SecurityFocus Microsoft Newsletter #372 ----------------------------------------
This issue is Sponsored by: SPI Dynamics ALERT: "How A Hacker Launches A Cross-Site Scripting Attack"- White Paper Cross-site scripting vulnerabilities in web apps allow hackers to compromise confidential information, steal cookies and create requests that can be mistaken for those of a valid user!! Download this *FREE* white paper from SPI Dynamics for a complete guide to protection! https://download.spidynamics.com/1/ad/xss.asp?Campaign_ID=70160000000D8v9 SECURITY BLOGS SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks. http://www.securityfocus.com/blogs ------------------------------------------------------------------ I. FRONT AND CENTER 1.Copyrights and Wrongs 2.The Man in the Machine II. MICROSOFT VULNERABILITY SUMMARY 1. Easy File Sharing Web Server Directory Traversal and Multiple Information Disclosure Vulnerabilities 2. Microsoft December 2007 Advance Notification Multiple Vulnerabilities 3. Drupal Shoutbox Module Multiple HTML Injection Vulnerabilities 4. Drupal TAXONOMY_SELECT_NODES() SQL Injection Vulnerability 5. Novell BorderManager Multiple Vulnerabilities 6. HFS HTTP File Server Arbitrary File Upload Vulnerability 7. Cisco Security Agent for Microsoft Windows SMB Remote Buffer Overflow Vulnerability 8. avast! Home/Professional TAR File Handling Remote Heap Overflow Vulnerability 9. Microsoft Optical Desktop Wireless Keyboard Weak Encryption Information Disclosure Vulnerability 10. Microsoft Web Proxy Auto-Discovery Proxy Spoofing Vulnerability 11. Apple QuickTime Unspecified Remote Vulnerability 12. Microsoft Internet Explorer DHTML Object Memory Corruption Vulnerability III. MICROSOFT FOCUS LIST SUMMARY 1. SecurityFocus Microsoft Newsletter #371 IV. UNSUBSCRIBE INSTRUCTIONS V. SPONSOR INFORMATION I. FRONT AND CENTER --------------------- 1.Copyrights and Wrongs By Mark Rasch On October 1, 2007, Jammie Thomas -- a single mother living in Brainerd, Minnesota -- was sued in civil court for copyright infringement by the Recording Industry Association of America. Three days later, the jury returned the verdict; Ms. Thomas was liable for willfully infringing the copyrights on 24 songs. The fine: $222,000. http://www.securityfocus.com/columnists/460 2.The Man in the Machine By Federico Biancuzzi In April 2007, when two security researchers demonstrated a flaw in the next-generation IPv6 routing scheme that would allow attackers to significantly amplify any denial-of-service attack by a factor of at least 80, networking expert Jun-ichiro "Itojun" Hagino worked to get Internet engineers to take the threat seriously. http://www.securityfocus.com/columnists/459 II. MICROSOFT VULNERABILITY SUMMARY ------------------------------------ 1. Easy File Sharing Web Server Directory Traversal and Multiple Information Disclosure Vulnerabilities BugTraq ID: 26771 Remote: Yes Date Published: 2007-12-07 Relevant URL: http://www.securityfocus.com/bid/26771 Summary: Easy File Sharing Web Server is prone to a directory-traversal and multiple information-disclosure vulnerabilities. Successfully exploiting these issues allows remote attackers to upload files to arbitrary locations and to access potentially sensitive information, which may aid in further attacks. Easy File Sharing Web Server 4.5 is vulnerable to these issues; other versions may also be affected. 2. Microsoft December 2007 Advance Notification Multiple Vulnerabilities BugTraq ID: 26739 Remote: Yes Date Published: 2007-12-06 Relevant URL: http://www.securityfocus.com/bid/26739 Summary: Microsoft has released advance notification that the vendor will be releasing seven security bulletins on December 11, 2007. The highest severity rating for these issues is 'Critical'. The bulletins are as follows: Three 'Critical' bulletins affecting Microsoft Windows, DirectX, DirectShow, Windows Media Format Runtime, and Internet Explorer Four 'Important' bulletins affecting Microsoft Windows These issues will be assigned individual records when the bulletins are released. 3. Drupal Shoutbox Module Multiple HTML Injection Vulnerabilities BugTraq ID: 26736 Remote: Yes Date Published: 2007-12-05 Relevant URL: http://www.securityfocus.com/bid/26736 Summary: Drupal Shoutbox module is prone to multiple HTML-injection vulnerabilities because the application fails to sufficiently sanitize user-supplied input data before using it in dynamically generated content. Attacker-supplied HTML and script code could execute in the context of the affected website, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user; other attacks are also possible. Versions prior to Shoutbox 5.x-1.1 are affected by these issues. 4. Drupal TAXONOMY_SELECT_NODES() SQL Injection Vulnerability BugTraq ID: 26735 Remote: Yes Date Published: 2007-12-05 Relevant URL: http://www.securityfocus.com/bid/26735 Summary: Drupal is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. Versions prior to Drupal 4.7.9 and 5.4 are vulnerable. 