SecurityFocus Microsoft Newsletter #287
----------------------------------------
This Issue is Sponsored By: Patchlink
Automatically analyze, deploy and track security patches
Does your patch management solution automatically track and re-deploy to ensure
network security?
20% of patches unknowingly become un-patched. Learn more about automating the
analysis, distribution and tracking of security patches using PatchLink's
security patch & vulnerability management solution -- the world's largest
repository of tested patches. Request a free trial disk.
http://a.gklmedia.com/sfmn/nl/148
------------------------------------------------------------------
I. FRONT AND CENTER
1. Virtualization for security
2. Stop the bots
II. MICROSOFT VULNERABILITY SUMMARY
1. Opera Web Browser Stylesheet Attribute Buffer Overflow Vulnerability
2. Manila Multiple Cross-Site Scripting Vulnerabilities
3. Microsoft Internet Explorer HTML Tag Memory Corruption Vulnerability
4. Microsoft Windows Shell COM Object Remote Code Execution
Vulnerability
5. Microsoft MDAC RDS.Dataspace ActiveX Control Remote Code Execution
Vulnerability
6. Microsoft Internet Explorer Persistent Window Content Address Bar
Spoofing Vulnerability
7. Microsoft Outlook Express Windows Address Book File Parsing Buffer
Overflow Vulnerability
8. Microsoft Internet Explorer Popup Cross-Domain Information Disclosure
Vulnerability
9. Microsoft Internet Explorer Erroneous IOleClientSite Data Zone Bypass
Vulnerability
10. Microsoft Internet Explorer Double Byte Character Memory Corruption
Vulnerability
11. Microsoft Internet Explorer COM Object Instantiation Code Execution
Vulnerability
12. Microsoft FrontPage Server Extensions Cross-Site Scripting
Vulnerability
13. Microsoft Internet Explorer Invalid HTML Parsing Code Execution
Vulnerability
14. TUGZip Remote Directory Traversal Vulnerability
15. PHPList Index.PHP Local File Include Vulnerability
III. MICROSOFT FOCUS LIST SUMMARY
1. Windows Update error
2. MS06-013 Cumulative IE Update (912812) Issues
3. Detecting PwDump
4. SecurityFocus Microsoft Newsletter #286
5. Laptop Encryption & Write Permissions
6. Adding Users via Web Interface
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION
I. FRONT AND CENTER
---------------------
1. Virtualization for security
By Scott Granneman
Scott Granneman gives an overview of the virtualization options for all three
major operating system families and looks at the many ways the technology can
improve your security posture in an organization or at home.
http://www.securityfocus.com/columnists/397
2. Stop the bots
By Kelly Martin
Botnets are a major source of evil on the Internet, from spam, phishing
attacks, virus propagation and denial-of-service attacks to the stealing of
financial information and other illegal activity. Does disbanding them raise
legal and ethical implications?
http://www.securityfocus.com/columnists/398
II. MICROSOFT VULNERABILITY SUMMARY
------------------------------------
1. Opera Web Browser Stylesheet Attribute Buffer Overflow Vulnerability
BugTraq ID: 17513
Remote: Yes
Date Published: 2006-04-13
Relevant URL: http://www.securityfocus.com/bid/17513
Summary:
Opera is prone to a buffer-overflow vulnerability. This issue is due to the
application's failure to properly bounds-check user-supplied input before using
it in a string-copy operation.
This issue allows remote attackers to crash affected web browsers. Due to the
nature of this issue, attackers may be able to exploit this issue to execute
machine code, but this has not been confirmed.
Opera version 8.52 is vulnerable to this issue; other versions may also be
affected.
2. Manila Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 17475
Remote: Yes
Date Published: 2006-04-11
Relevant URL: http://www.securityfocus.com/bid/17475
Summary:
Manila is prone to multiple cross-site scripting vulnerabilities. These issues
are due to a failure in the application to properly sanitize user-supplied
input.
An attacker may leverage these issues to have arbitrary script code executed in
the browser of an unsuspecting user in the context of the affected site. This
may help the attacker steal cookie-based authentication credentials and launch
other attacks.
Versions 9.5 and prior are vulnerable; other versions may also be affected.
3. Microsoft Internet Explorer HTML Tag Memory Corruption Vulnerability
BugTraq ID: 17468
Remote: Yes
Date Published: 2006-04-11
Relevant URL: http://www.securityfocus.com/bid/17468
Summary:
Microsoft Internet Explorer is prone to a memory-corruption vulnerability. This
is related to the handling of certain HTML tags.
Attackers could exploit this issue via a malicious web page to execute
arbitrary code in the context of the currently logged-in user. They could also
use HTML email for the attack.
4. Microsoft Windows Shell COM Object Remote Code Execution Vulnerability
BugTraq ID: 17464
Remote: Yes
Date Published: 2006-04-11
Relevant URL: http://www.securityfocus.com/bid/17464
Summary:
Microsoft Windows Shell is prone to a remote code-execution vulnerability. This
issue is due to a flaw in its handling of remote COM objects.
Remote attackers may exploit this issue to execute arbitrary machine code in
the context of the targeted user. This may facilitate the remote compromise of
affected computers.
This issue is described as a variant of the one in BID 10363 (Microsoft Windows
XP Self-Executing Folder Vulnerability).
5. Microsoft MDAC RDS.Dataspace ActiveX Control Remote Code Execution
Vulnerability
BugTraq ID: 17462
Remote: Yes
Date Published: 2006-04-11
Relevant URL: http://www.securityfocus.com/bid/17462
Summary:
The Microsoft MDAC RDS.Dataspace ActiveX control is vulnerable to remote code
execution. An attacker could exploit this issue to execute code in the context
of the user visiting a malicious web page.
6. Microsoft Internet Explorer Persistent Window Content Address Bar Spoofing
Vulnerability
BugTraq ID: 17460
Remote: Yes
Date Published: 2006-04-11
Relevant URL: http://www.securityfocus.com/bid/17460
Summary:
Microsoft Internet Explorer is prone to address-bar spoofing. Attackers may
exploit this via a malicious web page to spoof the contents of a page that the
victim may trust. This vulnerability may be useful in phishing or other attacks
that rely on content spoofing.
7. Microsoft Outlook Express Windows Address Book File Parsing Buffer Overflow
Vulnerability
BugTraq ID: 17459
Remote: Yes
Date Published: 2006-04-11
Relevant URL: http://www.securityfocus.com/bid/17459
Summary:
Microsoft Outlook Express is prone to a remote buffer-overflow vulnerability.
This vulnerability presets itself when the application processes a specially
crafted Windows Address Book (.wab) file.
An attacker may exploit this issue to execute arbitrary code in the context of
a user running the vulnerable application. This may result in a remote
compromise.
8. Microsoft Internet Explorer Popup Cross-Domain Information Disclosure
Vulnerability
BugTraq ID: 17457
Remote: Yes
Date Published: 2006-04-11
Relevant URL: http://www.securityfocus.com/bid/17457
Summary:
Microsoft Internet Explorer is prone to a cross-domain information-disclosure
vulnerability.
This vulnerability may let a malicious website access properties of a site in
an arbitrary external domain. Attackers could exploit this issue to gain access
to sensitive information that is associated with the external domain, such as
cookies associated with a userĂ¢??s session on the external site.
9. Microsoft Internet Explorer Erroneous IOleClientSite Data Zone Bypass
Vulnerability
BugTraq ID: 17455
Remote: Yes
Date Published: 2006-04-11
Relevant URL: http://www.securityfocus.com/bid/17455
Summary:
Microsoft Internet Explorer is prone to a zone-bypass vulnerability because the
browser returns erroneous IOleClientSite when dynamically creating an embedded
object. This could cause malicious script code to be executed in a security
zone with fewer restrictions than the zone that the content originates from.
Attackers may exploit this issue to execute arbitrary code in the context of
the currently logged-in user on the affected computer. They may also be able to
execute malicious script code in the context of a site that exists in another
domain. Attackers may exploit this issue through a malicious web page.
10. Microsoft Internet Explorer Double Byte Character Memory Corruption
Vulnerability
BugTraq ID: 17454
Remote: Yes
Date Published: 2006-04-11
Relevant URL: http://www.securityfocus.com/bid/17454
Summary:
Microsoft Internet Explorer is prone to a memory-corruption vulnerability. This
is related to an error in how double-byte character set (DBCS) characters are
handled in Internationalized Domain Names (IDN) included in URLS from rendered
HTML content.
An attacker could exploit this issue via a malicious web page to execute
arbitrary code in the context of the currently logged-in user. The issue could
also be exploited through HTML email/newsgroup postings, or other applications
that employ the affected component.
Microsoft has stated that this issue does not apply to Internet Explorer 6.0 on
Windows Server 2003 SP1.
