[prev in list] [next in list] [prev in thread] [next in thread] 

List:       focus-ms
Subject:    SecurityFocus Microsoft Newsletter #354
From:       pjungles () securityfocus ! com
Date:       2007-08-14 16:10:21
Message-ID: Pine.LNX.4.64.0708141009410.16820 () mail ! securityfocus ! com
[Download RAW message or body]

SecurityFocus Microsoft Newsletter #354
----------------------------------------

This Issue is Sponsored by: Watchfire

As web applications become increasingly complex, tremendous amounts of
sensitive data - including personal, medical and financial information -
are exchanged, and stored. This paper examines a few vulnerability
detection methods - specifically comparing and contrasting manual
penetration testing with automated scanning tools. Download Watchfire's
"Web Application Security: Automated Scanning or Manual Penetration
Testing?" whitepaper today!

https://www.watchfire.com/securearea/whitepapers.aspx?id=701700000008yka

SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as
conveying topics of interest for our community. We are proud to offer
content from Matasano at this time and will be adding more in the coming
weeks.
http://www.securityfocus.com/blogs

------------------------------------------------------------------
I. FRONT AND CENTER
1. Delete This!
2. Security conferences versus practical knowledge
II. MICROSOFT VULNERABILITY SUMMARY
1. WinGate SMTP Session Invalid State Remote Denial Of Service
Vulnerability
2. Microsoft August 2007 Advance Notification Multiple Vulnerabilities
3. Microsoft Windows Media Player AU Divide-By-Zero Denial of Service
Vulnerability
4. Microsoft Internet Explorer Position:Relative Denial of Service
Vulnerability
5. Microsoft Windows Explorer JPG File Denial of Service Vulnerability
6. Microsoft Windows Calendar ICS File Denial of Service Vulnerability
7. JustSystem Ichitaro Unspecified Code Execution Vulnerability
8. Panda Antivirus Insecure File Permissions Local Privilege Escalation
Vulnerability
9. Ipswitch IMail Server and Collaboration Suite (ICS) Multiple Buffer
Overflow Vulnerabilities
III. MICROSOFT FOCUS LIST SUMMARY
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1. Delete This!
By Mark Rasch
A series of legal events means that companies that have no business
reason to retain documents or records may be compelled to create and
retain such records just so they can become available for discovery.
http://www.securityfocus.com/columnists/450

2. Security conferences versus practical knowledge
By Don Parker
While the training industry as a whole has evolved rather well to suit
the needs of their clients, the computer conference - specifically the
computer security conference - has declined in relevance to the everyday
sys-admin and network security practitioners.
http://www.securityfocus.com/columnists/449

II. MICROSOFT VULNERABILITY SUMMARY
------------------------------------
1. WinGate SMTP Session Invalid State Remote Denial Of Service
Vulnerability
BugTraq ID: 25272
Remote: Yes
Date Published: 2007-08-10
Relevant URL: http://www.securityfocus.com/bid/25272
Summary:
WinGate is prone to a denial-of-service vulnerability because the
application fails to sanitize user-supplied input before including it in
the format-specifier argument of a formatted-printing function.

An attacker can exploit this issue to crash the affected application,
denying service to legitimate users.

This issue affects versions prior to WinGate 6.2.2.

2. Microsoft August 2007 Advance Notification Multiple Vulnerabilities
BugTraq ID: 25247
Remote: Yes
Date Published: 2007-08-09
Relevant URL: http://www.securityfocus.com/bid/25247
Summary:
Microsoft has released advance notification that the vendor will be
releasing nine security bulletins on August 14, 2007. The highest
severity rating for these issues is 'Critical'.

Successful exploits can result in privilege escalation and remote code
execution.

Further details about these issues are not currently available.
Individual BIDs will be created for each issue; this record will be
removed when the security bulletins are released.

3. Microsoft Windows Media Player AU Divide-By-Zero Denial of Service
Vulnerability
BugTraq ID: 25236
Remote: Yes
Date Published: 2007-08-08
Relevant URL: http://www.securityfocus.com/bid/25236
Summary:
Microsoft Windows Media Player is prone to a denial-of-service
vulnerability when processing a malformed AU file.

A remote attacker can exploit this issue to crash the affected
application, denying service to legitimate users.

This issue affects Microsoft Windows Media Player 11; other versions may
also be affected.

4. Microsoft Internet Explorer Position:Relative Denial of Service
Vulnerability
BugTraq ID: 25222
Remote: Yes
Date Published: 2007-08-07
Relevant URL: http://www.securityfocus.com/bid/25222
Summary:
Microsoft Internet Explorer is prone to a denial-of-service
vulnerability because the application fails to handle certain HTML code.

This issue is triggered when a remote attacker entices a victim user to
visit a malicious website.

Attackers may exploit this issue to crash Internet Explorer, effectively
denying service to legitimate users.

This issue affects Internet Explorer 6.

5. Microsoft Windows Explorer JPG File Denial of Service Vulnerability
BugTraq ID: 25207
Remote: Yes
Date Published: 2007-08-06
Relevant URL: http://www.securityfocus.com/bid/25207
Summary:
Microsoft Windows Explorer is prone to a denial-of-service
vulnerability.

An attacker could exploit this issue to cause Explorer to crash,
effectively denying service. Arbitrary code execution may be possible,
but this has not been confirmed.

This issue affects Windows Explorer on Microsoft Windows XP; other
operating systems may also be affected.

6. Microsoft Windows Calendar ICS File Denial of Service Vulnerability
BugTraq ID: 25201
Remote: Yes
Date Published: 2007-08-04
Relevant URL: http://www.securityfocus.com/bid/25201
Summary:
Microsoft Windows Calendar as shipped with Windows Vista is prone to a
denial-of-service vulnerability.

An attacker may exploit this vulnerability to cause the affected
application to crash, resulting in denial-of-service conditions.

7. JustSystem Ichitaro Unspecified Code Execution Vulnerability
BugTraq ID: 25187
Remote: Yes
Date Published: 2007-08-02
Relevant URL: http://www.securityfocus.com/bid/25187
Summary:
Ichitaro is prone to an unspecified remotely exploitable code-execution
vulnerability.

Remote attackers may exploit this issue to execute arbitrary code within
the context of the currently logged in user.

This issue is being exploited in the wild by Trojan.Tarodrop.D. Few
details are available regarding this issue. This BID will be updated
when more information emerges.

8. Panda Antivirus Insecure File Permissions Local Privilege Escalation
Vulnerability
BugTraq ID: 25186
Remote: No
Date Published: 2007-08-02
Relevant URL: http://www.securityfocus.com/bid/25186
Summary:
Panda Antivirus is prone to a local privilege-escalation vulnerability
that stems from a design error. This vulnerability occurs because the
application assigns insecure file permissions to certain directories
upon installation.

An attacker may exploit this vulnerability to overwrite files with
arbitrary code in the affected directories. The arbitrary code is then
executed with System-level privileges. This may facilitate a complete
compromise of affected computers.

Panda Antivirus 2008 is reported vulnerable.

This issue is related to BID 19891: Panda Platinum Internet Security
2006/2007 Local Privilege Escalation Vulnerability.

9. Ipswitch IMail Server and Collaboration Suite (ICS) Multiple Buffer
Overflow Vulnerabilities
BugTraq ID: 25176
Remote: Yes
Date Published: 2007-08-02
Relevant URL: http://www.securityfocus.com/bid/25176
Summary:
Ipswitch IMail Server and Collaboration Suite (ICS) are prone to
multiple buffer-overflow vulnerabilities because these applications fail
to properly bounds-check user-supplied input before copying it into an
insufficiently sized memory buffer.

Attackers may exploit these issues to execute arbitrary code in the
context of the affected applications. Failed exploit attempts will
likely result in denial-of-service conditions.

These versions are reported vulnerable to these issues:

Ipswitch Collaboration Suite (ICS) 2006
IMail Premium 2006.2 and 2006.21

Other versions may also be affected.

III. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to ms-secnews-unsubscribe (at)
securityfocus (dot) com [email concealed] from the subscribed address.
The contents of the subject or message body do not matter. You will
receive a confirmation request message to which you will have to answer.
Alternatively you can also visit
http://www.securityfocus.com/newsletters and unsubscribe via the
website.

If your email address has changed email listadmin (at) securityfocus
(dot) com [email concealed] and ask to be manually removed.

V. SPONSOR INFORMATION
------------------------
This Issue is Sponsored by: Watchfire

As web applications become increasingly complex, tremendous amounts of
sensitive data - including personal, medical and financial information -
are exchanged, and stored. This paper examines a few vulnerability
detection methods - specifically comparing and contrasting manual
penetration testing with automated scanning tools. Download Watchfire's
"Web Application Security: Automated Scanning or Manual Penetration
Testing?" whitepaper today!

https://www.watchfire.com/securearea/whitepapers.aspx?id=701700000008yka
[prev in list] [next in list] [prev in thread] [next in thread]