Secunia

[REM]

This site was mentioned in another thread. It details many
vulnerabilities for many hardware and software products. Some of these
are relatively easy to repair with settings or getting patched.

Here is the main page that list the vulnerabilities for 5099 different
software and hardware products. Routers, servers, linux, MS, etc. Not
all of these have existing vulnerabilities, but it's an interesting
surf in checking the products and softwares that you might use.

http://secunia.com/product/


Firewalls:

Kerio 2.1.5: (and Tiny 2x)
http://secunia.com/product/1493/

Kerio 4x:
http://secunia.com/product/2654/

Sygate 5x:
http://secunia.com/product/254/

Zone Alarm 5x - no issues:
http://secunia.com/product/4647/


I found one XP weakness that can apparently be fixed via settings:

XP Home and Pro:

http://secunia.com/advisories/12793/

"Description:
A weakness has been reported in Windows XP, which can be exploited to
bypass certain rules in the Internet Connection Firewall (ICF).

The problem is caused due to the firewall by default accepting
incoming connections to ports listened on by the "sessmgr.exe"
process.

This can e.g. be exploited by malicious, unprivileged users to host an
unauthorised service or by a trojan to accept incoming connections by
starting "sessmgr.exe" and then inject malicious code into the running
process.

Successful exploitation does not require administrative privileges on
an affected system.

The weakness has been reported in Windows XP SP2. Other versions may
also be affected.

NOTE: This is a general problem with personal firewalls and can be
exploited via any program granted access through the firewall without
user interaction. It is a known issue and have been discussed in the
security community about 2 years ago. PoC exploit code has also
priorly been released by Oliver Lavery.

Solution:
Uncheck "Remote Assistance" under the "Exceptions" tab for the ICF
configuration.

Don't rely solely on personal firewalls to prevent unauthorised
Internet access."

-----------------------------------------------------------------------------
Start\Control Panel\Windows Firewall\Exceptions
Uncheck "Remote Assistance"
-----------------------------------------------------------------------------

Unfortunately this is the only current XP exploit that I saw that can
easily be fixed. The rest are, "be careful of what images a web site
might throw at you," and buffer overflows and such.


Other vulnerabilities of interest:

All MS products:
http://secunia.com/vendor/1/

MS Windows 98SE:
http://secunia.com/product/13/

MS Windows ME:
http://secunia.com/product/14/

MS Windows XP:
http://secunia.com/product/22/

MS Visual Studio 6: (writes Win apps!)
http://secunia.com/advisories/9534/


Coffee Cup Free FTP 3x & 6x:
http://secunia.com/product/4307/

Don't use MS Java: Information leakage
http://secunia.com/advisories/12047/

IE exploit test:
http://secunia.com/internet_explorer_command_execution_vulnerability_test/

Mozilla memory exploit test:
http://secunia.com/mozilla_products_arbitrary_memory_exposure_test/


No software is perfect. We all try a great deal of freeware apps and
most likely some commercial apps. I guess that it just boggles my mind
when thinking of the implications of mixing say a router with a flaw,
a firewall with flaws, apps that choke when viewing an image or any
buffer overrun that might allow an attacker invisible access to the
system, all loaded on an imperfect OS full of security holes and
pretty much written to be released by a certain date, rather than to
worry about engineering from the ground up... basic security.

Even without worrying so much about release dates and such, I see my
version of Redhat has some issues. Note the rate of success in
repairing issues, versus that of MS though. That's an older release of
RH.

Redhat 7.3
http://secunia.com/product/45/

General Linux:
http://secunia.com/vendor/3/

Thanks to all that introduced this site (Secunia). I find it very
interesting and I am interested in other security related sites. A
well regulated operating system, being necessary to the security of a
freeware user, the right of the people to keep and bear better
operating systems and programs, shall not be infringed. Now who took
my mouse??

 

[Helen]

Start\Control Panel\Windows Firewall\Exceptions

WHERE is this --"Windows Firewall" found? I go to Start\Ctrl Panel\..."
and nothing like the remainder
of the line you have here. What am I missing? XP home SP1..... and
various 'keep me safe' progs.
TIA

Helen

This site was mentioned in another thread. It details many
vulnerabilities for many hardware and software products. Some of these
are relatively easy to repair with settings or getting patched.

Here is the main page that list the vulnerabilities for 5099 different
software and hardware products. Routers, servers, linux, MS, etc. Not
all of these have existing vulnerabilities, but it's an interesting
surf in checking the products and softwares that you might use.

http://secunia.com/product/


Firewalls:

Kerio 2.1.5: (and Tiny 2x)
http://secunia.com/product/1493/

Kerio 4x:
http://secunia.com/product/2654/

Sygate 5x:
http://secunia.com/product/254/

Zone Alarm 5x - no issues:
http://secunia.com/product/4647/


I found one XP weakness that can apparently be fixed via settings:

XP Home and Pro:

http://secunia.com/advisories/12793/

"Description:
A weakness has been reported in Windows XP, which can be exploited to
bypass certain rules in the Internet Connection Firewall (ICF).

The problem is caused due to the firewall by default accepting
incoming connections to ports listened on by the "sessmgr.exe"
process.

This can e.g. be exploited by malicious, unprivileged users to host an
unauthorised service or by a trojan to accept incoming connections by
starting "sessmgr.exe" and then inject malicious code into the running
process.

