----------------------------------------
This Issue is Sponsored by: eEye
Too Many Security Agents Cluttering Your System?
Replace your Firewall, IPS, Anti-Spyware and more with Blink® Professional for less than what you are currently paying in renewals.
Learn more on how you can experience the simplicity of one. One agent. One console. One Policy. One Solution.
Introducing eEye Digital Security's Blink® Professional, the first all-in-one security agent.
http://www.eeye.com/ctrack.asp?ref=SFBlink20061031
------------------------------------------------------------------
I. FRONT AND CENTER
1. Employee Privacy, Employer Policy
2. Surprises Inside Microsoft Vista's EULA
II. MICROSOFT VULNERABILITY SUMMARY
1. Easy File Sharing Web Server Information Disclosure and Input Validation Vulnerabilities
2. Microsoft Internet Explorer RemoveChild Denial of Service Vulnerability
3. Microsoft Windows NAT Helper Remote Denial of Service Vulnerability
4. Microsoft Internet Explorer Unspecified Code Execution Vulnerability
5. Wireshark Multiple Protocol Dissectors Denial of Service Vulnerabilities
6. wvWare Multiple Integer Overflow Vulnerabilities
7. Axalto Protiva Local Information Disclosure Vulnerability
8. Microsoft .NET Framework Request Filtering Bypass Vulnerability
9. Nullsoft Winamp Ultravox Multiple Remote Heap Overflow Vulnerabilities
10. Cisco Security Agent Remote Port Scan Denial of Service Vulnerability
11. Microsoft Internet Explorer 7 Popup Window Address Bar Spoofing Weakness
12. Smartgate SSL Server Directory Traversal Information Disclosure Vulnerability
13. DataWizard FTPXQ Server Multiple Remote Vulnerabilities
14. PostgreSQL Multiple Local Denial of Service Vulnerabilities
15. Desknet's Unspecified Remote Buffer Overflow Vulnerability
16. Microsoft Internet Explorer ADODB.Connection Execute Memory Corruption Vulnerability
17. QK SMTP Remote Buffer Overflow Vulnerability
III. MICROSOFT FOCUS LIST SUMMARY
1. IIS Security
2. SecurityFocus Microsoft Newsletter #314
3. FW: grant access to WINS only
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION
I. FRONT AND CENTER
---------------------
1. Employee Privacy, Employer Policy
By Kelly Martin
Following the 2006 International Virus Bulletin Conference, Kelly Martin takes a look at the profit motives of the cyber criminals behind modern viruses, targeted trojans, phishing scams and botnet attacks that are stealing millions from organizations and individuals.
http://www.securityfocus.com/columnists/419
2. Surprises Inside Microsoft Vista's EULA
By Scott Granneman
Scott Granneman takes a look at some big surprises in Microsoft's Vista EULA that limit what security professionals and others can do with the forthcoming operating system.
http://www.securityfocus.com/columnists/420
II. MICROSOFT VULNERABILITY SUMMARY
------------------------------------
1. Easy File Sharing Web Server Information Disclosure and Input Validation Vulnerabilities
BugTraq ID: 20823
Remote: Yes
Date Published: 2006-10-31
Relevant URL: http://www.securityfocus.com/bid/20823
Summary:
Easy File Sharing Web Server is prone to information-disclosure and input-validation vulnerabilities. The application fails to properly sanitize user-supplied input before using it in dynamically generated content.
The issues include HTML-injection, cross-site scripting, and arbitrary information-disclosure vulnerabilities.
An attacker can exploit these issues to steal cookie-based authentication credentials, control how the site is rendered to the user, and gain access to otherwise confidential information. Successful exploits may facilitate a compromise of the underlying computer.
Version 4.0 of Easy File Sharing Web Server is vulnerable; other versions may also be affected.
2. Microsoft Internet Explorer RemoveChild Denial of Service Vulnerability
BugTraq ID: 20812
Remote: Yes
Date Published: 2006-10-30
Relevant URL: http://www.securityfocus.com/bid/20812
Summary:
Microsoft Internet Explorer is prone to a denial-of-service vulnerability. This issue occurs when Internet Explorer attempts to execute certain JavaScript code.
Successfully exploiting this issue will cause the affected application to crash, denying service to legitimate users. Code execution may potentially be possible, but this has not been confirmed.
Internet Explorer 6 and 7 are vulnerable to this issue; other versions may also be affected.
3. Microsoft Windows NAT Helper Remote Denial of Service Vulnerability
BugTraq ID: 20804
Remote: Yes
Date Published: 2006-10-30
Relevant URL: http://www.securityfocus.com/bid/20804
Summary:
Microsoft Windows is prone to a remote denial-of-service vulnerability because the Server service fails to properly handle unexpected network traffic.
Exploiting this issue may cause affected computers to crash, denying service to legitimate users. Reports indicate that this vulnerability can be used to disable the Windows firewall.
To exploit this issue, an attacker must have the ability to send malformed network traffic from a network interface located in the LAN-side of an affected computer.
4. Microsoft Internet Explorer Unspecified Code Execution Vulnerability
BugTraq ID: 20797
Remote: Yes
Date Published: 2006-10-30
Relevant URL: http://www.securityfocus.com/bid/20797
Summary:
Microsoft Internet Explorer is prone to an unspecified vulnerability that results in arbitrary code execution.
Successfully exploiting this issue allows remote attackers to execute arbitrary machine code in the context of the vulnerable application. This facilitates the remote compromise of affected computers.
Internet Explorer 6 is vulnerable to this issue; other versions may also be affected.
An exploit for this issue is reportedly in the wild.
5. Wireshark Multiple Protocol Dissectors Denial of Service Vulnerabilities
BugTraq ID: 20762
Remote: Yes
Date Published: 2006-10-27
Relevant URL: http://www.securityfocus.com/bid/20762
Summary:
Wireshark is prone to multiple denial-of-service vulnerabilities.
Exploiting these issues may permit attackers to cause crashes and deny service to legitimate users of the application.
Wireshark versions prior to 0.99.4 are affected.
6. wvWare Multiple Integer Overflow Vulnerabilities
BugTraq ID: 20761
Remote: Yes
Date Published: 2006-10-26
Relevant URL: http://www.securityfocus.com/bid/20761
Summary:
wvWare is prone to multiple integer-overflow vulnerability because the library fails to properly bounds-check user-supplied input.
An attacker can exploit these vulnerabilities to execute arbitrary code in the context of the application using the vulnerable library. Failed exploit attempts will likely result in denial-of-service conditions.
wvWare 1.2.2 and prior versions are vulnerable.
7. Axalto Protiva Local Information Disclosure Vulnerability
BugTraq ID: 20755
Remote: No
Date Published: 2006-10-26
Relevant URL: http://www.securityfocus.com/bid/20755
Summary:
Axalto Protiva is prone to a local information-disclosure vulnerability because the application fails to protect sensitive information from unprivileged users.
A user who can gain local, interactive access to affected computers may exploit this issue to access credentials stored by the application. Information harvested by exploiting this issue will aid the attacker in further attacks. By compromising the information store of affected services, the attacker may potentially gain unauthorized access to any computer or device that is configured to use the affected service as an authentication source.
Axalto Protiva 1.1 is vulnerable to this issue; other versions may also be affected.
8. Microsoft .NET Framework Request Filtering Bypass Vulnerability
BugTraq ID: 20753
Remote: Yes
Date Published: 2006-10-26
Relevant URL: http://www.securityfocus.com/bid/20753
Summary:
Microsoft .NET framework is prone to a vulnerability that may permit the bypassing of content filtering.
An attacker can exploit this issue to perform multiple input-validation attacks such as cross-site scripting, SQL-injection, and HTML-injection; other attacks are also possible.
9. Nullsoft Winamp Ultravox Multiple Remote Heap Overflow Vulnerabilities
BugTraq ID: 20744
Remote: Yes
Date Published: 2006-10-25
Relevant URL: http://www.securityfocus.com/bid/20744
Summary:
Winamp is prone to multiple Ultravox-related remote heap-based buffer-overflow vulnerabilities because the application fails to properly bounds-check user-supplied input before copying it into an insufficiently sized memory buffer.
Successfully exploiting these issues allows remote attackers to execute arbitrary machine code in the context of the vulnerable application. This will facilitate the remote compromise of affected computers.
To exploit these issues, attackers would have to coerce unsuspecting users to connect to a malicious server with the vulnerable application. This may be accomplished by having users follow a malicious URI or by embedding malicious data in a playlist file.
10. Cisco Security Agent Remote Port Scan Denial of Service Vulnerability
BugTraq ID: 20737
Remote: Yes
Date Published: 2006-10-25
Relevant URL: http://www.securityfocus.com/bid/20737
Summary:
Cisco Security Agent (CSA) for Linux is vulnerable to a remote denial-of-service vulnerability because the application fails to properly handle unexpected network traffic.
Successfully exploiting this issue allows remote attackers to cause the affected software to enter into an unresponsive state, denying further service to legitimate users.
This issue does not affect CSA for Windows or Solaris.
