======================================================================== The Secunia Weekly Advisory Summary 2004-07-30 - 2004-08-06 This week : 49 advisories ======================================================================== Table of Contents: 1.....................................................Word From Secunia 2....................................................This Week In Brief 3...............................This Weeks Top Ten Most Read Advisories 4.......................................Vulnerabilities Summary Listing 5.......................................Vulnerabilities Content Listing ======================================================================== 1) Word From Secunia: New Features at Secunia.com Secunia has implemented various statistical features at the websites for both Secunia advisories and Virus Information. Secunia Advisories Statistics: http://secunia.com/advisory_statistics/ Examples of Specific Product Statistics: http://secunia.com/product/11/ (Internet Explorer 6) http://secunia.com/product/761/ (Opera 7.x) http://secunia.com/product/1480/ (Mozilla 1.3) Secunia Virus Information Statistics: http://secunia.com/virus_statistics/ Furthermore, Secunia has made it possible for you to include all graphs available at secunia.com on your own website. This is described in detail at: http://secunia.com/secunia_image_inclusion/ ======================================================================== 2) This Week in Brief: ADVISORIES: Chris Evans has discovered multiple vulnerabilities in the very widely used image library libpng. Some of these vulnerabilities could be exploited to compromise a vulnerable system. Many Linux distributions have already issued updated packages, and some standalone programs have also issued new versions to address the vulnerabilities. Please refer to Secunia.com for further information on updated distributions and programs. Reference: http://secunia.com/SA12219 -- Microsoft issued a very rare "out-of-cycle" patch for Internet Explorer addressing three vulnerabilities, which all could be exploited to compromise a user's system. Among the addressed vulnerabilities, there is also a fix for an older vulnerability that has actively been used by attackers to compromise users' systems and install e.g. adware. Reference: http://secunia.com/SA12192 -- Mozilla / Mozilla Firefox is vulnerable to a very sophisticated spoofing issue using XUL (XML User Interface Language), which could be exploited to spoof the whole user interface (including tool bars, SSL certificate dialogs, address bar and more). Reference: http://secunia.com/SA12188 VIRUS ALERTS: Secunia has not issued any virus alerts during the last week. ======================================================================== 3) This Weeks Top Ten Most Read Advisories: 1. [SA12188] Mozilla / Mozilla Firefox User Interface Spoofing Vulnerability 2. [SA12192] Microsoft Internet Explorer Multiple Vulnerabilities 3. [SA12048] Microsoft Internet Explorer Multiple Vulnerabilities 4. [SA11978] Multiple Browsers Frame Injection Vulnerability 5. [SA11793] Internet Explorer Local Resource Access and Cross-Zone Scripting Vulnerabilities 6. [SA12204] Mozilla / Netscape SOAPParameter Integer Overflow Vulnerability 7. [SA12160] Mozilla / Mozilla Firefox "onunload" SSL Certificate Spoofing 8. [SA12212] PuTTY Authentication Process Buffer Overflow Vulnerabilities 9. [SA12219] libpng Multiple Vulnerabilities 10. [SA10856] Mozilla Multiple Vulnerabilities ======================================================================== 4) Vulnerabilities Summary Listing Windows: [SA12218] MailEnable Professional HTTPMail "Content-Length:" Buffer Overflow Vulnerability [SA12203] BlackJumboDog FTP Commands Buffer Overflow Vulnerability [SA12192] Microsoft Internet Explorer Multiple Vulnerabilities [SA12183] Comersus SQL Injection and Cross-Site Scripting Vulnerabilities [SA12217] StackDefender Invalid Pointer Dereference Denial of Service Vulnerabilities [SA12199] Webcam Watchdog "sresult.exe" Cross-Site Scripting Vulnerability UNIX/Linux: [SA12234] Red Hat update for mozilla [SA12228] Gentoo update for libpng [SA12225] Red Hat update for libpng [SA12223] Fedora update for libpng [SA12222] SuSE update for libpng [SA12221] Debian update for libpng [SA12220] Mandrake update for libpng [SA12219] libpng Multiple Vulnerabilities [SA12197] Citadel/UX "USER" Command Buffer Overflow Vulnerability [SA12229] Red Hat update for glibc [SA12224] Gentoo update for courier [SA12213] Gentoo update for putty [SA12202] Horde IMP Script Insertion Vulnerability [SA12201] ripMIME Attachment Extraction Bypass [SA12195] Debian update for squirrelmail [SA12193] SCO OpenServer update for OpenSSL [SA12191] DansGuardian Banned Extension Filter Bypass Vulnerability [SA12186] Gentoo update for phpMyAdmin [SA12185] Red Hat update for ipsec-tools [SA12184] Red Hat update for SoX [SA12182] Mandrake update for wv [SA12216] SGI IRIX CDE Multiple Vulnerabilities [SA12215] Fedora update for kernel [SA12214] DGen Insecure Temporary File Creation Vulnerability [SA12211] Red Hat update for kernel [SA12210] Linux Kernel File Offset Pointer Handling Memory Disclosure Vulnerability [SA12196] UnixWare / Open UNIX Xsco Buffer Overflow Vulnerabilities [SA12187] OpenServer uudecode Insecure Temporary File Creation Vulnerability [SA12205] Oracle9i Application Server Privilege Escalation Issue Other: [SA12208] NetScreen ScreenOS SSHv1 Denial of Service Vulnerability [SA12207] U.S. Robotics Wireless Access Point Denial of Service Cross Platform: [SA12232] Mozilla / Mozilla Firefox / Mozilla Thunderbird libpng Vulnerabilities [SA12204] Mozilla / Netscape SOAPParameter Integer Overflow Vulnerability [SA12233] Opera Browser "location" Object Write Access Vulnerability [SA12230] JetBoxOne CMS Arbitrary File Upload Vulnerability [SA12212] PuTTY Authentication Process Buffer Overflow Vulnerabilities [SA12200] WHM AutoPilot Username and Password Retrieval [SA12190] lostbook Script Insertion Vulnerability [SA12189] LinPHA User Authentication Bypass Vulnerability [SA12188] Mozilla / Mozilla Firefox User Interface Spoofing Vulnerability [SA12231] eNdonesia Cross-Site Scripting Vulnerability [SA12209] WackoWiki textsearch Cross-Site Scripting Vulnerability [SA12206] Sun Java JRE/SDK XSLT Processor Vulnerability ======================================================================== 5) Vulnerabilities Content Listing Windows:-- [SA12218] MailEnable Professional HTTPMail "Content-Length:" Buffer Overflow Vulnerability Critical: Highly critical Where: From remote Impact: System access, DoS Released: 2004-08-04 CoolICE has reported a vulnerability in MailEnable Professional, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/12218/ -- [SA12203] BlackJumboDog FTP Commands Buffer Overflow Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2004-08-02 Chew Keong TAN has reported a vulnerability in BlackJumboDog, potentially allowing malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/12203/ -- [SA12192] Microsoft Internet Explorer Multiple Vulnerabilities Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2004-07-30 Microsoft has issued an update for Internet Explorer. This fixes three vulnerabilities, allowing malicious websites to cause a DoS (Denial of Service) or compromise a user's system. Full Advisory: http://secunia.com/advisories/12192/ -- [SA12183] Comersus SQL Injection and Cross-Site Scripting Vulnerabilities Critical: Moderately critical Where: From remote Impact: Cross Site Scripting, Manipulation of data Released: 2004-08-03 Two vulnerabilities have been reported in Comersus, allowing malicious people to conduct SQL injection and cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/12183/ -- [SA12217] StackDefender Invalid Pointer Dereference Denial of Service Vulnerabilities Critical: Less critical Where: From remote Impact: DoS Released: 2004-08-04 iDEFENSE has reported two vulnerabilities in StackDefender, which potentially can be exploited by malicious people to crash a system protected by StackDefender. Full Advisory: http://secunia.com/advisories/12217/ -- [SA12199] Webcam Watchdog "sresult.exe" Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2004-08-02 Dr_insane has reported a vulnerability in Webcam Watchdog, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/12199/ UNIX/Linux:-- [SA12234] Red Hat update for mozilla Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2004-08-05 Red Hat has issued an update for mozilla. This fixes multiple vulnerabilities, where the most serious can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/12234/ -- [SA12228] Gentoo update for libpng Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2004-08-05 Gentoo has issued an update for libpng. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/12228/ -- [SA12225] Red Hat update for libpng Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2004-08-05 Red Hat has issued an update for libpng. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/12225/ -- [SA12223] Fedora update for libpng Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2004-08-05 Fedora has issued an update for libpng. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/12223/ -- [SA12222] SuSE update for libpng Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2004-08-05 SuSE has issued an update for libpng. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/12222/ -- [SA12221] Debian update for libpng Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2004-08-05 Debian has issued an update for libpng. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/12221/ -- [SA12220] Mandrake update for libpng Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2004-08-05 MandrakeSoft has issued an update for libpng. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/12220/ -- [SA12219] libpng Multiple Vulnerabilities Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2004-08-05 Chris Evans has discovered multiple vulnerabilities in libpng, which can be exploited by malicious people to compromise a vulnerable system or cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/12219/ -- [SA12197] Citadel/UX "USER" Command Buffer Overflow Vulnerability Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2004-08-03 CoKi has reported a vulnerability in Citadel/UX, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/12197/ -- [SA12229] Red Hat update for glibc Critical: Moderately critical Where: From remote Impact: System access Released: 2004-08-05 Red Hat has issued an update for glibc. This fixes an old vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/12229/ -- [SA12224] Gentoo update for courier Critical: Moderately critical Where: From remote Impact: Cross Site Scripting Released: 2004-08-05 Gentoo has issued an update for courier. This fixes a vulnerability, which can be exploited by malicious people to conduct script insertion attacks. Full Advisory: http://secunia.com/advisories/12224/ -- [SA12213] Gentoo update for putty Critical: Moderately critical Where: From remote Impact: System access Released: 2004-08-05 Gentoo has issued an update for putty. This fixes two vulnerabilities, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/12213/ -- [SA12202] Horde IMP Script Insertion Vulnerability Critical: Moderately critical Where: From remote Impact: Cross Site Scripting Released: 2004-08-03 A vulnerability has been discovered in Horde IMP, which can be exploited by malicious people to conduct script insertion attacks. Full Advisory: http://secunia.com/advisories/12202/ -- [SA12201] ripMIME Attachment Extraction Bypass Critical: Moderately critical Where: From remote Impact: Security Bypass Released: 2004-08-03 A security issue has been reported in ripMIME, potentially allowing malicious people to bypass filtering software. Full Advisory: http://secunia.com/advisories/12201/ -- [SA12195] Debian update for squirrelmail Critical: Moderately critical Where: From remote Impact: Cross Site Scripting Released: 2004-08-03 Debian has issued an update for squirrelmail. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting, script insertion, and SQL injection attacks. Full Advisory: http://secunia.com/advisories/12195/ -- [SA12193] SCO OpenServer update for OpenSSL Critical: Moderately critical Where: From remote Impact: DoS Released: 2004-08-02 SCO has issued updated packages for OpenSSL. These fix three vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial-of-Service). Full Advisory: http://secunia.com/advisories/12193/ -- [SA12191] DansGuardian Banned Extension Filter Bypass Vulnerability Critical: Moderately critical Where: From remote Impact: Security Bypass Released: 2004-07-30 Ruben Molina has reported a vulnerability in DansGuardian, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/12191/ -- [SA12186] Gentoo update for phpMyAdmin Critical: Moderately critical Where: From remote Impact: System access, Security Bypass Released: 2004-07-30 Gentoo has issued an update for phpMyAdmin. This fixes two vulnerabilities, which can be exploited by malicious people to manipulate certain configuration settings and inject arbitrary code. Full Advisory: http://secunia.com/advisories/12186/ -- [SA12185] Red Hat update for ipsec-tools Critical: Moderately critical Where: From remote Impact: Security Bypass Released: 2004-07-30 Red Hat has issued an update for ipsec-tools. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/12185/ -- [SA12184] Red Hat update for SoX Critical: Moderately critical Where: From remote Impact: System access Released: 2004-07-30 Red Hat has issued an update for sox. This fixes two vulnerabilities, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/12184/ -- [SA12182] Mandrake update for wv Critical: Moderately critical Where: From remote Impact: System access Released: 2004-07-30 Mandrakesoft has issued an update for wv. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/12182/ -- [SA12216] SGI IRIX CDE Multiple Vulnerabilities Critical: Moderately critical Where: From local network Impact: Privilege escalation, System access Released: 2004-08-04 SGI has confirmed multiple vulnerabilities in CDE, which can be exploited by malicious people to compromise a vulnerable system or gain escalated privileges. Full Advisory: http://secunia.com/advisories/12216/ -- [SA12215] Fedora update for kernel Critical: Less critical Where: Local system Impact: Exposure of system information, Exposure of sensitive information Released: 2004-08-04 Fedora has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious, local users to gain knowledge of sensitive information in kernel memory. Full Advisory: http://secunia.com/advisories/12215/ -- [SA12214] DGen Insecure Temporary File Creation Vulnerability Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2004-08-04 Joey Hess has reported a vulnerability in DGen, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges. Full Advisory: http://secunia.com/advisories/12214/ -- [SA12211] Red Hat update for kernel Critical: Less critical Where: Local system Impact: Exposure of system information, Exposure of sensitive information, DoS Released: 2004-08-04 Red Hat has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to gain knowledge of sensitive information or cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/12211/ -- [SA12210] Linux Kernel File Offset Pointer Handling Memory Disclosure Vulnerability Critical: Less critical Where: Local system Impact: Exposure of system information, Exposure of sensitive information Released: 2004-08-04 Paul Starzetz has reported a vulnerability in the Linux kernel, which can be exploited by malicious, local users to disclose sensitive information in kernel memory. Full Advisory: http://secunia.com/advisories/12210/ -- [SA12196] UnixWare / Open UNIX Xsco Buffer Overflow Vulnerabilities Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2004-08-02 SCO has confirmed some vulnerabilities in UnixWare and Open UNIX, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/12196/ -- [SA12187] OpenServer uudecode Insecure Temporary File Creation Vulnerability Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2004-08-02 SCO has confirmed an old vulnerability in OpenServer, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/12187/ -- [SA12205] Oracle9i Application Server Privilege Escalation Issue Critical: Not critical Where: Local system Impact: Privilege escalation Released: 2004-08-03 Juan Manuel Pascual Escriba has reported a security issue in Oracle9i Application Server, allowing malicious local users to escalate their privileges. Full Advisory: http://secunia.com/advisories/12205/ Other:-- [SA12208] NetScreen ScreenOS SSHv1 Denial of Service Vulnerability Critical: Moderately critical Where: From remote Impact: DoS Released: 2004-08-04 Mark Ellzey Thomas has discovered a vulnerability in ScreenOS, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/12208/ -- [SA12207] U.S. Robotics Wireless Access Point Denial of Service Critical: Less critical Where: From local network Impact: DoS Released: 2004-08-03 Albert Puigsech Galicia has reported a vulnerability in U.S. Robotics Wireless Access Point 8054 Series, allowing malicious people to cause a Denial of Service. Full Advisory: http://secunia.com/advisories/12207/ Cross Platform:-- [SA12232] Mozilla / Mozilla Firefox / Mozilla Thunderbird libpng Vulnerabilities Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2004-08-05 Mozilla has confirmed some vulnerabilities in Mozilla, Mozilla Firefox, and Mozilla Thunderbird, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/12232/ -- [SA12204] Mozilla / Netscape SOAPParameter Integer Overflow Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2004-08-03 zen-parse has reported a vulnerability in Mozilla and Netscape, potentially allowing malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/12204/ -- [SA12233] Opera Browser "location" Object Write Access Vulnerability Critical: Moderately critical Where: From remote Impact: Cross Site Scripting, Spoofing, Exposure of sensitive information Released: 2004-08-05 GreyMagic has discovered a vulnerability in Opera, allowing a malicious website to steal sensitive information and conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/12233/ -- [SA12230] JetBoxOne CMS Arbitrary File Upload Vulnerability Critical: Moderately critical Where: From remote Impact: System access Released: 2004-08-05 y3dips has reported a vulnerability in Jetbox One, allowing malicious users to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/12230/ -- [SA12212] PuTTY Authentication Process Buffer Overflow Vulnerabilities Critical: Moderately critical Where: From remote Impact: System access Released: 2004-08-04 Core Security Technologies has discovered two vulnerabilities in PuTTY, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/12212/ -- [SA12200] WHM AutoPilot Username and Password Retrieval Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information Released: 2004-08-03 A vulnerability has been reported in WHM AutoPilot, allowing malicious people to retrieve usernames and clear text passwords. Full Advisory: http://secunia.com/advisories/12200/ -- [SA12190] lostbook Script Insertion Vulnerability Critical: Moderately critical Where: From remote Impact: Cross Site Scripting Released: 2004-07-30 r3d5pik3 has reported a vulnerability in lostBook, which can be exploited by malicious people to conduct script insertion attacks. Full Advisory: http://secunia.com/advisories/12190/ -- [SA12189] LinPHA User Authentication Bypass Vulnerability Critical: Moderately critical Where: From remote Impact: Security Bypass, Exposure of system information, Exposure of sensitive information Released: 2004-07-30 Fernando Quintero has reported a vulnerability in LinPHA, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/12189/ -- [SA12188] Mozilla / Mozilla Firefox User Interface Spoofing Vulnerability Critical: Moderately critical Where: From remote Impact: Spoofing Released: 2004-07-30 A vulnerability has been reported in Mozilla and Mozilla Firefox, allowing malicious websites to spoof the user interface. Full Advisory: http://secunia.com/advisories/12188/ -- [SA12231] eNdonesia Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2004-08-05 y3dips has reported a vulnerability in eNdonesia, allowing malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/12231/ -- [SA12209] WackoWiki textsearch Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2004-08-04 A vulnerability has been reported in WackoWiki, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/12209/ -- [SA12206] Sun Java JRE/SDK XSLT Processor Vulnerability Critical: Less critical Where: From remote Impact: Exposure of sensitive information, Privilege escalation Released: 2004-08-03 Marc Schoenefeld has discovered a vulnerability in Sun Java JRE/SDK, allowing an untrusted applet to gain escalated privileges on a vulnerable system. Full Advisory: http://secunia.com/advisories/12206/ ======================================================================== Secunia recommends that you verify all advisories you receive, by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Subscribe: http://secunia.com/secunia_weekly_summary/ Contact details: Web : http://secunia.com/ E-mail : support@private Tel : +45 70 20 51 44 Fax : +45 70 20 51 45 ======================================================================== _________________________________________ Help InfoSec News with a donation: http://www.c4i.org/donation.html
This archive was generated by hypermail 2.1.3 : Fri Aug 06 2004 - 05:39:17 PDT