p2pnet.net News:- Good news for companies offering fixes for the ever-growing list of security ‘vulnerabilities which plague IT communities around the world, bad news for their customers.

And bad news for Microsoft and, in the world of corporate online music, for iTunes, RealNetworks and AOL’s WinAmp.

More than 600 new Net security holes were discovered by the SANS Institute and a team of industry and government experts during the first quarter of this year.

The SANS group identified the most dangerous vulnerabilities posing, “critical risks that need to be addressed through patching and other defensive actions,” it says.

“Individuals and organizations that do not correct these problems face a heightened threat that remote, unauthorized hackers will take control of their computers and use them for identity theft, for industrial espionage, or for distributing spam or pornography.”

The new dangers are selected from data compiled for @RISK, the free, weekly vulnerability summary issued by SANS to security professionals and represent vulnerabilities discovered or patched during the first quarter of calendar year 2005.

Read on >>>>>>>>>>>>>>>>>>>>>>>>

The Most Critical New Vulnerabilities Discovered or Patched During the First Quarter of 2005Principal Investigator: Rohit Dhamankar
Co-investigators: Gerhard Eschelbeck, Marcus Sachs, Johannes Ullrich

MICROSOFT

Software affected: Microsoft Internet Explorer
Systems affected: Desktops, laptops, and servers running any version of Windows
Vulnerabilities (material in parentheses refers to the relevant Microsoft security bulletin)

• Microsoft DHTML Edit ActiveX Remote Code Execution (MS05-013)
• Microsoft Cursor and Icon Handling Overflow (MS05-002)
• Microsoft HTML Help ActiveX Control Cross Domain Vulnerability (MS05-001)
• Vulnerabilities in Internet Explorer patched by MS05-014and MS05-008

Risk: Computers with these vulnerabilities can have spyware, keystroke loggers, and remote control software installed on their systems when the user visits any web sites that have been programmed to exploit the vulnerabilities.

Software affected: Microsoft Windows Media Player, Windows Messenger, and MSN Messenger
Systems affected: Windows desktops and laptops.
Vulnerability: Microsoft PNG File Processing (MS05-009)
Risk: Computers with these vulnerabilities can be taken over if the user downloads a malicious media file from a Web site or opens a malicious picture while using MSN or Windows Messenger.

Software affected: Microsoft Windows XP Service Pack 1 and 2, Windows 2000 Service Pack 3 and 4, and Windows Server 2003
Systems affected: Laptops, desktops, and servers on Windows networks.
Vulnerability: Microsoft Server Message Block (SMB) (MS05-011)
Risk: Computers with this vulnerability can be completely compromised by an attacker running a malicious server.

Software affected: Microsoft Windows Server 2003, Windows 2000 Server Service Pack 3 and 4. Windows NT Server 4.0 Service Pack 6a, and NT Terminal Server Edition Service Pack 6
Systems affected: Servers on Windows networks.
Vulnerability: Windows License Logging Service Overflow (MS05-010)
Risk: Computers with this vulnerability can be completely taken by a malicious user who sends special packets to the machine.

Software affected: Windows NT and Windows 2000 (SP2 or earlier) Domain Name Service servers; Symantec Gateway Security, Enterprise Firewall, and VelociRaptor Products
Systems affected: Directly, certain servers running address-resolution service; indirectly, any computer on the network using the service.
Vulnerability: DNS Cache Poisoning
Risk: Attackers can direct users to malicious websites. These websites, in turn, can exploit Internet Explorer vulnerabilities to install spyware programs.

Software affected: Anti-virus Products from Symantec, F-Secure, TrendMicro and McAfee
Systems affected: Desktops, laptops, and servers running certain anti-virus software.
Vulnerability: Buffer overflows in decoding certain types of files
Risk: Remote attackers can take complete control of computers running these security products.

OTHERS

Software affected: RealPlayer, iTunes and WinAmp Media Players
Systems affected: Desktops and laptops.
Vulnerability: Buffer Overflows
Risk: Users of these applications can be infected by simply visiting a web site that has been infected with malicious code.

Software affected: Oracle Database Server, Oracle Application Server, Oracle E-business Suite and Oracle Collaboration Suite
Systems affected: Multiple Oracle servers
Vulnerability: Vulnerabilities patched in Oracle’s January 2005 Critical Patch Update
Risk: Remote hackers can possibly exploit these vulnerabilities to gain control of databases and get access to information.

Software affected: Computer Associates Products Running License Manager
Systems affected: Computers running Computer Associates software
Vulnerability: CA License Package Buffer Overflow
Risk: Remote users can take complete control of computers running various CA products.

=================

Something you think we should know? tips[at]p2pnet.net

See:-
SANS group – Immediate Repairs Required To Protect Against Identity Theft & Industrial Espionage, May 12, 2005

This entry was posted on Tuesday, May 3rd, 2005 at 12:59 pm and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

HOME

Viewed 3729 times