March 26, 2009
Severity: High
26 March, 2009
Summary:
§ These vulnerabilities affect: Many devices running Cisco IOS
§ How an attacker exploits them: Multiple vectors of attack; in the most common, the attacker sends specially crafted network packets
§ Impact: Various results; these include many Denial of Service (DoS) vulnerabilities and a privilege elevation flaw
§ What to do: Administrators who manage Cisco IOS devices should download, test, and deploy the appropriate Cisco updates as soon as possible
Exposure:
Six months ago, Cisco announced plans to implement a twice-yearly patch cycle that would fall on the fourth Wednesday of March and September. Yesterday marked another Cisco biannual patch day, for which they released eight security advisories. All of these advisories cover security vulnerabilities that affect devices running Cisco’s Internetwork Operating System (IOS) software. IOS is the operating system that runs on most Cisco routers and switches.
While Cisco’s IOS advisories differ in technical ways, all but one of them cover vulnerabilities that attackers could exploit in Denial of Service (DoS) attacks. The remaining flaw involves a privilege elevation that a local attacker could exploit to read and write to files on your Cisco device. For a complete list of today’s IOS alerts, check out the Cisco’s Bundled Advisory for March 25th. However, we summarize three of the IOS advisories below:
Cisco Document ID 109323: IOS Secure Copy privilege escalation vulnerability.
The Secure Copy Protocol (SCP) is a network protocol designed to securely transfer files between two hosts (based on SSH). In short, IOS’s SCP server implementation suffers from a vulnerability that allows authenticated users to transfer files to and from your Cisco device, even if you haven’t authorized that user to have SCP access. A local attacker could exploit this flaw to retrieve or write to any file on your IOS device, including its configuration file which may contain sensitive information, such as passwords. However, in order to exploit this flaw the attacker must have valid credentials on your IOS device, which limits this to primarily an inside threat.
Base CVSS Score: 9.0(10 being the most severe)
Cisco Document ID 109314: IOS cTCP DoS vulnerabilities.
According to Cisco, the Cisco Tunneling Control Protocol (cTCP) is a proprietary Cisco protocol used by Easy VPN remote devices operating in environments in which standard IPSec does not function transparently without modification to existing firewall rules. Cisco’s implementation of this protocol suffers from a memory exhaustion vulnerability. By sending a series of TCP packets, an attacker could exploit this flaw to exhaust your IOS device’s memory, leading to a DoS condition. If you use a Cisco IOS router to get to the Internet, an attacker could repeatedly exploit these vulnerabilities to knock your network offline. However, only administrators who have configured their IOS device with Cisco Tunneling Control Protocol (cTCP) encapsulation for EZVPN server are vulnerable to this flaw.
Base CVSS Score:7.8
Cisco Document ID 109322: IOS SIP DoS vulnerability.
The Session Initiation Protocol (SIP) is a popular signaling standard used by many Voice over IP (VoIP) products. Unfortunately, IOS’s SIP handling implementation suffers from an unspecified DoS vulnerability. By sending a specially crafted SIP message to your IOS device, an attacker could exploit this vulnerability to reload your IOS device. If you use a Cisco IOS router to get to the Internet, an attacker could repeatedly exploit these vulnerabilities to knock your network offline. This vulnerability only affects IOS devices with SIP voice services enabled.
Average CVSS Score: 7.8
The remaining five advisories fix flaws just as severe as the ones described above. For greater detail on all of Cisco’s March vulnerabilities, check out the individual advisories in the References section of this alert, or refer to Cisco’s bundled security advisory for March 2009.
Solution Path:
Cisco has released patches to fix these vulnerabilities. If you use any Cisco device running IOS software, you should immediately consult the “Software Versions and Fixes” and “Obtaining Fixed Software” section of Cisco’s bundled security advisory for March 2009 to learn which fixes apply to your devices, and how to obtain them. You can also refer to the “Software Versions and Fixes” and “Obtaining Fixed Software” section of each of the individual alerts linked below.
For All WatchGuard Users:
Since these vulnerabilities can affect your router, which is typically in front of your WatchGuard firewall, the solutions above are your primary recourse.
Status:
Cisco has made fixes available.
