SecurityFocus Microsoft Newsletter #354 ----------------------------------------
This Issue is Sponsored by: Watchfire As web applications become increasingly complex, tremendous amounts of sensitive data - including personal, medical and financial information - are exchanged, and stored. This paper examines a few vulnerability detection methods - specifically comparing and contrasting manual penetration testing with automated scanning tools. Download Watchfire's "Web Application Security: Automated Scanning or Manual Penetration Testing?" whitepaper today! https://www.watchfire.com/securearea/whitepapers.aspx?id=701700000008yka SECURITY BLOGS SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks. http://www.securityfocus.com/blogs ------------------------------------------------------------------ I. FRONT AND CENTER 1. Delete This! 2. Security conferences versus practical knowledge II. MICROSOFT VULNERABILITY SUMMARY 1. WinGate SMTP Session Invalid State Remote Denial Of Service Vulnerability 2. Microsoft August 2007 Advance Notification Multiple Vulnerabilities 3. Microsoft Windows Media Player AU Divide-By-Zero Denial of Service Vulnerability 4. Microsoft Internet Explorer Position:Relative Denial of Service Vulnerability 5. Microsoft Windows Explorer JPG File Denial of Service Vulnerability 6. Microsoft Windows Calendar ICS File Denial of Service Vulnerability 7. JustSystem Ichitaro Unspecified Code Execution Vulnerability 8. Panda Antivirus Insecure File Permissions Local Privilege Escalation Vulnerability 9. Ipswitch IMail Server and Collaboration Suite (ICS) Multiple Buffer Overflow Vulnerabilities III. MICROSOFT FOCUS LIST SUMMARY IV. UNSUBSCRIBE INSTRUCTIONS V. SPONSOR INFORMATION I. FRONT AND CENTER --------------------- 1. Delete This! By Mark Rasch A series of legal events means that companies that have no business reason to retain documents or records may be compelled to create and retain such records just so they can become available for discovery. http://www.securityfocus.com/columnists/450 2. Security conferences versus practical knowledge By Don Parker While the training industry as a whole has evolved rather well to suit the needs of their clients, the computer conference - specifically the computer security conference - has declined in relevance to the everyday sys-admin and network security practitioners. http://www.securityfocus.com/columnists/449 II. MICROSOFT VULNERABILITY SUMMARY ------------------------------------ 1. WinGate SMTP Session Invalid State Remote Denial Of Service Vulnerability BugTraq ID: 25272 Remote: Yes Date Published: 2007-08-10 Relevant URL: http://www.securityfocus.com/bid/25272 Summary: WinGate is prone to a denial-of-service vulnerability because the application fails to sanitize user-supplied input before including it in the format-specifier argument of a formatted-printing function. An attacker can exploit this issue to crash the affected application, denying service to legitimate users. This issue affects versions prior to WinGate 6.2.2. 2. Microsoft August 2007 Advance Notification Multiple Vulnerabilities BugTraq ID: 25247 Remote: Yes Date Published: 2007-08-09 Relevant URL: http://www.securityfocus.com/bid/25247 Summary: Microsoft has released advance notification that the vendor will be releasing nine security bulletins on August 14, 2007. The highest severity rating for these issues is 'Critical'. Successful exploits can result in privilege escalation and remote code execution. Further details about these issues are not currently available. Individual BIDs will be created for each issue; this record will be removed when the security bulletins are released. 3. Microsoft Windows Media Player AU Divide-By-Zero Denial of Service Vulnerability BugTraq ID: 25236 Remote: Yes Date Published: 2007-08-08 Relevant URL: http://www.securityfocus.com/bid/25236 Summary: Microsoft Windows Media Player is prone to a denial-of-service vulnerability when processing a malformed AU file. A remote attacker can exploit this issue to crash the affected application, denying service to legitimate users. This issue affects Microsoft Windows Media Player 11; other versions may also be affected. 4. Microsoft Internet Explorer Position:Relative Denial of Service Vulnerability BugTraq ID: 25222 Remote: Yes Date Published: 2007-08-07 Relevant URL: http://www.securityfocus.com/bid/25222 Summary: Microsoft Internet Explorer is prone to a denial-of-service vulnerability because the application fails to handle certain HTML code. This issue is triggered when a remote attacker entices a victim user to visit a malicious website. Attackers may exploit this issue to crash Internet Explorer, effectively denying service to legitimate users. This issue affects Internet Explorer 6. 5. Microsoft Windows Explorer JPG File Denial of Service Vulnerability BugTraq ID: 25207 Remote: Yes Date Published: 2007-08-06 Relevant URL: http://www.securityfocus.com/bid/25207 Summary: Microsoft Windows Explorer is prone to a denial-of-service vulnerability. An attacker could exploit this issue to cause Explorer to crash, effectively denying service. Arbitrary code execution may be possible, but this has not been confirmed. This issue affects Windows Explorer on Microsoft Windows XP; other operating systems may also be affected. 6. Microsoft Windows Calendar ICS File Denial of Service Vulnerability BugTraq ID: 25201 Remote: Yes Date Published: 2007-08-04 Relevant URL: http://www.securityfocus.com/bid/25201 Summary: Microsoft Windows Calendar as shipped with Windows Vista is prone to a denial-of-service vulnerability. An attacker may exploit this vulnerability to cause the affected application to crash, resulting in denial-of-service conditions. 7. JustSystem Ichitaro Unspecified Code Execution Vulnerability BugTraq ID: 25187 Remote: Yes Date Published: 2007-08-02 Relevant URL: http://www.securityfocus.com/bid/25187 Summary: Ichitaro is prone to an unspecified remotely exploitable code-execution vulnerability. Remote attackers may exploit this issue to execute arbitrary code within the context of the currently logged in user. This issue is being exploited in the wild by Trojan.Tarodrop.D. Few details are available regarding this issue. This BID will be updated when more information emerges. 8. Panda Antivirus Insecure File Permissions Local Privilege Escalation Vulnerability BugTraq ID: 25186 Remote: No Date Published: 2007-08-02 Relevant URL: http://www.securityfocus.com/bid/25186 Summary: Panda Antivirus is prone to a local privilege-escalation vulnerability that stems from a design error. This vulnerability occurs because the application assigns insecure file permissions to certain directories upon installation. An attacker may exploit this vulnerability to overwrite files with arbitrary code in the affected directories. The arbitrary code is then executed with System-level privileges. This may facilitate a complete compromise of affected computers. Panda Antivirus 2008 is reported vulnerable. This issue is related to BID 19891: Panda Platinum Internet Security 2006/2007 Local Privilege Escalation Vulnerability. 9. Ipswitch IMail Server and Collaboration Suite (ICS) Multiple Buffer Overflow Vulnerabilities BugTraq ID: 25176 Remote: Yes Date Published: 2007-08-02 Relevant URL: http://www.securityfocus.com/bid/25176 Summary: Ipswitch IMail Server and Collaboration Suite (ICS) are prone to multiple buffer-overflow vulnerabilities because these applications fail to properly bounds-check user-supplied input before copying it into an insufficiently sized memory buffer. Attackers may exploit these issues to execute arbitrary code in the context of the affected applications. Failed exploit attempts will likely result in denial-of-service conditions. These versions are reported vulnerable to these issues: Ipswitch Collaboration Suite (ICS) 2006 IMail Premium 2006.2 and 2006.21 Other versions may also be affected. III. MICROSOFT FOCUS LIST SUMMARY --------------------------------- IV. UNSUBSCRIBE INSTRUCTIONS ----------------------------- To unsubscribe send an e-mail message to ms-secnews-unsubscribe (at) securityfocus (dot) com [email concealed] from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website. If your email address has changed email listadmin (at) securityfocus (dot) com [email concealed] and ask to be manually removed. V. SPONSOR INFORMATION ------------------------ This Issue is Sponsored by: Watchfire As web applications become increasingly complex, tremendous amounts of sensitive data - including personal, medical and financial information - are exchanged, and stored. This paper examines a few vulnerability detection methods - specifically comparing and contrasting manual penetration testing with automated scanning tools. Download Watchfire's "Web Application Security: Automated Scanning or Manual Penetration Testing?" whitepaper today! https://www.watchfire.com/securearea/whitepapers.aspx?id=701700000008yka
