SecurityFocus.com Newsletter #116 2001-10-20->2001-10-24

To: bugtraq-jp@securityfocus.com
Subject: SecurityFocus.com Newsletter #116 2001-10-20->2001-10-24
From: KAGEYAMA Tetsuya <t.kageym@lac.co.jp>
Date: Mon, 05 Nov 2001 13:06:45 +0900
Delivered-To: mailing list bugtraq-jp@securityfocus.com
Delivered-To: moderator for bugtraq-jp@securityfocus.com
List-Help: <mailto:bugtraq-jp-help@securityfocus.com>
List-Id: <bugtraq-jp.list-id.securityfocus.com>
List-Post: <mailto:bugtraq-jp@securityfocus.com>
List-Subscribe: <mailto:bugtraq-jp-subscribe@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-jp-unsubscribe@securityfocus.com>
Mailing-List: contact bugtraq-jp-help@securityfocus.com; run by ezmlm
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

$B1F;3(B@$B%i%C%/$G$9!#(B

SecurityFocus.com Newsletter $BBh(B 116 $B9f$NOBLu$r$*FO$1$7$^$9!#(B
$BLu$N$J$$9`L\$K$D$$$F$O!VF|K\8lLu$J$7!W$H$7$F6hJL$7$F$"$j$^$9!#(B

- ---------------------------------------------------------------------------
SecurityFocus.com Newsletter $B$K4X$9$k(BFAQ:
http://www.securityfocus.com/popups/forums/securityfocusnews/intro.shtml
BugTraq-JP $B$K4X$9$k(B FAQ:
http://www.securityfocus.com/popups/forums/bugtraq-jp/faq.shtml
- ---------------------------------------------------------------------------
$B0zMQ$K4X$9$kHw9M(B:
$B!&$3$NOBLu$O(B Security-Focus.com $B$N5v2D$r3t<02qe$G9T$o(B
  $B$l$F$$$^$9!#(B
$B!&(BSecurityFocus.com Newsletter $B$NOBLu$r(B Netnews, Mailinglist,
  World Wide Web, $B=q@R(B, $B$=$NB>$N5-O?G^BN$G0zMQ$5$l$k>l9g$K$O%a!<%k$N(B
  $BA4J80zMQ$r$*4j$$$7$^$9!#(B
$B!&F|K\8lHG%K%e!<%9%l%?!<(B 1 $B9f$+$i(B 3 $B9f$^$G$K$O$3$NHw9M$,IU$$$F$$$^$;(B
  $B$s$,=`MQ$9$k$b$N$H$7$^$9!#(B
$B!&$^$?!"(BSecurity-Focus.com $BDs6!$N(B BugTraq-JP $B%"!<%+%$%V(B [*1] $B$X$N$$$+(B
  $B$J$k7A<0$N%O%$%Q!<%j%s%/$b>e5-$K=`$8$F$/$@$5$$!#(B
1) http://www.securityfocus.com/archive/79
- ---------------------------------------------------------------------------
- ---------------------------------------------------------------------------
$B$3$NOBLu$K4X$9$kHw9M(B:
$B!&$3$NOBLu$NE,MQ@.2L$K$D$$$F3t<02ql9g!"(BBUGTRAQ-JP $B$X(B Errata $B$H$7$F=$@5(B
  $BHG$r$4Ej9FD:$/$+!"Lul9g$K$O=$@5HG$r$G$-$k$@$1?WB.$KH/9T$7$^$9!#(B
- ---------------------------------------------------------------------------
- ---------------------------------------------------------------------------

Date: Mon, 29 Oct 2001 11:57:38 -0700 (MST)
Message-ID: <Pine.GSO.4.30.0110291156360.21965-100000@mail>

SecurityFocus Newsletter #116
- -----------------------------

This issue sponsored by: Pentasafe <http://www.pentasafe.com>

I. FRONT AND CENTER
     1. The Value of Honeypots, Part Two
     2. Preventing and Detecting Malware Installations on NT/2K
     3. Introduction to Security Policies, Part Four: A Sample Policy
     4. Homeland Cyber Security We Need a Czar, Not a Coordinator
II. BUGTRAQ SUMMARY
     1. Digex Looking Glass Perl Script Neighbor Information Gathering...
     2. Mountain Network Systems WebCart Command Execution Vulnerability
     3. Claris Emailer Buffer Overflow Vulnerability
     4. Network Query Tool Remote Command Execution Vulnerability
     5. Solaris in.fingerd Information Disclosure Vulnerability
     6. Lotus Notes Email Embedded Code Execution Vulnerability
     7. IEEE 802.11b Arp Cache Poisoning Man-in-the-Middle Vulnerability
     8. RSA SecurID WebID Unicode Directory Traversal Vulnerability
     9. RSA SecurID WebID Debug Mode Information Disclosure Vulnerability
     10. Oracle Label Security Unauthorized Access Vulnerability
     11. SGI IRIX IGMP Multicast Packet Denial of Service Vulnerability
     12. HP Secure OS Software for Linux Filesystem Protection...
     13. Check Point VPN-1 SecuRemote Username Acknowledgement...
     14. 6Tunnel Connection Close State Denial of Service Vulnerability
III. SECURITYFOCUS NEWS ARTICLES
     1. Linux Update withholds Security Details
     2. Senate Passes Surveillance Bill
     3. 'Millionaire' Hacker Nearly Bankrupt -- Report
     4. DoS attacks getting scarier
     5.Security in an Open Electronic Society
IV.SECURITYFOCUS TOP 6 TOOLS
     1. Firewall Monitor v1.0.7
     2. MailScanner v2.54-1
     3. Samhain v1.2.10
     4. Devil-Linux v0.5b1
     5. rcf v5.2
     6. IPtables Firewall Webmin Module 0.88.1 ALPHA


I. FRONT AND CENTER($BF|K\8lLu$J$7(B)
- ---------------------------------

II. BUGTRAQ SUMMARY
- -------------------
1. Digex Looking Glass Perl Script Neighbor Information Gathering Vulnerability
BugTraq ID: 3448
$B%j%b!<%H$+$i$N:F8=@-(B: $BL$>\(B
$B8x3+F|(B: Oct 19 2001 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3448
$B$^$H$a(B:

Looking Glass $B$O(B Digex $B$K$h$C$FG[I[$5$l$F$$$k(B Perl $B$G5-=R$5$l$?%9%/%j%W(B
$B%H$G$"$k!#$3$N%=%U%H%&%'%"$O%[%9%H72$rAm3g$9$k%M%C%H%o!<%/E}7W>pJs$rDs(B
$B6!$G$-$kMM$K@_7W$5$l$F$$$k!#(B

$B$3$N%=%U%H%&%'%"$O%f!<%6$,=EMW$J>pJs$rF~7$/2DG=@-$,$"$k!#$3$NLdBj(B
$B$O%9%/%j%W%H$,FCDj$NJ8;zNs$N=hM}$r5v$7$F$7$^$&$?$a$KH/@8$9$k!#(B

$BF~NO$5$l$?CM$KBP$9$kBEEv@-$N3NG'$,IT==J,$G$"$k$?$a!"%9%/%j%W%H$rDL$8$F(B
$BFCJL$K=hM}$5$l$kJ8;zNs$r=hM}$5$;$k;v$,2DG=$G$"$k!#$3$N$?$a!"A4$F$N%[%9(B
$B%H$N%m!<%+%k4D6-$+$i$N%7%9%F%`>pJs$N%/%(%j$,2DG=$J$N$G$"$k!#$3$NpJs$d$=$NB>$N>pJs$NF~2. Mountain Network Systems WebCart Command Execution Vulnerability
BugTraq ID: 3453
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8x3+F|(B: Oct 19 2001 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3453
$B$^$H$a(B:

Mountain Network Systems WebCart $B$O(B CGI $B$rMxMQ$9$k%*%s%i%$%s%7%g%C%T%s(B
$B%05!G=$rDs6!$9$k%=%U%H%&%'%"%Q%C%1!<%8$G$"$k!#$3$N%=%U%H%&%'%"$K4^$^$l(B
$B$k(B webcart.cgi $B$K$h$C$F!"%j%b!<%H$N%f!<%6$OG$0U$N%7%'%k%3%^%s%I$r%9%/%j(B
$B%W%H7PM3$Gl9g!"(Broot $B8"8B$NC%3. Claris Emailer Buffer Overflow Vulnerability
BugTraq ID: 3454
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8x3+F|(B: Oct 19 2001 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3454
$B$^$H$a(B:

Claris Emailer $B$O(B Claris $B$K$h$jDs6!$5$l$F$$$kEE;R%a!<%k%/%i%$%"%s%H$G$"(B
$B$k!#(B

$B$3$N%=%U%H%&%'%"$O%"%W%j%1!<%7%g%s$N1~Ez$rDd;_2DG=$JLdBj$rJz$($F$$$k!#(B

$B$3$N%=%U%H%&%'%"$ODL>o$"$jF@$J$$D9$$%U%!%$%kL>$N$r;}$DE:IU%U%!%$%k$r4^$`EE;R%a!<%k$roF0:n$X$NI|5l$O%"%W%j%1!<%7%g%s$N:F5/F0$,I,MW$G$"$k!#(B

$B$3$NLdBj$OL$%A%'%C%/$N%P%C%U%!$,B8:_$9$k$?$a$K@8$8$k$HA[Dj$5$l$k!#$b$7!"(B
$B$=$&$G$"$k>l9g!"LdBj$rJz$($k%=%U%H%&%'%"$re$GG$0U$N(B
$B%3!<%I$,u67$,$b$?$i$5$l$k2DG=@-$,$"$k!#$7$+$7!"%3!<%I$,Z$O9T$o$l$F$$$J$$!#(B

