SecurityFocus Microsoft Newsletter #362 ----------------------------------------
This Issue is Sponsored by: Techmentor: TechMentor - Las Vegas - October 15 - 19 Join your fellow systems administrators and IT managers at the Rio Hotel & Casino in Vegas for a week of in-depth technical training. TechMentor will give you the tools and techniques to help you get the most out of your network. Register now! http://ad.doubleclick.net/clk;135399548;6631910;q?http://techmentorevents.com/ SECURITY BLOGS SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks. http://www.securityfocus.com/blogs ------------------------------------------------------------------ I. FRONT AND CENTER 1.Passive Network Analysis 2.Windows Anti-Debug Reference II. MICROSOFT VULNERABILITY SUMMARY 1. Altnet Download Manager ADM4 ActiveX Buffer Overflow Vulnerability 2. EDraw Office Viewer Component FtpDownloadFile ActiveX Buffer Overflow Vulnerability 3. FSD Exechelp And Execmulticast Multiple Remote Buffer Overflow Vulnerabilities 4. Microsoft Internet Explorer File Upload Vulnerability 5. Microsoft Windows Explorer PNG Image Local Denial Of Service Vulnerability 6. IBM Rational ClearQuest Data Corruption Denial of Service Vulnerability 7. Microsoft Live Messenger Shared Files Denial of Service Vulnerability 8. Symantec Veritas Backup Exec for Windows Unspecified Vulnerability 9. ebCrypt ActiveX Control AddString Denial of Service Vulnerability 10. Imatix Xitami If-Modified-Since Remote Buffer Overflow Vulnerability III. MICROSOFT FOCUS LIST SUMMARY 1. SecurityFocus Microsoft Newsletter #361 IV. UNSUBSCRIBE INSTRUCTIONS V. SPONSOR INFORMATION I. FRONT AND CENTER --------------------- 1.Passive Network Analysis By Stephen Barish In sports, it's pretty much accepted wisdom that home teams have the advantage; that's why teams with winning records on the road do so well in the playoffs. But for some reason we rarely think about "the home field advantage" when we look at defending our networks. http://www.securityfocus.com/infocus/1894 2.Windows Anti-Debug Reference By Nicolas Falliere This paper classifies and presents several anti-debugging techniques used on Windows NT-based operating systems. http://www.securityfocus.com/infocus/1893 II. MICROSOFT VULNERABILITY SUMMARY ------------------------------------ 1. Altnet Download Manager ADM4 ActiveX Buffer Overflow Vulnerability BugTraq ID: 25903 Remote: Yes Date Published: 2007-10-03 Relevant URL: http://www.securityfocus.com/bid/25903 Summary: Altnet Download Manager ADM4 ActiveX control is prone to a buffer-overflow vulnerability because it fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer. Attackers can exploit this issue to cause a denial-of-service condition or execute arbitrary code. This issue affects Altnet Download Manager 4.0; other versions may also be affected. KaZaA and Grokster are considered to be vulnerable as well. 2. EDraw Office Viewer Component FtpDownloadFile ActiveX Buffer Overflow Vulnerability BugTraq ID: 25892 Remote: Yes Date Published: 2007-10-01 Relevant URL: http://www.securityfocus.com/bid/25892 Summary: EDraw Office Viewer Component ActiveX control is prone to a buffer-overflow vulnerability because it fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer. An attacker can exploit this issue to cause a denial-of-service condition and possibly to execute arbitrary code, but has not been confirmed. This issue affects EDraw Office Viewer Component 5.3; other versions may also be affected. 3. FSD Exechelp And Execmulticast Multiple Remote Buffer Overflow Vulnerabilities BugTraq ID: 25883 Remote: Yes Date Published: 2007-10-01 Relevant URL: http://www.securityfocus.com/bid/25883 Summary: FSD is prone to multiple remote buffer-overflow vulnerabilities because the application fails to perform adequate boundary-checks on user-supplied data. An attacker can exploit these issues to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. These issues affect FSD 2.052 d9 and 3.0000 d9; other versions may also be affected. 4. Microsoft Internet Explorer File Upload Vulnerability BugTraq ID: 25836 Remote: Yes Date Published: 2007-09-27 Relevant URL: http://www.securityfocus.com/bid/25836 Summary: Microsoft Internet Explorer is prone to an information-disclosure vulnerability that allows attackers to gain access to the contents of arbitrary files. This issue stems from a design error resulting from the improper handling of form fields. This issue is similar to the one described in BID 24725 (Mozilla Firefox OnKeyDown Event File Upload Vulnerability). 5. Microsoft Windows Explorer PNG Image Local Denial Of Service Vulnerability BugTraq ID: 25816 Remote: Yes Date Published: 2007-09-26 Relevant URL: http://www.securityfocus.com/bid/25816 Summary: Microsoft Windows Explorer is prone to a denial-of-service vulnerability because it fails to handle malformed PNG image files. Attackers can exploit this issue to cause Windows Explorer to exhaust CPU cycles and become unresponsive. 6. IBM Rational ClearQuest Data Corruption Denial of Service Vulnerability BugTraq ID: 25810 Remote: Yes Date Published: 2007-09-25 Relevant URL: http://www.securityfocus.com/bid/25810 Summary: IBM Rational ClearQuest is prone to a denial-of-service vulnerability. Successfully exploiting this issue allows attackers to corrupt data stored in Microsoft SQL Server- or IBM DB2-based ClearQuest databases. Oracle-based databases are not prone to this issue. A successful attack will deny service to legitimate users. 7. Microsoft Live Messenger Shared Files Denial of Service Vulnerability BugTraq ID: 25795 Remote: Yes Date Published: 2007-09-24 Relevant URL: http://www.securityfocus.com/bid/25795 Summary: Microsoft Live Messenger is prone to a denial-of-service vulnerability because the application fails to properly bounds-check user-supplied input. Successfully exploiting this issue allows remote attackers to crash affected applications, denying service to legitimate users. Given the nature of this issue, remote attackers may also be able to execute code, but this has not been confirmed. Live Messenger 8.1 is vulnerable to this issue; other versions may also be affected. 8. Symantec Veritas Backup Exec for Windows Unspecified Vulnerability BugTraq ID: 25793 Remote: Yes Date Published: 2007-09-24 Relevant URL: http://www.securityfocus.com/bid/25793 Summary: Symantec Veritas Backup Exec for Windows is prone to an unspecified vulnerability. Very few technical details are currently available. We will update this BID as more information emerges. This issue affects Backup Exec 11d for Windows Servers. 9. ebCrypt ActiveX Control AddString Denial of Service Vulnerability BugTraq ID: 25789 Remote: Yes Date Published: 2007-09-24 Relevant URL: http://www.securityfocus.com/bid/25789 Summary: ebCrypt ActiveX control is prone to a denial-of-service vulnerability. Exploiting this issue allows remote attackers to crash applications that employ the vulnerable control (typically Microsoft Internet Explorer). ebCrypt 2.0 is vulnerable; other versions may also be affected. 10. Imatix Xitami If-Modified-Since Remote Buffer Overflow Vulnerability BugTraq ID: 25772 Remote: Yes Date Published: 2007-09-24 Relevant URL: http://www.securityfocus.com/bid/25772 Summary: Xitami is prone to a remote buffer-overflow vulnerability because the software fails to properly bounds-check user-supplied input before copying it into an insufficiently sized memory buffer. Attackers may exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Xitami 2.5 is vulnerable to this issue; other versions may also be affected. III. MICROSOFT FOCUS LIST SUMMARY --------------------------------- 1. SecurityFocus Microsoft Newsletter #361 http://www.securityfocus.com/archive/88/481007 IV. UNSUBSCRIBE INSTRUCTIONS ----------------------------- To unsubscribe send an e-mail message to [EMAIL PROTECTED] from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website. If your email address has changed email [EMAIL PROTECTED] and ask to be manually removed. V. SPONSOR INFORMATION ------------------------ This Issue is Sponsored by: Techmentor: TechMentor - Las Vegas - October 15 - 19 Join your fellow systems administrators and IT managers at the Rio Hotel & Casino in Vegas for a week of in-depth technical training. TechMentor will give you the tools and techniques to help you get the most out of your network. Register now! http://ad.doubleclick.net/clk;135399548;6631910;q?http://techmentorevents.com/
