NIPC CyberNotes #2002-12 Page 21 of 33 06/17/2002
Vendor
Operating
System
Software
Name
Vulnerability/
Impact
Patches/Workarounds/
Alerts
Common
Name
Risk*
Attacks/
Scripts
YaBB
94
Windows
95/98/NT
4.0/2000
YaBB 1
Gold
Release
A vulnerability exists because
Flash content may be
uploaded, which could let a
malicious user execute
arbitrary JavaScript.
No workaround or patch
available at time of
publishing.
YaBB Flash
File Script
Injection
High
Bug discussed
in newsgroups
and websites.
ZenTrack
95
Multiple ZenTrack
2.0.1 c
Beta, 2.0.2
c Beta,
2.0.3
A path disclosure
vulnerability exists if a
maliciously crafted HTTP
request is submitted, which
could let a remote malicious
user obtain sensitive
information.
No workaround or patch
available at time of
publishing.
ZenTrack
Information
Disclosure
Medium Bug discussed
in newsgroups
and websites.
There is no
exploit code
required.
*“Risk” is defined by CyberNotes in the following manner:
High - A high-risk vulnerability is defined as one that will allow an intruder to immediately gain privileged
access (e.g., sysadmin or root) to the system or allow an intruder to execute code or alter arbitrary system
files. An example of a high-risk vulnerability is one that allows an unauthorized user to send a sequence of
instructions to a machine and the machine responds with a command prompt with administrator privileges.
Medium – A medium-risk vulnerability is defined as one that will allow an intruder immediate access to a
system with less than privileged access. Such vulnerability will allow the intruder the opportunity to
continue the attempt to gain privileged access. An example of medium-risk vulnerability is a server
configuration error that allows an intruder to capture the password file.
Low - A low-risk vulnerability is defined as one that will provide information to an intruder that could lead
to further compromise attempts or a Denial of Service (DoS) attack. It should be noted that while the DoS
attack is deemed low from a threat potential, the frequency of this type of attack is very high. DoS attacks
against mission-critical nodes are not included in this rating and any attack of this nature should instead
be considered to be a “High” threat.
Recent Exploit Scripts/Techniques
The table below contains a representative sample of exploit scripts and How to Guides, identified between
May 12 and June 12, 2002, listed by date of script, script names, script description, and comments. Items
listed in boldface/red (if any) are attack scripts/techniques for which vendors, security vulnerability
listservs, or Computer Emergency Response Teams (CERTs) have not published workarounds or
patches, or which represent scripts that malicious users are utilizing. During this period, 27 scripts,
programs, and net-news messages containing holes or exploits were identified. Note: At times,
scripts/techniques may contain names or content that may be considered offensive.
Date of Script
(Reverse Chronological
Order)
Script Name Script Description
June 12, 2002
GOBBLES-invite.c
Script which exploits the IRCIT Remote Buffer Overflow
vulnerability.
June 12, 2002
Hydra-2.1.tar.gz
A parallized login hacker which understands FTP, POP3,
IMAP, Telnet, HTTP Auth, NNTP, VNC, ICQ, Socks5,
PCNFS, samba, Crisco enable, LDAP, and more.
June 12, 2002
Simpleinitexploit.c
Script which exploits the SimpleInit Inherit File Descriptor
vulnerability.
94
EyeonSecurity, June 5, 2002.
95
ALPER Research Labs Security Advisory, ARL02-A14, June 10, 2002.
(51 páginas)
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentários a estes Manuais