SecurityFocus.com Newsletter #76 2001-1-12->2001-1-18

To: BUGTRAQ-JP@SECURITYFOCUS.COM
Subject: SecurityFocus.com Newsletter #76 2001-1-12->2001-1-18
From: KAGEYAMA Tetsuya <t.kageym@LAC.CO.JP>
Date: Thu, 25 Jan 2001 19:22:27 +0900
Reply-To: KAGEYAMA Tetsuya <t.kageym@LAC.CO.JP>
Sender: BUGTRAQ-JP List <BUGTRAQ-JP@SECURITYFOCUS.COM>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

$B1F;3(B@$B%i%C%/$G$9!#(B

SecurityFocus.com Newsletter $BBh(B 76 $B9f$NOBLu$r$*FO$1$7$^$9!#(B
$BLu$N$J$$9`L\$K$D$$$F$O!VF|K\8lLu$J$7!W$H$7$F6hJL$7$F$"$j$^$9!#(B

- ---------------------------------------------------------------------------
SecurityFocus.com Newsletter $B$K4X$9$k(BFAQ:
<URL: http://www.securityfocus.com/forums/sf-news/faq.html>
BugTraq-JP $B$K4X$9$k(B FAQ:
<URL: http://www.securityfocus.com/forums/bugtraq-jp/faq.html>
- ---------------------------------------------------------------------------
$B0zMQ$K4X$9$kHw9M(B:
$B!&$3$NOBLu$O(B Security-Focus.com $B$N5v2D$r3t<02qe$G9T$o(B
  $B$l$F$$$^$9!#(B
$B!&(BSecurityFocus.com Newsletter $B$NOBLu$r(B Netnews, Mailinglist,
  World Wide Web, $B=q@R(B, $B$=$NB>$N5-O?G^BN$G0zMQ$5$l$k>l9g$K$O%a!<%k$N(B
  $BA4J80zMQ$r$*4j$$$7$^$9!#(B
$B!&F|K\8lHG%K%e!<%9%l%?!<(B 1 $B9f$+$i(B 3 $B9f$^$G$K$O$3$NHw9M$,IU$$$F$$$^$;(B
  $B$s$,=`MQ$9$k$b$N$H$7$^$9!#(B
$B!&$^$?!"(BSecurity-Focus.com $BDs6!$N(B BugTraq-JP $B%"!<%+%$%V(B [*1] $B$X$N$$$+(B
  $B$J$k7A<0$N%O%$%Q!<%j%s%/$b>e5-$K=`$8$F$/$@$5$$!#(B
1) <URL http://www.securityfocus.com/templates/archive.pike?list=79>
- ---------------------------------------------------------------------------
- ---------------------------------------------------------------------------
$B$3$NOBLu$K4X$9$kHw9M(B:
$B!&$3$NOBLu$NE,MQ@.2L$K$D$$$F3t<02ql9g!"(BBUGTRAQ-JP $B$X(B Errata $B$H$7$F=$@5(B
  $BHG$r$4Ej9FD:$/$+!"Lul9g$K$O=$@5HG$r$G$-$k$@$1?WB.$KH/9T$7$^$9!#(B
- ---------------------------------------------------------------------------
- ---------------------------------------------------------------------------
$B86HG(B:
Message-ID:  <Pine.GSO.4.30.0101220902550.18443-100000@mail>
Date:         Mon, 22 Jan 2001 09:03:47 -0800

SecurityFocus.com Newsletter #76
- --------------------------------

I. FRONT AND CENTER($BF|K\8lLu$J$7(B)
     1. NFS and NIS Security
     2. Running Snort on IIS Web Servers: Part I
II. BUGTRAQ SUMMARY
     1. Microsoft MSHTML.DLL Crash Vulnerability
     2. Microsoft Windows Media Player .WMZ Arbitrary Java Applet Vulnerability
     3. Veritas Backup Denial of Service Vulnerability
     4. PHP .htaccess Attribute Transfer Vulnerability
     5. SuSE rctab Race Condition Vulnerability
     6. Iomega JaZip Buffer Overflow Vulnerability
     7. splitvt Format String Vulnerability
     8. OmniHTTPD File Corruption and Command Execution Vulnerability
     9. Trend Micro Interscan VirusWall Weak Admin Password Protection Vuln
     10. Trend Micro Interscan VirusWall Symlink Root Compromise Vulnerability
     11. Flash Sound Write-Overflow Vulnerability
     12. Caldera DHCP Package Format String Vulnerabililty
     13. Tinyproxy Heap Overflow Vulnerability
     14. Microsoft WINS Domain Controller Spoofing Vulnerability
     15. SSH Secure-RPC Weak Encrypted Authentication Vulnerability
     16. glibc LD_PRELOAD File Overwriting Vulnerbility
     17. Postaci Arbitrary SQL Command Injection Vulnerability
     18. Checkpoint Firewall-1 4.1 Denial of Service Vulnerability
     19. HP-UX Support Tools Manager Denial of Service Attack
III. SECURITYFOCUS.COM NEWS ARTICLES
     1. Ramen hits NASA
     2. Microsoft miffed at Bulgarian bug buster
     3. Linux worm uses its noodle
     4. IT bigwigs launch anti-hack club
     5. The Other Hacker Contest
IV.SECURITY FOCUS TOP 6 TOOLS
     1. IP Stack Integrity Checker 0.05
     2. Extensible System Monitor 1.0
     3. Snort 1.7
     4. Net Tools 2001
     5. SecureStack 1.0
     6. idsa 0.90.3

