[ISN] Secunia Weekly Summary - Issue: 2004-4

From: William Knowles (wk@private)
Date: Fri Jan 23 2004 - 08:04:06 PST

  • Next message: William Knowles: "[ISN] Infiltration of files seen as extensive"

    ========================================================================
    
                      The Secunia Weekly Advisory Summary                  
                            2004-01-15 - 2004-01-22                        
    
                           This week : 56 advisories                       
    
    ========================================================================
    Table of Contents:
    
    1.....................................................Word From Secunia
    2....................................................This Week In Brief
    3...............................This Weeks Top Ten Most Read Advisories
    4.......................................Vulnerabilities Summary Listing
    5.......................................Vulnerabilities Content Listing
    
    ========================================================================
    1) Word From Secunia:
    
    Secunia Advisory IDs
    
    Every advisory issued by Secunia has an unique identifier: The Secunia
    Advisory ID (SA ID). The SA IDs make it very easy to reference,
    identify, and find Secunia advisories.
    
    A Shortcut to Secunia Advisories
    
    Finding Secunia Advisories using SA IDs is easily done at the Secunia
    website; either by simply entering the SA ID in our search form placed
    on the right side of every Secunia web page, or by entering the SA ID
    directly after the domain when visiting the Secunia website e.g.
    http://secunia.com/SA10395
    
    In the Secunia Weekly Summary SA IDs are displayed in brackets e.g.
    [SA10395]
    
    ========================================================================
    2) This Week in Brief:
    
    This week more products were reported to have vulnerable
    implementations of the H.323 protocol; among the vulnerable products
    were some from Sun and Avaya.
    While the vulnerability reported in Sun's product can be exploited to
    gain system access, the vulnerability reported in Avaya's products can
    only be used to cause a Denial of Service.
    Reference: [SA10665] & [SA10667]
    
    Three security researchers George Bakos, Jonathan Heusser, and
    Przemyslaw Frasunek have reported four vulnerabilities in the way
    tcpdump handles ISAKMP, L2TP, and RADIUS packets.
    A new version has been released which corrects these vulnerabilities.
    In addition several Linux distributions have also issued updated
    packages.
    Reference: [SA10636]
    
    TIP:
    Finding Secunia advisories is easily done through the Secunia web site.
    Simply enter the SA ID in the URL:
    http://secunia.com/SA10609
    
    ========================================================================
    3) This Weeks Top Ten Most Read Advisories:
    
    1.  [SA10395] Internet Explorer URL Spoofing Vulnerability
    2.  [SA10649] qmail Long SMTP Session Handling Vulnerability
    3.  [SA10609] Symantec Automatic LiveUpdate Privilege Escalation
                  Vulnerability
    4.  [SA10636] tcpdump ISAKMP and RADIUS Packet Handling Vulnerabilities
    5.  [SA10532] Linux Kernel "mremap()" Privilege Escalation
                  Vulnerability
    6.  [SA10289] Internet Explorer System Compromise Vulnerabilities
    7.  [SA10635] HP-UX calloc Buffer Size Miscalculation Vulnerability
    8.  [SA10523] Internet Explorer showHelp() Restriction Bypass
                  Vulnerability
    9.  [SA10634] HP-UX update for dtterm
    10. [SA10611] Microsoft ISA Server 2000 H.323 Protocol Filter
                  Vulnerability
    
    ========================================================================
    4) Vulnerabilities Summary Listing
    
    Windows:
    [SA10687] DUware Products Admin Area Authentication Bypass
    Vulnerability
    [SA10679] GetWare Products Denial of Service Vulnerability
    [SA10659] Xtreme ASP Photo Gallery SQL Injection Vulnerability
    [SA10646] WWW File Share Pro Multiple Vulnerabilities
    [SA10650] RapidCache Server HTTP Request Handling Vulnerabilities
    [SA10663] Ultr@VNC Privilege Escalation Vulnerability
    [SA10660] Outpost Firewall Privilege Escalation Vulnerability
    [SA10661] Pablo FTP Server Allows Remote Detection of Local Files
    [SA10689] WebTrends Exposure of Installation Path
    
