'SecurityFocus Microsoft Newsletter #397'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       focus-ms
Subject:    SecurityFocus Microsoft Newsletter #397
From:       Rob Keith <rkeith () securityfocus ! com>
Date:       2008-06-04 18:41:17
Message-ID: 4846E1CD.2040101 () securityfocus ! com
[Download RAW message or body]

SecurityFocus Microsoft Newsletter #397

----------------------------------------

This issue is sponsored by Black Hat USA:

Attend Black Hat USA, August 2-7 in Las Vegas, the world's premier technical event \
for ICT security experts. Featuring 40 hands-on training courses and 80 Briefings \
presentations with lots of new content and new tools.  Network with 4,000 delegates \
from 50 nations.  Visit product displays by 30 top sponsors in a relaxed setting.  \
www.blackhat.com


SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying \
topics of interest for our community. We are proud to offer content from Matasano at \
this time and will be adding more in the coming weeks. \
http://www.securityfocus.com/blogs

------------------------------------------------------------------
I.   FRONT AND CENTER
       1. Anti-Social Networking
       2. Thinking Beyond the Ivory Towers
II.  MICROSOFT VULNERABILITY SUMMARY
       1. freeSSHd SFTP 'opendir' Buffer Overflow Vulnerability
       2. Apple Safari and Microsoft Windows Client-side Code Execution Vulnerability
       3. VMware VMCI Arbitrary Code Execution Vulnerability
       4. Xerox DocuShare Multiple Cross-Site Scripting Vulnerabilities
       5. Symantec Backup Exec System Recovery Manager Directory Traversal \
Vulnerability III. MICROSOFT FOCUS LIST SUMMARY
       1. ISA as a proxy
IV.  UNSUBSCRIBE INSTRUCTIONS
V.   SPONSOR INFORMATION

I.   FRONT AND CENTER
---------------------
1. Anti-Social Networking
By Mark Rasch
On May 15, 2008, a federal grand jury Los Angeles indicted 49-year-old Lori Drew of \
O.Fallon, Missouri, on charges of unauthorized access to a computer, typically used \
in hacking cases. Yet, Drew's alleged actions had little to do with computer \
intrusions.  http://www.securityfocus.com/columnists/473

2. Thinking Beyond the Ivory Towers
By Dave Aitel
In the information-security industry, there are clear and vast gaps in the way \
academia interacts with professional researchers. While these gaps will be filled in \
due time, their existence means that security professionals outside the hallowed \
halls of colleges and universities need to be aware of the differences in how \
researchers and professionals think.  http://www.securityfocus.com/columnists/472


II.  MICROSOFT VULNERABILITY SUMMARY
------------------------------------
1. freeSSHd SFTP 'opendir' Buffer Overflow Vulnerability
BugTraq ID: 29453
Remote: Yes
Date Published: 2008-05-31
Relevant URL: http://www.securityfocus.com/bid/29453
Summary:
freeSSHd is prone to a buffer-overflow vulnerability because the application fails to \
properly bounds-check user-supplied data before storing it in a finite-sized buffer. 

An attacker may exploit this issue to execute arbitrary code with SYSTEM-level \
privileges. Successfully exploiting this issue will result in the complete compromise \
of affected computers. Failed exploit attempts will result in a denial of service.

 This issue affects freeSSHd 1.2.1; other versions may also be affected.

2. Apple Safari and Microsoft Windows Client-side Code Execution Vulnerability
BugTraq ID: 29445
Remote: Yes
Date Published: 2008-05-30
Relevant URL: http://www.securityfocus.com/bid/29445
Summary:
A vulnerability in Apple Safari on the Microsoft Windows operating system stems from \
a combination of security issues in Safari and all versions of Microsoft XP and Vista \
that will allow executables to be downloaded to a user's computer and run without \
prompting.

Third-party sources have indicated that the vulnerability in Safari is the \
"carpet-bombing" issue reported by Nitesh Dhanjani. If the issue is exploited, \
attacked-specified content is downloaded to the user's desktop without prompting. \
However, the Safari issue alone does not let an attacker execute the content. \
Presumably, an additional issue in Microsoft Windows can be exploited in tandem with \
this issue to run the content that is downloaded to the user's desktop.

3. VMware VMCI Arbitrary Code Execution Vulnerability
BugTraq ID: 29443
Remote: No
Date Published: 2008-05-30
Relevant URL: http://www.securityfocus.com/bid/29443
Summary:
Multiple VMware hosted products with VMCI enabled are prone to a vulnerability that \
lets attackers execute arbitrary code. This issue affects Microsoft Windows-based \
hosts only.

An attacker can exploit this issue to execute arbitrary code with SYSTEM-level \
privileges. Successfully exploiting this issue can completely compromise affected \
computers. Failed exploit attempts will result in a denial-of-service condition.

This issue affects the following VMware products:

VMware Workstation prior to 6.0.4 build 93057
VMware Player prior to 2.0.4 build 93057
VMware ACE prior to 2.0.2 build 93057

4. Xerox DocuShare Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 29430
Remote: Yes
Date Published: 2008-05-29
Relevant URL: http://www.securityfocus.com/bid/29430
Summary:
Xerox DocuShare is prone to multiple cross-site scripting vulnerabilities.

An attacker may leverage these issues to execute arbitrary script code in the browser \
of an unsuspecting user in the context of the affected site. This may help the \
attacker steal cookie-based authentication credentials and launch other attacks.

Xerox DocuShare 6 and prior versions are vulnerable.

5. Symantec Backup Exec System Recovery Manager Directory Traversal Vulnerability
BugTraq ID: 29350
Remote: Yes
Date Published: 2008-05-28
Relevant URL: http://www.securityfocus.com/bid/29350
Summary:
Symantec Backup Exec System Recovery Manager is prone to a directory-traversal \
vulnerability.

An attacker can exploit this issue to access privileged system files and gain \
unauthorized access to the affected computer.

This issue affects these versions:

Symantec Backup Exec System Recovery Manager 7 prior to 7.0.4
Symantec Back Exec System Recovery Manager 8 prior to 8.0.2.

III. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. ISA as a proxy
http://www.securityfocus.com/archive/88/492690

IV.  UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to ms-secnews-unsubscribe@securityfocus.com \
from the subscribed address. The contents of the subject or message body do not \
matter. You will receive a confirmation request message to which you will have to \
answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and \
unsubscribe via the website.

If your email address has changed email listadmin@securityfocus.com and ask to be \
manually removed.

V.   SPONSOR INFORMATION
------------------------
This issue is sponsored by Black Hat USA:

Attend Black Hat USA, August 2-7 in Las Vegas, the world's premier technical event \
for ICT security experts. Featuring 40 hands-on training courses and 80 Briefings \
presentations with lots of new content and new tools.  Network with 4,000 delegates \
from 50 nations.  Visit product displays by 30 top sponsors in a relaxed setting.  \
www.blackhat.com


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic