[prev in list] [next in list] [prev in thread] [next in thread]
List: focus-ms
Subject: SecurityFocus Microsoft Newsletter #353
From: rkeith () securityfocus ! com
Date: 2007-08-03 12:13:02
Message-ID: Pine.LNX.4.64.0708030612380.5254 () mail ! securityfocus ! com
[Download RAW message or body]
SecurityFocus Microsoft Newsletter #353
----------------------------------------
This Issue is Sponsored by: SPI Dynamics
ALERT: Learn to Think Like a Hacker - Simulate a Hacker Breaking into Your Web Apps
The speed with which Web Applications are developed make them prime targets for \
attackers, often these applications were developed so quickly that they are not coded \
properly or subjected to any security testing. Hackers know this and use it as their \
weapon. Download this *FREE* test guide from SPI Dynamics to check for Web \
application vulnerabilities. \
https://download.spidynamics.com/1/ad/web.asp?Campaign_ID=70160000000CysD
SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying \
topics of interest for our community. We are proud to offer content from Matasano at \
this time and will be adding more in the coming weeks. \
http://www.securityfocus.com/blogs
------------------------------------------------------------------
I. FRONT AND CENTER
1. Security conferences versus practical knowledge
2. Achtung! New German Laws on Cybercrime
II. MICROSOFT VULNERABILITY SUMMARY
1. Ipswitch IMail Server and Collaboration Suite (ICS) Multiple Buffer \
Overflow Vulnerabilities 2. Atheros Wireless Drivers Denial of Service Vulnerability
3. Visionsoft Audit Multiple Remote Vulnerabilities
4. Nullsoft Winamp M3U File Denial of Service Vulnerability
5. UltraDefrag FindFiles Function Buffer Overflow Vulnerability
6. Guidance Software EnCase Forensic Unspecified Denial Of Service \
Vulnerability
7. Guidance Software EnCase Forensic Multiple Denial Of Service \
Vulnerabilities 8. Drupal Multiple Cross-Site Scripting Vulnerabilities
9. CrystalPlayer Playlist File Buffer Overflow Vulnerability
10. Microsoft Windows ARP Request Denial of Service Vulnerability
11. Sun Java System Application Server JSP Source Code Disclosure \
Vulnerability
12. Computer Associates Multiple Products Message Queuing Remote Stack Buffer \
Overflow Vulnerability 13. Kerio MailServer Attachment Filter Unspecified \
Vulnerability
14. Ipswitch Instant Messaging Remote Denial of Service Vulnerability
15. Zenturi ProgramChecker SASATL.DLL ActiveX Control Scan Method Buffer \
Overflow Vulnerability
16. Microsoft Internet Explorer SeaMonkey Browser URI Handler Command \
Injection Vulnerability
17. Microsoft Windows Explorer GIF File Denial of Service Vulnerability
III. MICROSOFT FOCUS LIST SUMMARY
1. SecurityFocus Microsoft Newsletter #352
2. USB device control software
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION
I. FRONT AND CENTER
---------------------
1. Security conferences versus practical knowledge
By Don Parker
While the training industry as a whole has evolved rather well to suit the needs of \
their clients, the computer conference - specifically the computer security \
conference - has declined in relevance to the everyday sys-admin and network security \
practitioners. http://www.securityfocus.com/columnists/449
2. Achtung! New German Laws on Cybercrime
By Federico Biancuzzi
Germany is passing some new laws regarding cybercrime that might affect security \
professionals. Federico Biancuzzi interviewed Marco Gercke, one of the experts that \
was invited to the parliamentary hearing, to learn more about this delicate subject. \
They discussed what is covered by the new laws, which areas remain in the dark, and \
how they might affect vulnerability disclosure and the use of common tools, such as \
nmap. http://www.securityfocus.com/columnists/448
II. MICROSOFT VULNERABILITY SUMMARY
------------------------------------
1. Ipswitch IMail Server and Collaboration Suite (ICS) Multiple Buffer Overflow \
Vulnerabilities BugTraq ID: 25176
Remote: Yes
Date Published: 2007-08-02
Relevant URL: http://www.securityfocus.com/bid/25176
Summary:
Ipswitch IMail Server and Collaboration Suite (ICS) are prone to multiple \
buffer-overflow vulnerabilities because these applications fail to properly \
bounds-check user-supplied input before copying it into an insufficiently sized \
memory buffer.
