Focus on Microsoft
SecurityFocus Microsoft Newsletter #401 Jul 04 2008 05:37PM
rkeith securityfocus com

SecurityFocus Microsoft Newsletter #401
----------------------------------------

This issue is sponsored by Black Hat USA:

Attend Black Hat USA, August 2-7 in Las Vegas, the world's premier
technical event for ICT security experts. Featuring 40 hands-on training
courses and 80 Briefings presentations with lots of new content and new
tools. Network with 4,000 delegates from 50 nations. Visit product
displays by 30 top sponsors in a relaxed setting.
www.blackhat.com

SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as
conveying topics of interest for our community. We are proud to offer
content from Matasano at this time and will be adding more in the coming
weeks.
http://www.securityfocus.com/blogs

------------------------------------------------------------------
I. FRONT AND CENTER
1.Firing Up Browser Security
2.Racing Against Reversers
II. MICROSOFT VULNERABILITY SUMMARY
1. Microsoft July 2008 Advance Notification Multiple Vulnerabilities
2. Wireshark 1.0.0 Multiple Vulnerabilities
3. Microsoft Dynamics GP Denial of Service and Multiple Remote
Buffer Overflow Vulnerabilities
4. Microsoft Internet Explorer Frame Location Cross Domain
Security Bypass Vulnerability
5. Cybozu Garoon Session Fixation and Cross Site Scripting
Vulnerabilities
6. Microsoft Internet Explorer 'location' & 'location.href' Cross
Domain Security Bypass Vulnerability
7. Mozilla Firefox Unspecified Arbitrary File Access Weakness
8. SunAge Multiple Denial of Service Vulnerabilities
9. World in Conflict NULL Pointer Remote Denial of Service
Vulnerability
III. MICROSOFT FOCUS LIST SUMMARY
1. SecurityFocus Microsoft Newsletter #400
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1.Firing Up Browser Security
By Federico Biancuzzi
Mozilla released its latest browser, Firefox 3.0, this week.
SecurityFocus contributor Federico Biancuzzi tracked down two key
members of Mozilla's security team, Window Snyder and Johnathan
Nightingale, to learn more about the security features included in this
major release.
http://www.securityfocus.com/columnists/475

2.Racing Against Reversers
By Federico Biancuzzi
Each time a new digital rights management (DRM) system is released,
hackers are not far behind in cracking it. Reverse engineers have taken
down the security protecting content encoded for Windows Media, iTunes,
DVDs, and HD-DVDs.
http://www.securityfocus.com/columnists/474

II. MICROSOFT VULNERABILITY SUMMARY
------------------------------------
1. Microsoft July 2008 Advance Notification Multiple Vulnerabilities
BugTraq ID: 30075
Remote: Yes
Date Published: 2008-07-03
Relevant URL: http://www.securityfocus.com/bid/30075
Summary:
Microsoft has released advance notification that the vendor will be
releasing four security bulletins on July 8, 2008. The highest severity
rating for these issues is 'Important'.

Successfully exploiting these issues may allow remote or local attackers
to compromise affected computers.

Individual records will be created to document the issues when the
bulletins are released.

2. Wireshark 1.0.0 Multiple Vulnerabilities
BugTraq ID: 30020
Remote: Yes
Date Published: 2008-06-30
Relevant URL: http://www.securityfocus.com/bid/30020
Summary:
Wireshark is prone to multiple vulnerabilities, including an
information-disclosure issue and denial-of-service issues.

Exploiting these issues may allow attackers to obtain potentially
sensitive information, cause crashes, and deny service to legitimate
users of the application. Attackers may be able to leverage some of
these vulnerabilities to execute arbitrary code, but this has not been
confirmed.

These issues affect Wireshark 0.9.5 up to and including 1.0.0.

3. Microsoft Dynamics GP Denial of Service and Multiple Remote Buffer
Overflow Vulnerabilities
BugTraq ID: 29991
Remote: Yes
Date Published: 2008-06-27
Relevant URL: http://www.securityfocus.com/bid/29991
Summary:
Microsoft Dynamics GP is prone to a denial-of-service vulnerability and
multiple buffer-overflow vulnerabilities. These issues affect the
Distributed Process Server (DPS) and the Distributed Process Manager (DPM).

Successfully exploiting these issues allows remote attackers to execute
arbitrary code in the context of the application. Attackers may also
crash the application, denying service to legitimate users.

Versions prior to Microsoft Dynamics GP 10.0 are vulnerable.

4. Microsoft Internet Explorer Frame Location Cross Domain Security
Bypass Vulnerability
BugTraq ID: 29986
Remote: Yes
Date Published: 2008-06-27
Relevant URL: http://www.securityfocus.com/bid/29986
Summary:
Microsoft Internet Explorer is prone to a cross-domain scripting
security-bypass vulnerability because the application fails to properly
enforce the same-origin policy.

An attacker can exploit this issue to change the location of a frame
from a different domain. This allows the attacker to execute arbitrary
code in a frame of the same window as content from a different domain.
Successful exploits will allow the attacker to access information from
the parent document via DOM components that are not domain-reliant (such
as the 'onmousedown' event).

Internet Explorer 6, 7, and 8 Beta 1 are vulnerable; other versions may
also be affected.

5. Cybozu Garoon Session Fixation and Cross Site Scripting Vulnerabilities
BugTraq ID: 29981
Remote: Yes
Date Published: 2008-06-27
Relevant URL: http://www.securityfocus.com/bid/29981
Summary:
Cybozu Garoon is prone to multiple vulnerabilities, including a
session-fixation vulnerability and a cross-site scripting vulnerability.

An attacker may leverage the session-fixation issue to hijack a session
of an unsuspecting user. The attacker may exploit the cross-site
scripting issue to execute arbitrary script code in the browser of an
unsuspecting user in the context of the affected site. This may allow
the attacker to steal cookie-based authentication credentials and to
launch other attacks.

Cybozu Garoon 2.1.3 and prior versions are vulnerable.

6. Microsoft Internet Explorer 'location' & 'location.href' Cross Domain
Security Bypass Vulnerability
BugTraq ID: 29960
Remote: Yes
Date Published: 2008-06-26
Relevant URL: http://www.securityfocus.com/bid/29960
Summary:
Microsoft Internet Explorer 6 is prone to a cross-domain scripting
security-bypass vulnerability because the application fails to properly
enforce the same-origin policy.

An attacker can exploit this issue execute arbitrary script code in
another browser window's security zone. This may allow attackers to
steal cookie-based authentication credentials and launch other attacks.

7. Mozilla Firefox Unspecified Arbitrary File Access Weakness
BugTraq ID: 29905
Remote: Yes
Date Published: 2008-06-23
Relevant URL: http://www.securityfocus.com/bid/29905
Summary:
Mozilla Firefox is prone to a weakness that may allow attackers to gain
access to arbitrary files.

Very little information is known about this issue. We will update this
BID as soon as more information emerges.

An attacker can exploit this issue in conjunction with the
'carpet-bombing' issue reported by Nitest Dhanjani to gain access to
arbitrary files on the affected computer. Successfully exploiting this
issue may lead to other attacks.

NOTE: This issue is related to the vulnerability discussed in BID 29445
(Apple Safari and Microsoft Windows Client-side Code Execution
Vulnerability).

8. SunAge Multiple Denial of Service Vulnerabilities
BugTraq ID: 29889
Remote: Yes
Date Published: 2008-06-23
Relevant URL: http://www.securityfocus.com/bid/29889
Summary:
SunAge is prone to multiple denial-of-service vulnerabilities.

Successfully exploiting these issues allows remote attackers to crash
affected game servers, denying service to legitimate users.

SunAge 1.08.1 is vulnerable; previous versions may also be affected.

9. World in Conflict NULL Pointer Remote Denial of Service Vulnerability
BugTraq ID: 29888
Remote: Yes
Date Published: 2008-06-23
Relevant URL: http://www.securityfocus.com/bid/29888
Summary:
World in Conflict is prone to a remote denial-of-service vulnerability
because the application fails to handle exceptional conditions.

An attacker could exploit this issue to crash the affected application,
denying service to legitimate users.

This issue affects World in Conflict 1.008; other versions may also be
affected.

III. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. SecurityFocus Microsoft Newsletter #400
http://www.securityfocus.com/archive/88/493739

IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to
ms-secnews-unsubscribe (at) securityfocus (dot) com [email concealed] from the subscribed address.
The contents of the subject or message body do not matter. You will
receive a confirmation request message to which you will have to answer.
Alternatively you can also visit
http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email listadmin (at) securityfocus (dot) com [email concealed] and
ask to be manually removed.

V. SPONSOR INFORMATION
------------------------
This issue is sponsored by Black Hat USA:

Attend Black Hat USA, August 2-7 in Las Vegas, the world's premier
technical event for ICT security experts. Featuring 40 hands-on training
courses and 80 Briefings presentations with lots of new content and new
tools. Network with 4,000 delegates from 50 nations. Visit product
displays by 30 top sponsors in a relaxed setting.
www.blackhat.com

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus