Red Hat NETSCAPE ENTREPRISE SERVER 6.1 - 08-2002 ADMINISTRATOR Manual de usuario descargar pdf (Pagina 1)

NIPC CyberNotes #2002-12 Page 1 of 33 06/17/2002

National Infrastructure Protection Center

CyberNotes

Issue #2002-12 June 17, 2002

CyberNotes is published every two weeks by the National Infrastructure Protection Center (NIPC).

Its mission is to support security and information system professionals with timely information on

cyber vulnerabilities, malicious scripts, information security trends, virus information, and other

critical infrastructure-related best practices.

You are encouraged to share this publication with colleagues in the information and infrastructure

protection field. Electronic copies are available on the NIPC Web site at http://www.nipc.gov.

Please direct any inquiries regarding this publication to the Editor-CyberNotes, National Infrastructure

Protection Center, FBI Building, Room 11719, 935 Pennsylvania Avenue, NW, Washington, DC, 20535.

Bugs, Holes & Patches

The following table provides a summary of software vulnerabilities identified between May 12 and

June 13, 2002. The table provides the vendor, operating system, software name, potential

vulnerability/impact, identified patches/workarounds/alerts, common name of the vulnerability, potential

risk, and an indication of whether attacks have utilized this vulnerability or an exploit script is known to

exist. Software versions are identified if known. This information is presented only as a summary;

complete details are available from the source of the patch/workaround/alert, indicated in the

footnote or linked site. Please note that even if the method of attack has not been utilized or an exploit

script is not currently widely available on the Internet, a potential vulnerability has been identified.

Updates to items appearing in previous issues of CyberNotes are listed in bold. New information

contained in the update will appear in italicized colored text. Where applicable, the table lists a “CVE

number” (in red) which corresponds to the Common Vulnerabilities and Exposures (CVE) list, a

compilation of standardized names for vulnerabilities and other information security exposures.

Vendor

Operating

System

Software

Name

Vulnerability/

Impact

Patches/Workarounds/

Alerts

Common

Name

Risk*

Attacks/

Scripts

Aladdin

Enterprises

1, 2, 3

Unix Ghostscript

5.50, 6.51,

6.52,

A vulnerability exists due to

insufficient checking when

the ‘.locksafe’ or ‘.setsafe’

functions are used to reset the

page device, which could let a

malicious user execute

arbitrary commands.

Caldera:

ftp://ftp.caldera.com/pub/up

dates/OpenLinux/3.1.1/Serv

er/current/RPMS/

RedHat:

ftp://updates.redhat.com/

Ghostscript

‘.locksafe’ or

‘.setsafe’

Arbitrary

Command

Execution

CVE Name:

CAN-2002-

0363

High

Bug discussed

in newsgroups

and websites.

Red Hat, Inc. Red Hat Security Advisory, RHSA-2002:083-22, June 3, 2002.

Hewlett-Packard Company Security Bulletin, HPSBTL0602-047, June 5, 2002.

Caldera International, Inc. Security Advisory, CSSA-2002-026.0, June 11, 2002.

1 2 3 4 5 6 ... 32 33

Indice de contenidos

Pagina 1 - CyberNotes

NIPC CyberNotes #2002-12 Page 1 of 33 06/17/2002 National Infrastructure Protection Center CyberNotes Issue #2002-12 June 17, 2002 CyberNo

Pagina 2 - .com/pub/security_zone/cfm

NIPC CyberNotes #2002-12 Page 10 of 33 06/17/2002 Vendor Operating System Software Name Vulnerability/ Impact Patches/Workarounds/ Alerts Common Nam

Pagina 3

NIPC CyberNotes #2002-12 Page 11 of 33 06/17/2002 Vendor Operating System Software Name Vulnerability/ Impact Patches/Workarounds/ Alerts Common Nam

Pagina 4

NIPC CyberNotes #2002-12 Page 12 of 33 06/17/2002 Vendor Operating System Software Name Vulnerability/ Impact Patches/Workarounds/ Alerts Common Nam

Pagina 5

NIPC CyberNotes #2002-12 Page 13 of 33 06/17/2002 Vendor Operating System Software Name Vulnerability/ Impact Patches/Workarounds/ Alerts Common Nam

Pagina 6 - 1.3.5sr1.tar.gz

NIPC CyberNotes #2002-12 Page 14 of 33 06/17/2002 Vendor Operating System Software Name Vulnerability/ Impact Patches/Workarounds/ Alerts Common Nam

Pagina 7

NIPC CyberNotes #2002-12 Page 15 of 33 06/17/2002 Vendor Operating System Software Name Vulnerability/ Impact Patches/Workarounds/ Alerts Common Nam

Pagina 8

NIPC CyberNotes #2002-12 Page 16 of 33 06/17/2002 Vendor Operating System Software Name Vulnerability/ Impact Patches/Workarounds/ Alerts Common Nam

Pagina 9

NIPC CyberNotes #2002-12 Page 17 of 33 06/17/2002 Vendor Operating System Software Name Vulnerability/ Impact Patches/Workarounds/ Alerts Common Nam

Pagina 10

NIPC CyberNotes #2002-12 Page 18 of 33 06/17/2002 Vendor Operating System Software Name Vulnerability/ Impact Patches/Workarounds/ Alerts Common Nam

Pagina 11

NIPC CyberNotes #2002-12 Page 19 of 33 06/17/2002 Vendor Operating System Software Name Vulnerability/ Impact Patches/Workarounds/ Alerts Common Nam

Pagina 12

NIPC CyberNotes #2002-12 Page 2 of 33 06/17/2002 Vendor Operating System Software Name Vulnerability/ Impact Patches/Workarounds/ Alerts Common Name

Pagina 13

NIPC CyberNotes #2002-12 Page 20 of 33 06/17/2002 Vendor Operating System Software Name Vulnerability/ Impact Patches/Workarounds/ Alerts Common Nam

Pagina 14

NIPC CyberNotes #2002-12 Page 21 of 33 06/17/2002 Vendor Operating System Software Name Vulnerability/ Impact Patches/Workarounds/ Alerts Common Nam

Pagina 15 - -1.2.7pl1.tar.gz?download

NIPC CyberNotes #2002-12 Page 22 of 33 06/17/2002 Date of Script (Reverse Chronological Order) Script Name Script Description June 10, 2002 Voodoo2

Pagina 16

NIPC CyberNotes #2002-12 Page 23 of 33 06/17/2002 Trends ● The CERT Coordination Center (CERT/CC) has issued an advisory on a new vulnerability in

Pagina 17 - /freefiles/1050AP_2_02_10

NIPC CyberNotes #2002-12 Page 24 of 33 06/17/2002 ● C:\progra~1\kasper~1\avp32.exe ● C:\progra~1\trojan~1\tc.exe ● C:\progra\norton~1\s32integ.dl

Pagina 18

NIPC CyberNotes #2002-12 Page 25 of 33 06/17/2002 to ensure that the worm is run each time Windows is started. It will then attempt to e-mail itself

Pagina 19

NIPC CyberNotes #2002-12 Page 26 of 33 06/17/2002 ● HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Runonce = C:\<Windows system folder>\r

Pagina 20

NIPC CyberNotes #2002-12 Page 27 of 33 06/17/2002 WORM_ENEMANY.D (Aliases: W32.Enemany.D@mm, ENEMANY.D) (Internet Worm): This nondestructive, non-m

Pagina 21

NIPC CyberNotes #2002-12 Page 28 of 33 06/17/2002 from certain files in Microsoft Outlook Express mail archives. This worm sends out e-mail messages

Pagina 22

NIPC CyberNotes #2002-12 Page 29 of 33 06/17/2002 Trojans Trojans have become increasingly popular as a means of obtaining unauthorized access to

Pagina 23 - Viruses

NIPC CyberNotes #2002-12 Page 3 of 33 06/17/2002 Vendor Operating System Software Name Vulnerability/ Impact Patches/Workarounds/ Alerts Common Name

Pagina 24

NIPC CyberNotes #2002-12 Page 30 of 33 06/17/2002 Trojan Version CyberNotes Issue # Hacktool.IPStealer N/A CyberNotes-2002-02 Irc-Smallfeg N/A Cyb

Pagina 25

NIPC CyberNotes #2002-12 Page 31 of 33 06/17/2002 Trojan Version CyberNotes Issue # VBS_THEGAME.A N/A CyberNotes-2002-03 W32.Alerta.Trojan N/A Cyb

Pagina 26

NIPC CyberNotes #2002-12 Page 32 of 33 06/17/2002 to the registry key: ● HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run Backdoor

Pagina 27

NIPC CyberNotes #2002-12 Page 33 of 33 06/17/2002 Troj/DSS-A: This is a Trojan that drops the file, INDEX.HTM, into the Windows Temp folder. The Tr

Pagina 28

NIPC CyberNotes #2002-12 Page 4 of 33 06/17/2002 Vendor Operating System Software Name Vulnerability/ Impact Patches/Workarounds/ Alerts Common Name

Pagina 29 - Trojans

NIPC CyberNotes #2002-12 Page 5 of 33 06/17/2002 Vendor Operating System Software Name Vulnerability/ Impact Patches/Workarounds/ Alerts Common Name

Pagina 30

NIPC CyberNotes #2002-12 Page 6 of 33 06/17/2002 Vendor Operating System Software Name Vulnerability/ Impact Patches/Workarounds/ Alerts Common Name

Pagina 31

NIPC CyberNotes #2002-12 Page 7 of 33 06/17/2002 Vendor Operating System Software Name Vulnerability/ Impact Patches/Workarounds/ Alerts Common Name

Pagina 32

NIPC CyberNotes #2002-12 Page 8 of 33 06/17/2002 Vendor Operating System Software Name Vulnerability/ Impact Patches/Workarounds/ Alerts Common Name

Pagina 33

NIPC CyberNotes #2002-12 Page 9 of 33 06/17/2002 Vendor Operating System Software Name Vulnerability/ Impact Patches/Workarounds/ Alerts Common Name

Comentarios a estos manuales

Sin comentarios

Red Hat NETSCAPE ENTREPRISE SERVER 6.1 - 08-2002 ADMINISTRATOR Manual de usuario Pagina 1

Busca en linea o descarga Manual de usuario para Servidores Red Hat NETSCAPE ENTREPRISE SERVER 6.1 - 08-2002 ADMINISTRATOR. Issue 2002-12, 06/17/2002 Manual de usuario

Indice de contenidos

Comentarios a estos manuales

Red Hat NETSCAPE ENTREPRISE SERVER 6.1 - 08-2002 ADMINISTRATOR Manual de usuario Pagina 1

Busca en linea o descarga Manual de usuario para Servidores Red Hat NETSCAPE ENTREPRISE SERVER 6.1 - 08-2002 ADMINISTRATOR. Issue 2002-12, 06/17/2002 Manual de usuario

Indice de contenidos

Comentarios a estos manuales

Relacionado con productos y manuales para Servidores Red Hat NETSCAPE ENTREPRISE SERVER 6.1 - 08-2002 ADMINISTRATOR