Attackers may exploit these issues to execute arbitrary code in the context of the \
affected applications. Failed exploit attempts will likely result in \
denial-of-service conditions.
Ipswitch Collaboration Suite (ICS) 2006, IMail Premium 2006.2 and 2006.21 are \
reported vulnerable to these issues; other versions may also be affected.
2. Atheros Wireless Drivers Denial of Service Vulnerability
BugTraq ID: 25160
Remote: Yes
Date Published: 2007-08-01
Relevant URL: http://www.securityfocus.com/bid/25160
Summary:
Atheros wireless drivers are prone to a denial-of-service vulnerability because they \
fail to properly handle malformed wireless frames.
Remote attackers may exploit this issue to cause denial-of-service conditions.
Atheros drivers are also used by OEM (Original Equipment Manufacturer) wireless \
adapters. Therefore, various brands of wireless adapters using the Atheros chipset \
are affected by this vulnerability.
This issue is reported to affect drivers for the Windows operating system. Note that \
Linux, UNIX, and BSD computers may be vulnerable if using the NDISWrapper or similar \
technology to load an affected driver.
3. Visionsoft Audit Multiple Remote Vulnerabilities
BugTraq ID: 25153
Remote: Yes
Date Published: 2007-07-31
Relevant URL: http://www.securityfocus.com/bid/25153
Summary:
Visionsoft Audit is prone to multiple remote vulnerabilities:
- A heap-based buffer-overflow issue
- Multiple information-disclosure issues
- A denial-of-service issue
- A password-disclosure issue
- Multiple arbitrary-file-overwrite issues
An attacker can exploit these issues to completely compromise the affected computer, \
crash the affected application, overwrite arbitrary files, gain unauthorized access \
to the affected application, and obtain sensitive information.
These issues affect Visionsoft Audit 12.4.0.0; other versions may also be affected.
4. Nullsoft Winamp M3U File Denial of Service Vulnerability
BugTraq ID: 25152
Remote: Yes
Date Published: 2007-07-31
Relevant URL: http://www.securityfocus.com/bid/25152
Summary:
Winamp is prone to a remote denial-of-service vulnerability.
An attacker can exploit this issue to crash the application, effectively denying \
service to legitimate users. Given the nature of this issue, the attacker may be able \
to execute arbitrary code, but this has not been confirmed.
This issue is reported to affect Winamp 5.35; other versions may also be vulnerable.
5. UltraDefrag FindFiles Function Buffer Overflow Vulnerability
BugTraq ID: 25102
Remote: Yes
Date Published: 2007-07-27
Relevant URL: http://www.securityfocus.com/bid/25102
Summary:
UltraDefrag is prone to a buffer-overflow vulnerability because the application fails \
to perform adequate boundary checks on user-supplied data.
Successfully exploiting this issue allows attackers to execute arbitrary machine code \
with SYSTEM-level privileges, facilitating the complete compromise of affected \
computers.
Versions prior to UltraDefrag 1.0.4 are vulnerable to this issue.
6. Guidance Software EnCase Forensic Unspecified Denial Of Service Vulnerability
BugTraq ID: 25101
Remote: Yes
Date Published: 2007-07-27
Relevant URL: http://www.securityfocus.com/bid/25101
Summary:
Guidance Software EnCase Forensic is prone to an unspecified denial-of-service \
vulnerability because it fails to handle specially crafted filesystems.
Attackers can exploit this issue to cause denial-of-service conditions. This can \
delay and complicate forensic investigations.
NOTE: This issue may be related to the issues described in BID 25100.
EnCase Forensics 5.0 is vulnerable; other versions may also be affected.
