SecurityFocus Microsoft Newsletter #185
From: Marc Fossi (mfossi_at_securityfocus.com)
Date: 04/20/04
- Previous message: Miroslaw Slawek Chorazy: "Re: Location Aware GPO question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 20 Apr 2004 09:24:17 -0600 (MDT) To: Focus-MS <focus-ms@securityfocus.com>
SecurityFocus Microsoft Newsletter #185
----------------------------------------
This Issue is Sponsored by: Qualys
NEW MICROSOFT VULNERABILITIES - Audit Your Network Security
Detect network weaknesses, including critical vulnerabilities announced
in Microsoft's 4/13 security alert. QualysGuard requires no software,
deploys immediately, and accurately identifies security risks.
Try QualysGuard, risk-free and audit your network today.
http://www.securityfocus.com/sponsor/Qualys_ms-secnews_040419
------------------------------------------------------------------------
I. FRONT AND CENTER
1. Basic Web Session Impersonation
2. Forensic Analysis of a Live Linux System, Part Two
II. MICROSOFT VULNERABILITY SUMMARY
1. Scorched 3D Server Memory Corruption Vulnerabilities
2. Microsoft Internet Explorer Bitmap File Processing Denial of...
3. Microsoft Outlook Express Malformed EML File Denial of Servi...
4. SurgeLDAP User.CGI Directory Traversal Vulnerability
5. Ipswitch IMail Express Web Messaging Buffer Overrun Vulnerab...
6. KDE Konqueror Bitmap File Processing Denial of Service Vulne...
7. Microsoft Windows LSASS Buffer Overrun Vulnerability
8. Microsoft Windows H.323 Remote Buffer Overflow Vulnerability
9. Microsoft Jet Database Engine Remote Code Execution Vulnerab...
10. Microsoft Negotiate SSP Remote Buffer Overflow Vulnerability
11. Microsoft Windows 2000 Domain Controller LDAP Denial Of Serv...
12. Microsoft Windows SSL Library Denial of Service Vulnerabilit...
13. Microsoft Windows Private Communications Transport Protocol ...
14. Microsoft Virtual DOS Machine Local Privilege Escalation Vul...
15. Microsoft ASN.1 Library Double Free Memory Corruption Vulner...
16. Microsoft Windows Help And Support Center URI Validation Cod...
17. Microsoft Windows WMF/EMF Image Formats Remote Buffer Overfl...
18. Microsoft Windows Object Identity Network Communication Vuln...
19. Microsoft Windows Local Descriptor Table Local Privilege Esc...
20. Microsoft Windows COM Internet Service/RPC Over HTTP Remote ...
21. Microsoft Windows Utility Manager Local Privilege Escalation...
22. Microsoft Windows Management Local Privilege Escalation Vuln...
23. Microsoft Windows Logon Process Remote Buffer Overflow Vulne...
24. Microsoft Windows RPCSS Service Remote Denial Of Service Vul...
25. PHP-Nuke CookieDecode Cross-Site Scripting Vulnerability
26. PHP-Nuke Multiple SQL Injection Vulnerabilities
27. Rhino Software Zaep AntiSpam Cross-Site Scripting Vulnerabil...
28. Microsoft Outlook/Outlook Express Remote Denial Of Service V...
29. PostNuke Pheonix Multiple Module SQL Injection Vulnerabiliti...
30. ZoneLabs ZoneAlarm Pro/Plus MailSafe Filter Bypass Vulnerabi...
31. PHPBugTracker Multiple Input Validation Vulnerabilities
32. SCT Campus Pipeline Email Attachment Script Injection Vulner...
33. Cisco IPsec VPN Client Group Password Disclosure Vulnerabili...
34. Real Networks Helix Universal Server Denial of Service Vulne...
III. MICROSOFT FOCUS LIST SUMMARY
1. Location Aware GPO question (Thread)
2. OWA (exchange 5.5) broken by patching? (Thread)
3. SecurityFocus Microsoft Newsletter #184 (Thread)
4. Article Announcement: Chat, Copy, Paste, Prison (Thread)
IV. NEW PRODUCTS FOR MICROSOFT PLATFORMS
1. Norton Internet Security 2004
2. East-Tec Eraser 2004
3. Steganos Security Suite 6
4. Airscanner Mobile AntiVirus Pro
5. Symantec?s Norton Internet Security 2004 Professional
6. secure2trust
V. NEW TOOLS FOR MICROSOFT PLATFORMS
1. CryptoHeaven v2.3.3
2. Telconi Terminal for Cisco IOS v0.6a
3. UnlimitedFTP.Secure v2.8.1
4. PGP Java API v2.0
5. Enigmail v0.83.6
6. jayaCard v0.6a
VI. UNSUBSCRIBE INSTRUCTIONS
VII. SPONSOR INFORMATION
I. FRONT AND CENTER
-------------------
1. Basic Web Session Impersonation
By Rohyt Belani
This article gives a basic introduction to common flaws in web
applications that allow a malicious user to hijack a legitimate user's web
session. Some practical countermeasures that reduce this threat are also
discussed.
http://www.securityfocus.com/infocus/1774
2. Forensic Analysis of a Live Linux System, Part Two
by Mariusz Burdach
Last month in the first part of this article series, we discussed some of
the preparation and steps that must be taking when analyzing a live Linux
system that has been compromised. Now we'll continue our analysis by
looking for malicious code on the running system, and then discuss some of
the searches that can be done with the data once it has been transferred
to our remote host.
http://www.securityfocus.com/infocus/1773
II. MICROSOFT VULNERABILITY SUMMARY
-----------------------------------
1. Scorched 3D Server Memory Corruption Vulnerabilities
BugTraq ID: 10086
Remote: Yes
Date Published: Apr 09 2004
Relevant URL: http://www.securityfocus.com/bid/10086
Summary:
The Scorched 3D server component has been reported prone to multiple memory corruption vulnerabilities. One of the issues is reportedly a heap-based buffer overrun that is exposed when a client supplies an excessive number of format string characters in the server chat box text input field.
Other unspecified issues related to bounds checking were also reported.
These issues could be exploited to crash the server or potentially execute arbitrary code.
2. Microsoft Internet Explorer Bitmap File Processing Denial of...
BugTraq ID: 10097
Remote: Yes
Date Published: Apr 12 2004
Relevant URL: http://www.securityfocus.com/bid/10097
Summary:
It has been reported that Internet Explorer may be prone to a denial of service vulnerability when processing malformed bitmap files. An attacker can cause a denial of service condition in the system by specifying a large value for a bitmap file to be loaded by the browser.
This attack may lead to a denial of service condition in the system to the exhaustion of memory resources.
3. Microsoft Outlook Express Malformed EML File Denial of Servi...
BugTraq ID: 10098
Remote: Yes
Date Published: Apr 12 2004
Relevant URL: http://www.securityfocus.com/bid/10098
Summary:
It has been reported that Outlook Express may be prone to a denial of service vulnerability that may allow an attacker to cause the application to crash by supplying a malformed e-mail (.eml) file.
Outlook Express 6.0 is reported to be prone to this issue.
4. SurgeLDAP User.CGI Directory Traversal Vulnerability
BugTraq ID: 10103
Remote: Yes
Date Published: Apr 12 2004
Relevant URL: http://www.securityfocus.com/bid/10103
Summary:
SurgeLDAP is prone to a directory traversal vulnerability in one of the scripts included with the built-in web administrative server, potentially resulting in disclosure of files.
A remote attacker could exploit this issue to gain access to system files outside of the web root directory of the built-in web server. Files that are readable by the web server could be disclosed via this issue.
5. Ipswitch IMail Express Web Messaging Buffer Overrun Vulnerab...
BugTraq ID: 10106
Remote: Yes
Date Published: Apr 13 2004
Relevant URL: http://www.securityfocus.com/bid/10106
Summary:
A remotely exploitable buffer overrun vulnerability has been reported in Ipswitch IMail Express. This condition exists in the Web Messaging component and is due to insufficient bounds checking of HTML messages.
This issue could potentially be exploited to execute arbitrary code in the context of the software.
6. KDE Konqueror Bitmap File Processing Denial of Service Vulne...
BugTraq ID: 10107
Remote: Yes
Date Published: Apr 13 2004
Relevant URL: http://www.securityfocus.com/bid/10107
Summary:
It has been reported that Konqueror may be prone to a denial of service vulnerability when processing malformed bitmap files. An attacker can cause a denial of service condition in the system by specifying a large value for a bitmap file to be loaded by the browser.
This attack may lead to a denial of service condition in the system to the exhaustion of memory resources.
This vulnerability has been tested on KDE 3.2.1 running on a Freebsd5.2-CURRENT system, however, it is possible that other versions running on different platforms are vulnerable as well. It is likely that this issue is present in a shared KDE bitmap processing component, presenting attack vectors in other applications that use the component.
This vulnerability is similar to the issue described in BID 10097 (Microsoft Internet Explorer Bitmap File Processing Denial of Service Vulnerability).
7. Microsoft Windows LSASS Buffer Overrun Vulnerability
BugTraq ID: 10108
Remote: Yes
Date Published: Apr 13 2004
Relevant URL: http://www.securityfocus.com/bid/10108
Summary:
Microsoft Windows LSASS (Local Security Authority Subsystem Service) is prone to a remotely exploitable buffer overrun vulnerability. The specific vulnerable system component is LSASRV.DLL. Successful exploitation of this issue could allow a remote attacker to execute malicious code on a vulnerable system, resulting in full system compromise.
This issue could be exploited by an anonymous user on Microsoft Windows 2000 and XP operating systems. The issue may reportedly only be exploited by local, authenticated users on Microsoft Windows Server 2003 and Microsoft Windows XP 64-Bit Edition 2003. Microsoft has stated that a local administrator could exploit the issue on these platforms, though this does not appear to pose any additional security risk as the administrator will likely already have complete control over the system.
It is possible that an exploit for this vulnerability could be incorporated into a worm.
8. Microsoft Windows H.323 Remote Buffer Overflow Vulnerability
BugTraq ID: 10111
Remote: Yes
Date Published: Apr 13 2004
Relevant URL: http://www.securityfocus.com/bid/10111
Summary:
The Microsoft Windows H.323 protocol implementation is prone to a remote buffer overflow. Successful exploitation could allow for execution of arbitrary code.
This vulnerability could only be exploited if an H.323 application such as NetMeeting were running on the system.
9. Microsoft Jet Database Engine Remote Code Execution Vulnerab...
BugTraq ID: 10112
Remote: Yes
Date Published: Apr 13 2004
Relevant URL: http://www.securityfocus.com/bid/10112
Summary:
It has been reported that Microsoft Jet Database Engine (Jet) is prone to a remote code execution vulnerability that that may allow remote attackers to execute arbitrary code in order to gain unauthorized access to a vulnerable system. This issue presents itself when a specially crafted database query is sent by an attacker to be interpreted by Jet. A successful attack may allow the attacker to gain complete control of the affected system.
Microsoft Jet Database Engine version 4.0 running on various Microsoft operating systems is reported to be vulnerable to this issue.
10. Microsoft Negotiate SSP Remote Buffer Overflow Vulnerability
BugTraq ID: 10113
Remote: Yes
Date Published: Apr 13 2004
Relevant URL: http://www.securityfocus.com/bid/10113
Summary:
The Microsoft Negotiate Security Software Provider (SSP) interface is prone to a remote buffer overflow vulnerability. In most cases, exploitation would result in a denial of service, but arbitrary code execution is possible.
11. Microsoft Windows 2000 Domain Controller LDAP Denial Of Serv...
BugTraq ID: 10114
Remote: Yes
Date Published: Apr 13 2004
Relevant URL: http://www.securityfocus.com/bid/10114
Summary:
A denial of service vulnerability has been reported in Microsoft Windows 2000 Server systems that are acting as Domain Controllers.
This issue may be triggered by sending a malformed LDAP query to an affected Windows 2000 Domain Controller. This will cause a reboot in the Domain Controller and may be exploited repeatedly to cause a persistent denial of service.
12. Microsoft Windows SSL Library Denial of Service Vulnerabilit...
BugTraq ID: 10115
Remote: Yes
Date Published: Apr 13 2004
Relevant URL: http://www.securityfocus.com/bid/10115
Summary:
Microsoft Windows SSL library is reported to be prone to a denial of service vulnerability. It has been reported that an attacker could trigger this issue by sending a specially crafted TCP message that causes the protocol to fail resulting in a denial of service.
Successful exploitation of this issue in Windows 2000 and Windows XP would cause the systems to stop accepting SSL connections. The issue leads to a system restart in Windows Server 2003.
13. Microsoft Windows Private Communications Transport Protocol ...
BugTraq ID: 10116
Remote: Yes
Date Published: Apr 13 2004
Relevant URL: http://www.securityfocus.com/bid/10116
Summary:
Various Microsoft Windows operating systems are prone to a remotely exploitable stack-based buffer overrun via the PCT (Private Communications Transport) protocol. Successful exploitation of this issue could allow a remote attacker to execute malicious code on a vulnerable system, resulting in full system compromise.
The vulnerability may also reportedly be exploitable by a local user who passes malicious parameters to the vulnerable component interactively or through another application.
This issue is reported to only affect systems that have SSL enabled, such as web servers, but could also affect Windows 2000 Domain Controllers under some circumstances. For Windows Server 2003, PCT must be manually enabled in addition to enabling SSL support to be affected. Reportedly, both PCT 1.0 and SSL 2.0 must be enabled for successful exploitation.
14. Microsoft Virtual DOS Machine Local Privilege Escalation Vul...
BugTraq ID: 10117
Remote: No
Date Published: Apr 13 2004
Relevant URL: http://www.securityfocus.com/bid/10117
Summary:
A problem exists in the Virtual DOS Machine (VDM) that may allow a local user to elevate their privilege level. The issue exists because an attacker may use the VDM to write arbitrary code to protected kernel memory locations.
15. Microsoft ASN.1 Library Double Free Memory Corruption Vulner...
BugTraq ID: 10118
Remote: Yes
Date Published: Apr 13 2004
Relevant URL: http://www.securityfocus.com/bid/10118
Summary:
It has been reported that Microsoft ASN.1 library is prone to a double free heap memory corruption vulnerability that may allow a remote attacker to execute arbitrary code on a vulnerable system.
Exploitation of this issue is likely to cause a denial of service condition due to the unique layout of memory structures in affected systems, however, it is possible to leverage this issue via arbitrary code execution to gain system level privileges on a system.
This vulnerability only affects systems that have installed the patch (MS04-007) for BID 9743 (Microsoft ASN.1 Library Multiple Stack-Based Buffer Overflow Vulnerabilities).
16. Microsoft Windows Help And Support Center URI Validation Cod...
BugTraq ID: 10119
Remote: Yes
Date Published: Apr 13 2004
Relevant URL: http://www.securityfocus.com/bid/10119
Summary:
Microsoft has reported a vulnerability in the Help and Support Center that is related to how HCP URIs are validated. This issue could reportedly be exploited via a malicious web page or HTML e-mail to execute arbitrary code on a client system.
The issue may permit an attacker to inject invocation arguments when HCP URIs cause the HelpCtr.exe component to be executed. By placing malicious content into a known location on the system, whose contents the attacker may influence via a malicious web page, it is possible to exploit this issue to cause the malicious content to be executed in the Local Zone.
It should be noted that the vulnerable functionality is included in Microsoft Windows ME but that the vendor has not considered this vulnerability to pose a serious threat to users of this operating system. The vendor has not qualified why the threat is reduced for Windows ME users.
17. Microsoft Windows WMF/EMF Image Formats Remote Buffer Overfl...
BugTraq ID: 10120
Remote: Yes
Date Published: Apr 13 2004
Relevant URL: http://www.securityfocus.com/bid/10120
Summary:
It has been reported that Windows may be prone to a remote buffer overflow vulnerability when rendering WMF/EMF image files. An attacker could create a malicious WMF or EMF file and entice a user to view the file via an application that supports the WMF and EMF formats. Immediate consequences of this attack may result in a denial of service condition, however, it is possible that an attacker could leverage this issue to execute arbitrary code in the context of the vulnerable user.
This issue may be similar to the vulnerabilities described in BID 9892 (Microsoft Windows XP explorer.exe Remote Denial of Service Vulnerability) and BID 9707 (Microsoft Windows XP explorer.exe Multiple Memory Corruption Vulnerabilities).
18. Microsoft Windows Object Identity Network Communication Vuln...
BugTraq ID: 10121
Remote: Yes
Date Published: Apr 13 2004
Relevant URL: http://www.securityfocus.com/bid/10121
Summary:
It has been reported that Microsoft Windows is prone to a vulnerability in the method of creation of object identities that may allow unauthorized network communication. This issue is due to a design error that causes the process to be carried out insecurely.
This issue may be leveraged by a local attacker to open unauthorized network ports on the affected system. This may facilitate remote attacks against the affected system. There may also be other consequences.
19. Microsoft Windows Local Descriptor Table Local Privilege Esc...
BugTraq ID: 10122
Remote: No
Date Published: Apr 13 2004
Relevant URL: http://www.securityfocus.com/bid/10122
Summary:
Microsoft Windows Local Descriptor Table programming interface has been reported prone to a privilege escalation vulnerability
As a result of this it is reportedly possible for a local attacker to create a malicious entry into the Local Descriptor Table. This entry may point into protected memory. Because this memory space is reserved for kernel operations, it is likely that an attacker will exploit this condition to execute arbitrary code with elevated privileges.
20. Microsoft Windows COM Internet Service/RPC Over HTTP Remote ...
BugTraq ID: 10123
Remote: Yes
Date Published: Apr 13 2004
Relevant URL: http://www.securityfocus.com/bid/10123
Summary:
It has been reported that a denial of service condition exists in the COM Internet Service and RPC over HTTP services. This issue is due to a failure of the services to properly handle malformed network responses.
Successful exploitation of this issue may allow a remote attacker to cause the affected server to crash or stop responding. It is currently not known whether this issue could be leveraged to execute arbitrary code on the affected system.
21. Microsoft Windows Utility Manager Local Privilege Escalation...
BugTraq ID: 10124
Remote: No
Date Published: Apr 13 2004
Relevant URL: http://www.securityfocus.com/bid/10124
Summary:
Microsoft Utility Manager has been reported prone to a local privilege escalation vulnerability. It is reported that a local user may influence the Utility Manager into executing arbitrary code.
A local attacker may exploit this vulnerability to have arbitrary attacker-supplied code executed with SYSTEM privileges.
22. Microsoft Windows Management Local Privilege Escalation Vuln...
BugTraq ID: 10125
Remote: No
Date Published: Apr 13 2004
Relevant URL: http://www.securityfocus.com/bid/10125
Summary:
Microsoft Windows Management has been reported prone to a local privilege escalation vulnerability. It is reported that a local user may employ Windows Management through some means to gain elevated privileges.
A local attacker may exploit this vulnerability to have arbitrary attacker-supplied code executed with SYSTEM privileges.
23. Microsoft Windows Logon Process Remote Buffer Overflow Vulne...
BugTraq ID: 10126
Remote: Yes
Date Published: Apr 13 2004
Relevant URL: http://www.securityfocus.com/bid/10126
Summary:
Microsoft Windows logon process "winlogon" has been reported to be prone to a remote buffer overflow vulnerability. The issue is reported to exist when the vulnerable host is a member of an Active Directory domain. When processing logon information, the windows logon process will read data from the Active Directory. This read call does not sufficiently perform bounds checking on received data before said data is copied into a reserved buffer in process memory.
Supplied data that exceeds the size of the allocated buffer in Windows logon process memory will overrun its bounds, this will result in the corruption of memory that is adjacent to the affected buffer.
24. Microsoft Windows RPCSS Service Remote Denial Of Service Vul...
BugTraq ID: 10127
Remote: Yes
Date Published: Apr 12 2004
Relevant URL: http://www.securityfocus.com/bid/10127
Summary:
It has been reported that a denial of service condition exists in the RPCSS service. This issue is due to a failure of the application to properly handle malformed network messages.
Successful exploitation of this issue may allow a remote attacker to cause the affected server to crash or stop responding. On Microsoft Windows 2000, XP and Server 2003 this will cause the affected system to reboot, on all other Windows platforms the system will have to be manually rebooted. It is currently not known whether this issue could be leveraged to execute arbitrary code on the affected system.
25. PHP-Nuke CookieDecode Cross-Site Scripting Vulnerability
BugTraq ID: 10128
Remote: Yes
Date Published: Apr 13 2004
Relevant URL: http://www.securityfocus.com/bid/10128
Summary:
Reportedly PHP-NuKe is prone to a remote cross-site scripting vulnerability. This issue is due to a failure of the 'cookiedecode()' function to properly sanitize user supplied cookie parameters.
These issues could permit a remote attacker to create a malicious link to the vulnerable application that includes hostile HTML and script code. If this link were followed, the hostile code may be rendered in the web browser of the victim user. This would occur in the security context of the affected web site and may allow for theft of cookie-based authentication credentials or other attacks.
26. PHP-Nuke Multiple SQL Injection Vulnerabilities
BugTraq ID: 10135
Remote: Yes
Date Published: Apr 13 2004
Relevant URL: http://www.securityfocus.com/bid/10135
Summary:
Reportedly PHP-Nuke is prone to multiple SQL injection vulnerabilities. These issues are due to a failure of the application to properly sanitize user supplied input.
As a result of these issues an attacker could modify the logic and structure of database queries. Other attacks may also be possible, such as gaining access to sensitive information.
27. Rhino Software Zaep AntiSpam Cross-Site Scripting Vulnerabil...
BugTraq ID: 10139
Remote: Yes
Date Published: Apr 14 2004
Relevant URL: http://www.securityfocus.com/bid/10139
Summary:
It has been reported that Zaep AntiSpam is prone to a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize user supplied URI input.
This issue could permit a remote attacker to create a malicious URI link that includes hostile HTML and script code. If this link were followed, the hostile code may be rendered in the web browser of the victim user. This would occur in the security context of the affected web site and may allow for theft of cookie-based authentication credentials or other attacks.
28. Microsoft Outlook/Outlook Express Remote Denial Of Service V...
BugTraq ID: 10144
Remote: Yes
Date Published: Apr 14 2004
Relevant URL: http://www.securityfocus.com/bid/10144
Summary:
Microsoft Outlook and Outlook Express have been reported prone to a remote denial of service vulnerability. The issue is reported to present itself when a NULL is encountered in the message body of an e-mail.
It is reported that when the vulnerable software encounters a malicious e-mail as described above, the GUI will cease to respond.
A remote attacker may potentially exploit this condition to deny service to Microsoft Outlook and Outlook Express users.
29. PostNuke Pheonix Multiple Module SQL Injection Vulnerabiliti...
BugTraq ID: 10146
Remote: Yes
Date Published: Apr 14 2004
Relevant URL: http://www.securityfocus.com/bid/10146
Summary:
It has been reported that PostNuke Pheonix is prone to a remote SQL injection vulnerability in multiple modules. This issue is due to a failure of the application to properly sanitize user supplied URI input.
This may allow a remote attacker to manipulate query logic, potentially leading to unauthorized access to sensitive information such as the administrator password hash or corruption of database data. SQL injection attacks may also potentially be used to exploit latent vulnerabilities in the underlying database implementation.
30. ZoneLabs ZoneAlarm Pro/Plus MailSafe Filter Bypass Vulnerabi...
BugTraq ID: 10148
Remote: Yes
Date Published: Apr 14 2004
Relevant URL: http://www.securityfocus.com/bid/10148
Summary:
A vulnerability has been reported in some versions of ZoneAlarm Pro/Plus MailSafe. MailSafe may be configured to quarantine file attachments with a certain extension. It is reported that, if the file name of a restricted attachment contains certain extended characters, MailSafe may fail to quarantine the attachment.
31. PHPBugTracker Multiple Input Validation Vulnerabilities
BugTraq ID: 10153
Remote: Yes
Date Published: Apr 15 2004
Relevant URL: http://www.securityfocus.com/bid/10153
Summary:
Reportedly phpBugTracker contains multiple input validation vulnerabilities; it is prone to multiple SQL injection, cross-site scripting and HTML injection issues. These issues are all due to a failure of the application to properly sanitize user supplied input.
The SQL injection issues may allow a remote attacker to manipulate query logic, potentially leading to unauthorized access to sensitive information such as the administrator password hash or corruption of database data. SQL injection attacks may also potentially be used to exploit latent vulnerabilities in the underlying database implementation.
The cross-site scripting and HTML injection issues may allow an attacker to execute arbitrary script code in the browser of an unsuspecting user. It may be possible to steal the unsuspecting user's cookie-based authentication credentials, as well as other sensitive information. Other attacks may also be possible.
32. SCT Campus Pipeline Email Attachment Script Injection Vulner...
BugTraq ID: 10154
Remote: Yes
Date Published: Apr 15 2004
Relevant URL: http://www.securityfocus.com/bid/10154
Summary:
It has been reported that Campus Pipeline is prone to a remote email attachment script injection vulnerability. This issue is due to a failure of the application to properly sanitize user supplied HTML and script code contained in email documents.
This issue may allow a remote attacker to gain control of an unsuspecting user's email account; by executing specific script code an attacker can manipulate the victim's email account. It may be possible for an attacker to steal cookie based authentication credentials as well, and due to the integrated nature of this software this may potentially lead to further compromise of the victim's account. It should be noted that this has not been confirmed.
33. Cisco IPsec VPN Client Group Password Disclosure Vulnerabili...
BugTraq ID: 10155
Remote: No
Date Published: Apr 15 2004
Relevant URL: http://www.securityfocus.com/bid/10155
Summary:
The Cisco IPsec VPN client has been reported prone to a vulnerability, which may result in the compromise of the Group Password. The issue is reported to present itself because the Group Password is not encrypted or obfuscated in any way when it is stored in process memory.
34. Real Networks Helix Universal Server Denial of Service Vulne...
BugTraq ID: 10157
Remote: Yes
Date Published: Apr 15 2004
Relevant URL: http://www.securityfocus.com/bid/10157
Summary:
It has been reported that Real Networks Helix Universal Server is affected by a remote denial of service vulnerability. This issue is due to a failure of the application to properly handle malformed RTSP (Real-Time Streaming Protocol) requests.
An attacker may leverage this issue to trigger a denial of service condition in the affected server.
III. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. Location Aware GPO question (Thread)
Relevant URL:
http://www.securityfocus.com/archive/88/360450
2. OWA (exchange 5.5) broken by patching? (Thread)
Relevant URL:
http://www.securityfocus.com/archive/88/360310
3. SecurityFocus Microsoft Newsletter #184 (Thread)
Relevant URL:
http://www.securityfocus.com/archive/88/360255
4. Article Announcement: Chat, Copy, Paste, Prison (Thread)
Relevant URL:
http://www.securityfocus.com/archive/88/360238
IV. NEW PRODUCTS FOR MICROSOFT PLATFORMS
----------------------------------------
1. Norton Internet Security 2004
By: Symantec
Platforms: Windows 95/98
Relevant URL: http://www.symantec.com/sabu/nis/nis_pe/
Summary:
Symantec's Norton Internet Security 2004 provides essential protection from viruses, hackers, and privacy threats. Powerful yet easy to use, this award-winning suite now includes advanced spam-fighting software to filter unwanted mail out of your inbox. Protect yourself, your family, and your PC online with Norton Internet Security 2004.
2. East-Tec Eraser 2004
By: EAST Technologies
Platforms: Windows 2000, Windows 95/98, Windows NT, Windows XP
Relevant URL: http://www.east-tec.com/eraser/index.htm
Summary:
East-Tec Eraser ("Eraser" in short) is an advanced security application for Windows 95/98/Me/NT/2000/XP designed to help you completely eliminate sensitive data from your computer and protect your computer and Internet privacy.
Eraser introduces a new meaning for the verb TO ERASE. Erasing a file now means wiping its contents beyond recovery, scrambling its name and dates and finally removing it from disk. When you want to get rid of sensitive files or folders beyond recovery, add them to the Eraser list of doomed files and ask Eraser to do the job. Eraser offers tight integration with the Windows shell, so you can drag files and folders from Explorer and drop them in Eraser, or you can erase them directly from Explorer by selecting Erase beyond recovery from the context menu.
3. Steganos Security Suite 6
By: Steganos
Platforms: Windows 2000, Windows 95/98, Windows NT, Windows XP
Relevant URL: http://www.steganos.com/?product=SSS6&language=en
Summary:
With Steganos Data Safe, Internet Trace Destructor 6.5, Password Manager, steganography function, E-Mail-Encryption, Deep Cleaning Shredder and much more, The Steganos Security Suite has been one of the best-selling encryption products for years and is used by 2 million people worldwide. Only the most modern encryption algorithms, such as the Advanced Encryption Standard (AES) are used. You can now save up to 128 GB* to its four virtual drives in real time - enough space for your film archive, large graphics files and other sensitive data.
4. Airscanner Mobile AntiVirus Pro
By: Airscanner Corp.
Platforms: Windows CE
Relevant URL: http://airscanner.com/downloads/av/av.html
Summary:
Airscanner Mobile AntiVirus Pro will quarantine or eradicate embedded viruses and malware, has fast, optimized scanning speed based on patent pending technology, has automatic, online updates of virus signatures and scanning engine as well as support for PocketPC 2003/Windows Mobile 2003 and easy online updates.
In addition to an accurate virus scanner, Airscanner Mobile AntiVirus includes these powerful tools for debugging Trojan horses:
- Intercept memory resident viruses with an advanced process discovery tool.
- Debug Trojan hacks with an easy-to-use registry viewer.
- Uncover denial of service attacks with a rapid system analyzer.
- Enter your own custom virus signatures (for experts).
- Perform fast, recursive, and flexibly multithreaded filesystem scanning.
5. Symantec?s Norton Internet Security 2004 Professional
By: Symantec
Platforms: Windows 2000, Windows 95/98, Windows XP
Relevant URL: http://www.symantec.com/smallbiz/nis_pr/
Summary:
Symantec?s Norton Internet Security 2004 Professional protects you and your business from online threats. It eliminates viruses automatically, blocks hackers, safeguards your personal information, fights spam, increases online productivity, recovers lost or damaged files, and thoroughly deletes confidential data you no longer need. Available in 5 and 10-user Small Office Packs.
6. secure2trust
By: Avoco Secure
Platforms: Windows 2000, Windows 95/98, Windows NT, Windows XP
Relevant URL: http://www.avocosecure.com/html_pages/products_service.html
Summary:
secure2trust gives you the power to create documents that remain under your corporate control throughout their entire existence. Even if you allow another party to have a copy of your original document you can be sure that the copy will always have your original controls as part of its properties. The digital rights options which will control printing, copying, viewing, etc give you persistent and secure digital asset protection and intellectual property control. Digital rights mechanisms are the only way to ensure document integrity in a persistent way for both inter and intra company communications.
