Return-Path: owner-bugtraq-jp@SECURITYFOCUS.COM X-Mailer: Winbiff [Version 2.20 PL4] Mime-Version: 1.0 Content-Type: text/plain; charset=iso-2022-jp Message-ID: <199911011529.GCB94215.LJBBT@lac.co.jp> Date: Mon, 1 Nov 1999 15:29:28 +0900 Reply-To: SAKAI Yoriyuki Sender: BUGTRAQ-JP List From: SAKAI Yoriyuki Subject: Security Focus Newsletter #12 1999-10-20->1999-10-24 X-To: BUGTRAQ-JP@SECURITYFOCUS.COM To: BUGTRAQ-JP@SECURITYFOCUS.COM -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 $B:d0f(B@$B%i%C%/$G$9!#(B Security Focus Newsletter $BBh(B 12 $B9f$NOBLu$r$*FO$1$7$^$9!#(B $BLu$N$J$$9`L\$K$D$$$F$O!VF|K\8lLu$J$7!W$H$7$F6hJL$7$F$"$j$^$9!#(B ($BLu BugTraq-JP $B$K4X$9$k(B FAQ: - --------------------------------------------------------------------- - --------------------------------------------------------------------- $B0zMQ$K4X$9$kHw9M(B: $B!&$3$NOBLu$O(B Security Focus $B$N5v2D$r3t<02qe$G9T$o$l$F(B $B$$$^$9!#(B $B!&(BSecurity Focus Newsletter $B$NOBLu$r(B Netnews, Mailinglist, World Wide Web, $B=q@R(B, $B$=$NB>$N5-O?G^BN$G0zMQ$5$l$k>l9g$K$O%a!<%k$N(B $BA4J80zMQ$r$*4j$$$7$^$9!#(B $B!&F|K\8lHG%K%e!<%9%l%?!<(B 1 $B9f$+$i(B 3 $B9f$^$G$K$O$3$NHw9M$,IU$$$F$$$^$;(B $B$s$,=`MQ$9$k$b$N$H$7$^$9!#(B $B!&$^$?!"(BSecurity Focus $BDs6!$N(B BugTraq-JP $B%"!<%+%$%V(B [*1] $B$X$N$$$+$J$k(B $B7A<0$N%O%$%Q!<%j%s%/$b>e5-$K=`$8$F$/$@$5$$!#(B 1) - --------------------------------------------------------------------- - --------------------------------------------------------------------- $B$3$NOBLu$K4X$9$kHw9M(B: $B!&$3$NOBLu$NE,MQ@.2L$K$D$$$F3t<02qZ$NA[%^%7%s$N(B Class Cast $B$NA[%^%7%s$N(B Class Cast $B$Ne0L(B6$B0L$N%D!<%k(B 1. Winfingerprint Version 2.19 (NT) 2. SuperScan 2.04 (NT) 3. SmartParse 1.0 (NT) 4. Zonealarm (NT) 5. IP Logger 2.0 (UNIX) 6. PacketX (NT) X. $B%9%]%s%5!<>pJs(B($BF|K\8lLu$J$7(B) XI. Security Focus News $B$X$N9XFI!&9XFI2r=|>pJs(B I. $B;O$a$K(B - ----------- NT OBJECTives, Inc. $B$NDs6!$K$h$k!"(B Security Focus $B$,$*Aw$j$9$k=54)%K%e!<%:%l%?!<$NBh(B 12 $B9f$X$h$&$3$=!#(B $B:#9f$N%K%e!<%:%l%?!<$G$O!"(BSecurity Focus Pager $B$r$^$::G=i$K$4>R2p$7$?(B $B$$$H;W$$$^$9!#(BSecurity Focus Pager $B$O>.$5$J%f!<%F%#%j%F%#%W%m%0%i%`$G(B $B%3%s%T%e!<%?%;%-%e%j%F%#6H3&$K$*$1$k:G?7$N%K%e!<%9$rDs6!$9$kF;6q$G$9!#(B $B$3$N%W%m%0%i%`$O;d$?$A$N(B Web $B%5%$%H(B (www.securityfocus.com) $B$r%b%K%?$7!"(B $B%3%s%F%s%D$,DI2C$5$l$?:]$K%3%s%F%s%D$N0lIt$r$^$H$a!"I=<($7$F$/$l$k$b$N(B $B$G$9!#I=<($5$l$k$9$Y$F$N9`L\$O(B Web $B%5!<%P>e$NpJs$X%O%$%Q!<%j%s(B $B%/$5$l$F$$$^$9!#$3$N%Z!<%8%c%W%m%0%i%`$O99?7$9$kNL$d99?7<~4|!"99?7$NDL(B $B9pJ}K!$r%f!<%6$N3'MM$4<+?H$G@_Dj2DG=$G$9!#(B Security Focus $B$O%$%s%?!<%M%C%H>e$G:G$b40`z$J%3%s%T%e!<%?%;%-%e%j%F%#$K(B $B4X$9$k>pJsDs6!85$G!":G?7$N%;%-%e%j%F%#>pJs$r=PMh;v$r$"$k$,$^$^$GF~\(B $B8xI=F|(B: 1999-10-20 $B4X78$9$k(BURL: http://www.securityfocus.com/bid/728 $B$^$H$a(B: Lotus 1-2-3 $B$"$k$$$O(B Quattro Pro $B7A<0$N%U%!%$%k$K%^%/%m$,4^$^$l!"$=$l(B $B$i$,(BExcel$B$G3+$+$l$?>l9g!"%^%/%m$N%9%W%l%C%I%7!<%H7A<0$N%U%!%$%k$r3+$/:]$K$O@_Dj2DG=$G(B $B$O$"$k$,(B) 2. Checkpoint Firewall-1 LDAP $BG'>Z$NZ$N$?$a$K;H$C$F$$$k>l9g$Ke$N%_%9$K$h$k$H9M;!$5$l!"FCJL$N(B $B>r7o2<$G$O%U%!%$%d%&%)!<%k$NFbB&$K$"$kJ]8n$5$l$?%7%9%F%`$X$NIT@5%"%/%;(B $B%9$r$b$?$i$92DG=@-$,$"$k!#(B $B%f!<%6$O<+J,<+?H$r%U%!%$%d%&%)!<%k$KBP$7$F@5$7$$%f!<%6L>$H%Q%9%o!<%I$r(B $BM?$($k$3$H$GG'>Z2DG=$G$"$k!#$3$N:]!"%U%!%$%d%&%)!<%k$O(B LDAP $B%/%i%$%"%s(B $B%H$H$7$FF0:n$7!"(BLDAP $B%W%m%H%3!<%k$rMQ$$$F%G%#%l%/%H%j%5!<%P$K$h$kG'>Z$N(B $B8!>Z$r9T$&!#G'>Z$,@.8y$7$?8e$K%U%!%$%d%&%)!<%k$KJ]8n$5$l$?%7%9%F%`$X$N(B $B%"%/%;%9$,5v2D$5$l$k$N$G$"$k!#(B $B%i%G%#%&%9$rMQ$$$?G'>Z!"$"$k$$$O!"(BSecurID$B%W%m%H%3!<%k$HBPHf$7$?>l9g!"(B $BG'>Z$K@.8y$7$?8e$K!"%G%#%l%/%H%j%5!<%P$O%U%!%$%d%&%)!<%k$X%f!<%6$K4X$9(B $B$kIU2C(B LDAP $BB0@-$r%f!<%6Kh$KDs6!2DG=$G$"$k!#IU2C(B LDAP $BB0@-$NNc$H$7$F$O!"(B $B%f!<%6$,%m%0%$%s2DG=$JF|;~!"%/%i%$%"%s%H$+$i@\B32DG=$J%=!<%9%"%I%l%9!"(B $B%U%!%$%d%&%)!<%k$r1[$($FMxMQ$G$-$kFbIt;q8;$G$"$k!#$3$l$i$O$=$l$>$l$N(B $B%f!<%6Kh$K@_Dj2DG=$G$"$k!#(B $B0J>e$rD/$a$k8B$j!"$3$l$i$OHs>o$K$9$P$i$7$$%"%$%G%"$N;:J*$G$"$k$,!":#2s(B $BDj$9$k!#(B $B$^$?!"%f!<%6(B 'Nancy' $B$,(B $B%5!<%P(B 'Bar' $B$N$_$K%"%/%;%92DG=$G$"$k$H2>Dj$9(B $B$k!#$I$A$i$b(B LDAP $B%W%m%H%3!<%k$G%"%/%;%9@)8f$5$l!"(B'fw1allowed-dst' $BB0(B $B@-$rMQ$$$F$$$k$H2>Dj$9$k!#(B $B$3$N>l9g%P%0$O$I$A$i$N%f!<%6$K$b1F6A$7!"(BSid $B$H(B Nancy $B$O(B Foo $B$H(B Bar $B$N(B $B$I$A$i$N%5!<%P$KBP$7$F$b%"%/%;%9$G$-$F$7$^$&$N$@!#(B [$B$3$N9`L\$O(BOlaf Selke$B$N5v2D$r$N%^%/%m$r4^$`%9%W%l%C%I%7!<%H(B $B$N%U%!%$%k$r(B Excel $B$,3+$/:]$HF1MM$G$"$k!#(B SYLK $B%U%!%$%k$OC1$J$k%"%9%-!<%U%!%$%k$G$"$j!"%o!<%I%W%m%;%C%5$dB>$N%9%W(B $B%l%C%I%7!<%H$rA0$rIU$1$FJ]B8!W5!G=$G@8@.2DG=$G$"$k!#(B 4. RedHat screen pty(7) $B$N(B $B$N%W%m%;%9$K$h$C$FMQ$$$i$l$k!#(B pty $B<+?H$O(B UNIX $B%U%!%$%k%7%9%F%`>e$NDL>o$N%U%!%$%k$H$7$FB8:_$7!"ITE,@Z$J(B $B8"8B$,@_Dj$5$l$?7k2L!"$b$7$b(B pty $B$X$9$Y$F$N%f!<%6$,=q$-9~$_2DG=$J>l9g!"(B $B$"$k%f!<%6$,B>$N%f!<%6$N(B pty $B$r>h$Cl9g!"(Broot $B8"8B$rl9g$K$O0U?^$7$?%3!<%I$,(B ftpd $B$,F0:n$7$F$$$k(B uid $B$Gl9g!"(Buid $B$O(B root $B8"8B$G$"$k!#(B) 7. Linux cwdtools $B$Ne$G0U(B $B?^E*$J%3!<%I$NA[%^%7%s(B Class Cast $B$NA[%^%7%s$O(B Java $B%3!<%I$NA[%^%7%s$K$O%f!<%6$,3MF@2DG=$J%m!<%+%k%^%7%s>e$N$9$Y$F(B $B$N%"%/%7%g%s$r(B Java Applet $B$,3MF@$G$-$F$7$^$&A[%^%7%s$,(B class $BFb$G(B cast $B$dJQ49!"A`:n$r%Q(B $B%V%j%C%/$J(B class $B$,%W%i%$%Y!<%H$J(B class $B$XJQ492DG=$J>u67!"(Bclass $BFb$N(B $B8"8B$N>e>:$,2DG=$J>u67$G9T$&$?$a$G$"$k!#(B $B$3$N>u67$ODL>o$N(B Java $B%3%s%Q%$%i$G$OA[%^%7%s(B Class Cast $B$N\$7$/$O(B http://www.securityfocus.com/bid/725 $B$r;2>H$5$l$?$$!#(B 6. $B%Y%s%@(B: Washington University $B@=IJ(B: wu-ftpd $B%Q%C%A$NF~pJs$G$"$j!"(B RedHat $B$KFC2=$7$?%P!<%8%g%s(B($B>e5-;2>H(B)$B$KBP1~$9$k$b$N$G$"$k!#(B 7. $B%Y%s%@(B: Microsoft $B@=IJ(B: Excel $B%Q%C%A$NF~e0L(B 6 $B0L$N%D!<%k(B 1999-10-20 $B$+$i(B 1999-10-24$B$^$G(B - ------------------------------------------- 1. Winfingerprint Version 2.19 $BCx $B4X78$9$k(BURL: http://www.technotronic.com/winfingerprint $B%j%b!<%H$+$i(B Win32 OS $B$N $B4X78$9$k(BURL: http://members.home.com/rkeir/software.html $B$3$N%W%m%0%i%`$O(B 1999 $BG/(B 9 $B7n(B 28 $BF|$K%"%C%W%G!<%H$5$l$^$7$?!#(B $B$3$N%W%m%0%i%`$O$O%3%M%/%H%Y!<%9$N(B TCP $B%]!<%H%9%-%c%J$G!"(Bpinger$B$d%[%9(B $B%HL>$N%l%>%k%P5!G=$b$"$j$^$9!#%^%k%A%9%l%C%I$+$DHsF1;~@-5;=Q$,$3$N%W%m(B $B%0%i%`$rHs>o$K9bB.$GM-8z$J$b$N$K;E>e$2$F$$$^$9!#(B ping $B$K$h$k%9%-%c%K%s%0!"(Bport $B%9%-%c%K%s%0$O$I$N$h$&$J(B IP $B%"%I%l%9I}$G(B $B$b;XDj2DG=$G!"%"%I%l%9;XDj$rDj5A$7$?%F%-%9%H%U%!%$%k$K$h$k;XDj$K$h$C$F(B $B$b:n6H2DG=$G$9!#AH$_9~$_:Q$_$N%j%9%H$K=>$C$?%]!<%H%9%-%c%s$@$1$G$J$/!"(B $B;XDj$5$l$?I}$N%]!<%H%9%-%c%s$b2DG=$G$9!#%]!<%H%j%9%H$NJQ99$H%]!<%H$N5-(B $B=R;R$NJQ99$OAH$_9~$_:Q$_$N%(%G%#%?$G2DG=$G$9!#H/8+$5$l$?3+$+$l$F$$$k%]!<(B $B%H$O%f!<%6$,;XDj$7$?%X%k%Q!<%"%W%j%1!<%7%g%s(B($BNc$($P(B telnet $B%/%i%$%"%s%H!"(B Web $B%V%i%&%6!"(B FTP $B%/%i%$%"%s%H$J$I(B) $B$G@\B32DG=$G!"$I$NMM$J%]!<%H$G$"$C(B $B$F$b%+%9%?%`%X%k%Q!<%"%W%j%1!<%7%g%s$r3d$jEv$F2DG=$G$9!#(B $B%9%-%c%s7k2L$O%F%-%9%H%U%!%$%k$XJ]B82DG=$G$9!#E>AwB.EY$N@)8f$,2DG=$G!"(B $B%f!<%6$,;H$$$d$9$$%$%s%?%U%'!<%9$r$b$C$F$$$^$9!#(B $B$^$?!"(BHELP$B%U%!%$%k$b=`Hw$5$l$F$$$^$9!#(B 3. SmartParse 1.0 $BCxuBV$r(B ZoneAlarm $B$N%$%s%?!<%M%C%H%m%C%/(B $B5!G=$H%"%W%j%1!<%7%g%s%3%s%H%m!<%k5!G=$G0BA4$J$b$N$K$7$^$7$g$&!#(B 5. IP Logger 2.0 $BCx $B$K$h$k(B) $B$N?75,=q$-D>$7HG(B $B$G$9!#(Biplog 1.x $B$G$"$C$?$9$Y$F$N5!G=$r4^$s$G$$$kB>!"%S%k%H%$%s(B DNS $B%-%c%C%7%e!"%]!<%H%9%-%c%sH/8+5!G=!"(Bnull $B%9%-%c%sH/8+5!G=!"(B FIN $B%9%-%c%sH/8+5!G=!"(B "smurf" $B967bH/8+5!G=!"%9%-%c%J$,(B OS $B$,;HMQ2DG=$+$I(B $B$&$+$rH=Dj$9$k$N$KMQ$$$k56$N(B TCP $B%U%i%0$NH/8+5!G=$,DI2C$5$l$F$$$^$9!#(B iplog 2.0 $B$G$O99$K(B Xmas $B%9%-%c%s$NH/8+5!G=!"(BICMP ping $B%U%i%C%G%#%s%0$N(B $BH/8+5!G=!"(BUDP $B%9%-%c%s$NH/8+5!G=!"B?$/$N(B IP $B%U%i%0%a%s%H$rMxMQ$7$?967b(B $B$NH/8+5!G=$b$"$j!"(Biplog 2.0 $B$G$O%Q%1%C%H%U%#%k%?5!G=$bEk:\$5$l$F$$$^$9!#(B 6. PacketX $BCxZ$N$?$a$N%S%8%M%9%a%=%C%I$rDs6!$7$^$9!#(B $B%Q%1%C%H56B$5;=Q$H%m!<%l%Y%k$N%Q%1%C%H@8@.5;=Q$rMQ$$$F!"$3$N%D!<%k$O%U%!(B $B%$%d%&%)!<%k$KBP$7$F%U%!%$%d%&%)!<%k$N%"%/%;%9%3%s%H%m!<%k%j%9%H$K4XO"(B $B$7$?%$%s%?!<%M%C%H%I%a%$%s%"%I%l%9$N5v2D!"Hs5v2D$N8!>Z$N$?$a$K%+%9%?%`(B $B%Q%1%C%H$rAwIU2DG=$G$9!#(B X. $B%9%]%s%5!<>pJs(B($BF|K\8lLu$J$7(B) - ------------------------------------------ XI. Security Focus News $B$X$N9XFI!