News

Friday, August 29, 2008

SecurityFocus Microsoft Newsletter #409

SecurityFocus Microsoft Newsletter #409
----------------------------------------

This issue is sponsored by Sponsored by Motorola Good technology

Mobile Device Security: Securing the Handheld, Securing the Enterprise. Mobile devices represent a tremendous productivity advantage for today's mobile worker. However, IT organizations must give consideration to the deployment of device security policies in order to provide the level of security that enterprises require.
http://whitepapers.securityfocus.com/option,com_categoryreport/task,viewabstract/title,1267/id,/vid,36/cat,/pathway,no/srcid,189/


SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs

------------------------------------------------------------------
I. FRONT AND CENTER
1.Get Off My Cloud
2.An Astonishing Collaboration
II. MICROSOFT VULNERABILITY SUMMARY
1. PureMessage for Microsoft Exchange RTF Multiple Denial Of Service Vulnerabilities
2. Mono 'System.Web' HTTP Header Injection Vulnerability
3. Ultra Office Control 'Save()' Method Arbitrary File Overwrite Vulnerability
4. Ultra Office Control 'HttpUpload()' Method Buffer Overflow Vulnerability
5. LibTIFF 'tif_lzw.c' Remote Integer Underflow Vulnerability
6. JustSystems Ichitaro Document Handling Unspecified Code Execution Vulnerability
7. Retired: DriveCrypt Incorrect BIOS API Usage Security Vulnerability
8. Microsoft Windows Media Services 'nskey.dll' ActiveX Control Remote Buffer Overflow Vulnerability
9. Folder Lock Weak Password Encryption Local Information Disclosure Vulnerability
10. Opera Web Browser 9.51 Multiple Security Vulnerabilities
III. MICROSOFT FOCUS LIST SUMMARY
1. SecurityFocus Microsoft Newsletter #408
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1.Get Off My Cloud
By Mark Rasch
One of the features of Apple's device that appeals to me is the new MobileMe service, where you can "access and manage your email, contacts, calendar, photos, and files at me.com," according to Apple.
More companies, among them Microsoft and Google, already allow people to store information and use common services online -- or "in the cloud" -- leading analysts to refer to the entire trend as "cloud computing."
http://www.securityfocus.com/columnists/478

2.An Astonishing Collaboration
By Dan Kaminsky
Wow. It's out. It's finally, finally out. Sweet!
http://www.securityfocus.com/columnists/477


II. MICROSOFT VULNERABILITY SUMMARY
------------------------------------
1. PureMessage for Microsoft Exchange RTF Multiple Denial Of Service Vulnerabilities
BugTraq ID: 30881
Remote: Yes
Date Published: 2008-08-28
Relevant URL: http://www.securityfocus.com/bid/30881
Summary:
PureMessage for Microsoft Exchange is prone to multiple remote denial-of-service vulnerabilities because the application fails to properly process certain messages.

An attacker may exploit these issues to crash the affected application, denying service to legitimate users.

PureMessage 3.0 is vulnerable; other versions may also be affected.

2. Mono 'System.Web' HTTP Header Injection Vulnerability
BugTraq ID: 30867
Remote: No
Date Published: 2008-08-20
Relevant URL: http://www.securityfocus.com/bid/30867
Summary:
Mono is prone to a vulnerability that allows attackers to inject arbitrary HTTP headers because it fails to sanitize input.

By inserting arbitrary headers into an HTTP response, attackers may be able to launch cross-site request-forgery, cross-site scripting, HTTP-request-smuggling, and other attacks.

This issue affects Mono 2.0 and earlier.

3. Ultra Office Control 'Save()' Method Arbitrary File Overwrite Vulnerability
BugTraq ID: 30863
Remote: Yes
Date Published: 2008-08-27
Relevant URL: http://www.securityfocus.com/bid/30863
Summary:
Ultra Office Control is prone to a vulnerability that lets attackers overwrite files with arbitrary, attacker-controlled content. The issue occurs because the control fails to sanitize user-supplied input.

Successful exploits may allow attackers to compromise affected computers.

Ultra Office Control 2.0.2008.501 is vulnerable; other versions may also be affected.

4. Ultra Office Control 'HttpUpload()' Method Buffer Overflow Vulnerability
BugTraq ID: 30861
Remote: Yes
Date Published: 2008-08-27
Relevant URL: http://www.securityfocus.com/bid/30861
Summary:
Ultra Office Control is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary-checks on user-supplied data.

An attacker can exploit this issue to execute arbitrary code in the context of an application using the ActiveX control (typically Internet Explorer). Failed attacks will likely cause denial-of-service conditions.

Ultra Office Control 2.0.2008.501 is vulnerable; other versions may also be affected.

5. LibTIFF 'tif_lzw.c' Remote Integer Underflow Vulnerability
BugTraq ID: 30832
Remote: Yes
Date Published: 2008-08-26
Relevant URL: http://www.securityfocus.com/bid/30832
Summary:
LibTIFF is prone to an integer-underflow vulnerability because it fails to bounds-check user-supplied input before copying it into an insufficiently sized memory buffer.

An attacker can exploit this issue to execute arbitrary malicious code in the context of the user running an application that uses the affected library. Failed exploit attempts will likely crash applications using the affected library.

LibTIFF 3.7.2 and 3.8.2 are vulnerable.

6. JustSystems Ichitaro Document Handling Unspecified Code Execution Vulnerability
BugTraq ID: 30828
Remote: Yes
Date Published: 2008-08-26
Relevant URL: http://www.securityfocus.com/bid/30828
Summary:
Ichitaro is prone to an unspecified remote code-execution vulnerability.

Attackers may exploit this issue to execute arbitrary code within the context of the vulnerable application. Failed attempts will result in a denial-of-service condition.

Ichitaro 2008 is vulnerable; other versions may also be affected.

7. Retired: DriveCrypt Incorrect BIOS API Usage Security Vulnerability
BugTraq ID: 30818
Remote: No
Date Published: 2008-08-25
Relevant URL: http://www.securityfocus.com/bid/30818
Summary:
DriveCrypt is prone to a security vulnerability that may cause a denial-of-service condition or allow attackers to gain access to plain text passwords.

Local attackers can exploit this issue to gain access to access to sensitive information or cause the affected computer to reboot.

DriveCrypt Plus Pack version 3.9 is vulnerable; other versions may also be affected.

Note: This vulnerability is the same issue described in BID 15751 (Multiple Vendor BIOS Keyboard Buffer Password Persistence Weakness) therefore this BID is being retired.

8. Microsoft Windows Media Services 'nskey.dll' ActiveX Control Remote Buffer Overflow Vulnerability
BugTraq ID: 30814
Remote: Yes
Date Published: 2008-08-22
Relevant URL: http://www.securityfocus.com/bid/30814
Summary:
The Microsoft Windows Media Services ActiveX control is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.

An attacker can exploit this issue to execute arbitrary code in the context of an application using the affected ActiveX control (typically Internet Explorer). Failed attacks will likely cause denial-of-service conditions.

'nskey.dll' 4.1.00.3917 is vulnerable; other versions may also be affected.

9. Folder Lock Weak Password Encryption Local Information Disclosure Vulnerability
BugTraq ID: 30771
Remote: No
Date Published: 2008-08-20
Relevant URL: http://www.securityfocus.com/bid/30771
Summary:
Folder Lock is prone to an information-disclosure vulnerability because it stores credentials in an insecure manner.

A local attacker can exploit this issue to obtain passwords used by the application, which may aid in further attacks.

Folder Lock 5.9.5 is vulnerable; other versions may also be affected.

10. Opera Web Browser 9.51 Multiple Security Vulnerabilities
BugTraq ID: 30768
Remote: Yes
Date Published: 2008-08-20
Relevant URL: http://www.securityfocus.com/bid/30768
Summary:
Opera Web Browser is prone to multiple security vulnerabilities.

Successful exploits may allow attackers to:
- cause denial-of-service conditions
- violate the same-origin policy
- carry out phishing and cross-domain attacks
- execute arbitrary script code in the browser of an unsuspecting user in the context of an affected site
- steal cookie-based authentication credentials
- present insecure websites as secure
- obtain sensitive information
- mislead a user
- carry out other attacks

Versions prior to Opera 9.52 are vulnerable.

III. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. SecurityFocus Microsoft Newsletter #408
http://www.securityfocus.com/archive/88/495736

IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to ms-secnews-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.

V. SPONSOR INFORMATION
------------------------
This issue is sponsored by Sponsored by Motorola Good technology

Mobile Device Security: Securing the Handheld, Securing the Enterprise. Mobile devices represent a tremendous productivity advantage for today's mobile worker. However, IT organizations must give consideration to the deployment of device security policies in order to provide the level of security that enterprises require.
http://whitepapers.securityfocus.com/option,com_categoryreport/task,viewabstract/title,1267/id,/vid,36/cat,/pathway,no/srcid,189/

No comments:

Blog Archive