NIPC CyberNotes #2002-12 Page 17 of 33 06/17/2002
Vendor
Operating
System
Software
Name
Vulnerability/
Impact
Patches/Workarounds/
Alerts
Common
Name
Risk*
Attacks/
Scripts
Red-M
Communi-
cations
Ltd.
72
Multiple 1050AP
LAN
access
point
Multiple vulnerabilities exist:
a Denial of Service
vulnerability exists in the
1050AP device because the
system has no concept of
authorized or unauthorized
hosts and is simply protected
by a password over an
unencrypted connection; a
Denial of Service
vulnerability exists in the AP
because the administration
password is not case sensitive;
a Denial of Service
vulnerability exists when an
unusually long string of data
is supplied in the PPP
username field; a vulnerability
exists in the tftp server for
configuration backups and
firmware updates because it
can not be disabled and can
be used by a malicious user to
crack the administration
password using a UDP
based attack; and a
vulnerability exists within the
administration web interface,
which could let a malicious
user obtain unauthorized
access.
Denial of service
vulnerabilities upgrade
available at:
http://www.red-
m.com/Products/Downloads
/freefiles/1050AP_2_02_10.
zip
No workaround or patch
available at time of
publishing for other
vulnerabilities.
Multiple Red-
M 1050 Blue
Tooth Access
Point
Vulnerabilities
CVE Names:
CAN-2002-
0393,
CAN-2002-
0394,
CAN-2002-
0395,
CAN-2002-
0396,
CAN-2002-
0397,
CAN-2002-
0398
Low/
Medium
(Medium
if unauth-
orized
access can
be
obtained)
Bug discussed
in newsgroups
and websites.
There is no
exploit code
required.
Vulnerability
has appeared in
the press and
other public
media.
Richard
Gooch
73
Unix simpleinit
2.0.2
A vulnerability exists because
some child processes are
allowed to inherit a file
descriptor with read-write
access, which could let a
malicious user execute
arbitrary commands as the
superuser.
No workaround or patch
available at time of
publishing.
SimpleInit
Inherit File
Descriptor
High
Bug discussed
in newsgroups
and websites.
Exploit script
has been
published.
Ruslan
Communic
ations
74
Multiple <Body>
Builder
A vulnerability exists because
user supplied input for the
login password is not properly
filtered, which could let a
malicious user obtain
unauthorized administrative
access.
No workaround or patch
available at time of
publishing.
Ruslan
Communi-
cations
<Body>Builder
SQL Injection
High
Bug discussed
in newsgroups
and websites.
Exploit has
been published.
SCO
75
Unix Open
Server
5.0-5.0.6
A vulnerability exists in
XSCO when an excessively
long argument is supplied to
the ‘co’ flag, which could let a
malicious user execute
arbitrary code with elevated
privileges.
No workaround or patch
available at time of
publishing.
OpenServer
XSCO
Heap Overflow
High
Bug discussed
in newsgroups
and websites.
Proof of
Concept
exploit has
been published.
72
@stake Inc. Security Advisory, June 5, 2002.
73
SecurityFocus, June 12, 2002.
74
Bugtraq, June 13, 2002.
75
Strategic Reconnaissance Team Security Advisory, SRT2002-06-11-1037, June 10, 2002.
(51 paginas)
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales