News

Sunday, August 12, 2007

SecurityFocus Microsoft Newsletter #354

SecurityFocus Microsoft Newsletter #354
----------------------------------------

This Issue is Sponsored by: Watchfire

As web applications become increasingly complex, tremendous amounts of sensitive data - including personal, medical and financial information - are exchanged, and stored. This paper examines a few vulnerability detection methods - specifically comparing and contrasting manual penetration testing with automated scanning tools. Download Watchfire's "Web Application Security: Automated Scanning or Manual Penetration Testing?" whitepaper today!

https://www.watchfire.com/securearea/whitepapers.aspx?id=701700000008yka


SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs

------------------------------------------------------------------
I. FRONT AND CENTER
1. Delete This!
2. Security conferences versus practical knowledge
II. MICROSOFT VULNERABILITY SUMMARY
1. WinGate SMTP Session Invalid State Remote Denial Of Service Vulnerability
2. Microsoft August 2007 Advance Notification Multiple Vulnerabilities
3. Microsoft Windows Media Player AU Divide-By-Zero Denial of Service Vulnerability
4. Microsoft Internet Explorer Position:Relative Denial of Service Vulnerability
5. Microsoft Windows Explorer JPG File Denial of Service Vulnerability
6. Microsoft Windows Calendar ICS File Denial of Service Vulnerability
7. JustSystem Ichitaro Unspecified Code Execution Vulnerability
8. Panda Antivirus Insecure File Permissions Local Privilege Escalation Vulnerability
9. Ipswitch IMail Server and Collaboration Suite (ICS) Multiple Buffer Overflow Vulnerabilities
III. MICROSOFT FOCUS LIST SUMMARY
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1. Delete This!
By Mark Rasch
A series of legal events means that companies that have no business reason to retain documents or records may be compelled to create and retain such records just so they can become available for discovery.
http://www.securityfocus.com/columnists/450

2. Security conferences versus practical knowledge
By Don Parker
While the training industry as a whole has evolved rather well to suit the needs of their clients, the computer conference - specifically the computer security conference - has declined in relevance to the everyday sys-admin and network security practitioners.
http://www.securityfocus.com/columnists/449


II. MICROSOFT VULNERABILITY SUMMARY
------------------------------------
1. WinGate SMTP Session Invalid State Remote Denial Of Service Vulnerability
BugTraq ID: 25272
Remote: Yes
Date Published: 2007-08-10
Relevant URL: http://www.securityfocus.com/bid/25272
Summary:
WinGate is prone to a denial-of-service vulnerability because the application fails to sanitize user-supplied input before including it in the format-specifier argument of a formatted-printing function.

An attacker can exploit this issue to crash the affected application, denying service to legitimate users.

This issue affects versions prior to WinGate 6.2.2.

2. Microsoft August 2007 Advance Notification Multiple Vulnerabilities
BugTraq ID: 25247
Remote: Yes
Date Published: 2007-08-09
Relevant URL: http://www.securityfocus.com/bid/25247
Summary:
Microsoft has released advance notification that the vendor will be releasing nine security bulletins on August 14, 2007. The highest severity rating for these issues is 'Critical'.

Successful exploits can result in privilege escalation and remote code execution.

Further details about these issues are not currently available. Individual BIDs will be created for each issue; this record will be removed when the security bulletins are released.

3. Microsoft Windows Media Player AU Divide-By-Zero Denial of Service Vulnerability
BugTraq ID: 25236
Remote: Yes
Date Published: 2007-08-08
Relevant URL: http://www.securityfocus.com/bid/25236
Summary:
Microsoft Windows Media Player is prone to a denial-of-service vulnerability when processing a malformed AU file.

A remote attacker can exploit this issue to crash the affected application, denying service to legitimate users.

This issue affects Microsoft Windows Media Player 11; other versions may also be affected.

4. Microsoft Internet Explorer Position:Relative Denial of Service Vulnerability
BugTraq ID: 25222
Remote: Yes
Date Published: 2007-08-07
Relevant URL: http://www.securityfocus.com/bid/25222
Summary:
Microsoft Internet Explorer is prone to a denial-of-service vulnerability because the application fails to handle certain HTML code.

This issue is triggered when a remote attacker entices a victim user to visit a malicious website.

Attackers may exploit this issue to crash Internet Explorer, effectively denying service to legitimate users.

This issue affects Internet Explorer 6.

5. Microsoft Windows Explorer JPG File Denial of Service Vulnerability
BugTraq ID: 25207
Remote: Yes
Date Published: 2007-08-06
Relevant URL: http://www.securityfocus.com/bid/25207
Summary:
Microsoft Windows Explorer is prone to a denial-of-service vulnerability.

An attacker could exploit this issue to cause Explorer to crash, effectively denying service. Arbitrary code execution may be possible, but this has not been confirmed.

This issue affects Windows Explorer on Microsoft Windows XP; other operating systems may also be affected.

6. Microsoft Windows Calendar ICS File Denial of Service Vulnerability
BugTraq ID: 25201
Remote: Yes
Date Published: 2007-08-04
Relevant URL: http://www.securityfocus.com/bid/25201
Summary:
Microsoft Windows Calendar as shipped with Windows Vista is prone to a denial-of-service vulnerability.

An attacker may exploit this vulnerability to cause the affected application to crash, resulting in denial-of-service conditions.

7. JustSystem Ichitaro Unspecified Code Execution Vulnerability
BugTraq ID: 25187
Remote: Yes
Date Published: 2007-08-02
Relevant URL: http://www.securityfocus.com/bid/25187
Summary:
Ichitaro is prone to an unspecified remotely exploitable code-execution vulnerability.

Remote attackers may exploit this issue to execute arbitrary code within the context of the currently logged in user.

This issue is being exploited in the wild by Trojan.Tarodrop.D. Few details are available regarding this issue. This BID will be updated when more information emerges.

8. Panda Antivirus Insecure File Permissions Local Privilege Escalation Vulnerability
BugTraq ID: 25186
Remote: No
Date Published: 2007-08-02
Relevant URL: http://www.securityfocus.com/bid/25186
Summary:
Panda Antivirus is prone to a local privilege-escalation vulnerability that stems from a design error. This vulnerability occurs because the application assigns insecure file permissions to certain directories upon installation.

An attacker may exploit this vulnerability to overwrite files with arbitrary code in the affected directories. The arbitrary code is then executed with System-level privileges. This may facilitate a complete compromise of affected computers.

Panda Antivirus 2008 is reported vulnerable.

This issue is related to BID 19891: Panda Platinum Internet Security 2006/2007 Local Privilege Escalation Vulnerability.

9. Ipswitch IMail Server and Collaboration Suite (ICS) Multiple Buffer Overflow Vulnerabilities
BugTraq ID: 25176
Remote: Yes
Date Published: 2007-08-02
Relevant URL: http://www.securityfocus.com/bid/25176
Summary:
Ipswitch IMail Server and Collaboration Suite (ICS) are prone to multiple buffer-overflow vulnerabilities because these applications fail to properly bounds-check user-supplied input before copying it into an insufficiently sized memory buffer.

Attackers may exploit these issues to execute arbitrary code in the context of the affected applications. Failed exploit attempts will likely result in denial-of-service conditions.

These versions are reported vulnerable to these issues:

Ipswitch Collaboration Suite (ICS) 2006
IMail Premium 2006.2 and 2006.21

Other versions may also be affected.

III. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to ms-secnews-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.

V. SPONSOR INFORMATION
------------------------
This Issue is Sponsored by: Watchfire

As web applications become increasingly complex, tremendous amounts of sensitive data - including personal, medical and financial information - are exchanged, and stored. This paper examines a few vulnerability detection methods - specifically comparing and contrasting manual penetration testing with automated scanning tools. Download Watchfire's "Web Application Security: Automated Scanning or Manual Penetration Testing?" whitepaper today!

https://www.watchfire.com/securearea/whitepapers.aspx?id=701700000008yka

No comments:

Blog Archive