======================================================================== The Secunia Weekly Advisory Summary 2004-05-13 - 2004-05-20 This week : 68 advisories ======================================================================== Table of Contents: 1.....................................................Word From Secunia 2....................................................This Week In Brief 3...............................This Weeks Top Ten Most Read Advisories 4.......................................Vulnerabilities Summary Listing 5.......................................Vulnerabilities Content Listing ======================================================================== 1) Word From Secunia: Secunia has launched a new service called Secunia Virus Information. Secunia Virus Information is based on information automatically collected from seven different anti-virus vendors. The data will be parsed and indexed, resulting in a chronological list, a searchable index, and grouped profiles with information from the seven vendors. Furthermore, when certain criteria are triggered virus alerts will be issued. You can sign-up for the alerts here: Sign-up for Secunia Virus Alerts: http://secunia.com/secunia_virus_alerts/ Secunia Virus Information: http://secunia.com/virus_information/ ======================================================================== 2) This Week in Brief: ADVISORIES: Secunia issued Monday a "Highly Critical" advisory for Mac OS X, as it was reported that it was possible to silently deliver and execute arbitrary code on a vulnerable system. However, during the day more details were revealed, and more advanced exploits were published by various sources, demonstrating exactly how easily this vulnerability could be exploited. Therefore, and in the light of no patch being available from Apple, Secunia raised the severity to a rare "Extremely Critical" for this vulnerability. Please refer to Secunia advisory below for full details. Reference: http://secunia.com/SA11622 -- http-equiv found a vulnerability in Outlook Express, which can be exploited to include arbitrary web content from remote sites in emails. It could be exploited by e.g. spammers to "ping" an email address to see if anyone is reading emails sent to it. http-equiv also reported a vulnerability in Microsoft Outlook, which could be exploited to bypass certain security restrictions. Please refer to the Secunia advisories below for in-depth information about the vulnerabilities. Reference: http://secunia.com/SA11607 http://secunia.com/SA11629 -- A vulnerability in CVS was reported by Stefan Esser, which can be exploited to compromise a vulnerable system. Many vendors have issued patches for this issue, and many more are likely to follow in the next days. Please refer to http://secunia.com for information about vendor patches. Reference: http://secunia.com/SA11641 VIRUS ALERTS: Secunia has not issued any virus alerts during the last week. ======================================================================== 3) This Weeks Top Ten Most Read Advisories: 1. [SA11622] Mac OS X URI Handler Arbitrary Code Execution 2. [SA11066] Symantec Client Firewall Products Multiple Vulnerabilities 3. [SA11539] Mac OS X Security Update Fixes Multiple Vulnerabilities 4. [SA11629] Microsoft Outlook RTF Embedded OLE Object Security Bypass 5. [SA11012] Apple Filing Protocol Insecure Implementation 6. [SA11303] Mac OS X Security Update Fixes Multiple Vulnerabilities 7. [SA10959] Mac OS X Security Update Fixes Multiple Vulnerabilities 8. [SA10440] Mac OS X cd9660.util Privilege Escalation Vulnerability 9. [SA10524] Mac OS X Local Denial of Service Vulnerability 10. [SA10723] Mac OS X Security Update Fixes Multiple Vulnerabilities ======================================================================== 4) Vulnerabilities Summary Listing Windows: [SA11629] Microsoft Outlook RTF Embedded OLE Object Security Bypass [SA11637] NetChat HTTP Service GET Request Buffer Overflow Vulnerability [SA11607] Microsoft Outlook Express Loading of Arbitrary Web Content [SA11633] Microsoft Windows "desktop.ini" Arbitrary File Execution Vulnerability UNIX/Linux: [SA11622] Mac OS X URI Handler Arbitrary Code Execution [SA11662] Slackware update for cvs [SA11661] Fedora update for cvs [SA11659] Fedora update for subversion [SA11658] Mandrake update for cvs [SA11653] SuSE update for cvs [SA11652] FreeBSD update for cvs [SA11651] Debian update for cvs [SA11647] Red Hat update for cvs [SA11646] Gentoo update for pound [SA11642] Subversion Date Parsing Buffer Overflow Vulnerability [SA11641] CVS Entry Line Heap Overflow Vulnerability [SA11620] Gentoo update for exim [SA11604] Zoneminder Query String Buffer Overflow Vulnerability [SA11671] Gentoo update for icecast [SA11670] Fedora update for ipsec-tools [SA11660] Fedora update for libneon [SA11657] Mandrake update for libneon [SA11655] Gentoo update for proftpd [SA11654] Debian update for cadaver [SA11650] Debian update for libneon [SA11648] Red Hat update for cadaver [SA11643] cadaver libneon Date Parsing Heap Overflow Vulnerability [SA11638] Neon Date Parsing Heap Overflow Vulnerability [SA11630] Mandrake update for apache [SA11617] Trustix update for apache [SA11613] HP-UX update for Mozilla [SA11610] Fedora update for LHA [SA11636] Debian update for heimdal [SA11614] HP-UX dtlogin XDMCP Parsing Vulnerability [SA11669] Red Hat update for rsync [SA11667] Red Hat update for libpng [SA11663] Fedora update for tcpdump [SA11656] Gentoo update for kdelibs [SA11645] Mandrake update for kdelibs [SA11644] Fedora update for kdelibs [SA11635] Slackware update for kdelibs [SA11631] Red Hat update for kdelibs [SA11623] TTT-C Multiple Vulnerabilities [SA11619] Gentoo update for libpng [SA11612] Fedora update for libpng [SA11628] SGI IRIX rpc.mountd Denial of Service Vulnerability [SA11668] Red Hat update for mc [SA11621] Slackware update for mc [SA11618] SuSE update for mc [SA11615] HP-UX B6848AB GTK+ Support Libraries Insecure Directory Permissions [SA11609] Gentoo update for utempter [SA11605] OpenBSD procfs Integer Overflow Vulnerability [SA11616] Sun Solaris SMC Web Server File Enumeration Security Issue [SA11611] Fedora update for iproute Other: [SA11632] Sidewinder G2 Firewall Multiple Denial of Service Vulnerabilities [SA11603] Sweex Wireless Broadband Router Exposure of Configuration [SA11627] Blue Coat Security Gateway OS Private Key Disclosure [SA11606] Linksys BEF Series Routers DHCP Vulnerability Cross Platform: [SA11649] Zen Cart SQL Injection Vulnerability [SA11640] phpMyFAQ Arbitrary File Inclusion Vulnerability [SA11639] Java Secure Socket Extension Unspecified Server Certificate Validation Vulnerability [SA11625] PHP-Nuke Multiple Vulnerabilities [SA11608] Ethereal Multiple Vulnerabilities [SA11602] Multiple Browsers Telnet URI Handler File Manipulation Vulnerability [SA11624] osCommerce Directory Traversal Vulnerability ======================================================================== 5) Vulnerabilities Content Listing Windows:-- [SA11629] Microsoft Outlook RTF Embedded OLE Object Security Bypass Critical: Moderately critical Where: From remote Impact: Security Bypass Released: 2004-05-18 http-equiv has reported a vulnerability in Microsoft Outlook 2003, allowing malicious people to perform illegal actions through emails. Full Advisory: http://secunia.com/advisories/11629/ -- [SA11637] NetChat HTTP Service GET Request Buffer Overflow Vulnerability Critical: Moderately critical Where: From local network Impact: System access Released: 2004-05-19 Marius Huse Jacobsen has reported a vulnerability in NetChat, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/11637/ -- [SA11607] Microsoft Outlook Express Loading of Arbitrary Web Content Critical: Less critical Where: From remote Impact: Security Bypass Released: 2004-05-14 http-equiv has reported a vulnerability in Microsoft Outlook Express, allowing malicious people (e.g. spammers and phishers) to load arbitrary content into the email client. Full Advisory: http://secunia.com/advisories/11607/ -- [SA11633] Microsoft Windows "desktop.ini" Arbitrary File Execution Vulnerability Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2004-05-18 Roozbeh Afrasiabi has reported a vulnerability in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/11633/ UNIX/Linux:-- [SA11622] Mac OS X URI Handler Arbitrary Code Execution Critical: Extremely critical Where: From remote Impact: System access Released: 2004-05-17 Two vulnerabilities have been reported in Mac OS X, allowing malicious web sites to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/11622/ -- [SA11662] Slackware update for cvs Critical: Highly critical Where: From remote Impact: System access Released: 2004-05-20 Slackware has issued updated packages for cvs. These fix a vulnerability, which can be exploited by malicious users to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/11662/ -- [SA11661] Fedora update for cvs Critical: Highly critical Where: From remote Impact: System access Released: 2004-05-19 Fedora has issued updated packages for cvs. These fix a vulnerability, which can be exploited by malicious users to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/11661/ -- [SA11659] Fedora update for subversion Critical: Highly critical Where: From remote Impact: System access Released: 2004-05-19 Fedora has issued updated packages for subversion. These fix a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/11659/ -- [SA11658] Mandrake update for cvs Critical: Highly critical Where: From remote Impact: System access Released: 2004-05-19 MandrakeSoft has issued updated packages for cvs. These fix a vulnerability, which can be exploited by malicious users to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/11658/ -- [SA11653] SuSE update for cvs Critical: Highly critical Where: From remote Impact: System access Released: 2004-05-19 SuSE has issued updated packages for cvs. These fix a vulnerability, which can be exploited by malicious users to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/11653/ -- [SA11652] FreeBSD update for cvs Critical: Highly critical Where: From remote Impact: System access Released: 2004-05-19 FreeBSD has issued updates for cvs. These fix a vulnerability, which can be exploited by malicious users to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/11652/ -- [SA11651] Debian update for cvs Critical: Highly critical Where: From remote Impact: System access Released: 2004-05-19 Debian has issued updated packages for cvs. These fix a vulnerability, which can be exploited by malicious users to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/11651/ -- [SA11647] Red Hat update for cvs Critical: Highly critical Where: From remote Impact: System access Released: 2004-05-19 Red Hat has issued updated packages for cvs. These fix a vulnerability, which can be exploited by malicious users to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/11647/ -- [SA11646] Gentoo update for pound Critical: Highly critical Where: From remote Impact: System access Released: 2004-05-19 Gentoo has issued an update for pound. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/11646/ -- [SA11642] Subversion Date Parsing Buffer Overflow Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2004-05-19 Stefan Esser has discovered a vulnerability in Subversion, which can be exploited by malicious users to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/11642/ -- [SA11641] CVS Entry Line Heap Overflow Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2004-05-19 Stefan Esser has reported a vulnerability in CVS, allowing malicious users to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/11641/ -- [SA11620] Gentoo update for exim Critical: Highly critical Where: From remote Impact: System access Released: 2004-05-17 Gentoo has issued updated packages for exim. These fix two vulnerabilities, which potentially can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/11620/ -- [SA11604] Zoneminder Query String Buffer Overflow Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2004-05-13 Mark Cox has reported a vulnerability in ZoneMinder, potentially allowing malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/11604/ -- [SA11671] Gentoo update for icecast Critical: Moderately critical Where: From remote Impact: DoS Released: 2004-05-20 Gentoo has issued an update for icecast. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/11671/ -- [SA11670] Fedora update for ipsec-tools Critical: Moderately critical Where: From remote Impact: DoS Released: 2004-05-20 Fedora has issued updates for ipsec-tools. These fix a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/11670/ -- [SA11660] Fedora update for libneon Critical: Moderately critical Where: From remote Impact: System access Released: 2004-05-19 Fedora has issued updated packages for libneon. These fix a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/11660/ -- [SA11657] Mandrake update for libneon Critical: Moderately critical Where: From remote Impact: System access Released: 2004-05-19 MandrakeSoft has issued updated packages for libneon. These fix a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/11657/ -- [SA11655] Gentoo update for proftpd Critical: Moderately critical Where: From remote Impact: Security Bypass Released: 2004-05-19 Gentoo has issued an update for proftpd. This fixes a security issue, which potentially allows malicious people to bypass ACLs. Full Advisory: http://secunia.com/advisories/11655/ -- [SA11654] Debian update for cadaver Critical: Moderately critical Where: From remote Impact: System access Released: 2004-05-19 Debian has issued updated packages for cadaver. These fix a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/11654/ -- [SA11650] Debian update for libneon Critical: Moderately critical Where: From remote Impact: System access Released: 2004-05-19 Debian has issued updated packages for libneon. These fix a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/11650/ -- [SA11648] Red Hat update for cadaver Critical: Moderately critical Where: From remote Impact: System access Released: 2004-05-19 Red Hat has issued updated packages for cadaver. These fix a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/11648/ -- [SA11643] cadaver libneon Date Parsing Heap Overflow Vulnerability Critical: Moderately critical Where: From remote Impact: System access Released: 2004-05-19 cadaver is affected by a vulnerability in the libneon date parsing code, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/11643/ -- [SA11638] Neon Date Parsing Heap Overflow Vulnerability Critical: Moderately critical Where: From remote Impact: System access Released: 2004-05-19 Stefan Esser has discovered a vulnerability in neon, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/11638/ -- [SA11630] Mandrake update for apache Critical: Moderately critical Where: From remote Impact: Security Bypass, Spoofing, Manipulation of data, DoS Released: 2004-05-18 MandrakeSoft has issued updated packages for apache. These fix various vulnerabilities, which can be exploited to inject potentially malicious characters into error logfiles, bypass certain restrictions, gain unauthorised access, or cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/11630/ -- [SA11617] Trustix update for apache Critical: Moderately critical Where: From remote Impact: Security Bypass, Spoofing, Manipulation of data, DoS Released: 2004-05-14 Trustix has issued updated packages for apache. These fix various vulnerabilities, which can be exploited to inject potentially malicious characters into error logfiles, bypass certain restrictions, gain unauthorised access, or cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/11617/ -- [SA11613] HP-UX update for Mozilla Critical: Moderately critical Where: From remote Impact: System access, DoS, Cross Site Scripting, Security Bypass Released: 2004-05-14 HP has acknowledged various vulnerabilities in Mozilla for HP-UX, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain cookie restrictions, and potentially compromise a user's system. Full Advisory: http://secunia.com/advisories/11613/ -- [SA11610] Fedora update for LHA Critical: Moderately critical Where: From remote Impact: System access Released: 2004-05-14 Fedora has issued an update for lha. This fixes multiple vulnerabilities, which potentially can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/11610/ -- [SA11636] Debian update for heimdal Critical: Moderately critical Where: From local network Impact: DoS, System access Released: 2004-05-18 Evgeny Demidov has discovered a vulnerability in Heimdal, which potentially can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/11636/ -- [SA11614] HP-UX dtlogin XDMCP Parsing Vulnerability Critical: Moderately critical Where: From local network Impact: System access Released: 2004-05-14 HP has acknowledged a vulnerability in HP-UX, which may be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/11614/ -- [SA11669] Red Hat update for rsync Critical: Less critical Where: From remote Impact: Manipulation of data, Security Bypass Released: 2004-05-20 Red Hat has issued updated packages for rsync. These fix a vulnerability, potentially allowing malicious people to write files outside the intended directory. Full Advisory: http://secunia.com/advisories/11669/ -- [SA11667] Red Hat update for libpng Critical: Less critical Where: From remote Impact: DoS Released: 2004-05-20 Red Hat has issued updates for libpng. These fix a vulnerability, potentially allowing malicious people to cause a Denial of Service against certain applications. Full Advisory: http://secunia.com/advisories/11667/ -- [SA11663] Fedora update for tcpdump Critical: Less critical Where: From remote Impact: DoS Released: 2004-05-19 Fedora has issued updated packages for tcpdump. These fix two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/11663/ -- [SA11656] Gentoo update for kdelibs Critical: Less critical Where: From remote Impact: Manipulation of data Released: 2004-05-19 Gentoo has issued updated packages for kdelibs. These fix a vulnerability, which can be exploited by malicious people to create or truncate files on a user's system. Full Advisory: http://secunia.com/advisories/11656/ -- [SA11645] Mandrake update for kdelibs Critical: Less critical Where: From remote Impact: Manipulation of data Released: 2004-05-19 MandrakeSoft has issued updated packages for kdelibs. These fix a vulnerability, which can be exploited by malicious people to create or truncate files on a user's system. Full Advisory: http://secunia.com/advisories/11645/ -- [SA11644] Fedora update for kdelibs Critical: Less critical Where: From remote Impact: Manipulation of data Released: 2004-05-19 Fedora has issued updated packages for kdelibs. These fix a vulnerability, which can be exploited by malicious people to create or truncate files on a user's system. Full Advisory: http://secunia.com/advisories/11644/ -- [SA11635] Slackware update for kdelibs Critical: Less critical Where: From remote Impact: Manipulation of data Released: 2004-05-18 Slackware has issued updated packages for kdelibs. These fix a vulnerability, which can be exploited by malicious people to create or truncate files on a user's system. Full Advisory: http://secunia.com/advisories/11635/ -- [SA11631] Red Hat update for kdelibs Critical: Less critical Where: From remote Impact: Manipulation of data Released: 2004-05-18 Red Hat has issued updated packages for kdelibs. These fix a vulnerability, which can be exploited by malicious people to create or truncate files on a user's system. Full Advisory: http://secunia.com/advisories/11631/ -- [SA11623] TTT-C Multiple Vulnerabilities Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2004-05-19 Kaloyan Olegov Georgiev has reported some vulnerabilities in TTT-C, allowing malicious people to conduct Cross Site Scripting and script insertion attacks. Full Advisory: http://secunia.com/advisories/11623/ -- [SA11619] Gentoo update for libpng Critical: Less critical Where: From remote Impact: DoS Released: 2004-05-17 Gentoo has issued updates for libpng. These fix a vulnerability, potentially allowing malicious people to cause a Denial of Service against certain applications. Full Advisory: http://secunia.com/advisories/11619/ -- [SA11612] Fedora update for libpng Critical: Less critical Where: From remote Impact: DoS Released: 2004-05-14 Fedora has issued updates for libpng. These fix a vulnerability, potentially allowing malicious people to cause a Denial of Service against certain applications. Full Advisory: http://secunia.com/advisories/11612/ -- [SA11628] SGI IRIX rpc.mountd Denial of Service Vulnerability Critical: Less critical Where: From local network Impact: DoS Released: 2004-05-18 SGI has reported a vulnerability in IRIX, allowing malicious people to cause a DoS (Denial of Service) on the rpc.mountd daemon. Full Advisory: http://secunia.com/advisories/11628/ -- [SA11668] Red Hat update for mc Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2004-05-20 Red Hat has issued updates for mc. These fix some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/11668/ -- [SA11621] Slackware update for mc Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2004-05-17 Slackware has issued updates for mc. These fix some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/11621/ -- [SA11618] SuSE update for mc Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2004-05-17 SuSE has issued updates for mc. These fix some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/11618/ -- [SA11615] HP-UX B6848AB GTK+ Support Libraries Insecure Directory Permissions Critical: Less critical Where: Local system Impact: Manipulation of data Released: 2004-05-14 HP has reported a vulnerability in HP-UX, which can be exploited by malicious, local users to manipulate the content of certain files. Full Advisory: http://secunia.com/advisories/11615/ -- [SA11609] Gentoo update for utempter Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2004-05-14 Gentoo has issued an update for utempter. This fixes a security issue, which potentially can be exploited by malicious, local users to perform certain actions with higher privileges on a vulnerable system. Full Advisory: http://secunia.com/advisories/11609/ -- [SA11605] OpenBSD procfs Integer Overflow Vulnerability Critical: Less critical Where: Local system Impact: Exposure of sensitive information, DoS Released: 2004-05-13 OpenBSD has issued patches for procfs. These fix a vulnerability, which potentially can be exploited by malicious, local users to cause a DoS (Denial of Service) or gain knowledge of sensitive information. Full Advisory: http://secunia.com/advisories/11605/ -- [SA11616] Sun Solaris SMC Web Server File Enumeration Security Issue Critical: Not critical Where: From local network Impact: Exposure of system information Released: 2004-05-14 Jon Hart has reported a security issue in Sun Solaris, which can be exploited by malicious people to enumerate files on an affected system. Full Advisory: http://secunia.com/advisories/11616/ -- [SA11611] Fedora update for iproute Critical: Not critical Where: Local system Impact: DoS Released: 2004-05-14 Fedora has issued updated packages for iproute. These fix a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/11611/ Other:-- [SA11632] Sidewinder G2 Firewall Multiple Denial of Service Vulnerabilities Critical: Moderately critical Where: From remote Impact: DoS Released: 2004-05-18 Multiple vulnerabilities have been reported in Sidewinder, which potentially can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/11632/ -- [SA11603] Sweex Wireless Broadband Router Exposure of Configuration Critical: Moderately critical Where: From local network Impact: Exposure of system information, Exposure of sensitive information Released: 2004-05-13 Mark Janssen has reported a vulnerability in Sweex Wireless Broadband Router/Accesspoint, allowing malicious people to gain knowledge of the configuration. Full Advisory: http://secunia.com/advisories/11603/ -- [SA11627] Blue Coat Security Gateway OS Private Key Disclosure Critical: Less critical Where: From local network Impact: Exposure of sensitive information Released: 2004-05-18 A security issue has been reported in Blue Coat SGOS, which may disclose private keys associated with imported certificates. Full Advisory: http://secunia.com/advisories/11627/ -- [SA11606] Linksys BEF Series Routers DHCP Vulnerability Critical: Less critical Where: From local network Impact: Exposure of system information, Exposure of sensitive information, DoS Released: 2004-05-13 Jon Hart has reported a vulnerability in Linksys BEFSR41 and BEFW11S4, which can be exploited by malicious people to gain knowledge of sensitive information or cause a DoS (Denial of Service) Full Advisory: http://secunia.com/advisories/11606/ Cross Platform:-- [SA11649] Zen Cart SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2004-05-19 Oliver Minack has reported a vulnerability in Zen Cart, allowing malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/11649/ -- [SA11640] phpMyFAQ Arbitrary File Inclusion Vulnerability Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information Released: 2004-05-19 Stefan Esser has reported a vulnerability in phpMyFAQ, allowing malicious people to view arbitrary local files and potentially execute arbitrary local php code. Full Advisory: http://secunia.com/advisories/11640/ -- [SA11639] Java Secure Socket Extension Unspecified Server Certificate Validation Vulnerability Critical: Moderately critical Where: From remote Impact: Security Bypass, Spoofing Released: 2004-05-19 A vulnerability has been discovered in JSSE (Java Secure Socket Extension), allowing malicious websites to impersonate trusted websites. Full Advisory: http://secunia.com/advisories/11639/ -- [SA11625] PHP-Nuke Multiple Vulnerabilities Critical: Moderately critical Where: From remote Impact: Cross Site Scripting, System access Released: 2004-05-18 Janek Vind has reported three vulnerabilities in PHP-Nuke, allowing malicious people to conduct Cross Site Scripting attacks and potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/11625/ -- [SA11608] Ethereal Multiple Vulnerabilities Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2004-05-14 Multiple vulnerabilities have been discovered in Ethereal, which can be exploited by malicious people to compromise a vulnerable system or cause a DoS (Denial-of-Service). Full Advisory: http://secunia.com/advisories/11608/ -- [SA11602] Multiple Browsers Telnet URI Handler File Manipulation Vulnerability Critical: Less critical Where: From remote Impact: Manipulation of data Released: 2004-05-13 A vulnerability has been reported in various browsers, which can be exploited by malicious people to create or truncate files on a user's system. Full Advisory: http://secunia.com/advisories/11602/ -- [SA11624] osCommerce Directory Traversal Vulnerability Critical: Not critical Where: From remote Impact: Exposure of sensitive information Released: 2004-05-19 l0om has reported a security issue in osCommerce, allowing malicious administrative users to view arbitrary local files. Full Advisory: http://secunia.com/advisories/11624/ ======================================================================== Secunia recommends that you verify all advisories you receive, by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Subscribe: http://secunia.com/secunia_weekly_summary/ Contact details: Web : http://secunia.com/ E-mail : support@private Tel : +45 70 20 51 44 Fax : +45 70 20 51 45 ======================================================================== _________________________________________ ISN mailing list Sponsored by: OSVDB.org
This archive was generated by hypermail 2b30 : Fri May 21 2004 - 11:09:07 PDT