Section: .. / advisories / cert /
|
See the CERT website for more information.
|
| /// Directory: |
/ summaries / |
Description:
|
summaries
| | Total Files: | 40 | | Last Modified: | Sep 14 08:51:06 2004 |
|
| /// Directory: |
/ bulletins / |
Description:
|
Unavailable.
| | Total Files: | 69 | | Last Modified: | Sep 14 08:51:04 2004 |
|
| /// File Name: |
CA-2003-14.mswin.txt |
Description:
|
CERT Advisory CA-2003-14 - A buffer overflow vulnerability exists in a shared HTML conversion library included in Microsoft Windows. An attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service.
| | Homepage: | http://www.cert.org | | File Size: | 7062 | | Last Modified: | Jul 18 01:54:32 2003 |
| MD5 Checksum: | 8c5b5e631a493151fcc60504744b1dc0 |
|
| /// File Name: |
CA-2003-13.snort |
Description:
|
CERT Advisory CA-2003-13 - Two remote vulnerabilities in the Snort IDS, versions 1.8 through 2.0 RC allow remote execution of code as root. It is not necessary for the attacker to know the IP address of the Snort device they wish to attack; merely sending malicious traffic where it can be observed by an affected Snort sensor is sufficient to exploit these vulnerabilities. Fix available here.
| | Homepage: | http://www.cert.org | | File Size: | 9583 | | Last Modified: | Apr 18 10:06:53 2003 |
| MD5 Checksum: | 30fa60b771ff2e6ee35376d17f2619f4 |
|
| /// File Name: |
CA-2003-12.sendmail |
Description:
|
CERT Advisory CA-2003-12 - A remote stack overflow in Sendmail 8.12.8 and below was discovered by Michal Zalewski which allows remote code execution as root. This bug is in the prescan code and is different than the recent sendmail bug described in CA-2003-07. Patch available here.
| | Homepage: | http://www.cert.org | | File Size: | 9454 | | Related CVE(s): | CAN-2003-0161 | | Last Modified: | Apr 1 07:51:51 2003 |
| MD5 Checksum: | 5f9042c50705af2bf508c8b6bf27dc38 |
|
| /// File Name: |
CA-2003-11.lotus.domino |
Description:
|
CERT Advisory CA-2003-11 - Multiple vulnerabilities have been reported to affect Lotus Notes clients and Domino servers v5.0.12 through 6.0.1 including six exploitable buffer overflows. TCP port 1352 is a likely conduit for attack, however Lotus Notes often listens to Netbios, SPX, or XPC ports.
| | Homepage: | http://www.cert.org | | File Size: | 9867 | | Last Modified: | Mar 27 09:29:44 2003 |
| MD5 Checksum: | faf6d46160e65b496113291bafcb82ee |
|
| /// File Name: |
CA-2003-10.rpcxdr |
Description:
|
CERT Advisory CA-2003-10 - A buffer overflow vulnerability in SunRPC-derived XDR libraries causes several applications which use the rpcbind service to allow execution of arbitrary code or disclosure of sensitive information. In addition, intruders may be able to crash the MIT KRB5 kadmind or cause it to leak sensitive information, such as secret keys. Vulnerable code includes GNU Glibc 2.3.1 and below, Solaris 2.6, 7, 8 and 9, AIX 4.3.3 through 5.2.0, and MIT Kerberos vulnerabilities.
| | Homepage: | http://www.cert.org | | File Size: | 14357 | | Last Modified: | Mar 25 05:47:53 2003 |
| MD5 Checksum: | a1dc824b3db44b8751af7ba3c83beb73 |
|
| /// File Name: |
CA-2003-09.iis-webdav |
Description:
|
CERT Advisory CA-2003-09 - A buffer overflow vulnerability exists in Microsoft IIS 5.0 running on Microsoft Windows 2000. An overflow in ntdll.dll of WebDAV allows remote users to execute code in the local system context. See also ms03-007.
| | Homepage: | http://www.cert.org | | File Size: | 7125 | | Related CVE(s): | CAN-2003-0109 | | Last Modified: | Mar 18 14:39:13 2003 |
| MD5 Checksum: | ffa2899810162a68e9c91d8cae8f7803 |
|
| /// File Name: |
CA-2003-08.winshares |
Description:
|
CERT Advisory CA-2003-08 - There is increased activity targeting Windows shares over ports 137, 138, 139, and 445.
| | Homepage: | http://www.cert.org | | File Size: | 19413 | | Last Modified: | Mar 18 14:36:16 2003 |
| MD5 Checksum: | c6a335f230856f5bc465110717f36e8d |
|
| /// File Name: |
CA-2003-07.sendmail |
Description:
|
CERT Advisory CA-2003-07 - Sendmail prior to 8.12.8 has a remote root vulnerability which can be exploited by a malicious mail message, allowing non-vulnerable MTA's to relay the exploit message to unpatched MTA's on an internal network. A successful attack against an unpatched sendmail system will not leave any messages in the logs. All Sendmail Pro, Sendmail Switch, and Sendmail for NT are also vulnerable. Fix available here.
| | Homepage: | http://www.cert.org | | File Size: | 12357 | | Related CVE(s): | CAN-2002-1337 | | Last Modified: | Mar 4 06:06:00 2003 |
| MD5 Checksum: | 137522a297a47bd898379d3ef460199c |
|
| /// File Name: |
CA-2003-06.sip |
Description:
|
CERT Advisory CA-2003-06 - Numerous vulnerabilities have been reported in multiple vendor implementations of the Session Initiation Protocol, or SIP, which may allow an attacker to gain unauthorized privileged access, cause denial-of-service attacks, or cause unstable system behavior.
| | Homepage: | http://www.cert.org | | File Size: | 16973 | | Last Modified: | Feb 21 18:04:53 2003 |
| MD5 Checksum: | 967409fbce6d95e1ba77b3f2800714d8 |
|
| /// File Name: |
CA-2003-05.oracle |
Description:
|
CERT Advisory CA-2003-05 - Systems running Oracle8 Database v 8.0.6, 8.1.7, Oracle9i Database (Release 1 and 2), and Oracle9i Application Server (Release 9.0.2 and 9.0.3) contain multiple remote vulnerabilities which can lead to the execution of arbitrary code, allow users to modify database records, or cause a denial of service, breaking the database.
| | Homepage: | http://www.cert.org | | File Size: | 8514 | | Last Modified: | Feb 20 10:20:39 2003 |
| MD5 Checksum: | 22a4447df0df965497ab612a64c1a15a |
|
| /// File Name: |
CA-2003-04.mssql.worm |
Description:
|
CERT Advisory CA-2003-04 - A quickly spreading Microsoft SQL worm exploits two vulnerabilities in Microsoft SQL Server 2000 over udp port 1434.
| | Homepage: | http://www.cert.org | | File Size: | 7874 | | Last Modified: | Jan 26 19:38:07 2003 |
| MD5 Checksum: | 9a3232db2280856d044de3dc8eaac1af |
|
| /// File Name: |
CA-2003-03.windows.locator |
Description:
|
CERT Advisory CA-2003-03 - Windows NT, 2000, and XP contains a buffer overflow in the Windows Locator service that allows remote attackers to execute arbitrary code via the netbios ports. More information available here and in ms03-001.
| | Homepage: | http://www.cert.org | | File Size: | 8111 | | Last Modified: | Jan 24 08:07:05 2003 |
| MD5 Checksum: | e25389d4f4430a44f678578aad102a83 |
|
| /// File Name: |
CA-2003-02.cvs |
Description:
|
CERT Advisory CA-2003-02 - Systems running CVS Home project versions of CVS prior to 1.11.5 allow non-authenticated remote attackers with read only access to execute arbitrary code. Vendor status information available here.
| | Homepage: | http://www.cert.org | | File Size: | 11935 | | Last Modified: | Jan 23 09:25:39 2003 |
| MD5 Checksum: | 96bcee114c70021a72d131f47f8011d4 |
|
| /// File Name: |
CA-2003-01.dhcpd |
Description:
|
CERT Advisory CA-2003-01 - There are multiple stack-based buffer overflows in ISC DHCP that are exploitable by sending a DHCP message containing a large hostname value allowing remote attackers to execute code with the privileges of the user running dhcpd.
| | Homepage: | http://www.cert.org | | File Size: | 10570 | | Related CVE(s): | CAN-2003-0026 | | Last Modified: | Jan 17 09:24:05 2003 |
| MD5 Checksum: | d17c624c49bad511e5dac22b8cce69a6 |
|
| /// File Name: |
CA-2002-37.windows.shell |
Description:
|
CERT Advisory CA-2002-37 - A buffer overflow vulnerability in the Microsoft Windows Shell allows remote attackers to execute arbitrary code via malicious email message, malicious web page, or browsing through a folder containing a malicious .MP3 or .WMA file. More information available here.
| | Homepage: | http://www.cert.org | | File Size: | 6098 | | Related CVE(s): | CAN-2002-1327 | | Last Modified: | Dec 21 11:28:18 2002 |
| MD5 Checksum: | e94145ac24db820aa7d84da855aa5755 |
|
| /// File Name: |
CA-2002-36.ssh |
Description:
|
CERT Advisory CA-2002-36 - Multiple vendors' implementations of the secure shell (SSH) transport layer protocol contain vulnerabilities that could allow a remote attacker to execute arbitrary code with the privileges of the SSH process or cause a denial of service. The vulnerabilities affect SSH clients and servers, and they occur before user authentication takes place. OpenSSH is not vulnerable. More information available here.
| | Homepage: | http://www.cert.org | | File Size: | 11191 | | Last Modified: | Dec 21 11:23:09 2002 |
| MD5 Checksum: | 393e90df79d2e0d58203125c9bb58ff0 |
|
| /// File Name: |
CA-2002-35.raq4 |
Description:
|
CERT Advisory CA-2002-35 - Cobalt Raq4 systems with the Security Hardening Package installed allow remote attackers to execute code as root because overflow.cgi does not adequately filter input destined for the email variable.
| | Homepage: | http://www.cert.org | | File Size: | 6638 | | Last Modified: | Dec 12 16:49:28 2002 |
| MD5 Checksum: | 026cbf3d80a30a687e152121d00ddeb6 |
|
| /// File Name: |
CA-2002-34.xfs |
Description:
|
CERT Advisory CA-2002-34 - The Solaris X Window Font Service (XFS) daemon (fs.auto) on Solaris 2.5.1 - 9 contains a remotely exploitable user nobody buffer overflow on Sparc and X86. More information available here.
| | Homepage: | http://www.cert.org | | File Size: | 7331 | | Related CVE(s): | CAN-2002-1317 | | Last Modified: | Nov 30 12:08:28 2002 |
| MD5 Checksum: | e6268b7f2e6e9e048615738ffeb05c49 |
|
| /// File Name: |
CA-2002-33.MDAC |
Description:
|
CERT Advisory CA-2002-33 - Heap Overflow Vulnerability in Microsoft Data. A routine in the RDS component, specifically the RDS Data Stub function, contains an unchecked buffer. The RDS Data Stub function's purpose is to parse incoming HTTP requests and generate RDS commands. This unchecked buffer could be exploited to cause a heap overflow.
| | Homepage: | http://www.cert.org | | File Size: | 7392 | | Last Modified: | Nov 24 02:18:56 2002 |
| MD5 Checksum: | b5c22892f43bdc3b7483e26eba6523ce |
|
| /// File Name: |
CA-2002-32.alcatel |
Description:
|
CERT Advisory CA-2002-32 - Backdoor in Alcatel OmniSwitch 7700 and 7800 AOS version 5.1.1. A telnet server listens on TCP port number 6778, a backdoor that was originally used during development to access the Wind River Vx-Works operating system. Due to an oversight, this access was not removed prior to product release.
| | Homepage: | http://www.cert.org | | File Size: | 5298 | | Last Modified: | Nov 24 02:16:00 2002 |
| MD5 Checksum: | bb91a5a0f11171433192ade8fc82b9cc |
|
| /// File Name: |
CA-2002-31.bind |
Description:
|
CERT Advisory CA-2002-31 - BIND 8 has vulnerabilities that may allow remote attackers to execute arbitrary code with the privileges of the user running named which is usually root, or with the privileges of vulnerable client applications. The other vulnerabilities will allow remote attackers to disrupt the normal operation of DNS name service running on victim servers.
| | Homepage: | http://www.cert.org/ | | File Size: | 15378 | | Last Modified: | Nov 15 09:21:15 2002 |
| MD5 Checksum: | 7911dbfee02e3e41e0f329b0d8fdff46 |
|
| /// File Name: |
CA-2002-30.trojan |
Description:
|
CERT Advisory CA-2002-30 - Released source code distributions of the libpcap and tcpdump packages were modified by an intruder and contain a trojan horse which, upon compile time, remote grabs a file from a fixed IP address which it then compiles and runs. The binary then goes to a fixed IP address and gets a one character response which enables the remote machine to trigger the spawning of a shell to the remote machine. The backdoor also explicitly ignores all traffic on port 1963.
| | Homepage: | http://www.cert.org/ | | File Size: | 8715 | | Last Modified: | Nov 15 09:02:19 2002 |
| MD5 Checksum: | e54c4be958885a0de93635a5937a757f |
|
| /// File Name: |
CA-2002-29.kerberos |
Description:
|
CERT Advisory CA-2002-29 - Multiple Kerberos distributions contain a remotely exploitable buffer overflow in the Kerberos administration daemon. A remote attacker could exploit this vulnerability to gain root privileges.
| | Homepage: | http://www.cert.org | | File Size: | 1391 | | Last Modified: | Oct 30 08:56:09 2002 |
| MD5 Checksum: | 5bc3502dfd425743f5896240e081ff72 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
