exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

nt.security.update.122399.txt

nt.security.update.122399.txt
Posted Dec 24, 1999
Authored by winsd

Windows NT Security Update - December 23, 1999. New vulnerabilities - Yet another problem with Internet Explorer 5.x and cross frame navigation, Overflow in ZBServer v1.5, Outlook 5, as well as Internet Explorer 4.5 on Macintosh platform, Microsoft reported that Internet Information Server (IIS) is prone to reveal source code under certain conditions, Norton Antivirus 2000 was reported to contain a serious buffer overflow condition, and SQL server crash. NTsecurity homepage here.

tags | overflow, vulnerability, magazine
systems | windows
SHA-256 | 3cd5748f0b9ba31bc84172eefeb5e50a760038cf0c7b703ff617c3285bc947a1

nt.security.update.122399.txt

Change Mirror Download
=============== SPONSORED BY WINDOWS NT MAGAZINE ==================
Power + Speed = Windows NT Magazine Article Archive CD. Fight your
NT fires quickly and intelligently with this complete collection of
Windows NT Magazine articles. Search by keyword, subject, issue,
author, or month, and find the right solution in seconds. Includes
the entire article database from our September 1995 premiere issue
to December 1999.
http://winntmag.com/OurProducts/ArchiveCD/
====================================================================

December 23, 1999 - Security UPDATE Alert - Several new security
are being reported in this alert. Georgio Guninski discovered
yet another problem with Internet Explorer 5.x and cross frame
navigation. No patch is available at this time.

USSRLabs reported a denial of service condition in ZBServer v1.5.

Microsoft reported a problem with Outlook 5, as well as Internet
Explorer 4.5 on Macintosh platform. The Outlook problem could lead
to a Trojan infection of the local system. The IE problem pertains
to certificates. Patches are now available.

Microsoft reported that Internet Information Server (IIS) is prone
to reveal source code under certain conditions. Patches are now
available.

Microsoft also revealed problems with the way IIS handles escape
character parsing. Patches are available for this problem as well.

Norton Antivirus 2000 was reported to contain a serious buffer
overflow condition. No vendor response is known at this time.

Kevork Belian shows how easy it is to crash an SQL Server 7.0 using
a very simple malformed packet. Microsoft has now issued a patch for
this month old problem.

For complete details on each of the discoveries, please visit our
Web site at the URLs listed below:

- IE 5.01 Cross Frame Navigation
http://www.ntsecurity.net/scripts/loader.asp?iD=/security/ie58.htm
- ZBServer v1.5 Denial of Service
http://www.ntsecurity.net/scripts/loader.asp?iD=/security/zbnserver1.htm
- Outlook 5 and IE 4.5 for Macintosh
http://www.ntsecurity.net/scripts/loader.asp?iD=/security/outlook51.htm
- IIS Reveals Source Code
http://www.ntsecurity.net/scripts/loader.asp?iD=/security/iis4-2.htm
- IIS Escape Char Processing
http://www.ntsecurity.net/scripts/loader.asp?iD=/security/iis4-3.htm
- Norton Antivirus 2000
http://www.ntsecurity.net/scripts/loader.asp?iD=/security/nav20001.htm
- SQL 7.0 Denial of Server
http://www.ntsecurity.net/scripts/loader.asp?iD=/security/sql7-2.htm

Thanks for subscribing to Security UPDATE.

Please tell your friends about this newsletter and alert list!

Sincerely,
The Security UPDATE Team
security@ntsecurity.net

=======================================================================
TO UNSUBSCRIBE from this alert list DO NOT REPLY, instead send e-mail
to listserv@listserv.ntsecurity.net with the words "unsubscribe
securityupdate" in the body of the message without the quotes.

TO SUBSCRIBE to this alert list, send e-mail to the same address listed
above with the words "subscribe securityupdate anonymous" in the body
of the message without the quotes.
=======================================================================
Security UPDATE is powered by LISTSERV(R) software
http://www.lsoft.com/LISTSERV-powered.html
=======================================================================
Copyright (c) 1999 Duke Communications Intl. Inc. - ALL RIGHTS RESERVED
Forwarding this email is permitted, as long as the entire message body,
the mail header, and this notice are included.

Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close