Cambridge Computer Support
Cambridge Computer SupportCambridge Computer SupportCambridge Computer Support
Cambridge Computer Support
  Networks

Maintenance

Upgrades

Installation

Network Security
Maintenance
Repair
Design & Build
Installation
Upgrades
Network Security
Efficiency
Consultancy
 



Network Security

Welcome to our security bulletin for May 2006

A new critical vulnerability of Microsoft Exchange Server has been found, which could enable remote users to execute code via an overflow caused by a malicious calendar request. Patches have been issued, downloadable from http://www.microsoft.com/technet/security/Bulletin/MS06-019.mspx.

Apple has released its latest security update, (2006-003), which fixes a variety of problems for Apple Mac OS X versions 10.4.6 and previous.

Apple Quicktime (versions prior to 7.1) has multiple buffer overflow vulnerabilities. If Quicktime is set as the default media player remote attacks can come via any of the media formats. This is credited to Mike Price of McAfee Avert Labs amongst others. Apple recommends updating to version 7.1, which can be downloaded from http://docs.info.apple.com/article.html?artnum=303752. Other minor vulnerabilities are also addressed by this update.

Microsoft has dicovered, and released a patch to correct, Adobe Macromedia Flash Player vulnerabilities. Information about at least one of these is now publicly available, so download the patch here.

Adobe Dreamweaver - code generated by versions 8.0 and Macromedia MX2004 contains SQL injection vulnerabilities (found by Brian Gallagher). The vendor has released version 8.0.2 to address the problem, although developing SQL with Dreamweaver is unusual. Download it here , and regenerate affected code using the new version.

Sophos Anti-virus - heap-based overflow which can be triggered by a malicious CAB file. Affected versions are Sophos Anti-Virus for Windows, Mac OS, Unix, Linux, NetWare, OS/2, OpenVMS and DOS. Also Sophos Anti-Virus Small Business Editions for Windows and Mac OS, PureMessage for Windows/Exchange and UNIX, PureMessage Small Business Edition, MailMonitor for Windows, Notes/Domino and Exchange. The vendor is aware and has issued updates - see http://www.sophos.com/partners/oem/.

Symantec Enterprise Firewall and Gateway Security are vulnerable to an information disclosure weakness discovered by the vendor. Affected versions and remedial action from http://securityresponse.symantec.com/avcenter/security/Content/2006.05.10.html.

Online Universal Payment System has a vulnerability (disclosed by Preddy of the RootShell Security Group) which could jeopardise personal details of those using the web for purchasing. More details at http://www.securityfocus.com/bid/17889/info.

Cisco Secure ACS for Windows versions 3.x, insecure password issue, more details here. Another Cisco vulnerability, a content filtering bypass discovered by George D. Gal (ggal@vsecurity.com), vendor referenced advisory here. A Cisco AVS issue, fixes and workaround are detailed at http://www.cisco.com/warp/public/707/cisco-sa-20060510-avs.shtml.

f-secure has disclosed a Trojan designed to obtain credentials of online poker players. This instance is unusual in that it was concealed within a legitimate download from checkraised.com. The vendor has addressed the issue, more information at http://www.theregister.co.uk/2006/05/16/poker_site_trojan/.

And finally a spammer and a couple of virus authors getting prosecuted - Jeremy Jaynes (sentenced to 5 years on 8th May 2006), Jeffrey Lee Parson (Blaster B author) and Sven Jaschan (Sasser author). Also Jeanson James Ancheta, botnet master, details here and here.

Old security bulletins are stored in our archive

If you have a security issue or are looking for Internet security services, contact us to see what we can do for you.

  





© 2009 Cambridge Computer Support - The computer networks & data recovery experts
Cambridge Computer Support     Contact Us     Networks     Services     Products     Support