Affected OS:Microsoft Windows 2000 Advanced ServerMicrosoft Windows 2000 Datacenter ServerMicrosoft Windows 2000 ProfessionalMicrosoft Windows 2000 ServerMicrosoft Windows XP Home EditionMicrosoft Windows XP Professional h07 has discovered a weakness in Microsoft Windows, which can be exploited by malicious people to cause a DoS (Denial of Service). The weakness is caused due to an error in the Workstation service when handling NetrWkstaUserEnum RPC requests with a large value in the maxlen field. Successful exploitation causes svchost.exe to consume a large amount of memory and may result in the system becoming temporarily unresponsive. The weakness is confirmed on a fully patched Windows XP … Continue reading Windows Workstation Service NetrWkstaUserEnum Denial of Service
Microsoft Windows is prone to a local denial-of-service vulnerability because the operating system fails to handle certain API calls with unexpected parameters. A local unprivileged attacker may exploit this issue by executing a malicious application. Successful exploits will crash the operating system, denying further service to legitimate users. http://www.securityfocus.com/bid/21688/info
Affected Products: ESET NOD32 AntivirusVulnerability: Arbitrary Code Execution (remote) Risk: HIGH Vendor communication:2006/08/24 initial notification of ESET 2006/08/28 ESET Response2006/08/29 PGP keys exchange2006/08/29 PoC files sent to ESET2006/09/06 ESET initial feedback.2006/09/08 ESET confirmed the bug and fixed2006/09/08 ESET made available the updates Description:Multiple vulnerabilities have been found in the file parsing engine. In detail, the following flaw was determined: – Divide by Zero in .CHM file parsing.– Heap Overflow through Integer Overflow in .DOC File Parsing The .DOC problem can lead to remote arbitrary code execution if an attacker carefully crafts a file that exploits the aforementioned vulnerabilities.The vulnerabilities are … Continue reading NOD32 Antivirus DOC parsing Arbitrary Code Execution Advisory
Affected Software: CA BrightStor Portal 11.xCA CleverPath Aion 10.xCA CleverPath Portal 4.xCA eTrust Security Command Center 1.xCA eTrust Security Command Center 8.xCA Unicenter Asset Portfolio Management 11.xCA Unicenter Database Command Center 11.xCA Unicenter Database Management Portal 11.xCA Unicenter Enterprise Job Manager 1.xCA Unicenter Management Portal 11.xCA Unicenter Management Portal 2.xCA Unicenter Management Portal 3.xCA Unicenter Workload Control Center 1.x A vulnerability has been reported in CA’s Portal technology, which potentially can be exploited by malicious users to bypass certain security restrictions. The problem is that when multiple Portal servers share a common data source, a malicious user may be be … Continue reading CA Portal Technology Session Handling Vulnerability;CA Anti-Virus vetfddnt.sys and vetmonnt.sys Local DoS Vulnerabilities
Apple Mac OS X is prone to an information-disclosure vulnerability. Attackers may exploit this issue by convincing victims into visiting a malicious website. Exploiting this issue may allow remote attackers to capture images rendered locally on screen that may contain sensitive information. Vulnerable: Apple Mac OS X Server 10.4.8 Apple Mac OS X 10.4.8 http://www.securityfocus.com/bid/21672/info Solution: Install Security Update 2006-008 update, see http://docs.info.apple.com/article.html?artnum=61798
MS06-078 – Vulnerability in Windows Media Format Could Allow Remote Code Execution (923689)http://www.microsoft.com/technet/security/bulletin/MS06-078.mspx?pubDate=2006-12-19 Revisions: V2.0 (December 19, 2006): Bulletin updated has been revised and re-released for the Korean only package on Microsoft Windows Media Runtime Format 7.1 and 9.0 Series Runtime on Windows 2000 Service Pack 4 to address the issues identified in Microsoft Knowledge Base Article 923689. Additional clarity around file versions in the “I’ve installed the Windows Media Format Runtime security update. What version of Windows Media Format Runtime should I have installed?” in the “Frequently Asked Questions (FAQ) Related to this Security Update” section.
Winamp Web Interface (Wawi) is “a nice open source plugin for Winamp which allows the remote administration of the media player through any web browser”. The Winamp Web Interface, WAWI for short, has been found to contain multiple vulnerabilities that would allow a remote attacker to overflow the internal buffers used by the product and cause it to read arbitrary file and display them. Vulnerable Systems: * Winamp Web Interface version 7.5.13 and prior http://www.securiteam.com/windowsntfocus/6Z00A2KHQG.html
Breno Silva Pinto has reported a vulnerability in Intel 2200BG drivers, which potentially can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a race condition when W29N51.SYS handles multiple beacon frames. This can be exploited to overwrite certain kernel memory structures via sending multiple specially crafted beacon frames to the wireless card. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in version 220.127.116.11. Other versions may also be affected. Solution: Turn off the wireless card when not in use.http://secunia.com/advisories/23338/
http://www.securitytracker.com/alerts/2006/Dec/1017397.html A vulnerability was reported in Microsoft Outlook. A remote user can cause denial of service conditions. A remote user can create specially crafted HTML that, when loaded by the target user, will invoke a Microsoft Outlook ActiveX component (Outlook Recipient Control) and cause Internet Explorer to hang. shinnai reported this vulnerability. The original advisory and a demonstration exploit is available at: http://shinnai.altervista.org/viewtopic.php?id=41&t_id=8 Impact: A remote user can create HTML that, when loaded by the target user, will cause Internet Explorer to hang.Solution: No solution was available at the time of this entry.