lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 03 Apr 2007 14:23:21 -0700
From: Jim Hoagland <jim_hoagland@...antec.com>
To: Bugtraq <bugtraq@...urityfocus.com>
Subject: Nine Vista CVEs, including Microsoft inaccurate Teredo use case
 documentation

Hello all,

In my blog today [1] I give a brief run-down of nine CVE entries that were
recently published for Vista; the CVEs are numbered CVE-2007-1527 through
CVE-2007-1535.  At this point, I do not know who requested the entries be
created.  However, the entries are based on items reported in Symantec's
recent Windows Vista Network Attack Surface Analysis report [2], for which I
was lead author, so I thought that I was in a good position to explain them.

Most of the CVEs are for items that are not especially significant and in
one or two cases can be considered historic (aside from it being applicable
to Vista in particular).

I do discuss one item in more depth though, since I feel it is important.
The documentation that is currently on the Microsoft web site makes it seem
like you need to do something special for Teredo to become active.  In
reality, we have seen Teredo used on fresh Vista installs.

Who is to say the reason Microsoft has the inaccurate information (it could
be an innocent mistake that has remained unfixed for several months), but
the effect is to downplay the configurations under which Teredo will be
used.  This misleads people as to how much attention they need to pay to
Teredo when they install/deploy Vista.  Teredo does pose some significant
security concerns and it probably will not be uncommon to find a Vista host
using Teredo.

More in the blog [1] ...

-- Jim

[1] 
http://www.symantec.com/enterprise/security_response/weblog/2007/04/microsof
ts_inaccurate_teredo_d.html ( http://preview.tinyurl.com/yu7vhu )

[2] 
http://www.symantec.com/avcenter/reference/Vista_Network_Attack_Surface_RTM.
pdf ( http://preview.tinyurl.com/2qrglc )


-- 
Jim Hoagland, Ph.D., CISSP
Principal Security Researcher
Advanced Threats Research
Symantec Security Response

Powered by blists - more mailing lists