|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Security Threat Watch 060
From: Security Threat Watch (NetworkComputing
update.networkcomputing.com)
Date: Mon Dec 20 2004 - 16:18:14 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Security Threat Watch
Number 060
Monday, December 20, 2004
Created for you by Network Computing & Neohapsis
--- Security News ----------------------------------------------
Seasons Greetings from the Network Computing Security Threat Watch Team!
We wish to extend our sincerest wishes for a very happy holiday season
to all of you and your families.
Please note that we'll be taking a short holiday break. Look for the
next edition of Network Computing's Security Threat Watch on Monday,
January 3, 2005. Happy Holidays!
This week's issue contains 64 items spanning multiple categories.
Critical vulnerabilities include a local Windows kernel vulnerability
that allows privilege elevation, multiple vulnerabilities in PHP and a
remote overflow in Samba. Many other local denial of service
vulnerabilities are reported for Linux and various BSD flavors.
A professor at the University of Illinois recently required students in
his security class to find security vulnerabilities in Unix software.
This exercise resulted in the posting of 44 new vulnerabilities last
week. Most of the vulnerabilities concern non-standard third-party
utility software applications. The STW team reviewed the list of new
vulnerabilities, and we have reported the significant items in this
issue. We will work to report the remaining items in the January 3,
2005, issue of STW. In the meantime, if you wish, you can review the
list at:
http://archives.neohapsis.com/archives/bugtraq/2004-12/0195.html
Until next issue,
- The Neohapsis Security Threat Watch Team
--- Security Pipeline -----------------------------------------------------
Mozilla Fights Microsoft On Browser, E-Mail
Mozilla's open-source Firefox browser is a hit, challenging the Internet
Explorer monopoly. A new e-mail client promises to turn up the heat.
http://nwc.securitypipeline.com/55301275
Subscribe to the free weekly Security Pipeline newsletter for the latest
news, reviews and in-depth how-tos on protecting your network against
spam, phishing, spyware, hackers and other Fearsome Beestes.
http://securitypipeline.com/newsletter.jhtml
--- Advertisement -----------------------------------------------------
Join InformationWeek for a FREE, live TechWebCast on
Enterprise Mobility: Strategies for Developing a Wireless
Workforce. Learn security steps, including monitoring,
authentication, deployment policies and their enforcement
that you can take to preempt problems with wireless access.
Wed., Jan. 12, 2005 - 11:00-12:00 AM PT / 2:00-3:00 PM ET
--- New Vulnerabilities -----------------------------------------------
Below is a list of new vulnerabilities announced this week.
Vulnerabilities considered to be 'critical' involve highly-deployed
software, or carry a high-risk of system compromise. Note that
vulnerabilities not highlighted may still be of critical severity
to your environment.
**** Highlighted critical vulnerabilities ****
Windows: Kernel and LSASS local privilege elevation (MS04-044/885835)
PHP 4.x, 5.x: multiple local vulnerabilities, possible unserialize
remote vulnerability
Samba 3.0.9: remote integer overflow
**** Newly announced vulnerabilities this week ****
____Windows____
Cisco Unity: Microsoft Exchange integration default accounts/passwords
http://archives.neohapsis.com/archives/cisco/2004-q4/0007.html
Computer Associates eTrust EZ Antivirus: insecure local file permissions
http://archives.neohapsis.com/archives/bugtraq/2004-12/0190.html
Gadu-Gadu: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2004-12/0114.html
http://archives.neohapsis.com/archives/bugtraq/2004-12/0218.html
