SecurityFocus Microsoft Newsletter #424 ----------------------------------------
This issue is sponsored by Purewire NEW! White Paper: "Hackers Announce Open Season on Web 2.0 Users and Browsers" Learn how hackers are exploiting your employees Web surfing to gain entry into your network. Drive-by Downloads, Click Jacking, AJAX, XSS and Browser vulns are just some of the nasty attack methods hackers are coming up with and it's no longer good enough to block known bad URL's. Download this white paper now to mitigate your online security risks. http://www.purewire.com/lp/sec SECURITY BLOGS SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks. http://www.securityfocus.com/blogs ------------------------------------------------------------------ I. FRONT AND CENTER 1.Time to Exclude Bad ISPs 2.Standing on Other's Shoulders II. MICROSOFT VULNERABILITY SUMMARY 1. Microsoft Windows Media Player WAV/MID/SND File Parsing Integer Overflow Vulnerability 2. SAWStudio '.prf' File Buffer Overflow Vulnerability 3. BulletProof FTP Client Bookmark File Heap Buffer Overflow Vulnerability 4. Internet Explorer 'chromeHTML://' Command Line Parameter Injection Vulnerability 5. freeSSHd SFTP Commands Multiple Remote Buffer Overflow Vulnerabilities 6. PowerStrip 'pstrip.sys' Local Privilege Escalation Vulnerability 7. ESET Smart Security 'epfw.sys' Local Privilege Escalation Vulnerability 8. Adobe Flash Player Unspecified Remote Security Vulnerability III. MICROSOFT FOCUS LIST SUMMARY IV. UNSUBSCRIBE INSTRUCTIONS V. SPONSOR INFORMATION I. FRONT AND CENTER --------------------- 1. Time to Exclude Bad ISPs By Oliver Day In recent months, three questionable Internet service providers - EstDomains, Atrivo, and McColo - were effectively taken offline resulting in noticeable drops of malware and spam. http://www.securityfocus.com/columnists/487 2. Standing on Other's Shoulders By Chris Wysopal "If I have seen a little further it is by standing on the shoulders of Giants," Issac Netwon once wrote to describe how he felt that his scientific work was an extension of the work of those who went before him. In the scientific realm it is dishonorable not to credit those upon whose work you build. http://www.securityfocus.com/columnists/486 II. MICROSOFT VULNERABILITY SUMMARY ------------------------------------ 1. Microsoft Windows Media Player WAV/MID/SND File Parsing Integer Overflow Vulnerability BugTraq ID: 33018 Remote: Yes Date Published: 2008-12-25 Relevant URL: http://www.securityfocus.com/bid/33018 Summary: Microsoft Windows Media Player is prone to an integer-overflow vulnerability. An attacker can exploit this issue by tricking an unsuspecting victim into opening a malicious file with the vulnerable application. A successful exploit will result in the execution of arbitrary code in the context of the user running the application. 2. SAWStudio '.prf' File Buffer Overflow Vulnerability BugTraq ID: 33011 Remote: Yes Date Published: 2008-12-24 Relevant URL: http://www.securityfocus.com/bid/33011 Summary: SAWStudio is prone a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the application. Failed exploit attempts likely result in denial-of-service conditions. SAWStudio version 3.9i is vulnerable; other versions may also be affected. 3. BulletProof FTP Client Bookmark File Heap Buffer Overflow Vulnerability BugTraq ID: 33007 Remote: Yes Date Published: 2008-12-24 Relevant URL: http://www.securityfocus.com/bid/33007 Summary: BulletProof FTP Client is prone to a heap-based buffer-overflow vulnerability because the application fails to perform adequate boundary-checks on user-supplied data. An attacker may exploit this issue to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will likely result in a denial-of-service condition. BulletProof FTP Client version 2.63 is vulnerable; other versions may also be affected. 4. Internet Explorer 'chromeHTML://' Command Line Parameter Injection Vulnerability BugTraq ID: 32999 Remote: Yes Date Published: 2008-12-23 Relevant URL: http://www.securityfocus.com/bid/32999 Summary: Internet Explorer is prone to a vulnerability that lets attackers inject command-line parameters through protocol handlers. This issue occurs because the application fails to adequately sanitize user-supplied input. Exploiting this issue would permit remote attackers to influence command options that can be called through the vulnerable protocol handler and to execute commands with the privileges of a user running the application. Attackers may also be able to leverage this issue to execute arbitrary code with the privileges of the user running the vulnerable application. Internet Explorer 8 beta 2 is vulnerable; other versions may also be affected. 5. freeSSHd SFTP Commands Multiple Remote Buffer Overflow Vulnerabilities BugTraq ID: 32972 Remote: Yes Date Published: 2008-12-22 Relevant URL: http://www.securityfocus.com/bid/32972 Summary: freeSSHd is prone to multiple remote buffer-overflow vulnerabilities because the application fails to perform adequate boundary checks on user-supplied data. An attacker can exploit these issues to execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition. These issues affect freeSSHd 1.2.1; other versions may also be affected. 6. PowerStrip 'pstrip.sys' Local Privilege Escalation Vulnerability BugTraq ID: 32961 Remote: No Date Published: 2008-12-20 Relevant URL: http://www.securityfocus.com/bid/32961 Summary: PowerStrip is prone to a local privilege-escalation vulnerability that occurs in the 'pstrip.sys' driver. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges on a Microsoft Windows host operating system. Successfully exploiting this issue will result in the complete compromise of affected computers. Failed exploit attempts will result in a denial-of-service condition. PowerStrip 3.84 is vulnerable; other versions may also be affected. 7. ESET Smart Security 'epfw.sys' Local Privilege Escalation Vulnerability BugTraq ID: 32917 Remote: No Date Published: 2008-12-18 Relevant URL: http://www.securityfocus.com/bid/32917 Summary: ESET Smart Security is prone to a local privilege-escalation vulnerability that occurs in the 'easdrv.sys' driver. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges on a Microsoft Windows host operating system. Successfully exploiting this issue will result in the complete compromise of affected computers. Failed exploit attempts will result in a denial-of-service condition. ESET Smart Security 3.0.672 and prior are vulnerable. 8. Adobe Flash Player Unspecified Remote Security Vulnerability BugTraq ID: 32896 Remote: Yes Date Published: 2008-12-17 Relevant URL: http://www.securityfocus.com/bid/32896 Summary: Adobe Flash Player is prone to an unspecified security vulnerability. Remote attackers may exploit this vulnerability to compromise an affected computer. No further technical details are currently available. We will update this BID as more information emerges. This issue affects Flash Player on Linux platforms. Versions prior to Flash Player 10.0.15.3 and 9.0.152.0 are vulnerable. III. MICROSOFT FOCUS LIST SUMMARY --------------------------------- IV. UNSUBSCRIBE INSTRUCTIONS ----------------------------- To unsubscribe send an e-mail message to [email protected] from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website. If your email address has changed email [email protected] and ask to be manually removed. V. SPONSOR INFORMATION ------------------------ This issue is sponsored by Purewire NEW! White Paper: "Hackers Announce Open Season on Web 2.0 Users and Browsers" Learn how hackers are exploiting your employees Web surfing to gain entry into your network. Drive-by Downloads, Click Jacking, AJAX, XSS and Browser vulns are just some of the nasty attack methods hackers are coming up with and it's no longer good enough to block known bad URL's. Download this white paper now to mitigate your online security risks. http://www.purewire.com/lp/sec
