SecurityFocus Microsoft Newsletter #276
----------------------------------------
This Issue is Sponsored By: CipherTrust
Messaging Security: It's more than just e-mail.
Today's businesses are struggling with a new breed of threats to more than just
their e-mail environments, and despite best efforts, hackers and spammers
continue to exploit new attack vectors to break into enterprise networks.
Please join CipherTrust to discuss best practices and approaches to
comprehensive messaging security. Register Now in a city near you.
http://www.ciphertrust.com/seminars/sf
------------------------------------------------------------------
I. FRONT AND CENTER
1. Google's data minefield
2. Nmap 4.00 with Fyodor
3. Malicious Malware: attacking the attackers, part 1
II. MICROSOFT VULNERABILITY SUMMARY
1. MailEnable Professional EXAMINE Command Remote Denial of Service
Vulnerability
2. Symantec Sygate Management Server SMS Authentication Servlet SQL
Injection Vulnerability
3. Microsoft Internet Explorer Flash ActionScript JScript Handling
Denial of Service Vulnerability
4. Nullsoft Winamp Malformed Playlist File Handling Remote Buffer
Overflow Vulnerability
5. Microsoft Internet Explorer ActiveX Control Kill Bit Bypass
Vulnerability
6. Communigate Pro Server LDAP Denial of Service Vulnerability
7. Mercury Mail Remote Mailbox Name Service Buffer Overflow
Vulnerability
8. Kerio WinRoute Firewall Web Browsing Unspecified Denial of Service
Vulnerability
9. E-Post MailServer Multiple Remote Vulnerabilities
10. Sami FTP Server User Command Buffer Overflow Vulnerability
11. OpenSSH SCP Shell Command Execution Vulnerability
III. MICROSOFT FOCUS LIST SUMMARY
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION
I. FRONT AND CENTER
---------------------
1. Google's data minefield
By Mark Rasch
The U.S. government's broad subpoena to search engines effectively seeks to
mine the data of the Internet. While Google has resisted the subpoena, there
may be little they can do to protect our privacy from many prying eyes.
http://www.securityfocus.com/columnists/383
2. Nmap 4.00 with Fyodor
By Federico Biancuzzi
After more than eight years since its first release in Phrack magazine, Fyodor
has announced Nmap 4.00. Curious as usual, Federico Biancuzzi interviewed
Fyodor on behalf of SecurityFocus to discuss the new port scanning engine,
version detection improvements, and the new stack fingerprinting algorithm
under work by the community.
http://www.securityfocus.com/columnists/384
3. Malicious Malware: attacking the attackers, part 1
By Thorsten Holz, Frederic Raynal
This article explores measures to attack those malicious attackers who seek to
harm our legitimate systems. The proactive use of exploits and bot networks
that fight other bot networks, along with social engineering and attacker
techniques are all discussed in an ethical manner. Part one of two.
http://www.securityfocus.com/infocus/1856
II. MICROSOFT VULNERABILITY SUMMARY
------------------------------------
1. MailEnable Professional EXAMINE Command Remote Denial of Service
Vulnerability
BugTraq ID: 16457
Remote: Yes
Date Published: 2006-02-01
Relevant URL: http://www.securityfocus.com/bid/16457
Summary:
MailEnable Professional is prone to a remote denial of service vulnerability.
Successful exploitation can allow remote attackers to trigger a crash in the
IMAP service.
MailEnable Professional versions prior to 1.72 are vulnerable.
2. Symantec Sygate Management Server SMS Authentication Servlet SQL Injection
Vulnerability
BugTraq ID: 16452
Remote: Yes
Date Published: 2006-02-01
Relevant URL: http://www.securityfocus.com/bid/16452
Summary:
Symantec Sygate Management Server is prone to an SQL injection vulnerability.
The vulnerability specifically affects the SMS Authentication Servlet component
of the server.
A remote attacker can pass malicious input to database queries through HTTP GET
requests, resulting in modification of query logic or other attacks.
This issue can allow attackers to overwrite the password of any account on the
server. This can facilitate a complete compromise if the attacker is able to
overwrite the administrator password.
3. Microsoft Internet Explorer Flash ActionScript JScript Handling Denial of
Service Vulnerability
BugTraq ID: 16441
Remote: Yes
Date Published: 2006-01-31
Relevant URL: http://www.securityfocus.com/bid/16441
Summary:
Microsoft Internet Explorer is reportedly prone to a denial-of-service
vulnerability.
This issue arises when the browser handles specially crafted JScript contained
in ActionScript code of a Flash animation.
A remote attacker may trigger a crash in the browser by enticing users to visit
a malicious website.
4. Nullsoft Winamp Malformed Playlist File Handling Remote Buffer Overflow
Vulnerability
BugTraq ID: 16410
Remote: Yes
Date Published: 2006-01-30
Relevant URL: http://www.securityfocus.com/bid/16410
Summary:
Winamp is susceptible to a buffer-overflow vulnerability when handling
specially crafted playlist files.
An attacker may exploit this issue to gain unauthorized access to a computer
with the privileges of the user that activated the vulnerable application.
Winamp 5.12 and prior versions are reportedly affected.
5. Microsoft Internet Explorer ActiveX Control Kill Bit Bypass Vulnerability
BugTraq ID: 16409
Remote: Yes
Date Published: 2006-01-28
Relevant URL: http://www.securityfocus.com/bid/16409
Summary:
Microsoft Internet Explorer fails to properly check the kill bit for ActiveX
controls. This could allow a remote attacker to invoke an unsafe control to
execute arbitrary code on the vulnerable computer.
6. Communigate Pro Server LDAP Denial of Service Vulnerability
BugTraq ID: 16407
Remote: Yes
Date Published: 2006-01-28
Relevant URL: http://www.securityfocus.com/bid/16407
Summary:
CommuniGate Pro Server is prone to a remote denial-of-service vulnerability
with a potential for arbitrary code execution. This issue reportedly resides in
the LDAP component of the application.
CommuniGate Pro Server 5.0.6 is vulnerable; earlier versions may also be
affected.
7. Mercury Mail Remote Mailbox Name Service Buffer Overflow Vulnerability
BugTraq ID: 16396
Remote: Yes
Date Published: 2006-01-26
Relevant URL: http://www.securityfocus.com/bid/16396
Summary:
Mercury Mail is reported susceptible to a remote buffer-overflow vulnerability
in its mailbox name service. This issue is due to the application's failure to
properly bounds-check user-supplied input before copying it to a finite-sized
memory buffer.
This vulnerability allows remote attackers to execute arbitrary machine code in
the context of the affected server process. The machine code executes with
SYSTEM privileges.
Version 4.01b of Mercury Mail is reportedly affected by this issue. Other
versions may also be affected.
8. Kerio WinRoute Firewall Web Browsing Unspecified Denial of Service
Vulnerability
BugTraq ID: 16385
Remote: Yes
Date Published: 2006-01-25
Relevant URL: http://www.securityfocus.com/bid/16385
Summary:
Kerio WinRoute Firewall is prone to a remote denial-of-service vulnerability.
An attacker can exploit this vulnerability to crash the affected service,
effectively disabling the firewall. This may aid in further attacks.
9. E-Post MailServer Multiple Remote Vulnerabilities
BugTraq ID: 16379
Remote: Yes
Date Published: 2006-01-25
Relevant URL: http://www.securityfocus.com/bid/16379
Summary:
E-Post MailServer is prone to multiple remote vulnerabilities.
These issues can allow remote attackers to execute arbitrary code, create
arbitrary directories on the server, obtain information, and carry out
denial-of-service attacks.
Various E-Post products are vulnerable to these issues.
10. Sami FTP Server User Command Buffer Overflow Vulnerability
BugTraq ID: 16370
Remote: Yes
Date Published: 2006-01-24
Relevant URL: http://www.securityfocus.com/bid/16370
Summary:
Sami FTP Server is prone to a buffer-overflow vulnerability. This issue is due
to a failure in the application to do proper bounds checking on user-supplied
data before storing it in a finite-sized buffer.
An attacker can exploit this issue to execute arbitrary machine code in the
context of the affected server application. This likely occurs with
SYSTEM-level privileges.
Version 2.0.1 of Sami FTP Server is affected by this issue; other versions may
also be affected.
11. OpenSSH SCP Shell Command Execution Vulnerability
BugTraq ID: 16369
Remote: Yes
Date Published: 2006-01-24
Relevant URL: http://www.securityfocus.com/bid/16369
Summary:
OpenSSH is susceptible to an SCP shell command-execution vulnerability. This
issue is due to the application's failure to properly sanitize user-supplied
input before using it in a 'system()' function call.
This issue allows attackers to execute arbitrary shell commands with the
privileges of users executing a vulnerable version of SCP.
This issue reportedly affects version 4.2 of OpenSSH. Other versions may also
be affected.
III. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to
[EMAIL PROTECTED] from the subscribed address. The
contents of the subject or message body do not matter. You will receive a
confirmation request message to which you will have to answer. Alternatively
you can also visit http://www.securityfocus.com/newsletters and unsubscribe via
the website.
If your email address has changed email [EMAIL PROTECTED] and ask to
be manually removed.
V. SPONSOR INFORMATION
------------------------
This Issue is Sponsored By: CipherTrust
Messaging Security: It's more than just e-mail.
Today's businesses are struggling with a new breed of threats to more than just
their e-mail environments, and despite best efforts, hackers and spammers
continue to exploit new attack vectors to break into enterprise networks.
Please join CipherTrust to discuss best practices and approaches to
comprehensive messaging security. Register Now in a city near you.
http://www.ciphertrust.com/seminars/sf
---------------------------------------------------------------------------
---------------------------------------------------------------------------
