ðòïåëôù 


  áòèé÷ 


Apache-Talk @lexa.ru 

Inet-Admins @info.east.ru 

Filmscanners @halftone.co.uk 

Security-alerts @yandex-team.ru 

nginx-ru @sysoev.ru 

  óôáôøé 


  ðåòóïîáìøîïå 


  ðòïçòáííù 



ðéûéôå
ðéóøíá














     áòèé÷ :: Security-alerts
Security-Alerts mailing list archive (security-alerts@yandex-team.ru)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[security-alerts] FW: @RISK: The Consensus Security Vulnerability Alert Vol. 5 No. 50



> 
> 
> *****************************
> Widely Deployed Software
> *****************************
> 
> (1) CRITICAL: Microsoft Word Remote Code Execution (0day)
> Affected:
> Microsoft Word 2000/2002/2003 and possibly other versions
> Microsoft Word X for Mac
> 
> Description: A new remote code execution has been discovered in
> Microsoft Word. This flaw is distinct from the two reported 
> in the last
> issue of @RISK (see below). A specially-crafted Word document could
> exploit this vulnerability to execute arbitrary code with the 
> privileges
> of the current user. Note that Word documents do not open without
> prompting on all versions of Word after Word 2000. A proof-of-concept
> for this vulnerability is publicly available.
> 
> Status: Microsoft has not confirmed, no updates available.
> 
> Council Site actions:  All of the reporting council sites are waiting
> on an update and confirmation from Microsoft.  Several sites 
> have issued
> warnings to their users regarding the receipt of unsolicited or
> unexpected Word documents, especially from unknown sources.
> 
> References:
> Posting by Robert McMillan
> http://seclists.org/isn/2006/Dec/0052.html 
> Proof-of-Concept (binary file link)
> http://www.securityfocus.com/data/vulnerabilities/exploits/121
> 22006-djtest.doc 
> Previous @RISK Entry (detailing two similar vulnerabilities)
> http://www.sans.org/newsletters/risk/display.php?v=5&i=49#widely1 
> Slashdot Discussion
> http://it.slashdot.org/article.pl?sid=06/12/14/2319250 
> SecurtyFocus BID
> http://www.securityfocus.com/bid/21589 
> 
> ****************************************************************
> 
> (2) CRITICAL: Microsoft Internet Explorer Multiple 
> Vulnerabilities (MS06-072)
> Affected:
> Microsoft Internet Explorer versions 5.01 SP4 and 6
> 
> Description: Microsoft Internet Explorer contains multiple
> vulnerabilities: (1) Failure to properly handle memory when executing
> certain scripts and DHTML functions can result in memory corruption. A
> specially-crafted script or DHTML document could exploit these
> vulnerabilities to execute arbitrary code with the privileges of the
> current user. (2) Flaws in the handling of drag-and-drop events and
> OBJECT tags can lead to disclosure of arbitrary files in the current
> user's Temporary Internet Files directory. This directory is used to
> store information about a user's browsing history and other
> browser-related information. User interaction beyond viewing the page
> is required to exploit these information disclosure vulnerabilities.
> 
> Status: Microsoft confirmed, updates available.
> 
> Council Site Actions: All council sites are responding to this
> vulnerability. They have either already started the deployment process
> or plan to deploy the update during their next regularly scheduled
> maintenance window.
> 
> References:
> Microsoft Security Bulletin
> http://www.microsoft.com/technet/security/Bulletin/MS06-072.mspx 
> Zero Day Initiative Advisory
> http://www.zerodayinitiative.com/advisories/ZDI-06-048.html 
> Secunia Research Advisory
> http://secunia.com/secunia_research/2006-58/advisory/  
> SecurityFocus BIDs
> http://www.securityfocus.com/bid/21494 
> http://www.securityfocus.com/bid/21507 
> http://www.securityfocus.com/bid/21546 
> http://www.securityfocus.com/bid/21552 
> 
> ****************************************************************
> 
> (3) CRITICAL: Microsoft Windows Media Runtime Buffer 
> Overflows (MS06-078)
> Affected:
> Microsoft Windows Media Format Runtime versions 7.1 through 9.5
> 
> Description: The Microsoft Windows Media Format Runtime, used to play
> Windows Media formatted data by many applications, including Windows
> Media Player, contains two buffer overflow vulnerabilities. Failure to
> properly handle malformed Advanced Systems Format (ASF) and Advanced
> Stream Redirector (ASX) files can lead to buffer overflows. 
> An attacker
> could exploit these buffer overflows to execute arbitrary 
> code with the
> privileges of the current user. Note that ASF and ASX files are opened
> without prompting by default. The ASX vulnerability was reported in a
> previous edition of @RISK.
> 
> Status: Microsoft confirmed, updates available.
> 
> Council Site Actions: All council sites are responding to this
> vulnerability. They have either already started the update deployment
> process or plan to deploy the update during their next regularly
> scheduled maintenance window.
> 
> References:
> Microsoft Security Bulletin
> http://www.microsoft.com/technet/security/Bulletin/MS06-078.mspx
> Previous @RISK Entry
> http://www.sans.org/newsletters/risk/display.php?v=5&i=49#widely2
> SecurityFocus BIDs
> http://www.securityfocus.com/bid/21247
> http://www.securityfocus.com/bid/21505
> 
> ****************************************************************
> 
> (4) CRITICAL: Symantec Veritas NetBackup Multiple Vulnerabilities
> Affected:
> Symantec Veritas NetBackup versions 5.0 prior to MP7
> Symantec Veritas NetBackup versions 5.1 prior to MP6
> Symantec Veritas NetBackup versions 6.0 prior to MP4
> 
> Description: Symantec Veritas NetBackup contains multiple
> vulnerabilities. Failures in handling an overlong "CONNECT_OPTIONS"
> command and overall command length can lead to buffer overflows in the
> "bpcd.exe" process. Additionally, the "bpcd.exe" process fails to
> validate the logic of incoming commands. These 
> vulnerabilities could be
> exploited to execute arbitrary commands with the privileges of the
> "bpcd.exe" process, which runs with SYSTEM privileges by default.
> 
> Status: Symantec confirmed, updates available.
> 
> Council Site Actions: One of the responding council sites is using the
> affected software; they are verifying the impact to their environment.
> 
> References:
> Symantec Security Advisory
> http://www.symantec.com/avcenter/security/Content/2006.12.13a.html
> Zero Day Initiative Advisories
> http://www.zerodayinitiative.com/advisories/ZDI-06-050.html
> http://www.zerodayinitiative.com/advisories/ZDI-06-049.html
> IBM ISS Advisory
> http://www.iss.net/threats/247.html
> SecurityFocus BIDs
> http://www.securityfocus.com/bid/21565
> 
> ****************************************************************
> 
> (5) CRITICAL: Sophos Anti-Virus Multiple Vulnerabilities
> Affected:
> Sophos products with a scanning engine version prior to 2.40
> 
> Description: Sophos Anti-Virus contains multiple buffer overflows in
> parsing CPIO and SIT archives. CPIO is a common archive format used
> primarily on Unix and Unix-like systems, and SIT is a common archive
> format used primarily on Apple Macintosh systems. A specially-crafted
> CPIO or SIT archive scanned by Sophos could exploit these buffer
> overflows and execute arbitrary code with the privileges of 
> the scanning
> process. Some technical details for these vulnerabilities are publicly
> available.
> 
> Status: Sophos confirmed, updates available.
> 
> References:
> Sophos Knowledge Base Article
> http://www.sophos.com/support/knowledgebase/article/17340.html
> Zero Day Initiative Advisories
> http://www.zerodayinitiative.com/advisories/ZDI-06-046.html
> http://www.zerodayinitiative.com/advisories/ZDI-06-045.html
> Wikipedia Article on CPIO archives
> http://en.wikipedia.org/wiki/Cpio
> Wikipedia Article on StuffIt (used to create SIT archives)
> http://en.wikipedia.org/wiki/StuffIt
> SecurityFocus BID
> http://www.securityfocus.com/bid/21563
> 
> ****************************************************************
> 
> (6) MODERATE: Microsoft Visual Studio WMI Object Broker 
> Remote Code Execution (MS06-073)
> Affected:
> Microsoft Visual Studio 2005 Standard and Professional Editions
> Microsoft Visual Studio 2005 Team Suite