    UNIX/Linux:
    [SA10690] Sun Solaris update for IKE
    [SA10673] Sun Cobalt update for ProFTPD
    [SA10665] SunForum H.323 Protocol Implementation Vulnerabilities
    [SA10647] HP Tru64 UNIX IPsec and SSH Vulnerabilities
    [SA10685] Red Hat update for mc
    [SA10681] Conectiva update for kdepim
    [SA10668] EnGarde update for tcpdump
    [SA10664] OpenCA libCheckSignature Signature Validation Vulnerability
    [SA10654] OpenPKG update for tcpdump
    [SA10652] Debian update for tcpdump
    [SA10645] Debian update for mc
    [SA10644] Trustix update for tcpdump
    [SA10642] Debian update for ia64 kernel
    [SA10639] Red Hat update for tcpdump
    [SA10691] Sun Cluster OpenSSL Vulnerabilities
    [SA10643] Red Hat update for net-snmp
    [SA10692] HP-UX update for Mozilla
    [SA10684] Red Hat update for ethereal
    [SA10682] Conectiva update for cvs
    [SA10671] Sun Cobalt update for tcpdump
    [SA10651] BUGS Database Credentials Exposure Vulnerability
    [SA10637] SuSE update for tcpdump
    [SA10674] Sun Cobalt update for PostgreSQL
    [SA10680] Conectiva update for screen
    [SA10672] Sun Cobalt update for apache
    [SA10662] Debian update for netpbm-free
    [SA10658] Red Hat update for kernel
    [SA10657] HP-UX SharedX Unspecified File Access Vulnerability
    [SA10649] qmail Long SMTP Session Handling Vulnerability
    [SA10669] Sun Cobalt update for BIND
    [SA10686] Trustix update for slocate
    [SA10683] Debian update for slocate
    [SA10670] Sun Cobalt update for slocate
    
    Other:
    [SA10667] Avaya Security Gateways H.323 Protocol Implementation
    Vulnerabilities
    [SA10641] Radvision Products H.323 Protocol Implementation
    Vulnerabilities
    [SA10640] Nortel Products H.323 Protocol Implementation
    Vulnerabilities
    [SA10675] NetScreen-Security Manager Communication Disclosure
    [SA10648] nCipher payShield May Authorize Transactions With Wrong PIN
    [SA10688] NetCam Directory Traversal Vulnerability
    [SA10666] 2Wire HomePortal Directory Traversal Vulnerability
    
    Cross Platform:
    [SA10677] Mambo Arbitrary File Inclusion Vulnerability
    [SA10638] PhpDig "relative_script_path" Arbitrary File Inclusion
    Vulnerability
    [SA10678] GoAhead WebServer Denial of Service Vulnerability
    [SA10676] YaBB SE SQL Injection Vulnerability
    [SA10656] Metadot Portal Server Cross-Site Scripting and SQL Injection
    [SA10655] phpShop Multiple Vulnerabilities
    [SA10653] Novell iChain "url" Parameter Cross-Site Scripting
    Vulnerability
    
    ========================================================================
    5) Vulnerabilities Content Listing
    
    Windows:--
    
    [SA10687] DUware Products Admin Area Authentication Bypass
    Vulnerability
    
    Critical:    Highly critical
    Where:       From remote
    Impact:      Security Bypass, System access
    Released:    2004-01-21
    
    frog-m@n has identified a vulnerability in multiple DUware products,
    allowing malicious people to gain administrative access. In DUpics it
    is also possible to upload arbitrary files.
    
    Full Advisory:
    http://www.secunia.com/advisories/10687/
    
     --
    
    [SA10679] GetWare Products Denial of Service Vulnerability
    
    Critical:    Moderately critical
    Where:       From remote
    Impact:      DoS
    Released:    2004-01-20
    
    Luigi Auriemma has reported a vulnerability in WebCam Live and
    PhotoHost, allowing malicious people to cause a Denial of Service.
    
    Full Advisory:
    http://www.secunia.com/advisories/10679/
    
     --
    
    [SA10659] Xtreme ASP Photo Gallery SQL Injection Vulnerability
    
    Critical:    Moderately critical
    Where:       From remote
    Impact:      Security Bypass
    Released:    2004-01-19
    
    posidron and rushjo have reported a vulnerability in Xtreme ASP Photo
    Gallery, allowing malicious people to conduct SQL injection attacks.
    
    Full Advisory:
    http://www.secunia.com/advisories/10659/
    
     --
    
    [SA10646] WWW File Share Pro Multiple Vulnerabilities
    
    Critical:    Moderately critical
    Where:       From remote
    Impact:      Security Bypass, Exposure of sensitive information, DoS
    Released:    2004-01-16
    
    Luigi Auriemma has identified multiple vulnerabilities in WWW File
    Share Pro, allowing malicious people to bypass restrictions or cause a
    Denial of Service.
    
    Full Advisory:
    http://www.secunia.com/advisories/10646/
    
     --
    
    [SA10650] RapidCache Server HTTP Request Handling Vulnerabilities
    
    Critical:    Less critical
    Where:       From local network
    Impact:      Exposure of sensitive information, DoS
    Released:    2004-01-17
    
    Peter Winter-Smith has reported two vulnerabilities in RapidCache
    Server, allowing malicious people to view arbitrary files and cause a
    Denial of Service.
    
    Full Advisory:
    http://www.secunia.com/advisories/10650/
    
     --
    
    [SA10663] Ultr@VNC Privilege Escalation Vulnerability
    
    Critical:    Less critical
    Where:       Local system
    Impact:      Privilege escalation
    Released:    2004-01-20
    
    KF has discovered a vulnerability in Ultr@VNC, which can be exploited
    by malicious, local users to gain escalated privileges on a vulnerable
    system.
    
    Full Advisory:
    http://www.secunia.com/advisories/10663/
    
     --
    
    [SA10660] Outpost Firewall Privilege Escalation Vulnerability
    
    Critical:    Less critical
    Where:       Local system
    Impact:      Privilege escalation
    Released:    2004-01-20
    
    KF has discovered a vulnerability in Outpost Firewall, which can be
    exploited by malicious, local users to gain escalated privileges on a
    vulnerable system.
    
    Full Advisory:
    http://www.secunia.com/advisories/10660/
    
     --
    
    [SA10661] Pablo FTP Server Allows Remote Detection of Local Files
    
    Critical:    Not critical
    Where:       From remote
    Impact:      Exposure of system information
    Released:    2004-01-19
    
    Arnaud Jacques has identified a vulnerability in Pablo FTP Server,
    allowing malicious people to determine if a certain file exists on a
    vulnerable system.
    
    Full Advisory:
    http://www.secunia.com/advisories/10661/
    
     --
    
    [SA10689] WebTrends Exposure of Installation Path
    
    Critical:    Not critical
    Where:       From local network
    Impact:      Exposure of system information
    Released:    2004-01-21
    
    Oliver Karow has reported a vulnerability in WebTrends, allowing
    malicious people to determine the WebTrends installation path.
    
    Full Advisory:
    http://www.secunia.com/advisories/10689/
    
    
    UNIX/Linux:--
    
    [SA10690] Sun Solaris update for IKE
    
    Critical:    Highly critical
    Where:       From remote
    Impact:      DoS, System access
    Released:    2004-01-21
    
    Sun has issued updated packages for IKE (which include code from SSH /
    OpenSSL). These fix various vulnerabilities, which can lead to a Denial
    of Service and potentially system access.
    
    Full Advisory:
    http://www.secunia.com/advisories/10690/
    
     --
    
    [SA10673] Sun Cobalt update for ProFTPD
    
    Critical:    Highly critical
    Where:       From remote
    Impact:      System access
    Released:    2004-01-20
    
    Sun has issued updated packages for ProFTPD. These fix a vulnerability,
    which can be exploited by some malicious users to compromise a
    vulnerable system.
    
    Full Advisory:
    http://www.secunia.com/advisories/10673/
    
     --
    
    [SA10665] SunForum H.323 Protocol Implementation Vulnerabilities
    
    Critical:    Highly critical
    Where:       From remote
    Impact:      DoS, System access
    Released:    2004-01-19
    
    Sun has acknowledged that SunForum is affected by the recently reported
    vulnerabilities in various products' H.323 protocol implementation.
    
    Full Advisory:
    http://www.secunia.com/advisories/10665/
    
     --
    
    [SA10647] HP Tru64 UNIX IPsec and SSH Vulnerabilities
    
    Critical:    Highly critical
    Where:       From remote
    Impact:      DoS, System access
    Released:    2004-01-16
    
    HP has issued updates for SSH and IPsec. These fix some unspecified
    vulnerabilities, which reportedly may lead to system access or cause a
    Denial of Service.
    
    Full Advisory:
    http://www.secunia.com/advisories/10647/
    
     --
    
    [SA10685] Red Hat update for mc
    
    Critical:    Moderately critical
    Where:       From remote
    Impact:      System access
    Released:    2004-01-21
    
    Red Hat has issued updated packages for mc. These fix a vulnerability,
    which potentially can be exploited by malicious people to compromise a
    user's system.
    
    Full Advisory:
    http://www.secunia.com/advisories/10685/
    
     --
    
    [SA10681] Conectiva update for kdepim
    
    Critical:    Moderately critical
    Where:       From remote
    Impact:      System access
    Released:    2004-01-20
    
    Conectiva has issued updated packages for kdepim. These fix a
    vulnerability, which potentially can be exploited by malicious people
    to compromise a user's system.
    
    Full Advisory:
    http://www.secunia.com/advisories/10681/
    
     --
    
    [SA10668] EnGarde update for tcpdump
    
    Critical:    Moderately critical
    Where:       From remote
    Impact:      DoS, System access
    Released:    2004-01-20
    
    Guardian Digital has issued updated packages for tcpdump. These fix
    multiple vulnerabilities, which can be exploited by malicious people to
    crash tcpdump and potentially compromise a vulnerable system.
    
    Full Advisory:
    http://www.secunia.com/advisories/10668/
    
     --
    
    [SA10664] OpenCA libCheckSignature Signature Validation Vulnerability
    
    Critical:    Moderately critical
    Where:       From remote
    Impact:      Security Bypass
    Released:    2004-01-20
    
    A vulnerability has been identified in OpenCA, which may result in an
    incorrect signature being accepted.
    
    Full Advisory:
    http://www.secunia.com/advisories/10664/
    
     --
    
    [SA10654] OpenPKG update for tcpdump
    
    Critical:    Moderately critical
    Where:       From remote
    Impact:      DoS, System access
    Released:    2004-01-17
    
    OpenPKG has issued an updated package for tcpdump. This fixes multiple
    vulnerabilities, which can be exploited by malicious people to crash
    tcpdump and potentially compromise a vulnerable system.
    
    Full Advisory:
    http://www.secunia.com/advisories/10654/
    
     --
    
    [SA10652] Debian update for tcpdump
    
    Critical:    Moderately critical
    Where:       From remote
    Impact:      DoS, System access
    Released:    2004-01-17
    
    Debian has issued updated packages for tcpdump. These fix multiple
    vulnerabilities, which can be exploited by malicious people to crash
    tcpdump and potentially compromise a vulnerable system.
    
    Full Advisory:
    http://www.secunia.com/advisories/10652/
    
     --
    
    [SA10645] Debian update for mc
    
    Critical:    Moderately critical
    Where:       From remote
    Impact:      System access
    Released:    2004-01-17
    
    Debian has issued updated packages for mc. These fix a vulnerability,
    which potentially can be exploited by malicious people to compromise a
    user's system.
    
    Full Advisory:
    http://www.secunia.com/advisories/10645/
    
     --
    
    [SA10644] Trustix update for tcpdump
    
    Critical:    Moderately critical
    Where:       From remote
    Impact:      DoS, System access
    Released:    2004-01-16
    
    Trustix has issued updated packages for tcpdump. These fix three
    vulnerabilities, which can be exploited by malicious people to cause a
    DoS (Denial of Service) and potentially compromise a system running
    tcpdump.
    
