|| ||CERT Advisory <firstname.lastname@example.org>|
|| ||CERT Summary CS-2002-03|
|| ||Fri, 30 Aug 2002 17:29:34 -0400|
-----BEGIN PGP SIGNED MESSAGE-----
CERT Summary CS-2002-03
August 30, 2002
Each quarter, the CERT Coordination Center (CERT/CC) issues the CERT
summary to draw attention to the types of attacks reported to our
incident response team, as well as other noteworthy incident and
vulnerability information. The summary includes pointers to sources of
information for dealing with the problems.
Past CERT summaries are available at http://www.cert.org/summaries/.
Since the last regularly scheduled CERT summary, issues in May 2002
(CS-2002-02), we have released several advisories, published
statistics for the second quarter of 2002, and written numerous white
For more current information on activity being reported to the
CERT/CC, please visit the CERT/CC Current Activity page. The Current
Activity page is a regularly updated summary of the most frequent,
high-impact types of security incidents and vulnerabilities being
reported to the CERT/CC. The information on the Current Activity page
is reviewed and updated as reporting trends change.
1. Multiple Vulnerabilities in CDE ToolTalk
The Common Desktop Environment (CDE) ToolTalk RPC database server
contains a buffer overflow vulnerability that could allow a remote
attacker to execute arbitrary code or cause a denial of service.
CERT Advisory CA-2002-26: Buffer Overflow in CDE ToolTalk
Two vulnerabilities have been discovered in the Common Desktop
Environment (CDE) ToolTalk RPC database server. The first
vulnerability could be used by a remote attacker to delete
arbitrary files, cause a denial of service, or possibly execute
arbitrary code or commands. The second vulnerability could allow a
local attacker to overwrite arbitrary files with contents of the
CERT Advisory CA-2002-20: Multiple Vulnerabilities in CDE ToolTalk
2. Integer Overflow in XDR Library
There is an integer overflow present in the xdr_array() function
distributed as part of the Sun Microsystems XDR library. This
overflow has been shown to lead to remotely exploitable buffer
overflows in multiple applications, leading to the execution of
arbitrary code. Although the library was originally distributed by
Sun Microsystems, multiple vendors have included the vulnerable
code in their own implementations.
CERT Advisory CA-2002-25: Integer Overflow in XDR Library
3. Multiple Vulnerabilities in OpenSSL
There are four remotely exploitable buffer overflows in OpenSSL.
There are also encoding problems in the ASN.1 library used by
OpenSSL. Several of these vulnerabilities could be used by a
remote attacker to execute arbitrary code on the target system.
All could be used to create denial of service.
CERT Advisory CA-2002-23: Multiple Vulnerabilities in OpenSSL
4. Multiple Vulnerabilities in Microsoft SQL Server
The CERT/CC is still receiving reports of systems being
compromised by exploiting vulnerabilities in Microsoft SQL Server.
The Microsoft SQL Server contains several serious vulnerabilities
that allow remote attackers to obtain sensitive information, alter
database contents, compromise SQL servers, and, in some
configurations, compromise server hosts.
CERT Advisory CA-2002-22: Multiple Vulnerabilities in Microsoft
5. Buffer Overflows in Multiple DNS Resolver Libraries
Buffer overflow vulnerabilities exist in multiple implementations
of DNS resolver libraries. Operating systems and applications that
utilize vulnerable DNS resolver libraries may be affected.
CERT Advisory CA-2002-19: Buffer Overflows in Multiple DNS
6. OpenSSH Vulnerabilities in Challenge Response Handling
There are two related vulnerabilities in the challenge response
handling code in OpenSSH versions 2.3.1p1 through 3.3. They may
allow a remote intruder to execute arbitrary code as the user
running sshd (often root). The first vulnerability affects OpenSSH
versions 2.9.9 through 3.3, that have the challenge response
option enabled, and use SKEY or BSD_AUTH authentication. The
second vulnerability affects PAM modules using interactive
keyboard authentication in OpenSSH versions 2.3.1p1 through 3.3,
regardless of the challenge response option setting.
CERT Advisory CA-2002-18: OpenSSH Vulnerabilities in Challenge
7. Apache Web Server Chunk Handling Vulnerability
There is a remotely exploitable vulnerability in the handling of
large chunks of data in web servers that are based on Apache
source code. This vulnerability is present by default in
configurations of Apache web servers versions 1.3 through 1.3.24
and versions 2.0 through 2.0.36. The impact of this vulnerability
is dependent upon the software version and the hardware platform
the server is running on.
CERT Advisory CA-2002-17: Apache Web Server Chunk Handling
8. Denial-of-Service Vulnerability in ISC BIND 9
A denial-of-service vulnerability exists in version 9 of the
Internet Software Consortium's (ISC) Berkeley Internet Name Domain
(BIND) server. ISC BIND versions 8 and 4 are not affected.
Exploiting this vulnerability will cause the BIND server to shut
CERT Advisory CA-2002-15: Denial-of-Service Vulnerability in ISC
What's New and Updated
Since the last CERT Summary, we have published new or updated
* Incident Notes
* CERT/CC Statistics
* Tech Tips
* White Papers
+ Securing an Internet Name Server
+ Creating a Computer Security Incident Response Team: A
Process for Getting Started
+ Flow-Service-Quality (FSQ) Engineering: Foundations for
Network System Analysis and Development
+ A Brief Tour of the Simple Network Management Protocol
+ Information Survivability: Required Shifts in Perspective
Any material furnished by Carnegie Mellon University and the Software
Engineering Institute is furnished on an "as is" basis. Carnegie
Mellon University makes no warranties of any kind, either expressed or
implied as to any matter including, but not limited to, warranty of
fitness for a particular purpose or merchantability, exclusivity or
results obtained from use of the material. Carnegie Mellon University
does not make any warranty of any kind with respect to freedom from
patent, trademark, or copyright infringement.
Conditions for use, disclaimers, and sponsorship information
Copyright ©2002 Carnegie Mellon University.
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.8
-----END PGP SIGNATURE-----
to post comments)