References:
§ Cisco Bundled March 2009 Security Advisory
§ Cisco IOS cTCP Denial of Service Vulnerability
§ Cisco IOS Software Multiple Features IP Sockets Vulnerability
§ Cisco IOS Software Mobile IP and Mobile IPv6 Vulnerabilities
§ Cisco IOS Software Secure Copy Privilege Escalation Vulnerability
§ Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability
§ Cisco IOS Software Multiple Features Crafted TCP Sequence Vulnerability
§ Cisco IOS Software Multiple Features Crafted UDP Packet Vulnerability
Cisco IOS Software WebVPN and SSLVPN Vulnerabilities
Leave a Comment » | 
Bardissi Enterprises, Business Computer Support, Business Phone Solutions, Cisco, Computer Security | Tagged: Bardissi Enterprises, Cisco Document ID 109314, Cisco Document ID 109322, Cisco Document ID 109323, Cisco IOS Software Multiple Features Crafted UDP Packet Vulnerability, Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability, Cisco IOS Software WebVPN and SSLVPN Vulnerabilities, Cisco Bundled March 2009 Security Advisory, Cisco IOS cTCP Denial of Service Vulnerability, Cisco IOS Software Mobile IP and Mobile IPv6 Vulnerabilities, Cisco IOS Software Multiple Features Crafted TCP Sequence Vulnerability, Cisco IOS Software Multiple Features IP Sockets Vulnerability, Cisco IOS Software Secure Copy Privilege Escalation Vulnerability | 
Permalink
Posted by bardissi
March 26, 2009
Date: 3/17/2009
Round Rock, Texas
- Adamo is first product under new Adamo by Dell brand
- Premium craftsmanship and design inspires new aesthetic across Dell family of products
- Adamo by Dell created to disrupt people’s perceptions of what personal computing is today
Style-minded people who place a premium on precision craftsmanship and design can now add Adamo to their list of must-have items for 2009. Dell today unveiled the world’s thinnest* laptop as a kick off to the new Adamo by Dell brand.
Adamo, derived from the Latin word meaning “to fall in love,” will serve as a flagship in a line of products created to disrupt the personal computing space with the combination of new design aesthetics, personalization choices and sought-after technologies.
The News:
- Adamo is the pinnacle of craftsmanship and design and features:
- A chassis milled from a single piece of aluminum featuring precision detailing and a scalloped backlit keyboard
- Striking high definition edge-to-edge glass display
- Fully connected with WiFi, Bluetooth™ and optional integrated mobile broadband** and full complement of connectivity ports with no compromises
- Cool, quiet and robust solid state drives
- Available in Onyx and Pearl colors with a broad range of complementary accessories
- Price starting at $1999
Quotes:
- “Great design needs to be timeless and evoke emotion in people”, said Alex Gruzen, senior vice president of Dell’s consumer products. ”While a premium computing experience was assumed for Adamo, the intent was for people to see, touch and explore Adamo and be rewarded by the select materials and craftsmanship you would expect in a fine watch.”
- “Dell continues to signal a commitment to design and personalization across its entire product line and has made significant strides forward in the past year,” said Rob Enderle, Principal Analyst, Enderle Group. “The Adamo laptop is a showcase for this commitment and a flagship product that will draw buyers to the brand.”
People who choose Adamo will be offered a unique color matched collection of Adamo by Dell branded peripherals and accessories including, in the U.S. an exclusive line of bags from TUMI. Choices will include:
- External storage option with 250GB*** or 500GB*** external hard drive.
- External DVD+/-RW or Blu-ray disc™ drive.
- 8GB*** USB drive.
- Connectors and cables including DisplayPort to HDMI, DVI, and VGA.
- Adamo Premium Service (US Only):
- 24/7 access to Dell’s best trained technicians
- Consistent communication with a dedicated personal team
The Adamo by Dell brand is being supported by innovative and new approaches to marketing and promotion for Dell. Designed to challenge people’s perceptions of what a computer is, the Adamo by Dell brand was inspired by fashion, luxury brands and timeless design.
Dell has looked beyond traditional approaches to reaching computer shoppers and launched a provocative campaign featuring:
- A stylish worldwide print campaign shot by acclaimed British-based photographer Nadav Kander and featuring high-fashion models that reinforces the “fall in love” positioning. Kander, whose work is celebrated in galleries worldwide, also shot the moving portfolio, “Obama’s People,” which appeared in The New York Times Magazine earlier this year.
- AdamoByDell.com, the centerpiece of the campaign and a highly stylized site where viewers can learn about Adamo, register for updates and, beginning today, place orders. Since its launch last month, AdamoByDell.com has attracted nearly 800,000 unique visitors from around the world and more than 1 million page views.
- Artful packaging in which the product arrives “floating” in a clear box with minimal clutter – a beautiful experience for a sophisticated product.
Product Specifications:
- Intel Core 2 Duo processors with Intel® Centrino® technology
- DDR3 system memory
- 13.4-inch 16:9 HD display
- Draft-Wireless N
- High-performance solid state drives standard
- Bluetooth 2.1
- Mobile Broadband* option
- Up to 5+ hours of battery life (preliminary)****
- 2 USB ports, 1 USB/eSATA combo port, Display Port, RJ-45 port
- Genuine Windows Vista® Home Premium Edition SP1, 64-bit
Available for pre-order today at www.adamobydell.com and shipping worldwide starting March 26, 2009, Adamo will be available online for purchase in 24 countries including U.S., Canada, Mexico, Brazil, U.K. France, Germany, Ireland, Italy, Netherlands, Spain, Russia, Sweden, Switzerland, UAE, ANZ, China, Honk Kong, India, Korea, Malaysia/Singapore, Japan, and Indonesia.
Links:
www.AdamoByDell.com
www.dell.com
www.dell.com/designstudio
www.flickr.com/photos/dellphotos
About Dell
Dell products like Adamo are redefining style, value, personalization and customization for connected mobile lifestyles. People worldwide can buy Dell online, by phone and through 24,000 stores.
About Tumi
Tumi is the leading international brand of luxury travel, business and lifestyle accessories. Its success can be traced to its continued commitment to design excellence, functional superiority, and technical innovation. The brand is sold in over 125 Tumi stores worldwide, top department and specialty stores and online at www.tumi.com.
Footnotes:
* At the thickest point, Dell’s Adamo is thinner than any other laptop.
** Subject to wireless provider’s broadband subscription and coverage area; additional charges apply.
*** GB means 1 billion bytes and TB equals 1 trillion bytes; actual capacity varies with preloaded material and operating environment and will be less.
**** Based on preliminary lab testing. Varies by configuration operating conditions and other factors. Maximum battery decreases with time and use.
Leave a Comment » | 
Bardissi Enterprises, Dell | 
Permalink
Posted by bardissi
March 26, 2009
Hatfield, PA, March 12, 2009
AltiGen Communications, Inc. (NASDAQ: ATGN), the leading provider of 100% Microsoft-based VoIP business phone systems and Unified Communications solutions announced today the availability of the MAX2000 Voice over IP (VoIP Phone System)
Overview
Support for 5.1 will end on March 20th, 2009.
Systems must be covered under an active service plan to be eligible for no-charge support.
Systems not covered under a Premier Service Plan can purchase after-hours emergency
support.
Details
As of March 20th, 2009, AltiGen will no longer provide technical support for the AltiWare 5.1 release. We suggest all systems currently running 5.1 be upgraded to 5.2 or 6.0. Support will continue to be offered for supported upgrade paths.
In addition, starting March 20th, 2009, a hourly charge will apply for technical support on systems that are not covered under an active AltiGen service plan. This applies only to systems not covered by an active service plan.
If the system is not covered under an active AltiGen service plan, an hourly charge will now be assessed. Mote that your system must be running a supported release to be eligible for no-charge or fee-based technical support. As of March 20th, 2009, our supported releases are 5.2 and 6.0.
If the system is covered by an active service plan, our current policies and procedures apply. No additional charges will be assessed.
A new option is available for after-hours emergency support. Previously, only systems covered by a Premier Service Plan were eligible for after-hours support. Starting immediately,fee-based after-hours emergency support is available to systems covered under Software Assurance or a Standard Service Plan. An hourly charge will apply, with a 1-hour minimum. After the initial hour, additional 15-minute increments can be purchased.
If the system is covered by an active Premier Service Plan, our current policies and procedures apply. No additional charges will be assessed.
Term and Conditions
Support services are non-refundable and do not guarantee issue resolution. Upon first use of purchased time, that time will be associated with the case opened by AltiGen’s TSO staff.
It can be utilized for only that case, and will expire 30 days after first use. Unused purchased time will expire after 1 year. Only systems running a currently supported version are eligible for technical support. As of 3/20/2009, release 5.1 and all prior releases are unsupported.
15 minute increments are purchased as extensions to 1 hour blocks of time. A 1 hour block must be purchased first; after the hour is exhausted, 15 minute extensions can be applied.
In the case of afterhours support services, support is only available for system down or major loss of service issues.
About AltiGen Communications
AltiGen Communications, Inc. (NASDAQ: ATGN) is a leading provider of 100% Microsoft-based VoIP business phone systems and Unified Communications solutions. Having more than 10,000 customers around the world, AltiGen solutions are designed for high reliability, ease of use, seamless integration to Microsoft infrastructure technologies, and are built on a scalable, open standards platform. AltiGen’s worldwide headquarters is in Silicon Valley, California, with international operations based in Shanghai, China.
About Bardissi Enterprises
Bardissi Enterprises, LLC is a network solutions provider for the small medium business market. Bardissi services serveral vertical markets from private business to municipal clients. Bardissi also provided managed services in order to deliver multiple services under one annual contract in order to reduce cost yet provide premium services for thier clients. Bardissi Enterprises is an AltiGen Certified Partner. Bardissi ’s main office is located in Hatfield, PA.
Leave a Comment » | 
Altigen | Tagged: 2008 Microsoft Worldwide Partner Conference, Airport Business Complex, Allentown, Altigen, AltiGen 802.1q support, Altigen Communications, AltiGen Max Communications Server 6.0, ALtiGen MAX1000, AltiGen MAX1000R, AltiGen Max2000, AltiGen Pennsylvania, Altigen Philadelphia, AltiGen Phone System, AltiGen QoS, AltiGen T1/PRI/E1 board, AltiGen VLAN, AtiGen Softswitch, Bardissi Enterprises, Bardissi Enterprises LLC, business telephone Allentown PA, business telephone DE, business telephone Delaware, business telephone Harrisburg PA, business telephone Lancaster PA, business telephone New Jersey, business telephone NJ, business telephone NYC, business telephone Philadelphia, business telephone systems, call center phone system Allentown PA, call center phone system DE, call center phone system Delaware, call center phone system Harrisburg PA, call center phone system Lancaster PA, call center phone system New Jersey, call center phone system NJ, call center phone system NY, call center phone system NYC, call center phone system Philadelphia, call recording Allentown PA, call recording DE, call recording Delaware, call recording Harrisburg PA, call recording Lancaster PA, call recording New Jersey, call recording NJ, call recording NY, call recording NYC, call recording Philadelphia, call tracking phone system DE, call tracking phone system Delaware, call tracking phone system Harrisburg PA, call tracking phone system Lancaster PA, call tracking phone system New Jersey, call tracking phone system NJ, call tracking phone system NY, call tracking phone system NYC, call tracking phone system Philadelphia, DE, Delaware, Harrisburg PA, hosted phone system Allentown PA, hosted phone system DE, hosted phone system Delaware, hosted phone system Harrisburg PA, hosted phone system Lancaster PA, hosted phone system New Jersey, hosted phone system NJ, hosted phone system Philadelphia, hosted voip Allentown PA, hosted voip DE, hosted voip Delaware, hosted voip Harrisburg PA, hosted voip Lancaster PA, hosted voip New Jersey, hosted voip NJ, hosted voip Philadelphia, hosted voip York PA, Integration with Microsoft Office Communicator, ip pbx Allentown PA, ip pbx DE, ip pbx Delaware, ip pbx Harrisburg PA, ip pbx Lancaster PA, ip pbx New Jersey, ip pbx NJ, ip pbx Philadelphia, Lancaster PA, MAX Communications Server 6.0 VoIP, MAX Communications Server 6.0 VoIP unified communicatio, MAX Communicator Server, MAX2000, MAXCS, MAXCS 6.0, Microsoft exchange phone system DE, Microsoft exchange phone system Delaware, Microsoft exchange phone system Harrisburg PA, Microsoft exchange phone system Lancaster PA, Microsoft exchange phone system New Jersey, Microsoft exchange phone system NJ, Microsoft exchange phone system NY, Microsoft exchange phone system NYC, Microsoft exchange phone system Philadelphia, Microsoft Exchange Server 2007 IP PBX plug-in, Microsoft Office Communications Server 2007, Microsoft phone system DE, Microsoft phone system Delaware, Microsoft phone system Harrisburg PA, Microsoft phone system Lancaster PA, Microsoft phone system New Jersey, Microsoft phone system NJ, Microsoft phone system NY, Microsoft phone system NYC, Microsoft phone system Philadelphia, multi branch phone system Allentown PA, multi branch phone system DE, multi branch phone system Delaware, multi branch phone system Harrisburg PA, multi branch phone system Lancaster PA, multi branch phone system New Jersey, multi branch phone system NJ, multi branch phone system NY, multi branch phone system NYC, multi branch phone system Philadelphia, Native Microsoft Exchange Server 2007 integration, New Jersey, New York, NJ, NY, NYC, PA, PBX, pbx Allentown PA, pbx DE, pbx Delaware, pbx Harrisburg PA, pbx Lancaster PA, pbx New Jersey, pbx NJ, pbx Philadelphia, pbx York PA, Pennsylvania, Philadelphia, Phone System, Phone System Allentown PA, phone system call monitoring DE, phone system call monitoring Delaware, phone system call monitoring Harrisburg PA, phone system call monitoring Lancaster PA, phone system call monitoring New Jersey, phone system call monitoring NJ, phone system call monitoring NY, phone system call monitoring NYC, phone system call monitoring Philadelphia, phone system conference calls DE, phone system conference calls Delaware, phone system conference calls Harrisburg PA, phone system conference calls Lancaster PA, phone system conference calls New Jersey, phone system conference calls NJ, phone system conference calls NY, phone system conference calls NYC, phone system conference calls Philadelphia, Phone System DE, Phone System Delaware, Phone System Harrisburg PA, Phone System Lancaster PA, Phone System New Jersey, Phone System NJ, Phone System Philadelphia, Phone System York PA, SIP, SIP phone system Allentown PA, SIP phone system DE, SIP phone system Delaware, SIP phone system Harrisburg PA, SIP phone system Lancaster PA, SIP phone system New Jersey, SIP phone system NJ, SIP phone system NY, SIP phone system NYC, SIP phone system Philadelphia, SIP Trunking Allentown PA, SIP Trunking DE, SIP Trunking Delaware, SIP Trunking Harrisburg PA, SIP Trunking Lancaster PA, SIP Trunking New Jersey, SIP Trunking NJ, SIP Trunking NY, SIP Trunking NYC, SIP Trunking Philadelphia, supervise phone calls Allentown PA, supervise phone calls DE, supervise phone calls Delaware, supervise phone calls Harrisburg PA, supervise phone calls Lancaster PA, supervise phone calls New Jersey, supervise phone calls NJ, supervise phone calls NY, supervise phone calls NYC, supervise phone calls Philadelphia, telephone system Allentown PA, telephone system DE, telephone system Delaware, telephone system Harrisburg PA, telephone system Lancaster PA, telephone system New Jersey, telephone system NJ, telephone system Philadelphia, telephone system York PA, unified communications, unified communications solutions, voicemail to email phone system DE, voicemail to email phone system Delaware, voicemail to email phone system Harrisburg PA, voicemail to email phone system Lancaster PA, voicemail to email phone system New Jersey, voicemail to email phone system NJ, voicemail to email phone system NY, voicemail to email phone system NYC, voicemail to email phone system Philadelphia, VoIP, voip Allentown PA, VoIP business telephone systems, voip DE, voip Delaware, voip Harrisburg PA, VoIP hot standby support, voip Lancaster PA, voip New Jersey, voip NJ, voip pbx Allentown PA, voip pbx DE, voip pbx Delaware, voip pbx Harrisburg PA, voip pbx LancasterPA, voip pbx New Jersey, voip pbx NJ, voip pbx Philadelphia, voip pbx York PA, voip Philadelphia, VoIP Phone, VoIP telephone systems, VoIP unified communications, voip York PA, York PA | 
Permalink
Posted by bardissi
March 10, 2009
|
Hatfield, PA, March 2, 2009
AltiGen Communications, Inc. (NASDAQ: ATGN), the leading provider of 100% Microsoft-based VoIP business phone systems and Unified Communications solutions announced today the availability of the MAX2000 Voice over IP (VoIP Phone System)
AltiGen Communications announces the release of HPBX 6.0 Update1.
This alert describes new features that are now included the AltiGens’s HBX solutions.
The following features are new in HPBX 6.0 Update1
1.Based on MAX Communication Server ACM 6.0 Update1
2.Support for HMCP Softswitch deployment to handle large implementations.
3.Redundancy Support
-Redundant Softswitch support
-Keeps direct connected calls after switchover between servers.
-Configurations are synchronized between primary Softswitch server and secondary Softswitch server
-Transparent to the clients, voice mail server, Enterprise Manager
5. MAX2000iG gateway support
Availability
The MAX2000 is available now through Bardissi Enterprises, LLC Hatfield, PA 19440 – Philadelphia, PA
About AltiGen Communications
AltiGen Communications, Inc. (NASDAQ: ATGN) is a leading provider of 100% Microsoft-based VoIP business phone systems and Unified Communications solutions. Having more than 10,000 customers around the world, AltiGen solutions are designed for high reliability, ease of use, seamless integration to Microsoft infrastructure technologies, and are built on a scalable, open standards platform. AltiGen’s worldwide headquarters is in Silicon Valley, California, with international operations based in Shanghai, China.
About Bardissi Enterprises
Bardissi Enterprises, LLC is a network solutions provider for the small medium business market. Bardissi services serveral vertical markets from private business to municipal clients. Bardissi also provided managed services in order to deliver multiple services under one annual contract in order to reduce cost yet provide premium services for thier clients. Bardissi Enterprises is an AltiGen Certified Partner. Bardissi ’s main office is located in Hatfield, PA.
|
|
|
|
| |
Leave a Comment » | Altigen, Bardissi Enterprises, Business Phone Solutions, Hosted VoIP, Internet Telephony Magazine, PBX, PBX Systems, Phone System, Telephone Systems, VoIP Phone | Tagged: 2008 Microsoft Worldwide Partner Conference, Airport Business Complex, Allentown, Altigen, AltiGen 802.1q support, Altigen Communications, AltiGen Max Communications Server 6.0, ALtiGen MAX1000, AltiGen MAX1000R, AltiGen Max2000, AltiGen Pennsylvania, Altigen Philadelphia, AltiGen Phone System, AltiGen QoS, AltiGen T1/PRI/E1 board, AltiGen VLAN, AtiGen Softswitch, Bardissi Enterprises, Bardissi Enterprises LLC, business telephone Allentown PA, business telephone DE, business telephone Delaware, business telephone Harrisburg PA, business telephone Lancaster PA, business telephone New Jersey, business telephone NJ, business telephone NYC, business telephone Philadelphia, business telephone systems, call center phone system Allentown PA, call center phone system DE, call center phone system Delaware, call center phone system Harrisburg PA, call center phone system Lancaster PA, call center phone system New Jersey, call center phone system NJ, call center phone system NY, call center phone system NYC, call center phone system Philadelphia, call recording Allentown PA, call recording DE, call recording Delaware, call recording Harrisburg PA, call recording Lancaster PA, call recording New Jersey, call recording NJ, call recording NY, call recording NYC, call recording Philadelphia, call tracking phone system DE, call tracking phone system Delaware, call tracking phone system Harrisburg PA, call tracking phone system Lancaster PA, call tracking phone system New Jersey, call tracking phone system NJ, call tracking phone system NY, call tracking phone system NYC, call tracking phone system Philadelphia, DE, Delaware, Harrisburg PA, hosted phone system Allentown PA, hosted phone system DE, hosted phone system Delaware, hosted phone system Harrisburg PA, hosted phone system Lancaster PA, hosted phone system New Jersey, hosted phone system NJ, hosted phone system Philadelphia, hosted voip Allentown PA, hosted voip DE, hosted voip Delaware, hosted voip Harrisburg PA, hosted voip Lancaster PA, hosted voip New Jersey, hosted voip NJ, hosted voip Philadelphia, hosted voip York PA, Integration with Microsoft Office Communicator, ip pbx Allentown PA, ip pbx DE, ip pbx Delaware, ip pbx Harrisburg PA, ip pbx Lancaster PA, ip pbx New Jersey, ip pbx NJ, ip pbx Philadelphia, Lancaster PA, MAX Communications Server 6.0 VoIP, MAX Communications Server 6.0 VoIP unified communicatio, MAX Communicator Server, MAX2000, MAXCS, MAXCS 6.0, Microsoft exchange phone system DE, Microsoft exchange phone system Delaware, Microsoft exchange phone system Harrisburg PA, Microsoft exchange phone system Lancaster PA, Microsoft exchange phone system New Jersey, Microsoft exchange phone system NJ, Microsoft exchange phone system NY, Microsoft exchange phone system NYC, Microsoft exchange phone system Philadelphia, Microsoft Exchange Server 2007 IP PBX plug-in, Microsoft Office Communications Server 2007, Microsoft phone system DE, Microsoft phone system Delaware, Microsoft phone system Harrisburg PA, Microsoft phone system Lancaster PA, Microsoft phone system New Jersey, Microsoft phone system NJ, Microsoft phone system NY, Microsoft phone system NYC, Microsoft phone system Philadelphia, multi branch phone system Allentown PA, multi branch phone system DE, multi branch phone system Delaware, multi branch phone system Harrisburg PA, multi branch phone system Lancaster PA, multi branch phone system New Jersey, multi branch phone system NJ, multi branch phone system NY, multi branch phone system NYC, multi branch phone system Philadelphia, Native Microsoft Exchange Server 2007 integration, New Jersey, New York, NJ, NY, NYC, PA, PBX, pbx Allentown PA, pbx DE, pbx Delaware, pbx Harrisburg PA, pbx Lancaster PA, pbx New Jersey, pbx NJ, pbx Philadelphia, pbx York PA, Pennsylvania, Philadelphia, Phone System, Phone System Allentown PA, phone system call monitoring DE, phone system call monitoring Delaware, phone