    Full Advisory:
    http://www.secunia.com/advisories/10644/
    
     --
    
    [SA10642] Debian update for ia64 kernel
    
    Critical:    Moderately critical
    Where:       From remote
    Impact:      Exposure of sensitive information, Privilege escalation,
    DoS
    Released:    2004-01-16
    
    Debian has issued updated packages for the kernel on ia64 processors.
    These fix multiple older issues ranging from remote Denial of Service
    to local privilege escalation vulnerabilities.
    
    Full Advisory:
    http://www.secunia.com/advisories/10642/
    
     --
    
    [SA10639] Red Hat update for tcpdump
    
    Critical:    Moderately critical
    Where:       From remote
    Impact:      System access, DoS
    Released:    2004-01-15
    
    Red Hat has issued updated packages for tcpdump. These fix three
    vulnerabilities, which can be exploited by malicious people to cause a
    DoS (Denial of Service) and potentially compromise a system running
    tcpdump.
    
    Full Advisory:
    http://www.secunia.com/advisories/10639/
    
     --
    
    [SA10691] Sun Cluster OpenSSL Vulnerabilities
    
    Critical:    Moderately critical
    Where:       From local network
    Impact:      DoS, System access
    Released:    2004-01-21
    
    Sun has acknowledged that Sun Cluster is affected by certain OpenSSL
    vulnerabilities, which can lead to a Denial of Service and potentially
    system access.
    
    Full Advisory:
    http://www.secunia.com/advisories/10691/
    
     --
    
    [SA10643] Red Hat update for net-snmp
    
    Critical:    Moderately critical
    Where:       From local network
    Impact:      Security Bypass
    Released:    2004-01-16
    
    Red Hat has issued updated packages for net-snmp. These fix a
    vulnerability, which can be exploited by malicious users to bypass
    certain security restrictions.
    
    Full Advisory:
    http://www.secunia.com/advisories/10643/
    
     --
    
    [SA10692] HP-UX update for Mozilla
    
    Critical:    Less critical
    Where:       From remote
    Impact:      Exposure of sensitive information
    Released:    2004-01-21
    
    HP has issued an update for Mozilla. This fixes a vulnerability,
    allowing a malicious website to access the contents of other websites.
    
    Full Advisory:
    http://www.secunia.com/advisories/10692/
    
     --
    
    [SA10684] Red Hat update for ethereal
    
    Critical:    Less critical
    Where:       From remote
    Impact:      DoS
    Released:    2004-01-21
    
    Red Hat has issued updated packages for ethereal. These fix two
    vulnerabilities, which can be exploited by malicious people to crash
    the application.
    
    Full Advisory:
    http://www.secunia.com/advisories/10684/
    
     --
    
    [SA10682] Conectiva update for cvs
    
    Critical:    Less critical
    Where:       From remote
    Impact:      Security Bypass
    Released:    2004-01-20
    
    Conectiva has issued updated packages for cvs. These fix a
    vulnerability, which can be exploited by malicious users to create
    arbitrary folders and possibly files in the root of the host's file
    system.
    
    Full Advisory:
    http://www.secunia.com/advisories/10682/
    
     --
    
    [SA10671] Sun Cobalt update for tcpdump
    
    Critical:    Less critical
    Where:       From remote
    Impact:      DoS
    Released:    2004-01-20
    
    Sun has issued updated packages for tcpdump. These fix a vulnerability,
    allowing malicious people to cause a Denial of Service.
    
    Full Advisory:
    http://www.secunia.com/advisories/10671/
    
     --
    
    [SA10651] BUGS Database Credentials Exposure Vulnerability
    
    Critical:    Less critical
    Where:       From remote
    Impact:      Exposure of sensitive information
    Released:    2004-01-17
    
    A vulnerability has been identified in BUGS, which can be exploited by
    malicious people to gain knowledge of sensitive information.
    
    Full Advisory:
    http://www.secunia.com/advisories/10651/
    
     --
    
    [SA10637] SuSE update for tcpdump
    
    Critical:    Less critical
    Where:       From remote
    Impact:      DoS
    Released:    2004-01-15
    
    SuSE has issued updated packages for tcpdump. These fix a vulnerability
    in the ISAKMP decoding routines, which can be exploited by malicious
    people to cause a DoS (Denial of Service) on tcpdump by making it enter
    an infinite loop.
    
    Full Advisory:
    http://www.secunia.com/advisories/10637/
    
     --
    
    [SA10674] Sun Cobalt update for PostgreSQL
    
    Critical:    Less critical
    Where:       From local network
    Impact:      System access
    Released:    2004-01-20
    
    Sun has issued an updated package for postgresql. This fixes some
    vulnerabilities, which potentially can be exploited by malicious users
    to compromise a vulnerable system.
    
    Full Advisory:
    http://www.secunia.com/advisories/10674/
    
     --
    
    [SA10680] Conectiva update for screen
    
    Critical:    Less critical
    Where:       Local system
    Impact:      Privilege escalation
    Released:    2004-01-20
    
    Conectiva has issued updated packages for screen. These fix a
    vulnerability, which potentially may allow malicious, local users to
    escalate their privileges.
    
    Full Advisory:
    http://www.secunia.com/advisories/10680/
    
     --
    
    [SA10672] Sun Cobalt update for apache
    
    Critical:    Less critical
    Where:       Local system
    Impact:      Privilege escalation, DoS
    Released:    2004-01-20
    
    Sun has issued updated packages for httpd. These fix a vulnerability,
    which can be exploited by malicious, local users to cause a DoS (Denial
    of Service) or escalate privileges.
    
    Full Advisory:
    http://www.secunia.com/advisories/10672/
    
     --
    
    [SA10662] Debian update for netpbm-free
    
    Critical:    Less critical
    Where:       Local system
    Impact:      Privilege escalation
    Released:    2004-01-19
    
    
    
    Full Advisory:
    http://www.secunia.com/advisories/10662/
    
     --
    
    [SA10658] Red Hat update for kernel
    
    Critical:    Less critical
    Where:       Local system
    Impact:      Privilege escalation
    Released:    2004-01-19
    
    Red Hat has issued updated kernel packages. These fix a vulnerability,
    allowing malicious users to escalate their privileges through a
    vulnerability in the 32-bit ptrace emulation.
    
    Full Advisory:
    http://www.secunia.com/advisories/10658/
    
     --
    
    [SA10657] HP-UX SharedX Unspecified File Access Vulnerability
    
    Critical:    Less critical
    Where:       Local system
    Impact:      DoS, Privilege escalation
    Released:    2004-01-17
    
    HP has reported a vulnerability in HP-UX, which can be exploited by
    malicious, local users to cause a DoS (Denial of Service) or gain
    unauthorised access.
    
    Full Advisory:
    http://www.secunia.com/advisories/10657/
    
     --
    
    [SA10649] qmail Long SMTP Session Handling Vulnerability
    
    Critical:    Not critical
    Where:       From remote
    Impact:      DoS
    Released:    2004-01-16
    
    Georgi Guninski has reported a vulnerability in qmail, which can be
    exploited to crash the current SMTP session.
    
    Full Advisory:
    http://www.secunia.com/advisories/10649/
    
     --
    
    [SA10669] Sun Cobalt update for BIND
    
    Critical:    Not critical
    Where:       From local network
    Impact:      DoS
    Released:    2004-01-20
    
    Sun has issued updated packages for bind. These fix a vulnerability,
    which can be exploited by malicious people to poison the DNS cache with
    negative entries.
    
    Full Advisory:
    http://www.secunia.com/advisories/10669/
    
     --
    
    [SA10686] Trustix update for slocate
    
    Critical:    Not critical
    Where:       Local system
    Impact:      Privilege escalation
    Released:    2004-01-21
    
    Trustix has issued updated packages for slocate. These fix a
    vulnerability, which can be exploited by malicious, local users to gain
    "slocate" group privileges.
    
    Full Advisory:
    http://www.secunia.com/advisories/10686/
    
     --
    
    [SA10683] Debian update for slocate
    
    Critical:    Not critical
    Where:       Local system
    Impact:      Privilege escalation
    Released:    2004-01-21
    
    Debian has issued updated packages for slocate. These fix a
    vulnerability, which can be exploited by malicious, local users to gain
    "slocate" group privileges.
    
    Full Advisory:
    http://www.secunia.com/advisories/10683/
    
     --
    
    [SA10670] Sun Cobalt update for slocate
    
    Critical:    Not critical
    Where:       Local system
    Impact:      Privilege escalation
    Released:    2004-01-20
    
    Sun has issued updated packages for slocate. These fix a vulnerability,
    which can be exploited by malicious, local users to gain "slocate"
    group privileges.
    
    Full Advisory:
    http://www.secunia.com/advisories/10670/
    
    
    Other:--
    
    [SA10667] Avaya Security Gateways H.323 Protocol Implementation
    Vulnerabilities
    
    Critical:    Moderately critical
    Where:       From remote
    Impact:      DoS
    Released:    2004-01-20
    
    Avaya has acknowledged that some products are affected by the recently
    reported vulnerabilities in various vendors' H.323 protocol
    implementations.
    
    Full Advisory:
    http://www.secunia.com/advisories/10667/
    
     --
    
    [SA10641] Radvision Products H.323 Protocol Implementation
    Vulnerabilities
    
    Critical:    Moderately critical
    Where:       From remote
    Impact:      DoS
    Released:    2004-01-15
    
    Radvision has confirmed that certain of their products have
    vulnerabilities in their implementation of the H.323 protocol.
    
    Full Advisory:
    http://www.secunia.com/advisories/10641/
    
     --
    
    [SA10640] Nortel Products H.323 Protocol Implementation
    Vulnerabilities
    
    Critical:    Moderately critical
    Where:       From remote
    Impact:      DoS
    Released:    2004-01-15
    
    Nortel has confirmed that certain of their products have
    vulnerabilities in their implementation of the H.323 protocol.
    
    Full Advisory:
    http://www.secunia.com/advisories/10640/
    
     --
    
    [SA10675] NetScreen-Security Manager Communication Disclosure
    
    Critical:    Moderately critical
    Where:       From local network
    Impact:      Exposure of system information, Exposure of sensitive
    information
    Released:    2004-01-20
    
    A vulnerability has been reported in NetScreen-Security Manager, which
    can be exploited by malicious people to gain knowledge of sensitive
    information.
    
    Full Advisory:
    http://www.secunia.com/advisories/10675/
    
     --
    
    [SA10648] nCipher payShield May Authorize Transactions With Wrong PIN
    
    Critical:    Less critical
    Where:       From remote
    Impact:      Security Bypass
    Released:    2004-01-16
    
    nCipher has reported a vulnerability in payShield, possibly allowing
    malicious people to make unauthorised purchases.
    
    Full Advisory:
    http://www.secunia.com/advisories/10648/
    
     --
    
    [SA10688] NetCam Directory Traversal Vulnerability
    
    Critical:    Less critical
    Where:       From local network
    Impact:      Exposure of system information, Exposure of sensitive
    information
    Released:    2004-01-21
    
    Rafel Ivgi has reported a vulnerability in NetCam, allowing malicious
    people to gain knowledge of sensitive information.
    
    Full Advisory:
    http://www.secunia.com/advisories/10688/
    
     --
    
    [SA10666] 2Wire HomePortal Directory Traversal Vulnerability
    
    Critical:    Less critical
    Where:       From local network
    Impact:      Exposure of system information, Exposure of sensitive
    information
    Released:    2004-01-21
    
    Rafel Ivgi has reported a vulnerability in 2Wire routers, allowing
    malicious people to gain knowledge of sensitive information.
    
    Full Advisory:
    http://www.secunia.com/advisories/10666/
    
    
    Cross Platform:--
    
    [SA10677] Mambo Arbitrary File Inclusion Vulnerability
    
    Critical:    Highly critical
    Where:       From remote
    Impact:      System access
    Released:    2004-01-20
    
    FraMe has reported a vulnerability in Mambo server, allowing malicious
    people to execute arbitrary code on a vulnerable system.
    
    Full Advisory:
    http://www.secunia.com/advisories/10677/
    
     --
    
    [SA10638] PhpDig "relative_script_path" Arbitrary File Inclusion
    Vulnerability
    
    Critical:    Highly critical
    Where:       From remote
    Impact:      System access
    Released:    2004-01-15
    
    FraMe has reported a vulnerability in PhpDig, which can be exploited by
    malicious people to compromise a vulnerable system.
    
    Full Advisory:
    http://www.secunia.com/advisories/10638/
    
     --
    
    [SA10678] GoAhead WebServer Denial of Service Vulnerability
    
    Critical:    Moderately critical
    Where:       From remote
    Impact:      Exposure of sensitive information, DoS
    Released:    2004-01-20
    
    Luigi Auriemma has reported a vulnerability in GoAhead WebServer,
    allowing malicious people to cause a Denial of Service.
    
    Full Advisory:
    http://www.secunia.com/advisories/10678/
    
     --
    
    [SA10676] YaBB SE SQL Injection Vulnerability
    
    Critical:    Moderately critical
    Where:       From remote
    Impact:      Manipulation of data, Exposure of sensitive information
    Released:    2004-01-20
    
    BackSpace has identified a vulnerability in YaBB SE, allowing malicious
    people to conduct SQL injection attacks.
    
    Full Advisory:
    http://www.secunia.com/advisories/10676/
    
     --
    
    [SA10656] Metadot Portal Server Cross-Site Scripting and SQL Injection
    
    Critical:    Moderately critical
    Where:       From remote
    Impact:      Cross Site Scripting, Manipulation of data, Exposure of
    system information, Exposure of sensitive information
    Released:    2004-01-17
    
    JeiAr has reported multiple vulnerabilities in Metadot Portal Server,
    which can be exploited by malicious people to conduct cross-site
    scripting and SQL injection attacks.
    
    Full Advisory:
    http://www.secunia.com/advisories/10656/
    
     --
    
    [SA10655] phpShop Multiple Vulnerabilities
    
    Critical:    Moderately critical
    Where:       From remote
    Impact:      Cross Site Scripting, Manipulation of data, Exposure of
    system information, Exposure of sensitive information
    Released:    2004-01-17
    
    JeiAr has reported multiple vulnerabilities in phpShop, which can be
    exploited by malicious people to gain knowledge of sensitive
    information and conduct cross-site scripting and SQL injection
    attacks.
    
    Full Advisory:
    http://www.secunia.com/advisories/10655/
    
     --
    
    [SA10653] Novell iChain "url" Parameter Cross-Site Scripting
    Vulnerability
    
    Critical:    Less critical
    Where:       From remote
    Impact:      Cross Site Scripting
    Released:    2004-01-17
    
    A vulnerability has been identified in Novell iChain, which can be
    exploited by malicious people to conduct cross-site scripting attacks
    against users.
    
    Full Advisory:
    http://www.secunia.com/advisories/10653/
    
    
    
    ========================================================================
    
    Secunia recommends that you verify all advisories you receive,
    by clicking the link.
    Secunia NEVER sends attached files with advisories.
    Secunia does not advise people to install third party patches, only use
    those supplied by the vendor.
    
    Definitions: (Criticality, Where etc.)
    http://www.secunia.com/about_secunia_advisories/
    
    Subscribe:
    http://www.secunia.com/secunia_weekly_summary/
    
    Contact details:
    Web	: http://www.secunia.com/
    E-mail	: support@private
    Tel	: +45 70 20 51 44
    Fax	: +45 70 20 51 45
    
    ========================================================================
    
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomo@private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Fri Jan 23 2004 - 11:02:27 PST