National Infrastructure Protection Center CyberNotes: 2001 Year End Summary Issue #2001-26 December 31, 2001

CyberNotes is published every two weeks by the National Infrastructure Protection Center (NIPC). Its mission is to support security and information system professionals with timely information on cyber vulnerabilities, malicious scripts, information security trends, virus information, and other critical infrastructure-related best practices.

You are encouraged to share this publication with colleagues in the information and infrastructure protection field. Electronic copies are available on the NIPC web site at http://www.nipc.gov.

Please direct any inquiries regarding this publication to the Editor-CyberNotes, National Infrastructure Protection Center, FBI Building, Room 11719, 935 Pennsylvania Avenue, NW, Washington, D.C., 20535.

Bugs, Holes & Patches

The following table provides a year-end summary of software vulnerabilities identified between December 12, 2000 and December 14, 2001. The table provides the vendor, software name, operating system, common name of the vulnerability, potential risk at the time of publication, and the CyberNotes issue in which the vulnerability appeared. Software versions are identified if known. This information is presented only as a summary; complete details are available from the source indicated in the endnote. Please note that even if the method of attack has not been utilized or an exploit script is not currently widely available on the Internet, a potential vulnerability has been identified. Updates to items appearing in previous issues of CyberNotes are listed in bold. New information contained in the update will appear in italicized colored text. Where applicable, the table lists a “CVE number” (in red) which corresponds to the Common Vulnerabilities and Exposures (CVE) list, a compilation of standardized names for vulnerabilities and other information security exposures.

Operating Common Vendor Software Name Risk* CyberNotes Issue System Name 3Com1 Multiple Home Connect Cable Modem HomeConnect Cable Modem Low CyberNotes 2001- External with USB External with USB Denial of 20 Service 3Com2 Multiple Office Connect DSL Router 840 OfficeConnect HTTP Low CyberNotes 2001- 4.2, 812 4.2 Port Router Denial of Service 10 3Com3 Multiple SuperStack II PS Hub 40 TelnetD Weak Password Low/ CyberNotes 2001- Protection Medium 15 4D Incorporated4 Windows 4D WebServer 6.5.7 4D WebServer Directory Medium CyberNotes 2001- 98/SE/NT Traversal 17 4.0/2000

NIPC CyberNotes #2001-26 Page 1 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name ACLogic5 Windows CaesarFTP 0.98b CaesarFTPD FTP Command High CyberNotes 2001- 95/98/ME/NT Buffer Overflow 14 3.5/3.5.1/ 4.0/2000 ACLogic6 Windows CaesarFTP v0.98b CaesarFTP Plaintext Password Medium CyberNotes 2001- 98/98/ME/NT Storage And Directory Traversal 11 4.0/2000 ACME Multiple Acme.Serve 1.7 Acme.Serve Arbitrary File Access Medium CyberNotes 2001- Laboratories7 11 Acme Software8 Unix mini_httpd 1.10-1.15; THTTPD/ Mini_HTTPD File Medium CyberNotes 2001- thttpd 1.90a-2.21 Disclosure 23 Acme Software9 Unix PerlCal 2.13, 2.18, 2.3-2.80, PerlCal Directory Traversal Medium CyberNotes 2001- 2.9-2.9e, 2.95 09 Acme Software10 Unix thttpd 1.95-2.22 thttpd Basic Authentication High CyberNotes 2001- Buffer Overflow 24 Active state11 Windows ActivePerl 5.6.1 ActivePerl perlIIS.dll Buffer High CyberNotes 2001- Overflow 23 CVE Name: CAN-2001-0815 AdCycle.com12 Windows NT Adcycle 0.77, 0.77b, 0.78b, AdCycle AdLogin.pm Admin High CyberNotes 2001- 4.0/2000, 1.0-1.5 Authentication Bypass 15 Unix AdCycle.com13 Windows NT Adcycle 0.77, 0.78b AdCycle AdLibrary.pm Session High CyberNotes 2001- 4.0/2000, Access 04 Unix Adobe 14 Unix Acrobat Reader (Unix) 4.05 AcroRead Insecure Default Font High CyberNotes 2001- List Permissions 17 Akopia15 Multiple Interchange 4.5.3, 4.6.3 Akopia Interchange Sample Files Medium CyberNotes 2001- 07 Aladdin Knowledge Multiple eSafe Gateway 2.x eSafe Gateway Script-filtering High CyberNotes 2001- Systems16 Bypass 11 Aladdin Knowledge Multiple eSafe Gateway 3.0 eSafe Gateway Unicode, HTML High CyberNotes 2001- Systems17 Tag Script-filtering Bypass 11 Alcatel18 Multiple Speed Touch Home KHDSAA 108, Multiple Speed Touch ADSL High CyberNotes 2001- 132, 133, 134 Insecure Administration Interface 08 Alessandro Unix nss_ postgresql 0.6.1 NSS_PostGre SQL Remote SQL Medium CyberNotes 2001- Gardich19 Query Manipulation 19 Alex Linde 20 Windows Alex's Ftp Server 0.7 Alex's Ftp Server Directory Medium CyberNotes 2001- 95/98/NT Traversal 09 4.0/2000 Allaire21 Multiple ColdFusion Server 2.0- 4.5.1 SP2 ColdFusion Template Overwrite Medium CyberNotes 2001- 14 Allaire22 Unix ColdFusion Server 4.5.1, 5.0 ColdFusion ‘CFReThrow’ Tag Low CyberNotes 2001- Denial of Service 16 Allaire23 Windows JRun 2.3.x, 3.0 JRun Cross-Site Scripting High CyberNotes 2001- 95/98/NT 14 4.0/2000, Unix Allaire24 Windows JRun 3.0, 3.1 JRun Unnecessary JSessionID Medium CyberNotes 2001- 95/98/NT Appending In URL 25 4.0/2000 Allaire25 Windows JRun 2.3.3, 3.0, 3.1 JRun SSI Arbitrary File Source High CyberNotes 2001- 95/98/NT Disclosure 24 4.0/2000, Unix

NIPC CyberNotes #2001-26 Page 2 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name Allaire26 Windows JRun 2.3.3, 3.0, 3.1 JRun Web Server Directory Medium CyberNotes 2001- 95/98/NT Traversal 25 4.0/2000, Unix Allaire27 Windows JRun 3.0 JRun Malformed URL Medium CyberNotes 2001- 95/98/NT Information Gathering 02 4.0/2000, Unix Allaire28 Windows JRun 3.0, 3.1 JRun Web Root Directory Medium CyberNotes 2001- 95/98/NT Disclosure 24 4.0/2000, Unix Allaire29 Windows JRun 3.0, 3.1 JRun Duplicate Session ID Medium CyberNotes 2001- 95/98/NT 25 4.0/2000, Unix 30 Allaire Windows JRun 3.1 JRun JSP File Disclosure Medium CyberNotes 2001- 95/98/NT 25 4.0/2000, Unix Allaire31 Windows NT 4.0, Macromedia ColdFusion Server 4.0, ColdFusion Sample Application High CyberNotes 2001- Unix 4.0.1, 4.5, 4.5.1, 4.5.1 SP1&SP2 Command Execution 16 CVE Name: CAN-2001-0535 Alt-N Windows NT WorldClient 2.2.2 WorldClient DOS-Device Low CyberNotes 2001- Technologies32 2000 Denial of Service 06 Alt-N Windows MDaemon 3.5.0 MDaemon Denial of Service Low CyberNotes 2001- Technologies33 95/98/NT 01 4.0/2000 Alt-N Windows MDaemon 3.5.6 MDaemon IMAP Denial of Low CyberNotes 2001- Technologies34 95/98/NT Service 07 4.0/2000 America OnLine, Multiple AOL 5.0 AOL Buffer Overflow High CyberNotes 2001- Incorporated35 04 America Online, Windows AOL Instant Messenger/Win32 AIM Remote Denial of Service Low CyberNotes 2001- Incorporated36 4.7.2480, Win32 4.3.2229 20 America OnLine, Windows AOL Instant Messenger (AIM) AOL Instant Messenger Multiple High CyberNotes 2001- Incorporated37 95/98/CE 3.5.1856, 4.0, 4.1.2010, 4.2.1193 Vulnerabilities 01 2.0/3.0/NT CVE Name: CAN-2000-1093, 4.0/2000, CAN-2000-1094 MacOS 9.0 America OnLine, Windows 95/98/ AOL server 3.0, 3.2 AOL Server Long Authentication Low CyberNotes 2001- Incorporated38 ME/NT 4.0/2000, String Remote Denial of Service 18 MacOS 10.x, Unix America Online, Windows AOL Instant Messenger 4.7 AOL Instant Messenger Long Low CyberNotes 2001- Incorporated39 95/98/ME NT Filename Denial of Service 21 4.0/2000 America OnLine, Windows AOL server 3.2 AOL Server Directory Traversal Medium CyberNotes 2001- Incorporated40 95/98/ME /NT 03 4.0/2000, Unix AmTote Windows NT 4.0 Homebet Homebet World Accessible Log Medium CyberNotes 2001- International, and 20 Inc.41 Brute Force Anaconda 42 Multiple Clipper 3.3 Clipper Directory Traversal Medium CyberNotes 2001- 07

NIPC CyberNotes #2001-26 Page 3 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name AnalogX 43 Windows Simple Server: WWW 1.0.3-1.0.8 SimpleServer WWW /aux Low CyberNotes 2001- 98/98/ME /NT Directory Denial of Service 08 4.0 Andries Brouwer44 Unix util-linux 2.11h, 2.11i, 2.11k, Util-Linux Login Pam Privilege Medium CyberNotes 2001- 2.11l Elevation 21 Apache Group 45 MacOS X 10.0, Apache 1.3.14 Mac MacOS X Client Apache File Medium CyberNotes 2001- 10.0.1, 10.0.2, Protection Bypass 12 10.0.3 Apache Group 46 MacOS X 10.x Apache 1.3.14Mac MacOS X Client Apache Medium CyberNotes 2001- Directory Contents Disclosure 19 Apache Group 47 Multiple Apache 1.3.11, 1.3.12, 1.3.14, Apache mod_usertrack Medium CyberNotes 2001- 1.3.17-1.3.20 Predictable ID Generation 23 Apache Group 48 Unix Apache 1.3.11, 1.3.14, Apache Autoindexing Module Medium CyberNotes 2001- 1.3.17-1.3.20 Directory Index Disclosure 14 Apache Group 49 Unix Apache 1.3.14, 1.3.17, 1.3.19, Apache Mod ReWrite Rules Low CyberNotes 2001- 1.3.20 Bypassing Image Linking 17 Apache Group 50 Unix Tomcat 3.0 Tomcat Directory Traversal Medium CyberNotes 2001- 07 Apache Group 51 Unix Tomcat 3.2.1 Tomcat Cross-Site Scripting High CyberNotes 2001- 14 Apache Group 52 Unix Tomcat 3.2.1 Tomcat Error Message Medium CyberNotes 2001- Information 17 Disclosure Apache Group 53 Windows Apache 1.3.12win32, 1.3.14win32, Apache Web Server HTTP Low CyberNotes 2001- 98/98/NT 1.3.15win32 Request 11 4.0/2000, Denial of Service OS2 Apache Group 54 Windows 98/ME/ Apache 1.3.12 , 1.3.17, Apache Artificially Long Slash High CyberNotes 2001- NT 4.0/2000, 1.3.17win32, 1.3.3, 1.3.9 Path Directory Listing 07 Unix Apache Group 55 Windows NT Apache 1.0, 1.2, 1.3 Apache Server Address Disclosure Medium CyberNotes 2001- 4.0/2000 16 APC56 Multiple Web/SNMP Management Card APC Telnet Administration Low CyberNotes 2001- Firmware 3.0 & previous Denial of Service 05 Apple57 MacOS Claris 2.0 Apple Claris Emailer Buffer High CyberNotes 2001- Overflow 21 Apple58 MacOS 7.0-9.0 Macintosh Runtime for Java 2.2.3 Macintosh MRJ Unauthorized File Medium CyberNotes 2001- Access 01

Apple59 MacOS 8.0, 8.1, Personal Web Sharing 1.1, 1.5, Personal Web Sharing Remote Low CyberNotes 2001- 9.0 1.5.5 Denial of Service 10 Apple60 MacOS 8.0, 8.1, Personal Web Sharing 1.1, 1.5, MacOS Personal Web Sharing Low CyberNotes 2001- 9.0, 9.1 1.5.5 Authentication Denial of Service 13 Apple61 MacOS 9.0 MacOS 9.0 Apple MacOS Multiple Users Medium CyberNotes 2001- Password Bypass 09 Apple62 MacOS X 10.0, MacOS X 10.0-10.0.4 MacOS X Insecure Default Medium CyberNotes 2001- 10.0.1, 10.0.2, Permissions 13 10.0.3, 10.0.4 Apple63 MacOS X MacOS X 10.0-10.0.4 MacOS X ‘nidump’ Password File Medium CyberNotes 2001- 10.0-10.0.4 Disclosure 14 Apple64 MacOS X MacOS X 10.0-10.1 MacOS X NetInfo Manager High CyberNotes 2001- 10.0-10.1 Privilege Escalation 21 Apple65 MacOS X 10.x MacOS X 10.0-10.0.4 Macintosh OS X FBCIndex File Medium CyberNotes 2001- Contents Disclosure and 19 .DS_Store Directory Listing Disclosure

NIPC CyberNotes #2001-26 Page 4 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name Apple66 Windows Quicktime plugin - Windows 4.1.2 Apple Quicktime Plugin Remote High CyberNotes 2001- 95/98/NT 4.0 (Japanese) Overflow 03 Arcadia, Inc.67 Windows NT IC:Arcadia Internet Store 1.0 IC:Arcadia Internet Store Low/ CyberNotes 2001- 4.0/2000 Multiple Vulnerabilities Medium 13. ArGoSoft 68 Windows ArGoSoft FTP Server 1.0, 1.2.2.2 ArGoSoft FTP Server .lnk Medium CyberNotes 2001- 95/98/ME /NT Directory Traversal 14 4.0/2000 ArGoSoft 69 Windows FTP Server 1.2.2.2 FTP Server Weak Password Medium CyberNotes 2001- 95/98/ME /NT Encryption 16 4.0/2000 Argus Systems70 Unix PitBull LX (all versions) Pitbull LX sysctl() High CyberNotes 2001- 07 ASCII NT, Windows WinWrapper Professional 2.0 WinWrapper Admin Server Medium CyberNotes 2001- Incorporated71 95/98/NT Arbitrary File Reading 17 4.0/2000 AT&T 72 Windows WinVNC Client 3.3.3r7 & previous AT&T WinVNC Client Buffer High CyberNotes 2001- 98SE/ME /NT Overflow 03 4.0/2000 AT&T 73 Windows WinVNC Server 3.3.3r7 & AT&T WinVNC Server Buffer High CyberNotes 2001- 98SE/ME /NT previous Overflow 03 4.0/2000 AT&T 74 Windows VNC 3.3.3 & previous AT&T VNC Weak Medium CyberNotes 2001- 98SE/NT Authentication 03 4.0/2000, MacOS 9.0, Unix Atmel75 Multiple Firmware 1.3 Atmel SNMP Community String Medium/ CyberNotes 2001- High 13 Atomz Multiple Enterprise Search 1.0, Express Search Engine Cross-Site Scripting High CyberNotes 2001- Corporation76 Search 1.0, Prime Search 1.0 21 Atrium Software77 Windows Mercur Mail Server 3.3 Mercur Mail Server EXPN Buffer Low/High CyberNotes 2001- 95/98/NT 2000 Overflow 05 Audio galaxy78 Multiple Audiogalaxy Audiogalaxy Plaintext Password Medium CyberNotes 2001- Storage 24 A-V Tronics79 Windows 98/NT InetServ 3.0, 3.1.1, 3.2.1 InetServ Webmail Authentication High CyberNotes 2001- 4.0/2000 Buffer Overflow 17 Axent Windows NT 4.0, Raptor 6.5 Raptor Firewall HTTP Request Medium/ CyberNotes 2001- Technologies, Unix Proxying High 07 Incorporated80 (High if DDoS best practices not in place) Axis Multiple Network Camera 2120, 2110, Network Camera Default Medium CyberNotes 2001- Communications81 2100, 200+, 200 Administrator Password 25 BadBlue 82 Windows BadBlue Personal Edition 1.02 beta BadBlue Source Code Disclosure Medium CyberNotes 2001- 95/98/ME /NT 17 4.0/2000 Bajie83 Multiple Java HTTP Server 0.78 Bajie Webserver Remote High CyberNotes 2001- Command Execution 04 Baltimore Windows NT 4.0 WEB sweeper 4.0 WEBsweeper Denial of Service Low CyberNotes 2001- Technologies84 06 Baltimore Windows NT 4.0 WEB sweeper 4.02 WEBsweeper Restricted Directory Medium CyberNotes 2001- Technologies85 Disclosure 18 Baltimore Windows NT MAIL sweeper for SMTP 4.2, MAILsweeper Script Filtering High CyberNotes 2001- Technologies86 4.0/2000 4.2.1, 4.2.5 Bypass 20

NIPC CyberNotes #2001-26 Page 5 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name Baltimore Windows NT 4.0 WEB sweeper 4.0, 4.02 WEBsweeper Unicode Script High CyberNotes 2001- Technologies87 Filtering and Script Filtering 17 Bypass Basilix 88 Multiple Webmail 0.9.7beta Webmail Incorrect File Medium CyberNotes 2001- Permissions 02 Basilix 89 Unix Webmail 1.02beta, 1.03beta Webmail File Disclosure Medium CyberNotes 2001- 14 BEA Systems90 Windows WebLogic Server 4.5.1, 5.1, 6.0 WebLogic Server Directory Medium CyberNotes 2001- 95/98/NT Traversal 07 4.0/2000, Unix BEA Systems91 Windows WebLogic Server 4.5x, 5.1x WebLogic Server Buffer Overflow High CyberNotes 2001- 98/NT4.0, 01 Unix Beck IPC GmbH 92 Multiple IPC@CHIP Embedded Webserver IPC@CHIP Multiple Low/High CyberNotes 2001- Vulnerabilities 11 Bharat Mediratta93 Multiple Gallery 1.1-1.2.2 Gallery Directory Traversal Medium CyberNotes 2001- 24 Bharat Mediratta94 Multiple Gallery 1.1-1.2.3 Gallery Cross-Site Scripting High CyberNotes 2001- 25 BiblioWeb95 Multiple BiblioWeb Server 2.0 BiblioWeb Server Directory Low CyberNotes 2001- Traversal and Buffer Overflow 04 Vulnerabilities BinTec96 Multiple BinTec X1200 5.1, X4000 5.1.6 BinTec X Series Router PPTP Low CyberNotes 2001- patch 10, 5.3 Rev 1 Denial of Service 08 BisonFTP97 Windows Bison FTP Server V4R1 BisonFTP BDL File Upload Medium CyberNotes 2001- 95/98/NT Directory Traversal 14 4.0/2000 Borland/Inprise98 Windows NT Interbase 4.0, 5.0, 6.0; Interbase Backdoor Password High CyberNotes 2001- 4.0/2000, Open source Interbase 6.0, 6.01; CVE Name: CAN-2001-0008 01 Unix Open source Firebird 0.9.3 & previous Bradford Barrett99 MacOS X 10.0, Webalizer 2.0.1-06 Webalizer Cross Site Scripting High CyberNotes 2001- Unix 22 Brian Dorricott100 Windows NT MAILTO 1.0.7-1.0.0 MAILTO Unauthorized Mail Medium CyberNotes 2001- 4.0/2000 Server Use 25 Brian Stanback101 Multiple bsguest.cgi 1.0 Brian Stanback Multiple CGI High CyberNotes 2001- Vulnerabilities 01 Brightstation102 Multiple Muscat 1.0 Muscat Root Path Disclosure Medium CyberNotes 2001- 04 BRS103 Windows WebWeaver 0.49beta- 0.52beta, WebWeaver FTP Root Path Medium CyberNotes 2001- 95/98/NT 0.60beta- 0.62beta Disclosure and Directory 09 4.0/2000 Traversal BSDI104 Unix BSD/OS 3.0-4.2 BSD/OS UUCP Argument Buffer High CyberNotes 2001- Overflow 25 Caldera Unix OpenUnix 8.0 Open Unix ‘LPSystem’ Buffer Medium CyberNotes 2001- International, Overflow 18 Incorporated105 Caldera Unix UnixWare 7, OpenUnix 8.0 Open Unix ‘UIDAdmin’ Scheme High CyberNotes 2001- International, Option Buffer Overflow 18 Incorporated106 Caldera Unix eDesktop 2.4, eServer 2.3.1, Caldera DHCP Package Format High CyberNotes 2001- International, OpenLinux Desktop 2.3 String 02 Incorporated 107 Caldera Unix OpenLinux Server 3.1, OpenLinux OpenLinux DocView High CyberNotes 2001- International, Workstation 3.1 Meta-Character Filtering 15 Incorporated 108

NIPC CyberNotes #2001-26 Page 6 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name Caldera Unix OpenUnix 8.0 OpenUnix DT Library Buffer High CyberNotes 2001- International, Overflow 16 Incorporated 109 Caldera Unix OpenUnix 8.0, UnixWare 7.1.0, CDE XTerm Elevated Privilege High CyberNotes 2001- International, 7.1.1 Acquisition 25 Incorporated 110 Caldera Unix OpenUnix 8.0, UnixWare 7 ToolTalk Library Buffer High CyberNotes 2001- International, Overflow 23 Incorporated 111 Caldera Unix OpenUnix 8.0, UnixWare 7.1.0, XLock Buffer Overflow High CyberNotes 2001- International, 7.1.1 24 Incorporated 112 Caldera Unix UnixWare 7 UnixWare ‘su’ Command Line High CyberNotes 2001- International, Buffer Overflow 13 Incorporated 113 Caldera Unix UnixWare 7 UnixWare ‘cron’ Commandline High CyberNotes 2001- International, Buffer Overflow 13 Incorporated 114 Caldera Unix UnixWare 7 UnixWare UUCP Utilities Buffer High CyberNotes 2001- International, Overflow 13 Incorporated 115 Caldera Unix Volution 1.0, 1.0.6, 1.0.7 Volution Client Authentication High CyberNotes 2001- International, Failure Hijacking 12 Incorporated 116 Carey Internet Windows Commerce. cgi 2.0.1 Commerce.cgi Directory Medium CyberNotes 2001- Services117 95/98/NT Traversal 04 4.0/2000 Carnegie Mellon Unix Cyrus 1.6.24 Cyrus IMAP Server Potential Low CyberNotes 2001- University118 Denial of Service 18 Carnegie Mellon Unix Cyrus-SASL 1.5.24, 1.5.25, 1.5.26 Cyrus-SASL Syslog Format String High CyberNotes 2001- University119 23 Caucho Unix Resin 1.2.2 Resin Cross-Site Scripting High CyberNotes 2001- Technology 120 14 Caucho Windows 2000, Resin 1.2, 1.3 Resin JavaBean Disclosure Medium CyberNotes 2001- Technology 121 Unix 07 Caucho Windows NT Resin 1.2 Resin Directory Traversal Medium CyberNotes 2001- Technology 122 2000 04 Cayman123 Multiple 3220-H DSL Router 1.0 Cayman-DSL Router Insecure Medium CyberNotes 2001- Default 14 Cayman124 Multiple Cayman 3220-H DSL Router 1.0 Cayman-DSL Router Portscan Low CyberNotes 2001- Denial of Service 14. Centrinity125 Windows NT FirstClass 5.50 FirstClass Local User Mail Medium CyberNotes 2001- Spoofing 05 Cerberus126 Windows FTP Server 1.5 Cerberus FTP Server Directory Medium CyberNotes 2001- 95/98/NT Traversal 17 4.0/2000 Cerulean Studios127 Windows Trillian 0.6351 Trillian Denial of Service Low CyberNotes 2001- 98/98/ME /NT 21 4.0/2000 CG Information128 Windows BiblioWeb 2.0 BiblioWeb Long URL Low CyberNotes 2001- 95/98/ME /NT Denial of Service 12 4.0/2000 cgiCentral129 Multiple WebStore 400CS 4.14, 400 4.14 WebStore Arbitrary Command High CyberNotes 2001- Execution and Administrator 12 Authentication Bypass Charles Clark130 Windows Meteor FTP 1.0 Meteor FTP Directory Traversal Medium CyberNotes 2001- 95/98/ME 20

NIPC CyberNotes #2001-26 Page 7 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name CheckPoint Multiple Firewall-1 4.1 SP2 Build 41716, Firewall-1 RDP Header High CyberNotes 2001- Software 4.1 Build 41439, 4.1 Firewall Bypassing 14 Technologies131 CyberNotes 2001- Proof of concept 15 code released132 CheckPoint Multiple Firewall-1 3.0, 4.0, 4.1, 4.1SP1 Firewall-1 Policyname High CyberNotes 2001- Software Temporary File Creation 19 Technologies133 CheckPoint Multiple Firewall-1 3.0, 4.0, 4.1, Firewall-1 GUI Client Log Viewer Low/ CyberNotes 2001- Software 4.1SP1&SP2 Symbolic Link Medium 19 Technologies134 CheckPoint Multiple Firewall-1 4.0, 4.1, 4.1SP1-SP4 Firewall-1 GUI Log Viewer High CyberNotes 2001- Software 19 Technologies135 CheckPoint Multiple Firewall-1 4.1 SP2 Firewall-1 Fast Mode TCP Medium/ CyberNotes 2001- Software Fragment High 01 Technologies136 (High if DDoS best practices not in place) CheckPoint Multiple VPN-1 4.1- 4.1SP3; Firewall-1/ VPN-1 Management Low/High CyberNotes 2001- Software Software Providor-1 4.1 4.1SP3; Station Format String 14 Technologies137 Firewall-1 4.1- 4.1SP3; Nokia ISPO 3.3- 3.3SP2 CheckPoint Unix Firewall-1 4.1, 4.1 SP2, 4.1 SP3 Firewall-1 Denial of Service Low/High CyberNotes 2001- Software 02 Technologies138 (High if DDoS best practices not in place) CheckPoint Windows NT VPN-1 4.1SP4 VPN-1 SecuRemote Username Medium CyberNotes 2001- Software 4.0/2000 Acknowledgment 22 Technologies139 CheckPoint Multiple Firewall-1 4.0, 4.1 SP1-SP4 Firewall-1 SecureRemote Network Medium CyberNotes 2001- Software Information Leak 15 Technologies140 ChiliSoft 141 Unix Chili!Soft ASP for Linux 3.0, 3.5, Chili!Soft Multiple Vulnerabilities High CyberNotes 2001- 3.5.2 05 ChiliSoft 142 Unix Chili!Soft ASP for Linux 3.0, 3.5, Chili!Soft License File Deletion Medium CyberNotes 2001- 3.5.2 Denial of Service 05 ChiliSoft 143 Unix ChiliSoft ASP for Linux 3.0, Linux Chili!Soft ASP GID Root Script High CyberNotes 2001- 3.5 Execution 04 Cicso Systems144 Multiple Cisco 6400 NRP2 12.1DC Cisco NRP2 Unauthorized Telnet Medium CyberNotes 2001- Access 12 Cicso Systems 145 Multiple IOS software releases based on Cisco IOS ILMI SNMP Medium CyberNotes 2001- versions 11.x & the 12.0 interface Community String 05 Cicso Systems 146 Multiple Aironet Firmware 8.07, 8.24, 7.0.x Cisco Aironet Web Medium CyberNotes 2001- Administration Access 06 Cicso Systems 147 Multiple WebNS 3.0, 3.1, 4.0, 4.0.1 Cisco Content Services Switch Medium CyberNotes 2001- Directory Structure File 03 Reading CVE Name: CAN-2001-0020

NIPC CyberNotes #2001-26 Page 8 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name Cicso Systems 148 Multiple WebNS 3.0, 4.0 Cisco Content Service Switch Low CyberNotes 2001- Long Filename Denial of Service 03 CVE Name: CAN-2001-0019 Cisco Systems149 Multiple All devices running Cisco IOS Cisco Multiple SSH Vulnerabilities Medium/ CyberNotes 2001- software supporting SSH; High 14 Catalyst 6000 switches running CatOS; Cisco PIX Firewall Cisco Systems150 Multiple Catalyst 2900XL Software Version Catalyst 2900XL Empty UDP Low CyberNotes 2001- 12.0 (5.2) XU Denial of Service 10 Cisco Systems151 Multiple Catalyst models 5000, 5002, 5500, Catalyst 802.1x Frame Low CyberNotes 2001- 5505, 5509; Forwarding 08 2901, 2902 and 2926 switches Cisco Systems152 Multiple CatOS 4.5(1), IOS 11.1- 11.3.11b, Cisco Discovery Protocol Low CyberNotes 2001- 12.0(5.1)XP, 12.0.19, 12.1 Neighbor Announcement Denial 21 of Service Cisco Systems153 Multiple CBOS 2.0.1, 2.1.0, 2.1.0a, 2.2.0, Multiple CBOS Vulnerabilities Low/ CyberNotes 2001- 2.2.1, 2.2.1a, 2.3, 2.3.2, 2.3.5, Medium 11 2.3.7, 2.3.8 Cisco Systems154 Multiple CBOS 2.0.1, 2.1.0, 2.1.0a, 2.2.0, Cisco CBOS Multiple TCP Low CyberNotes 2001- 2.2.1, 2.2.1a, 2.3, 2.3.2, 2.3.5, Connection Denial of Service 18 2.3.7, 2.3.8, 2.3.9, 2.4.1, 2.4.2, 2.4.2ap Cisco Systems155 Multiple CBOS 677 Software (C677-I-M), CBOS Show NAT Output Session Medium CyberNotes 2001- 2.3.0.053, 2.4.1 Switching 09 Cisco Systems156 Multiple Cisco Content Services Switch (CSS Cisco Content Services User High CyberNotes 2001- 11050, CSS 11150, & CSS 11800) Account 07 (also known as Arrow point) Cisco Systems157 Multiple HSRP RFC2281 HSRP Denial of Service Low CyberNotes 2001- 10 Cisco Systems158 Multiple IOS 11.1-12.2 Cisco Local Interface ARP Low CyberNotes 2001- Denial of Service 23 Cisco Systems159 Multiple IOS 11.2, 11.2(4)XA, 11.2(4)XAF, IOS BGP Transitive Attribute Low/High CyberNotes 2001- 11.2BC, 11.2F, 11.2GS, 11.2P, Denial of Service 10 11.3, 11.3AA, 11.3DA, 11.3DB, (High if 11.3HA, 11.3NA, 11.3T, DDoS 11.3WA4, 12.0, 12.0DA-12.0DC, best 12.0S, 12.0T, 12.0W5, practices 12.0XA-12.0XJ not in place) Cisco Systems160 Multiple IOS 11.2P, 11.3T, 12.0XA-XE, Cisco Context Based Access Medium CyberNotes 2001- 12.0XG, 12.0X, 12.0K, 12.0XM, Control Protocol Check 24 12.0XQ, 12.0XR, 12.0XV, 12.0T, Bypassing 12.1YE, 12.1YF, 12.1YB, 12.1YC, 12.1XB, 12.1XC, 12.1XF-XM, 12.1XP, 12.1XT, 12.1, 12.1E, 12.1T, 12.2, 12.2DD, 12.2T, 12.2XD, 12.2XE, 12.2XH- 12.2XK, 12.2XQ Cisco Systems161 Multiple IOS 11.3 & later Cisco IOS HTTP High CyberNotes 2001- Exploit script Configuration Arbitrary 13 released162 Administrative Access CyberNotes 2001- 14 Cisco Systems163 Multiple IOS 12.0-12.2 IOS UDP Denial of Service Low CyberNotes 2001- 15 Cisco Systems164 Multiple IOS 12.0ST, IOS 12.0S Cisco Multiple Access Control Low/ CyberNotes 2001- Vulnerabilities Medium 23

NIPC CyberNotes #2001-26 Page 9 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name Cisco Systems165 Multiple IOS 12.0ST, 12.0SC, 12.0S Cisco 12000 Series Internet Low CyberNotes 2001- Router Denial of Service 23 Cisco Systems166 Multiple IOS 12.1 train, releases: T, E, EZ, Cisco IOS Malformed PPTP Low CyberNotes 2001- YA, YD and YC; Packet Denial of Service 14 IOS 12.2 train, all releases Cisco Systems167 Multiple IOS 12.1(2)T, 12.1(3)T Cisco IOS Router Scan Software Low/High CyberNotes 2001- Reloading 11 (High if DDoS best practices not in place) Cisco Systems168 Multiple PIX Firewall 4.0-5.3 PIX TACACS+ Denial of Service Low/High CyberNotes 2001- 20. (High if DDoS best practices not in place) Cisco Systems169 Multiple PIX Firewall 4.4(7.202), 4.4(4), PIX Firewall SMTP Content Medium CyberNotes 2001- 5.1(4.206), 5.2(3.210), 6.0(1) Filtering Evasion 20 Cisco Systems170 Multiple PIX Firewall 5.1.4 PIX TACACS+ Denial of Service Low/High CyberNotes 2001- 08 (High if DDoS best practices not in place) Cisco Systems171 Multiple PIX Firewall Manager 4.3(2)g PIX Firewall Manager Plaintext Medium CyberNotes 2001- Password 21 Cisco Systems172 Multiple SN 5420 Storage Router 1.1(3) Cisco SN 5420 Storage Router Low/ CyberNotes 2001- Developer Access and Medium 14 Denial of Service Cisco Systems173 Multiple VPN 3000 Concentrator 2.5.2(A), VPN 3000 Concentrator Low CyberNotes 2001- 2.5.2(B), 2.5.2(C), 2.5.2(D) Malformed IP Packet 08 Cisco Systems174 Multiple VPN 3000 concentrators running Cisco VPN3000 Concentrator Low CyberNotes 2001- software releases up to 3.0.00 Telnet 07 Remote Denial of Service Cisco Systems175 Multiple WebNS 4.0, 4.0.1, 4.0.1B19s Content Service Switch FTP Medium CyberNotes 2001- Access Control 10 Cisco Systems176 Multiple WebNS 4.01B23s, 4.10B13s, 4.0.1, Cisco Content Service Switch Medium CyberNotes 2001- 4.0.1B19s Management Authentication 11 Bypass Cisco Systems177 Windows Cisco SN 5420 Storage Router Cisco SN Storage Router Low/ CyberNotes 2001- 95/98/ME /NT 1.1(2), 1.1(3) Developer Shell Unauthorized Medium 16 4.0/2000 Access and Denial of Service Cisco Systems178 Windows TFTP Server 1.1 Cisco TFTPD Server Directory Medium CyberNotes 2001- 95/98/NT 4.0 Traversal 13 Citrix 179 Multiple Nfuse 1.51 Nfuse Webroot Disclosure Medium CyberNotes 2001- 14 Citrix 180 Windows NT MetaFrame for Windows 2000 1.8 MetaFrame False IP Address Medium CyberNotes 2001- 4.0/2000 & NT 4.0 TSE 1.8 24 Citrix 181 Windows MetaFrame XP, MetaFrame for MetaFrame Multiple Sessions Low CyberNotes 2001- NT/2000 Windows 2000 1.8, MetaFrame for Denial of Service 21 Windows NT 4.0 TSE 1.8 CVE Name: CAN-2001-0716

NIPC CyberNotes #2001-26 Page 10 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name Cobalt 182 Unix RaQ 3.0 RaQ PopRelayD Arbitrary SMTP Medium CyberNotes 2001- Relay 14 COM2001183 Windows NT Alexis Server 2.0, 2.1 Alexis Server Web Access Medium CyberNotes 2001- 4.0/2000 Plaintext Password 20 Compaq Computer Windows Insight Manager Management Software Security Low/High CyberNotes 2001- Corporation184 95/98/NT Vulnerability 06 4.0/2000, (High for Unix systems that are connecte d to multiple networks ) Compaq Computer Multiple Compaq OpenVMS 6.2 VAX & OpenVMS DECWindows Motif Medium CyberNotes 2001- Corporation 185 Alpha, 7.1-2 Alpha, 7.1 VAX, 7.2- Server 22 2 Alpha, 7.2-1H1 Alpha, 7.2-7.3 VAX, 7.3 Alpha, SEVMS 6.2 VAX, SEVMS 6.2 Alpha Compaq Computer Multiple Insight Manager XE 1.0, 1.21, Insight Manager XE Buffer High CyberNotes 2001- Corporation 186 2.1b, 2.1 Overflow 22 Compaq Computer Unix TruCluster 1.5 TruCluster Port Scan Low/ CyberNotes 2001- Corporation 187 Denial of Service Medium 20 Compaq Computer Unix, All Compaq Web-enabled Compaq Management Agents High CyberNotes 2001- Corporation 188 OpenVMS Management Software Buffer Overflow 20 Compaq Computer Windows NT Armada Insight Manager 4.20, Compaq Web Admin Buffer High CyberNotes 2001- Corporation 189 4.0//2000, 4.20j; Overflow 02 Unix Compaq Foundation Agents 1.0, 2.1, 4.0, 4.90; Enterprise Volume Manager/Command Scripter 1.0, 1.1; Insight Management Desktop Web Agents 3.7; Insight Manager LC 1.3c , 1.50A; Insight Manager XE 1.0, 1.21; Intelligent Cluster Administrator 1.0, 2.1; Management Agents 4.30j, 4.35j, 4.36E, 36j, 4.37E; Open SAN Manager 1.0; SANWorks Resource Monitor 1.0; Storage Allocation Reporter 1.0; Survey Utility 2.17, 2.18, 2.33; System Healthcheck 3.0; Digital (Compaq) TRU64/ DIGITAL UNIX 4.0f, 4.0g, 5.0 Computalynx190 Windows NT CMail 2.4.9 Cmail Buffer Overflow High CyberNotes 2001- 10 Computer Unix ARCservIT Client version 6.6x ARCservIT Tmp Race Low/ CyberNotes 2001- Associates191 Vulnerabilities Medium 11 Computer Unix InoculateIT 6.0 InoculateIT Symbolic Link File Medium CyberNotes 2001- Associates192 Overwriting 11 Computer Windows NT ARCServe 2000 Advanced Edition ARCServe Insecure Default Medium/ CyberNotes 2001- Associates193 4.0/2000 7.0, ARCServe 2000, ARCServe Network Share and Cleartext High 19 6.61 Administrative Password

NIPC CyberNotes #2001-26 Page 11 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name Computer Windows NT CCC\ Harvest 5.0 CCC\Harvest Source Code Control High CyberNotes 2001- Associates194 4.0/2000 Software Password Encryption 07 Conectiva195 Unix Linux 4.0, 4.0es, 4.1, 4.2, 5.0, prg IMAP Multiple Remote Buffer Low CyberNotes 2001- graficos, ecommerce, 5.1, 6.0 Overflows 07 Conectiva196 Unix Zope-2.1.x Zope Multiple Vulnerabilities Medium CyberNotes 2001- 07 Conectiva197 Unix Conectiva Linux 6.0; Multiple Cups Vulnerabilities High CyberNotes 2001- SUSE 198 SuSE 7.1 07 Connect, Unix PowerNet IX Debian 6.0 Powernet Portscan Denial of Low CyberNotes 2001- Incorporated199 Service 14

Cosmicperl200 Multiple Directory Pro 2.0 Directory Pro Arbitrary File Medium CyberNotes 2001- Disclosure 11 Counterpane201 Windows Password Safe 1.7.1 Password Safe Data Buffer Medium CyberNotes 2001- 95/98/NT Recovery 19 4.0/2000 Craig Knudsen202 Unix Web Calendar 0.9.11, 0.9.15-16, WebCalendar Remote Command High CyberNotes 2001- 0.9.19-26, 0.9.8 Execution 09 Cray203 Multiple UNICOS/mk 2.0.5.54 UNICOS NQS Daemon Format High CyberNotes 2001- String 24 Critical Path204 Multiple InJoin Directory Server 2.0, 2.1, InJoin Directory Server LDAP High CyberNotes 2001- 3.0, 3.1, 4.0 16 CrossTec Corp205 Windows NetOp School 1.5 NetOp School Administration High CyberNotes 2001- 95/98/NT Authentication 19 4.0/2000 CrossWind206 Windows NT Cyber Scheduler 2.1 Cyber Scheduler ‘websyncd’ High CyberNotes 2001- 2000, Remote Buffer Overflow 08 Unix CrossWind207 Windows NT, Cyber Scheduler 2.1 Cyber Scheduler ‘websyncd’ High CyberNotes 2001- Unix Remote Buffer Overflow 09 Darren Hiebert 208 Unix Ctags 1.0-3.2.3 Ctags Symbolic Link Attack Medium CyberNotes 2001- 08 Data General209 Unix DG/UX 4.20MU02, 4.20MU06 DG/UX lpsched Long Error High CyberNotes 2001- Message Buffer Overflow 07 Data Wizard210 Windows 95, WebXQ 2.1.204 WebXQ Directory Traversal Medium CyberNotes 2001- Unix 09 Datawizard Windows FtpXQ 2.0.93 FtpXQ Directory Traversal Medium CyberNotes 2001- Technologies, 95/98/SE /NT 05 Incorporated211 4.0/2000 Dattaraj Rao212 Multiple Simple Server 1.0 Simple Server Directory Traversal Medium CyberNotes 2001- 05. David Harris213 Window NT Mercury for NetWare prior to 1.48 Mercury for NetWare Buffer High CyberNotes 2001- Overflow 09 David Mischler214 Multiple IPRoute 0.973, 0.974, 1.10, 1.18 IPRoute Fragmented Packets Low CyberNotes 2001- Denial of Service 25 DC Scripts215 Multiple DCForum 2000 1.0 DCForum 'AZ' Field Remote High CyberNotes 2001- Command Execution 08 DC Scripts216 Multiple DCShop 1.002 beta DCShop File Disclosure Medium CyberNotes 2001- 13 DC Scripts217 Unix DCForum 2000 1.0, 6.0 DC Scripts DCForum Remote High CyberNotes 2001- Admin Privilege Compromise 10 Debian218 Unix Linux 2.2, 2.2 68k, Alpha, Arm, Dialog /tmp File Race Condition Medium CyberNotes 2001- PowerPC, Sparc 01 Debian219 Unix Ralf S. Engelschall ePerl 2.2.12, ePerl Remote Buffer Overflow High CyberNotes 2001- Linux-Mandrake220 2.2.13 06 Debian221 Unix rxvt 2.6.2 Rxvt Buffer Overflow High CyberNotes 2001- 13

NIPC CyberNotes #2001-26 Page 12 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name deltathree222 Windows PC-to-Phone 3.0.3 Deltathree PC-to-Phone Medium CyberNotes 2001- 95/98/NT Authentication Information 22 4.0/2000 Disclosure Denicomp Windows Winsock RSHD/NT 2.17.07 (DEC Winsock RSHD & REXECD Low CyberNotes 2001- Products223 98/98/NT Alpha), 2.18.00 (Intel), REXECD/ Denial of Service 10 3.5.1/4.0/ 2000 NT v1.04.08 (DEC Alpha), 1.05.00 (Intel), RSHD/95 1.00.02, 2.18.03 Denicomp Windows NT Winsock RSHD/NT 2.20(Intel), Winsock RSHD/NT Standard Low CyberNotes 2001- Products224 4.0/2000 2.21(Intel) Error Denial of Service 25 Denis Howe 225 Windows NT Free Online Dictionary of Free Online Dictionary of Medium CyberNotes 2001- 2000, Computing 1.0 Computing Remote File Viewing 06 Unix Digex226 Unix Looking Glass 1.0 Looking Glass Perl Script Medium CyberNotes 2001- Neighbor Information Gathering 21 Digital (Compaq) 227 Unix TRU64/ DIGITAL UNIX Digital Unix MSGCHK High CyberNotes 2001- 4.0d-4.0g MH_PROFILE Symbolic Link 19 and MSGCHK Buffer Overflow DLink Multiple D-Link Dl-704 V2.56b5 DLink IP Fragment Low/High CyberNotes 2001- Technologies228 Denial of Service 19 (High if DDoS best practices not in place) Dream Catchers229 Multiple Seth Leonard Book of Guests 1.0 Book of Guests CGI Remote High CyberNotes 2001- Arbitrary Command Execution 22 Dream Catchers230 Multiple Seth Leonard Post-It! 1.0 Post-It! CGI Remote Arbitrary High CyberNotes 2001- Command Execution 22 DrPhibez and Windows 98/NT Guild FTPD 0.9.7 GuildFTPD Remote Buffer Low/High CyberNotes 2001- Nitro187231 4.0 Overflow and Memory Leak 11 Denial of Service DrPhibez and Windows 98/NT Guild FTPD 0.9.7 GuildFTPD Plaintext Password Medium CyberNotes 2001- Nitro187232 4.0 Storage and Directory Traversal 11 Drummond Miles233 Multiple A1Stats 1.0 A1Stats Directory Traversal Medium CyberNotes 2001- 10 Duncan Hall234 Unix Viralator 0.7, 0.8, 0.9pre1 Viralator CGI Input Validation High CyberNotes 2001- Remote Shell Command 23 DynFX235 Windows NT MailServer 2.10 build 3595.1 MailServer POP3d Low CyberNotes 2001- 4.0/2000 Denial of Service 11 Dynu236 Windows Dynu FTP Server 1.05 & prior Dynu FTP Server Directory Medium CyberNotes 2001- 95/98/NT Traversal 17 4.0/2000 EasyScripts237 Multiple EasyNews 1.5 EasyNews Multiple Vulnerabilities Medium/ CyberNotes 2001- High 25 eEye Digital Windows IRIS 1.0.1 Iris GET Denial of Service Low CyberNotes 2001- Security238 95/98/SE NT 02 4.0/2000 eEye Digital Windows NT Secure IIS 1.0.2 SecureIIS Multiple Vulnerabilities Medium/ CyberNotes 2001- Security239 4.0/2000 High 10 ElectroSoft 240 Windows ElectroComm 1.0, 2.0 ElectroComm Denial of Service Low CyberNotes 2001- 95/98/NT 10 3.5.1/4.0/2000 Elm Development Multiple ELM 2.5.3 Elm Alternative Folder Buffer High CyberNotes 2001- Group 241 Overflow 05

NIPC CyberNotes #2001-26 Page 13 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name Elm Development Unix Elm 2.5alpha3; Elm Subject Line Buffer Overflow High CyberNotes 2001- Group 242 HP-UX 11.0 06 Elron Software, Multiple IM Message Inspector 3.0.3; IM Message Inspector and IM Medium CyberNotes 2001- Incorporated243 IM Anti-Virus 3.0.3 AntiVirus Directory Traversal 07 EnGarde 244 Unix Secure Linux 1.0.1 EnGarde ‘sudo’ Privileged Medium CyberNotes 2001- Command Execution 14 Entrust 245 Multiple GetAccess 1.0 GetAccess Remote Arbitrary Java Medium CyberNotes 2001- Code Execution 16 Entrust 246 Multiple GetAccess 1.0 GetAccess File Disclosure Medium CyberNotes 2001- 23 Eric Raymond247, Unix Fetchmail 5.8- 58.9 IMAP and POP3 Reply Signed High CyberNotes 2001- 248 Integer Index 16 Conectiva and CyberNotes 2001- RedHat release 19 patches249, 250 Evolvable Windows NT Shambala 4.5 Shambala FTP Server Directory Medium CyberNotes 2001- Corporation251 Traversal 12 eXtremail252 Unix eXtremail 1.0-1.1.9 eXtremail Remote Format String High CyberNotes 2001- 13 Extropia253 Unix bbs_forum.cgi 1.0 Bbs_forum.cgi Remote Arbitrary High CyberNotes 2001- Command Execution 01 e-Zone Media Windows NT FuseTalk 2.0, 3.0 FuseTalk Form Input Validation High CyberNotes 2001- Inc.254 23 Fastream255 Windows FTP++ Server 2.0 Fastream FTP++ Multiple Low/ CyberNotes 2001- 95/98/NT Vulnerabilities Medium 02 4.0/2000 Faust Multiple Freestyle Chat 4.1 SR2 Freestyle Chat MS-DOS Device Low/ CyberNotes 2001- Informatics256 Name Denial of Service Medium 11 and Directory Traversal Flicks Software257 Windows Titan 5.5a Titan Application Firewall Medium CyberNotes 2001- Escaped Character Decoding 23 Francisco Burzi258 Multiple PHP Nuke 5.2 & prior PHPNuke Remote File Copy High CyberNotes 2001- 20 Francisco Burzi259 Multiple PHP-Nuke 1.0, 2.5, 3.0, 4.0, 4.3, PHP Nuke Remote Ad Banner Medium CyberNotes 2001- 4.4 URL Change 08 Francisco Burzi260 Multiple PHP-Nuke 1.0, 2.5, 3.0, 4.0, 4.3, PHPNuke Cross-Site Scripting High CyberNotes 2001- 4.4, 4.4.1a, 5.0-5.3.1, PostNuke 25 0.62-0.64 Francisco Burzi261 Multiple PHP-Nuke 4.3 PHP Nuke User Settings High CyberNotes 2001- Modification and Administrator 05 Account Compromise Francisco Burzi262 Multiple PHP-Nuke 4.4.1a PHP-Nuke XML Parser High CyberNotes 2001- 07 Francisco Burzi263 Multiple PHP-Nuke 5.1, 5.2., 5.3.1 PHP-Nuke Weak Encryption In Medium CyberNotes 2001- User Cookie 24 Francisco Burzi264 Multiple PHP-Nuke 5.2 PHP Nuke Copying and Deleting Medium CyberNotes 2001- Files 23 Francisco Burzi265 Unix Francisco Burzi PHP Nuke 1.0, PHP Nuke Remote SQL Query High CyberNotes 2001- 2.5, 3.0, 4.0, 4.3, 4.4.1a, 4.4, 5.0, Manipulation 16 5.0.1 Francisco Burzi266 Unix PostNuke 0.62-0.64 PostNuke Unauthenticated User Medium CyberNotes 2001- Login 21 Free Peers Inc.267 Windows BearShare 2.2-2.2.2 BearShare Directory Traversal Medium CyberNotes 2001- 95/98/ME 09 FreeBSD, Unix FreeBSD 4.1.1-RELEASE, 4.2- FreeBSD tcp_wrappers Medium CyberNotes 2001- Incorporated268 RELEASE, 4.3-RELEASE ‘PARANOID’ Checking Bypass 18

NIPC CyberNotes #2001-26 Page 14 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name FreeBSD, Unix Elvis 1.08h2_0 Korean, Elvis Local Root Compromise High CyberNotes 2001- Incorporated 269 Elvis 1.8.4-0 Japanese 04 FreeBSD, Unix FreeBSD 3.0-3.5.1, 4.0-4.1.1, 4.2 FreeBSD Ipfw Filtering Evasion Medium CyberNotes 2001- Incorporated 270 02 FreeBSD, Unix FreeBSD 3.5, 3.5.1, 4.1.1, 4.2; FreeBSD inetd wheel Group File Medium CyberNotes 2001- Incorporated 271 Red Hat Linux 6.2 alpha, i386, Read 03 sparc FreeBSD, Unix FreeBSD 3.5, 3.5-STABLE, 3.5.1- FreeBSD linprocfs Privileged Medium CyberNotes 2001- Incorporated 272 RELEASE & STABLE, 4.0, 4.1, Process Memory Disclosure 17 4.1.1-4.3 RELEASE & STABLE FreeBSD, Unix FreeBSD 3.x, 4.1, 4.1.1, 4.2 FreeBSD Procfs Vulnerabilities Low/High CyberNotes 2001- Incorporated 273 01 FreeBSD, Unix FreeBSD 3.x, 4.x; Rwhod Remote Denial of Service Low CyberNotes 2001- Incorporated 274 3.5-STABLE & 4.2-STABLE 06 prior to the correction date FreeBSD, Unix FreeBSD 4.0-4.2 FreeBSD periodic /tmp File Race High CyberNotes 2001- Incorporated 275 Condition 03 FreeBSD, Unix FreeBSD 4.0-4.3 FreeBSD exec() Inherited Signal High CyberNotes 2001- Incorporated 276 Handler 14 FreeBSD, Unix FreeBSD 4.2, 4.3 FreeBSD ‘rmuser’ Password Hash Medium CyberNotes 2001- Incorporated 277 Disclosure 18 FreeBSD, Unix FreeBSD 4.3-RELEASE, FreeBSD IPFW Me Point To Medium CyberNotes 2001- Incorporated 278 4.3-STABLE Point Interface Address Addition 17 FreeBSD, Unix FreeBSD 4.4 FreeBSD AIO Library Cross Medium CyberNotes 2001- Incorporated 279 Process Memory Write 25 FreeBSD, Unix ja-xlock 2.7 & earlier ja-xlock Local Root Compromise High CyberNotes 2001- Incorporated 280 04 FreeBSD, Unix LBL tcpdump 3.6.2 TCPDump AFS Signed Integer High Bug discussed Incorporated 281 Buffer Overflow CyberNotes 2001- 15 Frox282 Unix Frox 0.6.0-0.6.6 Frox FTP Cache Retrieval Buffer High CyberNotes 2001- Overflow 25 FSU 283 Unix DQS (Distributed Queuing System) DQS ‘dsh’ Buffer Overflow High CyberNotes 2001- 3.2.7 11 FTPFS284 Unix FTPFS 0.1.1k2.2, 0.1.1k2.4, FTPFS mount Buffer Overflow Low/High CyberNotes 2001- 0.2.1k2.4, 0.2.2k2.4 07 Fujitsu-Siemens285 Unix Siemens Reliant UNIT 5.43, 5.44, Reliant Unix ppd-t Race Medium CyberNotes 2001- 5.45 Condition 08 Gaztek286 Unix ghttp 1.4 Gaztek HTTP Daemon Buffer High CyberNotes 2001- Overflow 13 Gene6287 Windows G6 FTP Server 2.0 (now known as G6 FTP File Existence Disclosure Medium CyberNotes 2001- 95/98/ME /NT BFTP) and NetBIOS Hash Retrieval 07 4.0/2000 CVE Names: CAN-2001-0263, CAN-2001-0264 GFI Software288 Windows NT Mail Essentials 5.0, 2000, Mail Essentials BCC Information Medium CyberNotes 2001- 4.0/2000 2000SP1 Disclosure 25 gFTP 289 Unix gFTP 2.0.6a gFTP On-Screen Plaintext Medium CyberNotes 2001- Password 21 glFtpD 290 Unix glFtpD 1.13.6, 1.16.9. 1.17.2, glFtpD LIST Denial of Service Low CyberNotes 2001- 1.18a, 1.19, 1.20, 1.21, 1.22b, 17 1.23 global SCAPE291 Windows CuteFTP 4.2 CuteFTP Weak Password Medium CyberNotes 2001- 95/98/NT Encoding 18 3.5.1/4.0/ 2000 GMD FIT 292 Unix BSCW 3.0-3.4.3 BSCW Symbolic Link File High CyberNotes 2001- Disclosure 18

NIPC CyberNotes #2001-26 Page 15 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name GNU293 Multiple Gnatsweb 2.7 beta, 2.8, 2.8.1, 3.95, Gnatsweb Remote Command Medium CyberNotes 2001- GNATS 4 Execution 13 GNU294 Multiple Mailman 2.0, 2.0.1-2.0.3, GNU Mailman Cross-Site High CyberNotes 2001- 2.0.5-2.0.7 Scripting 24 GNU295 Unix Findutils 4.0, 4.1 Findutils Locate Arbitrary High CyberNotes 2001- Command Execution 16 GNU296 Unix Groff 1.10, 1.11a, 1.14-1.16 Linux Groff Exploitation via lpd High CyberNotes 2001- 15 GNU297 Unix Mailman 2.0-2.0.5 Mailman Empty Password Blank Medium CyberNotes 2001- Salt 18

GNU298 Windows GNU Privacy Guard 1.0-1.0.5 GnuPG Format String Medium CyberNotes 2001- 95/98/ME, 11 Unix GoAhead Windows GoAhead WebServer 2.0, 2.1 GoAhead WebServer Directory High CyberNotes 2001- Software299 95/98/NT Traversal 03 4.0/2000/CE 2.0/3.0 GoAhead Windows 98/ME GoAhead Webserver (Windows) GoAhead Webserver /aux Low CyberNotes 2001- Software300 2.1 Denial of Service 08 GoodTech301 Windows FTP Server NT/2000 3.0.1; GoodTech FTP Server Low CyberNotes 2001- 95/98/NT FTP Server 95/98 3.0.1 Denial of Service 02 4.0/2000 Gordano302 Windows NT NTMail 6.0.3c NTMail Web Services Low CyberNotes 2001- 4.0/2000 Denial of Service 06 Grant Averett303 Windows Ceberus FTP Server 1.0-1.3, 1.5 Cerberus FTP Server ‘PASV’ Low CyberNotes 2001- Denial of Service 14 Grant Averett304 Windows Cerberus FTP Server 1.x Cerberus FTP Server Buffer Low/High CyberNotes 2001- Overflow Denial of Service 13 Guido Frasseto305 Windows SEDUM HTTP Server 2.0 Guido Frasseto SEDUM HTTP Low CyberNotes 2001- 95/98/NT 4.0 Server Directory Traversal 03 Guido Frasseto306 Windows SEDUM HTTP Server 2.1 SEDUM HTTP Webserver Low CyberNotes 2001- 95/98/NT Denial of Service 05 3.5.1/4.0/ 2000 Hans Wolters307 Unix phpReview 0.9.0 rc2, 0.9-final, phpReview Cross-Site Scripting High CyberNotes 2001- 0.2.1, 0.2.0, 0.1.0 20 Hassan Windows NT 4.0 Shopping Cart 1.23 Shopping Cart Arbitrary High CyberNotes 2001- Consulting308 Command 19 Execution Headlight Windows My Getright 1.0b1-1.0b4 My Getright Remote Arbitrary Low/ CyberNotes 2001- Software309 98/98/ME /NT File Overwrite and Denial of Medium 05 3.5.1/4.0 2000 Service Heat-On Windows HSWeb 2.0 Heat-On HSWeb Web Server Path Medium CyberNotes 2001- Software310 95/98/NT Disclosure 03 4.0/2000 Hewlett Packard Unix HP Process Resource Manager HP Process Resource Manager High CyberNotes 2001- Company311 C.01.07, C.01.08.02 Environment Variable Privilege 18 Elevation Hewlett Packard Unix HP3000 running MPE/iX release Hewlett-Packard MPE/iX Medium CyberNotes 2001- Company312 5.5, 6.0, 6.5 linkeditor and NM debug 05 Hewlett Packard Unix HP9000 Series 700 & 800 HP-UX VirtualVault iPlanet Low CyberNotes 2001- Company313 11.04 (VVOS) with Virtual Vault Denial of Service 04 A.04.00 Hewlett Packard Unix HP9000 Series 700/800 running HP-UX ‘PCLToTIFF’ Low CyberNotes 2001- Company314 HP-UX releases 10.01, 10.10, Denial of Service 09 10.20, 10.26

NIPC CyberNotes #2001-26 Page 16 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name Hewlett Packard Unix HP-UX (VVOS) 11.0.4 HP-UX VVOS libsecurity Low CyberNotes 2001- Company315 Denial of Service 19 Hewlett Packard Unix HP-UX 10.0.1, 10.10, 10.20, 11.0 HP-UX Series 700/800 Asecure Medium CyberNotes 2001- Company316 Denial of Service 06 Patch update317 CyberNotes 2001- 09 Hewlett Packard Unix HP-UX 10.1, 10.10, 10.20, 11.0 HP-UX Kermit Buffer Overflow High CyberNotes 2001- Company318 01 Hewlett Packard Unix HP-UX 10.20, 10.24, 11.00, 11.04 HP-UX Inetd Swait Low CyberNotes 2001- Company319 Denial of Service 02 Hewlett Packard Unix HP-UX 10.20, 11.0 HP-UX Stm Race Condition Medium CyberNotes 2001- Company320 01 Hewlett Packard Unix HP-UX 10.20, 11.0, 11.11 HP-UX Support Tools Manager Low CyberNotes 2001- Company321 Denial of Service 02 Hewlett Packard Unix HP-UX 10.20, 11.0, 11.11 HP-UX Login Restricted Shell High CyberNotes 2001- Company322 Escaping 15 Hewlett Packard Unix HP-UX 10.26 HP-UX login btmp Logging Medium CyberNotes 2001- Company323 Failure 18 Hewlett Packard Unix HP-UX 11.0 HP-UX ‘SWVerify’ Buffer High CyberNotes 2001- Company324 Overflow 18 Hewlett Packard Unix HP-UX 11.0 HP-UX kmmodreg Symbolic Link Medium CyberNotes 2001- Company325 12 Hewlett Packard Unix HP-UX 11.11 HP-UX Dynamically Loadable High CyberNotes 2001- Company326 Kernel Modules 15 Hewlett Packard Unix UP-UX 10.xx, 11.0 HP-UX Top Modify Files Medium CyberNotes 2001- Company327 01

Hewlett Packard Unix VirtualVault 4.0, 4.5 HP VirtualVault MKACCT Medium CyberNotes 2001- Company328 Privilege Elevation 15 Hewlett Packard Windows NT 4.0 CIFS/9000 Server A.01.05-A.01.07 CIFS 9000 Arbitrary Password Medium CyberNotes 2001- Company329 Changing 18 Hewlett Packard Windows NT JetAdmin 4.0, 4.1.2, 5.1, 5.5, JetDirect JetAdmin Password Medium CyberNotes 2001- Company330 4.0/2000, 5.5.177, 5.6, 6.0. 6.1, 6.2 16 Unix Hewlett Packard Windows NT OpenView Network Node Manager OpenView ECSD Buffer Overflow High CyberNotes 2001- Company331 4.0/2000, 6.1 11 Unix Hewlett Packard Multiple HP9000 Series 700/800 running HP ‘cu(1)’ Command Low CyberNotes 2001- Company 332 HP-UX releases 11.11, 11.00, Denial of Service 20 11.04, 10.20, 10.10, 10.01 Hewlett Packard Unix HP Secure Software for Linux 1.0, HP Secure OS Software for Linux Medium CyberNotes 2001- Company 333 9.0.1 Filesystem Protection 22 Hewlett Packard Unix HP9000 Series 700/800 running HP-UX Software Distributor Low CyberNotes 2001- Company 334 HP-UX releases 10.01, 10.10, Denial of Service 05 10.20, 11.00 Hewlett Packard Unix HP-UX 10.01, 10.10, 10.20, 11.0, HP-UX Remote Line Printer High CyberNotes 2001- Company 335 11.11 Daemon Logic Flaw 24 CVE Name: CAN-2001-0817 Hewlett Packard Unix HP-UX 10.1, 10.10, 10.20, 11.0, HP-UX Line Printer Daemon High CyberNotes 2001- Company 336 11.11 Buffer Overflow 18 CVE Name: CAN-2001-0668 Hewlett Packard Unix HP-UX 11.0, 11.11 HP-UX RPCBind Random Buffer Low CyberNotes 2001- Company 337 Overflow Denial of Service 20 Hewlett Packard Unix HP-UX 11.20 HP-UX GetEUID Medium CyberNotes 2001- Company 338 21

NIPC CyberNotes #2001-26 Page 17 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name Hewlett Packard Unix OpenView Network Node Manager OpenView Network Node Medium CyberNotes 2001- Company 339 5.01, 6.1 Manager SNMPNotify Command 12 Execution Hewlett Packard Windows NT OpenView Network Node Manager OpenView Network Node High CyberNotes 2001- Company 340 4.0/2000, 5.01, 6.1, 6.2 Manager Arbitrary Privilege 20 Unix Elevation Hi Resolution341 MacOS 8.6 MacAdministrator 2.0 MacAdministrator Hidden Files Medium CyberNotes 2001- Disclosure 16 HIS Software342 Windows Auktion 1.62 Auktion Directory Traversal High CyberNotes 2001- 95/98/NT 4.0 04 Holger Lamm343 Unix PGP4pine 1.75.6 PGP4pine Encryption Failure Medium CyberNotes 2001- 05 Home-Of- Unix GNOME libgtop_daemon 1.0.12 Gnome libgtop_ daemon Remote High CyberNotes 2001- Linux.org344 Format String 24 Horde Project 345 Multiple Horde Imp 2.0-2.2.5 Horde IMP Multiple High CyberNotes 2001- Vulnerabilities 15 Horde Project 346 Multiple IMP 2.0, 2.2 2.2.1-2.2.4 Imp Message Attachment Medium CyberNotes 2001- Symbolic Link 11 Horde Project 347 Unix IMP 2.0, 2.2-2.2.6 IMP Session Hijacking High CyberNotes 2001- 23 ht://Dig Group 348, Unix ht://Dig 3.20b2, 3.20b3, 3.1.5, 1.5- ht://Dig Remote Low/ CyberNotes 2001- 349, 350 7 Denial of Service/File Disclosure Medium 21 Hughes Windows DSL_Vdns 1.0 DSL_Vdns Denial of Service Low CyberNotes 2001- Technologies351 95/98/ME /NT 10 4.0/2000, Unix Hursley Software Unix Hursley Software Laboratories Hursley Software Laboratories Low CyberNotes 2001- Laboratories352 Consumer Transaction Framework Consumer Transaction 07 (HSLCTF) 1.0 for AIX Framework Denial of Service Hylafax353 Multiple Hylafax 4.0pl0, 4.0pl1, 4.0pl2, Hylafax ‘hfaxd’ Local Format High CyberNotes 2001- Exploit script 4.1-beta1, beta2, beta3 String 08 published354 CyberNotes 2001- 09 Hylafax355 Unix Hylafax 4.1 Hylafax Hostname Format High CyberNotes 2001- Exploit code String 20 released356 CyberNotes 2001- 21 HyperMail357 Unix HyperMail 2.0.0-2.1.2 HyperMail Remote Command High CyberNotes 2001- Execution 24 Hyundai Multiple HA-120 HASE-120-1101 HA-120 Router Default High CyberNotes 2001- Networks358 Administrative Password 25 Ian Lance Unix Taylor UUCP 1.0.6 Taylor UUCP Argument Handling High CyberNotes 2001- Taylor359, 360 Privilege Elevation 19 iBill Internet Multiple Processing Plus iBill Management Script Weak Medium CyberNotes 2001- Billing Company361 Hard-Coded Password 22 IBM 362 Multiple Net Commerce 3.0-3.2 IBM Net.Commerce Remote High CyberNotes 2001- Arbitrary Command Execution 03 IBM 363 Multiple Net Commerce & WebSphere IBM Net. Commerce and High CyberNotes 2001- Commerce Suite 4.1 & previous WebSphere Encryption and 06 Account Vulnerability IBM 364 Multiple WebSphere IBM WebSphere ShowCode Medium CyberNotes 2001- 03 IBM 365 Unix AIX 4.3-4.3.3, 5.1 AIX diagrpt Arbitrary Privileged High CyberNotes 2001- Program Execution 13 IBM 366 Unix AIX 4.3-4.3.3, 5.1 CDE DTPrintInfo Session Option High CyberNotes 2001- Buffer Overflow 22

NIPC CyberNotes #2001-26 Page 18 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name IBM 367 Unix HACMP 4.4 HACMP Port Scan Low CyberNotes 2001- Denial of Service 20 IBM 368 Unix Informix SQL 7.31.UC5 Informix SQL SNMPDM and High CyberNotes 2001- ONSRVAPD Predictable 18 Temporary File Creation IBM 369 Unix Informix SQL 7.31.UC5 Informix SQL Temporary Log Medium CyberNotes 2001- File Symbolic Link 18 IBM 370 Unix Informix SQL 7.31.UC5, 9.20.UC2 Informix SQL Web DataBlade Medium CyberNotes 2001- Directory Traversal 24 IBM 371 Unix WCS (WebSphere Commerce Suite) WCS JSP Source Code Exposure Medium CyberNotes 2001- 4.0.1 with Application Server 3.0.2 07 IBM 372 Windows 98/NT IBM DB2 Universal Database for DB2 Denial of Service Low CyberNotes 2001- 2000 Windows 14 IBM 373 Windows 9x/NT, alphaWorks TFTP Server 1.21 alphaWorks TFTP Directory Medium CyberNotes 2001- OS/2, Traversal 15 Unix IBM 374 Windows NT 4.0, HTTP Server 1.3.12.2 HTTP Server AfpaCache Low CyberNotes 2001- Unix Denial of Service 01 IBM 375 Windows NT 4.0, HTTP Server 1.3.3 win32, IBM HTTP Server Source Code Medium CyberNotes 2001- Unix 1.3.6win32, 1.3.6.4 win32, 1.3.6.3, Disclosure 23 1.3.6.2 win32, 1.3.6.2 unix, 1.3.12.4, 1.3.12.3, 1.3.12.2, 1.3.19 IBM 376 Windows NT 4.0, Net Commerce 3.1.2 Websphere/Net.Commerce CGI- Low/ CyberNotes 2001- Unix BIN Macro Denial of Service Medium 08 and Installation Directory Revealing IBM 377 Windows NT 4.0, WebSphere Application Server WebSphere Cross-Site Scripting High CyberNotes 2001- Unix 3.0.2, 3.5 14 IBM 378 Windows NT 4.0, Websphere Application Server WebSphere JSP Root Password High CyberNotes 2001- Unix 3.0-3.0.2.4, 3.5- 3.5.3 Disclosure 25 IBM 379 Windows NT 4.0, WebSphere Commerce Suite WebSpere Application Server Medium CyberNotes 2001- Unix Service Provider 3.1.2, 3.2; Predictable Session ID 19 WebSphere Application Server Enterprise Edition 4.0; WebSphere Application Server Advanced Edition 3.0.2.1; WebSphere Application Server 3.0.2.2- 3.5.3 IBM 380 Windows NT Tivoli SecureWay Policy Director Tivoli SecureWay Policy Director Medium CyberNotes 2001- 4.0/2000, 3.0.1, 3.6-3.7.1 Directory Traversal 15 Unix IBM 381 Windows NT Tivoli SecureWay Policy Director Tivoli Policy Director WebSeal Low CyberNotes 2001- 4.0/2000, 3.8 Denial of Service 25 Unix IBM 382 Windows, IBM HTTP Server 1.3.6.2 under IBM HTTP Server WebSphere Medium CyberNotes 2001- Unix Apache version 1.3.7-dev (Unix), Arbitrary Information 03 IBM HTTP Server 1.3.6.3 under Apache version 1.3.7-dev (Win32) IBM (Lotus) 383 Multiple Lotus Domino 5.0.8 Lotus Domino Internal IP address Medium CyberNotes 2001- Disclosure 19 IBM (Lotus) 384 Multiple Lotus Domino Mail Server 5.0.5 Lotus Domino Mail Server High CyberNotes 2001- 'Policy' Buffer Overflow 02 IBM (Lotus) 385 Windows Lotus Notes R5 Client 4.6 Lotus Notes Remote Code High CyberNotes 2001- 95/98/NT Execution 04 4.0/2000, Apple MacOS 9.0

NIPC CyberNotes #2001-26 Page 19 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name IBM (Lotus) 386 Windows Lotus Notes R5 Client 4.6 Lotus Notes Email Embedded High CyberNotes 2001- 95/98/NT Code Execution 22 4.0/2000, MacOS 9.0 IBM (Lotus) 387 Windows NT Lotus Domino 4.6.1, 4.6.3, 4.6.4, Lotus Domino Mail Loop Low CyberNotes 2001- 4.0/2000, 5.0.1-5.0.8 Denial of Service 17 OS/2 4.5Warp, OS/390 V2R9, Unix IBM (Lotus) 388 Windows NT Lotus Domino 5.0.1-5.0.6 Lotus Domino Server Multiple Low CyberNotes 2001- 4.0/2000, Denial of Service Vulnerabilities 08 OS/2 4.5Warp, OS/390 V2R9, Unix IBM (Lotus) 389 Windows NT Lotus Domino 5.0.2, 5.0.3, 5.0.5, Lotus Domino Server Directory High CyberNotes 2001- 4.0/2000, 5.0.6 Traversal 01 OS/2, OS/390 Unix IBM (Lotus) 390 Windows NT Lotus Domino 5.0.5-French, Lotus Domino bad URL database Low CyberNotes 2001- 4.0/2000, 5.0.8-French Denial of Service 25 OS/2 4.5Warp, OS/390 V2R9, Unix IBM (Lotus) 391 Windows NT Lotus Domino 5.0.6 Lotus Domino Server Cross-Site High CyberNotes 2001- 4.0/2000, Scripting 14 OS/390 V2R9, OS/2 4.5Warp, Unix IBM (Lotus) 392 Windows NT Lotus Domino 5.0-5.0.8 Lotus Domino File Disclosure High CyberNotes 2001- 4.0/2000, 22 OS/2 4.5Warp, OS/390 V2R9, Unix IBM (Lotus) 393 Windows NT Lotus Domino 5.0-5.0.8 Lotus Notes Visible Views Medium CyberNotes 2001- 4.0/2000, Disclosure 22 OS/2 4.5Warp, OS/390 V2R9, Unix IBM (Lotus) 394 Windows NT Lotus Domino 5.0-5.0.8 Lotus Domino View ACL Bypass Medium CyberNotes 2001- 4.0/2000, 22 OS/2 4.5Warp, OS/390 V2R9, Unix IBM (Lotus) 395 Windows NT Lotus Domino 5.0-5.0.8 Lotus Domino SunRPC Low CyberNotes 2001- 4.0/2000, Denial of Service 25 OS/2 4.5Warp, OS/390 V2R9, Unix ibrow396 Multiple newsdesk. cgi 1.2 Newsdesk.cgi File Disclosure Medium CyberNotes 2001- 01 iButton397 Multiple Dallas Semiconductor MultiKey Dallas Semiconductor MultiKey Medium CyberNotes 2001- iButton DS1991 iButton insecure password 02

NIPC CyberNotes #2001-26 Page 20 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name Icecast 398 Unix Icecast 1.3.7, 1.3.8 beta2; Icecast Buffer Overflow High CyberNotes 2001- Red Hat Powertools; 02 Conectiva Linux 4.1, 4.2, 5.0, 5.1, 6.0 Icecast 399 Windows 2000, Icecast 1.3.7, 1.3.8 beta2, 1.310 Icecast Denial of Service and Low/ CyberNotes 2001- Unix Linux Directory Traversal Medium 13 id Software400 Multiple Quake 3 Arena Server 1.29f, 1.29g Quake 3 Arena Possible Buffer High CyberNotes 2001- Overflow 16 id Software401 Windows Quake 1.9 Quake Denial of Service Low CyberNotes 2001- 95/98/NT 4.0 15 id Software402 Windows Quake3 Arena 1.16n, 1.1.7 Quake 3 “smurf attack” Low CyberNotes 2001- 95/98/NT 4.0 Denial of Service 15 I-Data Multiple Easycom/ Safecom Print Server 1.0 Easycom/ Safecom Print Server High CyberNotes 2001- International403 Remote Arbitrary Command 02 Identix 404 Windows 98/ME BioLogon Client 2.0, 2.0.1-2.0.3 BioLogon Client Biometric Medium CyberNotes 2001- Authentication Bypass 16 IDM Computer Windows UltraEdit-32 8.2 UltraEdit FTP Client Weak Medium CyberNotes 2001- Solutions, 95/98/NT 3.5/4.0/ Password Encryption 18 Incorporated405 2000 Ikonboard.com406 Multiple ikonboard 2.1.0, 2.1.7, 2.1.8, 2.1.9 Ikonboard Cookie Input High CyberNotes 2001- Validation 22 Ikonboard.com407 Windows NT Ikonboard 2.1.7b & previous Ikonboard Remote File Disclosure Medium CyberNotes 2001- 4.0/2000, 06 Unix Imatix 408 Windows Xitami 2.4, 2.5 Xitami Administrator Plain Text High CyberNotes 2001- 95/98/NT Password Storage 24 4.0/2000 Imatix 409 Windows 98/ME Xitami for Windows 2.4d7, 2.5d4 Xitami Webserver MS-DOS Low CyberNotes 2001- Device Name Denial of Service 08 IncrediMail Ltd. 410 Windows IncrediMail Build 1400185 IncrediMail File Overwrite Medium CyberNotes 2001- 95/98/ME/NT 10 4.0/2000 Infinite411 Windows Interchange 3.61 InterChange Denial of Service Low/High CyberNotes 2001- 95/98/NT 01 4.0/2000 Infopop Unix Ultimate Bulletin Board 5.0.x Beta Ultimate Bulletin Board Tag High CyberNotes 2001- Corporation412 JavaScript Embedding 05 Infopop Unix Ultimate Bulletin Board 5.43, Ultimate Bulletin Board Forum Medium CyberNotes 2001- Corporation413 5.4.7e Password Bypass 08 Information Windows 95 Informs PicServer 1.0 Informs PicServer Directory Medium CyberNotes 2001- Management Traversal 03 Specialists, Incorporated414 Informix 415 Multiple Webdriver 1.0 Webdriver Local File Overwrite High CyberNotes 2001- 01

Informix 416 Multiple Webdriver 1.0 Webdriver Remote High CyberNotes 2001- Administration Access 01 Infradig417 Windows Inframail 3.80a-3.97a Inframail Post Remote Low CyberNotes 2001- 95/98/NT Denial of Service 07 4.0/2000, Unix Intego 418 MacOS 7.0-9.1 FileGuard 4.0 Intego FileGuard Weak Password Medium CyberNotes 2001- Encryption 17 Intel Multiple High-bandwidth Digital Content HDCP Authentication Linear Medium CyberNotes 2001- Corporation419 Protection 1.0 Relation Between Keys 24

NIPC CyberNotes #2001-26 Page 21 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name Inter7420 Multiple vpopmail (vchkpw) 3.4.1-4.9.10 Vpopmail MySQL Authentication Medium CyberNotes 2001- Data Recovery 18 Internet Software Unix BIND 8.2-8.2.2 p7 Bind Multiple Vulnerabilities Very CyberNotes 2001- Consortium421, CVE Names: CAN-2001-10, High 02 422 CAN-2001-11, CAN-2001-12, CyberNotes 2001- CAN-2001-13 Very 04 High because the majority of name servers in BIND exploit script operation has now been today run released.423 BIND, these vulnera- bilities present a serious threat to the Internet infrastru c-ture. Internet Software Windows Air Messenger LAN Server 3.4.2 AMLServer Directory Traversal, Medium CyberNotes 2001- Solutions424 98/98/ME /NT Path Disclosure, and Plaintext 13 4.0/2000 Storage Iomega 425 Unix JaZip 0.32-2 JaZip Buffer Overflow High CyberNotes 2001- 02. iPlanet 426 Multiple Netscape Enterprise Server 4/SP7 Netscape Enterprise Server High CyberNotes 2001- Method and URI Overflow 11 iPlanet 427 Windows NT 4.0, Calendar Server 2.1- 2.1p3, Calendar Server Plaintext Admin Medium CyberNotes 2001- Unix 5.0p1-5.0p2 Password 08 iPlanet 428 Windows NT Web Server Enterprise Edition 4.0, Web Server Enterprise Response Medium CyberNotes 2001- 4.0/2000, 4.1 Header Overflow 09 Unix IpSwitch429 Windows NT IMail 6.0- 6.0.6 IMail SMTP Buffer Overflow High CyberNotes 2001- 4.0/2000 09 IpSwitch 430 Windows NT IMail 7.0.4 & prior IMail Multiple Security Low/ CyberNotes 2001- 4.0/2000 Vulnerabilities Medium 21 IpSwitch 431 Windows NT IMail 7.0.4 & prior IMail Web Calendar Buffer High CyberNotes 2001- 4.0/2000 Overflow 21 IpSwitch 432 Windows NT WS FTP Server 1.0.1-2.0.3 WS_FTP Server 'STAT' Buffer High CyberNotes 2001- 4.0/2000 Overflow 23 IpSwitch 433 Windows NT WS FTP Server 2.0-2.0.2 WS-FTP Anonymous Multiple High CyberNotes 2001- 4.0/2000 FTP Command Buffer Overflow 15 ITAfrica434 Windows WEBactive 1.0 WEBactive Directory Traversal Medium CyberNotes 2001- 95/98/NT 04 4.0/2000 iWeb Systems435 Windows NT 4.0, HyperSeek 2000 iWeb HyperSeek 2000 Directory Medium CyberNotes 2001- Unix Traversal 03 Jarle Aase436 Windows War FTPD 1.67b04 Jarle Aase War FTPD Directory Medium CyberNotes 2001- 95/98/NT Traversal 05 4.0/2000 Jason Rahaim 437 Windows MP3Mystic 1.0, 1.0.1, 1.0.3, 1.0.4 MP3Mystic Server Directory Medium CyberNotes 2001- 95/98/ME NT Traversal 10 4.0/2000

NIPC CyberNotes #2001-26 Page 22 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name Jelsoft Enterprises Multiple vBulletin 1.0Lite, 1.1, 2.0beta 2 vBulletin PHP Command High CyberNotes 2001- Ltd 438 Execution 06 Jetico439 Unix BestCrypt 0.6, 0.7, 0.8-1 BestCrypt BCTool UMount High CyberNotes 2001- Buffer Overflow 12 Jetico440 Unix BestCrypt 0.7 BestCrypt Arbitrary Privileged High CyberNotes 2001- Program Execution 12 Joerg Wendland441 Unix libnss-pgsql 0.9.0 LibNSS-PgSQL Remote SQL Medium CyberNotes 2001- Query 19 Manipulation Joerg Wendland442 Unix pam-pgsql 0.9.2 Pam-PSQL Remote SQL Query Medium CyberNotes 2001- Manipulation 19 John Bovey 443 Unix xvt 2.1 Xvt Buffer Overflow High CyberNotes 2001- 14 John E. Davis444 Unix MOST 4.4-4.9.1 MOST Buffer Overflow High CyberNotes 2001- 19 John Roy445 Windows 95/NT Pi3Web 1.0.1 Pi3Web Buffer Overflow High CyberNotes 2001- 4.0 04 Jon Zeeff446 Multiple lmail 2.7 Lmail Temporary File Race High CyberNotes 2001- Condition 14 Juergen Multiple Scotty 2.1.10, 2.1.7, 2.1.8, 2.1.9 Scotty ‘ntping’ Buffer Overflow High CyberNotes 2001- Schoenwaelder447 13 Kabotie Software Multiple ShopPlus Cart 1.0 ShopPlus Cart Arbitrary High CyberNotes 2001- Technologies448 Command Execution 18 KDE449 Unix kdelibs 2.0- 2.1.1 KDE kdesu Insecure Temporary Medium CyberNotes 2001- File Creation 09 Ken'ichi Unix flm 3.0 fml Mailing List HTML Injection Medium CyberNotes 2001- Fukamachi450 25 Kevin Lenzo451 Unix Infobot 0.44.5.3 Infobot Fortran Math Arbitrary High CyberNotes 2001- Command Execution 04 Khamil Landross Windows EFTP 2.0.7.337 EFTP Multiple Vulnerabilities Medium/ CyberNotes 2001- and Zack Jones452 95/98/ME /NT High 19 4.0/2000 Khamil Landross Windows EFTP 2.0.8.346 EFTP Directory Traversal Medium CyberNotes 2001- and Zack Jones453 95/98/ME /NT 25 4.0/2000, XP KICQ454 Unix KICQ 1. KICQ Remote Arbitrary High CyberNotes 2001- Command Execution 06 Knox Software455 Unix Arkeia Server 4.2.8-2 Arkeia Backup World Writable Medium CyberNotes 2001- File Creation 15 Knox Software456 Unix Arkeia Server 4.2.8-2 Arkeia Server Static Salt Weak High CyberNotes 2001- Password and Blank Default Root 17 Password Lee Herron457 Unix All Commerce 1.2.3 AllCommerce Symlink Medium CyberNotes 2001- 14 Legato458 Multiple NetWorker 6.0 NetWorker Reverse DNS Medium CyberNotes 2001- Authentication 24 Leoboard459 Multiple LB5000 1029.0 LB5000 Cookie Input Validation High CyberNotes 2001- 22 Leon J. Breedt 460 Unix pam-pgsql 0.5.1 Pam-PSQL Remote SQL Query Medium CyberNotes 2001- Manipulation 19 LICQ461 Unix LICQ .85, 1.0.1, 1.0.2 LICQ Hostile URL Command High CyberNotes 2001- Execution 06 LICQ462 Unix LICQ 1.0.1, 1.0.2 LICQ Denial of Service Low CyberNotes 2001- 04 Lightwave463 Multiple Console Server 3200 Console Server Information Medium CyberNotes 2001- Disclosure 08

NIPC CyberNotes #2001-26 Page 23 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name Linksys464 Multiple EtherFast BEFSR41 Router 1-39, EtherFast Router Password Medium CyberNotes 2001- 135-137 HTML Source Revealing 16 Linus Torvalds465 Unix Linux kernel 2.4-2.4.11 Linux Kernel MAC Module Medium CyberNotes 2001- Filtering Bypassing 21 Linux 466 Unix Linux kernel 2.2-2.2.19, Linux Deep Symbolic Link Low CyberNotes 2001- Linux kernel 2.4-2.4.9 Denial of Service 22 LocalWEB 467 Windows LocalWEB 2000 v1.1.0 LocalWEB Directory traversal Low CyberNotes 2001- 02 Logitech468 Multiple iTouch Keyboard, Logitech Wireless Peripheral Medium CyberNotes 2001- Cordless Freedom Pro, Navigator Device Man in the Middle 10 Macromedia, Windows Shockwave Flash 8.0 & previous Shockwave Flash SWF Low CyberNotes 2001- Incorporated469 95/98/NT 4.0, Denial of Service 01 MacOS 9.0, Unix MandrakeSoft 470 Unix Linux Mandrake 8.1 Mandrake passwd PAM md5 Medium CyberNotes 2001- Support Lacking 25 Marconi Multiple ForeThought 7.2 ForeThought 7.1 Telnet Low CyberNotes 2001- Corporation471 Administration Denial of Service 18 Marconi Unix ForeThought 6.2 ASX-1000 Administration Low CyberNotes 2001- Corporation472 Denial of Service 04 Martin Schulze473 Unix CFingerD 1.4.2, 1.4.3 CFingerD Utilities Format String High CyberNotes 2001- and Buffer Overflow 13 Martin Stover474 Unix Mars NWE 0.99pl19 Mars NWE Format String High CyberNotes 2001- FreeBSD has 03 released patch475 CyberNotes 2001- 04 Marty Bochane476 Unix MDBMS 0.96b6, 0.99b4- 0.99b6, MDBMS Query Display Buffer High CyberNotes 2001- 0.99b9 Overflow 12 Matt Tourtillott477 Unix Nph-maillist 3.0, 3.5 Nph-maillist Arbitrary Code High CyberNotes 2001- Execution 08 Matt Wright478 Unix FormMail 1.0-1.6 FormMail Anonymous E-mail/ Low CyberNotes 2001- Spamming 06 Matthew Smith479 Unix mICQ 0.4.6; mICQ Remote Buffer Overflow High CyberNotes 2001- Red Hat Powertools; 02 Debian Max Feoktistov480 Windows 95/98 Small HTTP server 1.212, 2.01, SmallHTTP Server Long URL Low CyberNotes 2001- 2.03, 3.0 beta Denial of Service 14

Max Feoktistov481 Windows 95/98 Small HTTP server 2.03 Small HTTP Server MS-DOS Low CyberNotes 2001- Device Name Denial of Service 09 Maxum Mac OS (9.x and Maxum Rumpus FTP Server Rumpus FTP Server Stack Low CyberNotes 2001- Development earlier) 1.3.2-1.3.5, 2.0.3dev Overflow 12 Corporation482 Denial of Service Maxum Rumpus483 MacOS 8.6, 9.1 FTP Server 1.3.2, 1.3.4, 2.0.3dev FTP Server Plaintext Password Medium CyberNotes 2001- and Denial of Service 10 McAfee484 Windows Remote Desktop 32 2.1.2, 32 3.0 McAfee Remote Desktop Low CyberNotes 2001- 95/98/ME /NT Denial of Service 10 4.0 McAfee485 Windows NT ASaP Virusscan 1.0 ASaP Virusscan Directory Medium CyberNotes 2001- 4.0/2000 Traversal 14

Merant Micro Unix Cobol 4.1 Cobol Arbitrary Command High CyberNotes 2001- Focus486 Execution 04 Merit 487 Unix RLMadmin 3.8M, 5.01 RADIUS Server RLMadmin High CyberNotes 2001- Symbolic Link 19

NIPC CyberNotes #2001-26 Page 24 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name Michael A. Unix FCheck 2.6.27, 2.7.34, 2.7.38, FCheck Local Command High CyberNotes 2001- Gumienny488 2.7.40, 2.7.45- 2.7.47, Execution 07 2.7.50-2.7.51, 2.7.58 Michael Barretto489 Multiple CardBoard 2.0 CardBoard Remote Command High CyberNotes 2001- Execution 20 Michael Boehme490 Multiple Web Discount E-Shop Online-Shop WebDiscount E-Shop Remote Medium CyberNotes 2001- System 1.0 Arbitrary Command Execution 19 Michael Unix itetris 1.6.1, 1.6.2 Itetris Privileged Arbitrary High CyberNotes 2001- Glickman491 Command Execution 01 Michael Lamont492 Windows Savant WebServer 3.0 Michael Lamont Savant Web Low CyberNotes 2001- 95/98/NT Server Denial of Service 06 4.0/2000 Microburst 493 Multiple uDirectory 2.0 uDirectory Remote Command High CyberNotes 2001- Execution 13 Microsoft 494 Mac OS X 10.1 Microsoft Internet Explorer Mac OS X .bin and .hqx High CyberNotes 2001- bundled with Mac OS X 10.1 Decompress File 20 Microsoft 495 MacOS 7.0, 8.0, Outlook Express for MacOS Microsoft Outlook Express for High CyberNotes 2001- 8.1, 8.5, 8.6, 9.0, 5.0-5.0.2 Macintosh Buffer Overflow 25 10.0, 10.1 Microsoft 496 MacOS X 10.1 Internet Explorer 5.1 for Microsoft IE 5.1 for Mac OS X High CyberNotes 2001- Macintosh 10.1 Download Execution 22 CVE Name: CAN-2001-0720 Microsoft 497 Windows Internet Explorer 5.5 Internet Explorer ‘MSScript Medium CyberNotes 2001- Control.ScriptControl’ 07 Microsoft 498 Windows Internet Information Server 5.0 IIS Propfind Denial of Service Low CyberNotes 2001- 10 Microsoft 499 Windows Microsoft Windows Media Player 7 Windows Media Player Skins File High CyberNotes 2001- Download 04 Microsoft 500 Windows Outlook 98, 2000, Outlook, Outlook Express VCard High CyberNotes 2001- Outlook Express 5.01, 5.5 Handler Unchecked Buffer 04 CVE Name: CAN-2001-0145 Microsoft 501 Windows 2000 Exchange Server 2000, Microsoft Exchange OWA Server Low CyberNotes 2001- Exchange Server 2000SP1 Resource Starvation 20 CVE Name: CAN-2001-0666 Microsoft 502 Windows 2000 IIS 5.0 Microsoft IIS False Content- Low CyberNotes 2001- Length Field Denial of Service 25 Microsoft 503 Windows 2000 Internet Explorer 5.x, IE, IIS and Exchange 2000 Medium/ CyberNotes 2001- Internet Information Service 5.0, Interaction High 07 Exchange 2000 Microsoft504 Windows 2000 Internet Information Services IIS Malformed WebDav Low CyberNotes 2001- Security patch now (IIS) 5.0 Request 05 available505 CVE Name: CAN-2001-0151 CyberNotes 2001- 06 Microsoft 506 Windows 2000 Internet Information Server 4.0 Internet Information Server Low/High CyberNotes 2001- (IIS buffer overflow vulnerability), Multiple Vulnerabilities 17 5.0 CVE Names: CAN-2001-0506, CAN-2001-0507, CAN-2001- 0508, CAN-2001-0544, CAN- 2001-0545 Microsoft 507 Windows 2000 Internet Information Server 5.0 IIS WebDav Lock Method Low CyberNotes 2001- Memory Leak Denial of Service 10 Microsoft 508 Windows 2000 Internet Security & Acceleration Internet & Acceleration Server Low CyberNotes 2001- Server 2000 Event 07 Denial of Service

NIPC CyberNotes #2001-26 Page 25 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name Microsoft 509 Windows 2000 ISA Server 2000 Windows 2000 Internet & Low CyberNotes 2001- Acceleration Server 08 Denial of Service CVE Name: CAN-2001-0239 Microsoft 510 Windows 2000 ISA Server 2000 ISA Server Multiple Low/High CyberNotes 2001- Vulnerabilities 17 CVE Names: CAN-2001-0546, CAN-2001-0547, CAN-2001- 0658 Microsoft 511 Windows 2000 Microsoft Windows 2002, Microsoft Windows 2000 Low CyberNotes 2001- 2000SP1&SP2 Internet Key Exchange Denial of 25 Service Microsoft 512 Windows 2000 Windows 2000 & 2000 SP1&SP2 Windows 2000 Task Manager High CyberNotes 2001- Process Termination 15 Microsoft 513 Windows 2000 Windows 2000 Datacenter Server Microsoft Windows 2000 Low CyberNotes 2001- SP1&SP2; Denial of Service Vulnerabilities 12 2000 Advanced Server SP1&SP2; CVE Names: CAN-2001-0345, Datacenter Server; CAN-2001- 2000 Professional SP1&SP2; 0346, CAN-2001-0348, 2000 Server SP1&SP2 CAN-2001-0351 Microsoft 514 Windows 2000 Windows 2000 Datacenter Server Microsoft Windows 2000 High CyberNotes 2001- SP1&SP2; Privilege Elevation Vulnerabilities 12 2000 Advanced Server SP1&SP2; CVE Names: CAN-2001-0349, Datacenter Server; CAN-2001- 2000 Professional SP1&SP2; 0350 2000 Server SP1&SP2 Microsoft 515 Windows 2000 Windows 2000 Datacenter Server Microsoft Windows 2000 Medium CyberNotes 2001- SP1&SP2; Information Disclosure 12 2000 Advanced Server SP1&SP2; CVE Name: CAN-2001-0347 Datacenter Server; 2000 Professional SP1&SP2; 2000 Server SP1&SP2 Microsoft 516 Windows 2000 Windows 2000 Professional, 2000 Windows 2000 Event Viewer High CyberNotes 2001- Server, 2000 Advanced Server, Unchecked Buffer 05 2000 Datacenter Server Microsoft 517 Windows 2000 Windows 2000 Server SP1, 2000 Windows 2000 Kerberos LSA Low CyberNotes 2001- Server, 2000 Datacenter Server, Memory Leak/Denial of Service 10 2000 Advanced Server CVE Name: CAN-2001-0237 Microsoft 518 Windows 2000 Windows 2000 Server, Windows Malformed Request to Low CyberNotes 2001- 2000 Advanced Server, Domain Controller Denial of 04 2000 Datacenter Server Service CVE Name: CAN-2001-0018 Microsoft 519 Windows 2000 Windows 2000 Server, Microsoft Windows 2000 IIS 5.0 High CyberNotes 2001- Professional Server, IPP ISAPI 'Host:' Buffer 09 Datacenter Server, Advanced Overflow Server CVE Name: CAN-2001-0241 Microsoft 520 Windows 2000 Windows 2000 SP1&SP2 Microsoft Windows 2000 LDAP Medium CyberNotes 2001- SSL Password Modification 13 CVE Name: CAN-2001-0502 Microsoft 521 Windows 2000 Windows 2000, 2000 SP1 Windows 2000 Debug Registers High CyberNotes 2001- 11 Microsoft 522 Windows 2000 Windows 2000, 2000 SP1&SP2 Microsoft Windows 2000 SMTP Medium CyberNotes 2001- Improper Authentication 14 CVE Name: CAN-2001-0504 Microsoft 523 Windows 2000 Windows 2000, 2000 SP &SP2 Windows 2000 Unauthorized Medium CyberNotes 2001- Password Change 15

NIPC CyberNotes #2001-26 Page 26 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name Microsoft 524 Windows 2000 Windows 2000, 2000 SP1&SP2 Windows 2000 IrDA Buffer Low CyberNotes 2001- Overflow Denial of Service 17 CVE Name: CAN-2001-0659 Microsoft 525 Windows 2000 Windows 2000, 2000 SP1&SP2 Windows 2000 RunAs Service Medium CyberNotes 2001- Denial of Services 23 Microsoft 526 Windows 2000 Windows 2000, 2000 SP1&SP2 Windows 2000 RunAs Service Medium CyberNotes 2001- Named Pipe Hijacking 23 Microsoft 527 Windows 2000 Windows 2000, 2000 SP1&SP2 Windows 2000 RunAs User Medium CyberNotes 2001- Credentials Exposure 23 Microsoft 528 Windows 2000 Windows 2000, XP Microsoft Windows 2000/XP GDI Low CyberNotes 2001- Denial of Service 22 Microsoft 529 Windows 2000 Windows XP, 2000, 2000 Microsoft Windows Terminal Medium CyberNotes 2001- SP1&SP2 Services False IP Address 23 Microsoft 530 Windows 2000 Word 97, 98, 2000, 2002, Microsoft Malformed Word Medium CyberNotes 2001- Word 98 & 2001 for Macintosh Document 13 CVE Name: CAN-2001-0501 Microsoft 531 Windows Windows 2000, NT 4.0 Windows NT Dr. Watson Medium CyberNotes 2001- 2000/NT 4.0 'user.dmp' 07 Permissions Microsoft532 Windows 95/98 Windows 95, 98, ME, NT 4.0, Unauthenticated "Microsoft Medium CyberNotes 2001- Microsoft Security /ME/NT 4.0/2000 2000 Corporation" Certificates 06 Bulletin Update533 CyberNotes 2001- 07 Microsoft 534 Windows 95/98 Windows 95, 98 Windows 9x Quotation Exclusion High CyberNotes 2001- File Execution 15 Microsoft 535 Windows 95/98/ Internet Explorer 4.0 for Windows Microsoft MSHTML. DLL Low CyberNotes 2001- 98SE/NT 3.1; Denial of Service 02 4.0/2000 Outlook 2000; Outlook Express 5.5; Explorer 4.0 for Windows 95, 98, NT 4.0 Microsoft536 Windows Windows 95/98/98 SE/98 ME/NT Windows Incomplete TCP/IP Low CyberNotes 2000- New exploit 95/98/98 SE/98 4.0 Packet 24 released537 ME/NT 4.0 CVE Name CAN-2000-1039 CyberNotes 2001- 11 Microsoft 538 Windows Internet Explorer 4.0 for Windows Microsoft Internet Explorer Medium CyberNotes 2001- 95/98/ME /NT 95/98/NT 4.0, 4.0.1SP2, 4.0.1 for Password Character 24 3.5.1/4.0/2000 Windows 95/98/NT 4.0, 4.1 for Determination Windows 95/98/NT 4.0, 5.5, 5.5SP1&SP2, 6.0 Microsoft 539 Windows Internet Explorer 5.5, 5.5 Microsoft Internet Explorer Low CyberNotes 2001- 95/98/ME /NT SP1&SP2, 6.0 JavaScript Desktop Spoofing 22 3.5.1/4.0/ 2000 Microsoft 540 Windows Internet Explorer 5.5SP1&SP2, Microsoft Internet Explorer Medium CyberNotes 2001- 95/98/ME NT 5.0, 6.0 Patch Q312461 Existence 24 3.5.1/4.0/2000 Microsoft 541 Windows Excel 98, 2001 Macintosh Edition, Microsoft Excel and PowerPoint High CyberNotes 2001- 95/98/ME /NT Excel 97, 2000, 2002; Macro Security Bypass 20 4.0/2000 PowerPoint 97, 2000, 2002, CVE Name: CAN-2001-0718 PowerPoint 98, 2001 Macintosh Edition Microsoft 542 Windows Internet Explorer 5.01, 5.5, 6.0 Internet Explorer HTTP Request Medium CyberNotes 2001- 95/98/ME /NT Encoding, Zone Spoofing, and 21 4.0/2000 Telnet Invocation CVE Names: CAN-2001-0664, CAN-2001-0665, CAN-2001- 0667

NIPC CyberNotes #2001-26 Page 27 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name Microsoft 543 Windows Internet Explorer 5.5, 5.5SP1, 6.0 Internet Explorer Multiple Medium/ CyberNotes 2001- 95/98/ME /NT Vulnerabilities High 25 4.0/2000 CVE Names: CAN-2001-0727, CAN-2001-0874, CAN-2001- 0875 Microsoft 544 Windows Outlook Express 6.0 Outlook Express 6 Attachment Medium/ CyberNotes 2001- 95/98/ME /NT Security Bypass High 18 4.0/2000 Microsoft 545 Windows Outlook Express 6.0 Outlook Express 6 Plain Text Medium CyberNotes 2001- 95/98/ME /NT Message Script Execution 19 4.0/2000 Microsoft 546 Windows Windows ME, 98se, 98, 95, 2000, Windows WebDAV Scripted Medium CyberNotes 2001- 95/98/ME NT NT 4.0 Request 08 4.0/2000 Microsoft 547 Windows Windows Media Player 7, 7.1 Windows Media Player .ASF Low/High CyberNotes 2001- 95/98/ME /NT Marker Buffer Overflow 16 4.0/2000 Microsoft 548 Windows Windows Media Player 6.3, 6.4, 7 Windows Media Player .ASX High CyberNotes 2001- 95/98/ME /NT 'Version' Buffer Overflow 10 4.0/2000, MacOS 7.0-8.0, Unix Microsoft 549 Windows Internet Explorer 5.0, 5.01 Microsoft Internet Explorer File Medium CyberNotes 2001- 95/98/NT SP1&SP2, 5.5, 5.5SP1 Contents Disclosure 12 4.0/2000 550 Microsoft Windows Internet Explorer 5.0, 5.01, 5.0.1 Internet Explorer Arbitrary High CyberNotes 2001- 95/98/NT SP1&SP2, 5.5, 5.5SP1 HTML File Execution 16 4.0/2000 Microsoft 551 Windows Internet Explorer 5.01, Microsoft Internet Explorer Zone Medium CyberNotes 2001- 95/98/NT 5.0.1SP1&2, 5.5, 5.5SP1&2 Spoofing 23 4.0/2000 CVE Name: CAN-2001-0664 Microsoft 552 Windows Internet Explorer 5.01, 5.5 Internet Explorer 'mstask.exe' Low CyberNotes 2001- 95/98/NT CPU 01 4.0/2000 Consumption Microsoft 553 Windows Internet Explorer 5.01, 5.5 Internet Explorer Incorrect High CyberNotes 2001- 95/98/NT MIME Header 07 4.0/2000 CVE Name: CAN-2001-0154 Microsoft554 Windows Internet Explorer 5.01, 5.5; Internet Explorer and High CyberNotes 2001- Microsoft re- 95/98/NT Windows Scripting Host 5.1, Windows Scripting Host 05 releases patch555 4.0/2000 5.5 Cached Location CyberNotes 2001- CVE Name: CAN-2001-0002 09 Microsoft 556 Windows Internet Explorer 5.5, Windows Explorer and Internet High CyberNotes 2001- 95/98/NT Windows 98, 2000 Explorer CLSID File Execution 08 4.0/2000 Microsoft 557 Windows Outlook Express 5.0, 5.5; Microsoft IE and OE XML Medium CyberNotes 2001- 95/98/NT Internet Explorer 5.0, 5.5 Stylesheets Active Scripting 09 4.0/2000 Microsoft 558 Windows PowerPoint 2000 PowerPoint File Parsing High CyberNotes 2001- 95/98/NT 02 4.0/2000 Microsoft 559 Windows Windows ME, 2000, Windows Web Client Extender Medium CyberNotes 2001- 95/98/NT Office 2000 NTLM Authentication 01 4.0/2000 Microsoft 560 Windows Windows Media Player 6.4, 7 Windows Media Player Internet High CyberNotes 2001- 95/98/NT Shortcut Execution And 11 4.0/2000 Buffer Overflow CVE Name: CAN-2001-0242, CAN-2001-0243

NIPC CyberNotes #2001-26 Page 28 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name Microsoft 561 Windows Windows Media Player 7 Windows Media Player JavaScript High CyberNotes 2001- 95/98/NT URL 01 4.0/2000 Microsoft 562 Windows Windows Media Player 7 Windows Media Player .WMZ High CyberNotes 2001- 95/98/NT Arbitrary Java Applet 02 4.0/2000 Microsoft 563 Windows Word 2000 SR1 Microsoft Word .asd Macro File Medium/ CyberNotes 2001- 95/98/NT Execution High 11 4.0/2000 Microsoft 564 Windows Word 97 SR1, SR2, 98, 98 for Microsoft Word RTF Template Medium CyberNotes 2001- 95/98/NT Mac, 2000 SR1, SR1a, SR2, 2001 Macro Execution 11 4.0/2000, for Mac CVE Name: CAN-2001-0240 MacOS Microsoft 565 Windows Windows Media Player 6.3, 6.4, 7 Windows Media Player .ASX High CyberNotes 2001- 95/98/NT 4.0/2000, Buffer Overflow 09 MacOS 7.0-7.1.2, 7.5.1-7.6.1, 8.0, Unix Microsoft 566 Windows Outlook Express 5.0, 5.01, 5.5; Microsoft Outlook Concealed High CyberNotes 2001- 95/98SE/ NT Outlook 98, 2000; Attachment 02 4.0/2000 Internet Explorer 5.0 for Windows 98, 2000 Microsoft 567 Windows Internet Explorer 5.5, 5.5 Microsoft Internet Explorer Medium CyberNotes 2001- 98/98/ME NT SP1&SP2, 6.0 Cookie Vulnerabilities 23 3.5/3.5.1/ CVE Names: CAN-2001-0722, 4.0/2000 CAN-2001-0723 Microsoft 568 Windows Microsoft Outlook Express for Microsoft Outlook Express Medium CyberNotes 2001- 98/98/ME /NT MacOS 4.5, 5.0; Address Book Spoofing 12. 4.0/2000; Outlook Express 4.0, 4.01, Mac OS (9.x and 4.27.3110.1, 4.72.2106.4, earlier) 4.72.3120.0, 4.72.3612. 1700, 5.0, 5.0.1, 5.5; Outlook 97/98/2000 Microsoft 569 Windows Internet Explorer 5.01, 5.01 IE Certificate Validation Medium CyberNotes 2001- 98/98/NT SP1&SP2, 5.5, 5.5 SP1 and SSL Spoofing 10 4.0/20001 CVE Names: CAN-2001-0338, CAN-2001-0339 Microsoft 570 Windows 98/98SE Windows 98, 98SE Windows ARP Denial of Service Low CyberNotes 2001- 16 Microsoft571 Windows 98/SE/ Windows 98, 98SE, ME, 2000 Hyper Terminal Buffer High CyberNotes 2000- Microsoft re- ME/NT 4.0/2000 (Hilgraeve Hyper Terminal 6.0 Overflow 21 releases bulletin572 & previous) CyberNotes 2001- 11 Microsoft 573 Windows 98/ME Microsoft Plus! 98, Plus! 98 and Windows ME Medium CyberNotes 2001- Windows ME Recoverable Compressed Folder 07 Passwords CVE Name: CAN-2001-0152 Microsoft 574 Windows 98/ME Windows XP, ME, SE, 98 Microsoft Universal Plug and Low CyberNotes 2001- /XP Play Request Denial of Service 22 CVE Name: CAN-2001-0721 Microsoft 575 Windows 98/NT Windows 98, NT 2000 Microsoft Windows UDP Socket Low CyberNotes 2001- 2000 Denial of Service 03 Microsoft 576 Windows ME Windows ME Windows ME Simple Service Low CyberNotes 2001- Discovery Protocol 21 Denial of Service Microsoft 577 Windows NT Exchange Server 2000, Microsoft Malformed URL Low CyberNotes 2001- 2000 Internet Information Services (IIS) Denial of Service 05 5.0 CVE Name: CAN-2001-0146

NIPC CyberNotes #2001-26 Page 29 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name Microsoft 578 Windows NT Windows NT 2000 Windows 2000 EFS Temporary Medium CyberNotes 2001- 2000 File Retrieval 02 Microsoft 579 Windows NT Windows NT 2000 Server, Windows Directory Service High CyberNotes 2001- 2000 Advanced Server Restore Mode Password 01 Microsoft 580 Windows NT Windows NT 2000 Server, Windows NT 2000 Invalid RDP Low CyberNotes 2001- 2000 Advanced Server Data 03 Microsoft 581 Windows NT Windows NT 2000, Windows NT Hotfix Packaging Medium CyberNotes 2001- 2000 NT 2000 Server, Advanced Server Anomalies 03 Microsoft 582 Windows NT Windows NT 2000, Server, SP1, Windows NT 2000 Network DDE High CyberNotes 2001- 2000 Professional, Advanced Server, Agent Request 03 Terminal Services Microsoft 583 Windows NT 4.0 Index Server 2.0 Index Server Buffer Overflow High CyberNotes 2001- CVE Name: CAN-2001-0244 10 Microsoft 584 Windows NT 4.0 Index Server 2.0 Index Server 2.0 File Information Medium CyberNotes 2001- and Path Disclosure 19 Microsoft 585 Windows NT 4.0 Internet Information Service (IIS) IIS Malformed Web Form Low CyberNotes 2001- 4.0, 5.0 Submission 01 Microsoft 586 Windows NT 4.0 Visual Studio 6.0 Enterprise Visual Studio VB-TSQL Object High CyberNotes 2001- Edition, Unchecked Buffer 07 Visual Basic 6.0 Enterprise Edition CVE Name: CAN-2001-0153 Microsoft 587 Windows NT 4.0 Windows NT 4.0 Workstation, Windows NT Medium CyberNotes 2001- Server, Enterprise Edition, Server, NTLMSSP Privilege Elevation 03 Terminal Server Edition CVE Name: CAN-2001-0016 Microsoft 588 Windows NT 4.0 Windows NT 4.0, 4.0 SP1-SP6a Windows NT 4.0 NT4ALL Low CyberNotes 2001- Denial of Service 16 Microsoft589 Windows NT 4.0 Windows NT 4.0; Windows NT Windows NT Winsock Mutex Low CyberNotes 2001- Exploit script 4.0 Terminal Server Edition Denial of Service 02 released590 CyberNotes 2001- 05 Microsoft 591 Windows NT 4.0 Windows NT Enterprise Server Windows NT Malformed PPTP Low CyberNotes 2001- 4.0, NT Server 4.0, NT Terminal Packet Stream 04 Server Microsoft 592 Windows NT 4.0 Windows NT Terminal Server, NT Windows NT RPC Endpoint Low CyberNotes 2001- 4.0, NT 4.0SP1-SP6a Mapper 19 Denial of Service Microsoft 593 Windows NT Exchange 5.5, 5.5SP1-SP4 Exchange OWA Global Access Medium CyberNotes 2001- 4.0/2000 Information Disclosure 18 CVE Name: CAN-2001-0660 Microsoft 594 Windows NT Exchange Server 2000, Server 5.5, Microsoft Exchange OWA High CyberNotes 2001- 4.0/2000 5.5 SP1-SP4 Embedded Script Execution 12 CVE Name: CAN-2001-0340 Microsoft 595 Windows NT Exchange Server 5.5, 2000; Windows Malformed RPC Request Low CyberNotes 2001- 4.0/2000 SQL Server 7.0, 2000; Denial of Service 15 Windows NT 4.0, 2000 CVE Name: CAN-2001-0509 Microsoft 596 Windows NT Exchange Server 5.5, 5.5 SP1-SP4 Outlook Web Access Low/High CyberNotes 2001- 4.0/2000 Denial of Service 17 Microsoft 597 Windows NT IIS 4.0 Microsoft IIS Unicode .asp Source Medium CyberNotes 2001- 4.0/2000 Code Disclosure 13 Microsoft 598 Windows NT IIS 4.0, 5.0 Microsoft IIS Device File Local Low CyberNotes 2001- 4.0/2000 Denial of Service 14 Microsoft 599 Windows NT Index Server 2.0, Indexing Service Indexing Service File Medium CyberNotes 2001- 4.0/2000 3.0 Enumeration 01 Microsoft 600 Windows NT Index Server 2.0, Indexing Services Microsoft Index Server and High CyberNotes 2001- 4.0/2000 for Windows 2000, Indexing Indexing Service ISAPI Extension 13 Service in Windows XP beta Buffer Overflow CVE Name: CAN-2001-0500

NIPC CyberNotes #2001-26 Page 30 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name Microsoft 601 Windows NT Internet Information Server 4.0, IIS Internal IP Address/Internal Medium CyberNotes 2001- 4.0/2000 5.0 Network Name Disclosure 16 Microsoft 602 Windows NT Internet Information Server 4.0, Multiple IIS Vulnerabilities Low/High CyberNotes 2001- 4.0/2000 5.0 CVE Names: CAN-2001-0333, 10 CAN-2001-0334, CAN-2001- 0335 Microsoft 603 Windows NT Internet Information Service (IIS) IIS File Fragment Reading via Medium CyberNotes 2001- 4.0/2000 4.0, 5.0 .HTR 03 Microsoft 604 Windows NT Microsoft Exchange Server 5.5, Microsoft OWA Server Embedded Medium CyberNotes 2001- 4.0/2000 5.5SP1-SP4 Script Execution 25 CVE Name: CAN-2001-0726 Microsoft 605 Windows NT Microsoft Services for Unix 2.0 Microsoft Services for Unix Low CyberNotes 2001- 4.0/2000 Telnet and NFS Denial of Service 15 CVE Name: CAN-2001-0505 Microsoft606 Windows NT NetMeeting Version 3.01 Microsoft NetMeeting Desktop Low CyberNotes 2000- New variant of 4.0/2000 (4.4.3385) Sharing 21 vulnerability607 CyberNotes 2001- 13 Microsoft 608 Windows NT Office XP Microsoft Office XP High CyberNotes 2001- 4.0/2000 Unauthorized E-mail Access and 14 Arbitrary Code Execution CVE Names: CAN-2001-0538, CAN-2001-0538 Microsoft 609 Windows NT Outlook 2000 Outlook 2000 Rich Text Format Medium CyberNotes 2001- 4.0/2000 Information Disclosure 16 Microsoft 610 Windows NT SQL Server 7.0, SQL Server 2000 Microsoft SQL Server High CyberNotes 2001- 4.0/2000 Gold Administrator Cached Connection 12 CVE Name: CAN-2001-0344 Microsoft 611 Windows NT Windows 2000 Advanced Server Windows Terminal Server Service Low CyberNotes 2001- 4.0/2000 SP1&SP2, Windows 2000 RDP Denial of Service 21 Datacenter Server SP1&SP2, Windows 2000 Server SP1&SP2, Windows NT Terminal Server Microsoft 612 Windows NT Windows 2000 Server, Windows Invalid RDP Data and Windows Low CyberNotes 2001- 4.0/2000 NT 4.0, Terminal Server Edition Terminal Server Denial of Service 15 CVE Name: CAN-2001-0540 Microsoft 613 Windows NT Windows Media Player 6.4, 7, 7.1, Windows Media Player .ASF High CyberNotes 2001- 4.0/2000 Media Player for Windows XP Processor Contains Unchecked 24 Buffer Microsoft 614 Windows NT Windows Media Player 6.4, 7.0, Windows Media Player Buffer High CyberNotes 2001- 4.0/2000 7.1 Overflow 15 CVE Name: CAN-2001-0541 Microsoft 615 Windows NT Windows Media Services 4.0, 4.1 Severed Windows Media Server Low CyberNotes 2001- 4.0/2000 Connection 01 Microsoft 616 Windows NT Windows NT 4.0 Option Pack, Windows NNTP Denial of Service Low CyberNotes 2001- 4.0/2000 Windows 2000 Server SP1&SP2, CVE Name: CAN-2001-0543 17 Windows 2000 Advanced Server, Windows 2000 Advanced Server SP1&SP2 Microsoft 617 Windows NT Windows NT 4.0, 2000 Server Windows NT WINS Domain Medium CyberNotes 2001- 4.0/2000 Controller Spoofing 02 Microsoft 618 Windows NT Windows NT 4.0, 4.0 SP1- SP6a, Windows NT and 2000 Command Medium CyberNotes 2001- 4.0/2000 2000, 2000 SP1&SP2 Prompt Reboot 16 Microsoft 619 Windows NT Windows NT 4.0, SP1-SP7, Microsoft FrontPage Server High CyberNotes 2001- 4.0/2000 2000 SP1 &SP2 Extension Subcomponent 13 Unchecked Buffer Overflow CVE Name: CAN-2001-0341

NIPC CyberNotes #2001-26 Page 31 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name Microsoft 620 Windows NT Windows XP, NT 4.0/2000 Microsoft Windows NT CSRSS Low CyberNotes 2001- 4.0/2000 Memory Access Violation 22 Microsoft 621 Windows Microsoft SQL Server 7.0 SQL Server DTS Password Medium CyberNotes 2000- Microsoft updates NT/2000 Enterprise Manager Server 11 bulletin.622 CyberNotes 2000- Microsoft re- 14 releases bulletin623 CyberNotes 2001- 11 MIMAnet 624 Multiple Source Viewer 2.0 Viewer Directory Traversal Medium CyberNotes 2001- 11 Minicom625 Unix Minicom 1.82.1, 1.83.0, 1.83.1 Minicom XModem Format String High CyberNotes 2001- 10 Miquel van Multiple Cistron Radius 1.6.4 Cistron Radius Digest Calculation Low CyberNotes 2001- Smoorenburg626 Buffer Overflow 23 Mirabilis627 Windows ICQ 2000.0b Build 3278 ICQ Web Front Plug-In Low CyberNotes 2001- 95/98/ME NT Denial of Service 09 4.0/2000 Mirabilis628 Windows ICQ 2001 a, 2000.0A, 2000.0b ICQ Forced User Addition Medium CyberNotes 2001- 95/98/ME /NT Build 3278 17 4.0/2000 Miro Construct Pty Multiple Mambo Site Server 3.0-3.0.5 Mambo Site Server Administrator High CyberNotes 2001- Ltd629 Password Bypass 15 Mobydisk 630 Windows Moby Netsuite 1.0 Moby Netsuite Remote High CyberNotes 2001- 95/98/NT Denial of Service 05 Mountain Network Multiple WebCart 8.4 WebCart Command Execution High CyberNotes 2001- Systems Inc.631 21 Mozilla Project 632 Windows BugZilla 2.10, 2.4, 2.6, 2.8 BugZilla Sensitive Information Medium CyberNotes 2001- 95/98/NT Disclosure 09 3.5.1/4.0 CVE Name: CAN-2001-0330 Mozilla Project 633 Windows BugZilla 2.10, 2.12, 2.4, 2.6, 2.8 Multiple BugZilla Cross-Site High CyberNotes 2001- 95/98/NT Scripting Vulnerabilities 18 3.5.1/4.0 Mozilla Project 634 Windows BugZilla 2.10, 2.12, 2.4, 2.6, 2.8 BugZilla ‘showattachment.cgi’ Medium CyberNotes 2001- 95/98/NT and ‘describecomponents.cgi’ 18 3.5.1/4.0 Arbitrary Bug Viewing Mozilla Project 635 Windows BugZilla 2.10, 2.12, 2.8 Multiple BugZilla Restricted Bug Medium CyberNotes 2001- 95/98/NT Comment Revealing 18 3.5.1/4.0 Vulnerabilities Mozilla Project 636 Windows Bugzilla 2.10, 2.4, 2.6, 2.8 Bugzilla Remote Arbitrary High CyberNotes 2001- 95/98/NT Command Execution 09 3.5.1/4.0 CVE Name: CAN-2001-0329 Multiple Vendors637 Multiple Baltimore Technologies MAIL Multiple Vendor File Scanner Low CyberNotes 2001- Sweeper SMTP 4.2.1; Malicious Archive Denial of 15 F-Secure Anti-Virus 5.0.2, 5.2.1 Service

NIPC CyberNotes #2001-26 Page 32 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name Multiple Vendors638 Multiple CCCSoft-ware CCC 0.90-1.03; Multiple Vendors Remote High CyberNotes 2001- topher1 kenobe AWOL 1.0-2.1; Arbitrary Code Execution 20 Derek Leung pSlash 0.70; Sebastian Bunka myphpPage tool 0.4.3-1; Peace Works Computer Consulting Phormation 0.9.1; Tobias Ratschiller phpAdsNew 2.0beta 5; Bharat Mediratta Gallery 1.2.1; Haakon Nilsen SIPS 0.3; Paul M. Jones Phorecast 0.30a; Zorbat Zorbstats 0.8; Grant Horwood Webodex 1.0; Actionpoll 1.1.1; Marc Logemann More.groupware 0.5.1; Emergencies Personnel Information System Empris 20010908, 20010810, 0.4; Dark Hart Portal DarkPortal-unix 0.1.16- 0.1.18 Multiple Vendors639 Multiple ezboard 6.2; Multiple Vendor CGI Script High CyberNotes 2001- Infopop Ultimate Bulletin Board Forced URL Request 13 6.0, 6.0.1-6.0.3; VBulletin 1.0.1 lite, 2.0 rc 2; WWW Threads 5.4 Multiple Vendors640 Multiple Merit 3.6b RADIUS Merit RADIUS and Lucent High CyberNotes 2001- Lucent 2.1-2 RADIUS RADIUS Multiple Buffer 14 Overflows CVE Name: CAN-2001-0534 Multiple Vendors641 Multiple RSA Security BSAFE SSL-J SDK RSA BSAFE SSL-J Authentication Medium CyberNotes 2001- 3.0-3.1; Bypass 19 Cisco iCDN 2.0 Multiple Vendors642 Multiple Softek MailMarshal 4.0-4.2; Multiple Vendor SMTP Medium CyberNotes 2001- Trend Micro ScanMail 1.0 Attachment Protection Bypass 15 Multiple Vendors643 Multiple Symbol Technologies Access Point Symbol Technologies Firmware Medium CyberNotes 2001- Series 41X1 Insecure SNMP 13

Multiple Vendors644 Unix BeroFTPD 1.3.4; FTP Server Denial of Service Low CyberNotes 2001- Proftpd 1.2.0; 06 PureFTPd versions before 0.96 Multiple Vendors645 Unix BSDi BSD/OS 4.0-4.2; Multiple Vendor Telnetd Buffer High CyberNotes 2001- FreeBSD 2.x, 3.x, 4.0.x, 3.5.1, Overflow 15 4.1.1, 4.2 & 4.3 STABLE & RELEASE; NetBSD 1.0-1.5.1; Netkit Linux Netkit 0.10-0.12; OpenBSD 2.0-2.8; SGI IRIX 6.5; Sun Solaris 2.0-2.6, 7.0, 8.0

NIPC CyberNotes #2001-26 Page 33 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name Multiple Vendors646 Unix Caldera OpenUnix 8.0, UnixWare CDE dtspcd Overflow High CyberNotes 2001- 7; CVE Name: CAN-2001-0803 23 Compaq Tru64 5.0, 5.1; HP-UX 10.10, 10.20, 11.0, 11.11, HP-UX (VVOS) 10.24, 11.0.4; IBM AIX 4.0- 5.1; Open Group CDE Common Desktop Environment 1.0.1-2.1; SGI IRIX 6.1-6.5.13; Sun Solaris 2.4-8.0, 2.4 _x86- 8.0_x86; Xi Graphics DeXtop 2.1, Xi Graphics Maximum CDE 1.2.3 Multiple Vendors647 Unix Chris Allegretta Nano 0.7-0.7.9, Nano Local File Overwrite Low CyberNotes 2001- 0.8.1-0.8.9, 0.9.1, 0.9.10-0.9.19, 01 .9.2-0.9.22 Multiple Unix Colten Edwards BitchX 1.0c17 BitchX Multiple High CyberNotes 2000- Vendors 648 FreeBSD 3.5.1, 4.2; Vulnerabilities 25 More upgrades Conectiva Linux 4.0, 4.0es, 4.1, CyberNotes 2001- available649 4.2, 5.0, prg gráficos, ecommerce, 01 5.1, 6.0; Linux-Mandrake 6.1, 7.0, 7.1, 7.2 Multiple Vendors650 Unix Compaq Tru64 4.0g, 5.0f, 5.0a, Multiple CDE Vendor ToolTalk Low/High CyberNotes 2001- 5.1a, 5.1; Database Server Format String 20 HP HP-UX 10.1-11.11, HP HP- UX (VVOS) 10.24, 11.0.4; IBM AIX 4.3-4.3.3, 5.1; SGI IRIX 5.2- 6.4; Sun Solaris 1.1-8.0 Multiple Vendors651 Unix Conectiva 6.0, 7.0; Multiple Linux Vendor Expect High Bug discussed RedHat Linux 7.0 Insecure Library Loading CyberNotes 2001- 15 Multiple Vendors652 Unix Conectiva 6.0, 7.0; Multiple Linux Vendor TCLTK High CyberNotes 2001- RedHat Linux 7.0 Unsafe Library Searching 15 Multiple Vendors653 Unix Darren Reed IPFilter 3.3.1-3.3.10, IPFilter Fragment Rule Bypass High CyberNotes 2001- 3.2.1-3.2.22, 3.3.1-3.3.22, 08 3.4.1-3.4.17; FreeBSD 2.2.2-2.2.8, 3.0-3.5.1, 4.0-4.2; NetBSD 1.2.1, 1.3-1.3.3, 1.4-1.4.3, 1.5; OpenBSD 2.3-2.8 Multiple Vendors654 Unix Dave Mills Xntp3 5.93-5.93e, Ntpd Remote Buffer Overflow High CyberNotes 2001- Xntp 4.0.99- 4.0.99k 07 Multiple Vendors655 Unix Debian 2.1, 2.2; Multiple Vendor Malicious High CyberNotes 2001- RedHat 6.1, 6.2, 7.0, 7.1; Manual Page Cache File Creation 15 Slackware 7.0, 7.1, 8.0

Multiple Vendors656 Unix Debian Linux 2.2 sparc, PowerPC, splitvt Format String High CyberNotes 2001- arm, alpha, 68k; 02 Sam Lantinga splitvt 1.6.4 & previous Multiple Vendors657 Unix Debian Linux 2.2 sparc, PowerPC, Linux man -l Format String High CyberNotes 2001- arm, alpha, 68k; 03 SuSE Linux 6.3, 6.4, 7.0

NIPC CyberNotes #2001-26 Page 34 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name Multiple Unix Debian Linux 2.3; Glibc RESOLV_ HOST_CONF Medium CyberNotes 2001- Vendors 658 GNU glibc 2.1.9 and greater; File Read Access 01 Patches now RedHat Linux 7.0; CyberNotes 2001- available659, 660 Terra Soft Solutions, Inc. 02 Yellow Dog Linux 2.0; Immunix OS 7.0-Beta Multiple Vendors661 Unix Digital (Compaq) TRU64/ Korn Shell Redirection Race Medium CyberNotes 2001- DIGITAL UNIX 5.0; Condition 01 HP HP-UX 9.0; SGI IRIX 6.2, 6.5.5, 6.5.7; Sun Solaris 2.5.1, 2.6, 7.0 Multiple Vendors662 Unix GNU Emacs 20.6 & previous Emacs Inadequate PTY Medium CyberNotes 2001- Permissions 01 Multiple Vendors663 Unix GTK GTK+ 1.2.8 & previous GTK+ Arbitrary Loadable Module High CyberNotes 2001- Execution 01 Multiple Vendors664 Unix Horde IMP 2.0, 2.2, 2.2.1- 2.2.5; Horde and Imp Temporary File Medium CyberNotes 2001- Horde 1.2, 1.2.1 15 Multiple Vendors665 Unix HP HP-UX 10.01-11.11, HP-UX Multiple Vendor System V Medium/ CyberNotes 2001- (VVOS) 10.24, 11.0.4; Derived 'login' Buffer Overflow High 25 IBM AIX 4.3-4.3.3, 5.1; CVE Name: CAN-2001-0797 SCO Open Server 5.0-5.0.6; SGI IRIX 3.2-3.3.3; Sun Solaris 2.0- 2.6, 2.4_x86- 2.6_x86, 7.0-8.0, 7.0_x86, 8.0_x86 Multiple Vendors666 Unix HP-UX 10., 10.10, 10.20, 10.30, Multiple ftpd glob() Buffer High CyberNotes 2001- 11.0; Overflow Vulnerabilities 08 FreeBSD 2.x,, 3.x, 4.x; CVE Names: CAN-2001-0247, OpenBSD 2.3-2.8; CAN-2001-0248, CAN-2001- NetBSD 1.2.1, 1.3-1.3.3, 0249 1.4-1.4.3, 1.5; IRIX 6.5.x; Solaris 2.3, 2.4, 2.5, 2.5.1, 2.6, 7.0, 8.0 Multiple Vendors667 Unix ISC INN 2.0- 2.2.3 Innfeed Command-Line Buffer High CyberNotes 2001- Overflow 08 Multiple Vendors668 Unix Joseph Allen joe 2.8; Joe Text Editor .joerc Arbitrary High CyberNotes 2001- Red Hat Linux 5.2, 6.x & 7; Command Execution 05 Linux-Mandrake 6.0, 6.1, 7.0, 7.1, 7.2, Corporate Server 1.0.1; Debian GNU/Linux 2.2 Multiple Vendors669 Unix Judd Montgomery jpilot 0.98.1 & Jpilot Directory Sensitive Medium CyberNotes 2001- previous Information 01 Multiple Vendors670 Unix Linux kernel 2.0.x, 2.2.x Linux IRC IP Masquerading Medium CyberNotes 2001- Module Arbitrary Firewall Rule 16 Insertion Multiple Vendors671 Unix Linux kernel 2.2- 2.2.19, 2.4-2.4.9 Linux Deep Symbolic Link Low CyberNotes 2001- Denial of Service 21 Multiple Vendors672 Unix Linux kernel 2.2- 2.4.3 Linux procfs Stream Redirection High CyberNotes 2001- to Process Memory 13 Multiple Vendors673 Unix Linux kernel 2.2.18 & previous Linux sysctl() Kernel Memory High CyberNotes 2001- Reading 04 Multiple Vendors674 Unix Linux kernel 2.4, 2.4.0-test1, IPTables FTP Stateful Inspection Medium/ CyberNotes 2001- 2.4.1, 2.4.2, 2.4.3 Arbitrary Filter Rule Insertion High 08 Multiple Vendors675 Unix Linux kernel 2.4.3-2.4.6 Linux Init Default Umask High CyberNotes 2001- 15

NIPC CyberNotes #2001-26 Page 35 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name Multiple Vendors676 Unix Linux kernel 2.4-2.4.11 VMLinux Arbitrary Kernel Low CyberNotes 2001- Execution Denial of Service 24 Multiple Vendors677 Unix Mandrake Soft Linux Mandrake Gnuserv MIT-MAGIC-COOKIE High CyberNotes 2001- 6.0-7.2, Corporate Server 1.0.1; Remote Buffer Overflow 03 RedHat Powertools; Martin Schwenkes gnuserv 3.12 & previous Multiple Vendors678 Unix Max-Wilhelm Bruker bftpd 1.0.13 Max-Wilhelm Bruker Bftpd High CyberNotes 2001- Buffer Overflow 01 Multiple Vendors679 Unix MIT Kerberos 5, (all releases prior MIT Kerberos Multiple High CyberNotes 2001- to krb5-1.2.2-beta1), Vulnerabilities 07 MIT Kerberos 4 patch 10, & earlier Multiple Vendors680 Unix NetBSD 1.4.1, 1.4.2, 1.4.3, 1.5; Multiple BSD Vendor Ptrace Race Medium CyberNotes 2001- OpenBSD 2.8, 2.9 Condition 12 Multiple Vendors681 Unix Network Associates PGP e- Gauntlet Firewall for Unix and High CyberNotes 2001- ppliance 300 series 1.0, 1.5, 2.0; WebShield CSMAP and 18 Gauntlet Firewall for Unix 5.0, 5.5, smap/smapd Buffer Overflow 6.0; McAfee WebShield for Solaris 4.0 Multiple Vendors682 Unix OpenBSD 2.0-2.9; Multiple BSD Vendor lpd Buffer High CyberNotes 2001- NetBSD 1.0-1.5.1; Overflow 18 FreeBSD 2.2-4.2'; CVE Name: CAN-2001-0670 BSDI BSD/OS 2.0-4.1 Multiple Vendors683 Unix Patrick Powell LPRng 3.6.1, LPRng Failure To Drop Medium CyberNotes 2001- 3.6.10- 3.6.19, 3.6.2, 3.6.20, Supplementary Groups 12 3.6.3-3.6.9, 3.7.4 Multiple Vendors684 Unix Pierre Beyssac bing 1.0.4 & bing gethostbyaddr Buffer High CyberNotes 2001- previous Overflow 02 Multiple Vendors685 Unix RedHat Linux 6.1-6.2, 7.0-7.1; Linux Man Malicious Cache File Medium CyberNotes 2001- Debian Linux 2.1-2.3 Creation 12 Multiple Vendors686 Unix RedHat Linux 7.0; Linuxconf /tmp File Race Medium CyberNotes 2001- Wirex Immunix OS 7.0-Beta Condition 01 Multiple Unix RedHat Linux 7.0; Apache /tmp File Race High CyberNotes 2001- Vendors 687 Wirex Immunix OS 7.0-Beta 01 Linux-Mandrake Debian GNU/Linux 2.2 CyberNotes 2001- also vulnerable688 02 Debian releases CyberNotes 2001- patch689 03 Multiple Unix Samba 2.0.4-2.0.7 Samba Insecure TMP file High CyberNotes 2001- Vendors 690 Symbolic Link 08 CyberNotes 2001- RedHat & 10 Immunix issue upgrade691, 692 Multiple Unix SSH Communications SSH 1. SSH CRC-32 Compensation High CyberNotes 2001- Vendors 693 2.24-1.2.31; Attack Detector 04 Exploit script OpenSSH 1.2.2, 1.2.3, 2.1, 2.1.1, CVE Name: CAN-2001-0144 CyberNotes 2001- released694 2.2 05 Multiple Vendors695 Unix Stunnel prior to 3.9 Multiple Stunnel Vulnerabilities High CyberNotes 2001- 01 Multiple Vendors696 Unix T.C.X Data Konsult MySQL MySQL Local Buffer Overflow Low/High CyberNotes 2001- 3.23.23-3.23-30; 02 Debian GNU/Linux 2.2; RedHat 7.0; Mandrake 7.2; Conectiva Linux 4.0, 4.0es, 4.1, 4.2, 5.0, 5.1, 6.0

NIPC CyberNotes #2001-26 Page 36 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name Multiple Vendors697 Unix Vivek Khera mod_auth_mysql 1.9; Multiple Apache Remote SQL High CyberNotes 2001- Min S. Kim AuthPG 1.2b2; Query Manipulation 18 Serg Oskin mod_auth_ oracle Vulnerabilities 0.5.1; Guiseppe Tanzilli, Matthias Eckermann, & Victor G mod_auth_ pgsql_sys 0.9.4; Guiseppe Tanzilli & Matthias Eckermann mod_auth_ pgsql 0.9.5 Multiple Vendors698 Unix XFree86 xfs 4.0.1, 4.0.3 XFree86 xfs Denial of Service Low CyberNotes 2001- 12 Multiple Vendors699 Unix Xinetd 2.1.8.8, 2.1.8.9pre1-2.1.8.9 Xinetd Buffer Overflow High CyberNotes 2001- pre15, 2.1.8.9pre2- 2.1.8.9pre9 12 Multiple Vendors700 BeOS 4.0,/5.0, Oliver Debon Flash 0.4.9 & Flash Sound Write-Overflow High CyberNotes 2001- Unix previous 02 Multiple Vendors701 Windows Tiny Personal Firewall 1.0. 2.0; Multiple Personal Firewall Vendor Medium CyberNotes 2001- 95/98/ME /NT Zone Labs ZoneAlarm 2.1, Outbound Packet Bypass 25 4.0/2000 2.2-2.6, ZoneAlarm Pro 2.4, 2.6 Multiple Vendors702 Windows WhizBang Matrix Screen Saver WhizBang Matrix Screen Saver Medium CyberNotes 2001- 95/98/ME /NT Password Bypass 16 4.0/2000 Multiple Vendors703 Windows Fast Track KaZaA 1.3; Multiple Vendor File Sharing Medium CyberNotes 2001- 95/98/NT Music City Networks Morpheus 1.3 Application File Disclosure 16 4.0/2000 Multiple Vendors704 Windows Apache Group Tomcat 4.0; Multiple Vendor URL JSP Request Medium CyberNotes 2001- 95/98/NT BEA Systems Weblogic Server 5.1 Source Code Disclosure 07 4.0/2000, Unix Multiple Vendors705 Windows Microsoft Internet Explorer 5.0.1 Multiple Vendor HTML Form High CyberNotes 2001- 95/98/NT SP1&SP2, 5.5; Protocol 17 4.0/2000, 4.0.1, 5.0, 5.0.1 for Windows 95, MacOS 8.1/ 8.5/ 98, NT 4.0, 2000; 8.6/ 9.0, Outlook Express 4.0, 4.01, Unix 4.27.3110.1, 4.72.2106.4, 4.72.3120.0, 4.72.3612.1700, 5.0, 5.01, 5.5; Outlook Express for MacOS 4.5, 5.0; Netscape Communicator 4.04-6.01; Opera Software Opera Web Browser 5.02 win32, 5.10 win32, 5.11 win32, Opera Web Browser 5.0 Linux; University of Kansas Lynx 2.7, 2.8, 2.8.4, 2.8.5 Multiple Vendors706 Windows Microsoft Internet Explorer 6.0; Multiple Vendor Image Count Low CyberNotes 2001- 95/98ME/ NT Mozilla Browser 0.9.6; Denial of Service 25 4.0/2002, Opera Software Opera Web MacOS 9.0-9.2, Browser 5.11 win32 Unix

NIPC CyberNotes #2001-26 Page 37 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name Multiple Vendors707 Windows NT Cisco Secure IDS Host Sensor 2.0, Multiple IDS Vendor Encoded IIS Medium CyberNotes 2001- 4.0/2000 IDS Network Sensor 3.0, 6000 IDS Attack Detection Evasion 18 Module; CVE Name: CAN-2001-0669 Internet Security Systems BlackIce Agent 2.5, 3.0, BlackIce Sentry 2.5, 3.0, BlackIce Guard 2.5, BlackIce Defender 2.5, 2.5cg; Internet Security Systems RealSecure Server Sensor 5.0 Win, 5.5 Win, 5.5.1 Win, 5.5.2 Win, 6.0 Win, 5.0, 5.5, 5.5.1, 5.5.2, 6.0; Martin Roesch Snort 1.5, 1.5.1, 1.5.2, 1.6, 1.6.1, 1.6.2, 1.6.3, 1.7, 1.8; NFR Network Intrusion Detection 5.0 Multiple Vendors708 Windows NT ikonboard 2.1.7b & previous Ikonboard Arbitrary Command High CyberNotes 2001- 4.0/2000, Execution 01 Unix Multiple Vendors709 Windows NT OpenLDAP 1.0-2.0.7; OpenLDAP Denial of Service Low/ CyberNotes 2001- 4.0/2000, iPlanet Directory Server, version High 15 Unix 5.0 Beta-4.13; Lotus Domino R5 Servers (Enterprise, Application, and Mail), prior to 5.0.7a; Teamware Office for Windows NT & Solaris, prior to version 5.3ed1; Qualcomm Eudora WorldMail for Windows NT ver. 2; Microsoft Exchange 5.5 LDAP Service; Network Associates PGP Keyserver 7.0, prior to Hotfix 2; Oracle 8I Enterprise Edition; IBM SecureWay Directory 3.0-3.2 Solaris, 3.0-3.2 Win2K Multiple Vendors710 Windows NT xloadimage 4.1 xloadimage Buffer Overflow High CyberNotes 2001- 4.0/2000, 14 Unix Multiple Vendors711 Windows NT Sun Solaris 2.5.1, 7.0, 8.0; Multiple Vendor Small TCP MSS Low CyberNotes 2001- 4.0/2000, OpenBSD 2.8, 2.9; Denial of Service 14 Unix NetBSD 1.5, 1.5.1; Microsoft Windows NT 4.0, 4.0 SP1-SP7, Windows 2000, 2000 SP1&SP2; Linux Kernel 2.4-2.4.5; HP-UX 11.0, 11.0.4, 11.11, 11.4; FreeBSD 4.3 Multiple Vendors712 Unix MandrakeSoft Linux 6.0, 6.1, 7.0, Shadow-utils /etc/default Temp Medium CyberNotes 2001- 713 7.1, 7.2; File Race Condition 01 RedHat Linux 7.0; Wirex Immunix OS 7.0-Beta Multiple Vendors714 Unix MandrakeSoft Linux 6.0, 6.1, 7.0, Rdist /tmp File Race Condition Medium CyberNotes 2001- 715 7.1, 7.2; 01 RedHat Linux 7.0; Wirex Immunix OS 7.0-Beta

NIPC CyberNotes #2001-26 Page 38 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name Multiple Vendors716 Unix MandrakeSoft Linux 6.0, 6.1, 7.0, Getty_ps /tmp File Race Medium CyberNotes 2001- 717 7.1, 7.2; Condition 01 RedHat Linux 7.0; Wirex Immunix OS 7.0-Beta Multiple Vendors Unix RedHat Linux 7.0; Gpm /tmp File Race Condition Medium CyberNotes 2001- 718, 719 Wirex Immunix OS 7.0-Beta; 01 Linux-Mandrake 6.0, 6.1, 7.0, 7.1, 7.2 Multiple Unix Conectiva Linux 4.1, 4.2, 5.0, 5.1, Icecast Remote Buffer Overflow High CyberNotes 2001- Vendors720, 721 6.0; and Format String 07 Icecast versions prior to 1.3.7_1 Multiple Unix David Madore ftpd-BSD 0.2.3; BSD Ftpd Single Byte Buffer High CyberNotes 2001- Vendors722, 723 NetBSD 1.4, 1.4.1, 1.4.2, 1.5; Overflow 01 OpenBSD 2.4-2.8 Multiple Unix FreeBSD 3.5, 4.2; Timed Small Packet Low CyberNotes 2001- Vendors724, 725 MandrakeSoft Corporate Server Denial of Service 07 1.0.1, Linux Mandrake 6.0-7.2 Multiple Unix Infodrom cfingerd 1.4.0-1.4.3; Cfingerd Format String High CyberNotes 2001- Vendors726, 727 Debian Linux 2.2, 2.2rl, 2.2r2 08 Multiple Unix National Science Foundation Squid Squid /tmp Medium CyberNotes 2001- Vendors728, 729 Web Proxy 2.3 STABLE4; File Race Condition 01 RedHat Linux 7.0; Wirex Immunix OS 7.0-Beta; Linux-Mandrake 6.0, 6.1, 7.0, 7.1, 7.2 Multiple Unix OpenSSL 0.9.1c, 0.9.2b, 0.9.3- OpenSSL PRNG Internal State Medium CyberNotes 2001- Vendors730, 731 0.9.6a; Disclosure 14 SSLeay 0.8.1-0.9.1 Multiple Unix PHPLib Team PHPLIB 7.2-7.2.1 Multiple Vendor ‘PHPLIB’ High CyberNotes 2001- Vendors732, 733 Remote Script Execution 15 Multiple Unix RedHat Linux 7.0; Sdiff /tmp File Race Condition Medium CyberNotes 2001- Vendors734, 735 Wirex Immunix OS 7.0-Beta; 01 Linux-Mandrake 6.0, 6.1, 7.0, 7.1, 7.2 Multiple Unix RedHat Linux 7.0; Inn /tmp File Race Condition Medium CyberNotes 2001- Vendors736, 737 Wirex Immunix OS 7.0-Beta; 01 Linux-Mandrake 6.0, 6.1, 7.0, 7.1, 7.2 Multiple Unix RedHat Linux 7.0; Wu-ftpd /tmp File Race Condition Medium CyberNotes 2001- Vendors738, 739 Wirex Immunix OS 7.0-Beta; 01 Linux-Mandrake 6.0, 6.1, 7.0, 7.1, 7.2 Multiple Unix RedHat Linux 7.0; Mgetty /tmp File Race Condition Medium CyberNotes 2001- Vendors740, 741 Wirex Immunix OS 7.0-Beta; 01 Linux-Mandrake 6.0, 6.1, 7.0, 7.1, 7.2 Multiple Unix RedHat Linux 7.0; Arpwatch /tmp File Race Medium CyberNotes 2001- Vendors742, 743 Wirex Immunix OS 7.0-Beta; Condition 01 Linux-Mandrake 6.0, 6.1, 7.0, 7.1, 7.2 Multiple Unix Trustix Secure Linux 1.1, 1.2; Glibc LD_ Medium/ CyberNotes 2001- Vendors744, 745 MandrakeSoft Corporate Server PRE LOAD File Overwriting High 02 1.0.1, Linux Mandrake 6.0, 6.1, 7.0-7.2; RedHat Linux 6.0-6.2 sparc, i386, alpha

NIPC CyberNotes #2001-26 Page 39 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name Multiple Unix Window-maker wmaker 0.60- 0.64 Window Maker Window Title High CyberNotes 2001- Vendors746, 747 Buffer Overflow 17 Multiple Windows NT Apache 1.3, 1.3.1, 1.3.3, 1.3.4, Apache Split-Logfile File Append High CyberNotes 2001- Vendors748, 749 4.0/2000, 1.3.9, 1.3.11, 1.3.12, 1.3.14, CVE Name: CAN-2001-0730 25 Unix 1.3.17- 1.3.20; RedHat Secure Web Server 3.2 i386 Multiple Unix gFTP 0.1-2.0.7; gFTP Remote Format String High CyberNotes 2001- Vendors750, 751, 752 Red Hat Linux 6.2-alpha, i386, 09 sparc, 7.0 -alpha, i386, 7.1- i386; Linux Mandrake 7.1, 7.2, 8.0, Corporate Server 1.0.1; Immunix OS 6.2, 7.0-beta, 7.0 Multiple Unix Linux kernel 2.2- 2.2.19, 2.4.2, Linux Ptrace/Setuid Exec High CyberNotes 2001- Vendors753, 754, 755 2.4.9 21 Multiple Unix Linux Mandrake 7.1, 7.2, Multiple Vendor LICQ Buffer High CyberNotes 2001- Vendors756, 757, 758 Corporate Server 1.0.1; Overflow And URL Command 07 RedHat Linux 7.0, Powertools; Execution Conectiva Linux 4.0, 4.0es, 4.1, 4.2, 5.0, prg graficos, ecommerce, 5.1, 6.0 Multiple Unix NEdit 5.5.1 NEdit Incremental Backup File High CyberNotes 2001- Vendors759, 760, 761 Symbolic Link 09 Multiple Unix Zope 2.3.1 b1 & prior Multiple Zope Vulnerabilities Medium CyberNotes 2001- Vendors 762, 763, 764 05 Debian releases CyberNotes 2001- patch765 06 Multiple Unix Linux kernel 2.0-2.0.39, Linux Syn Filter Evasion Medium CyberNotes 2001- Vendors766, 767, 768, 2.2-2.2.20, 2.4-2.4.13 23 769 Multiple Unix Linux-Mandrake 7.1, 7.2, Sudo Buffer Overflow High CyberNotes 2001- Vendors 770, 771, Corporate Server 1.0.1; 05 772, 773 Immunix OS 7.0-beta and 7.0; CyberNotes 2001- Exploit Script Conectiva Linux 4.0, 4.0es, 4.1, 12 released774 4.2, 5.0, prg gráficos, ecommerce, 5.1, 6.0; Debian GNU/Linux 2.2; Slackware 7.1, current Multiple Unix OpenBSD OpenSSH 1.2.3, 2.9p2, OpenSSH UseLogin Environment High CyberNotes 2001- Vendors775, 776, 777, 2.9p1, 3.0p1, 3.0, 3.0.1p1, 3.0.1 Variable Passing 25 778 Multiple Unix Paul Vixie Vixie Cron 3.0pl1, 3.0.1 Vixie Cron crontab Privilege High CyberNotes 2001- Vendors779, 780, 781, Lowering Failure 10 782 Multiple Unix Red Hat Linux 5.2 alpha, i386, Mutt Format String High CyberNotes 2001- Vendors783, 784, 785, sparc, 6.2 alpha, i386, sparc, 7.0 07 786 alpha, i386; Immunix OS 6.2, 7.0-beta, and 7.0; Conectiva Linux 4.0, 4.0es, 4.1, 4.2, 5.0, prg graficos, ecommerce, 5.1; Trustix Secure Linux 1.2 Multiple Unix Eric Raymond Fetchmail 5.0-5.8.6 Fetchmail Buffer Overflow High CyberNotes 2001- Vendors787, 788, 789, 13 790, 791 Multiple Unix Cees De Groot SGMLtools 1.0.7, SGMLtools Temporary File High CyberNotes 2001- Vendors792, 793, 794, 1.0.9 Permission 07 795, 796

NIPC CyberNotes #2001-26 Page 40 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name Multiple Unix David Madore ftpd-BSD 0.3.2, Wu-Ftpd File Globbing Heap High CyberNotes 2001- Vendors797, 798, 799, 0.3.3; Corruption 24 800, 801 Washington University wu-ftpd CVE Name: CAN-2001-0550 2.5.0, 2.6.0 2.6.1 Multiple Unix GnuPG 1.0-1.0.3b GnuPG Detached Signature Medium CyberNotes 2001- Vendors802, 803, 804, Verification False-Positive 01 805, 806 Multiple Unix Linux Mandrake 7.0, 7.1, 7.2, Multiple OpenSSH Vulnerabilities Medium CyberNotes 2001- Vendors807, 808, 809, Corporate Server 1.0.1; 07 810, 811 Immunix OS 6.2, 7.0-beta, 7.0; Red Hat Linux 7.0; Conectiva Linux 5.0, prg graficos, ecommerce, 5.1, 6.0; Trustix Secure Linux 1.01, 1.1, 1.2; OpenSSH 2.5.2 Multiple Unix SLRN Development Team slrn SLRN Long Header Buffer High CyberNotes 2001- Vendors812, 813, 814, 0.9.6.2-9, 0.9.6.3, 0.9.6.4 Overflow 07 815, 816 Multiple Unix Samba 2.0.5-2.2.0 Samba Remote Arbitrary File Medium CyberNotes 2001- Vendors817, 818, 819, Creation 13 820, 821, 822 Multiple Unix Xinetd 2.1.8.8, 2.1.8.8pre3, Multiple Xinetd Low/High CyberNotes 2001- Vendors823,824, 825, 2.1.8.9pre1-2.1.8.9pre15, 18 2.1.8.9pre2, 2.1.8.9pre3,2.1.8.9pre5-2.1.8.9pre 9, 2.3 Munica Unix NetSQL 1.0 NetSQL Remote Buffer Overflow High CyberNotes 2001- Corporation826 13 Mutasem Unix CSVForm 0.1, CSVForm Plus 1.0 CSVForm Remote Arbitrary High CyberNotes 2001- Abudahab827 Command Execution 25 MySQL AB828 Unix MySQL 3.23.x, WinMySQLadmin WinMySQL admin Plain Text Medium CyberNotes 2001- 1.1 Password Storage 20 Nara Vision829 Unix Kebi Community 1.0 enterprise Kebi WebMail Unauthenticated Medium CyberNotes 2001- version, 1.0 academy version Administration 25 Nathan Unix CGIWrap 1.0- 3.6.4 CGIWrap Cross-Site Scripting High CyberNotes 2001- Neulinger830 15 National Science Unix Squid Web Proxy 2.4, 2.4DEVEL2, Squid Web Proxy Cache Low CyberNotes 2001- Foundation831 2.4DEVEL4, 2.4PRE-STABLE, Denial of Service 20 2.4PRE-STABLE2, 2.4STABLE1, 2.3, 2.3STABLE2-2.3STABLE5 Navision832 Windows NT Navision Financials Server 2.50, Navision Financials Server Low CyberNotes 2001- 4.0/2000, 2.60 Denial of Service 07 Unix NCM 833 Multiple Content Management System Content Management System Medium CyberNotes 2001- content.pl Input Validation 08 NetBSD 834 Unix NetBSD 1.3-1.3.3, 1.4-1.4.3, 1.5, NetBSD sendmsg Denial of Low CyberNotes 2001- current pre20010701 Service 15 NetBSD 835 Unix NetBSD 1.4, 1.5, -current NetBSD Bogus Fragmented IPv4 Low CyberNotes 2001- Packet Denial of Service 11 NetBSD 836 Unix NetBSD 1.4, 1.5, -current NetBSD IP Filter Bypass Medium CyberNotes 2001- 11 NetBSD 837 Unix NetBSD 1.4.1 sh3, 1.5 sh3 NetBSD Super-H Port sigreturn() High CyberNotes 2001- Input Validation 11 NetBSD 838 Unix NetBSD current pre20010805 NetBSD ‘semop’ Arbitrary Code High CyberNotes 2001- 1.4-1.5.1 Execution 18

NIPC CyberNotes #2001-26 Page 41 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name NetBSD 839 Unix NetBSD current pre20010805 NetBSD ‘ioctl’ Denial of Service Low CyberNotes 2001- 1.4-1.5.1 18 NetCode 840 Unix NC Book 0.2b NC Book Book.CGI Arbitrary High CyberNotes 2001- Command Execution 17 NetCorp841 Multiple PassMaster PassMaster Plaintext Password Medium CyberNotes 2001- 02 NetCruiser Windows NetCruiser Web Server 0.1.2.8 NetCruiser Software NetCruiser Medium CyberNotes 2001- Software842 95/98/NT Web Server PathDisclosure 09 4.0/2000 Netopia843 Multiple Netopia R9100 Firmware version Netopia Router Denial of Service Low CyberNotes 2001- 4.6 03 Netopia 844 MacOS Timbuktu Preview for Mac OS X Timbuktu Mac OS X Login High CyberNotes 2001- 09 Netscape MacOS Netscape 4.77 Mac Netscape For MacOS Password Medium CyberNotes 2001- Communications845 6.0.8-9.2.1, Field Printing 24 MacOS X 10.0-10.1 Netscape Unix Communicator 6.01a Communicator Temp File Medium CyberNotes 2001- Communications846 Symbolic Link 18 Netscape Multiple Enterprise Server 3.0, 4.0 Netscape Enterprise Server 'Index' Medium CyberNotes 2001- Communications 847 Disclosure 03 Netscape Multiple FastTrack Server 4.0.1 Netscape FastTrack Cache Low CyberNotes 2001- Communications 848 Module Denial of Service 02 Netscape Multiple Netscape Enterprise Server 3.6 Netscape Enterprise Server Low CyberNotes 2001- Communications 849 with web publishing enabled REVLOG Denial of Service 02 Netscape Windows Netscape Smart Download 1.3 Smart Download Buffer High CyberNotes 2001- Communications 95/98/NT Overflow 08 850 4.0/2000, CVE Name: CAN-2001-0262 CyberNotes 2001- Vulnerability Unix 09 appears in Press851

Netscape Windows NT Enterprise Server 4.1SP5 Netscape Enterprise Server Low CyberNotes 2001- Communications 852 Denial of Service 02 Netscape Windows NT Netscape Collabra Server 3.5.4 Netscape Collabra Malformed Low CyberNotes 2001- Communications 853 Data and Memory Leak Denial of 05 Service Netscape Windows NT Netscape Directory Server 4.1, Netscape Directory Server Buffer High CyberNotes 2001- Communications 854 4.12 Overflow 05 CVE Name: CAN-2001-0164 NetScreen855 Multiple Screen OS 1.73r1, 2.10r3, 2.1r6, NetScreen Firewall Low/ CyberNotes 2001- 2.5r1 Denial of Service High 01 CVE name: CAN-2001-0007 (High if DDoS best practices not in place) NetScreen856 Multiple ScreenOS 1.64, 1.66, 2.1, 2.5 NetScreen ScreenOS Firewall Medium CyberNotes 2001- Policy Bypass 07 NetWin Limited857 Windows SurgeFTP 1.0b, 2.0a, 2.0b; NetWin NWAuth Buffer Medium/ CyberNotes 2001- 95/98/NT DMail 2.5d, 2.7, 2.7q, 2.7r, Overflow and Weak Password High 15 4.0/2000, 2.8e-2.8i Encryption MacOS 9.0, BSD/OS 4.0.1, Unix

NIPC CyberNotes #2001-26 Page 42 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name NetWin Limited858 Windows 98/NT SurgeFTP 1.0b, 2.0a SurgeFTP Server Information Medium CyberNotes 2001- 4.0/2000, Disclosure and MS-DOS Device 13 Unix Name Denial of Service NetWin Limited 859 Windows SurgeFTP 2.0a-2.0f SurgeFTP Weak Password Medium CyberNotes 2001- 95/98/NT Encryption 16 4.0/2000, Unix NetWin Limited 860 Windows 98/NT SurgeFTP 1.0b SurgeFTP Malformed Low CyberNotes 2001- 4.0/2000, Denial of Service 05 Unix Network Multiple NetCache C1100, C3100, C6100, NetCache Tunneling Medium CyberNotes 2001- Appliance861 C700 Series Configuration 14 Network Windows PGP Personal Security 7.0.3; PGP Invalid Key Display Medium CyberNotes 2001- Associates, 95/98/ME /NT PGP Freeware 7.0.3; 18 Incorporated862 4.0/2000, PGP E-Business Server 6.5.8, MacOS 9.0, 7.0.4, 7.1; OS/390 V2R9, PGP Corporate Desktop 7.1; OS/390 V2R6, PGP 5.0, 6.0.2 Unix Network Windows NT VirusScan for Windows NT 4.5 WebShield SMTP Malformed Medium CyberNotes 2001- Associates, 4.0/2000 Mime Header 25 Incorporated863 Network Solutions, Unix RWhoIsD 1.5, 1.5.1a, 1.5.2, 1.5.3, RWhoIsD System Log Format High CyberNotes 2001- Incorporated864 1.5.5, 1.5.6, 1.5.7, 1.5.7.2 String 24 Network Solutions, Unix rwhoisd 1.5-1.5.7 Rwhoisd Remote Format String High CyberNotes 2001- Incorporated865 22 Networks Windows NT PGP Keyserver 7.0, 7.0.1 PGP Keyserver Web High CyberNotes 2001- Associates 4.0/2000, Administration Interface 20 Incorporated866 Unix Authentication Bypassing Nobreak Multiple CrazyWWWBoard 2000px, CrazyWWW Board Buffer High CyberNotes 2001- Technologies867 2000LEpx, 98, 98PE, 3.0.1; Overflow 04 CrazySearch 1.0.1; CGIs using qDecoder 4.0 ~ 5.0.8 Nobreak Multiple CrazyWWWBoard version CrazyWWW Board Remote High CyberNotes 2001- Technologies868 2000p4, 2000LEp5 Buffer Overflow 08 Novell869 Multiple Border Manager 3.0-3.6; Border Manager Remote Low/High CyberNotes 2001- Enterprise Edition 3.5 Denial of Service 09 (High if DDoS best practices not in place) Novell870 Multiple Groupwise 5.5 Groupwise Directory Disclosure Medium CyberNotes 2001- 17 Novell871 Multiple Groupwise 6.0, Enhancement Pack GroupWise Padlock High CyberNotes 2001- 5.5 17 Novell872 Multiple NetWare 5.0, 5.1 NetWare Password Hash and Medium CyberNotes 2001- RSA Key Recovery 04 Novell873 Windows 2000 Groupwise 6.0, Enhancement Pack Novell Groupwise Arbitrary File Medium CyberNotes 2001- 5.5 Retrieval 21 Novell874 Windows Groupwise 5.5 GroupWise Network Directory Medium CyberNotes 2001- 95/98/ME Browsing 04 NT/2000 NRL 875 Unix OPIE 2.4, 2.32 OPIE Account Existence Medium CyberNotes 2001- Information Leak 23 O’Reilly Windows WebBoard 4.10.30 WebBoard Pager Hostile Medium CyberNotes 2001- Software876 98/98/NT 4.0 JavaScript 12

NIPC CyberNotes #2001-26 Page 43 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name Omnicron Windows Omni HTTPD 2.0.7 OmniHTTPD File Corruption and High CyberNotes 2001- Technologies 95/98/NT Command Execution 02 Corporation877 4.0/2000 Omnicron Windows Omni HTTPD 2.0.8 OmniHTTPd Pro POST Low CyberNotes 2001- Technologies 95/98/NT Denial of Service 10 Corporation878 4.0/2000 Omnicron Windows Omni HTTPD 2.0.4-2.0.8 OmniHTTPD PHP Denial of Low/ CyberNotes 2001- Technologies 98/98/NT Service Medium 11 Corporation879 4.0/2000 and File Source Disclosure OpenBSD 880 Unix OpenBSD 2.0-2.9 OpenBSD Connected Socket Low CyberNotes 2001- Ownership 21 OpenBSD 881 Unix OpenBSD 2.6-2.9 OpenBSD Pipe and Dup2 VFS Low CyberNotes 2001- Race Conditions Denial of Service 12 OpenBSD 882 Unix OpenBSD 2.8-3.0 OpenBSD lpd Remote File High CyberNotes 2001- Creation By Trusted Root User 25 OpenBSD 883 Unix OpenSSH 2.2.0, 2.1.1, 2.3.1, 2.5.2, OpenSSH Client X11 Forwarding Medium CyberNotes 2001- 2.5.2p2 Cookie Removal File Symbolic 12 Link OpenBSD 884 Unix OpenSSH 3.0, 3.0p1 OpenSSH Kerberos Arbitrary Medium CyberNotes 2001- Privilege Elevation 24 OpenSSH 885 Unix OpenSSH 2.1-2.3, 2.5-2.5.2, 2.9 OpenSSH PAM Session Evasion Medium CyberNotes 2001- 13 OpenSSH886 Unix OpenSSH 2.5-2.5.2, 2.9 OpenSSH Key Based Source Medium CyberNotes 2001- Other Vendors IP Access Control Bypass 20 provide patches887, CyberNotes 2001- 888, 889, 890 21 OpenSSL 891 Unix OpenSSL versions prior to 0.9.6a Multiple OpenSSL Vulnerabilities Medium CyberNotes 2001- 10 Opera Software892 Multiple Opera Web Browser 5.0 Linux Opera Heap Overflow High CyberNotes 2001- 14 Opera Software893 Windows Opera Web Browser 5.02 win32, Opera Cross-Site Scripting Medium CyberNotes 2001- 95/98/ME /NT 5.0 Linux, 5.11 win32, 5.10 win32, 23 4.0/2000, 5.12 win32 Unix Oracle Multiple Oracle 9i Application Server Oracle Application Server Path Medium CyberNotes 2001- Corporation894 Revealing 19 Oracle Multiple Oracle8 8.0x Oracle 8 Server Low CyberNotes 2001- Corporation895 'TNSLSNR80.EXE' 08 Denial of Service Oracle Unix Application Server 4.0.82 Oracle Application Server High CyberNotes 2001- Corporation896 ndwfn4.so Buffer Overflow 08 Oracle Unix Internet Application Server 3.0.7 Oracle Apache+ WebDB High CyberNotes 2001- Corporation897 & previous Documented Backdoor 01 Oracle Unix Internet Application Server 3.0.7 Oracle WebDB/Portal Listener Medium CyberNotes 2001- Corporation898 & previous Modplsql and Public PL/SQL 01 Procedure Database Access Oracle Unix Label Security 8.1.7, 9.0.1 Label Security Unauthorized Medium CyberNotes 2001- Corporation899 Access 22 Oracle Unix Oracle 8i versions 8.1.6, 8.1.5; Oracle Cmctl Buffer Overflow Medium CyberNotes 2001- Corporation900 Oracle 8 versions 8.0.5, 8.0.4, 02 8.0.3 Oracle Unix Oracle8i 8.0.5 Oracle OTRCREP Oracle Home High CyberNotes 2001- Corporation901 Environment Variable Buffer 16 Overflow Oracle Unix Oracle8i 8.0.5, 8.0.6, 8.1.5, 8.1.6 Oracle /tmp Race Condition Medium CyberNotes 2001- Corporation902 16

NIPC CyberNotes #2001-26 Page 44 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name Oracle Windows 2000, Oracle8 8.1.5, 8.1.6, 8.1.7 Oracle 8i SQLNet Low CyberNotes 2001- Corporation903 Unix Denial of Service 13 CVE Name: CAN-2001-498 Oracle Windows 2000, Oracle8 8.1.5, 8.1.6, 8.1.7 Oracle 8i TNS Listener High CyberNotes 2001- Corporation904 Unix Buffer Overflow 13 CVE Name: CAN-2001-499 Oracle Windows 2000, Oracle8 8.1.6, 8.1.7, Oracle9i 9.0, Oracle DBSNMP Oracle Home High CyberNotes 2001- Corporation905 Unix 9.0.1 Environment Variable Buffer 16 Overflow Oracle Windows Application Desktop Integrator Oracle ADI Plain Text Medium CyberNotes 2001- Corporation906 98se/NT 4.0/2000 7.1.1.10.1 Password Storage 10 Patch available907 CyberNotes 2001- 11 Oracle Windows NT Oracle8 8.1.7 Oracle JSP/SQLJSP Servlet High CyberNotes 2001- Corporation908 2000 Execution 02 Upgrade now CyberNotes 2001- available909 05 Oracle Windows NT XSQL Servlet 1.00 Windows 2000; Oracle XSQL Servlet Arbitrary High CyberNotes 2001- Corporation910 2000 XSQL Servlet 1.0.1-1.0.3; Java Code 02 Oracle 8i 8.1.7.0.0 Enterprise; database server 8.1.7.0.0 Oracle Windows NT Oracle9iAS Web Cache 2.0.0.2 Oracle9iAS Web Cache HTTP Low CyberNotes 2001- Corporation911 4.0/2000, NT, 2.0.0.2, 2.0.0.1 Content Header Denial of Service 24 Unix Oracle Windows NT Oracle9iAS Web Cache 2.01.0 Oracle9iAS Web Cache Buffer High CyberNotes 2001- Corporation912 4.0/2000, Overflow 21 Unix Oracle Corporation Unix Oracle8 8.0.5, 8.1.5 Oracle DBSNMP CHOwn Path High CyberNotes 2001- 913 Environment Variable 16 Oracle Corporation Windows 2000 Oracle8 8.1.6, 8.1.7 Oracle DBSNMP Oracle Home High CyberNotes 2001- 914 Environment Variable Changing 16 Orange Software915 Windows Orange Web Server 2.1 Orange Web Server Low CyberNotes 2001- 94/98ME/ NT Denial of Service 05 4.0/2000 OReilly Software916 Windows Website Pro 3.0.37 Website Pro Remote Manager Low CyberNotes 2001- 95/98/NT Denial of Service 07 4.0/2000 OReilly Software917 Windows Website Professional 2.5.4 Website Professional Web Medium CyberNotes 2001- 95/98/NT Directory Disclosure 06 4.0/2000 Pacific Software918 Windows NT 4.0 Carello 1.2.1 Carello Shopping Cart Command High CyberNotes 2001- Execution 10 Packet Knights919 Unix FPF Linux Kernel Module 1.0 Linux FPF Kernel Module Low CyberNotes 2001- Denial of Service 12 Palm920 Multiple Palm OS 3.3, 3.5.2 Palm Debugger Password Medium CyberNotes 2001- Vulnerability has Bypass 05 appeared in the CyberNotes 2001- Press921 06 PassWD922 Windows PassWD 2000 2.0, 2.5-2.8 PassWD 2000 Weak Password Medium CyberNotes 2001- 95/98/ME /NT Encryption 12 4.0/2000 Patrick Schemitz923 Unix AutoNice Daemon 1.0.0-1.0.4 AutoNice Daemon Program High CyberNotes 2001- Name Format String 24 Perception924 Windows LiteServe 1.25 LiteServe Script Source Code Medium CyberNotes 2001- Disclosure 13 Persits Software925 Multiple AspUpload 2.1 AspUpload Default Scripts Medium CyberNotes 2001- Exploitable 25

NIPC CyberNotes #2001-26 Page 45 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name PGP Security, Windows PGP for Personal Privacy/PGP PGP (Pretty Good Privacy) High CyberNotes 2001- Inc.926 95/98/ME NT Desktop Security/ PGPfree-ware ASCII Armor Parser Vulnerability 08 4.0/2000 5.0-7.0.4 (Windows) PHP Development Unix Mandrake Soft Linux Mandrake PHP Engine Disable Source Medium CyberNotes 2001- Team927 7.2; Viewing 02 PHP 4.00-4.0.4; Conectiva Linux 4.0 PHP Development Multiple PHP 4.0.5 PHP SafeMode Arbitrary File High CyberNotes 2001- Team928 Execution 14 phpBB Group 929 Multiple phpBB 1.4.2 phpBB 'bb_memberlist.php' Medium CyberNotes 2001- Remote SQL Query Manipulation 21 phpBB Group 930 Unix phpBB 1.0.0, 1.2.0, 1.2.1, 1.4.0 PHPBB Arbitrary Command High CyberNotes 2001- Execution 16 phpBB Group 931 Unix phpBB 1.0.0, 1.2.0, 1.2.1, 1.4.0, phpBB Unauthorized High CyberNotes 2001- 1.4.1 Administrative Features Access 17 phpBB Group 932 Unix phpBB 1.4.0, 1.4.1 PHPBB Remote SQL Query High CyberNotes 2001- Manipulation 16 phpMy Admin Unix phpMy Admin 2.0-2.0.5, phpMyAdmin Arbitrary High CyberNotes 2001- Development 2.1-2.1.2, 2.2pre1, 2.2rc1- 2.2rc3 Command Execution 16 Team933 PhpMy Admin Unix PhpMy Admin 2.1.0, 2.2.1 phpMyAdmin and phpPgAdmin High CyberNotes 2001- Development Arbitrary Command Execution 09 Team934 PHPMy Unix MyExplorer Classic 1.0-1.1.0, MyExplorer Arbitrary File Medium CyberNotes 2001- Explorer935 1.1.3-1.1.5, 1.2; Disclosure 18 MultiUser 1.0 PhpPg Admin 936 Unix PhpPg Admin 2.2, 2.2.1, 2.2.1pl1; PhpPgAdmin and PhpMyAdmin High CyberNotes 2001- PhpMy Admin 2.1 Included File Arbitrary Command 14 Execution PHPProjekt Windows NT PHPProjekt 2.0, 2.0.1, 2.1 PHPProjekt Directory Escaping Medium CyberNotes 2001- Development 4.0/2000, 10 Team937 Unix PHPProjekt Windows NT PHPProjekt 2.0-2.4 PHPProjekt Arbitrary User Medium CyberNotes 2001- Development 4.0/2000, Modification 18 Team938 Unix PhpSecure Pages Multiple PhpSecure Pages 0.11beta- PhpSecure Pages Included File High CyberNotes 2001- Development 0.20beta Arbitrary Command Execution 14 Team939 PhpSecurePages Unix PhpSecure Pages 0.23 beta PhpSecure Pages Remote High CyberNotes 2001- Development Command Execution 09 Team940 Pi-Soft 941 Windows SpoonFTP 1.0, 1.00.12 SpoonFTP 'CWD' and 'LIST' High CyberNotes 2001- 95/98/ME /NT Buffer Overflow 11 4.0/2000 Pi-Soft 942 Windows SpoonFTP 1.1 Pi-Soft SpoonFTP Directory Medium CyberNotes 2001- 95/98/ME /NT Traversal 19 4.0/2000 PKCrew943 Unix TIATunnel 0.9alpha2, 0.9alpha3 TIATunnel Authentication High CyberNotes 2001- Mechanism Buffer Overflow 12 POP3Lite944 Unix POP3Lite 0.2.3, 0.2.3b POP3Lite Input Validation High CyberNotes 2001- 18 Positive Windows 2000, H-Sphere 1.5, 2.0, 2.05, 2.06 H-Sphere Arbitrary File Medium CyberNotes 2001- Software945 Unix Disclosure 20 Pragma Systems946 Windows InterAccess TelnetD Server 4.0, InterAccess Denial of Service Low CyberNotes 2001- 95/98/NT 4.0 4.0 Build 4 & 5 12 Procmail947 Unix Procmail 3.10, 3.11, 3.13, 3.14, Procmail Unsafe Signal Handling Medium CyberNotes 2001- 3.15 Race Condition 15

NIPC CyberNotes #2001-26 Page 46 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name ProFTPD Unix ProFTPD 1.2pre9 & prior ProFTPD Client Hostname Medium CyberNotes 2001- Project 948 Resolving 19 Progress Windows NT Progress Database 8.3D, 9.1C Progress Database Multiple Buffer High CyberNotes 2001- Software949 4.0/2000, Overflow and Input Validation 21 Unix Progress Windows NT Progress Database 8.3D, 9.1C Progress Database Malicious High CyberNotes 2001- Software950 4.0/2000, ProTermCap File Buffer 21 Unix Overflow Progress Windows NT Progress Database 9.1C Progress Database Format String High CyberNotes 2001- Software951 4.0/2000, 23 Unix QNX Software Unix QSSL QNX RTP QNX RTP ftpd stat Buffer High CyberNotes 2001- Systems952 Overflow 03 QPC Software953 Windows QVT/Term 5.0 QVT/Term FTP Denial of Service Low CyberNotes 2001- 95/98/ME /NT 20 4.0/2000 QPC Software954 Windows QVT/Term Plus 5.0, QVT/Net 5.0 QVT Suite FTP Server Directory Low/ CyberNotes 2001- 95/98/NT Traversal and Buffer Overflow Medium 08 3.5.1/4.0/ 2000 Qualcomm Multiple qpopper 4.0-4.0.2 qpopper Username Buffer High CyberNotes 2001- Incorporated955 Overflow 12 Qualcomm Windows Eudora 5.0.2 Eudora 'Use Microsoft Viewer' High CyberNotes 2001- Incorporated956 95/98/NT Code Execution 06 4.0/2000 Qualcomm Windows Eudora 5.0.2, 5.1 Eudora File Attachment Medium CyberNotes 2001- Incorporated957 95/98/NT 08 4.0/2000 Qualcomm Windows Eudora 5.1 Eudora Hidden Attachment High CyberNotes 2001- Incorporated958 95/98/NT Execution 11 4.0/2000 Qualcomm, Unix qpopper 4.0.1 PAM qpopper User Enumeration Medium CyberNotes 2001- Incorporated959 18 Quest Software960 Unix SharePlex 2.1.3.9, 2.2.2 beta SharePlex Arbitrary File Medium CyberNotes 2001- Disclosure 07 Ralf S. Unix ePerl 2.0-2.2.9 ePerl Foreign Code Execution High CyberNotes 2001- Engelschall961 13 Randy Parker962 Unix Power Up HTML 0.8033beta Power Up HTML Directory High CyberNotes 2001- Traversal Arbitrary File 19 Disclosure Rasmus J.P. Unix SunFTP 1.0 Build 9 SunFTP Unauthorized File Access High CyberNotes 2001- Allenheim 963 05 Rational964 Unix ClearCase 3.2, 4.0-4.2 ClearCase Ddb_loader Term High CyberNotes 2001- Environment Variable Buffer 23 Overflow Raytheon965 Multiple Silent Runner Collector 1.6.1 Silent Runner HELO Buffer Low CyberNotes 2001- Overflow Denial of Service 07 Raytheon966 Multiple SilentRunner 1.6.1, 2.0, 2.0.1 Raytheon SilentRunner Multiple High CyberNotes 2001- (‘Knowledge Browser’ Buffer Overflow Vulnerabilities 16 vulnerability) CVE Name: CAN-2001-0636 RedHat 967 Unix Ken Stevens ispell 3.1.20 Ken Stevens ispell Symbolic Link Medium CyberNotes 2001- 12 RedHat 968 Unix Linux 6.1, 6.2, 7.0, 7.1 Linux Man Page Source Buffer High CyberNotes 2001- Overflow 12 RedHat 969 Unix Linux 6.2, 7.0, 7.1 Lpd Remote Command Execution High CyberNotes 2001- via DVI Printfilter Configuration 18 Error

NIPC CyberNotes #2001-26 Page 47 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name RedHat 970 Unix Linux 7.0 Man -S Heap Overflow High CyberNotes 2001- 10 RedHat 971 Unix Linux 7.0 Linux Apache Remote Username Medium CyberNotes 2001- Enumeration 19 RedHat 972 Unix Linux 7.0 alpha, i386, 7.1 i386 Xinetd Insecure Default Umask Medium CyberNotes 2001- 12. RedHat 973 Unix Linux 7.1 Linux Swap File World Readable Medium CyberNotes 2001- Permissions 09 RedHat 974 Unix Linux 7.1 Vipw Insecure File Permissions Medium/ CyberNotes 2001- High 15 RedHat 975 Unix Linux 7.1 RedHat Setserial Init Script Medium CyberNotes 2001- Predictable Temporary File 20 RedHat 976 Unix Linux 7.1 i386, alpha, 7.2 i386 Linux IPTables Save Option Medium CyberNotes 2001- Unrestorable Rules 23 RedHat 977 Unix Linux 7.1k i386 Linux Korean Installation Medium CyberNotes 2001- Insecure Default UMask 23 RedHat 978 Unix NSA Security-Enhanced Linux Security-Enhanced Linux Buffer Medium CyberNotes 2001- slinux-200012181053 Overflow 01 RedHat 979 Unix RedHat 6.2 ‘mkpasswd’ command Medium CyberNotes 2001- Cryptographic Generation 09 RedHat 980 Unix RPM 4.0.2-7x RPM Corrupt Query High CyberNotes 2001- 22 RedHat 981 Unix TUX 2.1.0-2 TUX HTTP Server Oversized Low CyberNotes 2001- Host Denial of Service 23 RedHat 982 Unix Stronghold 2.3, 2.4, 3.0 Stronghold Secure Web Server Medium CyberNotes 2001- Information Disclosure 24 RediProducts983 Windows RediPlus 1.0 Redi Locally Readable High CyberNotes 2001- 95/98/ME /NT Username/Password 06 4.0/2000 Respondus984 Windows Respondus for WebCT 1.1.2 Respondus for WebCT Weak Medium CyberNotes 2001- 95/98/NT Password Encryption 18 4.0/2000 Riada 985 Windows NT RiadaLock 1.02 RiadaLock Java Password Medium CyberNotes 2001- Insecurity 02 Richard Everitt986 Unix Pileup 1.1 Pileup Buffer Overflow High CyberNotes 2001- 15 Rick Fournier987 Multiple Network Tools 0.2 Network Tool PHPNuke Addon High CyberNotes 2001- Metacharacter Filtering 23 Command Execution RimArts988 Windows Becky! Internet Mail 1.26.3- Becky! Internet Mail Buffer High CyberNotes 2001- 95/98/NT 4.0 1.26.5, 2.0.3, 2.0.5 Overflow 10 Rit Research Windows The Bat! 1.011-1.5.1 The Bat! Denial of Service Low CyberNotes 2001- Labs989 95/98/NT 4.0 09 Rit Research Windows The Bat! 1.51 "The Bat!" Concealed Medium CyberNotes 2001- Labs990 95/98/NT 4.0 Attachment 07 Rob Malda 991 Unix ASCDC 0.3 ASCDC Buffer Overflow High CyberNotes 2001- 06 Robert Munafo992 Windows, Gnut 0.4.20- 0.4.27 Gnut Gnutella Client Arbitrary High CyberNotes 2001- Unix Script Code Execution 18 Robin Twombly 993 Windows A1 Web Server 1.0 A1 HTTP Server Directory Low/ CyberNotes 2001- 95/98/NT Traversal and Denial of Service Medium 05 4.0/2000 RobTex994 Windows Viking Server 1.0.4-1.0.7 Viking Server Relative Path Medium CyberNotes 2001- 95/98/NT Webroot Escaping 09 3.5.1/4.0/ 2000

NIPC CyberNotes #2001-26 Page 48 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name RobTex995 Windows Viking Server 1.0.5- 1.0.7-369 Viking Server Hex Encoded Medium CyberNotes 2001- 95/98/NT Directory Traversal 08 3.5.1/4.0/2 000 Roxen996 Windows, Webserver 2.0, 2.1 Roxen Remote File Access High CyberNotes 2001- Unix 16 RSA Security997 Multiple Keon Certificate Authority 5.7 Keon Certificate Authority Low CyberNotes 2001- LDAP Denial of Service 17

RSA Security998 Windows NT SecurID 5.0 SecurID WebID Debug Mode Medium CyberNotes 2001- 4.0/2000 Information Disclosure and 22 Unicode Directory Traversal Sage Software999 Windows NT MAS 200 MAS 200 Denial of Service Low CyberNotes 2001- 4.0/2000 17 Sambar Unix HP CIFS/ 9000 Server A.01.05, Samba Remote Arbitrary File High CyberNotes 2001- Development A.01.06; Creation 21 Team1000 Samba 2.0.5-2.2.0 Sambar Windows NT Server 4.4 production, 5.0 beta1, Sambar Server Pagecount File High CyberNotes 2001- Technologies1001 beta2, beta3, beta4 Overwrite 15 Sambar Windows, Server 4.1 production through 4.4, Sambar Server Insecure Default Medium CyberNotes 2001- Technologies1002 Unix Server 5.0 beta1-beta5 Password Protection 15 Samsung1003 Windows NT ml85p Printer Driver 1.0 ML85p Printer Utility Symlink Medium CyberNotes 2001- 4.0/2000, 15 Unix SAP 1004 Unix Saposcol for Linux 1.0-1.3 SAP Web Application Server for High CyberNotes 2001- Linux Arbitrary Command 09 Execution Sapio Design Windows WebReflex 1.55 WebReflex GET Denial of Service High CyberNotes 2001- Ltd. 1005 95/98/SE 05 SCO1006 Unix Open Server 5.0, 5.0.1-5.0.6, vi Insecure Temporary File Medium CyberNotes 2001- UnixWare 5.x Creation 11 SCO1007 Unix OpenServer 5.0-5.0.6 Multiple SCO Buffer Medium CyberNotes 2001- Patch now Overflow Vulnerabilities 07 available1008 CyberNotes 2001- 08 SCO1009 Unix UnixWare 7.0 Multiple UnixWare Buffer Medium CyberNotes 2001- Overflow Vulnerabilities 13 SCO1010 Unix UnixWare 7.0- 7.1.1 UnixWare Libtermcap Buffer Medium CyberNotes 2001- Overflow 12 SCO1011 Unix UnixWare 7.1 UnixWare LPsystem Buffer High CyberNotes 2001- Overflow 21 Scott R. Multiple Proxomitron Naoko-4 beta1-beta4 Proxomitron Cross-Site Scripting High CyberNotes 2001- Lemmon1012 15 Screaming Media, Multiple SiteWare 2.5, 2.501, 3.0, 3.01, SiteWare Source Code and Medium CyberNotes 2001- Incorporated1013 3.02, 3.1 Directory Traversal 12 SeaGlass Unix sglMerchant 1.0 sglMerchant Directory Traversal Medium CyberNotes 2001- Technologies, 19 Incorporated1014 Sébastien Aperghis- Unix Html2Wml 0.4-0.4.8b1 HTML2WML Scheme File Medium CyberNotes 2001- Tramoni1015 Arbitrary Access 25 Sendfile1016 Unix Sendfile 1.4-1.6, 2.1 Sendfile Local Privileged High CyberNotes 2001- Arbitrary Command Execution 09 Sendfile1017 Unix Sendfile 1.4-1.6, 2.1 Sendfile Forced Privilege High CyberNotes 2001- Lowering Failure 09 Sendmail Multiple Sendmail 8.10- 8.12Beta 7 Sendmail Unsafe Signal Handling High CyberNotes 2001- Consortium 1018 Race Condition 11

NIPC CyberNotes #2001-26 Page 49 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name Sendmail Unix Sendmail 8.11-8.11.5, 8.12beta10, Sendmail Debugger Arbitrary Code High CyberNotes 2001- Consortium 1019 8.12beta12, 8.12beta16, Execution 17 8.12beta5, 8.12beta7 Sendmail Unix Sendmail 8.9.3-8.11.5, 8.12beta5, Sendmail Multiple Vulnerabilities Low/ CyberNotes 2001- Consortium 1020 8.12beta7, 8.12beta10, CVE Names: CAN-2001-0713, Medium 20 8.12beta12, 8.12beta16, 8.12 CAN-2001-0714, CAN-2001- 0715 Sentraweb1021 Multiple IndexU 1.0, 1.1, 2.0 INDEXU Authentication Bypass High CyberNotes 2001- 06 shaun@ shat.net 1022 Unix Network Query Tool 1.0, Network Network Query Tool Remote High CyberNotes 2001- Query Tool adapted for PHPNuke Command Execution 22 1.0 Silicon Graphics, Unix IRIX 6.5-6.5.9, 6.5.10m&f, IRIX IGMP Multicast Packet Low CyberNotes 2001- Incorporated1023 6.5.11m&f, 6.5.12m&f Denial of Service 22 Silicon Graphics, Unix Performance Co-Pilot 2.1.1- 2.2 Performance Co-Pilot pmpost High CyberNotes 2001- Incorporated1024 Symbolic Link 13 Silicon Graphics Unix IRIX 5.3, 6.0- 6.5.9 IRIX 'netprint' Arbitrary Shared High CyberNotes 2001- Incorporated1025 Library Usage 09 Silicon Graphics, Unix IRIX 6.5.5-6.5.8 IRIX rpc.espd Buffer Overflow High CyberNotes 2001- Incorporated1026 CVE Name: CAN-2001-0331 10 Silver Windows NT 4.0, WebSPIRS 3.3.1 WebSPIRS File Disclosure Medium CyberNotes 2001- Platter1027 Unix 04 Sixhead1028 Unix SIX-webboard 2.1 SIX-webboard 2.01 File Retrieval Medium CyberNotes 2001- 17 Slashcode 1029 Multiple Slashcode 2.0 Slashcode Guessable SessionID Medium CyberNotes 2001- 23 Sleepycat Unix Sleepycat Software db 2.7.7 LibDB SNPrintF Buffer Overflow High CyberNotes 2001- Software1030 23 SLRN Unix slrn 0.9.6.2 SLRN Arbitrary Shell Script High CyberNotes 2001- Development Execution 20 Team1031 Snapstream1032 Windows Personal Video Station 1.2a Snapstream PVS Plaintext Medium CyberNotes 2001- Password and Directory Traversal 15 Snes9x. com1033 Unix Snes9x.com 1.3.4, 1.3.7 Snes9x Local Buffer Overflow High CyberNotes 2001- 21 Soft Lite1034 Windows ServerWorx 3.0 ServerWorx Directory Traversal Medium CyberNotes 2001- 95/98/NT 4.0 04 Software 6021035 Windows 602Pro LAN SUITE 2000a Lan Suite DOS Device Buffer Low CyberNotes 2001- 95/98/NT 2000.0.1.34 Overflow and Denial of Service 07 4.0/2000 Sonic WALL1036 Multiple SOHO 4.0.0, 5.0.0, 5.1.5.0 SOHO Firewall Predictable TCP Medium CyberNotes 2001- Initial Sequence Number 15 Source Force1037 Multiple Vibechild Directory Manager 0.9 Vibechild Directory Manager High CyberNotes 2001- Command Execution 19 Source Forge 1038 Unix kosch suid wrapper 1.1.1 Suid Wrapper Buffer Overflow High CyberNotes 2001- 12 Spearhead Multiple NetGAP 200, 300 NetGAP Escaped and Encoded Medium CyberNotes 2001- Security1039 URL Filtering Bypass 11 Speech101040 Unix SpeechD 0.1, 0.2 SpeechD Privileged Command High CyberNotes 2001- Execution 19 Spencer Unix Perl Web Server 0.0.1-0.0.4, Perl Web Server Path Directory Medium CyberNotes 2001- Christensen1041 0.1-0.3 Traversal 09 Spytech Windows Spy Anywhere 1.50 SpyAnywhere Unauthorized High CyberNotes 2001- Software1042 95/98/ME /NT Administrator Access 11 4.0/2000

NIPC CyberNotes #2001-26 Page 50 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name Spytech Windows Spynet Chat 6.5 SpyNet Chat Server Multiple Low CyberNotes 2001- Software1043 95/98/ME NT Connection Denial of Service 10 4.0/2000 Squirrel Mail1044 Unix SquirrelMail 1.0.4, 1.0.5 SquirrelMail Remote Command High CyberNotes 2001- Execution 14 SSH Unix SSH 1.2.27-1.2.30 SSH Secure-RPC Weak Encrypted Medium CyberNotes 2001- Communications Authentication 02 Security Corporation1045 SSH Unix SSH 1.2.30 SSH1 Daemon Logging Failure High CyberNotes 2001- Communications 03 Security Corporation1046 SSH Unix SSH 1.2.31 & previous SSH1 Session Key Retrieval Medium CyberNotes 2001- Communications 04 Security Corporation1047 SSH Unix SSH2 3.0 SSH Short Password Login High CyberNotes 2001- Communications 15 Security Corporation1048 SSH Windows SSH Secure Shell for Windows SSH Secure Shell Denial of Service Low CyberNotes 2001- Communications Servers 2.4 06 Security Corporation1049 Starfish Windows TrueSync Desktop 2.0 TrueSync Desktop Failure to Medium CyberNotes 2001- Software1050 Protect Data and Desktop 18 Password Disclosure Stephen Turner1051 Unix Analog 4.90beta2 & previous, 4.15 Analog ALIAS Buffer Overflow High CyberNotes 2001- & previous 04 Steve Grimm1052 Unix Un-CGI 1.0-1.9 Script Access Validation and Medium CyberNotes 2001- Directory Traversal 15 StorageSoft 1053 Windows ImageCast IC3 4.1 ImageCast Denial of Service Low CyberNotes 2001- 95/98/NT 01 4.0/2000, Unix Sun MicroSystems, Unix Java 2 Runtime Environment 1.3, Java Plug-In 1.4/JRE 1.3 Expired Medium CyberNotes 2001- Incorporated1054 Java Plug-In 1.4 Certificate 18 Sun MicroSystems, Unix Net Dynamics 4.0, 4.1, 4.1.2, NetDynamics Session ID Medium CyberNotes 2001- Incorporated1055 4.1.3, Hijacking 24 5.0 Sun MicroSystems, Unix Solaris 2.0-2.3, 2.4-2.6 & Solaris lpd Remote Command High CyberNotes 2001- Incorporated1056 2.4_x86- Execution 18 2.6_x86, 7.0-8.0, 7.0_x86- 8.0_x86 Sun MicroSystems, Unix Solaris 2.3, 2.4, 2.5, 2.5.1, 2.6, Solaris Xsun HOME Buffer High CyberNotes 2001- Incorporated1057 7.0, 8.0 Overflow 08 Sun MicroSystems, Unix Solaris 2.4, 2.5, 2.5.1, 2.6 Solaris Exrecover Buffer High CyberNotes 2001- Incorporated1058 Overflow 01 Sun MicroSystems, Unix Solaris 2.4, 2.5, 22.5.1, 2.6, 7.0, Solaris cu Buffer Overflow High CyberNotes 2001- Incorporated1059 8.0 02 Sun MicroSystems, Unix Solaris 2.4-2.6, 2.4-2.6 x86, 7.0, Solaris Arp Buffer Overflow High CyberNotes 2001- Incorporated1060 7.0_x86 02 Sun MicroSystems, Unix Solaris 2.5, 2.5.1, 2.5.1_x86, 2.6, Solaris tip Buffer Overflow High CyberNotes 2001- Incorporated1061 2.6_x86, 7.0, 7.0_x86, 8.0, 07 8.0_x86

NIPC CyberNotes #2001-26 Page 51 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name Sun MicroSystems, Unix Solaris 2.5.1, 2.5.1_x86, 2.6, Solaris ‘whodo’ Buffer Overflow High CyberNotes 2001- Incorporated1062 2.6_x86, 7.0, 7.0_x86, 8.0, 14 8.0_x86 Sun MicroSystems, Unix Solaris 2.5.1, 2.5.1_x86, 2.6, Solaris Mailx -F Buffer Overflow Medium CyberNotes 2001- Incorporated1063 2.6_x86, 7.0, 7.0_x86, 8.0, 09 8.0_x86 Sun MicroSystems, Unix Solaris 2.5-8.0, 2.5_x86- 8.0_x86, Solaris in.fingerd Information Medium CyberNotes 2001- Incorporated1064 SunOS 5.5-5.8, SunOS 5.5_x86- Disclosure 22 SunOS 5.8_x86 Sun MicroSystems, Unix Solaris 2.6 Solaris FTP Core Dump Shadow Medium CyberNotes 2001- Incorporated1065 Password Recovery 08 Sun MicroSystems, Unix Solaris 2.6, 2.6_x86, 7.0, 7.0_x86 Solaris IN.FTPD CWD Username Medium CyberNotes 2001- Incorporated1066 Enumeration 08 Sun MicroSystems, Unix Solaris 2.6, 2.6_x86, 7.0, 7.0_x86, Solaris snmpXdmid Buffer High CyberNotes 2001- Incorporated1067 8.0, 8.0_x86 Overflow 06 CVE Name: CAN-2001-0236 Sun MicroSystems, Unix Solaris 2.6, 2.6_x86, 7.0, 7.0_x86, Solaris kcms_ configure KCMS_ High CyberNotes 2001- Incorporated1068 8.0, 8.0_x86 PROFILES Buffer Overflow 08 Sun MicroSystems, Unix Solaris 2.6, 2.6_x86, 7.0, 7.0_x86, Solaris CDE dtsession Buffer High CyberNotes 2001- Incorporated1069 8.0, 8.0_x86 Overflow 08 Sun MicroSystems, Unix Solaris 2.6, 2.6_x86, 7.0, 7.0_x86, OpenView xlock Heap Overflow High CyberNotes 2001- Incorporated1070 8.0, 8.0_x86 CVE Name: CAN-2001-0652 17 Sun MicroSystems, Unix Solaris 2.6, 2.6_x86, 7.0, 7.0_x86, Solaris rpc.yppasswdd Buffer High CyberNotes 2001- Incorporated1071 8.0, 8.0_x86 Overflow 20 Sun MicroSystems, Unix Solaris 2.6, 2.6_x86, 7.0, 7.0_x86, Solaris Print Protocol Daemon High CyberNotes 2001- Incorporated1072 8.0, 8.0_x86 Remote Buffer Overflow 13 CVE Name: CAN-2001-0353 Sun MicroSystems, Unix Solaris 2.6, 7.0, 8.0 Solaris Mailx Lockfile Low CyberNotes 2001- Incorporated1073 Denial of Service 01 Sun MicroSystems, Unix Solaris 2.X Solaris Perfmon Root Privilege High CyberNotes 2001- Incorporated1074 07 Sun MicroSystems, Unix Solaris 7 Solaris /usr/bin/write Buffer High CyberNotes 2001- Incorporated1075 Overflow 02 Sun MicroSystems, Unix Solaris 7.0, 7.0_x86, 8.0, 8.0_x86 Solaris ximp40 Library Buffer High CyberNotes 2001- Incorporated1076 Overflow 03 Sun MicroSystems, Unix Solaris 7.0, 7.0_x86, 8.0, 8.0_x86 Solaris kcms_ configure High CyberNotes 2001- Incorporated1077 Command-Line Buffer Overflow 08 Sun MicroSystems, Unix Solaris 8.0 Solaris mailtool Buffer Overflow High CyberNotes 2001- Incorporated1078 11 Sun MicroSystems, Unix Solaris 8.0 Solaris ‘cb_reset’ Buffer Overflow High CyberNotes 2001- Incorporated1079 13 Sun MicroSystems, Unix Solaris 8.0 Solaris SSP SNMPD Argument High CyberNotes 2001- Incorporated1080 Buffer Overflow 06 Sun MicroSystems, Unix Solaris 8.0, 8.0_x86 Solaris libsldap Buffer Overflow High CyberNotes 2001- Incorporated1081 13 Sun MicroSystems, Unix Solaris 8.0_x86 Solaris Mail HOME Buffer High CyberNotes 2001- Incorporated1082 Overflow 12 Sun MicroSystems, Unix Solaris 8.0_x86, 8.0 Solaris PT_CHMOD Arbitrary Medium CyberNotes 2001- Incorporated1083 Terminal Writing 23 Sun MicroSystems, Unix Sun Solaris 2.5.1, 2.5.1_x86, 2.6, Solaris Catman Race Condition Medium CyberNotes 2001- Incorporated1084 2.6_x86, 7.0, 7.0_x86, 8.0, 01 8.0_x86 Sun MicroSystems, Unix Sun Solaris 2.6, 2.6_x86, DTMail Environment Variable High CyberNotes 2001- Incorporated1085 7.0,7.0_x86 Buffer Overflow 15 CVE Name: CAN-2001-0548 Sun MicroSystems, Unix Sun Solaris 7.0_x86 Solaris IPCS Timezone Buffer High CyberNotes 2001- Incorporated1086 Overflow 08

NIPC CyberNotes #2001-26 Page 52 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name Sun MicroSystems, Unix SunVTS 4.0-4.3 Solaris ‘ptexec’ Buffer Overflow High CyberNotes 2001- Incorporated1087 13 Sun MicroSystems, Unix Solaris 2.5.1, 2.6, 7.0, 8.0 Solaris Patchadd Race Condition High CyberNotes 2001- Incorporated 1088 01