7. Guidance Software EnCase Forensic Multiple Denial Of Service Vulnerabilities
BugTraq ID: 25100
Remote: Yes
Date Published: 2007-07-27
Relevant URL: http://www.securityfocus.com/bid/25100
Summary:
Guidance Software EnCase Forensic is prone to multiple denial-of-service \
vulnerabilities because it fails to handle specially crafted and malformed NTFS \
filesystems.
Attackers can exploit this issue to crash the application or cause it to hang. This \
can delay and complicate forensic investigations.
8. Drupal Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 25097
Remote: Yes
Date Published: 2007-07-27
Relevant URL: http://www.securityfocus.com/bid/25097
Summary:
Drupal is prone to multiple cross-site scripting vulnerabilities because it fails to \
properly sanitize user-supplied input before using it in dynamically generated \
content.
An attacker may leverage these issues to execute arbitrary script code in the browser \
of an unsuspecting user in the context of the affected site. This may help the \
attacker steal cookie-based authentication credentials and launch other attacks.
Versions prior to Drupal 4.7.7 and prior to Drupal 5.2 are vulnerable to these \
issues.
9. CrystalPlayer Playlist File Buffer Overflow Vulnerability
BugTraq ID: 25083
Remote: Yes
Date Published: 2007-07-26
Relevant URL: http://www.securityfocus.com/bid/25083
Summary:
CrystalPlayer is prone to a buffer-overflow vulnerability because the application \
fails to properly bounds-check user-supplied data before copying it into an \
insufficiently sized buffer.
An attacker can exploit this issue to execute arbitrary code with the privileges of \
the application. Successfully exploiting this issue will result in a compromise of \
affected computers. Failed exploit attempts will likely result in denial-of-service \
conditions.
This issue affects CrystalPlayer 1.98; other versions may also be vulnerable.
10. Microsoft Windows ARP Request Denial of Service Vulnerability
BugTraq ID: 25066
Remote: Yes
Date Published: 2007-07-25
Relevant URL: http://www.securityfocus.com/bid/25066
Summary:
Microsoft Windows is prone to a denial-of-service vulnerability due to its \
inefficient handling of malicious ARP requests.
Attackers can exploit this issue to consume excessive CPU resources, denying service \
to legitimate users for the duration of the attack.
Microsoft Windows XP SP2 and Vista are vulnerable to this issue; other Microsoft \
operating systems and versions may also be affected.
11. Sun Java System Application Server JSP Source Code Disclosure Vulnerability
BugTraq ID: 25058
Remote: Yes
Date Published: 2007-07-25
Relevant URL: http://www.securityfocus.com/bid/25058
Summary:
Sun Java System Application Server on Microsoft Windows is prone to a vulnerability \
that may allow remote attackers to obtain sensitive JSP source code, which may aid \
them in further attacks.
12. Computer Associates Multiple Products Message Queuing Remote Stack Buffer \
Overflow Vulnerability BugTraq ID: 25051
Remote: Yes
Date Published: 2007-07-24
Relevant URL: http://www.securityfocus.com/bid/25051
Summary:
Multiple Computer Associates products are prone to a remote stack-based \
buffer-overflow vulnerability. This issue affects the Message Queuing (CAM/CAFT) \
component. The application fails to properly bounds-check user-supplied data before \
copying it to an insufficiently sized buffer.
A successful exploit will allow an attacker to execute arbitrary code with \
SYSTEM-level privileges.
This issue affects all versions of the CA Message Queuing software prior to v1.11 \
Build 54_4 on Windows and NetWare.
13. Kerio MailServer Attachment Filter Unspecified Vulnerability
BugTraq ID: 25038
Remote: Yes
Date Published: 2007-07-24
Relevant URL: http://www.securityfocus.com/bid/25038
Summary:
Kerio MailServer is prone to an unspecified vulnerability due to an error in the \
attachment filter.
Very few details are currently available regarding this issue. We will update this \
BID as more information emerges.