GamePort 4.0: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2004-12/0223.html
Internet Explorer: DHTML edit control allows XSS
http://archives.neohapsis.com/archives/bugtraq/2004-12/0167.html
Kerio software: insecure password storage and local ACLs
http://archives.neohapsis.com/archives/vulnwatch/2004-q4/0035.html
http://archives.neohapsis.com/archives/vulnwatch/2004-q4/0036.html
Microsoft WINS: remote code execution (MS04-045/870763)
http://archives.neohapsis.com/archives/ntbugtraq/2004-q4/0148.html
Opera 7.54: download dialog file type spoofing
http://archives.neohapsis.com/archives/vulnwatch/2004-q4/0031.html
Symantec LiveUpdate: local privilege elevation
http://archives.neohapsis.com/archives/bugtraq/2004-12/0126.html
http://archives.neohapsis.com/archives/bugtraq/2004-12/0129.html
http://archives.neohapsis.com/archives/bugtraq/2004-12/0150.html
Winamp 5.07: mp4 file tag remote DoS
http://archives.neohapsis.com/archives/bugtraq/2004-12/0120.html
Windows HyperTerminal: .ht session file local overflow (MS04-043/873339)
http://archives.neohapsis.com/archives/ntbugtraq/2004-q4/0146.html
Windows Media Player 9: local file existence disclosure, XSS
http://archives.neohapsis.com/archives/bugtraq/2004-12/0240.html
Windows NT: DHCP service remote overflow and DoS (MS04-042/885249)
http://archives.neohapsis.com/archives/ntbugtraq/2004-q4/0145.html
Windows WordPad: multiple vulnerabilities (MS04-041/885836)
http://archives.neohapsis.com/archives/ntbugtraq/2004-q4/0144.html
http://archives.neohapsis.com/archives/bugtraq/2004-12/0153.html
Windows: Kernel and LSASS local privilege elevation (MS04-044/885835)
http://archives.neohapsis.com/archives/ntbugtraq/2004-q4/0147.html
____Linux____
Linux kernel 2.4.28: multiple IGMP vulnerabilities
http://archives.neohapsis.com/archives/vulnwatch/2004-q4/0037.html
Linux kernel 2.4.28: scm_send local DoS
http://archives.neohapsis.com/archives/vulnwatch/2004-q4/0038.html
Linux kernel 2.6.10-rc2: kernel_read() potential overflows
http://archives.neohapsis.com/archives/bugtraq/2004-12/0214.html
Opera 7.54: kfmclient potential remote command execution
http://archives.neohapsis.com/archives/bugtraq/2004-12/0119.html
____BSD____
NetBSD kernel: compatibility code syscall argument local vulnerabilities
http://archives.neohapsis.com/archives/netbsd/2004-q4/0100.html
http://archives.neohapsis.com/archives/bugtraq/2004-12/0229.html
OpenBSD: kernel IPSec socket local DoS
http://archives.neohapsis.com/archives/openbsd/2004-12/1096.html
____Netware____
NetWare: debugger allows screensaver authentication bypass
http://archives.neohapsis.com/archives/vulnwatch/2004-q4/0032.html
____MacOS____
Roxio Toast: TDIXSupport local overflow
http://archives.neohapsis.com/archives/bugtraq/2004-12/0141.html
____Network Devices____
Asante FM2008 switch: hard-coded login account
http://archives.neohapsis.com/archives/bugtraq/2004-12/0157.html
Cisco Guard and Traffic Anomaly Detector 3.0: default account/password
http://archives.neohapsis.com/archives/cisco/2004-q4/0008.html
RICOH Aficio 450/455 PCL 5e printer: remote ICMP DoS
http://archives.neohapsis.com/archives/bugtraq/2004-12/0140.html
____CGI____
ASP-rider: verify.asp SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2004-12/0151.html
Ashiyane.com ASP Calendar: admin authentication bypass
http://archives.neohapsis.com/archives/bugtraq/2004-12/0137.html
CVSTrac: XSS
http://archives.neohapsis.com/archives/bugtraq/2004-12/0231.html
GNUBoard 3.39: PHP remote file include code execution
http://archives.neohapsis.com/archives/bugtraq/2004-12/0169.html
Ikonboard 3.1.x: SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2004-12/0192.html
Iwebnegar: SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2004-12/0175.html
JSBoard 2.0.8: file upload remote code execution
http://archives.neohapsis.com/archives/bugtraq/2004-12/0189.html
Kayako eSupport 2.x: SQL tampering, XSS
http://archives.neohapsis.com/archives/bugtraq/2004-12/0238.html
MediaWiki 1.3.8: file upload remote code execution
http://archives.neohapsis.com/archives/bugtraq/2004-12/0193.html
MoniWiki 1.0.9.2: file upload remote code execution
http://archives.neohapsis.com/archives/bugtraq/2004-12/0177.html
PHProjekt 4.2-r1: setup.php remote reconfiguration
http://archives.neohapsis.com/archives/bugtraq/2004-12/0125.html
Singapore Image Gallery 0.9.10: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2004-12/0211.html
Slash: unspecified vulnerability
http://archives.neohapsis.com/archives/bugtraq/2004-12/0170.html
SugarSales 2.0.1c: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2004-12/0112.html
UseModWiki 1.0: XSS
http://archives.neohapsis.com/archives/bugtraq/2004-12/0142.html
Wordpress 1.2.1: XSS
http://archives.neohapsis.com/archives/bugtraq/2004-12/0194.html
phpBB 1.4.4: XSS
http://archives.neohapsis.com/archives/bugtraq/2004-12/0178.html
phpBB 2.3.10: remote file reading
http://archives.neohapsis.com/archives/vulnwatch/2004-q4/0034.html
phpBB Attachment Mod 2.3.10: file upload remote code execution
http://archives.neohapsis.com/archives/bugtraq/2004-12/0191.html
phpGroupWare 0.9.16.003: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2004-12/0155.html
phpMyAdmin 2.6.1: multiple vulnerabilities
http://archives.neohapsis.com/archives/vulnwatch/2004-q4/0033.html
____Cross-Platform____
3Com 3cdaemon TFTP server 2.0r10: large request remote DoS
http://archives.neohapsis.com/archives/bugtraq/2004-12/0162.html
Adobe Acrobat Reader 5.0.9: mailListIsPdf() overflow
http://archives.neohapsis.com/archives/bugtraq/2004-12/0134.html
Adobe Acrobat Reader 6.0.2: malicious .ETD file overflow
http://archives.neohapsis.com/archives/bugtraq/2004-12/0147.html
CUPS 1.1.22: hpgltops ParseCommand overflow
http://archives.neohapsis.com/archives/bugtraq/2004-12/0195.html
Citadel/UX 6.27: logging remote format string vulnerability
http://archives.neohapsis.com/archives/bugtraq/2004-12/0113.html
Crypt::ECB Perl module: improper data set encryption
http://archives.neohapsis.com/archives/bugtraq/2004-12/0235.html
KDE Konqueror 3.3.2: Web window injection vulnerability
http://archives.neohapsis.com/archives/bugtraq/2004-12/0117.html
MPlayer: multiple remote vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2004-12/0200.html
http://archives.neohapsis.com/archives/bugtraq/2004-12/0203.html
http://archives.neohapsis.com/archives/bugtraq/2004-12/0205.html
Mtr 0.65: local overflow
http://archives.neohapsis.com/archives/bugtraq/2004-12/0110.html
PHP 4.x, 5.x: multiple local vulnerabilities, possible unserialize
remote vulnerability
http://archives.neohapsis.com/archives/bugtraq/2004-12/0173.html
http://archives.neohapsis.com/archives/bugtraq/2004-12/0196.html
Samba 3.0.9: remote integer overflow
http://archives.neohapsis.com/archives/bugtraq/2004-12/0188.html
http://archives.neohapsis.com/archives/bugtraq/2004-12/0198.html
UML-utilities 20030903: uml_net slip_down() permission check failure
http://archives.neohapsis.com/archives/bugtraq/2004-12/0195.html
Veritas BackupExec agent: registration packet remote overflow
http://archives.neohapsis.com/archives/vulnwatch/2004-q4/0042.html
http://archives.neohapsis.com/archives/bugtraq/2004-12/0199.html
Vim/gVim: modeline options mutliple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2004-12/0172.html
file: malicious ELF headers local overflow
http://archives.neohapsis.com/archives/bugtraq/2004-12/0123.html
nfs-utils: multiple remote vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2004-12/0146.html
xzgv: PRF file local integer overflow
http://archives.neohapsis.com/archives/bugtraq/2004-12/0118.html
--- Patches and Updates -----------------------------------------------
The following contains a list of vendor patches and updates released
this week.
____Linux____
Debian > DSA 608-1: zgv
http://archives.neohapsis.com/archives/vendor/2004-q4/0084.html
Debian > DSA 609-1: atari800
http://archives.neohapsis.com/archives/vendor/2004-q4/0085.html
Debian > DSA 610-1: cscope
http://archives.neohapsis.com/archives/vendor/2004-q4/0087.html
Mandrake > MDKSA-2004:148: iproute2
http://archives.neohapsis.com/archives/linux/mandrake/2004-q4/0117.html
Mandrake > MDKSA-2004:149: postgresql
http://archives.neohapsis.com/archives/linux/mandrake/2004-q4/0120.html
Mandrake > MDKSA-2004:150: Updated kdelibs and kdebase
http://archives.neohapsis.com/archives/linux/mandrake/2004-q4/0122.html
Mandrake > MDKSA-2004:151: PHP
http://archives.neohapsis.com/archives/linux/mandrake/2004-q4/0131.html
--- Advertisement -----------------------------------------------------
Join InformationWeek for a FREE, live TechWebCast on
Enterprise Mobility: Strategies for Developing a Wireless
Workforce. Learn security steps, including monitoring,
authentication, deployment policies and their enforcement
that you can take to preempt problems with wireless access.
Wed., Jan. 12, 2005 - 11:00-12:00 AM PT / 2:00-3:00 PM ET
--- Sign Off ----------------------------------------------------------
If this e-mail was passed to you, and you would like to begin receiving
our free security e-mail newsletter on a weekly basis, we invite you to
subscribe today by forwarding this message to [subscribe_stwupdate.networkcomputing.com].
Or you can subscribe directly here:
http://www.networkcomputing.com/go/stw.jhtml
To manage all aspects of your subscription and newsletter account,
simply use the URL below. You'll need your e-mail address and
password to log in. If you don't have your password, you can generate
a new one using the same URL. Once logged in, you can change your
e-mail address and password as well as select specific platforms for
which you'd like to receive information on patches and vulnerabilities.
If you have any questions regarding this system, please don't hesitate
to e-mail us at stwnwc.com.
http://stwpref.update.networkcomputing.com/CMP/NWC/prefctr.asp
Put Us On Your White List
Don't let an over-eager e-mail filter bounce the Network Computing
Security Threat Watch newsletter! Our address:
NetworkComputingupdate.networkcomputing.com
needs to be in your address book or on your anti-spam white list. Ask your
admin or ISP how to do this, or check your anti-spam utility documentation.
Important subscription contacts:
CMP Media LLC
600 Community Drive
Manhasset, NY 11030
Missed an issue? You can find all back issues of Security Threat Watch
(as well as Security Alert Consensus and Security Express) online.
http://archives.neohapsis.com/
Note: To better serve you we use dynamic URLs within our advertisments,
which allow us to see how many readers click on a given ad. We do not
share this information, or your personal information, with any outside
party. Concerned about the privacy of your information relative to these
tracking URLs? Please refer to our privacy policy.
http://www.doubleclick.net/us/corporate/privacy
We'd like to know what you think about the newsletter and what
information you'd like to see in future editions. E-mail your comments
to (stwnwc.com).
To unsubscribe from this newsletter, forward this message to
[unsubscribe_stwupdate.networkcomputing.com].
Copyright (c) 2004 Network Computing, a CMP Media LLC publication. All
Rights Reserved. Distributed by Network Computing
(http://www.networkcomputing.com). Powered by Neohapsis Inc., a
Chicago-based security assessment and integration services consulting
group (infoneohapsis.com | http://www.neohapsis.com/).
This message powered by DARTmail
http://www.doubleclick.net/us/corporate/privacy
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]