Created by Kurt Seifried, [email protected]
KSSA-010 - MS-DOS Reserved Device Name Vulnerability In Symantec Norton Anti-Virus - Multiple antivirus products, such as Symantec Norton AntiVirus 9.05.15 fail to properly access and scan files and directories that use reserved MS-DOS device names.
KSSA-005 - MS-DOS Reserved Device Name Vulnerability In Sophos Anti-Virus - Multiple antivirus products, such as Sophos Small Business Suite antivirus fail to properly access and scan files and directories that use reserved MS-DOS device names. Sophos Small Business Suite antivirus on access scanner can also fail in some situations, allowing viruses to replicate.
KSSA-004 - Linux iSCSI leaves password exposed in world readable configuration file - The Cisco iSCSI implementation leaves the configuration file "/etc/iscsi.conf" world readable by default, potentially exposing passwords used to access iSCSI resources.
KSSA-003 - Multiple windows file wiping utilities do not properly wipe data with NTFS file systems. - In the NTFS file system a facility exists to bind additional data to a file or directory, called an alternate data stream [url1][url2]. These alternate data streams cannot be be removed, unless the parent file or directory is destroyed. Unfortunately most file wiping utilities only deal with the primary data stream and do not wipe the alternate data streams, thus leaving data intact.
KSSA-002 - Red Hat 7.2 GnuPG signed RPM verification fails on distribution files - An attacker can create RPM's that will not appear any different from the real ones, as they do not need to be signed. Finding the MD5 sums of the files in trusted locations is very difficult (I cannot find any lists).
KSSA-001 - RPM PGP/GnuPG verification bug - under certain circumstances an attacker can get arbitrary packages installed on a system even if the administrator checks the cryptographic signatures to ensure they are vendor signed. The fix is very simply.
Last updated 21/1/2002
Copyright Kurt Seifried 2001