SecurityFocus Microsoft Newsletter #443 ----------------------------------------
This issue is sponsored by Thawte Extended Validation SSL Certificates: Inspire Trust, Improve Confidence and Increase Sales Extended Validation SSL delivers the acknowledged industry standard for the highest level of online identity assurance processes for SSL certificate issuance. Find out how the EV standard increases the visibility of authentication status through the use of a green address bar in the latest high security web browsers. http://www.dinclinx.com/Redirect.aspx?36;5004;25;1371;0;3;946;54442f0f214c470a SECURITY BLOGS SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks. http://www.securityfocus.com/blogs ------------------------------------------------------------------ I. FRONT AND CENTER 1. A Botnet by Any Other Name 2. Projecting Borders into Cyberspace II. MICROSOFT VULNERABILITY SUMMARY 1. Sorinara Streaming Audio Player '.m3u' File Remote Stack Buffer Overflow Vulnerability 2. 32bit FTP 'CWD' Response Remote Buffer Overflow Vulnerability 3. 32bit FTP 'banner' Remote Buffer Overflow Vulnerability 4. Quick 'n Easy Mail Server SMTP Request Remote Denial Of Service Vulnerability 5. Bmxplay 'BMX' File Remote Buffer Overflow Vulnerability 6. Grabit 'NZB' File Remote Stack Buffer Overflow Vulnerability 7. EW-MusicPlayer '.m3u' File Remote Stack Buffer Overflow Vulnerability 8. RM Downloader '.smi' File Buffer Overflow Vulnerability 9. Beatport Player '.m3u' File Remote Stack Buffer Overflow Vulnerability 10. Mercury Audio Player 'm3u/b4s/pls' File Multiple Remote Stack Buffer Overflow Vulnerabilities 11. McAfee Products RAR/ZIP Files Scan Evasion Vulnerability 12. Baby Web Server URL File Disclosure Vulnerability 13. Symantec WinFax Pro 'DCCFAXVW.DLL' Heap Buffer Overflow Vulnerability 14. Multiple Trend Micro Products RAR/ZIP/CAB Files Scan Evasion Vulnerability 15. Pablo Software Solutions Quick 'n Easy Web Server Directory Traversal Vulnerability 16. DWebPro Directory Traversal Vulnerability and Arbitrary File Disclosure Vulnerability III. MICROSOFT FOCUS LIST SUMMARY 1. SecurityFocus Microsoft Newsletter #442 IV. UNSUBSCRIBE INSTRUCTIONS V. SPONSOR INFORMATION I. FRONT AND CENTER --------------------- 1. A Botnet by Any Other Name By Gubter Ollmann The news has been awash the last few weeks with fears over globe-spanning botnets and their criminal intent: Conficker managed to hog the limelight for well over a month, and then came Finjan's disclosure of a previously unknown - and currently unnamed - botnet consisting of some 1.9 million malicious agents. http://www.securityfocus.com/columnists/501 2. Projecting Borders into Cyberspace By Jeffrey Carr Two recent stories of significant cyber attacks come close to blaming the Chinese for the intrusions but stop short. http://www.securityfocus.com/columnists/500 II. MICROSOFT VULNERABILITY SUMMARY ------------------------------------ 1. Sorinara Streaming Audio Player '.m3u' File Remote Stack Buffer Overflow Vulnerability BugTraq ID: 34842 Remote: Yes Date Published: 2009-05-05 Relevant URL: http://www.securityfocus.com/bid/34842 Summary: Sorinara Streaming Audio Player is prone to a remote stack-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied input. Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions. Sorinara Streaming Audio Player 0.9 is vulnerable; other version may also be affected. 2. 32bit FTP 'CWD' Response Remote Buffer Overflow Vulnerability BugTraq ID: 34838 Remote: Yes Date Published: 2009-05-05 Relevant URL: http://www.securityfocus.com/bid/34838 Summary: 32bit FTP is prone to a buffer-overflow vulnerability because it fails to properly perform adequate boundary checks on user-supplied data. An attacker may exploit this issue to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will likely result in a denial-of-service condition. 32bit FTP 09.04.24 is vulnerable; other versions may also be affected. 3. 32bit FTP 'banner' Remote Buffer Overflow Vulnerability BugTraq ID: 34822 Remote: Yes Date Published: 2009-05-05 Relevant URL: http://www.securityfocus.com/bid/34822 Summary: 32bit FTP is prone to a buffer-overflow vulnerability because it fails to properly perform adequate boundary checks on user-supplied data. An attacker may exploit this issue to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will likely result in a denial-of-service condition. 32bit FTP 09.04.24 is vulnerable; other versions may also be affected. 4. Quick 'n Easy Mail Server SMTP Request Remote Denial Of Service Vulnerability BugTraq ID: 34814 Remote: Yes Date Published: 2009-05-04 Relevant URL: http://www.securityfocus.com/bid/34814 Summary: Quick 'n Easy Mail Server is prone to a denial-of-service vulnerability because it fails to adequately handle multiple socket requests. Attackers can exploit this issue to cause the affected application to reject SMTP requests, denying service to legitimate users. The demonstration release of Quick 'n Easy Mail Server 3.3 is vulnerable; other versions may also be affected. 5. Bmxplay 'BMX' File Remote Buffer Overflow Vulnerability BugTraq ID: 34810 Remote: Yes Date Published: 2009-05-04 Relevant URL: http://www.securityfocus.com/bid/34810 Summary: Bmxplay is prone to a remote buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied input. Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions. Bmxplay 0.4 is vulnerable; other versions may also be affected. 6. Grabit 'NZB' File Remote Stack Buffer Overflow Vulnerability BugTraq ID: 34807 Remote: Yes Date Published: 2009-05-04 Relevant URL: http://www.securityfocus.com/bid/34807 Summary: Grabit is prone to a remote stack-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied input. Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions. Grabit 1.7.2 beta 3 is vulnerable; other versions may also be affected. 7. EW-MusicPlayer '.m3u' File Remote Stack Buffer Overflow Vulnerability BugTraq ID: 34806 Remote: Yes Date Published: 2009-05-04 Relevant URL: http://www.securityfocus.com/bid/34806 Summary: EW-MusicPlayer is prone to a remote stack-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied input. Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions. EW-MusicPlayer 0.8 is vulnerable; other versions may also be affected. 8. RM Downloader '.smi' File Buffer Overflow Vulnerability BugTraq ID: 34794 Remote: Yes Date Published: 2009-05-01 Relevant URL: http://www.securityfocus.com/bid/34794 Summary: RM Downloader is prone a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the application. Failed exploit attempts likely result in denial-of-service conditions. 9. Beatport Player '.m3u' File Remote Stack Buffer Overflow Vulnerability BugTraq ID: 34793 Remote: Yes Date Published: 2009-05-01 Relevant URL: http://www.securityfocus.com/bid/34793 Summary: Beatport Player is prone to a remote stack-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied input. Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions. Beatport Player 1.0.0.283 is vulnerable; other versions may also be affected. 10. Mercury Audio Player 'm3u/b4s/pls' File Multiple Remote Stack Buffer Overflow Vulnerabilities BugTraq ID: 34788 Remote: Yes Date Published: 2009-04-30 Relevant URL: http://www.securityfocus.com/bid/34788 Summary: Mercury Audio Player is prone to multiple remote stack-based buffer-overflow vulnerabilities because the application fails to perform adequate boundary checks on user-supplied input. Attackers may leverage these issues to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions. Mercury Audio Player 1.21 is vulnerable; other versions may also be affected. 11. McAfee Products RAR/ZIP Files Scan Evasion Vulnerability BugTraq ID: 34780 Remote: Yes Date Published: 2009-04-30 Relevant URL: http://www.securityfocus.com/bid/34780 Summary: Multiple McAfee products are prone to a vulnerability that may allow certain compressed archives to bypass the scan engine. Successful exploits will allow attackers to distribute files containing malicious code that the antivirus application will fail to detect. The issue affects all McAfee software that uses DAT files. 12. Baby Web Server URL File Disclosure Vulnerability BugTraq ID: 34772 Remote: Yes Date Published: 2009-04-29 Relevant URL: http://www.securityfocus.com/bid/34772 Summary: Baby Web Server is prone to a vulnerability that lets attackers obtain potentially sensitive information because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to download arbitrary files with the privileges of the webserver process. Information obtained may aid in further attacks. Baby Web Server 2.7.2 is vulnerable; other versions may also be affected. 13. Symantec WinFax Pro 'DCCFAXVW.DLL' Heap Buffer Overflow Vulnerability BugTraq ID: 34766 Remote: Yes Date Published: 2009-04-29 Relevant URL: http://www.securityfocus.com/bid/34766 Summary: Symantec WinFax Pro ActiveX control is prone to a heap-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied input. An attacker can exploit this issue to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed attacks will likely cause denial-of-service conditions. Symantec WinFax Pro 10.03 is vulnerable; other versions may also be affected. 14. Multiple Trend Micro Products RAR/ZIP/CAB Files Scan Evasion Vulnerability BugTraq ID: 34763 Remote: Yes Date Published: 2009-04-29 Relevant URL: http://www.securityfocus.com/bid/34763 Summary: Multiple Trend Micro products are prone to a vulnerability that may allow certain compressed archives to bypass the scan engine. Successful exploits will allow attackers to distribute files containing malicious code that the antivirus application will fail to detect. ServerProtect for Microsoft Windows/Novell NetWare ServerProtect for EMC Celerra ServerProtect for NetApp ServerProtect for Linux ServerProtect for Network Appliance Filers Internet Security Pro Internet Security OfficeScan Component Worry Free Business Security - Standard Worry Free Business Security - Advanced Worry Free Business Security Hosted Housecall InterScan Web Security Suite InterScan Web Protect for ISA InterScan Messaging Security Appliance Neatsuite Advanced ScanMail for Exchange ScanMail for Domino Suites 15. Pablo Software Solutions Quick 'n Easy Web Server Directory Traversal Vulnerability BugTraq ID: 34758 Remote: Yes Date Published: 2009-04-28 Relevant URL: http://www.securityfocus.com/bid/34758 Summary: Quick 'n Easy Web Server is prone to a directory-traversal vulnerability. An attacker can exploit this issue to obtain sensitive information that may lead to other attacks. Quick 'n Easy Web Server 3.3.5 is vulnerable; other versions may also be affected. 16. DWebPro Directory Traversal Vulnerability and Arbitrary File Disclosure Vulnerability BugTraq ID: 34721 Remote: Yes Date Published: 2009-04-27 Relevant URL: http://www.securityfocus.com/bid/34721 Summary: DWebPro is prone to a directory-traversal vulnerability and a vulnerability that allows attackers to view arbitrary files. An attacker can exploit these issues to obtain sensitive information that may lead to other attacks. DWebPro 6.8.26 is vulnerable; other versions may also be affected. III. MICROSOFT FOCUS LIST SUMMARY --------------------------------- 1. SecurityFocus Microsoft Newsletter #442 http://www.securityfocus.com/archive/88/503195 IV. UNSUBSCRIBE INSTRUCTIONS ----------------------------- To unsubscribe send an e-mail message to [email protected] from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website. If your email address has changed email [email protected] and ask to be manually removed. V. SPONSOR INFORMATION ------------------------ This issue is sponsored by Thawte Extended Validation SSL Certificates: Inspire Trust, Improve Confidence and Increase Sales Extended Validation SSL delivers the acknowledged industry standard for the highest level of online identity assurance processes for SSL certificate issuance. Find out how the EV standard increases the visibility of authentication status through the use of a green address bar in the latest high security web browsers. http://www.dinclinx.com/Redirect.aspx?36;5004;25;1371;0;3;946;54442f0f214c470a
