**** This Security Alert is brought to you by the Windows IT Security channel on the Windows 2000 Magazine Network **** http://www.win2000mag.net/channels/security ============================================================ Sponsored by ONE CHANNEL WORTH FLIPPING TO! http://go.win2000mag.net/UM/T.asp?A2153.23115.1322.1.532985 ============================================================ Who has time to surf? Our new Exchange & Outlook Web channel delivers news, articles, discussion forums, FAQs, and technical solutions in one, easy-to-navigate Web site. Check it out! http://go.win2000mag.net/UM/T.asp?A2153.23115.1322.1.532985 ******************** Security Alert, August 17, 2001 * MULTIPLE VULNERABILITIES IN ISA 2000 SERVER Peter Grundl and Dr. Hiromitsu Takagi discovered two vulnerabilities in Microsoft Internet Security and Acceleration (ISA) Server 2000. The first vulnerability stems from a memory leak condition in the H323asn1.dll file used to process H.323 Gatekeeper Voice over IP (VoIP) data and Winsock Proxy services. The second problem is a cross-site scripting vulnerability affecting the error page that ISA Server generates in response to a request for a non-existent page or an unsuccessful connection attempt to a page. http://www.WindowsITsecurity.com/articles/index.cfm?articleID=22178 * MULTIPLE VULNERABILITIES IN IIS 5.0 AND 4.0 John Waters, NSFocus, and Oded Horovitz discovered five vulnerabilities in Internet Information Services 5.0 and Microsoft Internet Information Server (IIS) 4.0. The five vulnerabilities include three Denial of Service (DoS) conditions, a buffer overflow condition, and a privilege elevation condition. Microsoft has released a detailed bulletin (MS01-044) as well as patches to remedy these problems. http://www.WindowsITsecurity.com/articles/index.cfm?articleID=22177 * DENIAL OF SERVICE CONDITION IN MICROSOFT NNTP SERVICE FOR WINDOWS 2000/NT Aiden ORawe reported that a memory leak exists in the way certain Windows OSs process new postings when using the Network News Transfer Protocol (NNTP) service. If an attacker sends a large number of posts with a particular construction, those posts can deplete the server's available memory and disrupt service. A user can reboot the server to resume normal service. Only servers that accept new postings are vulnerable to this condition. Microsoft is aware of the vulnerability and has released patches to remedy the problem. http://www.windowsitsecurity.com/Articles/Index.cfm?ArticleID=22149 Thank you for subscribing to Security UPDATE. Please tell your friends about this newsletter and alert list! Sincerely, The Security UPDATE Team (securityat_private) SUBSCRIBE To subscribe send a blank email to subscribe-Security_UPDATEat_private If you have questions or problems with your UPDATE subscription, please contact securityupdateat_private ___________________________________________________________ Copyright 2001, Penton Media, Inc. - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Sat Aug 18 2001 - 03:28:29 PDT