News

Thursday, November 20, 2008

SecurityFocus Microsoft Newsletter #420

SecurityFocus Microsoft Newsletter #420
----------------------------------------

This issue is Sponsored by Symantec

Symantec NetBackup Design Best Practices with Data Domain
This white paper walks you through how Data Domain integrates with NBU, including planning and sizing considerations, operational considerations, offsite replication, and other integration basics so you can get the most out of this powerful solution.
http://dinclinx.com/Redirect.aspx?36;2173;45;189;0;10;259;46b98cc7718e4a7c


SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs

------------------------------------------------------------------
I. FRONT AND CENTER
1.Microsoft's Stance on Piracy Affects Us All
2.Clicking to the Past
II. MICROSOFT VULNERABILITY SUMMARY
1. Microsoft Windows Vista 'iphlpapi.dll' Local Kernel Buffer Overflow Vulnerability
2. Symantec Backup Exec for Windows Server Remote Agent Authentication Bypass Vulnerability
3. Symantec Backup Exec Data Management Protocol Buffer Overflow Vulnerability
4. Microsoft Communicator RTCP Unspecified Remote Denial of Service Vulnerability
5. Microsoft Active Directory LDAP Server Username Enumeration Weakness
6. Apple Safari Prior to 3.2 Multiple Security Vulnerabilities
7. pi3Web ISAPI Directory Remote Denial Of Service Vulnerability
8. Microsoft XML Core Services Transfer Encoding Cross Domain Information Disclosure Vulnerability
9. Microsoft XML Core Services DTD Cross Domain Information Disclosure Vulnerability
III. MICROSOFT FOCUS LIST SUMMARY
1. SecurityFocus Microsoft Newsletter #419
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1.Microsoft's Stance on Piracy Affects Us All
By Oliver Day
For the last few years, Microsoft has wrestled with their stance on piracy. Pirated operating systems are just like legitimate operating systems in terms of their exposure to vulnerabilities: Users must install patches or they will be compromised.
http://www.securityfocus.com/columnists/484

2.Clicking to the Past
By Chris Wysopal
When the first details trickled out about a new attack, dubbed .clickjacking. by the researchers who found it, the descriptions made me think of the tricks I used to pull during penetration tests ten years ago to get administrator privileges: Tricking the user into issuing a command on an attacker.s behalf is one of the oldest attack vectors in the book.
http://www.securityfocus.com/columnists/483


II. MICROSOFT VULNERABILITY SUMMARY
------------------------------------
1. Microsoft Windows Vista 'iphlpapi.dll' Local Kernel Buffer Overflow Vulnerability
BugTraq ID: 32357
Remote: No
Date Published: 2008-11-19
Relevant URL: http://www.securityfocus.com/bid/32357
Summary:
Microsoft Windows Vista is prone to a buffer-overflow vulnerability because of insufficient boundary checks.

Local attackers could exploit this issue to cause denial-of-service conditions. Given the nature of this issue, attackers may also be able to execute arbitrary code with SYSTEM-level privileges, but this has not been confirmed.

Windows Vista SP1 is vulnerable to this issue.

2. Symantec Backup Exec for Windows Server Remote Agent Authentication Bypass Vulnerability
BugTraq ID: 32347
Remote: Yes
Date Published: 2008-11-19
Relevant URL: http://www.securityfocus.com/bid/32347
Summary:
Symantec Backup Exec for Windows Server is prone to a vulnerability that allows an attacker to bypass authentication and gain unauthorized access to the affected application.

Attackers with authorized network access can exploit this issue to bypass the logon process using the remote agents. Successfully exploits may allow attackers to retrieve or delete files on the targeted computer.

3. Symantec Backup Exec Data Management Protocol Buffer Overflow Vulnerability
BugTraq ID: 32346
Remote: Yes
Date Published: 2008-11-19
Relevant URL: http://www.securityfocus.com/bid/32346
Summary:
Symantec Backup Exec is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data.

Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the application. Failed exploit attempts will likely result in denial-of-service conditions.

4. Microsoft Communicator RTCP Unspecified Remote Denial of Service Vulnerability
BugTraq ID: 32341
Remote: Yes
Date Published: 2008-11-11
Relevant URL: http://www.securityfocus.com/bid/32341
Summary:
Microsoft Communicator is prone to a remote denial-of-service vulnerability that affects the Real-time Transport Control Protocol (RTCP) handling. The cause of this issue is unknown.

Exploiting this issue allows remote attackers to crash the application and trigger denial-of-service conditions, denying further service to legitimate users.

This issue affects Microsoft Communicator, Office Communications Server (OCS), and Windows Live Messenger.

5. Microsoft Active Directory LDAP Server Username Enumeration Weakness
BugTraq ID: 32305
Remote: Yes
Date Published: 2008-11-14
Relevant URL: http://www.securityfocus.com/bid/32305
Summary:
Microsoft Active Directory is prone to a username-enumeration weakness because of a design error in the application when verifying user-supplied input.

Attackers may exploit this weakness to discern valid usernames. This may aid them in brute-force password cracking or other attacks.

This issue affects Active Directory on these versions of Windows:

Windows 2000 SP4
Windows Server 2003 SP1 and SP2

Other versions may also be affected.

6. Apple Safari Prior to 3.2 Multiple Security Vulnerabilities
BugTraq ID: 32291
Remote: Yes
Date Published: 2008-11-13
Relevant URL: http://www.securityfocus.com/bid/32291
Summary:
Apple Safari is prone to three security vulnerabilities.

Attackers may exploit these issues to execute arbitrary code or obtain sensitive information. Other attacks are also possible.

These issues affect versions prior to Safari 3.2 running on Apple Mac OS X 10.4.11 and 10.5.5, Microsoft Windows XP, and Windows Vista.

7. pi3Web ISAPI Directory Remote Denial Of Service Vulnerability
BugTraq ID: 32287
Remote: Yes
Date Published: 2008-11-13
Relevant URL: http://www.securityfocus.com/bid/32287
Summary:
pi3Web is prone to a remote denial-of-service vulnerability.

Attackers can exploit this issue to crash the server, denying access to legitimate users.

pi3Web 2.0.13 is vulnerable; other versions may also be affected.

8. Microsoft XML Core Services Transfer Encoding Cross Domain Information Disclosure Vulnerability
BugTraq ID: 32204
Remote: Yes
Date Published: 2008-11-11
Relevant URL: http://www.securityfocus.com/bid/32204
Summary:
Microsoft XML Core Services (MSXML) is prone to a cross-domain information-disclosure vulnerability because the application fails to properly enforce the same-origin policy.

An attacker can exploit this issue to harvest potentially sensitive information from a web page in another domain. Information obtained may aid in further attacks.

9. Microsoft XML Core Services DTD Cross Domain Information Disclosure Vulnerability
BugTraq ID: 32155
Remote: Yes
Date Published: 2008-11-11
Relevant URL: http://www.securityfocus.com/bid/32155
Summary:
Microsoft XML Core Services (MSXML) is prone to a cross-domain information-disclosure vulnerability because the application fails to properly handle certain error checks.

An attacker can exploit this issue to harvest potentially sensitive information from a web page in another domain. Information obtained may aid in further attacks.

III. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. SecurityFocus Microsoft Newsletter #419
http://www.securityfocus.com/archive/88/498317

IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to ms-secnews-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.

V. SPONSOR INFORMATION
------------------------
This issue is Sponsored by Symantec

Symantec NetBackup Design Best Practices with Data Domain
This white paper walks you through how Data Domain integrates with NBU, including planning and sizing considerations, operational considerations, offsite replication, and other integration basics so you can get the most out of this powerful solution.
http://dinclinx.com/Redirect.aspx?36;2173;45;189;0;10;259;46b98cc7718e4a7c

No comments:

Blog Archive