News

Tuesday, December 11, 2007

SecurityFocus Microsoft Newsletter #372

SecurityFocus Microsoft Newsletter #372
----------------------------------------

This issue is Sponsored by: SPI Dynamics

ALERT: "How A Hacker Launches A Cross-Site Scripting Attack"- White Paper
Cross-site scripting vulnerabilities in web apps allow hackers to compromise confidential information, steal cookies and create requests that can be mistaken for those of a valid user!! Download this *FREE* white paper from SPI Dynamics for a complete guide to protection!

https://download.spidynamics.com/1/ad/xss.asp?Campaign_ID=70160000000D8v9


SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs

------------------------------------------------------------------
I. FRONT AND CENTER
1.Copyrights and Wrongs
2.The Man in the Machine
II. MICROSOFT VULNERABILITY SUMMARY
1. Easy File Sharing Web Server Directory Traversal and Multiple Information Disclosure Vulnerabilities
2. Microsoft December 2007 Advance Notification Multiple Vulnerabilities
3. Drupal Shoutbox Module Multiple HTML Injection Vulnerabilities
4. Drupal TAXONOMY_SELECT_NODES() SQL Injection Vulnerability
5. Novell BorderManager Multiple Vulnerabilities
6. HFS HTTP File Server Arbitrary File Upload Vulnerability
7. Cisco Security Agent for Microsoft Windows SMB Remote Buffer Overflow Vulnerability
8. avast! Home/Professional TAR File Handling Remote Heap Overflow Vulnerability
9. Microsoft Optical Desktop Wireless Keyboard Weak Encryption Information Disclosure Vulnerability
10. Microsoft Web Proxy Auto-Discovery Proxy Spoofing Vulnerability
11. Apple QuickTime Unspecified Remote Vulnerability
12. Microsoft Internet Explorer DHTML Object Memory Corruption Vulnerability
III. MICROSOFT FOCUS LIST SUMMARY
1. SecurityFocus Microsoft Newsletter #371
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1.Copyrights and Wrongs
By Mark Rasch
On October 1, 2007, Jammie Thomas -- a single mother living in Brainerd, Minnesota -- was sued in civil court for copyright infringement by the Recording Industry Association of America. Three days later, the jury returned the verdict; Ms. Thomas was liable for willfully infringing the copyrights on 24 songs. The fine: $222,000.

http://www.securityfocus.com/columnists/460

2.The Man in the Machine
By Federico Biancuzzi
In April 2007, when two security researchers demonstrated a flaw in the next-generation IPv6 routing scheme that would allow attackers to significantly amplify any denial-of-service attack by a factor of at least 80, networking expert Jun-ichiro "Itojun" Hagino worked to get Internet engineers to take the threat seriously.

http://www.securityfocus.com/columnists/459


II. MICROSOFT VULNERABILITY SUMMARY
------------------------------------
1. Easy File Sharing Web Server Directory Traversal and Multiple Information Disclosure Vulnerabilities
BugTraq ID: 26771
Remote: Yes
Date Published: 2007-12-07
Relevant URL: http://www.securityfocus.com/bid/26771
Summary:
Easy File Sharing Web Server is prone to a directory-traversal and multiple information-disclosure vulnerabilities.

Successfully exploiting these issues allows remote attackers to upload files to arbitrary locations and to access potentially sensitive information, which may aid in further attacks.

Easy File Sharing Web Server 4.5 is vulnerable to these issues; other versions may also be affected.

2. Microsoft December 2007 Advance Notification Multiple Vulnerabilities
BugTraq ID: 26739
Remote: Yes
Date Published: 2007-12-06
Relevant URL: http://www.securityfocus.com/bid/26739
Summary:
Microsoft has released advance notification that the vendor will be releasing seven security bulletins on December 11, 2007. The highest severity rating for these issues is 'Critical'.

The bulletins are as follows:

Three 'Critical' bulletins affecting Microsoft Windows, DirectX, DirectShow, Windows Media Format Runtime, and Internet Explorer
Four 'Important' bulletins affecting Microsoft Windows


These issues will be assigned individual records when the bulletins are released.

3. Drupal Shoutbox Module Multiple HTML Injection Vulnerabilities
BugTraq ID: 26736
Remote: Yes
Date Published: 2007-12-05
Relevant URL: http://www.securityfocus.com/bid/26736
Summary:
Drupal Shoutbox module is prone to multiple HTML-injection vulnerabilities because the application fails to sufficiently sanitize user-supplied input data before using it in dynamically generated content.

Attacker-supplied HTML and script code could execute in the context of the affected website, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user; other attacks are also possible.

Versions prior to Shoutbox 5.x-1.1 are affected by these issues.

4. Drupal TAXONOMY_SELECT_NODES() SQL Injection Vulnerability
BugTraq ID: 26735
Remote: Yes
Date Published: 2007-12-05
Relevant URL: http://www.securityfocus.com/bid/26735
Summary:
Drupal is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Versions prior to Drupal 4.7.9 and 5.4 are vulnerable.

5. Novell BorderManager Multiple Vulnerabilities
BugTraq ID: 26733
Remote: Yes
Date Published: 2007-12-06
Relevant URL: http://www.securityfocus.com/bid/26733
Summary:
Novell BorderManager is prone to multiple vulnerabilities.

These issues may allow attackers to execute arbitrary code and bypass certain security controls.

Versions prior to Novell BorderManager 3.8 SP5 are affected by these issues.

6. HFS HTTP File Server Arbitrary File Upload Vulnerability
BugTraq ID: 26732
Remote: Yes
Date Published: 2007-12-05
Relevant URL: http://www.securityfocus.com/bid/26732
Summary:
HFS HTTP File Server is prone to a vulnerability that lets attackers upload files and place them in arbitrary locations on the server. The issue occurs because the software fails to adequately sanitize user-supplied input.

A successful exploit may allow the attacker to upload malicious files and potentially execute them; this may lead to various attacks.

This issue affects versions prior to HTTP File Server 2.2b.

7. Cisco Security Agent for Microsoft Windows SMB Remote Buffer Overflow Vulnerability
BugTraq ID: 26723
Remote: Yes
Date Published: 2007-12-05
Relevant URL: http://www.securityfocus.com/bid/26723
Summary:
Cisco Security Agent for Microsoft Windows is prone to a buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data.

Remote attackers can exploit this issue to execute arbitrary machine code with SYSTEM-level privileges. Successful exploits will completely compromise affected computers. Failed attacks will likely cause denial-of-service conditions.

This issue affects all standalone and managed versions of Cisco Security Agent for Windows.

8. avast! Home/Professional TAR File Handling Remote Heap Overflow Vulnerability
BugTraq ID: 26702
Remote: Yes
Date Published: 2007-12-04
Relevant URL: http://www.securityfocus.com/bid/26702
Summary:
avast! is prone to a remote heap-overflow vulnerability.

This issue occurs when the application handles a malicious TAR file.

Versions prior to avast! Home and Professional 4.7.1098 are affected.

9. Microsoft Optical Desktop Wireless Keyboard Weak Encryption Information Disclosure Vulnerability
BugTraq ID: 26693
Remote: Yes
Date Published: 2007-12-04
Relevant URL: http://www.securityfocus.com/bid/26693
Summary:
Microsoft Optical Desktop is prone to an information-disclosure vulnerability.

Successfully exploiting this issue will allow an attacker to obtain sensitive information that may lead to other attacks.

This issue affects Microsoft Optical Desktop 1000 and 2000; other versions may also be affected.

10. Microsoft Web Proxy Auto-Discovery Proxy Spoofing Vulnerability
BugTraq ID: 26686
Remote: Yes
Date Published: 2007-12-03
Relevant URL: http://www.securityfocus.com/bid/26686
Summary:
Microsoft Web Proxy Auto-Discovery is prone to a vulnerability that may allow attackers to obtain sensitive information that may lead to further attacks.

11. Apple QuickTime Unspecified Remote Vulnerability
BugTraq ID: 26682
Remote: Yes
Date Published: 2007-12-03
Relevant URL: http://www.securityfocus.com/bid/26682
Summary:
Apple QuickTime is prone to an unspecified remote vulnerability.

Very few technical details are currently available. We will update this BID as more information emerges.

This issue affects Apple QuickTime 7.2 for Microsoft Windows XP; other versions may also be affected.

12. Microsoft Internet Explorer DHTML Object Memory Corruption Vulnerability
BugTraq ID: 26427
Remote: Yes
Date Published: 2007-12-11
Relevant URL: http://www.securityfocus.com/bid/26427
Summary:
Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability because it fails to adequately handle user-supplied input to certain DHTML object methods.

Attackers can exploit this issue to execute arbitrary code in the context of a user running the application. Successful attacks would compromise the application and possibly the underlying computer. Failed attacks will cause denial-of-service conditions.

III. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. SecurityFocus Microsoft Newsletter #371
http://www.securityfocus.com/archive/88/484683

IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to ms-secnews-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.

V. SPONSOR INFORMATION
------------------------
This issue is Sponsored by: SPI Dynamics

ALERT: "How A Hacker Launches A Cross-Site Scripting Attack"- White Paper
Cross-site scripting vulnerabilities in web apps allow hackers to compromise confidential information, steal cookies and create requests that can be mistaken for those of a valid user!! Download this *FREE* white paper from SPI Dynamics for a complete guide to protection!

https://download.spidynamics.com/1/ad/xss.asp?Campaign_ID=70160000000D8v9

No comments:

Blog Archive