SecurityFocus Microsoft Newsletter #117

SecurityFocus Microsoft Newsletter #117

This issue is sponsored by: Qualys

Strengthening Network Security: FREE Guide Network security is a constantly moving target - even proven solutions lose their punch over time. Find out how to get COMPLETE PROTECTION against ever-growing security threats with our FREE new Guide.

Get your copy today at: https://www.qualys.com/forms/nsguideh_376.php

I. FRONT AND CENTER

1. Securing Outlook, Part One: Initial Configuration
2. Drop that E-Book or I'll Shoot!
3. A Year-end Mailbag
4. SecurityFocus DPP Program
5. InfoSec World Conference and Expo/2003 (March 10-12, 2003,Orlando, FL) II. MICROSOFT VULNERABILITY SUMMARY
6. Sapio WebReflex Directory Traversal Vulnerability
7. vBulletin HTML Injection Vulnerability
8. Mollensoft Software Enceladus Server Suite Directory Traversal...
9. Kunani FTP File Disclosure Vulnerability
10. Mollensoft Software Enceladus Server Suite CD Buffer Overflow...
11. myServer File Disclosure Vulnerability III. MICROSOFT FOCUS LIST SUMMARY
12. IIS 4 Security (Thread)
13. ISM Permissions? (Thread)
14. FW: /Rpc virtual directory in IIS - How did it get there? (Thread)
15. SecurityFocus Microsoft Newsletter #116 (Thread)
16. /Rpc virtual directory in IIS - How did it get there? (Thread)
17. issues with syskey in NT 4.0 (Thread) IV. NEW PRODUCTS FOR MICROSOFT PLATFORMS
18. AiS AliveProxy Professional
19. eTrust Intrusion Detection Log View
20. LogCaster
21. NEW TOOLS FOR MICROSOFT PLATFORMS
22. 007 SafetyNet 1.0
23. Password Policy Enforcer v3.5
24. QuarantineAttachment v1.0 VI. SPONSOR INFORMATION
25. FRONT AND CENTER

    ---

26. Securing Outlook, Part One: Initial Configuration By Scott Granneman

Millions of Outlook users around the world, in homes, organizations, and businesses, have had to face the insecurities inherent in their email program, sometimes painfully. This article is the first of a two-part article that will examine ways that Outlook users can secure their email client.

http://online.securityfocus.com/infocus/1648

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

2. Drop that E-Book or I'll Shoot!
By Mark Rasch

Last Thursday federal prosecutors wrapped up their direct case against Russian software company ElcomSoft for creating and distributing software that would "crack" Adobe's proprietary software designed to prevent copying of electronic books - the defense will argue their side this week.

http://online.securityfocus.com/columnists/128

3. A Year-end Mailbag
By George Smith

"Why are you rambling?," and other feedback received by your anti-virus columnist.

http://online.securityfocus.com/columnists/130

4. SecurityFocus DPP Program

Attention Universities!! Sign-up now for preferred pricing on the only global early-warning system for cyber attacks - SecurityFocus DeepSight Threat Management System.

Do you need more help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Click here for more information:
http://www.securityfocus.com/corporate/products/dpsection.shtml

5. InfoSec World Conference and Expo/2003 (March 10-12, 2003, Orlando, FL)

Optional Workshops March 8, 9, 12, 13, & 14 Vendor Expo March 10 & 11

Solutions to today’s security concerns; hands-on experts; blockbuster vendor expo; the CISO Executive Summit; invaluable networking opportunities. InfoSec World has it all!

Go to: http://www.misti.com/10/os03nl37inf.html

II. BUGTRAQ SUMMARY

1. Sapio WebReflex Directory Traversal Vulnerability BugTraq ID: 6327 Remote: Yes Date Published: Dec 06 2002 12:00AM Relevant URL: http://www.securityfocus.com/bid/6327 Summary:

WebReflex is a software package designed to operate a HTTP server off a cdrom, providing web hosting on Microsoft Windows systems. This webserver is intended for use on such systems as Windows 95 and Windows 98. It is written and maintained by Sapio Design Ltd.

It has been reported that WebReflex fails to properly sanitize web requests. By sending a malicious web request to the vulnerable server, using directory traversal sequences, it is possible for a remote attacker to access sensitive resources located outside of the web root.

Can we help you?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

An attacker is able to traverse outside of the established web root by using dot-dot-slash (../) directory traversal sequences. An attacker may be able to obtain any web server readable files from outside of the web root directory.

Disclosure of sensitive system files may aid the attacker in launching further attacks against the target system.

