SecurityFocus Microsoft Newsletter #221

From: Marc Fossi (mfossi_at_securityfocus.com)
Date: 12/28/04


Date: Tue, 28 Dec 2004 14:06:37 -0700 (MST)
To: Focus-MS <focus-ms@securityfocus.com>

SecurityFocus Microsoft Newsletter #221
----------------------------------------

Need to know what's happening on YOUR network? Symantec DeepSight Analyzer
is a free service that gives you the ability to track and manage attacks.
Analyzer automatically correlates attacks from various Firewall and network
based Intrusion Detection Systems, giving you a comprehensive view of your
computer or general network. Sign up today!

http://www.securityfocus.com/sponsor/Symantec_sf-news_041130

------------------------------------------------------------------------
I. FRONT AND CENTER
     1. Spam Punishment Doesn't Fit the Crime
II. MICROSOFT VULNERABILITY SUMMARY
     1. Windows Media Player ActiveX Control Media File Attribute Co...
     2. Windows Media Player ActiveX Control File Enumeration Weakne...
     3. Crystal Art Crystal FTP Remote Client-Side Buffer Overflow V...
     4. ArGoSoft Mail Server HTML Injection Vulnerability
     5. PHP Shared Memory Module Offset Memory Corruption Vulnerabil...
     6. Google Desktop Search Remote Information Disclosure Vulnerab...
     7. Microsoft Windows XP Firewall ACL Bypass Vulnerability
     8. MIT Kerberos 5 Administration Library Add_To_History Heap-Ba...
     9. Webroot Software My Firewall Plus Local Privilege Escalation...
     10. Webroot Software Spy Sweeper Enterprise Local Privilege Esca...
     11. libTIFF Heap Corruption Integer Overflow Vulnerabilities
     12. MPlayer And Xine PNM_Get_Chunk Multiple Remote Client-Side B...
     13. Sybase Adaptive Server Enterprise Multiple Unspecified Vulne...
     14. Snort DecodeTCPOptions Remote Denial Of Service Vulnerabilit...
     15. NetWin SurgeMail Webmail Unspecified Vulnerability
     16. Microsoft Windows winhlp32 Phrase Integer Overflow Vulnerabi...
     17. Microsoft Windows winhlp32 Phrase Heap Overflow Vulnerabilit...
     18. Microsoft Windows ANI File Denial of Service Attack
     19. Microsoft Windows LoadImage API Function Integer Overflow Vu...
     20. Nullsoft SHOUTcast File Request Format String Vulnerability
III. MICROSOFT FOCUS LIST SUMMARY
     1. services running in windows domain (winXP clients) (Thread)
     2. Microsoft Vulnerabilities ARE being reported to Micr... (Thread)
     3. port 411 remote MT protocol? (Thread)
     4. Secondary Storage Device Policy (Thread)
     5. KB824145 with SUS (Thread)
     6. port 411 remote MT protocol? (Solved) (Thread)
     7. Modifying default behaviour of MS VPN client (Thread)
IV. NEW PRODUCTS FOR MICROSOFT PLATFORMS
     1. CoreGuard Core Security System
     2. KeyCaptor Keylogger
     3. SpyBuster
     4. FreezeX
     5. NeoExec for Active Directory
     6. Secrets Protector v2.03
V. NEW TOOLS FOR MICROSOFT PLATFORMS
     1. Interface Traffic Indicator 1.2.3
     2. Colasoft Capsa 4.05
     3. Attack Tool Kit (ATK) 3.0
     4. IDS Policy Manager v1.5
     5. PatchLink Update 6.01.78
     6. Dekart Private Disk 2.03
VI. UNSUBSCRIBE INSTRUCTIONS
VII. SPONSOR INFORMATION

I. FRONT AND CENTER
-------------------
1. Spam Punishment Doesn't Fit the Crime
By Mark Rasch

When spammers are treated more harshly than those who commit war crimes in
Rwanda, and are fined more than companies that destroy the environment,
it's time to revisit our strategy.

http://www.securityfocus.com/columnists/287

II. MICROSOFT VULNERABILITY SUMMARY
-----------------------------------
1. Windows Media Player ActiveX Control Media File Attribute Co...
BugTraq ID: 12031
Remote: Yes
Date Published: Dec 18 2004
Relevant URL: http://www.securityfocus.com/bid/12031
Summary:
The Windows Media Player ActiveX control is prone to a security weakness. The issue is that the control may be abused by a Web page to change attributes of media files (such as MP3). An attacker can influence attributes such as the artist, song name, or album name.

