>
> *****************************
> Widely Deployed Software
> *****************************
>
> (1) CRITICAL: Trend Micro Multiple Products Multiple Vulnerabilities
> Affected:
> Trend Micro ServerProtect
> Trend Micro AntiSpyware
>
> Description: Trend Micro ServerProtect and Trend Micro AntiSpyware,
> popular antispyware and antivirus solutions, contain multiple
> vulnerabilities. The ServerProtect product exports multiple Remote
> Procedure Call (RPC) interfaces via Microsoft's RPC mechanism, each of
> which contains several functions vulnerable to buffer
> overflow attacks.
> Additionally, the AntiSpyware product contains a buffer overflow
> vulnerability in its handling of long filenames. An attacker
> who called
> a vulnerable RPC function or created a file with a long name (via, for
> example, a specially crafted email attachment or open network share)
> could trigger one of these vulnerabilities. Successfully
> exploiting one
> of these vulnerabilities would allow an attacker to execute arbitrary
> code with the privileges of the vulnerable process (often
> SYSTEM). Some
> technical details for these vulnerabilities are publicly available.
>
> Status: Trend Micro confirmed, updates available. Users can
> mitigate the
> impact of the RPC vulnerabilities by blocking TCP ports 5168 and 3628
> at the network perimeter, if possible.
>
> References:
> iDefense Advisories
> .
> php?id=587
> .
> php?id=588
> .
> php?id=586
> Trend Micro Security Advisories
>
> n_en_securitypatch4_readme.txt
>
> Trend Micro Home Page
>
> SecurityFocus BIDs
>
>
>
> **************************************************************
>
**************************************************************
>
> (5) MODERATE: ClamAV Remote Command Execution
> Affected:
> ClamAV versions prior to 0.91.2
>
> Description: Clam AntiVirus (ClamAV) is a popular open source
> antivirus
> solution. ClamAV can be integrated with the Sendmail mail transport
> system via Sendmail's "milter" mechanism. Sendmail is the most common
> mail transport system in the world, and the default system on
> most Unix
> and Unix-like systems. When ClamAV is integrated with Sendmail and the
> ClamAV "black hole" configuration option is enabled, a
> specially crafted
> email could cause arbitrary commands to be executed with root
> privileges. No authentication is necessary; it is sufficient
> to have an
> email transiting a vulnerable system to exploit this vulnerability.
> Technical details are available for this vulnerability, both in the
> advisory and via source code analysis.
>
> Status: ClamAV confirmed, updates available.
>
> References:
> n.runs Security Advisory
>
> Documentation for ClamAV's "Milter" Interface
>
> ClamAV Home Page
>
> SecurityFocus BID
>
>
> **************************************************************
>
> Part II - Comprehensive List of Newly Discovered Vulnerabilities from
> Qualys (www.qualys.com)
>
> Week 35, 2007
>
>
> 07.35.7 CVE: Not Available
> Platform: Third Party Windows Apps
> Title: Mercury Mail Transport System AUTH CRAM-MD5 Buffer Overflow
> Description: Mercury Mail Transport System is a mail server
> implementation for Microsoft Windows platforms. The application is
> exposed to a remote stack-based buffer overflow issue because it fails
> to perform adequate boundary checks on user-supplied input. Mercury
> Mail Transport System 4.01b and 4.51 are affected.
> Ref:
> ______________________________________________________________________
>
> 07.35.30 CVE: Not Available
> Platform: Cross Platform
> Title: Clam AntiVirus ClamAV Multiple Remote Denial of Service
> Vulnerabilities
> Description: ClamAV is an antivirus application for Microsoft Windows
> and UNIX-like operating systems. The application is exposed to
> multiple denial of service issues. ClamAV versions prior to 0.91.2 are
> affected.
> Ref:
> ______________________________________________________________________
>
> 07.35.64 CVE: Not Available
> Platform: Network Device
> Title: Cisco 7940 Phone SIP Message Handling Remote Denial of Service
> Vulnerabilities
> Description: Cisco 7940 phone is a VOIP-enabled telephony products.
> The application is exposed to multiple denial of service issues
> because the device fails to handle specially crafted SIP message
> requests. Cisco 7940 devices running firmware P0S3-08-6-00 are
> affected.
> Ref:
> ______________________________________________________________________
>
> 07.35.66 CVE: Not Available
> Platform: Network Device
> Title: Cisco IOS Show IP BGP Regexp Remote Denial of Service
> Description: Cisco IOS is exposed to a remote denial of service issue
> due to a failure of the software to properly handle certain CLI
> commands. Successfully exploiting this issue allows attackers to
> trigger device reboots, denying service to legitimate users.
> Ref:
> ______________________________________________________________________
>
> (c) 2007. All rights reserved. The information contained in this
> newsletter, including any external links, is provided "AS IS," with no
> express or implied warranty, for informational purposes only. In some
> cases, copyright for material in this newsletter may be held
> by a party
> other than Qualys (as indicated herein) and permission to use such
> material must be requested from the copyright owner.
>
