SecurityFocus.com Newsletter #127 2002-1-7->2002-1-11

To: bugtraq-jp@securityfocus.com
Subject: SecurityFocus.com Newsletter #127 2002-1-7->2002-1-11
From: KAGEYAMA Tetsuya <t.kageym@lac.co.jp>
Date: Thu, 17 Jan 2002 10:46:54 +0900
Delivered-To: mailing list bugtraq-jp@securityfocus.com
Delivered-To: moderator for bugtraq-jp@securityfocus.com
List-Help: <mailto:bugtraq-jp-help@securityfocus.com>
List-Id: <bugtraq-jp.list-id.securityfocus.com>
List-Post: <mailto:bugtraq-jp@securityfocus.com>
List-Subscribe: <mailto:bugtraq-jp-subscribe@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-jp-unsubscribe@securityfocus.com>
Mailing-List: contact bugtraq-jp-help@securityfocus.com; run by ezmlm
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

$B1F;3(B@$B%i%C%/$G$9!#(B

SecurityFocus.com Newsletter $BBh(B 127 $B9f$NOBLu$r$*FO$1$7$^$9!#(B
$BLu$N$J$$9`L\$K$D$$$F$O!VF|K\8lLu$J$7!W$H$7$F6hJL$7$F$"$j$^$9!#(B

- ---------------------------------------------------------------------------
SecurityFocus.com Newsletter $B$K4X$9$k(BFAQ:
http://www.securityfocus.com/popups/forums/securityfocusnews/intro.shtml
BugTraq-JP $B$K4X$9$k(B FAQ:
http://www.securityfocus.com/popups/forums/bugtraq-jp/faq.shtml
- ---------------------------------------------------------------------------
$B0zMQ$K4X$9$kHw9M(B:
$B!&$3$NOBLu$O(B Security-Focus.com $B$N5v2D$r3t<02qe$G9T$o(B
  $B$l$F$$$^$9!#(B
$B!&(BSecurityFocus.com Newsletter $B$NOBLu$r(B Netnews, Mailinglist,
  World Wide Web, $B=q@R(B, $B$=$NB>$N5-O?G^BN$G0zMQ$5$l$k>l9g$K$O%a!<%k$N(B
  $BA4J80zMQ$r$*4j$$$7$^$9!#(B
$B!&F|K\8lHG%K%e!<%9%l%?!<(B 1 $B9f$+$i(B 3 $B9f$^$G$K$O$3$NHw9M$,IU$$$F$$$^$;(B
  $B$s$,=`MQ$9$k$b$N$H$7$^$9!#(B
$B!&$^$?!"(BSecurity-Focus.com $BDs6!$N(B BugTraq-JP $B%"!<%+%$%V(B [*1] $B$X$N$$$+(B
  $B$J$k7A<0$N%O%$%Q!<%j%s%/$b>e5-$K=`$8$F$/$@$5$$!#(B
1) http://www.securityfocus.com/archive/79
- ---------------------------------------------------------------------------
- ---------------------------------------------------------------------------
$B$3$NOBLu$K4X$9$kHw9M(B:
$B!&$3$NOBLu$NE,MQ@.2L$K$D$$$F3t<02ql9g!"(BBUGTRAQ-JP $B$X(B Errata $B$H$7$F=$@5(B
  $BHG$r$4Ej9FD:$/$+!"Lul9g$K$O=$@5HG$r$G$-$k$@$1?WB.$KH/9T$7$^$9!#(B
- ---------------------------------------------------------------------------
- ---------------------------------------------------------------------------
$B86HG(B:
Message-ID: <20020115154330.5701.qmail@securityfocus.com>
Date: Tue, 15 Jan 2002 08:43 -0700

SecurityFocus Newsletter #127
- --------------------------------

This Issue is sponsored by: Tripwire

I. FRONT AND CENTER($BF|K\8lLu$J$7(B)
     1. SecurityFocus is Hiring!
     2. Social Engineering Fundamentals, Part II: Combat Strategies 
     3. An Introduction To Distributed Intrusion Detection Systems
     4. A Security Wish List for 2002 
     5. Every Man a Cyber Crook 
II. BUGTRAQ SUMMARY
     1. Apache Win32 PHP.EXE Remote File Disclosure Vulnerability
     2. Apache Non-Existent Log Directory Denial Of Service Vulnerability
     3. Linksys DSL Router SNMP Trap System Arbitrary Sending...
     4. Linksys DSL Router Default SNMP Community String Vulnerability
     5. Plumtree Corporate Portal Cross Site Scripting Vulnerability
     6. Microsoft Internet Explorer Modeless Dialog DoS Vulnerability
     7. Boozt! Buffer Overflow Vulnerability
     8. Hosting Controller Directory Traversal Vulnerability
     9. Hosting Controller Unauthorized File Access and Upload...
     10. Real Media RealPlayer Media File Buffer Overflow Vulnerability
     11. AFTPD Home Directory Change Core Dump Vulnerability
     12. Apache HTTP Request Unexpected Behavior Vulnerability
     13. Anti-Web HTTPD Script Engine Heap Overflow Vulnerability
     14. Pine Environment Variable URL Shell Interpreting Vulnerability
     15. PHPNuke AddOn PHPToNuke.PHP Cross-Site Scripting Vulnerability
     16. FAQManager.CGI NULL Character Arbitrary File Disclosure...
     17. FAQManager.CGI Directory Traversal Vulnerability
     18. Mirabilis ICQ Remote Buffer Overflow Vulnerability
     19. HP-UX mmap()  Denial of Service Vulnerability
     20. BEA Systems WebLogic Server DOS Device Denial of Service...
     21. John Hardin Procmail Email Sanitizer Multipart Mime...
     22. FreeBSD Package Add Insecure Temporary Directory Creation...
     23. Erwin Lansing mailidx Input Validation Vulnerability
     24. Wuff MovieDB Password Disclosure Vulnerability
     25. ModLogAn Splitby Input Validation Vulnerability
     26. AXSpawn User Login Buffer Overflow Vulnerability
     27. BrowseFTP Client Buffer Overflow Vulnerability
     28. Geeklog New User Default Admin Privileges Vulnerability
     29. Anti-Web HTTPD Script Engine File Opening Denial Of Service...
     30. Michael Lamont Savant Web Server Long Request DoS Vulnerability
     31. AOLServer Password Protected File Arbitrary Read Access...
III. SECURITYFOCUS NEWS ARTICLES
     1. DeCSS Creator Indicted in Norway
     2. Guilty Plea in Nuke Lab Hack
     3. Punish Security Lapses, NAS Urges
     4. Virus Threatens Software Flash Files
IV.SECURITYFOCUS TOP 6 TOOLS
     1. CryptNET_Keyserver v0.0.8 
     2. Automated Password Generator (APG) v2.1.0a0 
     3. Attacker v3.0 
     4. NBTEnum - NetBIOS Enumeration Utility v1.0
     5. socat v1.0.3.0 
     6. Demarc PureSecure v1.05

I. FRONT AND CENTER($BF|K\8lLu$J$7(B)
- ---------------------------------

II. BUGTRAQ SUMMARY
- -------------------
1. Apache Win32 PHP.EXE Remote File Disclosure Vulnerability
BugTraq ID: 3786
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Jan 04 2002 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3786
$B$^$H$a(B:

Microsoft Windows $B4D6-$GF0:n$9$k(B Apache $B$K$*$1$k!"%G%U%)%k%H$G?d>)$5$l(B
$B$F$$$k(B PHP.EXE $B$N@_DjJ}K!$OLdBj$rJz$($F$$$k!#$3$NLdBj$O@x:_E*$J967b]$N%U%!(B
$B%$%k$X$N%Q%9$rDI2C$9$k;v$,2DG=$G$"$k!#967b2. Apache Non-Existent Log Directory Denial Of Service Vulnerability
BugTraq ID: 3790
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: Jan 06 2002 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3790
$B$^$H$a(B:

$BFCDj$N>u672<$K$*$$$F!"(BApache $B$ODL>o$"$j$($J$$!"%m!<%+%k$+$i$N(B DoS $B967b(B
$B$r@x:_E*$K2DG=$K$9$k5sF0$r9T$&5?$$$,$"$k!#(B

Apache $B$,Dd;_$5$;$i$l$k:]!"(BApache $B$O@_Dj%U%!%$%k$N:FFI$_9~$_$r;n$_!"$=(B
$B$N8eDd;_=hM}$K0\9T$9$k!#$3$N:]!"4{$KB8:_$9$k%m%0:NuBV$G$"$k:]!"LdBj$,$^$5$7$/@8$8$F$7$^$&$N$G$"$k!#(BApache $B$O4{$K0\F0$5(B
$B$;$i$l$F$7$^$C$F$$$k!"$+$D$FB8:_$7$F$$$?%m%0:NC5n$,9T$o$l$k$H?dB,$5$l$k!#(B

$B$3$NLdBj$O(B UNIX $B$H(B Linux $B4D6-$G3. Linksys DSL Router SNMP Trap System Arbitrary Sending Vulnerability
BugTraq ID: 3795
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Jan 06 2002 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3795
$B$^$H$a(B:

Linksys DSL $B%k!<%?%7%j!<%:$O(B Linksys Group $B$K$h$jHNGd$5$l$F$$$k!"9bB.$G(B
$B$N%$%s%?!<%M%C%H%"%/%;%9$r9T$&:]$N2r7h:v$rDs6!$9$k@=IJ$G$"$k!#(B
$B$3$N%k!<%?$O9bB.%$%s%?!<%M%C%H%"%/%;%9!"AH$_9~$^$l$?J#?t$N%k!<%?$N@Z$j(B
$BBX$(!"(BVoice-over-IP $B5!G=$rDs6!$7$F$$$k!#(B

$B$7$+$7!"F1%k!<%?$K$O%j%b!<%H%f!<%6$,%k!<%?$+$i=EMW$J>pJs$rF~l9g$K$b@8$8$k!#(B

Linksys DSL $B%k!<%?%7%j!<%:$O%G%U%)%k%H$G(B SNMP $B$rM-8z$K$7$F$$$k!#(B
SNMP $B$O%k!<%?$K$h$C$F4IM}$5$l$F$$$k!"%H%i%U%#%C%/$H%[%9%H$K4X$9$k>pJs$r(B
$BF~<+?H$K$h$j!"$h$j0lAX$N0-1F6A$r$b$?$i$7$F$$$k!#(B

$BF1%k!<%?$O%k!<%?$G$N(B SNMP $B%H%i%C%W>pJs$,G$0U$N%"%I%l%9$X;XDj$5$l$k$H8@(B
$B$&@_7W>e$NLdBj$rJz$($F$$$k!#$"$k%7%9%F%`$+$i%k!<%?$X$N%/%(%j$,M?$($i$l(B
$B$k:]!"%k!<%?$O(B SNMP $B%H%i%C%W%7%9%F%`$N%/%(%j$r9T$&%7%9%F%`$N7ABV$K!"%k!<(B
$B%?<+?H$N@_Dj$rJQ99$7$F$7$^$&$N$G$"$k!#$3$N;EMM$O%k!<%?$K$h$j=hM}$5$l$F(B
$B$$$k%M%C%H%o!<%/%H%i%U%#%C%/$K4X$9$k=EMW$J>pJs$r3+<(2DG=$K$7$F$7$^$&$N(B
$B$G$"$k!#(BSNMP $B$O>pJs$NEAC#pJs$NF~4. Linksys DSL Router Default SNMP Community String Vulnerability
BugTraq ID: 3797
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Jan 06 2002 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3797
$B$^$H$a(B:

Linksys DSL $B%k!<%?%7%j!<%:$O(B Linksys Group $B$K$h$jHNGd$5$l$F$$$k!"9bB.$G(B
$B$N%$%s%?!<%M%C%H%"%/%;%9$r9T$&:]$N2r7h:v$rDs6!$9$k@=IJ$G$"$k!#(B
$B$3$N%k!<%?$O9bB.%$%s%?!<%M%C%H%"%/%;%9!"AH$_9~$^$l$?J#?t$N%k!<%?$N@Z$j(B
$BBX$(!"(BVoice-over-IP $B5!G=$rDs6!$7$F$$$k!#(B

$BF1%k!<%?$K$O%j%b!<%H%f!<%6$,%k!<%?$+$i=EMW$J>pJs$rF~$NMxMQK!$KM3Mh$7$F$$$k!#(B


Linksys DSL $B%k!<%?%7%j!<%:$O%G%U%)%k%H$G(B SNMP $B$rM-8z$K$7$F$$$k!#(B
SNMP $B$O%k!<%?$K$h$C$F4IM}$5$l$F$$$k!"%H%i%U%#%C%/$H%[%9%H$K4X$9$k>pJs$r(B
$BF~(B public $B$,MxMQ$5$l$F$$(B
$B$k!#$3$N%3%_%e%K%F%#L>$rMxMQ$7$F%7%9%F%`$K%"%/%;%9$9$k;v$K$h$j!"%j%b!<(B
$B%H%f!<%6$OLdBj$rJz$($k%k!<%?$K$h$C$F4IM}$5$l$?%M%C%H%o!<%/$K4X$9$k=EMW(B
$B$J>pJs$rF~pJs$NF~pJs$O4XO"$9$k967b$r9T$&$?$a$KMxMQ$5$l$k$H?dB,$5$l$k!#(B

5. Plumtree Corporate Portal Cross Site Scripting Vulnerability
BugTraq ID: 3799
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Jan 04 2002 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3799
$B$^$H$a(B:

Plumtree Corporate Portal $B$OBg4k6H$N%$%s%H%i%M%C%H8~$1$KJq3gE*$J>pJs$N(B
$BOHAH$_$rDs6!$9$kMM$K@_7W$5$l$?%]!<%?%k%=%U%H%&%'%"%Q%C%1!<%8$G$"$k!#(B
$B$3$N%=%U%H%&%'%"$K$O8D!9?M$N9%$_$K1~$8$?%+%9%?%^%$%:5!G=$,4^$^$l!"(BWeb
$B$H%l%,%7!<%"%W%j%1!<%7%g%s$N4XO"IU$1!">pJs$NG[I[$HBN7OIU$1$KMxMQ2DG=$G(B
$B$"$k!#(B

$B$3$N%=%U%H%&%'%"$O%G%U%)%k%H$N%(%i!<=hM}$r>N$N!"%f!<%6$KBP$7(B
$B$FDs<($5$l$k!"0UL#$r;}$D%(%i!<%a%C%;!<%8$rAH$_N)$F$k$?$a$KMQ$$$i$l$kF~(B
$BNO%Q%i%a!<%?$r7$/;v$,2DG=$G(B
$B$"$k!#(B

$B0-0U$"$kAH?%$O(B JavaScript $B$r4^$`!"$3$N%(%i!<%a%C%;!<%8$rI=<($9$k%Z!<%8(B
$B$X$N%j%s%/$r:n@.2DG=$G$"$k$H9M$($i$l$k!#$3$N:]!"%(%i!<%a%C%;!<%8$rI=<((B
$B$9$k%Z!<%8Fb$N(B JavaScript $B$O!"(BPlumtree Corporate Portal $B$K$h$C$F:n@.$5(B
$B$l$?%Z!<%8$HF1Ey$N8"8B$G7$/FbMF$N%j%s%/$rAH$_N)$F$k2DG=@-$OA[Dj$G$-!"$3$N%=%U%H%&%'%"$r(B
$BMxMQ$9$k%]!<%?%k%"%W%j%1!<%7%g%s$K$h$C$F%/%C%-!<$,MxMQ$5$l$F$$$k>l9g!"(B
$B%/%C%-!<$NFbMF$K%"%/%;%9$r9T$&;v$O2DG=$G$"$k!#(B
$B$3$N$?$a!"$^$@8!>Z$O9T$o$l$F$O$$$J$$$b$N$N!"%]!<%?%k%"%W%j%1!<%7%g%s$N(B
$B%"%+%&%s%H$NC%7$/;v$O2DG=$G$"$k$H9M$($i$l$k!#(B

$B$3$N%=%U%H%&%'%"$K$h$C$F%3%s%F%s%D$r:n@.$"$k$$$OJT=82DG=$J%f!<%6$b!"$3(B
$B$NLdBj$rMxMQ$9$k967b$r!"%]!<%?%k$r2p$7$FI=<($5$l$k0-0U$"$k%O%$%Q!<%j%s(B
$B%/$rMxMQ$9$k;v$G9T$&2DG=@-$,$"$k!#(B

6. Microsoft Internet Explorer Modeless Dialog DoS Vulnerability
BugTraq ID: 3789
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Jan 06 2002 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3789
$B$^$H$a(B:

$B%b!<%I%l%9%@%$%"%m%0%a%=%C%I$O!"%f!<%6$,B>$N(B Web $B%"%W%j%1!<%7%g%s$X@Z$j(B
$BBX$($?8e$b!"I=<($r$7B3$1$k%@%$%"%m!<%0%\%C%/%95!G=$rDs6!$9$k%a%=%C%I$G(B
$B$"$k!#(B

Microsoft Internet Explorer $B$K$*$$$F!"0-0U$"$k(B Web $B%5!<%P$rMxMQ$7$F%"%/(B
$B%;%9$r9T$&%f!<%6$N%7%9%F%`$N!"MxMQ2DG=$J%7%9%F%`Fb$N;q8;$r;H$$?T$/$5$;(B
$B$F$7$^$&;v$,2DG=$JLdBj$,B8:_$9$k$HJs9p$5$l$F$$$k!#(B

$B$3$l$O(B HTML $B7A<0$N%U%!%$%kFb$K(B showModelessDialog() $B4X?t$,4^$^$l$k:]$K(B
$B0z$-5/$3$9;v$,2DG=$G$"$k!#$3$N4X?t$r4^$`%U%!%$%k$,4X?t$X$NCM$H$7$F0z$-(B
$BEO$5$l$k:]!"L58B%k!<%W$,3+;O$5$l$F$7$^$&$N$G$"$k!#(B

$BJs9p$5$l$?=j$G$O!"(Biexplore.exe $B$,$9$G$K=*N;$5$;$i$l$F$7$^$C$?8e$G$"$C$F(B
$B$b(B 100% $B$N(B CPU $BMxMQN($,@8$8$k$H$N;v$G$"$k!#DL>oF0:n$X$NI|5l$O:F5/F0$,I,(B
$BMW$G$"$k!#(B

7. Boozt! Buffer Overflow Vulnerability
BugTraq ID: 3787
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Jan 07 2002 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3787
$B$^$H$a(B:

Boozt! $B$O(B Linux $B$rMxMQ$7$F$$$k%[%9%H8~$1$K!"%P%J!<$r4IM}$9$k5!G=$rDs6!(B
$B$9$k%U%j!A0%U%#!<%k%I$K(B
$BM=$a@_Dj$5$l$?D9$5$rD62a$9$kD9$5$NG$0U$NJ8;z$,;XDj$5$l$?>l9g!"%P%C%U%!(B
$B%*!<%P!<%U%m!<$,@8$8$k$N$G$"$k!#(B

$B$3$N%*!<%P%U%m!<$O%j%?!<%s%"%I%l%9$r4^$`%9%?%C%/Fb$NCM$r>e=q$-2DG=$G$"(B
$B$j!"(BWeb $B%5!<%P$N8"8B$G$NG$0U$N%3!<%I$Nl9g!"%"%W%j%1!<%7%g(B
$B%s$N%/%i%C%7%e$r>7$/!#(B

8. Hosting Controller Directory Traversal Vulnerability
BugTraq ID: 3808
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Jan 05 2002 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3808
$B$^$H$a(B:

Hosting Controller $B$O%[%9%HFb$GDs6!Cf$N=hM}A4$F$r!"C10l$N%$%s%?%U%'!<%9(B
$B$G$N=8Cf4IM}$r2DG=$K$9$k%"%W%j%1!<%7%g%s$G$"$k!#$3$N%=%U%H%&%'%"$O4XO"(B
$B$9$k%5!<%PFb$N@_Dj$N4IM}$rI,MW$H$9$k%f!<%6A4$F$KBP$7!"I,MW$H$9$k$@$1$N(B
$B4IM}5!G=$rDs6!$7$F$$$k!#(B

$BJs9p$K$h$k$H!"$3$N%=%U%H%&%'%"$OK\MhJ]8n$5$l$k$Y$-%G%#%l%/%H%jHO0O0J30(B
$B$KBP$7$F$b%"%/%;%9$,2DG=$K$J$k967b(B (directory traversal attacks) $B$N1F6A(B
$B$rA[(B / $B%G%#%l%/%H%j$N@)8B(B
$B$r2sHr$7!"967bBP>]$N%[%9%HFb$N%U%!%$%k%7%9%F%`Fb$r;2>H2DG=$J$N$G$"$k!#(B

$B$J$*!"$3$NLdBj$O3+<($5$($?%U%!%$%k$NFbMF$KBP$9$kFI$_=P$7$,2DG=$+$I$&$+(B
$B$K$D$$$F$O!"$^$@CN$i$l$F$$$J$$E@$OCm5-$5$l$M$P$J$i$J$$!#(B

9. Hosting Controller Unauthorized File Access and Upload Vulnerability
BugTraq ID: 3811
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Jan 07 2002 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3811
$B$^$H$a(B:

Hosting Controller $B$O%[%9%HFb$GDs6!Cf$N=hM}A4$F$r!"C10l$N%$%s%?%U%'!<%9(B
$B$G$N=8Cf4IM}$r2DG=$K$9$k%"%W%j%1!<%7%g%s$G$"$k!#$3$N%=%U%H%&%'%"$O4XO"(B
$B$9$k%5!<%PFb$N@_Dj$N4IM}$rI,MW$H$9$k%f!<%6A4$F$KBP$7!"I,MW$H$9$k$@$1$N(B
$B4IM}5!G=$rDs6!$7$F$$$k!#$3$N%=%U%H%&%'%"$O(B Microsoft Windows $B$GF0:n$9$k!#(B

$BJs9p$K$h$k$H!"$3$N%=%U%H%&%'%"$O%[%9%HFb$NG$0U$N%U%!%$%k$NFI$_=P$7!":o(B
$B=|!"%[%9%H$X$N%"%C%W%m!<%I$,2DG=$JLdBj$rJz$($F$$$k$H$N;v$G$"$k!#(B

filemanager.asp $B$N@_7W$N8m$j$K$h$j!"%f!<%6$O4{B8$N%"%+%&%s%H$X@\B3$r;n(B
$B$_!"(B../ $BJ8;zNs$r;XDj$9$k;v$K$h$j!"$3$NLdBj$rMxMQ$9$k967b$,2DG=$G$"$k!#(B

10. Real Media RealPlayer Media File Buffer Overflow Vulnerability
BugTraq ID: 3809
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Jan 05 2002 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3809
$B$^$H$a(B:

RealPlayer $B$O(B Real Media $B$K$h$C$FG[I[!"J]o$N%U%!(B
$B%$%k$NN>J}$ruBV$K4Y$i$;$k>u67$,$b$?$i$5$l$k$N$G(B
$B$"$k!#B?$/$N>l9g!"$3$N7k2L$O(B RealPlayer $B$N%/%i%C%7%e$,0z$-5/$3$5$l$k!#(B
$B$^$?!"$3$NLdBj$OG$0U$N%3!<%I$N11. AFTPD Home Directory Change Core Dump Vulnerability
BugTraq ID: 3806
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Jan 07 2002 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3806
$B$^$H$a(B:

