Red Hat NETSCAPE ENTREPRISE SERVER 6.1 - 08-2002 ADMINISTRATOR Instrukcja Użytkownika Pobierz pdf (Strona 1)

NIPC CyberNotes #2002-12 Page 1 of 33 06/17/2002

National Infrastructure Protection Center

CyberNotes

Issue #2002-12 June 17, 2002

CyberNotes is published every two weeks by the National Infrastructure Protection Center (NIPC).

Its mission is to support security and information system professionals with timely information on

cyber vulnerabilities, malicious scripts, information security trends, virus information, and other

critical infrastructure-related best practices.

You are encouraged to share this publication with colleagues in the information and infrastructure

protection field. Electronic copies are available on the NIPC Web site at http://www.nipc.gov.

Please direct any inquiries regarding this publication to the Editor-CyberNotes, National Infrastructure

Protection Center, FBI Building, Room 11719, 935 Pennsylvania Avenue, NW, Washington, DC, 20535.

Bugs, Holes & Patches

The following table provides a summary of software vulnerabilities identified between May 12 and

June 13, 2002. The table provides the vendor, operating system, software name, potential

vulnerability/impact, identified patches/workarounds/alerts, common name of the vulnerability, potential

risk, and an indication of whether attacks have utilized this vulnerability or an exploit script is known to

exist. Software versions are identified if known. This information is presented only as a summary;

complete details are available from the source of the patch/workaround/alert, indicated in the

footnote or linked site. Please note that even if the method of attack has not been utilized or an exploit

script is not currently widely available on the Internet, a potential vulnerability has been identified.

Updates to items appearing in previous issues of CyberNotes are listed in bold. New information

contained in the update will appear in italicized colored text. Where applicable, the table lists a “CVE

number” (in red) which corresponds to the Common Vulnerabilities and Exposures (CVE) list, a

compilation of standardized names for vulnerabilities and other information security exposures.

Vendor

Operating

System

Software

Name

Vulnerability/

Impact

Patches/Workarounds/

Alerts

Common

Name

Risk*

Attacks/

Scripts

Aladdin

Enterprises

1, 2, 3

Unix Ghostscript

5.50, 6.51,

6.52,

A vulnerability exists due to

insufficient checking when

the ‘.locksafe’ or ‘.setsafe’

functions are used to reset the

page device, which could let a

malicious user execute

arbitrary commands.

Caldera:

ftp://ftp.caldera.com/pub/up

dates/OpenLinux/3.1.1/Serv

er/current/RPMS/

RedHat:

ftp://updates.redhat.com/

Ghostscript

‘.locksafe’ or

‘.setsafe’

Arbitrary

Command

Execution

CVE Name:

CAN-2002-

0363

High

Bug discussed

in newsgroups

and websites.

Red Hat, Inc. Red Hat Security Advisory, RHSA-2002:083-22, June 3, 2002.

Hewlett-Packard Company Security Bulletin, HPSBTL0602-047, June 5, 2002.

Caldera International, Inc. Security Advisory, CSSA-2002-026.0, June 11, 2002.

1 2 3 4 5 6 ... 32 33

Podsumowanie treści

Strona 1 - CyberNotes

NIPC CyberNotes #2002-12 Page 1 of 33 06/17/2002 National Infrastructure Protection Center CyberNotes Issue #2002-12 June 17, 2002 CyberNo

Strona 2 - .com/pub/security_zone/cfm

NIPC CyberNotes #2002-12 Page 10 of 33 06/17/2002 Vendor Operating System Software Name Vulnerability/ Impact Patches/Workarounds/ Alerts Common Nam

Strona 3

NIPC CyberNotes #2002-12 Page 11 of 33 06/17/2002 Vendor Operating System Software Name Vulnerability/ Impact Patches/Workarounds/ Alerts Common Nam

Strona 4

NIPC CyberNotes #2002-12 Page 12 of 33 06/17/2002 Vendor Operating System Software Name Vulnerability/ Impact Patches/Workarounds/ Alerts Common Nam

Strona 5

NIPC CyberNotes #2002-12 Page 13 of 33 06/17/2002 Vendor Operating System Software Name Vulnerability/ Impact Patches/Workarounds/ Alerts Common Nam

Strona 6 - 1.3.5sr1.tar.gz

NIPC CyberNotes #2002-12 Page 14 of 33 06/17/2002 Vendor Operating System Software Name Vulnerability/ Impact Patches/Workarounds/ Alerts Common Nam

Strona 7

NIPC CyberNotes #2002-12 Page 15 of 33 06/17/2002 Vendor Operating System Software Name Vulnerability/ Impact Patches/Workarounds/ Alerts Common Nam

Strona 8

NIPC CyberNotes #2002-12 Page 16 of 33 06/17/2002 Vendor Operating System Software Name Vulnerability/ Impact Patches/Workarounds/ Alerts Common Nam

Strona 9

NIPC CyberNotes #2002-12 Page 17 of 33 06/17/2002 Vendor Operating System Software Name Vulnerability/ Impact Patches/Workarounds/ Alerts Common Nam

Strona 10

NIPC CyberNotes #2002-12 Page 18 of 33 06/17/2002 Vendor Operating System Software Name Vulnerability/ Impact Patches/Workarounds/ Alerts Common Nam

Strona 11

NIPC CyberNotes #2002-12 Page 19 of 33 06/17/2002 Vendor Operating System Software Name Vulnerability/ Impact Patches/Workarounds/ Alerts Common Nam

Strona 12

NIPC CyberNotes #2002-12 Page 2 of 33 06/17/2002 Vendor Operating System Software Name Vulnerability/ Impact Patches/Workarounds/ Alerts Common Name

