========================================================================
The Secunia Weekly Advisory Summary
2004-03-04 - 2004-03-11
This week : 47 advisories
========================================================================
Table of Contents:
1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing
========================================================================
1) Word From Secunia:
The Secunia staff is spending hours every day to assure you the best
and most reliable source for vulnerability information. Every single
vulnerability report is being validated and verified before a Secunia
advisory is written.
Secunia validates and verifies vulnerability reports in many different
ways e.g. by downloading the software and performing comprehensive
tests, by reviewing source code, or by validating the credibility of
the source from which the vulnerability report was issued.
As a result, Secunia's database is the most correct and complete source
for recent vulnerability information available on the Internet.
Secunia Online Vulnerability Database:
http://secunia.com/
========================================================================
2) This Week in Brief:
Martin O'Neal of Corsaire has discovered a vulnerability, which affects
almost all Internet browsers. The vulnerability lies in the way
browsers validate restricted cookie paths, and could be exploited to
gain access to cookie information within restricted paths.
Reportedly, most vendors have silently patched this problem. Please
refer to the Secunia advisory for further details.
Reference:
http://secunia.com/SA9680
Microsoft has issued three security bulletins, which fix
vulnerabilities
in Outlook 2002, Windows 2000 Server, and MSN Messenger. Links to
updated versions and patches can be found in the Secunia advisories
below.
References:
http://secunia.com/SA11078
http://secunia.com/SA11077
http://secunia.com/SA11076
========================================================================
3) This Weeks Top Ten Most Read Advisories:
1. [SA10395] Internet Explorer URL Spoofing Vulnerability
2. [SA11039] ProFTPD ASCII File Translation Off-By-One Vulnerability
3. [SA11037] Adobe Acrobat Reader XML Forms Data Format Buffer
Overflow
4. [SA10706] Serv-U FTP Server "SITE CHMOD" Command Buffer Overflow
Vulnerability
5. [SA11078] Microsoft MSN Messenger Arbitrary File Retrieval
Vulnerability
6. [SA10736] Internet Explorer File Download Extension Spoofing
7. [SA10995] WinZip MIME Archive Parsing Buffer Overflow Vulnerability
8. [SA11076] Microsoft Outlook 2002 mailto URI Cross Site Scripting
Vulnerability
9. [SA10988] ISS Multiple Products SMB Packet Handling Buffer Overflow
Vulnerability
10. [SA11077] Microsoft Windows 2000 Server Media Services Denial of
Service
========================================================================
4) Vulnerabilities Summary Listing
Windows:
[SA11076] Microsoft Outlook 2002 mailto URI Cross Site Scripting
Vulnerability
[SA11048] SLMail Pro Multiple Buffer Overflow Vulnerabilities
[SA11078] Microsoft MSN Messenger Arbitrary File Retrieval
Vulnerability
[SA11077] Microsoft Windows 2000 Server Media Services Denial of
Service
[SA11044] Spider Sales SQL Injection and Weak Encryption
[SA11075] Chat Anywhere User Management Bypass Vulnerability
[SA11042] SmarterMail Multiple Vulnerabilities
[SA11086] DB2 Remote Command Server Privilege Escalation Vulnerability
[SA11046] Norton AntiVirus 2002 Virus Detection Bypass Issue
[SA11040] DAWKCo POP3 Server with WebMAIL Extension Session
Reactivation
UNIX/Linux:
[SA11058] Sun Cobalt update for rsync
[SA11082] Sun Java System (Sun ONE) SSL Vulnerabilities
[SA11079] OpenPKG update for mutt
[SA11063] Debian update for wu-ftpd
[SA11062] Red Hat update for WU-FTPD
[SA11047] HP Tru64 UNIX Unspecified IPsec/IKE Vulnerabilities
[SA11039] ProFTPD ASCII File Translation Off-By-One Vulnerability
[SA11089] F-Secure Anti-Virus for Linux Virus Detection Vulnerability
[SA11084] Debian update for Python
[SA11081] Mandrake update for python
[SA11080] Python DNS Response Buffer Overflow Vulnerability
[SA11074] OpenBSD Out-of-Sequence TCP Packet Denial of Service
Vulnerability
[SA11051] Gentoo update for libxml2
[SA11050] OpenPKG update for libxml2
[SA11043] Debian update for libxml/libxml2
[SA11100] Fedora update for coreutils
[SA11099] Debian update for kdelibs
[SA11098] Mandrake update for kdelibs
[SA11095] Red Hat update for kdelibs
[SA11088] Apache mod_access Rule Bypass Issue
[SA11055] WU-FTPD Directory Access Restriction Bypass Vulnerability
[SA11049] Fedora update for mailman
[SA11038] OpenLinux update for CUPS
[SA11083] Sun Solaris UUCP Buffer Overflow Vulnerabilities
[SA11061] GNU Automake Insecure Temporary Directory Creation
Vulnerability
[SA11060] OpenPKG update for libtool
[SA11059] Sun Cobalt update for kernel
[SA11052] Gentoo update for kernel
[SA11097] Mandrake update for gdk-pixbuf
[SA11094] Red Hat update for gdk-pixbuf
[SA11056] Safari JavaScript Array Creation Denial of Service
Other:
[SA11045] Cisco Content Services Switch 11000 Series Denial of Service
Cross Platform:
[SA11057] PWebServer Directory Traversal Vulnerability
[SA11041] GWeb Directory Traversal Vulnerability
[SA11092] Apache mod_ssl HTTP Request Denial of Service Vulnerability
[SA11054] VirtuaNews Cross Site Scripting Vulnerabilities
[SA11053] Invision Power Board Cross-Site Scripting Vulnerabilities
========================================================================
5) Vulnerabilities Content Listing
Windows:--
[SA11076] Microsoft Outlook 2002 mailto URI Cross Site Scripting
Vulnerability
Critical: Highly critical
Where: From remote
Impact: Cross Site Scripting, System access
Released: 2004-03-09
Jouko Pynnönen has discovered a vulnerability in Outlook 2002, allowing
malicious people to conduct Cross Site Scripting attacks and execute
arbitrary code in the Local Security Zone.
Full Advisory:
http://secunia.com/advisories/11076/
--
[SA11048] SLMail Pro Multiple Buffer Overflow Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-03-05
NGSSoftware has discovered multiple vulnerabilities in SLMail Pro,
which can be exploited by malicious people to compromise a vulnerable
system.
Full Advisory:
http://secunia.com/advisories/11048/
--
[SA11078] Microsoft MSN Messenger Arbitrary File Retrieval
Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Exposure of sensitive information
Released: 2004-03-09
qFox and Mephisto have discovered a vulnerability in Microsoft MSN
Messenger, allowing malicious people to retrieve files from a
vulnerable system.
Full Advisory:
http://secunia.com/advisories/11078/
--
[SA11077] Microsoft Windows 2000 Server Media Services Denial of
Service
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2004-03-09
Qualys has discovered a vulnerability in Microsoft Media Services,
allowing malicious people to cause a Denial of Service against the
Media Services.
Full Advisory:
http://secunia.com/advisories/11077/
--
[SA11044] Spider Sales SQL Injection and Weak Encryption
Critical: Moderately critical
Where: From remote
Impact: Security Bypass, Manipulation of data, Exposure of system
information, Exposure of sensitive information
Released: 2004-03-05
Nick Gudov has reported two vulnerabilities in Spider Sales, allowing
malicious people to conduct SQL injection attacks and to decrypt
sensitive information.
Full Advisory:
http://secunia.com/advisories/11044/
--
[SA11075] Chat Anywhere User Management Bypass Vulnerability
Critical: Less critical
Where: From remote
Impact: Security Bypass
Released: 2004-03-09
Luigi Auriemma has reported a vulnerability in Chat Anywhere, which can
be exploited by malicious users to circumvent certain administrative
user management features.
Full Advisory:
http://secunia.com/advisories/11075/
--
[SA11042] SmarterMail Multiple Vulnerabilities
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting, Exposure of sensitive information,
DoS
Released: 2004-03-05
Dr_insane has reported some vulnerabilities in SmartMail, allowing
malicious people to cause a Denial of Service, view the contents of
arbitrary files, and potentially conduct Cross Site Scripting attacks.
Full Advisory:
http://secunia.com/advisories/11042/
--
[SA11086] DB2 Remote Command Server Privilege Escalation Vulnerability
Critical: Less critical
Where: From local network
Impact: Privilege escalation
Released: 2004-03-10
NGSSoftware has discovered a vulnerability in DB2, which can be
exploited by malicious users to gain escalated privileges.
Full Advisory:
http://secunia.com/advisories/11086/
--
[SA11046] Norton AntiVirus 2002 Virus Detection Bypass Issue
Critical: Less critical
Where: Local system
Impact: Security Bypass
Released: 2004-03-10
Bipin Gautam has reported a security issue in Norton AntiVirus 2002,
which may result in malware being executed undetected.
Full Advisory:
http://secunia.com/advisories/11046/
--
[SA11040] DAWKCo POP3 Server with WebMAIL Extension Session
Reactivation
Critical: Not critical
Where: Local system
Impact: Security Bypass
Released: 2004-03-04
Ian Koch has reported a security issue in DAWKCo POP3 Server Hosting
Version with WebMAIL Extension, allowing malicious users to gain access
to a session.
Full Advisory:
http://secunia.com/advisories/11040/
UNIX/Linux:--
[SA11058] Sun Cobalt update for rsync
Critical: Extremely critical
Where: From remote
Impact: System access
Released: 2004-03-09
Sun has issued an updated package for rsync. This fixes a
vulnerability, which can be exploited by malicious people to compromise
a vulnerable system.
Full Advisory:
http://secunia.com/advisories/11058/
--
[SA11082] Sun Java System (Sun ONE) SSL Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: DoS, System access
Released: 2004-03-10
Sun has issued updated packages for Sun Java System Web Server and
Application Server (formerly Sun ONE). These fix various
vulnerabilities, which can be exploited by malicious people to cause a
Denial of Service and potentially compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/11082/
--
[SA11079] OpenPKG update for mutt
Critical: Highly critical
Where: From remote
Impact: DoS, System access
Released: 2004-03-10
OpenPKG has issued updated packages for mutt. These fix a
vulnerability, which can be exploited by malicious people to crash the
mail client or potentially compromise a user's system.
Full Advisory:
http://secunia.com/advisories/11079/
--
[SA11063] Debian update for wu-ftpd
Critical: Highly critical
Where: From remote
Impact: Security Bypass, DoS, System access
Released: 2004-03-09
Debian has issued updated packages for wu-ftpd. These fix two
vulnerabilities, which potentially can be exploited by malicious users
to bypass certain restrictions or compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/11063/
--
[SA11062] Red Hat update for WU-FTPD
Critical: Highly critical
Where: From remote
Impact: Security Bypass, DoS, System access
Released: 2004-03-09
Red Hat has issued updated packages for wu-ftpd. These fix two
vulnerabilities, which potentially can be exploited by malicious users
to bypass certain restrictions or compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/11062/
--
[SA11047] HP Tru64 UNIX Unspecified IPsec/IKE Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-03-05
HP has fixed some vulnerabilities in Tru64, which potentially can be
exploited by malicious people to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/11047/
--
[SA11039] ProFTPD ASCII File Translation Off-By-One Vulnerability
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-03-04
Phantasmal Phantasmagoria has reported a vulnerability in ProFTPD,
which potentially can be exploited by malicious users to compromise a
vulnerable system.
Full Advisory:
http://secunia.com/advisories/11039/
--
[SA11089] F-Secure Anti-Virus for Linux Virus Detection Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Security Bypass
Released: 2004-03-10
A vulnerability has been reported in F-Secure Anti-Virus for Linux,
potentially allowing malware to bypass the virus detection.
Full Advisory:
http://secunia.com/advisories/11089/
--
[SA11084] Debian update for Python
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2004-03-10
Debian has issued updated packages for Python. These fix a
vulnerability, which potentially can be exploited by malicious people
to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/11084/
--
[SA11081] Mandrake update for python
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2004-03-10
MandrakeSoft has issued updated packages for Python. These fix a
vulnerability, which potentially can be exploited by malicious people
to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/11081/
--
[SA11080] Python DNS Response Buffer Overflow Vulnerability
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2004-03-10
Sebastian Schmidt has discovered a vulnerability in Python, potentially
allowing malicious people to execute arbitrary code on a vulnerable
system.
Full Advisory:
http://secunia.com/advisories/11080/
--
[SA11074] OpenBSD Out-of-Sequence TCP Packet Denial of Service
Vulnerability
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2004-03-09
OpenBSD has issued a patch, which fixes a vulnerability allowing
malicious people to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/11074/
--
[SA11051] Gentoo update for libxml2
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2004-03-08
Gentoo has issued updated packages for libxml2. These fix some
vulnerabilities, which potentially can be exploited by malicious people
to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/11051/
--
[SA11050] OpenPKG update for libxml2
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2004-03-08
OpenPKG has issued updated packages for libxml2. These fix some
vulnerabilities, which potentially can be exploited by malicious people
to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/11050/
--
[SA11043] Debian update for libxml/libxml2
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2004-03-04
Debian has issued updated packages for libxml and libxml2. These fix
some vulnerabilities, which potentially can be exploited by malicious
people to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/11043/
--
[SA11100] Fedora update for coreutils
Critical: Less critical
Where: From remote
Impact: DoS
Released: 2004-03-11
Fedora has issued updated packages for coreutils. These fix two
vulnerabilities in the "ls" program, which can be exploited by
malicious users to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/11100/
--
[SA11099] Debian update for kdelibs
Critical: Less critical
Where: From remote
Impact: Security Bypass
Released: 2004-03-11
Debian has issued updated packages for kdelibs. These fix a
vulnerability, which potentially can be exploited to bypass certain
cookie path restrictions.
Full Advisory:
http://secunia.com/advisories/11099/
--
[SA11098] Mandrake update for kdelibs
Critical: Less critical
Where: From remote
Impact: Security Bypass
Released: 2004-03-10
MandrakeSoft has issued updated packages for kdelibs. These fix a
vulnerability, which potentially can be exploited to bypass certain
cookie path restrictions.
Full Advisory:
http://secunia.com/advisories/11098/
--
[SA11095] Red Hat update for kdelibs
Critical: Less critical
Where: From remote
Impact: Security Bypass
Released: 2004-03-10
Red Hat has issued updated packages for kdelibs. These fix a
vulnerability, which potentially can be exploited to bypass certain
cookie path restrictions.
Full Advisory:
http://secunia.com/advisories/11095/
--
[SA11088] Apache mod_access Rule Bypass Issue
Critical: Less critical
Where: From remote
Impact: Security Bypass
Released: 2004-03-10
A security issue has been reported in Apache on big-endian 64bit
systems, which can be exploited by malicious people to bypass certain
restrictions.
Full Advisory:
http://secunia.com/advisories/11088/
--
[SA11055] WU-FTPD Directory Access Restriction Bypass Vulnerability
Critical: Less critical
Where: From remote
Impact: Security Bypass
Released: 2004-03-09
Glenn Stewart has discovered a vulnerability in wu-ftpd, which can be
exploited by malicious, authenticated users to circumvent certain
restrictions.
Full Advisory:
http://secunia.com/advisories/11055/
--
[SA11049] Fedora update for mailman
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2004-03-08
Red Hat has issued updated packages for mailman. These fix a
vulnerability, which can be exploited by malicious people to conduct
cross-site scripting attacks.
Full Advisory:
http://secunia.com/advisories/11049/
--
[SA11038] OpenLinux update for CUPS
Critical: Less critical
Where: From local network
Impact: DoS
Released: 2004-03-04
SCO has issued updated packages for cups. These fix a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).
Full Advisory:
http://secunia.com/advisories/11038/
--
[SA11083] Sun Solaris UUCP Buffer Overflow Vulnerabilities
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-03-10
Sun has reported multiple vulnerabilities in Solaris, potentially
allowing malicious, local users to gain escalated privileges on a
vulnerable system.
Full Advisory:
http://secunia.com/advisories/11083/
--
[SA11061] GNU Automake Insecure Temporary Directory Creation
Vulnerability
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-03-09
Stefan Nordhausen has discovered a vulnerability in GNU Automake, which
can be exploited by malicious, local users to perform certain actions
on a vulnerable system with escalated privileges.
