Problem:
face="Arial" size="2">There is a logic error in Service Pack 4 for Win NT 4, which
Who’s affected: This vulnerability primarily affectsWin NT Server 4 using Service Pack 4 (SP 4) that serves as a domain controller with DOS, Win 3.1, Windows for Workgroups, OS/2 or Macintosh clients. However, this problem doesn’t affect user accounts where the password change is initiated from Win 95/98/NT systems. Also, only the user who knows the current password for the account can initiate user account password changes.
Impact and solution: The Win NT Security Account Manager(SAM) database stores the hashed password for each user account in two forms: The Win NT Security Account Manager (SAM) database stores the hashed password for each user account in two forms: 1. An "NT hash" form that’s used to authenticate 2. An "LM hash" form that’s used to authenticate When a user changes his password via a Win NT/95/98 client, When a user attempts an interactive logon or a network share Any server or workstation running Win NT 4 SP 4 that contains a Microsoft has posted patches for this vulnerability on x86 and Alpha Vulnerability in BackOffice Problem:
face="Arial" size="2"> There’s a vulnerability in the installer for BackOffice Server Who’s affected:
Impact and solution: When a user chooses to install SQLserver, Exchange server or Microsoft Transaction server as part of a BackOffice 4 installation, the BackOffice installer program requests the name and password for the accounts associated with these services. Specifically, it asks for the account name and password for the SQL Executive logon account, the Exchange services account, and the MTS remote administration account. This information is stored in Files\ Microsoft Backoffice\Reboot.ini file to automate the installation process. When a user chooses to install SQL server, Exchange server or Microsoft Transaction server as part of a BackOffice 4 installation, the BackOffice installer program requests the name and password for the accounts associated with these services. Specifically, it asks for the account name and password for the SQL Executive logon account, the Exchange services account, and the MTS remote administration account. This information is stored in Files\ Microsoft Backoffice\Reboot.ini file to automate the installation process. BackOffice server does not erase this file when the installation The fix for this problem is to delete the file Remote buffer overflows in Problem:
face="Arial" size="2"> A remote buffer-overflow in an FTP server allows intruders to get
Who’s affected: Any server running the latest version ofProFTPD (1.2.0pre1) or the latest version of Wuarchive ftpd (2.4.2-academ affected. wu-ftpd is installed and enabled by default on most Linux variants such as Red Hat and Slackware.
Impact and solution: Software that implements FTP is calledan "ftp server", "ftp daemon", or "ftpd". On most vulnerable systems, the ftpd software is enabled and installed by default. Software that implements FTP is called an "ftp server", "ftp daemon", or "ftpd". On most vulnerable systems, the ftpd software is enabled and installed by default. There’s a general class of vulnerability that exists in several Intruders who are able to exploit this vulnerability can ultimately A temporary workaround is possible by disabling any world-writeable
ProFTPD: All versions prior to 1.2.0pre1 are vulnerable. Auser can apply the version 1.2.0pre1 patch found at href="http://ftp://ftp.proftpd.org/patches/proftpd-1.2.0pre1-path_exploit2.patch">ftp://ftp.proftpd.org/patches/proftpd-1.2.0pre1-path_exploit2.patch. All versions prior to 1.2.0pre1 are vulnerable. A user can apply the version 1.2.0pre1 patch found at href="http://ftp://ftp.proftpd.org/patches/proftpd-1.2.0pre1-path_exploit2.patch">ftp://ftp.proftpd.org/patches/proftpd-1.2.0pre1-path_exploit2.patch. wu-ftpd:
wu-ftpd VR series: All versions prior to 2.4.2 (beta 18) VR10are vulnerable. Fix for this vulnerability is available at href="http://ftp://ftp.vr.net/pub/wu-ftpd/">ftp://ftp.vr.net/pub/wu-ftpd/. All versions prior to 2.4.2 (beta 18) VR10 are vulnerable. Fix for this vulnerability is available at href="http://ftp://ftp.vr.net/pub/wu-ftpd/">ftp://ftp.vr.net/pub/wu-ftpd/. The following files have to be downloaded:
BeroFTPD 1.3.3 and NcFTPd 2.4.0 are not vulnerable.
Red Hat Linux: Version 5.2 and versions prior to it arevulnerable. Updates are available from href="http://ftp://updates.redhat.com/5.2/%3carch%20}%3e">ftp://updates.redhat.com/5.2/ vulnerable. Updates are available from href="http://ftp://updates.redhat.com/5.2/%3carch%20}%3e">ftp://updates.redhat.com/5.2/ You have to download the file
Slackware Linux: All the versions are vulnerable. Updates areavailable at: All the versions are vulnerable. Updates are available at: Files are "tcpip1.tgz (3.6)" and "tcpip1.tgz
Caldera OpenLinux: The latest version is vulnerable. Updatesare available at ftp://ftp.calderasystems.com/pub/OpenLinux/updates/. The latest version is vulnerable. Updates are available at ftp://ftp.calderasystems.com/pub/OpenLinux/updates/.
SCO: UnixWare ver 7.0.1 and earlier (except 2.1.x), andOpenServer Ver 5.0.5 and earlier are vulnerable. CMW+ ver 3.0 and Open Desktop/Server ver 3.0 are not vulnerable. UnixWare ver 7.0.1 and earlier (except 2.1.x), and OpenServer Ver 5.0.5 and earlier are vulnerable. CMW+ ver 3.0 and Open Desktop/Server ver 3.0 are not vulnerable. Binary versions of ftpd are available from the SCO ftp site: IBM AIX ver 4.x.x, HPUX ver 10.x and 11.x, SunOS, Sun Solaris, MS |
Security Alertecurity Alert
New Update