SecurityFocus Microsoft Newsletter #227

From: Marc Fossi (mfossi_at_securityfocus.com)
Date: 02/09/05

  • Next message: Thor (Hammer of God): "Re: Password Protected Screen Saver and Administrative Password"
    Date: Wed, 9 Feb 2005 11:34:53 -0700 (MST)
    To: Focus-MS <focus-ms@securityfocus.com>
    
    

    SecurityFocus Microsoft Newsletter #227
    ----------------------------------------

    Need to know what's happening on YOUR network? Symantec DeepSight Analyzer
    is a free service that gives you the ability to track and manage attacks.
    Analyzer automatically correlates attacks from various Firewall and network
    based Intrusion Detection Systems, giving you a comprehensive view of your
    computer or general network. Sign up today!

    http://www.securityfocus.com/sponsor/Symantec_sf-news_041130

    ------------------------------------------------------------------------
    I. FRONT AND CENTER
         1. Penetration Testing IPsec VPNs
         2. Of Dog Sniffs and Packet Sniffs
    II. MICROSOFT VULNERABILITY SUMMARY
         1. CitrusDB Credit Card Data Remote Information Disclosure Vuln...
         2. JShop E-Commerce Suite Product.PHP Cross-Site Scripting Vuln...
         3. SmarterTools SmarterMail Cross-Site Scripting Vulnerability
         4. Multiple Mozilla/Firefox/Thunderbird Vulnerabilities
         5. RealNetworks RealPlayer Drag And Drop Zone Bypass Vulnerabil...
         6. Eternal Lines Web Server Remote Denial Of Service Vulnerabil...
         7. PostgreSQL Multiple Remote Vulnerabilities
         8. Ventia DeskNow Mail And Collaboration Server Multiple Remote...
         9. RARLAB WinRAR Directory Traversal Vulnerability
         10. People Can Fly Painkiller Gamespy CD-Key Hash Remote Buffer ...
         11. Microsoft Internet Explorer AddChannel Cross-Zone Scripting ...
         12. Savant Web Server Remote Buffer Overflow Vulnerability
         13. Qualcomm Eudora Multiple Unspecified Vulnerabilities
         14. Mambo Open Source Global Variables Unauthorized Access Vulne...
         15. SunShop Shopping Cart Cross-Site Scripting Vulnerability
         16. LANChat Pro Revival UDP Processing Remote Denial Of Service ...
         17. Microsoft Multiple Unspecified Security Vulnerabilities
    III. MICROSOFT FOCUS LIST SUMMARY
         1. active directory password policy (Thread)
         2. disclosure the administrative password (Thread)
         3. ISA Server/WWW Blacklist (Thread)
         4. SecurityFocus Microsoft Newsletter #226 (Thread)
         5. Wireless GPO (Thread)
         6. Preventing multiple logins in 2003 (Thread)
         7. Domain logon without network connection + group poli... (Thread)
    IV. NEW PRODUCTS FOR MICROSOFT PLATFORMS
         1. CoreGuard Core Security System
         2. KeyCaptor Keylogger
         3. SpyBuster
         4. FreezeX
         5. NeoExec for Active Directory
         6. Secrets Protector v2.03
    V. NEW TOOLS FOR MICROSOFT PLATFORMS
         1. Secure Hive 1.0.0.1
         2. SigupShield 3.0
         3. PE Explorer 1.96
         4. Network Equipment Performance Monitor 2.2
         5. Etherchange v1.0
         6. IPFront 1.0
    VI. UNSUBSCRIBE INSTRUCTIONS
    VII. SPONSOR INFORMATION

    I. FRONT AND CENTER
    -------------------
    1. Penetration Testing IPsec VPNs
    By Rohyt Belani and K.K. Mookhey
    This article discusses a methodology to assess the security posture of an
    organization's IPsec based VPN architecture.
    http://www.securityfocus.com/infocus/1821

    2. Of Dog Sniffs and Packet Sniffs
    By Mark Rasch
    Why a Supreme Court decision on canine-assisted roadside searches opens the
    door to a new regime of Internet surveillance.
    http://www.securityfocus.com/columnists/297

    II. MICROSOFT VULNERABILITY SUMMARY
    -----------------------------------
    1. CitrusDB Credit Card Data Remote Information Disclosure Vuln...
    BugTraq ID: 12402
    Remote: Yes
    Date Published: Jan 31 2005
    Relevant URL: http://www.securityfocus.com/bid/12402
    Summary:
    A remote information disclosure issue affects CitrusDB. This issue is due to a design problem that grants unauthorized users the ability to export sensitive data.

    An attacker may leverage this issue to gain access to sensitive information including credit card data.

    2. JShop E-Commerce Suite Product.PHP Cross-Site Scripting Vuln...
    BugTraq ID: 12403
    Remote: Yes
    Date Published: Jan 31 2005
    Relevant URL: http://www.securityfocus.com/bid/12403
    Summary:
    JShop E-Commerce Suite is affected by a cross-site scripting vulnerability in the 'product.php' script.

    As a result of this vulnerability, it is possible for a remote attacker to create a malicious link containing script code that will be executed in the browser of an unsuspecting user when followed. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.

    3. SmarterTools SmarterMail Cross-Site Scripting Vulnerability
    BugTraq ID: 12405
    Remote: Yes
    Date Published: Jan 31 2005
    Relevant URL: http://www.securityfocus.com/bid/12405
    Summary:
    SmarterTools SmarterMail is reportedly affected by a cross-site scripting vulnerability. This issue is due to the application failing to properly sanitize user-supplied input.

    The vendor has reportedly addressed this issue in SmarterMail 2.0.1837.

    Smartermail version 2.0.1733 is reportedly affected; earlier versions may also be vulnerable.

    4. Multiple Mozilla/Firefox/Thunderbird Vulnerabilities
    BugTraq ID: 12407
    Remote: Yes
    Date Published: Jan 31 2005
    Relevant URL: http://www.securityfocus.com/bid/12407
    Summary:
    Mozilla, Firefox, and Thunderbird applications are reported prone to multiple vulnerabilities. The following specific issues are reported:

    Mozilla and Firefox browsers are reported prone to an access control bypass vulnerability. Although unconfirmed it is conjectured that this vulnerability may be exploited to disclose information pertaining to a target filesystem, for example determining whether a file exists or not.

    This vulnerability is reported to affect Mozilla Firefox versions prior to version 1.0 and Mozilla Suite versions prior to version 1.7.5.

    Mozilla and Firefox browsers are reported prone to a status bar misrepresentation vulnerability. A remote attacker may exploit this vulnerability to aid in phishing style attacks; for example, the attacker may leverage this vulnerability to make a malicious site appear authentic.

    This vulnerability is reported to affect Mozilla Firefox versions prior to version 1.0 and Mozilla Suite versions prior to version 1.7.5.

    Mozilla and Firefox browsers are reported prone to another status bar misrepresentation vulnerability. Using JavaScript to automate the process a remote attacker may exploit this vulnerability to aid in phishing style attacks, for example, the attacker may leverage this vulnerability to make a malicious site appear authentic.

    This vulnerability is reported to affect Mozilla Firefox versions prior to version 1.0 and Mozilla Suite versions prior to version 1.7.5.

    Mozilla and Firefox browsers provide functionality (Alt-Click) to download files that are linked by URI's to the default download location without requiring a user prompt. Reports indicate that a malicious site may exploit this functionality to download a file to the default downloads location without user interaction.

    This vulnerability is reported to affect Mozilla Firefox versions prior to version 1.0.

    Mozilla and Firefox browsers are reported prone to a clipboard information disclosure vulnerability. A remote attacker may exploit this vulnerability to steal clipboard contents, this may reveal potentially sensitive information to a remote attacker.

    This vulnerability is reported to affect Mozilla Firefox versions prior to version 1.0 and Mozilla Suite versions prior to version 1.7.5.

    Mozilla and Firefox browsers are reported prone to an information disclosure vulnerability. A remote malicious server may invoke a request against a vulnerable browser and the browser will respond with proxy authentication credentials.

    This vulnerability is reported to affect Mozilla Firefox versions prior to version 1.0 and Mozilla Suite versions prior to version 1.7.5.

    It is reported that Mozilla Thunderbird erroneously responds to cookie requests that are contained in HTML based email. It is reported that this vulnerability may be exploited by a remote attacker to track emails to victim users.

    This vulnerability is reported to affect Thunderbird versions 0.6 to 0.9 and Mozilla Suite 1.7 to 1.7.3.

    Mozilla Firefox is reported prone to a local code execution vulnerability. The vulnerability exists in Livefeed bookmark functionality. It is reported that if for example 'about:config' was displayed when the Livefeed is updated then arbitrary code execution may occur on the affected computer.

    This vulnerability is reported to affect Mozilla Firefox versions prior to version 1.0.

    It is reported that Mozilla Thunderbird does not correctly handle 'javascript:' URI links. The affected application employs the default handler for 'javascript:' URIs that is registered on the host operating system. This is incorrect behavior and may result in exposure to latent vulnerabilities due to a false sense of security.

    This vulnerability is reported to affect Mozilla Thunderbird versions prior to version 0.9.

    This BID will be separated into individual BIDs as soon as further research into each of the vulnerabilities is completed.

    5. RealNetworks RealPlayer Drag And Drop Zone Bypass Vulnerabil...
    BugTraq ID: 12410
    Remote: Yes
    Date Published: Feb 01 2005
    Relevant URL: http://www.securityfocus.com/bid/12410
    Summary:
    RealNetworks RealPlayer is reported susceptible to a security zone bypass vulnerability. This issue is due to a failure of the application to properly enforce security zones, potentially allowing remote attackers to execute HTML or script code in the Local Zone of affected client computers.

    The embedded Internet Explorer engine in RealPlayer reportedly loads attacker-supplied files in the Local Zone, allowing attackers to execute malicious HTML and script code with potentially elevated privileges. This issue may be a variant, or be related to BIDs 10973, or 11466.

    It is unclear at this time if a further vulnerability has been discovered by this disclosure. This BID will be updated as further analysis is completed.

    6. Eternal Lines Web Server Remote Denial Of Service Vulnerabil...
    BugTraq ID: 12416
    Remote: Yes
    Date Published: Feb 01 2005
    Relevant URL: http://www.securityfocus.com/bid/12416
    Summary:
    Eternal Lines Web Server is reported prone to a remote denial of service vulnerability. It is reported that the issue presents itself when the web service handles 70 or more simultaneous connections from a remote host.

    A remote attacker may exploit this vulnerability to deny service to legitimate users.

    7. PostgreSQL Multiple Remote Vulnerabilities
    BugTraq ID: 12417
    Remote: Yes
    Date Published: Feb 01 2005
    Relevant URL: http://www.securityfocus.com/bid/12417
    Summary:
    Multiple remote vulnerabilities affect PostgreSQL. These issues are due to design errors, buffer mismanagement errors, and issues that are currently unspecified.

    The first issue is a failure of the application to ensure function permissions are enforced. The second issue is a buffer overflow triggered when cursor declaration occurs. The final vulnerability is an unspecified security issue that exists in 'contrib/intagg'. The information currently available is not sufficient to provide a more in-depth technical description. This BID will be updated with the release of further details.

    An attacker may leverage these issues to execute arbitrary code with the privileges of the vulnerable database process and to execute functions without requiring permission. Other attacks are also possible.

    8. Ventia DeskNow Mail And Collaboration Server Multiple Remote...
    BugTraq ID: 12421
    Remote: Yes
    Date Published: Feb 02 2005
    Relevant URL: http://www.securityfocus.com/bid/12421
    Summary:
    Multiple remote directory traversal vulnerabilities affect Ventia DeskNow Mail And Collaboration Server. These issues are due to a failure of the application to sanitize user-supplied input prior to using it to write and erase files.

    The first issue affects the email attachment file upload functionality. The second issue surrounds the file delete functionality of the document repository feature.

    An attacker may leverage this issue to delete and create arbitrary files on an affected computer. This may lead to code execution with the privileges of the affected server process as well as system wide denial of service attacks.

    9. RARLAB WinRAR Directory Traversal Vulnerability
    BugTraq ID: 12422
    Remote: Yes
    Date Published: Feb 02 2005
    Relevant URL: http://www.securityfocus.com/bid/12422
    Summary:
    WinRAR is prone to a vulnerability that may allow an attacker to create files in arbitrary locations on a vulnerable computer.

    This issue arises when a user right clicks on a file and attempts to decompress it.

    WinRAR 3.42 and prior versions are reported vulnerable to this issue.

    10. People Can Fly Painkiller Gamespy CD-Key Hash Remote Buffer ...
    BugTraq ID: 12423
    Remote: Yes
    Date Published: Feb 02 2005
    Relevant URL: http://www.securityfocus.com/bid/12423
    Summary:
    Painkiller is reported prone to a remote buffer overflow vulnerability. This issue presents itself due to insufficient boundary checks performed by the application during server-side authorization of a Gamespy cd-key hash.

    Painkiller versions 1.35 and prior are reported vulnerable to this issue.

    11. Microsoft Internet Explorer AddChannel Cross-Zone Scripting ...
    BugTraq ID: 12427
    Remote: Yes
    Date Published: Feb 02 2005
    Relevant URL: http://www.securityfocus.com/bid/12427
    Summary:
    A vulnerability has been reported in Microsoft Internet Explorer that could enable unauthorized access by malicious scripts and Active Content to document properties across different Security Zones and foreign domains.

    This issue is exposed when a remote site uses the 'AddChannel' method to add a channel.

    Exploitation of this issue could allow various attacks, such as cookie-theft from an arbitrary domain. Other issues may also facilitate execution of arbitrary code on a vulnerable client system by causing malicious content to be stored on the victim system and then referenced.

    12. Savant Web Server Remote Buffer Overflow Vulnerability
    BugTraq ID: 12429
    Remote: Yes
    Date Published: Feb 02 2005
    Relevant URL: http://www.securityfocus.com/bid/12429
    Summary:
    A remote buffer overflow vulnerability reportedly affects Savant Web Server. This issue is due to a failure of the application to validate the length of user-supplied strings prior to copying them into finite process buffers.

    An attacker may leverage this issue remotely to execute arbitrary code with the privileges of the affected web server. This issue may facilitate unauthorized access or privilege escalation.

    13. Qualcomm Eudora Multiple Unspecified Vulnerabilities
    BugTraq ID: 12430
    Remote: Yes
    Date Published: Feb 02 2005
    Relevant URL: http://www.securityfocus.com/bid/12430
    Summary:
    Eudora is reported prone to multiple unspecified vulnerabilities. It is reported that these issues may be leveraged by a remote attacker to execute arbitrary code.

    Reports indicate that these issues may be triggered when a specially crafted email is previewed or opened and when a specially crafted stationary or mailbox file is opened.

    These issues are reported to affect Eudora versions prior to 6.2.1 for Microsoft Windows platforms only.

    14. Mambo Open Source Global Variables Unauthorized Access Vulne...
    BugTraq ID: 12436
    Remote: Yes
    Date Published: Feb 02 2005
    Relevant URL: http://www.securityfocus.com/bid/12436
    Summary:
    Mambo Open Source is reported prone to a vulnerability that can allow remote attackers to gain complete unauthorized access to an affected Web site or the database used by the application.

    It is reported that this issue results from improper implementation of global variables.

    All versions of Mambo Open Source prior to and including 4.5.1 are reported vulnerable to this issue.

    15. SunShop Shopping Cart Cross-Site Scripting Vulnerability
    BugTraq ID: 12438
    Remote: Yes
    Date Published: Feb 03 2005
    Relevant URL: http://www.securityfocus.com/bid/12438
    Summary:
    SunShop Shopping Cart is reportedly affected by a cross-site scripting vulnerability. This issue is due to the application failing to properly sanitize user-supplied input.

    This issue is reported to affect SunShop Shopping Cart version 3.4RC1; earlier versions may also be affected.

    16. LANChat Pro Revival UDP Processing Remote Denial Of Service ...
    BugTraq ID: 12439
    Remote: Yes
    Date Published: Feb 03 2005
    Relevant URL: http://www.securityfocus.com/bid/12439
    Summary:
    LANChat Pro Revival is reported prone to a remote denial of service vulnerability. It is reported that the issue presents itself when the vulnerable client processes a malformed UDP datagram.

    A remote attacker may exploit this vulnerability to crash the affected application effectively denying service to legitimate users.

    17. Microsoft Multiple Unspecified Security Vulnerabilities
    BugTraq ID: 12440
    Remote: Unknown
    Date Published: Feb 03 2005
    Relevant URL: http://www.securityfocus.com/bid/12440
    Summary:
    Microsoft has released advanced notification that they will be releasing three security bulletins for Windows on February 8th, 2005. The vendor has not enumerated how many vulnerabilities will be addressed by these security bulletins, nor what specific components or platforms may be affected.

    The maximum severity rating of any of these bulletins is 'Critical'.

    III. MICROSOFT FOCUS LIST SUMMARY
    ---------------------------------
    1. active directory password policy (Thread)
    Relevant URL:

    http://www.securityfocus.com/archive/88/389755

    2. disclosure the administrative password (Thread)
    Relevant URL:

    http://www.securityfocus.com/archive/88/389639

    3. ISA Server/WWW Blacklist (Thread)
    Relevant URL:

    http://www.securityfocus.com/archive/88/389600

    4. SecurityFocus Microsoft Newsletter #226 (Thread)
    Relevant URL:

    http://www.securityfocus.com/archive/88/389599

    5. Wireless GPO (Thread)
    Relevant URL:

    http://www.securityfocus.com/archive/88/389174

    6. Preventing multiple logins in 2003 (Thread)
    Relevant URL:

    http://www.securityfocus.com/archive/88/389108

    7. Domain logon without network connection + group poli... (Thread)
    Relevant URL:

    http://www.securityfocus.com/archive/88/389107

    IV. NEW PRODUCTS FOR MICROSOFT PLATFORMS
    ----------------------------------------
    1. CoreGuard Core Security System
    By: Vormetric
    Platforms: AIX, Linux, Solaris, Windows 2000, Windows XP
    Relevant URL: http://www.vormetric.com/products/#overview
    Summary:

    CoreGuard System profile

    The CoreGuard System is the industry's first solution that enforces
    acceptable use policy for sensitive digital information assets and
    protects personal data privacy across an enterprise IT environment.
    CoreGuard's innovative architecture and completeness of technology
    provide a comprehensive, extensible solution that tightly integrates all
    the elements required to protect information across a widespread,
    heterogeneous enterprise network, while enforcing separation of duties
    between security and IT administration. At the same time, CoreGuard is
    transparent to users, applications and storage infrastructures for ease
    of deployment and system management.

    CoreGuard enables customers to:
    * Protect customer personal data privacy and digital information assets
    * Protect data at rest from unauthorized viewing by external attackers
    and unauthorized insiders
    * Enforce segregation of duties between IT administrators and security
    administration
    * Ensure host & application integrity * Block malicious code, including
    zero-day exploits

    2. KeyCaptor Keylogger
    By: Keylogger Software
    Platforms: MacOS, Windows 2000, Windows 95/98, Windows NT, Windows XP
    Relevant URL: http://www.keylogger-software.com/keylogger/keylogger.htm
    Summary:

    KeyCaptor is your solution for recording ALL keystrokes of ALL users on your computer! Now you have the power to record emails, websites, documents, chats, instant messages, usernames, passwords, and MUCH MORE!

    With our advanced stealth technology, KeyCaptor will not show in your processes list and cannot be stopped from running unless you say so!

    3. SpyBuster
    By: Remove Spyware
    Platforms: Windows 2000, Windows 95/98, Windows NT, Windows XP
    Relevant URL: http://www.remove-spyware.com/spybuster.htm
    Summary:

    Our award winning spyware / adware scanner and removal software, SpyBuster will scan your computer for over 4,000 known spyware and adware applications. SpyBuster protects your computer from data stealing programs that can expose your personal information.

    SpyBuster scanning technology allows for a quick and easy sweep, so you can resume your work in minutes.

    4. FreezeX
    By: Faronics Technologies USA Inc
    Platforms: Windows 2000, Windows 95/98, Windows XP
    Relevant URL: http://www.faronics.com/html/Freezex.asp
    Summary:

    FreezeX prevents all unauthorized programs, including viruses, keyloggers and spy ware from executing. Powerful and secure, FreezeX ensures that any new executable, program, or application that is downloaded, introduced via removable media or the network will never install

    5. NeoExec for Active Directory
    By: NeoValens
    Platforms: Windows 2000, Windows XP
    Relevant URL: http://www.neovalens.com
    Summary:

    NeoExec® is an operating system extension for Windows 2000/XP that allows the setting of privileges at the application level rather than at the user level.

    NeoExec® is the ideal solution for applications that require elevated privileges to run as the privileges are granted to the application, not the user.

    NeoExec® is the only solution on the market capable of modifying at runtime the processes' security context -- without requiring a second account as with RunAs and RunAs-derived products.

    6. Secrets Protector v2.03
    By: E-CRONIS
    Platforms: Windows 2000, Windows XP
    Relevant URL: http://www.e-cronis.com/download/sp.exe
    Summary:

    It's the end of your worries about top-secret data of your company, your confidential files or the pictures from the last party. All these will be hidden beyond the reach of ANY intruder and you will be the only one able to handle them. And what you want to delete will be DELETED. It is the ultimate security tool to protect your sensitive information on PC, meeting the three most important security issues: Integrity, Confidentiality and Availability. This product gives you the features of a "folder locker" and a "secure eraser".

    Your secret information is available only trough this software and there is no other mean to access it. The information is protected at file system level and it cannot be accidentally deleted or overwritten neither in Safe mode nor in other operating system. This program doesn't make your operating system unstable as other related product do and protects your information from being seen, altered or deleted by an unauthorized user with or without his wish. The program allows you to permanently erase your sensitive data using secure wiping methods leaving no trace of your information. Depending on the selected wiping method your data is unrecoverable using software or even hardware recovery techniques.

    V. NEW TOOLS FOR MICROSOFT PLATFORMS
    ------------------------------------
    1. Secure Hive 1.0.0.1
    By: Secure Hive
    Relevant URL: http://www.securehive.com/Secure%20Hive.htm
    Platforms: Windows 2000, Windows NT, Windows XP
    Summary:

    What Does Secure Hive Enterprise Offer?

     Encryption of part, or entire, Word documents, Excel worksheets or PowerPoint presentations through Secure Hive's integration with Microsoft Office.

     Encryption of part, or entire, content of common documents (such as Notepad, WordPad), email messages and instant messages, including mixed text and graphics, with Secure Hive's Clipboard Encryption feature.

    2. SigupShield 3.0
    By: Protecteer, LLC
    Relevant URL: http://www.protecteer.com/install3/full/sus.exe
    Platforms: Windows 2000, Windows 95/98, Windows NT, Windows XP
    Summary:

    A fraud alert (Anti-Phishing) software integrated with a full life-cycle password manager & form filler. SignupShield generates unlimited number of unique passwords and disposable email addresses for signing-up to web sites.
     It fills sign-up forms and encrypts passwords and email addresses for later use during sign-in.

    3. PE Explorer 1.96
    By: Heaventools Software
    Relevant URL: http://www.heaventools.com/overview.htm
    Platforms: Windows 2000, Windows 95/98, Windows NT, Windows XP
    Summary:

    PE Explorer is a tool for inspecting and editing the inner workings of Windows 32-bit executable files. It offers a look at PE file structure and all of the resources in the file, and reports multiple details about a PE file (EXE, DLL, ActiveX controls, and several other Windows executable formats). Once inside, file structure can be analyzed and optimized, hostile code detected, spyware tracked down, problems diagnosed, changes made and resources repaired.

