SecurityFocus Microsoft Newsletter #191

From: Marc Fossi (mfossi_at_securityfocus.com)
Date: 06/02/04

  • Next message: A. Bluecoat: "Exchange Information Store Security? Send As..."
    Date: Wed, 2 Jun 2004 08:20:50 -0600 (MDT)
    To: Focus-MS <focus-ms@securityfocus.com>
    
    

    SecurityFocus Microsoft Newsletter #191
    ----------------------------------------

    This Issue is Sponsored By: SecurityFocus

    Want to keep up on the latest security vulnerabilities? Don't have time to
    visit a myriad of mailing lists and websites to read the news? Just add
    the new SecurityFocus RSS feeds to your freeware RSS reader, and see all
    the latest posts for Bugtraq and the SF Vulnernability database in one
    convenient place. Or, pull in the latest news, columnists and feature
    articles in the SecurityFocus aggregated news feed, and stay on top of
    what's happening in the community!

    http://www.securityfocus.com/rss/index.shtml

    ------------------------------------------------------------------------
    I. FRONT AND CENTER
         1. H.323 Mediated Voice over IP: Protocols, Vulnerabilities & Remediation
         2. Pass the Chocolate
    II. MICROSOFT VULNERABILITY SUMMARY
         1. MollenSoft Lightweight FTP Server Remote Denial Of Service V...
         2. MiniShare Server Remote Denial Of Service Vulnerability
         3. Orenosv HTTP/FTP Server HTTP GET Denial Of Service Vulnerabi...
         4. Subversion Pre-Commit-Hook Template Undisclosed Vulnerabilit...
         5. MollenSoft Lightweight FTP Server Remote Buffer Overflow Vul...
         6. JPortal Print.php SQL Injection Vulnerability
    III. MICROSOFT FOCUS LIST SUMMARY
         1. Relative Security Provided by Cached Domain Credenti... (Thread)
         2. USB Drive Privileges (Thread)
         3. Re[2]: Relative Security Provided by Cached Domain C... (Thread)
         4. SecurityFocus Microsoft Newsletter #190 (Thread)
         5. Workstation service deletes itself?? (Thread)
    IV. NEW PRODUCTS FOR MICROSOFT PLATFORMS
         1. SP I-NET
         2. secure2trust
         3. N-Stealth Security Scanner
         4. Softros LAN Messenger
         5. Network Time System
         6. Anon-Encrypt
    V. NEW TOOLS FOR MICROSOFT PLATFORMS
         1. Honeynet Security Console 1.0
         2. LogMonitor 1.0
         3. Ettercap v0.7.0 pre2
         4. Syhunt TS Security Scanner 6.7 Build 96
         5. yaSSL 0.1.0
         6. Password Spyer 2k 2.4
    VI. UNSUBSCRIBE INSTRUCTIONS
    VII. SPONSOR INFORMATION

    I. FRONT AND CENTER
    -------------------
    1. H.323 Mediated Voice over IP: Protocols, Vulnerabilities & Remediation
    By Dr. Thomas Porter

    This paper provides an overview of the H.323 (VoIP) protocol suite, its
    known vulnerabilities, and then suggests twenty rules for securing an
    H.323-based network.

    http://www.securityfocus.com/infocus/1782

    2. Pass the Chocolate
    By Scott Granneman

    For the 70% of the population that will trade their computer password for
    a bar of chocolate, this one's for you.

    http://www.securityfocus.com/columnists/245

    II. MICROSOFT VULNERABILITY SUMMARY
    -----------------------------------
    1. MollenSoft Lightweight FTP Server Remote Denial Of Service V...
    BugTraq ID: 10409
    Remote: Yes
    Date Published: May 24 2004
    Relevant URL: http://www.securityfocus.com/bid/10409
    Summary:
    A denial of service condition is reported to exist in the MollenSoft Lightweight FTP Server that may allow a remote user to deny service to legitimate FTP users. The vulnerability is due to a lack of sufficient boundary checks performed on CWD command arguments.

    It should be noted that although this vulnerability is reported to affect Mollensoft Lightweight FTP Server version 3.6 other versions might also be affected.

    2. MiniShare Server Remote Denial Of Service Vulnerability
    BugTraq ID: 10417
    Remote: Yes
    Date Published: May 26 2004
    Relevant URL: http://www.securityfocus.com/bid/10417
    Summary:
    Minishare is affected by a remote denial of service vulnerability. This issue is due to a failure of the application to handle improperly formed HTTP requests.

    This issue will allow an attacker to cause the affected computer to stop responding, denying service to legitimate users.

    3. Orenosv HTTP/FTP Server HTTP GET Denial Of Service Vulnerabi...
    BugTraq ID: 10420
    Remote: Yes
    Date Published: May 26 2004
    Relevant URL: http://www.securityfocus.com/bid/10420
    Summary:
    Orenosv HTTP/FTP server is prone to a denial of service vulnerability that may occur when an overly long HTTP GET request is sent to the server. When the malicious request is handled, it is reported that both the HTTP and FTP daemons will stop responding.

    4. Subversion Pre-Commit-Hook Template Undisclosed Vulnerabilit...
    BugTraq ID: 10428
    Remote: No
    Date Published: May 27 2004
    Relevant URL: http://www.securityfocus.com/bid/10428
    Summary:
    Subversion is reported prone to an undisclosed vulnerability. The issue is reported to present itself due to an insecure implementation of the pre-commit-hook template.

    This BID will be updated as soon as further information regarding this vulnerability becomes available.

    5. MollenSoft Lightweight FTP Server Remote Buffer Overflow Vul...
    BugTraq ID: 10429
    Remote: Yes
    Date Published: May 28 2004
    Relevant URL: http://www.securityfocus.com/bid/10429
    Summary:
    Lightweight FTP Server is prone to a remote buffer overflow vulnerability. This vulnerability can potentially allow a remote attacker to execute arbitrary code in the context of the server process. This issue presents itself due to a lack of sufficient boundary checks performed on CD command arguments.

    Lightweight FTP Server version 3.6 is prone to this issue.

    This issue is likely related to the issue previously described in BID 10409 (MollenSoft Lightweight FTP Server Remote Denial Of Service Vulnerability). This BID will be updated or retired subsequent to further analysis.

    6. JPortal Print.php SQL Injection Vulnerability
    BugTraq ID: 10430
    Remote: Yes
    Date Published: May 28 2004
    Relevant URL: http://www.securityfocus.com/bid/10430
    Summary:
    JPortal is reportedly affected by a remote SQL injection vulnerability in the print.inc.php script. This issue is due to a failure of the application to properly sanitize user-supplied URI input before using it in an SQL query.

    As a result of this a malicious user may influence database queries in order to view or modify sensitive information, potentially compromising the software or the database. It may be possible for an attacker to disclose the administrator password hash by exploiting this issue.

    III. MICROSOFT FOCUS LIST SUMMARY
    ---------------------------------
    1. Relative Security Provided by Cached Domain Credenti... (Thread)
    Relevant URL:

    http://www.securityfocus.com/archive/88/364776

    2. USB Drive Privileges (Thread)
    Relevant URL:

    http://www.securityfocus.com/archive/88/364490

    3. Re[2]: Relative Security Provided by Cached Domain C... (Thread)
    Relevant URL:

    http://www.securityfocus.com/archive/88/364432

    4. SecurityFocus Microsoft Newsletter #190 (Thread)
    Relevant URL:

    http://www.securityfocus.com/archive/88/364319

    5. Workstation service deletes itself?? (Thread)
    Relevant URL:

    http://www.securityfocus.com/archive/88/364237

    IV. NEW PRODUCTS FOR MICROSOFT PLATFORMS
    ----------------------------------------
    1. SP I-NET
    By: Unisys
    Platforms: Windows 95/98, Windows NT
    Relevant URL: http://www.unisys.com/sp-security
    Summary:

    Designed for business-to-business communications requiring trusted relationships, SP I-NET ensures confidentiality of data, authenticates the identity of the involved parties, and ensures the privacy of their communication.

    2. secure2trust
    By: Avoco Secure
    Platforms: Windows 2000, Windows 95/98, Windows NT, Windows XP
    Relevant URL: http://www.avocosecure.com/html_pages/products_service.html
    Summary:

    secure2trust gives you the power to create documents that remain under your corporate control throughout their entire existence. Even if you allow another party to have a copy of your original document you can be sure that the copy will always have your original controls as part of its properties. The digital rights options which will control printing, copying, viewing, etc give you persistent and secure digital asset protection and intellectual property control. Digital rights mechanisms are the only way to ensure document integrity in a persistent way for both inter and intra company communications.

    3. N-Stealth Security Scanner
    By: N-Stalker
    Platforms: Windows 2000, Windows 95/98, Windows NT, Windows XP
    Relevant URL: http://www.nstalker.com/products/nstealth/
    Summary:

    N-Stealth is a vulnerability-assessment product that scans web servers to identify security problems and weaknesses that might allow an attacker to gain privileged access. The software comes with an extensive database of over 30,000 vulnerabilities and exploits. N-Stealth« is more actively maintained than the network security scanners and consequently has a larger database of vulnerabilities.

    4. Softros LAN Messenger
    By: Softros Systems Inc.
    Platforms: Windows 2000, Windows NT, Windows XP
    Relevant URL: http://messenger.softros.com
    Summary:

    Softros Messenger is a secure network messaging software application for corporate LANs (local area networks). It does not require a server and is very easy to install and use. Softros Messenger comes with a variety of handy features, like message notification alarms, personal or group messaging, and intuitive interface. Softros Messenger offers strong encryption options for all incoming and outgoing messages, guaranteeing no unauthorized person ever reads personal correspondence. The program is very stable when running under any Windows operating system and in any TCP/IP network, regardless of its size. Also Softros Messenger correctly identifies and works under Windows NT/2000/XP limited user accounts (without administrative privileges).

