Security Advisories
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
Subject: CERT Summary CS-2002-03
From: CERT Advisory <This email address is being protected from spambots. You need JavaScript enabled to view it.>
Date: Fri, 30 Aug 2002 17:04:10 -0400
-----BEGIN PGP SIGNED MESSAGE----- CERT Summary CS-2002-03 August 30, 2002 Each quarter, the CERT Coordination Center (CERT/CC) issues the CERT summary to draw attention to the types of attacks reported to our incident response team, as well as other noteworthy incident and vulnerability information. The summary includes pointers to sources of information for dealing with the problems. Past CERT summaries are available at http://www.cert.org/summaries/. ______________________________________________________________________ Recent Activity Since the last regularly scheduled CERT summary, issues in May 2002 (CS-2002-02), we have released several advisories, published statistics for the second quarter of 2002, and written numerous white papers. For more current information on activity being reported to the CERT/CC, please visit the CERT/CC Current Activity page. The Current Activity page is a regularly updated summary of the most frequent, high-impact types of security incidents and vulnerabilities being reported to the CERT/CC. The information on the Current Activity page is reviewed and updated as reporting trends change. 1. Multiple Vulnerabilities in CDE ToolTalk The Common Desktop Environment (CDE) ToolTalk RPC database server contains a buffer overflow vulnerability that could allow a remote attacker to execute arbitrary code or cause a denial of service. CERT Advisory CA-2002-26: Buffer Overflow in CDE ToolTalk http://www.cert.org/advisories/CA-2002-26.html Two vulnerabilities have been discovered in the Common Desktop Environment (CDE) ToolTalk RPC database server. The first vulnerability could be used by a remote attacker to delete arbitrary files, cause a denial of service, or possibly execute arbitrary code or commands. The second vulnerability could allow a local attacker to overwrite arbitrary files with contents of the attacker's choice. CERT Advisory CA-2002-20: Multiple Vulnerabilities in CDE ToolTalk http://www.cert.org/advisories/CA-2002-20.html 2. Integer Overflow in XDR Library There is an integer overflow present in the xdr_array() function distributed as part of the Sun Microsystems XDR library. This overflow has been shown to lead to remotely exploitable buffer overflows in multiple applications, leading to the execution of arbitrary code. Although the library was originally distributed by Sun Microsystems, multiple vendors have included the vulnerable code in their own implementations. CERT Advisory CA-2002-25: Integer Overflow in XDR Library http://www.cert.org/advisories/CA-2002-25.html 3. Multiple Vulnerabilities in OpenSSL There are four remotely exploitable buffer overflows in OpenSSL. There are also encoding problems in the ASN.1 library used by OpenSSL. Several of these vulnerabilities could be used by a remote attacker to execute arbitrary code on the target system. All could be used to create denial of service. CERT Advisory CA-2002-23: Multiple Vulnerabilities in OpenSSL http://www.cert.org/advisories/CA-2002-23.html 4. Multiple Vulnerabilities in Microsoft SQL Server The CERT/CC is still receiving reports of systems being compromised by exploiting vulnerabilities in Microsoft SQL Server. The Microsoft SQL Server contains several serious vulnerabilities that allow remote attackers to obtain sensitive information, alter database contents, compromise SQL servers, and, in some configurations, compromise server hosts. CERT Advisory CA-2002-22: Multiple Vulnerabilities in Microsoft SQL Server http://www.cert.org/advisories/CA-2002-22.html 5. Buffer Overflows in Multiple DNS Resolver Libraries Buffer overflow vulnerabilities exist in multiple implementations of DNS resolver libraries. Operating systems and applications that utilize vulnerable DNS resolver libraries may be affected. CERT Advisory CA-2002-19: Buffer Overflows in Multiple DNS Resolver Libraries http://www.cert.org/advisories/CA-2002-19.html 6. OpenSSH Vulnerabilities in Challenge Response Handling There are two related vulnerabilities in the challenge response handling code in OpenSSH versions 2.3.1p1 through 3.3. They may allow a remote intruder to execute arbitrary code as the user running sshd (often root). The first vulnerability affects OpenSSH versions 2.9.9 through 3.3, that have the challenge response option enabled, and use SKEY or BSD_AUTH authentication. The second vulnerability affects PAM modules using interactive keyboard authentication in OpenSSH versions 2.3.1p1 through 3.3, regardless of the challenge response option setting. CERT Advisory CA-2002-18: OpenSSH Vulnerabilities in Challenge Response Handling http://www.cert.org/advisories/CA-2002-18.html 7. Apache Web Server Chunk Handling Vulnerability There is a remotely exploitable vulnerability in the handling of large chunks of data in web servers that are based on Apache source code. This vulnerability is present by default in configurations of Apache web servers versions 1.3 through 1.3.24 and versions 2.0 through 2.0.36. The impact of this vulnerability is dependent upon the software version and the hardware platform the server is running on. CERT Advisory CA-2002-17: Apache Web Server Chunk Handling Vulnerability http://www.cert.org/advisories/CA-2002-17.html 8. Denial-of-Service Vulnerability in ISC BIND 9 A denial-of-service vulnerability exists in version 9 of the Internet Software Consortium's (ISC) Berkeley Internet Name Domain (BIND) server. ISC BIND versions 8 and 4 are not affected. Exploiting this vulnerability will cause the BIND server to shut down. CERT Advisory CA-2002-15: Denial-of-Service Vulnerability in ISC BIND 9 http://www.cert.org/advisories/CA-2002-15.html ______________________________________________________________________ What's New and Updated Since the last CERT Summary, we have published new or updated * Advisories * Incident Notes * CERT/CC Statistics * Tech Tips * White Papers + Securing an Internet Name Server + Creating a Computer Security Incident Response Team: A Process for Getting Started + Flow-Service-Quality (FSQ) Engineering: Foundations for Network System Analysis and Development + A Brief Tour of the Simple Network Management Protocol + Information Survivability: Required Shifts in Perspective ______________________________________________________________________ NO WARRANTY Any material furnished by Carnegie Mellon University and the Software Engineering Institute is furnished on an "as is" basis. Carnegie Mellon University makes no warranties of any kind, either expressed or implied as to any matter including, but not limited to, warranty of fitness for a particular purpose or merchantability, exclusivity or results obtained from use of the material. Carnegie Mellon University does not make any warranty of any kind with respect to freedom from patent, trademark, or copyright infringement. _________________________________________________________________ Conditions for use, disclaimers, and sponsorship information Copyright 2002 Carnegie Mellon University. -----BEGIN PGP SIGNATURE----- Version: PGP 6.5.8 iQCVAwUBPW/YUqCVPMXQI2HJAQF09wP/bMHhIj2+bFvWrowsfqObNhHopNYpr0Jj VjsYIhzpUISRTefEGArKCoww/Zp7qnVEp/RN7O1mkRRdt9zhGMWHQhta8tCgmsX5 ADYelx3NEUteT1Ui5xnl4THEMtiMC8knPeDCH6RCKnfnpAFhsCYxebhPQchYUG+Z SS8A1klR0Q0= =K40G -----END PGP SIGNATURE-----
Powered by: | MHonArc |