Strona 13

NIPC CyberNotes #2002-12 Page 20 of 33 06/17/2002 Vendor Operating System Software Name Vulnerability/ Impact Patches/Workarounds/ Alerts Common Nam

Strona 14

NIPC CyberNotes #2002-12 Page 21 of 33 06/17/2002 Vendor Operating System Software Name Vulnerability/ Impact Patches/Workarounds/ Alerts Common Nam

Strona 15 - -1.2.7pl1.tar.gz?download

NIPC CyberNotes #2002-12 Page 22 of 33 06/17/2002 Date of Script (Reverse Chronological Order) Script Name Script Description June 10, 2002 Voodoo2

Strona 16

NIPC CyberNotes #2002-12 Page 23 of 33 06/17/2002 Trends ● The CERT Coordination Center (CERT/CC) has issued an advisory on a new vulnerability in

Strona 17 - /freefiles/1050AP_2_02_10

NIPC CyberNotes #2002-12 Page 24 of 33 06/17/2002 ● C:\progra~1\kasper~1\avp32.exe ● C:\progra~1\trojan~1\tc.exe ● C:\progra\norton~1\s32integ.dl

Strona 18

NIPC CyberNotes #2002-12 Page 25 of 33 06/17/2002 to ensure that the worm is run each time Windows is started. It will then attempt to e-mail itself

Strona 19

NIPC CyberNotes #2002-12 Page 26 of 33 06/17/2002 ● HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Runonce = C:\<Windows system folder>\r

Strona 20

NIPC CyberNotes #2002-12 Page 27 of 33 06/17/2002 WORM_ENEMANY.D (Aliases: W32.Enemany.D@mm, ENEMANY.D) (Internet Worm): This nondestructive, non-m

Strona 21

NIPC CyberNotes #2002-12 Page 28 of 33 06/17/2002 from certain files in Microsoft Outlook Express mail archives. This worm sends out e-mail messages

Strona 22

NIPC CyberNotes #2002-12 Page 29 of 33 06/17/2002 Trojans Trojans have become increasingly popular as a means of obtaining unauthorized access to

Strona 23 - Viruses

NIPC CyberNotes #2002-12 Page 3 of 33 06/17/2002 Vendor Operating System Software Name Vulnerability/ Impact Patches/Workarounds/ Alerts Common Name

Strona 24

NIPC CyberNotes #2002-12 Page 30 of 33 06/17/2002 Trojan Version CyberNotes Issue # Hacktool.IPStealer N/A CyberNotes-2002-02 Irc-Smallfeg N/A Cyb

Strona 25

NIPC CyberNotes #2002-12 Page 31 of 33 06/17/2002 Trojan Version CyberNotes Issue # VBS_THEGAME.A N/A CyberNotes-2002-03 W32.Alerta.Trojan N/A Cyb

Strona 26

NIPC CyberNotes #2002-12 Page 32 of 33 06/17/2002 to the registry key: ● HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run Backdoor

Strona 27

NIPC CyberNotes #2002-12 Page 33 of 33 06/17/2002 Troj/DSS-A: This is a Trojan that drops the file, INDEX.HTM, into the Windows Temp folder. The Tr

Strona 28

NIPC CyberNotes #2002-12 Page 4 of 33 06/17/2002 Vendor Operating System Software Name Vulnerability/ Impact Patches/Workarounds/ Alerts Common Name

Strona 29 - Trojans

NIPC CyberNotes #2002-12 Page 5 of 33 06/17/2002 Vendor Operating System Software Name Vulnerability/ Impact Patches/Workarounds/ Alerts Common Name

Strona 30

NIPC CyberNotes #2002-12 Page 6 of 33 06/17/2002 Vendor Operating System Software Name Vulnerability/ Impact Patches/Workarounds/ Alerts Common Name

Strona 31

NIPC CyberNotes #2002-12 Page 7 of 33 06/17/2002 Vendor Operating System Software Name Vulnerability/ Impact Patches/Workarounds/ Alerts Common Name

Strona 32

NIPC CyberNotes #2002-12 Page 8 of 33 06/17/2002 Vendor Operating System Software Name Vulnerability/ Impact Patches/Workarounds/ Alerts Common Name

Strona 33

NIPC CyberNotes #2002-12 Page 9 of 33 06/17/2002 Vendor Operating System Software Name Vulnerability/ Impact Patches/Workarounds/ Alerts Common Name

Komentarze do niniejszej Instrukcji

Brak uwag

Red Hat NETSCAPE ENTREPRISE SERVER 6.1 - 08-2002 ADMINISTRATOR Instrukcja Użytkownika Strona 1

Przeglądaj online lub pobierz Instrukcja Użytkownika dla Serwery Red Hat NETSCAPE ENTREPRISE SERVER 6.1 - 08-2002 ADMINISTRATOR. Issue 2002-12, 06/17/2002 Instrukcja obsługi

Podsumowanie treści

Komentarze do niniejszej Instrukcji

Red Hat NETSCAPE ENTREPRISE SERVER 6.1 - 08-2002 ADMINISTRATOR Instrukcja Użytkownika Strona 1

Przeglądaj online lub pobierz Instrukcja Użytkownika dla Serwery Red Hat NETSCAPE ENTREPRISE SERVER 6.1 - 08-2002 ADMINISTRATOR. Issue 2002-12, 06/17/2002 Instrukcja obsługi

Podsumowanie treści

Komentarze do niniejszej Instrukcji

Powiązane produkty i podręczniki dla Serwery Red Hat NETSCAPE ENTREPRISE SERVER 6.1 - 08-2002 ADMINISTRATOR