Manualshelf

Specifications

ManualsBrandsCayman Systems ManualsComputer equipment3220-H
12345678910
SAFER – Vol. 3, Issue 6 8 © 2000 The Relay Group
Security Vulnerability in IPFilter 3.3.15 and 3.4.3
Released May 26, 2000
Affects IPFilter 3.3.15 and 3.4.3
Reference http://www.prettyhatemachine.obfuscation.org/
Problem
- A weakness exists in the IPFilter firewalling package in all versions up to and including 3.3.15 and
3.4.3 that allows an attacker to penetrate the firewall when a common, yet admittedly flawed,
configuration is used.
SAFER
- A patch has been made available for all versions of IPFilter. It is also important to note that kind of
misconfigurationis required on admin side in order to make this vulnerability work.
Microsoft Windows Long Filename Extension Vulnerability
Released May 26, 2000
Affects Microsoft Windows 98, 95
Reference http://www.securityfocus.com/bid/1259
Problem
- Windows 95 and 98 suffer from a buffer overflow that will result in a crash if a filename with an
extension longer that 232 characters are accessed. Although arbitrary code could be executed via
this manner, it would have to be composed of valid filename character values only.
SAFER
- Windows NT 4.0 has not yet been tested for this vulnerability, and therefore may be vulnerable as
well.
PDGSoft Shopping Cart Multiple Buffer Overflow Vulnerabilities
Released May 25, 2000
Affects PDGSoft Shopping Cart 1.50
Reference http://www.securityfocus.com/bid/1256
Problem
- The two executables with the vulnerabilities are redirect.exe (redirect.cgi on UNIX) and
changepw.exe (hangepw.cgi on UNIX), both of which are accessible over the web.
- If supplied an overly long query string both will overflow an internal buffer overwriting the saved
return address.
SAFER
- The vendor has made available a patch for every affected platform.
Network Associates WebShield SMTP 4.5.44 Buffer Overflow Vulnerability
Released May 25, 2000
Affects Network Associates WebShield SMTP 4.5.44
Reference http://www.securityfocus.com/bid/1254
Problem
- Network Associates WebShield SMTP is susceptible to a buffer overflow attack if 208 or more
bytes of data accompanying a configuration parameter are transmitted to the remote management
service listening at port 9999.
- It is possible to force the program to execute arbitrary code at the privilege level of the service's
account (default SYSTEM).
SAFER
- Run the application as a restricted user account rather than as SYSTEM and disable the
management service.