I. FRONT AND CENTER($BF|K\8lLu$J$7(B)
- ---------------------------------

II. BUGTRAQ SUMMARY
- -------------------
1. Microsoft MSHTML.DLL Crash Vulnerability
BugTraq ID: 2202
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2001-01-15
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/2202
$B$^$H$a(B:

MSHTML.DLL $B$O(B Internet Explorer $B$d4XO"$9$k%"%W%j%1!<%7%g%s$G(B HTML $B$r2r(B
$B@O$9$k$?$a$K;HMQ$5$l$k6&M-%i%$%V%i%j$G$"$k!#$3$N%i%$%V%i%j$OFCJL$J(B
Jscript $B%W%m%0%i%`$rMQ$$$k$3$H$G%j%b!<%H$+$i$N967bl9g!"%i%$%V%i%j$,%/%i%C%7%e$9$k$HJs9p$5$l$F$$$k!#$3$NF0:n$OH/8+2. Microsoft Windows Media Player .WMZ Arbitrary Java Applet Vulnerability
BugTraq ID: 2203
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2001-01-15
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/2203
$B$^$H$a(B:

Microsoft Windows Media Player 7 $B$K$O!"(B Internet Explorer $B$H(B Java $B$H$r(B
$BMxMQ$7$F967b2DG=$Jl=j$+$i%@%&%s%m!<%I2DG=$G$"$k!#(BWindows Media Player $B$N$?$a$N%9%-(B
$B%s$O4{CN$G$"$k>l=j(B "C:\Program files\Windows Media Player\Skins\skin.wmz"
$B$K%$%s%9%H!<%k$5$l$k!#(B

$B$=$N$?$a!"%j%b!<%H$K$"$k(B HTML $B%I%-%e%a%s%H$r!"5>@7$H$J$k%f!<%6$,%V%i%&(B
$B%6$GA*Br$7$F$7$^$&$H!"G$0U$N%U%!%$%k$r(B'skin.wmz'$B$H$$$&L>A0$G4{CN$N0LCV(B
$B$K%@%&%s%m!<%I$7$F$7$^$&2DG=@-$,$"$k!#(B

$B0-0U$"$k%j%b!<%H%f!<%6$O!"(BWindows Media Player $B$N%9%-%s%U%!%$%k$N$h$&$K(B
$B56Au$5$l$?l9g!"96(B
$B7bl9g$K$O!"967b@7$H$J(B
$B$C$?%f!<%6$N%;%-%e%j%F%#%3%s%F%-%9%H$NHO0OFb$G$7$+!"%7%9%F%`$K%"%/%;%9(B
$B$G$-$J$$!#(B

3. Veritas Backup Denial of Service Vulnerability
BugTraq ID: 2204
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2001-01-15
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/2204
$B$^$H$a(B:

Veritas $B$+$iDs6!$5$l$F$$$k(B Backup $B$O!"%G!<%?$rJ]8n$9$k$?$a$N%=%U%H%&%'(B
$B%"$G!"(BDoS $B$K4Y$k2DG=@-$,$"$k!#(B

Veritas $B$O(B 8192 $BHV%]!<%H$r3+$$$F$$$k(B Linux $B%(!<%8%'%s%H$rDs6!$7$F$$$k!#(B
$B967bl9g!"%5!<%S%9(B
$B$O@\B3$,3+J|$5$l$k$^$GDd;_$9$k!#$=$N$?$a!"(BDoS $B>uBV$K4Y$k!#$3$l$O!"%M%C(B
$B%H%o!<%/$N(B I/O $B$NITE,@Z$Jo5!G=$rI|5l$9$k$?$a$K$O%5!<%S%9$N:F5/F0$,I,MW$G$"$k!#(B

4. PHP .htaccess Attribute Transfer Vulnerability
BugTraq ID: 2206
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2001-01-16
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/2206
$B$^$H$a(B:

PHP (Personal Home Page) $B%=%U%H%&%'%"%Q%C%1!<%8$O!"(BPHP Development Team
$B$K$h$jG[I[$*$h$S0];}4IM}$,$J$5$l$F$$$k!#(BPHP $B$O(B Web $B%Z!<%8$NI=8=NO$d5!G=(B
$B$r6/2=$9$k!#(B

PHP $B%Q%C%1!<%8$K$O!"@)8B$5$l$F$$$k;q8;$X$NIT@5$J%"%/%;%9$r5v$7$F$7$^$&(B
$BLdBj$,B8:_$9$k!#@53N$K$O!"(BPHP $B%Q%C%1!<%8$N(B Apache Module $B$K=j:_$7!"(B
Apache Web $B%5!<%P$HAH$_9g$o$;$F2TF0$5$;$k:]$K$N$_1F6A$9$k!#(B.htaccess
$B%U%!%$%k$r;HMQ$7!"%G%#%l%/%H%j$4$H$K%"%/%;%9@)8B$9$k$3$H$,2DG=$G$"$k!#(B

$B$7$+$7!"9*L/$KAH$_N)$F$i$l$?%j%/%(%9%H$r@8@.$9$k$3$H$K$h$j!"(BPHP$B$KD>A0$K(B
$B%"%/%;%9$7$?%Z!<%8$HF1$8%"%/%;%9@)8B$NB0@-$GpJs<}=8967b(B (intelligence
gathering attack) $B$,9T$o$l$k>l9g$K:]$7!"5!L)>pJs$r3+<($7$F$7$^$&2DG=@-(B
$B$,$"$k!#(B