AFTPD $B$O$$$/$D$+$N(B UNIX $B4D6-$GMxMQ$5$l$k!"(BOS $B$KF1:-$5$l$k%G!<%b%s$NBeBX(B
$B$H$J$k(B FTP $B%G!<%b%s$G$"$k!#(B

$B$3$N%=%U%H%&%'%"$K$O%j%b!<%H$N%f!<%6$,$h$j9b0L$N8"8B$rC%o!"F?L>$rLd$o$J$$(B) $B$G$"$C$F$b!"%5!<%P$K%f!<(B
$B%6$,%"%/%;%9$9$k:]$KFbIt$G@8$8$k!#%f!<%6$K;XDj$5$l$?%[!<%`%G%#%l%/%H%j(B
$B$N!"%A%k%@5-9f(B (~) $B$r2p$9$kJQ99$r;n$_$?:]!"%+%l%s%H%G%#%l%/%H%jFb$K(B core
$B$r:n@.$7!"%5!<%P$O%/%i%C%7%e$7$F$7$^$&$N$G$"$k!#%5!<%P$K@\B3$r;n$_!"%f!<(B
$B%6G'>Z$r<:GT$9$kMM$K=hM}$r9T$&;v$G!"%7%9%F%`%a%b%jFb$K%Q%9%o!<%I%U%!%$(B
$B%kA4BN$r6/@)E*$KFI$_9~$^$;$k;v$,2DG=$G$"$k!#(B
$B$3$3$G:n@.$5$l$k(B core $B$K$O0E9f2=$5$l$?%Q%9%o!<%I$,4^$^$l$F$$$k!#(B

$B$3$NLdBj$K$h$j!"F?L>$G%"%/%;%92DG=$J%j%b!<%H%f!<%6$O=EMW$J>pJs$K%"%/%;%9(B
$B2DG=$G$"$j!"7k2L$H$7$F$h$j9b0L$N8"8B$NC%12. Apache HTTP Request Unexpected Behavior Vulnerability
BugTraq ID: 3796
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Jan 04 2002 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3796
$B$^$H$a(B:

$BFCDj$N>u67$K$*$$$F!"FCDj$N(B HTTP $B%j%/%(%9%H$rM?$($i$l$k:]!"(BApache $B$OM=4|(B
$B$7$J$$7k2L$r<($92DG=@-$,$"$k!#0J2<$N(B URL $B$G<($5$l$k(B BUGTRAQ ID 3569 $B$"$k(B
$B$$$O(B 3009 $B$H$3$N8=>]$O4XO"$7$F$$$k$H9M$($i$l$k!#(B

http://www.securityfocus.com/bid/3569
http://www.securityfocus.com/bid/3009

$B$3$N%K%e!<%9%l%?!<$N<9I.;~E@$G$O$h$j>\:Y$J>pJs$OF@$i$l$F$$$J$$!#(B
HP $B$O$3$NLdBj$r2r7h$9$k%Q%C%A$r(B HP Secure OS software for Linux Release
1.0 $B8~$1$K4{$K8x3+$7$F$$$k!#(B

13. Anti-Web HTTPD Script Engine Heap Overflow Vulnerability
BugTraq ID: 3814
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: Jan 07 2002 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3814
$B$^$H$a(B:

Anti-Web HTTPD $B$O%U%j!<$GMxMQ2DG=$G!"%*!<%W%s%=!<%9$H$7$F(B Linux $B4D6-8~$1(B
$B$K8x3+$5$l$F$$$k(B Web $B%5!<%P$G$"$k!#$3$N%=%U%H%&%'%"$O(B Doug Hoyte $B$K$h$C(B
$B$FJ]u67$K$*$$$F!"(Bawhttpd $B$K$O%R!<%W%*!<%P!<%U%m!<$r@8$8$5$;$i$l$k2D(B
$BG=@-$,$"$k!#(B

$B$3$N%=%U%H%&%'%"$O%9%/%j%W%H$NFI$_9~$_$rE,@Z$K]$N%9%/%j%W%H$K%"%/%;%92DG=$J%m!<%+%k$N%f!<%6$O!"G$0U$N(B
$B%3!<%I$r14. Pine Environment Variable URL Shell Interpreting Vulnerability
BugTraq ID: 3815
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Jan 05 2002 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3815
$B$^$H$a(B:

Pine $B$O%U%j!<$GMxMQ2DG=$G!"%*!<%W%s%=!<%9$G$"$kEE;R%a!<%k%/%i%$%"%s%H$G(B
$B$"$k!#$3$N%=%U%H%&%'%"$O%o%7%s%H%sBg3X$K$h$C$FG[I[$5$l!"J]$N%W%m%0%i%`$HEE;R%a!<%k%/%i%$%"%s%H$rAH$_9g(B
$B$o$?F0:n$r2DG=$K$9$k@_Dj%*%W%7%g%s$rHw$($F$$$k!#$3$N5!G=$K$h$j!"EE;R%a!<(B
$B%k%/%i%$%"%s%H$N%f!<%6$OC1$K%O%$%Q!<%j%s%/$rC)$k$@$1$G(B URL $B$X$N%"%/%;%9(B
$B$,2DG=$K$J$k!#(B

$BLdBj$O$3$l$i$NAH$_9g$o$;$r15. PHPNuke AddOn PHPToNuke.PHP Cross-Site Scripting Vulnerability
BugTraq ID: 3807
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Jan 06 2002 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3807
$B$^$H$a(B:

phptonuke.php $B$O(B PHPNuke $B$G9=C[$5$l$?%5%$%HFb$K!"(BPHP $B$G:n@.$5$l$?%9%/%j(B
$B%W%H$rA^F~$9$k$?$a$N(B PHPNuke $BMQ$N%"%I%*%s%9%/%j%W%H$G$"$k!#(B

phptonuke.php $B$OE,@Z$J(B HTML $B%?%0$N%U%#%k%?%j%s%0$r9T$C$F$$$J$$!#(B

$B$3$N7k2L!"0-0U$"$k%f!<%6$OG$0U$N%9%/%j%W%H%3!<%I$r4^$`(B phptonuke.php $B$X(B
$B$N%O%$%Q!<%j%s%/$r:n@.2DG=$G$"$k!#$J$s$i967b$rM=4|$7$F$$$J$$%f!<%6$,$3(B
$B$Nl9g!"G$0U$N%9%/%j%W%H$O(B PHPNuke $B$G9=(B
$BC[$5$l$?%5%$%H$N%3%s%F%s%D$HF13J$K%V%i%&%6Fb$G2rZMQ>pJs$NEp$_=P$7$r2p$7!"@5Ev$J%f!<%6(B
$B$N%;%C%7%g%s$N%O%$%8%c%C%/$r9T$&$?$a$KMxMQ$5$l$k$H?d;!$5$l$k!#(B

16. FAQManager.CGI NULL Character Arbitrary File Disclosure Vulnerability
BugTraq ID: 3810
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Jan 07 2002 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3810
$B$^$H$a(B:

FAQManager.cgi $B$O(B Web $B$r2p$9$k%$%s%?%U%'!<%9$rMQ$$!"(BFAQ (Frequently Asked
Questions) $B$rJ]pJs$r3+<($7(B
$B$F$7$^$&LdBj$rJz$($F$$$k!#(B

$B$3$N%=%U%H%&%'%"$O(B HTTP $B%j%/%(%9%H$r2p$7$FM?$($i$l$kF~NOCM$NFb!"FCDj$N(B
$B17. FAQManager.CGI Directory Traversal Vulnerability
BugTraq ID: 3812
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Jan 07 2002 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3812
$B$^$H$a(B:

FAQManager.cgi $B$O(B Web $B$r2p$9$k%$%s%?%U%'!<%9$rMQ$$!"(BFAQ (Frequently Asked
Questions) $B$rJ]pJs$r3+<($7(B
$B$F$7$^$&LdBj$rJz$($F$$$k!#(B

$B$3$N%=%U%H%&%'%"$O(B HTTP $B%j%/%(%9%H$r2p$7$FM?$($i$l$kF~NOCM$NFb!"FCDj$N(B
$BA[(B / $B%G%#%l%/%H%j$N@)8B$r2sHr$7!"(BWeb $B%5!<%P$N8"8B$,FI$_=P$7(B
$B2DG=$JG$0U$N%U%!%$%k$rI=<(2DG=$G$"$k!#$3$NJ}K!$K$h$C$F3+<($5$l$k!"(BWeb
$B%5!<%P$N8"8B$,FI$_=P$72DG=$J%U%!%$%k$NFbMF$K$O!"967b](B
$B$H$J$C$?%[%9%H$X!"0J8e$N967b$NpJs$,4^$^$l$k2DG=(B
$B@-$,$"$k!#(B

18. Mirabilis ICQ Remote Buffer Overflow Vulnerability
BugTraq ID: 3813
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Jan 06 2002 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3813
$B$^$H$a(B:

ICQ $B$O(B Mirabilis $B$K$h$jDs6!$5$l$F$$$k!"%a%C%;!<%88r49$rMF0W$K$9$k%"%W%j(B
$B%1!<%7%g%s$G$"$k!#(B

ICQ $B$K$OFCJL$KAH$_N)$F$i$l$?DL?.$K$h$j!"%P%C%U%!%*!<%P!<%U%m!<$r@8$8$k(B
$BLdBj$,B8:_$9$k!#0-0U$r;}$C$FAH$_N)$F$i$l$?(B TLV (type, length, value)
$B%?%$%W(B 0x2711 $B$N%Q%1%C%H$K$h$j!"%j%?!<%s%"%I%l%9$r4^$`%9%?%C%/>e$N%G!<(B
$B%?$O>e=q$-$5$l$k2DG=@-$,$"$k!#$3$N9FF@(Bg$B4|$K$h$j!"(BICQ $B%/%i%$%"%s%H$OMF0W(B
$B$K%/%i%C%7%e$5$;$k;v$,2DG=$G$"$j!"%j%b!<%H$+$iG$0U$N%3!<%I$N@\DL?.$r2p$7$F$b967b$,9T$o$l$k(B
$B2DG=@-$,$"$k!#(B

19. HP-UX mmap()  Denial of Service Vulnerability
BugTraq ID: 3817
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: Jan 08 2002 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3817
$B$^$H$a(B:

HP-UX $B$N(B kernel $B$K$O%m!<%+%k%f!<%6$,(B DoS $B$r0z$-5/$3$9;v$,2DG=$JLdBj$,(B
$BB8:_$9$k!#(B

$BLdBj$r@8$8$k>uBV$O%W%m%;%9$,%a%b%j%P%C%U%!$KMxMQ$9$k$?$a$K!"%a%b%j$r%U%!(B
$B%$%k$H$7$FE83+$9$k:]$K@8$8$k(B(mmap() $B%7%9%F%`%3!<%k$K$h$C$F9T$o$l$k(B)$B!#(B
$B3:Ev$9$k%W%m%;%9$,%U%!%$%k%G%#%9%/%j%W%?$K$"$k!"E83+$5$l$?%P%C%U%!$+$i(B
$B$N%G!<%?$rMxMQ$7$FF~=PNO=hM}$r;n$_$k:]!"%+!<%M%k$N%G%C%I%m%C%/$,@8$8$k(B
$B$N$G$"$k!#(B

$B$$$:$l$NFC8"$r;}$?$J$$%m!<%+%k%f!<%6$G$"$C$F$b!"%7%9%F%`A4BN$K1F6A$r5Z(B
$B$\$9(B DoS $B$r0z$-5/$3$9$?$a$K!"$3$NLdBj$rMxMQ$9$k967b$r9T$&;v$O2DG=$G$"$k!#(B

20. BEA Systems WebLogic Server DOS Device Denial of Service Vulnerability
BugTraq ID: 3816
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Jan 08 2002 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3816
$B$^$H$a(B:

BEA Systems WebLogic Server $B$O(B Microsoft Windows $B$HB?$/$N(B UNIX $B$d(B Linux
$B8~$1$K!"4k6H8~$1$N(B Web $B%"%W%j%1!<%7%g%s$HL5@~%"%W%j%1!<%7%g%s$r9=C[$9$k(B
$BuBV$G$O%-%e!<$NCf$K<}$a$i$l$kMM$K$J$C$F$$$k!#$=$N8e%j%/%(%9%H$O$3$N%=(B
$B%U%H%&%'%">e$G$rIU$12C$($?%j%/%(%9%H$rM?$($k;v$K(B
$B$h$j(B($BNc(B: aux.jsp)$B!"%5!<%P$KM?$($i$l$?%j%/%(%9%H$,!"$"$?$+$b@5Ev$J(B .jsp
$B$X$N%j%/%(%9%H$G$"$k$H$_$J$5$l$k2r$N$?$a$K!"2TF0Cf$N%9%l%C%I$NDd;_$O9T$o$l$J$$$^$^$H$J$k!#(B
$B$3$N$?$a!"4{$K<($7$?J}K!$K$h$C$FAH$_N)$F$i$l$?BgNL$N%j%/%(%9%H$,M?$($i(B
$B$l$k:]!"%5!<%P$N1~Ez$rDd;_2DG=$G$"$k!#(B

21. John Hardin Procmail Email Sanitizer Multipart Mime Recognition Vulnerability
BugTraq ID: 3820
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Jan 05 2002 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/3820
$B$^$H$a(B:

John Hardin $B:n$N(B Procmail Email Sanitizer $B$O(B procmail $BMQ$N@_Dj%U%!%$%k(B
$B$G$"$j!"4m81$J%a!<%k$NFbMF$NFCDj$H:o=|$r;n$_$k5!G=$rDs6!$7$F$$$k!#$3$N(B
$B@_Dj%U%!%$%k$K$h$j!"DL>o46@wBP>]$H$J$k%f!<%6$+$i!"B?$/$NCxL>$JEE;R%a!<(B
$B%k$r2p$7$FEAGE$r9T$&%&%$%k%9$r3VN%$7$F$*$/;v$,2DG=$G$"$k!#(B

$B$7$+$7!"$3$N%=%U%H%&%'%"$NFCDj$N%P!<%8%g%s$K$O:F5"E*$J%^%k%A%Q!<%H7A<0(B
$B$N(B MIME $B$K=>$&E:IU%U%!%$%k$r22. FreeBSD Package Add Insecure Temporary Directory Creation
Vulnerability
BugTraq ID: 3819
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: Jan 04 2002 12:00A
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/3819
$B$^$H$a(B:

FreeBSD $B$O%U%j!<$GMxMQ2DG=$J!"(BUNIX $B$G$"$k!#$3$N(B OS $B$O(B FreeBSD $B%W%m%8%'(B
$B%/%H$K$h$jJ]A0$N%Q%C%1!<%8$r0l;~%G%#%l%/%H(B
$B%j$K?-D9$9$k!#$3$N0l;~%G%#%l%/%H%j$+$i!"?-D9$5$l$?%Q%C%1!<%8$,0\F0$5$l!"(B
$B%7%9%F%`>e$N;XDj$7$?>l=j$KCV$+$l$k!#(B

$B$3$N=hM}$,9T$o$l$k:]!"%Q%C%1!<%8$K4^$^$l$k%U%!%$%k0l<0$O?-D9$5$l$?%G%#(B
$B%l%/%H%jFb$K(B 755 $B$N%Q!<%_%C%7%g%s$GE83+$5$l$k!#$3$N%Q!<%_%C%7%g%s$G$O!"(B
$B%m!<%+%k%f!<%6$O%G%#%l%/%H%j%D%j!<$rC)$k$3$H$,2DG=$G$"$k!#%5%V%G%#%l%/(B
$B%H%j$,$I$s$J8"8B$G$b=q$-9~$_2DG=$G$"$k%Q!<%_%C%7%g%s$G$"$k>l9g!"%f!<%6(B
$B$O%G%#%l%/%H%j$+$i%G!<%?$r:o=|$7!"$"$k$$$O%H%m%$$NLZGO$r%U%!%$%k$K;E3](B
$B$1!"$5$i$K9b0L$N8"8B$NC%:3J$K7R$,$k2DG=@-$,$"$k!#(B

23. Erwin Lansing mailidx Input Validation Vulnerability
BugTraq ID: 3822
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Jan 04 2002 12:00A
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/3822
$B$^$H$a(B:

Erwin Lansing $B:n$N(B mailidx $B%9%/%j%W%H$O(B Unix $B%a!<%k%\%C%/%9$r2r@O$7!"(B
$B%G!<%?%Y!<%9$K%a%C%;!<%8$rJ]B82DG=$J5!G=$rHw$($k%=%U%H%&%'%"$G$"$k!#(B
$B$3$N%=%U%H%&%'%"$O@55,I=8=$r;HMQ$7!"%a!<%k$N0lMw$r85$K%a%C%;!<%8$NJB$S(B
$BBX$($r9T$C$F$$$k!#(BPHP/CGI $B%9%/%j%W%H$r$^$H$a$?%Q%C%1!<%8$,!"%a%C%;!<%8(B
$B$N8!:w5!G=$J$I$r4^$_!"%G!<%?%Y!<%9$N%U%m%s%H%(%s%IMQ$NNc$H$7$FDs6!$5$l(B
$B$F$$$k!#(B

$B8!:w%9%/%j%W%H$OE,@Z$K%f!<%6$NF~NO$NBEEv@-$r8!::$7$J$$!#$=$N7k2L!"$3$N(B
$B%9%/%j%W%H$K%"%/%;%92DG=$J0-0U$"$k%f!<%6$O!"F~NO$r(B SQL $BJ8$rH/9T$9$k$h$&(B
$B$KJQ992DG=$G$"$k!#%$%s%9%H!<%k$5$l$F$$$k>u67$K$h$j!"=EMW$J>pJs$,3+<($5(B
$B$l$k2DG=@-$,$"$k!#$^$?!"%G!<%?%Y!<%9$KJ];}$5$l$F$$$k>pJs$r2~$6$s$5$l$k(B
$B2DG=@-$b$"$k!#(B

24. Wuff MovieDB Password Disclosure Vulnerability
BugTraq ID: 3823
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: Jan 05 2002 12:00A
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/3823
$B$^$H$a(B:

Wuff MovieDB $B$O!"%f!<%6$KMM!9$J%a%G%#%"%?%$%W$N%U%!%$%k(B (VCD$B!"(BSVCD$B!"(BDVD 
$B%`!<%S!<(B) $B$K%+%P!<%"!<%H$rIU$1$F0lMwI=$r:n$k$3$H$,2DG=$J(B MySQL $B$r85$K$7(B
$B$?%G!<%?%Y!<%9%Q%C%1!<%8$G$"$k!#(BMovieDB $B$K$O!"%G!<%?%Y!<%9%3%s%F%s%D$X(B
$B%"%/%;%9$7!"JQ99$9$k$?$a$N(B PHP $B$N%U%m%s%H%(%s%I$,Ds6!$5$l$F$$$k!#(B

MovieDB $B$,Jz$($kLdBj$N$?$a!"%f!<%6$OB>$N%f!<%6$N%Q%9%o!<%I$r$N%f!<%6$N%Q%9%o!<%I$NZ>pJs$G(B
$B$"$k$3$H$,FI$_pJs$NF~l9g!"%f!<%6$O@55,$N%f!<%6$H$7$F!"MM!9$J25. ModLogAn Splitby Input Validation Vulnerability
BugTraq ID: 3821
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: Jan 04 2002 12:00A
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/3821
$B$^$H$a(B:

ModLogAn $B$O%U%j!<$GMxMQ2DG=$J%*!<%W%s%=!<%9$N%m%0%U%!%$%k%"%J%i%$%6$G$"(B
$B$k!#(BWeb $B%5!<%P(B (Apache$B!"(BMS IIS$B!"(BNetscape)$B!"(BFTP $B%5!<%P(B (wu-ftpd$B!"(Bproftpd 
$B$J$I(B)$B!"%a!<%k%5!<%P(B (sendmail$B!"(Bqmail) $B$d$=$NB>$NMM!9$J%=!<%9$+$i$J$I!"(B
$BB??t$N0[$J$k%5!<%S%9$+$i$N%m%0%U%!%$%k$r=hM}2DG=$G$"$k!#(BModLogAn $B$O!"(B
Microsoft Windows NT/2000 $B$N$_$J$i$:!"B??t$N(B UNIX $B$d(B Linux $B>e$G$bF0:n2D(B
$BG=$G$"$k!#(B

$BJs9p$K$h$k$H!"(BModLogAn $B$O%m!<%+%k$N967be=q$-2DG=$G$"$k$H$$$&LdBj$rJz$($F$$(B
$B$k!#$3$NLdBj$O(B processor_web $B%W%i%0%$%s$N(B splitby $B%*%W%7%g%s$N=hM}$KB8:_(B
$B$7!"$3$N5!G=$rM-8z$K$7$F$$$k%7%9%F%`$N$_1F6A$rA[%[%9%H$4$H$K%l%]!<%H$rJ,3d$9(B
$B$k$3$H$r2DG=$H$9$k!#(Bsplitby $B5!G=$rMQ$$$F%m%0%U%!%$%k$N%(%s%H%j$r2r@O$9(B
$B$k:]!"F~NO$NBEEv@-$rE,@Z$K8!::$7$J$$!#(B

$B%I%C%H%I%C%H%9%i%C%7%e(B (../) $B$H$$$&J8;zNs$G;O$^$k%[%9%HL>$N%m%0%(%s%H%j(B
$B$r2r@O$7$h$&$H$9$k$H$-!"(BModLogAn $B$N=PNO$O967be=q$-$9$k$?$a$K%7%s%\%j%C%/%j%s%/967b$r;HMQ$9$k$?$a$K!"(B
$B$3$N5!2q$r3hMQ2DG=@-$,$"$k!#%m!<%+%k$N967bpJs$NGK2u!"(BDoS$B!"8"(B
$B8B>:3J$,2DG=$G$"$k!#(B

$B$3$NLdBj$N967b$X$N1~MQ$K4X$7$F$O!"%5!<%P@=IJ$KB8:_$9$kJL8D$NLdBj$K1~MQ(B
$B$N2DH]$,0MB8$9$k2DG=@-$,$"$k$3$H$rL@5-$7$J$1$l$P$J$i$J$$!#(B
$BNc$($P!"(BBugTraq ID 3596 "Apache Split-Logfile File Append Vulnerability"
$B$N$h$&$K!"967bo!"8"8B$r;}$?$J$$%f!<%6$K$h$jCV$-49$($k$3$H$OIT2DG=$G$"(B
$B$k!#(B

26. AXSpawn User Login Buffer Overflow Vulnerability
BugTraq ID: 3824
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Jan 06 2002 12:00A
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/3824
$B$^$H$a(B:

AXSpawn $B$O%U%j!<$GMxMQ2DG=$J!"(BAX25 $B%M%C%H%o!<%/MQ$N%*!<%W%s%=!<%9$N(B PAM
$B$N:3J$9$k2DG=@-$,$"$k!#$3$NLd(B
$BBj$O6-3&$N8!::$KM3Mh$7$F$$$k!#(B

