Weekly Vulnerabilities Reports > December 31, 2001 to January 6, 2002

Overview

8 new vulnerabilities reported during this period, including 2 critical vulnerabilities and 4 high severity vulnerabilities. This weekly summary report vulnerabilities in 14 products from 9 vendors including Microsoft, Openbsd, Symfony, Avaya, and Acme. Vulnerabilities are notably categorized as "Cleartext Storage of Sensitive Information", "Off-by-one Error", "NULL Pointer Dereference", "Inadequate Encryption Strength", and "Improper Preservation of Permissions".

  • 5 reported vulnerabilities are remotely exploitables.
  • 4 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 5 reported vulnerabilities are exploitable by an anonymous user.
  • Microsoft has the most reported vulnerabilities, with 1 reported vulnerabilities.
  • Acme has the most reported critical vulnerabilities, with 1 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

2 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2001-12-31 CVE-2001-1496 Acme Off-by-one Error vulnerability in Acme Thttpd

Off-by-one buffer overflow in Basic Authentication in Acme Labs thttpd 1.95 through 2.20 allows remote attackers to cause a denial of service and possibly execute arbitrary code.
9.8
2001-12-31 CVE-2001-1481 Xitami Cleartext Storage of Sensitive Information vulnerability in Xitami 2.4/2.5

Xitami 2.4 through 2.5 b4 stores the Administrator password in plaintext in the default.aut file, whose default permissions are world-readable, which allows remote attackers to gain privileges.
9.8

4 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2001-12-31 CVE-2001-1546 Mckesson Inadequate Encryption Strength vulnerability in Mckesson Pathways Homecare 6.5

Pathways Homecare 6.5 uses weak encryption for user names and passwords, which allows local users to gain privileges by recovering the passwords from the pwhc.ini file.
7.8
2001-12-31 CVE-2001-1537 Symfony Cleartext Storage of Sensitive Information vulnerability in Symfony Twig

The default "basic" security setting' in config.php for TWIG webmail 2.7.4 and earlier stores cleartext usernames and passwords in cookies, which could allow attackers to obtain authentication information and gain privileges.
7.5
2001-12-31 CVE-2001-1536 Audiogalaxy Cleartext Storage of Sensitive Information vulnerability in Audiogalaxy

Autogalaxy stores usernames and passwords in cleartext in cookies, which makes it easier for remote attackers to obtain authentication information and gain unauthorized access via sniffing or a cross-site scripting attack.
7.5
2001-12-31 CVE-2001-1515 Microsoft Improper Preservation of Permissions vulnerability in Microsoft Windows 2000

Macintosh clients, when using NT file system volumes on Windows 2000 SP1, create subdirectories and automatically modify the inherited NTFS permissions, which may cause the directories to have less restrictive permissions than intended.
7.5

2 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2001-12-31 CVE-2001-1559 Openbsd NULL Pointer Dereference vulnerability in Openbsd 2.9/3.0

The uipc system calls (uipc_syscalls.c) in OpenBSD 2.9 and 3.0 provide user mode return instead of versus rval kernel mode values to the fdrelease function, which allows local users to cause a denial of service and trigger a null dereference.
5.5
2001-12-31 CVE-2001-1494 Kernel
Avaya 		Link Following vulnerability in multiple products

script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command.
5.5

0 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS