Focus on Microsoft
SecurityFocus Microsoft Newsletter #393 May 07 2008 07:44PM
Rob Keith (rkeith securityfocus com)
SecurityFocus Microsoft Newsletter #393

----------------------------------------

This issue is sponsored by Verisign

Provide the best in SSL technology on your site - VeriSign Extended Validation (EV) and Server-Gated Cryptography (SGC) SSL Certificates. When your site has EV and SGC it allows your customers to have confidence that they are safe and you will know their information is secure. Learn how to provide the latest advancements in SSL to your site visitors with the free white
paper.
http://clk.atdmt.com/SFI/go/scrtysrv1170000034sfi/direct/01/

SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as conveying topics of interest for our community. We are proud to offer content from Matasano at this time and will be adding more in the coming weeks.
http://www.securityfocus.com/blogs

------------------------------------------------------------------
I. FRONT AND CENTER
1.Just Who's Being Exploited?
2.On the Border
II. MICROSOFT VULNERABILITY SUMMARY
1. Nortel Multimedia PC Client Remote Packet Flood Denial of Service Vulnerability
2. Castle Rock Computing SNMPc Community String Stack Based Buffer Overflow Vulnerability
3. Acritum Femitter Server 'RETR' Command Remote Denial of Service Vulnerability
4. VicFTPS 'LIST' Command Remote Denial of Service Vulnerability
5. Apple QuickTime Unspecified Remote Code Execution Vulnerability
6. E-Post MailServer Remote Information Disclosure Vulnerability
7. Rising Antivirus SSDT 'NtOpenProcess()' Hook Local Denial of Service Vulnerability
8. Comodo Firewall Pro SSDT Hooks Multiple Local Vulnerabilities
9. BitDefender Antivirus 2008 Hooked SSDT Denial of Service Vulnerability
III. MICROSOFT FOCUS LIST SUMMARY
1. Binding Windows Services to Specific Addresses Only
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1.Just Who's Being Exploited?
By Jamie Reid
Last month's revelation that Tipping Point paid out a prize of $10,000 and a new laptop (MSRP: about $2000) at the CanSecWest conference, for the privilege of being the exclusive licensor of a heretofore unpublished vulnerability in Apple's Safari web browser to researcher, Charles Miller of Independent Security Evaluators, may lend some credence to this adage.
http://www.securityfocus.com/columnists/470

2.On the Border
By Mark Rasch
Recently, I was going through an airport with my shoes, coat, jacket, and belt off as well as with my carry-on bag, briefcase, and laptop all separated for easy inspection. I was heading through security at the Washington D.C., Ronald Reagan National Airport in Arlington, Virginia, or "National" as we locals call it. As I passed through the new magnetometer which gently puffed air all over my body -- which to me seems to be a cross between a glaucoma test and Marilyn Monroe in Gentlemen Prefer Blondes -- a TSA employee absent-mindedly asked if he could "inspect" my laptop computer. While the inspection was cursory, the situation immediately gave me pause: What was in my laptop anyway?
http://www.securityfocus.com/columnists/469

II. MICROSOFT VULNERABILITY SUMMARY
------------------------------------
1. Nortel Multimedia PC Client Remote Packet Flood Denial of Service Vulnerability
BugTraq ID: 28994
Remote: Yes
Date Published: 2008-04-30
Relevant URL: http://www.securityfocus.com/bid/28994
Summary:
Nortel Multimedia PC Client is prone to a remote denial-of-service vulnerability because it fails to properly handle unexpected network traffic.

Successful attacks can crash the application, denying service to legitimate users. Given the nature of this issue, remote code execution may also be possible, but this has not been confirmed.

2. Castle Rock Computing SNMPc Community String Stack Based Buffer Overflow Vulnerability
BugTraq ID: 28990
Remote: Yes
Date Published: 2008-04-30
Relevant URL: http://www.securityfocus.com/bid/28990
Summary:
Castle Rock Computing SNMPc is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.

Attackers can leverage this issue to execute arbitrary code in the context of the application, which typically runs with LocalSystem privileges. Successful exploits will compromise affected computers. Failed attacks will likely cause denial-of-service conditions.

Versions prior to SNMPc 7.1.1 are vulnerable.

3. Acritum Femitter Server 'RETR' Command Remote Denial of Service Vulnerability
BugTraq ID: 28973
Remote: Yes
Date Published: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/28973
Summary:
Acritum Femitter Server is prone to a remote denial-of-service vulnerability because the application fails to handle exceptional conditions.

Successfully exploiting this issue would cause the affected application to crash, denying service to legitimate users.

Femitter Server 1.03 is vulnerable; other versions may also be affected.

4. VicFTPS 'LIST' Command Remote Denial of Service Vulnerability
BugTraq ID: 28967
Remote: Yes
Date Published: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/28967
Summary:
VicFTPS is prone to a remote denial-of-service vulnerability because the application fails to handle exceptional conditions.

Successfully exploiting this issue would cause the affected application to crash, denying service to legitimate users.

5. Apple QuickTime Unspecified Remote Code Execution Vulnerability
BugTraq ID: 28959
Remote: Yes
Date Published: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/28959
Summary:
Apple QuickTime is prone to an unspecified remote code-execution vulnerability.

Very few technical details are currently available. We will update this BID as more information emerges.

Successful exploits can allow remote attackers to execute arbitrary code in the context of the user running the application. This may facilitate a compromise of affected computers.

This issue affects QuickTime 7.4 for Microsoft Windows XP and Vista; other versions may also be affected.

6. E-Post MailServer Remote Information Disclosure Vulnerability
BugTraq ID: 28951
Remote: Yes
Date Published: 2008-04-27
Relevant URL: http://www.securityfocus.com/bid/28951
Summary:
E-Post MailServer is prone to a remote information-disclosure vulnerability.

Exploiting this issue can allow remote attackers to obtain the POP3 password of any known user from the POP3 service without having to log on. For an exploit to succeed, the attacker must know the POP3 account name (email address) of the victim.

The issue affects E-Post Mail Server 4.10 with EPSTPOP3S.EXE 4.22; other versions may also be affected.

7. Rising Antivirus SSDT 'NtOpenProcess()' Hook Local Denial of Service Vulnerability
BugTraq ID: 28744
Remote: No
Date Published: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/28744
Summary:
Rising Antivirus is prone to a local denial-of-service vulnerability.

Exploiting this vulnerability allows local attackers to crash affected computers, denying service to legitimate users.

Rising Antivirus 19.60.0.0 and 19.66.0.0 are vulnerable; other versions may also be affected.

8. Comodo Firewall Pro SSDT Hooks Multiple Local Vulnerabilities
BugTraq ID: 28742
Remote: No
Date Published: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/28742
Summary:
Comodo Firewall Pro is prone to multiple local vulnerabilities.

Exploiting these vulnerabilities allows local attackers to crash affected computers, denying service to legitimate users. Attackers might also be able to gain elevated privileges by executing arbitrary machine code in the context of the kernel, but this has not been confirmed.

Comodo Firewall Pro 2.4.18.184 is vulnerable; other versions may also be affected.

9. BitDefender Antivirus 2008 Hooked SSDT Denial of Service Vulnerability
BugTraq ID: 28741
Remote: No
Date Published: 2008-04-28
Relevant URL: http://www.securityfocus.com/bid/28741
Summary:
BitDefender Antivirus 2008 is prone to a local denial-of-service vulnerability because it fails to adequately bounds-check user-supplied data.

Exploiting this vulnerability allows local attackers to crash affected computers, denying service to legitimate users. Attackers might also be able to gain elevated privileges by executing arbitrary machine code in the context of the kernel, but this has not been confirmed.

BitDefender Antivirus 2008 Build 11.0.11 is vulnerable; other versions may also be affected.

III. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. Binding Windows Services to Specific Addresses Only
http://www.securityfocus.com/archive/88/491595

IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to ms-secnews-unsubscribe (at) securityfocus (dot) com [email concealed] from the subscribed address. The contents of the subject or message body do not matter. You will receive a confirmation request message to which you will have to answer. Alternatively you can also visit http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email listadmin (at) securityfocus (dot) com [email concealed] and ask to be manually removed.

V. SPONSOR INFORMATION
------------------------
This issue is sponsored by Verisign

Provide the best in SSL technology on your site - VeriSign Extended Validation (EV) and Server-Gated Cryptography (SGC) SSL Certificates. When your site has EV and SGC it allows your customers to have confidence that they are safe and you will know their information is secure. Learn how to provide the latest advancements in SSL to your site visitors with the free white
paper.
http://clk.atdmt.com/SFI/go/scrtysrv1170000034sfi/direct/01/

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus