SecurityFocus Microsoft Newsletter #447 ----------------------------------------
This issue is sponsored by VeriSign VeriSign EV SSL Certificates for your sites' security turn the address bar in high security browsers green which helps your customers know they are safe on your site. http://ad.doubleclick.net/clk;215510135;37701660;s ------------------------------------------------------------------ I. FRONT AND CENTER 1. Hacker-Tool Law Still Does Little 2. A Botnet by Any Other Name II. MICROSOFT VULNERABILITY SUMMARY 1. Motorola Timbuktu Pro 'PlughNTCommand' Named Pipe Remote Stack Buffer Overflow Vulnerability 2. Apple Safari 'file://' Protocol Handler Information Disclosure and Denial of Service Vulnerability 3. Adobe Shockwave Player Director File Parsing Remote Code Execution Vulnerability 4. Microsoft Internet Explorer HTML Attribute JavaScript URI Security Bypass Vulnerability 5. LibTIFF 'LZWDecodeCompat()' Remote Buffer Underflow Vulnerability 6. Apple Safari 'parent/top' Cross Domain Scripting Vulnerability 7. DESlock+ 'dlpcrypt.sys' Local Privilege Escalation Vulnerability 8. Multiple Browsers Cached Certificate HTTP Site Spoofing Vulnerability 9. ClamAV Prior to 0.95.2 Multiple Scanner Bypass Vulnerabilities III. MICROSOFT FOCUS LIST SUMMARY IV. UNSUBSCRIBE INSTRUCTIONS V. SPONSOR INFORMATION I. FRONT AND CENTER --------------------- 1. Hacker-Tool Law Still Does Little By Mark Rasch On August 10, 2007, a new section of the German Penal code went into effect. The statute, intended to implement certain provisions of the Council of Europe Treaty on Cybercrime, could be interpreted to make the creation or distribution of computer security software a criminal offense. http://www.securityfocus.com/columnists/502 2. A Botnet by Any Other Name By Gubter Ollmann The news has been awash the last few weeks with fears over globe-spanning botnets and their criminal intent: Conficker managed to hog the limelight for well over a month, and then came Finjan's disclosure of a previously unknown - and currently unnamed - botnet consisting of some 1.9 million malicious agents. http://www.securityfocus.com/columnists/501 II. MICROSOFT VULNERABILITY SUMMARY ------------------------------------ 1. Motorola Timbuktu Pro 'PlughNTCommand' Named Pipe Remote Stack Buffer Overflow Vulnerability BugTraq ID: 35496 Remote: Yes Date Published: 2009-06-25 Relevant URL: http://www.securityfocus.com/bid/35496 Summary: Motorola Timbuktu Pro for Windows is prone to a remote stack-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Failed exploit attempts will result in denial-of-service conditions. Versions prior to Timbuktu Pro 8.6.7 for Windows are vulnerable. 2. Apple Safari 'file://' Protocol Handler Information Disclosure and Denial of Service Vulnerability BugTraq ID: 35482 Remote: Yes Date Published: 2009-06-23 Relevant URL: http://www.securityfocus.com/bid/35482 Summary: Apple Safari is prone to an information-disclosure and denial-of-service vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to access local files. On Microsoft Windows platforms, the attacker may launch rogue instances of Windows Explorer, which may affect the computer's overall stability, leading to a denial-of-service. This issue affects versions prior to Safari 4.0 running on Apple Mac OS X 10.5.6 and on Microsoft Windows XP and Vista. 3. Adobe Shockwave Player Director File Parsing Remote Code Execution Vulnerability BugTraq ID: 35469 Remote: Yes Date Published: 2009-06-23 Relevant URL: http://www.securityfocus.com/bid/35469 Summary: Adobe Shockwave Player is prone to a remote code-execution vulnerability caused by a memory-dereferencing error while parsing Adobe Director files. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts may cause a denial-of-service condition. Versions prior to Shockwave Player 11.5.0.600 for Microsoft Windows are vulnerable. 4. Microsoft Internet Explorer HTML Attribute JavaScript URI Security Bypass Vulnerability BugTraq ID: 35455 Remote: Yes Date Published: 2009-06-22 Relevant URL: http://www.securityfocus.com/bid/35455 Summary: Microsoft Internet Explorer is prone to a security-bypass vulnerability because it fails to properly enforce restrictions on script behavior. An attacker may exploit this issue to bypass restrictions on the execution of JavaScript code. This may aid in further attacks. 5. LibTIFF 'LZWDecodeCompat()' Remote Buffer Underflow Vulnerability BugTraq ID: 35451 Remote: Yes Date Published: 2009-06-21 Relevant URL: http://www.securityfocus.com/bid/35451 Summary: LibTIFF is prone to a remote buffer-underflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to execute arbitrary malicious code in the context of a user running an application that uses the affected library. Failed exploit attempts will likely crash the application. LibTIFF 3.8.2 is vulnerable; other versions may be affected as well. 6. Apple Safari 'parent/top' Cross Domain Scripting Vulnerability BugTraq ID: 35441 Remote: Yes Date Published: 2009-06-19 Relevant URL: http://www.securityfocus.com/bid/35441 Summary: Apple Safari is prone to a cross-domain scripting vulnerability. A remote attacker can exploit this vulnerability to bypass the same-origin policy and obtain potentially sensitive information or launch spoofing attacks against other sites. Other attacks are also possible. 7. DESlock+ 'dlpcrypt.sys' Local Privilege Escalation Vulnerability BugTraq ID: 35432 Remote: No Date Published: 2009-06-18 Relevant URL: http://www.securityfocus.com/bid/35432 Summary: DESlock+ is prone to a local privilege-escalation vulnerability. An attacker may exploit this issue to execute arbitrary code with elevated privileges, which may facilitate a complete compromise of the affected computer. DESlock+ 4.0.2 is vulnerable; other versions may also be affected. 8. Multiple Browsers Cached Certificate HTTP Site Spoofing Vulnerability BugTraq ID: 35411 Remote: Yes Date Published: 2009-06-17 Relevant URL: http://www.securityfocus.com/bid/35411 Summary: Multiple browsers are prone to a vulnerability that may allow attackers to spoof arbitrary HTTPS sites. Attackers may exploit this vulnerability via a malicious webpage to spoof the origin of an HTTPS site. Successful exploits will lead to a false sensitive security since the victim is visiting a site that is assumed to be legitimate. 9. ClamAV Prior to 0.95.2 Multiple Scanner Bypass Vulnerabilities BugTraq ID: 35410 Remote: Yes Date Published: 2009-06-17 Relevant URL: http://www.securityfocus.com/bid/35410 Summary: ClamAV is prone to multiple vulnerabilities because it fails to properly restrict certain files after scanning them. A successful attack may allow malicious users to bypass security restrictions placed on certain files. Exploits may aid in further attacks. Versions prior to ClamAv 0.95.2 are vulnerable. III. MICROSOFT FOCUS LIST SUMMARY --------------------------------- IV. UNSUBSCRIBE INSTRUCTIONS ----------------------------- To unsubscribe send an e-mail message to [email protected] from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website. If your email address has changed email [email protected] and ask to be manually removed. V. SPONSOR INFORMATION ------------------------ This issue is sponsored by VeriSign VeriSign EV SSL Certificates for your sites' security turn the address bar in high security browsers green which helps your customers know they are safe on your site. http://ad.doubleclick.net/clk;215510135;37701660;s
