>
> **********************
> Widely-Deployed Software
> **********************
>
> 1) CRITICAL: Microsoft Word Memory Corruption/Remote Code Execution
> Affected:
> Microsoft Word 2000 and later
>
> Description: A critical vulnerability exists in Microsoft
> Word 2000 and
> later versions. This vulnerability was not reported publicly. It was
> discovered when a virus exploiting this vulnerability was seen in the
> wild. Analysis of the virus has revealed that specially-crafted
> Microsoft Word documents can result in code execution when opened on a
> vulnerable system. The currently spreading virus installs a trojan on
> vulnerable systems. There is no patch available; users of the
> vulnerable
> software should not open Word documents from untrusted sources. Users
> are advised to keep their antivirus signatures updated, and
> be prepared
> to deploy a patch from Microsoft. Users should also keep
> watch for signs
> of a targeted attack on their systems. Some known behavior of
> the virus
> includes HTTP access to the hostname "localhosts.3322.org".
> Users should
> monitor DNS queries and investigate any attempts to resolve this
> address. Note that the owner of this domain has changed the IP address
> for which this resolves several times.
>
> Status: Microsoft confirmed. Update expected to be released as part of
> the next update cycle.
>
> References:
> SecurityFocus BID
>
> eWeek Article
>
> SANS Internet Storm Center Handler's Diary Entry
>
> Microsoft Windows Live Safety Center
>
>
> - ----------------------------------------------------------------
>
> 4) CRITICAL: Cyrus imapd Remote Buffer Overflow
> Affected:
> Cyrus imapd version 2.3.2 and prior
>
> Description: Cyrus imapd is a popular IMAP (Internet Message Access
> Protocol) mail server maintained by Project Cyrus at Carnegie Mellon
> University. Recent versions of the software suffer from a
> remote buffer
> overflow vulnerability. A specially-crafted IMAP request can trigger
> this buffer overflow and can result in malicious code injection. Note
> that the imapd "popsubfolders" option must be enabled for a server to
> be vulnerable. This option is not enabled by default, but is commonly
> enabled after installation to allow POP users subfolder
> access (normally
> only available via IMAP). Technical details and a proof-of-concept
> exploit are known to be in the wild. Note that the attacker
> need not be
> authenticated to exploit this vulnerability.
>
> Status: Project Cyrus has not confirmed, no updates are available.
>
> References:
> Project Cyrus Home Page
>
> Full Disclosure Posting (includes technical details)
>
> 0527.html
> SecurityFocus BID
>
>
> - ----------------------------------------------------------------
>
> 5) MODERATE: Sender Policy Framework Library Remote Format
> String Vulnerability
> Affected:
> libspf version 1.0.0-p5
>
> Description: The libspf library is an implementation of the Sender
> Policy Framework. The Sender Policy Framework is a DNS-based system to
> reduce unsolicited email ("spam") by verifying the servers authorized
> to send email for a given DNS domain. This library is widely deployed
> on many email servers. Multiple vulnerabilities have been
> discovered in
> this library, allowing an attacker to execute arbitrary code on a
> vulnerable server by specifying a specially-crafted email address or
> domain name. Note that only servers running with debugging enabled are
> vulnerable.
>
> Status: libspf confirmed, patch released.
>
> References:
> libspf Home Page
>
> Sender Policy Framework Home Page
>
> Sender Policy Framework Specification
>
> FrSIRT Security Advisory
>
> SecurityFocus BID
> Not yet available.
> - ----------------------------------------------------------------
>
> 06.20.1 CVE: Not Available
> Platform: Microsoft Office
> Title: Microsoft Word Unspecified Remote Code Execution
> Description: Microsoft Word is prone to an unspecified remote code
> execution vulnerability. The cause of this issue is currently unknown.
> This issue is being actively exploited in the wild to place a backdoor
> named Backdoor.Ginwui on targeted computers through a trojan named
> Trojan.Mdropper.H. Microsoft Word versions 2003 and earlier are
> vulnerable.
> Ref:
> ______________________________________________________________________
>
> 06.20.3 CVE: Not Available
> Platform: Third Party Windows Apps
> Title: RealVNC Remote Authentication Bypass
> Description: RealVNC is susceptible to an authentication bypass
> vulnerability. This issue is due to a flaw in the authentication
> process of the affected package. This allows them to gain full control
> of the VNC server session. RealVNC version 4.1.1 is vulnerable.
> Ref:
> ______________________________________________________________________
