[ISN] Secunia Weekly Summary - Issue: 2003-48

From: InfoSec News (isn@private)
Date: Fri Nov 28 2003 - 01:30:52 PST


========================================================================

                  The Secunia Weekly Advisory Summary                  
                        2003-11-20 - 2003-11-27                        

                       This week : 36 advisories                       

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing

========================================================================
1) Word From Secunia:

The Secunia staff is spending hours every day to assure you the best
and most reliable source for vulnerability information. Every single 
vulnerability report is being validated and verified before a Secunia
advisory is written.

Secunia validates and verifies vulnerability reports in many different
ways e.g. by downloading the software and performing comprehensive
tests, by reviewing source code, or by validating the credibility of
the source from which the vulnerability report was issued.

As a result, Secunia's database is the most correct and complete source
for recent vulnerability information available on the Internet.

Secunia Online Vulnerability Database:
http://www.secunia.com/

========================================================================
2) This Week in Brief:

Security researcher Liu Die Yu has again proven Internet Explorer to be
vulnerable to execution of arbitrary code without user interaction.
Due to the new research information, Secunia released an advisory rated
"Extremely critical", advising all users of Internet Explorer to
either disable "Active Scripting" or to use another product.
Ref.: [SA10289]

Last week Secunia was informed of a privilege escalation vulnerability
in Symantec's pcAnywhere version 9.x. According to a Symantec security
advisory issued a couple of days later, version 10.x was also
vulnerable. Since version 9.x is no longer supported, an update is only
available for version 10.x.
Ref.: [SA10238]

Opera Software released a new version of their very popular web browser
which fixed two severe security flaws. It was security researcher Jouko
Pynnönen, who discovered the flaws in the handling of skin files. One 
of the vulnerabilities does not require any greater technical skill to
exploit. Therefore, all users of the Opera browser is urged to upgrade
to version 7.23 as soon as possible.
Ref.: [SA10277]

The Apple Safari browser suffers from a two year old Mozilla
vulnerability, which could be abused by a malicious site to steal
cookie information from any other site. Information such as: usernames,
passwords, or sessions cookies.
Currently, no solution is available for this issue.
Ref.: [SA10252]

TIP:
Finding Secunia advisories is easily done through the Secunia web site.
Simply enter the SA ID in the URL:
http://secunia.com/SA10238

========================================================================
3) This Weeks Top Ten Most Read Advisories:

1.  [SA10289] Internet Explorer System Compromise Vulnerabilities
2.  [SA9711]  Microsoft Internet Explorer Multiple Vulnerabilities
3.  [SA10252] Apple Safari Cookie Stealing Vulnerability
4.  [SA10277] Opera Browser Skin File Handling Vulnerabilities
5.  [SA10269] Mac OS X Security Update Fixes Multiple Vulnerabilities
6.  [SA10271] FreeRADIUS Tagged Attribute Handling Vulnerabilities
7.  [SA10192] Microsoft Internet Explorer Multiple Vulnerabilities
8.  [SA10276] IBM AIX rcp Privilege Escalation Vulnerability
9.  [SA10267] Sun Solaris PGX32 Frame Buffer Privilege Escalation
              Vulnerability
10. [SA10273] Sybase ASE Password Array Heap Overflow Vulnerability

========================================================================
4) Vulnerabilities Summary Listing

Windows:
[SA10289] Internet Explorer System Compromise Vulnerabilities
[SA10275] Xitami POST Request Infinite Loop Denial of Service
Vulnerability
[SA10272] Effect Office Buffer Overflow Vulnerability
[SA10292] Mozilla "irc:" URI Handler Denial of Service

UNIX/Linux:
[SA10296] Gentoo update for net-dialup/freeradius
[SA10290] Gentoo update for phpSysInfo
[SA10271] FreeRADIUS Tagged Attribute Handling Vulnerabilities
[SA10298] Fedora update for Ethereal
[SA10297] OpenPKG update for zebra
[SA10293] Gentoo update for ethereal
[SA10291] Gentoo update for libnids
[SA10285] Red Hat update for stunnel
[SA10270] Conectiva update for zebra
[SA10269] Mac OS X Security Update Fixes Multiple Vulnerabilities
[SA10280] Monit HTTP Request Handling Vulnerabilities
[SA10265] Gentoo update for hylafax
[SA10287] Sun Linux update for fileutils
[SA10283] Red Hat update for Pan
[SA10282] Pan Author Email Address Denial of Service Vulnerability
[SA10274] SIRCD Operator Privilege Escalation Vulnerability
[SA10278] SGI IRIX update for rpc.mountd
[SA10294] Mandrake update for stunnel
[SA10276] IBM AIX rcp Privilege Escalation Vulnerability
[SA10267] Sun Solaris PGX32 Frame Buffer Privilege Escalation
Vulnerability
[SA10266] Gentoo update for Opera
[SA10303] Engarde update for bind
[SA10288] Sun Linux update for glibc
[SA10284] Red Hat update for iproute

Other:
[SA10286] Thomson TCM315 Cable Modem HTTP Request Denial of Service
[SA10299] Sun Fire Blade System Chassis ARP Packet Denial of Service

Cross Platform:
[SA10281] Anthill Arbitrary Attachment Execution Vulnerability
[SA10277] Opera Browser Skin File Handling Vulnerabilities
[SA10273] Sybase ASE Password Array Heap Overflow Vulnerability
[SA10279] vbPortal Anonymous Email Sending Vulnerability
[SA10268] phpFriendlyAdmin Cross-Site Scripting Vulnerabilities
[SA10300] BIND Negative Cache Poisoning Vulnerability

========================================================================
5) Vulnerabilities Content Listing

Windows:--

[SA10289] Internet Explorer System Compromise Vulnerabilities

Critical:    Extremely critical
Where:       From remote
Impact:      System access, Exposure of sensitive information, Cross
Site Scripting, Security Bypass
Released:    2003-11-25

Multiple vulnerabilities have been identified in Internet Explorer,
which in combination can be exploited to compromise a user's system.

Full Advisory:
http://www.secunia.com/advisories/10289/

 --

[SA10275] Xitami POST Request Infinite Loop Denial of Service
Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2003-11-21

A vulnerability has been reported in Xitami, which can be exploited by
malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://www.secunia.com/advisories/10275/

 --

[SA10272] Effect Office Buffer Overflow Vulnerability

Critical:    Moderately critical
Where:       From local network
Impact:      DoS, System access
Released:    2003-11-21

A vulnerability has been reported in Effect Office, which can be
exploited by malicious people to cause a DoS (Denial of Service) and
potentially compromise a vulnerable system.

Full Advisory:
http://www.secunia.com/advisories/10272/

 --

[SA10292] Mozilla "irc:" URI Handler Denial of Service

Critical:    Not critical
Where:       From remote
Impact:      DoS
Released:    2003-11-26

A problem has been reported in Mozilla, which can be exploited by
malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://www.secunia.com/advisories/10292/


UNIX/Linux:--

[SA10296] Gentoo update for net-dialup/freeradius

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2003-11-26

Gentoo has issued an updated version of net-dialup/freeradius. This
fixes two vulnerabilities, which can be exploited to cause a DoS
(Denial of Service) and potentially compromise a vulnerable system.

Full Advisory:
http://www.secunia.com/advisories/10296/

 --

[SA10290] Gentoo update for phpSysInfo

Critical:    Highly critical
Where:       From remote
Impact:      Exposure of sensitive information, System access
Released:    2003-11-25



Full Advisory:
http://www.secunia.com/advisories/10290/

 --

[SA10271] FreeRADIUS Tagged Attribute Handling Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2003-11-21

Two vulnerabilities have been identified in FreeRADIUS, which can be
exploited by malicious people to cause a DoS (Denial of Service) and
potentially compromise a vulnerable system.

Full Advisory:
http://www.secunia.com/advisories/10271/

 --

[SA10298] Fedora update for Ethereal

Critical:    Moderately critical
Where:       From remote
Impact:      System access, DoS
Released:    2003-11-26

Red Hat has issued updated packages for Ethereal. These fix multiple
vulnerabilities, which potentially can be exploited by malicious people
to compromise a vulnerable system running Ethereal.

Full Advisory:
http://www.secunia.com/advisories/10298/

 --

[SA10297] OpenPKG update for zebra

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2003-11-26

OpenPKG has issued updated packages for Zebra. These fix two
vulnerabilities allowing malicious people and local users to cause a
Denial of Service.

Full Advisory:
http://www.secunia.com/advisories/10297/

 --

[SA10293] Gentoo update for ethereal

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2003-11-25

Gentoo has issued updated packages for Ethereal. These fix multiple
vulnerabilities, which potentially can be exploited by malicious people
to compromise a vulnerable system running Ethereal.

Full Advisory:
http://www.secunia.com/advisories/10293/

 --

[SA10291] Gentoo update for libnids

Critical:    Moderately critical
Where:       From remote
Impact:      System access, DoS
Released:    2003-11-25

Gentoo has issued updated packages for libnids. These fix a
vulnerability, which can be exploited by malicious people to compromise
a vulnerable system.

Full Advisory:
http://www.secunia.com/advisories/10291/

 --

[SA10285] Red Hat update for stunnel

Critical:    Moderately critical
Where:       From remote
Impact:      Privilege escalation, DoS
Released:    2003-11-24

Red Hat has issued updated packages for stunnel. These fix a
vulnerability, which can be exploited by malicious users to hijack the
service.

Full Advisory:
http://www.secunia.com/advisories/10285/

 --

[SA10270] Conectiva update for zebra

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2003-11-20

Conectiva has issued updated packages for Zebra. These fix two
vulnerabilities allowing malicious people and local users to cause a
Denial of Service.

Full Advisory:
http://www.secunia.com/advisories/10270/

 --

[SA10269] Mac OS X Security Update Fixes Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2003-11-20

Apple has issued a Security Update, which fixes an OpenSSL
vulnerability in Mac OS X as well as a couple of older issues in
version 10.2.8.

Full Advisory:
http://www.secunia.com/advisories/10269/

 --

[SA10280] Monit HTTP Request Handling Vulnerabilities

Critical:    Moderately critical
Where:       From local network
Impact:      DoS, System access
Released:    2003-11-24

Two vulnerabilities have been identified in Monit, which can be
exploited by malicious people to cause a DoS (Denial of Service) and
compromise a vulnerable system.

Full Advisory:
http://www.secunia.com/advisories/10280/

 --

[SA10265] Gentoo update for hylafax

Critical:    Moderately critical
Where:       From local network
Impact:      System access
Released:    2003-11-20

Gentoo has issued updated packages for hylafax. These fix a
vulnerability, which can be exploited by malicious people to compromise
a vulnerable system.

Full Advisory:
http://www.secunia.com/advisories/10265/

 --

[SA10287] Sun Linux update for fileutils

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2003-11-25

Sun has issued updated packages for fileutils. These fix two
vulnerabilities in the "ls" program, which can be exploited by
malicious users to cause a DoS (Denial of Service).

Full Advisory:
http://www.secunia.com/advisories/10287/

 --

[SA10283] Red Hat update for Pan

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2003-11-24

Red Hat has issued updated packages for Pan. These fix a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://www.secunia.com/advisories/10283/

 --

[SA10282] Pan Author Email Address Denial of Service Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2003-11-24

A vulnerability has been identified in Pan, which can be exploited by
malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://www.secunia.com/advisories/10282/

 --

[SA10274] SIRCD Operator Privilege Escalation Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Privilege escalation
Released:    2003-11-24

A vulnerability has been reported in sircd, which can be exploited by
malicious users to gain operator privileges.

Full Advisory:
http://www.secunia.com/advisories/10274/

 --

[SA10278] SGI IRIX update for rpc.mountd

Critical:    Less critical
Where:       From local network
Impact:      Security Bypass, Exposure of system information, DoS
Released:    2003-11-24

SGI has issued an update for rpc.mountd. This fixes multiple
vulnerabilities, which can be exploited by malicious people to cause a
Denial of Service or gain knowledge of certain system information.

Full Advisory:
http://www.secunia.com/advisories/10278/

 --

[SA10294] Mandrake update for stunnel

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2003-11-26

MandrakeSoft has issued updated packages for stunnel. These fix a
vulnerability, which can be exploited by malicious users to hijack the
service.

Full Advisory:
http://www.secunia.com/advisories/10294/

 --

[SA10276] IBM AIX rcp Privilege Escalation Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2003-11-21

A vulnerability has been identified in IBM AIX, which can be exploited
by malicious, local users to escalate their privileges.

Full Advisory:
http://www.secunia.com/advisories/10276/

 --

[SA10267] Sun Solaris PGX32 Frame Buffer Privilege Escalation
Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2003-11-20

A vulnerability has been identified in Sun Solaris, which can be
exploited by malicious, local users to escalate their privileges on a
vulnerable system.

Full Advisory:
http://www.secunia.com/advisories/10267/

 --

[SA10266] Gentoo update for Opera

Critical:    Not critical
Where:       From remote
Impact:      DoS
Released:    2003-11-20

Gentoo has issued packages for opera. These fix a vulnerability, which
can be exploited by malicious web sites and emails to crash the
browser.

Full Advisory:
http://www.secunia.com/advisories/10266/

 --

[SA10303] Engarde update for bind

Critical:    Not critical
Where:       From local network
Impact:      DoS
Released:    2003-11-27

Guardian Digital has issued updated packages for bind. These fix a
vulnerability, which can be exploited to poison the DNS cache with
negative entries.

Full Advisory:
http://www.secunia.com/advisories/10303/

 --

[SA10288] Sun Linux update for glibc

Critical:    Not critical
Where:       Local system
Impact:      DoS
Released:    2003-11-25

Sun has issued updated packages for glibc. These fix a vulnerability
allowing malicious users to cause a DoS (Denial og Service).

Full Advisory:
http://www.secunia.com/advisories/10288/

 --

[SA10284] Red Hat update for iproute

Critical:    Not critical
Where:       Local system
Impact:      DoS
Released:    2003-11-24

Red Hat has issued updated packages for iproute. These fix a
vulnerability, which can be exploited by malicious, local users to
cause a DoS (Denial of Service).

Full Advisory:
http://www.secunia.com/advisories/10284/


Other:--

[SA10286] Thomson TCM315 Cable Modem HTTP Request Denial of Service

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2003-11-25

A vulnerability has been reported in Thomson TCM315 Cable Modem, which
can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://www.secunia.com/advisories/10286/

 --

[SA10299] Sun Fire Blade System Chassis ARP Packet Denial of Service

Critical:    Not critical
Where:       From local network
Impact:      DoS
Released:    2003-11-26

A vulnerability has been identified in Sun Fire B1600 Blade System
Chassis, allowing malicious people to cause a Denial of Service.

Full Advisory:
http://www.secunia.com/advisories/10299/


Cross Platform:--

[SA10281] Anthill Arbitrary Attachment Execution Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2003-11-24

A vulnerability has been identified in Anthill, which can be exploited
by malicious people to compromise a vulnerable system.

Full Advisory:
http://www.secunia.com/advisories/10281/

 --

[SA10277] Opera Browser Skin File Handling Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2003-11-22

Two vulnerabilities have been identified in the Opera browser, which
potentially can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://www.secunia.com/advisories/10277/

 --

[SA10273] Sybase ASE Password Array Heap Overflow Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2003-11-21

A vulnerability has been identified in Sybase ASE (Adaptive Server
Enterprise), which can be exploited by malicious people to cause a DoS
(Denial of Service) and potentially compromise a vulnerable system.

Full Advisory:
http://www.secunia.com/advisories/10273/

 --

[SA10279] vbPortal Anonymous Email Sending Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass
Released:    2003-11-24

Two vulnerabilities have been reported in vbPortal allowing malicious
people to manipulate emails and send emails anonymously.

Full Advisory:
http://www.secunia.com/advisories/10279/

 --

[SA10268] phpFriendlyAdmin Cross-Site Scripting Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2003-11-20

Some vulnerabilities have been identified in phpFriendlyAdmin, which
can be exploited by malicious people to conduct Cross-Site Scripting
attacks.

Full Advisory:
http://www.secunia.com/advisories/10268/

 --

[SA10300] BIND Negative Cache Poisoning Vulnerability

Critical:    Not critical
Where:       From local network
Impact:      DoS
Released:    2003-11-27

ISC has released a new version of BIND 8, which fixes a vulnerability
allowing malicious people to poison the DNS cache.

Full Advisory:
http://www.secunia.com/advisories/10300/



========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://www.secunia.com/about_secunia_advisories/

Subscribe:
http://www.secunia.com/secunia_weekly_summary/

Contact details:
Web	: http://www.secunia.com/
E-mail	: support@private
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45

========================================================================



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo@private with 'unsubscribe isn'
in the BODY of the mail.



This archive was generated by hypermail 2b30 : Fri Nov 28 2003 - 03:57:31 PST