News

Tuesday, December 12, 2006

SecurityFocus Microsoft Newsletter #321

SecurityFocus Microsoft Newsletter #321
----------------------------------------

This Issue is Sponsored by: SPI Dynamics

ALERT: "How A Hacker Launches A Blind SQL Injection Attack Step-by-Step"!"- White Paper
Blind SQL Injection can deliver total control of your server to a hacker giving them the ability to read, write and manipulate all data stored in your backend systems! Download this *FREE* white paper from SPI Dynamics for a complete guide to protection!

https://download.spidynamics.com/1/ad/bsq.asp?Campaign_ID=70160000000CehF

------------------------------------------------------------------
I. FRONT AND CENTER
1. Password Management Concerns with IE and Firefox, part one
2. Password Management Concerns with IE and Firefox, part two
3. Christmas Shopping: Vista Over XP?
II. MICROSOFT VULNERABILITY SUMMARY
1. Golden FTP Server Remote Denial of Service Vulnerability
2. CA Multiple BrightStor ARCserve Backup Discovery Service Remote Buffer Overflow Vulnerability
3. MailEnable IMAP Service Remote Denial of Service Vulnerability
4. MailEnable IMAP Service Unspecified Remote Buffer Overflow Vulnerability
5. Microsoft December Advance Notification Multiple Vulnerabilities
6. Nostra DivX Player M3U String Buffer Overflow Vulnerability
7. Novell Client NDPPNT.DLL Unspecified Buffer Overflow Vulnerability
8. Microsoft Internet Explorer CSS Width Element Denial of Service Vulnerability
9. Microsoft Word Unspecified Remote Code Execution Vulnerability
10. Microsoft Internet Explorer Frame Src Denial Of Service Vulnerability
11. JustSystems Multiple Products Unspecified Buffer Overflow Vulnerability
12. SMF Image File HTML Injection Vulnerability
13. Microsoft Windows Print Spooler GetPrinterData Denial of Service Vulnerability
14. 2X ThinClientServer Unauthorized Administrative Account Creation Vulnerability
III. MICROSOFT FOCUS LIST SUMMARY
1. IIS http error log entries...
2. Windows folder Sharing watch
3. SecurityFocus Microsoft Newsletter #320
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1. Password Management Concerns with IE and Firefox, part one
By Mikhael Felker
This two-part paper presents an analysis of the security mechanisms, risks, attacks, and defenses of the two most commonly used password management systems for web browsers, found in Internet Explorer and Firefox. The article specifically addresses IE 6 and 7 and Firefox 1.5 and 2.0.
http://www.securityfocus.com/infocus/1882

2. Password Management Concerns with IE and Firefox, part two
By Mikhael Felker
This two-part paper presents an analysis of the security mechanisms, risks, attacks, and defenses of the two most commonly used password management systems for web browsers, found in Internet Explorer and Firefox. The article specifically addresses IE 6 and 7 and Firefox 1.5 and 2.0.
http://www.securityfocus.com/infocus/1883

3. Christmas Shopping: Vista Over XP?
By Federico Biancuzzi
Microsoft has announced Vista's release dates. From a security standpoint what choice should consumers take during this Christmas shopping season? Most will be faced with Windows XP only or Windows XP with Microsoft's Express Upgrade option to Vista. Federico Biancuzzi interviewed a wide range of security researchers and anti-virus folks to get some consensus on the security of Vista over Windows XP for consumers, with some advice for corporate users as well.
http://www.securityfocus.com/columnists/425


II. MICROSOFT VULNERABILITY SUMMARY
------------------------------------
1. Golden FTP Server Remote Denial of Service Vulnerability
BugTraq ID: 21530
Remote: Yes
Date Published: 2006-12-11
Relevant URL: http://www.securityfocus.com/bid/21530
Summary:
Golden FTP Server is prone to a remote denial-of-service vulnerability.

Exploiting this issue allows remote attackers to crash the application, denying further service to legitimate users.

Version 1.92 is vulnerable; other versions may also be affected.

2. CA Multiple BrightStor ARCserve Backup Discovery Service Remote Buffer Overflow Vulnerability
BugTraq ID: 21502
Remote: Yes
Date Published: 2006-12-08
Relevant URL: http://www.securityfocus.com/bid/21502
Summary:
Computer Associates BrightStor ARCserve Backup is affected by a remote buffer-overflow vulnerability because the application fails to perform proper bounds-checking on data supplied to the application.

A remote attacker may exploit this issue to execute arbitrary code on a vulnerable computer with SYSTEM privileges. Failed exploit attempts may cause denial-of-service conditions. Successful exploits can lead to a complete compromise of affected computers.

This issue affects multiple BrightStor ARCserve Backup application agents and the base product.

3. MailEnable IMAP Service Remote Denial of Service Vulnerability
BugTraq ID: 21493
Remote: Yes
Date Published: 2006-12-08
Relevant URL: http://www.securityfocus.com/bid/21493
Summary:
MailEnable is prone to a remote denial-of-service vulnerability.

This issue affects the IMAP service and allows remote attackers to crash the application, denying further service to legitimate users.

The following versions are vulnerable:

1.6-1.83 Professional Edition
1.1-1.40 Enterprise Edition
2.0-2.34 Professional Edition
2.0-2.34 Enterprise Edition

4. MailEnable IMAP Service Unspecified Remote Buffer Overflow Vulnerability
BugTraq ID: 21492
Remote: Yes
Date Published: 2006-12-08
Relevant URL: http://www.securityfocus.com/bid/21492
Summary:
MailEnable is prone to a buffer-overflow vulnerability in the IMAP service because the application fails to properly bounds-check unspecified user-supplied data.

This issue is reported to affect the following MailEnable versions, but other versions may also be vulnerable:

1.6-1.84 Professional Edition
1.1-1.41 Enterprise Edition
2.0-2.35 Professional Edition
2.0-2.35 Enterprise Edition

5. Microsoft December Advance Notification Multiple Vulnerabilities
BugTraq ID: 21482
Remote: Yes
Date Published: 2006-12-07
Relevant URL: http://www.securityfocus.com/bid/21482
Summary:
Microsoft has released advance notification that the vendor will be releasing six security bulletins in all (five for Windows and one for Microsoft Visual Studio) on December 12, 2006. The highest severity rating for these issues is 'Critical'.

Further details about these issues are not currently available. Individual BIDs will be created for each issue; this record will be removed when the security bulletins are released.

6. Nostra DivX Player M3U String Buffer Overflow Vulnerability
BugTraq ID: 21480
Remote: Yes
Date Published: 2006-12-07
Relevant URL: http://www.securityfocus.com/bid/21480
Summary:
Nostra DivX Player is prone to a buffer-overflow vulnerability because the application fails to properly verify the size of user-supplied data before copying it into an insufficiently sized process buffer.

Exploiting this issue allows remote attackers to execute arbitrary machine code in the context of the user running the affected application. Failed exploit attempts will likely crash applications, denying service to legitimate users.

This issue affects versions 2.1 and 2.2.00.0; other versions may also be vulnerable.

7. Novell Client NDPPNT.DLL Unspecified Buffer Overflow Vulnerability
BugTraq ID: 21479
Remote: Yes
Date Published: 2006-12-07
Relevant URL: http://www.securityfocus.com/bid/21479
Summary:
Novell Client is prone to an unspecified buffer-overflow vulnerability because it fails to perform adequate bounds-checking on user-supplied data before copying it to an insufficiently sized buffer.

An attacker could exploit this issue to have arbitrary code execute in the context of the affected application. Failed attempts will likely cause denial-of-service conditions.

8. Microsoft Internet Explorer CSS Width Element Denial of Service Vulnerability
BugTraq ID: 21466
Remote: Yes
Date Published: 2006-12-06
Relevant URL: http://www.securityfocus.com/bid/21466
Summary:
Microsoft Internet Explorer is prone to a denial-of-service vulnerability because the application fails to handle exceptional conditions.

This issue is triggered when an attacker entices a victim user to visit a malicious website.

Remote attackers may exploit this issue to crash Internet Explorer, effectively denying service to legitimate users.

Internet Explorer 6 and 7 are vulnerable to this issue; other versions may also be affected.

9. Microsoft Word Unspecified Remote Code Execution Vulnerability
BugTraq ID: 21451
Remote: Yes
Date Published: 2006-12-05
Relevant URL: http://www.securityfocus.com/bid/21451
Summary:
Microsoft Word is prone to a remote code-execution vulnerability.

An attacker could exploit this issue by enticing a victim to open a malicious Word file. If the vulnerability is successfully exploited, this could result in the execution of arbitrary code in the context of the currently logged-in user.

This issue is being actively exploited in the wild by two trojans.

10. Microsoft Internet Explorer Frame Src Denial Of Service Vulnerability
BugTraq ID: 21447
Remote: Yes
Date Published: 2006-12-05
Relevant URL: http://www.securityfocus.com/bid/21447
Summary:
Microsoft Internet Explorer is prone to a denial-of-service vulnerability because the application fails to handle exceptional conditions.

This issue is triggered when an attacker entices a victim user to visit a malicious website.

Remote attackers may exploit this issue to crash Internet Explorer, effectively denying service to legitimate users.

11. JustSystems Multiple Products Unspecified Buffer Overflow Vulnerability
BugTraq ID: 21445
Remote: Yes
Date Published: 2006-12-05
Relevant URL: http://www.securityfocus.com/bid/21445
Summary:
Multiple JustSystems products are prone to a buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data.

A successful attack may allow remote attackers to execute arbitrary code in the context of the vulnerable application. Failed attack attempts may cause denial-of-service conditions.


http://secunia.com/product/12805/

12. SMF Image File HTML Injection Vulnerability
BugTraq ID: 21431
Remote: Yes
Date Published: 2006-12-04
Relevant URL: http://www.securityfocus.com/bid/21431
Summary:
SMF is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content.

Attacker-supplied HTML and script code would execute in the context of the affected website, potentially allowing an attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user; other attacks are also possible.

Note that this vulnerability may be triggered only in the Internet Explorer browser.

SMF version 1.1 is vulnerable to this issue.

13. Microsoft Windows Print Spooler GetPrinterData Denial of Service Vulnerability
BugTraq ID: 21401
Remote: Yes
Date Published: 2006-12-02
Relevant URL: http://www.securityfocus.com/bid/21401
Summary:
Microsoft Windows Print Spooler service is prone to a denial-of-service vulnerability.

A remote attacker can exploit this issue to crash the affected service, denying service to legitimate users.

Reports indicate that this issue affects Print Spooler on Microsoft Windows 2000 SP4; other versions may also be vulnerable.

14. 2X ThinClientServer Unauthorized Administrative Account Creation Vulnerability
BugTraq ID: 21300
Remote: Yes
Date Published: 2006-12-04
Relevant URL: http://www.securityfocus.com/bid/21300
Summary:
ThinClientServer is prone to a vulnerability that may allow an unauthorized remote attacker to create an administrative account and to gain administrative access to an affected application.

III. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. IIS http error log entries...
http://www.securityfocus.com/archive/88/454160

2. Windows folder Sharing watch
http://www.securityfocus.com/archive/88/454132

3. SecurityFocus Microsoft Newsletter #320
http://www.securityfocus.com/archive/88/453645

IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to ms-secnews-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.

V. SPONSOR INFORMATION
------------------------
This Issue is Sponsored by: SPI Dynamics

ALERT: "How A Hacker Launches A Blind SQL Injection Attack Step-by-Step"!"- White Paper
Blind SQL Injection can deliver total control of your server to a hacker giving them the ability to read, write and manipulate all data stored in your backend systems! Download this *FREE* white paper from SPI Dynamics for a complete guide to protection!

https://download.spidynamics.com/1/ad/bsq.asp?Campaign_ID=70160000000CehF

No comments:

Blog Archive