[prev in list] [next in list] [prev in thread] [next in thread]
List: focus-ms
Subject: SecurityFocus Microsoft Newsletter #191
From: Marc Fossi <mfossi () securityfocus ! com>
Date: 2004-06-02 14:20:50
Message-ID: Pine.LNX.4.58.0406020820380.25122 () mail ! securityfocus ! com
[Download RAW message or body]
SecurityFocus Microsoft Newsletter #191
----------------------------------------
This Issue is Sponsored By: SecurityFocus
Want to keep up on the latest security vulnerabilities? Don't have time to
visit a myriad of mailing lists and websites to read the news? Just add
the new SecurityFocus RSS feeds to your freeware RSS reader, and see all
the latest posts for Bugtraq and the SF Vulnernability database in one
convenient place. Or, pull in the latest news, columnists and feature
articles in the SecurityFocus aggregated news feed, and stay on top of
what's happening in the community!
http://www.securityfocus.com/rss/index.shtml
------------------------------------------------------------------------
I. FRONT AND CENTER
1. H.323 Mediated Voice over IP: Protocols, Vulnerabilities & Remediation
2. Pass the Chocolate
II. MICROSOFT VULNERABILITY SUMMARY
1. MollenSoft Lightweight FTP Server Remote Denial Of Service V...
2. MiniShare Server Remote Denial Of Service Vulnerability
3. Orenosv HTTP/FTP Server HTTP GET Denial Of Service Vulnerabi...
4. Subversion Pre-Commit-Hook Template Undisclosed Vulnerabilit...
5. MollenSoft Lightweight FTP Server Remote Buffer Overflow Vul...
6. JPortal Print.php SQL Injection Vulnerability
III. MICROSOFT FOCUS LIST SUMMARY
1. Relative Security Provided by Cached Domain Credenti... (Thread)
2. USB Drive Privileges (Thread)
3. Re[2]: Relative Security Provided by Cached Domain C... (Thread)
4. SecurityFocus Microsoft Newsletter #190 (Thread)
5. Workstation service deletes itself?? (Thread)
IV. NEW PRODUCTS FOR MICROSOFT PLATFORMS
1. SP I-NET
2. secure2trust
3. N-Stealth Security Scanner
4. Softros LAN Messenger
5. Network Time System
6. Anon-Encrypt
V. NEW TOOLS FOR MICROSOFT PLATFORMS
1. Honeynet Security Console 1.0
2. LogMonitor 1.0
3. Ettercap v0.7.0 pre2
4. Syhunt TS Security Scanner 6.7 Build 96
5. yaSSL 0.1.0
6. Password Spyer 2k 2.4
VI. UNSUBSCRIBE INSTRUCTIONS
VII. SPONSOR INFORMATION
I. FRONT AND CENTER
-------------------
1. H.323 Mediated Voice over IP: Protocols, Vulnerabilities & Remediation
By Dr. Thomas Porter
This paper provides an overview of the H.323 (VoIP) protocol suite, its
known vulnerabilities, and then suggests twenty rules for securing an
H.323-based network.
http://www.securityfocus.com/infocus/1782
2. Pass the Chocolate
By Scott Granneman
For the 70% of the population that will trade their computer password for
a bar of chocolate, this one's for you.
http://www.securityfocus.com/columnists/245
II. MICROSOFT VULNERABILITY SUMMARY
-----------------------------------
1. MollenSoft Lightweight FTP Server Remote Denial Of Service V...
BugTraq ID: 10409
Remote: Yes
Date Published: May 24 2004
Relevant URL: http://www.securityfocus.com/bid/10409
Summary:
A denial of service condition is reported to exist in the MollenSoft Lightweight FTP \
Server that may allow a remote user to deny service to legitimate FTP users. The \
vulnerability is due to a lack of sufficient boundary checks performed on CWD command \
arguments.
It should be noted that although this vulnerability is reported to affect Mollensoft \
Lightweight FTP Server version 3.6 other versions might also be affected.
2. MiniShare Server Remote Denial Of Service Vulnerability
BugTraq ID: 10417
Remote: Yes
Date Published: May 26 2004
Relevant URL: http://www.securityfocus.com/bid/10417
Summary:
Minishare is affected by a remote denial of service vulnerability. This issue is due \
to a failure of the application to handle improperly formed HTTP requests.
This issue will allow an attacker to cause the affected computer to stop responding, \
denying service to legitimate users.
3. Orenosv HTTP/FTP Server HTTP GET Denial Of Service Vulnerabi...
BugTraq ID: 10420
Remote: Yes
Date Published: May 26 2004
Relevant URL: http://www.securityfocus.com/bid/10420
Summary:
Orenosv HTTP/FTP server is prone to a denial of service vulnerability that may occur \
when an overly long HTTP GET request is sent to the server. When the malicious \
request is handled, it is reported that both the HTTP and FTP daemons will stop \
responding.