It is possible to exploit this weakness to inject malicious script code into these attributes. If this issue was combined with a vulnerability that could force Internet Explorer to interpret the injected script code, it may be possible to execute malicious script code in the Local Zone. Such an attack would lead to execution of arbitrary code on computers that do not have this Zone locked down.

This issue is reported to affect Windows Media Player 9. It reportedly does not work on computers running Windows XP SP2 when the attack is executed from a remote source. This is likely due to additional browser security measures in Windows XP SP2.

2. Windows Media Player ActiveX Control File Enumeration Weakne...
BugTraq ID: 12032
Remote: Yes
Date Published: Dec 18 2004
Relevant URL: http://www.securityfocus.com/bid/12032
Summary:
The Windows Media Player ActiveX control is prone to a security weakness that may allow a malicious Web page to enumerate files that exist on the client computer.

This could aid in further attacks.

This issue is reported to affect Windows Media Player 9. It reportedly does not work on computers running Windows XP SP2 when the attack is executed from a remote source. This is likely due to additional browser security measures in Windows XP SP2.

3. Crystal Art Crystal FTP Remote Client-Side Buffer Overflow V...
BugTraq ID: 12038
Remote: Yes
Date Published: Dec 20 2004
Relevant URL: http://www.securityfocus.com/bid/12038
Summary:
A remote, client-side buffer overflow vulnerability reportedly affects Crystal Art Crystal FTP. This issue is due to a failure of the application to properly validate the length of user-supplied strings prior to copying them into static process buffers.

An attacker may exploit this issue to execute arbitrary code with the privileges of the user that activated the vulnerable application. This may facilitate unauthorized access or privilege escalation.

4. ArGoSoft Mail Server HTML Injection Vulnerability
BugTraq ID: 12044
Remote: Yes
Date Published: Dec 17 2004
Relevant URL: http://www.securityfocus.com/bid/12044
Summary:
ArGoSoft Mail Server is reported prone to an HTML injection vulnerability. This issue presents itself due to insufficient sanitization of user-supplied data.

A remote attacker could potentially exploit this condition to steal cookie-based authentication credentials from a legitimate user of the Web mail system.

ArGoSoft Mail Server 1.8.6.9 and prior versions are affected by this issue.

5. PHP Shared Memory Module Offset Memory Corruption Vulnerabil...
BugTraq ID: 12045
Remote: No
Date Published: Dec 20 2004
Relevant URL: http://www.securityfocus.com/bid/12045
Summary:
PHP shared memory module (shmop) is reported prone to an integer handling vulnerability. The issue exists in the PHP_FUNCTION(shmop_write) function and is as a result of a lack of sufficient sanitization performed on 'offset' data.

This vulnerability may be exploited to make an almost arbitrary write into process memory. It is reported that the vulnerability may be leveraged to disable PHP 'safe mode', this may result in further compromise in a shared-server environment.

6. Google Desktop Search Remote Information Disclosure Vulnerab...
BugTraq ID: 12052
Remote: Yes
Date Published: Dec 20 2004
Relevant URL: http://www.securityfocus.com/bid/12052
Summary:
Google Desktop Search is reported prone to a remote vulnerability that may allow an attacker to disclose a user's search results from the local computer.

The attacker entices a user to visit the site and creates a Java applet to leverage this vulnerability. When the Java applet is loaded by the user, it can send queries to the attacker's server that appear to be Google queries to the Desktop Search application.

The Desktop Search application integrates local search results with the queries and this information is sent to the remote server controlled by the attacker.

7. Microsoft Windows XP Firewall ACL Bypass Vulnerability
BugTraq ID: 12057
Remote: Yes
Date Published: Dec 20 2004
Relevant URL: http://www.securityfocus.com/bid/12057
Summary:
Microsoft Windows XP Firewall is reported prone to an ACL bypass vulnerability. Reports indicate that the vulnerability presents itself when the Windows XP Firewall is configured to block access to Microsoft File and Printer Sharing on a dial-up interface.

This vulnerability may leave a computer user that is connected to the Internet using a dial-up connection under a false sense of security. The user may believe that the firewall is protecting them from malicious attacks and as a result may employ lax user credentials or share confidential data openly.

8. MIT Kerberos 5 Administration Library Add_To_History Heap-Ba...
BugTraq ID: 12059
Remote: No
Date Published: Dec 20 2004
Relevant URL: http://www.securityfocus.com/bid/12059
Summary:
It is reported that the MIT Kerberos 5 administration library is affected by a heap-based buffer overflow vulnerability. The vulnerability presents itself in the 'add_to_history()' function of the 'svr_principal.c' source file. The vulnerability exists due to an indexing error that occurs under certain circumstances.

An authenticated attacker may potentially exploit this vulnerability on a Key Distribution Center (KDC) to execute arbitrary code in the context of the vulnerable service, ultimately resulting in the compromise of an entire Kerberos realm.

9. Webroot Software My Firewall Plus Local Privilege Escalation...
BugTraq ID: 12064
Remote: No
Date Published: Dec 21 2004
Relevant URL: http://www.securityfocus.com/bid/12064
Summary:
My Firewall Plus is reported prone to a local privilege escalation vulnerability. This vulnerability arises due to a design error causing the software to launch a help application with SYSTEM privileges.

My Firewall Plus 5.0 is reported vulnerable to this issue, however, it is possible that other versions are affected as well.

10. Webroot Software Spy Sweeper Enterprise Local Privilege Esca...
BugTraq ID: 12065
Remote: No
Date Published: Dec 21 2004
Relevant URL: http://www.securityfocus.com/bid/12065
Summary:
Spy Sweeper Enterprise is reported prone to a local privilege escalation vulnerability. This vulnerability arises due to a design error causing the software to launch a help application with SYSTEM privileges.

Spy Sweeper Enterprise 1.5.1 is reported vulnerable to this issue, however, it is possible that other versions are affected as well.

11. libTIFF Heap Corruption Integer Overflow Vulnerabilities
BugTraq ID: 12075
Remote: Yes
Date Published: Dec 21 2004
Relevant URL: http://www.securityfocus.com/bid/12075
Summary:
It has been reported that libtiff is affected by two heap corruption vulnerabilities due to integer overflow errors that can be triggered when malicious or malformed image files are processed. Theoretically, an attacker can exploit the vulnerabilities to execute arbitrary code in the context of an application linked to the library, when TIFF image data is processed (i.e. displayed). Because image data is frequently external in origin, these vulnerabilities are considered remotely exploitable.

12. MPlayer And Xine PNM_Get_Chunk Multiple Remote Client-Side B...
BugTraq ID: 12076
Remote: Yes
Date Published: Dec 21 2004
Relevant URL: http://www.securityfocus.com/bid/12076
Summary:
Multiple buffer overflow vulnerabilities are reported to exist in the xine and MPlayer utilities. The following issues are reported:

Several buffer overflow vulnerabilities are reported to exist in the 'pnm_get_chunk()' function.

Reports indicate that the vulnerabilities present themselves in the RMF_TAG, DATA_TAG, PROP_TAG, MDPR_TAG and CONT_TAG handling code of 'pnm_get_chunk()'.

A remote attacker may potentially leverage this memory corruption to execute arbitrary code in the context of a user that uses the vulnerable utility to connect to a malicious PNM server.

An additional buffer overflow vulnerability is reported to exist in the PNA_TAG handling code of the 'pnm_get_chunk()' function.

It is reported that supplied PNA_TAG data is copied into a finite buffer without sufficient boundary checks. This results in memory corruption. A remote attacker may potentially leverage this memory corruption to execute arbitrary code in the context of a user that uses the vulnerable utility to connect to a malicious PNM server.

13. Sybase Adaptive Server Enterprise Multiple Unspecified Vulne...
BugTraq ID: 12080
Remote: Yes
Date Published: Dec 22 2004
Relevant URL: http://www.securityfocus.com/bid/12080
Summary:
Sybase Adaptive Server Enterprise is reported prone to multiple unspecified vulnerabilities. The cause and impact of these issues are currently unknown. It is conjectured that these issues may facilitate local and remote attack vectors. The researchers responsible for discovering these vulnerabilities have considered these issues as having a high-risk security impact. Specific details about these issues will not be released until March 2005.

Sybase Adaptive Server Enterprise versions 12.5.2 and prior are reported vulnerable to these issues.

This BID will be updated and specific BIDs for individual issues will be created when more information becomes available.

14. Snort DecodeTCPOptions Remote Denial Of Service Vulnerabilit...
BugTraq ID: 12084
Remote: Yes
Date Published: Dec 22 2004
Relevant URL: http://www.securityfocus.com/bid/12084
Summary:
Snort is reported prone to a remote denial of service vulnerability. The vulnerability is reported to exist in the DecodeTCPOptions() function of 'decode.c', and is as a result of a failure to sufficiently handle malicious TCP packets.

A remote attacker may trigger this vulnerability to crash a remote Snort server and in doing so may prevent subsequent malicious attacks from being detected.

15. NetWin SurgeMail Webmail Unspecified Vulnerability
BugTraq ID: 12086
Remote: Yes
Date Published: Dec 23 2004
Relevant URL: http://www.securityfocus.com/bid/12086
Summary:
SurgeMail is reported prone to an unspecified vulnerability. This issue affects the Webmail functionality of the SurgeMail server. Further details were not released in the report by the vendor. It is conjectured that due to the nature of this application, this vulnerability may result from an input validation error. Although unconfirmed, this issue is considered to be remotely exploitable.

SurgeMail releases prior to 2.2c9 are affected by this vulnerability.

Due to a lack of details, further information is not available at the moment. This BID will be updated when more information becomes available.

16. Microsoft Windows winhlp32 Phrase Integer Overflow Vulnerabi...
BugTraq ID: 12091
Remote: Yes
Date Published: Dec 23 2004
Relevant URL: http://www.securityfocus.com/bid/12091
Summary:
Microsoft Windows is prone to an integer overflow vulnerability. This issue exists in 'winhlp32.exe' and is exposed when a malformed phrase compressed Windows Help file (.hlp) is processed by the program.

Successful exploitation may allow execution of arbitrary code in the context of the user that opens the malicious Help file. The Help file may originate from an external or untrusted source, so this vulnerability is considered remote in nature.

17. Microsoft Windows winhlp32 Phrase Heap Overflow Vulnerabilit...
BugTraq ID: 12092
Remote: Yes
Date Published: Dec 23 2004
Relevant URL: http://www.securityfocus.com/bid/12092
Summary:
Microsoft Windows is prone to a heap-based buffer overflow vulnerability. This issue exists in 'winhlp32.exe' and is exposed when a malformed phrase compressed Windows Help file (.hlp) is processed by the program.

Successful exploitation may allow execution of arbitrary code in the context of the user that opens the malicious Help file. The Help file may originate from an external or untrusted source, so this vulnerability is considered remote in nature.

18. Microsoft Windows ANI File Denial of Service Attack
BugTraq ID: 12094
Remote: Yes
Date Published: Dec 23 2004
Relevant URL: http://www.securityfocus.com/bid/12094
Summary:
It is reportd that Microsoft Windows is prone to a denial of service condition when processing specially formed ANI files. The Microsoft Windows kernel does not perform proper sanitization on the frame or rate number set in the ANI file header, which may result in a system crash.

19. Microsoft Windows LoadImage API Function Integer Overflow Vu...
BugTraq ID: 12095
Remote: Yes
Date Published: Dec 20 2004
Relevant URL: http://www.securityfocus.com/bid/12095
Summary:
Microsoft Windows is reported prone to a remote integer overflow vulnerability. This issue is due to a failure of the application to properly ensure that user-supplied input does not result in the overflowing of integer values. This may result in data being copied past the end of a memory buffer.

It is reported that this issue exists in the 'LoadImage' function of the USER32 library. An attacker can exploit this condition by sending a malformed file to a user. If the user opens this file, the integer overflow condition may be triggered. A successful attack would occur in the context of the vulnerable user and may lead to the attacker gaining unauthorized access to an affected computer.

20. Nullsoft SHOUTcast File Request Format String Vulnerability
BugTraq ID: 12096
Remote: Yes
Date Published: Dec 23 2004
Relevant URL: http://www.securityfocus.com/bid/12096
Summary:
Nullsoft SHOUTcast is prone to a remotely exploitable format string vulnerability. The vulnerability is exposed when the server attempts to handle a client request for a file.

Successful exploitation may allow execution of arbitrary code in the context of the server process. This could also be exploited to crash the server and, possibly, to read process memory (which could increase reliability of an exploit).

This issue was reported to exist in version 1.9.4 on Linux. It is likely that versions for other platforms are also affected by the vulnerability, though it is not known to what degree they are exploitable. Earlier versions of the software are also likely affected.

III. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. services running in windows domain (winXP clients) (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/385546

2. Microsoft Vulnerabilities ARE being reported to Micr... (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/385368

3. port 411 remote MT protocol? (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/385242

4. Secondary Storage Device Policy (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/385225

5. KB824145 with SUS (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/385101

6. port 411 remote MT protocol? (Solved) (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/385099

7. Modifying default behaviour of MS VPN client (Thread)
Relevant URL:

http://www.securityfocus.com/archive/88/385070

IV. NEW PRODUCTS FOR MICROSOFT PLATFORMS
----------------------------------------
1. CoreGuard Core Security System
By: Vormetric
Platforms: AIX, Linux, Solaris, Windows 2000, Windows XP
Relevant URL: http://www.vormetric.com/products/#overview
Summary:

CoreGuard System profile

The CoreGuard System is the industry's first solution that enforces
acceptable use policy for sensitive digital information assets and
protects personal data privacy across an enterprise IT environment.
CoreGuard's innovative architecture and completeness of technology
provide a comprehensive, extensible solution that tightly integrates all
the elements required to protect information across a widespread,
heterogeneous enterprise network, while enforcing separation of duties
between security and IT administration. At the same time, CoreGuard is
transparent to users, applications and storage infrastructures for ease
of deployment and system management.

CoreGuard enables customers to:
* Protect customer personal data privacy and digital information assets
* Protect data at rest from unauthorized viewing by external attackers
and unauthorized insiders
* Enforce segregation of duties between IT administrators and security
administration
* Ensure host & application integrity * Block malicious code, including
zero-day exploits

2. KeyCaptor Keylogger
By: Keylogger Software
Platforms: MacOS, Windows 2000, Windows 95/98, Windows NT, Windows XP
Relevant URL: http://www.keylogger-software.com/keylogger/keylogger.htm
Summary:

KeyCaptor is your solution for recording ALL keystrokes of ALL users on your computer! Now you have the power to record emails, websites, documents, chats, instant messages, usernames, passwords, and MUCH MORE!

With our advanced stealth technology, KeyCaptor will not show in your processes list and cannot be stopped from running unless you say so!

3. SpyBuster
By: Remove Spyware
Platforms: Windows 2000, Windows 95/98, Windows NT, Windows XP
Relevant URL: http://www.remove-spyware.com/spybuster.htm
Summary:

Our award winning spyware / adware scanner and removal software, SpyBuster will scan your computer for over 4,000 known spyware and adware applications. SpyBuster protects your computer from data stealing programs that can expose your personal information.

SpyBuster scanning technology allows for a quick and easy sweep, so you can resume your work in minutes.

4. FreezeX
By: Faronics Technologies USA Inc
Platforms: Windows 2000, Windows 95/98, Windows XP
Relevant URL: http://www.faronics.com/html/Freezex.asp
Summary:

FreezeX prevents all unauthorized programs, including viruses, keyloggers and spy ware from executing. Powerful and secure, FreezeX ensures that any new executable, program, or application that is downloaded, introduced via removable media or the network will never install

5. NeoExec for Active Directory
By: NeoValens
Platforms: Windows 2000, Windows XP
Relevant URL: http://www.neovalens.com
Summary:

NeoExec® is an operating system extension for Windows 2000/XP that allows the setting of privileges at the application level rather than at the user level.

NeoExec® is the ideal solution for applications that require elevated privileges to run as the privileges are granted to the application, not the user.

NeoExec® is the only solution on the market capable of modifying at runtime the processes' security context -- without requiring a second account as with RunAs and RunAs-derived products.

6. Secrets Protector v2.03
By: E-CRONIS
Platforms: Windows 2000, Windows XP
Relevant URL: http://www.e-cronis.com/download/sp.exe
Summary:

It's the end of your worries about top-secret data of your company, your confidential files or the pictures from the last party. All these will be hidden beyond the reach of ANY intruder and you will be the only one able to handle them. And what you want to delete will be DELETED. It is the ultimate security tool to protect your sensitive information on PC, meeting the three most important security issues: Integrity, Confidentiality and Availability. This product gives you the features of a "folder locker" and a "secure eraser".

Your secret information is available only trough this software and there is no other mean to access it. The information is protected at file system level and it cannot be accidentally deleted or overwritten neither in Safe mode nor in other operating system. This program doesn't make your operating system unstable as other related product do and protects your information from being seen, altered or deleted by an unauthorized user with or without his wish. The program allows you to permanently erase your sensitive data using secure wiping methods leaving no trace of your information. Depending on the selected wiping method your data is unrecoverable using software or even hardware recovery techniques.

V. NEW TOOLS FOR MICROSOFT PLATFORMS
------------------------------------
1. Interface Traffic Indicator 1.2.3
By: Carsten Schmidt
Relevant URL: http://software.ccschmidt.de/#inftraffic
Platforms: Windows 2000, Windows NT, Windows XP
Summary:

Interface Traffic Indicator, a graph utility to measure incoming and outgoing traffic on an interface in bits/sec, bytes/sec or utilization. Works on all SNMP-capable devices (computers, NICs, switches, routers, etc.) with adjustable poll intervall down to three seconds. You can use this programm in a professional network environment to monitor selected network interfaces (even backplane ports if the device provides the information) or you can monitor your home network or

2. Colasoft Capsa 4.05
By: Roy Luo
Relevant URL: http://www.colasoft.com/
Platforms: Windows 2000, Windows 95/98, Windows XP
Summary:

Capsa is a powerful but easy to use network monitor and analyzer designed for packet decoding and network diagnosis. With the abilities of real time monitoring and data analyzing, you can capture and decode network traffic transmitted over local host and local network. Capsa has Packet Analysis Module and three advanced analysis modules: Email Analysis Module, Web Analysis Module and Transaction Analysis Module.

3. Attack Tool Kit (ATK) 3.0
By: Marc Ruef
Relevant URL: http://www.computec.ch/projekte/atk/
Platforms: Windows 2000, Windows 95/98, Windows NT, Windows XP
Summary:

The Attack Tool Kit (ATK) is an open-source utility to realize penetration tests and enhance security audits. The most important changes in ATK 3.0 are the introduction of a dedicated exploiting routine and the Plugin AutoUpdate (over HTTP).

4. IDS Policy Manager v1.5
By: ActiveWorx
Relevant URL: http://www.activeworx.org
Platforms: Windows 2000, Windows NT, Windows XP
Summary:

IDS Policy Manager was designed to manage Snort IDS sensors in a distributed environment. This is done by having the ability to take the textconfiguration and rule files and allow you to modify them with an easy touse graphical interface. With the added ability to merge new rule sets,manage preprocessors, control output modules and scp rules to sensors, thistool makes managing snort easy for most security professionals.