> Microsoft Visual Studio 2005 Team Editions for Developers, 
> Architects, and Testers
> 
> Description: A remote code execution vulnerability exists in the WMI
> Object Broker ActiveX control included with certain versions of
> Microsoft Visual Studio. A web page that instantiates this 
> control could
> exploit this vulnerability to execute arbitrary code with the 
> privileges
> of the current user by escaping the normal restrictions of the
> "Internet" security zone normally enforced on ActiveX controls
> instantiated by web pages. Users can mitigate the impact of this
> vulnerability by disabling the vulnerable control via 
> Microsoft's "kill
> bit" mechanism for CLSID "7F5B7F63-F06F-4331-8A26-339E03C0AE3D". It is
> believed that this vulnerability is related to or the same as one
> discussed in an earlier edition of @RISK. That vulnerability is being
> actively exploited in the wild.
> 
> Status: Microsoft confirmed, updates available. 
> 
> Council Site Actions: Most of the reporting council sites are 
> responding
> to this vulnerability. They have either already started the deployment
> process or plan to deploy the update during their next regularly
> scheduled maintenance window.
> 
> References:
> Microsoft Security Bulletin
> http://www.microsoft.com/technet/security/bulletin/ms06-073.mspx
> Zero Day Initiative Advisory
> http://www.zerodayinitiative.com/advisories/ZDI-06-047.html
> Previous @RISK Entry
> http://www.sans.org/newsletters/risk/display.php?v=5&i=44#other1
> Microsoft Knowledge Base Article (details the "kill bit" mechanism)
> http://support.microsoft.com/kb/240797
> SecurityFocus BID
> http://www.securityfocus.com/bid/20843
> 
> ****************************************************************
> 
> (7) MODERATE: Microsoft SNMP Service Memory Corruption 
> Vulnerability (MS06-074)
> Affected:
> Microsoft Windows 2000 SP4
> Microsoft Windows XP SP2
> Microsoft Windows 2003
> 
> Description: The Microsoft SNMP service, used to manage Microsoft
> Windows systems via the Simple Network Management Protocol (SNMP)
> contains a memory corruption vulnerability. By sending a 
> specially SNMP
> request to the affected system, an attacker could exploit this
> vulnerability and execute arbitrary code with SYSTEM privileges. Note
> that the Microsoft SNMP service is not installed by default. Users are
> advised to block UDP port 161 at the network perimeter if 
> possible, and
> use secure SNMP community strings. A working exploit is available to
> members of Immunity Security's partners program.
> 
> Status: Microsoft confirmed, updates available.
> 
> Council Site Actions: Most of the reporting council sites are 
> responding
> to this vulnerability. They have either already started the deployment
> process or plan to deploy the update during their next regularly
> scheduled maintenance window.
> 
> References:
> Microsoft Security Bulletin
> http://www.microsoft.com/technet/security/bulletin/ms06-074.mspx
> Wikipedia Entry on SNMP
> http://en.wikipedia.org/wiki/SNMP
> SecurityFocus BID
> http://www.securityfocus.com/bid/21537
>  
> ****************************************************************
> 
> (8) MODERATE: Microsoft Outlook Express Windows Address Book 
> Buffer Overflow (MS06-076)
> Affected:
> Outlook Express 5.5 SP2
> Outlook Express 6
> 
> Description: Microsoft Outlook Express contains a buffer overflow
> vulnerability in the processing of Windows Address Book (WAB) files.
> These files are used to store addresses and other contact information.
> A specially-crafted WAB file could exploit this vulnerability and
> execute arbitrary code with the privileges of the current user. Note
> that WAB files are generally not configured to open without prompting.
> 
> Status: Microsoft confirmed, updates available.
> 
> Council Site Actions: Most of the reporting council sites are 
> responding
> to this vulnerability. They have either already started the deployment
> process or plan to deploy the update during their next regularly
> scheduled maintenance window.
> 
> References:
> Microsoft Security Bulletin
> http://www.microsoft.com/technet/security/Bulletin/MS06-076.mspx
> Overview of the Microsoft Windows Address Book
> http://msdn.microsoft.com/workshop/wab/overviews/wabovw.asp
> SecurityFocus BID
> http://www.securityfocus.com/bid/21501
> 
> ****************************************************************
> 
> (9) MODERATE: Microsoft Remote Installation Service File 
> Access Vulnerability (MS06-077)
> Affected:
> Windows 2000 SP4
> 
> Description: The Microsoft Remote Installation Service, used 
> to perform
> remote installations of the Windows operating system and other system
> components, contains an insecure file access configuration
> vulnerability. The directory storing the installable files is writable
> by default via the Trivial File Transfer Protocol (TFTP). An
> unauthenticated attacker could upload a malicious file to 
> this directory
> via TFTP; this file would be subsequently installed on 
> systems that use
> the Remote Installation Service. Note that systems would need to be
> configured to download the malicious file to be affected. Users are
> advised to block UDP port 69 at the network perimeter, if possible.
> 
> Status: Microsoft confirmed, updates available.
> 
> Council Site Actions: Only two of the reporting council sites 
> are using
> the affect software.   They plan to distribute the patch during their
> next regularly scheduled maintenance window.
> 
> References:
> Microsoft Security Bulletin
> http://www.microsoft.com/technet/security/bulletin/ms06-077.mspx
> Wikipedia Article on TFTP
> http://en.wikipedia.org/wiki/Trivial_File_Transfer_Protocol
> SecurityFocus BID
> http://www.securityfocus.com/bid/21495
> 
> ****************************************************************
> 
> (10) MODERATE: BitDefender PE File Parsing Engine Integer Overflow
> Affected:
> BitDefender Antivirus and Antivirus Plus
> BitDefender for ISA Server and MS Exchange
> BitDefender Internet Security
> BitDefender Mail Protection for Enterprises
> BitDefender Online Scanner
> 
> Description: Multiple BitDefender products are vulnerable to 
> an integer
> overflow in parsing packed PE (Portable Executable) files. Portable
> Executable files are the standard executable format on 
> Microsoft Windows
> systems. Failure to properly handle certain malformed packed PE files
> can lead to an integer overflow and arbitrary code execution with the
> privileges of the scanning process.
> 
> Status: BitDefender confirmed, updates available. According to
> BitDefender's website, the update was distributed immediately via
> BitDefender's automatic update system, and no user interaction is
> required to install the update.
> 
> References:
> BitDefender Security Advisory
> http://www.bitdefender.com/KB323-en--cevakrnl.xmd-vulnerability.html
> n.runs Security Advisory
> http://www.securityfocus.com/archive/1/454501
> BitDefender Home Page
> http://www.bitdefender.com/
> Wikipedia Article on Portable Executables
> http://en.wikipedia.org/wiki/Portable_Executable
> SecurityFocus BID
> http://www.securityfocus.com/bid/21610
> 
> **********
> Worm
> **********
> 
> (11) Symantec Antivirus Big Yellow/Sagevo Worm
> 
> Description: eEye researchers have discovered a new worm that is
> exploiting a buffer overflow vulnerability in the Symantec 
> Antivirus and
> Client Security software. The overflow being exploited by the Big
> Yellow/Sagevo worm was patched by Symantec in May 2006. Enterprises
> using Symantec AV or Client Security software should apply the patch
> immediately if they have not done so already. In addition, blocking
> access to the port 2967/tcp at the network perimeter will prevent any
> attacks originating from the Internet.
> 
> References:
> eEye's Analysis of Worm Binary
> http://research.eeye.com/html/alerts/AL20061215.html 
> Symantec's Worm Analysis
> http://www.symantec.com/enterprise/security_response/writeup.j
> sp?docid=2006-121309-3331-99&tabid=2 
> Previous @RISK Newsletter Posting
> http://www.sans.org/newsletters/risk/display.php?v=5&i=21#widely2 
> 
> **************************************************************




