SecurityFocus Microsoft Newsletter #426 ----------------------------------------
This issue is sponsored by the Computer Forensics Show THE COMPUTER FORENSICS SHOW IS THE "DON'T MISS" EVENT OF THE YEAR FOR ALL LITIGATION, ACCOUNTING AND IT PROFESSIONALS April 27-29, 2009 Washington DC Convention Center Washington, DC August 3-5, 2009 San Jose Convention Center San Jose, CA www.computerforensicshow.com SECURITY BLOGS SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks. http://www.securityfocus.com/blogs ------------------------------------------------------------------ I. FRONT AND CENTER 1.MD5 Hack Interesting, But Not Threatening 2.Time to Exclude Bad ISPs II. MICROSOFT VULNERABILITY SUMMARY 1. Microsoft Internet Explorer 'screen[""]' Remote Denial of Service Vulnerability 2. Microsoft MSN Messenger IP Address Information Disclosure Vulnerability 3. Destiny Media Player '.m3u' File Remote Stack Buffer Overflow Vulnerability 4. Elecard MPEG Player '.m3u' File Remote Stack Buffer Overflow Vulnerability 5. Apple Safari WebKit 'alink' Property Memory Leak Remote Denial of Service Vulnerability 6. SaschArt SasCam Webcam Server ActiveX Control 'Get' Method Buffer Overflow Vulnerability 7. Winace Malformed Filename Remote Denial of Service Vulnerability 8. Microsoft Windows Media Player WAV File Parsing Code Execution Vulnerability 9. BulletProof FTP Client '.bps' File Stack Buffer Overflow Vulnerability 10. BreakPoint Software Hex Workshop CMAP File Handling Buffer Overflow Vulnerability III. MICROSOFT FOCUS LIST SUMMARY 1. SecurityFocus Microsoft Newsletter #425 IV. UNSUBSCRIBE INSTRUCTIONS V. SPONSOR INFORMATION I. FRONT AND CENTER --------------------- 1.MD5 Hack Interesting, But Not Threatening By Tim Callan A few days ago at the Chaos Communication Congress in Berlin, researchers presented a paper in which they had used an MD5 collision attack and substantial computing firepower to create a false SSL certificate using the RapidSSL brand of SSL certificate. In the intervening time we have seen a great deal of confusion and misinformation in the press and blogosphere about the specifics of this attack and what it means to the online ecosystem. http://www.securityfocus.com/columnists/488 2.Time to Exclude Bad ISPs By Oliver Day In recent months, three questionable Internet service providers - EstDomains, Atrivo, and McColo - were effectively taken offline resulting in noticeable drops of malware and spam. http://www.securityfocus.com/columnists/487 II. MICROSOFT VULNERABILITY SUMMARY ------------------------------------ 1. Microsoft Internet Explorer 'screen[""]' Remote Denial of Service Vulnerability BugTraq ID: 33149 Remote: Yes Date Published: 2009-01-07 Relevant URL: http://www.securityfocus.com/bid/33149 Summary: Microsoft Internet Explorer is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue by enticing an unsuspecting victim to view a malicious web page. Successfully exploiting this issue will cause the application to crash, denying service to legitimate users. Microsoft Internet Explorer 6, 7 and 8 Beta are vulnerable; other versions may also be affected. 2. Microsoft MSN Messenger IP Address Information Disclosure Vulnerability BugTraq ID: 33125 Remote: Yes Date Published: 2008-12-30 Relevant URL: http://www.securityfocus.com/bid/33125 Summary: Microsoft MSN Messenger is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Microsoft MSN Messenger 8.5.1 is vulnerable; other versions may also be affected. 3. Destiny Media Player '.m3u' File Remote Stack Buffer Overflow Vulnerability BugTraq ID: 33091 Remote: Yes Date Published: 2009-01-03 Relevant URL: http://www.securityfocus.com/bid/33091 Summary: Destiny Media Player is prone to a remote stack-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied input. Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions. Destiny Media Player 1.61.0 is vulnerable; other versions may also be affected. 4. Elecard MPEG Player '.m3u' File Remote Stack Buffer Overflow Vulnerability BugTraq ID: 33089 Remote: Yes Date Published: 2009-01-02 Relevant URL: http://www.securityfocus.com/bid/33089 Summary: Elecard MPEG Player is prone to a remote stack-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied input. Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions. Elecard MPEG Player 5.5 is vulnerable; other versions may also be affected. 5. Apple Safari WebKit 'alink' Property Memory Leak Remote Denial of Service Vulnerability BugTraq ID: 33080 Remote: Yes Date Published: 2009-01-01 Relevant URL: http://www.securityfocus.com/bid/33080 Summary: Apple Safari is prone to a denial-of-service vulnerability that resides in the WebKit library. Remote attackers can exploit this issue to crash the affected browser, denial-of-service condition. Apple Safari 3.2 running on Microsoft Windows Vista is vulnerable; other versions running on different platforms may also be affected. 6. SaschArt SasCam Webcam Server ActiveX Control 'Get' Method Buffer Overflow Vulnerability BugTraq ID: 33053 Remote: Yes Date Published: 2008-12-29 Relevant URL: http://www.securityfocus.com/bid/33053 Summary: SasCam Webcam Server ActiveX control is prone to a buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer. An attacker can exploit this issue to execute arbitrary code within the context of the application that uses the ActiveX control (typically Internet Explorer). Failed exploit attempts will result in denial-of-service conditions. SasCam Webcam Server 2.6.5 is vulnerable; other versions may also be affected. 7. Winace Malformed Filename Remote Denial of Service Vulnerability BugTraq ID: 33049 Remote: Yes Date Published: 2008-12-29 Relevant URL: http://www.securityfocus.com/bid/33049 Summary: Winace is prone to a denial-of-service vulnerability. Attackers can exploit this issue to crash Windows Explorer, denying service to legitimate users. Given the nature of this issue, attackers may also be able to run arbitrary code, but this has not been confirmed. Winace 2.2 is vulnerable; other versions may also be affected. 8. Microsoft Windows Media Player WAV File Parsing Code Execution Vulnerability BugTraq ID: 33042 Remote: Yes Date Published: 2008-12-29 Relevant URL: http://www.securityfocus.com/bid/33042 Summary: Microsoft Windows Media Player is prone to a code-execution vulnerability. An attacker can exploit this issue by tricking an unsuspecting victim into opening a malicious file with the vulnerable application. A successful exploit will allow arbitrary code to run in the context of the user running the application. 9. BulletProof FTP Client '.bps' File Stack Buffer Overflow Vulnerability BugTraq ID: 33024 Remote: Yes Date Published: 2008-12-28 Relevant URL: http://www.securityfocus.com/bid/33024 Summary: BulletProof FTP Client is prone to a stack-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. An attacker may exploit this issue to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will likely result in a denial-of-service condition. 10. BreakPoint Software Hex Workshop CMAP File Handling Buffer Overflow Vulnerability BugTraq ID: 33023 Remote: Yes Date Published: 2008-12-28 Relevant URL: http://www.securityfocus.com/bid/33023 Summary: Hex Workshop is prone to a heap-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied input. Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions. Hex Workshop 5.1.4 is vulnerable; other versions may also be affected. III. MICROSOFT FOCUS LIST SUMMARY --------------------------------- 1. SecurityFocus Microsoft Newsletter #425 http://www.securityfocus.com/archive/88/499701 IV. UNSUBSCRIBE INSTRUCTIONS ----------------------------- To unsubscribe send an e-mail message to [email protected] from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website. If your email address has changed email [email protected] and ask to be manually removed. V. SPONSOR INFORMATION ------------------------ This issue is sponsored by the Computer Forensics Show THE COMPUTER FORENSICS SHOW IS THE "DON'T MISS" EVENT OF THE YEAR FOR ALL LITIGATION, ACCOUNTING AND IT PROFESSIONALS April 27-29, 2009 Washington DC Convention Center Washington, DC August 3-5, 2009 San Jose Convention Center San Jose, CA www.computerforensicshow.com
