Month: November 2004

Microsoft is investigating reports of a security issue with Microsoft Windows Internet Name Service (WINS).  This security issue affects Microsoft Windows NT Server 4.0, Microsoft Windows NT Server 4.0 Terminal Server Edition, Microsoft Windows 2000 Server, and Microsoft Windows Server 2003. Microsoft Windows 2000 Professional, Microsoft Windows XP, and Microsoft Windows Millennium Edition are not affected by this vulnerability. By default, WINS is not installed on Windows NT Server 4.0, on Windows NT Server 4.0 Terminal Server Edition, on Windows 2000 Server, or on Windows Server 2003. By default, WINS is installed and running on Microsoft Small Business Server 2000 … Continue reading How to help protect against a WINS security issue

ListShield.com, the first web-based blacklist protection service, provides networks and corporate email systems with round-the-clock monitoring of false listings on spam blacklists, providing 24/7 protection. “Up to 40% of small businesses are blacklisted. Most companies don’t know if they are blacklisted and they don’t know what to do about it. If a few of your company emails aren’t getting through your email server could be blacklisted.” said Steve Bickel, cofounder of ListShield. ListShield Partner for a CauseListShield is donating its services free to all non-profits. For non-profits relying on e-mail as a core communication tool for connecting with business associates, … Continue reading ListShield.com – Free Spam Blacklist Protection For All Non-Profits

[Tested]IEXPLORE.EXE file version 6.0.2900.2180MSHTML.DLL file version 6.00.2800.1400Microsoft Windows XP Home SP2 [Discussion] Recently, a security professional aliased http-equiv (malware.com) found a vulnerability in Microsoft’s new Service Pack (SP2). What was required to compromise the victim’s machine was the dragging of an specially-crafted into a folderview window, and then the clicking of a button. LongNameVuln is a more efficient way of acheiving this common goal of compromising the system. It removes the extra step of having to click a button in order to access a page on the local machine. It can be done easily. Using the Related Topics command of … Continue reading Microsoft Help ActiveX Control Related Topics Local Content Accessing Vulnerability

PhishGuard is a FREE service that detects and rapidly disables Internet “phishing” or “spoofing” attacks designed to steal critical financial data. Phishing attacks use fraudulent websites and emails that mimic well-known organizations in order to trick unsuspecting Internet users. A simple login or account number entry screen becomes a sophisticated trap. By assuming you are dealing with a trusted party, you can reveal financial information including credit card numbers, bank accounts, passwords, and social security numbers to the “bad guys”. This type of attack is very difficult for the typical person to detect, as the scammer’s emails and websites mimic … Continue reading PhishGuard Anti-Scam System (free software)

A vulnerability was reported in Microsoft Windows in ‘wins.exe’. A remote user can execute arbitrary code on the target system. Nicolas Waisman from Immunity reported that a remote user can send a specially crafted WINS packet to the target server on TCP port 42 to modify a memory pointer and write arbitrary contents to arbitrary memory locations. A remote user can execute arbitrary code on the target system. The original advisory is available at: http://www.immunitysec.com/downloads/instantanea.pdf Impact:  A remote user can execute arbitrary code on the target system. Solution:  No solution was available at the time of this entry. Underlying OS:  … Continue reading Microsoft WINS Memory Overwrite Lets Remote Users Execute Arbitary Code

Revision History:  None Risk Impact: Very low OverviewSymantec is responding to an advisory (http://www.hexview.com/docs/20041104-1.txt) issued concerning the potential for a minor denial of service (DoS) during a client’s Symantec Windows LiveUpdate download from an actual or spoofed Symantec LiveUpdate server. In addition, the advisory states there is potential for a limited directory traversal vulnerability since Symantec Windows LiveUpdate fails to validate file path input during decompression of included file path data. NOTE: Neither of these potential issues could be used to deploy malware or result in remote access to a client system. Affected ComponentsSymantec Windows LiveUpdate 1.80.x, 1.90.x, 2.0.x, 2.5.x … Continue reading Symantec Windows LiveUpdate potential for minor Denial of Service and Directory Traversal