exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Technical Cyber Security Alert 2004-196A

Technical Cyber Security Alert 2004-196A
Posted Jul 14, 2004
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA04-196A - Multitudes of vulnerabilities have been discovered amongst the Microsoft product line. Flaws that exist include Outlook Express failing to properly validate malformed e-mail headers, the Utility Manager allowing code execution, POSIX allowing code execution, IIS having a buffer overflow, the Task Scheduler having a buffer overflow, the HTML Help component failing to properly validate input data, and the Windows Shell allowing remote code execution.

tags | advisory, remote, overflow, shell, vulnerability, code execution
systems | windows, osx
advisories | CVE-2003-1041, CVE-2004-0201, CVE-2004-0205, CVE-2004-0210, CVE-2004-0212, CVE-2004-0213, CVE-2004-0215, CVE-2004-0420
SHA-256 | 1821f11a0fd592a922c98d1ad695e3b418762020d34a0f3cea361eefef4c0a68

Technical Cyber Security Alert 2004-196A

Change Mirror Download

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

National Cyber Alert System
Technical Cyber Security Alert TA04-196A

Multiple Vulnerabilities in Microsoft Windows Components and Outlook Express

Original release date: July 14, 2004
Last revised: --
Source: US-CERT

Systems Affected

* Microsoft Windows Systems

Overview

Microsoft has released a Security Bulletin Summary for July, 2004.
This summary includes several bulletins that address vulnerabilities
in various Windows applications and components. Exploitation of some
vulnerabilities can result in the remote execution of arbitrary code
by a remote attacker. Details of the vulnerabilities and their impacts
are provided below.

I. Description

The table below provides a reference between Microsoft's Security
Bulletins and the related US-CERT Vulnerability Notes. More
information related to the vulnerabilities is available in these
documents.

_________________________________________________________________

Format:

Microsoft Security Bulletin

Related US-CERT Vulnerability Note(s)
_________________________________________________________________

MS04-024: Vulnerability in Windows Shell Could Allow Remote Code
Execution (839645)

VU#106324 Microsoft Windows contains a
vulnerability in the way the Windows Shell launches applications
_________________________________________________________________

MS04-023: Vulnerability in HTML Help Could Allow Code Execution
(840315)

VU#187196 Microsoft Windows fails to properly process
showHelp URLs

VU#920060 Microsoft Windows HTML Help component fails to properly
validate input data
_________________________________________________________________

MS04-022: Vulnerability in Task Scheduler Could Allow Code Execution
(841873)

VU#228028 Microsoft Windows Task Scheduler Buffer Overflow
_________________________________________________________________

MS04-021: Security Update for IIS 4.0 (841373)

VU#717748 Microsoft Internet Information Server (IIS) 4.0 contains a
buffer overflow in the redirect function
_________________________________________________________________

MS04-020: Vulnerability in POSIX Could Allow Code Execution (841872)

VU#647436 Microsoft Windows contains a buffer overflow in the POSIX
subsystem
_________________________________________________________________

MS04-019: Vulnerability in Utility Manager Could Allow Code Execution
(842526)

VU#868580 Microsoft Windows Utility Manager launches applications with
system privileges
_________________________________________________________________

MS04-018: Cumulative Security Update for Outlook Express (823353)

VU#869640 Microsoft Outlook Express fails to properly validate
malformed e-mail headers
_________________________________________________________________

II. Impact

A remote, unauthenticated attacker may exploit VU#717748 to execute
arbitrary code on an IIS 4.0 system.

Exploitation of VU#106324, VU#187196, VU#920060, and VU#228028, would
permit a remote attacker to execute arbitrary code with the privileges
of the current user. The attacker would have to convince a victim to
view an HTML document (web page, HTML email) or click on a crafted URI
link.

Vulnerabilities described in VU#647436 and VU#868580 permit a local
user to gain elevated privileges on the local system.

Exploitation of VU#869640 can lead to a denial-of-service condition
against Outlook Express.

III. Solution

Apply a patch

Microsoft has provided the patches for these vulnerabilities in the
Security Bulletins and on Windows Update.

Do not follow unsolicited links

It is generally a good practice not to click on unsolicited URLs
received in email, instant messages, web forums, or Internet relay
chat (IRC) channels. However, this practice does not always prevent
exploitation of these types vulnerabilities. For example, a trusted
web site could be compromised and modified to deliver exploit script
to unsuspecting clients.

Maintain updated anti-virus software

Anti-virus software with updated virus definitions may identify and
prevent some exploit attempts, but variations of exploits or attack
vectors may not be detected. Do not rely solely on anti-virus software
to defend against these vulnerabilities. More information about
viruses and anti-virus vendors is available on the US-CERT Computer
Virus Resources page.

Appendix A. Vendor Information

Specific information about these issue are available in the Security
Bulletin Summary for July, 2004 and the US-CERT Vulnerability Notes.

Appendix B. References

* Microsoft's Security Bulletin Summary for July, 2004 -
<http://www.microsoft.com/technet/security/bulletin/ms04-jul.mspx>

* US-CERT Vulnerability Note VU#106324 -
<http://www.kb.cert.org/vuls/id/106324>

* US-CERT Vulnerability Note VU#187196 -
<http://www.kb.cert.org/vuls/id/187196>

* US-CERT Vulnerability Note VU#920060 -
<http://www.kb.cert.org/vuls/id/920060>

* US-CERT Vulnerability Note VU#228028 -
<http://www.kb.cert.org/vuls/id/228028>

* US-CERT Vulnerability Note VU#717748 -
<http://www.kb.cert.org/vuls/id/717748>

* US-CERT Vulnerability Note VU#647436 -
<http://www.kb.cert.org/vuls/id/647436>

* US-CERT Vulnerability Note VU#868580 -
<http://www.kb.cert.org/vuls/id/868580>

* US-CERT Vulnerability Note VU#869640 -
<http://www.kb.cert.org/vuls/id/869640>

* Increase Your Browsing and E-Mail Safety -
<http://www.microsoft.com/security/incident/settings.mspx>

* Working with Internet Explorer 6 Security Settings -
<http://www.microsoft.com/windows/ie/using/howto/security/settings
.mspx>
_________________________________________________________________

This alert was created by Jason A. Rafail. Feedback can be directed to
the Vulnerability Note authors: Jason A. Rafail, Jeff P. Lanza, Chad
R. Dougherty, Damon G. Morda, and Art Manion.
_________________________________________________________________

This document is available from:

<http://www.us-cert.gov/cas/techalerts/TA04-196A.html>

_________________________________________________________________

Copyright 2004 Carnegie Mellon University.

Terms of use: <http://www.us-cert.gov/legal.html>
_________________________________________________________________

Revision History

July 14, 2004: Initial release

Last updated July 14, 2004
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFA9ZD4XlvNRxAkFWARApJoAJ9kLfHwh9rjM39LkWpRYYkPDngD+QCcDj6Q
P8VLUzmOQoMFj+903rIsKHU=
=4I7x
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close