Network Security News – Wednesday, August 10, 2005 Events
Microsoft Windows Kerberos PKINIT Domain Controller Spoofing
Windows contains a flaw that may lead to an unauthorized information disclosure. Өe issue is triggered when an attacker inserts himself between a client and domain controller and exploit a design flaw in PKINT to spoof the domain controller, which will disclose session information resulting in a loss of confidentiality.. Read more at osvdb.org/18609
Microsoft Windows Kerberos Crafted Packet Remote DoS
Windows contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker sends a specially crafted Kerberos message to a machine functioning as a domain controller, and will result in loss of availability for the platform.. Read more at osvdb.org/18608
Microsoft Windows Print Spooler Service Remote Overflow
A remote overflow exists in Windows. The Print Spooler service fails to validate user-supplied input resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/18607
Microsoft Windows Telephony Application Programming Interface (TAPI) Overflow
Windows contains a flaw related to the Telephone Application Programming Interface (TAPI) that may allow an attacker to execute arbitrary code. No further details have been provided.. Read more at osvdb.org/18606
Microsoft Windows Remote Desktop Protocol (RDP) Crafted Packet Remote DoS
Windows contains a flaw that may allow a remote denial of service. The issue is triggered when a specially crafted RDP packet is sent by an attacker, which causes a memory fault within the rdpwd.sys driver file, and will result in loss of availability for the platform.. Read more at osvdb.org/18624
Microsoft Windows Plug-and-Play Service Remote Overflow
A remote overflow exists in Windows. The Plug and Play Service fails to validate the length of a message resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/18605
Wine winelauncher.in Symlink Arbitrary File Overwrite
Wine contains a flaw that may allow a malicious local user to overwrite arbitrary files on the system. The issue is due to the winelauncher.in script creating temporary files insecurely. It is possible for a user to use a symlink style attack to manipulate arbitrary files, resulting in a loss of integrity.. Read more at osvdb.org/18602
Leave a Reply