SecurityFocus Microsoft Newsletter #440 ----------------------------------------
This issue is sponsored by Cisco Five Ways to Know Your Wireless Security A wireless network can help your employees stay productive as they move around your company. But to take advantage of the benefits of wireless networking, you need to be sure that your network is safe from hackers and unauthorized users. Every device in a wireless network is important to security. Because a wireless LAN (WLAN) is a mobile network, you need a thorough, multilayered approach to safeguard traffic. http://dinclinx.com/Redirect.aspx?36;4328;50;189;0;5;259;b3682945b0c3f7c4 SECURITY BLOGS SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks. http://www.securityfocus.com/blogs ------------------------------------------------------------------ I. FRONT AND CENTER 1. Facebook, Privacy and Contracts 2. Act Locally, Pwn Globally II. MICROSOFT VULNERABILITY SUMMARY 1. MagicISO CCD/Cue File Heap Overflow Vulnerability 2. MiniWeb Source Code Information Disclosure Vulnerability 3. MiniWeb Remote Buffer Overflow Vulnerability 4. Elecard AVC HD Player '.xpl' File Remote Stack Buffer Overflow Vulnerability 5. Apollo 'm3u' Playlist File Heap Buffer Overflow Vulnerability 6. Microsoft Windows Media Player MID File Parsing Integer Overflow Vulnerability 7. Microsoft IAG 2007 ActiveX Control Multiple Stack Based Buffer Overflow Vulnerabilities 8. Zervit 'http.c' Remote Buffer Overflow Vulnerability 9. Mini-stream Software RM-MP3 Converter '.pls' File Remote Stack Buffer Overflow Vulnerability 10. Multiple Mini-stream Software Products '.m3u' File Remote Stack Buffer Overflow Vulnerability 11. FTPDMIN 'RNFR' Command Buffer Overflow Vulnerability 12. Microsoft Internet Explorer File Download Denial of Service Vulnerability 13. Xilisoft Video Converter Wizard '.CUE' File Stack Buffer Overflow Vulnerability 14. Microsoft WordPad Word 97 Converter Remote Code Execution Vulnerability 15. Microsoft Word 2000 WordPerfect Converter Remote Code Execution Vulnerability 16. Microsoft Windows 'atapi.sys' Local Privilege Escalation Vulnerability 17. Microsoft DirectX DirectShow MJPEG Video Decompression Remote Code Execution Vulnerability 18. SWF Opener Buffer Overflow Vulnerability 19. HP ProCurve Manager and ProCurve Manager Plus Unauthorized Access Vulnerability 20. Microsoft April 2009 Advance Notification Multiple Vulnerabilities 21. EMC RepliStor Multiple Remote Heap Based Buffer Overflow Vulnerabilities 22. Microsoft Windows Thread Pool ACL Local Privilege Escalation Vulnerability 23. Microsoft Windows RPCSS Service Isolation Local Privilege Escalation Vulnerability 24. Microsoft Windows WMI Service Isolation Local Privilege Escalation Vulnerability 25. Microsoft Windows NTLM Credential Reflection Remote Code Execution Vulnerability 26. Microsoft Internet Explorer Page Transition Remote Code Execution Vulnerability 27. Microsoft WinHTTP Server Name Mismatch Certificate Validation Security Bypass Vulnerability 28. Microsoft WinHTTP Integer Underflow Memory Corruption Remote Code Execution Vulnerability 29. Microsoft Internet Explorer Uninitialized Memory Variant Three Remote Code Execution Vulnerability 30. Microsoft Internet Explorer Uninitialized Memory Variant Two Remote Code Execution Vulnerability 31. Microsoft Internet Explorer Uninitialized Memory Variant One Remote Code Execution Vulnerability 32. Microsoft ISA Server and Forefront Threat Management Gateway Cross-Site Scripting Vulnerability 33. Microsoft ISA Server and Forefront Threat Management Gateway Denial of Service Vulnerability 34. Microsoft Excel Malformed Object Remote Memory Corruption Vulnerability 35. OpenAFS Unix Cache Manager Heap-Based Buffer Overflow Vulnerability 36. OpenAFS Error Codes Remote Denial of Service Vulnerabiliy 37. JustSystems Ichitaro RTF File Buffer Overflow Vulnerability III. MICROSOFT FOCUS LIST SUMMARY IV. UNSUBSCRIBE INSTRUCTIONS V. SPONSOR INFORMATION I. FRONT AND CENTER --------------------- 1. Facebook, Privacy and Contracts On February 4, the social networking site Facebook made a minor change to its terms of service - the online contract that every user must agree to when they create an account. Facebook was trying to solve a legitimate problem: People who deleted their accounts did not realize that information that they shared with other users would persist on their Facebook friends' accounts. Thus, they needed some way of telling users that the information might remain. http://www.securityfocus.com/columnists/497 2. Act Locally, Pwn Globally By Jeffrey Carr On December 24, 2008, the Pakistani Whackerz Cr3w defaced a part of India's critical infrastructure, the Eastern Railway system Web site. The defacement appeared on a scroll feed which read: "Cyber war has been declared on Indian cyberspace by Whackerz- Pakistan (24 Dec-2008)." http://www.securityfocus.com/columnists/496 II. MICROSOFT VULNERABILITY SUMMARY ------------------------------------ 1. MagicISO CCD/Cue File Heap Overflow Vulnerability BugTraq ID: 34574 Remote: Yes Date Published: 2009-04-16 Relevant URL: http://www.securityfocus.com/bid/34574 Summary: MagicISO is prone to a heap-overflow vulnerability that may be triggered by a malicious '.ccd' or '.cue' file. A successful exploit will crash the application. It may also allow an attacker to execute arbitrary code in the context of the application but this has not been confirmed. 2. MiniWeb Source Code Information Disclosure Vulnerability BugTraq ID: 34565 Remote: Yes Date Published: 2009-04-16 Relevant URL: http://www.securityfocus.com/bid/34565 Summary: MiniWeb is prone to a vulnerability that lets attackers access source code because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable computer in the context of the webserver process. Information obtained may aid in further attacks. This issue affects unknown versions of MiniWeb. We will update this BID when further details are available. 3. MiniWeb Remote Buffer Overflow Vulnerability BugTraq ID: 34563 Remote: Yes Date Published: 2009-04-16 Relevant URL: http://www.securityfocus.com/bid/34563 Summary: MiniWeb is prone to a remote buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. 4. Elecard AVC HD Player '.xpl' File Remote Stack Buffer Overflow Vulnerability BugTraq ID: 34560 Remote: Yes Date Published: 2009-04-16 Relevant URL: http://www.securityfocus.com/bid/34560 Summary: Elecard AVC HD Player is prone to a remote stack-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied input. Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions. 5. Apollo 'm3u' Playlist File Heap Buffer Overflow Vulnerability BugTraq ID: 34554 Remote: Yes Date Published: 2009-04-16 Relevant URL: http://www.securityfocus.com/bid/34554 Summary: Apollo is prone to a heap-based buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer. Attackers can execute arbitrary code in the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. Apollo 37zz is vulnerable; other versions may also be affected. 6. Microsoft Windows Media Player MID File Parsing Integer Overflow Vulnerability BugTraq ID: 34534 Remote: Yes Date Published: 2009-04-15 Relevant URL: http://www.securityfocus.com/bid/34534 Summary: Microsoft Windows Media Player is prone to an integer-overflow vulnerability. An attacker can exploit this issue by tricking an unsuspecting victim into opening a malicious file with the vulnerable application. A successful exploit will allow the attacker to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial of service. Windows Media Player 11 is vulnerable; other versions may also be affected. 7. Microsoft IAG 2007 ActiveX Control Multiple Stack Based Buffer Overflow Vulnerabilities BugTraq ID: 34532 Remote: Yes Date Published: 2009-04-15 Relevant URL: http://www.securityfocus.com/bid/34532 Summary: The Microsoft Intelligent Application Gateway (IAG) 2007 Client Components ActiveX Control is prone to multiple stack-based buffer-overflow vulnerabilities because the application fails to perform adequate boundary checks on user-supplied data. The ActiveX control is identified by CLSID: 8D9563A9-8D5F-459B-87F2-BA842255CB9A Successfully exploiting these issues allows remote attackers to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed exploit attempts likely result in denial-of-service conditions. NOTE: IAG was formerly known as Whale Communications Intelligent Application Gateway. Versions prior to IAG 2007 3.7 SP2 are vulnerable. 8. Zervit 'http.c' Remote Buffer Overflow Vulnerability BugTraq ID: 34530 Remote: Yes Date Published: 2009-04-15 Relevant URL: http://www.securityfocus.com/bid/34530 Summary: Zervit is prone to a remote buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. Zervit 0.2 is vulnerable; other versions may also be affected. 9. Mini-stream Software RM-MP3 Converter '.pls' File Remote Stack Buffer Overflow Vulnerability BugTraq ID: 34514 Remote: Yes Date Published: 2009-04-14 Relevant URL: http://www.securityfocus.com/bid/34514 Summary: Mini-stream Software RM-MP3 Converter is prone to a remote stack-based buffer-overflow vulnerability because it fails to perform adequate checks on user-supplied input. Successfully exploiting this issue may allow remote attackers to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions. 10. Multiple Mini-stream Software Products '.m3u' File Remote Stack Buffer Overflow Vulnerability BugTraq ID: 34494 Remote: Yes Date Published: 2009-04-13 Relevant URL: http://www.securityfocus.com/bid/34494 Summary: Multiple Mini-stream Software products are prone to a remote stack-based buffer-overflow vulnerability because the applications fail to perform adequate boundary checks on user-supplied input. Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions. 11. FTPDMIN 'RNFR' Command Buffer Overflow Vulnerability BugTraq ID: 34479 Remote: Yes Date Published: 2009-04-11 Relevant URL: http://www.securityfocus.com/bid/34479 Summary: FTPDMIN is prone to a buffer-overflow vulnerability. A successful exploit may allow attackers to execute arbitrary code in the context of the vulnerable service. Failed exploit attempts will likely cause denial-of-service conditions. 12. Microsoft Internet Explorer File Download Denial of Service Vulnerability BugTraq ID: 34478 Remote: Yes Date Published: 2009-04-11 Relevant URL: http://www.securityfocus.com/bid/34478 Summary: Microsoft Internet Explorer is prone to a remote denial-of-service vulnerability. Successful exploits can allow attackers to hang the affected browser, resulting in denial-of-service conditions. 13. Xilisoft Video Converter Wizard '.CUE' File Stack Buffer Overflow Vulnerability BugTraq ID: 34472 Remote: Yes Date Published: 2009-04-10 Relevant URL: http://www.securityfocus.com/bid/34472 Summary: Xilisoft Video Converter Wizard is prone to a stack-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied input. Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions. Xilisoft Video Converter Wizard 3 is vulnerable; other versions may also be affected. 14. Microsoft WordPad Word 97 Converter Remote Code Execution Vulnerability BugTraq ID: 34470 Remote: Yes Date Published: 2009-04-14 Relevant URL: http://www.securityfocus.com/bid/34470 Summary: Microsoft WordPad is prone to a remote code-execution vulnerability because of a stack-based buffer overflow that may result in corrupted memory. An attacker could exploit this issue to execute arbitrary code with the privileges of the currently logged-in user. Failed exploit attempts may result in denial-of-service conditions. 15. Microsoft Word 2000 WordPerfect Converter Remote Code Execution Vulnerability BugTraq ID: 34469 Remote: Yes Date Published: 2009-04-14 Relevant URL: http://www.securityfocus.com/bid/34469 Summary: Microsoft Word 2000 is prone to a remote code-execution vulnerability because it fails to properly validate an unspecified string when parsing a WordPerfect document. An attacker could exploit this issue to execute arbitrary code with the privileges of the currently logged-in user. Failed exploit attempts may result in denial-of-service conditions. 16. Microsoft Windows 'atapi.sys' Local Privilege Escalation Vulnerability BugTraq ID: 34466 Remote: No Date Published: 2009-04-09 Relevant URL: http://www.securityfocus.com/bid/34466 Summary: Microsoft Windows is prone to a local privilege-escalation vulnerability because it fails to adequately handle user-supplied input. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Failed exploits will cause a denial of service. 17. Microsoft DirectX DirectShow MJPEG Video Decompression Remote Code Execution Vulnerability BugTraq ID: 34460 Remote: Yes Date Published: 2009-04-14 Relevant URL: http://www.securityfocus.com/bid/34460 Summary: Microsoft DirectX is prone to a remote code-execution vulnerability because the DirectShow component fails to properly handle compressed media files. Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the user running the application that uses DirectX. Failed exploit attempts will result in a denial-of-service condition. 18. SWF Opener Buffer Overflow Vulnerability BugTraq ID: 34459 Remote: Yes Date Published: 2009-04-09 Relevant URL: http://www.securityfocus.com/bid/34459 Summary: SWF Opener is prone to a remote buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. Successful exploits may allow an attacker to execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. SWF Opener 1.3 is vulnerable; other versions may also be affected. 19. HP ProCurve Manager and ProCurve Manager Plus Unauthorized Access Vulnerability BugTraq ID: 34451 Remote: Yes Date Published: 2009-04-09 Relevant URL: http://www.securityfocus.com/bid/34451 Summary: HP ProCurve Manager and ProCurve Manager Plus are prone to an unspecified unauthorized-access vulnerability. Remote attackers may exploit this issue to gain unauthorized access to data. The following are vulnerable: ProCurve Manager 3.2 and earlier ProCurve Manager Plus 3.2 and eariler 20. Microsoft April 2009 Advance Notification Multiple Vulnerabilities BugTraq ID: 34450 Remote: Yes Date Published: 2009-04-09 Relevant URL: http://www.securityfocus.com/bid/34450 Summary: Microsoft has released advance notification that the vendor will be releasing eight security bulletins on April 14, 2009. The highest severity rating for these issues is 'Critical'. These issues affect Windows, Internet Explorer, Office, Excel, and ISA Server. Successfully exploiting these issues may allow remote or local attackers to compromise affected computers. Individual records will be created to document these issues when the bulletins are released. 