SecurityFocus.com Newsletter #152 2002-7-1->2002-7-5

To: bugtraq-jp@securityfocus.com
Subject: SecurityFocus.com Newsletter #152 2002-7-1->2002-7-5
From: SAKAI Yoriyuki <sakai@lac.co.jp>
Date: Sun, 14 Jul 2002 21:35:40 +0900
Delivered-To: mailing list bugtraq-jp@securityfocus.com
Delivered-To: moderator for bugtraq-jp@securityfocus.com
In-Reply-To: <Pine.LNX.4.43.0207081159100.8138-100000@mail.securityfocus.com>
List-Help: <mailto:bugtraq-jp-help@securityfocus.com>
List-Id: <bugtraq-jp.list-id.securityfocus.com>
List-Post: <mailto:bugtraq-jp@securityfocus.com>
List-Subscribe: <mailto:bugtraq-jp-subscribe@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-jp-unsubscribe@securityfocus.com>
Mailing-List: contact bugtraq-jp-help@securityfocus.com; run by ezmlm
References: <Pine.LNX.4.43.0207081159100.8138-100000@mail.securityfocus.com>
$B:d0f(B@$B%i%C%/$G$9!#(B

SecurityFocus.com Newsletter $BBh(B 152 $B9f$NOBLu$r$*FO$1$7$^$9!#(B
$BLu$N$J$$9`L\$K$D$$$F$O!VF|K\8lLu$J$7!W$H$7$F6hJL$7$F$"$j$^$9!#(B

---------------------------------------------------------------------------
SecurityFocus.com Newsletter $B$K4X$9$k(BFAQ:
http://www.securityfocus.com/popups/forums/securityfocusnews/intro.shtml
BugTraq-JP $B$K4X$9$k(B FAQ:
http://www.securityfocus.com/popups/forums/bugtraq-jp/faq.shtml
(SecurityFocus.com Newsletter $B$NOBLu$O(B BugTraq-JP $B$G0le$G9T$o(B
  $B$l$F$$$^$9!#(B
$B!&(BSecurityFocus.com Newsletter $B$NOBLu$r(B Netnews, Mailinglist,
  World Wide Web, $B=q@R(B, $B$=$NB>$N5-O?G^BN$G0zMQ$5$l$k>l9g$K$O%a!<%k$N(B
  $BA4J80zMQ$r$*4j$$$7$^$9!#(B
$B!&F|K\8lHG%K%e!<%9%l%?!<(B 1 $B9f$+$i(B 3 $B9f$^$G$K$O$3$NHw9M$,IU$$$F$$$^$;(B
  $B$s$,=`MQ$9$k$b$N$H$7$^$9!#(B
$B!&$^$?!"(BSecurityFocus.com $BDs6!$N(B BugTraq-JP $B%"!<%+%$%V(B [*1] $B$X$N$$$+(B
  $B$J$k7A<0$N%O%$%Q!<%j%s%/$b>e5-$K=`$8$F$/$@$5$$!#(B
1) http://online.securityfocus.com/archive/79
---------------------------------------------------------------------------
---------------------------------------------------------------------------
$B$3$NOBLu$K4X$9$kHw9M(B:
$B!&$3$NOBLu$NE,MQ@.2L$K$D$$$F3t<02ql9g!"(BBugTraq-JP $B$X(B Errata $B$H$7$F=$@5(B
  $BHG$r$4Ej9FD:$/$+!"4F=$l9g$K$O=$@5HG$r$G$-$k$@$1?WB.$KH/9T$7$^$9!#(B
---------------------------------------------------------------------------
---------------------------------------------------------------------------
$B86HG(B:
Date: Mon, 8 Jul 2002 11:59:38 -0600 (MDT)
Message-ID: <Pine.LNX.4.43.0207081159100.8138-100000@mail.securityfocus.com>

SecurityFocus Newsletter #152
-----------------------------

I. FRONT AND CENTER($BF|K\8lLu$J$7(B)
     1. Clickwrap and Shrinkwrap Risks: The Security Concerns of...
     2. Twenty Don'ts for ASP Developers
     3. One of These Things is not Like the Others: The State of...
     4. Secure i-World
     5. Palladium holds Promise, and Peril
     6. Cyberwar is Hell
II. BUGTRAQ SUMMARY
     1. Macromedia ColdFusion MX jrun.dll Buffer Overflow Vulnerability
     2. Macromedia JRun Administrative Authentication Bypass Vulnerability
     3. Multiple Vendor WEB-INF Directory Contents Disclosure...
     4. Sendmail DNS Map TXT Record Buffer Overflow Vulnerability
     5. F2HTML.PL SQL Injection Vulnerability
     6. PHP Ticket Cross Site Scripting Vulnerability
     7. Bonobo EFSTool Commandline Argument Buffer Overflow Vulnerability
     8. Apple MacOS X World Readable Local.NIDump Encrypted Password...
     9. Simple WAIS Interface Arbitrary Command Execution Vulnerability
     10. E-Guest Guest Book Script Injection Vulnerability
     11. E-Guest Server Side Include Arbitrary Command Execution...
     12. Zap Book Server Side Include Arbitrary Command Execution...
     13. Zap Book Script Injection Vulnerability
     14. Macromedia Sitespring Database Engine Denial Of Service...
     15. Macromedia JRun Source Disclosure Vulnerabilities
     16. Betsie Parserl.PL Cross-Site Scripting Vulnerability
     17. OmniHTTPD Long Request Buffer Overflow Vulnerability
     18. Blackboard Cross-Site Scripting Vulnerability
     19. AnalogX Proxy Socks4A Buffer Overflow Vulnerability
     20. AnalogX Proxy Web Proxy Buffer Overflow Vulnerability
     21. Slashcode Paragraph Tag Script Injection Vulnerability
     22. PHPAuction Unauthorized Administrative Access Vulnerability
     23. HP-UX DCE Client IPv6 Denial of Service Vulnerability
III. SECURITYFOCUS NEWS ARTICLES
     1. Fugitive DEA Agent Arrested in Mexico
     2. Yaha Worm Takes Out Pakistan Government's Site
     3. Mitnick Testifies Against Sprint in Vice Hack Case
     4. Gobbles Releases Apache Exploit
IV.SECURITYFOCUS TOP 6 TOOLS
     1. RADIUS module for Ruby v1.0.0
     2. netspeed_applet for gnome v0.1
     3. Pound v0.5
     4. Wireless Access Point Utilites for Unix v1.0.2
     5. SimpleFirewall v0.6-4
     6. conntrack viewer v1.1

I. FRONT AND CENTER($BF|K\8lLu$J$7(B)
---------------------------------

II. BUGTRAQ SUMMARY
-------------------
1. Macromedia ColdFusion MX jrun.dll Buffer Overflow Vulnerability
BugTraq ID: 5121
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Jun 28 2002 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/5121
$B$^$H$a(B:

Macromedia $B$O(B Microsoft IIS $B$H(B ColdFusion MX $B%5!<%P$rAH$_9g$o$;$FMxMQ$9(B
$B$k>l9g!"%P%C%U%!%*!<%P!<%U%m!<$,@8$8$k2DG=@-$,$"$k$HH/I=$7$?!#(B

$BJs9p$K$h$k$H!"%P%C%U%!%*!<%P!<%U%m!<$O(B jrun.dll $B$G@8$8!"0U?^E*$KAH$_N)(B
$B$F$i$l$?(B HTTP $B%j%/%(%9%H$,M?$($i$l$?:]$K@8$8$k2DG=@-$,$"$k!#%P%C%U%!%*!<(B
$B%P!<%U%m!<$O(B HTTP $B%X%C%@$NFbMF$,(B 4096 $B%P%$%H0J>e$ND9$5$G$"$k$+!"%F%s%W(B
$B%l!<%HMQ$N%U%!%$%kL>$,(B 8092 $B%P%$%H0J>e$ND9$5$G$"$k>l9g$K@8$8$k!#(B

$B>/$J$/8+@Q$b$C$?>l9g$G$"$C$?$H$7$F$b!"$3$NLdBj$O(B IIS $B$r(B DoS $B>uBV$K4Y$i(B
$B$;$k$?$a$N967b$KMxMQ$5$l$k2DG=@-$,$"$k!#(BMacromedia $B$O!"$3$NLdBj$rMxMQ$9(B
$B$k967b$O!"(BIIS $B$ruBV$K4Y$i$;$k2DG=@-$,(B
$B$"$k$HH/I=$7$F$$$k!#(B

$B967b\$G$"$k!#(B

2. Macromedia JRun Administrative Authentication Bypass Vulnerability
BugTraq ID: 5118
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Jun 28 2002 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/5118
$B$^$H$a(B:

Macromedia JRun $B$O(B Microsoft Windows $B>e$G!"(BIIS 4 $B$"$k$$$O(B 5 $B$HAH$_9g$o(B
$B$;$FMxMQ$5$l$k(B J2EE $B%"%W%j%1!<%7%g%s%5!<%P$G$"$k!#(B

Macromedia JRun $B$K$O(B TCP $B%]!<%HHV9f(B 8000 $BHV$G%3%M%/%7%g%s$rBT$AZ$,2sHr2DG=$J$N$G$"$k!#(B

$B$3$NLdBj$rMxMQ$9$k967b$O4IM}@\4IM}MQ%Z!<%8$X$N%m%0%$%s%Z!<%8$r3+<($9$k7k2L$r>7$/!#(B

3. Multiple Vendor WEB-INF Directory Contents Disclosure Vulnerability
BugTraq ID: 5119
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Jun 28 2002 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/5119
$B$^$H$a(B:

Sybase Enterprise Application Server$B!"(BOC4J $B$HAH$_9g$o$5$l$?(B Oracle9i
Application Server$B!"(BOrion Server$B!"(BMacromedia/Allaire JRun$B!"(BHP Application
Server$B!"(BPramati Application Server$B!"(Bjo! Webserver $B$K$OLdBj$,H/8+$5$l$F(B
$B$$$k!#(B

$BJs9p$K$h$k$H!"$3$l$iNs5s$5$l$?%=%U%H%&%'%"$O(B WEB-INF $B%G%#%l%/%H%j$X$N%"(B
$B%/%;%9@)8B$rE,@Z$K9T$C$F$$$J$$!#$3$N7k2L!"%j%b!<%H%f!<%6$O(B WEB-INF $B%G%#(B
$B%l%/%H%jFbIt$N%"%/%;%9@)8B$,9T$o$l$F$$$k%U%!%$%k$X$N%"%/%;%98"8B$rC%\:Y$J@_Dj>pJs$,4^$^$l$F$$$k!#(B

WEB-INF $B%G%#%l%/%H%j$KBP$9$k!"4{CN>l=j$K$"$k;q8;$K(B . $B$rIU$12C$($?(B HTTP
$B%j%/%(%9%H$r9T$&$3$H$K$h$j!"=EMW$J>pJs$N3+<($K@.8y$9$k!#(B

$B$3$N%G%#%l%/%H%jFb$N>pJs$rF~]$N%3%s%T%e!<%?$K(B
$BBP$9$k!"$3$l0J8e$N967b$r0z$-5/$3$9$3$H$,2DG=$J!"Hs>o$K=EMW$J>pJs$r3+<((B
$B$9$k7k2L$r>7$/$3$H$,2DG=$G$"$k!#(B

4. Sendmail DNS Map TXT Record Buffer Overflow Vulnerability
BugTraq ID: 5122
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Jun 28 2002 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/5122
$B$^$H$a(B:

sendmail $B$O%U%j!<$G8x3+$5$l!"$^$?!"%*!<%W%s%=!<%9$G$"$k%a!<%kG[Aw%(!<%8%'(B
$B%s%H$G$"$k!#$3$N%=%U%H%&%'%"$OB?$/$N(B UNIX $B$d(B Linux $B$GMxMQ2DG=$G$"$k!#(B

sendmail $B$K$O%j%b!<%H$+$i$N%3!<%I$Nl9g!"Ld(B
$BBj$rJz$($k%3%s%T%e!<%?>e$G(B sendmail $B$N5. F2HTML.PL SQL Injection Vulnerability
BugTraq ID: 5123
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: Jun 28 2002 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/5123
$B$^$H$a(B:

f2html.pl $B$OFCDj$Ne$K$*(B
$B$$$F$bF0:n$9$k!#(B

f2html.pl $B%9%/%j%W%H$K$O(B SQL $B%/%(%j$X0z$-EO$9A0$K%U%!%$%kL>$NBEEv@-$r==(B
$BJ,$K9T$C$F$$$J$$LdBj$,B8:_$9$k!#(Bf2html.pl $B$,?.Mj$G$-$J$$%m!<%+%k%f!<%6$K(B
$B$h$C$F%"%/%;%92DG=$J%G%#%l%/%H%j$r8!:w$9$k$?$a$KMxMQ$5$l$k>l9g!"0-0U$r$b$C(B
$B$FAH$_N)$F$i$l$?%U%!%$%kL>$rMxMQ$9$k$3$H$G!"(BSQL $B9=J8$rCmF~$9$k967b(B (SQL
injection attack) $B$r4k$F$k$3$H$,2DG=$G$"$k$H9M$($i$l$k!#(B

$B$3$NLdBj$rMxMQ$9$k967b6. PHP Ticket Cross Site Scripting Vulnerability
BugTraq ID: 5124
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Jun 28 2002 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/5124
$B$^$H$a(B:

PHP Ticket $B$O(B MrSpiff $B$K$h$C$FJ]ZMQ>pJs$rEp(B
$B$_=P$9$?$a$N967b$KMxMQ$5$l$k2DG=@-$,$"$k!#(B


7. Bonobo EFSTool Commandline Argument Buffer Overflow Vulnerability
BugTraq ID: 5125
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: Jun 29 2002 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/5125
$B$^$H$a(B:

Bonobo $B$O(B Gnone $B%G%9%/%H%C%W4D6-$N0lIt$H$7$FF1:-$5$l$F$$$k!"(BCORBA $B%$%s(B
$B%?%U%'!<%9$r;}$D0lO"$N%D!<%k72$G$"$k!#$3$N%=%U%H%&%'%"$O(B Linux $B$H(B UNIX
$B>e$GF0:n$9$k$h$&$K@_7W$5$l$F$$$k!#(B

Bonobo $B$N%3%s%]!<%M%s%H$G$"$k(B efstool $B$KB8:_$9$kLdBj$K$h$j!"%m!<%+%k%f!<(B
$B%6$O$h$j9b0L$N8"8B$rC%uBV$N7$/7k(B
$B2L$H$J$k!"D9$$%3%^%s%I%i%$%s%Q%i%a!<%?$rM?$($k$3$H$,2DG=$G$"$k!#$3$NLd(B
$BBj$K$h$j!"%m!<%+%k%7%9%F%`>e$G%j%?!<%s%"%I%l%9$r4^$`%9%?%C%/%a%b%jFb$N(B
$BCM$r>e=q$-$9$k$?$a$N967b$KMxMQ2DG=$G$"$j!"7k2L$H$7$F967b8. Apple MacOS X World Readable Local.NIDump Encrypted Password Recovery Vulnerability
BugTraq ID: 5126
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: Jun 29 2002 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/5126
$B$^$H$a(B:

MacOS X $B$O(B Apple $B$K$*$$$FHNGd$*$h$SJ]$N%f!<%6$N%Q%9%o!<%I$X$N%"%/%;%9(B
$B8"8B$rC%e$N(B cron $B%8%g%V$K$h$j@8@.$5(B
$B$l$k!#$3$N%U%!%$%k$O(B NetInfo $B%G!<%?%Y!<%9$N%P%C%/%"%C%W$H$7$FMxMQ$5$l(B
$B$k!#%U%!%$%k$K$O!"%7%9%F%`>e$NA4$F$N%f!<%6$N0E9f2=$5$l$?%Q%9%o!<%I%O%C(B
$B%7%e$,3JG<$5$l$F$$$k!#(B

$B$3$l$O!"%m!<%+%k%f!<%6$K$h$k!"A4$F$N%7%9%F%`%f!<%6$N0E9f2=$5$l$?%Q%9%o!<(B
$B%I%O%C%7%e$X$NFI$_9~$_2DG=$J%"%/%;%9$r2DG=$K$9$k7k2L$r>7$$$F$7$^$&$N$G(B
$B$"$k!#%f!<%6$O$3$N%U%!%$%k$r]$H$7$F!"%*%U%i%$%s>uBV$G$N%Q%9%o!<%IAmEv$j967b$KCe9. Simple WAIS Interface Arbitrary Command Execution Vulnerability
BugTraq ID: 5127
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Jun 29 2002 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/5127
$B$^$H$a(B:

Simple WAIS interface $B$O(B WAIS $B%7%9%F%`$H$NE}9g2=$r7W$k%$%s%?%U%'!<%9$G(B
$B$"$k!#$3$N%=%U%H%&%'%"$O(B UNIX $B$*$h$S(B Linux $B>e$GF0:n$9$k$h$&$K@_7W$5$l$F(B
$B$$$k!#(B

$B$3$N%=%U%H%&%'%"$KB8:_$9$kLdBj$K$h$j!"G$0U$N%3%^%s%I$r]$N%3%^%s%IL>$r;XDj$7$?!"8!:wMQJ8;zNs$r(B
$B%$%s%?%U%'!<%9$XM?$($k$3$H$K$h$j!"%f!<%6$O%m!<%+%k%7%9%F%`>e$N%3%^%s%I(B
$B$N]%[%9%H(B
$B$X$N%"%/%;%9$r@x:_E*$K10. E-Guest Guest Book Script Injection Vulnerability
BugTraq ID: 5128
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Jun 30 2002 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/5128
$B$^$H$a(B:

E-Guest guest book $B$O%U%j!<$G8x3+$5$l!"%*!<%W%s%=!<%9$H$7$F%2%9%H%V%C(B
$B%/5!G=$rDs6!$9$k!#(BUNIX $B$*$h$S(B Linux $B$K$*$$$FF0:n$9$k$h$&$K@_7W$5$l$F$$(B
$B$k!#(B

$B$3$N%=%U%H%&%'%"$,Jz$($F$$$kLdBj$K$h$j!"%9%/%j%W%H%3!<%I$NCmF~$r>7$/7k(B
$B2L$,0z$-5/$3$5$l$k!#(B

E-Guest $B$O%2%9%H%V%C%/%(%s%H%j$NFCDj$N%U%#!<%k%IMs$+$iA^F~$5$l$?%9%/%j(B
$B%W%H$r==J,$K%U%#%k%?%j%s%0$7$F$$$J$$!#L>A0!"EE;R%a!<%k%"%I%l%9!"%[!<%`(B
$B%Z!<%8$*$h$SCO0h$N%U%#!<%k%IMs$G$N(B HTML $B$*$h$S%9%/%j%W%H$NA^F~$r2DG=$K(B
$B$9$k!#$3$N%=%U%H%&%'%"$rMxMQ$7$FDs6!$5$l$?(B Web $B%Z!<%8$r%"%/%;%9$9$k:]$K(B
$B$O!"%9%/%j%W%H$O%"%/%;%985%f!<%6$N(B Web $B%V%i%&%6>e$G11. E-Guest Server Side Include Arbitrary Command Execution Vulnerability
BugTraq ID: 5129
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Jun 30 2002 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/5129
$B$^$H$a(B:

E-Guest guest book $B$O%U%j!<$G8x3+$5$l!"%*!<%W%s%=!<%9$H$7$F%2%9%H%V%C(B
$B%/5!G=$rDs6!$9$k!#(BUNIX $B$*$h$S(B Linux $B$K$*$$$FF0:n$9$k$h$&$K@_7W$5$l$F$$(B
$B$k!#(B

$B$3$N%=%U%H%&%'%"$,Jz$($F$$$kLdBj$K$h$j!"%j%b!<%H%f!<%6$OLdBj$rJz$($k7$/$3$H$,2DG=$G$"(B
$B$k!#(B

12. Zap Book Server Side Include Arbitrary Command Execution
Vulnerability
BugTraq ID: 5130
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Jun 30 2002 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/5130
$B$^$H$a(B:

Zap Book $B$O!"%U%j!<$GMxMQ2DG=$J%*!<%W%s%=!<%9$G8x3+$5$l$F$$$k%2%9%H%V%C(B
$B%/$G$"$k!#$3$N%=%U%H%&%'%"$O(B UNIX $B$H(B Linux $B$GF0:n$9$k$h$&$K@_7W$5$l$F$$(B
$B$k!#(B

$B$3$N%2%9%H%V%C%/$NLdBj$rMxMQ$9$k$3$H$G!"%j%b!<%H%f!<%6$OG$0U$N%3%^%s%I(B
$B$r7$/$3$H$,2DG=$G$"(B
$B$k!#(B

13. Zap Book Script Injection Vulnerability
BugTraq ID: 5131
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Jun 30 2002 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/5131
$B$^$H$a(B:

Zap Book $B$O!"%U%j!<$GMxMQ2DG=$J%*!<%W%s%=!<%9$G8x3+$5$l$F$$$k%2%9%H%V%C(B
$B%/$G$"$k!#$3$N%=%U%H%&%'%"$O(B UNIX $B$H(B Linux $B$GF0:n$9$k$h$&$K@_7W$5$l$F$$(B
$B$k!#(B

$B$3$N%=%U%H%&%'%"$K$O%9%/%j%W%H$rCmF~$5$l$k7k2L$r>7$/$3$H$,2DG=$JLdBj$,(B
$BB8:_$9$k!#(B

Zap Book $B$O%2%9%H%V%C%/%(%s%H%j$NFCDj$N%U%#!<%k%IMs$+$iA^F~$5$l$?%9%/%j(B
$B%W%H$r==J,$K%U%#%k%?%j%s%0$7$F$$$J$$!#L>A0!"EE;R%a!<%k%"%I%l%9!"%[!<%`(B
$B%Z!<%8$*$h$SCO0h$N%U%#!<%k%IMs$G$N(B HTML $B$*$h$S%9%/%j%W%H$NA^F~$r2DG=$K(B
$B$9$k!#$3$N%=%U%H%&%'%"$rMxMQ$7$FDs6!$5$l$?(B Web $B%Z!<%8$r%"%/%;%9$9$k:]$K(B
$B$O!"%9%/%j%W%H$O%"%/%;%985%f!<%6$N(B Web $B%V%i%&%6>e$G14. Macromedia Sitespring Database Engine Denial Of Service Vulnerability
BugTraq ID: 5132
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Jul 01 2002 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/5132
$B$^$H$a(B:

Macromedia Sitespring $B$O(B J2EE $B$K=`5r$7$?(B Web $B%3%s%F%s%D$r4IM}$9$k%=%j%e!<(B
$B%7%g%s$rDs6!$9$k@=IJ$G$"$k!#(B

Sybase $B%i%s%?%$%`%(%s%8%s(B v7.0.2.1480 $B$r;HMQ$7$?(B Macromedia Sitespring
1.2.0(277.1) $B$KLdBj$,B8:_$9$k$H$NJs9p$,$"$C$?!#$3$N%G!<%?%Y!<%9%(%s%8%s(B
$B$KBP$7$F0U?^E*$KAH$_N)$F$i$l$?(B HTTP $B%j%/%(%9%H$rAw?.$9$k$3$H$K$h$C$F!"(B
Sybase $B%i%s%?%$%`%(%s%8%s$H(B Sitespring Web $B%5!<%S%9$r%/%i%C%7%e2DG=$G$"(B
$B$k!#0U?^E*$KAH$_N)$F$i$l$?(B HTTP $B%j%/%(%9%H$r=hM}$9$k:]$K!"$3$N%G!<%?%Y!<(B
$B%9%(%s%8%s$O(B Web $B%5!<%S%9$r4,$-9~$s$G%/%i%C%7%e$9$k$3$H$,Js9p$5$l$F$$$k!#(B
$B$3$N%G!<%?%Y!<%9%(%s%8%s$O!"%G%U%)%k%H$G(B 2500 $BHV$N(B TCP $B%]!<%H$r;HMQ$9$k!#(B

$BB>$N%P!<%8%g%s$b$^$?!"$3$NLdBj$N1F6A$r15. Macromedia JRun Source Disclosure Vulnerabilities
BugTraq ID: 5134
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Jul 01 2002 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/5134
$B$^$H$a(B:

Macromedia JRun $B$O!"(BMicrosoft Windows $B>e$GF0:n$9$k(B IIS 4/5 $B$H6&$K;HMQ(B
$B$5$l$k(B J2EE $B%"%W%j%1!<%7%g%s%5!<%P$G$"$k!#$3$N@=IJ$O!"(BUNIX $B$d(B Linux 
$B>e$G$b;HMQ$9$k$3$H$,2DG=$G$"$k!#(B

Macromedia JRun $B$K$O?tB?$/$N%=!<%9%3!<%IHV9f$r3+<($7$F$7$^$&LdBj$rJz$((B
$B$F$$$k5?$$$,$"$k!#$3$NLdBj$O!"(Bnull $BJ8;z$NITE,@Z$J=hM}$K$h$C$F5/$3$k$HJs(B
$B9p$5$l$F$$$k!#(Bnull $BJ8;z$r4^$`0U?^E*$KAH$_N)$F$i$l$?(B HTTP $B%j%/%(%9%H$K$h$C(B
$B$F!"(BJRun $B$O(B .JSP $B%U%!%$%k$r@5$7$/2rZ$N$h$&$J(B) $B$r4^$`=EMW$J>pJs$K%"%/%;%9$9$k2DG=@-$,B8:_$9$k!#(B

16. Betsie Parserl.PL Cross-Site Scripting Vulnerability
BugTraq ID: 5135
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Jul 01 2002 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/5135
$B$^$H$a(B:

Betsie (BBC Education Text to Speech Internet Enhancer) $B$O!"(BWeb $B%3%s%F(B
$B%s%D$N1\Mw8~$1$NJ8;z2;@u67$rLdBj$N$"$k%=%U%H%&%'%"$,F0:n$7$F$$$k%5%$%H$X$N0-0U$"(B
$B$k%O%$%Q!<%j%s%/$rDL$8$F0-MQ$9$k2DG=@-$,$"$k!#$3$NLdBj$rMxMQ$9$k967b$,(B
$B@.8y$7$?>l9g!"967be$GCmF~$7$?%9%/%j%W%H$ru67$r@5Ev$J%f!<%6$+$i%/%C%-!<$K4p$E$/G'>Z>pJs$rC%17. OmniHTTPD Long Request Buffer Overflow Vulnerability
BugTraq ID: 5136
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Jul 01 2002 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/5136
$B$^$H$a(B:

OmniHTTPD $B$O(B Microsoft Windows $B8~$1$N(B Web $B%5!<%P$G$"$k!#(B

OmniHTTPD $B$O%j%b!<%H$+$i%P%C%U%!%*!<%P!<%U%m!<$r0z$-5/$3$5$l$k5?$$$,$"(B
$B$k!#$3$NLdBj$OD9$$%X%C%@$r4^$`%j%/%(%9%H$Nu67$O%X%C%@%U%#!<%k%IFb$NJ8;zNs$,(B 4096 $B%P%$%H$rD6$($FAw$i$l$?(B
$B:]!"0z$-5/$3$5$l$k$3$H$,CN$i$l$F$$$k!#(B

$B$3$NLdBj$O(B DoS $B$r0z$-5/$3$9!"$b$7$/$O967b7$/2DG=@-$,$"$k!#(B

OmniHTTPD $B$ODL>o!"(BSYSTEM $B8"8B$GF0:n$7$F$$$k!#967bl9g!"967bBP>]$N%3%s%T%e!<%?A4BN$X$N6<0R$H$J$k2DG=@-$,$"(B
$B$k!#(B

$B$3$NLdBj$O%=%U%H%&%'%"$N%P!<%8%g%s(B 2.09 $B$GJs9p$5$l$F$$$k!#B>$N%P!<%8%g%s(B
$B$b$3$N1F6A$r18. Blackboard Cross-Site Scripting Vulnerability
BugTraq ID: 5137
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Jul 01 2002 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/5137
$B$^$H$a(B:

Blackboard $B$O(B Web $B$rMxMQ$9$k3X=,;Y1g%=%U%H%&%'%"$G$"$k!#(B

Blackboard $B$O%/%m%9%5%$%H%9%/%j%W%F%#%s%0$rMxMQ$9$k967b$N1F6A$ru67$rLdBj$N$"$k%=%U%H%&%'%"$,F0:n$7$F$$$k%5%$%H$X$N0-0U$"$k(B
$B%O%$%Q!<%j%s%/$rDL$8$F0-MQ$9$k2DG=@-$,$"$k!#$3$NLdBj$rMxMQ$9$k967b$,@.8y(B
$B$7$?>l9g!"967be$GCmF~$7$?%9%/%j%W%H$ru67$r@5Ev$J%f!<%6$+$i%/%C%-!<$K4p$E$/G'>Z>pJs$rC%$NO@5r$K$D$$$F$bJs9p$5$l$F$$$k!#(B

19. AnalogX Proxy Socks4A Buffer Overflow Vulnerability
BugTraq ID: 5138
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Jul 01 2002 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/5138
$B$^$H$a(B:

AnalogX Proxy $B$O(B Microsoft Windows $B8~$1$N%W%m%-%7%5!<%P%=%U%H%&%'%"$G$"(B
$B$k!#(B

AnalogX Proxy $B$O(B(TCP $B%]!<%H(B 1080 $BHV$r7PM3$7$F(B)$B0U?^E*$KAH$_N)$F$i$l$?(B 
SOCKS4A $B%j%/%(%9%H$Nu67$O%[%9%HL>$NIT==J,$J6-3&%A%'%C%/$,860x$G(B
$B$"$j!"$5$i$K(B 140 $B%P%$%H$b$7$/$O$=$l0J>e$N%[%9%HL>$rH<$&0U?^E*$KAH$_N)$F(B
$B$i$l$?%j%/%(%9%H$NAw?.$K$h$j:F8=$5$l$k2DG=@-$,$"$k!#(B

$B$3$NLdBj$O(B DoS $B$r0z$-5/$3$9$?$a$K0-MQ$5$l$k2DG=@-$,$"$k!#0U?^E*$KAH$_N)(B
$B$F$i$l$?%j%/%(%9%H$,%W%m%-%7%5!<%P$KEO$5$l$?>l9g!"%(%i!<%a%C%;!<%8$,%9(B
$B%/%j!<%s>e$K8=$l$k!#J#?t$N0U?^E*$KAH$_N)$F$i$l$?%j%/%(%9%H$O%5!<%S%9$N(B
$B1~Ez$rDd;_$5$;$k2DG=@-$,$"$k!#2C$($F$3$NLdBj$K$h$j!"%W%m%-%7%5!<%P$N%W(B
$B%m%;%9$N8"8B$G$N!"967b20. AnalogX Proxy Web Proxy Buffer Overflow Vulnerability
BugTraq ID: 5139
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Jul 01 2002 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/5139
$B$^$H$a(B:

AnalogX Proxy $B$O(B Microsoft Windows $B8~$1$N%W%m%-%7%5!<%P%=%U%H%&%'%"$G(B
$B$"$k!#(B

AnalogX Proxy $B$O0U?^E*$KAH$_N)$F$i$l$?(B (TCP $B%]!<%HHV9f(B 6588 $BHV$KBP$7$F(B
$B$N(B) HTTP $B%W%m%-%7%j%/%(%9%H$re$N%9(B
$B%Z!<%90J30$NJ8;z!"$=$N8e$K(B 2 $B$D$N(B CR/LF ($B2~9T!"I|5"%3!<%I(B) $B$+$i@.$k(B HTTP
$B%j%/%(%9%H$r0U?^E*$KAH$_N)$F$kI,MW$,$"$k!#(B

