SecurityFocus.com Newsletter #125 2001-12-24->2001-12-28

To: bugtraq-jp@securityfocus.com
Subject: SecurityFocus.com Newsletter #125 2001-12-24->2001-12-28
From: KAGEYAMA Tetsuya <t.kageym@lac.co.jp>
Date: Sun, 06 Jan 2002 15:11:50 +0900
Delivered-To: mailing list bugtraq-jp@securityfocus.com
Delivered-To: moderator for bugtraq-jp@securityfocus.com
List-Help: <mailto:bugtraq-jp-help@securityfocus.com>
List-Id: <bugtraq-jp.list-id.securityfocus.com>
List-Post: <mailto:bugtraq-jp@securityfocus.com>
List-Subscribe: <mailto:bugtraq-jp-subscribe@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-jp-unsubscribe@securityfocus.com>
Mailing-List: contact bugtraq-jp-help@securityfocus.com; run by ezmlm
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

$B1F;3(B@$B%i%C%/$G$9!#(B

SecurityFocus.com Newsletter $BBh(B 125 $B9f$NOBLu$r$*FO$1$7$^$9!#(B
$BLu$N$J$$9`L\$K$D$$$F$O!VF|K\8lLu$J$7!W$H$7$F6hJL$7$F$"$j$^$9!#(B

- ---------------------------------------------------------------------------
SecurityFocus.com Newsletter $B$K4X$9$k(BFAQ:
http://www.securityfocus.com/popups/forums/securityfocusnews/intro.shtml
BugTraq-JP $B$K4X$9$k(B FAQ:
http://www.securityfocus.com/popups/forums/bugtraq-jp/faq.shtml
- ---------------------------------------------------------------------------
$B0zMQ$K4X$9$kHw9M(B:
$B!&$3$NOBLu$O(B Security-Focus.com $B$N5v2D$r3t<02qe$G9T$o(B
  $B$l$F$$$^$9!#(B
$B!&(BSecurityFocus.com Newsletter $B$NOBLu$r(B Netnews, Mailinglist,
  World Wide Web, $B=q@R(B, $B$=$NB>$N5-O?G^BN$G0zMQ$5$l$k>l9g$K$O%a!<%k$N(B
  $BA4J80zMQ$r$*4j$$$7$^$9!#(B
$B!&F|K\8lHG%K%e!<%9%l%?!<(B 1 $B9f$+$i(B 3 $B9f$^$G$K$O$3$NHw9M$,IU$$$F$$$^$;(B
  $B$s$,=`MQ$9$k$b$N$H$7$^$9!#(B
$B!&$^$?!"(BSecurity-Focus.com $BDs6!$N(B BugTraq-JP $B%"!<%+%$%V(B [*1] $B$X$N$$$+(B
  $B$J$k7A<0$N%O%$%Q!<%j%s%/$b>e5-$K=`$8$F$/$@$5$$!#(B
1) http://www.securityfocus.com/archive/79
- ---------------------------------------------------------------------------
- ---------------------------------------------------------------------------
$B$3$NOBLu$K4X$9$kHw9M(B:
$B!&$3$NOBLu$NE,MQ@.2L$K$D$$$F3t<02ql9g!"(BBUGTRAQ-JP $B$X(B Errata $B$H$7$F=$@5(B
  $BHG$r$4Ej9FD:$/$+!"Lul9g$K$O=$@5HG$r$G$-$k$@$1?WB.$KH/9T$7$^$9!#(B
- ---------------------------------------------------------------------------
- ---------------------------------------------------------------------------
$B86HG(B:
Date: Thu, 3 Jan 2002 07:37:02 -0700 (MST)
Message-ID: <Pine.GSO.4.30.0201030736280.15727-100000@mail.securityfocus.com>

SecurityFocus Newsletter #125
- -----------------------------
This Issue is sponsored by: Surfcontrol, Inc.

I. FRONT AND CENTER($BF|K\8lLu$J$7(B)
     1. Advertising Information
     2. IPTables Linux firewall with packet string-matching support
     3. Chasing the Wind, Episode Thirteen: Cabbages and Kings
II. BUGTRAQ SUMMARY
     1. Les VanBrunt AdRotate Pro SQL Injection Vulnerability
     2. Atmel SNMP public Community or Unknown OID Denial of Service...
     3. D-Link DWL-1000AP Wireless LAN Access Point Plaintext Password...
     4. D-Link DWL-1000AP Wireless LAN Access Point Public Community...
     5. Plesk Server Administrator PHP Source Disclosure Vulnerability
III.SECURITYFOCUS TOP 6 TOOLS
     1. SILC (Secure Internet Live Conferencing)(server) v0.7.3
     2. TransConnect v1.2
     3. Astaro Security Linux (ASL) v3.020 (beta)
     4. fsh v1.2
     5. Stunnel v3.22
     6. Ethereal v0.9.0

I. FRONT AND CENTER($BF|K\8lLu$J$7(B)
- ---------------------------------

II. BUGTRAQ SUMMARY
- -------------------
1. Les VanBrunt AdRotate Pro SQL Injection Vulnerability
BugTraq ID: 3739
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Dec 24 2001 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3739
$B$^$H$a(B:

AdRotate Pro $B$O!"(BWeb $B%Z!<%8Fb$K<+F099?7$5$l$k%P%J!<9-9p$r@_CV2DG=$K$9$k(B
$BMM$K@_7W$5$l$?!"(BPerl $B$G:n@.$5$l$?%U%j!<%=%U%H%&%'%"%3%l%/%7%g%s$G$"$k!#(B
$B$3$N%=%U%H%&%'%"$K$O4IM}MQ%D!<%k$,F1:-$5$l!"$3$N%D!<%k$O(B MySQL $B%G!<%?%Y!<(B
$B%9$K$h$C$F9=@.$5$l$F$$$k!#(B

$B$3$N%=%U%H%&%'%"$O(B SQL $B9=J8$r4^$s$@%f!<%6$+$i$NF~NOCM$rl9g!"G$0U$N%7%'(B
$B%k%3%^%s%I$N(B Web $B%5!<%P$No(B nobody) $B$G$N2. Atmel SNMP public Community or Unknown OID Denial of Service Vulnerability
BugTraq ID: 3734
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Dec 21 2001 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3734
$B$^$H$a(B:

Atmel $B$OAH$_9~$_%A%C%W$N@_7W$r9T$$!"4k6H8~$1$KMM!9$J(B RF $B$rMxMQ$7$?@=IJ(B
$B$rDs6!$7$F$$$k4k6H$G$"$k!#F1$r;XDj$7$F9T$o$l$k>l9g!"$"$k$$$O!"L$CN$N(B OID (Object ID)
$B%-!<$r;XDj$7$F9T$o$l$k>l9g!"(BDoS $B$K4Y$C$F$7$^$&$N$G$"$k!#LdBj$rJz$($k%U%!!<(B
$B%`%&%'%"$rMxMQ$9$k%M%C%H%o!<%/5!4o$O$3$N7k2L!"0J8e$N=hM}$K1~Ez$7$J$/$J$C(B
$B$F$7$^$&!#(BDoS $B$X$O(B SNMP$B%j%/%(%9%H$,Nc$(@.8y$7$?>l9g$G$"$C$F$b4Y$k!#(B

$B$3$NLdBj$rMxMQ$9$k967b$r9T$&;v$G!"%j%b!<%H$N967boF0:n$X$NI|5l$O!":F5/F0$,I,MW$G(B
$B$"$k!#(B

Atmel $B@=$N%U%!!<%`%&%'%"$N$h$j0JA0$N%P!<%8%g%s$K$bF1MM$NLdBj$rJz$($k$+(B
$B$I$&$+$K$D$$$F$OL$>\$G$"$k!#(B

3. D-Link DWL-1000AP Wireless LAN Access Point Plaintext Password Vulnerability
BugTraq ID: 3735
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Dec 21 2001 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3735
$B$^$H$a(B:

D-Link DWL-1000AP $B$O(B 11Mbps $B$NL5@~(B LAN $B$N%"%/%;%9%]%$%s%H$G$"$j!"2HDmMQ(B
$B$N@=IJ$G$"$k!#$3$N@=IJ$O(B WEP$B!"(BMAC $B%"%I%l%9$N%"%/%;%9%3%s%H%m!<%k!"%f!<(B
$B%6G'>Z5!9=$rDs6!$7$F$$$k!#(B