&9XFI2r=|>pJs(B - ---------------------------------------------- $BLuCm(B:$BF|K\8lHG(B Security Focus News $B$O(B BugTraq-JP $B$GG[Aw$5$l$^$9!#0J2<$N(B $BFbMF$O1Q8lHG(B Security Focus News $B$N9XFI!&9XFI2r=|J}K!$G$9!#(B $B$J$*(B BugTraq-JP $B$N(B FAQ $B$O$3$A$i$N(B URL $B$r$4;2>H$/$@$5$$!#(B http://www.securityfocus.com/forums/bugtraq-jp/faq.html 1. $B;22C$NJ}K!$r65$($F$/$@$5$$!#(B LISTSERV@SECURITYFOCUS.COM $B$X0J2<$NK\J8$N%a!<%k$rAw$C$F$/$@$5$$!#(B SUBSCRIBE SF-NEWS $B;a(B($B%m!<%^;z$G(B), $BL>(B($B%m!<%^;z$G(B) $B$=$N8e9XFI$r3NG'$9$k%a%C%;!<%8$,FO$-$^$9!#9XFI=hM}$rB3$1$k>l9g$K$O3N(B $BG'%a!<%k$KJV;v$r=P$7$F$/$@$5$$!#(B 2. $B9XFI2r=|J}K!$r65$($F$/$@$5$$!#(B LISTSERV@SECURITYFOCUS.COM $B$X0J2<$NK\J8$N%a!<%k$r9XFI@h$K;XDj$7$?%"(B $B%I%l%9$+$iAw$C$F$/$@$5$$!#(B UNSUBSCRIBE SF-NEWS $B$b$7$b%"%I%l%9$,$9$G$KJQ99$5$l$F$$$k>l9g$K$O1Q8l$G(B aleph1@securityfocus.com $B$K:o=|$7$?$$;]$r$*CN$i$;$/$@$5$$!#(B 3. $B0l;~E*$KG[Aw$rDd;_2DG=$G$9$+(B? $B0l;~E*$KG[Aw$rDd;_$5$;$k$?$a$K$O0J2<$N(B LISTSERV $B%3%^%s%I$r(B LISTSERV@SECURITYFOCUS.COM $B$XAw$C$F$/$@$5$$!#(B SET SF-NEWS NOMAIL $BG[Aw$rI|5l$5$;$k>l9g$O0J2<$N%3%^%s%I$rAw$C$F$/$@$5$$!#(B SET SF-NEWS MAIL 4. $B$^$H$aAw$j$O2DG=$G$9$+(B? $B0lF|0l2s!"$^$H$aAw$jHG$,AwIU$5$l$^$9!#(B 5. $B$^$H$aAw$jHG$N9XFI$O$I$N$h$&$K$9$k$N$G$9$+(B? $B$3$N>pJs$N(B1$B9`L\$K<($7$?MM$KDL>oDL$j%j%9%H$X;22C$7$F$/$@$5$$!#(B $B$=$7$F!"(BLISTSERV@SECURITYFOCUS.COM $B$X0J2<$N%3%^%s%I$r%a!<%k$NK\J8$K(B $B=q$$$FAw$C$F$/$@$5$$!#(B SET SF-NEWS DIGEST 6. $B$^$H$aAw$jHG$NC&B`$O$I$N$h$&$K$9$k$N$G$9$+(B? $B0J2<$N%3%^%s%I$r(B SET SF-NEWS NODIGEST LISTSERV@SECURITYFOCUS.COM $B$XAw$j!"$^$H$aAw$j$r(B $B2r=|$7$F$/$@$5$$!#oDL$j9XFI:o=|=hM}$r9T$C(B $B$F$/$@$5$$!#(B 7. $BC&B`$G$-$J$$$N$G$9$,!"2?$,5/$-$F$$$k$N$G$7$g$&$+(B? $BC&B`%3%^%s%I$rAw$C$F$$$k%"%I%l%9$H%a!<%k$NG[Aw@h$,0[$J$C$F$$$k$N$@$H(B $B;W$$$^$9!#@5$7$$%"%I%l%9$+$i%3%^%s%I$rAw$k$+!"%b%G%l!<%?$KO"Mm$r -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 5.5.3i for non-commercial use iQA/AwUBOBy0uZQwtHQKfXtrEQImRgCgjktTxPq/GARJdK1yNCJmnAmzesYAoMEs Gd7LvFxaUy570e9BjK0CeWte =/3BR -----END PGP SIGNATURE-----