News

Wednesday, February 27, 2008

SecurityFocus Microsoft Newsletter #383

SecurityFocus Microsoft Newsletter #383
----------------------------------------

This issue is Sponsored by: HP

ALERT: Top 4 Ajax Security Dangers - Free Whitepaper!
While Ajax can greatly improve the usability of a Web application, it can also create several opportunities for possible attack if the application is not designed with security in mind. Download this free whitepaper from HP Software, "AJAX Security Dangers."
https://h10078.www1.hp.com/cda/hpdc/navigation.do?action=downloadPDF&zn=bto&cp=54_4012_100__&caid=14158


SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs

------------------------------------------------------------------
I. FRONT AND CENTER
1. The Laws of Full Disclosure
2. Tweaking Social Security to Combat Fraud
II. MICROSOFT VULNERABILITY SUMMARY
1. activePDF Server Packet Processing Remote Heap Overflow Vulnerability
2. Microsoft Word Unspecified Remote Code Execution Vulnerability
3. Zilab Chat and Instant Messaging (ZIM) Server Multiple Vulnerabilities
4. EMC RepliStor Multiple Remote Heap Based Buffer Overflow Vulnerabilities
5. Symantec Decomposer RAR File Remote Buffer Overflow Vulnerability
6. Symantec Decomposer Resource Consumption Denial of Service Vulnerability
7. SmarterTools SmarterMail Subject Field HTML Injection Vulnerability
8. webcamXP Multiple Information Disclosure and Denial of Service Vulnerabilities
9. Kerio MailServer Multiple Unspecified Vulnerabilities
10. DESLock+ IOCTL Request Local Code Execution and Denial of Service Vulnerabilities
III. MICROSOFT FOCUS LIST SUMMARY
1. SecurityFocus Microsoft Newsletter
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1.The Laws of Full Disclosure
By Federico Biancuzzi
Full disclosure has a long tradition in the security community worldwide, yet different European countries have different views on the legality of vulnerability research. SecurityFocus contributor Federico Biancuzzi investigates the subject of full disclosure and the law by interviewing lawyers from twelve EU countries: Belgium, Denmark, Finland, France, Germany,Greece, Hungary, Ireland, Italy, Poland, Romania, and the UK.
http://www.securityfocus.com/columnists/466

2. Tweaking Social Security to Combat Fraud
By Tim Mullen
Americans lost over 45 billion dollars in identity-related fraud in 2007. Reports are so commonplace that we've actually become de-sensitized to them. "200,000 victims reported..." "500,000 victims reported..." Even figures into the millions don't seem to faze us anymore. And that is a Bad Thing.

http://www.securityfocus.com/columnists/465


II. MICROSOFT VULNERABILITY SUMMARY
------------------------------------
1. activePDF Server Packet Processing Remote Heap Overflow Vulnerability
BugTraq ID: 28013
Remote: Yes
Date Published: 2008-02-27
Relevant URL: http://www.securityfocus.com/bid/28013
Summary:
activePDF Server is prone to a remote heap-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.

Attackers may leverage this issue to execute arbitrary code in the context of the affected application. Failed attacks will likely cause denial-of-service conditions.

This issue affects the activePDF Server 3.8.4 and 3.8.5.14; other versions may be affected as well.

2. Microsoft Word Unspecified Remote Code Execution Vulnerability
BugTraq ID: 28011
Remote: Yes
Date Published: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/28011
Summary:
Microsoft Word is prone to an unspecified remote code-execution vulnerability.

Very few details are available regarding this issue. We will update this BID as more information emerges.

It is unknown at this time which specific versions of the application are affected.

3. Zilab Chat and Instant Messaging (ZIM) Server Multiple Vulnerabilities
BugTraq ID: 27940
Remote: Yes
Date Published: 2008-02-21
Relevant URL: http://www.securityfocus.com/bid/27940
Summary:
Zilab Chat and Instant Messaging (ZIM) Server is prone to multiple vulnerabilities, including denial-of-service issues and memory-corruption issues.

A successful exploit may allow remote attackers to execute arbitrary code in the context of the affected software and/or cause denial-of-service conditions.

These issues affect ZIM Server 2.0 and 2.1; other versions may also be affected.

4. EMC RepliStor Multiple Remote Heap Based Buffer Overflow Vulnerabilities
BugTraq ID: 27915
Remote: Yes
Date Published: 2008-02-20
Relevant URL: http://www.securityfocus.com/bid/27915
Summary:
EMC RepliStor is prone to multiple remote heap-based buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied input.

A remote attacker may be able to exploit these issues to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Failed exploit attempts will result in a denial-of-service condition.

These issues affect EMC RepliStor 6.2 SP2; other versions may also be affected.

5. Symantec Decomposer RAR File Remote Buffer Overflow Vulnerability
BugTraq ID: 27913
Remote: Yes
Date Published: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/27913
Summary:
Symantec Decomposer is prone to a remote buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

An attacker may exploit this issue to execute arbitrary machine code with the privileges of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition.

The following products are affected:

- Symantec Scan Engine 5.1.4.24 and prior
- Symantec AntiVirus Scan Engine 4.3.16.39 and prior
- Symantec AntiVirus Scan Engine for MS ISA 4.3.16.39 and prior
- Symantec AntiVirus Scan Engine for MS SharePoint 4.3.16.39 and prior
- Symantec AntiVirus Scan Engine for Messaging 4.3.16.39 and prior
- Symantec AntiVirus for Network Attached Storage 4.3.16.39 and prior
- Symantec AntiVirus Scan Engine for Clearswift 4.3.16.39 and prior
- Symantec AntiVirus Scan Engine for Caching 4.3.16.39 and prior
- Symantec AntiVirus/Filtering for Domino MPE(AIX, Linux, Solaris) prior to 3.2.2
- Symantec Mail Security for Microsoft Exchange 4.6.5.12 and prior as well as 5.0.4.363.and prior

6. Symantec Decomposer Resource Consumption Denial of Service Vulnerability
BugTraq ID: 27911
Remote: Yes
Date Published: 2008-02-20
Relevant URL: http://www.securityfocus.com/bid/27911
Summary:
Symantec Decomposer is prone to a denial-of-service vulnerability because it fails to adequately parse certain user-supplied input.

Attackers can exploit this issue to exhaust memory resources and cause denial-of-service conditions.

The following products are affected:
- Symantec Scan Engine 5.1.4.24 and prior
- Symantec AntiVirus Scan Engine 4.3.16.39 and prior
- Symantec AntiVirus Scan Engine for MS ISA 4.3.16.39 and prior
- Symantec AntiVirus Scan Engine for MS SharePoint 4.3.16.39 and prior
- Symantec AntiVirus Scan Engine for Messaging 4.3.16.39 and prior
- Symantec AntiVirus for Network Attached Storage 4.3.16.39 and prior
- Symantec AntiVirus Scan Engine for Clearswift 4.3.16.39 and prior
- Symantec AntiVirus Scan Engine for Caching 4.3.16.39 and prior
- Symantec AntiVirus/Filtering for Domino MPE(AIX, Linux, Solaris) prior to 3.2.2
- Symantec Mail Security for Microsoft Exchange 4.6.5.12 and prior as well as 5.0.4.363.and prior

7. SmarterTools SmarterMail Subject Field HTML Injection Vulnerability
BugTraq ID: 27878
Remote: Yes
Date Published: 2008-02-19
Relevant URL: http://www.securityfocus.com/bid/27878
Summary:
SmarterMail is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input.

Attacker-supplied HTML and script code would execute in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user; other attacks are also possible.

SmarterMail Enterprise 4.3 is vulnerable; other versions may also be affected.

8. webcamXP Multiple Information Disclosure and Denial of Service Vulnerabilities
BugTraq ID: 27875
Remote: Yes
Date Published: 2008-02-19
Relevant URL: http://www.securityfocus.com/bid/27875
Summary:
webcamXP is prone to multiple information-disclosure and denial-of-service vulnerabilities because it fails to check user-supplied input data.

Attackers can exploit these issues to access potentially sensitive information or crash the application. Successful exploits could aid in further attacks or deny service to legitimate users.

These issues affect webcamXP 3.72.440 and 4.05.280 beta and prior versions.

9. Kerio MailServer Multiple Unspecified Vulnerabilities
BugTraq ID: 27868
Remote: Yes
Date Published: 2008-02-19
Relevant URL: http://www.securityfocus.com/bid/27868
Summary:
Kerio MailServer is prone to multiple unspecified vulnerabilities.

Attackers can exploit these issues to cause denial-of-service conditions or potentially execute arbitrary code in the context of the application; other attacks are also possible.

Very few details are currently available regarding these issues. We will update this BID as more information emerges.

Versions prior to Kerio MailServer 6.5.0 are vulnerable.

10. DESLock+ IOCTL Request Local Code Execution and Denial of Service Vulnerabilities
BugTraq ID: 27862
Remote: No
Date Published: 2008-02-18
Relevant URL: http://www.securityfocus.com/bid/27862
Summary:
DESlock+ is prone to multiple vulnerabilities that allow arbitrary code to run with SYSTEM-level privileges or cause denial-of-service conditions.

Local attackers can exploit these issues to execute arbitrary code with SYSTEM-level privileges. Successful attacks will completely compromise the computer or cause a denial of service.

DESlock+ 3.2.6 and prior versions are vulnerable.

III. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. SecurityFocus Microsoft Newsletter
http://www.securityfocus.com/archive/88/488429

IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to ms-secnews-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.

V. SPONSOR INFORMATION
------------------------
This issue is Sponsored by: HP

ALERT: Top 4 Ajax Security Dangers - Free Whitepaper!
While Ajax can greatly improve the usability of a Web application, it can also create several opportunities for possible attack if the application is not designed with security in mind. Download this free whitepaper from HP Software, "AJAX Security Dangers."
https://h10078.www1.hp.com/cda/hpdc/navigation.do?action=downloadPDF&zn=bto&cp=54_4012_100__&caid=14158

No comments:

Blog Archive