SecurityFocus Microsoft Newsletter #277
----------------------------------------

This Issue is Sponsored By: CipherTrust

Messaging Security: It's more than just e-mail.
Today's businesses are struggling with a new breed of threats to more than just their e-mail environments, and despite best efforts, hackers and spammers continue to exploit new attack vectors to break into enterprise networks. Please join CipherTrust to discuss best practices and approaches to comprehensive messaging security. Register Now in a city near you.

http://www.ciphertrust.com/seminars/sf

------------------------------------------------------------------
I.   FRONT AND CENTER
       1. Malicious Malware: attacking the attackers, part 2
       2. Nmap 4.00 with Fyodor
II.  MICROSOFT VULNERABILITY SUMMARY
       1. Lotus Domino LDAP Denial of Service Vulnerability
       2. Ritlabs The Bat! Message Header Spoofing Weakness
3. Trend Micro ServerProtect Extracted File Count Exceed Scan Bypass Weakness 4. Computer Associates Multiple Message Queuing Denial Of Service Vulnerabilities 5. Microsoft Internet Explorer URLMon.DLL Denial Of Service Vulnerability 6. Nullsoft Winamp Malformed Playlist File WMA Extention Remote Buffer Overflow Vulnerability 7. MailEnable Professional EXAMINE Command Remote Denial of Service Vulnerability 8. Symantec Sygate Management Server SMS Authentication Servlet SQL Injection Vulnerability 9. Microsoft Internet Explorer Flash ActionScript JScript Handling Denial of Service Vulnerability 10. Nullsoft Winamp Malformed Playlist File Handling Remote Buffer Overflow Vulnerability 11. Microsoft Internet Explorer ActiveX Control Kill Bit Bypass Vulnerability
       12. Communigate Pro Server LDAP Denial of Service Vulnerability
III. MICROSOFT FOCUS LIST SUMMARY
       1. SecurityFocus Microsoft Newsletter #276
IV.  UNSUBSCRIBE INSTRUCTIONS
V.   SPONSOR INFORMATION

I.   FRONT AND CENTER
---------------------
1. Malicious Malware: attacking the attackers, part 2
By Thorsten Holz, Frederic Raynal
This article explores measures to attack those malicious attackers who seek to harm our legitimate systems. The proactive use of exploits and bot networks that fight other bot networks, along with social engineering and attacker techniques are all discussed in an ethical manner. Part two of two.
http://www.securityfocus.com/infocus/1857

2. Nmap 4.00 with Fyodor
By Federico Biancuzzi
After more than eight years since its first release in Phrack magazine, Fyodor has announced Nmap 4.00. Curious as usual, Federico Biancuzzi interviewed Fyodor on behalf of SecurityFocus to discuss the new port scanning engine, version detection improvements, and the new stack fingerprinting algorithm under work by the community.
http://www.securityfocus.com/columnists/384


II.  MICROSOFT VULNERABILITY SUMMARY
------------------------------------
1. Lotus Domino LDAP Denial of Service Vulnerability
BugTraq ID: 16523
Remote: Yes
Date Published: 2006-02-07
Relevant URL: http://www.securityfocus.com/bid/16523
Summary:
Lotus Domino LDAP server is prone to a denial-of-service vulnerability when handling malformed requests.

Lotus Domino version 7.0 is vulnerable; earlier versions may also be affected.

2. Ritlabs The Bat! Message Header Spoofing Weakness
BugTraq ID: 16515
Remote: Yes
Date Published: 2006-02-06
Relevant URL: http://www.securityfocus.com/bid/16515
Summary:
The Bat! is prone to a message-header-spoofing weakness.

Potentially malicious or unwanted email may be untraceable and difficult to block.

3. Trend Micro ServerProtect Extracted File Count Exceed Scan Bypass Weakness
BugTraq ID: 16483
Remote: Yes
Date Published: 2006-02-03
Relevant URL: http://www.securityfocus.com/bid/16483
Summary:
Trend Micro ServerProtect is prone to a scan-bypass weakness.

The issue presents itself because the default value for the 'extracted file count exceeds' setting is specified to 500, allowing an attacker to create a zipped folder containing more than 500 files and malicious code file that will bypass scanning.

Trend Micro ServerProtect 5.58 is reportedly vulnerable to this issue. Other versions may be vulnerable as well.

4. Computer Associates Multiple Message Queuing Denial Of Service Vulnerabilities
BugTraq ID: 16475
Remote: Yes
Date Published: 2006-02-02
Relevant URL: http://www.securityfocus.com/bid/16475
Summary:
Computer Associates Message Queuing (CAM) is prone to two remote denial-of-service vulnerabilities. These issues arise because the application fails to properly handle certain unspecified malformed packets.

A remote attacker can exploit these vulnerabilities to deny service to legitimate users.

5. Microsoft Internet Explorer URLMon.DLL Denial Of Service Vulnerability
BugTraq ID: 16463
Remote: Yes
Date Published: 2006-02-01
Relevant URL: http://www.securityfocus.com/bid/16463
Summary:
Internet Explorer is prone to a remote denial-of-service vulnerability. This issue is due to a failure in the application to properly handle user-supplied data.

Successful exploitation will cause the affected browser to crash. Arbitrary code execution may also be possible, but this has not been confirmed.

This issue affects version 7.0 beta 2; other versions may also be vulnerable.

6. Nullsoft Winamp Malformed Playlist File WMA Extention Remote Buffer Overflow Vulnerability
BugTraq ID: 16462
Remote: Yes
Date Published: 2006-02-01
Relevant URL: http://www.securityfocus.com/bid/16462
Summary:
Winamp is susceptible to a buffer-overflow vulnerability when handling specially crafted playlist files. An attacker may exploit this issue to gain unauthorized access to a computer with the privileges of the user that activated the vulnerable application.

Winamp version 5.094 is reported susceptible to this issue; other versions may also be affected.

This issue is similar to the one described in BID 16410 (Nullsoft Winamp Malformed Playlist File Handling Remote Buffer Overflow Vulnerability), but they likely exist in differing code paths in the application.

7. MailEnable Professional EXAMINE Command Remote Denial of Service Vulnerability
BugTraq ID: 16457
Remote: Yes
Date Published: 2006-02-01
Relevant URL: http://www.securityfocus.com/bid/16457
Summary:
MailEnable Professional is prone to a remote denial-of-service vulnerability.

Successful exploitation can allow remote attackers to trigger a crash in the IMAP service.

MailEnable Professional versions prior to 1.72 are vulnerable.

8. Symantec Sygate Management Server SMS Authentication Servlet SQL Injection Vulnerability
BugTraq ID: 16452
Remote: Yes
Date Published: 2006-02-01
Relevant URL: http://www.securityfocus.com/bid/16452
Summary:
Symantec Sygate Management Server is prone to an SQL-injection vulnerability.

The vulnerability specifically affects the SMS Authentication Servlet component of the server.

A remote attacker can pass malicious input to database queries through HTTP GET requests, resulting in modification of query logic or other attacks.

This issue can allow attackers to overwrite the password of any account on the server. This can facilitate a complete compromise if the attacker can overwrite the administrator password.

9. Microsoft Internet Explorer Flash ActionScript JScript Handling Denial of Service Vulnerability
BugTraq ID: 16441
Remote: Yes
Date Published: 2006-01-31
Relevant URL: http://www.securityfocus.com/bid/16441
Summary:
Microsoft Internet Explorer is reportedly prone to a denial-of-service vulnerability.

This issue arises when the browser handles specially crafted JScript contained in ActionScript code of a Flash animation.

A remote attacker may trigger a crash in the browser by enticing users to visit a malicious website.

10. Nullsoft Winamp Malformed Playlist File Handling Remote Buffer Overflow Vulnerability
BugTraq ID: 16410
Remote: Yes
Date Published: 2006-01-30
Relevant URL: http://www.securityfocus.com/bid/16410
Summary:
Winamp is susceptible to a buffer-overflow vulnerability when handling specially crafted playlist files. An attacker may exploit this issue to gain unauthorized access to a computer with the privileges of the user that activated the vulnerable application.

Winamp 5.11 and 5.12 are reportedly affected by this issue.

11. Microsoft Internet Explorer ActiveX Control Kill Bit Bypass Vulnerability
BugTraq ID: 16409
Remote: Yes
Date Published: 2006-01-28
Relevant URL: http://www.securityfocus.com/bid/16409
Summary:
Microsoft Internet Explorer fails to properly check the kill bit for ActiveX controls. This could allow a remote attacker to invoke an unsafe control to execute arbitrary code on the vulnerable computer.

12. Communigate Pro Server LDAP Denial of Service Vulnerability
BugTraq ID: 16407
Remote: Yes
Date Published: 2006-01-28
Relevant URL: http://www.securityfocus.com/bid/16407
Summary:
CommuniGate Pro Server is prone to a remote denial-of-service vulnerability with a potential for arbitrary code execution. This issue reportedly resides in the LDAP component of the application.

CommuniGate Pro Server 5.0.6 is vulnerable; earlier versions may also be affected.

III. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. SecurityFocus Microsoft Newsletter #276
http://www.securityfocus.com/archive/88/424054

IV.  UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to [EMAIL PROTECTED] from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email [EMAIL PROTECTED] and ask to be manually removed.

V.   SPONSOR INFORMATION
------------------------
This Issue is Sponsored By: CipherTrust

Messaging Security: It's more than just e-mail.
Today's businesses are struggling with a new breed of threats to more than just their e-mail environments, and despite best efforts, hackers and spammers continue to exploit new attack vectors to break into enterprise networks. Please join CipherTrust to discuss best practices and approaches to comprehensive messaging security. Register Now in a city near you.

http://www.ciphertrust.com/seminars/sf




---------------------------------------------------------------------------
---------------------------------------------------------------------------

Reply via email to