----------------------------------------
This issue is Sponsored by: Black Hat Europe
Attend Black Hat Europe, March 25-28, Amsterdam, Europe's premier technical event for ICT security experts. Featuring hands-on training courses and Briefings presentations with lots of new content. Network with 400+ delegates from 30 nations and review products by leading vendors in a relaxed setting. Black Hat Europe is supported by most leading European infosec associations.
SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs
------------------------------------------------------------------
I. FRONT AND CENTER
1. Skills for the Future
2. Mother, May I?
II. MICROSOFT VULNERABILITY SUMMARY
1. COWON America jetAudio ASX File Processing Remote Buffer Overflow Vulnerability
2. IBM DB2 Universal Database DAS Buffer Overflow Vulnerability
3. IBM DB2 Universal Database Server 'db2db' Local Privilege Escalation Vulnerability
4. Check Point VPN SecureClient/SecuRemote Local Login Credentials Information Disclosure Vulnerability
5. Microsoft February 2008 Advance Notification Multiple Vulnerabilities
6. IBM WebSphere Edge Server Caching Proxy Cross-Site Scripting Vulnerability
7. TinTin++ and WinTin++ '#chat' Command Multiple Security Vulnerabilities
8. WinComLPD Total Multiple Buffer Overflow Vulnerabilities and Authentication Bypass Vulnerability
9. Ipswitch FTP Log Server Denial of Service Vulnerability
10. Titan FTP Server DELE Command Remote Buffer Overflow Vulnerability
11. Print Manager Plus PQCore Remote Denial of Service Vulnerability
12. Xlight FTP Server LDAP Blank Password Authentication Bypass Vulnerability
13. IBM DB2 Universal Database Server 8.2 Prior To Fixpak 16 Multiple Local Vulnerabilities
14. Ipswitch WS_FTP SFTP Opendir Command Buffer Overflow Vulnerability
15. Titan FTP Server USER/PASS Commands Buffer Overflow Vulnerability
16. ELOG 'logbook' HTML Injection Vulnerability
III. MICROSOFT FOCUS LIST SUMMARY
1. SecurityFocus Microsoft Newsletter #379
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION
I. FRONT AND CENTER
---------------------
1. Skills for the Future
By Don Parker
A lot of the emails sent to me ask a basic question: Just how does one break into computer security or what skills should you learn to get that first security job. Lately though, I have been receiving many more queries on specifically how one can leverage an existing skill set to become an information-technology security analyst.
http://www.securityfocus.com/columnists/464
2. Mother May I?
By Mark Rasch
"Sure, you can have a cookie, but you may not."We all have had that discussion before -- either with our parents or our kids. A recent case from North Dakota reveals that the difference between those two concepts may lead not only to civil liability, but could land you in jail.
http://www.securityfocus.com/columnists/463
II. MICROSOFT VULNERABILITY SUMMARY
------------------------------------
1. COWON America jetAudio ASX File Processing Remote Buffer Overflow Vulnerability
BugTraq ID: 27698
Remote: Yes
Date Published: 2008-02-08
Relevant URL: http://www.securityfocus.com/bid/27698
Summary:
jetAudio is prone to a remote buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it to an insufficiently sized buffer while processing ASX files.
Exploiting this issue allows attackers to execute arbitrary machine code in the context of users running the affected application.
jetAudio 7.0.5 is reported vulnerable; prior versions may also be affected.
2. IBM DB2 Universal Database DAS Buffer Overflow Vulnerability
BugTraq ID: 27681
Remote: Yes
Date Published: 2008-02-07
Relevant URL: http://www.securityfocus.com/bid/27681
Summary:
IBM DB2 is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data.
Attackers can exploit this issue to execute arbitrary code within the context of the affected service. Successfully exploiting this issue may facilitate in the remote compromise of affected computers. Failed exploit attempts will likely crash the affected application.
NOTE: This vulnerability was previously disclosed in BID 27596 (IBM DB2 Universal Database Server 8.2 Prior To Fixpak 16 Multiple Local Vulnerabilities). Due to more information, it has been assigned its own record.
3. IBM DB2 Universal Database Server 'db2db' Local Privilege Escalation Vulnerability
BugTraq ID: 27680
Remote: No
Date Published: 2008-02-07
Relevant URL: http://www.securityfocus.com/bid/27680
Summary:
IBM DB2 Universal Database Server is prone to a local privilege-escalation vulnerability because of how the application contructs library paths.
Exploiting this issue allows local attackers to gain root privileges. Note that an attacker must be able to execute the set-uid root 'db2pd' binary to exploit this issue.
DB2 Universal Database Server 9.1 FixPack 2 on Linux systems is vulnerable. Other versions, including those for other UNIX platforms, are suspected to be vulnerable.
NOTE: This vulnerability was previously disclosed in BID 27596 'IBM DB2 Universal Database Server 8.2 Prior To Fixpak 16 Multiple Local Vulnerabilities'. Due to more information, it has been assigned its own record.
4. Check Point VPN SecureClient/SecuRemote Local Login Credentials Information Disclosure Vulnerability
BugTraq ID: 27675
Remote: No
Date Published: 2008-02-07
Relevant URL: http://www.securityfocus.com/bid/27675
Summary:
Check Point VPN-1 SecureClient/SecuRemote client for Microsoft Windows is prone to an information-disclosure vulnerability because it fails to protect users' login credentials.
Attackers can exploit this issue to harvest VPN login credentials and gain unauthorized access to networks and resources protected by the VPN. This may lead to further attacks.
5. Microsoft February 2008 Advance Notification Multiple Vulnerabilities
BugTraq ID: 27674
Remote: Yes
Date Published: 2008-02-07
Relevant URL: http://www.securityfocus.com/bid/27674
Summary:
Microsoft has released advance notification that the vendor will be releasing twelve security bulletins on February 12, 2008. The highest severity rating for these issues is 'Critical'.
Successfully exploiting these issues may allow remote or local attackers to compromise affected computers.
Individual records will be created for each issue when the bulletins are released.
6. IBM WebSphere Edge Server Caching Proxy Cross-Site Scripting Vulnerability
BugTraq ID: 27665
Remote: Yes
Date Published: 2008-02-05
Relevant URL: http://www.securityfocus.com/bid/27665
Summary:
IBM WebSphere Edge Server Caching Proxy is prone to a cross-site scripting vulnerability that affects the caching proxy server because it fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
The vulnerability affects Caching Proxy 5.1, 5.1.1, 6.0, 6.0.1, 6.0.2, and 6.1. Other versions may also be affected.
7. TinTin++ and WinTin++ '#chat' Command Multiple Security Vulnerabilities
BugTraq ID: 27660
Remote: Yes
Date Published: 2008-02-06
Relevant URL: http://www.securityfocus.com/bid/27660
Summary:
TinTin++ and WinTin++ are prone to multiple security vulnerabilities affecting the application's '#chat' functionality. These issues include a buffer-overflow vulnerability, a denial-of-service vulnerability, and a file-overwrite vulnerability.
Attackers can exploit these issues to execute arbitrary code, cause denial-of-service conditions, or overwrite files with arbitrary content.
These issues affect TinTin++ and WinTin++ 1.97.9; other versions may also be affected.
8. WinComLPD Total Multiple Buffer Overflow Vulnerabilities and Authentication Bypass Vulnerability
BugTraq ID: 27614
Remote: Yes
Date Published: 2008-02-04
Relevant URL: http://www.securityfocus.com/bid/27614
Summary:
WinComLPD Total is prone to multiple vulnerabilities, including buffer-overflow vulnerabilities and an authentication-bypass vulnerability.
Successfully exploiting these issues will allow an attacker to perform unauthorized actions or execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will likely crash the application.
These issues affect WinComLPD Total 3.0.2.623; other versions may also be vulnerable.
9. Ipswitch FTP Log Server Denial of Service Vulnerability
BugTraq ID: 27612
Remote: Yes
Date Published: 2008-02-04
Relevant URL: http://www.securityfocus.com/bid/27612
Summary:
WS_FTP Log Server shipped with WS_FTP is prone to a remote denial-of-service vulnerability.
Successfully exploiting this issue allows remote attackers to crash the affected application, denying service to legitimate users.
This issue affects WS_FTP running FTP Log Server 7.9.14.0; other versions may also be affected.
10. Titan FTP Server DELE Command Remote Buffer Overflow Vulnerability
BugTraq ID: 27611
Remote: Yes
Date Published: 2008-02-04
Relevant URL: http://www.securityfocus.com/bid/27611
Summary:
Titan FTP Server is prone to a remote buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.
An attacker may exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Failed exploit attempts will result in a denial of service.
This issue affects Titan FTP Server 6.05 build 550; other versions may also be vulnerable.
11. Print Manager Plus PQCore Remote Denial of Service Vulnerability
BugTraq ID: 27604
Remote: Yes
Date Published: 2008-02-04
Relevant URL: http://www.securityfocus.com/bid/27604
Summary:
Print Manager Plus is prone to a remote denial-of-service vulnerability.
Successfully exploiting this issue allows remote attackers to crash affected servers, potentially causing the application to stop accepting further network messages. This may deny service to legitimate users.
The issue affects versions prior to Print Manager Plus 7.0.127.16. Other versions may also be affected.
12. Xlight FTP Server LDAP Blank Password Authentication Bypass Vulnerability
BugTraq ID: 27602
Remote: Yes
Date Published: 2008-02-04
Relevant URL: http://www.securityfocus.com/bid/27602
Summary:
Xlight FTP Server is prone to an authentication-bypass vulnerability.
An attacker can exploit this issue to gain unauthorized access to the affected application.
This issue affects versions prior to Xlight FTP Server 2.83.
13. IBM DB2 Universal Database Server 8.2 Prior To Fixpak 16 Multiple Local Vulnerabilities
BugTraq ID: 27596
Remote: No
Date Published: 2008-02-04
Relevant URL: http://www.securityfocus.com/bid/27596
Summary:
IBM DB2 Universal Database Server is prone to multiple local vulnerabilities, including:
- An unspecified local vulnerability
- A local security-bypass vulnerability
Attackers can exploit these issues to compromise the affected application, execute arbitrary code within the context of the affected application, and bypass certain security restrictions. Other attacks are also possible.
These issues affect versions prior to IBM DB2 Universal Database Server 8.2 Fixpak 16.
NOTE: Two issues that were previously documented in this BID were given their own records to better document the details: BID 27681 ('IBM DB2 Universal Database DAS Buffer Overflow Vulnerability') and BID 27680 ('IBM DB2 Universal Database Server 'db2db' Local Privilege Escalation Vulnerability').
14. Ipswitch WS_FTP SFTP Opendir Command Buffer Overflow Vulnerability
BugTraq ID: 27573
Remote: Yes
Date Published: 2008-02-02
Relevant URL: http://www.securityfocus.com/bid/27573
Summary:
Ipswitch WS_FTP is prone to a buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.
An attacker may exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Failed exploit attempts will result in a denial of service.
This issue affects WS_FTP 6.1.0.0; other versions may also be affected.
15. Titan FTP Server USER/PASS Commands Buffer Overflow Vulnerability
BugTraq ID: 27568
Remote: Yes
Date Published: 2008-02-02
Relevant URL: http://www.securityfocus.com/bid/27568
Summary:
Titan FTP Server is prone to a buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.
An attacker may exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Failed exploit attempts will result in a denial of service.
We do not know which versions are affected at this time; we will update this BID as more information emerges.
16. ELOG 'logbook' HTML Injection Vulnerability
BugTraq ID: 27526
Remote: Yes
Date Published: 2008-01-30
Relevant URL: http://www.securityfocus.com/bid/27526
Summary:
ELOG is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content.
Attacker-supplied HTML and script code would execute in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user; other attacks are also possible.
This issue affects versions prior to ELOG 2.7.2.
III. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. SecurityFocus Microsoft Newsletter #379
http://www.securityfocus.com/archive/88/487457
IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to ms-secnews-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.
If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.
V. SPONSOR INFORMATION
------------------------
This issue is Sponsored by: Black Hat Europe
Attend Black Hat Europe, March 25-28, Amsterdam, Europe's premier technical event for ICT security experts. Featuring hands-on training courses and Briefings presentations with lots of new content. Network with 400+ delegates from 30 nations and review products by leading vendors in a relaxed setting. Black Hat Europe is supported by most leading European infosec associations.
No comments:
Post a Comment