Manualshelf

Specifications

ManualsBrandsCayman Systems ManualsComputer equipment3220-H
11121314151617181920
SAFER – Vol. 3, Issue 6 14 © 2000 The Relay Group
Lotus Domino Server ESMTP Buffer Overflow Vulnerability
Released May 18, 2000
Affects Lotus Domino Enterprise Server and Mail Server 5.0.3, 5.0.2, 5.0.1
Reference http://www.securityfocus.com/bid/1229
Problem
- The code that handles the 'from' command in the ESMTP service of Lotus Domino Server 5.0.1
has an unchecked buffer.
- If Lotus Domino Server receives an argument of more than 4 KB to the 'from' command, the
system will crash and will require a reboot in order to regain normal functionality.
SAFER
- No patches have been issued by Lotus/IBM. There are no known workarounds.
FreeBSD and Linux Mandrake 'xsoldier' Buffer Overflow Vulnerability
Released May 17, 2000
Affects FreeBSD 3.3, Linux Mandrake 7.0
Reference http://www.securityfocus.com/bid/871
Problem
- Certain versions of FreeBSD (3.3 Confirmed) and Linux (Mandrake confirmed) ship with a
vulnerable binary in their X11 games package. The binary/game in question, xsoldier, is a setuid
root binary meant to be run via an X windows console.
- The binary itself is subject to a buffer overflow attack (which may be launched from the command
line) which can be launched to gain root privileges. The overflow itself is in the code written to
handle the -display option and is possible overflow by a user supplied long string.
- The user does not have to have a valid $DISPLAY to exploit this.
SAFER
- Update for Mandrake is available.
NetworkICE ICECap Manager Default Username and Password Vulnerability
Released May 17, 2000
Affects NetworkICE ICECap Manager 2.0.23 and previous
Reference http://www.securityfocus.com/bid/1216
Problem
- By default, ICECap Manager listens on port 8081, transmits alert messages to another server on
port 8082, and has an administrative username of 'iceman' possessing a blank password. A
remote user could login to ICECap manager through port 8081 (using the default username and
password if it hasn't been modified) and send out false alerts.
- In addition, the evaluation version of ICECap Manager has the option of utilizing Microsoft Access'
JET Engine 3.5. This creates a security hazard because JET Engine 3.5 is vulnerable to remote
execution of Visual Basic for Application code. Therefore, remote users may execute arbitrary
commands on ICECap Manager through the use of the default username and password and JET
Engine 3.5.
SAFER
- NetworkICE has released ICECap Manager 2.0.23a which rectifies this issue.