SecurityFocus Microsoft Newsletter #298

[mfossi]

SecurityFocus Microsoft Newsletter #298
----------------------------------------
This issue is Sponsored by: Watchfire

Methodologies & Tools for Web Application Security Assessment
With the rapid rise in the number and types of security threats, web 
application security assessments should be considered a crucial phase in the 
development of any web application. What methodology should be followed? What 
tools can accelerate the assessment process? See for yourself. Download this 
Whitepaper today!

https://www.watchfire.com/securearea/whitepapers.aspx?id=701500000008VmX

------------------------------------------------------------------
I.   FRONT AND CENTER
       1. MySpace, a place without MyParents
       2. Strider URL Tracer with Typo Patrol
II.  MICROSOFT VULNERABILITY SUMMARY
       1. Zone Labs ZoneAlarm Registry Key Local Denial Of Service 
Vulnerability
       2. Invision Power Board Index.PHP Act Parameter SQL Injection 
Vulnerability
       3. NASCAR Racing UDP Datagram Remote Denial of Service Vulnerability
       4. Microsoft Internet Explorer ADODB.Recordset Filter Property Denial of 
Service Vulnerability
       5. Microsoft Internet Explorer OutlookExpress.AddressBook Denial of 
Service Vulnerability
       6. Communigate Pro Server Pop Denial of Service Vulnerability
       7. Microsoft Internet Explorer HHCtrl ActiveX Control Memory Corruption 
Vulnerability
       8. Microsoft Internet Explorer 7 Denial of Service Vulnerability
       9. Retired: Mozilla Firefox OuterHTML Redirection Handling Information 
Disclosure Vulnerability
       10. Apple iTunes AAC File Parsing Integer Overflow Vulnerability
       11. QuickZip Multiple Directory Traversal Vulnerabilities
       12. XM Easy Personal FTP Server Buffer Overflow Vulnerability
       13. Microsoft Internet Explorer OuterHTML Redirection Handling 
Information Disclosure Vulnerability
       14. ArGoSoft Mail Server POP3 Server Unspecified Remote Buffer Overflow 
Vulnerability
       15. Algorithmic Research PrivateWire Online Registration Remote Buffer 
Overflow Vulnerability
       16. Microsoft Windows Live Messenger Contact List Processing Remote 
Denial of Service Vulnerability
       17. BitchX BX_Do_Hook Remote Denial of Service Vulnerability
       18. XM Easy Personal FTP Server Remote Denial of Service Vulnerability
       19. MailEnable SMTP HELO Command Remote Denial of Service Vulnerability
III. MICROSOFT FOCUS LIST SUMMARY
       1. SecurityFocus Microsoft Newsletter #296
IV.  UNSUBSCRIBE INSTRUCTIONS
V.   SPONSOR INFORMATION

I.   FRONT AND CENTER
---------------------
1. MySpace, a place without MyParents
By Scott Granneman
Scott Granneman looks at the mass hysteria surrounding MySpace social security 
issues, examines a collection of frightening reports, and then discusses the 
real issue of parenting and parental supervision behind keeping our children 
safe.
http://www.securityfocus.com/columnists/408

2. Strider URL Tracer with Typo Patrol
By Tony Bradley, CISSP-ISSAP
This article looks at Microsoft's free Strider URL Tracer with Typo-Patrol to 
help fight typo-squatters and domain parking abuse. The tool can be used to 
protect children from seeing inappropriate or explicit sites that they should 
not see, and for companies or trademark owners to scan and investigate sites 
that may be typo-squatting their domain(s) so that they can be investigated 
and/or prosecuted.
http://www.securityfocus.com/infocus/1869


II.  MICROSOFT VULNERABILITY SUMMARY
------------------------------------
1. Zone Labs ZoneAlarm Registry Key Local Denial Of Service Vulnerability
BugTraq ID: 18789
Remote: No
Date Published: 2006-07-03
Relevant URL: http://www.securityfocus.com/bid/18789
Summary:
ZoneAlarm is prone to a denial-of-service vulnerability. This issue is due to a 
failure in the application to properly handle exceptional conditions.

A local attacker can exploit this issue to cause an error in the the 
application and a system crash, effectively denying service.

2. Invision Power Board Index.PHP Act Parameter SQL Injection Vulnerability
BugTraq ID: 18782
Remote: Yes
Date Published: 2006-07-03
Relevant URL: http://www.securityfocus.com/bid/18782
Summary:
Invision Power Board is prone to an SQL-injection vulnerability. This issue is 
due to a failure in the application to properly sanitize user-supplied input 
before using it in an SQL query.

Successful exploitation could allow an attacker to compromise the application, 
access or modify data, or exploit vulnerabilities in the underlying database 
implementation.

Version 1.3 Final is affected; other versions may also be vulnerable to this 
issue.

3. NASCAR Racing UDP Datagram Remote Denial of Service Vulnerability
BugTraq ID: 18778
Remote: Yes
Date Published: 2006-07-03
Relevant URL: http://www.securityfocus.com/bid/18778
Summary:
NASCAR Racing is prone to a denial-of-service vulnerability. This issue is due 
to the application's failure to properly handle empty UDP datagrams.

The vulnerability allows remote attackers from external networks to block 
communication between the client and the server.

This issue affects NASCAR Racing 4.1.3.1.6, NASCAR Racing 2002 Season 1.1.0.2, 
and NASCAR Racing 2003 Sesason 1.2.0.1; other versions may also be vulnerable.

4. Microsoft Internet Explorer ADODB.Recordset Filter Property Denial of 
Service Vulnerability
BugTraq ID: 18773
Remote: Yes
Date Published: 2006-07-03
Relevant URL: http://www.securityfocus.com/bid/18773
Summary:
Microsoft Internet Explorer is prone to a denial-of-service condition when 
processing the 'ADODB.Recordset Filter Property' COM object.

A successful attack may cause the browser to fail due to a null-pointer 
dereference.

5. Microsoft Internet Explorer OutlookExpress.AddressBook Denial of Service 
Vulnerability
BugTraq ID: 18771
Remote: Yes
Date Published: 2006-07-02
Relevant URL: http://www.securityfocus.com/bid/18771
Summary:
Microsoft Internet Explorer is prone to a denial-of-service condition when 
processing the 'OutlookExpress.AddressBook' COM object.

A successful attack may cause the browser to fail due to a null-pointer 
dereference.

6. Communigate Pro Server Pop Denial of Service Vulnerability
BugTraq ID: 18770
Remote: Yes
Date Published: 2006-07-03
Relevant URL: http://www.securityfocus.com/bid/18770
Summary:
CommuniGate Pro Server is prone to a remote denial-of-service vulnerability. 
This issue reportedly resides in the Pop component of the application.

7. Microsoft Internet Explorer HHCtrl ActiveX Control Memory Corruption 
Vulnerability
BugTraq ID: 18769
Remote: Yes
Date Published: 2006-07-02
Relevant URL: http://www.securityfocus.com/bid/18769
Summary:
Microsoft Internet Explorer is prone to a memory-corruption vulnerability. This 
is related to the handling of the HHCtrl ActiveX control.

Attackers may exploit this issue via a malicious web page to execute arbitrary 
code in the context of the currently logged-in user. Exploitation attempts may 
lead to a denial-of-service condition as well. Attackers may also employ HTML 
email to carry out an attack.

8. Microsoft Internet Explorer 7 Denial of Service Vulnerability
BugTraq ID: 18736
Remote: Yes
Date Published: 2006-06-29
Relevant URL: http://www.securityfocus.com/bid/18736
Summary:
Microsoft Internet Explorer 7 is prone to a denial-of-service vulnerability 
when parsing certain HTML content.

Successfully exploiting this issue allows attackers to consume excessive CPU 
resources in affected browsers, denying service to legitimate users.

9. Retired: Mozilla Firefox OuterHTML Redirection Handling Information 
Disclosure Vulnerability
BugTraq ID: 18734
Remote: Yes
Date Published: 2006-06-29
Relevant URL: http://www.securityfocus.com/bid/18734
Summary:
Mozilla Firefox is prone to an information-disclosure vulnerability because it 
fails to properly enforce cross-domain policies.

This issue may allow attackers to access arbitrary websites in the context of a 
targeted user's browser session. This may allow attackers to perform actions in 
web applications with the privileges of exploited users or to gain access to 
potentially sensitive information. This may aid attackers in further attacks.

Further reports indicate that this issue does not affect Firefox as reported. 
Therefore this BID is being retired.

10. Apple iTunes AAC File Parsing Integer Overflow Vulnerability
BugTraq ID: 18730
Remote: Yes
Date Published: 2006-06-29
Relevant URL: http://www.securityfocus.com/bid/18730
Summary:
iTunes is prone to an integer-overflow vulnerability.

An attacker may exploit this issue to execute arbitrary code with the 
privileges of the user that activated the vulnerable application. This may help 
the attacker gain unauthorized access or escalate privileges.

11. QuickZip Multiple Directory Traversal Vulnerabilities
BugTraq ID: 18722
Remote: Yes
Date Published: 2006-06-29
Relevant URL: http://www.securityfocus.com/bid/18722
Summary:
QuickZip is prone to multiple directory-traversal vulnerabilities because it 
fails to properly sanitize user-supplied input.

An attacker can exploit these vulnerabilities to place malicious files and to 
overwrite files in arbitrary locations on the vulnerable system, in the context 
of the user running the application. Successful exploits may aid in further 
attacks.

12. XM Easy Personal FTP Server Buffer Overflow Vulnerability
BugTraq ID: 18711
Remote: Yes
Date Published: 2006-06-28
Relevant URL: http://www.securityfocus.com/bid/18711
Summary:
XM Easy Personal FTP Server is prone to a buffer-overflow vulnerability. This 
issue is due to a buffer being overrun with attacker-supplied data.

This issue allows remote attackers to execute arbitrary machine code in the 
context of the ftp server application. Failed exploit attempts will likely 
crash applications, denying service to legitimate users.

