[ISN] Secunia Weekly Summary - Issue: 2004-38

From: InfoSec News (isn@private)
Date: Fri Sep 17 2004 - 05:09:07 PDT


========================================================================

                  The Secunia Weekly Advisory Summary                  
                        2004-09-09 - 2004-09-16                        

                       This week : 42 advisories                       

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing

========================================================================
1) Word From Secunia:

Secunia has implemented new features at Secunia.com


SECUNIA ADVISORIES NOW INCLUDE "Solution Status":
In addition to the extensive information Secunia advisories already
include, Secunia has added a new parameter: "Solution Status". This
simply means that all Secunia advisories, including older advisories,
now include the current "Solution Status" of a advisory, i.e. if the
vendor has released a patch or not.


IMPROVED PRODUCT PAGES:
The improved product pages now include a detailed listing of all
Secunia advisories affecting each product. The listings include a clear
indication of the "Solution Status" each advisory has ("Unpatched",
"Vendor patch", "Vendor workaround", or "Partial fix"). View the
following for examples:

Opera 7:
http://secunia.com/product/761/

Internet Explorer 6:
http://secunia.com/product/11/

Mozilla Firefox:
http://secunia.com/product/3256/


EXTRA STATISTICS:
Each product page also includes a new pie graph, displaying the
"Solution Status" for all Secunia advisories affecting each product in
a given period. View the following for an example:

Internet Explorer 6:
http://secunia.com/product/11/#statistics_solution


FEEDBACK SYSTEM:
To make it easier to provide feedback to the Secunia staff, we have
made an online feedback form. Enter your inquiry and it will
immediately be sent to the appropriate Secunia department.

Ideas, suggestions, and other feedback is most welcome

Secunia Feedback Form:
http://secunia.com/contact_form/


========================================================================
2) This Week in Brief:


ADVISORIES:

Microsoft issued two security updates, and while the one affecting
most of Microsoft's Office programs is pretty straight forward to
install and implement, the other is quite a different story.

The second security update addresses a JPEG processing vulnerability
within a image library, which can be exploited by malicious people to
compromise a vulnerable system.

However, since the vulnerability exists in a library, which is used by
MANY different Microsoft as well as third party programs, it may be
required that you update the library in multiple locations on your hard
drive with different patches for each affected program. This makes it
very hard, especially for larger companies with complex networks, to
make a "normal" patch installation.

Secunia recommends that you read SA12528 very carefully, and afterwards
go to the Microsoft Security Bulletin and locate the patches required
for your system. It is also highly recommended that you download and
run a special tool from Microsoft, as this should be able locate
vulnerable components.

Reference:
http://secunia.com/SA12529
http://secunia.com/SA12528

--

Mozilla has issued new versions of their popular products Mozilla,
Firefox, and Thunderbird.
 
These fix 10 different vulnerabilities, some of which in worst case
could be exploited to compromise a vulnerable system.

Users are recommended to upgrade their products to the latest versions.
Additional details can be found in the referenced Secunia advisory
below.

In addition, Netscape 7.2 is also vulnerable to several of the same
issues described in SA12526. More details about the issues in Netscape
can be found in SA12535.

Reference:
http://secunia.com/SA12526
http://secunia.com/SA12535


VIRUS ALERTS:

Secunia has not issued any virus alerts during the last week.


========================================================================
3) This Weeks Top Ten Most Read Advisories:

1.  [SA12526] Mozilla Multiple Vulnerabilities
2.  [SA12304] Internet Explorer Address Bar Spoofing Vulnerability
3.  [SA12321] Microsoft Internet Explorer Drag and Drop Vulnerability
4.  [SA12528] Microsoft Multiple Products JPEG Processing Buffer
              Overflow Vulnerability
5.  [SA12381] Winamp Skin File Arbitrary Code Execution Vulnerability
6.  [SA12535] Netscape Multiple Vulnerabilities
7.  [SA11978] Multiple Browsers Frame Injection Vulnerability
8.  [SA12455] Kazaa Altnet Download Manager Buffer Overflow
              Vulnerability
9.  [SA12430] Winzip Unspecified Multiple Buffer Overflow
              Vulnerabilities
10. [SA12403] Mozilla / Mozilla Firefox Apple Java Plugin Tab Spoofing
              Vulnerability

========================================================================
4) Vulnerabilities Summary Listing

Windows:
[SA12535] Netscape Multiple Vulnerabilities
[SA12528] Microsoft Multiple Products JPEG Processing Buffer Overflow
Vulnerability
[SA12511] Twin FTP Server Directory Traversal Vulnerability
[SA12529] Microsoft Office WordPerfect Converter Buffer Overflow
Vulnerability
[SA12519] getInternet Multiple SQL Injection Vulnerabilities
[SA12510] Gadu-Gadu Buffer Overflow Vulnerability
[SA12507] Serv-U FTP Server "STOU" Command Denial of Service
Vulnerability
[SA12520] getIntranet Multiple Vulnerabilities
[SA12506] McAfee VirusScan System Scan Privilege Escalation
Vulnerability

UNIX/Linux:
[SA12548] GTK+ Multiple Image Decoding Vulnerabilities
[SA12542] GdkPixbuf Multiple Image Decoding Vulnerabilities
[SA12539] Red Hat update for imlib
[SA12505] Gentoo update for Webmin / Usermin
[SA12503] Conectiva update for krb5
[SA12502] Fedora update for imlib
[SA12544] Red Hat update for mc
[SA12536] Mandrake update for squid
[SA12521] Conectiva update for kde
[SA12515] ripMIME MIME Decoding Vulnerabilities
[SA12513] Regulus Multiple Vulnerabilities
[SA12547] Red Hat update for httpd
[SA12541] Mandrake update for apache2
[SA12534] Gentoo update for SUS
[SA12552] GNU Radius SNMP String Length Denial of Service
Vulnerability
[SA12518] Fedora update for samba
[SA12517] Gentoo update for samba
[SA12516] Samba Denial of Service Vulnerabilities
[SA12508] Squid "clientAbortBody()" Denial of Service Vulnerability
[SA12546] Red Hat update for openoffice.org
[SA12537] Debian update for webmin
[SA12532] Gentoo update for cdrtools
[SA12530] SUS Logging Format String Vulnerability
[SA12501] Fedora update for cdrtools

Other:
[SA12523] Pingtel Xpressa HTTP Management Interface Denial of Service

Cross Platform:
[SA12526] Mozilla Multiple Vulnerabilities
[SA12509] BBS E-Market Professional Arbitrary File Inclusion
Vulnerability
[SA12540] Apache apr-util Library and Environment Variable Expansion
Vulnerabilities
[SA12531] vBulletin "x_invoice_num" SQL Injection Vulnerability
[SA12524] BEA WebLogic Multiple Vulnerabilities
[SA12504] Halo Client Response Off-By-One Denial of Service
Vulnerability
[SA12527] Apache "mod_dav" LOCK Request Denial of Service
Vulnerability
[SA12522] Lexar JumpDrive Secure Password Disclosure Security Issue

========================================================================
5) Vulnerabilities Content Listing

Windows:--

[SA12535] Netscape Multiple Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data, Exposure of
sensitive information, System access
Released:    2004-09-15

Multiple vulnerabilities have been reported in Netscape, which can be
exploited by malicious people to conduct cross-site scripting attacks,
access and modify sensitive information, and compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/12535/

 --

[SA12528] Microsoft Multiple Products JPEG Processing Buffer Overflow
Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2004-09-14

Nick DeBaggis has reported a vulnerability in multiple Microsoft
products, which can be exploited by malicious people to compromise a
user's system.

Full Advisory:
http://secunia.com/advisories/12528/

 --

[SA12511] Twin FTP Server Directory Traversal Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      Manipulation of data, Exposure of system information,
Exposure of sensitive information
Released:    2004-09-13

Tan Chew Keong has reported a vulnerability in Twin FTP Server, which
can be exploited by malicious users to access files in arbitrary
locations on a vulnerable system.

Full Advisory:
http://secunia.com/advisories/12511/

 --

[SA12529] Microsoft Office WordPerfect Converter Buffer Overflow
Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2004-09-14

Peter Winter-Smith has reported a vulnerability in various Microsoft
Office products, which can be exploited by malicious people to
compromise a user's system.

Full Advisory:
http://secunia.com/advisories/12529/

 --

[SA12519] getInternet Multiple SQL Injection Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data, Exposure of system information,
Exposure of sensitive information, System access
Released:    2004-09-14

Criolabs has reported some vulnerabilities in getInternet, which can be
exploited by malicious people to conduct SQL injection attacks and
potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/12519/

 --

[SA12510] Gadu-Gadu Buffer Overflow Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2004-09-14

Lord YuP has reported a vulnerability in Gadu-Gadu, which can be
exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/12510/

 --

[SA12507] Serv-U FTP Server "STOU" Command Denial of Service
Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2004-09-13

Patrick has discovered a vulnerability in Serv-U FTP Server, which can
be exploited by malicious users to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/12507/

 --

[SA12520] getIntranet Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From local network
Impact:      Cross Site Scripting, Manipulation of data, Exposure of
sensitive information, Privilege escalation, System access
Released:    2004-09-14

Criolabs has reported some vulnerabilities in getIntranet, which can be
exploited by malicious people to conduct SQL injection and script
insertion attacks, access sensitive information, and potentially
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/12520/

 --

[SA12506] McAfee VirusScan System Scan Privilege Escalation
Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2004-09-14

Ian Vitek has reported a vulnerability in McAfee VirusScan, which can
be exploited by malicious, local users to gain escalated privileges on
a vulnerable system.

Full Advisory:
http://secunia.com/advisories/12506/


UNIX/Linux:--

[SA12548] GTK+ Multiple Image Decoding Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2004-09-16

Multiple vulnerabilities have been reported in GTK+, which can be
exploited by malicious people to cause a DoS (Denial of Service) and
potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/12548/

 --

[SA12542] GdkPixbuf Multiple Image Decoding Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2004-09-16

Multiple vulnerabilities have been reported in GdkPixBuf, which can be
exploited by malicious people to cause a DoS (Denial of Service) and
potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/12542/

 --

[SA12539] Red Hat update for imlib

Critical:    Highly critical
Where:       From remote
Impact:      System access, DoS
Released:    2004-09-15

Red Hat has issued an update for imlib. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
user's system.

Full Advisory:
http://secunia.com/advisories/12539/

 --

[SA12505] Gentoo update for Webmin / Usermin

Critical:    Highly critical
Where:       From remote
Impact:      Unknown, System access
Released:    2004-09-13

Gentoo has issued updates for Webmin / Usermin. These fix two
vulnerabilities, where the most critical can be exploited by malicious
people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/12505/

 --

[SA12503] Conectiva update for krb5

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2004-09-10

Conectiva has issued an update for krb5. This fixes multiple
vulnerabilities, where the most critical potentially can be exploited
by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/12503/

 --

[SA12502] Fedora update for imlib

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2004-09-10

Fedora has issued an update for imlib. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
user's system.