21. EMC RepliStor Multiple Remote Heap Based Buffer Overflow Vulnerabilities BugTraq ID: 34449 Remote: Yes Date Published: 2009-04-09 Relevant URL: http://www.securityfocus.com/bid/34449 Summary: EMC RepliStor is prone to multiple remote heap-based buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied input. A remote attacker can exploit these issues to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Failed exploit attempts will result in a denial-of-service condition. Versions prior to RepliStor 6.2 SP5 and RepliStor 6.3 SP2 are vulnerable. 22. Microsoft Windows Thread Pool ACL Local Privilege Escalation Vulnerability BugTraq ID: 34444 Remote: No Date Published: 2009-04-14 Relevant URL: http://www.securityfocus.com/bid/34444 Summary: Microsoft Windows is prone to a privilege-escalation vulnerability. Successful exploits may allow attackers to elevate their privileges to LocalSystem, which would facilitate the complete compromise of affected computers. The issue affects the following: Windows Vista Windows Server 2008 23. Microsoft Windows RPCSS Service Isolation Local Privilege Escalation Vulnerability BugTraq ID: 34443 Remote: No Date Published: 2009-04-14 Relevant URL: http://www.securityfocus.com/bid/34443 Summary: Microsoft Windows is prone to a privilege-escalation vulnerability. Successful exploits may allow attackers to elevate their privileges to LocalSystem, which would facilitate the complete compromise of affected computers. The issue affects the following: Windows XP SP2 Windows Server 2003 24. Microsoft Windows WMI Service Isolation Local Privilege Escalation Vulnerability BugTraq ID: 34442 Remote: No Date Published: 2009-04-14 Relevant URL: http://www.securityfocus.com/bid/34442 Summary: Microsoft Windows is prone to a privilege-escalation vulnerability. Successful exploits may allow attackers to elevate their privileges to LocalSystem, which would facilitate the complete compromise of affected computers. The issue affects the following: Windows XP SP2 Windows Server 2003 Windows Vista Windows Server 2008 25. Microsoft Windows NTLM Credential Reflection Remote Code Execution Vulnerability BugTraq ID: 34439 Remote: Yes Date Published: 2009-04-14 Relevant URL: http://www.securityfocus.com/bid/34439 Summary: Microsoft Windows is prone to a vulnerability that could let attackers replay NTLM (NT LAN Manager) credentials. A successful exploit would let an attacker execute arbitrary code in the context of the affected user. 26. Microsoft Internet Explorer Page Transition Remote Code Execution Vulnerability BugTraq ID: 34438 Remote: Yes Date Published: 2009-04-14 Relevant URL: http://www.securityfocus.com/bid/34438 Summary: Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the computer. Failed attacks will cause denial-of-service conditions. 27. Microsoft WinHTTP Server Name Mismatch Certificate Validation Security Bypass Vulnerability BugTraq ID: 34437 Remote: Yes Date Published: 2009-04-14 Relevant URL: http://www.securityfocus.com/bid/34437 Summary: Microsoft Windows HTTP Services (WinHTTP) is prone to a security-bypass vulnerability because of an error in verifying website certificates. Successfully exploiting this issue allows attackers to perform man-in-the-middle attacks or impersonate trusted servers, which will aid in further attacks. 28. Microsoft WinHTTP Integer Underflow Memory Corruption Remote Code Execution Vulnerability BugTraq ID: 34435 Remote: Yes Date Published: 2009-04-14 Relevant URL: http://www.securityfocus.com/bid/34435 Summary: Microsoft Windows HTTP Services (WinHTTP) is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise an affected application and possibly the computer. Failed attacks will cause denial-of-service conditions. 29. Microsoft Internet Explorer Uninitialized Memory Variant Three Remote Code Execution Vulnerability BugTraq ID: 34426 Remote: Yes Date Published: 2009-04-14 Relevant URL: http://www.securityfocus.com/bid/34426 Summary: Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the computer. Failed attacks may cause denial-of-service conditions. 30. Microsoft Internet Explorer Uninitialized Memory Variant Two Remote Code Execution Vulnerability BugTraq ID: 34424 Remote: Yes Date Published: 2009-04-14 Relevant URL: http://www.securityfocus.com/bid/34424 Summary: Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the computer. Failed attacks may cause denial-of-service conditions. 31. Microsoft Internet Explorer Uninitialized Memory Variant One Remote Code Execution Vulnerability BugTraq ID: 34423 Remote: Yes Date Published: 2009-04-14 Relevant URL: http://www.securityfocus.com/bid/34423 Summary: Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the computer. Failed attacks may cause denial-of-service conditions. 32. Microsoft ISA Server and Forefront Threat Management Gateway Cross-Site Scripting Vulnerability BugTraq ID: 34416 Remote: Yes Date Published: 2009-04-14 Relevant URL: http://www.securityfocus.com/bid/34416 Summary: Microsoft ISA (Internet Security and Acceleration) Server and Forefront Threat Management Gateway (TMG) are prone to a cross-site scripting vulnerability because the software fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal potentially sensitive information and launch other attacks. 33. Microsoft ISA Server and Forefront Threat Management Gateway Denial of Service Vulnerability BugTraq ID: 34414 Remote: Yes Date Published: 2009-04-14 Relevant URL: http://www.securityfocus.com/bid/34414 Summary: Microsoft ISA Server and Forefront Threat Management Gateway are prone to a remote denial-of-service vulnerability. A remote, anonymous attacker could exploit this issue to cause the Web proxy listener to become unresponsive, denying service legitimate users. 34. Microsoft Excel Malformed Object Remote Memory Corruption Vulnerability BugTraq ID: 34413 Remote: Yes Date Published: 2009-04-14 Relevant URL: http://www.securityfocus.com/bid/34413 Summary: Microsoft Excel is prone to a memory-corruption vulnerability. Attackers may exploit this issue by enticing victims into opening a maliciously crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the application. 35. OpenAFS Unix Cache Manager Heap-Based Buffer Overflow Vulnerability BugTraq ID: 34407 Remote: Yes Date Published: 2009-04-07 Relevant URL: http://www.securityfocus.com/bid/34407 Summary: OpenAFS is prone to a remote heap-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it to an insufficiently sized memory buffer in the Unix cache manager. The issue occurs when the application processes RX packets in a client context. An attacker can exploit this issue to execute arbitrary code in the context of the Unix cache manager, resulting in a complete compromise of the affected computer. Failed exploit attempts will likely result in a denial of service. The issue affects these versions: OpenAFS Unix clients 1.0 through 1.4.8 OpenAFS Unix clients 1.5.0 through 1.5.58 Note that Mac OS X clients are not affected. 36. OpenAFS Error Codes Remote Denial of Service Vulnerabiliy BugTraq ID: 34404 Remote: Yes Date Published: 2009-04-07 Relevant URL: http://www.securityfocus.com/bid/34404 Summary: OpenAFS file server is prone to a denial-of-service vulnerability that occurs on computers running the Linux kernel. Successfully exploiting this issue allows attackers to cause a kernel panic, denying service to legitimate users. The issue affects these versions: OpenAFS 1.0 through 1.4.8 OpenAFS 1.5.0 through 1.5.58 37. JustSystems Ichitaro RTF File Buffer Overflow Vulnerability BugTraq ID: 34403 Remote: Yes Date Published: 2009-04-07 Relevant URL: http://www.securityfocus.com/bid/34403 Summary: Ichitaro is prone to a remote buffer-overflow vulnerability. Attackers may exploit this issue to execute arbitrary code within the context of the vulnerable application. Failed attempts will result in a denial-of-service condition. Ichitaro 2009 and prior versions are vulnerable. III. MICROSOFT FOCUS LIST SUMMARY --------------------------------- IV. UNSUBSCRIBE INSTRUCTIONS ----------------------------- To unsubscribe send an e-mail message to [email protected] from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website. If your email address has changed email [email protected] and ask to be manually removed. V. SPONSOR INFORMATION ------------------------ This issue is sponsored by Cisco Five Ways to Know Your Wireless Security A wireless network can help your employees stay productive as they move around your company. But to take advantage of the benefits of wireless networking, you need to be sure that your network is safe from hackers and unauthorized users. Every device in a wireless network is important to security. Because a wireless LAN (WLAN) is a mobile network, you need a thorough, multilayered approach to safeguard traffic. http://dinclinx.com/Redirect.aspx?36;4328;50;189;0;5;259;b3682945b0c3f7c4
