Section: .. / advisories / cert /
|
See the CERT website for more information.
|
| /// File Name: |
CA-93:02a.NeXT.NetInfo._writers.vul..> |
Description:
|
This advisory provides information concerning vulnerabilities in the distributed printing facility ("_writers" properties) of NeXT computers running all releases of NeXTSTEP software through NeXTSTEP Release 3.0. The advisory details the availability of a patch for the problems and provides suggested workarounds.
| | File Size: | 6233 | | Last Modified: | Sep 14 07:47:16 1999 |
| MD5 Checksum: | a972cdc1519587485675a866751363c8 |
|
| /// File Name: |
CA-93:01.REVISED.HP.NIS.ypbind.vuln..> |
Description:
|
** This advisory supersedes CA-92:17. ** A vulnerability is present in Hewlett-Packard's HP/UX Operating System for series 300, 700, and 800 computers, which allows remote NIS servers unauthorized access to local NIS hosts. Patches from HP are available for all of the HP/UX level 8 releases (8.0, 8.02, 8.06, and 8.07). The problem is fixed in HP/UX 9.0.
| | File Size: | 5744 | | Last Modified: | Sep 14 07:47:14 1999 |
| MD5 Checksum: | 669ba4a4e2a9c619765eb859e29edda0 |
|
| /// File Name: |
CA-92:21.ConvexOS.vulnerabilities |
Description:
|
This advisory provides information concerning several vulnerabilities in ConvexOS/Secure, CONVEX CXbatch, CONVEX Storage Manager (CSM), and ConvexOS EMACS. These vulnerabilities can affect ConvexOS versions V6.2 - V10.2 and ConvexOS/Secure versions V9.5 and V10.0 on all supported architectures. The advisory describes a workaround for one of the vulnerabilities and provides information on how to obtain a patches for the other problems from CONVEX Computer Corporation.
| | File Size: | 5938 | | Last Modified: | Sep 14 07:47:13 1999 |
| MD5 Checksum: | 3e71d8b4d58199d91749e14bb9b92467 |
|
| /// File Name: |
CA-92:20.Cisco.Access.List.vulnerab..> |
Description:
|
This advisory provides information concerning a vulnerability in Cisco router access lists when the "established" keyword is used. This vulnerability is present in Cisco software releases 8.2, 8.3, 9.0 and 9.1. The advisory describes workarounds and provides information on how to obtain a patch for the problem from Cisco.
| | File Size: | 5581 | | Last Modified: | Sep 14 07:47:12 1999 |
| MD5 Checksum: | d4f10508dc3b7768d21abbfa6410adfe |
|
| /// File Name: |
CA-92:19.Keystroke.Logging.Banner.N..> |
Description:
|
This advisory provides information from the United States Department of Justice, General Litigation and Legal Advice Section, Criminal Division, regarding keystroke monitoring by computer systems administrators, as a method of protecting computer systems from unauthorized access. The CERT staff strongly suggests adding a notice banner such as the one included in the advisory to all systems. Sites not covered by U.S. law should consult their legal counsel.
| | File Size: | 6042 | | Last Modified: | Sep 14 07:47:12 1999 |
| MD5 Checksum: | c2dd95072b105375eb41f2a6cec4aafb |
|
| /// File Name: |
CA-92:18.VMS.Monitor.vulnerability...> |
Description:
|
** This advisory supersedes CA-92:16. ** It provides additional information concerning availability of remedial image kits to correct a vulnerability present in the Monitor utility in VMS V5.0 through V5.4-2. The vulnerability has been corrected in V5.4-3 through V5.5-1.
| | File Size: | 9149 | | Last Modified: | Sep 14 07:47:11 1999 |
| MD5 Checksum: | d080ba518701f588a86ecb778a05f11a |
|
| /// File Name: |
CA-92:15.Multiple.SunOS.vulnerabili..> |
Description:
|
** This advisory supersedes CA-91:16. ** The advisory describes how to obtain various patches for SunOS 4.1, 4.1.1, and 4.1.2 for all Sun architectures. As the application of these patches involves rebuilding your system kernel, it is recommended that you apply all patches simultaneously.
| | File Size: | 7284 | | Last Modified: | Sep 14 07:47:10 1999 |
| MD5 Checksum: | 87824e162abc82bf0d9e7cd4db19a60b |
|
| /// File Name: |
CA-92:14.Altered.System.Binaries.In..> |
Description:
|
Warning about a significant intrusion incident on the Internet. Urges all system administrators to check their systems for the signs of intrusion detailed in the advisory.
| | File Size: | 7132 | | Last Modified: | Sep 14 07:47:09 1999 |
| MD5 Checksum: | 493a3fa57734698d2d0b91732fd2f87a |
|
| /// File Name: |
CA-92:13.SunOS.NIS.vulnerability |
Description:
|
Vulnerabilities are present in NIS under SunOS 4.1, 4.1.1, and 4.1.2, and may or may not exist in earlier versions of NIS. The advisory describes how to obtain a patch for SunOS 4.1, 4.1.1, and 4.1.2 for the problem from Sun.
| | File Size: | 5652 | | Last Modified: | Sep 14 07:47:08 1999 |
| MD5 Checksum: | 4a92a643f9e6e8b4a863d606fc75d1fd |
|
| /// File Name: |
CA-92:11:SunOS.Environment.vulnerab..> |
Description:
|
A vulnerability involving environment variables and setuid/setgid programs exists on all Sun architectures running SunOS 4.0 and higher. The advisory details how to obtain patches for SunOS programs which are known to be impacted by the vulnerability. The advisory contains a workaround to protect vulnerable binaries for which patches are unavailable for your SunOS version, or for local or third party software which may be vulnerable.
| | File Size: | 7412 | | Last Modified: | Sep 14 07:47:06 1999 |
| MD5 Checksum: | 8ea3d36c1521d6b26a062f3a6b92b9fc |
|
| /// File Name: |
CA-92:10.AIX.crontab.vulnerability |
Description:
|
A vulnerability is present in crontab(1) in version 3.2 of AIX. This advisory describes how to implement a workaround for the problem until you obtain the patch for the problem from IBM.
| | File Size: | 4338 | | Last Modified: | Sep 14 07:47:05 1999 |
| MD5 Checksum: | 335bf294534951568df4599aab18d309 |
|
| /// File Name: |
CA-92:09.AIX.anonymous.ftp.vulnerab..> |
Description:
|
A vulnerability is present in the anonymous FTP configuration in all versions of AIX. The advisory describes how to obtain a patch for the problem from IBM.
| | File Size: | 3648 | | Last Modified: | Sep 14 07:47:04 1999 |
| MD5 Checksum: | c327e23425406aeb8d6ff31645700f69 |
|
| /// File Name: |
CA-92:08.SGI.lp.vulnerability |
Description:
|
A vulnerability is present in the default configuration of the lp software in Silicon Graphics Computer Systems (SGI) IRIX operating systems. This vulnerability is present in all versions of IRIX, prior to IRIX 4.0.5. The advisory describes how to reconfigure the lp software in order to eliminate this vulnerability.
| | File Size: | 3993 | | Last Modified: | Sep 14 07:47:04 1999 |
| MD5 Checksum: | 3055eb9fbbc387504330f7387dac02cc |
|
| /// File Name: |
CA-92:07.AIX.passwd.vulnerability |
Description:
|
A vulnerability is present in the passwd command in AIX 3.2 and the 2007 update of AIX 3.1. The advisory describes how to disable the /bin/passwd until you obtain and install the patch for the problem from IBM.
| | File Size: | 4128 | | Last Modified: | Sep 14 07:47:03 1999 |
| MD5 Checksum: | 699527f4dfef4f1c7f2da802c4f5ffb5 |
|
| /// File Name: |
CA-92:06.AIX.uucp.vulnerability |
Description:
|
A vulnerability is present in the UUCP software in versions of AIX up to 2007. The advisory describes how to disable UUCP and details how to obtain a patch for the problem from IBM.
| | File Size: | 3407 | | Last Modified: | Sep 14 07:47:02 1999 |
| MD5 Checksum: | 09ca47688a4d9eb08ddd5bbb96a6c363 |
|
| /// File Name: |
CA-92:05.AIX.REXD.Daemon.vulnerabil..> |
Description:
|
The rexd daemon may be enabled by default in versions 3.1 and 3.2 of AIX for IBM RS/6000 machines. The advisory describes a fix for the problem and details how to obtain a patch for the problem from IBM.
