News

Friday, February 01, 2008

SecurityFocus Microsoft Newsletter #379

SecurityFocus Microsoft Newsletter #379
----------------------------------------

This issue is Sponsored by: Black Hat Europe

Attend Black Hat Europe, March 25-28, Amsterdam, Europe's premier technical event for ICT security experts. Featuring hands-on training courses and Briefings presentations with lots of new content. Network with 400+ delegates from 30 nations and review products by leading vendors in a relaxed setting. Black Hat Europe is supported by most leading European infosec associations.

www.blackhat.com


SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs

------------------------------------------------------------------
I. FRONT AND CENTER
1. Mother May I?
2. Finding a Cure for Data Loss
II. MICROSOFT VULNERABILITY SUMMARY
1. ELOG 'logbook' HTML Injection Vulnerability
2. IBM Informix Storage Manager Multiple Buffer Overflow Vulnerabilities
3. Comodo AntiVirus 'ExecuteStr()' ActiveX Control Arbitrary Command Execution Vulnerability
4. HFS HTTP File Server Multiple Security Vulnerabilities
III. MICROSOFT FOCUS LIST SUMMARY
1. Fwd: Centralizing Event Viewer Logs
2. Centralizing Event Viewer Logs
3. Under the hood question about Remote Desktop Connection
4. FTP on IIS
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1. Mother May I?
By Mark Rasch
"Sure, you can have a cookie, but you may not."We all have had that discussion before -- either with our parents or our kids. A recent case from North Dakota reveals that the difference between those two concepts may lead not only to civil liability, but could land you in jail.
http://www.securityfocus.com/columnists/463

2.Finding a Cure for Data Loss
By Jamie Reid
Despite missteps in protecting customer information, companies have largely escaped the wrath of consumers.

http://www.securityfocus.com/columnists/462


II. MICROSOFT VULNERABILITY SUMMARY
------------------------------------
1. ELOG 'logbook' HTML Injection Vulnerability
BugTraq ID: 27526
Remote: Yes
Date Published: 2008-01-30
Relevant URL: http://www.securityfocus.com/bid/27526
Summary:
ELOG is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content.

Attacker-supplied HTML and script code would execute in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user; other attacks are also possible.

This issue affects versions prior to ELOG 2.7.2.

2. IBM Informix Storage Manager Multiple Buffer Overflow Vulnerabilities
BugTraq ID: 27485
Remote: Yes
Date Published: 2008-01-28
Relevant URL: http://www.securityfocus.com/bid/27485
Summary:
IBM Informix Storage Manager is prone to multiple buffer-overflow vulnerabilities because it fails to properly bounds-check user-supplied data.

Successful exploits may allow attackers to execute arbitrary code and can lead to a complete compromise of vulnerable computers. Failed exploit attempts will likely result in denial-of-service conditions.

These issues affect IBM Informix Dynamic Server 10.00.xC8, 11.10.xC2, and prior versions on Microsoft Windows platforms.

3. Comodo AntiVirus 'ExecuteStr()' ActiveX Control Arbitrary Command Execution Vulnerability
BugTraq ID: 27424
Remote: Yes
Date Published: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27424
Summary:
An ActiveX control in Comodo AntiVirus is prone to a vulnerability that lets attackers execute arbitrary commands.

Successfully exploiting this issue allows remote attackers to execute arbitrary commands in the context of the application using the ActiveX control (typically Internet Explorer).

Comodo AntiVirus 2.0 is vulnerable to this issue; other versions may also be affected.

4. HFS HTTP File Server Multiple Security Vulnerabilities
BugTraq ID: 27423
Remote: Yes
Date Published: 2008-01-23
Relevant URL: http://www.securityfocus.com/bid/27423
Summary:
HFS (HTTP File Server) is prone to multiple security vulnerabilities, including cross-site scripting issues, an information-disclosure issue, an arbitrary file-creation issue, a denial-of-service issue, a username-spoofing issue, and a logfile-forging issue.

A successful exploit could allow an attacker to deny service to legitimate users, create and execute arbitrary files in the context of the webserver process, falsify log information, or execute arbitrary script code in the browser of an unsuspecting user. Other attacks are also possible.

III. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. Fwd: Centralizing Event Viewer Logs
http://www.securityfocus.com/archive/88/487366

2. Centralizing Event Viewer Logs
http://www.securityfocus.com/archive/88/487262

3. Under the hood question about Remote Desktop Connection
http://www.securityfocus.com/archive/88/487023

4. FTP on IIS
http://www.securityfocus.com/archive/88/486644

IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to ms-secnews-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.

V. SPONSOR INFORMATION
------------------------
This issue is Sponsored by: Black Hat Europe

Attend Black Hat Europe, March 25-28, Amsterdam, Europe's premier technical event for ICT security experts. Featuring hands-on training courses and Briefings presentations with lots of new content. Network with 400+ delegates from 30 nations and review products by leading vendors in a relaxed setting. Black Hat Europe is supported by most leading European infosec associations.

www.blackhat.com

No comments:

Blog Archive