Multiple Security Products MIME Encoding Content Filter Bypass Weakness

Multiple Security Products MIME Encoding Content Filter Bypass Weakness Various security products are prone to a filter-bypass weakness. These products include: – BitDefender Mail Protection for SMB 2.0– ClamAV 0.88.6 – F-prot AntiVirum for Linux x86 Mail Servers 4.6.6– Kaspersky Anti-Virus for Linux Mail Server 5.5.10 Other applications and versions may also be affected. This issue occurs because the application fails to handle malformed input that may allow an attacker to bypass the file-filtering mechanism. Vulnerable:  MandrakeSoft Linux Mandrake 2006.0 x86_64MandrakeSoft Linux Mandrake 2006.0 MandrakeSoft Linux Mandrake 2007.0 x86_64MandrakeSoft Linux Mandrake 2007.0MandrakeSoft Corporate Server 4.0 x86_64MandrakeSoft Corporate Server 3.0 x86_64MandrakeSoft … Continue reading Multiple Security Products MIME Encoding Content Filter Bypass Weakness

Microsoft Windows Explorer and Media Player Denial of Service Vulnerability

Microsoft Windows Explorer and Media Player Denial of Service Vulnerability Microsoft Windows Explorer and Windows Media Player are prone to a denial-of-service vulnerability. A remote attacker may exploit this vulnerability by presenting a malicious ‘WMV’ or ‘MID’ file to a victim user. When either application processes this image, the application crashes, effectively denying service. It is not known at this time if this issue can be leveraged to execute arbitrary code; this BID will be updated as further information becomes available. Vulnerable:  Microsoft Windows XP Tablet PC Edition SP2Microsoft Windows XP Professional SP2Microsoft Windows XP Media Center Edition SP2Microsoft Windows … Continue reading Microsoft Windows Explorer and Media Player Denial of Service Vulnerability

Microsoft Project Discloses Database Password to Remote Authenticated Users

A vulnerability was reported in Microsoft Project. A remote authenticated user can obtain the database password. A remote authenticated user can submit an HTTP POST request to ‘/projectserver/logon/pdsrequest.asp’ to obtain the username and password of the MSProjectUser SQL account. Brett Moore of reported this vulnerability. Impact:  A remote authenticated user can obtain the database password.Solution:  No solution was available at the time of this entry.

MSRC’s lastest report on Word Vulnerabilities & the Mac Update

2 updated informations were posted by Microsoft Security Response Center at their blog: Update on accidental posting of pre-release security updates for Office for Mac Customers who downloaded the pre-release security (erroneously released) update for Office for Mac on Tuesday should install this new update when it is released (end of next week). Update on Current Word Vulnerability Reports CVE-2006-5994 – Advisory was released. CVE-2006-6456 – No advisory but they blogged about it. CVE-2006-6561 – They are not aware of any attack but MS is aware of the PoC. Please read the above links for more info and guidance.  

Multiple Vendor Firewall HIPS Process Spoofing Vulnerability

Multiple vendor firewalls and HIPS (host-based intrusion prevention systems) are prone to a process-spoofing vulnerability. An attacker can exploit this issue to have an arbitrary malicious program appear to run as a trusted process and function undetected on an affected victim’s computer. The following software is vulnerable; other versions may also be affected: InfoProcess AntiHook version Anti-Virus plus Firewall version 7.5.431 Comodo Personal Firewall version Personal Firewall version ‘n’ Stop Personal Firewall version 2.05p2Symantec Sygate Personal Firewall version 5.6.2808

BitDefender AV Packed PE File Parsing Engine Heap Overflow

Affected Products:BitDefender AntivirusBitDefender Antivirus PlusBitDefender Internet Security BitDefender Mail Protection for EnterprisesBitDefender Online ScannerBitDefender for ISA ServerBitDefender for MS Exchange 2000BitDefender for MS Exchange 2003BitDefender for MS Exchange 5.5 A remotely exploitable vulnerability has been found in the file parsing engine. Solution:The vulnerabilities were reported on August 28 and an update has been issued on August 29 to solve this vulnerability. The update has been delivered immediately to all BitDefender users through the regular automatic update mechanism, so no user action is required.–cevakrnl.xmd-vulnerability.html (Created on 14 Dec 2006 13:28, Modified on 15 Dec 2006 07:49)

Yahoo! Messenger Security Update: ActiveX Update

Yahoo! recently identified a security issue, commonly referred to as a buffer overflow in an ActiveX control. This control is part of the Yahoo! services suite typically downloaded with the installer for Yahoo! Messenger. Some impacts of a buffer overflow might include being involuntarily logged out of a Chat and/or Messenger session, the crash of an application such as Internet Explorer, and in some instances, the introduction of executable code. For this specific issue, these impacts could only be possible if an attacker is successful in prompting someone to view malicious HTML code, most likely executed by getting a person … Continue reading Yahoo! Messenger Security Update: ActiveX Update

CA Anti-Virus Drivers Denial of Service Vulnerabilities

Affected Software: CA eTrust Antivirus 8.x Rubén Santamarta has reported two vulnerabilities in CA Anti-Virus, which can be exploited by malicious, local users to cause a DoS (Denial of Service). The vulnerabilities are caused due to errors within the vetmonnt.sys and vetfddnt.sys drivers when handling NULL buffers. This can be exploited via various IOCTLs to crash the system. The vulnerabilities are reported in the following products:* CA Anti-Virus 2007 version 8.1* CA Anti-Virus for Vista Beta version 8.2* CA Internet Security Suite 2007 version 3.0 Solution: Updated drivers are available for CA customers.