Versions prior to Kerio MailServer 6.4.1 are considered vulnerable.
14. Ipswitch Instant Messaging Remote Denial of Service Vulnerability
BugTraq ID: 25031
Remote: Yes
Date Published: 2007-07-23
Relevant URL: http://www.securityfocus.com/bid/25031
Summary:
Ipswitch Instant Messaging Server is prone to a remote denial-of-service \
vulnerability because the application fails to properly handle unexpected network \
data.
Successfully exploiting this issue allows remote attackers to crash the IM service, \
denying further instant messages for legitimate users.
Ipswitch IM Server 2.0.5.30 is vulnerable; other versions may also be affected.
15. Zenturi ProgramChecker SASATL.DLL ActiveX Control Scan Method Buffer Overflow \
Vulnerability BugTraq ID: 25025
Remote: Yes
Date Published: 2007-07-23
Relevant URL: http://www.securityfocus.com/bid/25025
Summary:
The Zenturi ProgramChecker 'sasatl.dll' ActiveX control is prone to a buffer-overflow \
vulnerability because it fails to bounds-check user-supplied data before copying it \
into an insufficiently sized buffer.
Successfully exploiting this issue allows remote attackers to execute arbitrary code \
in the context of the application using the ActiveX control (typically Internet \
Explorer). Failed exploit attempts likely result in denial-of-service conditions.
16. Microsoft Internet Explorer SeaMonkey Browser URI Handler Command Injection \
Vulnerability BugTraq ID: 25021
Remote: Yes
Date Published: 2007-07-23
Relevant URL: http://www.securityfocus.com/bid/25021
Summary:
Microsoft Internet Explorer is prone to a vulnerability that lets attackers inject \
commands through SeaMonkey's 'mailto' protocol handler.
Exploiting these issues allows remote attackers to pass and execute arbitrary \
commands and arguments through the 'SeaMonkey.exe' process by employing the 'mailto' \
handler.
An attacker can also employ these issues to carry out cross-browser scripting attacks \
by using the '-chrome' argument. This can allow the attacker to run JavaScript code \
with the privileges of trusted Chrome context and gain full access to SeaMonkey's \
resources.
Exploiting these issues would permit remote attackers to influence command options \
that can be called through the 'mailto' handles and therefore execute commands and \
script code with the privileges of a user running the applications. Successful \
attacks may result in a variety of consequences, including remote unauthorized \
access.
17. Microsoft Windows Explorer GIF File Denial of Service Vulnerability
BugTraq ID: 25013
Remote: Yes
Date Published: 2007-07-23
Relevant URL: http://www.securityfocus.com/bid/25013
Summary:
Microsoft Windows Explorer is prone to a denial-of-service vulnerability.
An attacker could exploit this issue to cause Explorer to crash, effectively denying \
service. Arbitrary code execution may be possible, but this has not been confirmed.
This issue affects Explorer on Microsoft Windows XP SP2; other operating systems and \
versions may also be affected.
III. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. SecurityFocus Microsoft Newsletter #352
http://www.securityfocus.com/archive/88/475053
2. USB device control software
http://www.securityfocus.com/archive/88/472910
IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to ms-secnews-unsubscribe@securityfocus.com \
from the subscribed address. The contents of the subject or message body do not \
matter. You will receive a confirmation request message to which you will have to \
answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and \
unsubscribe via the website.
If your email address has changed email listadmin@securityfocus.com and ask to be \
manually removed.
V. SPONSOR INFORMATION
------------------------
This Issue is Sponsored by: SPI Dynamics
ALERT: Learn to Think Like a Hacker - Simulate a Hacker Breaking into Your Web Apps
The speed with which Web Applications are developed make them prime targets for \
attackers, often these applications were developed so quickly that they are not coded \
properly or subjected to any security testing. Hackers know this and use it as their \
weapon. Download this *FREE* test guide from SPI Dynamics to check for Web \
application vulnerabilities. \
https://download.spidynamics.com/1/ad/web.asp?Campaign_ID=70160000000CysD
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic