========================================================================
The Secunia Weekly Advisory Summary
2004-07-08 - 2004-07-15
This week : 42 advisories
========================================================================
Table of Contents:
1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing
========================================================================
1) Word From Secunia:
New Features at Secunia.com
Secunia has implemented various statistical features at the websites
for both Secunia advisories and Virus Information.
Secunia Advisories Statistics:
http://secunia.com/advisory_statistics/
Examples of Specific Product Statistics:
http://secunia.com/product/11/ (Internet Explorer 6)
http://secunia.com/product/761/ (Opera 7.x)
http://secunia.com/product/1480/ (Mozilla 1.3)
Secunia Virus Information Statistics:
http://secunia.com/virus_statistics/
Furthermore, Secunia has made it possible for you to include all graphs
available at secunia.com on your own website.
This is described in detail at:
http://secunia.com/secunia_image_inclusion/
========================================================================
2) This Week in Brief:
ADVISORIES:
This week, Microsoft issued 7 new security bulletins, fixing various
issues in Microsoft Windows, Microsoft Outlook, and Microsoft Internet
Informaion Server.
The issues range from local privilege esclation to remote system
access vulnerabilities.
It finally seems like Microsoft decided to change the behaviour of the
widely abused shell: URI handler functionality, which so many exploits
rely on. The downside to this is that we still have some unfixed
issues in Internet Explorer, which are still potentially dangerous.
The 7 bulletins are described in the following Secunia Advisories:
http://secunia.com/SA12059
http://secunia.com/SA12058
http://secunia.com/SA12051
http://secunia.com/SA12038
http://secunia.com/SA12060
http://secunia.com/SA12061
http://secunia.com/SA12062
--
Just hours before Microsoft released their patches as part of the
monthly release cycle, 4 new vulnerabilities in Internet Explorer
were published.
Because http-equiv managed to create an exploit, which could be used
to compromise a vulnerable system, Secunia decided to rate the
advisory extremely critical.
These 4 new vulnerabilities are still unpatched. However, the exploit
made by http-equiv doesn't work after applying the patch in SA12058.
Reference:
http://secunia.com/SA12048
--
VIRUS ALERTS:
Secunia has not issued any virus alerts during the last week.
========================================================================
3) This Weeks Top Ten Most Read Advisories:
1. [SA12048] Microsoft Internet Explorer Multiple Vulnerabilities
2. [SA11978] Multiple Browsers Frame Injection Vulnerability
3. [SA11793] Internet Explorer Local Resource Access and Cross-Zone
Scripting Vulnerabilities
4. [SA12027] Mozilla Fails to Restrict Access to "shell:"
5. [SA12028] Opera Browser Address Bar Spoofing Vulnerability
6. [SA11966] Internet Explorer Frame Injection Vulnerability
7. [SA12042] Microsoft Products Fail to Restrict "shell:" Access
8. [SA9711] Microsoft Internet Explorer Multiple Vulnerabilities
9. [SA12041] Microsoft Outlook / Word Object Tag Vulnerability
10. [SA12053] Adobe Acrobat / Reader File Extension Buffer Overflow
Vulnerability
========================================================================
4) Vulnerabilities Summary Listing
Windows:
[SA12048] Microsoft Internet Explorer Multiple Vulnerabilities
[SA12061] Microsoft Internet Information Server Redirection Buffer
Overflow Vulnerability
[SA12059] Microsoft Windows showHelp and HTML Help Vulnerabilities
[SA12071] Gattaca Server 2003 Multiple Vulnerabilities
[SA12060] Microsoft Windows Task Scheduler Buffer Overflow
Vulnerability
[SA12058] Microsoft Windows / Internet Explorer File Download Extension
Spoofing
[SA12056] INweb Mail Server Multiple Connection Denial of Service
Vulnerability
[SA12053] Adobe Acrobat / Reader File Extension Buffer Overflow
Vulnerability
[SA12046] IBM Lotus Notes Client Unspecified Java Applet Handling
Vulnerabilities
[SA12042] Microsoft Products Fail to Restrict "shell:" Access
[SA12041] Microsoft Outlook / Word Object Tag Vulnerability
[SA12039] Ability Mail Server Cross-Site Scripting and Denial of
Service Vulnerabilities
[SA12062] Microsoft Windows POSIX Subsystem Privilege Escalation
Vulnerability
[SA12051] Microsoft Windows 2000 Utility Manager Privilege Escalation
Vulnerability
[SA12033] DiamondCS Process Guard Protection Features Disabling
Vulnerability
[SA12047] Microsoft Java Virtual Machine Cross-Site Communication
Vulnerability
[SA12043] Sun Java Predictable File Location Weakness
[SA12038] Microsoft Outlook Express Header Validation Denial of Service
Weakness
UNIX/Linux:
[SA12070] Mandrake update for php
[SA12063] 4D WebSTAR Multiple Vulnerabilities
[SA12032] SSLtelnet Error Logging Format String Vulnerability
[SA12072] Gentoo update for kernel
[SA12069] Mandrake update for freeswan / super-freeswan
[SA12066] Gentoo update for wv
[SA12045] Moodle Unspecified Front Page Vulnerability
[SA12040] wv Library Document DateTime Field Buffer Overflow
Vulnerability
[SA12068] Fedora update for ethereal
[SA12035] Gentoo update for ethereal
[SA12034] Mandrake update for ethereal
[SA12031] OpenPKG update for dhcpd
[SA12065] Moodle "help.php" Cross-Site Scripting Vulnerability
[SA12057] Bugzilla Multiple Vulnerabilities
[SA12054] Gentoo update for rsync
[SA12036] Gentoo update for MoinMoin
[SA12037] Fedora im-switch Insecure Temporary File Creation
Vulnerability
[SA12030] Gentoo update for shorewall
[SA12029] Shorewall Insecure Temporary File Creation Vulnerability
Other:
[SA12067] Novell Bordermanager VPN Service Unspecified Denial of
Service
Cross Platform:
[SA12064] PHP "strip_tags()" Function and memory_limit Vulnerabilities
[SA12055] phpBB Two Unspecified Vulnerabilities
[SA12052] IBM Lotus Sametime GSKit Denial of Service Vulnerability
[SA12028] Opera Browser Address Bar Spoofing Vulnerability
========================================================================
5) Vulnerabilities Content Listing
Windows:--
[SA12048] Microsoft Internet Explorer Multiple Vulnerabilities
Critical: Extremely critical
Where: From remote
Impact: Security Bypass, Spoofing, System access
Released: 2004-07-13
Paul has reported some vulnerabilities in Internet Explorer, allowing
malicious people to bypass security restrictions and potentially
compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/12048/
--
[SA12061] Microsoft Internet Information Server Redirection Buffer
Overflow Vulnerability
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-07-13
Microsoft has released an update for Internet Information Server. This
fixes a vulnerability, allowing malicious people to compromise a
vulnerable system.
Full Advisory:
http://secunia.com/advisories/12061/
--
[SA12059] Microsoft Windows showHelp and HTML Help Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: Security Bypass, System access
Released: 2004-07-13
Microsoft has issued an update for Windows. This fixes two
vulnerabilities, allowing malicious websites to compromise a vulnerable
system.
Full Advisory:
http://secunia.com/advisories/12059/
--
[SA12071] Gattaca Server 2003 Multiple Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Exposure of system information, DoS
Released: 2004-07-15
Dr_insane has reported multiple vulnerabilities in Gattaca Server 2003,
which can be exploited by malicious people to disclose system
information, cause a DoS (Denial of Service), or conduct cross-site
scripting attacks.
Full Advisory:
http://secunia.com/advisories/12071/
--
[SA12060] Microsoft Windows Task Scheduler Buffer Overflow
Vulnerability
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2004-07-13
Microsoft has issued an update for Windows. This fixes a vulnerability,
allowing malicious websites to execute arbitrary code on a vulnerable
system.
Full Advisory:
http://secunia.com/advisories/12060/
--
[SA12058] Microsoft Windows / Internet Explorer File Download Extension
Spoofing
Critical: Moderately critical
Where: From remote
Impact: Security Bypass
Released: 2004-07-13
Microsoft has issued an update for Microsoft Windows. This fixes a
vulnerability, allowing malicious web sites to spoof the extension of
files being downloaded.
Full Advisory:
http://secunia.com/advisories/12058/
--
[SA12056] INweb Mail Server Multiple Connection Denial of Service
Vulnerability
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2004-07-13
Dr_insane has reported a vulnerability in INweb Mail Server, which can
be exploited by malicious people to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/12056/
--
[SA12053] Adobe Acrobat / Reader File Extension Buffer Overflow
Vulnerability
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2004-07-13
Greg MacManus has discovered a vulnerability in Adobe Acrobat / Reader,
which potentially can be exploited by malicious people to compromise a
user's system.
Full Advisory:
http://secunia.com/advisories/12053/
--
[SA12046] IBM Lotus Notes Client Unspecified Java Applet Handling
Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Unknown
Released: 2004-07-13
Jouko Pynnonen has reportedly discovered three vulnerabilities with an
unknown impact in the Lotus Notes clients.
Full Advisory:
http://secunia.com/advisories/12046/
--
[SA12042] Microsoft Products Fail to Restrict "shell:" Access
Critical: Moderately critical
Where: From remote
Impact: Security Bypass
Released: 2004-07-12
Jesse Ruderman has reported a vulnerability in MSN Messenger and
Microsoft Word, allowing access to the Windows "shell:" functionality.
Full Advisory:
http://secunia.com/advisories/12042/
--
[SA12041] Microsoft Outlook / Word Object Tag Vulnerability
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2004-07-12
James C. Slora has reported a vulnerability in Microsoft Word and
Outlook, potentially allowing malicious people to gain system access.
Full Advisory:
http://secunia.com/advisories/12041/
--
[SA12039] Ability Mail Server Cross-Site Scripting and Denial of
Service Vulnerabilities
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting, DoS
Released: 2004-07-12
Dr_insane has reported two vulnerabilities in Ability Mail Server,
which can be exploited by malicious people to conduct cross-site
scripting attacks and cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/12039/
--
[SA12062] Microsoft Windows POSIX Subsystem Privilege Escalation
Vulnerability
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-07-13
Rafal Wojtczuk has reported a vulnerability in Microsoft Windows, which
can be exploited by malicious, local users to gain escalated
privileges.
Full Advisory:
http://secunia.com/advisories/12062/
--
[SA12051] Microsoft Windows 2000 Utility Manager Privilege Escalation
Vulnerability
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-07-13
Cesar Cerrudo has discovered a vulnerability in Microsoft Windows 2000,
which can be exploited by malicious, local users to gain escalated
privileges.
Full Advisory:
http://secunia.com/advisories/12051/
--
[SA12033] DiamondCS Process Guard Protection Features Disabling
Vulnerability
Critical: Less critical
Where: Local system
Impact: Security Bypass
Released: 2004-07-09
Tan Chew Keong has reported a vulnerability in DiamondCS Process Guard,
which can be exploited certain malicious processes to disable the
security features provided by the product.
Full Advisory:
http://secunia.com/advisories/12033/
--
[SA12047] Microsoft Java Virtual Machine Cross-Site Communication
Vulnerability
Critical: Not critical
Where: From remote
Impact: Security Bypass
Released: 2004-07-12
Marc Schoenefeld has reported a vulnerability in Microsoft Java Virtual
Machine, allowing Java applets originating from different domains to
communicate.
Full Advisory:
http://secunia.com/advisories/12047/
--
[SA12043] Sun Java Predictable File Location Weakness
Critical: Not critical
Where: From remote
Impact: Unknown
Released: 2004-07-12
A weakness has been reported in Sun Java, allowing malicious websites
to write arbitrary content to a file with an easily guessable name.