Full Advisory:
http://secunia.com/advisories/11061/
--
[SA11060] OpenPKG update for libtool
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-03-09
OpenPKG has issued updated packages for libtool. These fix a
vulnerability, allowing malicious users to escalate their privileges on
a vulnerable system.
Full Advisory:
http://secunia.com/advisories/11060/
--
[SA11059] Sun Cobalt update for kernel
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-03-09
Sun has issued an updated package for the kernel. This fixes various
vulnerabilities, which can be exploited by malicious, local users to
gain escalated privileges.
Full Advisory:
http://secunia.com/advisories/11059/
--
[SA11052] Gentoo update for kernel
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-03-08
Gentoo has issued an updated package for the kernel. This fixes a
vulnerability, which can be exploited by malicious, local users to gain
escalated privileges.
Full Advisory:
http://secunia.com/advisories/11052/
--
[SA11097] Mandrake update for gdk-pixbuf
Critical: Not critical
Where: From remote
Impact: DoS
Released: 2004-03-10
MandrakeSoft has issued updated packages for gdk-pixbuf. These fix a
vulnerability, which can be exploited by malicious people to crash
certain applications like Evolution on a vulnerable system.
Full Advisory:
http://secunia.com/advisories/11097/
--
[SA11094] Red Hat update for gdk-pixbuf
Critical: Not critical
Where: From remote
Impact: DoS
Released: 2004-03-10
Red Hat has issued updated packages for gdk-pixbuf. These fix a
vulnerability, which can be exploited by malicious people to crash
certain applications like Evolution on a vulnerable system.
Full Advisory:
http://secunia.com/advisories/11094/
--
[SA11056] Safari JavaScript Array Creation Denial of Service
Critical: Not critical
Where: From remote
Impact: DoS
Released: 2004-03-08
kang has reported a vulnerability in Safari, which can be exploited by
malicious people to cause a Denial of Service.
Full Advisory:
http://secunia.com/advisories/11056/
Other:--
[SA11045] Cisco Content Services Switch 11000 Series Denial of Service
Critical: Not critical
Where: From local network
Impact: DoS
Released: 2004-03-05
Cisco has reported a vulnerability in Cisco Content Services Switch
11000 Series, allowing malicious people to cause a Denial of Service.
Full Advisory:
http://secunia.com/advisories/11045/
Cross Platform:--
[SA11057] PWebServer Directory Traversal Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Exposure of system information, Exposure of sensitive
information
Released: 2004-03-08
Donato Ferrante has discovered a vulnerability in PWebServer, which can
be exploited by malicious people to read arbitrary files on a
vulnerable system.
Full Advisory:
http://secunia.com/advisories/11057/
--
[SA11041] GWeb Directory Traversal Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Exposure of sensitive information
Released: 2004-03-04
Donato Ferrante has reported a vulnerability in GWeb, allowing
malicious people to read arbitrary files on a vulnerable system.
Full Advisory:
http://secunia.com/advisories/11041/
--
[SA11092] Apache mod_ssl HTTP Request Denial of Service Vulnerability
Critical: Less critical
Where: From remote
Impact: DoS
Released: 2004-03-10
Mick Wall has discovered a vulnerability in Apache 2, which can be
exploited by malicious people to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/11092/
--
[SA11054] VirtuaNews Cross Site Scripting Vulnerabilities
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2004-03-08
Rafal Ivgi has reported some vulnerabilities in VirtuaNews, allowing
malicious people to conduct Cross Site Scripting attacks.
Full Advisory:
http://secunia.com/advisories/11054/
--
[SA11053] Invision Power Board Cross-Site Scripting Vulnerabilities
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2004-03-08
Rafel Ivgi has discovered multiple vulnerabilities in Invision Power
Board, allowing malicious people to conduct cross-site scripting
attacks.
Full Advisory:
http://secunia.com/advisories/11053/
========================================================================
Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Subscribe:
http://secunia.com/secunia_weekly_summary/
Contact details:
Web : http://secunia.com/
E-mail : support@private
Tel : +45 70 20 51 44
Fax : +45 70 20 51 45
========================================================================
-
ISN is currently hosted by Attrition.org
To unsubscribe email majordomo@private with 'unsubscribe isn'
in the BODY of the mail.
This archive was generated by hypermail 2b30 : Fri Mar 12 2004 - 01:48:37 PST