5. PatchLink Update 6.01.78
By: PatchLink Corporation
Relevant URL: http://www.patchlink.com/products_services/plu_evaluationrequest.html
Platforms: AIX, DG-UX, Digital UNIX/Alpha, DOS, HP-UX, Java, Linux, MacOS, Net, NetBSD, Netware, OpenVMS, PalmOS, POSIX, SecureBSD, SINIX, Solaris, SunOS, True64 UN, True64 UNIX, Ultrix, UNICOS, UNIX, Unixware, Windows 2000, Windows 95/98, Windows CE, Windows NT, Windows XP
Summary:

With PATCHLINK UPDATE, patch management is the secure, proactive, and preventative process it should be. PATCHLINK UPDATE scans networks for security holes and closes them with the click of a mouse, no matter the operating system, the vendor applications, the mix, or the size of the environment. From 5K nodes to 20+K nodes, PATCHLINK UPDATE works quickly, accurately and safely to ensure desktops and servers are patched correctly and completely the first time around.

6. Dekart Private Disk 2.03
By: Dekart
Relevant URL: http://www.private-disk.net/
Platforms: Windows XP
Summary:

Private Disk - is an easy-to-use, reliable, user-friendly and smart program that lets you create encrypted disk partitions (drive letters) to keep your private and confidential data secure. Uses 256-bit AES encryption.

VI. UNSUBSCRIBE INSTRUCTIONS
----------------------------
To unsubscribe send an e-mail message to ms-secnews-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.

VII. SPONSOR INFORMATION
-----------------------

Need to know what's happening on YOUR network? Symantec DeepSight Analyzer
is a free service that gives you the ability to track and manage attacks.
Analyzer automatically correlates attacks from various Firewall and network
based Intrusion Detection Systems, giving you a comprehensive view of your
computer or general network. Sign up today!

http://www.securityfocus.com/sponsor/Symantec_sf-news_041130

------------------------------------------------------------------------

---------------------------------------------------------------------------
---------------------------------------------------------------------------



Relevant Pages

  • SecurityFocus Microsoft Newsletter #231
    ... Stormy Studios KNet Remote Buffer Overflow Vulnerability ... Mozilla Firefox Address Bar Image Dragging Remote Script Exe... ... Relevant URL: http://www.securityfocus.com/bid/12669 ... This vulnerability is reported to exist in RealNetworks products for Microsoft Windows, Linux, and Apple Mac platforms. ...
    (Focus-Microsoft)
  • SecurityFocus Microsoft Newsletter #207
    ... Samba Multiple ASN.1 and MailSlot Parsing Remote Denial Of S... ... Jigunet TwinFTP Server Directory Traversal Vulnerability ... IBM OEM Microsoft Windows XP And Windows XP SP1 Default Admi... ... Relevant URL: http://www.securityfocus.com/bid/11155 ...
    (Focus-Microsoft)
  • SecurityFocus Microsoft Newsletter #226
    ... Golden FTP Server Remote Buffer Overflow Vulnerability ... Redmond's plan to make you install Windows authentication software before ... Relevant URL: http://www.securityfocus.com/bid/12333 ...
    (Focus-Microsoft)
  • SecurityFocus Microsoft Newsletter #213
    ... Microsoft Internet Explorer Malformed IFRAME Remote Buffer O... ... GD Graphics Library Remote Integer Overflow Vulnerability ... Relevant URL: http://www.securityfocus.com/bid/11510 ... Internet Explorer version 6.0.2900.2180 running on Windows XP SP2 is reportedly not vulnerable to this issue. ...
    (Focus-Microsoft)
  • SecurityFocus Microsoft Newsletter #184
    ... MICROSOFT VULNERABILITY SUMMARY ... Macromedia Dreamweaver Remote User Database Access Vulnerabi... ... Relevant URL: http://www.securityfocus.com/bid/10033 ... The first issue is reported to affect the IRIX ftpd process when links between Microsoft Windows 2000 are made. ...
    (Focus-Microsoft)