NIPC CyberNotes #2002-12 Page 16 of 33 06/17/2002
Vendor
Operating
System
Software
Name
Vulnerability/
Impact
Patches/Workarounds/
Alerts
Common
Name
Risk*
Attacks/
Scripts
QNX
Software
Systems,
Ltd.
69
Multiple RTOS 4.25 Multiple vulnerabilities exist:
a vulnerability exists in the
‘crttrap’ binary, which could
let a malicious user obtain
sensitive information; a
vulnerability exists in the
monitor –f command line
option, which could let a
malicious user modify
arbitrary system files; a
vulnerability exists in the
Watcom sample utility, which
could let a malicious user
overwrite root-owned, read-
only files and possibly obtain
root access; a vulnerability
exists in the ‘dumper’
debugging utility when
memory dump files are
created because it follows
symbolic links, which could
let a malicious user overwrite
and gain ownership of
arbitrary files and elevate to
root privileges; a buffer
overflow vulnerability exists
in the 'sample' utility, which
could let a malicious user
execute arbitrary code; and a
buffer overflow vulnerability
exists in the 'int10' utility
when excessively long
filename parameters are
argumented, which may let a
malicious user obtain root
privileges.
Upgrade available for the
monitor utility and
dumper debugger utility
vulnerabilities at:
http://get.qnx.com
No workaround or patch
available at time of
publishing for other
vulnerabilities.
QNX RTOS
Multiple
Vulnerabilities
Medium/
High
(High if
root
access
can be
obtained)
Bug discussed
in newsgroups
and websites.
Exploits have
been published.
Quantum
70
Multiple Snap
Server
4100
Several vulnerabilities exist: a
vulnerability exists because
the TCP/IP protocol stack
uses predictable sequence
numbers, which could let a
malicious user hijack existing
connections; and a Denial of
Service vulnerability exists
when the Snap Server is
portscanned.
No workaround or patch
available at time of
publishing.
Snap Server
TCP Sequence
Number and
Denial of
Service
Low/
Medium
(Medium
if an
existing
connec-
tion can
be
hijacked)
Bug discussed
in newsgroups
and websites.
There is no
exploit code
required.
RedHat
71
Unix RHMask
1.0 -9
A vulnerability exists because
the output filename supplied
in mask files is not properly
validated, which could let a
malicious user overwrite
arbitrary system files.
No workaround or patch
available at time of
publishing.
RHMask
Local File
Overwrite
Medium Bug discussed
in newsgroups
and websites.
There is no
exploit code
required.
69
Bugtraq, May 31, 2002.
70
Bugtraq, May 30, 2002.
71
Bugtraq, June 11, 2002.
(51 strony)
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Komentarze do niniejszej Instrukcji