4. Subversion Pre-Commit-Hook Template Undisclosed Vulnerabilit...
BugTraq ID: 10428
Remote: No
Date Published: May 27 2004
Relevant URL: http://www.securityfocus.com/bid/10428
Summary:
Subversion is reported prone to an undisclosed vulnerability. The issue is reported \
to present itself due to an insecure implementation of the pre-commit-hook template.
This BID will be updated as soon as further information regarding this vulnerability \
becomes available.
5. MollenSoft Lightweight FTP Server Remote Buffer Overflow Vul...
BugTraq ID: 10429
Remote: Yes
Date Published: May 28 2004
Relevant URL: http://www.securityfocus.com/bid/10429
Summary:
Lightweight FTP Server is prone to a remote buffer overflow vulnerability. This \
vulnerability can potentially allow a remote attacker to execute arbitrary code in \
the context of the server process. This issue presents itself due to a lack of \
sufficient boundary checks performed on CD command arguments.
Lightweight FTP Server version 3.6 is prone to this issue.
This issue is likely related to the issue previously described in BID 10409 \
(MollenSoft Lightweight FTP Server Remote Denial Of Service Vulnerability). This BID \
will be updated or retired subsequent to further analysis.
6. JPortal Print.php SQL Injection Vulnerability
BugTraq ID: 10430
Remote: Yes
Date Published: May 28 2004
Relevant URL: http://www.securityfocus.com/bid/10430
Summary:
JPortal is reportedly affected by a remote SQL injection vulnerability in the \
print.inc.php script. This issue is due to a failure of the application to properly \
sanitize user-supplied URI input before using it in an SQL query.
As a result of this a malicious user may influence database queries in order to view \
or modify sensitive information, potentially compromising the software or the \
database. It may be possible for an attacker to disclose the administrator password \
hash by exploiting this issue.
III. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. Relative Security Provided by Cached Domain Credenti... (Thread)
Relevant URL:
http://www.securityfocus.com/archive/88/364776
2. USB Drive Privileges (Thread)
Relevant URL:
http://www.securityfocus.com/archive/88/364490
3. Re[2]: Relative Security Provided by Cached Domain C... (Thread)
Relevant URL:
http://www.securityfocus.com/archive/88/364432
4. SecurityFocus Microsoft Newsletter #190 (Thread)
Relevant URL:
http://www.securityfocus.com/archive/88/364319
5. Workstation service deletes itself?? (Thread)
Relevant URL:
http://www.securityfocus.com/archive/88/364237
IV. NEW PRODUCTS FOR MICROSOFT PLATFORMS
----------------------------------------
1. SP I-NET
By: Unisys
Platforms: Windows 95/98, Windows NT
Relevant URL: http://www.unisys.com/sp-security
Summary:
Designed for business-to-business communications requiring trusted relationships, SP \
I-NET ensures confidentiality of data, authenticates the identity of the involved \
parties, and ensures the privacy of their communication.
2. secure2trust
By: Avoco Secure
Platforms: Windows 2000, Windows 95/98, Windows NT, Windows XP
Relevant URL: http://www.avocosecure.com/html_pages/products_service.html
Summary:
secure2trust gives you the power to create documents that remain under your corporate \
control throughout their entire existence. Even if you allow another party to have a \
copy of your original document you can be sure that the copy will always have your \
original controls as part of its properties. The digital rights options which will \
control printing, copying, viewing, etc give you persistent and secure digital asset \
protection and intellectual property control. Digital rights mechanisms are the only \
way to ensure document integrity in a persistent way for both inter and intra company \
communications.
3. N-Stealth Security Scanner
By: N-Stalker
Platforms: Windows 2000, Windows 95/98, Windows NT, Windows XP
Relevant URL: http://www.nstalker.com/products/nstealth/
Summary:
N-Stealth is a vulnerability-assessment product that scans web servers to identify \
security problems and weaknesses that might allow an attacker to gain privileged \
access. The software comes with an extensive database of over 30,000 vulnerabilities \
and exploits. N-Stealth® is more actively maintained than the network security \
scanners and consequently has a larger database of vulnerabilities.
4. Softros LAN Messenger
By: Softros Systems Inc.
Platforms: Windows 2000, Windows NT, Windows XP
Relevant URL: http://messenger.softros.com
Summary:
Softros Messenger is a secure network messaging software application for corporate \
LANs (local area networks). It does not require a server and is very easy to install \
and use. Softros Messenger comes with a variety of handy features, like message \
notification alarms, personal or group messaging, and intuitive interface. Softros \
Messenger offers strong encryption options for all incoming and outgoing messages, \
guaranteeing no unauthorized person ever reads personal correspondence. The program \
is very stable when running under any Windows operating system and in any TCP/IP \
network, regardless of its size. Also Softros Messenger correctly identifies and \
works under Windows NT/2000/XP limited user accounts (without administrative \
privileges).
5. Network Time System
By: Softros Systems Inc.
Platforms: Windows 2000, Windows 95/98, Windows NT, Windows XP
Relevant URL: http://nts.softros.com/
Summary:
Network Time System - Secure, fast and accurate time sync software across entire \
network.
6. Anon-Encrypt
By: RiserSoft Corporation
Platforms: Windows 2000, Windows NT, Windows XP
Relevant URL: http://risersoft.com/anon-encrypt.php
Summary:
Surf the Internet Totally Anonymous, and Fully Encrypted with our Internet Explorer \
Pluging!
V. NEW TOOLS FOR MICROSOFT PLATFORMS
------------------------------------
1. Honeynet Security Console 1.0
By: Activeworx, Inc.
Relevant URL: http://www.activeworx.org
Platforms: Windows 2000, Windows XP
Summary:
Honeynet Security Console is an analysis tool to view events on your personal \
honeynet. It gives you the power to view events from Snort, TCPDump, Firewall, Syslog \
and Sebek logs. It also allows you to correlate events from each of these data types \
to have a full grasp of the attackers' actions.
2. LogMonitor 1.0
By: Adam Richard/SécurIT Informatique Inc.
Relevant URL: ftp://ftp.digitalvoodoo.org/pub/mirrors/securit/Logmon10free.zip
Platforms: Windows 2000, Windows NT, Windows XP
Summary:
LogMonitor is a log analysis console. It is 75% based on LogIDS, excepted for the \
GUI which is a complete makeover. Instead of focusing on network location, \
LogMonitor presents the data in a set of floating windows grouped by application, \
which may be a more intuitive interface to some people. The analysis is performed by \
defining the fields of each log we are monitoring, and then by using these fields to \
define rules as to what is important data or not.
3. Ettercap v0.7.0 pre2
By: ALoR <alor@users.sourceforge.net>
Relevant URL: http://ettercap.sourceforge.net/
Platforms: FreeBSD, Linux, MacOS, NetBSD, Windows 2000, Windows NT, Windows XP
Summary:
Ettercap is a network sniffer/interceptor/logger for ethernet LANs. It supports \
active and passive dissection of many protocols (even ciphered ones, like SSH and \
HTTPS). Data injection in an established connection and filtering on the fly is also \
possible, keeping the connection synchronized. Many sniffing modes were implemented \
to give you a powerful and complete sniffing suite. Plugins are supported. It has the \
ability to check whether you are in a switched LAN or not, and to use OS fingerprints \
(active or passive) to let you know the geometry of the LAN.
4. Syhunt TS Security Scanner 6.7 Build 96
By: Syhunt
Relevant URL: http://www.syhunt.com/section.php?id=scanner
Platforms: Windows 2000, Windows 95/98, Windows NT, Windows XP
Summary:
Syhunt TS Security Scanner is able to find the unfindable, not only known \
vulnerabilities, but also potential new ones. The new version can identify and \
exploit vulnerabilities in a matter of minutes and is a key tool for security \
professionals and administrators.
5. yaSSL 0.1.0
By: tao51
Relevant URL: http://freshmeat.net/projects/yassl/?branch_id=48050&release_id=160245
Platforms: Linux, POSIX, Windows 2000, Windows NT, Windows XP
Summary:
The yaSSL software package is a fast, dual-licensed implementation of SSL. It \
includes SSL client libraries and an SSL server implementation. It supports multiple \
APIs, including those defined by SSL and TLS. It also supports an OpenSSL \
compatibility interface.
6. Password Spyer 2k 2.4
By: Maro's Tools
Relevant URL: http://www.maros-tools.com/products/spyer/
Platforms: Windows 2000, Windows 95/98, Windows NT, Windows XP
Summary:
Password Spyer 2k is a password recovery tool for windows. Password Spyer 2k reveals \
passwords hidden by asterkis (***) in all windows version (including 2000 and XP). \
You can use it to recover lost or forgotten passwords in most windows applications \
such as outlook, cute ftp, ws ftp, ICQ and others. You can use it to also reveal \
saved web passwords. Password Spyer 2k supports two methods for revealing passwords \
for better password retrieval.
VI. UNSUBSCRIBE INSTRUCTIONS
----------------------------
To unsubscribe send an e-mail message to ms-secnews-unsubscribe@securityfocus.com \
from the subscribed address. The contents of the subject or message body do not \
matter. You will receive a confirmation request message to which you will have to \
answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and \
unsubscribe via the website.
If your email address has changed email listadmin@securityfocus.com and ask to be \
manually removed.
VII. SPONSOR INFORMATION
-----------------------
This Issue is Sponsored By: SecurityFocus
Want to keep up on the latest security vulnerabilities? Don't have time to
visit a myriad of mailing lists and websites to read the news? Just add
the new SecurityFocus RSS feeds to your freeware RSS reader, and see all
the latest posts for Bugtraq and the SF Vulnernability database in one
convenient place. Or, pull in the latest news, columnists and feature
articles in the SecurityFocus aggregated news feed, and stay on top of
what's happening in the community!
http://www.securityfocus.com/rss/index.shtml
------------------------------------------------------------------------
---------------------------------------------------------------------------
---------------------------------------------------------------------------
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic