var-200003-0033
Vulnerability from variot
The window.showHelp() method in Internet Explorer 5.x does not restrict HTML help files (.chm) to be executed from the local host, which allows remote attackers to execute arbitrary commands via Microsoft Networking. Versions of the OpenSSH server prior to 3.7.1 contain buffer management errors. While the full impact of these vulnerabilities are unclear, they may lead to memory corruption and a denial-of-service situation. A vulnerability exists in Microsoft's Remote Procedure Call (RPC) implementation. A remote attacker could exploit this vulnerability to cause a denial of service. An exploit for this vulnerability is publicly available. There is a remote buffer overflow in many versions of Microsoft Windows that allows attackers to execute arbitrary code with system privileges. We are sending this message to help ensure that administrators have not overlooked one or more of these vulnerabilities.
There have been several recent vulnerabilities affecting OpenSSH. It is unclear if these issues are exploitable, but they are resolved in version 3.7.1. These four additional flaws are believed to be relatively minor, and are scheduled to be included in the next version of OpenSSH. Exploitation of this vulnerability may lead to a remote attacker gaining privileged access to the server, in some cases root access.
VU#209807 - Portable OpenSSH server PAM conversion stack corruption http://www.kb.cert.org/vuls/id/209807
There is a vulnerability in portable versions of OpenSSH 3.7p1 and 3.7.1p1 that may permit an attacker to corrupt the PAM conversion stack.
Please check the vulnerability notes for resolutions and additional details.
Thank you. -----BEGIN PGP SIGNED MESSAGE-----
CERT Summary CS-2003-04
November 24, 2003
Each quarter, the CERT Coordination Center (CERT/CC) issues the CERT Summary to draw attention to the types of attacks reported to our incident response team, as well as other noteworthy incident and vulnerability information. The summary includes pointers to sources of information for dealing with the problems.
Past CERT summaries are available from:
CERT Summaries
http://www.cert.org/summaries/
Recent Activity
Since the last regularly scheduled CERT summary, issued in September 2003 (CS-2003-03), we have documented vulnerabilities in the Microsoft Windows Workstation Service, RPCSS Service, and Exchange. We have received reports of W32/Swen.A, W32/Mimail variants, and exploitation of an Internet Explorer vulnerability reported in August of 2003.
For more current information on activity being reported to the CERT/CC, please visit the CERT/CC Current Activity page. The Current Activity page is a regularly updated summary of the most frequent, high-impact types of security incidents and vulnerabilities being reported to the CERT/CC. The information on the Current Activity page is reviewed and updated as reporting trends change.
CERT/CC Current Activity
http://www.cert.org/current/current_activity.html
1. W32/Mimail Variants
The CERT/CC has received reports of several new variants of the
'Mimail' worm. The most recent variant of the worm (W32/Mimail.J)
arrives as an email message alleging to be from the Paypal
financial service. The message requests that the recipient
'verify' their account information to prevent the suspension of
their Paypal account. Attached to the email is an executable file
which captures this information (if entered), and sends it to a
number of email addresses.
Current Activity - November 19, 2003
http://www.cert.org/current/archive/2003/11/19/archive.html#mimaili
2.
CERT Advisory CA-2003-28
Buffer Overflow in Windows Workstation Service
http://www.cert.org/advisories/CA-2003-28.html
Vulnerability Note VU#567620
Microsoft Windows Workstation service vulnerable to
buffer overflow when sent specially crafted network
message
http://www.kb.cert.org/vuls/id/567620
3.
CERT Advisory CA-2003-27
Multiple Vulnerabilities in Microsoft Windows and
Exchange
http://www.cert.org/advisories/CA-2003-27.html
Vulnerability Note VU#575892
Buffer overflow in Microsoft Windows Messenger Service
http://www.kb.cert.org/vuls/id/575892
Vulnerability Note VU#422156
Microsoft Exchange Server fails to properly handle
specially crafted SMTP extended verb requests
http://www.kb.cert.org/vuls/id/422156
Vulnerability Note VU#467036
Microsoft Windows Help and support Center contains buffer
overflow in code used to handle HCP protocol
http://www.kb.cert.org/vuls/id/467036
Vulnerability Note VU#989932
Microsoft Windows contains buffer overflow in Local
Troubleshooter ActiveX control (Tshoot.ocx)
http://www.kb.cert.org/vuls/id/989932
Vulnerability Note VU#838572
Microsoft Windows Authenticode mechanism installs ActiveX
controls without prompting user
http://www.kb.cert.org/vuls/id/838572
Vulnerability Note VU#435444
Microsoft Outlook Web Access (OWA) contains cross-site
scripting vulnerability in the "Compose New Message" form
http://www.kb.cert.org/vuls/id/435444
Vulnerability Note VU#967668
Microsoft Windows ListBox and ComboBox controls vulnerable
to buffer overflow when supplied crafted Windows message
http://www.kb.cert.org/vuls/id/967668
4. Multiple Vulnerabilities in SSL/TLS Implementations
Multiple vulnerabilities exist in the Secure Sockets Layer (SSL)
and Transport Layer Security (TLS) protocols allowing an attacker
to execute arbitrary code or cause a denial-of-service condition.
CERT Advisory CA-2003-26
Multiple Vulnerabilities in SSL/TLS Implementations
http://www.cert.org/advisories/CA-2003-26.html
Vulnerability Note VU#935264
OpenSSL ASN.1 parser insecure memory deallocation
http://www.kb.cert.org/vuls/id/935264
Vulnerability Note VU#255484
OpenSSL contains integer overflow handling ASN.1 tags (1)
http://www.kb.cert.org/vuls/id/255484
Vulnerability Note VU#380864
OpenSSL contains integer overflow handling ASN.1 tags (2)
http://www.kb.cert.org/vuls/id/380864
Vulnerability Note VU#686224
OpenSSL does not securely handle invalid public key when
configured to ignore errors
http://www.kb.cert.org/vuls/id/686224
Vulnerability Note VU#732952
OpenSSL accepts unsolicited client certificate messages
http://www.kb.cert.org/vuls/id/732952
Vulnerability Note VU#104280
Multiple vulnerabilities in SSL/TLS implementations
http://www.kb.cert.org/vuls/id/104280
Vulnerability Note VU#412478
OpenSSL 0.9.6k does not properly handle ASN.1 sequences
http://www.kb.cert.org/vuls/id/412478
5. Exploitation of Internet Explorer Vulnerability
The CERT/CC received a number of reports indicating that attackers
were actively exploiting the Microsoft Internet Explorer
vulnerability described in VU#865940. These attacks include the
installation of tools for launching distributed denial-of-service
(DDoS) attacks, providing generic proxy services, reading
sensitive information from the Windows registry, and using a
victim system's modem to dial pay-per-minute services. The
vulnerability described in VU#865940 exists due to an interaction
between IE's MIME type processing and the way it handles HTML
application (HTA) files embedded in OBJECT tags.
CERT Advisory IN-2003-04
Exploitation of Internet Explorer Vulnerability
http://www.cert.org/incident_notes/IN-2003-04.html
Vulnerability Note VU#865940
Microsoft Internet Explorer does not properly evaluate
"application/hta" MIME type referenced by DATA attribute
of OBJECT element
http://www.kb.cert.org/vuls/id/865940
6. W32/Swen.A Worm
On September 19, the CERT/CC began receiving a large volume of
reports of a mass mailing worm, referred to as W32/Swen.A,
spreading on the Internet. Similar to W32/Gibe.B in function, this
worm arrives as an attachment claiming to be a Microsoft Internet
Explorer Update or a delivery failure notice from qmail. The
W32/Swen.A worm requires a user to execute the attachment either
manually or by using an email client that will open the attachment
automatically. Upon opening the attachment, the worm attempts to
mail itself to all email addresses it finds on the system. The
CERT/CC updated the current activity page to contain further
information on this worm.
Current Activity - September 19, 2003
http://www.cert.org/current/archive/2003/09/19/archive.html#swena
7. Buffer Overflow in Sendmail
Sendmail, a widely deployed mail transfer agent (MTA), contains a
vulnerability that could allow an attacker to execute arbitrary
code with the privileges of the sendmail daemon, typically root.
CERT Advisory CA-2003-25
Buffer Overflow in Sendmail
http://www.cert.org/advisories/CA-2003-25.html
Vulnerability Note VU#784980
Sendmail prescan() buffer overflow vulnerability
http://www.kb.cert.org/vuls/id/784980
8.
CERT Advisory CA-2003-23
RPCSS Vulnerabilities in Microsoft Windows
http://www.cert.org/advisories/CA-2003-23.html
Vulnerability Note VU#483492
Microsoft Windows RPCSS Service contains heap overflow in
DCOM activation routines
http://www.kb.cert.org/vuls/id/483492
Vulnerability Note VU#254236
Microsoft Windows RPCSS Service contains heap overflow in
DCOM request filename handling
http://www.kb.cert.org/vuls/id/254236
Vulnerability Note VU#326746
Microsoft Windows RPC service vulnerable to
denial of service
http://www.kb.cert.org/vuls/id/326746
New CERT Coordination Center (CERT/CC) PGP Key
On October 15, the CERT/CC issued a new PGP key, which should be used when sending sensitive information to the CERT/CC.
CERT/CC PGP Public Key
https://www.cert.org/pgp/cert_pgp_key.asc
Sending Sensitive Information to the CERT/CC
https://www.cert.org/contact_cert/encryptmail.html
What's New and Updated
Since the last CERT Summary, we have published new and updated * Advisories http://www.cert.org/advisories/ * Vulnerability Notes http://www.kb.cert.org/vuls * CERT/CC Statistics http://www.cert.org/stats/cert_stats.html * Congressional Testimony http://www.cert.org/congressional_testimony * Training Schedule http://www.cert.org/training/ * CSIRT Development http://www.cert.org/csirts/
This document is available from: http://www.cert.org/summaries/CS-2003-04.html
CERT/CC Contact Information
Email: cert@cert.org Phone: +1 412-268-7090 (24-hour hotline) Fax: +1 412-268-6989 Postal address: CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh PA 15213-3890 U.S.A.
CERT/CC personnel answer the hotline 08:00-17:00 EST(GMT-5) / EDT(GMT-4) Monday through Friday; they are on call for emergencies during other hours, on U.S. holidays, and on weekends.
Using encryption
We strongly urge you to encrypt sensitive information sent by email. Our public PGP key is available from http://www.cert.org/CERT_PGP.key
If you prefer to use DES, please call the CERT hotline for more information.
Getting security information
CERT publications and other security information are available from our web site http://www.cert.org/
To subscribe to the CERT mailing list for advisories and bulletins, send email to majordomo@cert.org. Please include in the body of your message
subscribe cert-advisory
- "CERT" and "CERT Coordination Center" are registered in the U.S. Patent and Trademark Office.
NO WARRANTY Any material furnished by Carnegie Mellon University and the Software Engineering Institute is furnished on an "as is" basis. Carnegie Mellon University makes no warranties of any kind, either expressed or implied as to any matter including, but not limited to, warranty of fitness for a particular purpose or merchantability, exclusivity or results obtained from use of the material. Carnegie Mellon University does not make any warranty of any kind with respect to freedom from patent, trademark, or copyright infringement.
Conditions for use, disclaimers, and sponsorship information
Copyright \xa92003 Carnegie Mellon University.
-----BEGIN PGP SIGNATURE----- Version: PGP 6.5.8
iQCVAwUBP8JVOZZ2NNT/dVAVAQGL9wP+I18NJBUBuv7b0pam5La7E7qOQFMn5n78 7i0gBX/dKgaY5siM6jBYYwCbbA7Y0/Jwtby2zHp1s8RHZY5/3JEzElfv4TLlR8rT rb8gJDbpan2JWA6xH9IzqZaSrxrXpNypwU2wWxR2osmbYl8FdV0rD3ZYXJjyi+nU UENALuNdthA= =DD60 -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200003-0033",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 2.4,
"vendor": "microsoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "mandriva",
"version": null
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "5.0"
},
{
"model": "internet explorer",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "5.01"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "appgate network security ab",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cray",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cyclades",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "f secure",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "foundry",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "guardian digital",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm eserver",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ingrian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mirapoint",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "network appliance",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nokia",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openssh",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "riverstone",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "slackware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "tfs",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "trustix secure linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "vmware",
"version": null
},
{
"model": "ie",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "5.0"
},
{
"model": "ie",
"scope": "eq",
"trust": 0.6,
"vendor": "microsoft",
"version": "5.01"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#333628"
},
{
"db": "CERT/CC",
"id": "VU#483492"
},
{
"db": "CERT/CC",
"id": "VU#326746"
},
{
"db": "CERT/CC",
"id": "VU#254236"
},
{
"db": "CNNVD",
"id": "CNNVD-200003-002"
},
{
"db": "NVD",
"id": "CVE-2000-0201"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:5.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:internet_explorer:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0201"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Posted to Bugtraq on March 1, 2000 by Georgi Guninski \u003cjoro@nat.bg\u003e.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200003-002"
}
],
"trust": 0.6
},
"cve": "CVE-2000-0201",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2000-0201",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#333628",
"trust": 0.8,
"value": "28.98"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#483492",
"trust": 0.8,
"value": "94.50"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#326746",
"trust": 0.8,
"value": "27.00"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#254236",
"trust": 0.8,
"value": "94.50"
},
{
"author": "CNNVD",
"id": "CNNVD-200003-002",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#333628"
},
{
"db": "CERT/CC",
"id": "VU#483492"
},
{
"db": "CERT/CC",
"id": "VU#326746"
},
{
"db": "CERT/CC",
"id": "VU#254236"
},
{
"db": "CNNVD",
"id": "CNNVD-200003-002"
},
{
"db": "NVD",
"id": "CVE-2000-0201"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The window.showHelp() method in Internet Explorer 5.x does not restrict HTML help files (.chm) to be executed from the local host, which allows remote attackers to execute arbitrary commands via Microsoft Networking. Versions of the OpenSSH server prior to 3.7.1 contain buffer management errors. While the full impact of these vulnerabilities are unclear, they may lead to memory corruption and a denial-of-service situation. A vulnerability exists in Microsoft\u0027s Remote Procedure Call (RPC) implementation. A remote attacker could exploit this vulnerability to cause a denial of service. An exploit for this vulnerability is publicly available. There is a remote buffer overflow in many versions of Microsoft Windows that allows attackers to execute arbitrary code with system privileges. We are sending this message to help ensure that\nadministrators have not overlooked one or more of these vulnerabilities. \n\nThere have been several recent vulnerabilities affecting OpenSSH. It is unclear if these issues \n are exploitable, but they are resolved in version 3.7.1. These four additional \n flaws are believed to be relatively minor, and are scheduled to be\n included in the next version of OpenSSH. \n Exploitation of this vulnerability may lead to a remote attacker \n gaining privileged access to the server, in some cases root access. \n\nVU#209807 - Portable OpenSSH server PAM conversion stack corruption\nhttp://www.kb.cert.org/vuls/id/209807\n\n There is a vulnerability in portable versions of OpenSSH 3.7p1 and\n 3.7.1p1 that may permit an attacker to corrupt the PAM conversion\n stack. \n\nPlease check the vulnerability notes for resolutions and additional \ndetails. \n\nThank you. \n-----BEGIN PGP SIGNED MESSAGE-----\n\nCERT Summary CS-2003-04\n\n November 24, 2003\n\n Each quarter, the CERT Coordination Center (CERT/CC) issues the CERT\n Summary to draw attention to the types of attacks reported to our\n incident response team, as well as other noteworthy incident and\n vulnerability information. The summary includes pointers to sources of\n information for dealing with the problems. \n\n Past CERT summaries are available from:\n\n CERT Summaries\n http://www.cert.org/summaries/\n ______________________________________________________________________\n\nRecent Activity\n\n Since the last regularly scheduled CERT summary, issued in September\n 2003 (CS-2003-03), we have documented vulnerabilities in the Microsoft\n Windows Workstation Service, RPCSS Service, and Exchange. \n We have received reports of W32/Swen.A, W32/Mimail variants, and\n exploitation of an Internet Explorer vulnerability reported in August\n of 2003. \n\n For more current information on activity being reported to the\n CERT/CC, please visit the CERT/CC Current Activity page. The Current\n Activity page is a regularly updated summary of the most frequent,\n high-impact types of security incidents and vulnerabilities being\n reported to the CERT/CC. The information on the Current Activity page\n is reviewed and updated as reporting trends change. \n\n CERT/CC Current Activity\n http://www.cert.org/current/current_activity.html\n\n\n 1. W32/Mimail Variants\n\n The CERT/CC has received reports of several new variants of the\n \u0027Mimail\u0027 worm. The most recent variant of the worm (W32/Mimail.J)\n arrives as an email message alleging to be from the Paypal\n financial service. The message requests that the recipient\n \u0027verify\u0027 their account information to prevent the suspension of\n their Paypal account. Attached to the email is an executable file\n which captures this information (if entered), and sends it to a\n number of email addresses. \n\n Current Activity - November 19, 2003\n http://www.cert.org/current/archive/2003/11/19/archive.html#mimaili\n\n\n 2. \n\n CERT Advisory CA-2003-28\n\t\tBuffer Overflow in Windows Workstation Service\n http://www.cert.org/advisories/CA-2003-28.html\n\n Vulnerability Note VU#567620\n\t\tMicrosoft Windows Workstation service vulnerable to \n\t\tbuffer overflow when sent specially crafted network\n\t\tmessage\n http://www.kb.cert.org/vuls/id/567620\n\n\n 3. \n\n CERT Advisory CA-2003-27\n\t\tMultiple Vulnerabilities in Microsoft Windows and \n\t\tExchange\n http://www.cert.org/advisories/CA-2003-27.html\n\n Vulnerability Note VU#575892\n\t\tBuffer overflow in Microsoft Windows Messenger Service\n http://www.kb.cert.org/vuls/id/575892\n\n Vulnerability Note VU#422156\n\t\tMicrosoft Exchange Server fails to properly handle\n\t\tspecially crafted SMTP extended verb requests\n http://www.kb.cert.org/vuls/id/422156\n\n Vulnerability Note VU#467036\n\t\tMicrosoft Windows Help and support Center contains buffer\n\t\toverflow in code used to handle HCP protocol\n http://www.kb.cert.org/vuls/id/467036\n\n Vulnerability Note VU#989932\n\t\tMicrosoft Windows contains buffer overflow in Local \n\t\tTroubleshooter ActiveX control (Tshoot.ocx)\n http://www.kb.cert.org/vuls/id/989932\n\n Vulnerability Note VU#838572\n\t\tMicrosoft Windows Authenticode mechanism installs ActiveX\n\t\tcontrols without prompting user\n http://www.kb.cert.org/vuls/id/838572\n\n Vulnerability Note VU#435444\n\t\tMicrosoft Outlook Web Access (OWA) contains cross-site\n\t\tscripting vulnerability in the \"Compose New Message\" form\n http://www.kb.cert.org/vuls/id/435444\n\n Vulnerability Note VU#967668\n\t\tMicrosoft Windows ListBox and ComboBox controls vulnerable\n\t\tto buffer overflow when supplied crafted Windows message\n http://www.kb.cert.org/vuls/id/967668\n\n\n 4. Multiple Vulnerabilities in SSL/TLS Implementations\n\n Multiple vulnerabilities exist in the Secure Sockets Layer (SSL)\n and Transport Layer Security (TLS) protocols allowing an attacker\n to execute arbitrary code or cause a denial-of-service condition. \n\n CERT Advisory CA-2003-26\n\t\tMultiple Vulnerabilities in SSL/TLS Implementations\n http://www.cert.org/advisories/CA-2003-26.html\n\n Vulnerability Note VU#935264\n\t\tOpenSSL ASN.1 parser insecure memory deallocation\n http://www.kb.cert.org/vuls/id/935264\n\n Vulnerability Note VU#255484\n\t\tOpenSSL contains integer overflow handling ASN.1 tags (1)\n http://www.kb.cert.org/vuls/id/255484\n\n Vulnerability Note VU#380864\n\t\tOpenSSL contains integer overflow handling ASN.1 tags (2)\n http://www.kb.cert.org/vuls/id/380864\n\n Vulnerability Note VU#686224\n\t\tOpenSSL does not securely handle invalid public key when\n\t\tconfigured to ignore errors\n http://www.kb.cert.org/vuls/id/686224\n\n Vulnerability Note VU#732952\n\t\tOpenSSL accepts unsolicited client certificate messages\n http://www.kb.cert.org/vuls/id/732952\n\n Vulnerability Note VU#104280\n\t\tMultiple vulnerabilities in SSL/TLS implementations\n http://www.kb.cert.org/vuls/id/104280\n\n Vulnerability Note VU#412478\n\t\tOpenSSL 0.9.6k does not properly handle ASN.1 sequences\n http://www.kb.cert.org/vuls/id/412478\n\n\n 5. Exploitation of Internet Explorer Vulnerability\n\n The CERT/CC received a number of reports indicating that attackers\n were actively exploiting the Microsoft Internet Explorer\n vulnerability described in VU#865940. These attacks include the\n installation of tools for launching distributed denial-of-service\n (DDoS) attacks, providing generic proxy services, reading\n sensitive information from the Windows registry, and using a\n victim system\u0027s modem to dial pay-per-minute services. The\n vulnerability described in VU#865940 exists due to an interaction\n between IE\u0027s MIME type processing and the way it handles HTML\n application (HTA) files embedded in OBJECT tags. \n\n CERT Advisory IN-2003-04\n\t\tExploitation of Internet Explorer Vulnerability\n http://www.cert.org/incident_notes/IN-2003-04.html\n\n Vulnerability Note VU#865940\n\t\tMicrosoft Internet Explorer does not properly evaluate\n\t\t\"application/hta\" MIME type referenced by DATA attribute\n\t\tof OBJECT element\n http://www.kb.cert.org/vuls/id/865940\n\n\n 6. W32/Swen.A Worm\n\n On September 19, the CERT/CC began receiving a large volume of\n reports of a mass mailing worm, referred to as W32/Swen.A,\n spreading on the Internet. Similar to W32/Gibe.B in function, this\n worm arrives as an attachment claiming to be a Microsoft Internet\n Explorer Update or a delivery failure notice from qmail. The\n W32/Swen.A worm requires a user to execute the attachment either\n manually or by using an email client that will open the attachment\n automatically. Upon opening the attachment, the worm attempts to\n mail itself to all email addresses it finds on the system. The\n CERT/CC updated the current activity page to contain further\n information on this worm. \n\n Current Activity - September 19, 2003\n http://www.cert.org/current/archive/2003/09/19/archive.html#swena\n\n\n 7. Buffer Overflow in Sendmail\n\n Sendmail, a widely deployed mail transfer agent (MTA), contains a\n vulnerability that could allow an attacker to execute arbitrary\n code with the privileges of the sendmail daemon, typically root. \n\n CERT Advisory CA-2003-25\n\t\tBuffer Overflow in Sendmail\n http://www.cert.org/advisories/CA-2003-25.html\n\n Vulnerability Note VU#784980\n\t\tSendmail prescan() buffer overflow vulnerability\n http://www.kb.cert.org/vuls/id/784980\n\n\n 8. \n\n CERT Advisory CA-2003-23\n\t\tRPCSS Vulnerabilities in Microsoft Windows\n http://www.cert.org/advisories/CA-2003-23.html\n\n Vulnerability Note VU#483492\n\t\tMicrosoft Windows RPCSS Service contains heap overflow in\n\t\tDCOM activation routines\n http://www.kb.cert.org/vuls/id/483492\n\n Vulnerability Note VU#254236\n\t\tMicrosoft Windows RPCSS Service contains heap overflow in\n\t\tDCOM request filename handling\n http://www.kb.cert.org/vuls/id/254236\n\n Vulnerability Note VU#326746\n\t\tMicrosoft Windows RPC service vulnerable to \n\t\tdenial of service\n http://www.kb.cert.org/vuls/id/326746\n ______________________________________________________________________\n\nNew CERT Coordination Center (CERT/CC) PGP Key\n\n On October 15, the CERT/CC issued a new PGP key, which should be used\n when sending sensitive information to the CERT/CC. \n\n CERT/CC PGP Public Key\n https://www.cert.org/pgp/cert_pgp_key.asc\n\n Sending Sensitive Information to the CERT/CC\n https://www.cert.org/contact_cert/encryptmail.html\n ______________________________________________________________________\n\nWhat\u0027s New and Updated\n\n Since the last CERT Summary, we have published new and updated\n * Advisories\n http://www.cert.org/advisories/\n * Vulnerability Notes\n http://www.kb.cert.org/vuls\n * CERT/CC Statistics\n http://www.cert.org/stats/cert_stats.html\n * Congressional Testimony\n http://www.cert.org/congressional_testimony\n * Training Schedule\n http://www.cert.org/training/\n * CSIRT Development\n http://www.cert.org/csirts/\n ______________________________________________________________________\n\n This document is available from:\n http://www.cert.org/summaries/CS-2003-04.html\n ______________________________________________________________________\n\nCERT/CC Contact Information\n\n Email: cert@cert.org\n Phone: +1 412-268-7090 (24-hour hotline)\n Fax: +1 412-268-6989\n Postal address:\n CERT Coordination Center\n Software Engineering Institute\n Carnegie Mellon University\n Pittsburgh PA 15213-3890\n U.S.A. \n\n CERT/CC personnel answer the hotline 08:00-17:00 EST(GMT-5) /\n EDT(GMT-4) Monday through Friday; they are on call for emergencies\n during other hours, on U.S. holidays, and on weekends. \n\nUsing encryption\n\n We strongly urge you to encrypt sensitive information sent by email. \n Our public PGP key is available from\n http://www.cert.org/CERT_PGP.key\n\n If you prefer to use DES, please call the CERT hotline for more\n information. \n\nGetting security information\n\n CERT publications and other security information are available from\n our web site\n http://www.cert.org/\n\n To subscribe to the CERT mailing list for advisories and bulletins,\n send email to majordomo@cert.org. Please include in the body of your\n message\n\n subscribe cert-advisory\n\n * \"CERT\" and \"CERT Coordination Center\" are registered in the U.S. \n Patent and Trademark Office. \n ______________________________________________________________________\n\n NO WARRANTY\n Any material furnished by Carnegie Mellon University and the Software\n Engineering Institute is furnished on an \"as is\" basis. Carnegie\n Mellon University makes no warranties of any kind, either expressed or\n implied as to any matter including, but not limited to, warranty of\n fitness for a particular purpose or merchantability, exclusivity or\n results obtained from use of the material. Carnegie Mellon University\n does not make any warranty of any kind with respect to freedom from\n patent, trademark, or copyright infringement. \n ______________________________________________________________________\n\n Conditions for use, disclaimers, and sponsorship information\n\n Copyright \\xa92003 Carnegie Mellon University. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 6.5.8\n\niQCVAwUBP8JVOZZ2NNT/dVAVAQGL9wP+I18NJBUBuv7b0pam5La7E7qOQFMn5n78\n7i0gBX/dKgaY5siM6jBYYwCbbA7Y0/Jwtby2zHp1s8RHZY5/3JEzElfv4TLlR8rT\nrb8gJDbpan2JWA6xH9IzqZaSrxrXpNypwU2wWxR2osmbYl8FdV0rD3ZYXJjyi+nU\nUENALuNdthA=\n=DD60\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0201"
},
{
"db": "CERT/CC",
"id": "VU#333628"
},
{
"db": "CERT/CC",
"id": "VU#483492"
},
{
"db": "CERT/CC",
"id": "VU#326746"
},
{
"db": "CERT/CC",
"id": "VU#254236"
},
{
"db": "PACKETSTORM",
"id": "31735"
},
{
"db": "PACKETSTORM",
"id": "32268"
}
],
"trust": 3.96
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#326746",
"trust": 2.5
},
{
"db": "CERT/CC",
"id": "VU#254236",
"trust": 1.7
},
{
"db": "CERT/CC",
"id": "VU#483492",
"trust": 1.7
},
{
"db": "NVD",
"id": "CVE-2000-0201",
"trust": 1.6
},
{
"db": "BID",
"id": "1033",
"trust": 1.6
},
{
"db": "CERT/CC",
"id": "VU#333628",
"trust": 1.0
},
{
"db": "SECUNIA",
"id": "10156",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200003-002",
"trust": 0.6
},
{
"db": "CERT/CC",
"id": "VU#602204",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#209807",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "31735",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#784980",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#575892",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#255484",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#865940",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#467036",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#380864",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#838572",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#422156",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#412478",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#935264",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#686224",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#104280",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#567620",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#989932",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#967668",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#435444",
"trust": 0.1
},
{
"db": "CERT/CC",
"id": "VU#732952",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "32268",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#333628"
},
{
"db": "CERT/CC",
"id": "VU#483492"
},
{
"db": "CERT/CC",
"id": "VU#326746"
},
{
"db": "CERT/CC",
"id": "VU#254236"
},
{
"db": "PACKETSTORM",
"id": "31735"
},
{
"db": "PACKETSTORM",
"id": "32268"
},
{
"db": "CNNVD",
"id": "CNNVD-200003-002"
},
{
"db": "NVD",
"id": "CVE-2000-0201"
}
]
},
"id": "VAR-200003-0033",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 1.0
},
"last_update_date": "2024-07-22T21:37:32.184000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2000-0201"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.microsoft.com/technet/security/bulletin/ms03-039.asp"
},
{
"trust": 1.7,
"url": "http://www.kb.cert.org/vuls/id/326746"
},
{
"trust": 1.6,
"url": "http://support.microsoft.com/?kbid=825750"
},
{
"trust": 1.6,
"url": "http://support.microsoft.com/?kbid=827363"
},
{
"trust": 1.6,
"url": "http://www.cert.org/advisories/ca-2003-19.html"
},
{
"trust": 1.6,
"url": "http://cgi.nessus.org/plugins/dump.php3?id=11835"
},
{
"trust": 1.6,
"url": "http://www.iss.net/support/product_utilities/xfrpcss.php"
},
{
"trust": 1.6,
"url": "http://www.ntbugtraq.com/dcomrpc.asp"
},
{
"trust": 1.6,
"url": "http://securecomputing.stanford.edu/alerts/win-rpc-10sept2003.html"
},
{
"trust": 1.6,
"url": "http://www.coresecurity.com/common/showdoc.php?idx=393\u0026idxseccion=10"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/1033"
},
{
"trust": 0.9,
"url": "http://www.kb.cert.org/vuls/id/254236"
},
{
"trust": 0.9,
"url": "http://www.kb.cert.org/vuls/id/483492"
},
{
"trust": 0.8,
"url": "http://www.openssh.com/txt/buffer.adv"
},
{
"trust": 0.8,
"url": "http://www.mindrot.org/pipermail/openssh-unix-announce/2003-september/000062.html"
},
{
"trust": 0.8,
"url": "http://www.freebsd.org/cgi/cvsweb.cgi/ports/security/openssh/files/patch-buffer.c"
},
{
"trust": 0.8,
"url": "http://www.secunia.com/advisories/10156/"
},
{
"trust": 0.8,
"url": "http://www.eeye.com/html/research/advisories/ad20030910.html"
},
{
"trust": 0.8,
"url": "http://www.eeye.com/html/research/tools/rpcdcom.html"
},
{
"trust": 0.8,
"url": "http://www.xfocus.org/advisories/200307/4.html"
},
{
"trust": 0.8,
"url": "http://www.nsfocus.com/english/homepage/research/0306.htm"
},
{
"trust": 0.2,
"url": "http://www.cert.org/"
},
{
"trust": 0.2,
"url": "http://www.kb.cert.org/vuls/id/333628"
},
{
"trust": 0.2,
"url": "http://www.cert.org/cert_pgp.key"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/209807"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/jarl-5rfqqz."
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/602204"
},
{
"trust": 0.1,
"url": "http://www.cert.org/summaries/cs-2003-04.html"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/412478"
},
{
"trust": 0.1,
"url": "http://www.cert.org/advisories/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/567620"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/104280"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/686224"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/575892"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/732952"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/989932"
},
{
"trust": 0.1,
"url": "http://www.cert.org/current/archive/2003/09/19/archive.html#swena"
},
{
"trust": 0.1,
"url": "http://www.cert.org/summaries/"
},
{
"trust": 0.1,
"url": "http://www.cert.org/stats/cert_stats.html"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/784980"
},
{
"trust": 0.1,
"url": "http://www.cert.org/training/"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/838572"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/967668"
},
{
"trust": 0.1,
"url": "http://www.cert.org/current/current_activity.html"
},
{
"trust": 0.1,
"url": "http://www.cert.org/advisories/ca-2003-28.html"
},
{
"trust": 0.1,
"url": "http://www.cert.org/advisories/ca-2003-27.html"
},
{
"trust": 0.1,
"url": "https://www.cert.org/contact_cert/encryptmail.html"
},
{
"trust": 0.1,
"url": "http://www.cert.org/incident_notes/in-2003-04.html"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/435444"
},
{
"trust": 0.1,
"url": "http://www.cert.org/advisories/ca-2003-26.html"
},
{
"trust": 0.1,
"url": "http://www.cert.org/advisories/ca-2003-24.html"
},
{
"trust": 0.1,
"url": "http://www.cert.org/advisories/ca-2003-25.html"
},
{
"trust": 0.1,
"url": "http://www.cert.org/advisories/ca-2003-23.html"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/935264"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/467036"
},
{
"trust": 0.1,
"url": "https://www.cert.org/pgp/cert_pgp_key.asc"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/255484"
},
{
"trust": 0.1,
"url": "http://www.cert.org/current/archive/2003/11/19/archive.html#mimaili"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/865940"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/380864"
},
{
"trust": 0.1,
"url": "http://www.cert.org/congressional_testimony"
},
{
"trust": 0.1,
"url": "http://www.kb.cert.org/vuls/id/422156"
},
{
"trust": 0.1,
"url": "http://www.cert.org/csirts/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#333628"
},
{
"db": "CERT/CC",
"id": "VU#483492"
},
{
"db": "CERT/CC",
"id": "VU#326746"
},
{
"db": "CERT/CC",
"id": "VU#254236"
},
{
"db": "PACKETSTORM",
"id": "31735"
},
{
"db": "PACKETSTORM",
"id": "32268"
},
{
"db": "CNNVD",
"id": "CNNVD-200003-002"
},
{
"db": "NVD",
"id": "CVE-2000-0201"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#333628"
},
{
"db": "CERT/CC",
"id": "VU#483492"
},
{
"db": "CERT/CC",
"id": "VU#326746"
},
{
"db": "CERT/CC",
"id": "VU#254236"
},
{
"db": "PACKETSTORM",
"id": "31735"
},
{
"db": "PACKETSTORM",
"id": "32268"
},
{
"db": "CNNVD",
"id": "CNNVD-200003-002"
},
{
"db": "NVD",
"id": "CVE-2000-0201"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-09-16T00:00:00",
"db": "CERT/CC",
"id": "VU#333628"
},
{
"date": "2003-09-10T00:00:00",
"db": "CERT/CC",
"id": "VU#483492"
},
{
"date": "2003-07-31T00:00:00",
"db": "CERT/CC",
"id": "VU#326746"
},
{
"date": "2003-09-10T00:00:00",
"db": "CERT/CC",
"id": "VU#254236"
},
{
"date": "2003-09-29T22:44:34",
"db": "PACKETSTORM",
"id": "31735"
},
{
"date": "2003-11-25T05:25:51",
"db": "PACKETSTORM",
"id": "32268"
},
{
"date": "2000-03-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200003-002"
},
{
"date": "2000-03-01T05:00:00",
"db": "NVD",
"id": "CVE-2000-0201"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-08-12T00:00:00",
"db": "CERT/CC",
"id": "VU#333628"
},
{
"date": "2003-12-11T00:00:00",
"db": "CERT/CC",
"id": "VU#483492"
},
{
"date": "2003-09-10T00:00:00",
"db": "CERT/CC",
"id": "VU#326746"
},
{
"date": "2003-12-11T00:00:00",
"db": "CERT/CC",
"id": "VU#254236"
},
{
"date": "2005-05-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200003-002"
},
{
"date": "2021-07-23T12:18:31.047000",
"db": "NVD",
"id": "CVE-2000-0201"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200003-002"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSH contains buffer management errors",
"sources": [
{
"db": "CERT/CC",
"id": "VU#333628"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200003-002"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.