11. Microsoft Internet Explorer COM Object Instantiation Code Execution
Vulnerability
BugTraq ID: 17453
Remote: Yes
Date Published: 2006-04-11
Relevant URL: http://www.securityfocus.com/bid/17453
Summary:
Microsoft Internet Explorer is prone to a memory-corruption vulnerability that
is related to the instantiation of COM objects. This issue results from a
design error.
The vulnerability arises because of the way Internet Explorer tries to
instantiate certain COM objects as ActiveX controls, resulting in arbitrary
code execution. The affected objects are not intended to be instantiated
through Internet Explorer.
This BID is related to the issues described in BID 14511 (Microsoft Internet
Explorer COM Object Instantiation Buffer Overflow Vulnerability) and BID 15061
Microsoft Internet Explorer COM Object Instantiation Variant Vulnerability).
However, this issue affects a different set of COM objects that were not
addressed in the previous BIDs.
12. Microsoft FrontPage Server Extensions Cross-Site Scripting Vulnerability
BugTraq ID: 17452
Remote: Yes
Date Published: 2006-04-11
Relevant URL: http://www.securityfocus.com/bid/17452
Summary:
Microsoft FrontPage Server Extensions are prone to a cross-site scripting
vulnerability. This issue is due to a failure in the application to properly
sanitize user-supplied input before it is rendered to other users.
An attacker may leverage this issue to have arbitrary script code executed in
the browser of an unsuspecting user, with the privileges of the victim userĂ¢??s
account. This may help the attacker steal cookie-based authentication
credentials and launch other attacks.
13. Microsoft Internet Explorer Invalid HTML Parsing Code Execution
Vulnerability
BugTraq ID: 17450
Remote: Yes
Date Published: 2006-04-11
Relevant URL: http://www.securityfocus.com/bid/17450
Summary:
Microsoft Internet Explorer is prone to a vulnerability that may permit remote
attackers to execute arbitrary code. This vulnerability occurs when the browser
parses invalid HTML.
Attackers can exploit this vulnerability through a malicious web page or HTML
email.
14. TUGZip Remote Directory Traversal Vulnerability
BugTraq ID: 17432
Remote: Yes
Date Published: 2006-04-10
Relevant URL: http://www.securityfocus.com/bid/17432
Summary:
Reportedly, an attacker can carry out attacks similar to directory traversals.
These issues present themselves when the application processes malicious
archives.
A successful attack can allow the attacker to place potentially malicious files
and overwrite files on a computer in the context of the user running the
affected application. Successful exploitation may aid in further attacks.
15. PHPList Index.PHP Local File Include Vulnerability
BugTraq ID: 17429
Remote: Yes
Date Published: 2006-04-10
Relevant URL: http://www.securityfocus.com/bid/17429
Summary:
PHPList is prone to a local file-include vulnerability. This may facilitate the
unauthorized viewing of files and unauthorized execution of local scripts.
Attackers may exploit this issue to execute arbitrary code by manipulating log
files.
III. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. Windows Update error
http://www.securityfocus.com/archive/88/431107
2. MS06-013 Cumulative IE Update (912812) Issues
http://www.securityfocus.com/archive/88/430939
3. Detecting PwDump
http://www.securityfocus.com/archive/88/430932
4. SecurityFocus Microsoft Newsletter #286
http://www.securityfocus.com/archive/88/430755
5. Laptop Encryption & Write Permissions
http://www.securityfocus.com/archive/88/430680
6. Adding Users via Web Interface
http://www.securityfocus.com/archive/88/430662
IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to
[EMAIL PROTECTED] from the subscribed address. The
contents of the subject or message body do not matter. You will receive a
confirmation request message to which you will have to answer. Alternatively
you can also visit http://www.securityfocus.com/newsletters and unsubscribe via
the website.
If your email address has changed email [EMAIL PROTECTED] and ask to
be manually removed.
V. SPONSOR INFORMATION
------------------------
This Issue is Sponsored By: Patchlink
Automatically analyze, deploy and track security patches
Does your patch management solution automatically track and re-deploy to ensure
network security?
20% of patches unknowingly become un-patched. Learn more about automating the
analysis, distribution and tracking of security patches using PatchLink's
security patch & vulnerability management solution -- the world's largest
repository of tested patches. Request a free trial disk.
http://a.gklmedia.com/sfmn/nl/148
---------------------------------------------------------------------------
---------------------------------------------------------------------------
