Focus on Microsoft
SecurityFocus Microsoft Newsletter #405 Jul 31 2008 08:40PM
Rob Keith (rkeith securityfocus com)
SecurityFocus Microsoft Newsletter #405
----------------------------------------

This issue is sponsored by Black Hat USA:

Attend Black Hat USA, August 2-7 in Las Vegas, the world's premier
technical event for ICT security experts. Featuring 40 hands-on training
courses and 80 Briefings presentations with lots of new content and new
tools. Network with 4,000 delegates from 50 nations. Visit product
displays by 30 top sponsors in a relaxed setting.
www.blackhat.com

SECURITY BLOGS
SecurityFocus has selected a few syndicated sources that stand out as
conveying topics of interest for our community. We are proud to offer
content from Matasano at this time and will be adding more in the coming
weeks.
http://www.securityfocus.com/blogs

------------------------------------------------------------------
I. FRONT AND CENTER
1.An Astonishing Collaboration
2.Bad-Code Blues
II. MICROSOFT VULNERABILITY SUMMARY
1. F-PROT Antivirus Archive Parsing Denial of Service Vulnerability
2. Citrix Presentation Server 'icabar.exe' Local Privilege
Escalation Vulnerability
3. BlazeVideo HDTV Player PLF File Stack Buffer Overflow
Vulnerability
4. AVG Anti-Virus UPX File Parsing Denial of Service Vulnerability
5. Cygwin 'setup.exe' Installation and Update Process Mirror
Authenticity Verification Vulnerability
6. Moodle 'etitle' Parameter HTML Injection Vulnerability
7. PowerDVD '.m3u' and '.pls' File Multiple Buffer Overflow
Vulnerabilities
III. MICROSOFT FOCUS LIST SUMMARY
IV. UNSUBSCRIBE INSTRUCTIONS
V. SPONSOR INFORMATION

I. FRONT AND CENTER
---------------------
1.An Astonishing Collaboration
By Dan Kaminsky
Wow. It's out. It's finally, finally out. Sweet!
http://www.securityfocus.com/columnists/477

2.Bad-Code Blues
By Don Parker
The current state of secure software development by corporations both
large and small is a mess. We are still cursed with half-baked software,
and as a result, a never ending stream of vulnerabilities. Secure coding
practices and active quality assurance (QA) efforts are now more
mainstream, but that still hasn.t made much of a dent.
http://www.securityfocus.com/columnists/476

II. MICROSOFT VULNERABILITY SUMMARY
------------------------------------
1. F-PROT Antivirus Archive Parsing Denial of Service Vulnerability
BugTraq ID: 30461
Remote: Yes
Date Published: 2008-07-31
Relevant URL: http://www.securityfocus.com/bid/30461
Summary:
F-PROT Antivirus is prone to a denial-of-service vulnerability.

Exploiting this issue may allow attackers to deny service to legitimate
users of the application.

F-PROT Antivirus 6.2.1.4252 is vulnerable; other versions may also be
affected.

2. Citrix Presentation Server 'icabar.exe' Local Privilege Escalation
Vulnerability
BugTraq ID: 30446
Remote: No
Date Published: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/30446
Summary:
Citrix Presentation Server (formerly Citrix MetaFrame Server) is prone
to a privilege-escalation vulnerability caused by a flaw in how
'icabar.exe' is invoked via a 'Run' registry key.

Attackers can leverage this issue to execute arbitrary code with
administrator privileges. Successful exploits will completely compromise
affected computers.

The following products are vulnerable when running on Windows NT,
Windows 2000, and Windows 2003:

Citrix MetaFrame Presentation Server 3.0 and prior
Citrix MetaFrame XP 1.0 and prior

3. BlazeVideo HDTV Player PLF File Stack Buffer Overflow Vulnerability
BugTraq ID: 30442
Remote: Yes
Date Published: 2008-07-30
Relevant URL: http://www.securityfocus.com/bid/30442
Summary:
BlazeVideo HDTV Player is prone to a stack-based buffer-overflow
vulnerability because the application fails to handle malformed playlist
files.

An attacker can exploit this issue to execute arbitrary code within the
context of the application or to trigger a denial-of-service condition.

BlazeVideo HDTV Player 3.5 is vulnerable; other versions may also be
affected.

4. AVG Anti-Virus UPX File Parsing Denial of Service Vulnerability
BugTraq ID: 30417
Remote: Yes
Date Published: 2008-07-28
Relevant URL: http://www.securityfocus.com/bid/30417
Summary:
AVG Anti-Virus is prone to a denial-of-service vulnerability.

Exploiting this issue may allow attackers to crash AVG Anti-Virus and
deny service to legitimate users of the application.

Versions prior to AVG Anti-Virus 8.0.156 are vulnerable.

5. Cygwin 'setup.exe' Installation and Update Process Mirror
Authenticity Verification Vulnerability
BugTraq ID: 30375
Remote: Yes
Date Published: 2008-07-25
Relevant URL: http://www.securityfocus.com/bid/30375
Summary:
Cygwin 'setup.exe' is prone to a vulnerability caused by inadequate
verification of mirror authenticity.

Attackers who can impersonate a Cygwin download mirror (by exploiting a
DNS cache-poisoning, session-hijacking, or some other vulnerability)
could perform a man-in-the-middle attack and leverage this issue to
cause the application to retrieve and install malicious packages.

Versions prior to Cygwin 'setup.exe' 2.573.2.3 are vulnerable.

6. Moodle 'etitle' Parameter HTML Injection Vulnerability
BugTraq ID: 30348
Remote: Yes
Date Published: 2008-07-22
Relevant URL: http://www.securityfocus.com/bid/30348
Summary:
Moodle is prone to an HTML-injection vulnerability because the
application fails to properly sanitize user-supplied input before using
it in dynamically generated content.

Attacker-supplied HTML and script code would run in the context of the
affected browser, potentially allowing the attacker to steal
cookie-based authentication credentials or to control how the site is
rendered to the user. Other attacks are also possible.

7. PowerDVD '.m3u' and '.pls' File Multiple Buffer Overflow Vulnerabilities
BugTraq ID: 30341
Remote: Yes
Date Published: 2008-07-22
Relevant URL: http://www.securityfocus.com/bid/30341
Summary:
PowerDVD is prone to multiple buffer-overflow vulnerabilities because it
fails to perform adequate boundary checks on user-supplied input.

Successfully exploiting these issues may allow remote attackers to
execute arbitrary code in the context of the application. Failed
exploit attempts will cause denial-of-service conditions.

PowerDVD 8.0 is vulnerable; prior versions may also be affected.

III. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
IV. UNSUBSCRIBE INSTRUCTIONS
-----------------------------
To unsubscribe send an e-mail message to
ms-secnews-unsubscribe (at) securityfocus (dot) com [email concealed] from the subscribed address.
The contents of the subject or message body do not matter. You will
receive a confirmation request message to which you will have to answer.
Alternatively you can also visit
http://www.securityfocus.com/newsletters and unsubscribe via the website.

If your email address has changed email listadmin (at) securityfocus (dot) com [email concealed] and
ask to be manually removed.

V. SPONSOR INFORMATION
------------------------
This issue is sponsored by Black Hat USA:

Attend Black Hat USA, August 2-7 in Las Vegas, the world's premier
technical event for ICT security experts. Featuring 40 hands-on training
courses and 80 Briefings presentations with lots of new content and new
tools. Network with 4,000 delegates from 50 nations. Visit product
displays by 30 top sponsors in a relaxed setting.
www.blackhat.com

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus