From xforce@iss.net Thu Nov 20 14:00:12 1997 Date: Wed, 19 Nov 1997 16:21:56 -0500 (EST) From: X-Force To: alert@iss.net Cc: X-Force Subject: ISSalert: ISS Security Alert Summary v1 n7 -----BEGIN PGP SIGNED MESSAGE----- ISS Security Alert Summary November 19, 1997 Volume 1 Number 7 X-Force Vulnerability and Threat Database: http://www.iss.net/xforce To receive these Alert Summaries, subscribe to the ISS Alert mailing list by sending an email to majordomo@iss.net and within the body of the message type: 'subscribe alert'. ___ Index 5 Reported New Vulnerabilities - Cisco-passwdloss - DEC-xterm - Pentium-crash - HP-xlock - MSIE-dildog U.S. Air Force Deploys Leading Internet Scanner Vulnerability Detection Software Across Bases Worldwide Risk Factor Key ___ Date Reported: 11/16/97 Vulnerability: Cisco-passwdloss Affected Platforms: LocalDirector 1.6.3 Risk Factor: High Cisco development group is investigating reported failures in the enable password mechanism in LocalDirector 1.6.3. Users who have access to the LocalDirector via telnet or via the console port can reportedly gain access to privileged mode without providing the correct password. X-Force will update this problem as more information becomes available as this is preliminary information. Reference: http://www.cisco.com/warp/public/770/ldpass-pub.shtml ___ Date Reported: 11/12/97 Vulnerability: DEC-xterm Affected Platforms: Digital UNIX 4.0B (with patch kit 5) Risk Factor: High Digital UNIX 4.0B contains a vulnerability in xterm if patch kit 5 has already been applied. The patch kit replaced an existing xterm bug but created a new one in the process. By setting your DISPLAY to a variable that does not exist (eg setenv DISPLAY blah), you can cause xterm to seg fault and overwrite system files with the core file. Reference: http://www.bus.miami.edu/~tom/security/core.html ___ Date Reported: 11/7/97 Vulnerability: Pentium-crash Affected Platforms: Any Intel Pentium based platform (eg. Windows NT, Linux, etc) Risk Factor: High A code fragment exists that will crash any unpatched operating system on Intel Pentium CPUs. This problem does not exist in Pentium Pro, or Pentium II processors. Some operating systems have released patches to work around this problem. References: http://support.intel.com/support/processors/pentium/ppiie/index.htm http://www.infoworld.com/cgi-bin/displayStory.pl?971111.epentium.htm http://techweb.cmp.com/eet/news/97/961news/ibug.html ___ Date Reported: 11/4/97 Vulnerability: HP-xlock Affected Platforms: HP-UX (10.24 with VirtualVault) see reference for exact versions Risk Factor: High Xlock is a program that allows X terminal users to lock their console while staying logged in. It contains a vulnerability that allows local users to obtain access to the system that is running xlock. Reference: http://us-support.external.hp.com/ - HP Security Bulletin #00073 ___ Date Reported: 11/1/97 Vulnerability: MSIE-dildog Affected Platforms: Windows 95 (MS Internet Explorer 4.0 Suite) Risk Factor: High Microsoft Internet Explorer 4.0 Suite contains a buffer overflow condition that can be exploited when a user accesses a malicious page contains a link to a "res://" address that is longer than 256 characters. The extra characters are saved in the machines memory and arbitrary code can be executed on the users system. References: http://www.l0pht.com/advisories/ie4_x1.txt http://www.microsoft.com/ie/security/?/ie/security/buffer.htm ___ U.S. Air Force Deploys Leading Internet Scanner Vulnerability Detection Software Across Bases Worldwide www.iss.net/cgi-bin/dbt-display.exe/db_data/press_rel/release/11179752.plt ___ Risk Factor Key: High any vulnerability that provides an attacker with immediate access into a machine, gains superuser access, or bypasses a firewall. Example: A vulnerable Sendmail 8.6.5 version that allows an intruder to execute commands on mail server. Medium any vulnerability that provides information that has a high potential of giving access to an intruder. Example: A misconfigured TFTP or vulnerable NIS server that allows an intruder to get the password file that possibly can contain an account with a guessable password. Low any vulnerability that provides information that potentially could lead to a compromise. Example: A finger that allows an intruder to find out who is online and potential accounts to attempt to crack passwords via bruteforce. Internet Security Systems, Inc., (ISS) is the pioneer and world's leading supplier of network security assessment and intrusion detection tools, providing comprehensive software that enables organizations to proactively manage and minimize their network security risks. For more information, contact the company at (800) 776-2362 or (770) 395-0150 or visit the ISS Web site at http://www.iss.net. ________ Copyright (c) 1997 by Internet Security Systems, Inc. Permission is hereby granted for the redistribution of this Alert Summary electronically. It is not to be edited in any way without express consent of X-Force. If you wish to reprint the whole or any part of this Alert Summary in any other medium excluding electronic medium, please email xforce@iss.net for permission. Disclaimer The information within this paper may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties with regard to this information. In no event shall the author be liable for any damages whatsoever arising out of or in connection with the use or spread of this information. Any use of this information is at the user's own risk. X-Force PGP Key available at: http://www.iss.net/xforce/sensitive.html as well as on MIT's PGP key server and PGP.com's key server. Please send suggestions, updates, and comments to: X Force of Internet Security Systems, Inc. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBNHNVPTRfJiV99eG9AQEccQP9Gyofp57IgEpR3BXQe/OVzXCHRxAYkhja o+bf3COzBln6Dfcg91Fd/rjYpselhPLXpbr6NEqdD1d3WkQ/WNaATCHrOhMI55oY DKSLoS6dnleqEwOOpmfZYVmlmvsHpxMxc0blDknH9WgewOce1H7fQBD3uhaCT/qX 28WCqomTymU= =4+5y -----END PGP SIGNATURE-----