General discussion

VULNERABILITIES - August 23, 2006

- Vulnerability in Internet Explorer with MS-042 update installed -
Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com)

Madrid, August 23 2006 - Last Monday we covered an error detected after installation of update MS06-042, which caused Windows XP SP1 and Windows 2000 SP4 users to report errors when browsing certain web pages with Internet Explorer 6. However, this error seems to have far more serious consequences and could even be exploited remotely.

According to http://www.securitytracker.com/alerts/2006/Aug/1016731.html and http://research.eeye.com/html/alerts/AL20060822.html, when the MS06-042 update is installed, a vulnerability appears in Internet Explorer that could allow remote attackers to compromise systems. This flaw stems from a boundary error when treating URLs with HTTP 1.1 with compression. This could be exploited to cause a buffer overflow by using a very large URL.

To fix this, it is advisable to disable protocol HTTP 1.1 in Internet Explorer. Go to the "Tools" menu and click on "Internet Options...". Select the "Advanced" tab and uncheck the "Use HTTP 1.1" and "Use HTTP 1.1 through proxy connections" boxes.

Discussion is locked
Follow
Reply to: VULNERABILITIES - August 23, 2006
PLEASE NOTE: Do not post advertisements, offensive materials, profanity, or personal attacks. Please remember to be considerate of other members. If you are new to the CNET Forums, please read our CNET Forums FAQ. All submitted content is subject to our Terms of Use.
Reporting: VULNERABILITIES - August 23, 2006
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Comments
- Collapse -
PowerZip File Handling Buffer Overflow Vulnerability

SECUNIA ADVISORY ID:
SA21556

VERIFY ADVISORY:
http://secunia.com/advisories/21556/

CRITICAL:
Moderately critical

IMPACT:
System access

WHERE:
From remote

SOFTWARE:
PowerZip 7.x
http://secunia.com/product/11654/

DESCRIPTION:
Tan Chew Keong has reported a vulnerability in PowerZip, which can be
exploited by malicious people to compromise a user's system.

The vulnerability is caused due to a boundary error in the handling
of filenames in ZIP archives. This can be exploited to cause a
stack-based buffer overflow when a malicious ZIP archive containing a
file with an overly long filename is opened.

Successful exploitation allows execution of arbitrary code.

The vulnerability has been reported in version 7.06 Build 3895. Prior
versions may also be affected.

SOLUTION:
Update to version 7.07 Build 3901.

PROVIDED AND/OR DISCOVERED BY:
Tan Chew Keong

ORIGINAL ADVISORY:
http://vuln.sg/powerzip706-en.html

- Collapse -
Linux Kernel SCTP Privilege Escalation Vulnerability

SECUNIA ADVISORY ID:
SA21576

VERIFY ADVISORY:
http://secunia.com/advisories/21576/

CRITICAL:
Less critical

IMPACT:
Privilege escalation

WHERE:
Local system

OPERATING SYSTEM:
Linux Kernel 2.4.x
http://secunia.com/product/763/

DESCRIPTION:
McAfee Avert Labs has reported a vulnerability in the Linux Kernel,
which can be exploited by malicious, local users to gain escalated
privileges.

The vulnerability is caused due to an error in the SCTP module within
the "sctp_make_abort_user()" function and can be exploited to execute
arbitrary code with escalated privileges.

The vulnerability has been reported in versions 2.4.23 through
2.4.32. Other versions may also be affected.

SOLUTION:
Update to version 2.4.33.2.

PROVIDED AND/OR DISCOVERED BY:
Wei Wang, McAfee Avert Labs.

ORIGINAL ADVISORY:
http://kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.33.2

CNET Forums