SecurityFocus Microsoft Newsletter #293



SecurityFocus Microsoft Newsletter #293
----------------------------------------

This issue is sponsored by: SPI Dynamics

EASY TARGETS: Hacking Web Applications- A Step-by-Step Attack Analysis
The speed with which Web Applications are developed make them prime targets for attackers, often these applications were developed so quickly that they are not coded properly or subjected to any security testing. Hackers know this and use it as their weapon. Download *FREE* white paper from SPI Dynamics for a complete guide to protection!

https://download.spidynamics.com/1/ad/web.asp?cs1_ContSupRef=70130000000CRxF

------------------------------------------------------------------
I. FRONT AND CENTER
1. Abandon e-mail!
II. MICROSOFT VULNERABILITY SUMMARY
1. Etype Eserv Multiple Input Validation Vulnerabilities
2. Eitsop My Web Server Remote Denial of Service Vulnerability
3. Alt-N MDaemon Remote Pre-Authentication IMAP Buffer Overflow Vulnerability
4. Microsoft Internet Explorer Malformed HTML Parsing Denial of Service Vulnerability
5. Cisco VPN Client Local Privilege Escalation Vulnerability
6. PostgreSQL Multibyte Character Encoding SQL Injection Vulnerabilities
7. BitZipper Remote Directory Traversal Vulnerability
8. Sun Java Runtime Environment Nested Array Objects Denial Of Service Vulnerability
III. MICROSOFT FOCUS LIST SUMMARY
1. New SecurityFocus mailing list: Focus-Apple
2. Restricting Remote Registry Access
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1. Abandon e-mail!
By Kelly Martin
Kelly Martin takes a step back from e-mail's unstoppable phishing-virus-spam epidemic and imagines a world where secure e-mail could be the next big killer app.
http://www.securityfocus.com/columnists/404


II. MICROSOFT VULNERABILITY SUMMARY
------------------------------------
1. Etype Eserv Multiple Input Validation Vulnerabilities
BugTraq ID: 18179
Remote: Yes
Date Published: 2006-05-31
Relevant URL: http://www.securityfocus.com/bid/18179
Summary:
Eserv is prone to multiple input-validation vulnerabilities. These issues include directory-traversal and code-disclosure vulnerabilities.

An attacker can exploit these issues to read other users' email messages, create and rename directories, delete arbitrary empty directories, and access the source code of arbitrary script files.

These issues affect version 3.25; other versions may also be vulnerable.

2. Eitsop My Web Server Remote Denial of Service Vulnerability
BugTraq ID: 18144
Remote: Yes
Date Published: 2006-05-29
Relevant URL: http://www.securityfocus.com/bid/18144
Summary:
My Web Server is prone to a remote denial-of-service vulnerability. This issue is due to a failure in the application to handle exceptional conditions.

This vulnerability allows remote attackers to crash the server, denying further service to legitimate users.

This issue affects version 1.0; other versions may also be vulnerable.

3. Alt-N MDaemon Remote Pre-Authentication IMAP Buffer Overflow Vulnerability
BugTraq ID: 18129
Remote: Yes
Date Published: 2006-05-29
Relevant URL: http://www.securityfocus.com/bid/18129
Summary:
Alt-N MDaemon IMAP Server is susceptible to a remote buffer-overflow vulnerability. This issue is due to a failure of the application to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

This issue allows remote, unauthenticated attackers to execute arbitrary machine code in the context of affected servers. This facilitates the complete compromise of affected computers.

Specific information regarding affected versions is not currently available. This BID will be updated as further information is disclosed.

4. Microsoft Internet Explorer Malformed HTML Parsing Denial of Service Vulnerability
BugTraq ID: 18112
Remote: Yes
Date Published: 2006-05-26
Relevant URL: http://www.securityfocus.com/bid/18112
Summary:
Microsoft Internet Explorer is affected by a denial-of-service vulnerability. This issue arises because the application fails to handle exceptional conditions in a proper manner.

An attacker may exploit this issue by enticing a user to visit a malicious site, resulting in a denial-of-service condition in the application.

This issue results in a NULL-pointer dereference, causing the application to crash. If attackers can manipulate the pointer being dereferenced, code execution may be possible. Note that this has not been confirmed.

Since exploiting this issue requires only standard HTML, it may not be easily mitigated.

Internet Explorer 6 is vulnerable to this issue; other versions may also be affected. This issue will reportedly crash Microsoft Outlook as well.

5. Cisco VPN Client Local Privilege Escalation Vulnerability
BugTraq ID: 18094
Remote: No
Date Published: 2006-05-24
Relevant URL: http://www.securityfocus.com/bid/18094
Summary:
Cisco VPN Client is susceptible to a local privilege-escalation vulnerability. This issue is due to an unspecified flaw in the VPN client GUI application.

This issue allows local attackers to gain Local System privileges on affected computers. This facilitates the complete compromise of affected computers.

This vulnerability affects Cisco VPN Clients on Microsoft Windows. Versions prior to 4.8.01.x, with the exception of version 4.7.00.0533, are affected.

6. PostgreSQL Multibyte Character Encoding SQL Injection Vulnerabilities
BugTraq ID: 18092
Remote: Yes
Date Published: 2006-05-24
Relevant URL: http://www.securityfocus.com/bid/18092
Summary:
PostgreSQL is prone to SQL-injection vulnerabilities. These issues are due to a potential mismatch of multibyte character conversions between PostgreSQL servers and client applications.

A successful exploit could allow an attacker to execute arbitrary SQL statements on affected servers. This may allow the attacker to compromise the targeted computer, access or modify data, or exploit other latent vulnerabilities.

PostgreSQL versions prior to 7.3.15, 7.4.13, 8.0.8, and 8.1.4 are vulnerable to these issues.

7. BitZipper Remote Directory Traversal Vulnerability
BugTraq ID: 18065
Remote: Yes
Date Published: 2006-05-22
Relevant URL: http://www.securityfocus.com/bid/18065
Summary:
Reportedly, an attacker can carry out attacks similar to directory traversals. These issues present themselves when the application processes malicious archives.

A successful attack can allow the attacker to place potentially malicious files and overwrite files on a computer in the context of the user running the affected application. Successful exploits may aid in further attacks.

8. Sun Java Runtime Environment Nested Array Objects Denial Of Service Vulnerability
BugTraq ID: 18058
Remote: Yes
Date Published: 2006-05-22
Relevant URL: http://www.securityfocus.com/bid/18058
Summary:
The Sun Java Runtime Environment is vulnerable to a denial-of-service vulnerability. This issue is due to the software's failure to handle exceptional conditions.

This issue is reported to affect Java Runtime Environment versions up to 1.4.2_11 and 1.5.0_06. This issue will crash Internet browsers running an affected Java plug-in.

An attacker may exploit this issue to cause a vulnerable application -- as well as all processes spawned from the application -- to crash, denying service to legitimate users. Due to the scope of the crash, data loss may occur.

III. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. New SecurityFocus mailing list: Focus-Apple
http://www.securityfocus.com/archive/88/435437

2. Restricting Remote Registry Access
http://www.securityfocus.com/archive/88/433671

IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to ms-secnews-unsubscribe@xxxxxxxxxxxxxxxxx from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email listadmin@xxxxxxxxxxxxxxxxx and ask to be manually removed.

V. SPONSOR INFORMATION
------------------------
This issue is sponsored by: SPI Dynamics

EASY TARGETS: Hacking Web Applications- A Step-by-Step Attack Analysis
The speed with which Web Applications are developed make them prime targets for attackers, often these applications were developed so quickly that they are not coded properly or subjected to any security testing. Hackers know this and use it as their weapon. Download *FREE* white paper from SPI Dynamics for a complete guide to protection!

https://download.spidynamics.com/1/ad/web.asp?cs1_ContSupRef=70130000000CRxF




---------------------------------------------------------------------------
---------------------------------------------------------------------------



Relevant Pages

  • SecurityFocus Microsoft Newsletter #131
    ... MICROSOFT VULNERABILITY SUMMARY ... Advanced Poll Remote Information Disclosure Vulnerability ... PHPNuke News Module Article.PHP SQL Injection Vulnerability ...
    (Focus-Microsoft)
  • SecurityFocus Microsoft Newsletter
    ... MICROSOFT VULNERABILITY SUMMARY ... EMC RepliStor Multiple Remote Heap Based Buffer Overflow Vulnerabilities ... SmarterTools SmarterMail Subject Field HTML Injection Vulnerability ... An attacker can exploit these issues to crash the affected application, ...
    (Focus-Microsoft)
  • SecurityFocus Microsoft Newsletter #211
    ... MICROSOFT VULNERABILITY SUMMARY ... Microsoft Windows Kernel Local Denial of Service Vulnerabili... ... OCPortal Content Management System Remote File Include Vulne... ...
    (Focus-Microsoft)
  • SecurityFocus Microsoft Newsletter #229
    ... Windows NTFS Alternate Data Streams ... MICROSOFT VULNERABILITY SUMMARY ... VBulletin Forumdisplay.PHP Remote Command Execution Vulnerab... ... AWStats Debug Remote Information Disclosure Vulnerability ...
    (Focus-Microsoft)
  • SecurityFocus Microsoft Newsletter #237
    ... MICROSOFT VULNERABILITY SUMMARY ... JPortal Banner.PHP SQL Injection Vulnerability ... Microsoft Windows Kernel Object Management Denial Of Service... ... Microsoft Windows Message Queuing Remote Buffer Overflow Vul... ...
    (Focus-Microsoft)