From: Security Threat Watch Newsletter (NetworkComputingupdate.networkcomputing.com)
Date: Mon Dec 18 2006 - 13:01:09 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Security Threat Watch
    Number 162
    Monday, December 18, 2006
    Created for you by Network Computing & Neohapsis

Last week, Microsoft came out with its usual set of Tuesday patches.
These patches cover security issues for Microsoft Windows, Windows Media
Player, Visual Studio, Outlook Express and Office for Mac. These
vulnerabilities range from arbitrary code execution to denial of service
attacks. More about these patches can be read in the Highlighted
Vulnerability section.

In other news, zero-day attacks are taking advantage of flaws in
Microsoft Word. This vulnerability affects Word 2000, 2002, 2003, Word
Viewer 2003 and Word for Mac as well as Microsoft Works 2004, 2005 and
2006. Microsoft is currently working on a patch for this vulnerability,
which is triggered when a user opens a specifically crafted Word file.
More information about this vulnerability can be read at:
http://blogs.securiteam.com/?p=759

Until next issue,
- The Neohapsis Security Threat Watch Team

--- Advertisement
-----------------------------------------------------

Imagine: Award winning vulnerability scanning & patch management all
in one! GFI LANguard Network Security Scanner was voted the No.1
commercial network security scanner by NMAP users for 2 years running.
2 critical network security solutions – rolled into 1 – saving you time
& ensuring seamless integration between the two. Download FREE trial

--- TechCareers: The Job Hunt And Age Discrimination
-----------------------------------------------

By Rusty DAversa, TechCareers.com
Fighting discrimination is all about proving your value to the hiring
manager, says a career expert.
http://www.techcareers.com/content/article.asp?articleid=185303267

-----------------------------------------------

This issue sponsored by Radware:
How Exposed Is Your Network? An exposed network is a big risk.
Productivity can stop without warning. Radware's APSoluteT
integrated application delivery solution ensures your networked and
Web-based applications are available 24/7, run fast and stay secure.

--- New Vulnerabilities
-----------------------------------------------

Below is a list of new vulnerabilities announced this week.
Vulnerabilities considered to be 'critical' involve highly-deployed
software, or carry a high-risk of system compromise. Note that
vulnerabilities not highlighted may still be of critical severity
to your environment.

**** Highlighted critical vulnerabilities ****

Microsoft Word 2003: multiple vulnerabilities

Microsoft products: multiple vulnerabilities

**** Newly announced vulnerabilities this week ****

____Windows____

AOL 9.0 CDDBControl: remote overflow
http://archives.neohapsis.com/archives/bugtraq/2006-12/0195.html

CA Anti-Virus 2007 8.1: local DoS
http://archives.neohapsis.com/archives/bugtraq/2006-12/0245.html

Hyper Access 8.4: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2006-12/0238.html

MailEnable 2.35: remote overflow
http://archives.neohapsis.com/archives/bugtraq/2006-12/0185.html

Microsoft IE 6: arbitrary code execution
http://archives.neohapsis.com/archives/bugtraq/2006-12/0211.html

Microsoft IE 6: remote code execution
http://archives.neohapsis.com/archives/bugtraq/2006-12/0214.html

Microsoft Visual Studio 2005 WmiScriptUtils.dll: remote code execution
http://archives.neohapsis.com/archives/bugtraq/2006-12/0209.html

Microsoft Word 2003: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2006-12/0181.html
http://archives.neohapsis.com/archives/bugtraq/2006-12/0180.html
http://archives.neohapsis.com/archives/bugtraq/2006-12/0190.html

Microsoft products: multiple vulnerabilities
http://archives.neohapsis.com/archives/microsoft/2006-q4/0004.html
http://archives.neohapsis.com/archives/cc/2006-q4/0007.html

Sophos Anti-Virus 2.40: remote overflow
http://archives.neohapsis.com/archives/bugtraq/2006-12/0206.html
http://archives.neohapsis.com/archives/bugtraq/2006-12/0219.html
http://archives.neohapsis.com/archives/vulnwatch/2006-q4/0051.html
http://archives.neohapsis.com/archives/vulnwatch/2006-q4/0052.html

Symantec Veritas NetBackup 6.0: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2006-12/0229.html
http://archives.neohapsis.com/archives/bugtraq/2006-12/0230.html

Winamp Web Interface 7.5.13: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2006-12/0178.html

Windows Explorer 6.00.2900.2180: local DoS
http://archives.neohapsis.com/archives/bugtraq/2006-12/0261.html

Windows Media Player 10.00.00.4036: local DoS
http://archives.neohapsis.com/archives/bugtraq/2006-12/0263.html

____Linux____

gdm 2.14.1-1: local format string
http://archives.neohapsis.com/archives/bugtraq/2006-12/0248.html

____Solaris____

Solaris 10 ld.so: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2006-12/0221.html
http://archives.neohapsis.com/archives/bugtraq/2006-12/0222.html

____Network Devices____

D-LINK DWL-2000AP: remote DoS
http://archives.neohapsis.com/archives/bugtraq/2006-12/0170.html

____CGI____

BLOG CMS: remote file include
http://archives.neohapsis.com/archives/bugtraq/2006-12/0210.html

Contra Haber Sistemi 1.0: SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2006-12/0284.html

GenesisTrader 1.0: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2006-12/0237.html

IBM Host On-Demand 9.0: information disclosure
http://archives.neohapsis.com/archives/bugtraq/2006-12/0173.html

Rad Upload 3.02: remote file include
http://archives.neohapsis.com/archives/bugtraq/2006-12/0203.html

SiteCatalyst: XSS
http://archives.neohapsis.com/archives/bugtraq/2006-12/0285.html

SiteKiosk 6.5.150: XSS
http://archives.neohapsis.com/archives/bugtraq/2006-12/0202.html

____Cross Platform____

BitDefender AV: remote overflow
http://archives.neohapsis.com/archives/bugtraq/2006-12/0259.html

ColdFusion MX7: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2006-12/0172.html

IBM DB2: Remote DoS
http://archives.neohapsis.com/archives/vulnwatch/2006-q4/0055.html

Intel Network Adapter Driver: local overflow
http://archives.neohapsis.com/archives/vulnwatch/2006-q4/0047.html

OpenLDAP 2.4.3: remote overflow
http://archives.neohapsis.com/archives/bugtraq/2006-12/0201.html

ProFTPD 1.3.0: local overflow
http://archives.neohapsis.com/archives/vulnwatch/2006-q4/0056.html

--- Patches and Updates
-----------------------------------------------

The following contains a list of vendor patches and updates released
this week.

____Linux____

Debian > DSA 1233-1: kernel
http://archives.neohapsis.com/archives/bugtraq/2006-12/0168.html

Debian > DSA-1234-1: ruby1.6
http://archives.neohapsis.com/archives/bugtraq/2006-12/0223.html

Debian > DSA-1235-1: ruby1.8
http://archives.neohapsis.com/archives/bugtraq/2006-12/0225.html

Debian > DSA-1236-1: enemies-of-carlotta
http://archives.neohapsis.com/archives/bugtraq/2006-12/0226.html

Gentoo > GLSA200612-03: GnuPG
http://archives.neohapsis.com/archives/bugtraq/2006-12/0192.html

Gentoo > GLSA200612-04: ModPlug
http://archives.neohapsis.com/archives/bugtraq/2006-12/0187.html

Gentoo > GLSA200612-05: KOffice shared libraries
http://archives.neohapsis.com/archives/bugtraq/2006-12/0196.html

Gentoo > GLSA200612-06: Mozilla Thunderbird
http://archives.neohapsis.com/archives/bugtraq/2006-12/0184.html

Gentoo > GLSA200612-07: Mozilla Firefox
http://archives.neohapsis.com/archives/bugtraq/2006-12/0194.html

Gentoo > GLSA200612-08: SeaMonkey
http://archives.neohapsis.com/archives/bugtraq/2006-12/0179.html

Gentoo > GLSA200612-09: MadWifi
http://archives.neohapsis.com/archives/bugtraq/2006-12/0171.html

Gentoo > GLSA200612-10: Tar
http://archives.neohapsis.com/archives/bugtraq/2006-12/0189.html

Gentoo > GLSA200612-12: F-PROT Antivirus
http://archives.neohapsis.com/archives/bugtraq/2006-12/0215.html

Gentoo > GLSA200612-13: libgsf
http://archives.neohapsis.com/archives/bugtraq/2006-12/0216.html

Gentoo > GLSA200612-14: Trac
http://archives.neohapsis.com/archives/bugtraq/2006-12/0217.html

Gentoo > GLSA200612-15: McAfee VirusScan
http://archives.neohapsis.com/archives/bugtraq/2006-12/0255.html

Gentoo > GLSA200612-16: Links
http://archives.neohapsis.com/archives/bugtraq/2006-12/0235.html

Gentoo > GLSA200612-17: GNU Radius
http://archives.neohapsis.com/archives/bugtraq/2006-12/0252.html

Mandriva > MDKSA-2006:164-2: xorg-x11/XFree86
http://archives.neohapsis.com/archives/linux/mandrake/2006-q4/0126.html

Mandriva > MDKSA-2006:206: Mozilla Thunderbird
http://archives.neohapsis.com/archives/bugtraq/2006-12/0270.html

Mandriva > MDKSA-2006:226: squirrelmail
http://archives.neohapsis.com/archives/linux/mandrake/2006-q4/0119.html

Mandriva > MDKSA-2006:227: kdegraphics
http://archives.neohapsis.com/archives/linux/mandrake/2006-q4/0120.html

Mandriva > MDKSA-2006:228: GnuPG
http://archives.neohapsis.com/archives/linux/mandrake/2006-q4/0121.html

Mandriva > MDKSA-2006:229: evince
http://archives.neohapsis.com/archives/linux/mandrake/2006-q4/0124.html

Mandriva > MDKSA-2006:230: clamav
http://archives.neohapsis.com/archives/linux/mandrake/2006-q4/0125.html

Mandriva > MDKSA-2006:231: gdm
http://archives.neohapsis.com/archives/linux/mandrake/2006-q4/0129.html

OpenPKG > OpenPKG-SA-2006.039: proftpd
http://archives.neohapsis.com/archives/bugtraq/2006-12/0272.html

SuSE > SUSE-SA:2006:074: Madwifi
http://archives.neohapsis.com/archives/linux/suse/2006-q4/0123.html

SuSE > SUSE-SA:2006:075: gpg
http://archives.neohapsis.com/archives/linux/suse/2006-q4/0124.html

SuSE > SUSE-SA:2006:076: libgsf
http://archives.neohapsis.com/archives/linux/suse/2006-q4/0125.html

SuSE > SUSE-SA:2006:077: flash-player
http://archives.neohapsis.com/archives/linux/suse/2006-q4/0126.html

Trustix > TSLSA-2006-0072: clamav
http://archives.neohapsis.com/archives/bugtraq/2006-12/0260.html

Ubuntu > USN-380-2: avahi regression
http://archives.neohapsis.com/archives/bugtraq/2006-12/0239.html

Ubuntu > USN-396-1: gdm vulnerability
http://archives.neohapsis.com/archives/bugtraq/2006-12/0262.html

rPath > rPSA-2006-0230-1: evince
http://archives.neohapsis.com/archives/bugtraq/2006-12/0204.html

rPath > rPSA-2006-0231-1: squirrelmail
http://archives.neohapsis.com/archives/bugtraq/2006-12/0205.html

rPath > rPSA-2006-0232-1: libgsf
http://archives.neohapsis.com/archives/bugtraq/2006-12/0240.html

____HP-UX____

SSRT061230: HP Integrated Lights Out
http://archives.neohapsis.com/archives/bugtraq/2006-12/0264.html

--- Advertisement
-----------------------------------------------------

Join us for this live Webcast and learn how to dramatically lower your costs and
increase the performance of your Virtualized Infrastructure in this web event
brought to you by HP, Intel and VMware. By utilizing the HP C-Class blades powered
by the latest Quad Core Xeon and VMware Infrastructure 3, you can help your
organization pool and share IT resources and increase agility, enabling you to
rapidly respond to changes. Register and View Today!

--- Sign Off
----------------------------------------------------------

If this e-mail was passed to you, and you would like to begin receiving
our free security e-mail newsletter on a weekly basis, we invite you to
subscribe today by forwarding this message to [subscribe_stwupdate.networkcomputing.com].
Or you can subscribe directly here:
http://www.networkcomputing.com/go/stw.jhtml

To manage all aspects of your subscription and newsletter account,
simply use the URL below. You'll need your e-mail address and
password to log in. If you don't have your password, you can generate
a new one using the same URL. Once logged in, you can change your
e-mail address and password as well as select specific platforms for
which you'd like to receive information on patches and vulnerabilities.
If you have any questions regarding this system, please don't hesitate
to e-mail us at stwnwc.com.
http://stwpref.update.networkcomputing.com/CMP/NWC/prefctr.asp

Put Us On Your White List
Don't let an over-eager e-mail filter bounce the Network Computing
Security Threat Watch newsletter! Our address:

NetworkComputingupdate.networkcomputing.com

needs to be in your address book or on your anti-spam white list. Ask your
admin or ISP how to do this, or check your anti-spam utility documentation.

Important subscription contacts:
CMP Media LLC
600 Community Drive
Manhasset, NY 11030

Unsubscribe to Network Computing's newsletters.
http://www.networkcomputing.com/newsletters/unsubscribe.html

Sign up for your own issue of this newsletter.
http://www.networkcomputing.com/newsletters/subscriptions.html

Subscribe to Network Computing's newsletters.
http://www.networkcomputing.com/newsletters/subscriptions.html

Still not receiving your own FREE subscription to Network Computing
magazine?
http://networkcomputingsubscriptions.com/customerservice/

ADDITIONAL SUBSCRIPTION CONTACT:
Please send an e-mail message to mailto:newsletterscmp.com if you need
assistance changing your e-mail address, unsubscribing from this
newsletter, or require additional assistance with your subscription.
Please be sure to include the name of this newsletter in your message.

Missed an issue? You can find all back issues of Security Threat Watch
(as well as Security Alert Consensus and Security Express) online.
http://archives.neohapsis.com/

Note: To better serve you we use dynamic URLs within our advertisments,
which allow us to see how many readers click on a given ad. We do not
share this information, or your personal information, with any outside
party. Concerned about the privacy of your information relative to these
tracking URLs? Please refer to our privacy policy.
http://www.doubleclick.net/us/corporate/privacy

We'd like to know what you think about the newsletter and what
information you'd like to see in future editions. E-mail your comments
to (stwnwc.com).

To unsubscribe from this newsletter, forward this message to
[unsubscribe_stwupdate.networkcomputing.com].

Copyright (c) 2006 Network Computing, a CMP Media LLC publication. All
Rights Reserved. Distributed by Network Computing
(http://www.networkcomputing.com). Powered by Neohapsis Inc., a
Chicago-based security assessment and integration services consulting
group (infoneohapsis.com | http://www.neohapsis.com/).

This message powered by DARTmail
http://www.doubleclick.net/us/corporate/privacy

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]