========================================================================
The Secunia Weekly Advisory Summary
2004-06-17 - 2004-06-24
This week : 44 advisories
========================================================================
Table of Contents:
1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing
========================================================================
1) Word From Secunia:
New Features at Secunia.com
Secunia has implemented various statistical features at the websites
for both Secunia advisories and Virus Information.
Secunia Advisories Statistics:
http://secunia.com/advisory_statistics/
Examples of Specific Product Statistics:
http://secunia.com/product/11/ (Internet Explorer 6)
http://secunia.com/product/761/ (Opera 7.x)
http://secunia.com/product/1480/ (Mozilla 1.3)
Secunia Virus Information Statistics:
http://secunia.com/virus_statistics/
Furthermore, Secunia has made it possible for you to include all graphs
available at secunia.com on your own website.
This is described in detail at:
http://secunia.com/secunia_image_inclusion/
========================================================================
2) This Week in Brief:
ADVISORIES:
Luigi Auriemma has again found a vulnerability in the very popular
Unreal Engine, which can be exploited to compromise users' systems.
The Unreal Engine is used in many different First Person Shooter games.
A complete list of affected games was provided by Luigi Auriemma and is
also available in the Secunia advisory below.
Reference:
http://secunia.com/SA11900
--
Various Firewall products from Symantec have been proven vulnerable to
DNS cache poisoning.
This can be exploited to insert fake information in the DNS cache,
which can be used to direct users to malicious web sites or just
prevent them from accessing certain web sites.
Symantec has released hotfixes for the affected products.
Reference:
http://secunia.com/SA11888
VIRUS ALERTS:
During the last week, Secunia issued one MEDIUM RISK virus alert.
Please refer to the grouped virus profile below for more information:
Korgo.R - MEDIUM RISK Virus Alert - 2004-06-24 07:07 GMT+1
http://secunia.com/virus_information/10219/korgo.r/
========================================================================
3) This Weeks Top Ten Most Read Advisories:
1. [SA11793] Internet Explorer Local Resource Access and Cross-Zone
Scripting Vulnerabilities
2. [SA11900] Unreal Engine "secure" Query Buffer Overflow
Vulnerability
3. [SA11856] Mozilla Browser Address Bar Spoofing Weakness
4. [SA11901] Opera Address Bar Spoofing Security Issue
5. [SA11830] Internet Explorer Security Zone Bypass and Address Bar
Spoofing Vulnerability
6. [SA11888] Symantec Various Firewall Products DNS Proxy Cache
Poisoning Vulnerability
7. [SA11072] IBM Access Support ActiveX Controls Various Insecure
Methods
8. [SA10395] Internet Explorer URL Spoofing Vulnerability
9. [SA11877] IPsec-Tools Denial of Service and Certificate Validation
Vulnerabilities
10. [SA11914] Microsoft MN-500 Multiple Connections Denial of Service
========================================================================
4) Vulnerabilities Summary Listing
Windows:
[SA11895] Snitz Forums 2000 "register.asp" Email Field Script Insertion
Vulnerability
UNIX/Linux:
[SA11917] Gentoo update for apache
[SA11889] Gentoo update for squid
[SA11887] SuSE update for subversion
[SA11922] Gentoo update for IPsec-Tools
[SA11918] SqWebMail "print_header_uc()" Function Script Insertion
Vulnerability
[SA11933] Fedora update for dhcp
[SA11929] SuSE update for dhcp/dhcp-server
[SA11927] Mandrake update for dhcp
[SA11923] ISC DHCP Buffer Overflow Vulnerabilities
[SA11907] Debian update for rlpr
[SA11906] rlpr "msg()" Function Buffer Overflow and Format String
Vulnerabilities
[SA11904] Debian update for sup
[SA11898] SUP Logging Functionality Format String Vulnerabilities
[SA11910] IRCD-Hybrid / ircd-ratbox Socket Dequeuing Denial of Service
Vulnerability
[SA11909] Fedora update for libpng
[SA11908] Red Hat update for libpng
[SA11896] Gentoo update for usermin
[SA11890] Gentoo update for aspell
[SA11897] GNU Radius SNMP Invalid OID Denial of Service Vulnerability
[SA11932] Mandrake update for kernel
[SA11924] cplay Insecure Temporary File Creation Vulnerability
[SA11921] Conectiva update for kernel
[SA11916] EnGarde update for kernel
[SA11905] Debian update for super
[SA11903] Debian update for www-sql
[SA11902] WWW-SQL Include Command Buffer Overflow Vulnerability
[SA11899] super Unspecified Format String Vulnerability
[SA11893] HP-UX xfs Privilege Escalation Vulnerability
[SA11892] Red Hat update for kernel
[SA11891] Linux Kernel Various Drivers Userland Pointer Dereference
Vulnerabilities
[SA11930] Sun Solaris Basic Security Module Denial of Service
Vulnerability
[SA11926] rssh File Existence Information Disclosure Weakness
Other:
[SA11919] D-Link DI-614+ AirPlus DHCP Script Insertion Vulnerability
[SA11912] Infoblox DNS One Script Insertion Vulnerability
[SA11914] Microsoft MN-500 Multiple Connections Denial of Service
[SA11913] Netgear FVS318 Multiple Connections Denial of Service
[SA11911] Linksys BEFSR41 Connection Handling Denial of Service
[SA11915] nCipher netHSM Logfile Pass Phrase Disclosure
Cross Platform:
[SA11900] Unreal Engine "secure" Query Buffer Overflow Vulnerability
[SA11920] PHP-Nuke Multiple Vulnerabilities
[SA11894] phpMyChat Multiple Vulnerabilities
[SA11888] Symantec Various Firewall Products DNS Proxy Cache Poisoning
Vulnerability
[SA11901] Opera Address Bar Spoofing Security Issue
========================================================================
5) Vulnerabilities Content Listing
Windows:--
[SA11895] Snitz Forums 2000 "register.asp" Email Field Script Insertion
Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting
Released: 2004-06-21
Pete Foster has reported a vulnerability in Snitz Forums 2000, which
can be exploited by malicious people to conduct script insertion
attacks.
Full Advisory:
http://secunia.com/advisories/11895/
UNIX/Linux:--
[SA11917] Gentoo update for apache
Critical: Highly critical
Where: From remote
Impact: System access, DoS
Released: 2004-06-22
Gentoo has issued an update for apache. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service) and potentially compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/11917/
--
[SA11889] Gentoo update for squid
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-06-17
Gentoo has issued an update for squid. This fixes a vulnerability,
which can be exploited by malicious people to compromise a vulnerable
system.
Full Advisory:
http://secunia.com/advisories/11889/
--
[SA11887] SuSE update for subversion
Critical: Highly critical
Where: From remote
Impact: DoS, System access
Released: 2004-06-17
SuSE has issued an update for subversion. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service) and potentially compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/11887/
--
[SA11922] Gentoo update for IPsec-Tools
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2004-06-23
Gentoo has issued an update for ipsec-tools. This fixes a
vulnerability, which can be exploited by malicious people to cause a
DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/11922/
--
[SA11918] SqWebMail "print_header_uc()" Function Script Insertion
Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting
Released: 2004-06-22
Luca Legato has reported a vulnerability in SqWebMail, which can be
exploited by malicious people to conduct script insertion attacks.
Full Advisory:
http://secunia.com/advisories/11918/
--
[SA11933] Fedora update for dhcp
Critical: Moderately critical
Where: From local network
Impact: System access, DoS
Released: 2004-06-24
Fedora has issued an update for dhcp. This fixes a vulnerability, which
can be exploited by malicious people to cause a DoS (Denial of Service)
or potentially compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/11933/
--
[SA11929] SuSE update for dhcp/dhcp-server
Critical: Moderately critical
Where: From local network
Impact: DoS, System access
Released: 2004-06-23
SuSE has issued an update for dhcp/dhcp-server. This fixes some
vulnerabilities, which potentially can be exploited by malicious people
to cause a Denial of Service or compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/11929/
--
[SA11927] Mandrake update for dhcp
Critical: Moderately critical
Where: From local network
Impact: DoS, System access
Released: 2004-06-23
MandrakeSoft has issued an update for dhcp. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service) or potentially compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/11927/
--
[SA11923] ISC DHCP Buffer Overflow Vulnerabilities
Critical: Moderately critical
Where: From local network
Impact: DoS, System access
Released: 2004-06-23
Two vulnerabilities have been reported in DHCP, which potentially can
be exploited by malicious people to cause a Denial of Service or
compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/11923/
--
[SA11907] Debian update for rlpr
Critical: Moderately critical
Where: From local network
Impact: System access
Released: 2004-06-21
Debian has issued an update for rlpr. This fixes some vulnerabilities
in rlpr, which can be exploited by malicious people to compromise a
vulnerable system.