AX25 PAM $B%b%8%e!<%k$rMxMQ$7$F%7%9%F%`$K@\B3$9$k%f!<%6$O!"(BAX25 $B7PM3$G%7(B
$B%9%F%`$HDL?.$7$J$1$l$P$J$i$J$$!#$3$l$O%b%8%e!<%k$K$h$j8!::$5$l$k!#(B

$B$7$+$7!"(BAXSpawn $B%W%m%0%i%`$O!"%Q%1%C%H7PM3$GF~NO$5$l$?CM$ND9$5$rE,@Z$K(B
$B8!::$7$J$$$N$G$"$k!#$=$N$?$a!"0-0U$"$k%f!<%6$O!"%9%?%C%/JQ?t$N>e=q$-$H(B
$B$$$C$?7k2L$r$b$?$i$9G'>Z5!9=$X$N%Q%1%C%H$rFH<+$KAH$_N)$F!"Aw?.2DG=$G$"(B
$B$k!#$3$NLdBj$O!"(Blogin $B$No(B root) $B$GG$0U$N%W%m%0%i%`(B
$B$r:3J$,@x:_E*$K2DG=$G$"$k!#(B

27. BrowseFTP Client Buffer Overflow Vulnerability
BugTraq ID: 3781
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Jan 04 2002 12:00A
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/3781
$B$^$H$a(B:

BrowseFTP $B$O!"MM!9$J%P!<%8%g%s$N(B Microsoft Windows $B$GF0:n$9$k(B ftp $B%/%i(B
$B%$%"%s%H$G$"$k!#(B

$BJs9p$K$h$k$H!"0-0U$"$k(B ftp $B%[%9%H$,(B BrowseFTP $B%/%i%$%"%s%H$re$GG$0U$N%W%m%0%i%`$Nl9g!"$3$N967b$Or7o$rMxMQ$7!"0-0U$"$k4IM}e$G28. Geeklog New User Default Admin Privileges Vulnerability
BugTraq ID: 3783
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Jan 04 2002 12:00A
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/3783
$B$^$H$a(B:

Geeklog $B$O%U%j!<$GMxMQ2DG=$J%*!<%W%s%=!<%9$N(B Weblog $B%=%U%H%&%'%"$G$"$k!#(B
$B%f!<%6$O2>A[%3%_%e%K%F%#NN0h$r@8@.$7!"%f!<%6$N4IM}$dOCBj$NDs6!$r?k9T$9(B
$B$k$3$H$,2DG=$G$"$k!#(BPHP $B8@8l$G:n@.$5$l!"(BMicrosoft Windows NT/2000 $B$N$_(B
$B$J$i$:!"$[$H$s$I$N(B UNIX $B$d(B Linux $B%G%#%9%H%j%S%e!<%7%g%s>e$GF0:n$9$k!#(B
Geeklog $B$O%P%C%/%(%s%I$G(B MySQL $B$,2TF0$7$F$$$k!#(B

Geeklog $B$N%P!<%8%g%s(B 1.3 $B$G8"8B$r;}$?$J$$0lHL%f!<%6$,!"4IM}o!":G8e$N%G%U%)%k%H$N4IM}J}$N4IM}$,2DG=$G$"$k!#(B

29. Anti-Web HTTPD Script Engine File Opening Denial Of Service Vulnerability
BugTraq ID: 3782
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: Jan 04 2002 12:00A
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/3782
$B$^$H$a(B:

Anti-Web HTTPD $B$O%U%j!<$GMxMQ2DG=$J%*!<%W%s%=!<%9$N(B Web $B%5!<%P$G!"(BLinux
$B%W%i%C%H%U%)!<%`>e$G;HMQ$9$k$h$&$K@_7W$5$l$F$$$k!#(B
$B$3$N%=%U%H%&%'%"$O(B Doug Hoyte $B$K$h$jJ]pJs$NI=<(!"$"$k$$$O%f!<%6$r(B
$BJL$N%Z!<%8$K%j%@%$%l%/%H$9$k$?$a$K;HMQ$5$l$k!#(B

$B%9%/%j%W%H$,B8:_$7$J$$%U%!%$%k$r3+$/$?$a$KuBV$K(B
$B4Y$k!#(B

$B$3$NLdBj$N$?$a!"(Bhttpd $B$K$h$j2r30. Michael Lamont Savant Web Server Long Request DoS Vulnerability
BugTraq ID: 3788
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Jan 05 2002 12:00A
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/3788
$B$^$H$a(B:

Michael Lamont Savant Web $B%5!<%P$O%*!<%W%s%=!<%9$N(B Web $B%5!<%P$G$"$j!"(B
Microsoft Windows $B4D6-$GF0:n$9$k$h$&$K@_7W$5$l$F$$$k!#(B

Savant Web $B%5!<%P$O!"%5!<%P$N1~Ez$,Dd;_$9$kLdBj$rJz$($k!#(B

$B967b$O$I$s$JJ8;z$G$bBgNL$K4^$s$@%j%/%(%9%H$,Aw?.$5$l$?>l9g!"o5!G=$NI|5l$K$"$?$C$F$O:F5/(B
$BF0$,I,MW$G$"$k!#(B

$B$3$NLdBj$OL$%A%'%C%/$N%P%C%U%!$,B8:_$9$k$?$a$KH/@8$9$k!#$3$NLdBj$rMxMQ(B
$B$9$k967b$,9T$o$l$?>l9g!"G$0U$N%W%m%0%i%`$,967bBP>]$H$J$k%3%s%T%e!<%?>e(B
$B$G31. AOLServer Password Protected File Arbitrary Read Access Vulnerability
BugTraq ID: 3791
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Jan 06 2002 12:00A
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/3791
$B$^$H$a(B:

AOLServer $B$O%*!<%W%s%=!<%9$N%U%j!<$GMxMQ2DG=$J(B HTTP $B%5!<%P$G!"(BAOL $B$H%*(B
$B!<%W%s%=!<%93+H/%3%_%e%K%F%#$H$N6(NO$N2pJs$X$N%"%/%;%98"8B$rC%e$G2TF0$9$k(B AOLServer $B$K1F6A$9$k!#(B

AOLServer $B$O!"(BWeb $B%5!<%P>e$KCV$+$l$F$$$k%U%!%$%k$KBP$7!"%"%/%;%9%3%s%H(B
$B%m!<%kl9g!"%f!<%6$O%U%k%Q%9$r;XDj$7!"G'>Z$r2sHr$7!"D>@\%U%!%$%k(B
$B$X%"%/%;%9$9$k2DG=@-$,$"$k!#$3$l$O!"%j%b!<%H%f!<%6$K5!L)%U%!%$%k$X$NG$(B
$B0U$K%"%/%;%9$r2DG=$H$7$F$7$^$&!#(B

$B$3$NLdBj$N$?$a!"%j%b!<%H%f!<%6$O5!L)>pJs$XG$0U$K%"%/%;%9$9$k8"8B$re$GDs6!$5$l$F$$$k(B Web $B7G<(HD$NMM$J!"B>$N%Q%9%o!<%I$GJ](B
$B8n$5$l$?;q8;$K%"%/%;%9$9$k2DG=@-$,$"$k!#(B


III. SECURITYFOCUS NEWS AND COMMENTARY 
- ------------------------------------------
1. DeCSS Creator Indicted in Norway
$BCxhttp://www.securityfocus.com/news/306

2. Guilty Plea in Nuke Lab Hack
$BCxhttp://www.securityfocus.com/news/305

3. Punish Security Lapses, NAS Urges
$BCxhttp://www.securityfocus.com/news/304

4. Virus Threatens Software Flash Files
$BCxZ(B (Proof of concept) $B%&%$%k%9$,!"$I$s$J%o!<%`$b$+$D$F9T$-$($J$+(B
$B$C$?>l=j$X$H8~$+$C$F$$$k!#(B

http://www.securityfocus.com/news/303


IV.SECURITYFOCUS TOP 6 TOOLS
- -----------------------------
1. CryptNET_Keyserver v0.0.8  
$B:nhttp://www.cryptnet.net/fsp/cks/ 
$B%W%i%C%H%U%)!<%`(B: Linux
$B$^$H$a(B: 

CKS $B$O(B openPGP (RFC2440) $B=`5r$N8x3+80%5!<%P$G$9!#$3$N%=%U%H%&%'%"$O8=:_(B
$B$b$J$*3+H/$,B3$1$i$l$F$$$^$9!#(BC $B8@8l$G:n@.$5$l!"(BLinux $B>e$GF0:n$7$^$9!#(B
$B80$NJ];}$K$O(B PostgreSQL $B$r;HMQ$7!"(Bhkp $B%W%m%H%3%k(B ($B$3$l$O(B GnuPG $B$d(B NAI
PGP $B$N%$%s%?!<%U%'%$%9$G$9(B) $B$r%5%]!<%H$7$^$9!#$3$N80%5!<%P$OHs>o$K5!G=(B
$BE*$G!"%[!<%`%Z!<%8$K>o;~J#@=$r:n@.$9$k%O%$%Q!<%j%s%/$,$"$j$^$9!#(B

2. Automated Password Generator (APG) v2.1.0a0  
$B:nhttp://www.adel.nursat.kz/apg/ 
$B%W%i%C%H%U%)!<%`(B: FreeBSD$B!"(BLinux$B!"(BSolaris
$B$^$H$a(B: 

APG (Automated Password Generator) $B$O%i%s%@%`$J%Q%9%o!<%I$r@8@.$9$k$?$a(B
$B$N%D!<%k%;%C%H$G$9!#(B

3. Attacker v3.0  
$B:nhttp://www.foundstone.com/rdlabs/tools.html 
$B%W%i%C%H%U%)!<%`(B: UNIX$B!"(BWindows 2000$B!"(BWindows 95/98$B!"(BWindows NT
$B$^$H$a(B:

$B$3$l$O(B TCP/UDP $B$N%]!<%H%j%9%J$G$9!#%j%9%s$9$k%]!<%H$N0lMw$rMQ0U$9$l$P!"(B
$B$3$N%W%m%0%i%`$O!"%]!<%H$X$N@\B3$d%G!<%?$NE~Ce$,$"$C$?$H$-DLCN$7$F$/$l(B
$B$^$9!#%7%9%F%`%H%l%$$X:G>.2=$G$-!"2;@<$G7Y9p$rH/$;$i$l$^$9!#$3$N%W%m%0(B
$B%i%`$O!"%$%s%?!<%M%C%H7PM3$G%3%s%T%e!<%?$rD4::$9$k;n$_$rCN$i$;$k$?$a$N(B
$BHV8$$H$7$FMxMQ$9$k$3$H$,0U?^$5$l$F$$$^$9!#(B

4. NBTEnum - NetBIOS Enumeration Utility v1.0 
$B:nhttp://ntsleuth.0catch.com/ 
$B%W%i%C%H%U%)!<%`(B: Windows 2000$B!"(BWindows NT
$B$^$H$a(B: 

$B%/%i%9(B C $B$N%5%V%M%C%H$N%9%-%c%s5!G=$H(B RestrictAnonymous $B%P%$%Q%95!G=$,(B
$B$"$j$^$9!#(B

5. socat v1.0.3.0  
$B:nhttp://www.dest-unreach.org/socat/socat-1.0/ 
$B%W%i%C%H%U%)!<%`(B: AIX$B!"(BFreeBSD$B!"(BLinux$B!"(BSolaris
$B$^$H$a(B: 

socat $B$O(B 2 $B$D$NFHN)$7$?%G!<%?%A%c%M%k4V$GAPJ}8~%G!<%?E>Aw$r9T$J$&$?$a$N(B
$B%j%l!<$G$9!#3F%G!<%?%A%c%s%M%k$K$O!"%U%!%$%k!"%Q%$%W!"%G%P%$%9(B ($B%?!<%_(B
$B%J%k$d%b%G%`$J$I(B)$B!"%=%1%C%H(B (UNIX$B!"(BIP4$B!"(BIP6 - raw$B!"(BUDP$B!"(BTCP)$B!"$9$G$K3+(B
$B$+$l$F$$$k%U%!%$%k%G%#%9%/%j%W%?(B (stdin $B$J$I(B)$B!"%W%m%0%i%`!"$3$l$i$N$&$A(B
$B$NG$0U$N(B 2 $B$D$NAH$_9g$o$;$J$I$,2DG=$G$9!#(B

6. Demarc PureSecure v1.05 
$B:nhttp://www.demarc.com/ 
$B%W%i%C%H%U%)!<%`(B: BSDI$B!"(BFreeBSD$B!"(BHP-UX$B!"(BLinux$B!"(BNetBSD$B!"(BOpenBSD$B!"(BPerl 
(Perl $B$,F0:n$9$k%7%9%F%`(B)$B!"(BUNIX$B!"(BWindows 2000$B!"(BWindows NT$B!"(BWindows XP
$B$^$H$a(B: 

$B$"$k%W%m%0%i%`$G%U%!%$%k$N0l4S@-$N3NG'$r9T$$!"JL$N%W%m%0%i%`$G%M%C%H%o!<(B
$B%/$N@\B3>u67$d2TF0>u67$r4F;k$7!"$^$?JL$N%W%m%0%i%`$G%M%C%H%o!<%/$X$N?/(B
$BF~$N;n$_$r4F;k$9$kBe$o$j$K!"(BDemarc PureSecure $B$O$3$l$i$9$Y$F$N%5!<%S%9(B
$B$r0l$D$N6/NO$J%/%i%$%"%s%H%5!<%P%W%m%0%i%`$KE}9g$7$^$7$?!#%M%C%H%o!<%/(B
$B$K$"$k0[$J$k%^%7%s$N>uBV$r4F;k$G$-$k$@$1$G$J$/!"0l2U=j$+$i%M%C%H%o!<%/(B
$B$NA4$F$NJQ99$KBP1~$9$k;v$b2DG=$G$9!#(B

$B%;%-%e%j%F%#$O4{$K!"$I$s$J%M%C%H%o!<%/$G$b5Y$_$N$J$$;E;v$H$J$C$F$$$^$9!#(B
$B2?==Bf$b$N%5!<%P>e$GF0:n$9$kB??t$N%W%m%0%i%`$+$i$N%l%]!<%H$r4F;k$9$kIi(B
$B2Y$O!">pJs2aB?$r@8$_=P$7$F$7$^$$$^$9!#?M4V$NF,G>$G$O!"$I$s$J$K;~4V$rM?(B
$B$($i$l$F$b!"$=$l$i$OC1$KB?$9$.!"2r@O$9$k0JA0$KBgNL$N%G!<%?$r=hM}$G$-$^(B
$B$;$s!#(B

Demarc PureSecure $B$OA4%M%C%H%o!<%/$NJs9p$H2r@O$r0l852=$7!"M>7W$J%P%C%/(B
$B%0%i%&%s%I%N%$%:$+$i=EMW$J%G!<%?$rMF0W$KCj=P$7$^$9!#$=$N$?$a!"K\Mh=8Cf(B
$B$7$J$1$l$P$J$i$J$$L\E*$K$N$_NO$rCm$2$P$h$/$J$j$^$9!#(B
- --
$BLu(B: $B:d0f=g9T(B(SAKAI Yoriyuki), $B1F;3E0:H(B(KAGEYAMA Tetsuya)
$B4F=$(B: $B:d0f=g9T(B(SAKAI Yoriyuki)
LAC Co., Ltd.
http://www.lac.co.jp/security/

-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Edition 5.5.5J
Comment: KAGEYAMA Tetsuya

iQA/AwUBPEWuTs32EXDdoEFfEQLmfgCfbnhNSeLrHVIkNK3Us4yENuvuzh4AoNSk
g1DVwgk5nXc/yhEKYC7qtN6H
=9N+7
-----END PGP SIGNATURE-----