[ISN] Secunia Weekly Summary - Issue: 2004-18

From: InfoSec News (isn@private)
Date: Fri Apr 30 2004 - 00:40:20 PDT


========================================================================

                  The Secunia Weekly Advisory Summary                  
                        2004-04-22 - 2004-04-29                        

                       This week : 28 advisories                       

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing

========================================================================
1) Word From Secunia:

Secunia has launched a new service called Secunia Virus Information.
Secunia Virus Information is based on information automatically
collected from seven different anti-virus vendors. The data will be
parsed and indexed, resulting in a chronological list, a searchable
index, and grouped profiles with information from the seven vendors.

Furthermore, when certain criteria are triggered virus alerts will be
issued. You can sign-up for the alerts here:

Sign-up for Secunia Virus Alerts:
http://secunia.com/secunia_virus_alerts/

Secunia Virus Information:
http://secunia.com/virus_information/


========================================================================
2) This Week in Brief:


ADVISORIES:

Rodrigo Gutierrez discovered a vulnerability in Windows Explorer and
Internet Explorer, which potentialle can be exploited to compromise a
vulnerable user's system.

The vulnerability was reported to Microsoft a long time ago, and
Microsoft reported that the vulnerability was fixed in the latest
service packs for Windows 2000 and Windows XP.

However, Secunia, Rodrigo Gutierrez, and several others have confirmed
that this is not the case; both operating systems have been tested
and are still vulnerable.

Additionally, several other Microsoft operating systems have also been
reported vulnerable: Windows 95, Windows 98, Windows ME, and
Windows NT 4.0

Please refer to the Secunia advisory below for more information and
alternative solution to the vulnerability.

Reference:
http://secunia.com/SA11482


VIRUS ALERTS:

During the last week, Secunia issued four MEDIUM RISK virus alerts and
one HIGH RISK virus alert for two  Netsky variants and two Bagle
variants. Please refer to the grouped virus profiles below for more
information:

BAGLE.Z - HIGH RISK Virus Alert - 2004-04-29 03:37 GMT+1
http://secunia.com/virus_information/9048/bagle.z/

BAGLE.Z - MEDIUM RISK Virus Alert - 2004-04-28 18:13 GMT+1
http://secunia.com/virus_information/9048/bagle.z/

Netsky.AB - MEDIUM RISK Virus Alert - 2004-04-28 10:58 GMT+1
http://secunia.com/virus_information/9040/netsky.ab/

Netsky.z - MEDIUM RISK Virus Alert - 2004-04-27 23:40 GMT+1
http://secunia.com/virus_information/8909/netsky.z/

Bagle.Y - MEDIUM RISK Virus Alert - 2004-04-26 22:44 GMT+1
http://secunia.com/virus_information/8994/bagle.y/

========================================================================
3) This Weeks Top Ten Most Read Advisories:

1.  [SA11482] Windows Explorer / Internet Explorer Long Share Name
              Buffer Overflow
2.  [SA11064] Microsoft Windows 14 Vulnerabilities
3.  [SA10395] Internet Explorer URL Spoofing Vulnerability
4.  [SA11464] Linux Kernel CPUFREQ Proc Handler Kernel Memory
              Disclosure Vulnerability
5.  [SA11471] McAfee ePolicy Orchestrator Unspecified Command Execution
              Vulnerability
6.  [SA11102] Symantec Client Firewall Products Denial of Service
              Vulnerability
7.  [SA11406] PostNuke Multiple Vulnerabilities
8.  [SA11483] Sun Solaris TCP/IP Networking Stack Denial of Service
              Vulnerability
9.  [SA10736] Internet Explorer File Download Extension Spoofing
10. [SA11486] Linux Kernel Framebuffer Driver Direct Userspace Access
              Vulnerability

========================================================================
4) Vulnerabilities Summary Listing

Windows:
[SA11482] Windows Explorer / Internet Explorer Long Share Name Buffer
Overflow
[SA11471] McAfee ePolicy Orchestrator Unspecified Command Execution
Vulnerability
[SA11490] DiGi WWW Server Long Request Denial of Service Vulnerability
[SA11477] MSMS Core Exposure of System Information

UNIX/Linux:
[SA11485] Gentoo update for sSMTP
[SA11484] Sun Cobalt update for ProFTPD
[SA11476] Gentoo update for net-firewall/ipsec-tools
[SA11468] HP update for Apache HTTP Server
[SA11487] Gentoo update for LCDproc
[SA11489] paFileDB Cross Site Scripting Vulnerability
[SA11488] Gentoo update for xine
[SA11467] pisg Script Insertion Vulnerability
[SA11491] Mandrake update for kernel
[SA11470] Fedora update for kernel
[SA11469] Red Hat update for kernel
[SA11464] Linux Kernel CPUFREQ Proc Handler Kernel Memory Disclosure
Vulnerability
[SA11486] Linux Kernel Framebuffer Driver Direct Userspace Access
Vulnerability
[SA11483] Sun Solaris TCP/IP Networking Stack Denial of Service
Vulnerability

Other:
[SA11492] Siemens S55 SMS Send Prompt Bypass Weakness

Cross Platform:
[SA11472] Netegrity SiteMinder Affiliate Agent Heap Overflow
Vulnerability
[SA11481] OpenBB Multiple Vulnerabilities
[SA11478] Protector System Multiple Vulnerabilities
[SA11475] artmedic hpmaker Arbitrary File Inclusion Vulnerability
[SA11465] Phprofession Multiple Vulnerabilities
[SA11479] Network Query Tool Cross Site Scripting Vulnerability
[SA11474] Fusion news "id" Cross Site Scripting Vulnerability
[SA11466] PostNuke Cross Site Scripting Vulnerabilities
[SA11480] phpwsBB Reveals Non-Anonymous Labels

========================================================================
5) Vulnerabilities Content Listing

Windows:--

[SA11482] Windows Explorer / Internet Explorer Long Share Name Buffer
Overflow

Critical:    Highly critical
Where:       From local network
Impact:      System access
Released:    2004-04-26

Rodrigo Gutierrez has discovered a vulnerability in Windows and
Internet Explorer, which can be exploited by malicious people to
compromise a user's system.

Full Advisory:
http://secunia.com/advisories/11482/

 --

[SA11471] McAfee ePolicy Orchestrator Unspecified Command Execution
Vulnerability

Critical:    Moderately critical
Where:       From local network
Impact:      System access
Released:    2004-04-23

An unspecified vulnerability has been discovered in McAfee ePolicy
Orchestrator, which can be exploited by malicious people to execute
arbitrary commands on a vulnerable system.

Full Advisory:
http://secunia.com/advisories/11471/

 --

[SA11490] DiGi WWW Server Long Request Denial of Service Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2004-04-28

Donato Ferrante has reported a vulnerability in DiGi WWW Server, which
can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/11490/

 --

[SA11477] MSMS Core Exposure of System Information

Critical:    Not critical
Where:       From remote
Impact:      Exposure of system information
Released:    2004-04-26

CyberTalon has reported a vulnerability in MSMS Core, allowing
malicious people to view details about the system.

Full Advisory:
http://secunia.com/advisories/11477/


UNIX/Linux:--

[SA11485] Gentoo update for sSMTP

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2004-04-27

Gentoo has issued updated packages for ssmtp. These fix two
vulnerabilities, allowing malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/11485/

 --

[SA11484] Sun Cobalt update for ProFTPD

Critical:    Highly critical
Where:       From remote
Impact:      Unknown
Released:    2004-04-27



Full Advisory:
http://secunia.com/advisories/11484/

 --

[SA11476] Gentoo update for net-firewall/ipsec-tools

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2004-04-24

Gentoo has issued updates for net-firewall/ipsec-tools. These fix a
vulnerability, which can be exploited by malicious people to cause a
DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/11476/

 --

[SA11468] HP update for Apache HTTP Server

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data, DoS
Released:    2004-04-27

HP has acknowledged some vulnerabilities in their version of the Apache
HTTP Server. These can be exploited by malicious people to cause a DoS
(Denial of Service) and insert certain potentially malicious characters
in log files.

Full Advisory:
http://secunia.com/advisories/11468/

 --

[SA11487] Gentoo update for LCDproc

Critical:    Moderately critical
Where:       From local network
Impact:      System access
Released:    2004-04-27

Gentoo has issued an update for LCDproc. This fixes multiple
vulnerabilities, which can be exploited by malicious people to
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/11487/

 --

[SA11489] paFileDB Cross Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2004-04-28

DarkBicho has reported a vulnerability in paFileDB, allowing malicious
people to conduct Cross Site Scripting attacks.

Full Advisory:
http://secunia.com/advisories/11489/

 --

[SA11488] Gentoo update for xine

Critical:    Less critical
Where:       From remote
Impact:      Manipulation of data
Released:    2004-04-27

Gentoo has issued updates for xine-ui and xine-lib. These fix a
vulnerability, which potentially can be exploited by malicious people
to gain system access.

Full Advisory:
http://secunia.com/advisories/11488/

 --

[SA11467] pisg Script Insertion Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2004-04-23

shr3kst3r has reported a vulnerability in pisg, allowing malicious
people to conduct script insertion attacks.

Full Advisory:
http://secunia.com/advisories/11467/

 --

[SA11491] Mandrake update for kernel

Critical:    Less critical
Where:       Local system
Impact:      Security Bypass, Exposure of system information, Exposure
of sensitive information, Privilege escalation, DoS
Released:    2004-04-28

MandrakeSoft has issued updated packages for the kernel. These fix some
vulnerabilities, which can be exploited by malicious, local users to
gain escalated privileges, gain knowledge of sensitive information, or
cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/11491/

 --

[SA11470] Fedora update for kernel

Critical:    Less critical
Where:       Local system
Impact:      Exposure of sensitive information, Privilege escalation,
DoS
Released:    2004-04-23

Fedora has issued updated packages for the kernel. These fix various
vulnerabilities, which can be exploited by malicious people to gain
escalated privileges, to cause a DoS (Denial of Service) or gain
knowledge of sensitive information.

Full Advisory:
http://secunia.com/advisories/11470/

 --

[SA11469] Red Hat update for kernel

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2004-04-23

Red Hat has issued updated packages for the kernel. These fix various
vulnerabilities, which can be exploited by malicious users to gain
escalated privileges.

Full Advisory:
http://secunia.com/advisories/11469/

 --

[SA11464] Linux Kernel CPUFREQ Proc Handler Kernel Memory Disclosure
Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Exposure of system information, Exposure of sensitive
information
Released:    2004-04-23

Brad Spengler has reported a vulnerability in the Linux kernel, which
can be exploited by malicious, local users to gain knowledge of
sensitive information.

Full Advisory:
http://secunia.com/advisories/11464/

 --

[SA11486] Linux Kernel Framebuffer Driver Direct Userspace Access
Vulnerability

Critical:    Not critical
Where:       Local system
Impact:      Security Bypass, DoS
Released:    2004-04-28

Arjan van de Ven has reported a vulnerability in the Linux Kernel,
which can be exploited by malicious, local users to cause a DoS (Denial
of Service).

Full Advisory:
http://secunia.com/advisories/11486/

 --

[SA11483] Sun Solaris TCP/IP Networking Stack Denial of Service
Vulnerability

Critical:    Not critical
Where:       Local system
Impact:      DoS
Released:    2004-04-26

A vulnerability has been discovered in Solaris, which can be exploited
by malicious, local users to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/11483/


Other:--

[SA11492] Siemens S55 SMS Send Prompt Bypass Weakness

Critical:    Not critical
Where:       Local system
Impact:      Security Bypass
Released:    2004-04-28

The Phenoelit Group has reported a vulnerability in Siemens S55 cell
phones, which potentially can be exploited by malicious Java
applications to trick users into sending SMS messages unknowingly.

Full Advisory:
http://secunia.com/advisories/11492/


Cross Platform:--

[SA11472] Netegrity SiteMinder Affiliate Agent Heap Overflow
Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2004-04-24

Jeremy Jethro has reported a vulnerability in Netegrity SiteMinder
Affiliate Agent, which can be exploited by malicious people to
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/11472/

 --

[SA11481] OpenBB Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, Manipulation of
data
Released:    2004-04-26

Some vulnerabilities have been reported in OpenBB, allowing malicious
people to conduct Cross Site Scripting, SQL injection and script
insertion attacks.

Full Advisory:
http://secunia.com/advisories/11481/

 --

[SA11478] Protector System Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, Manipulation of
data, Exposure of sensitive information
Released:    2004-04-26

Janek Vind has reported some vulnerabilities in Protector System,
allowing malicious people to conduct Cross Site Scripting, SQL
injection and bypass the protection filters.

Full Advisory:
http://secunia.com/advisories/11478/

 --

[SA11475] artmedic hpmaker Arbitrary File Inclusion Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2004-04-23

DarkBicho has reported a vulnerability in artmedic hpmaker, allowing
malicious users to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/11475/

 --

[SA11465] Phprofession Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data, Exposure of
sensitive information
Released:    2004-04-23

Janek Vind has reported some vulnerabilities in Phprofession. These can
be exploited by malicious people to conduct Cross Site Scripting and
SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/11465/

 --

[SA11479] Network Query Tool Cross Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting, Exposure of sensitive information
Released:    2004-04-26

Janek Vind has reported a vulnerability in Network Query Tool, allowing
malicious people to conduct Cross Site Scripting attacks.

Full Advisory:
http://secunia.com/advisories/11479/

 --

[SA11474] Fusion news "id" Cross Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2004-04-23

DarkBicho has reported a vulnerability in Fusion news, allowing
malicious people to conduct Cross Site Scripting attacks.

Full Advisory:
http://secunia.com/advisories/11474/

 --

[SA11466] PostNuke Cross Site Scripting Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting, Exposure of sensitive information
Released:    2004-04-23

Janek Vind has reported some vulnerabilities in PostNuke, allowing
malicious people to conduct Cross Site Scripting attacks.

Full Advisory:
http://secunia.com/advisories/11466/

 --

[SA11480] phpwsBB Reveals Non-Anonymous Labels

Critical:    Not critical
Where:       From remote
Impact:      Exposure of sensitive information
Released:    2004-04-26

Stephen Adler has reported a security issue in phpwsBB and
phpwsContacts, allowing malicious people to view labels.

Full Advisory:
http://secunia.com/advisories/11480/



========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Subscribe:
http://secunia.com/secunia_weekly_summary/

Contact details:
Web	: http://secunia.com/
E-mail	: support@private
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45

========================================================================




_________________________________________
ISN mailing list
Sponsored by: OSVDB.org



This archive was generated by hypermail 2b30 : Fri Apr 30 2004 - 21:41:03 PDT