13. Microsoft Internet Explorer OuterHTML Redirection Handling Information 
Disclosure Vulnerability
BugTraq ID: 18682
Remote: Yes
Date Published: 2006-06-27
Relevant URL: http://www.securityfocus.com/bid/18682
Summary:
Microsoft Internet Explorer is prone to an information-disclosure vulnerability 
because it fails to properly enforce cross-domain policies.

This issue may allow attackers to access arbitrary websites in the context of a 
targeted user's browser session. This may allow attackers to perform actions in 
web applications with the privileges of exploited users or to gain access to 
potentially sensitive information. This may aid attackers in further attacks.

Microsoft Internet Explorer version 6.0 on Windows XP SP2 is vulnerable to this 
issue; other versions may also be affected.

14. ArGoSoft Mail Server POP3 Server Unspecified Remote Buffer Overflow 
Vulnerability
BugTraq ID: 18668
Remote: Yes
Date Published: 2006-06-26
Relevant URL: http://www.securityfocus.com/bid/18668
Summary:
The ArGoSoft Mail Server POP3 service is prone to a remote buffer-overflow 
vulnerability.

This issue allows remote attackers to execute arbitrary machine code in the 
context of the affected service. This service likely executes with SYSTEM-level 
privileges, so exploiting this issue will facilitate the complete compromise of 
affected computers.

More information, including affected versions, is not currently available. This 
BID will be updated as more information is disclosed.

15. Algorithmic Research PrivateWire Online Registration Remote Buffer Overflow 
Vulnerability
BugTraq ID: 18647
Remote: Yes
Date Published: 2006-06-26
Relevant URL: http://www.securityfocus.com/bid/18647
Summary:
PrivateWire online registration is prone to a remote buffer-overflow 
vulnerability.

The application fails to properly check boundary conditions when handling GET 
requests.

This issue allows attackers to execute arbitrary machine code in the context of 
the affected application software.

Version 3.7 is vulnerable to this issue; previous versions may also be 
affected.

16. Microsoft Windows Live Messenger Contact List Processing Remote Denial of 
Service Vulnerability
BugTraq ID: 18639
Remote: Yes
Date Published: 2006-06-25
Relevant URL: http://www.securityfocus.com/bid/18639
Summary:
Microsoft Windows Live Messenger is reported prone to a remote 
denial-of-service vulnerability when handling malformed contact list (.ctt) 
files.

A successful attack can result in a denial of service condition by crashing the 
application.

Windows Live Messenger 8.0 is reported to be vulnerable.  Other versions may be 
affected as well.

17. BitchX BX_Do_Hook Remote Denial of Service Vulnerability
BugTraq ID: 18634
Remote: Yes
Date Published: 2006-06-24
Relevant URL: http://www.securityfocus.com/bid/18634
Summary:
BitchX is prone to a remote denial-of-service vulnerability because it fails to 
properly handle excessive data from malicious IRC servers.

This issue allows remote attackers to crash affected IRC clients, denying 
service to legitimate users. To exploit this issue, attackers must coerce users 
of affected clients to connect to a malicious server.

BitchX version 1.1-final is vulnerable to this issue; previous versions may 
also be affected.

18. XM Easy Personal FTP Server Remote Denial of Service Vulnerability
BugTraq ID: 18632
Remote: Yes
Date Published: 2006-06-24
Relevant URL: http://www.securityfocus.com/bid/18632
Summary:
XM Easy Personal FTP Server is prone to a remote denial-of-service 
vulnerability because it fails to properly handle excessive data.

This issue allows remote attackers to crash affected FTP servers, denying 
service to legitimate users. Attackers may potentially exploit this issue to 
execute arbitrary machine code in the context of affected servers, but this has 
not been confirmed.

XM Easy Personal FTP Server version 5.0.1 is vulnerable to this issue; other 
versions may also be affected.

19. MailEnable SMTP HELO Command Remote Denial of Service Vulnerability
BugTraq ID: 18630
Remote: Yes
Date Published: 2006-06-24
Relevant URL: http://www.securityfocus.com/bid/18630
Summary:
MailEnable is prone to a remote denial-of-service vulnerability.

This issue allows remote attackers to crash the application, denying further 
service to legitimate users.

III. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. SecurityFocus Microsoft Newsletter #296
http://www.securityfocus.com/archive/88/438565

IV.  UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to 
[EMAIL PROTECTED] from the subscribed address. The 
contents of the subject or message body do not matter. You will receive a 
confirmation request message to which you will have to answer. Alternatively 
you can also visit http://www.securityfocus.com/newsletters and unsubscribe via 
the website.

If your email address has changed email [EMAIL PROTECTED] and ask to 
be manually removed.

V.   SPONSOR INFORMATION
------------------------
This issue is Sponsored by: Watchfire

Methodologies & Tools for Web Application Security Assessment
With the rapid rise in the number and types of security threats, web 
application security assessments should be considered a crucial phase in the 
development of any web application. What methodology should be followed? What 
tools can accelerate the assessment process? See for yourself. Download this 
Whitepaper today!

https://www.watchfire.com/securearea/whitepapers.aspx?id=701500000008VmX



---------------------------------------------------------------------------
---------------------------------------------------------------------------