5. SuSE rctab Race Condition Vulnerability
BugTraq ID: 2207
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2001-01-13
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/2207
$B$^$H$a(B:

rctab $B$O(B Linux $B%*%Z%l!<%F%#%s%0%7%9%F%`$N(B 1 $B%G%#%9%H%j%S%e!<%7%g%s!"(B
SuSE $B$KF1:-$5$l$k(B Run Control Tab $B%9%/%j%W%H$G$"$k!#(BSuSE $B$O%U%j!<$GMxMQ(B
$B$G$-!"(BSuSE Incorporated $B$K$h$j0];}4IM}$5$l$k%*!<%W%s%=!<%9$N%*%Z%l!<%F(B
$B%#%s%0%7%9%F%`$G$"$k!#(B

rctab $B%9%/%j%W%H$G$N6%9g>uBV(B (race condition) $B$K$h$j!"967b:(B
$B3J!"$^$?!"%7%9%F%`%U%!%$%k$XDI2C=q$-9~$_!"$b$7$/$OGK2u$9$k$3$H$,2DG=$G(B
$B$"$k!#$3$NLdBj$O!"(Brctab $B%9%/%j%W%H$K$h$j%;%-%e%"$G$J$$J}K!$G(B /tmp $B%G%#(B
$B%l%/%H%j$K%U%!%$%k$r@8@.$5$l$k$?$a$K@8$8$k!#(Brctab $B%9%/%j%W%H$rA0$,$D$1$i$l$?(B
$B%5%V%G%#%l%/%H%j$K@8@.$9$k!#$^$?!"$3$N%9%/%j%W%H$O!"DL>o(B root $B8"8B$Ge(B
$B=q$-$dB>$N%7%9%F%`%U%!%$%k$KDI5-$,2DG=$G!"$^$?!"@x:_E*$K$O8"8B$N>:3J$K(B
$BMxMQ$5$l$F$7$^$&2DG=@-$,$"$k!#(B

6. Iomega JaZip Buffer Overflow Vulnerability
BugTraq ID: 2209
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2001-01-14
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/2209
$B$^$H$a(B:

Iomega jaZip $B$O!"(BZip $B$d(B Jaz $B$N%j%`!<%P%V%k%a%G%#%"$re$KD9$$J8;zNs$rF~NO$9$k$3$H$K$h$j!"%m!<%+%k$+$i967be$K%3%T!<$5$l$?2aEY$N%G!<%?$K$h$j!"8F$S=P$7$?4X?t$N%j%?!<%s%"%I(B
$B%l%9$J$I$N$h$&$J%9%?%C%/%U%l!<%`$N=EMW$JItJ,$r>e=q$-$9$k$3$H$,$G$-$k!#(B
$B$3$N%G!<%?$O%f!<%6$K$h$jF~NO$5$l$k$?$a!"G$0U$KAH$_N)$F$k$3$H$,$G$-!"%W(B
$B%m%0%i%`l9g!"967b7. splitvt Format String Vulnerability
BugTraq ID: 2210
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2001-01-16
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/2210
$B$^$H$a(B:

splitvt $B$O(B Sam Lantinga $B;a$K$h$j@_7W$5$l$?!"(B1 $B$D$N%?!<%_%J%k%&%#%s%I%&(B
$B$G(B 2 $B$D$N%3%^%s%I%i%$%s%$%s%?!<%U%'%$%9$rMxMQ$9$k$?$a$N!"(BVT100 $B8_49$NC<(B
$BKv%&%#%s%I%&$rJ,3d$9$k%W%m%0%i%`$G$"$k!#$3$l$O%U%j!<$GMxMQ2DG=$G!"%*!<(B
$B%W%s%=!<%9$G$"$j!"$+$D(B Linux $B%*%Z%l!<%F%#%s%0%7%9%F%`$NB??t$N%G%#%9%H%j(B
$B%S%e!<%7%g%s$KF1:-$5$l$F$$$k!#(B

$B$3$N%W%m%0%i%`$K$O!"=q<0;XDj;RNs967b$re$N(B
$BJQ?t$r>e=q$-$7!"(B$HOME $B4D6-JQ?t$K4^$^$l$F$$$k%7%'%k%W%m%0%i%`$r8. OmniHTTPD File Corruption and Command Execution Vulnerability
BugTraq ID: 2211
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2001-01-15
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/2211
$B$^$H$a(B:

OmniHTTPD $B$O!"(BOmnicron Technologies $B$K$h$jDs6!$5$l$k(B Windows $B$GF0:n$9$k(B
$B>.7?$N(B Web $B%5!<%P$G$"$k!#(BOmniHTTPD $B$O!"J#?t$N%I%a%$%s%5%]!<%H!"@\B3$NJ](B
$B8n!"2>A[(B IP $B$d(B IP $B$G$J$$%5!<%P!"I8=`(B CGI $B%5%]!<%H$J$IMM!9$J5!G=$r;}$D!#(B

'statsconfig.pl' $B$NA0$rGK2u$7$?$j!"G$0U$N%3%^(B
$B%s%I$N$K!"6u$N0z?t$,$D(B
$B$$$?(B'cgidir'$B%U%)!<%`JQ?t$rIU2C$9$k$3$H$K$h$j!"%U%!%$%kL>$OGK2u$5$l$k!#(B
$B$5$i$K!"%?!<%2%C%H%5!<%P>e$G%3%^%s%I$Ne$K(B Perl $B%9%/%j%W%H$r@8@.$9$k$?$a$G$"(B
$B$k!#(BPerl $B%9%/%j%W%H@8@.;~!"%f!<%6$,F~NO$7$?%G!<%?(B ($B%U%)!<%`JQ?t$,B8:_$9(B
$B$l$P!"$[$H$s$I$N%V%i%&%6$G(B) $B$O!"D>@\(B Perl $B%9%/%j%W%H%U%!%$%k$K=q$-9~$^(B
$B$l$k!#967bl9g!"(Bstatsconfig $B$,%9%/%j%W%H$rl9g!"%[%9%H$O99$J$k967b$KGxO*$5$l!"$^$?!"(B
DoS $B>uBV$K4Y$i$;$i$l$F$7$^$&2DG=@-$,$"$k!#(B

9. Trend Micro Interscan VirusWall Weak Admin Password Protection Vulnerability
BugTraq ID: 2212
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2001-01-14
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/2212
$B$^$H$a(B:

$B$3$N%=%U%H%&%'%"$,%j%b!<%H$+$i4IM}Z$9$k:]$K;HMQ$9$kJ}K!$O!"4IM}(B
$B$H%Q%9%o!<%I$rC1=c$K(B Base64 $B7A<0$KJQ49$9$k$N$_$G$"$k!#$=$N(B
$B$?$a!"==J,$J5;=Q$H%M%C%H%o!<%/$K%"%/%;%92DG=$J967bpJs$r(B HTTP $B%W%m%H%3%k$r;HMQ$7J?J8$GAw$N10. Trend Micro Interscan VirusWall Symlink Root Compromise
Vulnerability
BugTraq ID: 2213
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2001-01-14
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/2213
$B$^$H$a(B:

Interscan VirusWall $B$O<+M3$K=q$-9~$_2DG=$J(B /tmp $B%G%#%l%/%H%j$K0l;~%U%!(B
$B%$%k$r?dB,2DG=$JL?L>5,B'$G%U%!%$%k$r:n@.$9$k!#$"$i$+$8$a(B Interscan
VirusWall $B$,4IM}$r;}$D%7%s%\%j%C(B
$B%/%j%s%/$r:n$k$3$H$,2DG=$G$"$k!#(B

$B$3$NLdBj$rFM$$$?967b$,0z$-5/$3$5$l$k;~!"@53N$K?dB,$5$l$?%7%s%\%j%C%/%j(B
$B%s%/$N<($9@h$N%U%!%$%k$O!"4IM}e=q$-$5$l$k!#2>$K967b11. Flash Sound Write-Overflow Vulnerability
BugTraq ID: 2214
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2001-01-14
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/2214
$B$^$H$a(B:

Flash $B%W%i%0%$%s$O%^%/%m%a%G%#%".$5$+$C$?>l9g!"%G!<%?(B
$B$N>e=q$-$,H/@8$9$k!#8N$K!"(B [samples] $B$K5-$5$l$?CM$NAm%P%$%H?t$rD6$($F%9(B
$B%?%C%/$r>e=q$-$9$k$3$H$,$G$-!"G$0U$N%3%^%s%I$Ne$2$r9T$&$3$H(B
$B$r2DG=$K$9$k!#$3$N@H12. Caldera DHCP Package Format String Vulnerabililty
BugTraq ID: 2215
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2001-01-15
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/2215
$B$^$H$a(B:

DHCP $B$O(B Dynamic Host Configuration Protocol $B$NN,>N$G$"$j!"%*!<%W%s%=!<(B
$B%9$G!"%U%j!<$G$"$j!"%[%9%H4IM}$N$?$a$NDL?.5,Ls$H$7$F(B RFC $B$K5,Dj$5$l$F$$(B
$B$k!#$3$l$O$?$$$F$$$N(B UNIX $B%*%Z%l!<%F%#%s%0%7%9%F%`$K4^$^$l$F$$$k$b$N$G(B
$B$"$k!#(B

Caldera $B$NJ}$K1F6A$7!"(B
$B%(%i!<5-O?MQ$N%W%m%0%i%`$r=hM}$5$l$k:]$N=q<0;XDjMQ$NJ8;zNs$K4XO"$9$k$b(B
$B$N$G$"$k!#(B

$B7k2LE*$K%(%i!<$rH/@8$5$;$k$h$&$K;EAH$^$l$?!"9*L/$K:n$i$l$?%Q%1%C%H$r(B
DHCP $B%G!<%b%s$H%/%i%$%"%s%H$NN>J}$XDL2a$5$;$k$3$H$G!"%U%)!<%^%C%HJ8;zNs(B
$B$r@EE*%P%C%U%!$X$HEO$9$3$H$O2DG=$G$"$k!#$3$N$H$-!"$3$N%P%C%U%!$OK~GU>u(B
$BBV$H$J$j!"$5$i$K$=$N8e0n$l$,H/@8$7!"%9%?%C%/NN0h$K$"$kJQ?t$r>e=q$-$9$k(B
$B$3$H$,$G$-$k!#$3$NLdBj$O0-0U$"$k%f!<%6$KG$0U$N%3%^%s%I$N:3J$r2DG=$K$7$F$7$^$&!#(B

13. Tinyproxy Heap Overflow Vulnerability
BugTraq ID: 2217
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2001-01-17
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/2217
$B$^$H$a(B:

$B>.7?$N(B HTTP $B%W%m%-%7$G$"$k(B tinyproxy $B$N%P!<%8%g%s(B 1.3.2 $B5Z$S(B 1.3.3 $B$O!"(B
heap overflow $B967b$KBP$7$F@He=q(B
$B$-$9$k$3$H$G$NG$0U$N%3%^%s%I$N14. Microsoft WINS Domain Controller Spoofing Vulnerability
BugTraq ID: 2221
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2001-01-17
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/2221
$B$^$H$a(B:

Windows Internet Naming Service (WINS) $B$O(B Microsoft Windows NT Server
$B$KF1:-$5$l$F$$$k!#(B WINS $B$O%/%i%$%"%s%H!&%5!<%PJ}<0$G(B IP $B%"%I%l%9$r%M%C(B
$B%H%o!<%/%3%s%T%e!<%?L>$K2r7h$9$k!#J,;62=$5$l$?%G!<%?%Y!<%9$O%M%C%H%o!<(B
$B%/>e$KB8:_$9$kA4$F$N%[%9%H$N(B IP $B%"%I%l%9$r:G?7$N$b$N$K$7$F$$$k!#(B

$B;DG0$J$3$H$K(B WINS $B$O%I%a%$%s%3%s%H%m!<%i$X$NEPO?$NBEEv@-$rBU$C$F$$$k!#(B
$B$3$N$?$a!"%f!<%6$O%I%a%$%s%3%s%H%m!<%i$X$N9`L\$NEPO?$r=$@5$9$k$3$H$G(B
WINS $B%5!<%S%9$N%j%@%$%l%/%H$r%I%a%$%s%3%s%H%m!<%i$+$iJL$N%3%s%T%e!<%?$X(B
$B9T$&$3$H$,$G$-$k!#$3$N$3$H$O%I%a%$%s$KBP$9$k%M%C%H%o!<%/5!G=$NB;<:$r0z(B
$B$-5/$3$7$F$7$^$&!#F1MM$K!"$3$N56$N%I%a%$%s%3%s%H%m!<%i$O%m%0%$%s$N;n$_(B
$B$,9T$o$l$k4V!"%f!<%6L>$H%Q%9%o!<%I%O%C%7%e$N<}=8$r$9$k$3$H$,$G$-$k!#(B

15. SSH Secure-RPC Weak Encrypted Authentication Vulnerability
BugTraq ID: 2222
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2001-01-16
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/2222
$B$^$H$a(B:

SSH $B$O(B IETF $B$K$h$C$F@)Dj$5$l$?(B SSH $B%W%m%H%3%k$r;HMQ$7!"(B2$B5rE@4V$r0E9f2=(B
$B$5$l$?7PO)$G7k$V$?$a$N%Q%C%1!<%8$G$"$k!#$3$N(B SSH1 $B%Q%C%1!<%8$O(B SSH
Communications Security $B$K$h$C$F3+H/$5$l!"J]e$K$"$kB>$N%[%9%H$HMF0W$K(B
$B9T$&$?$a$K!"(B SUN-DES-1$B$r80$N6&M-$N$?$a$K;HMQ$7$F$$$k$H$-!"%f!<%6$N8D?M(B
$B80$H!"$3$N80$N;HMQ$9$k!"%3%s%F%s%D$r0BA4$K$9$k$?$a$N0E9f2=%"%k%4%j%:%`(B
$B$O(B NIS+ $B$N%W%i%$%^%jB&$K3JG<$5$l$k!#(B

$B$3$NLdBj$O(B keylogin $B$,9T$o$l$kA0$K!"(B SUN-DES-1 $B%^%8%C%/%U%l!<%:$K$h$C$F(B
$B80$,0E9f2=$5$l$k:]$KH/@8$9$k(B(keyserv $B$O%f!<%6$N(B DH $B0E9fMQ$N8D?M80$r;}$C(B
$B$F$$$J$$(B)$B!#%=%U%H%&%'%"$N;EMM>e$N7gE@$H$7$F!"(BNIS+ $B$N%^%9%?!<%5!<%P$r;H(B
$BMQ$7$F80$r6&M-$9$k$H$-!"80$N6&M-$K<:GT$7$?$K$b4X$o$i$:!"$3$l$KL7=b$7$F(B
$B@5$7$$CM$,JV$C$F$/$k!#(B

$B8D?M80$K$h$k0E9f2=$NJ$+$l$?$^$^$G!"%f!<%6$N;}$D8D?M80$O%?!<%2%C(B
$B%H%5!<%P$N(B SUN-DES-1 $B%^%8%C%/%U%l!<%:MQ$N8D?M80$G$N$_0E9f2=$5$l$k$,!"(B
$B$3$N%U%l!<%:$O?dB,2DG=$JJ}K!$G@8@.$5$l$k!#$3$N$H$-!"F10l%[%9%H>e$N%f!<(B
$B%6$OJL$N%f!<%6$N%^%8%C%/%U%l!<%:$rJV$95!G=$r:3J$r9M$($F$$$k0-0U$"$k%f!<%6$K$h$kB>$N%f!<%6$NHkL)80$N(B
$B>pJs$NC%16. glibc LD_PRELOAD File Overwriting Vulnerbility
BugTraq ID: 2223
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2001-01-16
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/2223
$B$^$H$a(B:

glibc $B$O(B GNU C Library $B$NN,>N$G$"$j!"%U%j!<$G!"%*!<%W%s%=!<%9$J(B C $B%i%$(B
$B%V%i%j$H$7$FMM!9$J?M!9$K$h$C$FJ]e=q$-$,@)8B$5$l$F$$$k%U%!%$%k$X$N%"%/%;%9(B
$B$r5v$7$F$7$^$&$H$$$&LdBj$,$"$k!#(B SUID $B$b$7$/$O(B SGID $B$5$l$?%"%W%j%1!<%7(B
$B%g%s$re=q$-$r2DG=$K$7$F$7$^$&!#(B

17. Postaci Arbitrary SQL Command Injection Vulnerability
BugTraq ID: 2230
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2001-01-17
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/2230
$B$^$H$a(B:

Postaci $B$O%U%j!<$G!"%*!<%W%s%=!<%9$J(B webmail $B%$%s%?!<%U%'%$%9$H$7$F!"J#(B
$B?t%f!<%6$,F1;~MxMQ2DG=$J(B webmail $B4D6-$H!"(B SQL $B%G!<%?%Y!<%9$N%P%C%/%(%s(B
$B%I$H$7$F@_7W$5$l$F$$$k!#$3$l$O(B Umut Gokbayrak $B$K$h$C$F:n@.$5$l!"J]l9g$K$O1F6A$r5Z$\$5$J$$!#(B

$B@55,$N%f!<%6$N%j%/%(%9%HCf$K$KG$0U$N(B SQL $B%3%^%s%I$rA^F~$7$?$j!"DI2C$7$?(B
$B$j$9$k$3$H$,2DG=$J$?$a!"$3$N%3%^%s%I$O(B PostgreSQL $B$X$HEO$C$F$7$^$&!#(B
Postaci $B$N;HMQ$9$k%3%^%s%I$O(B PHP $B$d(B FORM $B$rMxMQ$7$?%Z!<%8$rDL$8$F%G!<%?(B
$B%Y!<%9$XEO$5$l$k!#$3$N(B FORM $B$rMxMQ$7$F(B Postaci $B$+$i(B PostgreSQL $B$KEO$9J}(B
$BK!$O!"@55,$N%f!<%6$,%G!<%?%Y!<%9$N%/%(%j$rDI2C$7$?$j!"$b$7$/$OB>$N%3%^(B
$B%s%I$N=*$o$j$r<($9$?$a$KMQ$$$k!"%;%_%3%m%s$NF~NO$r5v$7$F$7$^$&!#$3$N$3(B
$B$H$K$h$C$F!"0-0U$"$k%f!<%6$K%G!<%?%Y!<%9>e$G$NG$0U$N%3%^%s%I$NA^F~$H18. Checkpoint Firewall-1 4.1 Denial of Service Vulnerability
BugTraq ID: 2238
$B%j%b!<%H$+$i$N:F8=@-(B: $B$"$j(B
$B8xI=F|(B: 2001-01-17
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/2238
$B$^$H$a(B:

Firewall-1 $B$O%3%s%F%s%D%U%#%k%?%j%s%0!"%M%C%H%o!<%/%"%I%l%9JQ49(B (NAT)
$B$J$I$N9bEY$J5!G=$rDs6!$7$F$$$k!"%U%!%$%d%&%)!<%k%=%U%H%&%'%"%Q%C%1!<%8(B
$B$G$"$k!#$3$N%=%U%H%&%'%"$O(B Check Point Software Technologies $B$K$h$C$FG[(B
$BI[$5$l$F$*$j!"(BSparc/Solaris $B$d(B Nokia Firewall Modules $B$N$h$&$JMM!9$J%7(B
$B%9%F%`>e$GF0:n$9$k$h$&@_7W$5$l$F$$$k!#(B

Firewall-1 $B%Q%C%1!<%8$GMxMQ$5$l$F$$$k%i%$%;%s%9%^%M!<%8%c$K$OLdBj$,$"$j!"(B
DoS $B>uBV$K4Y$k2DG=@-$,$"$k!#LdBj$O%=!<%9%k!<%F%#%s%0$5$l!"56Au$5$l$?%"(B
$B%I%l%9(B ($BM-8z$J%"%I%l%9$G$b(B) $B$r4^$s$@%Q%1%C%H$rFbIt%$%s%?!<%U%'!<%9$,Bg(B
$BNL$Kl9g$KH/8@$9$k!#J]8n$5$l$k(B IP $B%"%I%l%9$N8D?t$K@)8B$N$"$k(B
$B%i%$%;%s%9$r;}$C$F$$$k%7%9%F%`$G$O!"%i%$%;%s%9%^%M!<%8%c$OFbIt%$%s%?!<(B
$B%U%'!<%9$rDL2a$7$F$$$/%"%I%l%9$r%+%&%s%H$7$F3NJ]$7$F$$$k%"%I%l%96u4V$r(B
$B;;=P$7$F$$$k!#BgNL$N%Q%1%C%H$,FbIt%$%s%?!<%U%'!<%9$rDL2a$9$k$H!"$=$l$>(B
$B$l$N(B IP $B%"%I%l%9$,%i%$%;%s%9$NHO0OFb$H$7$F;;=P$5$l$F$$$k8D?t$KDI2C$5$l(B
$B$k!#BP>]$H$J$k(B IP $B%"%I%l%9$N8D?t$,2aEY$K$J$k$H!"HO0O30$N(B IP $B%"%I%l%93F(B
$B!9$K$D$$$F$N%(%i!<%a%C%;!<%8$,%3%s%=!<%k>e$KH/@8$9$k!#3F!9$N%(%i!<%a%C(B
$B%;!<%8$,:n@.$5$l$k2aDx$G!"%U%!%$%d%&%)!<%k$rF0:n$5$;$k%7%9%F%`$N(B CPU $B$K(B
$BBP$9$kIi2Y$,>e>:$9$k!#$3$N$3$H$rMxMQ$7!"%f!<%6$O0-0U$"$k0U?^$GB?NL$N(B IP
$B%"%I%l%9$rFbIt%$%s%?!<%U%'!<%9$KAw$j9~$_!"%3%s%=!<%k$+$i$N%U%!%$%d%&%)(B
$B!<%k$X$N%"%/%;%9$rK8$2$k$3$H$,2DG=$H$J$k!#(B

19. HP-UX Support Tools Manager Denial of Service Attack
BugTraq ID: 2239
$B%j%b!<%H$+$i$N:F8=@-(B: $B$J$7(B
$B8xI=F|(B: 2001-01-18
$B4XO"$9$k(B URL:
http://www.securityfocus.com/bid/2239
$B$^$H$a(B:

Support Tools Manager $B$O%7%9%F%`4IM}$rMF0W$J$b$N$K$9$k$?$a$N(B HP-UX $B$K4^(B
$B$^$l$F$$$k%=%U%H%&%'%"%Q%C%1!<%8$G$"$k!#(BHP-UX $B$O(B  Hewlett Packard $B$N(B UNIX
$B%*%Z%l!<%F%#%s%0%7%9%F%`$G$"$j!"(B Hewlett Packard $B$N%5!<%P>e$G;HMQ$9$k$?(B
$B$a$K@_7W$5$l$F$$$k!#(B

Support Tools Manager $B$K4^$^$l$k(B3$B$D$N%D!<%k(B (xstm$B!"(Bcstm$B!"(Bstm) $B$O(B DoS$B>u(B
$BBV$K4Y$k4m81@-$,$"$k!#8=:_!"$3$N\:Y$O$[$H$s$IL@$i$+$K$5$l(B
$B$F$$$J$$!#(B700 $B5Z$S(B 800 $B%7%j!<%:$N(B HP9000 $B%5!<%P$O$3$NLdBj$N1F6A$r1. Ramen hits NASA
$BCx$,$J$5$l$?%F%l%[%s%+!<%I$N2hA|(B
$B$r;D$9$3$H$,FCD'$G$"$k!#(B

http://www.securityfocus.com/templates/article.html?id=141

2. Microsoft miffed at Bulgarian bug buster
$BCxe$N%U%!%$%k$rFI$_F@$kE@$G$"$k!#(BGuninski $B;a$K(B
$B$h$k$H!"%P%0$,@5$7$/5!G=$7$?>l9g!"967bhttp://www.securityfocus.com/templates/article.html?id=140

3. Linux worm uses its noodle
$BCxhttp://www.securityfocus.com/templates/article.html?id=139

4. IT bigwigs launch anti-hack club
$BCxe$2$:$K!"(BInformation
Technology Information Sharing and Analysis Center (IT-ISAC) $B$r7k@.$7$?!#(B
$B$3$N7k@.$NpJs8r49$r$bhttp://www.securityfocus.com/templates/article.html?id=138

5. The Other Hacker Contest
$BCx7BT$7$?!#(B

Http://www.securityfocus.com/templates/article.html?id=137

IV.SECURITY FOCUS TOP 6 TOOLS
- -----------------------------
1. IP Stack Integrity Checker 0.05
Platforms: FreeBSD, Linux and OpenBSD
$B:nhttp://expert.cc.purdue.edu/~frantzen/

$B$3$N%D!<%k$O!"(BIP $B%9%?%C%/$d%3%s%]!<%M%s%H$N%9%?%C%/(B (TCP$B!"(BUDP$B!"(BICMP $B$J$I(B)
$B$N0BDj@-$r%F%9%H$9$k5!G=$r%5%]!<%H$7$F$$$^$9!#%F%9%H$O4uK>$N%W%m%H%3%k(B
$B$N%Q%1%C%H$r%i%s%@%`$K@8@.$9$k$3$H$G9T$o$l$^$9!#%Q%1%C%H$K$OJP$j$r;}$?(B
$B$;$FH/@8$5$;$k$3$H$b$G$-$^$9!#%G%U%)%k%H$G$O!"$9$Y$F$N%Q%1%C%H$K$O(B 50%
$B$N3NN($G(B IP $B%*%W%7%g%s$,$D$1$i$l$^$9!#$=$7$F!"%Q%1%C%H$O%U%!%$%d%&%)!<(B
$B%k$N%k!<%k$b$7$/$O(B IP $B%9%?%C%/Fb$N%P%0$rH/8+$9$k$?$a$K%?!<%2%C%H%^%7%s(B
$B$KAw$i$l$^$9!#(B

2. Extensible System Monitor 1.0
Platforms: Linux
$B:nhttp://members.tripod.com/%7Eretep/esm.html

ESM (Extensible System Monitor) $B$O%W%i%0%$%s$r$D$J$.$"$o$;$F%7%9%F%`$r(B
$B4F;k$9$k%W%m%0%i%`$G$9!#Nc$($P%O!<%I%I%i%$%V$,GKB;$7$?$H$-$K%a!<%k$rl9g!"%O!<%I%I%i%$%V$N>uBV$r%A%'%C%/$9$k%b%K%?%W(B
$B%i%0%$%s$r;HMQ$7!"%;%s%@%W%i%0%$%s$,EE;R%a!<%k$rAw?.$9$k$h$&$K$7$^$9!#(B
TripWire $B$,8!CN$7$?>pJs$bCN$j$?$$>l9g$O!"(BTripWire $B$K4X$9$kJs9p$r$9$kB>(B
$B$N%b%K%?$r;HMQ$G$-$^$9!#%7%9%F%`$NIi2Y$,FMA3>e>:$7$?>l9g$K$b!"F1$8$h$&(B
$B$K@_Dj$9$k$3$H$,2DG=$G$9!#(BESM $B$O$3$l$i$9$Y$F$N%b%K%?$N7k2L$r$N;E;v$r=*$o$i$;$k$3$H$,$G$-$^$9!#(B