This vulnerability was reported for WebReflex 1.53. It is not known whether other versions are affected.

2. vBulletin HTML Injection Vulnerability BugTraq ID: 6337
Remote: Yes
Date Published: Dec 09 2002 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/6337
Summary:

vBulletin is commercial web forum software written in PHP and back-ended by a MySQL database. It will run on most Linux and Unix variants, as well as Microsoft operating systems.

Problems with vBulletin could make it possible for an attacker to inject arbitrary HTML in vBulletin forum messages.

vBulletin does not sufficiently filter potentially malicious HTML code from posted messages. As a result, when a user chooses to view a message posting that contains malicious HTML code, the code contained in the message would be executed in the browser of the vulnerable user. This will occur in the context of the site hosting the vBulletin forum software.

Attackers may potentially exploit this issue to manipulate web content or to steal cookie-based authentication credentials. It may be possible to take arbitrary actions as the victim user.

Can't find what you're looking for?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

This vulnerability was reported for vBulletin 2.2.7 and 2.2.8. It is not known whether other versions are affected.

3. Mollensoft Software Enceladus Server Suite Directory Traversal Vulnerability BugTraq ID: 6338
Remote: Yes
Date Published: Dec 09 2002 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/6338
Summary:

Enceladus Server Suite is a Web and FTP server designed for use with Microsoft Windows operating systems.

It has been reported that Enceladus fails to properly sanitize web requests. By sending a malicious web request to the vulnerable server, using directory traversal sequences, it is possible for a remote attacker to view and download sensitive resources located outside of the web root.

An attacker is able to traverse outside of the established web root by using dot-dot-slash (../) directory traversal sequences. An attacker may be able to obtain any web server readable files from outside of the web root directory.

Disclosure of sensitive system files may aid the attacker in launching further attacks against the target system.

This vulnerability was reported for Enceladus Server Suite 2.6.1. It is not known whether other versions are affected.

4. Kunani FTP File Disclosure Vulnerability BugTraq ID: 6355
Remote: Yes
Date Published: Dec 10 2002 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/6355
Summary:

Don't know where to look next?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Kunani FTP is a publically available server which uses any ODBC compatible datasource to authenticate users/passwords. It is available for the Microsoft Windows Operating system.

A vulnerability has been discovered in Kunani FTP server. By passing a malicious request containing dot-dot-slash (../) directory traversal sequences, it is possible for a remote attacker to access arbitrary system files outside of FTP directories. Information gathered through successful exploitation of this vulnerability may aid an attacker in launching further attacks against a target system.

This issue was discovered in Kunani FTP server 1.0.10. It is not known whether other versions are affected.

5. Mollensoft Software Enceladus Server Suite CD Buffer Overflow Vulnerability BugTraq ID: 6345
Remote: Yes
Date Published: Dec 09 2002 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/6345
Summary:

Enceladus Server Suite is a Web and FTP server designed for use with Microsoft Windows operating systems.

Enceladus Server Suite is prone to a remotely exploitable buffer overflow vulnerability. It is possible to trigger this condition by supplying an overly long value for the FTP change directory (CD) command. The issue is due to insufficient bounds checking of the vulnerable FTP command. By triggering this condition an attacker may corrupt process memory, including stack variables such as the return address, with attacker-supplied data. Given the ability to corrupt memory with attacker-supplied data, it is possible for an attacker to cause the execution of arbitrary code.

To exploit this issue, the attacker must be able to authenticate to the FTP server included in Enceladus and issue a maliciously crafted CD command.

Successful exploitation will enable a remote attacker to execute arbitrary code with the privileges of the Enceladus Server Suite software, which will most likely run with SYSTEM (or equivalent) privileges. This vulnerability may also be used to cause a denial of service.

Confused? Frustrated?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

This issue has been reported for Enceladus Server Suite 3.9. Other versions may also be affected.

6. myServer File Disclosure Vulnerability BugTraq ID: 6359
Remote: Yes
Date Published: Dec 11 2002 12:00AM
Relevant URL:
http://www.securityfocus.com/bid/6359
Summary:

myServer is a freely available Web server designed for use with Microsoft Windows operating systems.

It has been reported that myServer fails to properly sanitize web requests. By exploiting this issue, an attacker is able to traverse outside of the established web root by using dot-dot-slash (../) directory traversal sequences. An attacker may be able to obtain any web server readable files from outside of the web root directory.

Disclosure of sensitive system files may aid the attacker in launching further attacks against the target system.

This vulnerability was reported for myServer 0.2 and earlier.

III. MICROSOFT FOCUS LIST SUMMARY

1. IIS 4 Security (Thread) Relevant URL:

http://online.securityfocus.com/archive/88/303276

Call Pantek today for Open Source Technical Support at 1-877-546-8934 - 24/7/365

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

2. ISM Permissions? (Thread)
Relevant URL:

http://online.securityfocus.com/archive/88/302989

3. FW: /Rpc virtual directory in IIS - How did it get there? (Thread) Relevant URL:

http://online.securityfocus.com/archive/88/302613

4. SecurityFocus Microsoft Newsletter #116 (Thread) Relevant URL:

http://online.securityfocus.com/archive/88/302608

5. /Rpc virtual directory in IIS - How did it get there? (Thread) Relevant URL:

http://online.securityfocus.com/archive/88/302565

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

6. issues with syskey in NT 4.0 (Thread) Relevant URL:

http://online.securityfocus.com/archive/88/302385

IV. NEW PRODUCTS FOR MICROSOFT PLATFORMS

1. AiS AliveProxy Professional by AtomInterSoft Platforms: Windows 2000, Windows 95/98, Windows NT Relevant URL: http://www.atomintersoft.com/products/alive-proxy/ Summary:

AiS AliveProxy Pro extracts proxy servers addresses from specified Internet pages, or files, checks the type (transparent or anonymous), and measures connection speed, tracerout and timeout. Result of its work is a list of "alive" proxies, without duplicates. High-efficiency multy-threaded engine allow you to check more than 100 proxy per second. High-speed export proxy from URLs or files. Export/Import data from/to XML,Excel, TXT, HTML, RTF

2. eTrust Intrusion Detection Log View
by Computer Associates International, Inc. Platforms: Windows 95/98, Windows NT
Relevant URL:
http://www.cai.com/solutions/enterprise/etrust/intrusion_detection/product_info/sw3_log_view.htm Summary:

The eTrust Intrusion Detection Log View is designed to allow you to target a specific archive database and subsequently browse and view the details of usage over an extended period of time. It allows the consolidation of multiple eTrust Intrustion Detection's session information in a relational database. The system includes the database front end and distributed collection components that are invoked by events in eTrust Intrustion Detection based on eTrust Intrustion Detection rules.

3. LogCaster
by Ripple Technologies, Inc.
Platforms: Windows 2000, Windows NT
Relevant URL:
http://www.rippletech.com/main.php
Summary:

RippleTech LogCaster is a Windows NT and Windows 2000 Systems and Applications management software that provides an all-in-one solution for real-time application, server and Windows NT/2000 monitoring. Through a central console, RippleTech LogCaster allows network administrators to efficiently monitor and manage their environment by utilizing pre-configured application templates for Microsoft Exchange Server, SQL Server, Internet Information Server and Citrix MetaFrame. In addition, RippleTech LogCaster monitors NT/2000 event logs, services, performance counters, ASCII logs, TCP/IP devices and security parameters.

Do you need more help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

V. NEW TOOLS FOR MICROSOFT PLATFORMS

1. 007 SafetyNet 1.0 by WebGrip, Inc Relevant URL: http://www.sitecensor.com/ Platforms: Windows NT Summary:

SafetyNet was designed for parents, educators, and employers who need to ensure that their computers and networks are not compromised, either intentionally or not, by exposure to web sites, pictures, or software that they find objectionable.

2. Password Policy Enforcer v3.5
by ANIXIS
Relevant URL:
http://www.anixis.com/products/ppe
Platforms: Windows 2000, Windows NT, Windows XP Summary:

Password Policy Enforcer allows network administrators to create and enforce a password policy. A password policy ensures that users are choosing strong (difficult to crack) passwords. PPE checks every new password for compliance with the policy. Passwords that do not comply with the policy are rejected. PPE also displays password policy messages that help users to choose compliant passwords without having to call the helpdesk for assistance.

3. QuarantineAttachment v1.0
by John Conover john@email.johncon.com
Relevant URL:
http://www.johncon.com/john/QuarantineAttachments/ Platforms: Windows 2000, Windows 95/98, Windows NT, Windows XP Summary:

QuarantineAttachment is a short procmail(1) script to quarantine e-mail with potentially malicious Outlook attachments.

VI. SPONSOR INFORMATION

Strengthening Network Security: FREE Guide Network security is a constantly moving target - even proven solutions lose their punch over time. Find out how to get COMPLETE PROTECTION against ever-growing security threats with our FREE new Guide.

Can we help you?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Get your copy today at: https://www.qualys.com/forms/nsguideh_376.php