Weekly Newsletter from Help Net Security Issue 16 - 07.05.2000 - Covers weekly roundups of security related events. In this issue: Outlook patch which lets administrators selectively permit some attachments could cause compatibility problems with software meant to work with Outlook, Microsoft Brasil web site defaced, ech0 security scanner, domain hijacking, Allegro-Software-RomPager vulnerable to DoS, Linux-Mandrake bind no longer runs as root, Linux-Mandrake Xlockmore security update, Checkpoint Firewall-1 IP Fragmentation Vulnerability, vbs gnutella worm, vbs_timofonica virus, and more.
98ceee0ab94aec7441a4a451c471432cab56af962c32da56b3b2189a98f3b536
MDMA Advisory #5 - It is possible to view the source of CGI scripts running under the Savant Webserver by omitting the HTTP version from your request.
1724fba392451be3b3274800afadb12de1c0b9bc1ae2d9480be7bf44fb177af0
Linux Security Magazine June 5, 2000. In this issue - Articles: An Introduction to IP Masquerading - Part 2, Firewall placement, Cracked! Part 4: The Sniffer, Who's Sniffing Your Network?, Update: Blocking "Killer Resume", Buffer Overrun Vulnerabilities in Kerberos, popa3d v0.4 contributed Kerberos, Linux Deleted File Recovery Tool, Mission Critical Linux, and Domain Hijacking Raises Security Issue. Advisories: RedHat Majordomo, Turbolinux users can view shadowed password file, PGP 5.0 Key generation weakness, SuSE kmulti local root compromise, Mandrake kdesu vulnerability, NetBSD Local "cpu-hog" denial of service, NetBSD SysV semaphore denial-of-service, NetBSD /etc/ftpchroot parsing broken, NetBSD Exploitable Vulnerability in Xlockmore, OpenBSD Xlockmore vulnerability, OpenBSD ipf vulnerability.
f0f51e6bebaced28e0897a3a32124913bf3c6f78a6cd621e702bf62b3c0902bf
Georgi Guninski security advisory #12 - Internet Explorer 5.01 under Windows 98 (other versions are also vulnerable) allows circumventing "Cross frame security policy" by accessing the DOM of documents using JavaScript, IFRAME and WebBrowser control. This exposes the whole DOM of the target document and opens lots of security risks, such as reading local files, reading files from any host, window spoofing, getting cookies, etc. Exploit code included. Demonstration available here.
8aa57814b27a04133662e4ce2ca66e82e2d3cbb4f03b5ed71b69ebd2cf052c2c
DoS attack for all platforms of Checkpoint Firewall-1 has been identified. Large numbers of fragmented packets cause the CPU to hit 100% utilization, and the system locks up. Some systems may also crash, depending on OS type. The rulebase can not be used to block the attack, and nothing is logged. More information on Firewall-1's state table available here.
443e72af7463c692428baddc50b3b04477971f4a89888b58f9bd92548ef83428
MDMA Advisory #6 - EServ v2.92 and prior are vulnerable to a logging heap overflow vulnerability. Java proof of concept exploit code included.
8f8294582a025b703fc4bcc38a6d47de57ed4735dddb9a13e1f4b02168d4ba63