11. Microsoft Internet Explorer 7 Popup Window Address Bar Spoofing Weakness
BugTraq ID: 20728
Remote: Yes
Date Published: 2006-10-25
Relevant URL: http://www.securityfocus.com/bid/20728
Summary:
Microsoft Internet Explorer is prone to a weakness that allows attackers to spoof a popup window and address bar.
Attackers may exploit this via a malicious web page to spoof the contents and origin of a page that the victim may trust. This vulnerability may be useful in phishing or other attacks that rely on content spoofing.
12. Smartgate SSL Server Directory Traversal Information Disclosure Vulnerability
BugTraq ID: 20722
Remote: Yes
Date Published: 2006-10-24
Relevant URL: http://www.securityfocus.com/bid/20722
Summary:
The Smartgate SSL Server is prone to a remote information-disclosure vulnerability because the application fails to properly sanitize user-supplied input.
Exploiting this issue allows remote, unauthenticated attackers to retrieve the contents of arbitrary files from vulnerable computers with the privileges of the webserver process. Information harvested may aid in further attacks.
13. DataWizard FTPXQ Server Multiple Remote Vulnerabilities
BugTraq ID: 20721
Remote: Yes
Date Published: 2006-10-24
Relevant URL: http://www.securityfocus.com/bid/20721
Summary:
DataWizard FtpXQ Server is prone to multiple remote vulnerabilities:
- A remote denial-of-service issue occurs because the application fails to perform adequate bounds checks on user-supplied data before copying it to an insufficiently sized buffer. An attacker could exploit this issue to crash the application, denying access to legitimate users.
- The application creates two testing accounts by default. An attacker can access these accounts to gain read/write privileges on the server, which could result in the compromise of the affected computer.
Version 3.01 is vulnerable; other version may also be affected.
14. PostgreSQL Multiple Local Denial of Service Vulnerabilities
BugTraq ID: 20717
Remote: No
Date Published: 2006-10-24
Relevant URL: http://www.securityfocus.com/bid/20717
Summary:
PostgreSQL is prone to multiple local denial-of-service vulnerabilities because of various errors in the application when handling user-supplied data.
A local authenticated attacker can exploit these issues to crash the server, effectively denying service to legitimate users.
15. Desknet's Unspecified Remote Buffer Overflow Vulnerability
BugTraq ID: 20716
Remote: Yes
Date Published: 2006-10-24
Relevant URL: http://www.securityfocus.com/bid/20716
Summary:
Desknet's is prone to an unspecified remote buffer-overflow vulnerability because it fails to properly bound-check user-supplied input before copying it into an insufficiently sized buffer.
An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. A complete compromise of the computer running the application may be possible.
Versions V4.5J R2.4 and prior are vulnerable.
16. Microsoft Internet Explorer ADODB.Connection Execute Memory Corruption Vulnerability
BugTraq ID: 20704
Remote: Yes
Date Published: 2006-10-24
Relevant URL: http://www.securityfocus.com/bid/20704
Summary:
Microsoft Internet Explorer is prone to a memory-corruption condition when processing a specific method from the 'ADODB.Connection.2.7' instantiated ActiveX Object.
Successful exploits may allow attackers to crash the application, denying further service to users. This issue may also be exploited to execute arbitrary machine-code, but this has not been confirmed.
17. QK SMTP Remote Buffer Overflow Vulnerability
BugTraq ID: 20681
Remote: Yes
Date Published: 2006-10-23
Relevant URL: http://www.securityfocus.com/bid/20681
Summary:
QK SMTP is prone to a remote buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.
An attacker can exploit this issue to execute arbitrary code in the context of the affected application. This may facilitate a remote-compromise of affected computers. Failed exploit attempts will likely crash the server, effectively denying service to legitimate users.
QK SMTP 3.01 and prior versions are vulnerable to this issue.
III. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. IIS Security
http://www.securityfocus.com/archive/88/449921
2. SecurityFocus Microsoft Newsletter #314
http://www.securityfocus.com/archive/88/449648
3. FW: grant access to WINS only
http://www.securityfocus.com/archive/88/449647
IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to ms-secnews-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.
If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.
V. SPONSOR INFORMATION
------------------------
This Issue is Sponsored by: eEye
Too Many Security Agents Cluttering Your System?
Replace your Firewall, IPS, Anti-Spyware and more with Blink® Professional for less than what you are currently paying in renewals.
Learn more on how you can experience the simplicity of one. One agent. One console. One Policy. One Solution.
Introducing eEye Digital Security's Blink® Professional, the first all-in-one security agent.
No comments:
Post a Comment