Section: .. / advisories / cert /
|
See the CERT website for more information.
|
| /// File Name: |
CA-90:10.attack.rumour.warning |
Description:
|
Message about alleged attacks on telephone systems. No evidence that rumors were substantiated.
| | File Size: | 2059 | | Last Modified: | Sep 14 07:46:43 1999 |
| MD5 Checksum: | 9833c67daa73ec8ec13fadb7ebf965a0 |
|
| /// File Name: |
CA-90:11.Security.Probes |
Description:
|
Many sites on the Internet received messages on Sunday, December 9. The messages stated that a group of researchers and students were testing for a "common bug" in network hosts.
| | File Size: | 4071 | | Last Modified: | Sep 14 07:46:44 1999 |
| MD5 Checksum: | 48145666c9cca036d27ee5b6d655b788 |
|
| /// File Name: |
CA-90:12.SunOS.TIOCCONS.vulnerabili..> |
Description:
|
This Advisory was a rebroadcast of a Sun Microsystems, Inc. Security Bulletin announcing the availability of a patch that corrects a problem with TIOCCONS. Problem Description: TIOCCONS can be used to re-direct console output/input away from "console"
| | File Size: | 8011 | | Last Modified: | Sep 14 07:46:44 1999 |
| MD5 Checksum: | fe8d2de38dd6e78f68ba2e0c6c052f73 |
|
| /// File Name: |
CA-91:02a.SunOS.telnetd.vulnerabili..> |
Description:
|
This advisory announces a security problem with the in.telnetd program in releases of SunOS 4.1 and 4.1.1.
| | File Size: | 6455 | | Last Modified: | Sep 14 07:46:45 1999 |
| MD5 Checksum: | 28c2fa8d9803eae92860b2631bd944ed |
|
| /// File Name: |
CA-91:03.unauthorized.password.chan..> |
Description:
|
This advisory addresses recent bogus email messages which have been distributed on the Internet. The messages request that the user change his/her password, and appear to come from the system admin.
| | File Size: | 4791 | | Last Modified: | Sep 14 07:46:46 1999 |
| MD5 Checksum: | 36e8423389284da45b870e15b60a2fb4 |
|
| /// File Name: |
CA-91:04.social.engineering |
Description:
|
This advisory is an addition to CA-91:03. It addresses more bogus Internet email scams and urges system administrators to warn their users.
| | File Size: | 4827 | | Last Modified: | Sep 14 07:46:47 1999 |
| MD5 Checksum: | c7a8e8ed7e7e7ed3a8f2cb16f96bdeb1 |
|
| /// File Name: |
CA-91:05.Ultrix.chroot.vulnerabilit..> |
Description:
|
Corrects improper installation of /usr/bin/chroot for Ultrix versions 4.0 and 4.1.
| | File Size: | 2963 | | Last Modified: | Sep 14 07:46:48 1999 |
| MD5 Checksum: | e3ef49c71cce529ec4f264d0c1970705 |
|
| /// File Name: |
CA-91:06.NeXTstep.vulnerability |
Description:
|
Addresses three vulnerabilities in NeXT systems running various versions of NeXTstep. Affected are: rexd(8C), /private/etc, username "me".
| | File Size: | 3983 | | Last Modified: | Sep 14 07:46:48 1999 |
| MD5 Checksum: | 79da7369f700994ed8a6de546e62ce42 |
|
| /// File Name: |
CA-91:07.SunOS.source.tape.vulnerab..> |
Description:
|
Fixes a security vulnerability on SunOS (4.0.3, 4.1, and 4.1.1) systems which have installed the Sun Source tapes.
| | File Size: | 4328 | | Last Modified: | Sep 14 07:46:49 1999 |
| MD5 Checksum: | eca3e19c518a80c6a254b3ecdb872362 |
|
| /// File Name: |
CA-91:08.systemV.login.vulnerabilit..> |
Description:
|
Addresses a vulnerability in all System V Release 4 versions of /bin/login. Patch provided by AT&T.
| | File Size: | 3600 | | Last Modified: | Sep 14 07:46:49 1999 |
| MD5 Checksum: | 265a1e6a9d41917c2673bd365d5c9d5d |
|
| /// File Name: |
CA-91:10a.SunOS.lpd.vulnerability |
Description:
|
Vulnerability in SunOS 4.0.3, 4.1, and 4.1.1 /usr/lib/lpd. Patched versions are available. Version 10a of this advisory supersedes all prior versions.
| | File Size: | 5281 | | Last Modified: | Sep 14 07:46:52 1999 |
| MD5 Checksum: | be29874f7e415aec17b7f974481c274a |
|
| /// File Name: |
CA-91:11.Ultrix.LAT-Telnet.gateway...> |
Description:
|
Vulnerability in Ultrix LAT/Telnet gateway software on all Ultrix 4.1 and 4.2 systems. Patch available directly from DEC.
| | File Size: | 3929 | | Last Modified: | Sep 14 07:46:53 1999 |
| MD5 Checksum: | a809e64a1d29d98d4b7917e572aa885b |
|
| /// File Name: |
CA-91:12.Trusted.Hosts.Configuratio..> |
Description:
|
Vulnerability in MANY Unix systems regarding the use of a minus sign ("-") as the first character in any hosts.equiv hosts.lpd, and/or .rhosts files. Workaround is to re-arrange the lines in these files such that the "-" is not the first character in the file.
| | File Size: | 3668 | | Last Modified: | Sep 14 07:46:53 1999 |
| MD5 Checksum: | ccb7cd77efe8fdde74a8ec822a9cafd2 |
|
| /// File Name: |
CA-91:14.IRIX.mail.vulnerability |
Description:
|
Vulnerability regarding the handling of mail messages on all Silicon Graphics IRIX Systems prior to version 4.0. The problem is fixed in version 4.0. Solution involves changing permissions and ownership of a system command.
| | File Size: | 3964 | | Last Modified: | Sep 14 07:46:54 1999 |
| MD5 Checksum: | 10ddd18e99e6aafb9cacdaaf43db0ab6 |
|
| /// File Name: |
CA-91:15.NCSA.Telnet.vulnerability |
Description:
|
Vulnerability in PC and Mac telnet program by NCSA. This advisory details a workaround.
| | File Size: | 4967 | | Last Modified: | Sep 14 07:46:55 1999 |
| MD5 Checksum: | 283ef8b65c446551c3c1be0087269de6 |
|
| /// File Name: |
CA-91:17.DECnet-Internet.Gateway.vu..> |
Description:
|
Vulnerability in Ultrix DECnet to Internet gateway software. This advisory details a workaround. The vulnerability affects Ultrix versions 4.0, 4.1, and 4.2.
| | File Size: | 3905 | | Last Modified: | Sep 14 07:46:55 1999 |
| MD5 Checksum: | 5a12a141a9d10c63766a1bd28197ba08 |
|
| /// File Name: |
CA-91:18.Active.Internet.tftp.Attac..> |
Description:
|
Warning about automated tftp probes for /etc/passwd to Internet sites throughout the world. Urges all sites to carefully check their system configurations concerning tftp usage. Indicates how sites can secure their tftp configurations.
| | File Size: | 4255 | | Last Modified: | Sep 14 07:46:56 1999 |
| MD5 Checksum: | 33db6d41d145512cc32c60917dcb7deb |
|
| /// File Name: |
CA-91:19.AIX.TFTP.Daemon.vulnerabil..> |
Description:
|
Vulnerability in the TFTP daemon in all versions of AIX for IBM RS/6000 machines. Patch available from IBM for all AIX releases from "GOLD" to the current release.
| | File Size: | 5281 | | Last Modified: | Sep 14 07:46:57 1999 |
| MD5 Checksum: | 4eb2169bdaecc0d5ebdb7353a9ae220b |
|
| /// File Name: |
CA-91:21.SunOS.NFS.Jumbo.and.fsiran..> |
Description:
|
Vulnerabilities concerning Sun Microsystems, Inc. (Sun) Network File System (NFS) and the fsirand program. These vulnerabilities affect SunOS versions 4.1.1, 4.1, and 4.0.3 on all architectures. Patches are available for SunOS 4.1.1. An initial patch for SunOS 4.1 NFS is also available. Sun will be providing complete patches for SunOS 4.1 and SunOS 4.0.3 at a later date.
| | File Size: | 6484 | | Last Modified: | Sep 14 07:46:58 1999 |
| MD5 Checksum: | f8a94d6d2ba0b73dc3269d4943173128 |
|
| /// File Name: |
CA-91:23.Apollo.crp.vulnerability |
Description:
|
A vulnerability is present in the crp system in Hewlett Packard/Apollo Domain/OS in all SR10 versions. A workaround is available and patches for SR10.3 and SR10.4 will be available from Apollo at a future date.
| | File Size: | 5140 | | Last Modified: | Sep 14 07:46:58 1999 |
| MD5 Checksum: | 8a08af13633b5e958fbd15101055ab15 |
|
| /// File Name: |
CA-92:01.NeXTstep.configuration.vul..> |
Description:
|
A vulnerability is present in the default configuration in release 2 of NeXTstep's NetInfo. The advisory indicates where a description of how to configure NetInfo correctly can be obtained.
| | File Size: | 3414 | | Last Modified: | Sep 14 07:46:59 1999 |
| MD5 Checksum: | 24df072134fc112a28ee5f133caebabe |
|
| /// File Name: |
CA-92:02.Michelangelo.PC.virus.warn..> |
Description:
|
This advisory warns users of a PC virus called Michelangelo. The virus affects IBM PCs and compatibles, and has a trigger date of March 6 (any year).
| | File Size: | 5719 | | Last Modified: | Sep 14 07:47:00 1999 |
| MD5 Checksum: | 42f14a4d7387164ff33aa4c3334d84a9 |
|
| /// File Name: |
CA-92:03.Internet.Intruder.Activity |
Description:
|
Warning about a significant intrusion incident on the Internet. Urges all system administrators to check their systems for the signs of intrusion detailed in the advisory.
| | File Size: | 4808 | | Last Modified: | Sep 14 07:47:00 1999 |
| MD5 Checksum: | aed2c9a7f52dca2f388de4582470f102 |
|
| /// File Name: |
CA-92:04.ATT.rexecd.vulnerability |
Description:
|
A vulnerability is present in AT&T TCP/IP Release 4.0 running on SVR4 systems for both the 386/486 and 3B2 RISC platforms. The problem is in the remote execution server /usr/etc/rexecd and a new version of rexecd is available from AT&T.
| | File Size: | 4160 | | Last Modified: | Sep 14 07:47:01 1999 |
| MD5 Checksum: | d3ba20fb3622c0b329d3551682a0bfd1 |
|
| /// File Name: |
CA-92:05.AIX.REXD.Daemon.vulnerabil..> |
Description:
|
The rexd daemon may be enabled by default in versions 3.1 and 3.2 of AIX for IBM RS/6000 machines. The advisory describes a fix for the problem and details how to obtain a patch for the problem from IBM.
| | File Size: | 3734 | | Last Modified: | Sep 14 07:47:02 1999 |
| MD5 Checksum: | 12755620942eeeceebec51a51a8de967 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