Full Advisory:
http://secunia.com/advisories/12043/
--
[SA12038] Microsoft Outlook Express Header Validation Denial of Service
Weakness
Critical: Not critical
Where: From remote
Impact: DoS
Released: 2004-07-13
A weakness has been discovered in Microsoft Outlook Express 6, which
can be exploited by malicious people to cause a DoS (Denial of
Service).
Full Advisory:
http://secunia.com/advisories/12038/
UNIX/Linux:--
[SA12070] Mandrake update for php
Critical: Highly critical
Where: From remote
Impact: System access, Security Bypass
Released: 2004-07-15
MandrakeSoft has issued an update for php. This fixes two
vulnerabilities, which can be exploited by malicious people to bypass
certain security functionality or compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/12070/
--
[SA12063] 4D WebSTAR Multiple Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: Privilege escalation, System access, Exposure of sensitive
information, Exposure of system information
Released: 2004-07-14
@stake has reported multiple vulnerabilities in 4D WebSTAR, which can
be exploited to compromise a vulnerable system, gain escalated
privileges or disclose information.
Full Advisory:
http://secunia.com/advisories/12063/
--
[SA12032] SSLtelnet Error Logging Format String Vulnerability
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-07-09
A vulnerability has been reported in SSLtelnet, which potentially can
be exploited by malicious people to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/12032/
--
[SA12072] Gentoo update for kernel
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2004-07-15
Gentoo has issued an update for the kernel. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).
Full Advisory:
http://secunia.com/advisories/12072/
--
[SA12069] Mandrake update for freeswan / super-freeswan
Critical: Moderately critical
Where: From remote
Impact: Security Bypass, DoS
Released: 2004-07-15
MandrakeSoft has issued updates for freeswan and super-freeswan. These
fix a vulnerability, which can be exploited by malicious people to
cause a DoS (Denial of Service) or bypass certain security
restrictions.
Full Advisory:
http://secunia.com/advisories/12069/
--
[SA12066] Gentoo update for wv
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2004-07-14
Gentoo has issued an update for wv. This fixes a vulnerability, which
potentially can be exploited by malicious people to compromise a user's
system.
Full Advisory:
http://secunia.com/advisories/12066/
--
[SA12045] Moodle Unspecified Front Page Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Unknown
Released: 2004-07-12
An unspecified vulnerability with an unknown impact has been reported
in Moodle.
Full Advisory:
http://secunia.com/advisories/12045/
--
[SA12040] wv Library Document DateTime Field Buffer Overflow
Vulnerability
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2004-07-13
Karol Weisek has reported a vulnerability in wv, which potentially can
be exploited by malicious people to compromise a user's system.
Full Advisory:
http://secunia.com/advisories/12040/
--
[SA12068] Fedora update for ethereal
Critical: Moderately critical
Where: From local network
Impact: DoS, System access
Released: 2004-07-15
Fedora has issued an update for Ethereal. This fixes multiple
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service) or compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/12068/
--
[SA12035] Gentoo update for ethereal
Critical: Moderately critical
Where: From local network
Impact: System access, DoS
Released: 2004-07-12
Gentoo has issued an update for Ethereal. This fixes multiple
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service) or compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/12035/
--
[SA12034] Mandrake update for ethereal
Critical: Moderately critical
Where: From local network
Impact: DoS, System access
Released: 2004-07-12
MandrakeSoft has issued an update for Ethereal. This fixes multiple
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service) or compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/12034/
--
[SA12031] OpenPKG update for dhcpd
Critical: Moderately critical
Where: From local network
Impact: DoS, System access
Released: 2004-07-09
OpenPKG has issued an update for dhcpd. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service) or potentially compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/12031/
--
[SA12065] Moodle "help.php" Cross-Site Scripting Vulnerability
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2004-07-14
Thomas Waldegger has reported a vulnerability in Moodle, which can be
exploited by malicious people to conduct cross-site scripting attacks.
