Mailing-List: contact bugtraq-jp-help@securityfocus.com; run by ezmlm
Precedence: bulk
To: bugtraq-jp@securityfocus.com
Subject: SecurityFocus.com Newsletter #118 2001-11-05->2001-11-09
From: SAKAI Yoriyuki <sakai@lac.co.jp>
Message-Id: <200111132226.IIB11577.BLJBT@lac.co.jp>
Date: Tue, 13 Nov 2001 22:26:43 +0900
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-2022-jp

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

$B:d0f(B@$B%i%C%/$G$9!#(B

SecurityFocus.com Newsletter $BBh(B 118 $B9f$NOBLu$r$*FO$1$7$^$9!#(B
$BLu$N$J$$9`L\$K$D$$$F$O!VF|K\8lLu$J$7!W$H$7$F6hJL$7$F$"$j$^$9!#(B

- ---------------------------------------------------------------------------
SecurityFocus.com Newsletter $B$K4X$9$k(BFAQ:
http://www.securityfocus.com/popups/forums/securityfocusnews/intro.shtml
BugTraq-JP $B$K4X$9$k(B FAQ:
http://www.securityfocus.com/popups/forums/bugtraq-jp/faq.shtml
- ---------------------------------------------------------------------------
$B0zMQ$K4X$9$kHw9M(B:
$B!&$3$NOBLu$O(B Security-Focus.com $B$N5v2D$r3t<02q<R%i%C%/$,F@$?>e$G9T$o(B
  $B$l$F$$$^$9!#(B
$B!&(BSecurityFocus.com Newsletter $B$NOBLu$r(B Netnews, Mailinglist,
  World Wide Web, $B=q@R(B, $B$=$NB>$N5-O?G^BN$G0zMQ$5$l$k>l9g$K$O%a!<%k$N(B
  $BA4J80zMQ$r$*4j$$$7$^$9!#(B
$B!&F|K\8lHG%K%e!<%9%l%?!<(B 1 $B9f$+$i(B 3 $B9f$^$G$K$O$3$NHw9M$,IU$$$F$$$^$;(B
  $B$s$,=`MQ$9$k$b$N$H$7$^$9!#(B
$B!&$^$?!"(BSecurity-Focus.com $BDs6!$N(B BugTraq-JP $B%"!<%+%$%V(B [*1] $B$X$N$$$+(B
  $B$J$k7A<0$N%O%$%Q!<%j%s%/$b>e5-$K=`$8$F$/$@$5$$!#(B
1) http://www.securityfocus.com/archive/79
- ---------------------------------------------------------------------------
- ---------------------------------------------------------------------------
$B$3$NOBLu$K4X$9$kHw9M(B:
$B!&$3$NOBLu$NE,MQ@.2L$K$D$$$F3t<02q<R%i%C%/$O@UG$$rIi$o$J$$$b$N$H$7$^(B
  $B$9!#(B
- ---------------------------------------------------------------------------
- ---------------------------------------------------------------------------
$BLu<T$+$i$N$*CN$i$;(B:
$B!&$b$7!"(Btypo $B$d8mLu$,8+$D$+$C$?>l9g!"(BBUGTRAQ-JP $B$X(B Errata $B$H$7$F=$@5(B
  $BHG$r$4Ej9FD:$/$+!"Lu<T$K$*CN$i$;$/$@$5$$!#(B
  $B8e<T$N>l9g$K$O=$@5HG$r$G$-$k$@$1?WB.$KH/9T$7$^$9!#(B
- ---------------------------------------------------------------------------
- ---------------------------------------------------------------------------

Date: Mon, 12 Nov 2001 12:08:03 -0700 (MST)
Message-ID: <Pine.GSO.4.30.0111121207320.962-100000@mail.securityfocus.com>

SecurityFocus.com Newsletter #118
- ---------------------------------

This Issue Sponsored by: VeriSign - The Value of Trust

- -------------------------------------------------------------------------------

I. FRONT AND CENTER($BF|K\8lLu$J$7(B)
     1. Advertising Information
     2. Virtual Honeynets
     3. Basic Security Checklist for Home and Office Users
     4. Keep Security Censorship Away From Linux
II. BUGTRAQ SUMMARY
     1. Entrust GetAccess File Disclosure Vulnerability
     2. Red Hat TUX HTTP Server Oversized Host Denial of Service...
     3. Ipswitch WS_FTP Server 'STAT' Buffer Overflow Vulnerability
     4. Raptor Firewall Zero Length UDP Packet Resource Consumption...
     5. PHP Nuke Copying and Deleting Files Vulnerability
     6. Zone Labs ZoneAlarm Pro Unauthorized Local Security Settings...
     7. CDE DTSVC Library Buffer Overflow Vulnerability
     8. IBM HTTP Server Source Code Disclosure Vulnerability
     9. Slashcode Guessable SessionID Vulnerability
     10. Apache mod_usertrack Predictable ID Generation Vulnerability
     11. Microsoft Internet Explorer Cookie Disclosure/Modification...
     12. RedHat Linux IPTables Save Option Unrestorable Rules...
     13. Solaris PT_CHMOD Arbitrary Terminal Writing Vulnerability
     14. Rational ClearCase DB Loader TERM Environment Variable Buffer...
III. SECURITYFOCUS NEWS ARTICLES
     1. Microsoft Reveals Anti-Disclosure Plan
     2. White House: Prepare for Super-Hackers
     3. Lawyer: Business As Usual Under Surveillance Law
     4. NIPC Warns Of Anti-U.S. Hackers
IV.SECURITYFOCUS TOP 6 TOOLS
     1. WormScan v1.2
     2. Swatch v3.0.4
     3. snort-rep v1.7
     4. SILC (Secure Internet Live Conferencing)(server) v0.6.2
     5. Linux Port/Socket Pseudo ACLs v2.4.14-11 (2.4)
     6. NTLM Authorization Proxy Server v0.9.5


I. FRONT AND CENTER($BF|K\8lLu$J$7(B)
- ---------------------------------

II. BUGTRAQ SUMMARY
- -------------------
1. Entrust GetAccess File Disclosure Vulnerability
BugTraq ID: 3508
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Nov 05 2001 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3508
$B$^$H$a(B:

Entrust GetAccess $B$O8D!9$N%f!<%6$N%"%/%;%98"8B$N4IM}5!G=$H!"Bg5,LO$J%]!<(B
$B%?%k(B Web $B%5%$%H$K%"%+%&%s%H$r;}$D8\5R$N%W%m%U%!%$%k$N4IM}5!G=$rDs6!2DG=(B
$B$J%=%U%H%&%'%"$G$"$k!#(B

$B$3$N%=%U%H%&%'%"$KF1:-$5$l$F$$$k%7%'%k%9%/%j%W%H$O!"8D!9$N%5%$%HKh$K@_(B
$BDj$5$l$k%X%k%W5!G=$H%f!<%68~$1$NBPOC7?A`:n5!G=$rDs6!$7$F$$$k!#$7$+$7!"(B
$B$3$N%5%s%W%k%9%/%j%W%H$O%f!<%6$K$h$C$FM?$($i$l$?CM$KBP$9$k!"BEEv@-$N3N(B
$BG'$r==J,$K9T$C$F$$$J$$$N$G$"$k!#(B

$B$3$N$?$a!"(B../ $BJ8;zNs!"(Bnull $BJ8;z$d%7%'%k$K$h$C$F2r<a$5$l$k%a%?%-%c%i%/%?(B
$B$r4^$`(B HTTP $B%j%/%(%9%H$rM?$($k;v$,2DG=$J%j%b!<%H$N967b<T$O!"967bBP>]$H(B
$B$J$C$?%[%9%H$N(B Web $BMQ$N%I%-%e%a%s%H%k!<%H%G%#%l%/%H%j$NHO0O30$N;q8;(B ($BNc(B
$B$($P(B Web $B%5!<%P$N<B9T8"8B$GFI$_=P$72DG=$JG$0U$N%U%!%$%k$,A[Dj$5$l$k(B)
$B$K%"%/%;%92DG=$J$N$G$"$k!#(B

http://getAccessHostname/sek-bin/helpwin.gas.bat?

$B>e5-$K<($5$l$k(B HTTP $B%j%/%(%9%H$rA[Dj$9$k>l9g!"0J2<$K<($9%9%/%j%W%H$X$N(B
$B%Q%i%a!<%?$r4^$`I,MW$,$"$k!#(B

mode=
&draw=x
&file=x
&module=
&locale= [relative FILE/PATH] [Nullbyte/0x00] [Backslash/0x5c]
&chapter=

Web $B%5!<%P$N<B9T8"8B$GFI$_=P$72DG=$JG$0U$N%U%!%$%kFb$K4^$^$l$k=EMW$J>p(B
$BJs$,3+<($5$l$F$7$^$C$?>l9g!"967bBP>]$N%[%9%H$X$N$h$j<j$N9~$s$@967b$r>7(B
$B$/;v$,A[Dj$5$l$k!#(B

2. Red Hat TUX HTTP Server Oversized Host Denial of Service Vulnerability
BugTraq ID: 3506
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Nov 05 2001 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3506
$B$^$H$a(B:

TUX $B$O(B GNU Public License $B$K4p$E$$$F8x3+$5$l$F$$$k%+!<%M%kAH$_9~$_7?$N(B
HTTP $B%5!<%P$G$"$k!#$3$N%=%U%H%&%'%"$G$O@EE*%3%s%F%s%D$NDs6!!"F0E*%3%s(B
$B%F%s%D$N%-%c%C%7%e5!G=!"F0E*%3%s%F%s%D$r@8@.$9$k$?$a$NB>$N(B HTTP $B%5!<%P(B
$B$H$N6(D4F0:n$,2DG=$G$"$k!#(B

$B$7$+$7!"(BTUX $B%G!<%b%s$,5,3J30$N(B Host: $B%X%C%@$r(B HTTP $B%j%/%(%9%H$N0lIt$H$7(B
$B$FM?$($i$l$?:]!"LdBj$,@8$8$k$N$G$"$k!#$3$NMM$J%X%C%@$,M?$($i$l$?>l9g!"(B
$B=hM}$OL@NF$K<:GT$7!"BgDq$N>l9g!"%+!<%M%k%Q%K%C%/$r@8$8$F$7$^$&$N$G$"$k!#(B
$B$3$NMM$J>u672<$K$*$$$F$O!"%7%9%F%`$ODL>oF0:n$XI|5l$9$k$?$a$K$O:F5/F0$,(B
$BI,MW$G$"$k!#(B

$B$3$NLdBj$rMxMQ$9$k967b$,9T$o$l$?:]$K$O!"IT@5$J(B EIP $B%"%I%l%9$r<($9%(%i!<(B
$B$,H/@8$9$k!#$3$N%(%i!<$+$i9M;!$9$k8B$j$G$O!"$3$NLdBj$rMxMQ$9$k967b$,G$(B
$B0U$N%3!<%I$r<B9T$9$k$?$a$KMxMQ$7F@$k$H$O9M$($i$l$F$$$J$$$N$G$"$k!#(B

3. Ipswitch WS_FTP Server 'STAT' Buffer Overflow Vulnerability
BugTraq ID: 3507
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Nov 05 2001 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3507
$B$^$H$a(B:

Microsoft Windows $B4D6-8~$1$NCxL>$J(B FTP $B%5!<%P%=%U%H%&%'%"$G$"$k(B WS_FTP
Server $B$O!"%f!<%6$,FCJL$KAH$_N)$F$?(B FTP $B%3%^%s%I$rM?$($k;v$K$h$j!"%P%C(B
$B%U%!%*!<%P!<%U%m!<$,@8$8$kLdBj$rJz$($F$$$k!#$3$N%=%U%H%&%'%"$O%G%U%)%k(B
$B%H>uBV$G(B SYSTEM $B8"8B$N%5!<%S%9$H$7$FF0:n$7$F$$$k!#(B

$B$3$N%P%C%U%!%*!<%P!<%U%m!<$rMxMQ$9$k967b$O(B STAT $B%3%^%s%I$rM?$($k:]$K0z(B
$B$-5/$3$9;v$,2DG=$G$"$k!#(BSTAT $B%3%^%s%I$O%f!<%6$,=hM}Cf$N>uBV$r%5!<%P$X(B
$B%j%/%(%9%H$r9T$&$?$a$KMxMQ$5$l!"%j%/%(%9%H$,M?$($i$l$?%5!<%P$O%j%W%i%$(B
$B7A<0$r<h$j!">uBVJs9p$rJVAw$9$k$N$G$"$k!#(B

WS_FTP Server $B$r<B9TCf$N%[%9%H$X4{$K%m%0%$%s:Q$_$N%f!<%6$,G$0U$NJ8;zNs(B
($BLs(B 479 bytes) $B$rH<$&(B STAT $B%3%^%s%I$rM?$($k:]!"%j%?!<%s%"%I%l%9$r4^$`(B
$B%9%?%C%/Fb$NCM$N>e=q$-$r0z$-5/$3$9;v$,2DG=$G$"$j!"7k2L$H$7$F(B SYSTEM
$B8"8B$G$NG$0U$N%3!<%I$,<B9T$5$l$k2DG=@-$,A[Dj$5$l$k!#(B

$B$J$*!"967bBP>]$H$J$k%P%C%U%!$K4^$^$l$k0lO"$NCM$OMM!9$J%7%9%F%`$K1~$8$?(B
$BMM!9$JCM$r$H$jF@$k;v$,Cm5-$5$l$M$P$J$i$J$$!#$3$l$i$NCM$O%9%?%C%/CM$N>e(B
$B=q$-$H%j%?!<%s%"%I%l%9$NDj5A$r;n$_$k:]$KI,$:9MN8$;$M$P$J$i$J$$CM$G$"$k!#(B

$B$3$NLdBj$rMxMQ$9$k967b$,@.8y$7$?>l9g!"967bBP>]$N%3%s%T%e!<%?$NA48"8B$r(B
$BC%<h$9$k;v$,2DG=$G$"$k!#(B

4. Raptor Firewall Zero Length UDP Packet Resource Consumption Vulnerability
BugTraq ID: 3509
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Nov 05 2001 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3509
$B$^$H$a(B:

Raptor Firewall $B$O(B Symantec $B$+$iHNGd$5$l$F$$$k!">&MQ%U%!%$%d%&%)!<%k@=(B
$BIJ$N<BAu$G$"$k!#(B

$B$3$N%U%!%$%d%&%)!<%k$N<BAu$K$O!"$"$k%f!<%6$,B>$NJL$J@5Ev$J%M%C%H%o!<%/(B
$B;q8;$N%f!<%6$X!"%5!<%S%9Ds6!$rDd;_2DG=$JLdBj$,B8:_$9$k!#(B
$BLdBj$OFCDj$N7A<0$N(B UDP $B%Q%1%C%H$N<h$j07$$ItJ,$KB8:_$7$F$$$k!#(B

Raptor Firewall $B$O%U%!%$%d%&%)!<%k$H$7$FMxMQ$5$l$F$$$k%3%s%T%e!<%?$r2p(B
$B$7!"(BTCP/IP $B$rMxMQ$9$k%H%i%U%#%C%/$r%U%!%$%d%&%)!<%k$,Be$o$j$KDL2a$5$;(B
$B$k$?$a$N!"MM!9$J%b%8%e!<%k$rMxMQ$7$F$$$k!#$3$l$i%b%8%e!<%k$rMxMQ$9$k;v(B
$B$G!"$3$N%U%!%$%d%&%)!<%k$O%3%s%F%s%D%U%#%k%?%j%s%0$dL\E*$H9gCW$7$J$$%H(B
$B%i%U%#%C%/$N%U%#%k%?%j%s%0$r9T$&;v$,2DG=$K$J$C$F$$$k$N$G$"$k!#(B

$B$7$+$7!"(BRaptor Firewall $B$XBgNL$ND9$5(B 0 $B$N(B UDP $B%Q%1%C%H$,M?$($i$l$?:]!"(B
$B%U%!%$%d%&%)!<%k$H$7$FMxMQ$5$l$F$$$k%3%s%T%e!<%?$G$O(B CPU $B$NG=NO$rD6$((B
$B$k8=>]$,@8$8$k$N$G$"$k!#%U%!%$%d%&%)!<%k$O(B 100% $B$N(B CPU $B;q8;$rHq$d$7$F(B
$B$7$^$$!"%U%!%$%d%&%)!<%k$,%$%s%9%H!<%k$5$l$F$$$k%3%s%T%e!<%?$O1~EzITG=(B
$B>uBV$K4Y$C$F$7$^$&$N$G$"$k!#(B
$B$3$N7k2L!"%U%!%$%d%&%)!<%k$N$I$A$i$NB&$N%M%C%H%o!<%/$KBP$7$F$b!"@5Ev$J(B
$B%f!<%6$X$N%5!<%S%9Ds6!$,AK32$5$l$F$7$^$&!#(B

$BDL>oF0:n$X$NI|5l$r9T$&$?$a$K$O:F5/F0$,I,MW$G$"$k!#(B

5. PHP Nuke Copying and Deleting Files Vulnerability
BugTraq ID: 3510
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Nov 05 2001 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3510
$B$^$H$a(B:

PHP Nuke $B$O(B Web $B%]!<%?%k$N9=C[$H4IM}$r9T$&%Q%C%1!<%8$G$"$j!"(BPHP $B$K$h$C(B
$B$F<BAu$5$l$F$$$k!#$3$N%=%U%H%&%'%"$N%G%U%)%k%H%$%s%9%H!<%k>uBV$K$O!"(B
admin/case/case.filemanager.php $B$H$$$&%5!<%P>e$N%U%!%$%k%7%9%F%`Fb$K$"(B
$B$k%U%!%$%k$N%3%T!<$d:o=|$r9T$&$?$a$KMxMQ2DG=$J%9%/%j%W%H$,4^$^$l$F$$$k!#(B

$B$3$l$i$NFb!"(Bcase.filemanager.php $B%9%/%j%W%H$O%j%b!<%H%f!<%6$NG'>Z5!G=$r(B
$BC4Ev$9$k%9%/%j%W%H$G$"$k(B admin.php $B$+$i$N$_8F$S=P$72DG=$J>uBV$K@_7W$5$l(B
$B$F$$$k!#$7$+$7!"$3$N<BAu$O(B PHP $B$K$h$k(B $PHP_SELP $BJQ?t$NCM$N<h$j07$$$KB8(B
$B:_$9$k%P%0$N$?$a$KITHw$,;D$k>uBV$J$N$G$"$k!#%j%b!<%H%f!<%6$O(B URL $BFb$K(B
$PHP_SELF $BJQ?t$KDI2C$5$l$kMM$K(B URL $BFb$K>pJs$r4^$a!"$3$NJQ?t$NCM$K4X$9$k(B
$B3NG'=hM}$r2sHr2DG=$G$"$k!#(B

$B$3$NJ}K!$G%9%/%j%W%H$r8F$S=P$7!"%9%/%j%W%H$XG$0U$N%U%!%$%kL>$r0z$-EO$9(B
$B;v$K$h$j!"%j%b!<%H%f!<%6$O(B Web $B%5!<%PFb$N$I$N$h$&$J%U%!%$%k$G$"$C$F$b!"(B
$B%3%T!<$d:o=|$,2DG=$J$N$G$"$k!#(B
$B$J$*!"$3$NF0:n$O(B Web $B%5!<%P$r<B9T$7$F$$$k%f!<%68"8B$N85$G9T$o$l$k!#(B

$BNc$($P!"%j%b!<%H%f!<%6$O(B  /etc/passwd $B$r(B Web $B%5!<%P>e$GDL>oI=<($5$l$k(B
$B%U%!%$%k$X%3%T!<$7!"=EMW$J>pJs$rF~<j$9$k;v$,A[Dj$5$l$k!#$"$k$$$O!"%j%b!<(B
$B%H%f!<%6$,967bBP>]$N(B Web $B%5!<%P$X%U%!%$%k$r%"%C%W%m!<%I2DG=$G$"$k>l9g!"(B
$B$3$N<o$N967b<T$OI8=`E*$J(B PHP Nuke $B%9%/%j%W%H72$r%"%C%W%m!<%I$r9T$C$?%U%!(B
$B%$%k$G>e=q$-$7!"G$0U$N%9%/%j%W%H$,(B Web $B%5!<%P$NMxMQ<T$K$h$C$F<B9T$5$l$k(B
$B>uBV$r2DG=$K$9$k;v$,A[Dj$5$l$k!#(B

6. Zone Labs ZoneAlarm Pro Unauthorized Local Security Settings Vulnerability
BugTraq ID: 3512
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Nov 06 2001 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3512
$B$^$H$a(B:

ZoneAlarm $B$O(B Windows $B8~$1$N%U%!%$%d%&%)!<%k%=%U%H%&%'%"$G$"$j!"B>$NMM!9(B
$B$J%;%-%e%j%F%#5!G=$rDs6!$9$k%=%U%H%&%'%"F1MM!"$3$N%=%U%H%&%'%"$O$I$N%"(B
$B%W%j%1!<%7%g%s$,%M%C%H%o!<%/$r2p$7$?DL?.$r9T$($k$+$I$&$+$K$D$$$F$N@)8B(B
$B$r$+$1$k5!G=$rHw$($F$$$k!#(BInternet Explorer $BF1MM!"$3$N%=%U%H%&%'%"$O%f!<(B
$B%6$K$h$k%m!<%+%k$N%$%s%H%i%M%C%H%>!<%s$H!"%$%s%?!<%M%C%H%>!<%s$r@_Dj2D(B
$BG=$K$9$k%;%-%e%j%F%#@_Dj5!G=$rHw$($F$$$k!#%m!<%+%k%>!<%s$H$7$F$_$J$5$l(B
$B$?%[%9%H$O!"$h$j@)Ls$,4K$d$+$J%;%-%e%j%F%#@_Dj$N85$G%U%!%$%d%&%)!<%k$H(B
$B$7$F@_Dj$5$l$?%[%9%H>e$N%5!<%S%9$X%"%/%;%92DG=$G$"$k!#(B

$B$7$+$7!"(BZomeAlarm$B!!$O%m!<%+%k$N%;%-%e%j%F%#@_Dj$KB0$9$k%[%9%H$XIT@5%f!<(B
$B%6$r@\B32DG=$K$7$F$7$^$&LdBj$rJz$($F$$$k$N$G$"$k!#(B

$B%"%/%;%9$r;n$_$k%f!<%6$,MxMQ$9$k%3%s%T%e!<%?$N(B IP $B%"%I%l%9$N:G=i$N(B 2 $B%*(B
$B%/%F%C%H$,!"967bBP>]$N%[%9%H$N(B IP $B%"%I%l%9$HF10l$G$"$k>l9g!"(BZoneAlarm
$B$O%m!<%+%k$N%;%-%e%j%F%#@_Dj$N85$G!"967bBP>]$X$N%[%9%H$X$N%"%/%;%9$r2D(B
$BG=$K$7$F$7$^$&$N$G$"$k!#(B

$B$3$NLdBj$O%5!<%S%9Cf$N%]!<%HHV9f$d%M%C%H%o!<%/6&M-$K4X$9$k>pJs$H8@$C$?(B
$B=EBg$J>pJs$r!"K\Mh$=$&$"$k$Y$-$G$O$J$$$K$b4X$o$i$:3+<($5$;$F$7$^$($k$N(B
$B$G$"$k!#0-0U$"$k30It$N%[%9%H$+$iJ]8n$5$l$F$$$k$H9M$($i$l$F$$$k!"@H<e$J(B
$B%5!<%S%9$O!"%j%b!<%H$N967b<T$+$i%"%/%;%92DG=$J>uBV$K$J$k;v$,A[Dj$5$l$k(B
($BNc$($PF10l$N(B ISP $B%M%C%H%o!<%/Fb$K967b<T$,B8:_$7$F$$$k;v$,A[Dj$5$l$k(B)$B!#(B

7. CDE DTSVC Library Buffer Overflow Vulnerability
BugTraq ID: 3517
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Nov 06 2001 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3517
$B$^$H$a(B:

OpenUnix $B$*$h$S(B UnixWare $B$O(B Caldera $B$K$h$jDs6!$5$l!"5lMh(B SCO $B$K$h$C$FDs(B
$B6!$5$l$F$$$?(B UNIX $BM3Mh$N(B OS $B$G$"$k!#(B

$B$3$N(B OS $B$K$O%j%b!<%H$N967b<T$,$h$j9b0L$N8"8B$rC%<h2DG=$G$"$k$HA[Dj$5$l(B
$B$kLdBj$,B8:_$9$k!#LdBj$O(B libDtSvc $B%i%$%V%i%j$KM3Mh$7$F$$$k!#(B

$BB?$/$N(B CDE $B4D6-$GF0:n$9$k%W%m%0%i%`$O(B libDtSvc $B%i%$%V%i%j$H%j%s%/$5$l$F(B
$B$$$k!#8=:_$N=j!"%i%$%V%i%jFb$KB8:_$9$k4{CN$N%P%C%U%!%*!<%P!<%U%m!<$O!"(B
dtspcd $B$K1F6A$rM?$(!"%j%?!<%s%"%I%l%9$r4^$`%9%?%C%/Fb$NCM$N>e=q$-$r2DG=(B
$B$K$7!"G$0U$N%3!<%I$N<B9T$r2DG=$K$9$k$H?d;!$5$l$k!#(B

$B$3$NLdBj$K$h$j!"967b<T$O967bBP>]$N%7%9%F%`$K$*$$$F%m!<%+%k$+$i$N4IM}<T(B
$B8"8B$NC%<h$r>7$/;v$,2DG=$G$"$k!#8=:_$N=j!"$3$NLdBj$,B>$N(B CDE $B4D6-$GF0:n(B
$B$9$k%"%W%j%1!<%7%g%s$K1F6A$r5Z$\$9$+$I$&$+$OL$>\$G$"$k!#(B

8. IBM HTTP Server Source Code Disclosure Vulnerability
BugTraq ID: 3518
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Nov 08 2001 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3518
$B$^$H$a(B:

IBM HTTP Server for the AS/400 $B$K$O!"%j%b!<%H$N967b<T$K$h$jFCJL$KAH$_N)(B
$B$F$i$l$?(B HTTP $B%j%/%(%9%H$rM?$($k;v$G!"%9%/%j%W%H$N%=!<%9%3!<%I$rI=<(2D(B
$BG=$K$9$k!"F~NO$NBEEv@-$rBU$C$F$$$k5?$$$,$"$k!#(B

/ $B$,4{B8$N%9%/%j%W%H$X$N%j%/%(%9%H$NKvHx$KDI2C$5$l$?>l9g!"%9%/%j%W%H$N(B
$B%=!<%9$,<B9T$5$l$kBe$o$j$KI=<($5$l$F$7$^$&$N$G$"$k!#(B

$B$3$l$O0J2<$K<($9%j%/%(%9%H$rM?$($k;v$G:F8=2DG=$G$"$k!#(B

http://www.targetserver.com/script.jsp/

$B%9%/%j%W%HFb$K4^$^$l$k>pJs$K0MB8$9$k$,!"$3$NLdBj$O=EMW$J>pJs$r967b<T$K(B
$B3+<($9$k7k2L$r>7$/;v$,A[Dj$5$l$k!#(B


9. Slashcode Guessable SessionID Vulnerability
BugTraq ID: 3519
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Nov 07 2001 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3519
$B$^$H$a(B:

Slashcode $B$O(B Web $B%Z!<%8%7%9%F%`$KN`;w$9$k!"CxL>$J7G<(HD%7%9%F%`$G$"$k!#(B
$B7G<(HD%7%9%F%`$N%f!<%6$O%"%+%&%s%H$r:n@.2DG=$G$"$j!"%7%9%F%`$X%m%0%$%s(B
$B8e$K%a%C%;!<%8$rEj9F$7!"$5$i$K%a%C%;!<%8$XJVEz$r9T$&;v$,2DG=$G$"$k!#(B
$B%f!<%6$N7QB3E*$JG'>Z$O%/%C%-!<Fb$K3d$jEv$F$i$l$?%;%C%7%g%s(B ID $B$rMxMQ$7(B
$B$F9T$o$l$F$$$k!#(B

$B$3$N%7%9%F%`$K%"%+%&%s%H$r:n@.$9$k%f!<%6$O!"%i%s%@%`$K@8@.$5$l$?(B 8 $BJ8;z(B
$B$N%Q%9%o!<%I$r=i4|%Q%9%o!<%I$H$7$F3d$jEv$F$i$l$k!#(B

$B%G%U%)%k%H>uBV$N%Q%9%o!<%I$rMxMQ$9$k%"%+%&%s%H$K3d$jEv$F$i$l$k%;%C%7%g(B
$B%s(B ID $B$O!"%f!<%6$K3d$jEv$F$i$l$?=i4|%Q%9%o!<%I$H%f!<%6(B ID $B$rO"7k$7$?$b(B
$B$N$+$i@.$jN)$C$F$$$k!#%f!<%6(B ID $B$O?75,$K%"%+%&%s%H$,:n@.$5$l$kEYKh$KO"(B
$BB3CM$H$7$FM?$($i$l!"%"%+%&%s%H$r:n@.$9$k;v$G?dB,2DG=$G$"$k!#$^$?!"4{B8(B
$B$NN`;w$N%f!<%6(B ID $B$rMxMQ$9$k;v$G!"B>$N%"%+%&%s%H$NN`?d$O2DG=$G$"$k!#(B
$B%G%U%)%k%H>uBV$N%Q%9%o!<%I$O!"$=$l$>$l(B 56 $BDL$j$N<oJL$r<h$jF@$k(B 8 $BJ8;z$G(B
$B@8@.$5$l$F$$$k$?$a!"<BMQ>eBEEv$J;~4V$NHO0OFb$G!"%Q%9%o!<%I$,<h$jF@$kJ8(B
$B;zNs6u4V$rF'::$9$k;v$O2DG=$G$"$k!#(B

$B$J$*!"0lEY%f!<%6$,%Q%9%o!<%I$rJQ99$7$?>l9g!"%;%C%7%g%s(B ID $B$O<BA)E*$KMx(B
$BMQ$5$l$kAmEv$j?dB,967b(B (brute force guessing attack) $B$KBP$7$F1F6A$r<u$1(B
$B$J$$!"?7$7$$%Q%9%o!<%I$+$i@8@.$5$l$kBEEv$JD9$5$N(B MD5 $B%O%C%7%e$rMxMQ$7$F(B
$B:n@.$5$l$kMM$K$J$kE@$OCm5-$5$l$k!#(B

$BB>$N%P!<%8%g%s$N(B Slashcode $B$bF1MM$NLdBj$rJz$($F$$$k;v$,?dB,$5$l$k!#(B

10. Apache mod_usertrack Predictable ID Generation Vulnerability
BugTraq ID: 3521
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Nov 08 2001 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3521
$B$^$H$a(B:

Apache $B$O%$%s%?!<%M%C%H>e$G9-HO0O$KMxMQ$5$l!"$^$?!"CxL>$J%*!<%W%s%=!<%9(B
$B$N(B HTTP $B%5!<%P$G$"$k!#(BApache $B$O(B 'mod_usertrack' $B$H8F$P$l$k%b%8%e!<%k$r(B
$BF1:-$7$FDs6!$5$l$F$$$k!#$3$N%b%8%e!<%k$K$O8DJL$N(B Web $B%;%C%7%g%s$H%j%/%((B
$B%9%H$=$l$>$l$KBP$7$F!"M#0l$N<1JL;R$r@8@.$9$k$?$a$N%3!<%I$,4^$^$l$F$$$k!#(B

$B$7$+$7!"@8@.$5$l$?(B ID $B$OA4$/%i%s%@%`$G$O$J$$$N$G$"$k!#$3$N%b%8%e!<%k$O(B
$B@\B385%/%i%$%"%s%H$N(B ID$B!"%7%9%F%`;~4V!"%5!<%P$N%W%m%;%9(B ID $B$r85$K(B ID $B$r(B
$B@8@.$7$F$$$k$N$G$"$k!#$3$l$i$NCM$O%i%s%@%`$H$O8@$($J$$CM$G$"$k$?$a!"@8(B
$B@.$5$l$?(B ID $B$OG'>Z$KMxMQ$9$kL\E*$GMxMQ$9$k;v$O0U?^$5$l$J$$$N$G$"$k!#(B
$B$3$N$?$a!"$3$N%b%8%e!<%k$G@8@.$5$l$k(B ID $B$K0MB8$7$FG'>Z:Q$_%;%C%7%g%s$N(B
$BDI@W$r9T$&%"%W%j%1!<%7%g%s$O!"$I$N$h$&$J$b$N$G$"$C$?$H$7$F$b(B ID $B?dB,96(B
$B7b$N1F6A$r<u$1$k;v$,?d;!$5$l$k!#(B

$B%"%W%j%1!<%7%g%s$N<BAu$K0MB8$9$k$,!"$"$k(B ID $B$r?dB,2DG=$J967b<T$O%f!<%6(B
$B$N%;%C%7%g%s$H%"%+%&%s%H$r9b$$2DG=@-$r;}$C$F%O%$%8%c%C%/2DG=$G$"$k!#(B

$B967b<T$,967bBP>]$N%3%s%T%e!<%?$N%m!<%+%k$N;q8;$K4{$K%"%/%;%9$7$F$$$?>l(B
$B9g!"?dB,$J$7$K%7%9%F%`;~4V$H(B Web $B%5!<%P$N%W%m%;%9(B ID $B$H8@$C$?>pJs$OF~<j(B
$B2DG=$G$"$k!#(B

$B$J$*!"$3$NLdBj$O(B Apache $B$=$N$b$N$NLdBj$G$O$J$$E@$OCm5-$5$l$M$P$J$i$J$$!#(B
$B$3$l$O%"%W%j%1!<%7%g%s$,$3$l$i$N(B ID $B$r!"G'>Z:Q$_$N%f!<%6$rDI@W$9$k$?$a(B
$B$KMxMQ$7$F$$$k>l9g$K$N$_1F6A$r5Z$\$9LdBj$G$"$k!#(B

11. Microsoft Internet Explorer Cookie Disclosure/Modification Vulnerability
BugTraq ID: 3513
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Nov 09 2001 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3513
$B$^$H$a(B:

Internet Explorer $B$K$O967b<T$,0U?^E*$J(B Web $B%5%$%H$rMxMQ$7$F!"%/%C%-!<>p(B
$BJs$rI=<($"$k$$$O2~JQ$9$k$?$a$N(B URL $B$rAH$_N)$F2DG=$JLdBj$,B8:_$9$k!#(B

about:protocol $B$,(B Web $B%5%$%H$r;2>H$9$kMM$J(B URL $B$,AH$_N)$F$i$l$k:]!"(BURL
$BFb$K4^$^$l$k(B JavaScript $B$O(B document.cookie $B$r2p$7!"$=$N(B Web $B%5%$%H$K4X(B
$BO"IU$1$i$l$?%/%C%-!<$r$I$N$h$&$J$b$N$G$"$C$?$H$7$F$b%"%/%;%92DG=$J$N$G(B
$B$"$k!#(B
$B$3$N<o$N(B JavaScript $B$O(B MSIE $B$KB8:_$9$k!"(Babout:protocol $B$K4XO"$7$?%/%m%9(B
$B%5%$%H%9%/%j%W%F%#%s%0$N$?$a$K<B9T$5$l$F$7$^$&$N$G$"$k!#(B

$B967bBP>]$N(B Web $B%5%$%H$,$9$G$K%"%/%;%9:Q$_$G$"$j!"%/%C%-!<$,<:8z$7$F$$$J(B
$B$$>u67$G$"$l$P!"$3$N>uBV$r$b$?$i$9;v$,2DG=$G$"$k!#(B
$B967bBP>]$N%f!<%6$,$3$N<o$N%j%s%/$r%/%j%C%/$9$k$+0-0U$r;}$C$F3+@_$5$l$?(B
Web $B%5%$%H$X%"%/%;%9$9$k:]!"%f!<%6$XCN$i$l$k;v$b!"F10U$rF@$k;v$b$J$/<+(B
$BF0E*$K$3$N967b$O<B9T2DG=$G$"$k!#(B
$B$J$*!"(BHTML $B$rMxMQ$9$kEE;R%a!<%k$r2p$7$?>l9g$G$b!"$3$NLdBj$rMxMQ$9$k967b(B
$B$O<B9T2DG=$G$"$k$H?dDj$5$l$k!#(B

$B0J2<$O$3$NLdBj$rMxMQ$9$k967b$r9T$&$?$a$KMxMQ$5$l$k(B URL $B$NNc$G$"$k!#(B

about://www.target.com/<scriptlanguage=javascript>alert(document.cookie);</script>

$B$3$NNc$G$O(B alert() $B%]%C%W%"%C%W%&%$%s%I%&$X(B www.target.com $B$K4XO"IU$1$i(B
$B$l$?%/%C%-!<Fb$NCM$NI=<($,9T$o$l$k!#(B

$B$3$NNc0J30$rA[Dj$9$k$J$i$P!"$I$N$h$&$J(B Web $B%5%$%H$K4XO"IU$1$i$l$?%/%C(B
$B%-!<$G$"$C$F$b(B URL $BCf$K4^$^$l$k967b<T$,:n@.$7$?(B JavaScript $B$K$h$C$FA`:n(B
$B$9$k;v$,2DG=$G$"$k!#(BJavaScript $B$O%/%C%-!<Fb$NCM$r2~JQ!"$^$?$O%j%b!<%H$N(B
$B%5!<%P$XAw?.$9$kMM$K@_7W2DG=$G$"$k!#(B

$B$3$NLdBj$rMxMQ$9$k967b$,@.8y$7$?>l9g!"%;%C%7%g%s(B ID$B!"G'>ZMQ>pJsEy$N=EMW(B
$B$J>pJs$,3+<($5$l$k2DG=@-$,$"$k!#$^$?!"$3$NLdBj$O%f!<%6$d%/%C%-!<$rH/9T(B
$B$7$?(B Web $B%5!<%P$X$N$5$i$J$k967b$NJd=u<jCJ$H$9$k;v$,2DG=$G$"$k!#(B

12. RedHat Linux IPTables Save Option Unrestorable Rules Vulnerability
BugTraq ID: 3520
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Nov 08 2001 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3520
$B$^$H$a(B:

Red Hat Linux $B$O%U%j!<$GMxMQ2DG=$G$"$j!"%*!<%W%s%=!<%9$GDs6!$5$l$F$$$k(B
UNIX $B$N%/%m!<%s(B OS $B$G$"$k!#$3$N(B OS $B$O(B Red Hat Incorporated $B$K$h$jG[I[(B
$B$5$l!"J]<i$5$l$F$$$k!#(B

$B$3$N%=%U%H%&%'%"%Q%C%1!<%8$KF1:-$5$l$F$$$k%U%!%$%d%&%)!<%k9=C[MQ%=%U%H(B
$B%&%'%"$K$O!"4IM}<T$KCN$i$l$k;v$J$/!"%7%9%F%`$KITMW$N%j%9%/$rJz$($5$;$k(B
$B7k2L$r>7$/LdBj$,B8:_$9$k!#(B

$BLdBj$O(B iptables $B$K$h$C$FMxMQ$5$l$kJ]B87A<0$KB8:_$9$k!#(Biptables $B$O(B -c
$B%*%W%7%g%s$,MxMQ$5$l$?:]!"8=:_M-8z$J%k!<%k%;%C%H$r%U%!%$%k$XJ]B8$r9T$&!#(B
$B4IM}<T$,%U%!%$%d%&%)!<%k$N%k!<%k%;%C%H$r%U%!%$%k$XJ]B8$r;n$_$k:]!"%j(B
$B%m!<%I$N;n$_$K$h$C$FJ]B8:Q$_%k!<%k%;%C%H$,:n@.$5$l$?>l9g!"%k!<%k%;%C%H(B
$B$,J]B8$5$l$k7A<0$O(B iptables $B$K$h$C$F2r<a2DG=$J7A<0$G$O$J$$$N$G$"$k!#(B

$B%U%!%$%d%&%)!<%k$N@_Dj>uBV$r<!2s$N:F5/F0;~$K%7%9%F%`$K$h$C$F@_Dj%U%!%$(B
$B%k$,FI$_9~$^$l$kMM$K!"%U%!%$%k$XJ]B8$7$F$$$k4IM}<T$O%7%9%F%`$rJ]8n$5$l(B
$B$F$$$J$$>uBV$KJ|CV$7$F$$$k$N$G$"$k!#(B
$B$3$N7k2L!"%7%9%F%`Fb$N=EMW$J>pJs$K%j%b!<%H$N%f!<%6$O%"%/%;%92DG=$J>uBV(B
$B$r$b$?$i$7!"%;%-%e%"$G$O$J$$>uBV$KJ|CV$5$l$?$^$^$N%7%9%F%`$N%m!<%+%k$N(B
$B;q8;$X$N%"%/%;%9$d8"8B>:3J$r>7$/2DG=@-$,$"$k!#(B

13. Solaris PT_CHMOD Arbitrary Terminal Writing Vulnerability
BugTraq ID: 3522
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: Nov 08 2001 12:00A
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/3522
$B$^$H$a(B:

Solaris $B$O%U%j!<$GMxMQ2DG=$J(B Unix $B%*%Z%l!<%F%#%s%0%7%9%F%`$N<BAu$G$"$k!#(B
$B$3$N%=%U%H%&%'%"$O(B Sun Microsystems $B$K$h$jJ]<i$,9T$o$l!"G[I[$5$l$F$$$k!#(B

$B$3$N%=%U%H%&%'%"$K$O%m!<%+%k$N%f!<%6$,%"%/%;%9$,@)8B$5$l$?C<Kv$K%G!<%?(B
$B$r=q$-9~$_2DG=$JLdBj$,H/8+$5$l$?!#$3$NLdBj$OC<Kv$K$h$k%"%/%;%9%3%s%H%m!<(B
$B%k$N%(%s%H%j$N<h$j07$$$KM3Mh$7$F$$$k!#(B

$B%7%9%F%`$K%m%0%$%s;~!"3F%f!<%6$K$OC<Kv$,3d$jEv$F$i$l$k!#%f!<%6$OC<Kv$r(B
$BJ];}$9$k0lJ}!"C<Kv>e$K%"%/%;%9%3%s%H!<%k%(%s%H%j$r@_Dj$G$-$k2DG=@-$,$"(B
$B$k!#%;%C%7%g%s$r=*N;$9$k$H$-!"C<Kv$OC<Kv%W!<%k$KJV5Q$5$l!":FEYI,MW$H$5(B
$B$l$?:]$KJL$N%f!<%6$K3d$jEv$F$i$l$k!#(B

$B$7$+$7!"%W!<%k$XC<Kv$,JV5Q$5$l$k:]!"%"%/%;%9%3%s%H%m!<%k%(%s%H%j$OC<Kv(B
$B>e$G=i4|2=$5$l$J$$$N$G$"$k!#$3$N$?$a!"<!$N%f!<%6$KC<Kv$,3d$jEv$F$i$l$k(B
$B:]$K$OC<Kv$N0JA0$N;HMQ<T$,C<Kv$K=q$-9~$_$r9T$&;v$,?d;!$5$l$k!#(B

14. Rational ClearCase DB Loader TERM Environment Variable Buffer Overflow Vulnerability
BugTraq ID: 3523
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: Nov 09 2001 12:00A
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/3523
$B$^$H$a(B:

ClearCase $B$O>&MQMxMQ2DG=$J%=%U%H%&%'%"JQ994IM}%Q%C%1!<%8$G$"$k!#$3$N%=(B
$B%U%H%&%'%"(B $B$O(B Rational $B$K$h$jJ]<i!"G[I[$5$l$F$$$k!#(B

$B$3$N%Q%C%1!<%8$KB8:_$9$kLdBj$N$?$a!"%m!<%+%k%f!<%6$O$5$i$K9b0L$N8"8B$r(B
$BC%<h$9$k2DG=@-$,$"$k!#$3$NLdBj$O!"(Bdb_loader $B$K$h$k4D6-JQ?t$N<h$j07$$$K(B
$B5/0x$7$F$$$k!#(B

db_loader $B%W%m%0%i%`$O!"(Bsetuid root $B$K@_Dj$5$l$?%W%m%0%i%`$G$"$j!"%=%U(B
$B%H%&%'%"%Q%C%1!<%8$N%$%s%9%H!<%k;~$K%G%U%)%k%H$G%$%s%9%H!<%k$5$l$k!#(B
$B$3$N%W%m%0%i%`$O!"%W%m%0%i%`$r<B9T$9$k%f!<%6$N4D6-JQ?t$+$i$NF~NO$rE,@Z(B
$B$K<h$j07$($J$$$N$G$"$k!#(B
$B%f!<%6$,(B TERM $B4D6-JQ?t$K(B 550 $B%P%$%H$NJ8;zNs$r;XDj$7$F(B db_loader $B%W%m%0(B
$B%i%`$r<B9T$9$k>l9g!"%P%C%U%!%*!<%P!<%U%m!<$,H/@8$9$k!#$3$l$O%j%?!<%s%"(B
$B%I%l%9$r4^$a$k$3$H$,2DG=$J%9%?%C%/JQ?t$N>e=q$-$K$h$k7k2L$G$"$k!#$3$N7k(B
$B2L$rMxMQ$7!"967b<T$O;XDj$7$?G$0U$N%W%m%0%i%`$N<B9T$,2DG=$G$"$k!#(B

db_loader $B%W%m%0%i%`$O(B setuid root $B$K@_Dj$5$l$F$$$k$?$a!"%m!<%+%k%f!<%6(B
$B$O(B root $B8"8B$G%W%m%0%i%`$r<B9T$9$k;v$,2DG=$G$"$j!"4IM}<T$H$7$F%"%/%;(B
$B%9$r9T$&2DG=@-$,$"$k!#(B

III. SECURITYFOCUS.COM NEWS AND COMMENTARY
- ------------------------------------------
1. Microsoft Reveals Anti-Disclosure Plan
$BCx<T(B: Kevin Poulsen

Microsoft $B$H%3%s%T%e!<%?%;%-%e%j%F%#2q<R(B 5 $B<R$O%=%U%H%&%'%"$N%;%-%e%j%F(B
$B%#%[!<%k$N8x3+$rM^@)$9$kI8=`$r:vDj$9$k$?$a$K6(NO$9$k1?$S$H$J$C$?!#(B
http://www.securityfocus.com/news/281

2. White House: Prepare for Super-Hackers
$BCx<T(B: Kevin Poulsen

$B%5%$%P!<%;%-%e%j%F%#%"%I%P%$%6$N(B Richard Clarke $B$O!"8=:_$N%/%i%C%+!<$N(B
$B967b$H%&%$%k%9$K$h$kB;32$O!">-Mh5/$3$j$&$k@vN}$5$l$?967b$G$NB;32$KHf$Y(B
$B$?$i!"$O$7$?6b$K$7$+$9$.$J$$$H=R$Y$?!#(B
http://www.securityfocus.com/news/280

3. Lawyer: Business As Usual Under Surveillance Law
$BCx<T(B: Kevin Poulsen

$B%W%i%$%P%7!<MJ8n<T$O!":G6a$NJF0&9qK!$NDL2a$K4i$r$7$+$a$F$$$k$,!"O@5D$r(B
$B8F$s$G$$$k?7$7$$4F::$K4X$9$kK!0F$O!"%$%s%?!<%M%C%H%5!<%S%9%W%m%P%$%@$d(B
$BDL?.2q<R$K$O$[$H$s$I$J$K$b1F6A$rM?$($J$$$@$m$&$H!"8!;v$G$"$kA0(B NSA $B?&0w(B
$B$O2PMKF|$K8l$C$?!#(B
http://www.securityfocus.com/news/279

4. NIPC Warns Of Anti-U.S. Hackers
$BCx<T(B: Brian McWilliams, Newsbytes

$B6bMKF|!"(BFBI $B$N9q2H%$%s%U%iKI8n%;%s%?$O!"%3%s%T%e!<%?%M%C%H%o!<%/$X$N(B
DDoS $B967b$,A}2C$9$k8=>u$K7Y9p$rH/$7$?!#(B
http://www.securityfocus.com/news/278


IV.SECURITY FOCUS TOP 6 TOOLS
- -----------------------------
1. WormScan v1.2
$B:n<T(B: Andriy Rozeluk
$B4XO"$9$k(B URL:
http://www.websoup.net/wormscan/
$B%W%i%C%H%U%)!<%`(B: N/A
$B$^$H$a(B:

WormScan $B$O!"(BApache Web $B%5!<%P$X$N967b$N;n9T$r%l%]!<%H2=$9$k$?$a$K!"(B
Java $B8@8l$G:n@.$5$l$?%f!<%F%#%j%F%#$G$9!#$I$s$J$K$?$/$5$s$N%o!<%`$K$bBP(B
$B1~$G$-$k$h$&$K@_7W$5$l$F$$$^$9!#$7$+$7!"Hs>o$K3HD%@-$,9b$/!"(BWeb $B%5!<%P(B
$B$N%m%0%U%!%$%k$KH/8+$5$l$&$k$I$s$J$3$H$K$D$$$F$b!"8!:w$7Js9p$9$k@_Dj$,(B
$BMF0W$K$G$-$^$9!#%l%]!<%H$O%+%9%?%^%$%:2DG=$G!"%K!<%:$K9g$o$;$FJQ99$G$-(B
$B$^$9!#B??t$N@_Dj%*%W%7%g%s$G!"%Q%U%)!<%^%s%9$H=PNO$rD4@02DG=$G$9!#(B

2. Swatch v3.0.4
$B:n<T(B: Todd Atkins
$B4XO"$9$k(B URL:
http://www.stanford.edu/~atkins/swatch/
$B%W%i%C%H%U%)!<%`(B: BSDI$B!"(BLinux$B!"(BSolaris$B!"(BUNIX
$B$^$H$a(B:

Swatch $B$O85!9(B UNIX $B$N(B syslogd $B$r2p$7$F$G:N<h$5$l$k%m%0$rG=F0E*$K%m%0$N(B
$BFbMF$r4F;k$9$k$?$a$K:n@.$5$l$?%=%U%H%&%'%"$G$9!#;k3PE*$JJ}K!$H%$%Y%s%H(B
$B$r0z$-5/$3$9J}K!$NJ#?t$N7Y9p<jCJ$,=`Hw$5$l$F$$$$$^$9!#%m%0$N=8Cf4IM}$r(B
$B9T$&%[%9%H$K:G$bE,$7$?%D!<%k$H8@$($k$G$7$g$&!#8=:_(B Linux (Red Hat 5)$B!"(B
BSDI$B!"(BSolaris 2.6($B%Q%C%A$NE,MQ$,I,MW(B) $B>e$GF0:n3NG'$,9T$o$l$F$$$^$9!#(B

3. snort-rep v1.7
$B:n<T(B: David Schweikert
$B4XO"$9$k(B URL:
http://people.ee.ethz.ch/~dws/software/snort-rep/
$B%W%i%C%H%U%)!<%`(B: POSIX
$B$^$H$a(B:

snort-rep $B$O!"(Bsyslog $B%U%!%$%k$+$i%F%-%9%H7A<0$d(B HTML $B7A<0$G%l%]!<%H$r=P(B
$BNO$9$k(B Snort $B%l%]!<%H%D!<%k$G$9!#$3$N%D!<%k$O!"%7%9%F%`4IM}<T$KEE;R%a!<(B
$B%k%l%]!<%H$rKhF|H/9T$9$k$?$a$K@_7W$5$l$^$7$?!#$9$Y$F$N%l%]!<%H$K$OM%@h(B
$BEY>pJs$,5-=R$5$l$F$*$j(B (Snort 1.8 $B0J9_$r;HMQ$7$?>l9g(B)$B!"(BHTML $B7A<0$G=PNO(B
$B$7$?>l9g$O!"(Bwhitehats.com $B$N(B IDS $B$N@bL@%Z!<%8$X$N%j%s%/$,;XDj$5$l$F$$$^$9!#(B

4. SILC (Secure Internet Live Conferencing)(server) v0.6.2
$B:n<T(B: Pekka Riikonen priikone@poseidon.pspt.fi
$B4XO"$9$k(B URL:
http://silcnet.org/
$B%W%i%C%H%U%)!<%`(B: Linux
$B$^$H$a(B:

SILC (Secure Internet Live Conferencing) $B$O!"%$%s%?!<%M%C%H$N%;%-%e%"$G(B
$B$J$$%A%c%s%M%k$r7PM3$7$F!"%;%-%e%"$J%+%s%U%!%l%s%9%5!<%S%9$rDs6!$9$k%W(B
$B%m%H%3%k$G$9!#(BSILC $B$O(B IRC $B$KI=LL>e;w$F$O$$$^$9$,!"FbIt$OA4$/0c$$$^$9!#(B
SILC $B$NL\E*$O%;%-%e%"$J%+%s%U%!%l%s%9%5!<%S%9$rDs6!$9$k$3$H$K$"$j$^$9!#(B
$B6/NO$J0E9f$rMxMQ$7$F!"$9$Y$F$NDL?.FbMF$r%;%-%e%"$K$7$^$9!#(B

5. Linux Port/Socket Pseudo ACLs v2.4.14-11 (2.4)
$B:n<T(B: anthonyu
$B4XO"$9$k(B URL:
http://original.killa.net/infosec/acls/
$B%W%i%C%H%U%)!<%`(B: Linux
$B$^$H$a(B:

Linux Port/Socket Pseudo ACLs $B%Q%C%A$r;HMQ$9$l$P!"4IM}<T$O!"Hs(B root $B%f(B
$B!<%6$KJ]8n$5$l$?%M%C%H%o!<%/;q8;$X$N8"8B0Q>y$,2DG=$K$J$j$^$9!#(B
$BDL>o!"$3$N%=%U%H%&%'%"$O!"?.MQ$5$l$F$$$J$$!"$"$k$$$O!"%;%-%e%"$G$J$$%"(B
$B%W%j%1!<%7%g%s$rHs8"8B%W%m%;%9$H$7$F<B9T$9$k$?$a$K;HMQ$5$l$^$9!#$=$N$?(B
$B$a!"$^$@H/8+$5$l$F$$$J$$(B DoS $B967b$d(B root $B8"8BC%<h967b$rL$A3$KKI$0$3$H$,(B
$B2DG=$G$9!#J]8n$5$l$?%]!<%H!"(Braw $B%=%1%C%H!"%Q%1%C%H%=%1%C%H$r%5%]!<%H$7(B
$B$^$9!#(B

6. NTLM Authorization Proxy Server v0.9.5
$B:n<T(B: Dmitry Rozmanov
$B4XO"$9$k(B URL:
http://www.geocities.com/rozmanov/ntlm/
$B%W%i%C%H%U%)!<%`(B: Windows 95/98$B!"(BWindows NT
$B$^$H$a(B:

NTLM Authorization Proxy Server $B$O(B NTLM $B%W%m%H%3%k$r;HMQ$7$F(B MS Proxy 
Server $B7PM3$GG'>Z2DG=$K$9$k$?$a$N%W%m%-%7%=%U%H%&%'%"$G$9!#%/%i%$%"%s%H(B
$B$N%j%/%(%9%H%X%C%@$NG$0U$NCM$rJQ992DG=$J$?$a!"JQ99$5$l$?%j%/%(%9%H$O(B MS
IE $B$G@8@.$5$l$?$h$&$K8+$($^$9!#(B
$B$3$N%=%U%H%&%'%"$O(B Python $B8@8l$N(B v1.5.2 $B$G:n@.$5$l$F$$$^$9!#(B
- --
$BLu(B: $B:d0f=g9T(B(SAKAI Yoriyuki), $B1F;3E0:H(B(KAGEYAMA Tetsuya)
$B4F=$(B: $B:d0f=g9T(B(SAKAI Yoriyuki)
LAC Co., Ltd.
http://www.lac.co.jp/security/

-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Edition 5.5.5J
Comment: SAKAI Yoriyuki

iQA/AwUBO/ChA5QwtHQKfXtrEQKhcACfeLFxvA0dfbjvEDMqQ0NbKboPQPQAn1Ga
kiNbW0A2UiisfClwNyS1/mq0
=ut/U
-----END PGP SIGNATURE-----