[ISN] Secunia Weekly Summary - Issue: 2004-34

From: InfoSec News (isn@private)
Date: Fri Aug 20 2004 - 01:25:42 PDT


========================================================================

                  The Secunia Weekly Advisory Summary                  
                        2004-08-12 - 2004-08-19                        

                       This week : 40 advisories                       

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing

========================================================================
1) Word From Secunia:

The Secunia staff is spending hours every day to assure you the best
and most reliable source for vulnerability information. Every single 
vulnerability report is being validated and verified before a Secunia
advisory is written.

Secunia validates and verifies vulnerability reports in many different
ways e.g. by downloading the software and performing comprehensive
tests, by reviewing source code, or by validating the credibility of
the source from which the vulnerability report was issued.

As a result, Secunia's database is the most correct and complete source
for recent vulnerability information available on the Internet.

Secunia Online Vulnerability Database:
http://secunia.com/


========================================================================
2) This Week in Brief:


ADVISORIES:

Liu Die Yu has discovered a new address bar spoofing vulnerability in
Internet Explorer.

The vulnerability can be exploited by performing a sequence of steps,
which then leads to Internet Explorer not being able to update the
address bar correctly.

Secunia has made a demonstration of the vulnerability, which can be
found here:
http://secunia.com/internet_explorer_address_bar_spoofing_test_popup/

More details are available in the Secunia advisory below.

Reference:
http://secunia.com/SA12304

--

A vulnerability has been reported within an ActiveX object that comes
with Adobe Acrobat Reader 5 and Adobe Reader 6.

The vulnerability can be exploited to compromise a vulnerable
system, if the user e.g. visits a malicious web page.

Adobe has issued a fix for this problem.

Reference:
http://secunia.com/SA12303


VIRUS ALERTS:

During the last week, Secunia issued two MEDIUM RISK virus alerts.
Please refer to the grouped virus profiles below for more information:

Mydoom.n - MEDIUM RISK Virus Alert - 2004-08-16 23:36 GMT+1
http://secunia.com/virus_information/10738/mydoom.n/

RATOS.A - MEDIUM RISK Virus Alert - 2004-08-16 09:19 GMT+1
http://secunia.com/virus_information/11145/ratos.a/


========================================================================
3) This Weeks Top Ten Most Read Advisories:

1.  [SA12304] Internet Explorer Address Bar Spoofing Vulnerability
2.  [SA11978] Multiple Browsers Frame Injection Vulnerability
3.  [SA12198] AOL Instant Messenger "Away" Message Buffer Overflow
              Vulnerability
4.  [SA12280] Nokia IPSO Denial of Service Vulnerability
5.  [SA12303] Adobe Acrobat Reader ActiveX Control Buffer Overflow
              Vulnerability
6.  [SA12188] Mozilla / Mozilla Firefox User Interface Spoofing
              Vulnerability
7.  [SA11793] Internet Explorer Local Resource Access and Cross-Zone
              Scripting Vulnerabilities
8.  [SA12285] Adobe Acrobat Reader Shell Command Injection and Buffer
              Overflow Vulnerability
9.  [SA12048] Microsoft Internet Explorer Multiple Vulnerabilities
10. [SA12125] Gaim Unspecified MSN Protocol Buffer Overflow
              Vulnerabilities

========================================================================
4) Vulnerabilities Summary Listing

Windows:
[SA12303] Adobe Acrobat Reader ActiveX Control Buffer Overflow
Vulnerability
[SA12304] Internet Explorer Address Bar Spoofing Vulnerability
[SA12301] MAILsweeper for SMTP Attachment Blocking Bypass
Vulnerability
[SA12291] Kerio Mailserver Unspecified HTTP Service Vulnerabilities
[SA12278] MapInfo Discovery Cross-Site Scripting and Authentication
Bypass Vulnerability
[SA12277] MAILsweeper for SMTP PowerPoint Document Processing Denial of
Service
[SA12279] BadBlue Proxy Relay Vulnerability

UNIX/Linux:
[SA12319] YaPiG Arbitrary Command Execution Vulnerability
[SA12314] Gentoo update for xine
[SA12292] Mandrake update for gaim
[SA12287] SuSE update for gaim
[SA12283] Mandrake update for mozilla
[SA12282] Gentoo update for gaim
[SA12320] Heimdal ftpd Signal Handling Vulnerabilities
[SA12318] NetBSD update for ftpd
[SA12300] Xephyrus JST Directory Traversal Vulnerability
[SA12295] Gentoo update for acroread
[SA12289] Conectiva update for squirrelmail
[SA12285] Adobe Acrobat Reader Shell Command Injection and Buffer
Overflow Vulnerability
[SA12284] Gentoo update for kdebase / kdelibs
[SA12281] Gentoo update for gv
[SA12315] Mandrake update for rsync
[SA12313] Gentoo update for rsync
[SA12312] Trustix update for rsync
[SA12310] Debian update for rsync
[SA12307] SuSE update for rsync
[SA12294] Rsync Path Sanitation Vulnerability
[SA12286] Sympa Unauthorised List Creation Security Issue
[SA12311] Debian update for kdelibs
[SA12299] Rxvt-unicode Arbitrary Terminal Window Access Vulnerability
[SA12296] Gentoo Tomcat Privilege Escalation Vulnerability
[SA12293] Debian update for ruby
[SA12290] Ruby CGI Session Management Insecure File Creation
Vulnerability
[SA12288] Gentoo update for nessus
[SA12309] CVS File Existence Information Disclosure Weakness

Other:
[SA12280] Nokia IPSO Denial of Service Vulnerability

Cross Platform:
[SA12317] PSCRIPT Forum User Profile Script Insertion Vulnerability
[SA12308] Cacti SQL Injection and Path Disclosure Vulnerability
[SA12298] QuiXplorer Directory Traversal Vulnerability
[SA12297] Simple Form Open Mail Relay Vulnerability

========================================================================
5) Vulnerabilities Content Listing

Windows:--

[SA12303] Adobe Acrobat Reader ActiveX Control Buffer Overflow
Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2004-08-16

Rafel Ivgi has reported a vulnerability in Adobe Acrobat Reader, which
potentially can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/12303/

 --

[SA12304] Internet Explorer Address Bar Spoofing Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Spoofing
Released:    2004-08-16

Liu Die Yu has discovered a vulnerability in Internet Explorer, which
potentially can be exploited by malicious people to conduct phishing
attacks against a user.

Full Advisory:
http://secunia.com/advisories/12304/

 --

[SA12301] MAILsweeper for SMTP Attachment Blocking Bypass
Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2004-08-16

Martin O'Neal of Corsaire has reported a vulnerability in MAILsweeper
for SMTP, which can be exploited by malicious people to bypass the
attachment blocking functionality.

Full Advisory:
http://secunia.com/advisories/12301/

 --

[SA12291] Kerio Mailserver Unspecified HTTP Service Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Unknown
Released:    2004-08-13

Some vulnerabilities with an unknown impact have been reported in Kerio
MailServer.

Full Advisory:
http://secunia.com/advisories/12291/

 --

[SA12278] MapInfo Discovery Cross-Site Scripting and Authentication
Bypass Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, Exposure of
sensitive information
Released:    2004-08-12

Various vulnerabilities have been reported in MapInfo Discovery,
allowing malicious people to obtain sensitive information, conduct
cross-site scripting attacks and bypass security authentication.

Full Advisory:
http://secunia.com/advisories/12278/

 --

[SA12277] MAILsweeper for SMTP PowerPoint Document Processing Denial of
Service

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2004-08-13

A vulnerability has been reported in MAILsweeper for SMTP, which can be
exploited by malicious people to cause a DoS (Denial of Service) on a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/12277/

 --

[SA12279] BadBlue Proxy Relay Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass
Released:    2004-08-12

Texonet has reported a vulnerability in BadBlue, allowing malicious
people to relay connections.

Full Advisory:
http://secunia.com/advisories/12279/


UNIX/Linux:--

[SA12319] YaPiG Arbitrary Command Execution Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2004-08-18

aCiDBiTS has reported a vulnerability in YaPiG, which can be exploited
by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/12319/

 --

[SA12314] Gentoo update for xine

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2004-08-18

Gentoo has issued an update for xine-lib. This fixes a vulnerability,
which can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/12314/

 --

[SA12292] Mandrake update for gaim

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2004-08-13

MandrakeSoft has issued an update for gaim. This fixes multiple
vulnerabilities, which can be exploited by malicious people to
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/12292/

 --

[SA12287] SuSE update for gaim

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2004-08-13

SuSE has issued an update for gaim. This fixes multiple
vulnerabilities, which can be exploited by malicious people to
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/12287/

 --

[SA12283] Mandrake update for mozilla

Critical:    Highly critical
Where:       From remote
Impact:      Spoofing, DoS, System access
Released:    2004-08-13

MandrakeSoft has issued an update for mozilla. This fixes multiple
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service), spoof content of websites, or compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/12283/

 --

[SA12282] Gentoo update for gaim

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2004-08-13

Gentoo has issued an update for gaim. This fixes multiple
vulnerabilities, which can be exploited by malicious people to
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/12282/

 --

[SA12320] Heimdal ftpd Signal Handling Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Privilege escalation, System access
Released:    2004-08-18

Przemyslaw Frasunek has reported some vulnerabilities in Heimdal ftpd,
which potentially can be exploited by malicious users to gain escalated
privileges or compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/12320/

 --

[SA12318] NetBSD update for ftpd

Critical:    Moderately critical
Where:       From remote
Impact:      Privilege escalation, System access
Released:    2004-08-18

NetBSD has issued an update for ftpd. This fixes some vulnerabilities,
which potentially can be exploited by malicious users to gain escalated
privileges or compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/12318/

 --

[SA12300] Xephyrus JST Directory Traversal Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information
Released:    2004-08-16

A vulnerability has been reported in Xephyrus JST, which can be
exploited by malicious people to read arbitrary files on a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/12300/

 --

[SA12295] Gentoo update for acroread

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2004-08-16

Gentoo has issued an update for acroread. This fixes two
vulnerabilities, which potentially can be exploited by malicious people
to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/12295/

 --

[SA12289] Conectiva update for squirrelmail

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data, Exposure of
system information, Exposure of sensitive information
Released:    2004-08-13

Conectiva has issued an update for squirrelmail. This fixes multiple
vulnerabilities, which can be exploited by malicious people to conduct
cross-site scripting, script insertion, and SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/12289/

 --

[SA12285] Adobe Acrobat Reader Shell Command Injection and Buffer
Overflow Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2004-08-13

Greg MacManus has reported two vulnerabilities in Adobe Acrobat Reader,
which can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/12285/

 --

[SA12284] Gentoo update for kdebase / kdelibs

Critical:    Moderately critical
Where:       From remote
Impact:      Spoofing, Privilege escalation
Released:    2004-08-13

Gentoo has issued updates for kdelibs and kdebase. These fix two
vulnerabilities, which can be exploited by malicious, local users to
gain escalated privileges, and one vulnerability, which can be
exploited by malicious people to spoof the content of websites.

Full Advisory:
http://secunia.com/advisories/12284/

 --

[SA12281] Gentoo update for gv

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2004-08-13

Gentoo has issued an update for gv. This fixes an older vulnerability,
which potentially can be exploited by malicious people to compromise a
user's system.

Full Advisory:
http://secunia.com/advisories/12281/

 --

[SA12315] Mandrake update for rsync

Critical:    Less critical
Where:       From remote
Impact:      Exposure of sensitive information, Exposure of system
information
Released:    2004-08-18

MandrakeSoft has issued an update for rsync. This fixes a
vulnerability, which potentially can be exploited by malicious users to
read or write arbitrary files on a vulnerable system.

Full Advisory:
http://secunia.com/advisories/12315/

 --

[SA12313] Gentoo update for rsync

Critical:    Less critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information
Released:    2004-08-18

Gentoo has issued an update for rsync. This fixes a vulnerability,
which potentially can be exploited by malicious users to read or write
arbitrary files on a vulnerable system.

Full Advisory:
http://secunia.com/advisories/12313/

 --

[SA12312] Trustix update for rsync

Critical:    Less critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information
Released:    2004-08-17

Trustix has issued an update for rsync. This fixes a vulnerability,
which potentially can be exploited by malicious users to read or write
arbitrary files on a vulnerable system.

Full Advisory:
http://secunia.com/advisories/12312/

 --

[SA12310] Debian update for rsync

Critical:    Less critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information
Released:    2004-08-17

Debian has issued an update for rsync. This fixes a vulnerability,
which potentially can be exploited by malicious users to read or write
arbitrary files on a vulnerable system.

Full Advisory:
http://secunia.com/advisories/12310/

 --

[SA12307] SuSE update for rsync

Critical:    Less critical
Where:       From remote
Impact:      Exposure of sensitive information, Exposure of system
information
Released:    2004-08-17

SuSE has issued an update for rsync. This fixes a vulnerability, which
potentially can be exploited by malicious users to read or write
arbitrary files on a vulnerable system.

Full Advisory:
http://secunia.com/advisories/12307/

 --

[SA12294] Rsync Path Sanitation Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information
Released:    2004-08-16

A vulnerability has been reported in rsync, which potentially can be
exploited by malicious users to read or write arbitrary files on a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/12294/

 --

[SA12286] Sympa Unauthorised List Creation Security Issue

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass
Released:    2004-08-13

A security issues has been reported in Sympa, which can be exploited by
malicious people to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/12286/

 --

[SA12311] Debian update for kdelibs

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2004-08-17

Debian has issued an update for kdelibs. This fixes a vulnerability,
which can be exploited by malicious, local users to perform certain
actions on a vulnerable system with escalated privileges.

Full Advisory:
http://secunia.com/advisories/12311/

 --

[SA12299] Rxvt-unicode Arbitrary Terminal Window Access Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Manipulation of data, Exposure of sensitive information
Released:    2004-08-16

A vulnerability has been reported in rxvt-unicode, which potentially
can be exploited by malicious, local users to manipulate or access
sensitive information.

Full Advisory:
http://secunia.com/advisories/12299/

 --

[SA12296] Gentoo Tomcat Privilege Escalation Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2004-08-16

A vulnerability has been reported in the tomcat package for Gentoo,
which can be exploited by malicious, local users to escalate their
privileges.

Full Advisory:
http://secunia.com/advisories/12296/

 --

[SA12293] Debian update for ruby

Critical:    Less critical
Where:       Local system
Impact:      Exposure of sensitive information
Released:    2004-08-16

Debian has issued an update for ruby. This fixes a vulnerability, which
potentially can be exploited by malicious, local users to gain knowledge
of sensitive information.

Full Advisory:
http://secunia.com/advisories/12293/

 --

[SA12290] Ruby CGI Session Management Insecure File Creation
Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Exposure of sensitive information
Released:    2004-08-16

Andres Salomon has reported a vulnerability in Ruby, which potentially
can be exploited by malicious, local users to gain knowledge of
sensitive information.

Full Advisory:
http://secunia.com/advisories/12290/

 --

[SA12288] Gentoo update for nessus

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2004-08-13

Gentoo has issued an update for nessus. This fixes a vulnerability,
which potentially can be exploited by malicious, local users to
escalate their privileges.

Full Advisory:
http://secunia.com/advisories/12288/

 --

[SA12309] CVS File Existence Information Disclosure Weakness

Critical:    Not critical
Where:       From remote
Impact:      Exposure of system information
Released:    2004-08-17

A weakness has been reported in Concurrent Versions System (CVS), which
potentially can be exploited by malicious users to gain knowledge of
certain system information.

Full Advisory:
http://secunia.com/advisories/12309/


Other:--

[SA12280] Nokia IPSO Denial of Service Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2004-08-12

A vulnerability has been discovered in Nokia IPSO, which can be
exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/12280/


Cross Platform:--

[SA12317] PSCRIPT Forum User Profile Script Insertion Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2004-08-18

Christoph Jeschke has reported a vulnerability in PForum, allowing
malicious users to conduct script insertion attacks.

Full Advisory:
http://secunia.com/advisories/12317/

 --

[SA12308] Cacti SQL Injection and Path Disclosure Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data, Exposure of system information
Released:    2004-08-18

Fernando Quintero has reported two vulnerabilities in Cacti, which can
be exploited by malicious people to see the installation path and
conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/12308/

 --

[SA12298] QuiXplorer Directory Traversal Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of sensitive information
Released:    2004-08-16

Cyrille Barthelemy has reported a vulnerability in QuiXplorer, which
can be exploited by malicious people to read arbitrary files on a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/12298/

 --

[SA12297] Simple Form Open Mail Relay Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2004-08-16

A vulnerability has been reported in Simple Form, which can be
exploited by malicious people to use it as an open mail relay.

Full Advisory:
http://secunia.com/advisories/12297/



========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Subscribe:
http://secunia.com/secunia_weekly_summary/

Contact details:
Web	: http://secunia.com/
E-mail	: support@private
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45

========================================================================



_________________________________________
Open Source Vulnerability Database (OSVDB) Everything is Vulnerable - http://www.osvdb.org/



This archive was generated by hypermail 2.1.3 : Fri Aug 20 2004 - 02:19:22 PDT