SecurityFocus Microsoft Newsletter #231
From: Marc Fossi (mfossi_at_securityfocus.com)
Date: 03/09/05
- Previous message: William Morlett: "RE: Disabling USB mass storage"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 9 Mar 2005 07:52:04 -0700 (MST) To: Focus-MS <focus-ms@securityfocus.com>
SecurityFocus Microsoft Newsletter #231
----------------------------------------
This Issue is Sponsored By: CrossTec
FREE Download - The Future in Desktop Firewalls is Available Now
NEW NetOp Desktop Firewall, the world's first driver-centric
firewall software - protecting your laptops and corporate PCs at
ring-zero! NetOp features sophisticated process & application
control, centralized management and multiple network user profiles -
NetOp is able to increase security when mobile users plug back
into your network. Step into a more secure future - Try it FREE
http://www.securityfocus.com/sponsor/CrossTec_ms-secnews_050308
------------------------------------------------------------------------
Need to know what's happening on YOUR network? Symantec DeepSight Analyzer
is a free service that gives you the ability to track and manage attacks.
Analyzer automatically correlates attacks from various Firewall and network
based Intrusion Detection Systems, giving you a comprehensive view of your
computer or general network. Sign up today!
http://www.securityfocus.com/sponsor/Symantec_sf-news_041130
------------------------------------------------------------------------
I. FRONT AND CENTER
1. Where is Google Headed?
2. High Profile, Low Security
3. WEP: Dead Again, Part 2
II. MICROSOFT VULNERABILITY SUMMARY
1. LionMax Software Chat Anywhere Insecure Password Storage Vul...
2. PeerFTP_5 Insecure Password Storage Vulnerability
3. Stormy Studios KNet Remote Buffer Overflow Vulnerability
4. Mozilla Firefox Address Bar Image Dragging Remote Script Exe...
5. Working Resources BadBlue MFCISAPICommand Remote Buffer Over...
6. PHPBB Authentication Bypass Vulnerability
7. PostNuke Phoenix Download Module Multiple Cross-Site Scripti...
8. RaidenHTTPD Multiple Remote Vulnerabilities
9. RealNetworks RealOne Player/RealPlayer Unspecified WAV File ...
10. RealNetworks RealOne Player/RealPlayer SMIL File Remote Stac...
11. Computer Associates Unicenter Asset Management Multiple Vuln...
12. Cerulean Studios Trillian Remote PNG Image File Parsing Buff...
13. Golden FTP Server Username Remote Buffer Overflow Vulnerabil...
14. Computer Associates License Application Multiple Vulnerabili...
15. Foxmail USER Command Multiple Remote Vulnerabilities
16. ImageMagick File Name Handling Remote Format String Vulnerab...
17. PABox HTML Injection Vulnerability
18. Typo3 CMW_Linklist Extension SQL Injection Vulnerability
19. Computalynx CProxy Directory Traversal Vulnerability
III. MICROSOFT FOCUS LIST SUMMARY
1. CONTENT FILTERING (Thread)
2. SecurityFocus Microsoft Newsletter #230 (Thread)
3. SID Manipulation Issue - Cross Domain Security Vulne... (Thread)
4. Disabling USB mass storage (Thread)
5. Folder Encryption (Thread)
6. computer account password.... (Thread)
7. Prohibit Folder Compression (Thread)
8. Domain Controller Best Practice - Thanks! (Thread)
9. AW: Disabling USB mass storage (Thread)
10. Microsoft Network Analyzer? (Thread)
11. FW: Restrict running applications from usb key (Thread)
12. Restrict running applications from usb key (Thread)
13. Changing system time for testing and development (Thread)
14. Remote Terminal Services :VSMail mx4 (Thread)
15. Remote Terminal Services (Thread)
16. Exchange Problem (Thread)
17. AW: Microsoft Network Analyzer? (Thread)
18. AW: Domain Controller Best Practice - Thanks! (Thread)
IV. NEW PRODUCTS FOR MICROSOFT PLATFORMS
1. CoreGuard Core Security System
2. KeyCaptor Keylogger
3. SpyBuster
4. FreezeX
5. NeoExec for Active Directory
6. Secrets Protector v2.03
V. NEW TOOLS FOR MICROSOFT PLATFORMS
1. Healthmonitor 2.1
2. Kr4ck3r 1.0.0
3. WinArpSpoofer 0.5.3
4. SafeLogon 2.0
5. SafeSystem 1.5
6. SQL column finder 0.1
VI. UNSUBSCRIBE INSTRUCTIONS
VII. SPONSOR INFORMATION
I. FRONT AND CENTER
-------------------
1. Where is Google Headed?
By Scott Granneman
As the bad guys start using Google more and more, the company wrestles with
some new security and privacy issues with AutoLink.
http://www.securityfocus.com/columnists/304
2. High Profile, Low Security
By Matthew Tanase
Big companies stumble with high profile security breaches that make your
local WiFi coffee shop look secure.
http://www.securityfocus.com/columnists/305
3. WEP: Dead Again, Part 2
By Michael Ossmann
Part two of the WEP cracking series shows how active attacks can
dramatically increase the rate of packet collection and speed up
statistical attacks.
http://www.securityfocus.com/infocus/1824
II. MICROSOFT VULNERABILITY SUMMARY
-----------------------------------
1. LionMax Software Chat Anywhere Insecure Password Storage Vul...
BugTraq ID: 12669
Remote: No
Date Published: Feb 26 2005
Relevant URL: http://www.securityfocus.com/bid/12669
Summary:
A local insecure password storage vulnerability affects LionMax Software Chat Anywhere. This issue is due to a failure of the application to store password credentials in a secure location by default.
A local attacker may leverage this issue to gain access to restricted chat room authentication credentials, facilitating unauthorized access.
2. PeerFTP_5 Insecure Password Storage Vulnerability
BugTraq ID: 12670
Remote: No
Date Published: Feb 26 2005
Relevant URL: http://www.securityfocus.com/bid/12670
Summary:
A local insecure password storage vulnerability affects PeerFTP_5. This issue is due to a failure of the application to store password with secure permissions by default.
A local attacker may leverage this issue to gain access to authentication credentials for FTP user accounts, facilitating unauthorized access.
3. Stormy Studios KNet Remote Buffer Overflow Vulnerability
BugTraq ID: 12671
Remote: Yes
Date Published: Feb 26 2005
Relevant URL: http://www.securityfocus.com/bid/12671
Summary:
A remote buffer overflow vulnerability affects Stormy Studios KNet. This issue is due to a failure of the application to securely copy user-supplied input into finite process buffers.
An attacker may leverage this issue to execute arbitrary code on a computer with the privileges of the affected server, facilitating unauthorized access.
4. Mozilla Firefox Address Bar Image Dragging Remote Script Exe...
BugTraq ID: 12672
Remote: Yes
Date Published: Feb 26 2005
Relevant URL: http://www.securityfocus.com/bid/12672
Summary:
A remote script execution vulnerability affects Mozilla Firefox. This issue is due to a failure of the application to properly validate the origin of scripts prior to execution when loaded into a browser window by dragging JavaScript image URIs into the address bar.
An attacker may leverage this issue to execute arbitrary script code in the context of a target Web site in the browser of an unsuspecting user. This may facilitate cookie-based authentication credential theft as well as other attacks.
5. Working Resources BadBlue MFCISAPICommand Remote Buffer Over...
BugTraq ID: 12673
Remote: Yes
Date Published: Feb 26 2005
Relevant URL: http://www.securityfocus.com/bid/12673
Summary:
A remote buffer overflow vulnerability affects Working Resources BadBlue. This issue is due to a failure of the application to securely copy GET request parameters into finite process buffers.
An attacker may leverage this issue to execute arbitrary code with the privileges of the affected Web server, facilitating a SYSTEM level compromise.
6. PHPBB Authentication Bypass Vulnerability
BugTraq ID: 12678
Remote: Yes
Date Published: Feb 28 2005
Relevant URL: http://www.securityfocus.com/bid/12678
Summary:
phpBB is affected by an authentication bypass vulnerability.
This issue is due to the application failing to properly sanitize user-supplied input during authentication.
Exploitation of this vulnerability would permit unauthorized access to any known account including the administrator account.
The vendor has addressed this issue in phpBB 2.0.13.
7. PostNuke Phoenix Download Module Multiple Cross-Site Scripti...
BugTraq ID: 12685
Remote: Yes
Date Published: Feb 28 2005
Relevant URL: http://www.securityfocus.com/bid/12685
Summary:
PostNuke is affected by multiple cross-site scripting vulnerabilities. These issues are due to the application failing to properly sanitize user-supplied input.
As a result of these vulnerabilities, it is possible for a remote attacker to create a malicious link containing script code that will be executed in the browser of an unsuspecting user when followed. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
8. RaidenHTTPD Multiple Remote Vulnerabilities
BugTraq ID: 12688
Remote: Yes
Date Published: Mar 01 2005
Relevant URL: http://www.securityfocus.com/bid/12688
Summary:
RaidenHTTPD is reported to multiple remote vulnerabilities. These issues can allow an attacker to disclose the source code of PHP files hosted on the server and execute arbitrary code to gain unauthorized access to a vulnerable computer.
The following specific issues were identified:
It is reported that a remote attacker can disclose the source code of any PHP file hosted on the server.
A buffer overflow vulnerability is reported to affect the server as well. This issue may allow the attacker to gain unauthorized access to an affected computer.
RaidenHTTPD 1.1.32 is reported vulnerable to these issues.
9. RealNetworks RealOne Player/RealPlayer Unspecified WAV File ...
BugTraq ID: 12697
Remote: Yes
Date Published: Mar 01 2005
Relevant URL: http://www.securityfocus.com/bid/12697
Summary:
RealNetworks RealPlayer and RealOne Player are reported prone to an unspecified buffer overflow vulnerability. It is reported that the issue manifests when a malicious WAV file is processed. The vulnerability affects heap-based memory.
A remote attacker may exploit this vulnerability to execute arbitrary code in the context of a user that uses a vulnerable version of the media player to play a malicious WAV file.
10. RealNetworks RealOne Player/RealPlayer SMIL File Remote Stac...
BugTraq ID: 12698
Remote: Yes
Date Published: Mar 01 2005
Relevant URL: http://www.securityfocus.com/bid/12698
Summary:
RealNetworks RealPlayer and RealOne Player are reported prone to a remote stack based buffer overflow vulnerability. The issue exists due to a lack of boundary checks performed by the application when parsing Synchronized Multimedia Integration Language (SMIL) files. A remote attacker may execute arbitrary code on a vulnerable computer to gain unauthorized access.
This vulnerability is reported to exist in RealNetworks products for Microsoft Windows, Linux, and Apple Mac platforms.
11. Computer Associates Unicenter Asset Management Multiple Vuln...
BugTraq ID: 12702
Remote: Yes
Date Published: Mar 02 2005
Relevant URL: http://www.securityfocus.com/bid/12702
Summary:
Unicenter Asset Management is reported prone to multiple vulnerabilities that may allow attackers to disclose sensitive information and carry out HTML injection and SQL injection attacks.
The following specific issues were identified:
It is reported that attackers with access to the admin console can disclose the masked SQL Admin password.
The application is also reported prone to an HTML injection vulnerability. This issue arises due to an input validation error and may allow remote attackers to execute arbitrary HTML and script code in a user's browser.
An SQL injection vulnerability exists in the application as well. This issue exists in the Query Designer and may allow remote attackers to inject malicious SQL code in to imported files.
Unicenter Asset Management 4.0 for Windows is reported prone to these issues.
12. Cerulean Studios Trillian Remote PNG Image File Parsing Buff...
BugTraq ID: 12703
Remote: Yes
Date Published: Mar 02 2005
Relevant URL: http://www.securityfocus.com/bid/12703
Summary:
A remote buffer overflow vulnerability affects Cerulean Studios Trillian. This issue is due to a failure of the application to securely copy image data into finite process buffers.
An attacker may leverage this issue to execute arbitrary code with the privileges of an unsuspecting user that activated the vulnerable application.
13. Golden FTP Server Username Remote Buffer Overflow Vulnerabil...
BugTraq ID: 12704
Remote: Yes
Date Published: Mar 02 2005
Relevant URL: http://www.securityfocus.com/bid/12704
Summary:
A buffer overflow vulnerability is reported to affect Golden FTP Server. The problem occurs due to insufficient bounds checking when processing 'USER' command arguments of excessive length.
By exploiting this issue to modify sensitive stack variables, an anonymous remote attacker may be capable of exploiting this issue to execute arbitrary code.
This vulnerability is reported to affect Golden FTP Server version 1.92, other versions might also be affected.
14. Computer Associates License Application Multiple Vulnerabili...
BugTraq ID: 12705
Remote: Yes
Date Published: Mar 02 2005
Relevant URL: http://www.securityfocus.com/bid/12705
Summary:
Computer Associates License client and server applications are reported prone to multiple vulnerabilities. These issues include various buffer overflow vulnerabilities in the client and server and a directory traversal vulnerability in the client. A remote attacker may execute arbitrary code and place files in arbitrary locations on a vulnerable computer.
It should be noted that the affected application runs with SYSTEM privileges on Microsoft Windows Platforms and superuser privileges on UNIX platforms; this will allow for a complete compromise of the affected computer.
**Update: Additional vulnerabilities are reported to affect the 'LIC98RMT.EXE' component of the Computer Associates License application.
Computer Associates License application versions 1.53 to 1.61.8 on all supported platforms are affected by these vulnerabilities.
15. Foxmail USER Command Multiple Remote Vulnerabilities
BugTraq ID: 12711
Remote: Yes
Date Published: Mar 02 2005
Relevant URL: http://www.securityfocus.com/bid/12711
Summary:
Foxmail is reported prone to multiple remote vulnerabilities. These issues include a buffer overflow and a format string vulnerability. An attacker may exploit these issues to execute arbitrary code on a vulnerable computer to gain unauthorized access.
The following specific issues were identified:
It is reported that Foxmail server is prone to a remote buffer overflow vulnerability. The problem presents itself when the application receives excessive data through the USER command. It is also reported that this issue may also cause a heap overflow.
The application is also affected by a remote format string vulnerability. It is reported that this issue presents itself when the server processes a malicious USER command.
Foxmail Server For Windows version 2.0 is reported vulnerable. It is possible that Foxmail Server For Unix is affected as well.
16. ImageMagick File Name Handling Remote Format String Vulnerab...
BugTraq ID: 12717
Remote: Yes
Date Published: Mar 03 2005
Relevant URL: http://www.securityfocus.com/bid/12717
Summary:
ImageMagick is reported prone to a remote format string vulnerability.
Reportedly, this issue arises when the application handles malformed file names. An attacker can exploit this vulnerability by crafting a malicious file with a name that contains format specifiers and sending the file to an unsuspecting user.
It should be noted that other attack vectors also exist that may not require user interaction as the application can be used with custom printing systems and Web applications.
A successful attack may result in crashing the application or lead to arbitrary code execution.
All versions of ImageMagick are considered vulnerable at the moment.
17. PABox HTML Injection Vulnerability
BugTraq ID: 12719
Remote: Yes
Date Published: Mar 03 2005
Relevant URL: http://www.securityfocus.com/bid/12719
Summary:
paBox is reportedly affected by a HTML injection vulnerability. This issue is due to the application failing to properly sanitize user-supplied input before using it in dynamically generated content.
The attacker-supplied HTML and script code would be able to access properties of the site, potentially allowing for theft of cookie-based authentication credentials. An attacker could also exploit this issue to control how the site is rendered to the user; other attacks are also possible.
This vulnerability is reported to affect paBox version 1.6.
paBox version 2.0 does not appear to be affected by this vulnerability; this has not been confirmed by the vendor.
18. Typo3 CMW_Linklist Extension SQL Injection Vulnerability
BugTraq ID: 12721
Remote: Yes
Date Published: Mar 03 2005
Relevant URL: http://www.securityfocus.com/bid/12721
Summary:
Typo3 'cmw_linklist' extension is affected by a remote SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in a SQL query.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
This issue is reported to affect 'cmw_linklist' extension versions 1.4.1 and earlier.
19. Computalynx CProxy Directory Traversal Vulnerability
BugTraq ID: 12722
Remote: Yes
Date Published: Mar 03 2005
Relevant URL: http://www.securityfocus.com/bid/12722
Summary:
CProxy is reported prone to a remote directory traversal vulnerability. This issue arises due to insufficient sanitization of user-supplied data. A remote user may exploit this issue to disclose arbitrary files and carry out a denial of service condition.
It is reported that an attacker can simply issue an HTTP GET request including directory traversal sequences to carry out this attack.
III. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. CONTENT FILTERING (Thread)
Relevant URL:
http://www.securityfocus.com/archive/88/392551
2. SecurityFocus Microsoft Newsletter #230 (Thread)
Relevant URL:
http://www.securityfocus.com/archive/88/392468
3. SID Manipulation Issue - Cross Domain Security Vulne... (Thread)
Relevant URL:
http://www.securityfocus.com/archive/88/392467
4. Disabling USB mass storage (Thread)
Relevant URL:
http://www.securityfocus.com/archive/88/392466
5. Folder Encryption (Thread)
Relevant URL:
http://www.securityfocus.com/archive/88/392464
6. computer account password.... (Thread)
Relevant URL:
http://www.securityfocus.com/archive/88/392288
7. Prohibit Folder Compression (Thread)
Relevant URL:
http://www.securityfocus.com/archive/88/392243
8. Domain Controller Best Practice - Thanks! (Thread)
Relevant URL:
http://www.securityfocus.com/archive/88/392240
9. AW: Disabling USB mass storage (Thread)
Relevant URL:
http://www.securityfocus.com/archive/88/392232
10. Microsoft Network Analyzer? (Thread)
Relevant URL:
http://www.securityfocus.com/archive/88/392222
11. FW: Restrict running applications from usb key (Thread)
Relevant URL:
http://www.securityfocus.com/archive/88/392193
12. Restrict running applications from usb key (Thread)
Relevant URL:
http://www.securityfocus.com/archive/88/392192
13. Changing system time for testing and development (Thread)
Relevant URL:
http://www.securityfocus.com/archive/88/392154
14. Remote Terminal Services :VSMail mx4 (Thread)
Relevant URL:
http://www.securityfocus.com/archive/88/392150
15. Remote Terminal Services (Thread)
Relevant URL:
http://www.securityfocus.com/archive/88/392122
16. Exchange Problem (Thread)
Relevant URL:
http://www.securityfocus.com/archive/88/392121
17. AW: Microsoft Network Analyzer? (Thread)
Relevant URL:
http://www.securityfocus.com/archive/88/392100
18. AW: Domain Controller Best Practice - Thanks! (Thread)
Relevant URL:
http://www.securityfocus.com/archive/88/392070
IV. NEW PRODUCTS FOR MICROSOFT PLATFORMS
----------------------------------------
1. CoreGuard Core Security System
By: Vormetric
Platforms: AIX, Linux, Solaris, Windows 2000, Windows XP
Relevant URL: http://www.vormetric.com/products/#overview
Summary:
CoreGuard System profile
The CoreGuard System is the industry's first solution that enforces
acceptable use policy for sensitive digital information assets and
protects personal data privacy across an enterprise IT environment.
CoreGuard's innovative architecture and completeness of technology
provide a comprehensive, extensible solution that tightly integrates all
the elements required to protect information across a widespread,
heterogeneous enterprise network, while enforcing separation of duties
between security and IT administration. At the same time, CoreGuard is
transparent to users, applications and storage infrastructures for ease
of deployment and system management.
CoreGuard enables customers to:
* Protect customer personal data privacy and digital information assets
* Protect data at rest from unauthorized viewing by external attackers
and unauthorized insiders
* Enforce segregation of duties between IT administrators and security
administration
* Ensure host & application integrity * Block malicious code, including
zero-day exploits
2. KeyCaptor Keylogger
By: Keylogger Software
Platforms: MacOS, Windows 2000, Windows 95/98, Windows NT, Windows XP
Relevant URL: http://www.keylogger-software.com/keylogger/keylogger.htm
Summary:
KeyCaptor is your solution for recording ALL keystrokes of ALL users on your computer! Now you have the power to record emails, websites, documents, chats, instant messages, usernames, passwords, and MUCH MORE!
With our advanced stealth technology, KeyCaptor will not show in your processes list and cannot be stopped from running unless you say so!
3. SpyBuster
By: Remove Spyware
Platforms: Windows 2000, Windows 95/98, Windows NT, Windows XP
Relevant URL: http://www.remove-spyware.com/spybuster.htm
Summary:
Our award winning spyware / adware scanner and removal software, SpyBuster will scan your computer for over 4,000 known spyware and adware applications. SpyBuster protects your computer from data stealing programs that can expose your personal information.
SpyBuster scanning technology allows for a quick and easy sweep, so you can resume your work in minutes.
4. FreezeX
By: Faronics Technologies USA Inc
Platforms: Windows 2000, Windows 95/98, Windows XP
Relevant URL: http://www.faronics.com/html/Freezex.asp
Summary:
FreezeX prevents all unauthorized programs, including viruses, keyloggers and spy ware from executing. Powerful and secure, FreezeX ensures that any new executable, program, or application that is downloaded, introduced via removable media or the network will never install
5. NeoExec for Active Directory
By: NeoValens
Platforms: Windows 2000, Windows XP
Relevant URL: http://www.neovalens.com
Summary:
NeoExec® is an operating system extension for Windows 2000/XP that allows the setting of privileges at the application level rather than at the user level.
NeoExec® is the ideal solution for applications that require elevated privileges to run as the privileges are granted to the application, not the user.
NeoExec® is the only solution on the market capable of modifying at runtime the processes' security context -- without requiring a second account as with RunAs and RunAs-derived products.
6. Secrets Protector v2.03
By: E-CRONIS
Platforms: Windows 2000, Windows XP
Relevant URL: http://www.e-cronis.com/download/sp.exe
Summary:
It's the end of your worries about top-secret data of your company, your confidential files or the pictures from the last party. All these will be hidden beyond the reach of ANY intruder and you will be the only one able to handle them. And what you want to delete will be DELETED. It is the ultimate security tool to protect your sensitive information on PC, meeting the three most important security issues: Integrity, Confidentiality and Availability. This product gives you the features of a "folder locker" and a "secure eraser".
Your secret information is available only trough this software and there is no other mean to access it. The information is protected at file system level and it cannot be accidentally deleted or overwritten neither in Safe mode nor in other operating system. This program doesn't make your operating system unstable as other related product do and protects your information from being seen, altered or deleted by an unauthorized user with or without his wish. The program allows you to permanently erase your sensitive data using secure wiping methods leaving no trace of your information. Depending on the selected wiping method your data is unrecoverable using software or even hardware recovery techniques.
V. NEW TOOLS FOR MICROSOFT PLATFORMS
------------------------------------
1. Healthmonitor 2.1
By: Vittorio Pavesi
Relevant URL: http://healthmonitor.sourceforge.net
Platforms: Windows 2000, Windows NT, Windows XP
Summary:
HealthMonitor is a free powerful and featureful monitoring tool for Windows.
It works as a Windows Service and check system status (event viewer, disk free space, services status, performance....) and notify the administration by E-Mail, SMS and by NET SEND; a database logging feature is also available. It is under constant development, and releases are usually frequent. The latest news regarding HealthMonitor can be found on Sourceforge.
2. Kr4ck3r 1.0.0
By: Black List Software
Relevant URL: http://hackinoutthebox.com/sub4.index.php
Platforms: Windows XP
Summary:
This is the ultimate MD5 cracker having both a built-in brute-force and dictionary attack functionality.
3. WinArpSpoofer 0.5.3
By: Gordon Ahn
Relevant URL: http://www.nextsecurity.net/downloads/winarpspoof/WinArpSpoof.zip
Platforms: Windows 2000, Windows NT, Windows XP
Summary:
Windows ARP Spoofer (WinArpSpoof) is a program that can scan the computers including network devices and can spoof their ARP tables on local area network and can act as a router while pulling all packets on LAN. In addition, traffic information through this program is measured.
4. SafeLogon 2.0
By: GemiScorp Software Solutions
Relevant URL: http://www.gemiscorp.com/english/slogon/info.html
Platforms: Windows 2000, Windows 95/98, Windows NT, Windows XP
Summary:
SafeLogon is a multi-user and password-based access control utility that enhances and complements the Windows built-in logon and authentication system. In other words, SafeLogon allows you to protect your system at home and office from unauthorized access.
SafeLogon is fully configurable and allows its Administrator to:
- Restrict access to Windows to certain users, optionally controlling the days of the week and the time of the day the user is allowed to log on and
5. SafeSystem 1.5
By: GemiScorp Software Solutions
Relevant URL: http://www.gemiscorp.com/english/safesystem/info.html
Platforms: Windows 2000, Windows 95/98, Windows NT, Windows XP
Summary:
SafeSystem is a security program that allows you to prevent access to your personal and important files and folders, as well as protect and guarantee the integrity and well functioning of your system. SafeSystem can make your files and folders completely invisible, inaccessible or simply read-only. Furthermore, SafeSystem can prevent the change of configuration and the accidental (or even intentional) system files deletion or alteration, so your PC will be healthy
6. SQL column finder 0.1
By: Rafal Bielecki
Relevant URL: http://sqlcfind.netro.pl/sqlcfind.exe
Platforms: Windows 2000, Windows 95/98, Windows XP
Summary:
Helps you to find exact columns number when using union select query
VI. UNSUBSCRIBE INSTRUCTIONS
----------------------------
To unsubscribe send an e-mail message to ms-secnews-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.
If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.
VII. SPONSOR INFORMATION
-----------------------
This Issue is Sponsored By: CrossTec
FREE Download - The Future in Desktop Firewalls is Available Now
NEW NetOp Desktop Firewall, the world's first driver-centric
firewall software - protecting your laptops and corporate PCs at
ring-zero! NetOp features sophisticated process & application
control, centralized management and multiple network user profiles -
NetOp is able to increase security when mobile users plug back
into your network. Step into a more secure future - Try it FREE
http://www.securityfocus.com/sponsor/CrossTec_ms-secnews_050308
------------------------------------------------------------------------
Need to know what's happening on YOUR network? Symantec DeepSight Analyzer
is a free service that gives you the ability to track and manage attacks.
Analyzer automatically correlates attacks from various Firewall and network
based Intrusion Detection Systems, giving you a comprehensive view of your
computer or general network. Sign up today!
http://www.securityfocus.com/sponsor/Symantec_sf-news_041130
------------------------------------------------------------------------
---------------------------------------------------------------------------
---------------------------------------------------------------------------
- Previous message: William Morlett: "RE: Disabling USB mass storage"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
