ðòïåëôù 


  áòèé÷ 


Apache-Talk @lexa.ru 

Inet-Admins @info.east.ru 

Filmscanners @halftone.co.uk 

Security-alerts @yandex-team.ru 

nginx-ru @sysoev.ru 

  óôáôøé 


  ðåòóïîáìøîïå 


  ðòïçòáííù 



ðéûéôå
ðéóøíá














     áòèé÷ :: Security-alerts
Security-Alerts mailing list archive (security-alerts@yandex-team.ru)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[security-alerts] FW: @RISK: The Consensus Security Vulnerability Alert Vol. 5 No. 36



> 
> *************************
> Widely Deployed Software
> *************************
> 
> 
> (1) MODERATE: ISC BIND Remote Denial of Service
> Affected:
> ISC BIND versions 9.3.x and possibly 9.2.x
> 
> Description: ISC BIND, by far the most popular Domain Name 
> System (DNS)
> server software on the internet, contains a remotely-exploitable
> denial-of-service (DoS) condition. By sending a specially-crafted DNS
> request including SIG or recursive queries, an attacker could 
> cause the
> server to crash. Depending on configuration, the server may or may not
> automatically restart. Note that ISC does not believe that the 9.2
> branch is vulnerable, but they have issued a patch anyway.
> 
> Status: ISC confirmed, updates available.
> 
> Council Site Actions: Two of the reporting council sites have 
> responded
> to this item. One site has updated their systems to 9.3.2-P1. 
> The other
> site has several dozen affected systems and will likely deploy patches
> within the next several weeks. Some of their systems load all patches
> from a Linux distributor and will likely be updated within 
> approximately
> a week.
> 
> References: ISC Security Advisory
> http://www.isc.org/index.pl?/sw/bind/bind-security.php 
> SecurityFocus BID
> http://www.securityfocus.com/bid/19859
> 
> *******************************************************************
> 
> **************
> Other Software
> **************
> 
> (2) CRITICAL: Ipswitch IMail Remote Buffer Overflow
> Affected:
> Ipswitch Imail Server 2006
> 
> Description: Ipswitch IMail, a popular mail server solution for
> Microsoft Windows, contains a remotely-exploitable buffer overflow. By
> sending a specially-formatted request to the SMTP server component, an
> unauthenticated attacker could trigger this buffer overflow 
> and execute
> arbitrary code with the privileges of the server software - often
> SYSTEM. Note that technical details for this vulnerability have been
> publicly posted.
> 
> Status: Ipswitch confirmed, updates available.
> 
> Council Site Actions: The affected software and/or 
> configuration are not
> in production or widespread use, or are not officially 
> supported at any
> of the council sites. They reported that no action was necessary.
> 
> References:
> Zero Day Initiative Advisory
> http://www.zerodayinitiative.com/advisories/ZDI-06-028.html 
> Ipswitch Home Page
> http://www.ipswitch.com 
> SecurityFocus BID
> http://www.securityfocus.com/bid/19885 
> 
> ****************************************************************
> 
> 06.36.1 CVE: CVE-2006-4534
> Platform: Microsoft Office
> Title: Microsoft Word 2000 Unspecified Remote Code Execution
> Description: Microsoft Word is vulnerable to an unspecified remote
> code execution issue when opening a malicious Word document. See the
> advisory for futher details.
> Ref: http://www.microsoft.com/technet/security/advisory/925059.mspx
> ______________________________________________________________________
> ______________________________________________________________________
> 
> 06.36.6 CVE: CVE-2006-3552
> Platform: Third Party Windows Apps
> Title: Ipswitch IMail Server and Collaboration Suite Unspecified SMTP
> Daemon
> Description: Ipswitch IMail is an email server that serves clients
> their mail via a web interface. Ipswitch Collaboration Suite (ICS) is
> an application suite that includes IMail Server and IMail Anti-Virus.
> Ipswitch IMail Server / Collaboration Suite are prone to an
> unspecified vulnerability that may allow for remote arbitrary code
> execution. Ipswitch Collaboration 2006 Suite Premium and Standard
> Editions, IMail, IMail Plus, and IMail Secure are reported to be
> vulnerable.
> Ref: http://www.ipswitch.com/support/ics/updates/ics20061.asp
> ______________________________________________________________________
> 
> 06.36.14 CVE: Not Available
> Platform: Cross Platform
> Title: OpenSSL PKCS Padding RSA Signature Forgery
> Description: OpenSSL is an open-source implementation of the SSL
> protocol. OpenSSL is susceptible to a vulnerability that may allow an
> RSA signature to be forged. It is possible to forge a PKCS #1 v1.5
> signature when an RSA key with exponent 3 is used. All versions of
> OpenSSL prior to and including 0.9.7j and 0.9.8b are affected by this
> vulnerability. Updates are available.
> Ref: http://www.securityfocus.com/bid/19849
> ______________________________________________________________________
> 
> 06.36.18 CVE: CVE-2006-4095, CVE-2006-4096
> Platform: Cross Platform
> Title: ISC BIND Multiple Remote Denial of Service Vulnerabilities
> Description: ISC BIND is prone to multiple denial of service issues.
> All current versions are affected. Please check the attached advisory
> for details.
> Ref: http://www.securityfocus.com/bid/19859
> ______________________________________________________________________
> 
> 06.36.85 CVE: Not Available
> Platform: Network Device
> Title: Cisco IOS Multiple GRE Source Routing Vulnerabilities
> Description: Cisco IOS is prone to multiple vulnerabilities because
> the application fails to perform boundary checks on user-supplied data
> prior to using it to create network packets. The issues present
> themselves when the device handles malicious GRE packets with
> oversized header offset values, and the improper handling of the
> 255.255.255.255 source route entry in the device's routing table. A
> successful attack can allow an attacker to  bypass security
> restrictions or possibly crash the Cisco IOS operating system. Cisco
> IOS Version C3550 IOS 12.1(19) is reported to be vulnerable.
> Ref: http://www.cisco.com/warp/public/707/cisco-sr-20060906-gre.shtml
> ______________________________________________________________________
> 
> 06.36.88 CVE: Not Available
> Platform: Hardware
> Title: Intel PRO/Wireless Network Connection Drivers Remote Code
> Execution
> Description: Intel PRO/Wireless Network Connection drivers are the
> integrated wireless LAN solution for Intel Centrino mobile technology.
> The drivers are exposed to a remote code execution vulnerability that
> is likely a result from a race condition error. Refer to the link
> below for further details.
> Ref: http://support.intel.com/support/wireless/wlan/sb/CS-023065.htm
> ______________________________________________________________________



 




Copyright © Lexa Software, 1996-2009.