system call monitoring Harrisburg PA, phone system call monitoring Lancaster PA, phone system call monitoring New Jersey, phone system call monitoring NJ, phone system call monitoring NY, phone system call monitoring NYC, phone system call monitoring Philadelphia, phone system conference calls DE, phone system conference calls Delaware, phone system conference calls Harrisburg PA, phone system conference calls Lancaster PA, phone system conference calls New Jersey, phone system conference calls NJ, phone system conference calls NY, phone system conference calls NYC, phone system conference calls Philadelphia, Phone System DE, Phone System Delaware, Phone System Harrisburg PA, Phone System Lancaster PA, Phone System New Jersey, Phone System NJ, Phone System Philadelphia, Phone System York PA, SIP, SIP phone system Allentown PA, SIP phone system DE, SIP phone system Delaware, SIP phone system Harrisburg PA, SIP phone system Lancaster PA, SIP phone system New Jersey, SIP phone system NJ, SIP phone system NY, SIP phone system NYC, SIP phone system Philadelphia, SIP Trunking Allentown PA, SIP Trunking DE, SIP Trunking Delaware, SIP Trunking Harrisburg PA, SIP Trunking Lancaster PA, SIP Trunking New Jersey, SIP Trunking NJ, SIP Trunking NY, SIP Trunking NYC, SIP Trunking Philadelphia, supervise phone calls Allentown PA, supervise phone calls DE, supervise phone calls Delaware, supervise phone calls Harrisburg PA, supervise phone calls Lancaster PA, supervise phone calls New Jersey, supervise phone calls NJ, supervise phone calls NY, supervise phone calls NYC, supervise phone calls Philadelphia, telephone system Allentown PA, telephone system DE, telephone system Delaware, telephone system Harrisburg PA, telephone system Lancaster PA, telephone system New Jersey, telephone system NJ, telephone system Philadelphia, telephone system York PA, unified communications, unified communications solutions, voicemail to email phone system DE, voicemail to email phone system Delaware, voicemail to email phone system Harrisburg PA, voicemail to email phone system Lancaster PA, voicemail to email phone system New Jersey, voicemail to email phone system NJ, voicemail to email phone system NY, voicemail to email phone system NYC, voicemail to email phone system Philadelphia, VoIP, voip Allentown PA, VoIP business telephone systems, voip DE, voip Delaware, voip Harrisburg PA, VoIP hot standby support, voip Lancaster PA, voip New Jersey, voip NJ, voip pbx Allentown PA, voip pbx DE, voip pbx Delaware, voip pbx Harrisburg PA, voip pbx LancasterPA, voip pbx New Jersey, voip pbx NJ, voip pbx Philadelphia, voip pbx York PA, voip Philadelphia, VoIP Phone, VoIP telephone systems, VoIP unified communications, voip York PA, York PA | Permalink
Posted by bardissi
March 10, 2009
Severity: High
10 March, 2009
Summary:
- These vulnerabilities affect: All current versions of Windows
- How an attacker exploits them: Multiple vectors of attack, including enticing your users to a malicious web site
- Impact: Various results; in the worst case, attacker can gain complete control of your Windows computer
- What to do: Install the appropriate Microsoft patches immediately
Exposure:
Today, Microsoft released three security bulletins describing eight vulnerabilities that affect Windows and components that ship with it. Each vulnerability affects different versions of Windows to varying degrees. However, a remote attacker could exploit the worst of these flaws to gain complete control of your Windows PC. The summary below lists the vulnerabilities, in order from highest to lowest severity.
MS09-006: Three Windows Kernel Vulnerabilities
The kernel is the core component of any operating system (OS), and is responsible for managing communication between hardware and software. According to Microsoft’s security bulletin, the Windows kernel suffers from three vulnerabilities. The worst of these flaws involves the kernel component for the Windows Graphics Device Interface (GDI). This is a component Windows uses to output graphics to your monitor or printer. Unfortunately, the GDI kernel component doesn’t properly validate certain graphic input. By enticing one of your users to view a maliciously crafted image (either a .wmf or .emf image), possibly hosted on a malicious web site, a remote attacker can exploit this vulnerability to execute code on that user’s computer with full “SYSTEM” privileges. This means the attacker gains complete control of that user’s PC. The remaining two kernel flaws are both elevation of privilege vulnerabilities that require Windows credentials and local access to exploit.
Microsoft rating: Critical.
MS09-007: SChannel Certificate Authentication Spoofing Vulnerability
SChannel is the Windows component used to implement the Secure Sockets Layer (SSL) protocol, and its successor, the Transport Layer Security (TLS) protocol. Many network clients use these protocols to build secure connections over the Internet. For instance, your web browser commonly uses these protocols to establish connections to secure web sites. These protocols also support certificate-based authentication, where users have public and private keys they use to authenticate to secure servers (you can learn more about public key infrastructure (PKI) here).
Unfortunately, SChannel does not properly enforce the public/private key relationship. Typically, when your web browser authenticates to a secure web site using the public key component of your certificate, it should also validate that you have access to the correct private key corresponding to that public key. SChannel does not correctly validate this public/private key relationship. As a result, if an attacker can gain access to only your public key, he can use it to authenticate to secure servers, impersonating you. The attacker would not need access to your private key to carry out this attack. Granted, your public key doesn’t get as widely distributed as its name might suggest. An attacker would have to packet sniff on your network, or entice you to a specially crafted site in order to get your public key. However, it is still much more available than your private key. Not validating the private key completely defeats the security that public key cryptology offers.
Microsoft rating: Important.
MS09-008: Four Windows DNS and WINS Server Vulnerabilities.
The DNS and WINS servers that ship with the Server versions of Windows suffer from four security vulnerabilities. First, the DNS Server suffers from two DNS cache poisoning vulnerabilities due to programmatic flaws that allow attackers a better chance of predicting the next DNS transaction ID. These flaws are similar to the major DNS flaws Dan Kaminsky described last year. If you’d like to learn more about the flaws reported by Dan Kaminsky, and how greater predictability of DNS transaction IDs can lead to DNS cache poisoning attacks, you can read our previous DNS alerts [ 1 / 2 ], or listen to the July ‘08 episode of Radio Free Security.
Next, both the DNS and WINS servers suffer from what Microsoft calls Web Proxy Auto-Discovery (WPAD) registration vulnerabilities. WPAD is a Microsoft-designed protocol that allows your web browser to automatically find proxy servers on your network by looking for host names or domain names that start with “wpad”. Unfortunately, if you are not using this feature, and haven’t registered the “wpad” domain or hostname on your WINS and DNS servers, any attacker on your network can register the “wpad” name for you. Once they do, any browsers that support WPAD (such as IE and Firefox) will redirect all your users web traffic through that attacker’s server, thus allowing the attacker to see all of your users web traffic (commonly referred to as a Man-in-the-Middle (MitM) attack).However, only a local attacker can leverage this vulnerability.
Microsoft rating: Important.
Solution Path:
Microsoft has released patches for Windows which correct all of these vulnerabilities. You should download, test, and deploy the appropriate patches throughout your network immediately.
MS09-006:
MS09-007:
MS09-008:
- For Windows 2000
- For Windows Server 2003
- For Windows Server 2003 x64
- For Windows Server 2003 Itanium
- For Windows Server 2008
- For Windows Server 2008 x64
Note: This vulnerability only affects the Server versions of Windows.
For All WatchGuard Users:
Attackers exploit most of these attacks locally, without passing traffic through your firewall. For that reason, we urge you to apply the patches above.
However, many of WatchGuard’s Firebox models allow you to prevent your users from accessing certain content based on file extensions. If you like, you can temporarily mitigate the risk of one of these vulnerabilities by blocking .WMF and .EMF image files using your Firebox’s proxy services. Keep in mind, doing this also blocks legitimate .WMF and .EMF images as well.
If you choose to block these image types, follow the links below for video instructions on using your Firebox proxy’s content blocking features to block .WMF and .EMF files by their file extensions:
- Firebox X Edge running 10.x
- Firebox X Core and X Peak running Fireware 10.x
Status:
Microsoft has released patches correcting these issues.
References:
Leave a Comment » | Bardissi Enterprises, Business Computer Support, Computer Security, Home Computer Support, Microsoft, Network Infrastructure, Non-Profit Technology, Watchguard, Windows Vista | Tagged: Bardissi Enterpries, Firebox X Core, Firebox X Edge, Firebox X Peak, Microsoft Security Bulletin, MS09-006, MS09-007, MS09-008, Watchguard | Permalink
Posted by bardissi
