News

Monday, May 26, 2008

SecurityFocus Microsoft Newsletter #396

SecurityFocus Microsoft Newsletter #396
----------------------------------------

This issue is sponsored by Black Hat USA:

Attend Black Hat USA, August 2-7 in Las Vegas, the world's premier technical event for ICT security experts. Featuring 40 hands-on training courses and 80 Briefings presentations with lots of new content and new tools. Network with 4,000 delegates from 50 nations. Visit product displays by 30 top sponsors in a relaxed setting.

www.blackhat.com


SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs

------------------------------------------------------------------
I. FRONT AND CENTER
1. Anti-Social Networking
2. Thinking Beyond the Ivory Towers
II. MICROSOFT VULNERABILITY SUMMARY
1. eMule Plus Unspecified Security Vulnerability
2. Snort Time To Live Fragment Reassembly Security Bypass Weakness
3. Foxit Reader 'util.printf()' Remote Buffer Overflow Vulnerability
4. Computer Associates ARCserve Backup 'caloggerd' and 'xdr' Functions Multiple Remote Vulnerabilities
III. MICROSOFT FOCUS LIST SUMMARY
1. SecurityFocus Microsoft Newsletter #395
2. Binding Windows Services to Specific Addresses Only
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1. Anti-Social Networking
By Mark Rasch
On May 15, 2008, a federal grand jury Los Angeles indicted 49-year-old Lori Drew of O.Fallon, Missouri, on charges of unauthorized access to a computer, typically used in hacking cases. Yet, Drew's alleged actions had little to do with computer intrusions.

http://www.securityfocus.com/columnists/473

2. Thinking Beyond the Ivory Towers
By Dave Aitel
In the information-security industry, there are clear and vast gaps in the way academia interacts with professional researchers. While these gaps will be filled in due time, their existence means that security professionals outside the hallowed halls of colleges and universities need to be aware of the differences in how researchers and professionals think.

http://www.securityfocus.com/columnists/472


II. MICROSOFT VULNERABILITY SUMMARY
------------------------------------
1. eMule Plus Unspecified Security Vulnerability
BugTraq ID: 29361
Remote: Yes
Date Published: 2008-05-18
Relevant URL: http://www.securityfocus.com/bid/29361
Summary:
eMule Plus is prone an unspecified vulnerability.

Very few details are available regarding this issue. We will update this BID as more information emerges.

This issue affects versions prior to eMule Plus 1.2d.

2. Snort Time To Live Fragment Reassembly Security Bypass Weakness
BugTraq ID: 29327
Remote: Yes
Date Published: 2008-05-21
Relevant URL: http://www.securityfocus.com/bid/29327
Summary:
Snort is prone to a security-bypass weakness because of a design error affected by the Time To Live values of disassembled network packets.

Attackers can exploit this issue to bypass all Snort rules. This may facilitate further attacks.

This issue affects Snort 2.8 and 2.6 on multiple platforms.

3. Foxit Reader 'util.printf()' Remote Buffer Overflow Vulnerability
BugTraq ID: 29288
Remote: Yes
Date Published: 2008-05-20
Relevant URL: http://www.securityfocus.com/bid/29288
Summary:
Foxit Reader is prone to a remote buffer-overflow vulnerability when handling PDF files with specially crafted JavaScript code.

Exploiting this issue may allow attackers to corrupt memory and execute arbitrary machine code in the context of users running the affected application. Failed exploits will likely cause denial-of-service conditions.

This issue affects Foxit Reader 2.3 build 2825; other versions may also be affected.

4. Computer Associates ARCserve Backup 'caloggerd' and 'xdr' Functions Multiple Remote Vulnerabilities
BugTraq ID: 29283
Remote: Yes
Date Published: 2008-05-19
Relevant URL: http://www.securityfocus.com/bid/29283
Summary:
Computer Associates ARCserve Backup is prone to multiple remote vulnerabilities:

- An arbitrary-file-overwrite vulnerability
- A stack-based buffer-overflow vulnerability.

An attacker can exploit these issues to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting these issues will result in the complete compromise of affected computers. Failed exploit attempts will result in a denial-of-service condition.

III. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. SecurityFocus Microsoft Newsletter #395
http://www.securityfocus.com/archive/88/492421

2. Binding Windows Services to Specific Addresses Only
http://www.securityfocus.com/archive/88/491595

IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to ms-secnews-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.

V. SPONSOR INFORMATION
------------------------
This issue is sponsored by Black Hat USA:

Attend Black Hat USA, August 2-7 in Las Vegas, the world's premier technical event for ICT security experts. Featuring 40 hands-on training courses and 80 Briefings presentations with lots of new content and new tools. Network with 4,000 delegates from 50 nations. Visit product displays by 30 top sponsors in a relaxed setting.

www.blackhat.com

No comments:

Blog Archive