======================================================================== The Secunia Weekly Advisory Summary 2004-08-12 - 2004-08-19 This week : 40 advisories ======================================================================== Table of Contents: 1.....................................................Word From Secunia 2....................................................This Week In Brief 3...............................This Weeks Top Ten Most Read Advisories 4.......................................Vulnerabilities Summary Listing 5.......................................Vulnerabilities Content Listing ======================================================================== 1) Word From Secunia: The Secunia staff is spending hours every day to assure you the best and most reliable source for vulnerability information. Every single vulnerability report is being validated and verified before a Secunia advisory is written. Secunia validates and verifies vulnerability reports in many different ways e.g. by downloading the software and performing comprehensive tests, by reviewing source code, or by validating the credibility of the source from which the vulnerability report was issued. As a result, Secunia's database is the most correct and complete source for recent vulnerability information available on the Internet. Secunia Online Vulnerability Database: http://secunia.com/ ======================================================================== 2) This Week in Brief: ADVISORIES: Liu Die Yu has discovered a new address bar spoofing vulnerability in Internet Explorer. The vulnerability can be exploited by performing a sequence of steps, which then leads to Internet Explorer not being able to update the address bar correctly. Secunia has made a demonstration of the vulnerability, which can be found here: http://secunia.com/internet_explorer_address_bar_spoofing_test_popup/ More details are available in the Secunia advisory below. Reference: http://secunia.com/SA12304 -- A vulnerability has been reported within an ActiveX object that comes with Adobe Acrobat Reader 5 and Adobe Reader 6. The vulnerability can be exploited to compromise a vulnerable system, if the user e.g. visits a malicious web page. Adobe has issued a fix for this problem. Reference: http://secunia.com/SA12303 VIRUS ALERTS: During the last week, Secunia issued two MEDIUM RISK virus alerts. Please refer to the grouped virus profiles below for more information: Mydoom.n - MEDIUM RISK Virus Alert - 2004-08-16 23:36 GMT+1 http://secunia.com/virus_information/10738/mydoom.n/ RATOS.A - MEDIUM RISK Virus Alert - 2004-08-16 09:19 GMT+1 http://secunia.com/virus_information/11145/ratos.a/ ======================================================================== 3) This Weeks Top Ten Most Read Advisories: 1. [SA12304] Internet Explorer Address Bar Spoofing Vulnerability 2. [SA11978] Multiple Browsers Frame Injection Vulnerability 3. [SA12198] AOL Instant Messenger "Away" Message Buffer Overflow Vulnerability 4. [SA12280] Nokia IPSO Denial of Service Vulnerability 5. [SA12303] Adobe Acrobat Reader ActiveX Control Buffer Overflow Vulnerability 6. [SA12188] Mozilla / Mozilla Firefox User Interface Spoofing Vulnerability 7. [SA11793] Internet Explorer Local Resource Access and Cross-Zone Scripting Vulnerabilities 8. [SA12285] Adobe Acrobat Reader Shell Command Injection and Buffer Overflow Vulnerability 9. [SA12048] Microsoft Internet Explorer Multiple Vulnerabilities 10. [SA12125] Gaim Unspecified MSN Protocol Buffer Overflow Vulnerabilities ======================================================================== 4) Vulnerabilities Summary Listing Windows: [SA12303] Adobe Acrobat Reader ActiveX Control Buffer Overflow Vulnerability [SA12304] Internet Explorer Address Bar Spoofing Vulnerability [SA12301] MAILsweeper for SMTP Attachment Blocking Bypass Vulnerability [SA12291] Kerio Mailserver Unspecified HTTP Service Vulnerabilities [SA12278] MapInfo Discovery Cross-Site Scripting and Authentication Bypass Vulnerability [SA12277] MAILsweeper for SMTP PowerPoint Document Processing Denial of Service [SA12279] BadBlue Proxy Relay Vulnerability UNIX/Linux: [SA12319] YaPiG Arbitrary Command Execution Vulnerability [SA12314] Gentoo update for xine [SA12292] Mandrake update for gaim [SA12287] SuSE update for gaim [SA12283] Mandrake update for mozilla [SA12282] Gentoo update for gaim [SA12320] Heimdal ftpd Signal Handling Vulnerabilities [SA12318] NetBSD update for ftpd [SA12300] Xephyrus JST Directory Traversal Vulnerability [SA12295] Gentoo update for acroread [SA12289] Conectiva update for squirrelmail [SA12285] Adobe Acrobat Reader Shell Command Injection and Buffer Overflow Vulnerability [SA12284] Gentoo update for kdebase / kdelibs [SA12281] Gentoo update for gv [SA12315] Mandrake update for rsync [SA12313] Gentoo update for rsync [SA12312] Trustix update for rsync [SA12310] Debian update for rsync [SA12307] SuSE update for rsync [SA12294] Rsync Path Sanitation Vulnerability [SA12286] Sympa Unauthorised List Creation Security Issue [SA12311] Debian update for kdelibs [SA12299] Rxvt-unicode Arbitrary Terminal Window Access Vulnerability [SA12296] Gentoo Tomcat Privilege Escalation Vulnerability [SA12293] Debian update for ruby [SA12290] Ruby CGI Session Management Insecure File Creation Vulnerability [SA12288] Gentoo update for nessus [SA12309] CVS File Existence Information Disclosure Weakness Other: [SA12280] Nokia IPSO Denial of Service Vulnerability Cross Platform: [SA12317] PSCRIPT Forum User Profile Script Insertion Vulnerability [SA12308] Cacti SQL Injection and Path Disclosure Vulnerability [SA12298] QuiXplorer Directory Traversal Vulnerability [SA12297] Simple Form Open Mail Relay Vulnerability ======================================================================== 5) Vulnerabilities Content Listing Windows:-- [SA12303] Adobe Acrobat Reader ActiveX Control Buffer Overflow Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2004-08-16 Rafel Ivgi has reported a vulnerability in Adobe Acrobat Reader, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/12303/ -- [SA12304] Internet Explorer Address Bar Spoofing Vulnerability Critical: Moderately critical Where: From remote Impact: Spoofing Released: 2004-08-16 Liu Die Yu has discovered a vulnerability in Internet Explorer, which potentially can be exploited by malicious people to conduct phishing attacks against a user. Full Advisory: http://secunia.com/advisories/12304/ -- [SA12301] MAILsweeper for SMTP Attachment Blocking Bypass Vulnerability Critical: Moderately critical Where: From remote Impact: Security Bypass Released: 2004-08-16 Martin O'Neal of Corsaire has reported a vulnerability in MAILsweeper for SMTP, which can be exploited by malicious people to bypass the attachment blocking functionality. Full Advisory: http://secunia.com/advisories/12301/ -- [SA12291] Kerio Mailserver Unspecified HTTP Service Vulnerabilities Critical: Moderately critical Where: From remote Impact: Unknown Released: 2004-08-13 Some vulnerabilities with an unknown impact have been reported in Kerio MailServer. Full Advisory: http://secunia.com/advisories/12291/ -- [SA12278] MapInfo Discovery Cross-Site Scripting and Authentication Bypass Vulnerability Critical: Moderately critical Where: From remote Impact: Security Bypass, Cross Site Scripting, Exposure of sensitive information Released: 2004-08-12 Various vulnerabilities have been reported in MapInfo Discovery, allowing malicious people to obtain sensitive information, conduct cross-site scripting attacks and bypass security authentication. Full Advisory: http://secunia.com/advisories/12278/ -- [SA12277] MAILsweeper for SMTP PowerPoint Document Processing Denial of Service Critical: Moderately critical Where: From remote Impact: DoS Released: 2004-08-13 A vulnerability has been reported in MAILsweeper for SMTP, which can be exploited by malicious people to cause a DoS (Denial of Service) on a vulnerable system. Full Advisory: http://secunia.com/advisories/12277/ -- [SA12279] BadBlue Proxy Relay Vulnerability Critical: Less critical Where: From remote Impact: Security Bypass Released: 2004-08-12 Texonet has reported a vulnerability in BadBlue, allowing malicious people to relay connections. Full Advisory: http://secunia.com/advisories/12279/ UNIX/Linux:-- [SA12319] YaPiG Arbitrary Command Execution Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2004-08-18 aCiDBiTS has reported a vulnerability in YaPiG, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/12319/ -- [SA12314] Gentoo update for xine Critical: Highly critical Where: From remote Impact: System access Released: 2004-08-18 Gentoo has issued an update for xine-lib. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/12314/ -- [SA12292] Mandrake update for gaim Critical: Highly critical Where: From remote Impact: System access Released: 2004-08-13 MandrakeSoft has issued an update for gaim. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/12292/ -- [SA12287] SuSE update for gaim Critical: Highly critical Where: From remote Impact: System access Released: 2004-08-13 SuSE has issued an update for gaim. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/12287/ -- [SA12283] Mandrake update for mozilla Critical: Highly critical Where: From remote Impact: Spoofing, DoS, System access Released: 2004-08-13 MandrakeSoft has issued an update for mozilla. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service), spoof content of websites, or compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/12283/ -- [SA12282] Gentoo update for gaim Critical: Highly critical Where: From remote Impact: System access Released: 2004-08-13 Gentoo has issued an update for gaim. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/12282/ -- [SA12320] Heimdal ftpd Signal Handling Vulnerabilities Critical: Moderately critical Where: From remote Impact: Privilege escalation, System access Released: 2004-08-18 Przemyslaw Frasunek has reported some vulnerabilities in Heimdal ftpd, which potentially can be exploited by malicious users to gain escalated privileges or compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/12320/ -- [SA12318] NetBSD update for ftpd Critical: Moderately critical Where: From remote Impact: Privilege escalation, System access Released: 2004-08-18 NetBSD has issued an update for ftpd. This fixes some vulnerabilities, which potentially can be exploited by malicious users to gain escalated privileges or compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/12318/ -- [SA12300] Xephyrus JST Directory Traversal Vulnerability Critical: Moderately critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information Released: 2004-08-16 A vulnerability has been reported in Xephyrus JST, which can be exploited by malicious people to read arbitrary files on a vulnerable system. Full Advisory: http://secunia.com/advisories/12300/ -- [SA12295] Gentoo update for acroread Critical: Moderately critical Where: From remote Impact: System access Released: 2004-08-16 Gentoo has issued an update for acroread. This fixes two vulnerabilities, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/12295/ -- [SA12289] Conectiva update for squirrelmail Critical: Moderately critical Where: From remote Impact: Cross Site Scripting, Manipulation of data, Exposure of system information, Exposure of sensitive information Released: 2004-08-13 Conectiva has issued an update for squirrelmail. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting, script insertion, and SQL injection attacks. Full Advisory: http://secunia.com/advisories/12289/ -- [SA12285] Adobe Acrobat Reader Shell Command Injection and Buffer Overflow Vulnerability Critical: Moderately critical Where: From remote Impact: System access Released: 2004-08-13 Greg MacManus has reported two vulnerabilities in Adobe Acrobat Reader, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/12285/ -- [SA12284] Gentoo update for kdebase / kdelibs Critical: Moderately critical Where: From remote Impact: Spoofing, Privilege escalation Released: 2004-08-13 Gentoo has issued updates for kdelibs and kdebase. These fix two vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges, and one vulnerability, which can be exploited by malicious people to spoof the content of websites. Full Advisory: http://secunia.com/advisories/12284/ -- [SA12281] Gentoo update for gv Critical: Moderately critical Where: From remote Impact: System access Released: 2004-08-13 Gentoo has issued an update for gv. This fixes an older vulnerability, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/12281/ -- [SA12315] Mandrake update for rsync Critical: Less critical Where: From remote Impact: Exposure of sensitive information, Exposure of system information Released: 2004-08-18 MandrakeSoft has issued an update for rsync. This fixes a vulnerability, which potentially can be exploited by malicious users to read or write arbitrary files on a vulnerable system. Full Advisory: http://secunia.com/advisories/12315/ -- [SA12313] Gentoo update for rsync Critical: Less critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information Released: 2004-08-18 Gentoo has issued an update for rsync. This fixes a vulnerability, which potentially can be exploited by malicious users to read or write arbitrary files on a vulnerable system. Full Advisory: http://secunia.com/advisories/12313/ -- [SA12312] Trustix update for rsync Critical: Less critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information Released: 2004-08-17 Trustix has issued an update for rsync. This fixes a vulnerability, which potentially can be exploited by malicious users to read or write arbitrary files on a vulnerable system. Full Advisory: http://secunia.com/advisories/12312/ -- [SA12310] Debian update for rsync Critical: Less critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information Released: 2004-08-17 Debian has issued an update for rsync. This fixes a vulnerability, which potentially can be exploited by malicious users to read or write arbitrary files on a vulnerable system. Full Advisory: http://secunia.com/advisories/12310/ -- [SA12307] SuSE update for rsync Critical: Less critical Where: From remote Impact: Exposure of sensitive information, Exposure of system information Released: 2004-08-17 SuSE has issued an update for rsync. This fixes a vulnerability, which potentially can be exploited by malicious users to read or write arbitrary files on a vulnerable system. Full Advisory: http://secunia.com/advisories/12307/ -- [SA12294] Rsync Path Sanitation Vulnerability Critical: Less critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information Released: 2004-08-16 A vulnerability has been reported in rsync, which potentially can be exploited by malicious users to read or write arbitrary files on a vulnerable system. Full Advisory: http://secunia.com/advisories/12294/ -- [SA12286] Sympa Unauthorised List Creation Security Issue Critical: Less critical Where: From remote Impact: Security Bypass Released: 2004-08-13 A security issues has been reported in Sympa, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/12286/ -- [SA12311] Debian update for kdelibs Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2004-08-17 Debian has issued an update for kdelibs. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges. Full Advisory: http://secunia.com/advisories/12311/ -- [SA12299] Rxvt-unicode Arbitrary Terminal Window Access Vulnerability Critical: Less critical Where: Local system Impact: Manipulation of data, Exposure of sensitive information Released: 2004-08-16 A vulnerability has been reported in rxvt-unicode, which potentially can be exploited by malicious, local users to manipulate or access sensitive information. Full Advisory: http://secunia.com/advisories/12299/ -- [SA12296] Gentoo Tomcat Privilege Escalation Vulnerability Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2004-08-16 A vulnerability has been reported in the tomcat package for Gentoo, which can be exploited by malicious, local users to escalate their privileges. Full Advisory: http://secunia.com/advisories/12296/ -- [SA12293] Debian update for ruby Critical: Less critical Where: Local system Impact: Exposure of sensitive information Released: 2004-08-16 Debian has issued an update for ruby. This fixes a vulnerability, which potentially can be exploited by malicious, local users to gain knowledge of sensitive information. Full Advisory: http://secunia.com/advisories/12293/ -- [SA12290] Ruby CGI Session Management Insecure File Creation Vulnerability Critical: Less critical Where: Local system Impact: Exposure of sensitive information Released: 2004-08-16 Andres Salomon has reported a vulnerability in Ruby, which potentially can be exploited by malicious, local users to gain knowledge of sensitive information. Full Advisory: http://secunia.com/advisories/12290/ -- [SA12288] Gentoo update for nessus Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2004-08-13 Gentoo has issued an update for nessus. This fixes a vulnerability, which potentially can be exploited by malicious, local users to escalate their privileges. Full Advisory: http://secunia.com/advisories/12288/ -- [SA12309] CVS File Existence Information Disclosure Weakness Critical: Not critical Where: From remote Impact: Exposure of system information Released: 2004-08-17 A weakness has been reported in Concurrent Versions System (CVS), which potentially can be exploited by malicious users to gain knowledge of certain system information. Full Advisory: http://secunia.com/advisories/12309/ Other:-- [SA12280] Nokia IPSO Denial of Service Vulnerability Critical: Moderately critical Where: From remote Impact: DoS Released: 2004-08-12 A vulnerability has been discovered in Nokia IPSO, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/12280/ Cross Platform:-- [SA12317] PSCRIPT Forum User Profile Script Insertion Vulnerability Critical: Moderately critical Where: From remote Impact: Cross Site Scripting Released: 2004-08-18 Christoph Jeschke has reported a vulnerability in PForum, allowing malicious users to conduct script insertion attacks. Full Advisory: http://secunia.com/advisories/12317/ -- [SA12308] Cacti SQL Injection and Path Disclosure Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data, Exposure of system information Released: 2004-08-18 Fernando Quintero has reported two vulnerabilities in Cacti, which can be exploited by malicious people to see the installation path and conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/12308/ -- [SA12298] QuiXplorer Directory Traversal Vulnerability Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information Released: 2004-08-16 Cyrille Barthelemy has reported a vulnerability in QuiXplorer, which can be exploited by malicious people to read arbitrary files on a vulnerable system. Full Advisory: http://secunia.com/advisories/12298/ -- [SA12297] Simple Form Open Mail Relay Vulnerability Critical: Moderately critical Where: From remote Impact: Security Bypass Released: 2004-08-16 A vulnerability has been reported in Simple Form, which can be exploited by malicious people to use it as an open mail relay. Full Advisory: http://secunia.com/advisories/12297/ ======================================================================== Secunia recommends that you verify all advisories you receive, by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Subscribe: http://secunia.com/secunia_weekly_summary/ Contact details: Web : http://secunia.com/ E-mail : support@private Tel : +45 70 20 51 44 Fax : +45 70 20 51 45 ======================================================================== _________________________________________ Open Source Vulnerability Database (OSVDB) Everything is Vulnerable - http://www.osvdb.org/
This archive was generated by hypermail 2.1.3 : Fri Aug 20 2004 - 02:19:22 PDT