4. Network Query Tool Remote Command Execution Vulnerability
BugTraq ID: 3455
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8x3+F|(B: Oct 22 2001 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3455
$B$^$H$a(B:

Network Query Tool $B$O(B PHP $B$rMxMQ$7$F:n@.$5$l$?!"%f!<%6$K;XDj$5$l$?%I%a(B
$B%$%s!"(BIP $B%"%I%l%9$K4X$9$kMM!9$J>pJs!"Nc$($P(B DNS $B;2>H$d(B traceroute $B$N7k(B
$B2LEy$r<}=82DG=$J%D!<%k$G$"$k!#$7$+$7!"$3$N%D!<%k$K$O%j%b!<%H$N%f!<%6$,(B
$B%9%/%j%W%H$K$h$C$FN$9$k%Q%i%a!<%?$rl9g!"(Broot $B8"8B$NC%5. Solaris in.fingerd Information Disclosure Vulnerability
BugTraq ID: 3457
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8x3+F|(B: Oct 22 2001 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3457
$B$^$H$a(B:

Solaris $B$KF1:0$5$l$F$$$k(B fingerd $B$O%j%b!<%H$N967bpJs$r(B
$BO31L$7$F$7$^$&LdBj$rJz$($F$$$k5?$$$,$"$k!#$3$l$O%j%b!<%H$N%[%9%H>e$KB8(B
$B:_$7$F$$$k40A4$JA4$F$N%"%+%&%s%H0lMw$r3+<(2DG=$J%j%/%(%9%H$r:n@.$9$k;v(B
$B$,2DG=$G$"$k$?$a$G$"$k!#(B

$B0J2<$N7A<0$G%j%/%(%9%H$r(B fingerd $B$KM?$($?>l9g!"%f!<%6$N0lMw$O40A4$K3+<((B
$B$5$l$F$7$^$&$N$G$"$k!#(B

finger 'a b c d e f g h'@sunhost

$B3+<($K$h$C$FF~pJs$O!"0J8e967bBP>]$N%[%9%H$KBP$7$F9T$o$l$k!VCN(B
$B7C$rMxMQ$9$k!W967b$KMxMQ$5$l$k;v$,?dB,$5$l$k!#Nc$($P!"967b](B
$B$N%[%9%H$XAmEv$j967b$r;n$_$k$G$"$m$&!#(B

6. Lotus Notes Email Embedded Code Execution Vulnerability
BugTraq ID: 3458
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8x3+F|(B: Oct 22 2001 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3458
$B$^$H$a(B:

Lotus Notes $B$N%f!<%6$rA@$C$FH/Aw$5$l$?EE;R%a!<%k%a%C%;!<%8$KE:IU$5$l$F(B
$B$$$k(B Lotus Notes $B%*%V%8%'%/%H$K4^$^$l$k0-0U$"$k%3!<%I$r!"%j%b!<%H$N967b(B
$BH$9$k;v$K$h$j!"%3!<%I$Ol9g!"%*%V%8%'%/%H$N%W%m%Q%F%#$O!VJ8=q$,FI$_=P$5(B
$B$l$k:]$K%*%V%8%'%/%H$ruBV$KI,$:JQ99$5$l$F$7$^$&$N(B
$B$G$"$k!#$3$N>uBV$rF3$/;v$,2DG=$J>r7o$N85$G!"967b]$Ne$G967b$`=hM}Fb$K4^$^$l$kI,MW(B
$B$,$"$j!"$3$N967b$O967bl9g!"$=$NEE(B
$B;R%a!<%k%a%C%;!<%8$r;2>H!"$"$k$$$O%W%l%S%e!<%Z!<%s$+$i%a%C%;!<%8$r1\Mw(B
$B$9$kl9g!"967bBP>]$N%3%s%T%e!<%?A4BN$KBP$9(B
$B$k%;%-%e%j%F%#>e$N6<0R$r>7$/7k2L$H$J$k!#(B

7. IEEE 802.11b Arp Cache Poisoning Man-in-the-Middle Vulnerability
BugTraq ID: 3460
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8x3+F|(B: Oct 22 2001 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3460
$B$^$H$a(B:

802.11b $B$O(B IEEE $B$K$h$C$F5,3J$,8x3+$5$l$F$$$kL5@~$rMxMQ$7$?DL?.$r9T$&$?(B
$B$a$N%W%m%H%3%k$G$"$k!#(B

$BI8=`$K1h$C$?Aw$7$F$$$k!#(B

$B$3$N>r7o2<$K$*$$$F$O!"MM!9$J56$N(B ARP $B>pJs$r:n@.2DG=$J%D!<%k$N$$$:$l$+(B
$B$NMxMQ!"$"$k$$$OAw$rMxMQ$7$F!"L5@~%M%C%H%o!<%/Fb$N%7%9%F%`$*$h$SM-@~%M%C%H%o!<%/(B
$BFb$N%7%9%F%`$NN>J}$+$i!"$"$k%k!<%?J}8~$d%k!<%?<+?H$X$N%H%i%U%#%C%/$r4^(B
$B$`%H%i%U%#%C%/$rJL$NJ}8~$K8~$1$k;v$,2DG=$J$N$G$"$k!#(B

