Dear bugtraq@securityfocus.com, There were few issues reported to bugtraq@security.nnov.ru list in Russian during last months. This issues have no relation to SECURITY.NNOV team. Please contact authors directly if you have any questions. 1. Dmitry Zubov <dimka at dz.dn.ua> reports vulnerability in APC PowerChute for Windows 95/98: APC (American Power Conversion Corp.) http://www.apc.com PowerChute plus 5.0.2 for Windows 95/98 During installation Program Files\Pwrchute folder is shared as PWRCHUTE world writable without user notification. It makes it possible to trojan program files. References: http://www.security.nnov.ru/search/news.asp?binid=2064 2. A.V. Komlin <avkvladru at mail.ru> reports few vulnerabilities in El Gamal - based algorithms A weakness found in El Gamal - based algorithms allows to create valid signature without knowledge of private key by introducing minor modifications in document. This problem is known to exist in Russian official GOST 34.19-2001 standard. It's not known if it affects ECDSA. There are also few minor problems mostly connected with unclear border values definitions. References: http://www.security.nnov.ru/search/news.asp?binid=1917 http://www.bugtraq.ru/cgi-bin/forum.mcgi?type=sb&b=15&m=46049 3. There was also report by DocSoft <docsoft at mail.ru> on buffer overflow in some older version of ncftpd on Solaris , but I was not able to reproduce it at least on demo version of ncftpd >= 2.5.0 under FreeBSD, so it was bounced. Overflow is on FTP DELE command with buffer > 256 bytes. Feel free to contact DocSoft if you can confirm vulnerability. -- http://www.security.nnov.ru /\_/\ { , . } |\ +--oQQo->{ ^ }<-----+ \ | ZARAZA U 3APA3A } +-------------o66o--+ / |/ You know my name - look up my number (The Beatles)