> 
> 06.50.1 CVE: Not Available
> Platform: Windows
> Title: Sophos Anti-Virus Scanning Engine Veex.DLL Multiple Buffer
> Overflow Vulnerabilities
> Description: Sophos antivirus scanning engine is an antivirus scanning
> engine application available for Microsoft Windows. The application is
> exposed to multiple remote stack-based buffer overflow issues because
> the application fails to bounds check user-supplied data before
> copying it into an insufficiently sized buffer. Versions prior to
> 2.4.0 are affected.
> Ref: http://www.sophos.com/support/knowledgebase/article/17340.html
> ______________________________________________________________________
> 
> 06.50.3 CVE: CVE-2006-5578
> Platform: Windows
> Title: Microsoft Internet Explorer Drag and Drop TIF Folder
> Information Disclosure
> Description: Microsoft Internet Explorer is exposed to an information
> disclosure vulnerability when handling drag and drop operations under
> certain circumstances. Please refer to the link below for further
> details.
> Ref: http://www.microsoft.com/technet/security/bulletin/ms06-072.mspx
> ______________________________________________________________________
> 
> 06.50.4 CVE: CVE-2006-5584
> Platform: Windows
> Title: Windows 2000 Remote Installation Service Remote Code Execution
> Description: Microsoft Windows is prone to a remote code execution
> issue because the Remote Installation Services (RIS) enables a TFTP
> service on the server, allowing an anonymous user to overwrite
> existing operating system files. See the advisory for further details.
> Ref: http://www.microsoft.com/technet/security/Bulletin/MS06-077.mspx
> ______________________________________________________________________
> 
> 06.50.5 CVE: CVE-2006-2386
> Platform: Windows
> Title: Microsoft Outlook Express Windows Address Book Contact Record
> Remote Code Execution
> Description: Microsoft Outlook Express is an email client available
> for various Microsoft platforms. It is exposed to a remote code
> execution issue because it fails to bounds check user-supplied data
> before copying it into an insufficiently sized buffer. Specifically a
> specially-crafted address book could trigger this issue to execute
> arbitrary code in the Windows Address Book (WAB).
> Ref: http://www.microsoft.com/technet/security/Bulletin/MS06-076.mspx
> ______________________________________________________________________
> 
> 06.50.6 CVE: CVE-2006-4702
> Platform: Windows
> Title: Windows Media Player Remote ASF File Buffer Overflow
> Description: Windows Media Player is prone to a buffer overflow
> vulnerability because it fails to properly bounds check user-supplied
> data contained in specially-crafted ASF (Advanced Streaming Format)
> multimedia files. Please see the advisory for further details.
> Ref: http://www.microsoft.com/technet/security/Bulletin/MS06-078.mspx
> ______________________________________________________________________
> 
> 06.50.7 CVE: CVE-2006-5583
> Platform: Windows
> Title: Microsoft Windows SNMP Service Remote Code Execution
> Description: The Simple Network Management Protocol (SNMP) allows
> administrators to remotely manage network devices. The Microsoft
> Windows SNMP service allows incoming SNMP requests to be serviced by
> the local computer. Please refer to the link below for further
> details.
> Ref: http://www.microsoft.com/technet/security/Bulletin/MS06-074.mspx
> ______________________________________________________________________
> 
> 06.50.8 CVE: CVE-2006-5581
> Platform: Windows
> Title: Microsoft Internet Explorer DHTML Script Function Remote Code
> Execution
> Description: Microsoft Internet Explorer is prone to a remote code
> execution vulnerability that is related to how the browser renders
> DHTML script functions on nonexistent DHTML elements. Please see the
> advisory for further details.
> Ref: http://www.microsoft.com/technet/security/bulletin/ms06-072.mspx
> ______________________________________________________________________
> 
> 06.50.9 CVE: CVE-2006-5585
> Platform: Windows
> Title: Microsoft Windows Manifest File Privilege Escalation
> Description: Microsoft Windows is exposed to a local privilege
