NetProwler 3.5.1 SU15 introduces six (6) new signatures that detect a Lotus Domino password bypass, a root exploit to UCD-SNMP Community Name buffer, and Buffer Overflows to mIRC Nickname, Apple QuickTime® Content-Type, UPnP (Universal Plug and Play), and SNMP Set System name. You may obtain NetProwler 3.5.1 SU 15 through the product's autoupdate feature.
- Lotus_Domino_Password_Bypass
Vulnerabilities exist in Lotus Domino Server allowing malicious users to bypass administrative authentication resulting in complete administrative control of the server. Lotus Domino Server versions 5.0.9 and prior are vulnerable.
http://online.securityfocus.com/bid/4022
- mIRC_Nickname_Buffer_Overflow
Khaled Mardam-Bay mIRC, a popular Internet Relay Chat client, conducts improper bounds checking of nicknames sent by the server. A malicious user can exploit this unchecked buffer with a long nickname and overwrite stack variables ultimately allowing the user to gain control of the host computer running the client software. This bug is corrected in version 6.0.
http://online.securityfocus.com/bid/4027
- Quicktime_Content_Type_Overflow
Vulnerabilities exist in Apple QuickTime Player 5.01 and 5.02 for Windows. When an HTTP response containing a long "Content-Type" is received from a malicious web server, a local buffer is overwritten and then executed on the client host. If exploited, this vulnerability allows a web server to execute malicious code on the client computer.
http://online.securityfocus.com/bid/4064
- SNMP_Community_Name_Root_Access
Vulnerabilities exist in many vendors' implementations of Simple Network Management Protocol, Version 1. If exploited, this vulnerability could lead to a denial of service for managed network devices using SNMP, or in extreme cases, administrator-level remote access by unauthorized users. This signature identifies an exploit that includes malicious shell code that is designed to permit the malicious user to gain privileged remote access to the system under attack.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=2002-0013
- SNMP_Set_Sysname_Overflow
Vulnerabilities exist in many vendors' implementations of Simple Network Management Protocol, Version 1. The system name of the managed device may be overflowed, as the protocol does improper bounds checking on the sysname buffer to limit the number of characters it will accept. If exploited, this vulnerability could lead to a denial of service for managed network devices using SNMP. In extreme cases, this vulnerability may lead to unauthorized users gaining administrator-level remote access.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=2002-0013
- UPnP_NOTIFY_Buffer_Overflow
Vulnerabilities exist in Microsoft's implementation of Universal Plug and Play (UPnP). The NOTIFY command may be overflowed as the buffer does not limit the number of characters it will accept. If exploited, this vulnerability could lead to a denial of service for managed network devices using the UPnP protocol. In extreme cases, this vulnerability may lead to administrator-level remote access by unauthorized users.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=2001-0876
Last modified on: Tuesday, 11-Jun-02 11:47:59
|