$B$3$N@=IJ$O967bh$CpJs$r1\Mw$9$k$3$H$G!"(BSNMP $B%/%i(B
$B%$%"%s%H$rMxMQ$9$k$"$k0lDj$N5;G=HO0OFb$K<}$^$k967bZ$5$l$F$*$j!"B>$N%U%!!<%`%&%'%"$N%P!<%8%g%s$bF1MM$N1F6A$r4. D-Link DWL-1000AP Wireless LAN Access Point Public Community String Vulnerability
BugTraq ID: 3736
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Dec 21 2001 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3736
$B$^$H$a(B:

D-Link DWL-1000AP $B$O(B 11Mbps $B$NL5@~(B LAN $B$N%"%/%;%9%]%$%s%H$G$"$j!"2HDmMQ(B
$B$N@=IJ$G$"$k!#$3$N@=IJ$O(B WEP$B!"(BMAC $B%"%I%l%9$N%"%/%;%9%3%s%H%m!<%k!"%f!<(B
$B%6G'>Z5!9=$rDs6!$7$F$$$k!#(B

$B$3$N@=IJ$K$O%j%b!<%H$N967bpJs$rC%$5$l$?FI$_=P$7$N$_$K@_Dj$5$l$?(B SNMP $B%3%_%e%K(B
$B%F%#$,@_Dj$5$l$F$$$k!#$3$N%3%_%e%K%F%#L>$O@=IJFb$K%O!<%I%3!<%G%#%s%0$5(B
$B$l!"@_DjMQ%$%s%?%U%'!<%9$r2p$7$F$OJQ99IT2DG=$G$"$k!#(B

$B$3$N7k2L!"967bpJs$r1\Mw$9$k2DG=@-$,$"$k!#(B

$B$3$NLdBj$O0l7oA0$KDs<($5$l$F$$$k(B BugTraq ID 3735$B!"(B"D-Link DWL-1000AP
Wireless LAN Access Point Plaintext Password Vulnerability" $B$K$5$i$KIi(B
$B$N1F6A$r5Z$\$7$F$$$k!#(B

$B$3$NLdBj$O%U%!!<%`%&%'%"%P!<%8%g%s(B 3.2.28 #483 (Aug 23 2001) $B$K$*$$$F(B
$B8!>Z$5$l$F$*$j!"B>$N%U%!!<%`%&%'%"$N%P!<%8%g%s$bF1MM$N1F6A$r5. Plesk Server Administrator PHP Source Disclosure Vulnerability
BugTraq ID: 3737
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Dec 21 2001 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3737
$B$^$H$a(B:

Plesk Server Administrator (PSA) $B$O(B Web $B%5!<%P$X$N%j%b!<%H$+$i$N4IM}5!(B
$BG=$rDs6!$9$k!"(BWeb $B$G9=@.$5$l$?%$%s%?%U%'!<%9$rDs6!$7$F$$$k%=%U%H%&%'%"(B
$B$G$"$k!#(B

$B$3$N%=%U%H%&%'%"$K$OF~NO$5$l$?CM$KBP$9$kFbMF$NBEEv@-$N3NG'$,IT==J,$G$"(B
$B$k$?$a$K!"%j%b!<%H$N967b$rMxMQ$9$kI=5-$KBe$($F(B IP $B%"%I%l%9$rMxMQ(B
$B$9$kI=5-$rMxMQ$7$F@\B3$9$k(B)$B!"4{CN$N(B PHP $B%U%!%$%k$K@5Ev$J%f!<%6L>$rIU2C$7(B
$B$F%j%/%(%9%H$r9T$&;v$K$h$j!"LdBj$r:F8=2DG=$G$"$k!#(B

http://target/~username/filename.php

$B$3$NLdBj$rMxMQ$9$k967b$,9T$o$l$k;v$K$h$j!"%9%/%j%W%H$N%=!<%9%3!<%I$NFb(B
$BMFG!2?$G$O$"$k$,!"967bpJs$,3+<($5$l$k62$l$,$"$k!#(B


III.SECURITY FOCUS TOP 6 TOOLS
- -----------------------------
1. SILC (Secure Internet Live Conferencing)(server) v0.7.3
$B:nhttp://silcnet.org/
$B%W%i%C%H%U%)!<%`(B: Linux
$B$^$H$a(B:

SILC (Secure Internet Live Conferencing) $B$O!"%$%s%?!<%M%C%H$N%;%-%e%"$G(B
$B$J$$%A%c%s%M%k$r7PM3$7$F!"%;%-%e%"$J%+%s%U%!%l%s%9%5!<%S%9$rDs6!$9$k%W(B
$B%m%H%3%k$G$9!#(BSILC $B$O(B IRC $B$KI=LL>e;w$F$O$$$^$9$,!"FbIt$OA4$/0c$$$^$9!#(B
SILC $B$NL\E*$O%;%-%e%"$J%+%s%U%!%l%s%9%5!<%S%9$rDs6!$9$k$3$H$K$"$j$^$9!#(B
$B6/NO$J0E9f$rMxMQ$7$F!"$9$Y$F$NDL?.FbMF$r%;%-%e%"$K$7$^$9!#(B

2. TransConnect v1.2
$B:nhttp://transconnect.sourceforge.net/
$B%W%i%C%H%U%)!<%`(B: FreeBSD$B!"(BHP-UX$B!"(BLinux$B!"(BOpenBSD$B!"(BSolaris$B!"(BSunOS
$B$^$H$a(B:

TransConnect $B$O!"(BUnix $B>e$G$9$Y$F$N%M%C%H%o!<%/%"%W%j%1!<%7%g%s$r%W%m%-(B
$B%7%5!<%P7PM3$GF)2aE*$K%H%s%M%j%s%02DG=$K$9$k$?$a$K!"CgN)$A$r9T$&5!G=$r(B
$B]$K!"9-HO0O$KEO$k(B
$B%F%9%H$,9T$o$l$^$7$?!#(B

3. Astaro Security Linux (ASL) v3.020 (beta)
$B:nhttp://www.astaro.com/products/download.html
$B%W%i%C%H%U%)!<%`(B: Linux
$B$^$H$a(B:

Astaro Security Linux $B$O?7$7$$%U%!%$%d%&%)!<%k%=%j%e!<%7%g%s$G$9!#(B
$B%9%F!<%H%U%k%$%s%9%Z%/%7%g%s!"%Q%1%C%H%U%#%k%?%j%s%0!"%3%s%F%s%D%U%#%k(B
$B%?%j%s%0!"%&%$%k%9%9%-%c%K%s%0!"(BIPSec $B$rMxMQ$7$?(B VPN$BEy$rDs6!$7$F$$$^$9!#(B
Web $B$rMxMQ$7$?4IM}%D!<%k$H%$%s%?!<%M%C%H$r2p$7$?%"%C%W%G!<%H5!G=$,MxMQ(B
$B2DG=$G$"$j!"Hs>o$K4IM}$,MF0W$G$9!#$^$?!"FCJL$K6/8G$K@_Dj$5$l$?(B Linux $B%+!<(B
$B%M%k%P!<%8%g%s(B 2.4 $B$r85$K<}=8$5$l$?$3$N%G%#%9%H%j%S%e!<%7%g%s$O(B chroot
$B4D6-$N85$GB?$/$N%G!<%b%s$,F0:n$7!"$3$N%=%U%H%&%'%"72$N5!G=$rMxMQ$7$FJ](B
$B8n$5$l$F$$$^$9!#(B

4. fsh v1.2
$B:nhttp://www.lysator.liu.se/fsh/
$B%W%i%C%H%U%)!<%`(B: AIX$B!"(BBSDI$B!"(BDG-UX$B!"(BFreeBSD$B!"(BHP-UX$B!"(BIRIX$B!"(BLinux$B!"(BNetBSD$B!"(B
OpenBSD$B!"(BSCO$B!"(BSolaris$B!"(BSunOS$B!"(BTrue64 UNIX
$B$^$H$a(B:

fsh $B$O!"%j%b!<%H%7%9%F%`$X$N%;%-%e%"$J%H%s%M%k$r3NN)$9$k$?$a$K(B lsh$B!"$"(B
$B$k$$$O(B ssh $B$r;HMQ$7$^$9!#$3$l$ODL>o$N@\B3$N3NN)$K4X$7$F$O!">/!9;~4V$,$+(B
$B$+$j$^$9$,!"0lEY%H%s%M%k$,3NN)$9$l$P!"(Bfsh $B$O%j%b!<%H%7%9%F%`>e$G?7$7$$(B
$B%;%C%7%g%s$r3+;O$9$k$H$-$[$H$s$IF1;~$K!"%H%s%M%k$r:FMxMQ2DG=$G$9!#(B
$B$3$N%=%U%H%&%'%"$rMxMQ$9$k;v$G(B ssh $B$N0BA4@-$H(B rsh $B$NB.EY$rJ;MQ$G$-$^$9!#(B

5. Stunnel v3.22
$B:nhttp://stunnel.mirt.net/
$B%W%i%C%H%U%)!<%`(B: FreeBSD$B!"(BLinux$B!"(BWindows 2000$B!"(BWindows 95/98$B!"(BWindows NT
$B$^$H$a(B:

stunnel $B%W%m%0%i%`$O!"%j%b!<%H%/%i%$%"%s%H$H(B (inetd $B$G5/F02DG=$J(B) $B%m!<(B
$B%+%k$b$7$/$O%j%b!<%H%5!<%P4V$GF0:n$9$k!"(BSSL $B0E9f2=%i%C%Q!<$H$7$F@_7W$5(B
$B$l$^$7$?!#(BPOP2$B!"(BPOP3$B!"(BIMAP $B%5!<%P$J$I0lHLE*$K(B inetd $B$+$i5/F0$G$-$k%G!<(B
$B%b%s$KBP$7!"%W%m%0%i%`$K$O2?$NJQ99$r2C$($k$3$H$J$/(B SSL $B5!G=$rDI2C$9$k;v(B
$B$,2DG=$G$9!#(B
OpenSSL $B$^$?$O(B SSLeay $B%i%$%V%i%j$r;HMQ$7$F(B SSL $B@\B3$r9T$$$^$9!#(Bstunnel
$B$O!"(Bcrypto $B%i%$%V%i%j$r8F$S=P$7$F$$$k$?$a!"(Bcrypto $B%Q%C%1!<%8$H6&$K%3%s(B
$B%Q%$%k$5$l$?$$$:$l$N0E9f2=%"%k%4%j%:%`$r$b%5%]!<%H$7$^$9!#(B
$B$3$N%j%j!<%9$G$O!"(Btransfer() $B4X?t$N%?%$%`%"%&%H!"%"%/%F%#%V%9%l%C%I$r=*(B
$BN;$9$k:]$K%3%"%@%s%W$r@8$8$kE@$K$D$$$F$N=$@5$,9T$o$l$F$$$^$9!#(B

6. Ethereal v0.9.0
$B:nhttp://www.ethereal.com/
$B%W%i%C%H%U%)!<%`(B: AIX$B!"(BFreeBSD$B!"(BHP-UX$B!"(BIRIX$B!"(BLinux$B!"(BNetBSD$B!"(BOpenBSD$B!"(BSCO$B!"(B
Solaris$B!"(BTrue64 UNIX
$B$^$H$a(B:

Etherreal $B$O%M%C%H%o!<%/%W%m%H%3%k%"%J%i%$%6!"$9$J$o$A!"!V%9%K%U%!!W$G(B
$B$"$j!"%M%C%H%o!<%/%U%l!<%`$NFbMF$N%-%c%W%A%c!"$*$h$S!"BPOCE*$J;2>H$r2D(B
$BG=$H$7$^$9!#$3$N%W%m%8%'%/%H$N:G=*L\E*$O!"(B UNIX $B%W%i%C%H%U%)!<%`8~$1$X(B
$B>&6HIJe$G(B
$B$b!":G$bLr$KN)$D%Q%1%C%H%"%J%i%$%6$rDs6!$9$k;v$G$9!#(B

- --
$BLu(B: $B:d0f=g9T(B(SAKAI Yoriyuki), $B1F;3E0:H(B(KAGEYAMA Tetsuya)
$B4F=$(B: $B:d0f=g9T(B(SAKAI Yoriyuki)
LAC Co., Ltd.
http://www.lac.co.jp/security/
-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Edition 5.5.5J
Comment: KAGEYAMA Tetsuya

iQA/AwUBPDdr2c32EXDdoEFfEQI6dACfdAINrfsOtGLEDXNrOSb/azMJAAoAoIe9
ExAujRcu0L1hEOMdDV0tgXEK
=oZ2Z
-----END PGP SIGNATURE-----