CLSID extension, MIME header vulnerability etc etc

CLSID extension, MIME header vulnerability etc etc

Post by Ross Malyon - SBS2000 Guess Maste » Wed, 20 Mar 2002 00:46:31



Good day,

I was wondering does outlook 2000 or exchange 2000 have any patches that
stop these from going on..

--
Regards Ross M

FYI
www.cdg-group.com For Trend Anti Virus On the Web
www.eventid.net for them Perflib errors
www.veritas.com BackupExec for Backups

THAT IS ALL YOU NEED TO KNOW...

 
 
 

CLSID extension, MIME header vulnerability etc etc

Post by Ross Malyon - SBS2000 Guess Maste » Wed, 20 Mar 2002 01:17:50


i have outlook 2000 SR-1 (9.0.0.4527)
if thats any help

--
Regards Ross M

FYI
www.cdg-group.com For Trend Anti Virus On the Web
www.eventid.net for them Perflib errors
www.veritas.com BackupExec for Backups

THAT IS ALL YOU NEED TO KNOW...



Quote:> Good day,

> I was wondering does outlook 2000 or exchange 2000 have any patches that
> stop these from going on..

> --
> Regards Ross M

> FYI
> www.cdg-group.com For Trend Anti Virus On the Web
> www.eventid.net for them Perflib errors
> www.veritas.com BackupExec for Backups

> THAT IS ALL YOU NEED TO KNOW...


 
 
 

CLSID extension, MIME header vulnerability etc etc

Post by Susan Bradley, CPA aka » Wed, 20 Mar 2002 05:44:43


Test it out:

http://www.gfi.com/emailsecuritytest/


Quote:> Good day,

> I was wondering does outlook 2000 or exchange 2000 have any patches that
> stop these from going on..

> --
> Regards Ross M

> FYI
> www.cdg-group.com For Trend Anti Virus On the Web
> www.eventid.net for them Perflib errors
> www.veritas.com BackupExec for Backups

> THAT IS ALL YOU NEED TO KNOW...

 
 
 

CLSID extension, MIME header vulnerability etc etc

Post by Susan Bradley, CPA aka » Wed, 20 Mar 2002 16:04:07


BTW for the record - Outlook XP and Office scan blocked this at the
desktop....not at the server level


> i have outlook 2000 SR-1 (9.0.0.4527)
> if thats any help

> --
> Regards Ross M

> FYI
> www.cdg-group.com For Trend Anti Virus On the Web
> www.eventid.net for them Perflib errors
> www.veritas.com BackupExec for Backups

> THAT IS ALL YOU NEED TO KNOW...



> > Good day,

> > I was wondering does outlook 2000 or exchange 2000 have any patches that
> > stop these from going on..

> > --
> > Regards Ross M

> > FYI
> > www.cdg-group.com For Trend Anti Virus On the Web
> > www.eventid.net for them Perflib errors
> > www.veritas.com BackupExec for Backups

> > THAT IS ALL YOU NEED TO KNOW...

 
 
 

CLSID extension, MIME header vulnerability etc etc

Post by Susan Bradley, CPA aka » Sat, 23 Mar 2002 05:00:19


Ross....are you asking this as you got an email like this?  If so THIS IS
NOT AN OFFICIAL EMAIL FROM MS - THIS IS A GIBE WORM THAT PLACES A BACK DOOR
IN YOUR COMPUTER

From MS
I've been hearing from a lot of people that they are receiving the email
that I've pasted below.

THIS IS NOT FROM MICROSOFT! We DO NOT send security fixes by email and we do

not have an MS Internet Security Center. For more information, please see:
http://www.sophos.com/virusinfo/analyses/w32gibea.html

<Start False Email>
==============
Microsoft Customer,

this is the latest version of security update, the

"2 Mar 2002 Cumulative Patch" update which eliminates all

known security vulnerabilities affecting Internet Explorer and MS
Outlook/Express as well as six new vulnerabilities, and is discussed in
Microsoft Security Bulletin MS02-005. Install now to protect your computer
from these vulnerabilities, the most serious of which could allow an
attacker to run code on your computer.

Description of several well-know vulnerabilities:

- "Incorrect MIME Header Can Cause IE to Execute E-mail Attachment"
vulnerability. If a malicious user sends an affected HTML e-mail or hosts an

affected e-mail on a Web site, and a user opens the e-mail or visits the Web

site, Internet Explorer automatically runs the executable on the user's
computer.

- A vulnerability that could allow an unauthorized user to learn the
location of cached content on your computer. This could enable the
unauthorized user to launch compiled HTML Help (.chm) files that contain
shortcuts to executables, thereby enabling the unauthorized user to run the
executables on your computer.

- A new variant of the "Frame Domain Verification" vulnerability could
enable a malicious Web site operator to open two browser windows, one in the

Web site's domain and the other on your local file system, and to pass
information from your computer to the Web site.

- CLSID extension vulnerability. Attachments which end with a CLSID file
extension do not show the actual full extension of the file when saved and
viewed with Windows Explorer. This allows dangerous file types to look as
though they are simple, harmless files - such as JPG or WAV files - that do
not need to be blocked.

System requirements:

Versions of Windows no earlier than Windows 95.

This update applies to:

Versions of Internet Explorer no earlier than 4.01

Versions of MS Outlook no earlier than 8.00

Versions of MS Outlook Express no earlier than 4.01

How to install

Run attached file q216309.exe

How to use

You don't need to do anything after installing this item.

For more information about these issues, read Microsoft Security Bulletin
MS02-005, or visit link below.
http://www.microsoft.com/windows/ie/downloads/critical/default.asp

If you have some questions about this article contact us at

Thank you for using Microsoft products.

With friendly greetings,

MS Internet Security Center.

----------------------------------------

----------------------------------------

Microsoft is registered trademark of Microsoft Corporation. Windows and
Outlook are trademarks of Microsoft Corporation.

</End False Email>


Quote:> Good day,

> I was wondering does outlook 2000 or exchange 2000 have any patches that
> stop these from going on..

> --
> Regards Ross M

> FYI
> www.cdg-group.com For Trend Anti Virus On the Web
> www.eventid.net for them Perflib errors
> www.veritas.com BackupExec for Backups

> THAT IS ALL YOU NEED TO KNOW...

 
 
 

1. converting /etc/passwd and /etc/shadow passwords to /etc/smbpasswd

Hi,

We have a samba 2.0.6 server running with some W98 clients.
We want our users to authentificate themselves at the server.
the unix password sync works O.K.
My problem is, that right now we have an empty /etc/smbpasswd and an
/etc/shadow
with something like a hundred individual passwords, that we want to
keep.
Is there a tool that converts /etc/passwd and the shadow file to an
smbpasswd file?

thnx
Grant

--
Grant Wallace
http://www.tfh-berlin.de/~wallace

2. Specific DOS Session - HELP

3. Planning to grow....static IP/VPN..etc etc

4. Atari-source Indiscretions

5. Event 2021 "Unable to allocate work item" etc etc

6. NOTICE :: Emacs 18.58

7. XP file locking etc etc...

8. ./configure --with-smbwrapper etc etc

9. Converting NT users and groups to /etc/passwd and /etc/group

10. File permissions, etc, etc

11. Forget about PDC fuctionality etc.etc.etc. please address 'path too deep' xp-samba problem

12. WinZip MIME Parsing Buffer Overflow Vulnerability