> escalation issue because the software fails to properly process and
> manage file manifests. Microsoft Windows XP Service Pack 2 and
> Microsoft Windows Server 2003 are affected.
> Ref: http://www.microsoft.com/technet/security/Bulletin/MS06-075.mspx
> ______________________________________________________________________
> 
> 06.50.10 CVE: CVE-2006-6456
> Platform: Microsoft Office
> Title: Microsoft Word Unspecified Code Execution
> Description: Microsoft Word is exposed to a remote code execution
> issue because the application fails to handle maliciously crafted
> Microsoft Word files that contain excessive string values. Word 2000,
> 2002, 2003 and Word Viewer 2003 are affected.
> Ref: http://www.kb.cert.org/vuls/id/166700
> http://www.securityfocus.com/bid/21518/info
> ______________________________________________________________________
> 
> 06.50.11 CVE: Not Available
> Platform: Microsoft Office
> Title: Microsoft Word Code Execution
> Description: Microsoft Word is exposed to a remote code execution
> vulnerability because the application fails to handle maliciously
> crafted Microsoft Word files that contain excessive string values.
> This issue arises due to a memory corruption vulnerability.
> Ref: http://www.securityfocus.com/bid/21589
> ______________________________________________________________________
> 
> 06.50.12 CVE: CVE-2006-5579
> Platform: Other Microsoft Products
> Title: Microsoft Internet Explorer Script Error Handling Remote Code
> Execution
> Description: Microsoft Internet Explorer is prone to a remote code
> execution issue due to an error within the exception handling.
> Microsoft Internet Explorer 6.0 and prior are affected. See the
> advisory for further details.
> Ref: http://www.us-cert.gov/cas/techalerts/TA06-346A.html
> http://secunia.com/secunia_research/2006-58/advisory/
> http://support.avaya.com/elmodocs2/security/ASA-2006-273.htm
> ______________________________________________________________________
> 
> 06.50.14 CVE: CVE-2006-5645
> Platform: Third Party Windows Apps
> Title: Multiple Trend Micro Antivirus RAR Archive Remote Denial of
> Service
> Description: Trend Micro provides antivirus and software security
> applications. These applications are exposed to remote denial of
> service issues because they fail to properly handle file types,
> resulting in excessive consumption of system resources. Trend Micro
> Server Protect version 5.58, Trend Micro PC Cillin - Internet Security
> 2006 and Trend Micro Office Scan version 7.3 are affected.
> Ref: http://www.trendmicro.com/en/home/us/home.htm
> ______________________________________________________________________
> 
> 
> 06.50.20 CVE: CVE-2006-5649, CVE-2006-5871
> Platform: Linux
> Title: Linux Kernel Multiple Vulnerabilities
> Description: Linux Kernel is exposed to multiple issues that allow
> attackers to cause a kernel panic because the alignment doesn't check
> for errors except "-EFAULT". This allows attackers to carry out
> various attacks. Linux Kernel versions 2.6.8 and prior versions are
> reported to be affected.
> Ref: http://www.kernel.org/
> ______________________________________________________________________
> 
> 
> 06.50.27 CVE: Not Available
> Platform: Linux
> Title: Linux Kernel Do_Coredump Security Bypass
> Description: Linux Kernel is vulnerable to an issue that can allow
> local unauthorized attackers to modify certain files.  This is due to
> a design error with the "do_coredump()" function of the "fx/exec.c"
> file. Linux Kernel versions prior to 2.6.19.1 are vulnerable.
> Ref: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.19.1
> ______________________________________________________________________
> 
> 06.50.28 CVE: CVE-2006-6474
> Platform: Linux
> Title: McAfee VirusScan For Linux Insecure DT_RPATH Remote Code
> Execution
> Description: McAfee VirusScan For Linux is prone to a remote code
> execution vulnerability because the application incorrectly includes
> the current directory when it looks for a file. If the current
> directory has a malicious Extended Link and Format DSO file, then the
> affected application will perform a VirusScan on the file, triggering
> this issue. Version 4510e and prior are reportedly vulnerable.
> Ref: http://www.securityfocus.com/bid/21592/info
> ______________________________________________________________________
> 
> 06.50.30 CVE: Not Available
> Platform: Solaris
> Title: Sun Solaris LD.SO Multiple Local Vulnerabilities
> Description: Solaris "ld.so" component is prone to multiple
> vulnerabilities. A local directory traversal vulnerability resides in
> ld.so due to inadequate sanitization of user-supplied data to the
> "LANG" environmental variables. A local stack-based buffer overflow
> vulnerability resides in the ld.so internal "doprf()" function due to
> inadequate bounds checking of precision padding characters when
> printing a numerical format specifier.
> Ref:
> http://sunsolve.sun.com/search/document.do?assetkey=1-26-10272
> 4-1&searchclause=
> ______________________________________________________________________
> 
> 06.50.31 CVE: CVE-2006-5874
> Platform: Cross Platform
> Title: Clam Anti-Virus MIME Attachments Denial of Service
> Description: Clam Anti-Virus (ClamAV) is an anti-virus application for
> Windows and UNIX like operating systems. It is exposed to a denial of
> service issue because it fails to handle certain file types.
> Specifically, the vulnerability exists when the application processes
> base64-encoded MIME attachments. This results in a NULL pointer
> dereference crashing the affected application. ClamAV versions prior
> to 0.88.4-2 are affected.
> Ref: http://www.securityfocus.com/archive/1/453968
> ______________________________________________________________________
> 
> 06.50.32 CVE: CVE-2006-6379
> Platform: Cross Platform
> Title: CA Multiple BrightStor ARCserve Backup Discovery Service Remote
> Buffer Overflow
> Description: Computer Associates (CA) BrightStor ARCserve Backup
> products provide backup and restore protection for multiple platforms.
> It is affected by an unspecified remote buffer overflow vulnerability
> that may allow an attacker to execute arbitrary code on a vulnerable
> computer with SYSTEM privileges or cause a denial of service
> condition. Multiple products and versions are affected.
> Ref:
> http://www3.ca.com/blogs/posting.aspx?id=90744&pid=96149&date=2006/12
> ______________________________________________________________________
> 
> 06.50.84 CVE: CVE-2006-6305
> Platform: Network Device
> Title: Net-SNMP SNMPD.Conf Tokens Security Restriction Bypass
> Description: The Net-SNMP package provides tools and libraries
> relating to the Simple Network Management Protocol. This application
> is exposed to a security restriction bypass issue. Net-SNMP version
> 5.3 is affected.
> Ref: http://www.net-snmp.org/
> ______________________________________________________________________
> 
> 06.50.85 CVE: Not Available
> Platform: Hardware
> Title: D-Link DWL-2000AP+ ARP Handling Multiple Remote Denial of
> Service Vulnerabilities
> Description: D-Link DWL-2000AP+ is an 802.11b-compatible wireless
> access point. The device is exposed to denial of service issues.
> DWL-200AP+ Firmware version 2.11 is affected.
> Ref: http://www.securityfocus.com/bid/21541
> ______________________________________________________________________
> 
> (c) 2006.  All rights reserved.  The information contained in this
> newsletter, including any external links, is provided "AS IS," with no
> express or implied warranty, for informational purposes only.  In some
> cases, copyright for material in this newsletter may be held 
> by a party
> other than Qualys (as indicated herein) and permission to use such
> material must be requested from the copyright owner.
> 
> Subscriptions: @RISK is distributed free of charge to people 
> responsible
> for managing and securing information systems and networks. You may
> forward this newsletter to others with such responsibility inside or
> outside your organization.
> 
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.6 (GNU/Linux)
> 
> iD8DBQFFhvfn+LUG5KFpTkYRAgbsAKCRiFjfo0Oy+Z1VzBo57pNbJHtAXwCgiVh+
> zM9pfM8et6pRZiEFSNgHp6c=
> =1HET
> -----END PGP SIGNATURE-----
> 



 




Copyright © Lexa Software, 1996-2009.