|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Marc Fossi (mfossi_at_securityfocus.com)
Date: Tue Jan 28 2003 - 09:56:26 CST
SecurityFocus Microsoft Newsletter #122
---------------------------------------
This newsletter is sponsored by: Black Hat (http://www.blackhat.com)
Spooked about Windows security? Find solutions instead. Plan now to
attend the Black Hat Briefings & Training Windows Security conference,
February 25-28 in Seattle, the world's premier technical event for Windows
and .Net security experts. This event is fully supported by Microsoft.
The Training on February 25-26 features 7 two-day courses on the hottest
subjects. The Briefings on February 27-28 features 30 of the top industry
speakers presenting topics in 6 tracks. Visit www.blackhat.com to see why
top security experts rave about the Black Hat Briefings.
-------------------------------------------------------------------------------
I. FRONT AND CENTER
1. The Turkey that Bites
2. The Canary in the Data Mine
3. SecurityFocus DPP Program
4. InfoSec World Conference and Expo/2003 (March 10-12,2003,Orlando,FL)
II. MICROSOFT VULNERABILITY SUMMARY
1. Blackboard Learning System search.pl SQL Injection Vulnerability
2. Microsoft Windows Locator Service Buffer Overflow Vulnerability
3. Microsoft Outlook 2002 V1 Exchange Server Security Certificate...
4. Nite Server FTPD File Disclosure Vulnerability
5. Sambar Server results.stm Cross Site Scripting Vulnerability
6. Apache Web Server MS-DOS Device Name Denial Of Service...
7. Rediff Bol URL Handling Denial Of Service Vulnerability
8. MyRoom save_item.php Arbitrary File Upload Vulnerability
9. GlobalScape CuteFTP LIST Response Buffer Overflow Vulnerability
10. CVS Directory Request Double Free Heap Corruption Vulnerability
11. Apache Web Server MS-DOS Device Name Arbitrary Code Execution...
12. Apache Web Server Illegal Character HTTP Request File...
13. Apache Web Server Default Script Mapping Bypass Vulnerability
14. Microsoft Content Management Server Cross-Site Scripting...
15. Evolvable Shambala FTP Server CWD Denial Of Service...
16. YABB SE Packages.PHP Remote File Include Vulnerability
17. WinRAR Archive File Extension Buffer Overrun Vulnerability
18. PHPOutsourcing Zorum Remote Include Command Execution...
19. Microsoft Windows MSGINA.DLL Read-Lock Denial Of Service...
20. YaBB SE News.PHP Remote File Include Vulnerability
III. MICROSOFT FOCUS LIST SUMMARY
1. Attacking EFS through cached domain logon credentials (Thread)
2. At.exe Service Account - scripted or registry? (Thread)
3. Win2k log management (Thread)
4. AD replication over WAN (Thread)
5. Securing IIS/5 with ASP (Thread)
6. w2k server compromised (Thread)
7. Bypass Traverse Checking? (Thread)
8. Stopping Admin Alert SPAM (Thread)
9. Fw: Bypass Traverse Checking? (Thread)
10. SecurityFocus Microsoft Newsletter #121 (Thread)
11. Has this been exploited in a known virus yet? (Thread)
IV. NEW PRODUCTS FOR MICROSOFT PLATFORMS
1. MXtreme Mail Firewall
2. Contactless Smart Card Reader
3. ActivCard Gold
V. NEW TOOLS FOR MICROSOFT PLATFORMS
1. ABC CHAOS v2.1
2. DSCMD - DataSAFE Command Line Encryptor v2.0
3. FileHasher v1.0
VI. SPONSOR INFORMATION
I. FRONT AND CENTER
-------------------
1. The Turkey that Bites
By Jon Lasser
With last week's RIAA worm hoax, the scallywags at Gobbles raised security
advisories to subversive performance art.
http://online.securityfocus.com/columnists/137
2. The Canary in the Data Mine
By Mark Rasch
At the turn of the century just past, mining companies would use a
brightly colored bird in the mine shaft to protect the lives of citizens.
These canaries were more sensitive to the foul, noxious and deadly but
invisible vapors that would otherwise threaten the lives of the mine shaft
workers. When the canaries died, the miners would know an invisible threat
existed.
http://online.securityfocus.com/columnists/136
3. SecurityFocus DPP Program
Attention Universities!! Sign-up now for preferred pricing on the only
global early-warning system for cyber attacks - SecurityFocus DeepSight
Threat Management System.
Click here for more information:
http://www.securityfocus.com/corporate/products/dpsection.shtml
4. InfoSec World Conference and Expo/2003 (March 10-12, 2003, Orlando, FL)
Optional Workshops March 8, 9, 12, 13, & 14 Vendor Expo March 10 & 11
Solutions to today’s security concerns; hands-on experts; blockbuster
vendor expo; the CISO Executive Summit; invaluable networking
opportunities. InfoSec World has it all!
Go to: http://www.misti.com/10/os03nl37inf.html
II. BUGTRAQ SUMMARY
-------------------
1. Blackboard Learning System search.pl SQL Injection Vulnerability
BugTraq ID: 6655
Remote: Yes
Date Published: Jan 21 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/6655
Summary:
Blackboard Learning system is a suite of software products available for
Microsoft Windows, Linux and Solaris servers that power an "e-Education
Infrastructure" for education providers.
Blackboard Learning System, in some cases, does not sufficiently sanitize
user-supplied input which is used when constructing SQL queries. As a
result, attackers may supply malicious parameters to manipulate the
structure and logic of SQL queries. This may result in unauthorized
operations being performed on the underlying database.
This vulnerability was reported to exist in the search.pl script file (the
address book search feature). A remote attacker can exploit this
vulnerability to brute-force user accounts. It may also be possible to
conduct other attacks, such as executing stored procedures and exploiting
vulnerabilities in the database server.
This vulnerability was reported for Blackboard Learning System 5.5.1,level
1 and 2. Previous releases may also be affected.
2. Microsoft Windows Locator Service Buffer Overflow Vulnerability
BugTraq ID: 6666
Remote: Yes
Date Published: Jan 22 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/6666
Summary:
It has been reported that the Microsoft Windows Locator service is
affected by a remotely exploitable buffer overflow vulnerability. The
condition is due to a memory copy of RPC arguments received from remote
clients into a local buffer.
An attacker can exploit this vulnerability by constructing a remote
procedure call that invokes Locator service with malformed parameters.
When the Locator service receives this request, the malicious arguments
will trigger the overflow condition.
This vulnerability may be exploited by remote attackers to execute custom
instructions on the target domain controller. It is also possible to
crash the service with a malicious request. It should be noted that, to
exploit this vulnerability, no authentication is required. Additionally,
the Locator service is enabled by default on all Windows 2000 and Windows
NT Domain Controllers (DC).
3. Microsoft Outlook 2002 V1 Exchange Server Security Certificate Information Leakage Vulnerability
BugTraq ID: 6667
Remote: Yes
Date Published: Jan 22 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/6667
Summary:
Microsoft Outlook 2002 is a e-mail, calendaring, and scheduling
application for Microsoft Windows.
Microsoft Outlook 2002 supports various types of certificates to
facilitate transport of encrypted e-mail via public key cryptography.
One type of certificate supported by Microsoft Outlook 2002 is V1 Exchange
Server Security certificates, which may be used in combination with a
Microsoft Exchange server.
There is a flaw in the Microsoft Outlook 2002 implementation of message
encryption using V1 Exchange Server Security certificates. When
configured to use this method, Outlook 2002 fails to correctly encrypt
messages. As a result, messages are transferred in plaintext, visible to
network eavesdroppers. Furthermore, the user may assume that the message
was successfully encrypted.
A remote adversary may potentially take advantage of this issue if they
are in a position to intercept user mail or eavesdrop on network traffic
between the client host sending the mail and hosts receiving or processing
the mail.
This issue is reported to occur when Outlook 2002 is used to send HTML
e-mail using the certificate.
It should also be noted that the implementation of digital signatures
using V1 Exchange Server Security is not affected.
4. Nite Server FTPD File Disclosure Vulnerability
BugTraq ID: 6648
Remote: Yes
Date Published: Jan 20 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/6648
Summary:
Nite Server is a FTP server for Microsoft Windows platforms.
Nite Server is prone to a file disclosure vulnerability. User-supplied
input is not sufficiently filtered from FTP commands. As a result, it is
possible for remote FTP users to break out of the FTP root directory by
issuing a 'cd' (change directory) request containing directory traversal
sequences.
Any system files which are readable by the FTP server may potentially be
disclosed to a malicious FTP user who exploits this vulnerability. The
FTP server will typically run with SYSTEM privileges on Windows.
This issue was reported in Nite Server 1.83. Earlier versions may also be
affected.
5. Sambar Server results.stm Cross Site Scripting Vulnerability
BugTraq ID: 6643
Remote: Yes
Date Published: Jan 20 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/6643
Summary:
Sambar Server is a multi-threaded web server which will run on Microsoft
Windows 9x/ME/NT/2000 operating systems.
Sambar Server does not adequately filter some HTML code thus making it
prone to cross-site scripting attacks. It is possible for a remote
attacker to create a malicious link containing script code which will be
executed in the browser of a legitimate user.
An attacker can exploit this vulnerability by manipulating URI parameters
in the results.stm page to include malicious HTML code. Any
attacker-supplied code will be executed within the context of the website
running Sambar Server.
This issue may be exploited to steal cookie-based authentication
credentials from legitimate users of the website running the vulnerable
software. The attacker may hijack the session of the legitimate by using
cookie-based authentication credentials.
This vulnerability was reported for Sambar Server 5.3 and earlier.
6. Apache Web Server MS-DOS Device Name Denial Of Service Vulnerability
BugTraq ID: 6662
Remote: Yes
Date Published: Jan 22 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/6662
Summary:
Apache is a freely available Web server for Unix and Linux variants, as
well as Microsoft operating systems.
A vulnerability has been reported in Apache Web server for Microsoft
Windows 9x/Me operating environments. The vulnerability exists in the way
some HTTP requests are handled by the Apache Web server. Specifically,
HTTP requests that involve MS-DOS device names may cause the Apache Web
server to crash.
An attacker can exploit this vulnerability by sending a malformed HTTP GET
request to the Apache server using a reserved MS-DOS device name such as
'aux'. When the server receives this request it will crash.
This vulnerability exists for Apache versions prior to 2.0.44 for
Microsoft Windows 9x/Me operating environments.
7. Rediff Bol URL Handling Denial Of Service Vulnerability
BugTraq ID: 6670
Remote: Yes
Date Published: Jan 23 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/6670
Summary:
Bol is a freely available chat client available from Rediff. It is
available for Microsoft Windows operating systems.
A problem could make it possible for remote user to deny service to
legitimate users of the chat client.
It has been reported that a problem in Rediff Bol may allow remote users
to log other users out of the Bol chat client. Due to improper handling
of some types of requests, a remote user could send an URL request to the
client in the form of a rbol: command that would cause the client log out.
Under ordinary circumstances, the chat client should not react input from
untrusted users. This problem could make it possible for a remote user to
launch a continuous denial of service against a user of the vulnerable
client.
8. MyRoom save_item.php Arbitrary File Upload Vulnerability
BugTraq ID: 6644
Remote: Yes
Date Published: Jan 20 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/6644
Summary:
MyRoom is an online item management system implemented in PHP. It is
available for a variety of platforms including Linux variant operating
systems and Microsoft Windows.
A problem with MyRoom may make it possible for remote attackers to upload
files to a vulnerable system.
Due to inadequate security checks performed by some PHP scripts, an
attacker is able to upload arbitrary files to the system. The
room/save_item.php script has been reported to be vulnerable to this
issue.
Specifically, the script only checks to see whether the file to be
uploaded is an image file. As such, any file that includes the allowed
extensions may be uploaded. Any uploaded files will be stored in the
'img/photo' folder.
Given the ability to upload arbitrary files to the host, an attacker can
exploit this vulnerability to upload malicious applications to the
vulnerable system or use the system for the storage of files.
This vulnerability was reported for MyRoom 3.5 GOLD.
9. GlobalScape CuteFTP LIST Response Buffer Overflow Vulnerability
BugTraq ID: 6642
Remote: Yes
Date Published: Jan 18 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/6642
Summary:
CuteFTP is a commercially available FTP client distributed by GlobalScape.
It is available for the Microsoft Windows platform.
A buffer overflow condition has been reported for the CuteFTP application.
The vulnerability is due to insufficient bounds checking performed on
certain FTP command responses. Specifically, CuteFTP does not adequately
check the responses to a LIST command.
An attacker can exploit this vulnerability by enticing a victim user to
connect to an attacker-controlled FTP server. When the victim user sends a
LIST command, the attacker-controlled server will respond with an overly
long response, consisting of greater then 256 characters, to the
vulnerable client. This will trigger the buffer overflow condition and
will cause CuteFTP to behave unpredictably.
Exploitation may result in the execution of malicious attacker-supplied
code with the privileges of the CuteFTP client.
This vulnerability was reported for CuteFTP 5.0 build 50.6.10.2.
10. CVS Directory Request Double Free Heap Corruption Vulnerability
BugTraq ID: 6650
Remote: Yes
Date Published: Jan 20 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/6650
Summary:
CVS is the concurrent versioning system. CVS is a freely available, open
source software development package for the Unix, Linux, and Microsoft
Windows platforms.
CVS is prone to a double free vulnerability in Directory requests.
Malformed Directory requests may potentially cause dynamically allocated
memory to be de-allocated twice, using the free() function.
An attacker may potentially take advantage of this issue to cause heap
memory to be corrupted with attacker-supplied values, which may result in
execution of arbitrary code in the security context of the CVS server.
11. Apache Web Server MS-DOS Device Name Arbitrary Code Execution Vulnerability
BugTraq ID: 6659
Remote: Yes
Date Published: Jan 22 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/6659
Summary:
Apache is a freely available Web server for Unix and Linux variants, as
well as Microsoft operating systems.
A vulnerability has been reported in Apache Web server for Microsoft
Windows 9x/Me operating environments. The vulnerability exists in the way
some HTTP requests are handled by the Apache Web server. Specifically, the
issue exists due to the way some CGI input is redirected when the
ScriptAlias directive is enabled.
The ScriptAlias directive is used to map between URLs and paths residing
outside of the DocumentRoot. This directive also enables the target
directory as containing only CGI scripts.
An attacker can exploit this vulnerability by making a malformed HTTP POST
request to 'con.xxx' in a directory enabled with ScriptAlias. When this
malformed POST data is sent to a CGI, it may result in any malicious code
to be executed by the requested CGI.
This vulnerability exists for Apache versions prior to 2.0.44 for
Microsoft Windows 9x/Me operating environments.
12. Apache Web Server Illegal Character HTTP Request File Disclosure Vulnerability
BugTraq ID: 6660
Remote: Yes
Date Published: Jan 22 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/6660
Summary:
Apache is a freely available Web server for Unix and Linux variants, as
well as Microsoft operating systems.
A vulnerability has been reported in Apache Web server for Microsoft
Windows operating environments. The vulnerability exists in the way some
HTTP requests are handled by the Apache Server. Any HTTP requests that end
in some illegal characters will cause the server to disclose the contents
of certain files to a remote attacker.
It has been reported that an HTTP request that ends in the '>' character
will cause the Apache Web server to serve certain files to the remote
attacker. Any information obtained in this manner may be used by the
attacker to launch further attacks against a vulnerable system.
This vulnerability exists for Apache versions prior to 2.0.44 for
Microsoft Windows operating environments.
13. Apache Web Server Default Script Mapping Bypass Vulnerability
BugTraq ID: 6661
Remote: Yes
Date Published: Jan 22 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/6661
Summary:
Apache is a freely available Web server for Unix and Linux variants, as
well as Microsoft operating systems.
A vulnerability has been reported in the Apache Web browser that may
result in the server bypassing existing default mappings when serving
files.
The vulnerability exists when making requests for files in directories
with extensions. The vulnerability may cause the Web server to incorrectly
parse the requested file.
An attacker may be able to make a request for
www.target.com/folder.php/test. The request for the file test should be
served as a text file but due to some flaws in the mapping algorithm, the
file 'test' will be interpreted as a PHP script.
This may have unintended consequences on users and the system.
This vulnerability was reported to affect Apache versions prior to 2.0.44.
14. Microsoft Content Management Server Cross-Site Scripting Vulnerability
BugTraq ID: 6668
Remote: Yes
Date Published: Jan 22 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/6668
Summary:
Microsoft Content Management Server (MCMS) 2001 is an Enterprise Server
product used for developing and managing E-Commerce web sites. MCMS
contains pre-defined ASP web pages which are used to update web sites.
A vulnerability has been discovered in one of the pre-defined ASP pages
included in MCMS. Due to insufficient sanitization of user-supplied data
by the ASP page, MCMS may be prone to cross-site scripting attacks. The
issue occurs when constructing a response page which relies on various
user-supplied values.
By constructing a malicious link an attacker may be able to trick an
unsuspecting user into triggering this vulnerability. This could be used
to steal a user's private information, such as cookie-based authentication
credentials. Other attacks are also possible.
** This issue may be the same vulnerability described in BID 5922. If
this turns out to be the case, this BID will be retired and the previous
BID will be updated accordingly.
15. Evolvable Shambala FTP Server CWD Denial Of Service Vulnerability
BugTraq ID: 6653
Remote: Yes
Date Published: Jan 18 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/6653
Summary:
Shambala Server is a FTP, Web, and Chat server targeted for the Small
Office/Home Office user. It has been designed for use with Microsoft
Windows operating sytems.
A denial of service vulnerability has been reported in the Shambala FTP
server.
Shambala reportedly crashes when a FTP user executes a 'CWD' (change
working directory) command, specifying the root (/) directory.
Successful exploitation will result in a denial of service. The service
will need to be restarted to regain normal functionality.
This vulnerability was reported to affect Shambala Server version 4.5.
Earlier versions may also be affected.
16. YABB SE Packages.PHP Remote File Include Vulnerability
BugTraq ID: 6663
Remote: Yes
Date Published: Jan 22 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/6663
Summary:
YaBB SE is a freely available, open source port of Yet Another Bulletin
Board (YaBB). It is available for a number of platforms include Unix,
Linux, and Microsoft Windows operating systems.
YaBB SE allows remote users to influence the location of an external
script ('Packer.php') that is included by the 'Packages.php'. A remote
attacker may exploit this condition to cause an external,
attacker-supplied file to be included by YaBB SE. If the attacker
includes malicious PHP code, then it may be executed.
This may allow a remote attacker to execute arbitrary commands in the
context of the webserver.
17. WinRAR Archive File Extension Buffer Overrun Vulnerability
BugTraq ID: 6664
Remote: No
Date Published: Jan 22 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/6664
Summary:
WinRAR is a compression utility capable of reading and writing files using
several different archival formats. It is available for the Microsoft
Windows Operating system.
A vulnerability has been discovered in WinRAR. The problem occurs when
displaying an archive in the ListView Control window. If a file in the
archive contains a file extension of 256 bytes or more, a buffer in WinRAR
will be overrun. This may allow an attacker to construct a malicious
WinRAR archive designed to overwrite sensitive values in memory.
It has been reported that it is possible for an attacker to exploit this
issue to run arbitrary instructions. Commands executed in this manner
would be run with the privileges of the vulnerable program.
18. PHPOutsourcing Zorum Remote Include Command Execution Vulnerability
BugTraq ID: 6669
Remote: Yes
Date Published: Jan 22 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/6669
Summary:
Zorum is a freely available, open source PHP forum. It is available for
UNIX, Linux, and Microsoft operating systems.
A problem could make it possible for remote users to execute arbitrary
commands.
It has been reported that Zorum may allow remote users to influence to
location of PHP includes. Because of this, it is possible for a remote
user to include an external arbitrary PHP script containing commands that
may be carried out on the vulnerable host.
This problem could allow a remote attacker to execute arbitrary code with
the privileges of the web server process. This could result the attacker
gaining local access, and potentially elevated privileges.
19. Microsoft Windows MSGINA.DLL Read-Lock Denial Of Service Vulnerability
BugTraq ID: 6672
Remote: No
Date Published: Jan 23 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/6672
Summary:
It has been reported that Microsoft Windows 2000 Terminal Servers and XP
Pro are prone to a denial of service due to a problem with 'MSGINA.DLL'.
This condition may be triggered by users who can successfully login to the
server via RDP or ICA.
'MSGINA.dll' is the vendor-supplied Graphical Identification and
Authentication dynamic-link library. 'MSGINA.DLL' is loaded by the
WinLogon executable and helps to facilitate graphical client sessions.
If a malicious user causes a read-lock to be placed on
'%SYSTEMROOT%\SYSTEM32\MSGINA.DLL', the next user to log in will be
prompted with a dialog stating that 'MSGINA.DLL' failed to load and will
be given the opportunity to restart the system.
An attacker may trigger this condition by opening the dynamic-link library
with an external application, such as a hex editor.
20. YaBB SE News.PHP Remote File Include Vulnerability
BugTraq ID: 6674
Remote: Yes
Date Published: Jan 24 2003 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/6674
Summary:
YaBB SE is a freely available, open source port of Yet Another Bulletin
Board (YaBB). It is available for a number of platforms include Unix,
Linux, and Microsoft Windows operating systems.
A vulnerability has been discovered in YaBB SE. Due to insufficient
sanitization of some user-supplied variables by the 'News.php' script, it
is possible for a remote attacker to include a malicious PHP file in a
URL.
An attacker may exploit this by supplying a path to a maliciously created
file, located on an attacker-controlled host as a value for the
'$template' parameter.
If the remote file is a malicious PHP script, this may allow for execution
of attacker-supplied PHP code with the privileges of the webserver.
Successful exploitation may provide local access to the attacker.
This vulnerability was reported for YaBB SE 1.5.1 and earlier.
III. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. Attacking EFS through cached domain logon credentials (Thread)
Relevant URL:
http://online.securityfocus.com/archive/88/308274
2. At.exe Service Account - scripted or registry? (Thread)
Relevant URL:
http://online.securityfocus.com/archive/88/308265
3. Win2k log management (Thread)
Relevant URL:
http://online.securityfocus.com/archive/88/308271
4. AD replication over WAN (Thread)
Relevant URL:
http://online.securityfocus.com/archive/88/308262
5. Securing IIS/5 with ASP (Thread)
Relevant URL:
http://online.securityfocus.com/archive/88/308267
6. w2k server compromised (Thread)
Relevant URL:
http://online.securityfocus.com/archive/88/308273
7. Bypass Traverse Checking? (Thread)
Relevant URL:
http://online.securityfocus.com/archive/88/308260
8. Stopping Admin Alert SPAM (Thread)
Relevant URL:
http://online.securityfocus.com/archive/88/308139
9. Fw: Bypass Traverse Checking? (Thread)
Relevant URL:
http://online.securityfocus.com/archive/88/308127
10. SecurityFocus Microsoft Newsletter #121 (Thread)
Relevant URL:
http://online.securityfocus.com/archive/88/308129
11. Has this been exploited in a known virus yet? (Thread)
Relevant URL:
http://online.securityfocus.com/archive/88/308124
IV. NEW PRODUCTS FOR MICROSOFT PLATFORMS
----------------------------------------
1. MXtreme Mail Firewall
by BorderWare Technologies
Platforms: N/A
Relevant URL:
http://www.mxtreme.com/
Summary:
MXtreme is designed to support the highest throughputs. With its
integrated hardened OS and optimized mail servers, MXtreme minimizes the
latency usually associated with intense security processing. Three models
are available: MX-200 - for small enterprises, mini 1U format, Pentium 4
performance and Fast Ethernet. MX-400 -for medium sized enterprises and
organizations, 1U format, ATA RAID and GB Ethernet. MX-800 -for
high-volume sites, 2U format, RAID 0 + 1, redundant power-supplies, GB
Ethernet.
2. Contactless Smart Card Reader
by HID Corporation
Platforms: N/A
Relevant URL:
http://www.hidcorp.com/products/smart/mifare_reader.html
Summary:
HID's affordable SmartCard access control readers utilize MIFARE®
technology to read 13.56 MHz contactless proximity cards, as well as smart
cards.
3. ActivCard Gold
by ActivCard
Platforms: , Windows 2000, Windows 95/98, Windows NT
Relevant URL:
http://www.activcard.com/activ/products/end_user/activ_card_gold/index.html
Summary:
ActivCard Gold is a smart card-based authentication and managed digital
identity solution that operates on multi-vendor platforms. ActivCard Gold
software works with leading card operating systems, applications,
certificate authorities, and network environments-giving organizations the
flexibility to make price/performance choices. Cardholders and
administrators benefit from the optimal combination of security,
usability, and manageability.
V. NEW TOOLS FOR MICROSOFT PLATFORMS
-------------------------------------
1. ABC CHAOS v2.1
by Investment Resources Group
Relevant URL:
http://www.safechaos.com/abc.htm
Platforms: Windows 2000, Windows 95/98, Windows CE, Windows NT, Windows XP
Summary:
Easily encrypt files into your personal data archive. You can be confident
that the data is safely secured. The additional special protection
completely excludes an opportunity of selection of the password to the
encrypted information at use of the generator of the passwords and keys.
2. DSCMD - DataSAFE Command Line Encryptor v2.0
by Regnoc Software
Relevant URL:
http://www.regnoc.com
Platforms: Linux, Windows 2000, Windows 95/98, Windows NT, Windows XP
Summary:
DSCMD allows you to encrypt source files for secure storage, transmission
via the Internet, and e-mail attachments. Only someone who knows the
eight-character locking combination can recover the contents of the
encrypted file. DSCMD is completely command-line driven, and simple to
integrate into your programs and scripts on both Windows NT and Linux
servers.
3. FileHasher v1.0
by Arne Vidstrom
Relevant URL:
http://www.ntsecurity.nu/toolbox/filehasher/
Platforms: Windows 2000, Windows 95/98, Windows NT, Windows XP
Summary:
FileHasher calculates the MD5 or SHA hash for a file.
VI. SPONSOR INFORMATION
-----------------------
This newsletter is sponsored by: Black Hat (http://www.blackhat.com)
Spooked about Windows security? Find solutions instead. Plan now to
attend the Black Hat Briefings & Training Windows Security conference,
February 25-28 in Seattle, the world's premier technical event for Windows
and .Net security experts. This event is fully supported by Microsoft.
The Training on February 25-26 features 7 two-day courses on the hottest
subjects. The Briefings on February 27-28 features 30 of the top industry
speakers presenting topics in 6 tracks. Visit www.blackhat.com to see why
top security experts rave about the Black Hat Briefings.
-------------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]