Full Advisory:
http://secunia.com/advisories/12065/
--
[SA12057] Bugzilla Multiple Vulnerabilities
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting, Manipulation of data, Exposure of
system information, Exposure of sensitive information, Privilege
escalation
Released: 2004-07-14
Multiple vulnerabilities have been reported in Bugzilla, which can be
exploited by malicious users to gain knowledge of sensitive
information, or conduct cross-site scripting and SQL injection
attacks.
Full Advisory:
http://secunia.com/advisories/12057/
--
[SA12054] Gentoo update for rsync
Critical: Less critical
Where: From remote
Impact: Manipulation of data, Security Bypass
Released: 2004-07-13
Gentoo has issued an update for rsync. This fixes a vulnerability,
potentially allowing malicious people to write files outside the
intended directory.
Full Advisory:
http://secunia.com/advisories/12054/
--
[SA12036] Gentoo update for MoinMoin
Critical: Less critical
Where: From remote
Impact: Privilege escalation
Released: 2004-07-12
Gentoo has issued an update for MoinMoin. This fixes a vulnerability,
which can be exploited by malicious users to gain escalated
privileges.
Full Advisory:
http://secunia.com/advisories/12036/
--
[SA12037] Fedora im-switch Insecure Temporary File Creation
Vulnerability
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-07-13
Tatsuo Sekine has reported a vulnerability in Fedora, which can be
exploited by malicious, local users to perform certain actions on a
vulnerable system with escalated privileges.
Full Advisory:
http://secunia.com/advisories/12037/
--
[SA12030] Gentoo update for shorewall
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-07-09
Gentoo has issued an update for shorewall. This fixes a vulnerability,
which can be exploited by malicious, local users to perform certain
actions on a vulnerable system with escalated privileges.
Full Advisory:
http://secunia.com/advisories/12030/
--
[SA12029] Shorewall Insecure Temporary File Creation Vulnerability
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-07-09
Javier Fernández-Sanguino Peña has discovered a vulnerability in
Shorewall, which can be exploited by malicious, local users to perform
certain actions on a vulnerable system with escalated privileges.
Full Advisory:
http://secunia.com/advisories/12029/
Other:--
[SA12067] Novell Bordermanager VPN Service Unspecified Denial of
Service
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2004-07-15
A vulnerability has been reported in Novell BorderManager, which can be
exploited by malicious people to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/12067/
Cross Platform:--
[SA12064] PHP "strip_tags()" Function and memory_limit Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: Security Bypass, System access
Released: 2004-07-14
Stefan Esser has reported two vulnerabilities in PHP, which can be
exploited by malicious people to bypass certain security functionality
or compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/12064/
--
[SA12055] phpBB Two Unspecified Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Unknown, Security Bypass, Cross Site Scripting, Spoofing,
Manipulation of data
Released: 2004-07-13
phpBB Group has released a new version of phpBB, which fixes two
unspecified and some known vulnerabilities.
Full Advisory:
http://secunia.com/advisories/12055/
--
[SA12052] IBM Lotus Sametime GSKit Denial of Service Vulnerability
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2004-07-13
A vulnerability has been discovered in IBM Lotus Sametime, which can be
exploited by malicious people to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/12052/
--
[SA12028] Opera Browser Address Bar Spoofing Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Spoofing
Released: 2004-07-08
bitlance winter has discovered a vulnerability in the Opera browser,
which potentially can be exploited by malicious people to conduct
phishing attacks against a user.
Full Advisory:
http://secunia.com/advisories/12028/
========================================================================
Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Subscribe:
http://secunia.com/secunia_weekly_summary/
Contact details:
Web : http://secunia.com/
E-mail : support@private
Tel : +45 70 20 51 44
Fax : +45 70 20 51 45
========================================================================
_________________________________________
Help InfoSec News with a donation: http://www.c4i.org/donation.html
This archive was generated by hypermail 2.1.3 : Fri Jul 16 2004 - 03:10:07 PDT