Successful exploitation does not require administrative privileges on
an affected system.

The weakness has been reported in Windows XP SP2. Other versions may
also be affected.

NOTE: This is a general problem with personal firewalls and can be
exploited via any program granted access through the firewall without
user interaction. It is a known issue and have been discussed in the
security community about 2 years ago. PoC exploit code has also
priorly been released by Oliver Lavery.

Solution:
Uncheck "Remote Assistance" under the "Exceptions" tab for the ICF
configuration.

Don't rely solely on personal firewalls to prevent unauthorised
Internet access."

-------------------------------------------------------------------------- ---
Start\Control Panel\Windows Firewall\Exceptions
Uncheck "Remote Assistance"
-------------------------------------------------------------------------- ---

Unfortunately this is the only current XP exploit that I saw that can
easily be fixed. The rest are, "be careful of what images a web site
might throw at you," and buffer overflows and such.


Other vulnerabilities of interest:

All MS products:
http://secunia.com/vendor/1/

MS Windows 98SE:
http://secunia.com/product/13/

MS Windows ME:
http://secunia.com/product/14/

MS Windows XP:
http://secunia.com/product/22/

MS Visual Studio 6: (writes Win apps!)
http://secunia.com/advisories/9534/


Coffee Cup Free FTP 3x & 6x:
http://secunia.com/product/4307/

Don't use MS Java: Information leakage
http://secunia.com/advisories/12047/

IE exploit test:
http://secunia.com/internet_explorer_command_execution_vulnerability_test/

Mozilla memory exploit test:
http://secunia.com/mozilla_products_arbitrary_memory_exposure_test/


No software is perfect. We all try a great deal of freeware apps and
most likely some commercial apps. I guess that it just boggles my mind
when thinking of the implications of mixing say a router with a flaw,
a firewall with flaws, apps that choke when viewing an image or any
buffer overrun that might allow an attacker invisible access to the
system, all loaded on an imperfect OS full of security holes and
pretty much written to be released by a certain date, rather than to
worry about engineering from the ground up... basic security.

Even without worrying so much about release dates and such, I see my
version of Redhat has some issues. Note the rate of success in
repairing issues, versus that of MS though. That's an older release of
RH.

Redhat 7.3
http://secunia.com/product/45/

General Linux:
http://secunia.com/vendor/3/

Thanks to all that introduced this site (Secunia). I find it very
interesting and I am interested in other security related sites. A
well regulated operating system, being necessary to the security of a
freeware user, the right of the people to keep and bear better
operating systems and programs, shall not be infringed. Now who took
my mouse??

=----

 

[Steven Burn]

Start > Control Panel > Network Connections

'//
- If you are enabling/disabling it on a LAN;

Right click "Local Area Connection"

- If you are enabling/disabling it on a dialup or other connection;

Right click the connection profile
'//

Select Properties > Advanced (tab)

--
Regards

Steven Burn
Ur I.T. Mate Group
www.it-mate.co.uk

Keeping it FREE!

 

[Helen]

Apologoies, REM... I was talking about a different program...: absolute
record....I think is the name.

 

[badgolferman]

Helen, 6/8/2005, 2:53:58 PM,

Start\Control Panel\Windows Firewall\Exceptions

WHERE is this --"Windows Firewall" found? I go to Start\Ctrl
Panel\..." and nothing like the remainder
of the line you have here. What am I missing? XP home SP1.....
and various 'keep me safe' progs.
TIA

Helen

I believe the Windows Firewall is installed with SP2.

 

[Fuzzy Logic]

Helen, 6/8/2005, 2:53:58 PM,


I believe the Windows Firewall is installed with SP2.

All versions of Windows XP have a firewall. SP2 enabled it by default:

http://www.microsoft.com/windowsxp/using/networking/learnmore/icf.mspx

 

[Helen]

Well, I don't have that (protect my computer from connecting to the
Internet) checked... but I cannot find anything that
says or resembles a 'remote assistance', HOWEVER, the isp I HAVE to use
(no choice, it's this or nothing), has their
own monitoring software - which includes a backup dial-up... and their
'help' center. If those are disabled, uninstalled
the internet won't work at all..... so there you have it... and I do use a
firewall and don't contact BS's "help" center..but
whatever they do (monitor, watch, etc..... their EULA leaves nothing to
chance...they have you locked up tighter than
a drum...e.g., very restrictive ... and in this area there is no choice for
internet... can you spell mo-nop-oly? Yet they
deny it and do so with the enormous blessings of the 11th Cir Ct!


Start > Control Panel > Network Connections

'//
- If you are enabling/disabling it on a LAN;

Right click "Local Area Connection"

- If you are enabling/disabling it on a dialup or other connection;

Right click the connection profile
'//

Select Properties > Advanced (tab)

--
Regards

Steven Burn
Ur I.T. Mate Group
www.it-mate.co.uk

Keeping it FREE!

 

[badgolferman]

All versions of Windows XP have a firewall. SP2 enabled it by default:

http://www.microsoft.com/windowsxp/using/networking/learnmore/icf.mspx

What an obscure place to hide it! I have SP1 at home and SP2 machine
at work. It is very easy to find in SP2 but I never saw it in my home
machine. Well, with Kerio installed I guess it doesn't really matter.
Thanks for enlightening me.