Manualshelf

Specifications

ManualsBrandsCayman Systems ManualsComputer equipment3220-H
12345678910
SAFER – Vol. 3, Issue 6 2 © 2000 The Relay Group
CONTENTS
CONTENTS.................................................................................................................................................... 2
EXECUTIVE NEWS...................................................................................................................................... 5
GENERAL NEWS ............................................................................................................................................ 5
EUROPE – MIDDLE-EAST ............................................................................................................................... 5
UNITED STATES - CANADA ............................................................................................................................ 6
ASIA - PACIFIC .............................................................................................................................................. 6
SECURITY ALERTS..................................................................................................................................... 7
INITIALIZED DATA OVERFLOW IN XLOCK ....................................................................................................... 7
LINUX CDRECORD BUFFER OVERFLOW VULNERABILITY ................................................................................. 7
KDE KDESUD DISPLAY ENVIRONMENT VARIABLE OVERFLOW..................................................................... 7
SECURITY VULNERABILITY IN IPFILTER 3.3.15 AND 3.4.3............................................................................... 8
MICROSOFT WINDOWS LONG FILENAME EXTENSION VULNERABILITY ............................................................ 8
PDGSOFT SHOPPING CART MULTIPLE BUFFER OVERFLOW VULNERABILITIES................................................. 8
NETWORK ASSOCIATES WEBSHIELD SMTP 4.5.44 BUFFER OVERFLOW VULNERABILITY ................................ 8
OMNIS STUDIO 2.4 WEAK DATABASE FIELD ENCRYPTION VULNERABILITY..................................................... 9
NETWORK ASSOCIATES WEBSHIELD SMTP 4.5.44 CONFIGURATION MODIFICATION VULNERABILITY ............. 9
HP WEB JETADMIN DIRECTORY TRAVERSAL VULNERABILITY ....................................................................... 9
QUALCOMM QPOPPER 'EUIDL' FORMAT STRING INPUT VULNERABILITY ........................................................ 9
MDBMS BUFFER OVERFLOW VULNERABILITY .............................................................................................10
MAILSITE 4.2.1.0 BUFFER OVERFLOW VULNERABILITY.................................................................................10
PACIFIC SOFTWARE CARELLO FILE DUPLICATION AND SOURCE DISCLOSURE VULNERABILITY........................10
PGP5I AUTOMATIC KEY GENERATION ROUTINE VULNERABILITY ..................................................................11
NETOP REMOTE CONTROL UNAUTHENTICATED FILE TRANSFER VULNERABILITY...........................................11
CAYMAN 3220H DSL ROUTER "PING OF DEATH" VULNERABILITY.................................................................11
COBALT RAQ2/RAQ3 WEB SERVER APPLIANCE CGIWRAP BYPASS VULNERABILITY.......................................12
GNOME GDM XDMCP BUFFER OVERFLOW VULNERABILITY .......................................................................12
MULTIPLE LINUX VENDOR FDMOUNT BUFFER OVERFLOW VULNERABILITY ...................................................12
METAPRODUCTS OFFLINE EXPLORER DIRECTORY TRAVERSAL VULNERABILITY ............................................13
GAUNTLET FIREWALL REMOTE BUFFER OVERFLOW VULNERABILITY ............................................................13
LOTUS DOMINO SERVER MISCONFIGURATION: DOCUMENTS CAN BE MODIFIED OVER THE WEB .....................13
BIG BROTHER BBD.C BUFFER OVERFLOW VULNERABILITY ............................................................................13
LOTUS DOMINO SERVER ESMTP BUFFER OVERFLOW VULNERABILITY .........................................................14
FREEBSD AND LINUX MANDRAKE 'XSOLDIER' BUFFER OVERFLOW VULNERABILITY......................................14
NETWORKICE ICECAP MANAGER DEFAULT USERNAME AND PASSWORD VULNERABILITY ............................14
KDE KSCD SHELL ENVIRONMENTAL VARIABLE VULNERABILITY.................................................................15
MATT KRUSE CALENDAR ARBITRARY COMMAND EXECUTION VULNERABILITY .............................................15
NETOPIA DSL ROUTER VULNERABILITY .......................................................................................................15
MULTIPLE VENDOR KERBEROS 5/4 COMPATIBILITY KRB_RD_REQ() BUFFER OVERFLOW VULNERABILITY ......16
HOT AREA BANNER ROTATION WORLD-READABLE PASSWORD VULNERABILITY ...........................................16
ANTISNIFF DNS OVERFLOW VULNERABILITY ...............................................................................................16
SEATTLE LAB EMURL 2.0 EMAIL ACCOUNT ACCESS VULNERABILITY ............................................................17
QUALCOMM EUDORA PRO LONG FILENAME ATTACHMENT VULNERABILITY ..................................................17
CGI COUNTER INPUT VALIDATION VULNERABILITY......................................................................................17
MICROSOFT ACTIVE MOVIE CONTROL FILETYPE VULNERABILITY..................................................................17
SOLARIS NETPR BUFFER OVERFLOW VULNERABILITY....................................................................................18
MICROSOFT OUTLOOK 98 / OUTLOOK EXPRESS 4.X LONG FILENAME VULNERABILITY ...................................18
MICROSOFT OFFICE 2000 UA CONTROL VULNERABILITY..............................................................................18
NTMAIL SERVER 5.X PROXY ACCESS VULNERABILITY..................................................................................19
MICROSOFT IIS 4.0/5.0 MALFORMED FILENAME REQUEST VULNERABILITY...................................................19
BUGZILLA 2.8 UNCHECKED EXISTING BUG REPORT VULNERABILITY .............................................................19
MICROSOFT WINDOWS 2000 DEFAULT SYSKEY CONFIGURATION VULNERABILITY ......................................20
ZEDZ CONSULTANTS SSH-1.2.27-8I.SRC.RPM ACCESS VERIFICATION VULNERABILITY ....................................20
NETSCAPE COMMUNICATOR /TMP SYMLINK VULNERABILITY.........................................................................20
MATT WRIGHT FORMMAIL ENVIRONMENTAL VARIABLES DISCLOSURE VULNERABILITY ...............................21
MICROSOFT SQL SERVER XP_SPRINTF BUFFER OVERFLOW ............................................................................21
NETSTRUCTURE 7180 REMOTE BACKDOOR VULNERABILITY .........................................................................21
NETSTRUCTURE 7110 UNDOCUMENTED PASSWORD VULNERABILITY.............................................................22
AOL INSTANT MESSENGER PATH DISCLOSURE VULNERABILITY....................................................................22