risk Factor: High Reference URL: http://edgeos.com/threats/details.php?id=11095 Threat Summary: Detects webcart.cgi -------------------------------------------------- Date Added: 2002-08-21 Threat ID: 11094 Threat Name: WS FTP overflows Threat Family: FTP Threat Risk Factor: High Reference URL: http://edgeos.com/threats/details.php?id=11094 Threat Summary: Attempts a buffer overflow on many commands -------------------------------------------------- Date Added: 2002-08-21 Threat ID: 11096 Threat Name: Avirt gateway insecure telnet proxy Threat Family: Untested Threat Risk Factor: High Reference URL: http://edgeos.com/threats/details.php?id=11096 Threat Summary: Remote system compromise through insecure telnet proxy -------------------------------------------------- Date Added: 2002-08-21 Threat ID: 11098 Threat Name: WS_FTP SITE CPWD Buffer Overflow Threat Family: FTP Threat Risk Factor: Medium Reference URL: http://edgeos.com/threats/details.php?id=11098 Threat Summary: Checks FTP server banner for vulnerable version of WS_FTP Server -------------------------------------------------- Date Added: 2002-08-21 Threat ID: 11097 Threat Name: TypSoft FTP STOR/RETR DoS Threat Family: FTP Threat Risk Factor: High Reference URL: http://edgeos.com/threats/details.php?id=11097 Threat Summary: Crashes the remote TypSoft FTP server -------------------------------------------------- Date Added: 2002-08-22 Threat ID: 11107 Threat Name: viralator Threat Family: CGI abuses Threat Risk Factor: High Reference URL: http://edgeos.com/threats/details.php?id=11107 Threat Summary: Checks for the presence of /cgi-bin/viralator.cgi -------------------------------------------------- Date Added: 2002-08-22 Threat ID: 11101 Threat Name: PHPAdsNew code injection Threat Family: CGI abuses Threat Risk Factor: High Reference URL: http://edgeos.com/threats/details.php?id=11101 Threat Summary: Checks for the presence of remotehtmlview.php -------------------------------------------------- Date Added: 2002-08-22 Threat ID: 11102 Threat Name: Awol code injection Threat Family: CGI abuses Threat Risk Factor: High Reference URL: http://edgeos.com/threats/details.php?id=11102 Threat Summary: Checks for the presence of includes/awol-condensed.inc.php -------------------------------------------------- Date Added: 2002-08-22 Threat ID: 11106 Threat Name: NetTools command execution Threat Family: CGI abuses Threat Risk Factor: High Reference URL: http://edgeos.com/threats/details.php?id=11106 Threat Summary: Executed 'id' through index.php -------------------------------------------------- Date Added: 2002-08-22 Threat ID: 11109 Threat Name: Achievo code injection Threat Family: CGI abuses Threat Risk Factor: High Reference URL: http://edgeos.com/threats/details.php?id=11109 Threat Summary: Checks for the presence of Achievo -------------------------------------------------- Date Added: 2002-08-22 Threat ID: 11104 Threat Name: Directory Manager's edit_image.php Threat Family: CGI abuses Threat Risk Factor: High Reference URL: http://edgeos.com/threats/details.php?id=11104 Threat Summary: Detects edit_image.php -------------------------------------------------- Date Added: 2002-08-22 Threat ID: 11105 Threat Name: ARCserve hidden share Threat Family: Windows Threat Risk Factor: High Reference URL: http://edgeos.com/threats/details.php?id=11105 Threat Summary: Connects to ARCSERVE$ -------------------------------------------------- Date Added: 2002-08-22 Threat ID: 11100 Threat Name: eXtremail format strings Threat Family: SMTP problems Threat Risk Factor: High Reference URL: http://edgeos.com/threats/details.php?id=11100 Threat Summary: Checks the version number -------------------------------------------------- Date Added: 2002-08-22 Threat ID: 11108 Threat Name: Omron WorldView Wnn Overflow Threat Family: Gain a shell remotely Threat Risk Factor: High Reference URL: http://edgeos.com/threats/details.php?id=11108 Threat Summary: Checks if the remote Wnn can be buffer overflown -------------------------------------------------- Date Added: 2002-08-22 Threat ID: 11099 Threat Name: Pi3Web Webserver v2.0 Buffer Overflow Threat Family: Denial of Service Threat Risk Factor: High Reference URL: http://edgeos.com/threats/details.php?id=11099 Threat Summary: Tests for a DoS in Pi3Web -------------------------------------------------- Date Added: 2002-08-23 Threat ID: 11110 Threat Name: SMB null param count DoS Threat Family: Denial of Service Threat Risk Factor: High Reference URL: http://edgeos.com/threats/details.php?id=11110 Threat Summary: crashes windows -------------------------------------------------- Date Added: 2002-08-24 Threat ID: 11111 Threat Name: rpcinfo -p Threat Family: RPC Threat Risk Factor: Other Reference URL: http://edgeos.com/threats/details.php?id=11111 Threat Summary: Dumps all the registered RPC -------------------------------------------------- Date Added: 2002-08-26 Threat ID: 10161 Threat Name: rlogin -froot Threat Family: Gain root remotely Threat Risk Factor: High Reference URL: http://edgeos.com/threats/details.php?id=10161 Threat Summary: Checks for rlogin -froot -------------------------------------------------- Date Added: 2002-08-26 Threat ID: 10277 Threat Name: AnyForm Threat Family: CGI abuses Threat Risk Factor: High Reference URL: http://edgeos.com/threats/details.php?id=10277 Threat Summary: Checks for the presence of AnyForm2 -------------------------------------------------- Date Added: 2002-08-26 Threat ID: 10251 Threat Name: rpc.nisd overflow Threat Family: Gain root remotely Threat Risk Factor: High Reference URL: http://edgeos.com/threats/details.php?id=10251 Threat Summary: buffer overflow through rpc.nisd -------------------------------------------------- Date Added: 2002-08-27 Threat ID: 11112 Threat Name: Generic FTP traversal Threat Family: FTP Threat Risk Factor: High Reference URL: http://edgeos.com/threats/details.php?id=11112 Threat Summary: Attempts to get the listing of the remote root dir -------------------------------------------------- Date Added: 2002-08-27 Threat ID: 10278 Threat Name: Sendmail 8.6.9 ident Threat Family: SMTP problems Threat Risk Factor: High Reference URL: http://edgeos.com/threats/details.php?id=10278 Threat Summary: Checks the version number -------------------------------------------------- Date Added: 2002-08-29 Threat ID: 11113 Threat Name: Samba Buffer Overflow Threat Family: Gain root remotely Threat Risk Factor: High Reference URL: http://edgeos.com/threats/details.php?id=11113 Threat Summary: checks samba version -------------------------------------------------- Date Added: 2002-08-29 Threat ID: 11115 Threat Name: gallery code injection Threat Family: CGI abuses Threat Risk Factor: High Reference URL: http://edgeos.com/threats/details.php?id=11115 Threat Summary: Checks for the presence of includes/needinit.php -------------------------------------------------- Date Added: 2002-08-29 Threat ID: 11114 Threat Name: Canna Overflow Threat Family: Gain a shell remotely Threat Risk Factor: High Reference URL: http://edgeos.com/threats/details.php?id=11114 Threat Summary: Checks if the remote Canna can be buffer overflown -------------------------------------------------- -- == Edgeos Customer Support == Security is Critical == support@edgeos.com == http://edgeos.com