========================================================================
The Secunia Weekly Advisory Summary
2004-03-25 - 2004-04-01
This week : 50 advisories
========================================================================
Table of Contents:
1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing
========================================================================
1) Word From Secunia:
The Secunia staff is spending hours every day to assure you the best
and most reliable source for vulnerability information. Every single
vulnerability report is being validated and verified before a Secunia
advisory is written.
Secunia validates and verifies vulnerability reports in many different
ways e.g. by downloading the software and performing comprehensive
tests, by reviewing source code, or by validating the credibility of
the source from which the vulnerability report was issued.
As a result, Secunia's database is the most correct and complete source
for recent vulnerability information available on the Internet.
Secunia Online Vulnerability Database:
http://secunia.com/
========================================================================
2) This Week in Brief:
During the past week there has been a lot of talk about a "new"
vulnerability in Internet Explorer. It has even been referred to as a
so called "Zero-day" vulnerability. However, this is not the case.
It is a variant of an older vulnerability in the "ShowHelp()" function
in Internet Explorer, which allows a malicious website to download and
run ".CHM" files on the local system.
What's new, and what people have been talking about is that instead of
using the "ShowHelp()" function in Internet Explorer, a new attack
vector for this problem has been revealed by using either the "ms-its:"
or "mk:@MSITStore:" URI handlers.
More information about this can be found in referenced Secunia Advisory
below.
Reference:
http://secunia.com/SA10523
========================================================================
3) This Weeks Top Ten Most Read Advisories:
1. [SA10395] Internet Explorer URL Spoofing Vulnerability
2. [SA11082] Sun Java System (Sun ONE) SSL Vulnerabilities
3. [SA11199] Microsoft Visual C++ Constructed ISAPI Extensions Denial
of Service
4. [SA11228] Check Point Products OpenSSL Vulnerabilities
6. [SA11139] OpenSSL SSL/TLS Handshake Denial of Service
Vulnerabilities
7. [SA11213] HP Web JetAdmin Multiple Vulnerabilities
8. [SA11168] Symantec Internet Security ActiveX Component Arbitrary
File Execution
9. [SA11215] Trend Micro Interscan VirusWall Directory Traversal
Vulnerability
10. [SA10523] Internet Explorer showHelp() Restriction Bypass
Vulnerability
========================================================================
4) Vulnerabilities Summary Listing
Windows:
[SA11231] Foxmail UrlToLocal Buffer Overflow Vulnerability
[SA11236] A-CART SQL Injection and Cross Site Scripting
Vulnerabilities
[SA11216] Nexgen FTP Server Directory Traversal Vulnerability
[SA11222] eSignal STREAMQUOTE Buffer Overflow Vulnerability
[SA11215] Trend Micro Interscan VirusWall Directory Traversal
Vulnerability
UNIX/Linux:
[SA11264] LIN:BOX Web-based Management Interface User Authentication
Bypass
[SA11256] MadBMS Unspecified Login Vulnerability
[SA11235] psInclude Arbitrary Command Execution Vulnerability
[SA11218] OpenLinux update for mutt
[SA11263] Gentoo update for mplayer
[SA11262] Gentoo update for mc
[SA11261] Gentoo update for OpenLDAP
[SA11255] quoteengine SQL Injection Vulnerability
[SA11250] Red Hat update for ethereal
[SA11248] OpenLinux update for vim
[SA11246] Mandrake update for Ethereal
[SA11240] Gentoo update for oftpd
[SA11239] Red Hat update for mozilla
[SA11238] Debian update for libpam-pgsql
[SA11237] libpam-pgsql SQL Injection Vulnerability
[SA11232] Hibyte HiGuest Script Insertion Vulnerability
[SA11227] Gentoo update for Courier
[SA11226] Gentoo update for UUDeview
[SA11225] Gentoo update for ethereal
[SA11220] oftpd PORT Command Denial of Service Vulnerability
[SA11219] OpenLinux update for mc
[SA11217] Gentoo update for Apache 2
[SA11214] Sun Solaris CDE dtlogin XDMCP Parsing Vulnerability
[SA11260] SillySearch "search" Parameter Cross Site Scripting
Vulnerability
[SA11258] TCPDUMP ISAKMP Payload Handling Denial of Service
Vulnerabilities
[SA11257] Gentoo update for fetchmail
[SA11249] UnixWare update for Perl
[SA11244] cPanel Multiple Cross-Site Scripting Vulnerabilities
[SA11234] Interchange Arbitrary Variable Content Disclosure
[SA11230] XMB Cross Site Scripting Vulnerabilities
[SA11233] FreeBSD IPv6 "setsockopt()" Input Validation Vulnerability
[SA11224] GNOME gnome-session Privilege Escalation Vulnerability
[SA11253] Clam AntiVirus Realtime Scanning VirusEvent Security Issue
[SA11247] OpenLinux update for util-linux
Other:
[SA11254] Symantec Clientless VPN Gateway OpenSSL Vulnerability
Cross Platform:
[SA11259] MPlayer HTTP Location Header Parsing Heap Overflow
Vulnerability
[SA11245] eZ publish Unspecified Template Editing Vulnerability
[SA11241] PhotoPost Multiple Vulnerabilities
[SA11229] phpBB "privmsg.php" SQL Injection Vulnerability
[SA11228] Check Point Products OpenSSL Vulnerabilities
[SA11221] phpBB Multiple Vulnerabilities
[SA11243] Cloisterblog Multiple Vulnerabilities
[SA11242] WebCT Campus Edition Cross Site Scripting Vulnerability
[SA11223] MySQL "mysqlbug" Insecure Temporary File Creation
Vulnerability
[SA11251] Oracle9i Application Server Cross Site Scripting
Vulnerability
========================================================================
5) Vulnerabilities Content Listing
Windows:--
[SA11231] Foxmail UrlToLocal Buffer Overflow Vulnerability
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-03-29
The XFOCUS Security Team has reported a vulnerability in Foxmail, which
can be exploited by malicious people to compromise a vulnerable
system.
Full Advisory:
http://secunia.com/advisories/11231/
--
[SA11236] A-CART SQL Injection and Cross Site Scripting
Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting, Manipulation of data
Released: 2004-03-30
Manuel Lopez has reported two vulnerabilities in A-CART, which can be
exploited by malicious people to conduct Cross Site Scripting and SQL
injection attacks.
Full Advisory:
http://secunia.com/advisories/11236/
--
[SA11216] Nexgen FTP Server Directory Traversal Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Exposure of sensitive information
Released: 2004-03-25
Ziv Kamir has reported a vulnerability in Nexgen FTP Server, allowing
malicious people to gain knowledge of sensitive information.
Full Advisory:
http://secunia.com/advisories/11216/
--
[SA11222] eSignal STREAMQUOTE Buffer Overflow Vulnerability
Critical: Moderately critical
Where: From local network
Impact: System access
Released: 2004-03-26
Vizzy has reported a vulnerability in eSignal, which can be exploited
by malicious people to compromise a user's system.
Full Advisory:
http://secunia.com/advisories/11222/
--
[SA11215] Trend Micro Interscan VirusWall Directory Traversal
Vulnerability
Critical: Less critical
Where: From local network
Impact: Exposure of sensitive information
Released: 2004-03-25
Tri Huynh has reported a vulnerability in Trendmicro Interscan
VirusWall, allowing malicious people to gain knowledge of sensitive
information.
Full Advisory:
http://secunia.com/advisories/11215/
UNIX/Linux:--
[SA11264] LIN:BOX Web-based Management Interface User Authentication
Bypass
Critical: Highly critical
Where: From remote
Impact: Security Bypass
Released: 2004-03-31
Martin Eiszner has reported a vulnerability in LIN:BOX, which can be
exploited by malicious people to bypass the user authentication of the
web-based management interface.
Full Advisory:
http://secunia.com/advisories/11264/
--
[SA11256] MadBMS Unspecified Login Vulnerability
Critical: Highly critical
Where: From remote
Impact:
Released: 2004-03-31
Andy has discovered an unspecified vulnerability within the login
functionality of MadBMS.
Full Advisory:
http://secunia.com/advisories/11256/
--
[SA11235] psInclude Arbitrary Command Execution Vulnerability
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-03-30
Haris Tbr has discovered a vulnerability in psInclude, which can be
exploited by malicious people to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/11235/
--
[SA11218] OpenLinux update for mutt
Critical: Highly critical
Where: From remote
Impact: System access, DoS
Released: 2004-03-26
SCO has issued updated packages for mutt. These fix a vulnerability,
which can be exploited by malicious people to crash the mail client or
potentially compromise a user's system.
Full Advisory:
http://secunia.com/advisories/11218/
--
[SA11263] Gentoo update for mplayer
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2004-03-31
Gentoo has issued an update for mplayer. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
user's system.
Full Advisory:
http://secunia.com/advisories/11263/
--
[SA11262] Gentoo update for mc
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2004-03-31
Gentoo has issued an update for mc. This fixes a vulnerability, which
potentially can be exploited by malicious people to compromise a user's
system.
Full Advisory:
http://secunia.com/advisories/11262/
--
[SA11261] Gentoo update for OpenLDAP
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2004-03-31
Gentoo has issued an update for OpenLDAP. This fixes an older
vulnerability, which can be exploited by malicious people to cause a
DoS (Denial of Service) on a vulnerable system.
Full Advisory:
http://secunia.com/advisories/11261/
--
[SA11255] quoteengine SQL Injection Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data, Exposure of system information,
Exposure of sensitive information
Released: 2004-03-31
A vulnerability has been discovered in quoteengine, which potentially
can be exploited by malicious people to conduct SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/11255/
--
[SA11250] Red Hat update for ethereal
Critical: Moderately critical
Where: From remote
Impact: DoS, System access
Released: 2004-03-31
Red Hat has issued updated packages for ethereal. These fix multiple
vulnerabilities, which potentially can be exploited by malicious people
to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/11250/
--
[SA11248] OpenLinux update for vim
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2004-03-31
SCO has issued updated packages for vim. These fix an older
vulnerability, which potentially can be exploited by malicious people
to compromise a user's system.
Full Advisory:
http://secunia.com/advisories/11248/
--
[SA11246] Mandrake update for Ethereal
Critical: Moderately critical
Where: From remote
Impact: DoS, System access
Released: 2004-03-31
MandrakeSoft has issued updated packages for ethereal. These fix
multiple vulnerabilities, which potentially can be exploited by
malicious people to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/11246/
--
[SA11240] Gentoo update for oftpd
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2004-03-30
Gentoo has issued an update for oftpd. This fixes a vulnerability,
which potentially can be exploited by malicious people to cause a
Denial of Service.
Full Advisory:
http://secunia.com/advisories/11240/
--
[SA11239] Red Hat update for mozilla
Critical: Moderately critical
Where: From remote
Impact: System access, DoS, Cross Site Scripting, Security Bypass
Released: 2004-03-30
Red Hat has issued updated packages for mozilla, which fixes various
vulnerabilities.
Full Advisory:
http://secunia.com/advisories/11239/
--
[SA11238] Debian update for libpam-pgsql
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2004-03-30
Debian has issued updated packages for libpam-pqsql. These fixes a
vulnerability, which can be exploited by malicious people to manipulate
SQL queries.
Full Advisory:
http://secunia.com/advisories/11238/
--
[SA11237] libpam-pgsql SQL Injection Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2004-03-30
Primoz Bratanic has reported a vulnerability in libpam-pgsql, allowing
malicious people to conduct SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/11237/
--
[SA11232] Hibyte HiGuest Script Insertion Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Security Bypass
Released: 2004-03-30
ShelzZ has discovered a vulnerability in Hibyte HiGuest, which can be
exploited by malicious people to conduct script insertion attacks.
Full Advisory:
http://secunia.com/advisories/11232/
--
[SA11227] Gentoo update for Courier
Critical: Moderately critical
Where: From remote
Impact: DoS, System access
Released: 2004-03-29
Gentoo has issued an update for Courier. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
vulnerable system.
Full Advisory:
http://secunia.com/advisories/11227/
--
[SA11226] Gentoo update for UUDeview
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2004-03-29
Gentoo has issued an update for UUDeview. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
user's system.
Full Advisory:
http://secunia.com/advisories/11226/
--
[SA11225] Gentoo update for ethereal
Critical: Moderately critical
Where: From remote
Impact: System access, DoS
Released: 2004-03-29
Gentoo has issued an update for ethereal. This fixes multiple
vulnerabilities, which potentially can be exploited by malicious people
to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/11225/
--
[SA11220] oftpd PORT Command Denial of Service Vulnerability
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2004-03-26
Andreas Rueegg and Philippe Oechslin have discovered a vulnerability in
oftpd, which can be exploited by malicious people to cause a DoS
(Denial of Service).
Full Advisory:
http://secunia.com/advisories/11220/
--
[SA11219] OpenLinux update for mc
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2004-03-26
SCO has issued updated packages for mc. These fix a vulnerability,
which potentially can be exploited by malicious people to compromise a
user's system.
Full Advisory:
http://secunia.com/advisories/11219/
--
[SA11217] Gentoo update for Apache 2
Critical: Moderately critical
Where: From remote
Impact: DoS, System access
Released: 2004-03-26
Gentoo has issued updates for Apache 2. These fix three
vulnerabilities, potentially allowing malicious people to cause a
Denial of Service or compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/11217/
--
[SA11214] Sun Solaris CDE dtlogin XDMCP Parsing Vulnerability
Critical: Moderately critical
Where: From local network
Impact: System access
Released: 2004-03-25
Dave Aitel has reported that the CDE implementation in Sun Solaris is
affected by a vulnerability in the dtlogin service. This can
potentially be exploited by malicious people to compromise a vulnerable
system.
Full Advisory:
http://secunia.com/advisories/11214/
--
[SA11260] SillySearch "search" Parameter Cross Site Scripting
Vulnerability
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2004-03-31
SmOk3 has discovered a vulnerability in SillySearch, which can be
exploited by malicious people to conduct Cross Site Scripting attacks.
Full Advisory:
http://secunia.com/advisories/11260/
--
[SA11258] TCPDUMP ISAKMP Payload Handling Denial of Service
Vulnerabilities
Critical: Less critical
Where: From remote
Impact: DoS
Released: 2004-03-31
Rapid7 has discovered two vulnerabilities in TCPDUMP, which can be
exploited by malicious people to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/11258/
--
[SA11257] Gentoo update for fetchmail
Critical: Less critical
Where: From remote
Impact: DoS
Released: 2004-03-31
Gentoo has issued an update for fetchmail. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS
(Denial-of-Service).
Full Advisory:
http://secunia.com/advisories/11257/
--
[SA11249] UnixWare update for Perl
Critical: Less critical
Where: From remote
Impact: Security Bypass
Released: 2004-03-31
SCO has issued an update for Perl. This fixes an old vulnerability in
the Safe.pm module, which provides safe compartments to evaluate Perl
code in.
Full Advisory:
http://secunia.com/advisories/11249/
--
[SA11244] cPanel Multiple Cross-Site Scripting Vulnerabilities
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2004-03-30
Sullo has reported multiple vulnerabilities in cPanel, which can be
exploited by malicious people to conduct cross-site scripting attacks.
Full Advisory:
http://secunia.com/advisories/11244/
--
[SA11234] Interchange Arbitrary Variable Content Disclosure
Critical: Less critical
Where: From remote
Impact: Exposure of system information, Exposure of sensitive
information
Released: 2004-03-30
A vulnerability has been discovered in Interchange, which can be
exploited by malicious people to gain knowledge of sensitive
information.
Full Advisory:
http://secunia.com/advisories/11234/
--
[SA11230] XMB Cross Site Scripting Vulnerabilities
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2004-03-29
Janek Vind has reported multiple vulnerabilities in XMB, allowing
malicious people to conduct Cross Site Scripting attacks.
Full Advisory:
http://secunia.com/advisories/11230/
--
[SA11233] FreeBSD IPv6 "setsockopt()" Input Validation Vulnerability
Critical: Less critical
Where: Local system
Impact: Exposure of sensitive information, DoS
Released: 2004-03-30
Katsuhisa ABE and Colin Percival have discovered a vulnerability in
FreeBSD, which can be exploited by malicious, local users to gain
knowledge of sensitive information or cause a DoS (Denial-of-Service).
Full Advisory:
http://secunia.com/advisories/11233/
--
[SA11224] GNOME gnome-session Privilege Escalation Vulnerability
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-03-30
A vulnerability has been reported in GNOME, which can be exploited by
malicious, local users to gain escalated privileges.
Full Advisory:
http://secunia.com/advisories/11224/
--
[SA11253] Clam AntiVirus Realtime Scanning VirusEvent Security Issue
Critical: Not critical
Where: From local network
Impact: Privilege escalation
Released: 2004-03-31
l0om has reported a security issue in Clam AntiVirus, which potentially
can be exploited by malicious, local users to gain escalated
privileges.
Full Advisory:
http://secunia.com/advisories/11253/
--
[SA11247] OpenLinux update for util-linux
Critical: Not critical
Where: Local system
Impact: Exposure of sensitive information, Exposure of system
information
Released: 2004-03-31
SCO has issued updated packages for util-linux. These fix a
vulnerability, which potentially could disclose information to users.
Full Advisory:
http://secunia.com/advisories/11247/
Other:--
[SA11254] Symantec Clientless VPN Gateway OpenSSL Vulnerability
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2004-03-31
Symantec has acknowledged a vulnerability in the OpenSSL implementation
of Symantec Clientless VPN Gateway, which can be exploited by malicious
people to cause a DoS (Denial-of-Service).
Full Advisory:
http://secunia.com/advisories/11254/
Cross Platform:--
[SA11259] MPlayer HTTP Location Header Parsing Heap Overflow
Vulnerability
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2004-03-31
blexim has discovered a vulnerability in MPlayer, which potentially can
be exploited by malicious people to compromise a user's system.
Full Advisory:
http://secunia.com/advisories/11259/
--
[SA11245] eZ publish Unspecified Template Editing Vulnerability
Critical: Moderately critical
Where: From remote
Impact:
Released: 2004-03-30
An unspecified vulnerability has been reported in eZ publish when
editing templates.
Full Advisory:
http://secunia.com/advisories/11245/
--
[SA11241] PhotoPost Multiple Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Security Bypass, Cross Site Scripting, Manipulation of
data
Released: 2004-03-30
JeiAr has reported multiple vulnerabilities in PhotoPost, which can be
exploited by malicious people to conduct Cross Site Scripting, SQL
injection, and script insertion attacks.
Full Advisory:
http://secunia.com/advisories/11241/
--
[SA11229] phpBB "privmsg.php" SQL Injection Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2004-03-29
Janek Vind has reported a vulnerability in phpBB, allowing malicious
people to conduct SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/11229/
--
[SA11228] Check Point Products OpenSSL Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2004-03-29
Check Point has acknowledged that the OpenSSL implementation in certain
products is affected by vulnerabilities, which can be exploited by
malicious people to cause a DoS (Denial-of-Service).
Full Advisory:
http://secunia.com/advisories/11228/
--
[SA11221] phpBB Multiple Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Security Bypass, Manipulation of data
Released: 2004-03-29
The vendor has released a new version of phpBB. This fixes multiple
vulnerabilities, allowing malicious people to conduct SQL injection
attacks.
Full Advisory:
http://secunia.com/advisories/11221/
--
[SA11243] Cloisterblog Multiple Vulnerabilities
Critical: Less critical
Where: From remote
Impact: Exposure of sensitive information, Exposure of system
information, Cross Site Scripting
Released: 2004-03-30
Dotho has reported a vulnerability in Cloisterblog, which can be
exploited by malicious people to conduct Cross Site Scripting and
directory traversal attacks.
Full Advisory:
http://secunia.com/advisories/11243/
--
[SA11242] WebCT Campus Edition Cross Site Scripting Vulnerability
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2004-03-30
Simon Boulet has reported a vulnerability in WebCT, which can be
exploited by malicious people to conduct Cross Site Scripting attack.
Full Advisory:
http://secunia.com/advisories/11242/
--
[SA11223] MySQL "mysqlbug" Insecure Temporary File Creation
Vulnerability
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-03-29
Shaun Colley has reported a vulnerability in MySQL, potentially
allowing malicious users to escalate their privileges.
Full Advisory:
http://secunia.com/advisories/11223/
--
[SA11251] Oracle9i Application Server Cross Site Scripting
Vulnerability
Critical: Not critical
Where: From remote
Impact: Cross Site Scripting
Released: 2004-03-31
A security issue has been reported in Oracle9i Application Server
Single Sign-on, potentially allowing malicious people to conduct Cross
Site Scripting attacks.
Full Advisory:
http://secunia.com/advisories/11251/
========================================================================
Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Subscribe:
http://secunia.com/secunia_weekly_summary/
Contact details:
Web : http://secunia.com/
E-mail : support@private
Tel : +45 70 20 51 44
Fax : +45 70 20 51 45
========================================================================
_______________________________________________
isn mailing list
isn@private
http://www.attrition.org/mailman/listinfo/isn
This archive was generated by hypermail 2b30 : Fri Apr 02 2004 - 08:26:27 PST