|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Security Threat Watch 131
From: Security Threat Watch Newsletter (NetworkComputing
update.networkcomputing.com)
Date: Mon May 15 2006 - 13:00:58 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Security Threat Watch
Number 131
Monday, May 15, 2006
Created for you by Network Computing & Neohapsis
This week's security publications brought up an often-overlooked vector
of attack: computer games. Following the release of a vulnerability in
the Quake 3 engine, several games on multiple platforms were in need of
updates to patch the threat of remote-system compromise. Although
security for computer-gaming systems is not always considered as
critical as that of business systems, there exists a considerable risk
for massive damage from game-propagated worms that could exploit
vulnerabilities such as the one disclosed in the Quake 3 engine. The
potential for damage is particularly high for businesses with
remote/SOHO employees who VPN-in from home or on the road to work. If
employees multi-purpose machines become compromised during game-play, it
may provide the opportunity for attackers to pivot into the corporate
network.
Also among this week's released vulnerabilities: Microsoft's Exchange
Server and Adobe's Macromedia Flash Player. Microsoft listed both
vulnerabilities as critical because, if successfully exploited, they
allow remote code execution. An interesting aspect is that Microsoft
advised on and issued a patch for a vulnerability in an Adobe product.
Should Microsoft, of all companies, be handling the vulnerabilities and
patches of another company's product? Maybe this is a good thing,
considering Microsoft's solid investment in ample bandwidth and machines
hosting its online update system. It will be interesting to see if
cross-company patching, by Microsoft in particular, becomes a trend.
Until next issue,
- The Neohapsis Security Threat Watch Team
--- Advertisement
-----------------------------------------------------
This issue sponsored by EC-Council's CEH Certification.
Certified Ethical Hacker is the most practical security
certification you can give your staff. Hire a Certified Ethical
Hacker, or send your staff to earn the certification. For a free
copy of "The 7 Habits of a Highly Malicious Hacker" visit:
--- TechCareers: The Job Hunt And Age Discrimination
-----------------------------------------------
By Rusty DAversa, TechCareers.com
Fighting discrimination is all about proving your value to the hiring
manager, says a career expert.
http://www.techcareers.com/content/article.asp?articleid=185303267
--- Advertisement
-----------------------------------------------------
NWC Podcasts
Listen to Network Computing's editors talk about today's most pressing
enterprise challenges with some of the IT industry's leading experts.
Tune in as we cover topics including security, collaboration,
convergence and more.
http://www.networkcomputing.com/podcasts
--- New Vulnerabilities
-----------------------------------------------
Below is a list of new vulnerabilities announced this week.
Vulnerabilities considered to be 'critical' involve highly-deployed
software, or carry a high-risk of system compromise. Note that
vulnerabilities not highlighted may still be of critical severity
to your environment.
**** Highlighted critical vulnerabilities ****
Macromedia Flash: remote code execution (MS06-020/913433)
Microsoft Exchange: remote code execution (MS06-019/916803)
**** Newly announced vulnerabilities this week ****
____Windows____
Anti-Trojan 5.5.421: remote overflow
http://archives.neohapsis.com/archives/bugtraq/2006-05/0146.html
Cisco ACS 3.x: password disclosure
http://archives.neohapsis.com/archives/cisco/2006-q2/0009.html
ICQ Client 5.04b2321: XSS
http://archives.neohapsis.com/archives/bugtraq/2006-05/0161.html
Intel wireless drivers: information disclosure
http://archives.neohapsis.com/archives/bugtraq/2006-05/0116.html
Ipswitch WhatsUp: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2006-05/0221.html
Kerio WinRoute 6.x: remote DoS
http://archives.neohapsis.com/archives/bugtraq/2006-05/0204.html
Macromedia Flash: remote code execution (MS06-020/913433)
http://archives.neohapsis.com/archives/microsoft/2006-q2/0004.html
Microsoft DTC: remote DoS (MS06-018/913580)
http://archives.neohapsis.com/archives/microsoft/2006-q2/0004.html
http://archives.neohapsis.com/archives/bugtraq/2006-05/0166.html
http://archives.neohapsis.com/archives/bugtraq/2006-05/0167.html
http://archives.neohapsis.com/archives/bugtraq/2006-05/0217.html
Microsoft Exchange: remote code execution (MS06-019/916803)
http://archives.neohapsis.com/archives/microsoft/2006-q2/0004.html
Microsoft Infotech Storage System CHM decoding: local overflow
http://archives.neohapsis.com/archives/bugtraq/2006-05/0171.html
Microsoft NTDLL: path conversion vulnerability
http://archives.neohapsis.com/archives/bugtraq/2006-05/0203.html
TZipBuilder 1.79.03.01: local overflow
http://archives.neohapsis.com/archives/bugtraq/2006-05/0145.html
UltimateZip 3.1b: local overflow
http://archives.neohapsis.com/archives/bugtraq/2006-05/0216.html
VeriSign I-Nav: remote program execution
http://archives.neohapsis.com/archives/bugtraq/2006-05/0205.html
Where Is It 3.73.501: local overflow
http://archives.neohapsis.com/archives/bugtraq/2006-05/0158.html
____Linux____
DIA 0.94: format string vulnerability
http://archives.neohapsis.com/archives/vuln-dev/2006-q2/0052.html
Dovecot IMAP 1.0b: information disclosure
http://archives.neohapsis.com/archives/bugtraq/2006-05/0245.html
____Mac OS____
Apple OS X 10.3.9, 10.4.6: multiple vulnerabilities
http://archives.neohapsis.com/archives/cc/2006-q2/0006.html
____Network Devices____
Cisco AVS 5.0: TCP relay vulnerability
http://archives.neohapsis.com/archives/vulnwatch/2006-q2/0025.html
Cisco Websense 5.5.2: content filter bypass
http://archives.neohapsis.com/archives/cisco/2006-q2/0008.html
http://archives.neohapsis.com/archives/bugtraq/2006-05/0149.html
PAP2-VN 2.0.10: information disclosure
http://archives.neohapsis.com/archives/bugtraq/2006-05/0218.html
Symantec Enterprise Firewall 8.0: information disclosure
http://archives.neohapsis.com/archives/bugtraq/2006-05/0244.html
____CGI____
Claroline e-Learning 1.7.5: PHP file inclusion
http://archives.neohapsis.com/archives/bugtraq/2006-05/0137.html
DMCounter 0.9.2-b: PHP file inclusion
http://archives.neohapsis.com/archives/bugtraq/2006-05/0181.html
Dokeos 1.6.4: PHP file inclusion
http://archives.neohapsis.com/archives/bugtraq/2006-05/0135.html
DuGallery 2.x: SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2006-05/0165.html
DuGallery 2.x: remote file upload
http://archives.neohapsis.com/archives/bugtraq/2006-05/0250.html
Foing 0.7.0: PHP file inclusion
http://archives.neohapsis.com/archives/bugtraq/2006-05/0228.html
Gphotos 1.5: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2006-05/0263.html
IdealBB 1.5.4a: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2006-05/0136.html
MyBB 1.1.1: SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2006-05/0129.html
OpenEngine 1.8b2: PHP file inclusion
http://archives.neohapsis.com/archives/bugtraq/2006-05/0128.html
OzzyWork: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2006-05/0162.html
http://archives.neohapsis.com/archives/bugtraq/2006-05/0176.html
PHP Live Helper: XSS
http://archives.neohapsis.com/archives/bugtraq/2006-05/0249.html
PHPFusion 6.00.306: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2006-05/0152.html
Phil's Bookmark: auth bypass
http://archives.neohapsis.com/archives/bugtraq/2006-05/0127.html
PhpListPro 2.01: PHP file inclusion
http://archives.neohapsis.com/archives/bugtraq/2006-05/0199.html
UBlog 1.6: XSS
http://archives.neohapsis.com/archives/bugtraq/2006-05/0190.html
Unclassified NewsBoard 1.6.1: PHP file inclusion
http://archives.neohapsis.com/archives/bugtraq/2006-05/0213.html
e107 0.7.2: SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2006-05/0269.html
mybb 1.1.1: SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2006-05/0196.html
phpBB: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2006-05/0219.html
http://archives.neohapsis.com/archives/bugtraq/2006-05/0238.html
phpListPro 2.01: PHP file inclusion
http://archives.neohapsis.com/archives/bugtraq/2006-05/0153.html
phpRaid 3.0.b3: PHP file inclusion
http://archives.neohapsis.com/archives/bugtraq/2006-05/0140.html
plaNetStat 27.01.2005: auth bypass
http://archives.neohapsis.com/archives/bugtraq/2006-05/0163.html
singapore 0.9.7: XSS
http://archives.neohapsis.com/archives/bugtraq/2006-05/0138.html
____Cross Platform____
Apple QuickTime 7.1: multiple vulnerabilities
http://archives.neohapsis.com/archives/cc/2006-q2/0005.html
http://archives.neohapsis.com/archives/bugtraq/2006-05/0222.html
http://archives.neohapsis.com/archives/bugtraq/2006-05/0226.html
Dreamweaver 8, MX 2004: XSS
http://archives.neohapsis.com/archives/bugtraq/2006-05/0194.html
Empire 4.3.2: remote overflow
http://archives.neohapsis.com/archives/bugtraq/2006-05/0266.html
GNUnet 0.7.0dr2780: remote DoS
http://archives.neohapsis.com/archives/bugtraq/2006-05/0262.html
Genecys 0.2: remote overflow
http://archives.neohapsis.com/archives/bugtraq/2006-05/0256.html
IBM Websphere Application Server 6.0.2.x: information disclosure
http://archives.neohapsis.com/archives/bugtraq/2006-05/0175.html
MySQL 4.0.27: information disclosure
http://archives.neohapsis.com/archives/mysql/2006-q2/1557.html
Outgun 1.0.3bot2: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2006-05/0258.html
Quake3 engine: remote overflow
http://archives.neohapsis.com/archives/bugtraq/2006-05/0170.html
Raydium r309: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2006-05/0259.html
Sophos Anti-Virus multiple versions: local overflow
http://archives.neohapsis.com/archives/bugtraq/2006-05/0150.html
____Other Platforms____
CA Common Services CAIRIM: critical information disclosure
http://archives.neohapsis.com/archives/bugtraq/2006-05/0134.html
Limbo CMS: SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2006-05/0126.html
--- Patches and Updates
-----------------------------------------------
The following contains a list of vendor patches and updates released
this week.
____Linux____
Debian > DSA 1052-1: cgiirc
http://archives.neohapsis.com/archives/vendor/2006-q2/0043.html
Debian > DSA 1053-1: Mozilla
http://archives.neohapsis.com/archives/vendor/2006-q2/0044.html
Debian > DSA 1054-1: TIFF
http://archives.neohapsis.com/archives/vendor/2006-q2/0045.html
Debian > DSA 1055-1: Mozilla Firefox
http://archives.neohapsis.com/archives/vendor/2006-q2/0046.html
Fedora > FLSA-2006:152868: tetex
http://archives.neohapsis.com/archives/bugtraq/2006-05/0257.html
Fedora > FLSA-2006:152898: emacs
http://archives.neohapsis.com/archives/bugtraq/2006-05/0255.html
Fedora > FLSA-2006:152904: ncpfs
http://archives.neohapsis.com/archives/bugtraq/2006-05/0264.html
Fedora > FLSA-2006:152923: xloadimage
http://archives.neohapsis.com/archives/bugtraq/2006-05/0265.html
Fedora > FLSA-2006:164512: fetchmail
http://archives.neohapsis.com/archives/bugtraq/2006-05/0268.html
Fedora > FLSA-2006:185355: gnupg
http://archives.neohapsis.com/archives/bugtraq/2006-05/0260.html
Gentoo > GLSA200605-07: Nagios
http://archives.neohapsis.com/archives/bugtraq/2006-05/0130.html
Gentoo > GLSA200605-08: PHP
http://archives.neohapsis.com/archives/bugtraq/2006-05/0147.html
Gentoo > GLSA200605-09: Mozilla Thunderbird
http://archives.neohapsis.com/archives/bugtraq/2006-05/0148.html
Gentoo > GLSA200605-10: pdnsd
http://archives.neohapsis.com/archives/bugtraq/2006-05/0178.html
Gentoo > GLSA200605-11: Ruby
http://archives.neohapsis.com/archives/bugtraq/2006-05/0177.html
Gentoo > GLSA200605-12: Quake 3 engine based games
http://archives.neohapsis.com/archives/bugtraq/2006-05/0179.html
Gentoo > GLSA200605-13: MySQL
http://archives.neohapsis.com/archives/bugtraq/2006-05/0220.html
Mandriva > MDKSA-2006:083: gdm
http://archives.neohapsis.com/archives/linux/mandrake/2006-q2/0059.html
Mandriva > MDKSA-2006:084: MySQL
http://archives.neohapsis.com/archives/linux/mandrake/2006-q2/0060.html
Mandriva > MDKSA-2006:085: xine-ui
http://archives.neohapsis.com/archives/linux/mandrake/2006-q2/0061.html
SUSE > SUSE-SR:2006:010: Opera, Apache, clamav, ethereal
http://archives.neohapsis.com/archives/vendor/2006-q2/0047.html
Trustix > TSLSA-2006-0026: kernel
http://archives.neohapsis.com/archives/bugtraq/2006-05/0231.html
Ubuntu > USN-282-1: Nagios vulnerability
http://archives.neohapsis.com/archives/bugtraq/2006-05/0143.html
Ubuntu > USN-283-1: MySQL vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2006-05/0144.html
--- Advertisement
-----------------------------------------------------
This issue sponsored by EC-Council's CEH Certification.
Certified Ethical Hacker is the most practical security
certification you can give your staff. Hire a Certified Ethical
Hacker, or send your staff to earn the certification. For a free
copy of "The 7 Habits of a Highly Malicious Hacker" visit:
--- Sign Off
----------------------------------------------------------
If this e-mail was passed to you, and you would like to begin receiving
our free security e-mail newsletter on a weekly basis, we invite you to
subscribe today by forwarding this message to [subscribe_stwupdate.networkcomputing.com].
Or you can subscribe directly here:
http://www.networkcomputing.com/go/stw.jhtml
To manage all aspects of your subscription and newsletter account,
simply use the URL below. You'll need your e-mail address and
password to log in. If you don't have your password, you can generate
a new one using the same URL. Once logged in, you can change your
e-mail address and password as well as select specific platforms for
which you'd like to receive information on patches and vulnerabilities.
If you have any questions regarding this system, please don't hesitate
to e-mail us at stwnwc.com.
http://stwpref.update.networkcomputing.com/CMP/NWC/prefctr.asp
Put Us On Your White List
Don't let an over-eager e-mail filter bounce the Network Computing
Security Threat Watch newsletter! Our address:
NetworkComputingupdate.networkcomputing.com
needs to be in your address book or on your anti-spam white list. Ask your
admin or ISP how to do this, or check your anti-spam utility documentation.
Important subscription contacts:
CMP Media LLC
600 Community Drive
Manhasset, NY 11030
Unsubscribe to Network Computing's newsletters.
http://www.networkcomputing.com/newsletters/unsubscribe.html
Sign up for your own issue of this newsletter.
http://www.networkcomputing.com/newsletters/subscriptions.html
Subscribe to Network Computing's newsletters.
http://www.networkcomputing.com/newsletters/subscriptions.html
Still not receiving your own FREE subscription to Network Computing
magazine?
http://networkcomputingsubscriptions.com/customerservice/
ADDITIONAL SUBSCRIPTION CONTACT:
Please send an e-mail message to mailto:newsletterscmp.com if you need
assistance changing your e-mail address, unsubscribing from this
newsletter, or require additional assistance with your subscription.
Please be sure to include the name of this newsletter in your message.
Missed an issue? You can find all back issues of Security Threat Watch
(as well as Security Alert Consensus and Security Express) online.
http://archives.neohapsis.com/
Note: To better serve you we use dynamic URLs within our advertisments,
which allow us to see how many readers click on a given ad. We do not
share this information, or your personal information, with any outside
party. Concerned about the privacy of your information relative to these
tracking URLs? Please refer to our privacy policy.
http://www.doubleclick.net/us/corporate/privacy
We'd like to know what you think about the newsletter and what
information you'd like to see in future editions. E-mail your comments
to (stwnwc.com).
To unsubscribe from this newsletter, forward this message to
[unsubscribe_stwupdate.networkcomputing.com].
Copyright (c) 2006 Network Computing, a CMP Media LLC publication. All
Rights Reserved. Distributed by Network Computing
(http://www.networkcomputing.com). Powered by Neohapsis Inc., a
Chicago-based security assessment and integration services consulting
group (infoneohapsis.com | http://www.neohapsis.com/).
This message powered by DARTmail
http://www.doubleclick.net/us/corporate/privacy
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]