SecurityFocus Microsoft Newsletter #349 ----------------------------------------
This Issue is Sponsored by: Watchfire As web applications become increasingly complex, tremendous amounts of sensitive data - including personal, medical and financial information - are exchanged, and stored. This paper examines a few vulnerability detection methods - specifically comparing and contrasting manual penetration testing with automated scanning tools. Download Watchfire's "Web Application Security: Automated Scanning or Manual Penetration Testing?" whitepaper today! https://www.watchfire.com/securearea/whitepapers.aspx?id=701700000008yka SECURITY BLOGS SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks. http://www.securityfocus.com/blogs ------------------------------------------------------------------ I. FRONT AND CENTER 1. Don't Be Evil 2. Persistence of data on storage media II. MICROSOFT VULNERABILITY SUMMARY 1. Microsoft Internet Explorer Zone Denial of Service Vulnerability 2. PHPEventCalendar Eventdisplay.PHP Script SQL Injection Vulnerability 3. Microsoft Internet Explorer Document.Domain Cross-Domain Same Origin Overwriting Vulnerability 4. PC SOFT WinDEV WDP File Parsing Stack Buffer Overflow Vulnerability 5. Microsoft Excel Sheet Name Remote Denial Of Service Vulnerability 6. CA BrightStor ARCserve Backup Server Unspecified Remote Code Execution Vulnerability 7. Conti FTP Server Large String Denial of Service Vulnerability 8. Wireshark Multiple Protocol Denial of Service Vulnerabilities 9. Avax Vector AvaxSWF.DLL ActiveX Control Arbitrary File Overwrite Vulnerability 10. GD Graphics Library Multiple Vulnerabilities 11. LiteWEB Web Server Invalid Page Remote Denial of Service Vulnerability 12. Key Focus Web Server Index.WKF Cross-Site Scripting Vulnerability 13. Apple Safari for Windows Bookmark Title Buffer Overflow Vulnerability 14. Access2ASP Multiple Cross Site Scripting Vulnerabilities 15. Lhaca File Archiver Unspecified Stack Buffer Overflow Vulnerability III. MICROSOFT FOCUS LIST SUMMARY 1. Help debugging a problem - Virtual Server 2005 2. MS ISA 2004 Server 3. SecurityFocus Microsoft Newsletter #348 IV. UNSUBSCRIBE INSTRUCTIONS V. SPONSOR INFORMATION I. FRONT AND CENTER --------------------- 1. Don't Be Evil By Mark Rasch A series of developments raise the specter that remotely stored or created documents may be subject to subpoena or discovery all without the knowledge or consent of the document's creators. http://www.securityfocus.com/columnists/447 2. Persistence of data on storage media By Jamie Ridden Jamie Ridden discusses the re-use of storage media and how slack space can prevent sensitive data from being completely removed. http://www.securityfocus.com/infocus/1891 II. MICROSOFT VULNERABILITY SUMMARY ------------------------------------ 1. Microsoft Internet Explorer Zone Denial of Service Vulnerability BugTraq ID: 24744 Remote: Yes Date Published: 2007-07-02 Relevant URL: http://www.securityfocus.com/bid/24744 Summary: Microsoft Internet Explorer is prone to a denial-of-service vulnerability because the application fails to handle exceptional conditions. Remote attackers can exploit this issue to cause the application to hang when viewing arbitrary websites. This issue affects Internet Explorer 6 and 7. 2. PHPEventCalendar Eventdisplay.PHP Script SQL Injection Vulnerability BugTraq ID: 24721 Remote: Yes Date Published: 2007-07-01 Relevant URL: http://www.securityfocus.com/bid/24721 Summary: phpEventCalendar is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. phpEventCalendar 0.2.3 and prior versions are reported prone to this issue. 3. Microsoft Internet Explorer Document.Domain Cross-Domain Same Origin Overwriting Vulnerability BugTraq ID: 24704 Remote: Yes Date Published: 2007-06-28 Relevant URL: http://www.securityfocus.com/bid/24704 Summary: Microsoft Internet Explorer is prone to a vulnerability that permits an attacker to bypass the same-origin policy. A successful exploit may allow the attacker to access properties of the targeted domain or aid in spoofing content. This may allow the attacker to steal potentially sensitive information and launch other attacks. 4. PC SOFT WinDEV WDP File Parsing Stack Buffer Overflow Vulnerability BugTraq ID: 24693 Remote: Yes Date Published: 2007-06-28 Relevant URL: http://www.securityfocus.com/bid/24693 Summary: PC SOFT WinDEV is prone to a stack-based buffer-overflow vulnerability when it attempts to process malformed project files. This issue occurs because the application fails to perform proper bounds-checking on user-supplied data before copying it to an insufficiently sized memory buffer. An attacker may exploit this issue to execute arbitrary code with the privileges of the user running the vulnerable application or to cause denial-of-service conditions. This may facilitate unauthorized access or privilege escalation. PC SOFT WinDEV 11 is reported vulnerable; other versions and related products (WinDEV Express, Mobile, and WebDEV) may also be affected. 5. Microsoft Excel Sheet Name Remote Denial Of Service Vulnerability BugTraq ID: 24691 Remote: Yes Date Published: 2007-06-28 Relevant URL: http://www.securityfocus.com/bid/24691 Summary: Microsoft Excel is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to deny access to legitimate users. Given the nature of this vulnerability, attackers may also be able to execute arbitrary code, but this has not been confirmed. Excel 2000 and 2003 are vulnerable; other versions may also be affected. 6. CA BrightStor ARCserve Backup Server Unspecified Remote Code Execution Vulnerability BugTraq ID: 24680 Remote: Yes Date Published: 2007-06-27 Relevant URL: http://www.securityfocus.com/bid/24680 Summary: Computer Associates BrightStor ARCserve Backup is prone to a remote code-execution vulnerability. Currently, very few details are available regarding this issue. We will update this BID as more information emerges. Attackers can exploit this issue to execute arbitrary code with SYSTEM-level privileges. BrightStor ARCserve Backup 11.5 SP3 for Microsoft Windows is reported vulnerable; other versions may also be affected. 7. Conti FTP Server Large String Denial of Service Vulnerability BugTraq ID: 24672 Remote: Yes Date Published: 2007-06-27 Relevant URL: http://www.securityfocus.com/bid/24672 Summary: The Conti FTP Server is prone to a denial-of-service vulnerability. A remote attacker may be able to exploit this issue to deny service to legitimate users of the application. 8. Wireshark Multiple Protocol Denial of Service Vulnerabilities BugTraq ID: 24662 Remote: Yes Date Published: 2007-06-26 Relevant URL: http://www.securityfocus.com/bid/24662 Summary: Wireshark is prone to multiple denial-of-service vulnerabilities. Exploiting these issues may permit attackers to cause crashes and deny service to legitimate users of the application. Wireshark versions prior to 0.99.6 are affected. 9. Avax Vector AvaxSWF.DLL ActiveX Control Arbitrary File Overwrite Vulnerability BugTraq ID: 24659 Remote: Yes Date Published: 2007-06-26 Relevant URL: http://www.securityfocus.com/bid/24659 Summary: The Avax Vector ActiveX control is prone to a vulnerability that could permit an attacker to overwrite arbitrary files. The attacker can exploit this issue to overwrite arbitrary files on the victim's computer in the context of the vulnerable application using the ActiveX control (typically Internet Explorer). Avax Vector ActiveX v.1.3 is vulnerable. 10. GD Graphics Library Multiple Vulnerabilities BugTraq ID: 24651 Remote: Yes Date Published: 2007-06-26 Relevant URL: http://www.securityfocus.com/bid/24651 Summary: The GD graphics library is prone to multiple vulnerabilities. An attacker can exploit this issue to cause denial-of-service conditions or execute arbitrary code in the context of applications implementing the affected library. Version prior to GD graphics library 2.0.35 are reported vulnerable. 11. LiteWEB Web Server Invalid Page Remote Denial of Service Vulnerability BugTraq ID: 24628 Remote: Yes Date Published: 2007-06-25 Relevant URL: http://www.securityfocus.com/bid/24628 Summary: LiteWeb webserver is prone to a remote denial-of-service vulnerability because the application fails to handle exceptional conditions. An attacker can exploit this issue to crash the affected application, denying further service to legitimate users. This issue affects LiteWeb 2.7; other versions may also be vulnerable. 12. Key Focus Web Server Index.WKF Cross-Site Scripting Vulnerability BugTraq ID: 24623 Remote: Yes Date Published: 2007-06-25 Relevant URL: http://www.securityfocus.com/bid/24623 Summary: Key Focus Web Server is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. This issue affects Key Focus Web Server 3.1.0; other versions may also be affected. 13. Apple Safari for Windows Bookmark Title Buffer Overflow Vulnerability BugTraq ID: 24619 Remote: Yes Date Published: 2007-06-25 Relevant URL: http://www.securityfocus.com/bid/24619 Summary: Safari for Windows is prone to a buffer-overflow vulnerability. This issue is triggered when an attacker entices a victim to bookmark a maliciously crafted site. A remote attacker may exploit this issue to execute arbitrary machine code in the context of the affected application. Failed exploit attempts will result in denial-of-service conditions. 14. Access2ASP Multiple Cross Site Scripting Vulnerabilities BugTraq ID: 24610 Remote: Yes Date Published: 2007-06-25 Relevant URL: http://www.securityfocus.com/bid/24610 Summary: The 'access2asp' program is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit these issues to steal cookie-based authentication credentials and launch other attacks. This issue affects access2asp 4.5 and prior versions. 15. Lhaca File Archiver Unspecified Stack Buffer Overflow Vulnerability BugTraq ID: 24604 Remote: Yes Date Published: 2007-06-25 Relevant URL: http://www.securityfocus.com/bid/24604 Summary: Lhaca file archiver is prone to an unspecified stack-based buffer-overflow vulnerability. The application fails to properly decompress malicious LZH archive files. An attacker can exploit this issue to crash the application and execute arbitrary code within the context of the affected application. Lhaca 1.20 is vulnerable to this issue; other versions may also be affected. III. MICROSOFT FOCUS LIST SUMMARY --------------------------------- 1. Help debugging a problem - Virtual Server 2005 http://www.securityfocus.com/archive/88/472718 2. MS ISA 2004 Server http://www.securityfocus.com/archive/88/472717 3. SecurityFocus Microsoft Newsletter #348 http://www.securityfocus.com/archive/88/472425 IV. UNSUBSCRIBE INSTRUCTIONS ----------------------------- To unsubscribe send an e-mail message to [EMAIL PROTECTED] from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website. If your email address has changed email [EMAIL PROTECTED] and ask to be manually removed. V. SPONSOR INFORMATION ------------------------ This Issue is Sponsored by: Watchfire As web applications become increasingly complex, tremendous amounts of sensitive data - including personal, medical and financial information - are exchanged, and stored. This paper examines a few vulnerability detection methods - specifically comparing and contrasting manual penetration testing with automated scanning tools. Download Watchfire's "Web Application Security: Automated Scanning or Manual Penetration Testing?" whitepaper today! https://www.watchfire.com/securearea/whitepapers.aspx?id=701700000008yka
