Weekly Vulnerabilities Reports > December 10 to 16, 2001
Overview
18 new vulnerabilities reported during this period, including 1 critical vulnerabilities and 7 high severity vulnerabilities. This weekly summary report vulnerabilities in 23 products from 17 vendors including Microsoft, IBM, HP, Citrix, and Zyxel. Vulnerabilities are notably categorized as .
- 12 reported vulnerabilities are remotely exploitables.
- 18 reported vulnerabilities are exploitable by an anonymous user.
- Microsoft has the most reported vulnerabilities, with 3 reported vulnerabilities.
- IBM has the most reported critical vulnerabilities, with 1 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
1 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2001-12-12 | CVE-2001-0797 | SGI HP IBM SCO SUN | Buffer Overflow vulnerability in Multiple Vendor System V Derived 'login' Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin. | 10.0 |
7 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2001-12-15 | CVE-2001-1214 | Marcus S Xenakis | Unspecified vulnerability in Marcus S. Xenakis Unix Manual 1.0 manual.php in Marcus S. | 7.5 |
2001-12-15 | CVE-2001-1195 | Novell | Authentication vulnerability in Novell Groupwise Servlet Gateway Default Novell Groupwise 5.5 and 6.0 Servlet Gateway is installed with a default username and password for the servlet manager, which allows remote attackers to gain privileges. | 7.5 |
2001-12-14 | CVE-2001-0727 | Microsoft | Unspecified vulnerability in Microsoft Internet Explorer 5.5/6.0 Internet Explorer 6.0 allows remote attackers to execute arbitrary code by modifying the Content-Disposition and Content-Type header fields in a way that causes Internet Explorer to believe that the file is safe to open without prompting the user, aka the "File Execution Vulnerability." | 7.5 |
2001-12-13 | CVE-2001-1192 | Citrix | Unspecified vulnerability in Citrix ICA Client 6.1 Citrix Independent Computing Architecture (ICA) Client for Windows 6.1 allows remote malicious web sites to execute arbitrary code via a .ICA file, which is downloaded and automatically executed by the client. | 7.5 |
2001-12-11 | CVE-2001-1188 | Brian Dorricott | Unspecified vulnerability in Brian Dorricott Mailto 1.0.7/1.0.8/1.0.9 mailto.exe in Brian Dorricott MAILTO 1.0.9 and earlier allows remote attackers to send SPAM e-mail through remote servers by modifying the sendto, email, server, subject, and resulturl hidden form fields. | 7.5 |
2001-12-11 | CVE-2001-1187 | Mutasem Abudahab | Remote Arbitrary Command Execution vulnerability in Mutasem Abudahab Csvform and Csvform Plus csvform.pl 0.1 allows remote attackers to execute arbitrary commands via metacharacters in the file parameter. | 7.5 |
2001-12-15 | CVE-2001-1198 | HP | Unspecified vulnerability in HP Hp-Ux RLPDaemon in HP-UX 10.20 and 11.0 allows local users to overwrite arbitrary files and gain privileges by specifying the target file in the -L option. | 7.2 |
9 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2001-12-10 | CVE-2001-1185 | Freebsd | Unspecified vulnerability in Freebsd 4.4 Some AIO operations in FreeBSD 4.4 may be delayed until after a call to execve, which could allow a local user to overwrite memory of the new process and gain privileges. | 6.2 |
2001-12-14 | CVE-2001-1194 | Zyxel | Remote Denial Of Service vulnerability in Zyxel Prestige 1600 and Prestige 681 Zyxel Prestige 681 and 1600 SDSL Routers allow remote attackers to cause a denial of service via malformed packets with (1) an IP length less than actual packet size, or (2) fragmented packets whose size exceeds 64 kilobytes after reassembly. | 5.0 |
2001-12-13 | CVE-2001-1193 | Khamil Landross AND Zack Jones | Directory Traversal vulnerability in Khamil Landross and Zack Jones Eftp 2.0.8.346 Directory traversal vulnerability in EFTP 2.0.8.346 allows local users to read directories via a ... | 5.0 |
2001-12-13 | CVE-2001-0874 | Microsoft | Unspecified vulnerability in Microsoft Internet Explorer 5.5/6.0 Internet Explorer 5.5 and 6.0 allow remote attackers to read certain files via HTML that passes information from a frame in the client's domain to a frame in the web site's domain, a variant of the "Frame Domain Verification" vulnerability. | 5.0 |
2001-12-11 | CVE-2001-1191 | IBM | Denial Of Service vulnerability in IBM Tivoli Secureway Policy Director 3.8 WebSeal in IBM Tivoli SecureWay Policy Director 3.8 allows remote attackers to cause a denial of service (crash) via a URL that ends in %2e. | 5.0 |
2001-12-11 | CVE-2001-1186 | Microsoft | Unspecified vulnerability in Microsoft Internet Information Services 5.0 Microsoft IIS 5.0 allows remote attackers to cause a denial of service via an HTTP request with a content-length value that is larger than the size of the request, which prevents IIS from timing out the connection. | 5.0 |
2001-12-14 | CVE-2001-1197 | KDE | Unspecified vulnerability in KDE Kdeutils 2.2/2.2.2 klprfax_filter in KDE2 KDEUtils allows local users to overwrite arbitrary files via a symlink attack on the klprfax.filter temporary file. | 4.6 |
2001-12-13 | CVE-2001-1189 | IBM | Unspecified vulnerability in IBM Websphere Application Server IBM Websphere Application Server 3.5.3 and earlier stores a password in cleartext in the sas.server.props file, which allows local users to obtain the passwords via a JSP script. | 4.6 |
2001-12-12 | CVE-2001-1190 | Mandrakesoft | Unspecified vulnerability in Mandrakesoft Mandrake Linux 8.1 The default PAM files included with passwd in Mandrake Linux 8.1 do not support MD5 passwords, which could result in a lower level of password security than intended. | 4.6 |
1 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2001-12-11 | CVE-2001-0890 | Sane | Unspecified vulnerability in Sane Certain backend drivers in the SANE library 1.0.3 and earlier, as used in frontend software such as XSane, allows local users to modify files via a symlink attack on temporary files. | 2.1 |