$B$3$l$O(B DoS $B>uBV$r0z$-5/$3$9$?$a$KMxMQ$5$l$k2DG=@-$,$"$k!#0U?^E*$KAH$_(B
$BN)$F$i$l$?(B HTTP $B%j%/%(%9%H$,%W%m%-%7$K$h$C$Fe$K%(%i!<%a%C%;!<%8$,I=<($5$l$k!#J#?t$N0U?^E*$KAH$_N)$F$i$l$?(B HTTP 
$B%j%/%(%9%H$O%5!<%S%9$N1~EzDd;_$r0z$-5/$3$9$3$H$,2DG=$G$"$k!#$5$i$K!"$3(B
$B$NLdBj$rMxMQ$9$k967b$O%W%m%-%7%5!<%P%W%m%;%9$H$7$FG$0U$N967b21. Slashcode Paragraph Tag Script Injection Vulnerability
BugTraq ID: 5140
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Jul 02 2002 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/5140
$B$^$H$a(B:

SlashCode $B$OEE;R7G<(HD!"%G%#%9%+%C%7%g%s!"%]!<%?%k%5%$%H5!G=$rAH$_9g$o(B
$B$;$?J#9g4D6-$G$"$k!#$3$N%=%U%H%&%'%"$O9-HO0O$KMxMQ$5$l!"$^$?!"CxL>$J%5(B
$B%$%H$G$"$k(B ./ ($B%9%i%C%7%e%I%C%H(B) $B$G$N%3%s%F%s%DDs6!$K$bMxMQ$5$l$F$$$k!#(B

$BJs9p$K$h$k$H!"LdBj$OFCDj$N(B CVS $B%P!<%8%g%s$N(B SlashCode $B$,2TF0$7$F$$$k%5(B
$B%$%H$N$_$KB8:_$9$k!#%7%9%F%`>e$N0-0U$N$"$k%f!<%6$,(B SlashCode $B%7%9%F%`$K(B
$B$h$C$F@8@.$5$l$?(B Web $B%3%s%F%s%D$KG$0U$N(B HTML $B%3!<%I(B $B$rCmF~2DG=$G$"$k$H(B
$B?d;!$5$l$k!#$3$N(B Web $B%3%s%F%s%D$,%7%9%F%`$N@55,$N%f!<%6$K$h$C$F;2>H$5$l(B
$B$k:]$K!"(BSlashCode $B$rMxMQ$7$F$$$k(B Web $B%5%$%H$HF13J$N8"8B$G!"967bZMQ>pJs$r4^$`!"%/%C%-!pJs$X$N%"%/%;%9$d!"(B
$BLdBj$rJz$($k(B Web $B%5%$%H$X$N8=:_G'>Z:Q$_$N%f!<%6$N8"8B$G$NF0:n$N>h$C22. PHPAuction Unauthorized Administrative Access Vulnerability
BugTraq ID: 5141
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: Jul 02 2002 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/5141
$B$^$H$a(B:

PhpAuction $B$O%U%j!<$GF~e$G(B PHP $B%9%/%j%W%H8@8l$r;H(B
$BMQ$7$F5-=R$5$l$F$$$k!#(B

PHPAuction $B$K$O$$$+$J$k%f!<%6$G$"$C$F$b4IM}pJs$O(B admin users table $B$KA^F~$5$l$k!#7k2L$H(B
$B$7$F!"%f!<%6$O4IM}Z2DG=$G$"$k!#(B

$B$3$NLdBj$rMxMQ$9$k967b$r9T$&;v$G%"%W%j%1!<%7%g%s$N%;%-%e%j%F%#$X$N6<0R(B
$B$r0z$-5/$3$9;v$,2DG=$G!"=EMW$J>pJs$,3+<($5$l$k7k2L$r>7$/2DG=@-$,$"$k!#(B

23. HP-UX DCE Client IPv6 Denial of Service Vulnerability
BugTraq ID: 5143
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: Jul 01 2002 12:00A
$B4XO"$9$k(BURL:
http://www.securityfocus.com/bid/5143
$B$^$H$a(B:

HP-UX $B%P!<%8%g%s(B 11.11 $B$O(B DCE ($BJ,;6%3%s%T%e!<%F%#%s%04D6-(B) $B$N%5%]!<%H(B
$B$K(B IPv6 $B$rDI2C$7$?!#(B

$B%f!<%6$,FbIt%G!<%?$NJQ99$K$h$C$F(B DCE $B%G!<%b%s$G$"$k(B dced $B$d(B rpcd $B$N%/(B
$B%i%C%7%e$r0z$-5/$3$9$3$H$,2DG=$G$"$kLdBj$,B8:_$9$k!#$3$l$O$=$N8e%7%9%F(B
$B%`$r(B DoS $B>uBV$K4Y$i$;$k!#(B

III. SECURITYFOCUS NEWS AND COMMENTARY
--------------------------------------
1. Fugitive DEA Agent Arrested in Mexico
$BCxpJs$r8D?MA\::;vL3=j$KGd$C$?Be6b(B
$B$r1#$7$F$$$?!#(B

http://online.securityfocus.com/news/510

2. Yaha Worm Takes Out Pakistan Government's Site
$BCx]$N%3%s%T%e!<%?$rMxMQ$7!"(B
$B9q6-$r1[$($?%5%$%P!<@oAh$X$H%$%s%I?M$rJg$m$&$H$7$F$$$k!#(B

http://online.securityfocus.com/news/501

3. Mitnick Testifies Against Sprint in Vice Hack Case
$BCxAw!"K5http://online.securityfocus.com/news/497

4. Gobbles Releases Apache Exploit
$BCx$N%;%-%e%j%F%#8&5f$J(B Apache $B%&%'%V%5!<%P$N7g4Y$rMxMQ$7$?967b$N%W(B
$B%m%0%i%`$N%=!<%9%3!<%I$rH/I=$7$?!#(B

http://online.securityfocus.com/news/493

IV.SECURITYFOCUS TOP 6 TOOLS
-----------------------------
1. RADIUS module for Ruby v1.0.0
$B:nhttp://online.securityfocus.com/tools/2757
$BF0:n4D6-(B: Os Independent
$B$^$H$a(B:

RADIUS Ruby module $B$O(B Ruby $B$r;HMQ$7$F(B RADIUS $B$K(B RFC 2138/2139 $B=`5r$N%$(B
$B%s%?%U%'!<%9$rDs6!$7$^$9!#$=$N(B API $B$O(B Perl $B$N(B Net::Radius $B%b%8%e!<%k$r(B
$B2. netspeed_applet for gnome v0.1
$B:nhttp://mfcn.ilo.de/netspeed_applet/
$BF0:n4D6-(B: N/A
$B$^$H$a(B:

netspeed_applet $B$O;XDj$7$?%M%C%H%o!<%/%G%P%$%9(B ($BNc$($P(B eth0) $B$N%H%i%U%#%C(B
$B%/NL$r(B kbytes/s $B$GI=$9!">.$5$J(B GNOME $B%"%W%l%C%H$G$9!#(B

3. Pound v0.5
$B:nhttp://www.apsis.ch/pound/
$BF0:n4D6-(B: Linux, OpenBSD, POSIX
$B$^$H$a(B:

Pound $B$O%j%P!<%9(B HTTP $B%W%m%-%7!"Ii2YJ,;6!"$*$h$S(B SSL $B%i%C%Q!<$G$9!#(B
$B$3$N%=%U%H%&%'%"$O%/%i%$%"%s%H$+$i$N(B HTTPS $B%j%/%(%9%H$r%P%C%/%(%s%I$KG[(B
$BCV$5$l$F$$$k(B HTTP $B%5!<%P72$X$N%W%m%-%7$H$7$FF0:n$7!"$^$?!"(BHTTP $B%;%C%7%g(B
$B%s$,7QB3$7$F$$$k4V!"$$$/$D$+$N%5!<%P$KBP$7$F==J,$J$@$1%j%/%(%9%H$rJ,;6(B
$B$5$;$k5!G=$rHw$($F$$$^$9!#Nc$(%P%C%/%(%s%I$KG[CV$5$l$F$$$k(B Web $B%5!<%P$,(B
HTTP/1.0 $B$K=`5r$7$F$$$k4. Wireless Access Point Utilites for Unix v1.0.2
$B:nhttp://ap-utils.polesye.net/
$BF0:n4D6-(B: Linux, POSIX
$B$^$H$a(B:

Wireless Access Point Utilites $B$O(B UNIX $BMQ$N%"%W%j%1!<%7%g%s$G!"(BUNIX $B4D(B
$B6-$G;HMQ$7$F$$$k%o%$%d%l%9%"%/%;%9%]%$%s%H$N@_Dj$*$h$S4F;k$r$9$k$?$a$N(B
$B0lO"$N%f!<%F%#%j%F%#$G$9!#(B

5. SimpleFirewall v0.6-4
$B:nhttp://www.sourceforge.net/projects/sfirewall/
$BF0:n4D6-(B: Linux, POSIX
$B$^$H$a(B:

Simple Firewall $B$O%f!<%6$*$h$S%"%/%;%9%3%s%H%m!<%k$N4IM}MQ$N4JC1$J%D!<(B
$B%k$G$9!#$3$l$O%Q%1%C%H%U%#%k%?%j%s%0$K(B iptables $B$r;HMQ$7$F!"(BXML $B7A<0$G(B
$B%U%#%k%?%j%s%0%k!<%k$rJ]B8$7$^$9!#$3$l$O(B bash $B$*$h$S(B webmin $B$rMxMQ$7$F(B
Web $B>e$G6. conntrack viewer v1.1
$B:nhttp://cv.intellos.net
$BF0:n4D6-(B: Linux, POSIX
$B$^$H$a(B:

Conntrack Viewer $B$O(B iptables $B$rMxMQ$7!"(B/proc/net/ip_conntrack $B$r85$K(B IP
$B%^%9%+%l!<%I$N>uBV$r;2>H$9$k$?$a$N(B Perl $B$G5-=R$5$l$?%9%/%j%W%H$G$9!#(B
ipchains $B$rMxMQ$7$F$$$k>l9g$K$O!"(BIP $B%^%9%+%l!<%I$N>uBV$N;2>H$r(B netstat -M
$B$"$k$$$O(B netstat --masquerade $B$rl9g$KF1$8%3%^%s%I$rl9g(B
$B$K$O!"(Bnetstat: no support for `ip_masquerade' on this system $B$H$$$&7k2L(B
$B$,JV$k$@$1$G$9!#(Biptables $B$rMxMQ$7$F$$$k>l9g$K$O%^%9%+%l!<%I$K4X$9(B
$B$k>pJs$OMF0W$KFI$_=P$;$J$$(B /proc/net/ip_conntrack $B$rMxMQ$7$F$N$_;2>H2D(B
$BG=$J$N$G$9!#$3$N%W%m%0%i%`$K$h$j!">pJs;2>H$,MF0W$K$J$j$^$9!#(B
--
$BLu(B: $B:d0f=g9T(B(SAKAI Yoriyuki)$B!">.3^8691M:(B(OGASAWARA Tsuneo)$B!"(B
$B@PED6G5W(B(ISHIDA Akihisa)$B!"http://www.lac.co.jp/security/
smime.p7s