$B$3$NLdBj$O%m!<%+%k$N%M%C%H%o!<%/!"$"$k$$$O%V%m!<%I%-%c%9%HHO0O$K$*$$$F(B
$B$N$_L@NF$J1F6A$r5Z$\$9;v$,A[Dj$5$l$k!#(BARP $B%H%i%U%#%C%/$O%k!<%?$r2p$7$F(B
$B$OE>Aw$5$l$J$$$N$G$"$k(B($B$J$*!"$3$l$O%H%s%M%j%s%0$5$l$?(B ARP $B%H%i%U%#%C%/(B
$B$r%M%C%H%o!<%/Fb$N0lIt$KN.F~2DG=$JMM$K!"(BARP $B%j%/%(%9%H$r%H%s%M%j%s%0$r(B
$B9T$C$FMxMQ$9$k$?$a$K@_Dj$5$l$?Nc30$r=|$/(B)$B!#(B

8. RSA SecurID WebID Unicode Directory Traversal Vulnerability
BugTraq ID: 3461
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8x3+F|(B: Oct 22 2001 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3461
$B$^$H$a(B:

RSA SecurID $B$O%[%9%HFb$N;q8;$X$NIT@5%"%/%;%9$r@)8B$9$k$?$a$N%m!<%+%k$"(B
$B$k$$$O%j%b!<%H$+$i$NG'>Z&MQ@=IJ$G$"$k!#(B

$B$3$N%=%U%H%&%'%"$OL$G'>Z$N%f!<%6$,967bBP>]$N%[%9%HFb$KB8:_$9$k4{CN$N%U%!(B
$B%$%k$X%"%/%;%92DG=$G$"$kLdBj$rJz$($F$$$k!#$3$NLdBj$O$3$N%=%U%H%&%'%"$,(B
$BMxMQ$9$k(B C $B%i%$%V%i%j$,(B Unicode $B$GId9f2=$5$l$?J8;z$r]$N4{CN$N%U%!%$%k$NL>>N$r(B URL $B$KIi2Y$7$F$*$+$M$P$J$i$J$$!#(B
$B$3$N!"FCJL$KAH$_N)$F$i$l$?(B URL $B$NKvHx$K(B ? $B$rDI2C$9$k;v$G!"967bBP>]$,%j(B
$B%/%(%9%H$r3N$+$KZ%Z!<(B
$B%8$GMxMQ$9$k;v$K$h$j!"G'>Z%Z!<%8$r1*2s$7$?=hM}$r9T$($kE@$OCm5-$5$l$M$P(B
$B$J$i$J$$!#(B

$B$3$NLdBj$rMxMQ$9$k967b$,@.8y$7$?>l9g!"IT@5$J%"%/%;%9$r9T$&%f!<%6$O4{CN(B
$B$N$I$N$h$&$J%U%!%$%k$KBP$7$F$G$b%"%/%;%92DG=$G$"$k!#$3$N967b$K$h$j=EMW(B
$B$J>pJs$,3+<($5$l$?>l9g!"0J8e$N!VCN7C$rMxMQ$9$k!W967b$r>7$/;v$,A[Dj$5$l(B
$B$k!#(B

9. RSA SecurID WebID Debug Mode Information Disclosure Vulnerability
BugTraq ID: 3462
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8x3+F|(B: Oct 19 2001 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3462
$B$^$H$a(B:

RSA SecurID $B$O%[%9%HFb$N;q8;$X$NIT@5%"%/%;%9$r@)8B$9$k$?$a$N%m!<%+%k$"(B
$B$k$$$O%j%b!<%H$+$i$NG'>Z&MQ@=IJ$G$"$k!#(B
$B$3$N@=IJ72$N(B1$B$D$G$"$k(B WebID $B$O(B Web $B$r2p$9$kG'>Z]$N%[%9%H$K4X$9$k>pJs$r3+<($9(B
$B$k;v$,?dDj$5$l$kF~NO$NBEEv@-3NG'$rBU$C$F$$$k5?$$$,$"$k!#(B
$B$3$N%=%U%H%&%'%"$O%/%C%-!<$rMxMQ$7$?G'>Z$r9T$&:]!"%G%#%l%/%H%jL>$K0MB8(B
$B$7$F$$$k!#(BHTTP $B%j%/%(%9%HFb$N%G%#%l%/%H%jL>Fb$K(B null (%00) $B$,4^$^$l$FAw(B
$B$i$l$?>l9g!"(BSecurID WebID $B$O%G%P%C%0%b!<%I$K@Z$jBX$o$j!"%/%C%-!<$rMxMQ(B
$B$9$kG'>Z5!9=$NF0:n$rAK32$7$F$7$^$&$N$G$"$k!#(B

$B0J2<$O$3$N%=%U%H%&%'%"$r%G%P%C%0%b!<%I$K@Z$jBX$(2DG=$J(B HTTP $B%j%/%(%9%H(B
$B$NNc$G$"$k!#(B

https://server/%00WebID/sdiis.dll

null $B$O967b$N0U?^$r0J$C$FAH$_N)$F$i$l$k(B URL $BFb$N:G=i$N%G%#%l%/%H%j$NA0(B
$BItJ,$K4^$^$l$F$$$J$1$l$P$J$i$J$$!#(B
$B$3$NLdBj$rMxMQ$9$k967b$N7k2L!"B>$N%W%m%0%i%`$NF0:n$,AK32$5$l$k;v$,A[Dj(B
$B$5$l!"%j%b!<%H$N967bpJs<}=8$r9T$&;v$,2DG=$G$"$k!#(B

10. Oracle Label Security Unauthorized Access Vulnerability
BugTraq ID: 3465
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8x3+F|(B: Oct 23 2001 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3465
$B$^$H$a(B:

Oracle Label Security $B$O(B Oracle Enterprise Database $B8~$1$N%;%-%e%j%F%#(B
$B%"%W%j%1!<%7%g%s$G$"$k!#$3$N%=%U%H%&%'%"$O%0%i%U%#%+%k%f!<%6%$%s%?%U%'!<(B
$B%9$rDs6!$7!"%F!<%V%k$d%9%-!<%^%l%Y%k$G$N%;%-%e%j%F%#$r4IM}2DG=$G$"$k!#(B

$B$3$N%=%U%H%&%'%"$K$O0-0U$"$k%f!<%6$,%"%/%;%9@)8B$5$l$?%G!<%?$XIT@5%"%/(B
$B%;%9$r9T$&;v$,A[Dj$5$l$kLdBj$,B8:_$9$k!#(B

$B$3$NLdBj$O4F::5!G=(B SET_LABEL$B!"(BSQL*Predicate $B5!G=$KM3Mh$9$k$HCN$i$l$F$$(B
$B$k!#(B

$B$3$NLdBj$O(B Oracle Label Security $B$K$h$C$FDs6!$5$l$kIU2C%;%-%e%j%F%#%l%$(B
$B%d$KBP$7$F$N$_1F6A$r5Z$\$9!#$3$NLdBj$N7k2L!"%]%j%7$NE,MQ$N@5>oF0:n$OAK(B
$B32$5$l!"$3$NLdBj$rMxMQ$7$?967b$r@.8y$5$;$i$l$k0-0U$"$k%f!<%6$KBP$7!"=E(B
$BMW$J%G!<%?$,O31L$7$F$7$^$&;v$,A[Dj$5$l$k!#(B

11. SGI IRIX IGMP Multicast Packet Denial of Service Vulnerability
BugTraq ID: 3463
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8x3+F|(B: Oct 22 2001 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3463
$B$^$H$a(B:

IRIX $B$O(B SGI $B$K$h$C$FDs6!$5$l$F$$$k(B UNIX $B$+$iGI@8$7$?(B OS $B$G$"$k!#$3$N(B OS
$B$O(B SGI $B$+$iDs6!$5$l$F$$$k%7%9%F%`>e$GMxMQ$5$l$kMM$K@_7W$5$l$F$$$k!#(B

IRIX $B$NFCDj$N%P!<%8%g%s$K$O%j%b!<%H$N967boF0:n>uBV$X%7%9%F%`$O$7$J$$$HA[(B
$BDj$5$l$k!#DL>oF0:n$X$NI|5l$O]HO0O30$G$"$k$?$a!"%Q%C%A(B
$B$ODs6!$5$l$F$$$J$$$H9M$($i$l$k!#(B

12. HP Secure OS Software for Linux Filesystem Protection Vulnerability
BugTraq ID: 3468
$B%j%b!<%H$+$i$N:F8=@-(B: $BL$>\(B
$B8x3+F|(B: Oct 23 2001 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3468
$B$^$H$a(B:

HP Secure OS Software for Linux $B$O(B Linux $B$X$NMM!9$J%;%-%e%j%F%#5!G=$r3H(B
$BD%$9$k0lO"$N%=%U%H%&%'%"72$H%+!<%M%k$NJQ99J,$+$i$J$k%Q%C%1!<%8$G$"$j!"(B
$B%Q%C%1!<%8$K$O3HD%$5$l$?%U%!%$%k%7%9%F%`$N@)8f5!9=$b4^$^$l$F$$$k!#(B

$B$3$N%=%U%H%&%'%"$N%P!<%8%g%s(B 1.0 $B$K$O$$$/$D$+$N%U%!%$%k$N%f!<%68"8B$r!"(B
$B%U%!%$%k%7%9%F%`$X$NJ]8n%k!<%k$H$7$F5,Dj$5$l$?@)Ls$r$5$i$K>e=q$-2DG=$K(B
$B$9$k$HA[Dj$5$l$kLdBj$,B8:_$7$F$$$k!#(B

$B$3$NLdBj$K$h$j%U%!%$%k%7%9%F%`$X$NJ]8n%k!<%kFb$G!"IT2D;kB0@-$H$7$F@_Dj(B
$B$5$l$?%U%!%$%k$X$N%f!<%6$+$i$N%"%/%;%9$r2DG=$K$9$k$H9M$($i$l$k!#(B

13. Check Point VPN-1 SecuRemote Username Acknowledgement Vulnerability
BugTraq ID: 3470
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8x3+F|(B: Oct 23 2001 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3470
$B$^$H$a(B:

VPN-1 $B$O(B Check Point $B$K$h$jDs6!$5$l!"J]>p(B
$BJs3+<($,@8$8$kE@$N1F6A$rl9g$,A[(B
$BDj$5$l$k:]!"$3$N>u67$r%f!<%6$H(B VPN-1 $B$GHkF?$5$l$?4D6-4V$G%M%C%H%o!<%/Fb(B
$B$KB8:_$9$kA4$F$N>pJs$rF~$,O31L$7$F$7$^$&$N$G$"$k!#$3$N%=%U%H%&%'%"$r2p$7$F(B
VPN-1 $B$rMxMQ$7$?%7%9%F%`$X%f!<%6$,@5Ev$J%f!<%6L>$HIT@5$J%Q%9%o!<%I$rMx(B
$BMQ$7$F@\B3$r;n$_$k:]!"%"%/%;%95qH]$r<($9%(%i!<%a%C%;!<%8$,JV$5$l$k$N$G(B
$B$"$k!#$7$+$7!"%f!<%6$,IT$J%f!<%6L>$rMxMQ$9$k:]$K$O%f!<%6L>$,ITL@$G$"$k(B
$B$H$N>uBV$r<($9%(%i!<%a%C%;!<%8$,JV$5$l$F$7$^$&$N$G$"$k!#(B

$B$3$NLdBj$O%j%b!<%H$+$i$N%5!<%PFb$N@5Ev$J%f!<%6L>$H%Q%9%o!<%I$rF~14. 6Tunnel Connection Close State Denial of Service Vulnerability
BugTraq ID: 3467
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Oct 23 2001 12:00A
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/3467
$B$^$H$a(B:

6tunnel $B$O(B IPv6 $B$KL$BP1~$N%[%9%H$K!"BP1~5!G=$rDI2C$9$k$?$a$K@_7W$5$l$?(B
$B%U%j!<$GMxMQ2DG=$G$"$j!"%*!<%W%s%=!<%9$N%=%U%H%&%'%"%Q%C%1!<%8$G$"$k!#(B
$B$3$N%=%U%H%&%'%"$O(B IPv6 $B%H%s%M%k$r@8@.$7F0:n$9$k!#(B

$B$3$N%=%U%H%&%'%"%Q%C%1!<%8$K$O!"$$$+$J$k%f!<%6$G$"$C$F$b!"$3$N%=%U%H%&%'(B
$B%"$rMxMQ$9$k@5Ev$J%f!<%6$rK8322DG=$JLdBj$,B8:_$9$k!#$3$l$O%W%m%0%i%`$N(B
$B%=%1%C%H$NuBV$K$J$j!"%?%$%`%"%&%H$;$:!"%=%1%C%H(B
$B%W!<%k$K$O7h$7$FLa$i$J$$$N$G$"$k!#$3$N$?$a!"BgNL$N%=%1%C%H(B ($B@53N$J?t$O(B
$BL$>\$G$"$k(B) $B$,(B CLOSE $B>uBV$K?d0\$7$?>l9g!"(B6tunnel $B$NF0:n$OIT0BDj$K$J$j(B
$B%/%i%C%7%e$7$F$7$^$&!#(B

$B$3$NLdBj$O!"%j%b!<%H$+$i$N967buBV$K?d0\$7$?%=%1%C%H$N%W!<%k$r@8@.$r2DG=$K(B
$B$7$F$7$^$&!#B?$/$N%Q%1%C%H$,$3$N%=%U%H%&%'%"$rMxMQ$7$F$$$k%[%9%H$XE~Ce(B
$B$9$k:]!"%5!<%S%9$O%/%i%C%7%e$7!"7k2L$H$7$F(B DoS $B>uBV$K4Y$k!#(B


III. SECURITYFOCUS.COM NEWS AND COMMENTARY
- ------------------------------------------
1. Linux Update withholds Security Details
$BCx\:Y$K$D$$$F8}$rSa$s$G$$$k!#(B

http://www.securityfocus.com/news/274

2. Senate Passes Surveillance Bill
$BCx$5$l$k$Y$/!"H?%F%mK!0F$,>e1!$rDL2a$7$?!#(B

http://www.securityfocus.com/news/273

3. 'Millionaire' Hacker Nearly Bankrupt
$BCxN$9$k(B Kim Schmitz $B$O!"(B
$BGK;:$NL\$NA0$@$H$N$3$H$G$"$k!#(B

http://www.securityfocus.com/news/272

4. DoS attacks getting scarier
$BCxe$KB8:_$9$k%k!<%?5!4o$O!"%M%C%H%o!<%/(B
$B$r2p$7$?(B DoS $B967b$r;E3]$1$h$&$H$9$k0-0U$"$k?/F~http://www.securityfocus.com/news/271

5. Security in an Open Electronic Society
$BCxpJs$r8x3+$7$J$$$3$H$,K|?M$N4m81$r7Z8:$9$k$H$$$&$3$H$,7+$j(B
$BJV$75DO@$NPY>e$K:\$;$i$l$F$$$k!#@h=5!"$3$N5DO@$r:FG3$5$;$?(B Microsoft $B$N(B
$B%;%-%e%j%F%#BP1~%;%s%?!<$N%^%M!<%8%c(B Scott Culp $B$O!"8=>u$rIA'$7!"9~$_9g$&1G2h4[$NCf$N!V2P;v!W(B
$B$K$J$>$i$($?!#(B

http://www.securityfocus.com/news/270

IV.SECURITY FOCUS TOP 6 TOOLS
- -----------------------------
1. Firewall Monitor v1.0.7
$B:nhttp://www.sourceforge.net/projects/firestorm-ids
$B%W%i%C%H%U%)!<%`(B: Linux
$B$^$H$a(B:

fwmon $B$O(B Linux $BMQ$N%U%!%$%d%&%)!<%k%b%K%?$G$9!#(Bipchains $B$KE}9g$5$l!"(B
$B%U%!%$%d%&%)!<%k$GH/@8$7$?%$%Y%s%H$r%j%"%k%?%$%`$GDLCN$7$^$9!#=@Fp$J%+(B
$B%9%?%^%$%:$,2DG=$G!"%Q%1%C%H$NE}7W!"(B16 $B?J%G!<%?!"%"%9%-!<%G!<%?$rI8=`=P(B
$BNO!"%m%0%U%!%$%k!"(Btcpdump $B7A<0$N%U%!%$%k$K=PNO$7$^$9!#30It$N%W%m%0%i%`(B
$B$K0MB8$;$:!"$3$N%=%U%H%&%'%"<+?H$G(B chroot $B$r9T$&5!G=!"Hs(B root $B4D6-$G$N(B
$BF0:n5!G=$J$I!"$$$/$D$+$N%7%s%W%k$J%;%-%e%j%F%#$N4QE@$G$NFCD9$rHw$($F$$(B
$B$^$9!#(B

2. MailScanner v2.54-1
$B:nhttp://www.sng.ecs.soton.ac.uk/mailscanner/downloads.shtml
$B%W%i%C%H%U%)!<%`(B: AIX$B!"(BFreeBSD$B!"(BHP-UX$B!"(BLinux$B!"(BNetBSD$B!"(BOpenBSD$B!"(BSunOS
$B$^$H$a(B:

MailScanner $B$O!"EE;R%a!<%k%&%$%k%9%9%-%c%J$G%9%Q%`%?%0IU$1%=%U%H(B ($BLuCm(B:
$B%9%Q%`%a!<%k$K0u$r$D$1$kLOMM(B) $B$G$9!#(Bsendmail$B$H(BExim MTA$B!"(BSophos$B$H(BMcAfee 
$B%"%s%A%&%#%k%9%9%-%c%J$r%5%]!<%H$7$^$9!#%$%s%9%H!<%k$9$k$N$,Hs>o$K4JC1(B
$B$G!"(Bsendmail.cf $B%U%!%$%k$rJQ99$9$kI,MW$O$"$j$^$;$s!#>/$J$$;q8;$GF0:n$9(B
$B$k$h$&$K@_7W$5$l$F$$$F!"9bIi2Y$KH<$&%a!<%k%7%9%F%`$NDd;_$r>7$/;v$O$"$j(B
$B$^$;$s!#(B

3. Samhain v1.2.10
$B:nhttp://la-samhna.de/samhain/
$B%W%i%C%H%U%)!<%`(B: AIX$B!"(BDigital UNIX/Alpha$B!"(BFreeBSD$B!"(BHP-UX$B!"(BLinux$B!"(BSolaris$B!"(B
Unixware
$B$^$H$a(B:

samhain $B$O%*%W%7%g%s5!G=$H$7$F%M%C%H%o!<%/$G@\B3$5$l$?%[%9%H$N=8Cf4F;k(B
$B$,9T$($k%/%i%$%"%s%H!"%5!<%P7?%"%W%j%1!<%7%g%s$H$7$FMxMQ2DG=$J!"%U%!%$(B
$B%k%7%9%F%`$N0l4S@-3NG'%D!<%k$G$9!#%G!<%?%Y!<%9$H@_Dj%U%!%$%k$O%5!<%PB&(B
$B$K3JG<$9$k;v$,2DG=$G$9!#G'>ZIU$-$N(B TCP/IP $B%3%M%/%7%g%s$rMxMQ$7$?%m%0%5!<(B
$B%P$X$N3NG'7k2L$NE>Aw5!G=$K2C$(!"B>$N$$$/$D$+$N%m%0:N4. Devil-Linux v0.5b1
$B:nhttp://www.devil-linux.org/download.htm
$B%W%i%C%H%U%)!<%`(B: Linux
$B$^$H$a(B:

Devil-Linux $B$O%U%!%$%d%&%)!<%k!"$"$k$$$O!"%k!<%?8~$1$KMxMQ$5$l$k$?$a$K(B
$BFC2=$7$?(B Linux $B$N%G%#%9%H%j%S%e!<%7%g%s$G$9!#(BDevil-Linux $B$N:G=*L\I8$O7Z(B
$BNL$G!"@_Dj2DG=$J!"%;%-%e%"$J(B Linux $B%7%9%F%`$rDs6!$9$k$3$H$K$"$j$^$9!#(B
$B@_Dj>pJs$O%U%m%C%T!<%G%#%9%/$KJ]B8$5$l!"$$$/$D$+$N%*%W%7%g%s%Q%C%1!<%8(B
$B$bHw$o$C$F$$$^$9!#(B

5. rcf v5.2
$B:nhttp://rcf.mvlan.net/
$B%W%i%C%H%U%)!<%`(B: Linux
$B$^$H$a(B:

rcf ($BJLL>(B rc.firewall) $B$O(B ipchains $B$rMxMQ$7$?%U%!%$%d%&%)!<%k$G!"(B50 $B$r(B
$BD6$($k%M%C%H%o!<%/%5!<%S%9%b%8%e!<%k(B (vtun$B!"(BDHCP$B!"(BNFS$B!"(BSMB$B!"(BNapster$B!"(B
$B%W%m%-%7!"%M%C%HBP@o%2!<%`$J$I(B)$B!"%^%9%+%l!<%G%#%s%0!"%]!<%H%U%)%o!<%G%#(B
$B%s%0!"(BIP $B%"%+%&%s%F%#%s%0$r%5%]!<%H$7$^$9!#$9$Y$F$N%5!<%S%9$O!"(Bipchains
$B$N%9%?%C%/$GM%@hIU$1$,$G$-$k$h$K!"<+8J407k$7$?%b%8%e!<%k$K$J$C$F$$$^$9!#(B
$B%9%W%U%#!<%s%0!"%9%?%C%U%I%k!<%F%#%s%0(B/$B%^%9%+%l!<%G%#%s%0!"(BDoS$B!"%9%^!<(B
$B%U967b!"30ItJ}8~$N%]!<%H%9%-%c%s$J$I$rKI8f$7$^$9!#$^$?!"(Brcf $B$O%Q%V%j%C(B
$B%/!"%W%i%$%Y!<%H!"(BDMZ$B!"(BMZ $B%$%s%?!<%U%'%$%9$H$=$l$>$l$N%5%V%M%C%H$r@)8B(B
$B$J$/!"%5%]!<%H$7$F$$$^$9!#%"%/%;%9%k!<%k$O%$%s%?!<%U%'%$%9$4$H!"(BDMZ/MZ
$B$N%5!<%P!V%/%i%9%?!W$4$H$KDj5A$5$l$^$9!#(Brcf $B$O(B Red Hat$B!"(BSlackware$B!"(B
Debian$B!"(BLinux Router Project (LRP)$B!"$=$NB>6. IPtables Firewall Webmin Module 0.88.1 ALPHA
$B:nhttp://www.niemueller.de/webmin/modules/iptables/
$B%W%i%C%H%U%)!<%`(B: Linux
$B$^$H$a(B:

IPtables Firewall Webmin Module $B$O!"(BWeb $B%$%s%?!<%U%'%$%9$r;HMQ$7$F(B 
Webmin $B$N$h$&$J8+$?L\$H;H$$$d$9$5$G(B iptables $B$rMxMQ$7$?%U%!%$%d%&%)!<%k(B
$B$r4IM}$9$k$3$H$,$,$G$-$^$9!#http://www.lac.co.jp/security/
-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Edition 5.5.5J
Comment: KAGEYAMA Tetsuya

iQA/AwUBO+WRmc32EXDdoEFfEQJGQQCeKw2mlJU8bg8I2Tos5LFFP2A83NwAn3vF
4xnpIFMHyQ37Ye5tKmaR4N+U
=UvAD
-----END PGP SIGNATURE-----