Sun MicroSystems, Windows 2000 JavaServer Web Development Kit JavaServer Web Development Kit Medium CyberNotes 2001- Incorporated 1089 (JSWDK) 1.0.1 Directory Traversal 07 Sun MicroSystems, Windows, SDK & JRE 1.2.2_005 or earlier, Sun Java Runtime Environment High CyberNotes 2001- Incorporated1090 Unix 1.2.1_003 or earlier; Unauthorized Command 04 JDK & JRE 1.1.8_003 or earlier, Execution 1.1.7B_005 or earlier, 1.1.6_007 or earlier; Solaris Production Releases SDK & JRE 1.2.2_05a or earlier, 1.2.1; JDK & JRE 1.1.8_10 or earlier, 1.1.7B, 1.1.6; Linux Production Release SDK & JRE 1.2.2_005 or earlier Sun-Netscape Windows NT 4.0, iPlanet Web Server Enterprise iPlanet Web Publisher Remote High CyberNotes 2001- Alliance1091 Unix Edition 4.1 sp3-sp7 Buffer Overflow 10 SurfControl1092 Windows NT 4.0 SuperScout 2.6.1.6, 3.0.1, 3.0.2; SurfControl Filter Bypass Medium CyberNotes 2001- CyberPatrol 5.0 13 SurfControl1093 Windows NT 4.0 SuperScout 3.0.1, 3.0.2 SuperScout for MS Proxy Site Medium CyberNotes 2001- Filtering 07 Surf-Net 1094 Multiple ASP Forum 2.20 ASP Forum Predictable Cookie ID Medium CyberNotes 2001- 17 SuSE 1095 Unix Linux 6.1-6.4,7.0 SuSE Rctab Race Condition High CyberNotes 2001- 02 SuSE 1096 Unix Linux 6.4, 6.4ppc & alpha, 7.0, Berkeley Parallel Make Buffer High CyberNotes 2001- 7.0ppc & alpha, 7.1x86, ppc & Overflow and Format String 24 alpha, 7.2 SuSE 1097 Unix Linux 7.0 Linux ReiserFS Kernel Oops and High CyberNotes 2001- Code Execution 01 SuSE 1098 Unix Linux 7.0, alpha, ppc, sparc KFM Insecure TMP File Creation Medium CyberNotes 2001- 08 SuSE 1099 Unix Linux 7.2, 7.3 Linux SuSEHelp CGI Insecure High CyberNotes 2001- Temporary File 24 SuSE 1100 Unix Matt Welsh Sgmltool 1.0.9 Matt Welsh sgmltool Symlink Medium CyberNotes 2001- 10 SuSE 1101 Unix NEdit 5.5.1 NEdit Temporary File Creation Medium/ CyberNotes 2001- High 08 SWSoft 1102 Windows NT ASPSeek 1.0, 1.0.1, 1.0.3 ASPSeek s.cgi Buffer Overflow High CyberNotes 2001- 4.0/2000, Vulnerabilities 06 Unix Sybase & Symantec Windows 98/NT Adaptive Server Anywhere Sybase Adaptive Server Anywhere Low/High CyberNotes 2001- Corporation 1103 4.0/2000 Database Engine 6.0.3.2747; Database Engine Buffer Overflow 08 Symantec Ghost 6.5 And Symantec Ghost Configuration Server Denial of Service Symantec Multiple LiveUpdate 1.4, 1.5 LiveUpdate Host Verification Medium CyberNotes 2001- Corporation1104 21 Symantec Windows NT 4.0 NetProwler 3.5, 3.5.1 NetProwler Password Facilities Medium CyberNotes 2001- Corporation1105 Weak Design 10 Symantec Windows pcAnywhere 9.2, 10.0 pcAnywhere Remote Low CyberNotes 2001- Corporation 1106 Denial of Service 17

NIPC CyberNotes #2001-26 Page 53 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name Symantec Windows 20000 Norton AntiVirus for MS Exchange Norton AntiVirus for Microsoft Medium CyberNotes 2001- Corporation 1107 2.5 Exchange 2000 Information 19 Disclosure Symantec Windows Norton AntiVirus 2000.0 Norton Anti-Virus 2000 High CyberNotes 2001- Corporation 1108 95/98/NT POProxy.exe Buffer Overflow 11 4.0/2000 Symantec Windows 98 SE pcAnywhere 9.0 PcAnywhere Denial of Service Low/ CyberNotes 2001- Corporation 1109 High 04 Symantec Windows NT 4.0, Raptor Firewall 4.0.0 HP-UX; Raptor Firewall Zero Length UDP Low/High CyberNotes 2001- Corporation 1110 Unix 5.0.3 Windows NT, 6.0.2 Windows Packet Resource Consumption 23 NT, 6.0.2 Windows NT, 6.5 (High if Windows NT; DDoS Veloci Raptor 1.0, 1.1 best practices not in place) T. Hauck1111 Windows Jana Webserver 1.45, 1.46, Jana Server MS-DOS Device Low CyberNotes 2001- 95/98/ME 2.0Beta1 Name Denial of Service and Hex 10 /NT/4.0/ 2000 Encoded Directory Traversal T.C.X Data Unix MySQL 3.20.32a, 3.23.34 MySQL Root Operation Symbolic High CyberNotes 2001- Konsult 1112 Link File Overwriting 07 Tarantella1113 Unix Enterprise 3 3.1 Tarantella TTAWebTop.CGI Medium CyberNotes 2001- Arbitrary File Viewing 13 TDavid1114 Unix TD Forum 1.2 TD Forum Cross-Site Scripting High CyberNotes 2001- 17 Team JohnLong1115 Windows ME/98 RaidenFTPD 2.1 build 947-951 RaidenFTPD Directory Traversal Medium CyberNotes 2001- /NT 4.0/2000 09 Technote Inc.1116 Windows NT Technote 2000, 2001, Pro Technote 'board' Function File High CyberNotes 2001- 4.0/2000 Disclosure 01 Technote Inc.1117 Windows NT Technote Pro, 2000, 2001 Technote 'filename' Variable File High CyberNotes 2001- 4.0/2000 Disclosure 01 Tektronix 1118 Multiple Phaser Network Printer 740, 750, Phaser Network Printer Medium CyberNotes 2001- 750DP, 850, 930 Administration Interface 09 Texas Imperial Windows WFTPD 3.0, 3.00R3-3.00R5, WFTPD Path/File Mapping High CyberNotes 2001- Software1119 95/98/NT 3.00R4-3.00R5 Pro Buffer Overflow And Directory 11 4.0/2000 Traversal Texas Imperial Windows NT 4.0 WFTPD 3.00R4 Pro, WFTPD WFTPD 'RETR' and 'CWD' High CyberNotes 2001- Software1120 3.00R4 Buffer Overflow 09 Textor Webmasters Multiple ListRec.pl 1.0 ListRec.pl Input Validation High CyberNotes 2001- Ltd. 1121 19 The Net 1122 Windows CheckBo 1.56 CheckBo Denial of Service Low CyberNotes 2001- 95/98/NT 4.0 09 Thibault Unix FCron 1.0, 1.0.1-1.0.3, 1.1.0 Fcron Symbolic Link Medium CyberNotes 2001- Godouet 1123 12 Thinking Arts1124 Unix ES.One 1.0 ES.One Directory Traversal Medium CyberNotes 2001- 04 Ti Kan1125 Unix Xmcd 2.6.0, 3.0.0, 3.0.1 XMCD Temp Directory Symbolic Low/ CyberNotes 2001- Link Medium 16 Timecop1126 Unix BubbleMon up to 1.32 (FreeBSD) BubbleMon Privilege Elevation High CyberNotes 2001- 08

NIPC CyberNotes #2001-26 Page 54 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name Tiny Software1127 Windows WinRoute 4.1 WinRoute Pro Memory Medium/ CyberNotes 2001- 95/98/ME NT Protection Disabling High 01 4.0/2000 (High if DDoS best practices not in place) Tiny Software 1128 Windows WinRoute 4.1 Tiny WinRoute Pro Medium/ CyberNotes 2001- 95/98/ME /NT Authentication High 01 4.0/2000 (High if DDoS best practices not in place) Tinyproxy1129 Unix Tinyproxy 1.3.2, 1.3.3 Tinyproxy Heap Overflow High CyberNotes 2001- 02 TransSoft 1130 Windows Broker FTP Server 3.0 Build 1, Broker .lnk Directory Traversal Medium CyberNotes 2001- 95/98/ME NT 3.0x, 4.0, 4.7.5.0, 5.0, 5.1, 5.7, 14 4.0/2000 5.7.5, 5.9.5.0 TransSoft 1131 Windows Broker FTP Server 4.0, 4.7.5.0, Broker FTP Server Directory Low/ CyberNotes 2001- 95/98/ME NT 5.0, 5.1, 5.7, 5.9.5 Traversal and CWD Buffer Medium 12 4.0/2000 Overflow Vulnerabilities Trend Micro Windows 2000 Virus Buster 2001 (Japanese) 8.02 Virus Buster 2001Buffer Overflow High CyberNotes 2001- Incorporated1132 07 Trend Micro Windows NT ScanMail 3.5 for Exchange ScanMail Weak Encoding Scheme High CyberNotes 2001- Incorporated1133 07 Trend Micro Unix Interscan Viruswall (Linux) 3.0.1 Interscan Viruswall Multiple High CyberNotes 2001- Incorporated 1134 Program Buffer Overflow 08 Trend Micro Unix Interscan Viruswall for Unix 3.0.1, Interscan Viruswall Multiple High CyberNotes 2001- Incorporated 1135 3.6x Vulnerabilities 02 Trend Micro Windows NT ScanMail for Exchange version 3.5 ScanMail Insecure Password High CyberNotes 2001- Incorporated 1136 Storage 09 Trend Micro Windows NT Interscan Viruswall for Windows Interscan Viruswall Remote Medium CyberNotes 2001- Incorporated 1137 3.5/3.51/ 4.0 NT 3.4, 3.5, 3.51 Reconfiguration 11 Trend Micro Windows NT Interscan Viruswall 3.51 Interscan Viruswall HttpSave.dll High CyberNotes 2001- Incorporated 1138 4.0/2000 Buffer Overflow 14 Trend Micro Windows NT Interscan Viruswall 3.51 Interscan Viruswall 3.51 High CyberNotes 2001- Incorporated 1139 4.0/2000 HttpSaveC*P. dll Buffer Overflow 14 Trend Micro Windows NT Interscan Web Manager 1.2 Interscan WebManager High CyberNotes 2001- Incorporated 1140 4.0/2000 HttpSave.dll Buffer Overflow 14 Trend Micro Windows NT Interscan Applet Trap 2.0 Multiple Interscan Applet Trap Medium CyberNotes 2001- Incorporated 1141 4.0/2000, Bypass Vulnerabilities 14 Unix Trend Micro, Windows Interscan Viruswall for Windows Interscan Viruswall Sircam Virus Medium CyberNotes 2001- Incorporated1142 3.5/3.5.1/ NT 4.0 NT 3.51 16 Trend Micro, Windows Trend Micro 3.53, Virus Buster Trend Micro OfficeScan Virtual Medium CyberNotes 2001- Incorporated1143 95/98/ME /NT Corporate Edition 3.53 Directory Disclosure 21 4.0/2000 Trend Micro, Windows NT Interscan Viruswall for Windows Interscan Viruswall Configurations High CyberNotes 2001- Incorporated1144 3.5/3.5.1/ 4.0 NT 3.51 Modification 12 Trend Micro, Windows NT Interscan Viruswall for Windows Interscan Viruswall Remote Buffer High CyberNotes 2001- Incorporated1145 3.5/3.5.1/ 4.0 NT 3.51 Overflow 12 Trend Micro, Windows NT Interscan Web Manager 1.2 Interscan WebManager RegGo.dll High CyberNotes 2001- Incorporated1146 4.0/2000 Buffer Overflow 13

NIPC CyberNotes #2001-26 Page 55 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name Trend Micro, Windows NT Virus Buster Corporate Edition Virus Buster Arbitrary File Medium CyberNotes 2001- Incorporated1147 4.0/2000 3.52-3.54, OfficeScan Corporate Disclosure 17 Edition for Windows Trend Micro, Windows NT Virus Control System 1.8 Virus Control System Admin High CyberNotes 2001- Incorporated1148 4.0/2000 Script Authentication Bypass 12 Trend Micro, Windows NT Interscan eManager 3.51, 3.51j; Interscan eManager Buffer High CyberNotes 2001- Incorporated 1149 3.5/4.0 Interscan Viruswall for Windows Overflow 19 NT 3.5, 3.51 Tripwire1150 Unix Tripwire 1.3.1, 2.2.1, 2.3.0 Tripwire Insecure Temporary File Medium CyberNotes 2001- Symbolic Link 14 TrollTech1151 Unix TrollFTPD version 1.26 & TrollFTPD Buffer Overflow High CyberNotes 2001- previous 17 TWIG1152 Multiple TWIG 2.0- 2.6.1 TWIG Webmail SQL Query Medium CyberNotes 2001- Modification 11 TWIG1153 Multiple TWIG 2.6-2.7.4 TWIG Plaintext Password in Medium CyberNotes 2001- Cookies Under Default 24 Installation TYPSoft 1154 Windows TYPSoft FTP Server 0.85 TYPSoft FTP Server Directory Medium CyberNotes 2001- 95/98/ME /NT Traversal 06 4.0/2000 TYPSoft 1155 Windows TYPSoft FTP Server 0.95 TYPSoft FTP 'RETR' and 'STOR' Low CyberNotes 2001- 95/98/ME /NT Denial of Service 21 4.0/2000 Ultra Scripts1156 Multiple UltraBoard 2.11 Ultraboard Incorrect Directory Medium CyberNotes 2001- Permissions 02 Umut Unix Postaci 1.1.2, 1.1.3 Postaci Arbitrary SQL Command High CyberNotes 2001- Gokbayrak1157 Injection 02 University of Unix Exim 3.11-3.22 Exim Format String High CyberNotes 2001- Cambridge 1158 12 University of Unix imapd 2000a, 2000b, 2000c Imapd ‘Local’ Buffer Overflow Medium CyberNotes 2001- Washington1159 12 Upland Ltd1160 Multiple Upland Solutions 1st Up Mail 1st Up Mail Server Low CyberNotes 2001- Server 4.1 Denial of Service 01 Valerie Mates1161 Unix Interactive Story 1.3 Interactive Story Directory Medium CyberNotes 2001- Traversal 15 Valicert Windows NT Validation Authority 4.2.1 & Multiple ValiCert Security Medium/ CyberNotes 2001- Enterprise1162 4.0/2000, previous Vulnerabilities High 25 Unix Valve Software1163 Windows Half-Life 1.1.0.4 Linux; Half-Life Buffer Overflow and High CyberNotes 2001- 95/98/ME /NT 1.1.0.4 Windows String Formatting 06 4.0/2000, Unix Valve Software1164 Windows Half-Life 1.1.0.8 Half-Life Client Side Connect High CyberNotes 2001- 95/98/NT 4.0 Buffer Overflow 20 Van Dyke Windows NT VShell 1.0, 1.0.1 VShell Buffer Overflow High CyberNotes 2001- Technologies1165 4.0/2000 and Default Port Forwarding 04 CVE Names: CAN-2001-0155, CAN-2001-0156 Veritas Software1166 Unix Cluster Server 1.3solaris Cluster Server -L Denial of Low CyberNotes 2001- Service 06 Veritas Software1167 Windows Backup 4.5 Backup Denial of Service Low CyberNotes 2001- 95/98/NT 4.0/2000, 02 Unix VIM Development Unix VIM 5.7 VIM statusline Text-Embedded High CyberNotes 2001- Group 1168, 1169 Command Execution 07 VMWare, Unix VMWare 2.0 VMWare TMP Directory License Medium CyberNotes 2001- Incorporated1170 Information 16

NIPC CyberNotes #2001-26 Page 56 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name Voyant OS/2, Sonata 3.0 Sonata Local Arbitrary Command High CyberNotes 2001- Technologies1171 Unix Execution 01

VWeb Server1172 Windows vWebServer 1.2 vWebServer Multiple Low/ CyberNotes 2001- 95/98/NT Vulnerabilities Medium 14 4.0/2000 W3M1173 Unix W3M 0.1.10, 0.1.3, 0.1.4, W3M Malformed MIME Header High CyberNotes 2001- 0.1.6-0.1.9, 0.2, 0.2.1 Buffer Overflow 13 Washington Unix wu-ftpd 2.4.1 -2.6 Wu-Ftpd Debug Mode Client High CyberNotes 2001- University1174 Hostname Format String 03 Watch Guard Multiple Firebox 4500 4.5, 4.6; Firebox SMTP Proxy Medium/ CyberNotes 2001- Technologies1175 Firebox 2500 4.5, 4.6 Attachment Bypassing High 12

(High if DDoS best practices not in place) Watch Guard Multiple FireboxII Firmware 4.0-4.5 FireboxII Password Retrieval Medium/ CyberNotes 2001- Technologies1176 High 02

(High if DDoS best practices not in place) Watch Guard Unix Firebox II 4.5 Firebox ll PPTP Denial of Service Low CyberNotes 2001- Technologies1177 04 Watch Guard Unix FireboxII Firmware 4.1-4.5 Firebox II Malformed Packet Low CyberNotes 2001- Technologies1178 Rate Denial of Service 08 Way to the Web Windows NT 4.0, TalkBack 1.1 TalkBack.cgi Directory Traversal Medium CyberNotes 2001- Limited1179 Unix 08 Web Glimpse. Unix WebGlimpse 1.0, 1.5, 1.7.12, 2.0, WebGlimpse Character Filtering High CyberNotes 2001- org1180 2.2.0 Arbitrary Command Execution 25 WebMaster Windows 98/NT WebMaster Conference Room WebMaster Conference Room Low CyberNotes 2001- Technologies1181 4.0/2000, 1.8.1 Developer Edition Denial of 01 Unix Service Webmin 1182 Unix Webmin all versions prior to 0.85 Webmin Environment Variable High CyberNotes 2001- Information Disclosure 11 Webridge 1183 Multiple PX Application Suite PX Application Suite Internal Medium CyberNotes 2001- Server Error Message 17 WebTrends1184 Windows NT WebTrends Enterprise Reporting WebTrends Reporting Server Medium CyberNotes 2001- Server 3.1c, NT 3.5 Script Source Code Disclosure 12 WhitSoft Windows SlimServe FTPd version 1.0 SilmServe Directory Traversal Medium CyberNotes 2001- Development1185 95/98/SE /NT 05 4.0/2000 WhitSoft Windows SlimServe HTTPd 1.1 SlimServe HTTPD Get Low CyberNotes 2001- Development1186 95/98/SE Denial of Service 05 /NT 4.0/2000 WhitSoft Windows SlimFTPd 2.2 SlimFTPd Directory Traversal Medium CyberNotes 2001- Development1187 95/98/NT 17 4.0/2000 WhitSoft Windows SlimServe HTTPd 1.0 WhitSoft SlimServe HTTPd Low CyberNotes 2001- Development1188 95/98/NT Server Denial of Service 03 4.0/2000 Wietse Venema1189 Multiple Postfix 20010228, 19991231, Postfix SMTP Log Low CyberNotes 2001- 19990906 Denial of Service 23

NIPC CyberNotes #2001-26 Page 57 of 70 12/31//2001 Operating Common Vendor Software Name Risk* CyberNotes Issue System Name Wind River Multiple BSDI BSD/OS 3.0, 3.1 BSDI Possible Local Kernel Low CyberNotes 2001- Systems, Denial of Service 17 Incorporated1190 Winzip Computing, Windows Winzip 8.0 Winzip32 zip and e-mail Buffer High CyberNotes 2001- Incorporated1191 NT/2000 Overflow 05 wliang1192 Unix wmtv 0.6.5 wmtv local root Vulnerability High CyberNotes 2001- 25 Wojtek Multiple 6tunnel 0.06-0.08 6Tunnel Connection Close State Low CyberNotes 2001- Kaniewski1193 Denial of Service 22 Wolfram Multiple Mathematica 4.0, 4.1 Mathematica License Retrieval Low/ CyberNotes 2001- Research1194 and Manager Connected Medium 16 Denial of Service Working Resources Windows BadBlue 1.2.7 BadBlue Denial of Service Low/ CyberNotes 2001- Incorporated1195 95/98/NT And Path Disclosure Medium 04 4.0/2000 World visions Unix WvDial 1.4.1, 1.4.2 WvDial Insecure Default Medium CyberNotes 2001- Computer Permissions 16 Technology 1196 Xcache Windows NT Xcache 2.0, 2.1 Xcache Path Disclosure Medium CyberNotes 2001- Technologies1197 4.0/2000 19 XChat 1198 Unix X-Chat version 1.2.x X-Chat Format String High CyberNotes 2001- 11 Xerox1199 Multiple DocuPrint N40 DocuPrint N40 Laser Printer Low CyberNotes 2001- Code Red Denial of Service 17 XFree861200 Unix XFree86 X11R6 3.3.2 XMan ManPath Environment High CyberNotes 2001- Variable Buffer 15 XFree861201 Unix XFree86 X11R6 4.0, 4.0.1, 4.0.3 XFree86 fbglyph Denial of Low CyberNotes 2001- Service 25 XFree861202 Unix XFree86 X11R6 4.0, 4.0.1, 4.0.3 XTerm Title Bar Buffer Overflow High CyberNotes 2001- 25 Xinetd1203, 1204, Unix Xinetd 2.1.8.8, 2.1.8.8pre3, Xinetd Zero String Length Buffer High CyberNotes 2001- 1205, 1206, 1207, 2.1.8.9pre1-2.1.8.9pre9 Overflow 14 Xircom1208 Multiple Rex 6000 Rex 6000 Password Retrieval Medium CyberNotes 2001- 24 XMail1209 Unix XMail 0.66 & prior XMail CTRLServer Buffer High CyberNotes 2001- Overflow Vulnerabilities 03 XTel1210 Unix XTel 2.2-3.2.1 XTel-User Temporary File Race Medium CyberNotes 2001- Condition 25 Zetetic Palm OS Strip 0.3, 0.4, 0.5 Strip Password Generator Limited Medium CyberNotes 2001- Enterprises1211 Password-Space 08 Zone Labs1212 Windows ZoneAlarm For Windows ZoneAlarm MailSafe Bypass Medium CyberNotes 2001- 95/98/NT 95/98/2000 2.1, ZoneAlarm for 15 4.0/2000 Windows 95/98/2000 2.2-2.6, ZoneAlarm for Window NT 4.0 2.1-2.6 Zope Project 1213 Unix Zope 1.10.3, 2.1.x, 2.2.-2.2.4 Zope Unauthorized Role Access Medium CyberNotes 2001- CVE Name: CVE-2000-0725 01 Zope Project 1214, Unix Zope 2.2.0-2.2.5 Zope DTML Format Method Medium CyberNotes 2001- 1215 Checking 21 ZyXEL1216 Multiple Prestige 1600, 681 Prestige SDSL Router Remote Low CyberNotes 2001- Denial of Service 25 ZyXEL1217 Multiple Prestige 642R Prestige 642R Router WAN Port Medium CyberNotes 2001- Filter Bypass 19 ZyXEL1218 Multiple Prestige 642R-I, 642R, 202, 100 Prestige Router Administration Medium CyberNotes 2001- Interface 17

NIPC CyberNotes #2001-26 Page 58 of 70 12/31//2001 *“Risk” is defined by CyberNotes in the following manner:

High - A high-risk vulnerability is defined as one that will allow an intruder to immediately gain privileged access (e.g., sysadmin or root) to the system or allow an intruder to execute code or alter arbitrary system files. An example of a high-risk vulnerability is one that allows an unauthorized user to send a sequence of instructions to a machine and the machine responds with a command prompt with administrator privileges.

Medium – A medium-risk vulnerability is defined as one that will allow an intruder immediate access to a system with less than privileged access. Such vulnerability will allow the intruder the opportunity to continue the attempt to gain privileged access. An example of medium-risk vulnerability is a server configuration error that allows an intruder to capture the password file.

Low - A low-risk vulnerability is defined as one that will provide information to an intruder that could lead to further compromise attempts or a Denial of Service (DoS) attack. It should be noted that while the DoS attack is deemed low from a threat potential, the frequency of this type of attack is very high. DoS attacks against mission-critical nodes are not included in this rating and any attack of this nature should instead be considered to be a “High” threat.

Viruses

The following table provides the reader with a year-end summary of the top ten high threat viruses, as reported to various anti-virus vendors and virus incident reporting organizations. For the purposes of collecting and collating data, infections involving multiple systems at a single location are considered a single infection. It is therefore possible that a virus has infected hundreds of machines but has only been counted once. To limit the possibility of infection, readers are reminded to update their anti-virus packages as soon as updates become available. The table lists the viruses by ranking (number of sites affected), common virus name, type of virus code (i.e., boot, file, macro, multi- partite, script), trends (based on number of infections reported during the latest three months), and approximate date first found. During the year, a number of anti-virus vendors have included information on Trojan Horses and Worms. NOTE: At times, Trojans may contain names or content that may be considered offensive.

Common Ranking Type of Code Date Name 1 W32/SirCam Worm July 2001 2 W32/Magistr-(A &B) File, Worm March 2001 3 W32/Hybris File, Worm November 2000 4 W32/Nimda File, Worm September 2001 5 W32/BadTrans Worm April 2001 6 W32/Goner Worm December 2001 7 W32/Apology (MTX) File Infector, Trojan September 2000 8 VBS/Homepage Script May 2001 9 VBS/SST (Anna K.) Script, Worm February 2001 10 W32/CodeRed Worm July 2001

Trojans

NIPC CyberNotes #2001-26 Page 59 of 70 12/31//2001 “Trojan Horse programs”, or Trojans, have become increasingly popular as a means of obtaining unauthorized access to computer systems. The increasing number of Trojans in 2001 gains added significance due to recent testing conducted to determine the ability of anti-virus software to detect Trojans. According to the test results, a number of popular anti-virus products failed to detect or had limited detection capabilities against current popular Trojans. Testing also indicates that detection of a baseline Trojan does not necessarily mean the anti-virus software can detect a variant. Readers should contact their anti-virus vendors to obtain specific information on Trojans and their variants that their software detects.

The following table provides the reader with a summary list of Trojans that have received write-ups in during the past year in CyberNotes. A version number is provided where relevant. NOTE: At times, Trojans may contain names or content that may be considered offensive.

Trojan Version CyberNotes Issue # Adshow N/A CyberNotes-2001-17 AOL.PWSteal.86016 N/A CyberNotes-2001-14 Artic 0.6 beta CyberNotes-2001-14 Asylum N/A CyberNotes-2001-18 Backdoor.Acropolis N/A CyberNotes-2001-04 Backdoor.Bionet.318 N/A CyberNotes-2001-13 Backdoor.Bionet.40a N/A CyberNotes-2001-14 Backdoor.Darkirc N/A CyberNotes-2001-15 Backdoor.Darksun N/A CyberNotes-2001-21 Backdoor.Destiny N/A CyberNotes-2001-21 Backdoor.G_Door N/A CyberNotes-2001-18 Backdoor.IRC.Critical N/A CyberNotes-2001-19 Backdoor.IRC.Flood N/A CyberNotes-2001-16 Backdoor.KWM N/A CyberNotes-2001-21 Backdoor.Litmus N/A CyberNotes-2001-21 Backdoor.MiniCommander N/A CyberNotes-2001-16 Backdoor.Netbus.444051 N/A CyberNotes-2001-04 Backdoor.NTHack N/A CyberNotes-2001-06 Backdoor.Oblivion N/A CyberNotes-2001-22 Backdoor.Penrox N/A CyberNotes-2001-17 Backdoor.Quimera N/A CyberNotes-2001-06 Backdoor.Slackbot.B N/A CyberNotes-2001-21 Backdoor.SMBRelay N/A CyberNotes-2001-10 Backdoor.Teste N/A CyberNotes-2001-16 Backdoor.Way N/A CyberNotes-2001-18 Backdoor.WLF N/A CyberNotes-2001-08 Backdoor-JZ N/A CyberNotes-2001-02 Backdoor-QN N/A CyberNotes-2001-13 Backdoor-QO N/A CyberNotes-2001-13 Backdoor-QR N/A CyberNotes-2001-13 Backdoor-QT N/A CyberNotes-2001-14 Backdoor-QV N/A CyberNotes-2001-14 Backdoor-QZ N/A CyberNotes-2001-14 BAT.Black N/A CyberNotes-2001-11 Bat.FAGE.1482 N/A CyberNotes-2001-15 Bat.Hexvirus.1414 N/A CyberNotes-2001-15 BAT.Install.Trojan N/A CyberNotes-2001-04 Bat.PG94.3964 N/A CyberNotes-2001-15 BAT.Trojan.DeltreeY N/A CyberNotes-2001-07

NIPC CyberNotes #2001-26 Page 60 of 70 12/31//2001 Trojan Version CyberNotes Issue # BAT.Trojan.Tally N/A CyberNotes-2001-07 BAT_DELWIN.D N/A CyberNotes-2001-05 BAT_EXITWIN.A N/A CyberNotes-2001-01 BAT_FORMATC.K N/A CyberNotes-2001-13 BioNet 3.13 CyberNotes-2001-07 BSE Trojan N/A CyberNotes-2001-07 CodeRed II II CyberNotes-2001-16 DLer20.PWSTEAL N/A CyberNotes-2001-05 DMsetup.IRC.Worm N/A CyberNotes-2001-13 DonaldD.Trojan.C N/A CyberNotes-2001-19 EIC.Trojan N/A CyberNotes-2001-14 Eurosol N/A CyberNotes-2001-10 Fatal Connections 2.0 CyberNotes-2001-09 Flor N/A CyberNotes-2001-02 Freddy beta 3 CyberNotes-2001-09 Gift 1.6.13 CyberNotes-2001-09 Girlgif.Trojan N/A CyberNotes-2001-24 Goga N/A CyberNotes-2001-12 Gribble N/A CyberNotes-2001-19 HackTack N/A CyberNotes-2001-18 HardLock.618 N/A CyberNotes-2001-04 Hooker N/A CyberNotes-2001-25 IRC/FinalBot N/A CyberNotes-2001-18 J_PWS.REDNECK N/A CyberNotes-2001-22 Jammer Killah 1.2 CyberNotes-2001-10 JAVA_STORM.A N/A CyberNotes-2001-13 JS.Alert.Trojan N/A CyberNotes-2001-19 JS.Seeker.B N/A CyberNotes-2001-18 JS.StartPage N/A CyberNotes-2001-07 JS/NoClose N/A CyberNotes-2001-25 JS_EXCEPTION.C N/A CyberNotes-2001-21 JS_EXCEPTION.GEN N/A CyberNotes-2001-24 JS_OFFENSIVE.A N/A CyberNotes-2001-17 JS_SEEKER.W: N/A CyberNotes-2001-23 JS_ZOPA.A N/A CyberNotes-2001-14 KillMBR.g N/A CyberNotes-2001-16 Lil Witch FTP 1.0 CyberNotes-2001-19 MoSucker N/A CyberNotes-2001-23 Noob 4.0 CyberNotes-2001-09 PERL/WSFT-Exploit N/A CyberNotes-2001-11 Phoenix 2.1.28 CyberNotes-2001-18 PHP/Sysbat N/A CyberNotes-2001-02 Phreak N/A CyberNotes-2001-22 PIF_LYS N/A CyberNotes-2001-02 Ptsnoop N/A CyberNotes-2001-25 PWS.Cain.dr N/A CyberNotes-2001-19 PWS-Sancho N/A CyberNotes-2001-25 PWSteal.Coced240b.Tro N/A CyberNotes-2001-04 PWSteal.Trojan.D N/A CyberNotes-2001-13 QDel172 N/A CyberNotes-2001-17 QDel186 N/A CyberNotes-2001-25 Remote Shell Trojan N/A CyberNotes-2001-19 SadCase.Trojan N/A CyberNotes-2001-09

NIPC CyberNotes #2001-26 Page 61 of 70 12/31//2001 Trojan Version CyberNotes Issue # Scarab 1.2c CyberNotes-2001-10 SennaSpy Generator N/A CyberNotes-2001-13 Septer.Trojan N/A CyberNotes-2001-21 Shake.Trojan N/A CyberNotes-2001-20 StealVXS N/A CyberNotes-2001-17 Troj/Futs N/A CyberNotes-2001-07 Troj/Keylog-C N/A CyberNotes-2001-08 Troj/KillCMOS-E N/A CyberNotes-2001-01 Troj/PsychwardB N/A CyberNotes-2001-14 Troj/PWS-AV N/A CyberNotes-2001-24 Troj/Slack N/A CyberNotes-2001-14 Troj/Unite-C N/A CyberNotes-2001-09 TROJ_ALLGRO.A N/A CyberNotes-2001-17 TROJ_ANSET.B N/A CyberNotes-2001-22 TROJ_AOL_EPEX N/A CyberNotes-2001-01 TROJ_AOLWAR.B N/A CyberNotes-2001-01 TROJ_AOLWAR.C N/A CyberNotes-2001-01 TROJ_APOST.A N/A CyberNotes-2001-18 TROJ_APS.216576 N/A CyberNotes-2001-03 TROJ_ASIT N/A CyberNotes-2001-07 TROJ_AZPR N/A CyberNotes-2001-01 TROJ_BADTRANS.A N/A CyberNotes-2001-08 TROJ_BADY N/A CyberNotes-2001-15 TROJ_BAT2EXEC N/A CyberNotes-2001-01 TROJ_BCKDOR.G2.A N/A CyberNotes-2001-11 TROJ_BKDOOR.GQ N/A CyberNotes-2001-01 TROJ_BUSTERS N/A CyberNotes-2001-04 TROJ_CAFEIN111.A N/A CyberNotes-2001-14 TROJ_CAINABEL151 1.51 CyberNotes-2001-06 TROJ_CHOKE.A N/A CyberNotes-2001-13 TROJ_DARKFTP N/A CyberNotes-2001-03 TROJ_DSNX.A N/A CyberNotes-2001-17 TROJ_DUNPWS.CL N/A CyberNotes-2001-04 TROJ_DUNPWS.CL N/A CyberNotes-2001-05 TROJ_EUTH.152 N/A CyberNotes-2001-08 TROJ_FIX.36864 N/A CyberNotes-2001-03 TROJ_FUNNYFILE.A N/A CyberNotes-2001-09 TROJ_GLACE.A N/A CyberNotes-2001-01 TROJ_GNUTELMAN.A N/A CyberNotes-2001-05 TROJ_GOBLIN.A N/A CyberNotes-2001-03 TROJ_GTMINESXF.A N/A CyberNotes-2001-02 TROJ_HAI.A N/A CyberNotes-2001-17 TROJ_HAVOCORE.A N/A CyberNotes-2001-09 TROJ_HERMES N/A CyberNotes-2001-03 TROJ_HFN N/A CyberNotes-2001-03 TROJ_ICMPBOMB.A N/A CyberNotes-2001-17 TROJ_ICQCRASH N/A CyberNotes-2001-02 TROJ_IDENTD.B N/A CyberNotes-2001-11 TROJ_IE_XPLOIT.A N/A CyberNotes-2001-08 TROJ_IF N/A CyberNotes-2001-05 TROJ_INCOMM16A.S N/A CyberNotes-2001-09 TROJ_INVALID.A N/A CyberNotes-2001-18 TROJ_IRC_NETOL.A N/A CyberNotes-2001-14

NIPC CyberNotes #2001-26 Page 62 of 70 12/31//2001 Trojan Version CyberNotes Issue # TROJ_JESTRO.A N/A CyberNotes-2001-20 TROJ_JOINER.15 N/A CyberNotes-2001-02 TROJ_JOINER.I N/A CyberNotes-2001-08 TROJ_KALM.A.SVR N/A CyberNotes-2001-21 TROJ_KEYLOG.25 N/A CyberNotes-2001-17 TROJ_LASTWORD.A N/A CyberNotes-2001-09 TROJ_LATINUS.SVR N/A CyberNotes-2001-12 TROJ_LEAVE.A N/A CyberNotes-2001-13 TROJ_LINONG.A N/A CyberNotes-2001-13 TROJ_MADBOX.A N/A CyberNotes-2001-13 TROJ_MADBOX.B N/A CyberNotes-2001-13 TROJ_MATCHER.A N/A CyberNotes-2001-08 TROJ_MEGA.A N/A CyberNotes-2001-12 TROJ_MODNAR.A N/A CyberNotes-2001-17 TROJ_MOONPIE N/A CyberNotes-2001-04 TROJ_MOONPIE.A N/A CyberNotes-2001-11 TROJ_MSWORLD.A N/A CyberNotes-2001-12 TROJ_MTX.A.DLL N/A CyberNotes-2001-09 TROJ_MUSTARD.A N/A CyberNotes-2001-19 TROJ_MYBABYPIC.A N/A CyberNotes-2001-05 TROJ_NAKEDWIFE N/A CyberNotes-2001-05 TROJ_NARCISSUS.A N/A CyberNotes-2001-09 TROJ_NAVIDAD.E N/A CyberNotes-2001-01 TROJ_NEWPIC.A N/A CyberNotes-2001-17 TROJ_NEWSAGENT.A N/A CyberNotes-2001-16 TROJ_NEWSFLOOD.A N/A CyberNotes-2001-13 TROJ_OPTIX.SVR N/A CyberNotes-2001-17 TROJ_PARODY N/A CyberNotes-2001-05 TROJ_PICSHOW.A N/A CyberNotes-2001-10 TROJ_PORTSCAN N/A CyberNotes-2001-03 TROJ_PSW.GINA.A N/A CyberNotes-2001-13 TROJ_Q2001 N/A CyberNotes-2001-06 TROJ_QZAP.1026 N/A CyberNotes-2001-01 TROJ_RUNNER.B N/A CyberNotes-2001-03 TROJ_RUSH.A N/A CyberNotes-2001-21 TROJ_RUX.30 N/A CyberNotes-2001-03 TROJ_SCOUT.A N/A CyberNotes-2001-08 TROJ_SIRCAM.A N/A CyberNotes-2001-15 TROJ_SPYBOY.A N/A CyberNotes-2001-18 TROJ_SUB7.21.E 2.1 CyberNotes-2001-05 TROJ_SUB7.22.D .22 CyberNotes-2001-06 TROJ_SUB7.401315 N/A CyberNotes-2001-01 TROJ_SUB7.MUIE N/A CyberNotes-2001-01 TROJ_SUB7.V20 2.0 CyberNotes-2001-02 TROJ_SUB722 2.2 CyberNotes-2001-06 TROJ_SUB722_SIN N/A CyberNotes-2001-06 TROJ_SUB7DRPR.B N/A CyberNotes-2001-01 TROJ_SUB7DRPR.C N/A CyberNotes-2001-03 TROJ_TPS N/A CyberNotes-2001-05 TROJ_TWEAK N/A CyberNotes-2001-02 TROJ_UCON.A N/A CyberNotes-2001-21 TROJ_VAMP.A N/A CyberNotes-2001-13 TROJ_VBSWG_2B N/A CyberNotes-2001-07

NIPC CyberNotes #2001-26 Page 63 of 70 12/31//2001 Trojan Version CyberNotes Issue # TROJ_VOTE.A A CyberNotes-2001-19 TROJ_VOTE.B B CyberNotes-2001-20 TROJ_VOTE.C C CyberNotes-2001-20 TROJ_WARHOME.A N/A CyberNotes-2001-12 TROJ_WEBCRACK N/A CyberNotes-2001-02 TROJ_WHISTLER.A N/A CyberNotes-2001-19 TROJ_WINMITE.10 N/A CyberNotes-2001-08 TROJ_ZERAF.A N/A CyberNotes-2001-18 Trojan.Assault.10 10 CyberNotes-2001-15 Trojan.Bat.Live4: N/A CyberNotes-2001-16 Trojan.Billrus.Texto N/A CyberNotes-2001-14 Trojan.Diagcfg N/A CyberNotes-2001-15 Trojan.JS.Clid.gen N/A CyberNotes-2001-17 Trojan.JS.Cover N/A CyberNotes-2001-18 Trojan.Lornuke N/A CyberNotes-2001-14 Trojan.MircAbuser N/A CyberNotes-2001-04 Trojan.Offensive N/A CyberNotes-2001-17 Trojan.Pounds N/A CyberNotes-2001-18 Trojan.PSW.GIP N/A CyberNotes-2001-24 Trojan.PSW.M2.14 N/A CyberNotes-2001-07 Trojan.RASDialer N/A CyberNotes-2001-06 Trojan.Sheehy N/A CyberNotes-2001-05 Trojan.Spy.KIM N/A CyberNotes-2001-23 Trojan.Taliban N/A CyberNotes-2001-07 Trojan.VBS.PWStroy N/A CyberNotes-2001-14 Trojan.VirtualRoot N/A CyberNotes-2001-16 Trojan.W32.FireKill N/A CyberNotes-2001-07 Trojan.Xtratank N/A CyberNotes-2001-17 Trojan.Zeraf N/A CyberNotes-2001-17 Trojan.ZeroBoot N/A CyberNotes-2001-19 Trojan/PokeVB5 N/A CyberNotes-2001-07 VBS.Alal N/A CyberNotes-2001-24 VBS.AutoExec.Trojan N/A CyberNotes-2001-16 VBS.Blank.A N/A CyberNotes-2001-14 VBS.Cute.A N/A CyberNotes-2001-05 VBS.Dayumi N/A CyberNotes-2001-22 VBS.Delete.Trojan N/A CyberNotes-2001-04 VBS.Fiber.C N/A CyberNotes-2001-18 VBS.Lumorg N/A CyberNotes-2001-09 VBS.Masteal.Trojan N/A CyberNotes-2001-21 VBS.Natas N/A CyberNotes-2001-16 VBS.Over.Trojan N/A CyberNotes-2001-10 VBS.Phybre N/A CyberNotes-2001-12 VBS.Reset N/A CyberNotes-2001-12 VBS.SystemColor.A N/A CyberNotes-2001-11 VBS.Trojan.Icon N/A CyberNotes-2001-18 VBS.Trojan.Lariara N/A CyberNotes-2001-18 VBS.Trojan.Noob N/A CyberNotes-2001-04 VBS.Zeichen.A N/A CyberNotes-2001-08 VBS.Zync.A N/A CyberNotes-2001-17 VBS_HAPTIME.A N/A CyberNotes-2001-09 VBS_IESTART.A N/A CyberNotes-2001-11 W32.BatmanTroj N/A CyberNotes-2001-04

NIPC CyberNotes #2001-26 Page 64 of 70 12/31//2001 Trojan Version CyberNotes Issue # W32.BrainProtect N/A CyberNotes-2001-07 W32.Delalot.Trojan N/A CyberNotes-2001-24 W32.DpBot.Trojan N/A CyberNotes-2001-22 W32.Elem.Trojan N/A CyberNotes-2001-24 W32.JavaKiller.Trojan N/A CyberNotes-2001-21 W32.Leave.B.Worm N/A CyberNotes-2001-14 W32.Whiter.Trojan N/A CyberNotes-2001-20 Y3K Rat 1.6 CyberNotes-2001-11 Zendown N/A CyberNotes-2001-22

1. Securiteam, September 30, 2001. 2. Bugtraq, May 10, 2001. 3. CSC Sentry Research Labs, July 12, 2001. 4. Bugtraq, August 20, 2001. 5. Bugtraq, July 4, 2001. 6. Bugtraq, May 27, 2001. 7. Bugtraq, May 31, 2001. 8. Cgi Security Advisory #6, November 13, 2001. 9. Whizkunde Security Advisory, April 27, 2001. 10. Securiteam, November 25, 2001. 11. NSFOCUS Security Advisory, SA2001-07, November 15, 2001. 12. qDefense Advisory Number QDAV-2001-7-2, July 13, 2001. 13. Bugtraq, February 19, 2001. 14. Securiteam, August 24, 2001. 15. Securiteam, March 25, 2001. 16. eDvice Security Services, May 29, 2001. 17. eDvice Security Services, May 29, 2001. 18. CERT® Advisory CA-2001-08, April 11, 2001. 19. RUS-CERT Advisory 2001-09:01, September 10, 2001. 20. Bugtraq, April 28, 2001. 21. Macromedia Product Security Bulletin, MPSB01-07, July 11, 2001. 22. Bugtraq, July 30, 2001. 23. Macromedia Product Security Bulletin, MPSB01-06, June 28, 2001. 24. Macromedia Product Security Bulletin, MPSB01-18, December 6, 2001. 25. Macromedia Product Security Bulletin, MPSB01-12, November 27, 2001. 26. Macromedia Product Security Bulletin, MPSB01-17, December 6, 2001. 27. Allaire Security Bulletin, ASB01-02, January 25, 2001. 28. Macromedia Product Security Bulletin, MPSB01-13, November 27, 2001. 29. Macromedia Product Security Bulletin, MPSB01-10, November 26, 2001. 30. Macromedia Product Security Bulletin, MPSB01-14, December 6, 2001. 31. Internet Security Systems Security Advisory, ISS-092, August 7, 2001. 32. Defcom Labs Advisory, def-2001-11, March 15, 2001. 33. Defcom Labs Advisory, def-2000-03, December 19, 2000. 34. Bugtraq, March 25, 2001. 35. Securiteam, February 13, 2001. 36. Bugtraq, October 3, 2001. 37. @stake Inc. Security Advisory, A121200-1, December 12, 2000. 38. Bugtraq, August 22, 2001. 39. Bugtraq, October 6, 2001. 40. Bugtraq, February 6, 2001. 41. Securiteam, September 30, 2001. 42. UkR Security Team, Advisory No. 11, March 27, 2001. 43. Securiteam, April 18, 2001. 44. Bugtraq, October 8, 2001. 45. Bugtraq, June 10, 2001. 46. Bugtraq, September 10, 2001. 47. SecurityFocus, November 9, 2001. 48. SecurityFocus, July 10, 2001.

NIPC CyberNotes #2001-26 Page 65 of 70 12/31//2001 49. Bugtraq, August 12, 2001. 50. CHINANSL Security Advisory, CSA-200105, March 31, 2001. 51. Bugtraq, July 2, 2001. 52. Bugtraq, August 16, 2001. 53. eSecurityOnline Free Vulnerability Alert 3628, May 14, 2001. 54. eSecurityOnline Free Vulnerability Alert 3462, March 14, 2001. 55. Bugtraq, August 9, 2001. 56. Securiteam, February 28, 2001. 57. Bugtraq, October 19, 2001. 58. Bugtraq, December 15, 2000. 59. Bugtraq, May 10, 2001. 60. Bugtraq, June 28, 2001. 61. Bugtraq, May 3, 2001. 62. Bugtraq, June 26, 2001. 63. Securiteam, July 8, 2001. 64. VulnWatch, October 18, 2001. 65. Bugtraq, September 10, 2001. 66. SPS Advisory #41, January 31, 2001. 67. NERF gr0up security advisory #2, June 21, 2001. 68. Securiteam, July 4, 2001. 69. Securiteam, July 25, 2001. 70. Securiteam, March 31, 2001. 71. Secure Net Service(SNS) Advisory No.39, August 20, 2001. 72. CORE SDI Advisory, CORE-2001011503, January 29, 2001. 73. CORE SDI Advisory, CORE-2001011502, January 29, 2001. 74. CORE SDI Advisory, CORE-2001011501, January 23, 2001. 75. Internet Security Systems Security Advisory, ISS-083, June 20, 2001. 76. Bugtraq, October 11, 2001. 77. Securiteam, March 3, 2001. 78. Bugtraq, November 27, 2001. 79. Strumpf Noir Society Advisories, August 22, 2001. 80. Bugtraq, March 24, 2001. 81. Foot Clan Advisory ID, Foot-20011117, December 5, 2001. 82. Securiteam, August 23, 2001. 83. Bugtraq, February 15, 2001. 84. Defcom Labs Advisory, def-2001-10, March 8, 2001. 85. Securiteam, September 6, 2001. 86. edvice Security Services, September 22, 2001. 87. Securiteam, August 15, 2001. 88. Securiteam, January 16, 2001. 89. Bugtraq, July 6, 2001. 90. Defcom Labs Advisory, def-2001-14 re-release, March 27, 2001. 91. Defcom Labs Advisory, def-2000-04, December 19, 2000. 92. Sentry Research Labs, May 24, 2001. 93. Bugtraq, November 18, 2001. 94. SecurityFocus, December 13, 2001. 95. Securiteam, February 11, 2001. 96. Securiteam, April 9, 2001. 97. Securiteam, July 5, 2001. 98. CERT® Advisory CA-2001-01, January 11, 2001. 99. Red Hat Security Advisory, RHSA-2001:141-05, October 30, 2001. 100. Securiteam, December 14, 2001. 101. Bugtraq, December 21, 2000. 102. UkR Security Team Advisory #6, February 12, 2001. 103. Bugtraq, April 28, 2001. 104. Securiteam, December 1, 2001. 105. Caldera International, Inc. Security Advisory, CSSA-2001-SCO.15, August 28, 2001. 106. Caldera International, Inc. Security Advisory, CSSA-2001-SCO.14, August 23, 2001. 107. Caldera Systems, Inc. Security Advisory, CSSA-2001-003.0, January 15, 2001. 108. Caldera International, Inc. Security Advisory, CSSA-2001-026.0, July 17, 2001. 109. Bugtraq, August 2, 2001. 110. Caldera International, Inc. Security Advisory, CSSA-2001-SCO.37, December 6, 2001.

NIPC CyberNotes #2001-26 Page 66 of 70 12/31//2001 111. Caldera Security Advisory, CSSA-2001-SCO.29, November 2, 2001. 112. Caldera Security Advisory, CSSA-2001-SCO.34, November 16, 2001. 113. Caldera International, Inc. Security Advisory, CSSA-2001-SCO.2, June 27, 2001. 114. Caldera International, Inc. Security Advisory, CSSA-2001-SCO.3, June 27, 2001. 115. Caldera International, Inc. Security Advisory, CSSA-2001-SCO.4, June 27, 2001. 116. Caldera Security Advisory, CSSA-2001-021.0, June 8, 2001. 117. Securiteam, February 17, 2001. 118. Bugtraq, August 30, 2001. 119. Securiteam, November 3, 2001. 120. Bugtraq, July 2, 2001. 121. CHINANSL Security Advisory, CSA-200111, April 4, 2001. 122. Securiteam, February 21, 2001. 123. Bugtraq, July 11, 2001. 124. Bugtraq, July 9, 2001. 125. Bugtraq, February 21, 2001. 126. Securiteam, August 21, 2001. 127. Bugtraq, October 3, 2001. 128. Securiteam, June 13, 2001. 129. Securiteam, June 13, 2001. 130. Cartel Informatique - Security Advisory, CARTSA-2001-03, September 28, 2001. 131. Inside Security GmbH Vulnerability Notification, Revision 1.2, July 9, 2001. 132. Bugtraq, July 13, 2001. 133. Bugtraq, September 8, 2001. 134. Securiteam, September 10, 2001. 135. Bugtraq, September 19, 2001. 136. Bugtraq, December 18, 2000. 137. eSecurityOnline Free Vulnerability Alert 3784, July 13, 2001. 138. Bugtraq, January 17, 2001. 139. Bugtraq, October 23, 2001. 140. Securiteam, July 18, 2001. 141. Securiteam, February 25, 2001. 142. Bugtraq, February 27, 2001. 143. Bugtraq, February 7, 2001. 144. Cisco Security Advisory, CI-01.07, June 14, 2001. 145. Cisco Security Advisory, CI-01.02, February 27, 2001. 146. Cisco Security Advisory, CI-01.03, March 7, 2001. 147. Cisco Security Advisory, CI-01.01, January 31, 2001. 148. Cisco Security Advisory, CI-01.01, January 31, 2001. 149. Cisco Security Advisory, June 27, 2001. 150. Securiteam, May 7, 2001. 151. Cisco Security Advisory, April 16, 2001. 152. VulnWatch, October 9, 2001. 153. Cisco Security Advisory, May 22, 2001. 154. Cisco Security Advisory, August 23, 2001. 155. Securiteam, April 25, 2001. 156. Cisco Security Advisory, April 4, 2001. 157. Bugtraq, May 3, 2001. 158. Cisco Security Advisory, November 15, 2001. 159. Cisco Security Advisory, May 10, 2001. 160. Cisco Security Advisory, November 28, 2001. 161. Cisco Security Advisory, June 27, 2001. 162. Securiteam, July 6, 2001. 163. Bugtraq, July 25, 2001. 164. Cisco Security Advisory, November 14, 2001. 165. Cisco Security Advisory, November 14, 2001. 166. Cisco Security Advisory, CI-01.10, July 12, 2001. 167. Cisco Security Advisory, May 24, 2001. 168. Cisco Security Advisory, October 3, 2001. 169. Cisco Security Advisory, Revision 1.0, September 26, 2001. 170. Securiteam, April 12, 2001. 171. Bugtraq, October 11, 2001. 172. Cisco Security Advisory, CI-01.09, July 11, 2001.

NIPC CyberNotes #2001-26 Page 67 of 70 12/31//2001 173. Cisco Security Advisory, CI-04.05, April 12, 2001. 174. Cisco Security Advisory, March 28, 2001. 175. Cisco Security Advisory, May 17, 2001. 176. Cisco Security Advisory, CI-01.05.31, May 31, 2001. 177. Cisco Security Advisory, Revision 1, July 11, 2001. 178. Sentry Research Labs , ID0201061701, June 18, 2001. 179. Securiteam, July 7, 2001. 180. Xato Security Advisory, XATO-112001-01, November 14, 2001. 181. Internet Security Systems Security Advisory, October 6, 2001. 182. Securiteam, July 9, 2001. 183. Bugtraq, September 27, 2001. 184. Compaq Computer Corporation/ Software Security Response Team, SSRT0715, March 22, 2001. 185. Compaq Security Advisory, SSRT0738, October 31, 2001. 186. SecurityFocus, October 29, 2001. 187. Bugtraq, September 25, 2001. 188. Compaq Management Software Security Advisory, SSRT0758, September 28, 2001. 189. iXsecurity Security Vulnerability Report, 20001120, January 16, 2001. 190. Securiteam, May 17, 2001. 191. Bugtraq, May 18, 2001. 192. Bugtraq, May 25, 2001. 193. Bugtraq, September 16, 2001. 194. Zero Tolerance Technologies (T) Security Advisory, ZTT-SA01-27032001, March 28, 2001. 195. Conectiva Linux Security Announcement, CLA-2001:388, March 19, 2001. 196. Conectiva Linux Security Announcement, CLA-2000:365, March 20, 2001. 197. Conectiva Linux Security Announcement, CLA-2001:386, March 16, 2001. 198. SuSE Security Announcement, SuSE-SA:2001:05, March 5, 2001. 199. SecurityFocus. June 29, 2001. 200. Bugtraq, May 27, 2001. 201. Bugtraq, September 13, 2001. 202. Secure Reality Pty Ltd. Security Pre-Advisory #4, SRPRE00004, April 24, 2001. 203. Bugtraq, November 28, 2001. 204. CERT® Advisory, CA-2001-18, July 19, 2001. 205. Bugtraq, September 11, 2001. 206. Defcom Labs Advisory, def-2000-18, April 17, 2001. 207. Defcom Labs Advisory, def-2000-18, April 17, 2001. 208. Debian Security Advisory, DSA-046-2, April 19, 2001. 209. Bugtraq, March 19, 2001. 210. Securiteam, May 1, 2001. 211. Securiteam, March 5, 2001. 212. Securiteam, March 3, 2001. 213. Securiteam, April 25, 2001. 214. Foot Clan Advisory ID, Foot-20011202, December 2, 2001. 215. qDefense Advisory Number QDAV-5-2000-1, April 16, 2001. 216. DCScripts Advisory, June 13, 2001. 217. qDefense Advisory Number, QDAV-5-2000-2, May 15, 2001. 218. Debian Security Advisory, DSA-008-1, December 25, 2000. 219. Debian Security Advisory, DSA-034-1, March 7, 2001. 220. Linux-Mandrake Security Update Advisory, MDKSA-2001:027, March 7, 2001. 221. Debian Security Advisory, DSA-062-1, June 16, 2001. 222. Securiteam, October 29, 2001. 223. Strumpf Noir Society Advisories, May 3, 2001. 224. Securiteam, December 12, 2001. 225. CGI Security Advisory #4, March 9, 2001. 226. Bugtraq, October 18, 2001. 227. Bugtraq, September 10, 2001. 228. Fate Research Labs Security Advisory, F8-DLINK20010906, September 6, 2001. 229. Bugtraq, October 30, 2001. 230. Bugtraq, October 30, 2001. 231. Defcom Labs Advisory, def-2001-27, May 27, 2001. 232. Bugtraq, May 26, 2001. 233. Bugtraq, May 7, 2001. 234. Securiteam, November 4, 2001.

NIPC CyberNotes #2001-26 Page 68 of 70 12/31//2001 235. Strumpf Noir Society Advisories, May 26, 2001. 236. Securiteam, August 22, 2001. 237. Bugtraq, December 1, 2001. 238. Bugtraq, January 21, 2001. 239. Alliance Security Labs, ASLabs-2001-01, May 18, 2001. 240. Bugtraq, May 7, 2001. 241. Securiteam, February 28, 2001. 242. Securiteam, March 12, 2001. 243. Bugtraq, March 23, 2001. 244. EnGarde Secure Linux Security Advisory, ESA-20010711-02, July 11, 2001. 245. VulnWatch, July 30, 2001. 246. Entrust Security Bulletin, E01-005, November 5, 2001. 247. Bugtraq, August 10, 2001. 248. Debian Security Advisory, DSA-071-1, August 10, 2001. 249. Conectiva Linux Security Announcement, CLA-2001:419, September 5, 2001. 250. Red Hat Security Advisory, [RHSA-2001:103-04, September 10, 2001. 251. Securiteam, June 7, 2001. 252. Securiteam, June 28, 2001. 253. Cgisecurity.com Advisory #3.1, January 7, 2001. 254. Securiteam, November 4, 2001. 255. Strumpf Noir Society Advisories, January 19, 2001. 256. Bugtraq, May 25, 2001. 257. SecurityFocus, November 16, 2001. 258. Twlc Security Advisory, September 24, 2001. 259. Bugtraq, April 4, 2001. 260. Bugtraq, December 3, 2001. 261. Argentinian Security Group, March 2, 2001. 262. Securiteam, March 26, 2001. 263. Bugtraq, November 21, 2001. 264. Magnux Software Advisory, MASA:01-02:en, November 5, 2001. 265. Securiteam, August 8, 2001. 266. Bugtraq, October 13, 2001. 267. Securiteam, April 30, 2001. 268. FreeBSD Security Advisory, FreeBSD-SA-01:56, August 23, 2001. 269. FreeBSD Ports Security Advisory, FreeBSD-SA-01:21, February 7, 2001. 270. FreeBSD Security Advisory, FreeBSD-SA-01:08, January 23, 2001. 271. FreeBSD Security Advisory, FreeBSD-SA-01:11, revised January 29, 2001. 272. FreeBSD Security Advisory, FreeBSD-SA-01:55, August 21, 2001. 273. FreeBSD Security Advisory, FreeBSD-SA-00:77, reissued December 29, 2000. 274. FreeBSD Security Advisory, FreeBSD-SA-01:29, March 12, 2001. 275. FreeBSD Security Advisory, FreeBSD-SA-01:12, January 29, 2001. 276. Georgi Guninski Security Advisory #48, July 10, 2001. 277. FreeBSD Security Advisory, FreeBSD-SA-01:59, September 3, 2001. 278. FreeBSD Security Advisory, FreeBSD-SA-01:53, August 17, 2001. 279. Securiteam, December 11, 2001. 280. FreeBSD Ports Security Advisory: FreeBSD-SA-01:19, February 7, 2001. 281. FreeBSD Security Advisory, FreeBSD-SA-01:48, July 17, 2001. 282. Bugtraq, November 30, 2001. 283. Bugtraq, May 19, 2001. 284. Securiteam, March 14, 2001. 285. Securiteam, April 10, 2001. 286. Qitest1's Security Advisory #002, June 17, 2001. 287. @stake, Inc Security Advisory, A040301-1, April 3, 2001. 288. Bugtraq, December 12, 2001. 289. Debian Security Advisory, DSA 084-1, October 18, 2001. 290. Asguard Labs Advisory, August 17, 2001. 291. Bugtraq, August 23, 2001. 292. Securiteam, August 27, 2001. 293. Gnatsweb Security Advisory, June 26, 2001. 294. CGISecurity Advisory #7, November 28, 2001. 295. Bugtraq, August 1, 2001. 296. Bugtraq, July 27, 2001.

NIPC CyberNotes #2001-26 Page 69 of 70 12/31//2001 297. Conectiva Linux Security Announcement, CLA-2001:420, September 5, 2001. 298. Synnergy Networks, May 29, 2001. 299. Securiteam, February 3, 2001. 300. Bugtraq, April 17, 2001. 301. Defcom Labs Advisory, def-2001-03, January 22, 2001. 302. Defcom Labs Advisory def-2001-13, March 20, 2001. 303. Bugtraq, July 4, 2001. 304. Cartel Advisory Code, CART-0101, June 21. 2001. 305. Bugtraq, February 4, 2001. 306. Bugtraq, February 23, 2001. 307. SecurityFocus, October 1, 2001. 308. Bugtraq, September 8, 2001. 309. Strumpf Noir Society Advisories, February 26, 2001. 310. Bugtraq, February 4, 2001. 311. Hewlett-Packard Company Security Bulletin, HPSBUX0108-165, August 29, 2001. 312. eSecurityOnline Free Vulnerability Alert 3409, February 21, 2001. 313. eSecurityOnline Free Vulnerability Alert 3395, February 22, 2001. 314. Hewlett-Packard Company Security Advisory, HPSBUX0104-149, April 19, 2001. 315. Hewlett-Packard Company Security Bulletin, #0166, September 6, 2001. 316. Hewlett-Packard Company Security Bulletin, HPSBUX0103-145, March 7, 2001. 317. Hewlett-Packard Company Security Bulletin, HPSBUX0103-145 Rev 2, April 6, 2001 318. Hewlett-Packard Company Security Bulletin, HPSBUX0012-135, December 21, 2000. 319. Hewlett-Packard Company Security Bulletin, #00136, January 9, 2001. 320. Securiteam, January 9, 2001. 321. Hewlett-Packard Company Security Bulletin, HPSBUX0101-137, January 18, 2001. 322. Hewlett-Packard Company Security Bulletin, 0160, July 17, 2001. 323. SecurityFocus, September 4, 2001. 324. Securiteam, September 4, 2001. 325. Bugtraq, June 4, 2001. 326. Hewlett-Packard Company Security Bulletin, 0159, July 17, 2001. 327. Hewlett-Packard Company Security Bulletin, HPSBUX0012-134, December 18, 2000. 328. Hewlett-Packard Company Security Bulletin, 0161, July 19, 2001. 329. Hewlett-Packard Company Security Bulletin, HPSBUX0108-164, August 29, 2001. 330. Bugtraq, August 1, 2001. 331. Securiteam, May 29, 2001. 332. Hewlett-Packard Company Security Bulletin, HPSBUX0109-167, September 24, 2001. 333. Hewlett-Packard Company Security Bulletin, HPSBTL0110-001, October 23, 2001. 334. eSecurityOnline Free Vulnerability Alert 3429, March 1, 2001. 335. Hewlett-Packard Company Security Bulletin, HPSBUX0111-176, November 20, 2001. 336. Hewlett-Packard Company Security Bulletin, HPSBUX0108-163, August 27, 2001. 337. Hewlett-Packard Company Security Bulletin, HPSBUX0110-169, October 2, 2001. 338. Hewlett-Packard Company Security Bulletin, HPSBUX0110-171, October 19, 2001. 339. Bugtraq, June 11, 2001. 340. Hewlett-Packard Company Security Bulletin, HPSBUX0110-170, October 2, 2001. 341. Bugtraq, August 9, 2001. 342. Securiteam, February 9, 2001. 343. CryptNET Security Advisory, February 20, 2001. 344. Intexxia(C) Security Advisory, ID #1048-261101, November 27, 2001. 345. Conectiva Linux Security Announcement, CLA-2001:410, July 25, 2001. 346. Bugtraq, May 31, 2001. 347. Bugtraq, November 9, 2001. 348. Conectiva Linux Security Announcement, CLA-2001:429, October 10, 2001. 349. Caldera International, Inc. Security Advisory, CSSA-2001-035.0, October 10, 2001. 350. Debian Security Advisory, DSA 080-1, October 17, 2001. 351. Bugtraq, May 7, 2001. 352. Defcom Labs Advisory, def-2001-12, March 20, 2001. 353. Securiteam, April 12, 2001. 354. Securiteam, April 24, 2001. 355. Bugtraq, September 24, 2001. 356. Securiteam, October 15, 2001. 357. qDefense Advisory Number QDAV-2001-11-1, November 19, 2001. 358. WOWHACKER Security Advisory, December 04, 2001.

NIPC CyberNotes #2001-26 Page 70 of 70 12/31//2001 359. Caldera International, Inc. Security Advisory, CSSA-2001-033.0, September 7, 2001. 360. Conectiva Linux Security Announcement, CLA-2001:425, September 11, 2001. 361. Securiteam, October 27, 2001. 362. Securiteam, February 7, 2001. 363. IBM Global Services, MSS-OAR-E01-2001:087.1, March 7, 2001. 364. Securiteam, January 30, 2001. 365. IBM Global Services Managed Security Services, MSS-OAR-E01-2001:225.1, June 19, 2001. 366. IBM Security Advisory, October 29, 2001. 367. Bugtraq, September 24, 2001. 368. Bugtraq, September 4, 2001. 369. Bugtraq, September 4, 2001. 370. Bugtraq, November 22, 2001. 371. CHINANSL Security Advisory, CSA-200107, March 29, 2001. 372. Bugtraq, July 11, 2001. 373. Bugtraq, July 20, 2001. 374. Defcom Labs Advisory, def-2001-02, January 8, 2001. 375. Bugtraq, November 8, 2001. 376. Bugtraq, April 13, 2001. 377. Bugtraq, July, 2, 2001. 378. Bugtraq, December 13, 200. 379. Bugtraq, September 19, 2001. 380. iXsecurity Security Vulnerability Report, July 23, 2001. 381. Bugtraq, December 11, 2001. 382. Securiteam, February 3, 2001. 383. Bugtraq, September 19, 2001. 384. S.A.F.E.R. Security Bulletin, 010123.EXP.1.10, January 23, 2001. 385. Bugtraq, February 9, 2001. 386. Security BugWare Advisory, October 22, 2001. 387. Bugtraq, August 20, 2001. 388. Defcom Labs Advisory def-2001-20, April 11, 2001. 389. Georgi Guninski Security Advisory #32, January 5, 2001. 390. Securiteam, December 11, 2001. 391. Bugtraq, July 2, 2001. 392. NGSSoftware Insight Security Research Advisory, NISR29102001A, October 31, 2001. 393. NGSSoftware Insight Security Research Advisory, NISR29102001B, October 31, 2001. 394. NGSSoftware Insight Security Research Advisory, NISR29102001C, October 31, 2001. 395. Bugtraq, November 30, 2001. 396. Bugtraq, January 4, 2001. 397. eSecurityOnline Free Vulnerability Alert 3324, January 23, 2001. 398. Packet Knights Crew Security Advisory #004, January 21, 2001. 399. Securiteam, June 28, 2001. 400. Q30wnerz Advisory v1.0, July 30, 2001. 401. Bugtraq, July 16, 2001. 402. Securiteam, July 24, 2001. 403. Defcom Labs Advisory, def-2001-06, January 23, 2001. 404. NTBugtraq, August 2, 2001. 405. Bugtraq, August 23, 2001. 406. Bugtraq, October 30, 2001. 407. Securiteam, March 13, 2001. 408. Vapid Labs, 11232001-02, November 23, 2001. 409. Bugtraq, April 17, 2001. 410. Bugtraq, May 11, 2001. 411. Strumpf Noir Society Advisories, December 21, 2000. 412. Bugtraq, February 21, 2001. 413. Bugtraq, April 5, 2001. 414. Bugtraq, February 5, 2001. 415. Bugtraq, January 4, 2001. 416. Bugtraq, December 30, 2000. 417. Strumpf Noir Society Advisories, March 28, 2001. 418. Bugtraq, August 20, 2001. 419. SecurityFocus, November 20, 2001. 420. BUZ.CH Security Advisory 200109041, September 4, 2001.

NIPC CyberNotes #2001-26 Page 71 of 70 12/31//2001 421. CERT® Advisory, CA-2001-02, January 29, 2001. 422. Network Associates, Inc. COVERT Labs Security Advisory, COVERT-2001-01, January 29, 2001. 423. Securiteam, February 23, 2001. 424. Strumpf Noir Society Advisories, June 18, 2001. 425. Debian Security Advisory, DSA-017-1, January 23, 2000. 426. Securiteam, May 24, 2001. 427. Securiteam, April 20, 2001. 428. @stake Security Advisory, A041601-1, April 17, 2001. 429. eEye Digital Security Advisory, April 24, 2001. 430. Securiteam, October 15, 2001. 431. Defcom Labs Advisory, def-2001-29, October 12, 2001. 432. Defcom Labs Advisory def-2001-31, November 5, 2001. 433. Defcom Labs Advisory, def-2001-28, July 26, 2001. 434. Bugtraq, February 16, 2001. 435. NerF Security gr0up Advisory, January 28, 2001. 436. Bugtraq, March 6, 2001. 437. eSecurityOnline Free Vulnerability Alert 3620, May 11, 2001. 438. Bugtraq, March 15, 2001. 439. Bugtraq, June 14, 2001. 440. Securiteam, June 5, 2001. 441. RUS-CERT Advisory 2001-09:01, September 10, 2001. 442. RUS-CERT Advisory 2001-09:01, September 10, 2001. 443. Securiteam, July 7, 2001. 444. Debian Security Advisory, DSA 076-1, September 18, 2001. 445. Securiteam, February 21, 2001. 446. Bugtraq, July 5, 2001. 447. Securiteam, June 28, 2001. 448. Securiteam, September 6, 2001. 449. Red Hat Security Advisory, RHSA-2001:059-03, April 30, 2001. 450. Debian Security Advisory, DSA-088-1, December 5, 2001. 451. Bugtraq, February 6, 2001. 452. Bugtraq, September 12, 2001. 453. Bugtraq, December 13, 2001. 454. Securiteam, March 5, 2001. 455. Bugtraq, July 23, 2001. 456. Bugtraq, August 17, 2001. 457. EnGarde Secure Linux Security Advisory, ESA-20010711-01, July 11, 2001. 458. Securiteam, November 26, 2001. 459. Bugtraq, October 30, 2001. 460. RUS-CERT Advisory 2001-09:01, September 10, 2001. 461. Securiteam, March 5, 2001. 462. Bugtraq, February 10, 2001. 463. Securiteam, April 11, 2001. 464. Hypoclear Security Advisory, August 2, 2001. 465. Netservers Security Advisory, October 8, 2001. 466. Bugtraq, October 18, 2001. 467. Strumpf Noir Society Advisories, January 19, 2001. 468. Bugtraq, May 17, 2001. 469. Bugtraq, December 20, 2000. 470. Mandrake Linux Security Update Advisory, MDKSA-2001:091, December 12, 2001. 471. Securiteam, September 6, 2001. 472. Securiteam, February 21, 2001. 473. Bugtraq, June 21, 2001. 474. Bugtraq, January 26, 2001. 475. FreeBSD Ports Security Advisory, FreeBSD-SA-01:20, February 7, 2001. 476. Bugtraq, June 12, 2001. 477. Bugtraq, April 10, 2001. 478. Bugtraq, March 10, 2001. 479. Packet Knights Crew Security Advisory #003, January 18, 2001. 480. Bugtraq, June 29, 2001. 481. Bugtraq, April 24, 2001. 482. Bugtraq, June 12, 2001.

NIPC CyberNotes #2001-26 Page 72 of 70 12/31//2001 483. Bugtraq, May 15, 2001. 484. Bugtraq, May 16, 2001. 485. Securiteam, July 12, 2001. 486. Bugtraq, February 11, 2001. 487. Securiteam List Digest, September 12, 2001 488. Securiteam, March 24, 2001. 489. Securiteam List Digest, October 1, 2001. 490. SecurityFocus, September 15, 2001. 491. Bugtraq, December 19, 2000. 492. Securiteam, March 12, 2001. 493. Bugtraq, June 18, 2001. 494. MacSlash, October 2, 2001. 495. Securiteam, December 9, 2001. 496. Microsoft Security Bulletin, MS01-053, October 23, 2001. 497. Georgi Guninski Security Advisory #41, March 31, 2001. 498. Georgi Guninski Security Advisory #44, May 6, 2001. 499. Microsoft Security Bulletin, MS01-010, February 14, 2001. 500. Microsoft Security Bulletin, MS01-012, February 22, 2001. 501. Microsoft Security Bulletin, MS01-049, September 26, 2001. 502. Bugtraq, December 11, 2001. 503. Georgi Guninski Security Advisory #40, March 28, 2001. 504. Microsoft Security Bulletin, MS01-016, March 8, 2001. 505. Microsoft Security Bulletin, MS01-016, revised March 13, 2001. 506. Microsoft Security Bulletin, MS01-044, August 15, 2001. 507. Defcom Labs Advisory, def-2001-26, May 17, 2001. 508. Defcom Labs Advisory, def-2001-16, April 2, 2001. 509. Microsoft Security Bulletin, MS01-021, April 16, 2001. 510. Microsoft Security Bulletin, MS01-045, August 16, 2001. 511. Bugtraq, December 7, 2001. 512. Bugtraq, July 16, 2001. 513. Microsoft Security Bulletin, MS01-031, June 7, 2001. 514. Microsoft Security Bulletin, MS01-031, June 7, 2001. 515. Microsoft Security Bulletin, MS01-031, June 7, 2001. 516. Microsoft Security Bulletin, MS01-013, February 26, 2001. 517. Microsoft Security Bulletin MS01-024, May 8, 2001. 518. Microsoft Security Bulletin, MS01-011, February 20, 2001. 519. Microsoft Security Bulletin, MS01-023, May 1, 2001. 520. Microsoft Security Bulletin, MS01-036, June 25, 2001. 521. Georgi Guninski Security Advisory #45, May 24, 2001. 522. Microsoft Security Bulletin, MS01-037, July 5, 2001. 523. NTBugtraq, July 18, 2001. 524. Microsoft Security Bulletin, MS01-046, August 21, 2001. 525. Team RADIX Research Report, RADIX1112200103, November 12, 2001. 526. Team RADIX Research Report, RADIX1112200101, November 12, 2001. 527. Team RADIX Research Report, RADIX1112200102, November 12, 2001. 528. NTBugtraq, October 27, 2001. 529. Xato Network Advisory, XATO-112001-01, November 7, 2001. 530. Microsoft Security Bulletin, MS01-034, June 21, 2001. 531. Securiteam, March 27, 2001. 532. Microsoft Security Bulletin, MS01-017, March 22, 2001. 533. Microsoft Security Bulletin, MS01-017 (version 2.0), March 28, 2001. 534. Bugtraq, July 18, 2001. 535. eSecurityOnline Free Vulnerability Alert 3302, January 16, 2001. 536. Microsoft Security Bulletin, MS00-091, November 30, 2000. 537. Securiteam, May 24, 2001. 538. Bugtraq, November 21, 2001. 539. Georgi Guninski Security Advisory #50, October 21, 2001. 540. Bugtraq, November 19, 2001. 541. Microsoft Security Bulletin, MS01-050, October 4, 2001. 542. Microsoft Security Bulletin, MS01-051, October 10, 2001. 543. Microsoft Security Bulletin, MS01-058, December 13, 2001. 544. Securiteam, August 31, 2001.

NIPC CyberNotes #2001-26 Page 73 of 70 12/31//2001 545. Bugtraq, September 12, 2001. 546. Microsoft Security Bulletin, MS01-022, April 19, 2001. 547. Bugtraq, August 7, 2001. 548. Securiteam, May 14, 2001. 549. Bugtraq, June 6, 2001. 550. Bugtraq, July 27, 2001. 551. Microsoft Security Bulletin, MS01-055, November 13, 2001. 552. eSecurityOnline.com Free Vulnerability Alert 3233, December 14, 2000. 553. Microsoft Security Bulletin, MS01-020, March 29, 2001. 554. Microsoft Security Bulletin, MS01-015, March 6, 2001. 555. Microsoft Security Bulletin, MS01-015 version 2.0, April 20, 2001. 556. Georgi Guninski Security Advisory 42, April 16, 2001. 557. Georgi Guninski Security Advisory #43, April 20, 2001. 558. Microsoft Security Bulletin MS01-002, Revised January 25, 2001. 559. Microsoft Security Bulletin, MS01-001, January 11, 2001. 560. Microsoft Security Bulletin, MS01-029, May 23, 2001. 561. Georgi Guninski Security Advisory #31, January 1, 2001. 562. Georgi Guninski Security Advisory #35, January 15, 2001. 563. SecurityFocus, May 23, 2001. 564. Microsoft Security Bulletin, MS01-028, May 21, 2001. 565. Bugtraq, May 2, 2001. 566. Securiteam, January 23, 2001. 567. Microsoft Security Bulletin, MS01-055, November 13, 2001. 568. Securiteam, June 8, 2001. 569. Microsoft Security Bulletin, MS01-027, May 16, 2001. 570. Bugtraq, July 30, 2001. 571. Microsoft Security Bulletin, MS00-079, October 18, 2000. 572. Microsoft Security Bulletin, MS00-079 (version 2.0), May 25, 2001. 573. Microsoft Security Bulletin, MS01-019, March 29, 2001. 574. Microsoft Security Bulletin, MS01-054, November 1, 2001. 575. Georgi Guninski Security Advisory #37, February 6, 2001. 576. Bugtraq, October 17, 2001. 577. Microsoft Security Bulletin, MS01-014, March 1, 2001. 578. eSecurityOnline Free Vulnerability Alert 3323, January 23, 2001. 579. Microsoft Security Bulletin, MS00-099, December 20, 2000. 580. Microsoft Security Bulletin, MS01-006, January 31, 2001. 581. Microsoft Security Bulletin, MS01-005, January 30, 2001. 582. Microsoft Security Bulletin, MS01-007, revised February 9, 2001. 583. Microsoft Security Bulletin, MS01-025, May 10, 2001. 584. Oxygen3 24h-365d, September 17, 2001. 585. Microsoft Security Bulletin, MS00-100, December 22, 2000. 586. Microsoft Security Bulletin, MS01-018, March 27, 2001. 587. Microsoft Security Bulletin, MS01-008, February 7, 2001. 588. Hypoclear Security Advisory, August 3, 2001. 589. Microsoft Security Bulletin, MS01-003, January 25, 2001. 590. Securiteam, March 6, 2001. 591. Microsoft Security Bulletin, MS01-009, February 17, 2001. 592. Microsoft Security Bulletin, MS01-048, September 10, 2001. 593. Microsoft Security Bulletin, MS01-047, September 6, 2001. 594. Microsoft Security Bulletin, MS01-030 (version 3.0), June 13, 2001. 595. Microsoft Security Bulletin, MS01-041, July 27, 2001. 596. SecurityFocus, August 22, 2001. 597. VIGILANTE-Security Advisory, 2001001, June 22, 2001. 598. NERF gr0up security advisory #4, July 4, 2001. 599. Microsoft Security Bulletin, MS00-098, December 19, 2000. 600. Microsoft Security Bulletin, MS01-033, June 18, 2001. 601. e-Synergies Security Advisory, August 8, 2001. 602. Microsoft Security Bulletin, MS01-026, May 14, 2001. 603. Microsoft Security Bulletin, MS01-004, January 29, 2001. 604. Microsoft Security Bulletin, MS01-057 version 2, December 7, 2001. 605. Microsoft Security Bulletin, MS01-039, July 24, 2001. 606. Microsoft Security Bulletin, MS00-077, October 13, 2000.