5. Novell BorderManager Multiple Vulnerabilities BugTraq ID: 26733 Remote: Yes Date Published: 2007-12-06 Relevant URL: http://www.securityfocus.com/bid/26733 Summary: Novell BorderManager is prone to multiple vulnerabilities. These issues may allow attackers to execute arbitrary code and bypass certain security controls. Versions prior to Novell BorderManager 3.8 SP5 are affected by these issues. 6. HFS HTTP File Server Arbitrary File Upload Vulnerability BugTraq ID: 26732 Remote: Yes Date Published: 2007-12-05 Relevant URL: http://www.securityfocus.com/bid/26732 Summary: HFS HTTP File Server is prone to a vulnerability that lets attackers upload files and place them in arbitrary locations on the server. The issue occurs because the software fails to adequately sanitize user-supplied input. A successful exploit may allow the attacker to upload malicious files and potentially execute them; this may lead to various attacks. This issue affects versions prior to HTTP File Server 2.2b. 7. Cisco Security Agent for Microsoft Windows SMB Remote Buffer Overflow Vulnerability BugTraq ID: 26723 Remote: Yes Date Published: 2007-12-05 Relevant URL: http://www.securityfocus.com/bid/26723 Summary: Cisco Security Agent for Microsoft Windows is prone to a buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data. Remote attackers can exploit this issue to execute arbitrary machine code with SYSTEM-level privileges. Successful exploits will completely compromise affected computers. Failed attacks will likely cause denial-of-service conditions. This issue affects all standalone and managed versions of Cisco Security Agent for Windows. 8. avast! Home/Professional TAR File Handling Remote Heap Overflow Vulnerability BugTraq ID: 26702 Remote: Yes Date Published: 2007-12-04 Relevant URL: http://www.securityfocus.com/bid/26702 Summary: avast! is prone to a remote heap-overflow vulnerability. This issue occurs when the application handles a malicious TAR file. Versions prior to avast! Home and Professional 4.7.1098 are affected. 9. Microsoft Optical Desktop Wireless Keyboard Weak Encryption Information Disclosure Vulnerability BugTraq ID: 26693 Remote: Yes Date Published: 2007-12-04 Relevant URL: http://www.securityfocus.com/bid/26693 Summary: Microsoft Optical Desktop is prone to an information-disclosure vulnerability. Successfully exploiting this issue will allow an attacker to obtain sensitive information that may lead to other attacks. This issue affects Microsoft Optical Desktop 1000 and 2000; other versions may also be affected. 10. Microsoft Web Proxy Auto-Discovery Proxy Spoofing Vulnerability BugTraq ID: 26686 Remote: Yes Date Published: 2007-12-03 Relevant URL: http://www.securityfocus.com/bid/26686 Summary: Microsoft Web Proxy Auto-Discovery is prone to a vulnerability that may allow attackers to obtain sensitive information that may lead to further attacks. 11. Apple QuickTime Unspecified Remote Vulnerability BugTraq ID: 26682 Remote: Yes Date Published: 2007-12-03 Relevant URL: http://www.securityfocus.com/bid/26682 Summary: Apple QuickTime is prone to an unspecified remote vulnerability. Very few technical details are currently available. We will update this BID as more information emerges. This issue affects Apple QuickTime 7.2 for Microsoft Windows XP; other versions may also be affected. 12. Microsoft Internet Explorer DHTML Object Memory Corruption Vulnerability BugTraq ID: 26427 Remote: Yes Date Published: 2007-12-11 Relevant URL: http://www.securityfocus.com/bid/26427 Summary: Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability because it fails to adequately handle user-supplied input to certain DHTML object methods. Attackers can exploit this issue to execute arbitrary code in the context of a user running the application. Successful attacks would compromise the application and possibly the underlying computer. Failed attacks will cause denial-of-service conditions. III. MICROSOFT FOCUS LIST SUMMARY --------------------------------- 1. SecurityFocus Microsoft Newsletter #371 http://www.securityfocus.com/archive/88/484683 IV. UNSUBSCRIBE INSTRUCTIONS ----------------------------- To unsubscribe send an e-mail message to [EMAIL PROTECTED] from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website. If your email address has changed email [EMAIL PROTECTED] and ask to be manually removed. V. SPONSOR INFORMATION ------------------------ This issue is Sponsored by: SPI Dynamics ALERT: "How A Hacker Launches A Cross-Site Scripting Attack"- White Paper Cross-site scripting vulnerabilities in web apps allow hackers to compromise confidential information, steal cookies and create requests that can be mistaken for those of a valid user!! Download this *FREE* white paper from SPI Dynamics for a complete guide to protection! https://download.spidynamics.com/1/ad/xss.asp?Campaign_ID=70160000000D8v9
