SecurityFocus

RE: [LSD] Critical security vulnerability in Microsoft Operating Systems 2003-07-18
Russ (Russ Cooper rc on ca)

----
o ncacn_http : if active, listening on TCP port 593.

Finally, if ncacn_http is active, and COM Internet Services is
installed and enabled, which is NOT the default in any configuration
I'm aware of, then you can also talk to the endpoint mapper over port
80. Just to be clear, I think this i

[ more ] [ reply ]

Buffer overflow in MSN Messenger 6.0 2003-07-19
Bahaa Naamneh (b_naamneh hotmail com)

########################################################################
##

Application: MSN Messenger 6.0

http://www.msnmessenger-download.com/Preview/

Affected Versions: MSN Messenger 6.0 biuld 6.0.0501 and prior

Bug: Buffer overflow in msnmsgr.exe

(In

[ more ] [ reply ]

New information regarding CERT Advisory CA-2003-15 2003-07-17
CERT Advisory (cert-advisory cert org)

-----BEGIN PGP SIGNED MESSAGE-----

Cisco Systems has posted an update to their recent Cisco Security
Advisory, which was referenced in CERT Advisory CA-2003-15. This
update includes more specific technical details and new information
about more specific Access Control Lists (ACLs) that can be used

[ more ] [ reply ]

Re: Microsoft ISA Server HTTP error handler XSS (TL#007) 2003-07-17
http-equiv (at) excite (dot) com [email concealed] (1 malware com)

This is very interesting. A side 'benefit' is that we can mask our
true url with the same scheme.

For an href in html in order to mask the true destination the <a
href="....>bloatedcorp.com</a>,

[ more ] [ reply ]

Fw: SC Signature and HPING Signature 2003-07-18
james (hackerwacker tarpit cybermesa com)

From NANOG, again. Dumps of current exploit are below. I posted dumps to Snort lists
and expect a specific Snort sig shortly.

James Edwards
Routing and Security Administrator
jamesh (at) cybermesa (dot) com [email concealed]
At the Santa Fe Office: Internet at Cyber Mesa

----- Original Message -----
: From: "Jason

[ more ] [ reply ]

Cisco IOS vulnerability detection tool by Foundstone 2003-07-18
Matt Ploessel (matt ploessel foundstone com)

To assist in detecting and mitigating the IOS vulnerability released
today publicly by Cisco, Foundstone has released a free scanning tool to
aid in identifying vulnerable Cisco devices. Devices detected by SNScan
will have their IOS and feature-set information displayed in a easy to
manage layout.

[ more ] [ reply ]

RAV Antivirus : Buffer Overflow in Online Scanning ActiveX 2003-07-18
Tri Huynh (trihuynh zeeup com)

RAV Online Scanning ActiveX Buffer Overflow
=================================================

PROGRAM: RAV ONLINE SCANNING ACTIVEX
HOMEPAGE: www.ravantivirus.com
VULNERABLE VERSIONS: Online Version Only

DESCRIPTION
=================================================

RAV Online Scanning is a free

[ more ] [ reply ]

TSLSA-2003-0027 - nfs-utils 2003-07-18
Trustix Secure Linux Advisor (tsl trustix com)

CERT Advisory CA-2003-17 Exploit available for for the Cisco IOS Interface 2003-07-18
CERT Advisory (cert-advisory cert org)

Witango & Tango 2000 Application Server Remote System Buffer Overrun 2003-07-18
Next Generation Insight Security Reseach Team (mark ngssoftware com)

NGSSoftware Insight Security Research Advisory

Name: WiTango Application Server & Tango 2000
Systems Affected: Windows
Severity: Critical Risk
Category: Remote System Buffer Overrun
Vendor URL: http://www.wit

[ more ] [ reply ]

Cisco Security Advisory: Cisco IOS Interface Blocked by IPv4 Packet 2003-07-17
Cisco Systems Product Security Incident Response Team (psirt cisco com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Security Advisory: Cisco IOS Interface Blocked by IPv4 Packet

Revision 1.3
============

Last Updated 2003 July 17 at 23:00 UTC (GMT)

For Public Release 2003 July 17 at 6:10 UTC (GMT)
=================

- ----------------------------------------

[ more ] [ reply ]

Bypassing ServerLock protection on Windows 2000 2003-07-17
Jan Rutkowski (jkrutkowski elka pw edu pl)

Bypassing ServerLock protection on
Windows 2000

Jan K. Rutkowski
<jkrutkowski (at) elka.pw.edu (dot) pl [email concealed]>

1. Background

ServerLock for Windows 2000 is product of Watch Guard company. The
purpose of this tool is to protect integrity of the operating system
by ensuring that nobody c

[ more ] [ reply ]

Re: ZH2003-3SA (security advisory): Storefront sql injection: users info disclosure 2003-07-17
Bob LaGarde (b lagarde lagarde com)

In-Reply-To: <20030712135646.21901.qmail (at) www.securityfocus (dot) com [email concealed]>

This posting is completely false. Furthermore, the assertation in the
report that the vendor was notified is also false.

StoreFront 6.0 is a .NET application and contains no file named

login.asp. The previous version, StoreFront 5

[ more ] [ reply ]

FW: Windows Update - Unsafe ActiveX control (fwd) 2003-07-17
Dave Ahmad (da securityfocus com) (1 replies)

---------- Forwarded message ----------
Date: Thu, 17 Jul 2003 XX:XX:XX
To: Dave Ahmad <da (at) securityfocus (dot) com [email concealed]>
Subject: FW: Windows Update - Unsafe ActiveX control

Hi,

I would prefer not to reply to this post directly, but if possible can
you please mention the following (anonymously):

----------

[ more ] [ reply ]

Re: FW: Windows Update - Unsafe ActiveX control (fwd) 2003-07-18
Cesar (cesarc56 yahoo com)

Administrivia: Summer vacation/bounce troll 2003-07-17
Dave Ahmad (da securityfocus com)

This is a troll for out-of-office autoreplies, bounces, list
unsubscription acknowledgements, list rejection replies, support ticket
generation notices and other irritating junk-mail responses that are
triggered by Bugtraq posts.

David Mirza Ahmad
Symantec

0x26005712
8D 9A B1 33 82 3D B3 D0 40 EB

[ more ] [ reply ]

RE: Windows Update - Unsafe ActiveX control 2003-07-17
Jackson, Chris (CJackson bridgecom com) (1 replies)

> "An ActiveX control on this page is not safe. Your current security
settings
> prohibit running unsafe controls on this page. As a result, this page may
> not display as intended."
> So Microsoft expects me download critical patches using an unsafe ActiveX
> control??

Safe for Scripting indicates

[ more ] [ reply ]

RE: Windows Update - Unsafe ActiveX control 2003-07-17
Drew Copley (dcopley eeye com)

Multiple Vulnerabilities in Name Service Daemon (nsd) on IRIX 2003-07-16
SGI Security Coordinator (agent99 sgi com)

ZH2003-11SA (security advisory): Elite News Ver. 1.0.0.0-1.0.0.3 Beta 2003-07-16
Jim Pangalos (dpangalos linuxmail org)

Published: 16/07/2003

Released: 16/07/2003

Name: Elite News

Affected System(s): All versions

Severity: High

Platform(s): Windows and Unix

Issue: Security holes enable attackers to take administrative control

Original Advisory: http://www.zone-h.org/en/advisories/read/id=271

[ more ] [ reply ]

SRT2003-07-16-0358 - bru has buffer overflow and format issues 2003-07-16
KF (dotslash snosoft com) (1 replies)

[ more ] [ reply ]

Re: SRT2003-07-16-0358 - bru has buffer overflow and format issues 2003-07-18
Knud Erik Højgaard (kain ircop dk)

Windows Update - Unsafe ActiveX control 2003-07-17
Siddhartha Jain(IT) (SiddharthaJ bankmuscat com)

Hello,

I just tried to download the latest Microsoft security update by using the
Windows update utility in Internet Explorer. However, I could not do so
because I had disabled all ActiveX controls in the security settings (after
reading a terrifying paper on ActiveX security).

After this I enabl

[ more ] [ reply ]

Cisco Security Advisory: Cisco IOS Interface Blocked by IPv4 Packet 2003-07-17
Cisco Systems Product Security Incident Response Team (psirt cisco com)