Cayman Systems 3220-H Manual do Utilizador descarregar pdf

NIPC CyberNotes #2000-11 Page 1 of 19 06/05/2000

National Infrastructure Protection Center

CyberNotes

Issue #2000-11 June 5, 2000

CyberNotes is published every two weeks by the National Infrastructure Protection Center (NIPC).

Its mission is to support security and information system professionals with timely information on

cyber vulnerabilities, hacker exploit scripts, hacker trends, virus information, and other critical

infrastructure-related best practices.

You are encouraged to share this publication with colleagues in the information and infrastructure

protection field. Electronic copies are available on the NIPC Web site at http://www.nipc.gov.

Please direct any inquiries regarding this publication to the Editor-CyberNotes, National Infrastructure

Protection Center, FBI Building, Room 11719, 935 Pennsylvania Avenue, NW, Washington, DC, 20535.

Bugs, Holes & Patches

The following table provides a summary of software vulnerabilities identified between May 18 and

June 2, 2000. The table provides the hardware/operating system, equipment/software name, potential

vulnerability/impact, identified patches/workarounds/alerts, common name of the vulnerability, potential

risk, and an indication of whether attacks have utilized this vulnerability or an exploit script is known to

exist. Software versions are identified if known. This information is presented only as a summary;

complete details are available from the source of the patch/workaround/alert, indicated in the

footnote or linked site. Please note that even if the method of attack has not been utilized or an exploit

script is not currently widely available on the Internet, a potential vulnerability has been identified.

Updates from previous issues of CyberNotes are listed in bold. New information contained in the

update will appear as red and/or italic text. Where applicable, the table lists a “CVE number” which

corresponds to the Common Vulnerabilities and Exposures (CVE) list, a compilation of standardized names

for vulnerabilities and other information security exposures. For more information on this effort, see

http://cve.mitre.org.

Hardware/

Operating

System/

Vendor

Equipment/

Software

Name

Vulnerability/

Impact

Patches/Workarounds/Alerts

Common

Name

Risk* Attacks/Scripts

Cayman

Patch now

available.

220-H DSL

Router 1.0,

GatorSurf

5.5Build R0,

5.3Build R2,

5.3Build R1

A Denial of Service

vulnerability exists when

a large username or

password string is sent to

the Cayman HTTP

admin interface.

No workaround or patch

available at time of publishing.

Patch available at:

ftp://www.cayman.com/pub/gatorsurf/

3220/c8a550R1.COS

DSL

Router

Denial of

Service

Low Bug discussed

in newsgroups

and websites.

Exploit has

been published.

Bugtraq, May 5, 2000.

Bugtraq, May 23, 2000.

1 2 3 4 5 6 ... 18 19

Resumo do Conteúdo

Página 1 - CyberNotes

NIPC CyberNotes #2000-11 Page 1 of 19 06/05/2000National Infrastructure Protection CenterCyberNotesIssue #2000-11 June 5, 2000CyberNotes is published

Página 2

NIPC CyberNotes #2000-11 Page 10 of 19 06/05/2000Hardware/OperatingSystem/Vendor Equipment/SoftwareNameVulnerability/ImpactPatches/Workarounds/AlertsC

Página 3

NIPC CyberNotes #2000-11 Page 11 of 19 06/05/2000Recent Exploit Scripts/TechniquesThe table below contains a representative sample of exploit scripts

Página 4

NIPC CyberNotes #2000-11 Page 12 of 19 06/05/2000Date of Script(Reverse ChronologicalOrder)Script Name Script DescriptionMay 27, 2000 Fd-ex.c Exploit

Página 5

NIPC CyberNotes #2000-11 Page 13 of 19 06/05/2000Date of Script(Reverse ChronologicalOrder)Script Name Script DescriptionMay 20-22, 2000 Sscan2k-pre2.

Página 6

NIPC CyberNotes #2000-11 Page 14 of 19 06/05/2000• An increase from Brazil in exploits and scans to port 53 are being used against well-knownvulnerabi

Página 7

NIPC CyberNotes #2000-11 Page 15 of 19 06/05/2000VBS/Fireburn.worm (Visual Basic Script Worm): This is a Visual Basic Script worm that spreads viaOut

Página 8

NIPC CyberNotes #2000-11 Page 16 of 19 06/05/2000WM97/Marker-AO (Word 97 Macro Virus): This virus has been reported in the wild and is a variant ofth

Página 9

NIPC CyberNotes #2000-11 Page 17 of 19 06/05/2000WM97/Thursday-Z (Word 97 Macro Virus): This virus has been reported in the wild and is a variant oft

Página 10

NIPC CyberNotes #2000-11 Page 18 of 19 06/05/2000Trojan Version Issue discussedInCommand v1.0 - 1.5 CyberNotes-2000-09Infector v1.0 - 1.42 CyberNotes-

Página 11 - (Reverse Chronological

NIPC CyberNotes #2000-11 Page 19 of 19 06/05/2000The Trojan puts a copy of itself as SERVER.EXE in the Windows folder. The Trojan then modifiesWIN.IN

Página 12 - Date of Script

NIPC CyberNotes #2000-11 Page 2 of 19 06/05/2000Hardware/OperatingSystem/Vendor Equipment/SoftwareNameVulnerability/ImpactPatches/Workarounds/AlertsCo

Página 13 - Script Analysis

NIPC CyberNotes #2000-11 Page 3 of 19 06/05/2000Hardware/OperatingSystem/Vendor Equipment/SoftwareNameVulnerability/ImpactPatches/Workarounds/AlertsCo

Página 14

NIPC CyberNotes #2000-11 Page 4 of 19 06/05/2000Hardware/OperatingSystem/Vendor Equipment/SoftwareNameVulnerability/ImpactPatches/Workarounds/AlertsCo

Página 15

NIPC CyberNotes #2000-11 Page 5 of 19 06/05/2000Hardware/OperatingSystem/Vendor Equipment/SoftwareNameVulnerability/ImpactPatches/Workarounds/AlertsCo

Página 16

NIPC CyberNotes #2000-11 Page 6 of 19 06/05/2000Hardware/OperatingSystem/Vendor Equipment/SoftwareNameVulnerability/ImpactPatches/Workarounds/AlertsCo

Página 17

NIPC CyberNotes #2000-11 Page 7 of 19 06/05/2000Hardware/OperatingSystem/Vendor Equipment/SoftwareNameVulnerability/ImpactPatches/Workarounds/AlertsCo

Página 18

NIPC CyberNotes #2000-11 Page 8 of 19 06/05/2000Hardware/OperatingSystem/Vendor Equipment/SoftwareNameVulnerability/ImpactPatches/Workarounds/AlertsCo

Página 19

NIPC CyberNotes #2000-11 Page 9 of 19 06/05/2000Hardware/OperatingSystem/Vendor Equipment/SoftwareNameVulnerability/ImpactPatches/Workarounds/AlertsCo