| | File Size: | 3734 | | Last Modified: | Sep 14 07:47:02 1999 |
| MD5 Checksum: | 12755620942eeeceebec51a51a8de967 |
|
| /// File Name: |
CA-92:04.ATT.rexecd.vulnerability |
Description:
|
A vulnerability is present in AT&T TCP/IP Release 4.0 running on SVR4 systems for both the 386/486 and 3B2 RISC platforms. The problem is in the remote execution server /usr/etc/rexecd and a new version of rexecd is available from AT&T.
| | File Size: | 4160 | | Last Modified: | Sep 14 07:47:01 1999 |
| MD5 Checksum: | d3ba20fb3622c0b329d3551682a0bfd1 |
|
| /// File Name: |
CA-92:03.Internet.Intruder.Activity |
Description:
|
Warning about a significant intrusion incident on the Internet. Urges all system administrators to check their systems for the signs of intrusion detailed in the advisory.
| | File Size: | 4808 | | Last Modified: | Sep 14 07:47:00 1999 |
| MD5 Checksum: | aed2c9a7f52dca2f388de4582470f102 |
|
| /// File Name: |
CA-92:02.Michelangelo.PC.virus.warn..> |
Description:
|
This advisory warns users of a PC virus called Michelangelo. The virus affects IBM PCs and compatibles, and has a trigger date of March 6 (any year).
| | File Size: | 5719 | | Last Modified: | Sep 14 07:47:00 1999 |
| MD5 Checksum: | 42f14a4d7387164ff33aa4c3334d84a9 |
|
| /// File Name: |
CA-92:01.NeXTstep.configuration.vul..> |
Description:
|
A vulnerability is present in the default configuration in release 2 of NeXTstep's NetInfo. The advisory indicates where a description of how to configure NetInfo correctly can be obtained.
| | File Size: | 3414 | | Last Modified: | Sep 14 07:46:59 1999 |
| MD5 Checksum: | 24df072134fc112a28ee5f133caebabe |
|
| /// File Name: |
CA-91:23.Apollo.crp.vulnerability |
Description:
|
A vulnerability is present in the crp system in Hewlett Packard/Apollo Domain/OS in all SR10 versions. A workaround is available and patches for SR10.3 and SR10.4 will be available from Apollo at a future date.
| | File Size: | 5140 | | Last Modified: | Sep 14 07:46:58 1999 |
| MD5 Checksum: | 8a08af13633b5e958fbd15101055ab15 |
|
| /// File Name: |
CA-91:21.SunOS.NFS.Jumbo.and.fsiran..> |
Description:
|
Vulnerabilities concerning Sun Microsystems, Inc. (Sun) Network File System (NFS) and the fsirand program. These vulnerabilities affect SunOS versions 4.1.1, 4.1, and 4.0.3 on all architectures. Patches are available for SunOS 4.1.1. An initial patch for SunOS 4.1 NFS is also available. Sun will be providing complete patches for SunOS 4.1 and SunOS 4.0.3 at a later date.
| | File Size: | 6484 | | Last Modified: | Sep 14 07:46:58 1999 |
| MD5 Checksum: | f8a94d6d2ba0b73dc3269d4943173128 |
|
| /// File Name: |
CA-91:19.AIX.TFTP.Daemon.vulnerabil..> |
Description:
|
Vulnerability in the TFTP daemon in all versions of AIX for IBM RS/6000 machines. Patch available from IBM for all AIX releases from "GOLD" to the current release.
| | File Size: | 5281 | | Last Modified: | Sep 14 07:46:57 1999 |
| MD5 Checksum: | 4eb2169bdaecc0d5ebdb7353a9ae220b |
|
| /// File Name: |
CA-91:18.Active.Internet.tftp.Attac..> |
Description:
|
Warning about automated tftp probes for /etc/passwd to Internet sites throughout the world. Urges all sites to carefully check their system configurations concerning tftp usage. Indicates how sites can secure their tftp configurations.
| | File Size: | 4255 | | Last Modified: | Sep 14 07:46:56 1999 |
| MD5 Checksum: | 33db6d41d145512cc32c60917dcb7deb |
|
| /// File Name: |
CA-91:17.DECnet-Internet.Gateway.vu..> |
Description:
|
Vulnerability in Ultrix DECnet to Internet gateway software. This advisory details a workaround. The vulnerability affects Ultrix versions 4.0, 4.1, and 4.2.
| | File Size: | 3905 | | Last Modified: | Sep 14 07:46:55 1999 |
| MD5 Checksum: | 5a12a141a9d10c63766a1bd28197ba08 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
