From aleph1@SECURITYFOCUS.COM Sat May 5 01:38:05 2001 From: Elias Levy To: BUGTRAQ@SECURITYFOCUS.COM Date: Wed, 2 May 2001 23:34:06 -0600 Subject: [BUGTRAQ] SSRT0716-01 Security Advisory - Compaq Presario & Active-X [The following text is in the "iso-8859-1" character set] [Your display is set for the "US-ASCII" character set] [Some characters may be displayed incorrectly] From: "Boren, Rich" Subject: SSRT0716-01 Security Advisory - Compaq Presario & Active-X Date: Thu, 3 May 2001 00:21:50 -0500 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 NEW SoftPaq 17398 supercedes SoftPaq 16629 =========================================== TITLE: SSRT0716-01 - Compaq Presario Potential Active X Denial of Service Security Vulnerability x-ref: SSRT0716 10-APR-2001 SOURCE: Compaq Computer Corporation, Software Security Response Team =========================================== Update: 02-MAY-2001 ** No Restriction for Distribution ** provided the advisory remains intact. OS Systems: Windows 98, Windows Me UPDATE: SoftPaq 17398 has replaced SoftPaq 16629 and the patch available from the Compaq Service Connection identified in the advisory released 10-APR-2001. SoftPaq 16629 was not completely effective on some Presario systems and Presario Customers should install SoftPaq 17398 via the web or enable the Service Connection to install the new FP17398. We apologize for this inconvenience. Apply the new SoftPaq 17398 patch to Presario Systems. http://web14.compaq.com/falco/sp_syn.asp?page=splist&detail=yes&recid= 17398 (**note: double check the above URL, it's length may cause it to wrap ) If you experience a problem with this Softpaq, please contact Compaq's Presario technical support engineering at: http://askq.compaq.com/askpresario/form.asp Other than the updated SoftPaq 17398 notice, the remainder or this advisory remains unchanged. Date: 10-APR-2001 SEVERITY: HIGH PROBLEM STATEMENT SUMMARY: Compaq continues to take a serious approach to the quality and security of all its software products and makes every effort to address issues and provide solutions in a timely manner. In line with this commitment, Compaq is responding to recent concerns of a potential security vulnerability with Active X. Compaq Presario personal computers provide customer support features through its Knowledge Center and Back web components. Some features are implemented with Microsoft's Active X. By utilizing the active X control function, "LogDataListToFile", an attacking web page could write a specified file to the system's hard drive. This allows a potential denial of service vulnerability. The content of the file written is not modifiable. The named file contains text with hardware and software configuration information. IMPACT: ** Note: Compaq Proliant Systems are not affected by this problem. Languages Affected: Multi-lingual OS Systems: Windows 98, Windows Me ( See below for a list of most of the affected model numbers. ) SOLUTION: Compaq has changed the way the Microsoft Active X features are used in Presario systems. A software patch is available via the Internet as ** SoftPaq 17398 that solves this problem. [** Note: 25-APR-2001 SoftPaq 17398 has superceded Softpaq 16629] The patch was sent via Compaq's Back Web server to the affected systems on March 27, 2001. If this feature is enabled on a system, the update takes place automatically. It will also be available on Microsoft's Windows Update Site After April 25, 2001. WHAT CUSTOMERS SHOULD DO: XX Apply the SoftPaq 16629 patch to Presario Systems. XX XXhttp://web14.compaq.com/falco/sp_syn.asp?page=splist&detail= XX yes&recid=16629 SoftPaq 16629 has been superseded by the release of SoftPaq 17398 http://web14.compaq.com/falco/sp_syn.asp?page=splist&detail=yes&recid= 17398 (**note: double check the above URL, it's length may cause it to wrap ) Compaq appreciates your cooperation and patience. We regret any