SecurityFocus Microsoft Newsletter #354
----------------------------------------
This Issue is Sponsored by: Watchfire
As web applications become increasingly complex, tremendous
amounts of
sensitive data - including personal, medical and financial
information -
are exchanged, and stored. This paper examines a few
vulnerability
detection methods - specifically comparing and contrasting
manual
penetration testing with automated scanning tools. Download
Watchfire's
"Web Application Security: Automated Scanning or Manual
Penetration
Testing?" whitepaper today!
https://www.watchfire.com/securearea/whi
tepapers.aspx?id=701700000008yka
SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that
stand out as
conveying topics of interest for our community. We are proud
to offer
content from Matasano at this time and will be adding more
in the coming
weeks.
http://www.securit
yfocus.com/blogs
------------------------------------------------------------
------
I. FRONT AND CENTER
1. Delete This!
2. Security conferences versus practical knowledge
II. MICROSOFT VULNERABILITY SUMMARY
1. WinGate SMTP Session Invalid State Remote Denial Of
Service
Vulnerability
2. Microsoft August 2007 Advance Notification Multiple
Vulnerabilities
3. Microsoft Windows Media Player AU Divide-By-Zero Denial
of Service
Vulnerability
4. Microsoft Internet Explorer Position:Relative Denial of
Service
Vulnerability
5. Microsoft Windows Explorer JPG File Denial of Service
Vulnerability
6. Microsoft Windows Calendar ICS File Denial of Service
Vulnerability
7. JustSystem Ichitaro Unspecified Code Execution
Vulnerability
8. Panda Antivirus Insecure File Permissions Local Privilege
Escalation
Vulnerability
9. Ipswitch IMail Server and Collaboration Suite (ICS)
Multiple Buffer
Overflow Vulnerabilities
III. MICROSOFT FOCUS LIST SUMMARY
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION
I. FRONT AND CENTER
---------------------
1. Delete This!
By Mark Rasch
A series of legal events means that companies that have no
business
reason to retain documents or records may be compelled to
create and
retain such records just so they can become available for
discovery.
http://ww
w.securityfocus.com/columnists/450
2. Security conferences versus practical knowledge
By Don Parker
While the training industry as a whole has evolved rather
well to suit
the needs of their clients, the computer conference -
specifically the
computer security conference - has declined in relevance to
the everyday
sys-admin and network security practitioners.
http://ww
w.securityfocus.com/columnists/449
II. MICROSOFT VULNERABILITY SUMMARY
------------------------------------
1. WinGate SMTP Session Invalid State Remote Denial Of
Service
Vulnerability
BugTraq ID: 25272
Remote: Yes
Date Published: 2007-08-10
Relevant URL: http://www.sec
urityfocus.com/bid/25272
Summary:
WinGate is prone to a denial-of-service vulnerability
because the
application fails to sanitize user-supplied input before
including it in
the format-specifier argument of a formatted-printing
function.
An attacker can exploit this issue to crash the affected
application,
denying service to legitimate users.
This issue affects versions prior to WinGate 6.2.2.
2. Microsoft August 2007 Advance Notification Multiple
Vulnerabilities
BugTraq ID: 25247
Remote: Yes
Date Published: 2007-08-09
Relevant URL: http://www.sec
urityfocus.com/bid/25247
Summary:
Microsoft has released advance notification that the vendor
will be
releasing nine security bulletins on August 14, 2007. The
highest
severity rating for these issues is 'Critical'.
Successful exploits can result in privilege escalation and
remote code
execution.
Further details about these issues are not currently
available.
Individual BIDs will be created for each issue; this record
will be
removed when the security bulletins are released.
3. Microsoft Windows Media Player AU Divide-By-Zero Denial
of Service
Vulnerability
BugTraq ID: 25236
Remote: Yes
Date Published: 2007-08-08
Relevant URL: http://www.sec
urityfocus.com/bid/25236
Summary:
Microsoft Windows Media Player is prone to a
denial-of-service
vulnerability when processing a malformed AU file.
A remote attacker can exploit this issue to crash the
affected
application, denying service to legitimate users.
This issue affects Microsoft Windows Media Player 11; other
versions may
also be affected.
4. Microsoft Internet Explorer Position:Relative Denial of
Service
Vulnerability
BugTraq ID: 25222
Remote: Yes
Date Published: 2007-08-07
Relevant URL: http://www.sec
urityfocus.com/bid/25222
Summary:
Microsoft Internet Explorer is prone to a denial-of-service
vulnerability because the application fails to handle
certain HTML code.
This issue is triggered when a remote attacker entices a
victim user to
visit a malicious website.
Attackers may exploit this issue to crash Internet Explorer,
effectively
denying service to legitimate users.
This issue affects Internet Explorer 6.
5. Microsoft Windows Explorer JPG File Denial of Service
Vulnerability
BugTraq ID: 25207
Remote: Yes
Date Published: 2007-08-06
Relevant URL: http://www.sec
urityfocus.com/bid/25207
Summary:
Microsoft Windows Explorer is prone to a denial-of-service
vulnerability.
An attacker could exploit this issue to cause Explorer to
crash,
effectively denying service. Arbitrary code execution may be
possible,
but this has not been confirmed.
This issue affects Windows Explorer on Microsoft Windows XP;
other
operating systems may also be affected.
6. Microsoft Windows Calendar ICS File Denial of Service
Vulnerability
BugTraq ID: 25201
Remote: Yes
Date Published: 2007-08-04
Relevant URL: http://www.sec
urityfocus.com/bid/25201
Summary:
Microsoft Windows Calendar as shipped with Windows Vista is
prone to a
denial-of-service vulnerability.
An attacker may exploit this vulnerability to cause the
affected
application to crash, resulting in denial-of-service
conditions.
7. JustSystem Ichitaro Unspecified Code Execution
Vulnerability
BugTraq ID: 25187
Remote: Yes
Date Published: 2007-08-02
Relevant URL: http://www.sec
urityfocus.com/bid/25187
Summary:
Ichitaro is prone to an unspecified remotely exploitable
code-execution
vulnerability.
Remote attackers may exploit this issue to execute arbitrary
code within
the context of the currently logged in user.
This issue is being exploited in the wild by
Trojan.Tarodrop.D. Few
details are available regarding this issue. This BID will be
updated
when more information emerges.
8. Panda Antivirus Insecure File Permissions Local Privilege
Escalation
Vulnerability
BugTraq ID: 25186
Remote: No
Date Published: 2007-08-02
Relevant URL: http://www.sec
urityfocus.com/bid/25186
Summary:
Panda Antivirus is prone to a local privilege-escalation
vulnerability
that stems from a design error. This vulnerability occurs
because the
application assigns insecure file permissions to certain
directories
upon installation.
An attacker may exploit this vulnerability to overwrite
files with
arbitrary code in the affected directories. The arbitrary
code is then
executed with System-level privileges. This may facilitate a
complete
compromise of affected computers.
Panda Antivirus 2008 is reported vulnerable.
This issue is related to BID 19891: Panda Platinum Internet
Security
2006/2007 Local Privilege Escalation Vulnerability.
9. Ipswitch IMail Server and Collaboration Suite (ICS)
Multiple Buffer
Overflow Vulnerabilities
BugTraq ID: 25176
Remote: Yes
Date Published: 2007-08-02
Relevant URL: http://www.sec
urityfocus.com/bid/25176
Summary:
Ipswitch IMail Server and Collaboration Suite (ICS) are
prone to
multiple buffer-overflow vulnerabilities because these
applications fail
to properly bounds-check user-supplied input before copying
it into an
insufficiently sized memory buffer.
Attackers may exploit these issues to execute arbitrary code
in the
context of the affected applications. Failed exploit
attempts will
likely result in denial-of-service conditions.
These versions are reported vulnerable to these issues:
Ipswitch Collaboration Suite (ICS) 2006
IMail Premium 2006.2 and 2006.21
Other versions may also be affected.
III. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to
ms-secnews-unsubscribe (at)
securityfocus (dot) com [email concealed] from the
subscribed address.
The contents of the subject or message body do not matter.
You will
receive a confirmation request message to which you will
have to answer.
Alternatively you can also visit
http://www.s
ecurityfocus.com/newsletters and unsubscribe via the
website.
If your email address has changed email listadmin (at)
securityfocus
(dot) com [email concealed] and ask to be manually removed.
V. SPONSOR INFORMATION
------------------------
This Issue is Sponsored by: Watchfire
As web applications become increasingly complex, tremendous
amounts of
sensitive data - including personal, medical and financial
information -
are exchanged, and stored. This paper examines a few
vulnerability
detection methods - specifically comparing and contrasting
manual
penetration testing with automated scanning tools. Download
Watchfire's
"Web Application Security: Automated Scanning or Manual
Penetration
Testing?" whitepaper today!
https://www.watchfire.com/securearea/whi
tepapers.aspx?id=701700000008yka
|