Vulnerabilitati

Multiple Anti-virus software evasion

Data: 18.10.2004

Produse afectate:
McAfee,
Computer Associates,
Kaspersky,
Sophos,
Eset,
RAV

Produsele sunt vulnerabile la un evasion attack atacatorul fiind capabil  sa "incarce" o arhiva ZIP cu un cod care sa scape la scanare antivirusului. Unii AV nu vor scana fisiere care indica in header o dimensiune de 0 KB. Decomprimarea unei arhive ZIP nu este afectata de informatia din header.

Companiile au fost notificate si toate, cu exceptia, RAV au luat masuri. Fiecare cum s-a priceput mai bine.

Detalii: Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability

Internet Explorer IFRAME Buffer Overflow Vulnerability

Data: 02.11.2004

Severity: Extremely critical (Secunia)

Produse afectate:
Internet Explorer 6.0 on Windows XP SP1 (fully patched).
Internet Explorer 6.0 on Windows 2000 (fully patched).

Detalii: http://secunia.com/advisories/12959/

Solutii:
- instalare XP Service Pack 2
- folosirea unui browser alternativ

Microsoft Security Bulletin Advance Notification Announcement

Incepand cu aceasta luna MS anunta cu cateva zile inainte numarul update-urilor care pot apare, severity rating anticipata si produsele care ar putea fi afectate.

Prima notificare:  Microsoft Security Bulletin Advance Notification - 04.11.2004

Urmatorul update: 09.11.2004
ISA Server - maximum severity rating = Important

Zvonuri despre 10 vulnerabilitati in XP SP2

Ten SP2 flaws leave XP users open to hackers

Ten New Security Holes in Windows XP SP2 ?

Bofra/IFrame Exploits on More Web Sites

Bofra worm

Vizitarea site-urilor afectate cu browserul Internet Explorer duce la downlodarea exploitului.

Nu exista un patch in prezent pentru aceasta vulverabilitate: Internet Explorer IFRAME Buffer Overflow Vulnerability (vezi postul din 03.11)

Se pare ca mai degraba serverele care posteaza reclame sunt afectate si nu site-urile.

In prezent se cunosc cateva site-uri europene afectate.

MyDoom.AG si MyDoom.AH exploateaza aceasta vulnerabilitate. (vezi Noi variante MyDoom exploateaza IFRAME Vulnerability

Detalii despre vulnerabilitate: Internet Explorer IFRAME Buffer Overflow Vulnerability

Severitate: Extremely critical (nu cere nici o actiune din partea utilizatorului)

Solutii:
- folosirea unui browser alternativ, pana cand MS va scoate un patch
- instalarea Windows XP SP2


Noi vulnerabilitati in Internet Explorer

Produse afectate: Internet Explorer SP2

Detalii: Microsoft Internet Explorer Two Vulnerabilities

Severitate: Moderately critical (cere o actiune din partea utilizatorului)

Edited by cryo, 21 November 2004 - 13:39.

MultiPlatform/MultiBrowser Java Vulnerability

Versiuni afectate:
1.4 - toate in afara de 1.4.2_06
1.3 - toate mai mici de 1.3.1_13

Platforme:
Solaris
Windows
Linux

Solutii: update Java Runtime Environment (JRE) si SDK

J2SE v 1.4.2_06  JRE
http://java.sun.com/...2/download.html

Daca aveti JRE 1.4.2._05 nu incercati deocamdata cu Automatic Update ca nu aveti nici o sansa . Veti primi raspuns ca JRE e up-to-date  

Detalii: untrusted Java applets pot avea acces la portiuni din Java plug-in la care in mod normal nu ar trebui sa aiba acces.

Sun Alert: http://sunsolve.sun....ey=1-26-57591-1

Edited by cryo, 24 November 2004 - 20:28.

Winamp Vulnerability

Versiuni afectate: cel putin 5.05 si 5.06

Severitate: Highly critical (Secunia)
Exploitul este deja public.

Solutii:
eliminati asocierea extensiilor .cda si .m3u cu Winamp pana la aparitia unui patch

Detalii: http://secunia.com/advisories/13269/

Daca nu mai dezvolta programul,oare vor mai scoate un patch ?

Nulsoft spune ca rezolvat problema in versiunea 5.06, dar se pare ca nu e asa. Probabil ca va apare in curand un alt patch.

Daca imi aduc bine aminte Adobe a fost anul asta intr-o situatie similara si au mai scos un patch.

Xpire/Splitinfinity.info Server Hack
Malware injection care profita de IFRAMES vulnerability

Istoria se repeta. Acest atac a fost similar cu Download_Ject, dar de data asta pentru Apache / Linux / Unix. Unele servere inca mai sunt infectate.

Un studiu aici: http://www.vitalsecu...g/sp2phase2.htm

Critical Update - Winamp 5.07

Lite version:
http://download.null...amp507_lite.exe

Full version:
http://download.null...amp507_full.exe

Pro version:
http://download.null...namp507_pro.exe

Bundle version:
http://download.null..._silvertide.exe

Detalii: http://secunia.com/advisories/13269/ - Winamp "IN_CDDA.dll" Buffer Overflow Vulnerability

Recomandare: instalati updateul imediat

Microsoft Security Bulletin Summary for December, 2004
14.12.2004

http://www.microsoft...n/ms04-dec.mspx

Maximum Severity Rating: Important

Din nou Windows

Vacanta linistita ?  

Severitate: Critical

1. Buffer overflow in LoadImage API

Detalii: fisiere .bmp, .C.U.R. (nu pot sa scriu altfel ca se modifica in fund ) , .ico, si .ani pot fi exploatate via HTML (site web sau email). Vulnerabilitatea poate fi folosita pentru a executa un cod.

Produse afectate: NT/2000/2003/XP


2. Heap overflow in winhlp32.exe

Produse afectate: NT/2000/2003/XP, probabil si XP SP2

Edited by cryo, 24 December 2004 - 12:58.

WINS Server Vulnerability exploatata

Microsoft Security Bulletin MS04-045

Produse afectate:
Microsoft Windows NT Server 4.0 Service Pack 6a
Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6
Microsoft Windows 2000 Server Service Pack 3
Microsoft Windows 2000 Server Service Pack 4
Microsoft Windows Server 2003
Microsoft Windows Server 2003 64-Bit Edition

Detalii:
http://isc.sans.org/...date=2005-01-03
http://www.techweb.c...curity/56900363

Microsoft Security Bulletin Advance Notification Announcement

Pregatiti-va pentru marti, 11 ianuarie.  

Quote

Analysis of the Troj/Winser-A Malware

Troj/Winser-A se raspandeste via WINS Server Vulnerability:
http://www.unixwiz.n...h/winser-a.html

Edited by cryo, 08 January 2005 - 12:14.

Marti 11 ianuarie, trei petice de la MS

Windows Security Updates Summary for January 2005

Microsoft Security Bulletin MS05-001
Vulnerability in HTML Help Could Allow Code Execution (890175)
Maximum Severity Rating: Critical

Microsoft Security Bulletin MS05-002
Vulnerability in Cursor and Icon Format Handling Could Allow Remote Code Execution (891711)
Maximum Severity Rating: Critical

Microsoft Security Bulletin MS05-003
Vulnerability in the Indexing Service Could Allow Remote Code Execution (871250)
Maximum Severity Rating: Important

Marti 08.02.2005. Windows lanseaza noi update-uri de securitate.

Security Bulletin MS05-004
Maximum severity: Important (What is maximum severity?)
Update number: 887219 (What is an update number?)
Supported software affected:• Microsoft .NET Framework 1.1 (all versions)
• Microsoft .NET Framework 1.0 Service Pack 3 (SP3) and SP2
Technical bulletin: aici


Security Bulletin MS05-006
Maximum severity: Moderate
Update number: 887981
Supported software affected:• Windows SharePoint Services for Windows Server 2003
Technical bulletin: aici


Security Bulletin MS05-007
Maximum severity: Important
Update number: 888302
Supported software affected:• Windows XP SP2 and SP1
• Windows XP 64-Bit Edition SP1 (Itanium)
Technical bulletin: aici


Security Bulletin MS05-008
Maximum severity: Important
Update number: 890047
Supported software affected:• Windows XP SP2 and SP1
• Windows XP 64-Bit Edition SP1 (Itanium)
• Windows XP 64-Bit Edition Version 2003 (Itanium)
• Windows 2000 SP4 and SP3
• Windows Server 2003
• Windows Server 2003 for 64-Bit Itanium-based Systems
Technical bulletin: aici


Security Bulletin MS05-009
Maximum severity: Critical
Update number: 890261
Supported software affected:• Windows Media Player 9 on Windows XP, Windows 2000, or Windows Server 2003
• Windows XP 64-Bit Edition SP1 running Windows Messenger
• Windows XP 64-Bit Edition Version 2003 running Windows Messenger
• Windows Millennium Edition (Windows Me), Windows 98 Second Edition (SE), and Windows 98
Note  Updates for Windows Me, Windows 98 SE, and Windows 98 are being made available under extended support for critical security issues. • Windows Messenger 4.7.2009 on Windows XP SP1 and Windows XP
• Windows Messenger 4.7.3000 on Windows XP SP2
• Windows Messenger 5.0
Technical bulletin: aici


Security Bulletin MS05-010
Maximum severity: Critical
Update number: 885834
Supported software affected:• Windows NT Server 4.0 SP6a
• Windows NT Server 4.0, Terminal Server Edition SP6
• Windows 2000 Server SP4 and SP3
• Windows Server 2003
• Windows Server 2003 for 64-Bit Itanium-based Systems
Technical bulletin: aici


Security Bulletin MS05-011
Maximum severity: Critical
Update number: 885250
Supported software affected:• Windows XP SP2 and SP1
• Windows XP 64-Bit Edition SP1 (Itanium)
• Windows XP 64-Bit Edition Version 2003 (Itanium)
• Windows 2000 SP4 and SP3
• Windows Server 2003
• Windows Server 2003 for 64-Bit Itanium-based Systems
Technical bulletin: aici


Security Bulletin MS05-012
Maximum severity: Critical
Update number: 873333
Supported software affected:• Windows XP SP2 and SP1
• Windows XP 64-Bit Edition SP1 (Itanium)
• Windows XP 64-Bit Edition Version 2003 (Itanium)
• Windows 2000 SP4 and SP3
• Windows Server 2003
• Windows Server 2003 for 64-Bit Itanium-based Systems
• Office XP Service Pack 3 (SP3), Office XP SP2, and Office XP
Note  Office XP includes Outlook 2002, Word 2002, Excel 2002, PowerPoint 2002, FrontPage 2002, Publisher 2002, and Access 2002 • Office 2003 SP1 and Office 2003
Note  Office 2003 includes Outlook 2003, Word 2003, Excel 2003, PowerPoint 2003, FrontPage 2003, Publisher 2003, Access 2003, InfoPath 2003, and OneNote 2003 • Exchange 2000 Server Service Pack 3 (SP3)
• Exchange Server 2003 and Exchange Server 2003 SP1
• Exchange Server 5.0 SP2
• Exchange Server 5.5 SP4
Technical bulletin: aici


Security Bulletin MS05-013
Maximum severity: Critical
Update number: 891781
Supported software affected:• Windows XP SP2 and SP1
• Windows XP 64-Bit Edition SP1 (Itanium)
• Windows XP 64-Bit Edition Version 2003 (Itanium)
• Windows 2000 SP4 and SP3
• Windows Server 2003
• Windows Server 2003 for 64-Bit Itanium-based Systems
• Windows Me, Windows 98 SE, and Windows 98
Note  Updates for Windows Me, Windows 98 SE, and Windows 98 are being made available under extended support for critical security issues.
Technical bulletin: aici


Security Bulletin MS05-014
Maximum severity: Critical
Update number: 867282
Supported software affected:• Internet Explorer 6 SP1 on Windows XP SP1, on Windows XP, or on Windows 2000 SP4 or SP3
• Internet Explorer 6 SP1 on Windows Me, on Windows 98 SE, or on Windows 98
Note  Updates for Windows Me, Windows 98 SE, and Windows 98 are being made available under extended support for critical security issues. • Internet Explorer 6 for Windows XP SP1 (64-Bit Edition)
• Internet Explorer 6 for Windows Server 2003
• Internet Explorer 6 for Windows Server 2003 64-Bit Edition and Windows XP 64-Bit Edition Version 2003
• Internet Explorer 6 for Windows XP SP2
• Internet Explorer 5.5 SP2 on Windows Me
Note  This update is being made available under extended support for critical security issues. • Internet Explorer 5.01 SP4 on Windows 2000 SP4
• Internet Explorer 5.01 SP3 on Windows 2000 SP3
Technical bulletin: aici


Security Bulletin MS05-015
Maximum severity: Critical
Update number: 888113
Supported software affected:• Windows XP SP2 and SP1
• Windows 2000 SP4 and SP3
• Windows XP 64-Bit Edition SP1 (Itanium)
• Windows XP 64-Bit Edition Version 2003 (Itanium)
• Windows Server 2003
• Windows Server 2003 for 64-Bit Itanium-based Systems
• Windows Me, Windows 98 SE, and Windows 98
Note  Updates for Windows Me, Windows 98 SE, and Windows 98 are being made available under extended support for critical security issues.
Technical bulletin: aici

Download placut!

Edited by google, 09 February 2005 - 19:09.