3. Snort 1.7
Platforms: FreeBSD, HP-UX, IRIX, Linux, MacOS, NetBSD, OpenBSD and Solaris
$B:nhttp://www.snort.org

Snort $B$O(B libpcap $B$rMxMQ$7$?%Q%1%C%HD4::(B/$B%m%0:N$+$i$N967b$dC5::!"Nc$($P%P%C%U%!%*!<%P!<(B
$B%U%m!<$d%9%F%k%9%]!<%H%9%-%c%s!"(BCGI $B%W%m%0%i%`$X$N967b!"(BSMB $B$NC5::Ey$r(B
$B8+$D$1=P$95!G=$,$"$j$^$9!#(BSnort $B$O%j%"%k%?%$%`7Y9p$,2DG=$G!"(Bsyslog $B$X$N(B
$B%m%0=PNO!"B>$H$OJ,N%$5$l$?7Y9p%U%!%$%k!"$"$k$$$O(B Samba $B$r2p$7$F(B Windows
$B$N%]%C%W%"%C%W%a%C%;!<%8$r=P$9$3$H$,2DG=$G$9!#(B

4. Net Tools 2001
Platforms: Windows 2000, Windows 95/98 and Windows NT
$B:nhttp://www.mikersoft.com/prod07.htm

Net Tools 2001 $B$O0J2<$N$h$&$J5!G=$,$"$j$^$9!#(B
$B!&3+J|$5$l$F$$$k%]!<%H$N$I$s$J%j%9%H$K4X$7$F$b!"(BA$B!"(BB$B!"(BC $B%/%i%9$rLd$o$:(B
  $B%M%C%H%o!<%/$r%9%-%c%s$G$-$^$9!#(B
$B!&(BNetwork Scanner $B$O%^%k%A%9%l%C%I$rMxMQ$G$-$^$9!#(B
$B!&$9$P$d$/7k2L$rF@$k$?$a$K!"F1;~$K$$$/$D$b$N%9%l%C%I$rMxMQ$7$F%9%-%c%s(B
  $B$,$G$-$^$9!#(B
$B!&%]!<%H$N%j%9%H$r%F%-%9%H%U%!%$%k$H$7$FJ]B8$G$-$^$9!#(B
$B!&H/8+$5$l$?%3%M%/%7%g%s$N%j%9%H$r%F%-%9%H%U%!%$%k$H$7$FJ]B8$G$-$^$9!#(B
$B!&(BPort Scanner $B$O3+J|$5$l$F$$$k%]!<%H$N%j%9%H$b$7$/$OHO0O$K4X$7$F$I$s$J(B
  $B%3%s%T%e!<%?$KBP$7$F$G$b%9%-%c%s$,2DG=$G$9!#(B
$B!&(BWindows $B%0%i%U%#%+%k(B ping $B%f!<%F%#%j%F%#$r;HMQ$9$k$H!"%Q%1%C%H$N%5(B
  $B%$%:$d%?%$%`%"%&%H!"(Bping $B$r$b$7$/$O(B IP $B%"%I%l%9$N$h$jB?$/$N>pJs$rI=<($9$k$3$H$,2DG=$G$9!#(B
$B!&(BWindows $B%0%i%U%#%+%k%f!<%F%#%j%F%#$O!"3+$$$F$$$k%]!<%H$K@\B3$7!"%3%^%s(B
  $B%I5. SecureStack 1.0
Platforms: Windows 2000 and Windows NT
$B:nhttp://www.securewave.com/html/secure_stack.html

SecureStack v1.0 $B$O!"(BWindows NT/2000 $B$r%P%C%U%!%*!<%P!<%U%m!<967b$+$ie$K$*$$$F%;%-%e%j%F%#$KBP$9$k:GBg$N6<0R$N0l$D$G$9!#(BInformation Security
$B%^%,%8%s$,H/I=$7$?:G6a$ND4::$K$h$l$P!"%"%a%j%+$N4k6H$N(B 24% $B$,(B2000$BG/$K(B
"$B%P%C%U%!%*!<%P!<%U%m!<(B"$B967b$rh$C6. idsa 0.90.3
Platforms: Linux
$B:nhttp://jade.cs.uct.ac.za/idsa

IDS/A $B$O%7%9%F%`%m%,!<$d%j%U%!%l%s%9%b%K%?$H$7$F!"$^$?:#8e$O?/F~8!CN%7(B
$B%9%F%`$H$7$F$b5!G=$9$k%"%W%j%1!<%7%g%s$H%G!<%b%s$NpJs$r<}=8$7!"E}9g$7$^$9!#(B

Translated by ARAI Yuu, ICHINOSE Sayo, KAGEYAMA Tetsuya, KOMATSU Misa,
              SAKAI Yoriyuki
LAC Co., Ltd. Computer Security Laboratory
http://www.lac.co.jp/security/

-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Edition 5.5.5J

iQA/AwUBOm9/h832EXDdoEFfEQLeZwCeIDdiTWY2pMWbM8Jd0xw2ScbFK/4An0mW
8y/7Ax0Fc/HASt33YOVx7zon
=UzU/
-----END PGP SIGNATURE-----