    4. Network Equipment Performance Monitor 2.2
    By: Nova Software, Inc.
    Relevant URL: http://www.nepm.net/
    Platforms: AIX, FreeBSD, HP-UX, Linux, Solaris, True64 UNIX, UNIX, Windows 2000, Windows NT, Windows XP
    Summary:

    NEPM is a very general, highly configurable, two part software system that monitors any type of logged data from IP networked equipment and reports it via E-mail and web pages. Current conditions and history from systems based on Windows NT/2000 and UNIX can be tracked and reported. Most major server, switch and router systems can be monitored, without running agents on the target systems.

    5. Etherchange v1.0
    By: Arne Vidstrom
    Relevant URL: http://www.ntsecurity.nu/toolbox/etherchange/
    Platforms: Windows 2000, Windows XP
    Summary:

    EtherChange can change the Ethernet address of the network adapters in Windows 2000 / XP.

    6. IPFront 1.0
    By: Hernán M. Racciatti
    Relevant URL: http://www.hernanracciatti.com.ar/ipfront/
    Platforms: Windows 2000
    Summary:

    IPFront is a small tool named which enables users to generate IPSec rules easily. It really speeds-up the process of hardening Windows 2000/2003 in Bastion Host Environment.

    Additionally, it allows to set-up IPSec exceptions, and enables a couple of TCP/IP Stack protections against DoSes.

    So, IPFront is nothing more than a small Frontend/GUI that writes small scripts that one can later execute from within IPFront, or externally, as simple script files, in other servers,

    VI. UNSUBSCRIBE INSTRUCTIONS
    ----------------------------
    To unsubscribe send an e-mail message to ms-secnews-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

    If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.

    VII. SPONSOR INFORMATION
    -----------------------

    Need to know what's happening on YOUR network? Symantec DeepSight Analyzer
    is a free service that gives you the ability to track and manage attacks.
    Analyzer automatically correlates attacks from various Firewall and network
    based Intrusion Detection Systems, giving you a comprehensive view of your
    computer or general network. Sign up today!

    http://www.securityfocus.com/sponsor/Symantec_sf-news_041130

    ------------------------------------------------------------------------

    ---------------------------------------------------------------------------
    ---------------------------------------------------------------------------


  • Next message: Thor (Hammer of God): "Re: Password Protected Screen Saver and Administrative Password"

    Relevant Pages

    • SecurityFocus Microsoft Newsletter #231
      ... Stormy Studios KNet Remote Buffer Overflow Vulnerability ... Mozilla Firefox Address Bar Image Dragging Remote Script Exe... ... Relevant URL: http://www.securityfocus.com/bid/12669 ... This vulnerability is reported to exist in RealNetworks products for Microsoft Windows, Linux, and Apple Mac platforms. ...
      (Focus-Microsoft)
    • SecurityFocus Microsoft Newsletter #207
      ... Samba Multiple ASN.1 and MailSlot Parsing Remote Denial Of S... ... Jigunet TwinFTP Server Directory Traversal Vulnerability ... IBM OEM Microsoft Windows XP And Windows XP SP1 Default Admi... ... Relevant URL: http://www.securityfocus.com/bid/11155 ...
      (Focus-Microsoft)
    • SecurityFocus Microsoft Newsletter #226
      ... Golden FTP Server Remote Buffer Overflow Vulnerability ... Redmond's plan to make you install Windows authentication software before ... Relevant URL: http://www.securityfocus.com/bid/12333 ...
      (Focus-Microsoft)
    • SecurityFocus Microsoft Newsletter #213
      ... Microsoft Internet Explorer Malformed IFRAME Remote Buffer O... ... GD Graphics Library Remote Integer Overflow Vulnerability ... Relevant URL: http://www.securityfocus.com/bid/11510 ... Internet Explorer version 6.0.2900.2180 running on Windows XP SP2 is reportedly not vulnerable to this issue. ...
      (Focus-Microsoft)
    • SecurityFocus Microsoft Newsletter #184
      ... MICROSOFT VULNERABILITY SUMMARY ... Macromedia Dreamweaver Remote User Database Access Vulnerabi... ... Relevant URL: http://www.securityfocus.com/bid/10033 ... The first issue is reported to affect the IRIX ftpd process when links between Microsoft Windows 2000 are made. ...
      (Focus-Microsoft)