SecurityFocus Microsoft Newsletter #217

From: Marc Fossi (mfossi_at_securityfocus.com)
Date: 12/01/04

  • Next message: Michael van Zwieten: "XP SP2 & GPO controlled firewall gets activated for unknown reasons..."
    Date: Wed, 1 Dec 2004 08:17:09 -0700 (MST)
    To: Focus-MS <focus-ms@securityfocus.com>
    
    

    SecurityFocus Microsoft Newsletter #217
    ----------------------------------------

    Need to know what's happening on YOUR network? Symantec DeepSight Analyzer
    is a free service that gives you the ability to track and manage attacks.
    Analyzer automatically correlates attacks from various Firewall and network
    based Intrusion Detection Systems, giving you a comprehensive view of your
    computer or general network. Sign up today!

    http://www.securityfocus.com/sponsor/Symantec_sf-news_041130

    ------------------------------------------------------------------------
    I. FRONT AND CENTER
         1. Profitware
         2. Seeds of Disaster
    II. MICROSOFT VULNERABILITY SUMMARY
         1. PHPBB Login Form Multiple Input Validation Vulnerabilities
         2. Computer Associates eTrust EZAntivirus User Interface Local ...
         3. Citrix MetaFrame Presentation Server Client Debugging Utilit...
         4. WeOnlyDo! wodFtpDLX ActiveX Component Remote Buffer Overflow...
         5. Sacred Multiple Connection Denial Of Service Vulnerability
         6. Gearbox Software Halo Game Client Remote Denial Of Service V...
         7. Nullsoft Winamp IN_CDDA.dll Remote Buffer Overflow Vulnerabi...
         8. Van Dyke SecureCRT Remote Command Execution Vulnerability
         9. Soldier Of Fortune 2 Buffer Overflow Vulnerability
         10. Alt-N MDaemon Local Privilege Escalation Vulnerability
         11. SugarCRM Unspecified Vulnerabilities
         12. Youngzsoft CMailServer Multiple Remote Vulnerabilities
         13. Win FTP Server Plaintext Password Storage Weakness
         14. LucasArts Star Wars Battlefront Game Server Multiple Remote ...
         15. Microsoft Internet Explorer Infinite Array Sort Denial Of Se...
         16. MailEnable IMAP Service Multiple Remote Pre-Authentication B...
         17. Opera Web Browser Infinite Array Sort Denial Of Service Vuln...
         18. Microsoft Windows WINS Replication Protocol Remote Memory Co...
         19. YaBB Shadow BBCode Tag JavaScript Injection Vulnerability
         20. Microsoft Internet Explorer Image Download Filename Extensio...
         21. Microsoft Windows WINS Arbitrary Association Delete Unspecif...
    III. MICROSOFT FOCUS LIST SUMMARY
         1. A little nervous about service packs (Thread)
         2. Microsoft rights management server alternatives (Thread)
         3. SecurityFocus Microsoft Newsletter #216 (Thread)
    IV. NEW PRODUCTS FOR MICROSOFT PLATFORMS
         1. CoreGuard Core Security System
         2. KeyCaptor Keylogger
         3. SpyBuster
         4. FreezeX
         5. NeoExec for Active Directory
         6. Secrets Protector v2.03
    V. NEW TOOLS FOR MICROSOFT PLATFORMS
         1. Dekart Private Disk 2.03
         2. Remote Process Watcher 1.0
         3. Rkdscan 1.0
         4. Spybot-S&D 1.3
         5. lock 2.0
         6. WapgGui 1.0
    VI. UNSUBSCRIBE INSTRUCTIONS
    VII. SPONSOR INFORMATION

    I. FRONT AND CENTER
    -------------------
    1. Profitware
    By Kelly Martin

    Some of the largest anti-virus companies have virtually ignored the spyware
    problem because there is no profit incentive for them to do otherwise.
    Meanwhile, spyware companies make millions.

    http://www.securityfocus.com/columnists/278

    2. Seeds of Disaster
    By Mark Burnett

    Internet Explorer's problems can be traced to Microsoft's shortsightedness
    during the browser wars of the 1990s. Is the company sowing tomorrow's
    security woes today?

    http://www.securityfocus.com/columnists/279

    II. MICROSOFT VULNERABILITY SUMMARY
    -----------------------------------
    1. PHPBB Login Form Multiple Input Validation Vulnerabilities
    BugTraq ID: 11716
    Remote: Yes
    Date Published: Nov 20 2004
    Relevant URL: http://www.securityfocus.com/bid/11716
    Summary:
    Multiple input validation vulnerabilities affect the login form of phpBB. These issues are due to a failure of the application to perform proper sanitization prior to including user-supplied input in dynamically generated content and SQL queries.

    An attacker may leverage these issues to execute arbitrary client side script code in the browser of an unsuspecting user and inject arbitrary SQL syntax into SQL queries. This may potentially lead to theft of cookie-based authentication credentials, theft of sensitive information or corruption of data as well as other attacks.

    It should be noted that it is possible that one or more of these issues has been reported in a previous BID. This BID will be updated as more information becomes available.

    2. Computer Associates eTrust EZAntivirus User Interface Local ...
    BugTraq ID: 11717
    Remote: No
    Date Published: Nov 20 2004
    Relevant URL: http://www.securityfocus.com/bid/11717
    Summary:
    A local authentication bypass vulnerability affects the user interface of eTrust EZAntivirus. This issue is due to a design error that allows a local attacker to bypass the implemented authentication.

    A local attacker may exploit this issue to bypass the user interface authentication mechanisms, facilitating unauthorized access the software. This may allow manipulation of virus scanning rules that may subsequently facilitate further attacks against the affected computer.

    3. Citrix MetaFrame Presentation Server Client Debugging Utilit...
    BugTraq ID: 11720
    Remote: No
    Date Published: Nov 22 2004
    Relevant URL: http://www.securityfocus.com/bid/11720
    Summary:
    A vulnerability affects the Citrix MetaFrame Presentation Server client debugging utility. This issue is due to a design error in the affected debugging utility that may aid an attacker in the theft of sensitive information.

    An attacker may leverage this issue to record keystrokes of unsuspecting users, potentially revealing sensitive information and facilitating privilege escalation or other attacks.

    4. WeOnlyDo! wodFtpDLX ActiveX Component Remote Buffer Overflow...
    BugTraq ID: 11721
    Remote: Yes
    Date Published: Nov 22 2004
    Relevant URL: http://www.securityfocus.com/bid/11721
    Summary:
    A remote buffer overflow vulnerability reportedly affects the WeOnlyDo! wodFtpDLX ActiveX Component. This issue is due to a failure of the application to properly validate the length of user-supplied strings prior to copying them into finite process buffers.

    An attacker may exploit this issue to execute arbitrary code with the privileges of a user that started an application that implements the vulnerable ActiveX conmponent.

    5. Sacred Multiple Connection Denial Of Service Vulnerability
    BugTraq ID: 11722
    Remote: Yes
    Date Published: Nov 22 2004
    Relevant URL: http://www.securityfocus.com/bid/11722
    Summary:
    Sacred is reported susceptible to a multiple connection denial of service vulnerability.

    This vulnerability allows remote attackers to block further network access to a Sacred server, denying access to legitimate users.

    6. Gearbox Software Halo Game Client Remote Denial Of Service V...
    BugTraq ID: 11724
    Remote: Yes
    Date Published: Nov 22 2004
    Relevant URL: http://www.securityfocus.com/bid/11724
    Summary:
    The Halo game client is reported prone to a remote denial of service vulnerability. It is reported that when using the in game browser to view a server list, a malicious reply from a server may crash the affected client.

    A remote attacker may exploit this vulnerability to deny service to legitimate users.

    7. Nullsoft Winamp IN_CDDA.dll Remote Buffer Overflow Vulnerabi...
    BugTraq ID: 11730
    Remote: Yes
    Date Published: Nov 23 2004
    Relevant URL: http://www.securityfocus.com/bid/11730
    Summary:
    A remote buffer overflow vulnerability affects the IN_CDDA.dll library of Nullsoft's Winamp. This issue is due to a failure of the application to properly validate the length of user-supplied strings prior to copying them into finite process buffers. The issue would most likely be exposed through a malicious playlist designed to trigger the issue.

    An attacker may exploit this issue to execute arbitrary code with the privileges of the user that activated the vulnerable application.

    8. Van Dyke SecureCRT Remote Command Execution Vulnerability
    BugTraq ID: 11731
    Remote: Yes
    Date Published: Nov 23 2004
    Relevant URL: http://www.securityfocus.com/bid/11731
    Summary:
    A remote command execution vulnerability affects Van Dyke's SecureCRT. This issue is due to a design error that allows a remote attacker to execute arbitrary script on the affected computer with the privileges of the affected application.

    An attacker may leverage this issue to execute arbitrary code with the privileges of the user that activated the affected application; this may facilitate privilege escalation or unauthorized access.

    9. Soldier Of Fortune 2 Buffer Overflow Vulnerability
    BugTraq ID: 11735
    Remote: Yes
    Date Published: Nov 23 2004
    Relevant URL: http://www.securityfocus.com/bid/11735
    Summary:
    It is reported that Soldier of Fortune 2 is susceptible to a buffer overflow vulnerability. This issue is due to a failure of the application to perform sufficient bounds checking on user-supplied input prior to copying it to a fixed-sized memory buffer.

    A remote attacker may exploit this vulnerability to deny service to legitimate users. Due to the nature of this vulnerability, it is conjectured that remote code execution may be possible, but this is not confirmed.

    10. Alt-N MDaemon Local Privilege Escalation Vulnerability
    BugTraq ID: 11736
    Remote: No
    Date Published: Nov 23 2004
    Relevant URL: http://www.securityfocus.com/bid/11736
    Summary:
    A local privilege escalation vulnerability reportedly affects Alt-N MDaemon. This issue is due to a failure of the application to properly drop privileges prior to executing child processes.

    An attacker may leverage this issue to execute applications with SYSTEM privileges, facilitating privilege escalation.

    11. SugarCRM Unspecified Vulnerabilities
    BugTraq ID: 11740
    Remote: Yes
    Date Published: Nov 23 2004
    Relevant URL: http://www.securityfocus.com/bid/11740
    Summary:
    SugarCRM version 2.0.1a has been released to address multiple security vulnerabilities. The vendor has not publicized specific details about the vulnerabilities that were addressed in this release.

    12. Youngzsoft CMailServer Multiple Remote Vulnerabilities
    BugTraq ID: 11742
    Remote: Yes
    Date Published: Nov 24 2004
    Relevant URL: http://www.securityfocus.com/bid/11742
    Summary:
    Multiple remote vulnerabilities affect the Youngzsoft CMailServer. These issues are due to a failure of the application to properly sanitize user input and perform sufficient bounds checking.

    The first issue is a buffer overflow vulnerability in the attachment functionality. The second and third issues are SQL injection vulnerabilities. The final issue is an HTML injection issue.

    An attacker may leverage these issues to execute arbitrary code on an affected computer, carry out SQL injection attacks that may delete sensitive data and perform HTML injection attacks facilitating the theft of authentication credentials.

    13. Win FTP Server Plaintext Password Storage Weakness
    BugTraq ID: 11749
    Remote: No
    Date Published: Nov 24 2004
    Relevant URL: http://www.securityfocus.com/bid/11749
    Summary:
    It is reported that Win FTP Server stores user account information in a plaintext file on the server filesystem.

    As a result, FTP user credentials could be exposed to other local users who have permissions to access this file. Malicious users that gain access to FTP user credentials may be able to gain access to potentially sensitive files served by the application.

    Version 1.6 of the application is reportedly affected by this weakness. Other versions are also likely affected.

    14. LucasArts Star Wars Battlefront Game Server Multiple Remote ...
    BugTraq ID: 11750
    Remote: Yes
    Date Published: Nov 24 2004
    Relevant URL: http://www.securityfocus.com/bid/11750
    Summary:
    LucasArts Star Wars Battlefront game server is reported prone to multiple remote denial of service vulnerabilities. The following issues are reported:

    It is reported that the Star Wars Battlefront game server fails to perform sufficient boundary checks on 'nickname' data that is supplied by a client.

    A remote attacker may exploit this vulnerability to deny service to legitimate users.

    Additionally, it is reported that the Star Wars Battlefront game server provides debugging functionality that may be leveraged by a malicious client to trigger a server crash.

    A remote attacker may exploit this vulnerability to deny service to legitimate users.

    This vulnerability is reported to affect LucasArts Star Wars Battlefront up to and including version 1.11.

    15. Microsoft Internet Explorer Infinite Array Sort Denial Of Se...
    BugTraq ID: 11751
    Remote: Yes
    Date Published: Nov 25 2004
    Relevant URL: http://www.securityfocus.com/bid/11751
    Summary:
    Microsoft Internet is prone to a vulnerability that may result in a browser crash. This issue is exposed when the browser performs an infinite JavaScript array sort operation. It is conjectured that this will only result in a denial of service and is not further exploitable to execute arbitrary code, though this has not been confirmed.

    16. MailEnable IMAP Service Multiple Remote Pre-Authentication B...
    BugTraq ID: 11755
    Remote: Yes
    Date Published: Nov 25 2004
    Relevant URL: http://www.securityfocus.com/bid/11755
    Summary:
    MailEnable IMAP service is reported prone to multiple remote buffer overflow vulnerabilities. The following individual issues are reported:

    The first buffer overflow vulnerability is reported to exist due to a lack of sufficient bounds checking performed on IMAP command arguments before the argument is copied into a finite process memory buffer.

    A remote attacker may exploit this vulnerability prior to authentication to execute arbitrary code in the context of the affected service.

    The second buffer overflow vulnerability presents itself due to a lack of boundary checks performed on request data sent to the IMAP service.

    A remote attacker may exploit this vulnerability prior to authentication to execute arbitrary code in the context of the affected service.

    17. Opera Web Browser Infinite Array Sort Denial Of Service Vuln...
    BugTraq ID: 11762
    Remote: Yes
    Date Published: Nov 25 2004
    Relevant URL: http://www.securityfocus.com/bid/11762
    Summary:
    The Opera Web browser is prone to a vulnerability that may result in a browser crash. This issue is exposed when the browser performs an infinite JavaScript array sort operation. It is conjectured that this will only result in a denial of service and is not further exploitable to execute arbitrary code, though this has not been confirmed.

    18. Microsoft Windows WINS Replication Protocol Remote Memory Co...
    BugTraq ID: 11763
    Remote: Yes
    Date Published: Nov 25 2004
    Relevant URL: http://www.securityfocus.com/bid/11763
    Summary:
    It is reported that the WINS replication protocol contains a vulnerability that when exploited will result in memory corruption. The issue exists due to a protocol design flaw that allows a remote user to specify the location of a data structure in memory.

    Because the attacker may control the location of the data structure, this vulnerability may be exploited to corrupt process memory.

    This issue could potentially be exploited remotely by a WINS client to execute arbitrary code with SYSTEM level privileges on a target WINS server. The service may be exposed via TCP/UDP port 42 by default, but the vendor has stated that other attack vectors may exist though none are known at this time.

    19. YaBB Shadow BBCode Tag JavaScript Injection Vulnerability
    BugTraq ID: 11764
    Remote: Yes
    Date Published: Nov 26 2004
    Relevant URL: http://www.securityfocus.com/bid/11764
    Summary:
    YaBB is reported prone to a JavaScript injection vulnerability. It is reported that the BBCode 'shadow' tag is not sufficiently sanitized of malicious script content.

    An attacker that has an account on the affected bulletin board may exploit this vulnerability to inject arbitrary JavaScript code into forum posts through the 'shadow' tag.

    20. Microsoft Internet Explorer Image Download Filename Extensio...
    BugTraq ID: 11768
    Remote: Yes
    Date Published: Nov 26 2004
    Relevant URL: http://www.securityfocus.com/bid/11768
    Summary:
    Microsoft Internet Explorer is reported susceptible to a filename extension spoofing vulnerability when utilizing the 'Save Image As' feature.

    Reportedly, this vulnerability is only possible when Internet Explorer is configured with 'Hide extension for known file types' enabled. This is the default configuration.

    This vulnerability may facilitate the spoofing of filename extensions, resulting in malicious content being inadvertently downloaded to vulnerable Web users.

    This issue may be related to BID 3597.

    21. Microsoft Windows WINS Arbitrary Association Delete Unspecif...
    BugTraq ID: 11769
    Remote: Yes
    Date Published: Nov 26 2004
    Relevant URL: http://www.securityfocus.com/bid/11769
    Summary:
    Microsoft Windows Internet Name Service (WINS) is reported prone to an unspecified buffer overflow vulnerability.

    This issue could potentially be exploited remotely by a WINS client to execute arbitrary code with SYSTEM level privileges on a target WINS server. The service may be exposed via TCP/UDP port 42 by default, but the vendor has stated that other attack vectors may exist for WINS-related vulnerabilities though none are known at this time.

    This BID may be related to the issue described in BID 11763 (Microsoft Windows WINS Replication Protocol Remote Memory Corruption Vulnerability), however this is not confirmed. Few details regarding this vulnerability are available at the time of writing; this BID will be updated as further details are released.

    III. MICROSOFT FOCUS LIST SUMMARY
    ---------------------------------
    1. A little nervous about service packs (Thread)
    Relevant URL:

    http://www.securityfocus.com/archive/88/382419

    2. Microsoft rights management server alternatives (Thread)
    Relevant URL:

    http://www.securityfocus.com/archive/88/382252

    3. SecurityFocus Microsoft Newsletter #216 (Thread)
    Relevant URL:

    http://www.securityfocus.com/archive/88/382078

    IV. NEW PRODUCTS FOR MICROSOFT PLATFORMS
    ----------------------------------------
    1. CoreGuard Core Security System
    By: Vormetric
    Platforms: AIX, Linux, Solaris, Windows 2000, Windows XP
    Relevant URL: http://www.vormetric.com/products/#overview
    Summary:

    CoreGuard System profile

    The CoreGuard System is the industry's first solution that enforces
    acceptable use policy for sensitive digital information assets and
    protects personal data privacy across an enterprise IT environment.
    CoreGuard's innovative architecture and completeness of technology
    provide a comprehensive, extensible solution that tightly integrates all
    the elements required to protect information across a widespread,
    heterogeneous enterprise network, while enforcing separation of duties
    between security and IT administration. At the same time, CoreGuard is
    transparent to users, applications and storage infrastructures for ease
    of deployment and system management.

    CoreGuard enables customers to:
    * Protect customer personal data privacy and digital information assets
    * Protect data at rest from unauthorized viewing by external attackers
    and unauthorized insiders
    * Enforce segregation of duties between IT administrators and security
    administration
    * Ensure host & application integrity * Block malicious code, including
    zero-day exploits

    2. KeyCaptor Keylogger
    By: Keylogger Software
    Platforms: MacOS, Windows 2000, Windows 95/98, Windows NT, Windows XP
    Relevant URL: http://www.keylogger-software.com/keylogger/keylogger.htm
    Summary:

    KeyCaptor is your solution for recording ALL keystrokes of ALL users on your computer! Now you have the power to record emails, websites, documents, chats, instant messages, usernames, passwords, and MUCH MORE!

    With our advanced stealth technology, KeyCaptor will not show in your processes list and cannot be stopped from running unless you say so!

    3. SpyBuster
    By: Remove Spyware
    Platforms: Windows 2000, Windows 95/98, Windows NT, Windows XP
    Relevant URL: http://www.remove-spyware.com/spybuster.htm
    Summary:

    Our award winning spyware / adware scanner and removal software, SpyBuster will scan your computer for over 4,000 known spyware and adware applications. SpyBuster protects your computer from data stealing programs that can expose your personal information.

    SpyBuster scanning technology allows for a quick and easy sweep, so you can resume your work in minutes.

    4. FreezeX
    By: Faronics Technologies USA Inc
    Platforms: Windows 2000, Windows 95/98, Windows XP
    Relevant URL: http://www.faronics.com/html/Freezex.asp
    Summary:

    FreezeX prevents all unauthorized programs, including viruses, keyloggers and spy ware from executing. Powerful and secure, FreezeX ensures that any new executable, program, or application that is downloaded, introduced via removable media or the network will never install

    5. NeoExec for Active Directory
    By: NeoValens
    Platforms: Windows 2000, Windows XP
    Relevant URL: http://www.neovalens.com
    Summary:

    NeoExec® is an operating system extension for Windows 2000/XP that allows the setting of privileges at the application level rather than at the user level.

    NeoExec® is the ideal solution for applications that require elevated privileges to run as the privileges are granted to the application, not the user.

    NeoExec® is the only solution on the market capable of modifying at runtime the processes' security context -- without requiring a second account as with RunAs and RunAs-derived products.

    6. Secrets Protector v2.03
    By: E-CRONIS
    Platforms: Windows 2000, Windows XP
    Relevant URL: http://www.e-cronis.com/download/sp.exe
    Summary:

    It's the end of your worries about top-secret data of your company, your confidential files or the pictures from the last party. All these will be hidden beyond the reach of ANY intruder and you will be the only one able to handle them. And what you want to delete will be DELETED. It is the ultimate security tool to protect your sensitive information on PC, meeting the three most important security issues: Integrity, Confidentiality and Availability. This product gives you the features of a "folder locker" and a "secure eraser".

    Your secret information is available only trough this software and there is no other mean to access it. The information is protected at file system level and it cannot be accidentally deleted or overwritten neither in Safe mode nor in other operating system. This program doesn't make your operating system unstable as other related product do and protects your information from being seen, altered or deleted by an unauthorized user with or without his wish. The program allows you to permanently erase your sensitive data using secure wiping methods leaving no trace of your information. Depending on the selected wiping method your data is unrecoverable using software or even hardware recovery techniques.

    V. NEW TOOLS FOR MICROSOFT PLATFORMS
    ------------------------------------
    1. Dekart Private Disk 2.03
    By: Dekart
    Relevant URL: http://www.private-disk.net/
    Platforms: Windows XP
    Summary:

    Private Disk - is an easy-to-use, reliable, user-friendly and smart program that lets you create encrypted disk partitions (drive letters) to keep your private and confidential data secure. Uses 256-bit AES encryption.

    2. Remote Process Watcher 1.0
    By: Fitsec Tmi
    Relevant URL: http://www.fitsec.com/downloads
    Platforms: Windows 2000, Windows NT, Windows XP
    Summary:

    A Java based software that watches processes running on the computers inside a domain. Gives out warnings when it spots a process that it doesn't recognize or processes that have been marked on the warning list. It is also able to autokill processes marked as critical.

    3. Rkdscan 1.0
    By: Andres Tarasco - www.sia.es
    Relevant URL: http://cyruxnet.org/download/rkdscan.rar
    Platforms: Windows 2000
    Summary:

    Rkdscan is able to remotely detect if NT based Computers are compromised With "Hacker Defender" Rootkit

    4. Spybot-S&D 1.3
    By: Patrick M. Kolla
    Relevant URL: http://www.spybot.info/en/index.html
    Platforms: Windows XP
    Summary:

    Spybot - Search & Destroy can detect and remove spyware of different kinds
    from your computer. Spyware is a relatively new kind of threat that
    common anti-virus applications do not yet cover. If you see new toolbars in
    your Internet Explorer that you didn't intentionally install, if your browser
    crashes, or if you browser start page has changed without your knowing, you
    most probably have spyware. But even if you don't see anything, you may be
    infected.

    5. lock 2.0
    By: Uri Fridman
    Relevant URL: http://www.geocities.com/urifrid/lock-2.0-src.zip
    Platforms: Windows 2000
    Summary:

    Lock is a command line tool to lock the
    workstation, options include:
    - lock the workstation
    - lock workstation and run default
    screensaver
    - minimize all open windows and lock the
    workstation
    - send the system to sleep (standby)

    open source, free and small.

    6. WapgGui 1.0
    By: William D. Bartholomew
    Relevant URL: http://www.bartholomew.id.au/Default.aspx?tabid=32
    Platforms: Windows 2000, Windows XP
    Summary:

    A free, open-source, user-friendly interface to run the WAPG password generator. Supports generation of random and pronounceable passwords, specifying minimum and maximum length, specifying what character classes should or must be used, and much more.

    VI. UNSUBSCRIBE INSTRUCTIONS
    ----------------------------
    To unsubscribe send an e-mail message to ms-secnews-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

    If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.

    VII. SPONSOR INFORMATION
    -----------------------

    Need to know what's happening on YOUR network? Symantec DeepSight Analyzer
    is a free service that gives you the ability to track and manage attacks.
    Analyzer automatically correlates attacks from various Firewall and network
    based Intrusion Detection Systems, giving you a comprehensive view of your
    computer or general network. Sign up today!

    http://www.securityfocus.com/sponsor/Symantec_sf-news_041130

    ------------------------------------------------------------------------

    ---------------------------------------------------------------------------
    ---------------------------------------------------------------------------


  • Next message: Michael van Zwieten: "XP SP2 & GPO controlled firewall gets activated for unknown reasons..."

    Relevant Pages

    • SecurityFocus Microsoft Newsletter #131
      ... MICROSOFT VULNERABILITY SUMMARY ... Advanced Poll Remote Information Disclosure Vulnerability ... PHPNuke News Module Article.PHP SQL Injection Vulnerability ...
      (Focus-Microsoft)
    • SecurityFocus Microsoft Newsletter #211
      ... MICROSOFT VULNERABILITY SUMMARY ... Microsoft Windows Kernel Local Denial of Service Vulnerabili... ... OCPortal Content Management System Remote File Include Vulne... ...
      (Focus-Microsoft)
    • SecurityFocus Microsoft Newsletter #229
      ... Windows NTFS Alternate Data Streams ... MICROSOFT VULNERABILITY SUMMARY ... VBulletin Forumdisplay.PHP Remote Command Execution Vulnerab... ... AWStats Debug Remote Information Disclosure Vulnerability ...
      (Focus-Microsoft)
    • SecurityFocus Microsoft Newsletter #237
      ... MICROSOFT VULNERABILITY SUMMARY ... JPortal Banner.PHP SQL Injection Vulnerability ... Microsoft Windows Kernel Object Management Denial Of Service... ... Microsoft Windows Message Queuing Remote Buffer Overflow Vul... ...
      (Focus-Microsoft)
    • SecurityFocus Microsoft Newsletter #231
      ... Stormy Studios KNet Remote Buffer Overflow Vulnerability ... Mozilla Firefox Address Bar Image Dragging Remote Script Exe... ... Relevant URL: http://www.securityfocus.com/bid/12669 ... This vulnerability is reported to exist in RealNetworks products for Microsoft Windows, Linux, and Apple Mac platforms. ...
      (Focus-Microsoft)