inconvenience this may have caused. As always, Compaq urges you to periodically review your system management and security procedures. Compaq will continue to review and enhance the security features of its products and work with customers to maintain and improve the security and integrity of their systems. (c) Copyright 2001 Compaq Computer Corporation. All rights reserved To subscribe to automatically receive future NEW Security Advisories from the Compaq's Software Security Response Team via electronic mail, Use your browser select the URL http://www.support.compaq.com/patches/mailing-list.shtml Select "Security and Individual Notices" for immediate dispatch notifications directly to your mailbox. To report new Security Vulnerabilities, send mail to: security-ssrt@compaq.com MODELS AFFECTED: Laptop Models: · 1200T, 1200-XL102, 1200-XL104, 1200-XL105, 1200-XL106, 1200-XL107, 1200-XL110, 1200-XL111, 1200-XL118, 1200-XL119, 1200-XL450 · 1244, 1245, 1247, 1255, 1256, 1260, 1266, 1267, 1270, 1272, 1273, 1274, 1275, 1277, 1278, · 12XL125, 12XL126, 12XL127, 12XL128, 12XL300, 12XL300B, 12XL310, 12XL325, 12XL326, 12XL327, 12XL330, 12XL400, 12XL401, 12XL410, 12XL426, 12XL427, 12XL430, 12XL500, 12XL501, 12XL505, 12XL510, 12XL526, 12XL527, 12XL530 · 1400T EB2 (14XL3EB), 1400T-XL4, 14XL240, 14XL244, 14XL245, 14XL340, 14XL345, 14XL420, 14XL440, 14XL445 · 1660, 1670, 1672, 1675, 1685, 1687, 1688, 1690, 1692, 1693, 1694 · 1800, 1825, 1827, 1830 · 1700T-XL5, 17XL260, 17XL262, 17XL265, 17XL275, 17XL360, 17XL365, 17XL375, 17XL460, 17XL465, 17XL475, 17XL570, 17XL575 · 1800T, 1800T-XL4, 1800-XL180, 1800-XL181, 18XL2 CTO, 18XL280, 18XL380, 18XL390, 18XL580 · 1900-XL1, 1900-XL161 · 1920, 1925, 1930 Desktops Models · 305 · 2281, 2286 · 3550 · 5000A Carepanion, 5000T, 5000US, 5000Z (5UVM21), 5000Z / 5007H, 5000Z / 5008H, 5001CL, 5001R, 5001SR, 5002US, 5003R, 5003US, 5004CL, 5004US, 5005CL, 5005R, 5005SR, 5006H, 5006US, 5007R, 5007SR, 5008US, 5009CL, 5009R, 5009SR, 5010US, 5011CL, 5011R, 5012US, 5014US · 5070 · 5184, 5185 · 5202, 5204, 5220, 5222, 5225, 5240, 5242, 5245, 5280, 5282, 5284, 5285 · 5301, 5304, 5330, 5340, 5345, 5352, 5360, 5365 · 5410, 5440, 5451, 5457, 5460, 5461, 5465, 5473 · 5600, 5670, 5686, 5690, 5695, 5697 · 5710, 5711, 5712, 5714, 5715, 5716, 5717, 5721, 5722, 5724, 5725, 5726, 5735, 5736, 5738, 5745 · 5822, 5832, 5837, 5838, 5855, 5861, 5868, 5875, 5888 · 5600I, 5600Kiosk, 5600S · 5700n · 5900z . 5BW112, 5BW120, 5BW122, 5BW130, 5BW131, 5BW135, 5BW160, 5BW172, 5BW175, 5BW220, 5BW250, 5BW251, 5BW284, 5WV232, 5WV252, 5WV254, 5WV260, 5WV261, 5WV270, 5WV271, 5WV275, 5WV280, 5WV282, 5WV285, 5WV294, 5WV295 · 7360, 7462, 7465, 7470, 7471, 7475, 7478, 7485, 7585, 7588, 7590, 7594, 7595, 7596, 7598, 7599, 7885, 7895, 7922, 7947, 7970, 7985, 7990, 7994 · 7000T (7RPM), 7000US, 7000z-7PL2, 7001CL, 7002US, 7003US, 7006US · 7AP134, 7AP135, 7AP140, 7AP170, 7AP195, 7PL270, 7PL290, 7PL295, 7QSM · 800T-80XL4, 80XL550 · EZ2200, EZ2207, EZ2605, EZ2700, COMPAQ AND/OR ITS RESPECTIVE SUPPLIERS MAKE NO REPRESENTATIONS ABOUT THE SUITABILITY OF THE INFORMATION CONTAINED IN THE DOCUMENTS AND RELATED GRAPHICS AND/OR SOFTWARE PUBLISHED ON THIS SERVER FOR ANY PURPOSE. ALL SUCH DOCUMENTS AND RELATED GRAPHICS ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND AND ARE SUBJECT TO CHANGE WITHOUT NOTICE. THE ENTIRE RISK ARISING OUT OF THEIR USE REMAINS WITH THE RECIPIENT. IN NO EVENT SHALL COMPAQ AND/OR ITS RESPECTIVE SUPPLIERS BE LIABLE FOR ANY DIRECT, CONSEQUENTIAL, INCIDENTAL, SPECIAL, PUNITIVE OR OTHER DAMAGES WHATSOEVER (INCLUDING WITHOUT LIMITATION, DAMAGES FOR LOSS OF BUSINESS PROFITS, BUSINESS INTERRUPTION, OR LOSS OF BUSINESS INFORMATION), EVEN IF COMPAQ HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.8 for non-commercial use iQA/AwUBOvDqAagxZJFjvD74EQLSSgCgr6eSCyZA8MhQFzK0jrlSMaW1dnAAnjrZ xRzHtRfWHSS5YOPjA7bgwXYi =LIJB -----END PGP SIGNATURE-----