Full Advisory:
http://secunia.com/advisories/11907/
--
[SA11906] rlpr "msg()" Function Buffer Overflow and Format String
Vulnerabilities
Critical: Moderately critical
Where: From local network
Impact: System access
Released: 2004-06-21
Jaguar has reported some vulnerabilities in rlpr, which can be
exploited by malicious people to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/11906/
--
[SA11904] Debian update for sup
Critical: Moderately critical
Where: From local network
Impact: System access
Released: 2004-06-21
Debian has issued an update for sup. This fixes multiple
vulnerabilities, which potentially can be exploited by malicious people
to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/11904/
--
[SA11898] SUP Logging Functionality Format String Vulnerabilities
Critical: Moderately critical
Where: From local network
Impact: System access
Released: 2004-06-21
Jaguar has reported a vulnerability in sup, which potentially can be
exploited by malicious people to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/11898/
--
[SA11910] IRCD-Hybrid / ircd-ratbox Socket Dequeuing Denial of Service
Vulnerability
Critical: Less critical
Where: From remote
Impact: DoS
Released: 2004-06-22
Erik Sperling Johansen has reported a vulnerability in IRCD-Hybrid and
ircd-ratbox, which can be exploited by malicious people to cause a DoS
(Denial of Service).
Full Advisory:
http://secunia.com/advisories/11910/
--
[SA11909] Fedora update for libpng
Critical: Less critical
Where: From remote
Impact: DoS
Released: 2004-06-21
Full Advisory:
http://secunia.com/advisories/11909/
--
[SA11908] Red Hat update for libpng
Critical: Less critical
Where: From remote
Impact: DoS
Released: 2004-06-21
Full Advisory:
http://secunia.com/advisories/11908/
--
[SA11896] Gentoo update for usermin
Critical: Less critical
Where: From remote
Impact: Security Bypass, DoS
Released: 2004-06-21
Gentoo has issued an update for usermin. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service) or bypass certain security restrictions.
Full Advisory:
http://secunia.com/advisories/11896/
--
[SA11890] Gentoo update for aspell
Critical: Less critical
Where: From remote
Impact: System access
Released: 2004-06-18
Gentoo has issued an update for aspell. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
user's system.
Full Advisory:
http://secunia.com/advisories/11890/
--
[SA11897] GNU Radius SNMP Invalid OID Denial of Service Vulnerability
Critical: Less critical
Where: From local network
Impact: DoS
Released: 2004-06-22
A vulnerability has been reported in GNU Radius, which can be exploited
by malicious people to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/11897/
--
[SA11932] Mandrake update for kernel
Critical: Less critical
Where: Local system
Impact: Exposure of sensitive information, DoS
Released: 2004-06-24
MandrakeSoft has issued an update for the kernel. This fixes two
vulnerabilities, which can be exploited by malicious, local users to
cause a DoS (Denial of Service) or gain knowledge of sensitive
information.
Full Advisory:
http://secunia.com/advisories/11932/
--
[SA11924] cplay Insecure Temporary File Creation Vulnerability
Critical: Less critical
Where: Local system
Impact: Privilege escalation, DoS
Released: 2004-06-23
Martin Michlmayr has reported a vulnerability in cplay allowing
malicious, local users to perform certain actions with escalated
privileges.
Full Advisory:
http://secunia.com/advisories/11924/
--
[SA11921] Conectiva update for kernel
Critical: Less critical
Where: Local system
Impact: Exposure of sensitive information, Privilege escalation,
DoS
Released: 2004-06-23
Conectiva as issued an update for the kernel. This fixes two
vulnerabilities, which can be exploited by malicious, local users to
cause a DoS (Denial of Service), gain knowledge of sensitive
information, or gain escalated privileges.
Full Advisory:
http://secunia.com/advisories/11921/
--
[SA11916] EnGarde update for kernel
Critical: Less critical
Where: Local system
Impact: Exposure of sensitive information, DoS
Released: 2004-06-22
Guardian Digital has issued an update for the kernel. This fixes two
vulnerabilities, which can be exploited by malicious, local users to
cause a DoS (Denial of Service) or gain knowledge of sensitive
information.
Full Advisory:
http://secunia.com/advisories/11916/
--
[SA11905] Debian update for super
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-06-21
Debian has issued an update for super. This fixes a vulnerability,
which can be exploited by certain local users to gain escalated
privileges.
Full Advisory:
http://secunia.com/advisories/11905/
--
[SA11903] Debian update for www-sql
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-06-21
Debian has issued an update for www-sql. This fixes a vulnerability,
which can be exploited by malicious, local users to gain escalated
privileges.
Full Advisory:
http://secunia.com/advisories/11903/
--
[SA11902] WWW-SQL Include Command Buffer Overflow Vulnerability
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-06-21
Ulf Härnhammar has reported a vulnerability in WWW-SQL, which can be
exploited by malicious, local users to gain escalated privileges.
Full Advisory:
http://secunia.com/advisories/11902/
--
[SA11899] super Unspecified Format String Vulnerability
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-06-21
Max Vozeler has reported a vulnerability in super, which can be
exploited by certain local users to gain escalated privileges.
Full Advisory:
http://secunia.com/advisories/11899/
--
[SA11893] HP-UX xfs Privilege Escalation Vulnerability
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-06-18
watercloud has reported a vulnerability in HP-UX, which can be
exploited by malicious, local users to gain escalated privileges.
Full Advisory:
http://secunia.com/advisories/11893/
--
[SA11892] Red Hat update for kernel
Critical: Less critical
Where: Local system
Impact: Exposure of system information, Exposure of sensitive
information, Privilege escalation, DoS
Released: 2004-06-21
Red Hat has issued an update for the kernel. This fixes various
vulnerabilities, which can be exploited by malicious, local users to
cause a DoS (Denial of Service), disclose kernel memory, or gain
escalated privileges.
Full Advisory:
http://secunia.com/advisories/11892/
--
[SA11891] Linux Kernel Various Drivers Userland Pointer Dereference
Vulnerabilities
Critical: Less critical
Where: Local system
Impact: Exposure of system information, Exposure of sensitive
information, Privilege escalation
Released: 2004-06-21
Vulnerabilities have been discovered in various drivers for the Linux
kernel, which can be exploited by malicious, local users to disclose
kernel memory or gain escalated privileges.
Full Advisory:
http://secunia.com/advisories/11891/
--
[SA11930] Sun Solaris Basic Security Module Denial of Service
Vulnerability
Critical: Not critical
Where: Local system
Impact: DoS
Released: 2004-06-23
A vulnerability has been discovered in Solaris, which can be exploited
by malicious, local users to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/11930/
--
[SA11926] rssh File Existence Information Disclosure Weakness
Critical: Not critical
Where: Local system
Impact: Security Bypass, Exposure of system information
Released: 2004-06-23
William F. McCaw has discovered a weakness in rssh, which can be
exploited by malicious users to bypass certain security restrictions.
Full Advisory:
http://secunia.com/advisories/11926/
Other:--
[SA11919] D-Link DI-614+ AirPlus DHCP Script Insertion Vulnerability
Critical: Moderately critical
Where: From local network
Impact: Cross Site Scripting
Released: 2004-06-22
Gregory Duchemin has reported a vulnerability in D-Link DI-614+
AirPlus, which can be exploited by malicious people to conduct script
insertion attacks.
Full Advisory:
http://secunia.com/advisories/11919/
--
[SA11912] Infoblox DNS One Script Insertion Vulnerability
Critical: Moderately critical
Where: From local network
Impact: Cross Site Scripting
Released: 2004-06-21
Gregory Duchemin has reported a vulnerability in DNS One, potentially
allowing malicious people to conduct script insertion attacks.
Full Advisory:
http://secunia.com/advisories/11912/
--
[SA11914] Microsoft MN-500 Multiple Connections Denial of Service
Critical: Less critical
Where: From local network
Impact: DoS
Released: 2004-06-21
Paul Kurczaba has reported a security issue in Microsoft MN-500, which
can be exploited by malicious people to cause a DoS (Denial of
Service).
Full Advisory:
http://secunia.com/advisories/11914/
--
[SA11913] Netgear FVS318 Multiple Connections Denial of Service
Critical: Less critical
Where: From local network
Impact: DoS
Released: 2004-06-21
Paul Kurczaba has reported a security issue in Netgear FVS318, which
can be exploited by malicious people to cause a DoS (Denial of
Service).
Full Advisory:
http://secunia.com/advisories/11913/
--
[SA11911] Linksys BEFSR41 Connection Handling Denial of Service
Critical: Less critical
Where: From local network
Impact: DoS
Released: 2004-06-21
Paul Kurczaba has reported a security issue in Linksys BEFSR41, which
can be exploited by malicious people to cause a DoS (Denial of
Service).
Full Advisory:
http://secunia.com/advisories/11911/
--
[SA11915] nCipher netHSM Logfile Pass Phrase Disclosure
Critical: Less critical
Where: Local system
Impact: Exposure of system information, Exposure of sensitive
information
Released: 2004-06-22
A security issue has been reported in nCipher netHSM, which may
disclose sensitive information to malicious, local users.
Full Advisory:
http://secunia.com/advisories/11915/
Cross Platform:--
[SA11900] Unreal Engine "secure" Query Buffer Overflow Vulnerability
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-06-22
Luigi Auriemma has reported a vulnerability in the Unreal Engine, which
can be exploited by malicious people to compromise a vulnerable
system.
Full Advisory:
http://secunia.com/advisories/11900/
--
[SA11920] PHP-Nuke Multiple Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Security Bypass, Cross Site Scripting, Manipulation of
data, Exposure of sensitive information
Released: 2004-06-23
Janek Vind has reported some vulnerabilities in PHP-Nuke, potentially
allowing malicious people to reveal sensitive information, conduct
cross-site scripting, script insertion, and SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/11920/
--
[SA11894] phpMyChat Multiple Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Security Bypass, Cross Site Scripting, Exposure of system
information, Exposure of sensitive information
Released: 2004-06-18
HEX has reported a vulnerability in phpMyChat, which can be exploited
by malicious people to bypass authentication, conduct cross-site
scripting and SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/11894/
--
[SA11888] Symantec Various Firewall Products DNS Proxy Cache Poisoning
Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Spoofing, Manipulation of data
Released: 2004-06-18
fryxar has discovered a vulnerability in various Symantec firewall
products, which can be exploited by malicious people to poison the DNS
cache.
Full Advisory:
http://secunia.com/advisories/11888/
--
[SA11901] Opera Address Bar Spoofing Security Issue
Critical: Less critical
Where: From remote
Impact: Spoofing
Released: 2004-06-22
bitlance winter has reported a security issue in the Opera browser,
which potentially can be exploited by malicious people to conduct
phishing attacks against a user.
Full Advisory:
http://secunia.com/advisories/11901/
========================================================================
Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Subscribe:
http://secunia.com/secunia_weekly_summary/
Contact details:
Web : http://secunia.com/
E-mail : support@private
Tel : +45 70 20 51 44
Fax : +45 70 20 51 45
========================================================================
_________________________________________
ISN mailing list
Sponsored by: OSVDB.org - For 15 cents a day, you could help feed an InfoSec junkie!
(Broke? Spend 15 minutes a day on the project!)
This archive was generated by hypermail 2b30 : Thu Jun 24 2004 - 05:31:05 PDT