Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Microsoft
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

SecurityFocus Microsoft Newsletter #384

from [Rob Keith] Network Security [Permanent Link]
Subject: SecurityFocus Microsoft Newsletter #384
Date: Wed, 05 Mar 2008 14:24:02 -0700 
SecurityFocus Microsoft Newsletter #384

----------------------------------------

This issue is Sponsored by: Black Hat Europe

Attend Black Hat Europe, March 25-28, Amsterdam, Europe's premier technical event for ICT security experts. Featuring hands-on training courses and Briefings presentations with lots of new content. Network with 400+ delegates from 30 nations and review products by leading vendors in a relaxed setting. Black Hat Europe is supported by most leading European infosec associations. www.blackhat.com


SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying 
topics of interest for our community. We are proud to offer content from 
Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs

------------------------------------------------------------------
I.   FRONT AND CENTER
      1.A Guide to Different Kinds of Honeypots
      2.The Laws of Full Disclosure
II.  MICROSOFT VULNERABILITY SUMMARY
      1. Microsoft Jet Database Engine MDB File Parsing Unspecified Remote 
Vulnerability
      2. ICQ Toolbar 'toolbaru.dll' ActiveX Control Remote Denial of Service 
Vulnerability
      3. Borland StarTeam Multiple Remote Vulnerabilities
      4. Wireshark 0.99.7 Multiple Denial of Service Vulnerabilities
      5. activePDF Server Packet Processing Remote Heap Overflow Vulnerability
      6. RETIRED: Microsoft Word Unspecified Remote Code Execution Vulnerability
      7. Symantec Backup Exec Scheduler ActiveX Control Multiple Arbitrary File 
Overwrite Vulnerabilities
      8. Symantec Decomposer RAR File Remote Buffer Overflow Vulnerability
      9. Symantec Decomposer Resource Consumption Denial of Service 
Vulnerability
      10. Symantec Backup Exec Scheduler ActiveX Control Multiple Stack Based 
Buffer Overflow Vulnerabilities
III. MICROSOFT FOCUS LIST SUMMARY
IV.  UNSUBSCRIBE INSTRUCTIONS
V.   SPONSOR INFORMATION

I.   FRONT AND CENTER
---------------------
1.A Guide to Different Kinds of Honeypots
Honeypots come in many shapes and sizes and are available to mimic lots of different 
kinds of applications and protocols. We shall take the definition of a honeypot as 
"a security resource whose value lies in being probed, attacked, or 
compromised"[Spitzner02]. That is, a honeypot is a system we can monitor to observe 
how attackers behave, a system which is designed to lure attackers away from more 
valuable systems and/or a system which is designed to provide early warning of an 
intrusion to the target network. A honeypot may be used for all three applications at the 
same time.
http://www.securityfocus.com/infocus/1897

2.The Laws of Full Disclosure
By Federico Biancuzzi
Full disclosure has a long tradition in the security community worldwide, yet 
different European countries have different views on the legality of 
vulnerability research. SecurityFocus contributor Federico Biancuzzi 
investigates the subject of full disclosure and the law by interviewing lawyers 
from twelve EU countries: Belgium, Denmark, Finland, France, Germany,Greece, 
Hungary, Ireland, Italy, Poland, Romania, and the UK.
http://www.securityfocus.com/columnists/466


II.  MICROSOFT VULNERABILITY SUMMARY
------------------------------------
1. Microsoft Jet Database Engine MDB File Parsing Unspecified Remote 
Vulnerability
BugTraq ID: 28087
Remote: Yes
Date Published: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28087
Summary:
Microsoft Jet Database Engine is prone to an unspecifed security vulnerability.

Remote attackers can exploit this issue to execute arbitrary machine code in 
the context of a user running the application. Successful exploits will 
compromise the affected application and possibly the underlying computer. 
Failed attacks will likely cause denial-of-service conditions.

2. ICQ Toolbar 'toolbaru.dll' ActiveX Control Remote Denial of Service 
Vulnerability
BugTraq ID: 28086
Remote: Yes
Date Published: 2008-03-04
Relevant URL: http://www.securityfocus.com/bid/28086
Summary:
ICQ Toolbar 'toolbaru.dll' ActiveX control is prone to a denial-of-service 
vulnerability.

An attacker can exploit this issue to trigger denial-of-service conditions in 
Internet Explorer or other applications that use the vulnerable ActiveX control.

This issue affects ICQ Toolbar 2.3 Beta; other versions may also be affected.

3. Borland StarTeam Multiple Remote Vulnerabilities
BugTraq ID: 28080
Remote: Yes
Date Published: 2008-03-03
Relevant URL: http://www.securityfocus.com/bid/28080
Summary:
Borland StarTeam is prone to multiple issues, including multiple 
integer-overflow vulnerabilities, a heap-overflow vulnerability, and a 
denial-of-service vulnerability.

Successfully exploiting these issues allows remote attackers to execute 
arbitrary machine code in the context of vulnerable server processes. These 
issues may facilitate the remote compromise of affected computers. Attackers 
may also trigger denial-of-service conditions.

NOTE: The StarTeam MPX vulnerabilities may actually be related to a TIBCO 
SmartSocket DLL, but this has not been confirmed. We may update this BID as 
more information emerges.

Borland StarTeam Server 2008 and MPX products are vulnerable to these issues; 
other versions may also be affected.

4. Wireshark 0.99.7 Multiple Denial of Service Vulnerabilities
BugTraq ID: 28025
Remote: Yes
Date Published: 2008-02-27
Relevant URL: http://www.securityfocus.com/bid/28025
Summary:
Wireshark is prone to multiple denial-of-service vulnerabilities.

Exploiting these issues may allow attackers to cause crashes and deny service 
to legitimate users of the application. Attackers may be able to leverage some 
of these vulnerabilities to execute arbitrary code, but this has not been 
confirmed.

Wireshark 0.6.0 to 0.99.7 are affected.

5. activePDF Server Packet Processing Remote Heap Overflow Vulnerability
BugTraq ID: 28013
Remote: Yes
Date Published: 2008-02-27
Relevant URL: http://www.securityfocus.com/bid/28013
Summary:
activePDF Server is prone to a remote heap-overflow vulnerability because it 
fails to perform adequate boundary checks on user-supplied input.

Attackers may leverage this issue to execute arbitrary code in the context of 
the affected application. Failed attacks will likely cause denial-of-service 
conditions.

This issue affects activePDF Server 3.8.4 and 3.8.5.14; other versions may be 
affected as well.

6. RETIRED: Microsoft Word Unspecified Remote Code Execution Vulnerability
BugTraq ID: 28011
Remote: Yes
Date Published: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/28011
Summary:
Microsoft Word is prone to an unspecified remote code-execution vulnerability.

Very few details are available regarding this issue. We will update this BID as 
more information emerges.

It is unknown at this time which specific versions of the application are 
affected.

NOTE: This BID is being retired because the vulnerability is already covered in 
BID  23804  (Microsoft Word Array Remote Code Execution Vulnerability).

7. Symantec Backup Exec Scheduler ActiveX Control Multiple Arbitrary File 
Overwrite Vulnerabilities
BugTraq ID: 28008
Remote: Yes
Date Published: 2008-02-28
Relevant URL: http://www.securityfocus.com/bid/28008
Summary:
Symantec Backup Exec is prone to multiple vulnerabilities that allow attackers 
overwrite arbitrary files.

An attacker can exploit these issues by enticing an unsuspecting victim to view a malicious HTML page. 

Successfully exploiting these issues will allow the attacker to corrupt and 
overwrite arbitrary files on the victim's computer in the context of the 
vulnerable application using the ActiveX control (typically Internet Explorer).

8. Symantec Decomposer RAR File Remote Buffer Overflow Vulnerability
BugTraq ID: 27913
Remote: Yes
Date Published: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/27913
Summary:
Symantec Decomposer is prone to a remote buffer-overflow vulnerability because 
the application fails to properly bounds-check user-supplied input before 
copying it to an insufficiently sized memory buffer.

An attacker may exploit this issue to execute arbitrary machine code with the 
privileges of the user running the affected application. Failed exploit 
attempts will result in a denial-of-service condition.

The following products are affected:

- Symantec Scan Engine 5.1.4.24 and prior
- Symantec AntiVirus Scan Engine 4.3.16.39 and prior
- Symantec AntiVirus Scan Engine for MS ISA 4.3.16.39 and prior
- Symantec AntiVirus Scan Engine for MS SharePoint 4.3.16.39 and prior
- Symantec AntiVirus Scan Engine for Messaging 4.3.16.39 and prior
- Symantec AntiVirus for Network Attached Storage 4.3.16.39 and prior
- Symantec AntiVirus Scan Engine for Clearswift 4.3.16.39 and prior
- Symantec AntiVirus Scan Engine for Caching 4.3.16.39 and prior
- Symantec AntiVirus/Filtering for Domino MPE(AIX, Linux, Solaris) prior to 
3.2.2
- Symantec Mail Security for Microsoft Exchange 4.6.5.12 and prior as well as 
5.0.4.363 and prior

9. Symantec Decomposer Resource Consumption Denial of Service Vulnerability
BugTraq ID: 27911
Remote: Yes
Date Published: 2008-02-26
Relevant URL: http://www.securityfocus.com/bid/27911
Summary:
Symantec Decomposer is prone to a denial-of-service vulnerability because it 
fails to adequately parse certain user-supplied input.

Attackers can exploit this issue to exhaust memory resources and cause 
denial-of-service conditions.

The following products are affected:
- Symantec Scan Engine  5.1.4.24 and prior
- Symantec AntiVirus Scan Engine 4.3.16.39 and prior
- Symantec AntiVirus Scan Engine for MS ISA 4.3.16.39 and prior
- Symantec AntiVirus Scan Engine for MS SharePoint 4.3.16.39 and prior
- Symantec AntiVirus Scan Engine for Messaging 4.3.16.39 and prior
- Symantec AntiVirus for Network Attached Storage 4.3.16.39 and prior
- Symantec AntiVirus Scan Engine for Clearswift 4.3.16.39 and prior
- Symantec AntiVirus Scan Engine for Caching  4.3.16.39 and prior
- Symantec AntiVirus/Filtering for Domino MPE(AIX, Linux, Solaris)  prior to 
3.2.2
- Symantec Mail Security for Microsoft Exchange 4.6.5.12 and prior as well as 
5.0.4.363 and prior.

10. Symantec Backup Exec Scheduler ActiveX Control Multiple Stack Based Buffer Overflow Vulnerabilities
BugTraq ID: 26904
Remote: Yes
Date Published: 2008-02-28
Relevant URL: http://www.securityfocus.com/bid/26904
Summary:
An ActiveX control in the scheduler component of Symantec Backup Exec is prone to multiple stack-based buffer-overflow vulnerabilities because the application fails to perform adequate boundary checks on user-supplied data. 

Successfully exploiting these issues allows remote attackers to execute 
arbitrary code in the context of the application using the ActiveX control 
(typically Internet Explorer). Failed exploit attempts likely result in 
denial-of-service conditions.

III. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
IV.  UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to 
ms-secnews-unsubscribe@securityfocus.com from the subscribed address. The 
contents of the subject or message body do not matter. You will receive a 
confirmation request message to which you will have to answer. Alternatively 
you can also visit http://www.securityfocus.com/newsletters and unsubscribe via 
the website.

If your email address has changed email listadmin@securityfocus.com and ask to 
be manually removed.

V.   SPONSOR INFORMATION
------------------------
This issue is Sponsored by: Black Hat Europe

Attend Black Hat Europe, March 25-28, Amsterdam, Europe's premier technical event for ICT security experts. Featuring hands-on training courses and Briefings presentations with lots of new content. Network with 400+ delegates from 30 nations and review products by leading vendors in a relaxed setting. Black Hat Europe is supported by most leading European infosec associations. www.blackhat.com



[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • SecurityFocus Microsoft Newsletter #384, Rob Keith <=
Next by Date:  Temp directory is odd, Lars
Next by Thread:  Temp directory is odd, Lars
Indexes:  [Date] [Thread] [Top] [All Lists]