V. NEW TOOLS FOR MICROSOFT PLATFORMS
------------------------------------
1. CryptoHeaven v2.3.3
By: Marcin Kurzawa <marcin@cryptoheaven.com>
Relevant URL: http://www.cryptoheaven.com/
Platforms: UNIX, Windows 2000, Windows 95/98, Windows NT, Windows XP
Summary:
CryptoHeaven offers secure email and online file sharing/storage. Its main features are secure and highly encrypted services such as group collaboration, file sharing, email, online storage, and instant messaging. It integrates multi-user based security into email, instant messaging, and file storage and sharing in one unique package. It provides real time communication for text and data transfers in a multi-user secure environment. The security and usability of CryptoHeaven is well-balanced; even the no-so-technically oriented computer users can enjoy this crypto product with very high level of encryption.
2. Telconi Terminal for Cisco IOS v0.6a
By: Stywiz
Relevant URL: http://www.telconi.com/
Platforms: Linux, MacOS, UNIX, Windows 2000, Windows NT, Windows XP
Summary:
Telconi Terminal is an unique network management application with interactive full-screen configuration editing, browsing, help facility support, debugging, and more. It focuses on common Cisco IOS functionality present with any hardware or software configuration, and complements the command line interface with a rich set of features. It is intended for users with knowledge of Cisco IOS, and is designed to work with any IOS-based device, such as routers and switches.
3. UnlimitedFTP.Secure v2.8.1
By: Unlimi-Tech Software Inc.
Relevant URL: http://www.unlimitedftp.ca/uftps/webdemo/index.jsp
Platforms: Windows 2000, Windows NT, Windows XP
Summary:
UnlimitedFTP.Secure is a secure FTP applet that runs in a Web browser. It provides the ability to connect securely to any server that supports the SFTP or FTPS protocols.
4. PGP Java API v2.0
By: CrypTom
Relevant URL: http://www.cryptography.ch/projects/pgpjava
Platforms: Linux, Windows 2000, Windows 95/98, Windows NT, Windows XP
Summary:
The PGP Java API provides access to a PGP implementation which is based on PGP 2.3a. The PGP implementation will be compiled as a shared object, which will be accessible to Java via the Java Native Interface (JNI). The PGPi class provides the methods you can use to interact with PGP. All the encrypted / signed files you generate with this API are compatible with PGP 2.6.3i and vice versa. You can use the same keyrings, too.
5. Enigmail v0.83.6
By: Patrick
Relevant URL: http://enigmail.mozdev.org/thunderbird.html
Platforms: Linux, MacOS, POSIX, UNIX, Windows 2000, Windows 3.x, Windows 95/98, Windows CE, Windows NT, Windows XP
Summary:
Enigmail is a "plugin" for the mail client of Mozilla and Netscape 7.x which allows users to access the authentication and encryption features provided by the popular GnuPG software. Enigmail can encrypt/sign mail when sending, and can decrypt/authenticate received mail. It can also import/export public keys. Enigmail supports both the inline PGP format and the PGP/MIME format, which can be used to encrypt attachments. Enigmail is cross-platform, although binaries are supplied only for a limited number of platforms. Enigmail uses inter-process communication to execute GPG to carry out encryption/authentication.
6. jayaCard v0.6a
By: Gilles Dumortier
Relevant URL: http://www.jayacard.org/
Platforms: Linux, Os Independent, Windows 2000, Windows 95/98, Windows NT, Windows XP
Summary:
jayaCard is a clean-room Secure Contactless Smartcard Multi-Applications Operating System that includes powerful tools such as contactless reader support, a protocol analyser, and a script engine. The supported norms include 7816-3/4/8, 14443, 15693, and x509.
VI. UNSUBSCRIBE INSTRUCTIONS
----------------------------
To unsubscribe send an e-mail message to ms-secnews-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.
If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.
VII. SPONSOR INFORMATION
-----------------------
This Issue is Sponsored by: Qualys
NEW MICROSOFT VULNERABILITIES - Audit Your Network Security
Detect network weaknesses, including critical vulnerabilities announced
in Microsoft's 4/13 security alert. QualysGuard requires no software,
deploys immediately, and accurately identifies security risks.
Try QualysGuard, risk-free and audit your network today.
http://www.securityfocus.com/sponsor/Qualys_ms-secnews_040419
------------------------------------------------------------------------
---------------------------------------------------------------------------
---------------------------------------------------------------------------
- Previous message: Miroslaw Slawek Chorazy: "Re: Location Aware GPO question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
