Re: MS04-007

From: Torgeir Bakken (MVP) (Torgeir.Bakken-spam_at_hydro.com)
Date: 02/10/04

• Next message: Torgeir Bakken (MVP): "Re: MS04-003 MDAC version"
• Previous message: J. Poll: "outlook express"
• In reply to: manwell: "MS04-007"
• Next in thread: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]: "Re: MS04-007"
• Reply: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]: "Re: MS04-007"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Tue, 10 Feb 2004 23:42:53 +0100

manwell wrote:

> Does anyone have more information about what services and
> application this security patch directly effects? From
> what Ive ready, its SNMP and AD - are there more?

Hi

Microsoft ASN.1 Library Length Overflow Heap Corruption
http://www.eeye.com/html/Research/Advisories/AD20040210.html

<quote>

Software Affected:
Microsoft Internet Explorer
Microsoft Outlook
Microsoft Outlook Express
Third-party applications that use certificates

Services Affected:
Kerberos (UDP/88)
Microsoft IIS using SSL
NTLMv2 authentication (TCP/135, 139, 445)

Description:

eEye Digital Security has discovered a critical vulnerability in
Microsoft's ASN.1 library (MSASN1.DLL) that would allow an attacker
to overwrite heap memory on a susceptible machine and cause the
execution of arbitrary code. Because this library is widely used by
Windows security subsystems, the vulnerability is exposed through an
array of avenues, including Kerberos, NTLMv2 authentication, and
applications that make use of certificates (SSL, digitally-signed
e-mail, signed ActiveX controls, etc.).

</quote>

--
torgeir
Microsoft MVP Scripting and WMI, Porsgrunn Norway
Administration scripting examples and an ONLINE version of the 1328 page
Scripting Guide: http://www.microsoft.com/technet/scriptcenter

---

• Next message: Torgeir Bakken (MVP): "Re: MS04-003 MDAC version"
• Previous message: J. Poll: "outlook express"
• In reply to: manwell: "MS04-007"
• Next in thread: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]: "Re: MS04-007"
• Reply: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]: "Re: MS04-007"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages [NT] Cumulative Security Update for Internet Explorer (MS04-025) ... Get your security news from a reliable source. ... * Microsoft Windows NT Workstation 4.0 Service Pack 6a ... Navigation Method Cross-Domain Vulnerability ... (Securiteam) SecurityFocus Microsoft Newsletter #75 ... Microsoft's Internet Security & Acceleration Server with fault-tolerance ... The Microsoft UPnP Vulnerability ... Relevant URL: ... (Focus-Microsoft) SecurityFocus Microsoft Newsletter #120 ... Strengthening Network Security: FREE Guide Network security is a ... MICROSOFT VULNERABILITY SUMMARY ... Microsoft Windows File Protection Signed File Replacement... ... PlatinumFTPServer Information Disclosure Vulnerability ... (Focus-Microsoft) Re: A 6% fix from Microsoft Security Bulletin MS03-040 - 828750 ... Now if the geeks over at Microsoft could get "infected" with some of this ... The Internet is already mind blowing in the way it can bring people ... that creates an unacceptable risk of security compromise and we need to shut ... down all Internet browsing with IE. ... (microsoft.public.security.virus) Re: A 6% fix from Microsoft Security Bulletin MS03-040 - 828750 ... Now if the geeks over at Microsoft could get "infected" with some of this ... The Internet is already mind blowing in the way it can bring people ... that creates an unacceptable risk of security compromise and we need to shut ... down all Internet browsing with IE. ... (microsoft.public.win2000.security)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(13)