[ISN] Secunia Weekly Summary - Issue: 2004-17

From: InfoSec News (isn@private)
Date: Fri Apr 23 2004 - 02:19:41 PDT

  • Next message: InfoSec News: "[ISN] TCP, BGP, DoS, and BS"

    ========================================================================
    
                      The Secunia Weekly Advisory Summary                  
                            2004-04-15 - 2004-04-22                        
    
                           This week : 65 advisories                       
    
    ========================================================================
    Table of Contents:
    
    1.....................................................Word From Secunia
    2....................................................This Week In Brief
    3...............................This Weeks Top Ten Most Read Advisories
    4.......................................Vulnerabilities Summary Listing
    5.......................................Vulnerabilities Content Listing
    
    ========================================================================
    1) Word From Secunia:
    
    Secunia has launched a new service called Secunia Virus Information.
    Secunia Virus Information is based on information automatically
    collected from seven different anti-virus vendors. The data will be
    parsed and indexed, resulting in a chronological list, a searchable
    index, and grouped profiles with information from the seven vendors.
    
    Furthermore, when certain criteria are triggered virus alerts will be
    issued. You can sign-up for the alerts here:
    
    Example - Secunia Virus Alert for Netsky.Y:
    http://secunia.com/virus_information/8879/netsky.y/
    
    Sign-up for Secunia Virus Alerts:
    http://secunia.com/secunia_virus_alerts/
    
    Secunia Virus Information:
    http://secunia.com/virus_information/
    
    
    ========================================================================
    2) This Week in Brief:
    
    
    ADVISORIES:
    
    During the last week there has been quite a lot of media hype regarding
    a vulnerability in the TCP specification (RFC793).
     
    Although, the vulnerability indeed could be exploited to cause a Denial
    of Service, the severity of such an attack would be very limited in
    most cases.
    
    For more information, please refer to the advisory referenced below.
    
    Reference:
    http://secunia.com/SA11440
    
    --
    
    Symantec has corrected a severe Denial of Service vulnerability in
    their Client Firewall products, where a successful attack will render a
    vulnerable system inoperable.
    
    Symantec reports that an updated version is available via the
    "LiveUpdate" feature.
    
    Reference:
    http://secunia.com/SA11102
    
    --
    
    Rafel Ivgi has discovered a vulnerability in BitDefender's online
    anti-virus scanner, which can be exploited to compromise a vulnerable
    user's system.
    
    BitDefender has reported that the vulnerability has been corrected.
    Users, who have used BitDefender's online anti-virus scanner in the
    past are therefore urged to visit BitDefender's website to get the
    updated ActiveX control.
    
    Reference:
    http://secunia.com/SA11427
    
    
    VIRUS ALERTS:
    
    During the last week Secunia issued two MEDIUM RISK virus alerts for
    two different Netsky variants. Please refer to the grouped virus
    profiles below for more information:
    
    Netsky.Y - MEDIUM RISK virus alert - 2004-04-21 00:37 GMT+1
    http://secunia.com/virus_information/8879/netsky.y/
    
    Netsky.X - MEDIUM RISK virus alert - 2004-04-20 16:42 GMT+1
    http://secunia.com/virus_information/8854/netsky.x/
    
    
    ========================================================================
    3) This Weeks Top Ten Most Read Advisories:
    
    1.  [SA11064] Microsoft Windows 14 Vulnerabilities
    2.  [SA10395] Internet Explorer URL Spoofing Vulnerability
    3.  [SA11067] Microsoft Outlook Express MHTML URL Processing
                  Vulnerability
    4.  [SA11386] PostNuke SQL Injection Vulnerabilities
    5.  [SA11387] Cisco IPsec VPN Implementation Group Password Disclosure
    6.  [SA11440] Cisco IOS TCP Connection Reset Denial of Service
                  Vulnerability
    7.  [SA11362] Linux Kernel File Systems Information Leak and Denial of
                  Service
    8.  [SA11361] Linux Kernel ISO9660 Buffer Overflow Privilege Escalation
                  Vulnerability
    9.  [SA11065] Microsoft Windows RPC/DCOM Multiple Vulnerabilities
    10. [SA10523] Internet Explorer showHelp() Restriction Bypass
                  Vulnerability
    
    ========================================================================
    4) Vulnerabilities Summary Listing
    
    Windows:
    [SA11427] AvxScanOnline ActiveX Control Arbitrary File Execution
    Vulnerability
    [SA11430] Serv-U FTP Server LIST Command Denial of Service
    Vulnerability
    [SA11428] Fastream NETFile FTP/Web Server Invalid Credentials Denial of
    Service
    [SA11449] Kinesphere eXchange POP3 Buffer Overflow Vulnerability
    [SA11388] Zaep AntiSpam Cross Site Scripting Vulnerability
    
    UNIX/Linux:
    [SA11456] Mandrake update for xchat
    [SA11446] Debian update for xchat
    [SA11432] ArX libneon Client Code Format String Vulnerabilities
    [SA11423] Sun Cobalt update for mutt
    [SA11421] Mandrake update for libneon
    [SA11416] phpBugTracker Multiple Vulnerabilities
    [SA11413] Gentoo update for XChat
    [SA11412] Gentoo update for cadaver
    [SA11410] KAME Racoon ISAKMP Header Length Field Denial of Service
    [SA11409] XChat Socks-5 Buffer Overflow Vulnerability
    [SA11405] Slackware update for cvs
    [SA11401] Debian update for neon
    [SA11400] Debian update for cvs
    [SA11398] OpenPKG update for neon
    [SA11397] OpenPKG update for ethereal
    [SA11391] FreeBSD update for CVS
    [SA11390] Fedora update for OpenOffice
    [SA11389] Red Hat update for Subversion
    [SA11414] Gentoo update for monit
    [SA11406] PostNuke Multiple Vulnerabilities
    [SA11447] Cray UNICOS TCP Connection Reset Denial of Service
    Vulnerability
    [SA11441] Slackware update for xine
    [SA11433] Xine Playlists can Overwrite Arbitrary Files
    [SA11408] Slackware update for tcpdump
    [SA11403] Debian update for zope
    [SA11394] WIKINDX Exposure of Configuration File
    [SA11453] Red Hat update for kernel
    [SA11452] Fedora update for utempter
    [SA11438] NcFTP Client Password Leakage Security Issue
    [SA11429] Linux Kernel setsockopt MCAST_MSFILTER Integer Overflow
    Vulnerability
    [SA11426] Slackware update for utempter
    [SA11425] Mandrake update for utempter
    [SA11420] Mandrake update for xine-ui
    [SA11419] Mandrake update for mysql
    [SA11418] Mandrake update for samba
    [SA11417] utempter Device Path Handling Security Issue
    [SA11415] SquirrelMail Change_passwd Plugin Privilege Escalation
    Vulnerability
    [SA11454] Red Hat update for XFree86
    [SA11404] Debian update for iproute
    [SA11402] Debian update for logcheck
    [SA11399] logcheck Insecure Creation of Temporary Directory
    
    Other:
    [SA11439] Sun Fire IP TOS Denial of Service Vulnerability
    [SA11448] SEIL TCP Connection Reset Denial of Service Vulnerability
    [SA11445] Blue Coat Products TCP Connection Reset Denial of Service
    [SA11444] Cisco Non-IOS Products TCP Connection Reset Denial of
    Service
    [SA11443] Check Point SecurePlatform TCP Connection Reset Denial of
    Service
    [SA11440] Cisco IOS TCP Connection Reset Denial of Service
    Vulnerability
    [SA11442] Cisco IOS SNMP Request Processing Vulnerability
    
    Cross Platform:
    [SA11393] Gemitel Arbitrary File Inclusion Vulnerability
    [SA11435] BEA WebLogic URL Restriction Bypass Security Issue
    [SA11407] Phorum SQL Injection Vulnerability
    [SA11396] SCT Campus Pipeline Attachment Script Insertion
    Vulnerability
    [SA11395] Helix Universal Server HTTP Request Handling Denial of
    Service
    [SA11386] PostNuke SQL Injection Vulnerabilities
    [SA11436] BEA WebLogic Unauthorised EJB Object Deletion Vulnerability
    [SA11431] Journalness Unauthenticated Post Manipulation Vulnerability
    [SA11392] Macromedia ColdFusion File Upload Denial of Service
    Vulnerability
    [SA11437] BEA WebLogic Exposure of Administrative Credentials
    [SA11387] Cisco IPsec VPN Implementation Group Password Disclosure
    [SA11434] phpBB IP Spoofing Issue
    
    ========================================================================
    5) Vulnerabilities Content Listing
    
    Windows:--
    
    [SA11427] AvxScanOnline ActiveX Control Arbitrary File Execution
    Vulnerability
    
    Critical:    Highly critical
    Where:       From remote
    Impact:      Exposure of system information, Exposure of sensitive
    information, System access
    Released:    2004-04-20
    
    Rafel Ivgi has discovered a vulnerability in BitDefender AvxScanOnline
    ActiveX Control, which can be exploited by malicious people to
    compromise a user's system.
    
    Full Advisory:
    http://secunia.com/advisories/11427/
    
     --
    
    [SA11430] Serv-U FTP Server LIST Command Denial of Service
    Vulnerability
    
    Critical:    Moderately critical
    Where:       From remote
    Impact:      DoS
    Released:    2004-04-20
    
    STORM has reported a vulnerability in Serv-U FTP Server, which can be
    exploited by malicious users to cause a DoS (Denial of Service).
    
    Full Advisory:
    http://secunia.com/advisories/11430/
    
     --
    
    [SA11428] Fastream NETFile FTP/Web Server Invalid Credentials Denial of
    Service
    
    Critical:    Moderately critical
    Where:       From remote
    Impact:      DoS
    Released:    2004-04-20
    
    Donato Ferrante has reported a vulnerability in Fastream NETFile
    FTP/Web Server, which can be exploited by malicious people to cause a
    DoS (Denial of Service).
    
    Full Advisory:
    http://secunia.com/advisories/11428/
    
     --
    
    [SA11449] Kinesphere eXchange POP3 Buffer Overflow Vulnerability
    
    Critical:    Moderately critical
    Where:       From local network
    Impact:      System access
    Released:    2004-04-22
    
    securma massine has discovered a vulnerability in Kinesphere eXchange
    POP3, which can be exploited by malicious people to compromise a
    vulnerable system.
    
    Full Advisory:
    http://secunia.com/advisories/11449/
    
     --
    
    [SA11388] Zaep AntiSpam Cross Site Scripting Vulnerability
    
    Critical:    Less critical
    Where:       From remote
    Impact:      Cross Site Scripting
    Released:    2004-04-16
    
    Noam Rathaus has reported a vulnerability in Zaep AntiSpam, allowing
    malicious people to conduct Cross Site Scripting attacks.
    
    Full Advisory:
    http://secunia.com/advisories/11388/
    
    
    UNIX/Linux:--
    
    [SA11456] Mandrake update for xchat
    
    Critical:    Moderately critical
    Where:       From remote
    Impact:      System access
    Released:    2004-04-22
    
    MandrakeSoft has issued updated packages for xchat. These fix a
    vulnerability, which potentially can be exploited by malicious people
    to compromise a user's system.
    
    Full Advisory:
    http://secunia.com/advisories/11456/
    
     --
    
    [SA11446] Debian update for xchat
    
    Critical:    Moderately critical
    Where:       From remote
    Impact:      System access
    Released:    2004-04-21
    
    Debian has issued updated packages for xchat. These fix a
    vulnerability, which potentially can be exploited by malicious people
    to compromise a user's system.
    
    Full Advisory:
    http://secunia.com/advisories/11446/
    
     --
    
    [SA11432] ArX libneon Client Code Format String Vulnerabilities
    
    Critical:    Moderately critical
    Where:       From remote
    Impact:      System access
    Released:    2004-04-20
    
    ArX is affected by some vulnerabilities in libneon, which potentially
    can be exploited by malicious people to compromise a vulnerable
    system.
    
    Full Advisory:
    http://secunia.com/advisories/11432/
    
     --
    
    [SA11423] Sun Cobalt update for mutt
    
    Critical:    Moderately critical
    Where:       From remote
    Impact:      System access
    Released:    2004-04-20
    
    
    
    Full Advisory:
    http://secunia.com/advisories/11423/
    
     --
    
    [SA11421] Mandrake update for libneon
    
    Critical:    Moderately critical
    Where:       From remote
    Impact:      System access
    Released:    2004-04-20
    
    MandrakeSoft has issued updated packages for libneon. These fix a
    vulnerability allowing malicious people to compromise a user's system.
    
    Full Advisory:
    http://secunia.com/advisories/11421/
    
     --
    
    [SA11416] phpBugTracker Multiple Vulnerabilities
    
    Critical:    Moderately critical
    Where:       From remote
    Impact:      Cross Site Scripting, Manipulation of data
    Released:    2004-04-19
    
    JeiAr has reported some vulnerabilities in phpBugTracker, allowing
    malicious people to conduct SQL injection, Cross Site Scripting and
    script insertion attacks.
    
    Full Advisory:
    http://secunia.com/advisories/11416/
    
     --
    
    [SA11413] Gentoo update for XChat
    
    Critical:    Moderately critical
    Where:       From remote
    Impact:      System access
    Released:    2004-04-19
    
    Gentoo has issued an update for XChat. This fixes a vulnerability,
    which potentially can be exploited by malicious people to compromise a
    user's system.
    
    Full Advisory:
    http://secunia.com/advisories/11413/
    
     --
    
    [SA11412] Gentoo update for cadaver
    
    Critical:    Moderately critical
    Where:       From remote
    Impact:      System access
    Released:    2004-04-19
    
    Gentoo has issued an update for cadaver. This fixes some
    vulnerabilities, which potentially can be exploited by malicious people
    to compromise a vulnerable system.
    
    Full Advisory:
    http://secunia.com/advisories/11412/
    
     --
    
    [SA11410] KAME Racoon ISAKMP Header Length Field Denial of Service
    
    Critical:    Moderately critical
    Where:       From remote
    Impact:      DoS
    Released:    2004-04-19
    
    A vulnerability has been discovered in Racoon, which can be exploited
    by malicious people to cause a DoS (Denial of Service).
    
    Full Advisory:
    http://secunia.com/advisories/11410/
    
     --
    
    [SA11409] XChat Socks-5 Buffer Overflow Vulnerability
    
    Critical:    Moderately critical
    Where:       From remote
    Impact:      System access
    Released:    2004-04-19
    
    tsifra has discovered a vulnerability in XChat, which potentially can
    be exploited by malicious people to compromise a vulnerable system.
    
    Full Advisory:
    http://secunia.com/advisories/11409/
    
     --
    
    [SA11405] Slackware update for cvs
    
    Critical:    Moderately critical
    Where:       From remote
    Impact:      System access, Exposure of sensitive information
    Released:    2004-04-19
    
    Slackware has issued updated packages for CVS. These fix two
    vulnerabilities allowing malicious servers to compromise clients, and
    malicious users to retrieve arbitrary files from a vulnerable server.
    
    Full Advisory:
    http://secunia.com/advisories/11405/
    
     --
    
    [SA11401] Debian update for neon
    
    Critical:    Moderately critical
    Where:       From remote
    Impact:      System access
    Released:    2004-04-19
    
    Debian has issued updated packages for neon. These fix a vulnerability
    allowing malicious people to compromise a user's system.
    
    Full Advisory:
    http://secunia.com/advisories/11401/
    
     --
    
    [SA11400] Debian update for cvs
    
    Critical:    Moderately critical
    Where:       From remote
    Impact:      System access, Exposure of sensitive information
    Released:    2004-04-19
    
    Debian has issued updated packages for CVS. These fix two
    vulnerabilities allowing malicious servers to compromise clients, and
    malicious users to retrieve arbitrary files from a vulnerable server.
    
    Full Advisory:
    http://secunia.com/advisories/11400/
    
     --
    
    [SA11398] OpenPKG update for neon
    
    Critical:    Moderately critical
    Where:       From remote
    Impact:      System access
    Released:    2004-04-19
    
    OpenPKG has issued an updated package for neon. This fixes a
    vulnerability allowing malicious people to compromise a user's system.
    
    Full Advisory:
    http://secunia.com/advisories/11398/
    
     --
    
    [SA11397] OpenPKG update for ethereal
    
    Critical:    Moderately critical
    Where:       From remote
    Impact:      DoS, System access
    Released:    2004-04-19
    
    OpenPKG has issued an updated package for ethereal. This fixes multiple
    vulnerabilities, which potentially can be exploited by malicious people
    to compromise a vulnerable system.
    
    Full Advisory:
    http://secunia.com/advisories/11397/
    
     --
    
    [SA11391] FreeBSD update for CVS
    
    Critical:    Moderately critical
    Where:       From remote
    Impact:      Exposure of sensitive information, System access
    Released:    2004-04-16
    
    FreeBSD has issued a patch for CVS. This fixes two vulnerabilities
    allowing malicious servers to compromise clients, and malicious users
    to retrieve arbitrary files from a vulnerable server.
    
    Full Advisory:
    http://secunia.com/advisories/11391/
    
     --
    
    [SA11390] Fedora update for OpenOffice
    
    Critical:    Moderately critical
    Where:       From remote
    Impact:      System access
    Released:    2004-04-16
    
    Fedora has issued updated packages for OpenOffice. These fix a
    vulnerability allowing malicious people to compromise a user's system.
    
    Full Advisory:
    http://secunia.com/advisories/11390/
    
     --
    
    [SA11389] Red Hat update for Subversion
    
    Critical:    Moderately critical
    Where:       From remote
    Impact:      System access
    Released:    2004-04-16
    
    Red Hat has issued updated packages for Subversion. These fix some
    vulnerabilities, which potentially can be exploited by malicious people
    to compromise a vulnerable system.
    
    Full Advisory:
    http://secunia.com/advisories/11389/
    
     --
    
    [SA11414] Gentoo update for monit
    
    Critical:    Moderately critical
    Where:       From local network
    Impact:      System access
    Released:    2004-04-19
    
    Gentoo has issued an update for monit. This fixes multiple
    vulnerabilities, which can be exploited by malicious people to
    compromise a vulnerable system.
    
    Full Advisory:
    http://secunia.com/advisories/11414/
    
     --
    
    [SA11406] PostNuke Multiple Vulnerabilities
    
    Critical:    Moderately critical
    Where:       From local network
    Impact:      Cross Site Scripting, Manipulation of data, Exposure of
    sensitive information
    Released:    2004-04-19
    
    Janek Vind has reported some vulnerabilities in PostNuke. These can be
    exploited by malicious people to conduct Cross Site Scripting and SQL
    injection attacks.
    
    Full Advisory:
    http://secunia.com/advisories/11406/
    
     --
    
    [SA11447] Cray UNICOS TCP Connection Reset Denial of Service
    Vulnerability
    
    Critical:    Less critical
    Where:       From remote
    Impact:      DoS
    Released:    2004-04-21
    
    Cray has acknowledged a vulnerability in UNICOS, UNICOS/mk, and
    UNICOS/mp, which can be exploited by malicious people to reset
    established TCP connections on a vulnerable system.
    
    Full Advisory:
    http://secunia.com/advisories/11447/
    
     --
    
    [SA11441] Slackware update for xine
    
    Critical:    Less critical
    Where:       From remote
    Impact:      Manipulation of data
    Released:    2004-04-22
    
    Slackware has issued updated packages for xine-ui og xine-lib. These
    fix a vulnerability, which potentially can be exploited by malicious,
    people to gain system access.
    
    Full Advisory:
    http://secunia.com/advisories/11441/
    
     --
    
    [SA11433] Xine Playlists can Overwrite Arbitrary Files
    
    Critical:    Less critical
    Where:       From remote
    Impact:      Manipulation of data
    Released:    2004-04-22
    
    The vendor has reported a vulnerability in xine-ui and xine-lib,
    allowing malicious people to overwrite arbitrary files on a user's
    system.
    
    Full Advisory:
    http://secunia.com/advisories/11433/
    
     --
    
    [SA11408] Slackware update for tcpdump
    
    Critical:    Less critical
    Where:       From remote
    Impact:      DoS
    Released:    2004-04-19
    
    Slackware has issued updated packages for tcpdump. These fix two
    vulnerabilities, which can be exploited by malicious people to cause a
    DoS (Denial of Service).
    
    Full Advisory:
    http://secunia.com/advisories/11408/
    
     --
    
    [SA11403] Debian update for zope
    
    Critical:    Less critical
    Where:       From remote
    Impact:      Security Bypass
    Released:    2004-04-19
    
    
    
    Full Advisory:
    http://secunia.com/advisories/11403/
    
     --
    
    [SA11394] WIKINDX Exposure of Configuration File
    
    Critical:    Less critical
    Where:       From remote
    Impact:      Exposure of sensitive information
    Released:    2004-04-16
    
    Daniel Pozzi has reported a vulnerability in WIKINDX, allowing
    malicious people to view the configuration file.
    
    Full Advisory:
    http://secunia.com/advisories/11394/
    
     --
    
    [SA11453] Red Hat update for kernel
    
    Critical:    Less critical
    Where:       Local system
    Impact:      Exposure of sensitive information, Privilege escalation,
    DoS
    Released:    2004-04-22
    
    Red Hat has issued updated packages for the kernel. These fix various
    vulnerabilities, which can be exploited by malicious people to gain
    escalated privileges, cause a DoS (Denial of Service) or gain knowledge
    of sensitive information.
    
    Full Advisory:
    http://secunia.com/advisories/11453/
    
     --
    
    [SA11452] Fedora update for utempter
    
    Critical:    Less critical
    Where:       Local system
    Impact:      Privilege escalation
    Released:    2004-04-22
    
    Fedora has issued updated packages for utempter. These fix a security
    issue, which potentially can be exploited by malicious, local users to
    perform certain actions with higher privileges on a vulnerable system.
    
    Full Advisory:
    http://secunia.com/advisories/11452/
    
     --
    
    [SA11438] NcFTP Client Password Leakage Security Issue
    
    Critical:    Less critical
    Where:       Local system
    Impact:      Exposure of sensitive information
    Released:    2004-04-22
    
    Konstantin Gavrilenko has reported a security issue in NcFTP Client,
    which exposes the username and password to other local users.
    
    Full Advisory:
    http://secunia.com/advisories/11438/
    
     --
    
    [SA11429] Linux Kernel setsockopt MCAST_MSFILTER Integer Overflow
    Vulnerability
    
    Critical:    Less critical
    Where:       Local system
    Impact:      Privilege escalation
    Released:    2004-04-20
    
    Paul Starzetz and Wojciech Purczynski have reported a vulnerability in
    the Linux kernel, which can be exploited by malicious, local users to
    gain escalated privileges.
    
    Full Advisory:
    http://secunia.com/advisories/11429/
    
     --
    
    [SA11426] Slackware update for utempter
    
    Critical:    Less critical
    Where:       Local system
    Impact:      Privilege escalation
    Released:    2004-04-20
    
    Slackware has issued updated packages for utempter. These fix a
    security issue, which potentially can be exploited by malicious, local
    users to perform certain actions with higher privileges on a vulnerable
    system.
    
    Full Advisory:
    http://secunia.com/advisories/11426/
    
     --
    
    [SA11425] Mandrake update for utempter
    
    Critical:    Less critical
    Where:       Local system
    Impact:      Privilege escalation
    Released:    2004-04-20
    
    MandrakeSoft has issued updated packages for utempter. These fix a
    security issue, which potentially can be exploited by malicious, local
    users to perform certain actions with higher privileges on a vulnerable
    system.
    
    Full Advisory:
    http://secunia.com/advisories/11425/
    
     --
    
    [SA11420] Mandrake update for xine-ui
    
    Critical:    Less critical
    Where:       Local system
    Impact:      Privilege escalation
    Released:    2004-04-20
    
    MandrakeSoft has issued updated packages for xine-ui. These fix a
    vulnerability, which potentially can be exploited by malicious, local
    users to escalate their privileges on a vulnerable system.
    
    Full Advisory:
    http://secunia.com/advisories/11420/
    
     --
    
    [SA11419] Mandrake update for mysql
    
    Critical:    Less critical
    Where:       Local system
    Impact:      Privilege escalation
    Released:    2004-04-20
    
    MandrakeSoft has issued updates packages for mysql. These fix two
    vulnerabilities, allowing malicious users to escalate their
    privileges.
    
    Full Advisory:
    http://secunia.com/advisories/11419/
    
     --
    
    [SA11418] Mandrake update for samba
    
    Critical:    Less critical
    Where:       Local system
    Impact:      Privilege escalation
    Released:    2004-04-20
    
    MandrakeSoft has issued updated packages for Samba. These fix a
    vulnerability, which can be exploited by malicious, local users to gain
    escalated privileges.
    
    Full Advisory:
    http://secunia.com/advisories/11418/
    
     --
    
    [SA11417] utempter Device Path Handling Security Issue
    
    Critical:    Less critical
    Where:       Local system
    Impact:      Privilege escalation
    Released:    2004-04-20
    
    Steve Grubb has discovered a security issue in utempter, which
    potentially can be exploited by malicious, local users to perform
    certain actions with higher privileges on a vulnerable system.
    
    Full Advisory:
    http://secunia.com/advisories/11417/
    
     --
    
    [SA11415] SquirrelMail Change_passwd Plugin Privilege Escalation
    Vulnerability
    
    Critical:    Less critical
    Where:       Local system
    Impact:      Privilege escalation
    Released:    2004-04-20
    
    Matias Neiff has reported a vulnerability in the Change_passwd plugin
    for SquirrelMail, which can be exploited by malicious users to gain
    escalated privileges.
    
    Full Advisory:
    http://secunia.com/advisories/11415/
    
     --
    
    [SA11454] Red Hat update for XFree86
    
    Critical:    Not critical
    Where:       Local system
    Impact:      DoS
    Released:    2004-04-22
    
    
    
    Full Advisory:
    http://secunia.com/advisories/11454/
    
     --
    
    [SA11404] Debian update for iproute
    
    Critical:    Not critical
    Where:       Local system
    Impact:      DoS
    Released:    2004-04-19
    
    Debian has issued updated packages for iproute. These fix a
    vulnerability, which can be exploited by malicious, local users to
    cause a DoS (Denial of Service).
    
    Full Advisory:
    http://secunia.com/advisories/11404/
    
     --
    
    [SA11402] Debian update for logcheck
    
    Critical:    Not critical
    Where:       Local system
    Impact:      Privilege escalation
    Released:    2004-04-19
    
    Debian has issued updated packages for logcheck. These fix a security
    issue, which potentially can be exploited by malicious, local users to
    escalate their privileges.
    
    Full Advisory:
    http://secunia.com/advisories/11402/
    
     --
    
    [SA11399] logcheck Insecure Creation of Temporary Directory
    
    Critical:    Not critical
    Where:       Local system
    Impact:      Privilege escalation
    Released:    2004-04-19
    
    Christian Jaeger has reported a security issue in logcheck, which
    potentially can be exploited by malicious, local users to escalate
    their privileges.
    
    Full Advisory:
    http://secunia.com/advisories/11399/
    
    
    Other:--
    
    [SA11439] Sun Fire IP TOS Denial of Service Vulnerability
    
    Critical:    Moderately critical
    Where:       From remote
    Impact:      DoS
    Released:    2004-04-21
    
    Sun has issued updates for Sun Fire products. These fix a vulnerability
    allowing malicious people to cause a Denial of Service.
    
    Full Advisory:
    http://secunia.com/advisories/11439/
    
     --
    
    [SA11448] SEIL TCP Connection Reset Denial of Service Vulnerability
    
    Critical:    Less critical
    Where:       From remote
    Impact:      DoS
    Released:    2004-04-21
    
    Internet Initiative Japan has acknowledged a vulnerability in the SEIL
    products, which can be exploited by malicious people to reset
    established TCP connections on a vulnerable device.
    
    Full Advisory:
    http://secunia.com/advisories/11448/
    
     --
    
    [SA11445] Blue Coat Products TCP Connection Reset Denial of Service
    
    Critical:    Less critical
    Where:       From remote
    Impact:      DoS
    Released:    2004-04-21
    
    Blue Coat has acknowledged a vulnerability in some products, which can
    be exploited by malicious people to reset established TCP connections
    on a vulnerable device.
    
    Full Advisory:
    http://secunia.com/advisories/11445/
    
     --
    
    [SA11444] Cisco Non-IOS Products TCP Connection Reset Denial of
    Service
    
    Critical:    Less critical
    Where:       From remote
    Impact:      DoS
    Released:    2004-04-21
    
    Cisco has acknowledged that multiple products are affected by a
    vulnerability in the TCP implementation, which can be exploited by
    malicious people to reset TCP connections on a vulnerable device.
    
    Full Advisory:
    http://secunia.com/advisories/11444/
    
     --
    
    [SA11443] Check Point SecurePlatform TCP Connection Reset Denial of
    Service
    
    Critical:    Less critical
    Where:       From remote
    Impact:      DoS
    Released:    2004-04-21
    
    Check Point has acknowledged a vulnerability in SecurePlatform NG,
    which can be exploited by malicious people to reset established TCP
    connections on a vulnerable system.
    
    Full Advisory:
    http://secunia.com/advisories/11443/
    
     --
    
    [SA11440] Cisco IOS TCP Connection Reset Denial of Service
    Vulnerability
    
    Critical:    Less critical
    Where:       From remote
    Impact:      DoS
    Released:    2004-04-21
    
    Paul A. Watson has published research about a somewhat known
    vulnerability in the TCP specification (RFC793), which can be exploited
    by malicious people to cause a DoS (Denial of Service). Cisco has
    acknowledged that Cisco IOS is affected.
    
    Full Advisory:
    http://secunia.com/advisories/11440/
    
     --
    
    [SA11442] Cisco IOS SNMP Request Processing Vulnerability
    
    Critical:    Less critical
    Where:       From local network
    Impact:      DoS
    Released:    2004-04-21
    
    A vulnerability has been discovered in Cisco IOS, which can be
    exploited by malicious people to cause a DoS (Denial of Service).
    
    Full Advisory:
    http://secunia.com/advisories/11442/
    
    
    Cross Platform:--
    
    [SA11393] Gemitel Arbitrary File Inclusion Vulnerability
    
    Critical:    Highly critical
    Where:       From remote
    Impact:      System access
    Released:    2004-04-16
    
    jaguar has reported a vulnerability in Gemitel, allowing malicious
    people to compromise a vulnerable system.
    
    Full Advisory:
    http://secunia.com/advisories/11393/
    
     --
    
    [SA11435] BEA WebLogic URL Restriction Bypass Security Issue
    
    Critical:    Moderately critical
    Where:       From remote
    Impact:      Security Bypass
    Released:    2004-04-21
    
    BEA has issued updates for WebLogic Server and WebLogic Express. These
    fix a weakness, which potentially allows malicious people to bypass URL
    restrictions.
    
    Full Advisory:
    http://secunia.com/advisories/11435/
    
     --
    
    [SA11407] Phorum SQL Injection Vulnerability
    
    Critical:    Moderately critical
    Where:       From remote
    Impact:      Manipulation of data
    Released:    2004-04-19
    
    Janek Vind has reported a vulnerability in Phorum, allowing malicious
    people to conduct SQL injection attacks.
    
    Full Advisory:
    http://secunia.com/advisories/11407/
    
     --
    
    [SA11396] SCT Campus Pipeline Attachment Script Insertion
    Vulnerability
    
    Critical:    Moderately critical
    Where:       From remote
    Impact:      Cross Site Scripting
    Released:    2004-04-16
    
    Spiffomatic64 has reported a vulnerability in SCT Campus Pipeline,
    allowing malicious people to conduct script insertion attacks.
    
    Full Advisory:
    http://secunia.com/advisories/11396/
    
     --
    
    [SA11395] Helix Universal Server HTTP Request Handling Denial of
    Service
    
    Critical:    Moderately critical
    Where:       From remote
    Impact:      DoS
    Released:    2004-04-16
    
    A vulnerability has been discovered in Helix Universal Server, which
    can be exploited by malicious people to cause a DoS (Denial of
    Service).
    
    Full Advisory:
    http://secunia.com/advisories/11395/
    
     --
    
    [SA11386] PostNuke SQL Injection Vulnerabilities
    
    Critical:    Moderately critical
    Where:       From remote
    Impact:      Manipulation of data
    Released:    2004-04-15
    
    pokleyzz has reported two vulnerabilities in PostNuke, allowing
    malicious people to conduct SQL injection attacks.
    
    Full Advisory:
    http://secunia.com/advisories/11386/
    
     --
    
    [SA11436] BEA WebLogic Unauthorised EJB Object Deletion Vulnerability
    
    Critical:    Less critical
    Where:       From remote
    Impact:      Security Bypass
    Released:    2004-04-21
    
    BEA has issued an update for WebLogic Server and WebLogic Express. This
    fixes a vulnerability allowing malicious users to perform unauthorised
    deletion of objects.
    
    Full Advisory:
    http://secunia.com/advisories/11436/
    
     --
    
    [SA11431] Journalness Unauthenticated Post Manipulation Vulnerability
    
    Critical:    Less critical
    Where:       From remote
    Impact:      Security Bypass
    Released:    2004-04-21
    
    A vulnerability has been discovered in Journalness, which reportedly
    can be exploited by invalid users to create and edit posts.
    
    Full Advisory:
    http://secunia.com/advisories/11431/
    
     --
    
    [SA11392] Macromedia ColdFusion File Upload Denial of Service
    Vulnerability
    
    Critical:    Less critical
    Where:       From remote
    Impact:      DoS
    Released:    2004-04-16
    
    Chip Self has discovered a vulnerability in ColdFusion, which can be
    exploited by malicious users to cause a DoS (Denial of Service).
    
    Full Advisory:
    http://secunia.com/advisories/11392/
    
     --
    
    [SA11437] BEA WebLogic Exposure of Administrative Credentials
    
    Critical:    Less critical
    Where:       Local system
    Impact:      Exposure of system information, Exposure of sensitive
    information
    Released:    2004-04-21
    
    BEA has issued an update for WebLogic Server and WebLogic Express. This
    fixes a vulnerability allowing malicious, local users to gain knowledge
    of administrative credentials.
    
    Full Advisory:
    http://secunia.com/advisories/11437/
    
     --
    
    [SA11387] Cisco IPsec VPN Implementation Group Password Disclosure
    
    Critical:    Less critical
    Where:       Local system
    Impact:      Exposure of sensitive information
    Released:    2004-04-16
    
    A vulnerability has been discovered in the Cisco's IPsec VPN
    implementation, allowing malicious, local users to gain knowledge of
    sensitive information.
    
    Full Advisory:
    http://secunia.com/advisories/11387/
    
     --
    
    [SA11434] phpBB IP Spoofing Issue
    
    Critical:    Not critical
    Where:       From remote
    Impact:      ID Spoofing
    Released:    2004-04-21
    
    Wang has reported a vulnerability in phpBB, which can be exploited by
    malicious users to circumvent certain administrative user management
    features.
    
    Full Advisory:
    http://secunia.com/advisories/11434/
    
    
    
    ========================================================================
    
    Secunia recommends that you verify all advisories you receive,
    by clicking the link.
    Secunia NEVER sends attached files with advisories.
    Secunia does not advise people to install third party patches, only use
    those supplied by the vendor.
    
    Definitions: (Criticality, Where etc.)
    http://secunia.com/about_secunia_advisories/
    
    Subscribe:
    http://secunia.com/secunia_weekly_summary/
    
    Contact details:
    Web	: http://secunia.com/
    E-mail	: support@private
    Tel	: +45 70 20 51 44
    Fax	: +45 70 20 51 45
    
    ========================================================================
    
    
    
    _________________________________________
    ISN mailing list
    Sponsored by: OSVDB.org
    



    This archive was generated by hypermail 2b30 : Fri Apr 23 2004 - 03:15:22 PDT