Information Technology and Telecommunications Sector
19. January 11, 2005 Secunia — Linux kernel multiple vulnerabilities.
Multiple vulnerabilities have been reported in the Linux kernel, which potentially can
be exploited by malicious, local to cause a denial of service, disclose sensitive information, or gain escalated privileges
on vulnerable system. The solution is to grant only trusted users access to affected systems.
20. January 11, Secunia — mpg123 Mpeg layer-2 buffer overflow vulnerability.
A vulnerability has been reported in mpg123, which potentially can be exploited by malicious
people to compromise a user's system. The vulnerability is caused due to an error in the of frame headers for layer-2 streams.
This may be exploited to cause a heap-based buffer overflow via a specially crafted MP2 or MP3 file. Successful exploitation
may allow execution of arbitrary code with the privileges of the user executing mpg123. There is no solution at6 this time.
21. January 11, SecurityTracker — Squid NTLM fakeauth_auth helper.
A vulnerability known as a memory leak has been reported in Squid in the NTLM fakeauth_auth
helper. A remote hacker can trigger a segmentation fault. Under high load or when running for a long period of time, application
may run out of memory. In addition, a remote user can send a specially crafted NTLM type 3 message to cause a segmentation
fault and can cause denial of service conditions.
22. January 11, SecurityTracker — NetWare running CIFS.NLM.
A denial of service vulnerability was reported in NetWare when running CIFS.NLM. A remote
user can conduct a network port scan against the target system to cause the target system to 'hard lock' if the system is
running CIFS.NLM at the time of the scan. This creates a denial of service condition.
As a solution, the vendor has issued a CIFS update for NetWare 5.1 and 6.0, described
23. January 11, Microsoft — Microsoft Security Bulletin MS05-001: Vulnerability in HTML Help Could Allow Code Execution.
A vulnerability exists in the HTML Help ActiveX control
in Windows that could allow information disclosure or remote code execution on an affected
system. If a user is logged on with administrative privileges, an attacker who successfully exploited this vulnerability could
take complete control of an affected system.
An attacker could then install programs; view, change, or delete data; or create
new accounts with full privileges.
Users whose accounts are configured to have fewer privileges on the system could
be less impacted than users who operate with administrative privileges. Microsoft has
assigned a risk rating of "Critical" to this issue and recommends that customers install the update immediately.
24. January 11, Microsoft — Microsoft Security Bulletin MS05-002: Vulnerability in Cursor and Icon Format Handling Could
Allow Remote Code Execution.
This update resolves several newly-discovered, privately reported and public vulnerabilities.
An attacker who successfully exploited the most severe of these vulnerabilities
could take complete control of an affected system, install programs; view, change, or delete data; or create new accounts
that have full privileges.
Microsoft has assigned a risk rating of "Critical" to these issues and
recommends that customers apply the update immediately.
25. January 11, Microsoft — Microsoft Security Bulletin MS05-003: Vulnerability in the Indexing Service Could Allow Remote
A remote code execution vulnerability exists in the Indexing Service because of
the way that it handles query validation.
An attacker could exploit the vulnerability by constructing a malicious query that could
potentially allow remote code execution
on an affected system.
An attacker who successfully exploited this vulnerability could take complete control
of an affected system.
While remote code execution is possible, an attack would most likely result in a denial
of service condition.
Microsoft has assigned a risk rating of "Important" to this issue and recommends that
system administrators consider applying the security update.