Security 10967 Published by Philipp Esselbach 0

Security watchers are advising users to protect their networks following one of the biggest security threats in internet history.

Hundreds or even thousands of different devices that rely on Simple Network Management Protocol (SNMP) have been found to be vulnerable to security compromises.

Read more

Security 10967 Published by Philipp Esselbach 0

Simple Network Management Protocol (SNMP) is an Internet standard protocol for managing disparate network devices such as firewalls, computers, and routers. All versions of Windows except Windows ME provide an SNMP implementation, which is neither installed nor running by default in any version.

A buffer overrun is present in all implementations. By sending a specially malformed management request to a system running an affected version of the SNMP service, an attacker could cause a denial of service. In addition, it is possible that he cause code to run on the system in LocalSystem context. This could potentially give the attacker the ability to take any desired action on the system.

Read more

Security 10967 Published by Philipp Esselbach 0

The 11 February 2002 Cumulative Patch for Internet Explorer update eliminates all known security vulnerabilities affecting Internet Explorer 6, as well as six new vulnerabilities, and is discussed in Microsoft Security Bulletin MS02-005. Download now to protect your computer from these vulnerabilities, the most serious of which could allow an attacker to run code on your computer.

Download

Security 10967 Published by Philipp Esselbach 0

The Telnet protocol provides remote shell capabilities. Microsoft has implemented the Telnet protocol by providing a Telnet Server in several products. The implementations in two of these products - - - Windows 2000 and Interix 2.2 - contain unchecked buffers in the code that handles the processing of telnet protocol options.

An attacker could use this vulnerability to perform a buffer overflow attack. A successful attack could cause the Telnet Server to fail, or in some cases, could possibly allow an attacker to execute code of her choice on the system. Such code would execute using the security context of the Telnet service, but this context varies from product to product. In Windows 2000, the Telnet service always runs as System; in the Interix implementation, the administrator selects the security context in which to run as part of the installation process.

Read more

Security 10967 Published by Philipp Esselbach 0

The Microsoft Exchange System Attendant is one of the core services in Microsoft Exchange. It performs a variety of functions related to the on-going maintenance of the Exchange system. To allow remote administration of an Exchange Server using the Exchange System Manager Microsoft Management Console (MMC) snap in, the System Attendant makes changes to the permissions on the Windows Registry to allow Exchange Administrators to remotely update configuration settings stored in the Registry.

There is a flaw in how the System Attendant makes these Registry configuration changes. This flaw could allow an unprivileged user to remotely access configuration information on the server. Specifically, this flaw inappropriately gives the Everyone group privileges to the WinReg key. This key controls the ability of users and groups to remotely connect to the Registry. By default, only Administrators are given the ability to remotely connect to the Registry, by granting permissions on this key.

Read more

Security 10967 Published by Philipp Esselbach 0

Windows suffered fewer security vulnerabilities than Linux last year, according to figures released by vulnerability tracker SecurityFocus.

Although the statistics so far only go up to August 2001, aggregated distributions of the Linux operating system suffered 96 vulnerabilities while Windows NT/2000 suffered only 42.

Read more