    5. Network Time System
    By: Softros Systems Inc.
    Platforms: Windows 2000, Windows 95/98, Windows NT, Windows XP
    Relevant URL: http://nts.softros.com/
    Summary:

    Network Time System - Secure, fast and accurate time sync software across entire network.

    6. Anon-Encrypt
    By: RiserSoft Corporation
    Platforms: Windows 2000, Windows NT, Windows XP
    Relevant URL: http://risersoft.com/anon-encrypt.php
    Summary:

    Surf the Internet Totally Anonymous, and Fully Encrypted with our Internet Explorer Pluging!

    V. NEW TOOLS FOR MICROSOFT PLATFORMS
    ------------------------------------
    1. Honeynet Security Console 1.0
    By: Activeworx, Inc.
    Relevant URL: http://www.activeworx.org
    Platforms: Windows 2000, Windows XP
    Summary:

    Honeynet Security Console is an analysis tool to view events on your personal honeynet. It gives you the power to view events from Snort, TCPDump, Firewall, Syslog and Sebek logs. It also allows you to correlate events from each of these data types to have a full grasp of the attackers' actions.

    2. LogMonitor 1.0
    By: Adam Richard/SÚcurIT Informatique Inc.
    Relevant URL: ftp://ftp.digitalvoodoo.org/pub/mirrors/securit/Logmon10free.zip
    Platforms: Windows 2000, Windows NT, Windows XP
    Summary:

    LogMonitor is a log analysis console. It is 75% based on LogIDS, excepted for the GUI which is a complete makeover. Instead of focusing on network location, LogMonitor presents the data in a set of floating windows grouped by application, which may be a more intuitive interface to some people. The analysis is performed by defining the fields of each log we are monitoring, and then by using these fields to define rules as to what is important data or not.

    3. Ettercap v0.7.0 pre2
    By: ALoR <alor@users.sourceforge.net>
    Relevant URL: http://ettercap.sourceforge.net/
    Platforms: FreeBSD, Linux, MacOS, NetBSD, Windows 2000, Windows NT, Windows XP
    Summary:

    Ettercap is a network sniffer/interceptor/logger for ethernet LANs. It supports active and passive dissection of many protocols (even ciphered ones, like SSH and HTTPS). Data injection in an established connection and filtering on the fly is also possible, keeping the connection synchronized. Many sniffing modes were implemented to give you a powerful and complete sniffing suite. Plugins are supported. It has the ability to check whether you are in a switched LAN or not, and to use OS fingerprints (active or passive) to let you know the geometry of the LAN.

    4. Syhunt TS Security Scanner 6.7 Build 96
    By: Syhunt
    Relevant URL: http://www.syhunt.com/section.php?id=scanner
    Platforms: Windows 2000, Windows 95/98, Windows NT, Windows XP
    Summary:

    Syhunt TS Security Scanner is able to find the unfindable, not only known vulnerabilities, but also potential new ones. The new version can identify and exploit vulnerabilities in a matter of minutes and is a key tool for security professionals and administrators.

    5. yaSSL 0.1.0
    By: tao51
    Relevant URL: http://freshmeat.net/projects/yassl/?branch_id=48050&release_id=160245
    Platforms: Linux, POSIX, Windows 2000, Windows NT, Windows XP
    Summary:

    The yaSSL software package is a fast, dual-licensed implementation of SSL. It includes SSL client libraries and an SSL server implementation. It supports multiple APIs, including those defined by SSL and TLS. It also supports an OpenSSL compatibility interface.

    6. Password Spyer 2k 2.4
    By: Maro's Tools
    Relevant URL: http://www.maros-tools.com/products/spyer/
    Platforms: Windows 2000, Windows 95/98, Windows NT, Windows XP
    Summary:

    Password Spyer 2k is a password recovery tool for windows. Password Spyer 2k reveals passwords hidden by asterkis (***) in all windows version (including 2000 and XP). You can use it to recover lost or forgotten passwords in most windows applications such as outlook, cute ftp, ws ftp, ICQ and others. You can use it to also reveal saved web passwords. Password Spyer 2k supports two methods for revealing passwords for better password retrieval.

    VI. UNSUBSCRIBE INSTRUCTIONS
    ----------------------------
    To unsubscribe send an e-mail message to ms-secnews-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

    If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.

    VII. SPONSOR INFORMATION
    -----------------------

    This Issue is Sponsored By: SecurityFocus

    Want to keep up on the latest security vulnerabilities? Don't have time to
    visit a myriad of mailing lists and websites to read the news? Just add
    the new SecurityFocus RSS feeds to your freeware RSS reader, and see all
    the latest posts for Bugtraq and the SF Vulnernability database in one
    convenient place. Or, pull in the latest news, columnists and feature
    articles in the SecurityFocus aggregated news feed, and stay on top of
    what's happening in the community!

    http://www.securityfocus.com/rss/index.shtml

    ------------------------------------------------------------------------

    ---------------------------------------------------------------------------
    ---------------------------------------------------------------------------


  • Next message: A. Bluecoat: "Exchange Information Store Security? Send As..."