Saturday, January 14, 2006

Apple QuickTime Vulnerabilities

Original release date: January 11, 2006
Last revised: January 11, 2006
Source: US-CERT

Systems Affected
Apple QuickTime on systems running
* Apple Mac OS X
* Microsoft Windows XP
* Microsoft Windows 2000

Overview
Apple has released QuickTime 7.0.4 to correct multiple
vulnerabilities. The impacts of these vulnerabilities include
execution of arbitrary code and denial of service.

I. Description
Apple QuickTime 7.0.4 resolves a number of image and media file
handling vulnerabilities. Further details are available in the
following Vulnerability Notes:
VU#629845 - Apple QuickTime image handling buffer overflow
Apple QuickTime contains a heap overflow vulnerability that may allow
an attacker to execute arbitrary code or cause a denial-of-service
condition.
(CAN-2005-2340)
VU#921193 - Apple QuickTime fails to properly handle corrupt media
files
Apple QuickTime contains a heap overflow vulnerability in the handling
of media files. This vulnerability may allow a remote, unauthenticated
attacker to execute arbitrary code or cause a denial of service on a
vulnerable system.
(CAN-2005-4092)
VU#115729 - Apple QuickTime fails to properly handle corrupt TGA
images
A flaw in the way Apple QuickTime handles Targa (TGA) image format
files could allow a remote attacker to execute arbitrary code on a
vulnerable system.
(CAN-2005-3707)
VU#150753 - Apple QuickTime fails to properly handle corrupt TIFF
images
Apple QuickTime contains an integer overflow vulnerability in the
handling of TIFF images. This vulnerability may allow a remote,
unauthenticated attacker to execute arbitrary code or cause a denial
of service on a vulnerable system.
(CAN-2005-3710)
VU#913449 - Apple QuickTime fails to properly handle corrupt GIF
images
A flaw in the way Apple QuickTime handles Graphics Interchange Format
(GIF) files could allow a remote attacker to execute arbitrary code on
a vulnerable system.
(CAN-2005-3713)

II. Impact
The impacts of these vulnerabilities vary. For information about
specific impacts, please see the Vulnerability Notes. Potential
consequences include remote execution of arbitrary code or commands
and denial of service.

III. Solution
Upgrade
Upgrade to QuickTime 7.0.4.

Microsoft Windows, Outlook, and Exchange Vulnerabilities

Original release date: January 10, 2006
Last revised: January 10, 2006
Source: US-CERT

Systems Affected
* Microsoft Windows
* Microsoft Outlook
* Microsoft Exchange
For more complete information, refer to the Microsoft Security
Bulletin Summary for January 2006.

Overview
Microsoft has released updates that address critical vulnerabilities
in Windows, Outlook, and Exchange. Exploitation of these
vulnerabilities could allow a remote, unauthenticated attacker to
execute arbitrary code or cause a denial of service on a vulnerable
system.

I. Description
Microsoft Security Bulletins for January 2006 address vulnerabilities
in Microsoft Windows, Outlook, and Exchange. Further information is
available in the following US-CERT Vulnerability Notes:
VU#915930 - Microsoft embedded web font buffer overflow
A heap-based buffer overflow in the way Microsoft Windows processes
embedded web fonts may allow a remote, unauthenticated attacker to
execute arbitrary code on a vulnerable system.
(CVE-2006-0010)
VU#252146 - Microsoft Outlook and Microsoft Exchange TNEF decoding
vulnerability
Microsoft Outlook and Microsoft Exchange contain an unspecified
vulnerability in processing TNEF attachments. This may allow a remote,
unauthenticated attacker to execute arbitrary code on a system running
the vulnerable software.
(CVE-2006-0002)

II. Impact
Exploitation of these vulnerabilities may allow a remote,
unauthenticated attacker to execute arbitrary code with the privileges
of the user. If the user is logged on with administrative privileges,
the attacker could take complete control of an affected system. An
attacker may also be able to cause a denial of service.

III. Solution
Apply Updates
Microsoft has provided the updates for these vulnerabilities in the
Security Bulletins and on the Microsoft Update site.

Monday, January 09, 2006

My Guestbook Signing

If you would like, please sign my Guestbook so you could tell me about my blog , topic of your interests & everything else that you may searched for it or have a question but didn't find yet or so on; To do for better weblog & also for related topics that you may want or need.
Note: The link for my Guestbook is available on my page, too.