NIPC CyberNotes #2001-26 Page 74 of 70 12/31//2001 607. Microsoft Security Bulletin, MS00-077 (version 2.0), June 21, 2001. 608. Microsoft Security Bulletin, MS01-038, July 12, 2001. 609. Securiteam, August 6, 2001. 610. Microsoft Security Bulletin, MS01-032, June 12, 2001. 611. Microsoft Security Bulletin, MS01-052, October 18, 2001. 612. Microsoft Security Bulletin, MS01-040, July 25, 2001. 613. Microsoft Security Bulletin, MS01-056, November 19, 2001. 614. Microsoft Security Bulletin, MS01-042, July 27, 2001. 615. Microsoft Security Bulletin, MS00-097, December 15, 2000. 616. Microsoft Security Bulletin MS01-043, August 14, 2001. 617. Securiteam, January 18, 2001. 618. Bugtraq, July 27, 2001. 619. Microsoft Security Bulletin, MS01-035, June 21, 2001. 620. Bugtraq, October 26, 2001. 621. Microsoft Security Bulletin, MS00-035, June 15, 2000. 622. Microsoft Security Bulletin, MS00-041, July 12, 2000. 623. Microsoft Security , Bulletin MS00-035 (version 2.0), May 10, 2001. 624. Bugtraq, May 23, 2001. 625. Bugtraq, May 3, 2001. 626. Bugtraq, November 13, 2001. 627. Strumpf Noir Society Advisories, April 28, 2001. 628. Hexyn/Securax Advisory #22, August 17, 2001. 629. Securiteam, July 27, 2001. 630. Bugtraq, February 9, 2001. 631. Bugtraq, October 19, 2001. 632. @stake Security Advisory, A043001-1, April 30, 2001. 633. Bugtraq, August 29, 2001. 634. Bugtraq, August 29, 2001. 635. Bugtraq, August 29, 2001. 636. @stake Security Advisory, A043001-1, April 30, 2001. 637. SecurityFocus, July 17, 2001. 638. Bugtraq, October 2, 2001. 639. Bugtraq, June 14, 2001. 640. Internet Security Systems Security Advisory, ISS-087, July 5, 2001. 641. Cisco Security Advisory, CI-01.12, September 12, 2001. 642. Securiteam, July 25, 2001 643. Internet Security Systems Security Advisory, ISS-084, June 20, 2001. 644. List Digest, March 20, 2001. 645. TESO Security Advisory, July 10, 2001. 646. CERT® Advisory CA-2001-31, November 13, 2001. 647. Debian Security Advisory, DSA-004-1, December 16, 2000. 648. eSecurityOnline.com Free Vulnerability Alert 3227, December 14, 2000. 649. Securiteam, January 2, 2001. 650. Internet Security Systems Security Advisory, October 2, 2001. 651. Conectiva Linux Security Announcement, CLA-2001:409, July 19, 2001. 652. Conectiva Linux Security Announcement, CLA-2001:409, July 19, 2001. 653. Securiteam, April 9, 2001. 654. Bugtraq, April 4, 2001. 655. Securiteam, July 23, 2001. 656. Bugtraq, January 16, 2001. 657. Bugtraq, January 31, 2001. 658. Bugtraq, January 10, 2001. 659. Red Hat, Inc. Red Hat Security Advisory, RHSA-2001:001-05, January 11, 2001. 660. Immunix OS Security Advisory, IMNX-2000-70-029-01, January 18, 2001. 661. Bugtraq, December 21, 2000. 662. Linux-Mandrake Security Update Advisory, MDKSA-2000:088, December 31, 2000. 663. Bugtraq, January 3, 2001. 664. Caldera International, Inc. Security Advisory, CSSA-2001-025.0, July 19, 2001. 665. CERT® Advisory, CA-2001-34, December 13, 2001. 666. Network Associates, Inc. COVERT Labs Security Advisory, COVERT-2001-02, April 9, 2001. 667. Defcom Labs Advisory, def-2001-19, April 18, 2001. 668. Bugtraq, February 28, 2001.

NIPC CyberNotes #2001-26 Page 75 of 70 12/31//2001 669. Bugtraq, December 14, 2000. 670. RAZOR Advisory, July 30, 2001. 671. Bugtraq, October 18, 2001. 672. Bugtraq, June 27, 2001. 673. Bugtraq, February 10, 2001. 674. Securiteam, April 17, 2001. 675. Bugtraq, July 16, 2001. 676. Bugtraq, November 21, 2001. 677. Securiteam, February 5, 2001. 678. Securiteam, January 9, 2001. 679. eSecurityOnline Free Vulnerability Alert 3451, March 9, 2001. 680. Georgi Guninski Security Advisory #47, June 14, 2001. 681. PGP Security Advisory, September 4, 2001. 682. Internet Security Systems Security Advisory, ISS-094, August 29, 2001. 683. Red Hat Security Advisory, RHSA-2001:077-05, June 11, 2001. 684. Bugtraq, January 19, 2001. 685. Securiteam, June 5, 2001. 686. Immunix OS Security Advisory, IMNX-2000-70-019-01, January 10, 2001. 687. Immunix OS Security Advisory, IMNX-2000-70-016-01, January 10, 2001. 688. Linux-Mandrake Security Update Advisory, MDKSA-2001:011, January 12, 2001. 689. Debian Security Advisory, DSA-021-1, January 26, 2001. 690. SecurityFocus, April 20, 2001. 691. Red Hat, Inc. Red Hat Security Advisory, RHSA-2001:044-08, May 14, 2001. 692. Immunix OS Security Advisory, IMNX-2001-70-019-01, May 8, 2001. 693. eSecurityOnline Free Vulnerability Alert 3388, February 12, 2001. 694. Securiteam, March 4, 2001. 695. Securiteam, December 21, 2000. 696. eSecurityOnline Free Vulnerability Alert 3327, January 23, 2001. 697. RUS-CERT Advisory 2001-08:01, August 29, 2001. 698. Bugtraq, June 6, 2001. 699. Securiteam, June 13, 2001. 700. Bugtraq, January 15, 2001. 701. Bugtraq, December 5, 2001. 702. Bugtraq, August 1, 2001. 703. Bugtraq, July 31, 2001. 704. CHINANSL Security Advisory, CSA-200110, April 1, 2001. 705. Securiteam, August 19, 2001. 706. Bugtraq, December 11, 2001. 707. Internet Security Systems Security Alert, September 5, 2001. 708. Bugtraq, December 28, 2000. 709. CERT® Advisory CA-2001-18, July 19, 2001. 710. Bugtraq, July 10, 2001. 711. Bugtraq, July 8, 2001. 712. Immunix OS Security Advisory, IMNX-2000-70-027-01, January 10, 2001. 713. Linux-Mandrake Security Update Advisory, MDKSA-2001:007, January 10, 2001. 714. Immunix OS Security Advisory, IMNX-2000-70-026-01, January 10, 2001. 715. Linux-Mandrake Security Update Advisory, MDKSA-2001:005, January 10, 2001. 716. Immunix OS Security Advisory, IMNX-2000-70-025-01, January 10, 2001. 717. Linux-Mandrake Security Update Advisory, MDKSA-2001:004, January 10, 2001. 718. Immunix OS Security Advisory, IMNX-2000-70-021-01, January 10, 2001. 719. Linux-Mandrake Security Update Advisory, MDKSA-2001:006, January 10, 2001. 720. Conectiva Linux Security Announcement, CLA-2001:387, March 19, 2001. 721. FreeBSD Ports Security Advisory, FreeBSD-SA-01:23, March 12, 2001. 722. OpenBSD Security Advisory, December 18, 2000. 723. Bugtraq, December 18, 2000. 724. FreeBSD Security Advisory, FreeBSD-SA-01:28, March 12, 2001. 725. Linux-Mandrake Security Update Advisory, MDKSA-2001:034, March 22, 2001. 726. Bugtraq, April 11, 2001. 727. Debian Security Advisory DSA-048-1, April 18, 2001. 728. Immunix OS Security Advisory, IMNX-2000-70-018-01, January 10, 2001. 729. Linux-Mandrake Security Update Advisory, MDKSA-2001:003, January 10, 2001. 730. Trustix Secure Linux Security Advisory, 2001-0012, July 11, 2001.

NIPC CyberNotes #2001-26 Page 76 of 70 12/31//2001 731. EnGarde Secure Linux Security Advisory, ESA-20010709-01, July 9, 2001. 732. Trustix Secure Linux Security Advisory #2001-0014, July 26, 2001. 733. Conectiva Linux Security Announcement, CLA-2001:410, July 25, 2001. 734. Immunix OS Security Advisory, IMNX-2000-70-024-01, January 10, 2001. 735. Linux-Mandrake Security Update Advisory, MDKSA-2001:008, January 10, 2001. 736. Immunix OS Security Advisory, IMNX-2000-70-023-01, January 10, 2001. 737. Linux-Mandrake Security Update Advisory, MDKSA-2001:010, January 10, 2001. 738. Immunix OS Security Advisory, IMNX-2000-70-022-01, January 10, 2001. 739. Linux-Mandrake Security Update Advisory, MDKSA-2001:001, January 10, 2001. 740. Immunix OS Security Advisory, IMNX-2000-70-020-01, January 10, 2001. 741. Linux-Mandrake Security Update Advisory, MDKSA-2001:009, January 10, 2001. 742. Immunix OS Security Advisory, IMNX-2000-70-017-01, January 10, 2001. 743. Linux-Mandrake Security Update Advisory, MDKSA-2001:002, January 10, 2001. 744. Red Hat, Inc. Red Hat Security Advisory, RHSA-2001:002-03, January 16, 2001. 745. Linux-Mandrake Security Update Advisory, MDKSA-2001:012, January 18, 2001. 746. Debian Security Advisor, DSA-074-1, August 12, 2001. 747. Conectiva Linux Security Announcement, CLA-2001:411, August 13, 2001. 748. Mandrake Linux Security Update Advisory, MDKSA-2001:077-2, November 28, 2001. 749. Red Hat Security Advisory, RHSA-2001:164-08, December 7, 2001. 750. Red Hat Security Advisory, RHSA-2001:053-06, April 25, 2001. 751. Linux-Mandrake Security Update Advisory, MDKSA-2001:044, April 27, 2001. 752. Immunix OS Security Advisory, IMNX-2001-70-017-01, April 27, 2001. 753. Caldera Security Advisory, CSSA-2001-036.0, October 18, 2001. 754. EnGarde Secure Linux Security Advisory, ESA-20011019-02, October 19, 2001. 755. Red Hat Security Advisory, RHSA-2001:129-05, October 18, 2001. 756. Linux-Mandrake Security Update Advisory, MDKSA-2001:032, March 23, 2001. 757. Red Hat, Inc. Red Hat Security Advisory, RHSA-2001:022-03, March 28, 2001. 758. Conectiva Linux Security Announcement, CLA-2001:389, March 27, 2001. 759. Linux-Mandrake Security Update Advisory, MDKSA-2001:042, April 25, 2001. 760. Debian Security Advisory, DSA-053-1, April 27, 2001. 761. Progeny Service Network Security Advisory, PROGENY-SA-2001-10, April 27, 2001. 762. Red Hat, Inc. Red Hat Security Advisory, RHSA-2001:021-06, February 26, 2001. 763. Linux-Mandrake Security Update Advisory, MDKSA-2001:025, February 26, 2001. 764. Conectiva Linux Security Announcement, CLA-2001:382, March 2, 2001. 765. Debian Security Advisory, DSA-043-1, March 9, 2001. 766. Caldera Security Advisory, CSSA-2001-038.0, November 5, 2001. 767. SuSE Security Announcement, SuSE-SA:2001:036, November 2, 2001. 768. Red Hat Security Advisory, RHSA-2001:142-15, November 2, 2001. 769. EnGarde Secure Linux Security Advisory, ESA-20011106-01, November 6, 2001. 770. Linux-Mandrake Security Update Advisory, MDKSA-2001:024, February 26, 2001. 771. Immunix OS Security Advisory, IMNX-2001-70-004-01, February 26, 2001. 772. Conectiva Linux Security Announcement, CLA-2001:381, February 26, 2001. 773. Debian Security Advisory, DSA-031-2, March 6, 2001. 774. Synnergy Networks, June 6, 2001. 775. Red Hat Security Advisory, RHSA-2001:161-08, December 4, 2001. 776. Debian Security Advisory, DSA-091-1, December 5, 2001. 777. SuSE Security Announcement, SuSE-SA:2001:045, December 6, 2001. 778. FreeBSD Security Advisory, FreeBSD-SA-01:63, December 6, 2001. 779. Debian Security Advisory, DSA-054-1, May 7, 2001. 780. Linux-Mandrake Security Update Advisory, MDKSA-2001:050, May 10, 2001. 781. Progeny Service Network Security Advisory, PROGENY-SA-2001-11, May 7, 2001. 782. SuSE Security Announcement, SuSE-SA:2001:17, May 15, 2001. 783. Red Hat, Inc. Red Hat Security Advisory, RHSA-2001:029-02, March 13, 2001. 784. Immunix OS Security Advisory, IMNX-2001-70-006-01, March 15, 2001. 785. Conectiva Linux Security Announcement, CLA-2001:385, March 16, 2001. 786. Trustix Secure Linux Security Advisory #2001-0001, March 16, 2001. 787. Immunix OS Security, IMNX-2001-70-025-01, June 13, 2001. 788. Debian Security Advisory, DSA-060-1, June 16, 2001. 789. EnGarde Secure Linux Security Advisory, ESA-20010620-01, June 20, 2001. 790. Conectiva Linux Security Announcement, CLA-2001:403, June 19, 2001. 791. Caldera International, Inc. Security Advisory, CSSA-2001-022.0, June 20, 2001. 792. Red Hat, Inc. Red Hat Security Advisory, RHSA-2001:027-02, March 14, 2001.

NIPC CyberNotes #2001-26 Page 77 of 70 12/31//2001 793. Immunix OS Security Advisory, IMNX-2001-70-008-01, March 15, 2001. 794. Linux-Mandrake Security Update Advisory, MDKSA-2001:030-1, March 20, 2001. 795. Conectiva Linux Security Announcement, CLA-2001:390, March 27, 2001. 796. Debian Security Advisory, DSA-038-1, March 8, 2001. 797. SuSE Security Announcement, SuSE-SA:2001:043, November 28, 2001. 798. RedHat Security Advisory, RHSA-2001:157-06, November 26, 2001. 799. Caldera International Security Advisory, CSSA-2001-041.0, November 28, 2001. 800. Immunix OS Security Advisory, IMNX-2001-70-036-01, November 28, 2001. 801. Conectiva Linux Security Announcement, CLA-2001:442, November 29, 2001. 802. Red Hat, Inc. Red Hat Security Advisory, RHSA-2000:131-02, December 19, 2000. 803. Trustix Security Advisory, December 20, 2000. 804. Linux-Mandrake Security Update Advisory, MDKSA-2000:087, December 20, 2000. 805. Debian Security Advisory, DSA-010-1, December 24, 2000. 806. Conectiva Linux Security Announcement, CLA-2000:368, December 29, 2000. 807. Linux-Mandrake Security Update Advisory, MDKSA-2001: 033-1, March 23, 2001. 808. Immunix OS Security Advisory, IMNX-2001-70-009-01, March 26, 2001. 809. Red Hat, Inc. Red Hat Security Advisory, RHSA-2001:041-02, April 4, 2001. 810. Conectiva Linux Security Announcement, CLA-2001:391, March 28, 2001. 811. Trustix Secure Linux Security Advisory, #2001-0002, March 29, 2001. 812. Debian Security Advisory, DSA-040-1, March 9, 2001. 813. Linux-Mandrake Security Update Advisory, MDKSA-2001:028, March 9, 2001. 814. Immunix OS Security Advisory, IMNX-2001-70-007-01, March 15, 2001. 815. Conectiva Linux Security Announcement, CLA-2001:383, March 14, 2001. 816. Red Hat, Inc. Red Hat Security Advisory, RHSA-2001:028-02, March 13, 2001. 817. Immunix OS Security Advisory, IMNX-2001-70-027-01, June 26, 2001. 818. Trustix Secure Linux Security Advisory, 2001-0011, June 27, 2001. 819. Caldera International, Inc. Security Advisory, CSSA-2001-024.0, June 26, 2001. 820. Red Hat Security Advisory, RHSA-2001:086-06, June 26, 2001. 821. Debian Security Advisory, DSA-065-1, June 23, 2001. 822. Conectiva Linux Security Announcement, CLA-2001:405, June 23, 2001. 823. Conectiva Linux Security Announcement, CLA-2001:416, August 29, 2001. 824. Immunix OS Security Advisory, IMNX-2001-70-033-01, August 29, 2001. 825. Mandrake Linux Security Update Advisory, MDKSA-2001:076, August 31, 2001. 826. SecurityFocus, June 15, 2001. 827. Securiteam, December 14, 2001. 828. Bugtraq, October 2, 2001. 829. Securiteam, December 10, 2001. 830. Bugtraq, July 22, 2001. 831. Securiteam, September 24, 2001. 832. Defcom Labs Advisory, def-2001-17, April 3, 2001. 833. Securiteam, April 16, 2001. 834. NetBSD Security Advisory, 2000-011, July 20, 2001. 835. NetBSD Security Advisory, 2001-006, May 30, 2001. 836. NetBSD Security Advisory, 2001-007, May 30, 2001. 837. NetBSD Security Advisory, 2001-008, May 30, 2001. 838. NetBSD Security Advisory, 2001-015, September 5, 2001. 839. NetBSD Security Advisory, 2001-015, September 5, 2001. 840. PoizonB0x Advisory#6, pb0x-06-08-2001, August 13, 2001. 841. Securiteam, January 26, 2001. 842. Bugtraq, April 24, 2001. 843. Securiteam, January 30, 2001. 844. Securiteam, April 19, 2001. 845. Bugtraq, November 21, 2001. 846. SecurityFocus, August 27, 2001. 847. S.A.F.E.R. Security Bulletin, 010124.EXP.1.11, January 25, 2001. 848. Defcom Labs Advisory, def-2001-05, January 22, 2001. 849. eSecurityOnline Free Vulnerability Alert 3343, January 25, 2001. 850. @stake Security Advisory, A041301-1, April 13, 2001. 851. The Register, April 24, 2001. 852. Defcom Labs Advisory def-2001-04, January 22, 2001. 853. Defcom Labs Advisory, def-2001-08, February 26, 2001. 854. @stake, Inc. Security Advisory Notification, A030701-1, March 7, 2001.

NIPC CyberNotes #2001-26 Page 78 of 70 12/31//2001 855. NSFOCUS Security Advisory, SA2001-01, January 9, 2001. 856. SecurityFocus, March 26, 2001. 857. Securiteam, July 23, 2001. 858. Bugtraq, June 19, 2001. 859. Bugtraq, August 4, 2001. 860. Strumpf Noir Society Advisories, March 1, 2001. 861. Bugtraq, July 5, 2001. 862. Bugtraq, September 4, 2001. 863. Securiteam, December 2, 2001. 864. NetGuard Security Team alert7, November 22, 2001. 865. Securiteam, October 6, 2001 866. SNS Advisory No.43, September 28, 2001. 867. Securiteam, February 10, 2001. 868. Securiteam, April 11, 2001. 869. Bugtraq, April 20, 2001. 870. Nomad Mobile Research Centre Advisory, August 14, 2001. 871. Novell Security Advisory, August 14, 2001. 872. eSecurityOnline Free Vulnerability Alert 3396, February 20, 2001. 873. Foundstone Advisory, FS-101501-20-GWSE, October 15, 2001. 874. Bugtraq, February 10, 2001. 875. Securiteam, November 16, 2001. 876. Securiteam, June 7, 2001. 877. Bugtraq, January 16, 2001. 878. Strumpf Noir Society Advisories, May 15, 2001. 879. Securiteam, May 29, 2001. 880. Securiteam, October 8, 2001. 881. Bugtraq, June 2, 2001. 882. SecurityFocus, December 4, 2001. 883. Bugtraq, June 5, 2001. 884. Bugtraq, November 19, 2001. 885. Bugtraq, June 19, 2001. 886. OpenSSH Security Advisory, September 26, 2001. 887. Red Hat Security Advisory, RHSA-2001:114-04, October 16, 2001. 888. Mandrake Linux Security Update Advisory, MDKSA-2001:081, October 16, 2001. 889. Trustix Secure Linux Security Advisory, TSLSA-2001-0023, October 17, 2001. 890. Immunix OS Security Advisory, MNX-2001-70-034-01, October 18, 2001. 891. Bugtraq, April 24, 2001. 892. SecurityFocus, July 9, 2001. 893. Georgi Guninski Security Advisory #51, November 15, 2001. 894. Bugtraq, September 17, 2001. 895. Bugtraq, April 18, 2001. 896. S.A.F.E.R. Security Bulletin 0016, April 10, 2001. 897. eSecurityOnline.com Free Vulnerability Alert 3269, December 27, 2000. 898. eSecurityOnline.com Free Vulnerability Alert 3269, December 27, 2000. 899. Bugtraq, October 23, 2001. 900. eSecurityOnline Free Vulnerability Alert, January 19, 2001. 901. Plazasite Security Advisory, August 2, 2001. 902. Plazasite Security Advisory, August 2, 2001 903. Network Associates, Inc. COVERT Labs Security Advisory, COVERT-2001-03, June 27, 2001. 904. Network Associates, Inc. COVERT Labs Security Advisory, COVERT-2001-04, June 27, 2001. 905. Plazasite Security Advisory, August 2, 2001. 906. Securiteam, May 8, 2001. 907. Securiteam, May 27, 2001. 908. Georgi Guninski Security Advisory #36, January 22, 2001. 909. Securiteam, February 19, 2001. 910. Georgi Guninski security advisory #34, January 9, 2001. 911. Securiteam, November 27, 2001. 912. Defcom Labs Advisory, def-2001-30, October 18, 2001. 913. Bugtraq, August 1, 2001. 914. Bugtraq, August 1, 2001. 915. Bugtraq, February 27, 2001. 916. Defcom Labs Advisory, def-2001-15, March 28, 2001.

NIPC CyberNotes #2001-26 Page 79 of 70 12/31//2001 917. Bugtraq, March 16, 2001. 918. Defcom Labs Advisory, def-2001-25, May 14, 2001. 919. Bugtraq, June 2, 2001. 920. Securiteam, February 20, 2001. 921. Network News, March 13, 2001. 922. Bugtraq, June 4, 2001. 923. Intexxia(C) Security Advisory, ID #1047-231101, November 26, 2001. 924. eSecurityOnline Free Vulnerability Alert 3730, June 27, 2001. 925. Bugtraq, November 30, 2001. 926. @stake Security Advisory, A040901-1, April 20, 2001. 927. Securiteam, January 16, 2001. 928. Bugtraq, June 30, 2001. 929. Bugtraq, October 8, 2001. 930. Bugtraq, August 10, 2001. 931. SecurityFocus, August 13, 2001. 932. VulnWatch, August 3, 2001. 933. Securiteam, August 1, 2001. 934. Secure Reality Pty Ltd. Security Pre-Advisory #1, SRPRE00001, April 24, 2001. 935. eRisk Security Advisory, August 29, 2001. 936. Secure Reality Pty Ltd. Security Advisory, SRADV00008, July 3, 2001. 937. Bugtraq, May 8, 2001. 938. Bugtraq, August 26, 2001. 939. Secure Reality Pty Ltd. Security Advisory, SRADV00009, July 3, 2001. 940. Secure Reality Pty Ltd. Security Pre-Advisory #2, SRPRE00002, April 24, 2001. 941. Strumpf Noir Society Advisories, May 30, 2001. 942. Bugtraq, September 20, 2001. 943. Qitest1's Security Advisory #001, June 6, 2001. 944. Securiteam, September 4, 2001. 945. Bugtraq, September 25, 2001. 946. Bugtraq, June 6, 2001. 947. Red Hat, Inc. Red Hat Security Advisory, RHSA-2001:093-03, July 13, 2001. 948. Bugtraq, September 7, 2001. 949. Bugtraq, October 5, 2001. 950. Bugtraq, October 8, 2001. 951. Securiteam, November 7, 2001. 952. Securiteam, February 4, 2001. 953. Bugtraq, September 25, 2001. 954. Strumpf Noir Society Advisories, April 13, 2001. 955. Bugtraq, June 2, 2001. 956. Bugtraq, March 18, 2001. 957. Bugtraq, April 18, 2001. 958. Bugtraq, May 28, 2001. 959. Bugtraq, August 25, 2001. 960. Securiteam, March 31, 2001. 961. Bugtraq, June 19, 2001. 962. Securiteam, September 9, 2001. 963. Securiteam, March 6, 2001. 964. Bugtraq, November 9, 2001. 965. Securiteam, March 31, 2001. 966. Internet Security Systems Security Advisory, ISS-091, August 6, 2001. 967. Red Hat Security Advisory, RHSA-2001:074-03, June 4, 2001. 968. Bugtraq, June 12, 2001. 969. SecurityFocus, August 27, 2001. 970. Bugtraq, May 13, 2001. 971. Bugtraq, September 12, 2001. 972. Red Hat Security Advisory, RHSA-2001:075-04, June 5, 2001. 973. Red Hat Security Advisory, RHSA-2001:058-04, May 2, 2001. 974. Red Hat, Inc. Red Hat Security Advisory, RHSA-2001:095-04, July 16, 2001. 975. Red Hat Security Advisory, RHSA-2001:110-05, September 19, 2001. 976. Red Hat Security Advisory, RHSA-2001:144-04, November 5, 2001. 977. Red Hat Security Advisory, RHSA-2001:148-09, November 13, 2001. 978. Bugtraq, December 26, 2000.

NIPC CyberNotes #2001-26 Page 80 of 70 12/31//2001 979. Securiteam, April 12, 2001. 980. Bugtraq, October 25, 2001. 981. Red Hat Security Advisory, RHSA-2001:142-15, November 2, 2001. 982. VIGILANTE-2001002, November 23, 2001. 983. Bugtraq, March 20, 2001. 984. Bugtraq, August 23, 2001. 985. Securiteam, January 26, 2001. 986. Bugtraq, July 22, 2001. 987. Bugtraq, November 16, 2001. 988. Bugtraq, May 14, 2001. 989. Bugtraq, April 18, 2001. 990. Securiteam, April 3, 2001. 991. Wkit Security Advisory, WSIR-01/02-06, March 8, 2001. 992. Securiteam, September 4, 2001. 993. Securiteam, March 6, 2001. 994. Bugtraq, April 23, 2001. 995. Bugtraq, April 17, 2001. 996. SecurityFocus, August 2, 2001. 997. SecurityFocus, August 21, 2001. 998. Procheckup Security Bulletin, PR01-01, October 22, 2001. 999. Bugtraq, August 21, 2001. 1000. SecurityFocus, October 16, 2001. 1001. Bugtraq, July 22, 2001. 1002. Bugtraq, July 25, 2001. 1003. Bugtraq, July 10, 2001. 1004. Bugtraq, April 30, 2001. 1005. Bugtraq, February 27, 2001. 1006. Strategic Reconnaissance Team Security Advisory, SRT2001-9, May 22, 2001. 1007. Reconnaissance Team Security Advisories, SRT2001-02 through SRT2001-07, March 27, 2001. 1008. System Security Enhancement (SSE) SSE072B, April 12, 2001. 1009. Caldera International, Inc. Security Advisory, CSSA-2001-SCO.4, June 27, 2001. 1010. Bugtraq, June 11, 2001. 1011. Securiteam, October 8, 2001. 1012. Bugtraq, July 24, 2001. 1013. Foundstone Security Advisory, FS-061201-19-SMSW, June 11, 2001. 1014. Securiteam, September 9, 2001. 1015. SourceForge Newsletter, December 12, 2001. 1016. Debian Security Advisory, DSA 052-1, April 23, 2001. 1017. Progeny Linux Systems, PROGENY-SA-2001-08, April 20, 2001. 1018. RAZOR Advisory, BV-015, May 28, 2001. 1019. SecurityFocus, August 20, 2001. 1020. RAZOR Advisory, October 1, 2001. 1021. Undersec Security Advisory, March 4, 2001. 1022. iSecureLabs Advisory, October 22, 2001. 1023. SGI Security Advisory, 20011001-01-P, October 22, 2001. 1024. Bugtraq, June 18, 2001. 1025. Securiteam, May 2, 2001. 1026. SGI Security Advisory, 20010501-01-P, May 9, 2001. 1027. UkR Security Team Advisory #1, February 12, 2001. 1028. PoizonB0x Advisory#1, pb0x-07-07-2001, August 13, 2001. 1029. SecurityFocus, November 8, 2001. 1030. Caldera Security Advisory, CSSA-2001-037.0, October 30, 2001. 1031. Debian Security Advisory, DSA-078-1, September 24, 2001. 1032. Bugtraq, July 26, 2001. 1033. Bugtraq, October 16, 2001. 1034. Securiteam, February 11, 2001. 1035. Securiteam, March 28, 2001. 1036. Bugtraq, July 25, 2001. 1037. Bugtraq, September 4, 2001. 1038. Securiteam, June 9, 2001. 1039. Securiteam, May 28, 2001. 1040. Bugtraq, September 11, 2001.

NIPC CyberNotes #2001-26 Page 81 of 70 12/31//2001 1041. Bugtraq, April 24, 2001. 1042. Strumpf Noir Society Advisories, May 23, 2001. 1043. Bugtraq, May 7, 2001. 1044. Secure Reality Pty Ltd. Security Advisory, SRADV00010, July 3, 2001. 1045. Bugtraq, January 16, 2001. 1046. Crimelabs Security Note, CLABS200101, February 5, 2001. 1047. CORE SDI S.A. Security Advisory, CORE-20010116, February 7, 2001. 1048. Bugtraq, July 20, 2001. 1049. USSR Labs, USSR-2001001, March 15, 2001. 1050. Bugtraq, August 24, 2001. 1051. Securiteam, February 18, 2001. 1052. Securiteam, July 24, 2001. 1053. Defcom Labs Advisory, def-2001-01, January 8, 2001. 1054. SecurityFocus, August 24, 2001. 1055. NMRC Advisory, November 26, 2001. 1056. Sun Microsystems, Inc. Security Bulletin #00206, August 30, 2001. 1057. eEye Digital Security, April 10, 2001. 1058. Bugtraq, January 9, 2001. 1059. Bugtraq, January 17, 2001. 1060. Sun Microsystems, Inc. Security Bulletin, Sun-00200, January 12, 2001. 1061. Bugtraq, March 27, 2001. 1062. Bugtraq, July 5, 2001. 1063. Bugtraq, May 2, 2001. 1064. VulnWatch, October 22, 2001. 1065. Bugtraq, April 19, 2001. 1066. Bugtraq, April 11, 2001. 1067. Bugtraq, March 14, 2001. 1068. Bugtraq, April 11, 2001. 1069. Bugtraq, April 11, 2001. 1070. NSFOCUS Security Advisory, SA2001-05, August 10, 2001. 1071. Sun Alert Notification, September 13, 2001. 1072. Internet Security Systems Security Advisory, ISS-080, June 19, 2001. 1073. eSecurityOnline Free Vulnerability Alert 3275, January 3, 2001. 1074. Securiteam, March 24, 2001. 1075. Securiteam, January 26, 2001. 1076. SPS Advisory #40, January 31, 2001. 1077. eSecurityOnline Free Vulnerability Alert 3543, April 10, 2001. 1078. Bugtraq, May 28, 2001. 1079. Bugtraq, June 20, 2001. 1080. Securiteam, March 14, 2001. 1081. Bugtraq, June 26, 2001. 1082. Georgi Guninski Security Advisory #46, June 4, 2001. 1083. SecurityFocus, November 9, 2001. 1084. Vapid Labs Advisory ID, 11242000-02, December 18, 2000. 1085. NSFOCUS Security Advisory, SA2001-04, July 24, 2001. 1086. Bugtraq, April 12, 2001. 1087. Securiteam, June 24, 2001. 1088. Bugtraq, December 18, 2000. 1089. CHINANSL Security Advisory, CSA-200106, March 29, 2001. 1090. Sun Microsystems, Inc. Security Bulletin Security Bulletin Number, #00201, February 22, 2001. 1091. Securiteam, May 17, 2001. 1092. Bugtraq, June 18, 2001. 1093. Securiteam, March 23, 2001. 1094. Bugtraq, August 20, 2001. 1095. Bugtraq, January 13, 2001. 1096. Securiteam, November 24, 2001. 1097. Bugtraq, January 10, 2001. 1098. Bugtraq, April 18, 2001. 1099. SuSE Security Announcement, SuSE-SA:2001:041, November 22, 2001. 1100. SuSE Security Announcement, SuSE-SA:2001:16, May 4, 2001. 1101. SuSE Security Announcement, SuSE-SA:2001:14, April 19, 2001. 1102. Securiteam, March 21, 2001.

NIPC CyberNotes #2001-26 Page 82 of 70 12/31//2001 1103. Defcom Labs Advisory def-2001-21, April 11, 2001. 1104. Phenoelit Advisory #0815, October 5, 2001. 1105. Corsaire Limited Security Advisory, May 10, 2001. 1106. Securiteam, August 15, 2001. 1107. Bugtraq, September 7, 2001. 1108. Bugtraq, May 24, 2001. 1109. eSecurityOnline Free Vulnerability Alert 3399, February 22, 2001. 1110. SecurityFocus, November 5, 2001. 1111. Securiteam, May 15, 2001. 1112. Securiteam, March 23, 2001. 1113. Securiteam, June 28, 2001. 1114. Bugtraq, August 20, 2001. 1115. Bugtraq, April 25, 2001. 1116. Bugtraq, December 23, 2000. 1117. Ksecurity Advisory, December 27, 2000. 1118. Bugtraq, April 25, 2001. 1119. Bugtraq, May 24, 2001. 1120. Bugtraq, April23, 2001. 1121. Bugtraq, September 12, 2001. 1122. Bugtraq, April 20, 2001. 1123. Bugtraq, June 7, 2001. 1124. Bugtraq, February 16, 2001. 1125. SuSE Security Announcement, SuSE-SA:2001:025, August 3, 2001. 1126. Bugtraq, April 16, 2001. 1127. NTSecurity, January 2, 2001. 1128. Securiteam, January 9, 2001. 1129. Packet Knights Advisory 002, January 17, 2001. 1130. Securiteam, July 4, 2001. 1131. Bugtraq, June 10, 2001. 1132. Bugtraq, March 30, 2001. 1133. STAT Security Advisory, April 2, 2001. 1134. eEye Digital Security, April 13, 2001. 1135. Bugtraq, January 16, 2001. 1136. Securiteam, April 26, 2001. 1137. SNS Advisory No.28, June 1, 2001. 1138. SNS Advisory No.34, June 28, 2001. 1139. SNS Advisory No.35, June 28, 2001. 1140. SNS Advisory No.36, July 2, 2001. 1141. eDvice Security Services Advisory, July 9, 2001. 1142. Bugtraq, August 2, 2001. 1143. SNS Advisory No.44, October 16, 2001. 1144. SNS Advisory No.30, June 12, 2001. 1145. SNS Advisory No.31, June 13, 2001. 1146. SNS Advisory No.33, June 21, 2001. 1147. Secure Net Service(SNS) Advisory No.38, August 20, 2001. 1148. Secure Net Service Advisory No.29, June 7, 2001. 1149. SNS Advisory No. 42, September 12, 2 001. 1150. Securiteam, July 10, 2001. 1151. Securiteam, August 15, 2001. 1152. Bugtraq, May 28, 2001. 1153. Bugtraq, November 28, 2001. 1154. Securiteam, March 6, 2001. 1155. Asguard Labs Advisory, October 4, 2001. 1156. Bugtraq, January 11, 2001. 1157. Securiteam, January 20, 2001. 1158. Debian Security Advisory, DSA-058-1, June 10, 2001. 1159. Mandrake Linux Security Update Advisory, MDKSA-2001:054, June 10, 2001. 1160. USSR Labs Advisory Code, USSR-2000058, December 25, 2000. 1161. qDefense Advisory Number QDAV-2001-7-3, July 15, 2001. 1162. Nomad Mobile Research Centre Advisory, December 4, 2001. 1163. Securiteam, March 12, 2001. 1164. Bugtraq, September 20, 2001.

NIPC CyberNotes #2001-26 Page 83 of 70 12/31//2001 1165. @stake Security Advisory, A021601-1, February 16, 2001. 1166. eSecurityOnline Free Vulnerability Alert 3436, March 5, 2001. 1167. Securiteam, January 17, 2001. 1168. Red Hat, Inc. Red Hat Security Advisory, RHSA-2001:008-02, March 21, 2001. 1169. Linux-Mandrake Security Update Advisory, MDKSA-2001:035, March 27, 2001. 1170. Bugtraq, July 30, 2001. 1171. Bugtraq, December 18, 2000. 1172. Bugtraq, June 29, 2001. 1173. SNS Advisory No.32, June 21, 2001. 1174. Debian Security Advisory, DSA-016-3, January 24, 2001. 1175. Securiteam, June 11, 2001. 1176. Bugtraq, January 20, 2001. 1177. Defcom Labs Advisory def-2001-07, February 14, 2001. 1178. Defcom Labs Advisory, def-2001-18, April 5, 2001. 1179. Whizkunde Security Advisory, April 9, 2001. 1180. SourceForge Newsletter, December 12, 2001. 1181. Bugtraq, January 10, 2001. 1182. Bugtraq, May 26, 2001. 1183. Bugtraq, August 15, 2001. 1184. Bugtraq, June 3, 2001. 1185. Securiteam, March 8, 2001. 1186. Bugtraq, February 28, 2001. 1187. Securiteam, August 21, 2001. 1188. Bugtraq, January 30, 2001. 1189. Bugtraq, November 15, 2001. 1190. Bugtraq, August 21, 2001. 1191. Defcom Labs Advisory, def-2001-09, March 2, 2001. 1192. Debian Security Advisory, DSA-092-1, December 6, 2001. 1193. Securiteam, October 27, 2001. 1194. Securiteam, August 1, 2001. 1195. Strumpf Noir Society Advisories, February 17, 2001. 1196. Bugtraq, August 1, 2001. 1197. IRM Security Advisory No. 001, September 21, 2001. 1198. Securiteam, May 29, 2001. 1199. Bugtraq, August 10, 2001. 1200. Bugtraq, July 11, 2001. 1201. Bugtraq, December 7, 2001. 1202. Bugtraq, December 8, 2001. 1203. Immunix OS Security Advisory, IMNX-2001-70-029-01, June 29, 2001. 1204. EnGarde Secure Linux Security Advisory, ESA-20010621-01, June 21, 2001. 1205. Conectiva Linux Security Announcement , CLA-2001:406, June 30, 2001. 1206. Red Hat Security Advisory, RHSA-2001:092-02, July 6, 2001. 1207. Mandrake Linux Security Update Advisory, MDKSA-2001:055-1, July 5, 2001. 1208. Bugtraq, November 23, 2001. 1209. Bugtraq, February 2, 2001. 1210. Debian Security Advisory, DSA-090-1, December 5, 2001. 1211. Securiteam, April 12, 2001. 1212. Bugtraq, July 18, 2001. 1213. Securiteam, December 19, 2000. 1214. Red Hat Security Advisory, RHSA-2001:115-05, October 10, 2001. 1215. Mandrake Linux Security Update Advisory, MDKSA-2001:080, October 15, 2001. 1216. Bugtraq, December 14, 2001. 1217. Bugtraq, September 18, 2001. 1218. Bugtraq, August 9, 2001.

NIPC CyberNotes #2001-26 Page 84 of 70 12/31//2001