Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Microsoft
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

SecurityFocus Microsoft Newsletter #253

from [Marc Fossi] Network Security [Permanent Link]
Subject: SecurityFocus Microsoft Newsletter #253
Date: Wed, 24 Aug 2005 13:17:58 -0600 (MDT) 
SecurityFocus Microsoft Newsletter #253
----------------------------------------

Need to know what's happening on YOUR network? Symantec DeepSight Analyzer is a free service that gives you the ability to track and manage attacks. Analyzer automatically correlates attacks from various Firewall and network based Intrusion Detection Systems, giving you a comprehensive view of your computer or general network. Sign up today!

http://www.securityfocus.com/sponsor/Symantec_sf-news_041130

------------------------------------------------------------------
I. FRONT AND CENTER
1. Legal disassembly
2. It's only a matter of time...
II. MICROSOFT VULNERABILITY SUMMARY
1. Chris Moneymaker's World Poker Championship Buffer Overflow Vulnerability
2. Microsoft Visual Studio .NET msdds.dll Remote Code Execution Vulnerability
3. Sysinternals Process Explorer CompanyName Value Buffer Overflow Vulnerability
4. Computer Associates Message Queuing Denial Of Service Vulnerability
5. Computer Associates Message Queuing Buffer Overflow Vulnerability
6. Computer Associates Message Queuing CAFT Spoofing Vulnerability
7. ZipTorrent Proxy Server Password Disclosure Vulnerability
8. Mercora IMRadio Plaintext Password Disclosure Weakness
9. CVS Cvsbug.In Script Insecure Temporary File Creation Vulnerability
10. MPlayer Audio Header Buffer Overflow Vulnerability
III. MICROSOFT FOCUS LIST SUMMARY
1. Latest patches: restart issues?
2. New MS patches crashed my 2k3 SP1 PDC
3. exploit to vulnerability
4. Exploiting heap overflows on XP SP2
5. SharePoint securization
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1. Legal disassembly
By Mark Rasch
When security researcher and ISS employee Michael Lynn went to give a presentation at the Black Hat conference in Las Vegas, little did he know he would ignite a legal firestorm questioning whether even the act of looking for security vulnerabilities violates the law.
http://www.securityfocus.com/columnists/349

2. It's only a matter of time...
By Jason Miller
According to the Apple Web site, Security Update 2005-007 was released to the public on August 12, 2005. And, as with all of their recent security updates, it is available to all Apple customers free of charge. I'm sure none of you reading this article will argue with me about that being a good thing.
http://www.securityfocus.com/columnists/348


II. MICROSOFT VULNERABILITY SUMMARY
------------------------------------
1. Chris Moneymaker's World Poker Championship Buffer Overflow Vulnerability
BugTraq ID: 14587
Remote: Yes
Date Published: 2005-08-17
Relevant URL: http://www.securityfocus.com/bid/14587
Summary:
Chris Moneymaker's World Poker Championship is prone to a boundary condition error. Exploitation may cause the application to fail or result in arbitrary code execution.


2. Microsoft Visual Studio .NET msdds.dll Remote Code Execution Vulnerability
BugTraq ID: 14594
Remote: Yes
Date Published: 2005-08-17
Relevant URL: http://www.securityfocus.com/bid/14594
Summary:
Microsoft Visual Studio .NET is prone to a vulnerability that could allow remote arbitrary code execution.

The list of vulnerable packages has been updated to include applications suspected of installing the vulnerable msdds.dll library.



3. Sysinternals Process Explorer CompanyName Value Buffer Overflow Vulnerability
BugTraq ID: 14616
Remote: Yes
Date Published: 2005-08-20
Relevant URL: http://www.securityfocus.com/bid/14616
Summary:
Process Explorer is prone to a buffer overflow vulnerability. This issue is due to a failure in the application to perform proper bounds checking on user-supplied data.

A successful attack can result in the overflowing of a finite sized buffer and may ultimately lead to the execution of arbitrary code in the context of the affected application.

4. Computer Associates Message Queuing Denial Of Service Vulnerability
BugTraq ID: 14621
Remote: Yes
Date Published: 2005-08-22
Relevant URL: http://www.securityfocus.com/bid/14621
Summary:
Computer Associates Message Queuing (CAM) is prone to a remote denial of service vulnerability.

A remote attacker can exploit this vulnerability to deny service to legitimate users.

It should be noted exploitation of this issue does not cause the affected application to consume system resources. The only known consequence is no further connections to the TCP port can take place.

5. Computer Associates Message Queuing Buffer Overflow Vulnerability
BugTraq ID: 14622
Remote: Yes
Date Published: 2005-08-22
Relevant URL: http://www.securityfocus.com/bid/14622
Summary:
Computer Associates Message Queuing (CAM) is prone to a buffer overflow vulnerability. This issue is due to a failure in the application to perform proper bounds checking on user-supplied data.

A successful attack can cause the process's execution stack to overflow and may ultimately lead to the execution of arbitrary code in the context of the affected application. This may facilitate privilege escalation to SYSTEM level privileges.

6. Computer Associates Message Queuing CAFT Spoofing Vulnerability
BugTraq ID: 14623
Remote: Yes
Date Published: 2005-08-22
Relevant URL: http://www.securityfocus.com/bid/14623
Summary:
CAM is prone to a vulnerability that could permit the spoofing of a CAFT application utilizing the CAM instance. This may ultimately allow the execution of arbitrary commands. CAFT is a file transfer application that utilizes CAM to send and receive the files. The problem presents itself due to a failure in the CAM service to verify the legitimacy of the CAFT application. An attacker can spoof a legitimate CAFT instance and ultimately execute arbitrary CAM commands with elevated privileges.

7. ZipTorrent Proxy Server Password Disclosure Vulnerability
BugTraq ID: 14645
Remote: No
Date Published: 2005-08-23
Relevant URL: http://www.securityfocus.com/bid/14645
Summary:
ZipTorrent is affected by a vulnerability that may allow local attackers to obtain the proxy server passwords of affected users.

This may lead to various attacks against affected users including the disclosure of sensitive information.

ZipTorrent 1.3.7.3 is vulnerable to this issue, however, other versions may be affected as well.

8. Mercora IMRadio Plaintext Password Disclosure Weakness
BugTraq ID: 14646
Remote: No
Date Published: 2005-08-23
Relevant URL: http://www.securityfocus.com/bid/14646
Summary:
Mercora IMRadio is prone to a plaintext password disclosure weakness. This will allow an attacker to view the registry keys for the application and retrieve user names and passwords for users of the affected application.

A local attacker with privileges to view the registry can retrieve the passwords for other users of the affected application. 9. CVS Cvsbug.In Script Insecure Temporary File Creation Vulnerability
BugTraq ID: 14648
Remote: No
Date Published: 2005-08-19
Relevant URL: http://www.securityfocus.com/bid/14648
Summary:
CVS creates temporary files in an insecure manner.

The vulnerability is due to the program creating temporary files with a predictable name in the '/tmp' directory. Exploitation would most likely result in loss of data or a denial of service if critical files are overwritten in the attack. Other attacks may be possible as well.

10. MPlayer Audio Header Buffer Overflow Vulnerability
BugTraq ID: 14652
Remote: Yes
Date Published: 2005-08-24
Relevant URL: http://www.securityfocus.com/bid/14652
Summary:
A buffer overflow vulnerability affects MPlayer. This issue is due to a failure of the application to properly validate the length of user-supplied strings prior to copying them into static process buffers.

The problem presents itself when the affected application attempts to process audio streams that contain overly large values in their header.

An attacker may exploit this issue to execute arbitrary code with the privileges of the user that activated the vulnerable application. This may facilitate unauthorized access or privilege escalation.

III. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. Latest patches: restart issues?
http://www.securityfocus.com/archive/88/408678

2. New MS patches crashed my 2k3 SP1 PDC
http://www.securityfocus.com/archive/88/408679

3. exploit to vulnerability
http://www.securityfocus.com/archive/88/408570

4. Exploiting heap overflows on XP SP2
http://www.securityfocus.com/archive/88/408467

5. SharePoint securization
http://www.securityfocus.com/archive/88/408410

IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to ms-secnews-unsubscribe@securityfocus.com from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email listadmin@securityfocus.com and ask to be manually removed.

V.   SPONSOR INFORMATION
------------------------

Need to know what's happening on YOUR network? Symantec DeepSight Analyzer is a free service that gives you the ability to track and manage attacks. Analyzer automatically correlates attacks from various Firewall and network based Intrusion Detection Systems, giving you a comprehensive view of your computer or general network. Sign up today!

http://www.securityfocus.com/sponsor/Symantec_sf-news_041130





---------------------------------------------------------------------------
---------------------------------------------------------------------------

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • SecurityFocus Microsoft Newsletter #253, Marc Fossi <=
Previous by Date:  RE: exploit to vulnerability, Murad Talukdar
Next by Date:  RE: exploit to vulnerability, Steve Manzuik
Previous by Thread:  Latest patches: restart issues?, Trevor
Next by Thread:  Active Directory password external use, Rodrigo Blanco
Indexes:  [Date] [Thread] [Top] [All Lists]