Major Internet Backbones

... maybe how often you think about the internet connections such as backbones, infrastructure,... in this topic and later topics I'll show you some of them.
In this topic, I tell you major internet backbones...

* At the first time lets know the meaning of the backbone:
Before reading, you have to know:
DS0 is a 64 kilobits per second link (I called it basic rate).
T1 line is a 1.544 megabits per second link (24 DS0 lines).
T3 line is a 43.232 megabits per second link (28 T1s or ).
OC3 is a 155 megabits per second link (84 T1s).
OC12 is a 622 megabits per second link (4 OC3s).
OC48 is a 2.5 gigabits per seconds link (4 OC12s).
OC192 is a 9.6 gigabits per second link (4 OC48s).

The National Science Foundation (NSF) created the first high-speed backbone in 1987. Called NSFNET, it was a T1 line that connected 170 smaller networks together and operated at 1.544 Mbps (million bits per second). IBM, MCI and Merit worked with NSF to create the backbone and developed a T3 (45 Mbps) backbone the following year.
Backbones are typically fiber optic trunk lines. The trunk line has multiple fiber optic cables combined together to increase the capacity. Fiber optic cables are designated OC for optical carrier, such as OC-3, OC-12 or OC-48. An OC-3 line is capable of transmitting 155 Mbps while an OC-48 can transmit 2,488 Mbps (2.488 Gbps). Compare that to a typical 56K modem transmitting 56,000 bps and you see just how fast a modern backbone is.
Today there are many companies that operate their own high-capacity backbones, and all of them interconnect at various NAPs around the world. In this way, everyone on the Internet, no matter where they are and what company they use, is able to talk to everyone else on the planet. The entire Internet is a gigantic, sprawling agreement between companies to intercommunicate freely.

** Major Internet Backbones (Sorted by "connectivity"):

AS 701 - UUNET/WorldCom/MCI
AS 1239 - Sprint
AS 3561 - Cable & Wireless
USA AS 1 - Genuity (Also known as Level 3)
AS 6461 - AboveNet
AS 7018 - AT&T
AS 209 - Qwest
AS 2914 - Verio
AS 3549 - Global Crossing
AS 6453 - TeleGlobe
AS 702 - UUNET (also first)
AS 2548- Intermedia
AS 6347 - Savvis
AS 1755 - Ebone
AS 4648 - Netgate (Exchange Point: New Zealand)
AS 174 - PSINet (cogent)
AS 5459 - LINX (Exchange Point: London)
AS 8918 - Carrier1 (bankrupt) (netherlands portion)
AS 3300 - Infonet (Their European network)
AS 703 - UUNET/WorldCom/MCI (also first)
AS 3967 - Exodus (now with Cable & Wireless)
AS 8297 - Teleglobe
AS 5673 - Pacific Bell
AS 2828 - Concentric (now with XO)
AS 4000 - Sprint (Also listed at number 2)
AS 4200 - AGIS (telia)
AS7474 - optus (Australia)
AS 4766 - KIX (Exchange Point: Korea)
AS 3786 - DACOM ( map from KIDC)
AS 5519 - XO Communication
AS 286 - EUNET (KPN)
AS 8342 - ROSTELECOM

Update for Microsoft Windows Metafile Vulnerability

Original release date: January 5, 2006
Last revised: --
Source: US-CERT


Systems Affected
* Systems running Microsoft Windows

Overview
Microsoft Security Bulletin MS06-001 contains an update to fix a
vulnerability in the way Microsoft Windows handles images in the
Windows Metafile (WMF) format.

I. Description
TA05-362A describes a vulnerability in the way Microsoft Windows
handles Windows Metafile images. This vulnerability could allow a
remote attacker to execute arbitrary code. Microsoft Security Bulletin
MS06-001 contains an update to fix this vulnerability.
The vulnerability is described in further detail in VU#181038.

II. Impact
A remote, unauthenticated attacker may be able to execute arbitrary
code if the user is persuaded to view a specially crafted Windows
Metafile.

III. Solution
Apply a patch from your vendor
Install the appropriate update according to Microsoft Security
Bulletin MS06-001.