Adobe Acrobat Stack Exhaustion DoS Vulnerability

Adobe Acrobat is prone to a denial-of-service vulnerability because the application fails to perform adequate boundary-checks on user-supplied data.   Attackers can exploit this issue to cause the affected application to crash, effectively denying service. Arbitrary code execution may be possible, but has not been confirmed.

Adobe Acrobat 9.1.1 is vulnerable; other versions may also be affected.

NOTE: This BID was previously classified as a buffer-overflow. Further analysis reveals that it is a stack exhaustion, and code execution is unlikely.

Vulnerable:
Adobe Acrobat Reader 9.1.1
Adobe Acrobat 9.1.1

PoC is available

http://www.securityfocus.com/bid/35148/discuss

Bing.com’s key areas and what it replaced/rebrand on Microsoft products?

Microsoft revealed the other day that Bing.com will be available next week (June 3 is the plan date to launch Bing).  If you are wondering what is Bing.com and what Microsoft products or services is replaced or rebrand by Bing:

Bing.com is a new Decision Engine:  This means you can use Bing.com to search (like what Live.com, Google.com, Yahoo.com is offering).  The difference is Bing.com will hopefully provide people a search engine that focuses on the following areas:

  1. Making a purchase decision
  2. Planning a trip
  3. Researching a health condition
  4. Finding a local business

The above four topics is the initial focus by Bing because….. see next topic why those are the initial focus.

Microsoft products or services replaced/rebranded by Bing.com:

  1. Virtual Earth is now rebranded as Bing Maps for Enterprise
  2. The acquired Farecast (also here – Farecast Live) is now part of Bing Travel (Note: Farecast was acquired by Microsoft on April 9, 2008.  See Microsoft’s Acquisition History webpage)
  3. The Cash Back program is now rebranded as Bing Cashback

So that is why the focus of Bing.com is to help people with their purchase decision (Cashback), travel plans (Farecast), local business finder (Virtual Earth/Bing Maps).  As to “researching health condition” in one of the key areas…. well, since they found out that shopping, travel and business information are the popular areas where people in the business and consumers spend time during a search, they also identified that people research about health so their upcoming decision search engine, Bing.com will cover that also by providing faster and relevant searches.  They noted the Ipsos 2009 survey results (over thousand of participants only) in identifying the said key areas on what people actually search:

66 percent of people are using Internet search more frequently to make complex decisions,* Microsoft identified three design goals to guide the development of Bing.

Anyway, so the above what I gathered after reading their Press Release on Bing.  If you go that page, you’ll see more links to read about Bing, if you are interested to know what Bing want to serve you but if you like to hear from Bing Team…. head over at their blog.

As to why they choose the name, Bing… I don’t know. They said it’s fresh and new approach but I have a friend name Bing.  She’s very aggressive person.  Let’s see if Bing.com is going to be aggressive :-D

Zoller: Mozilla does not acknowledge DoS bugs

Thierry Zoller, a security researcher is not happy that Mozilla is not acknowledging Denial of Service bugs or security issues that are less critical.

I am tired of seeing the security/patch statistics where one browser is compared to another. When Microsoft doesn’t patch a DoS bug for 6 month it negatively impacts the statistic, Mozilla doesn’t acknowledge DoS bugs nor to they officially issue advisories. Go to bugzilla, search a bit and draw you own conclusion, there are DoS bugs that are 3 years old that have not been patched. Are these included in the statistics – no.

More at http://blog.zoller.lu/2009/05/advisory-firefox-denial-of-service.html

He’s referring to the security issue on Firefox v3.0.10.

Linksys WAG54G2 Web Management Console Remote Arbitrary Shell Command Injection Vulnerability

Linksys WAG54G2 router is prone to a remote command-injection vulnerability because it fails to adequately sanitize user-supplied input data.
Remote attackers can exploit this issue to execute arbitrary shell commands with superuser privileges. This may facilitate a complete compromise of the affected device.
Linksys WAG54G2 with firmware V1.00.10 is affected; other versions may also be vulnerable.

Vulnerable:  Linksys Wireless-G ADSL2+ Gateway WAG54G2 1.0.10 (Firmware)

http://www.securityfocus.com/bid/35142/discuss

Vendor’s reaction / issue history
The research was performed in early 2009.
The vendor was notified on 18.03.09.
Quick response (within one day)
Quick confirmation of the issue (within few days).
No fix till now (15.05.2009)
15.05.2009 – public disclosure

http://www.securitum.pl/dh/Linksys_WAG54G2_-_escape_to_OS_root

Mozilla Firefox ‘keygen’ HTML Tag DoS Vulnerability

Mozilla Firefox is prone to a remote denial-of-service vulnerability.
Successful exploits can allow attackers to cause the browser to stop responding, thus denying service to legitimate users.

Vulnerable:  Mozilla Firefox 3.0.10 

http://www.securityfocus.com/bid/35132/discuss

Disclosure timeline

DD/MM/YYYY
14/12/2008 : Created bugzilla entry (security) with (the wrong) proof of concept file.

14/12/2008 : Attached the correct POC file (mea culpa) and a stack trace and details of memory corruption that repeatitly occured during testing the POC

24/12/2008 : dveditz@mozilla.com comments : "I can definitely confirm the denial of service aspect, and there’s a very minor memory leak (after 9 hours of CPU time memory use went from 60MB to 360MB). Haven’t been able to reproduce a crash."

27/05/2009 : The 4 month grace period [2] given is reached. Release of this advisory.

http://blog.zoller.lu/2009/04/advisory-firefox-denial-of-service.html

Massive ID fraud and cheque scam busted in NYC

A corporate identity theft ring that exploited the identities of local corporations, religious institutions, hospitals and even schools to run a cheque fraud scam has been busted in New York.

Investigators reckon the gang of 18 suspects made millions by impersonating workers from an estimated 350 New York-based organizations. Data purchased from corrupt bank insiders was used to lay the groundwork for the scam, which relied on cashing thousands of counterfeit payroll cheques. The fraudsters also plundered the bank accounts of individual victims, using data obtained from corrupt bank insiders to transfer funds to banks under the control of the gang.

http://www.theregister.co.uk/2009/05/29/corporate_id_theft_scam_charges/

Malware SPAM: United Parcel of America, UPSDOCS_IN987712001.zip

Another fake e-mail today with compressed malware, UPSDOCS_IN987712001.exe

The fake message:

Hello!

We were not able to deliver postal package you sent on the 14th of March in time because the recipient’s address is not correct.
Please print out the invoice copy attached and collect the package at our office.

Your United Parcel Service of America

Not even half of popular malware scanners have detection on this malware so watch-out for your emails. Delete them using Mailwasher (free version is available at mailwasher.net) or enable your spam filtering tool:

5-29-2009 9-41-10 PM

http://www.virustotal.com/analisis/a23dd903f1a37330da1fe420d1da73fba019a604ed09f996d309bef059d1f94c-1243604156

Increasing Your Organization’s Security and Privacy with Internet Explorer 8

Guidance for Enhancing Internet Explorer Security for Desktop Users
Learn about the emerging threat types on the web today and how Internet Explorer 8’s new security features help protect against them.

The Web browser is the main interface a company’s users have to the web. As such it is constantly under attack. Internet Explorer 8 provides significant new security protections that can help companies protect their valuable information and reduce costs.

This paper provides an overview of the new threat types and how Internet Explorer 8’s new security features help protect against them.

Download the guide (in PDF format) at http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=198d40a4-6896-49b3-b8f2-c151e9797634

Related article:  How to Block Ads in IE8 using InPrivate

Sun released new build 14 of Sun Java RE 6

The release is Windows 7 support-ready and includes support for Internet Explorer 8, Windows Server 2008 SP2, and Windows Vista SP2. New features include the G1 garbage collector, plus performance and security enhancements

http://java.sun.com/javase/6/webnotes/6u14.html

Download:

http://java.sun.com/javase/downloads/index.jsp
http://www.java.com/en/download/manual.jsp?locale=en&host=www.java.com:80
http://www.java.com/en/download/index.jsp