Full Advisory:
http://secunia.com/advisories/12502/

 --

[SA12544] Red Hat update for mc

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2004-09-15

Red Hat has issued an update for mc. This fixes a vulnerability, which
potentially can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/12544/

 --

[SA12536] Mandrake update for squid

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2004-09-15

MandrakeSoft has issued an update for squid. This fixes a
vulnerability, which can be exploited by malicious people to cause a
DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/12536/

 --

[SA12521] Conectiva update for kde

Critical:    Moderately critical
Where:       From remote
Impact:      Hijacking, Spoofing, Privilege escalation
Released:    2004-09-14

Conectiva has issued an update for kde. This fixes multiple
vulnerabilities, which can be exploited to perform certain actions on a
vulnerable system with escalated privileges, spoof the content of
websites, or hijack sessions.

Full Advisory:
http://secunia.com/advisories/12521/

 --

[SA12515] ripMIME MIME Decoding Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2004-09-15

The vendor has acknowledged some vulnerabilities in ripMIME, which
potentially can be exploited by malicious people to bypass filters.

Full Advisory:
http://secunia.com/advisories/12515/

 --

[SA12513] Regulus Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Exposure of sensitive information
Released:    2004-09-14

masud_libra has reported some vulnerabilities in Regulus, which can be
exploited by malicious people to access sensitive information or bypass
certain security restrictions.

Full Advisory:
http://secunia.com/advisories/12513/

 --

[SA12547] Red Hat update for httpd

Critical:    Less critical
Where:       From remote
Impact:      Privilege escalation, DoS
Released:    2004-09-15

Red Hat has issued an update for httpd. This fixes multiple
vulnerabilities, which can be exploited to cause a DoS (Denial of
Service) or gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/12547/

 --

[SA12541] Mandrake update for apache2

Critical:    Less critical
Where:       From remote
Impact:      Privilege escalation, DoS
Released:    2004-09-15

MandrakeSoft has issued an update for apache2. This fixes multiple
vulnerabilities, which can be exploited to cause a DoS (Denial of
Service) or gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/12541/

 --

[SA12534] Gentoo update for SUS

Critical:    Less critical
Where:       From remote
Impact:      Privilege escalation
Released:    2004-09-15

Gentoo has issued an update for SUS. This fixes a vulnerability, which
potentially can be exploited by malicious, local users to gain
escalated privileges.

Full Advisory:
http://secunia.com/advisories/12534/

 --

[SA12552] GNU Radius SNMP String Length Denial of Service
Vulnerability

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2004-09-15

A vulnerability has been reported in GNU Radius, which can be exploited
by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/12552/

 --

[SA12518] Fedora update for samba

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2004-09-14

Fedora has issued an update for samba. This fixes two vulnerabilities,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/12518/

 --

[SA12517] Gentoo update for samba

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2004-09-14

Gentoo has issued an update for samba. This fixes two vulnerabilities,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/12517/

 --

[SA12516] Samba Denial of Service Vulnerabilities

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2004-09-14

Two vulnerabilities have been reported in Samba, which can be exploited
by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/12516/

 --

[SA12508] Squid "clientAbortBody()" Denial of Service Vulnerability

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2004-09-13

M.A.Young has reported a vulnerability in Squid, which can be exploited
by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/12508/

 --

[SA12546] Red Hat update for openoffice.org

Critical:    Less critical
Where:       Local system
Impact:      Exposure of sensitive information
Released:    2004-09-15

Red Hat has issued an update for openoffice.org. This fixes a
vulnerability, which can be exploited by malicious, local users to gain
knowledge of sensitive information.

Full Advisory:
http://secunia.com/advisories/12546/

 --

[SA12537] Debian update for webmin

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2004-09-15

Debian has issued an update for webmin. This fixes a vulnerability,
which potentially can be exploited by malicious people to perform
certain actions on a system with escalated privileges.

Full Advisory:
http://secunia.com/advisories/12537/

 --

[SA12532] Gentoo update for cdrtools

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2004-09-15

Gentoo has issued an update for cdrtools. This fixes a vulnerability,
which potentially can be exploited by malicious, local users to gain
escalated privileges.

Full Advisory:
http://secunia.com/advisories/12532/

 --

[SA12530] SUS Logging Format String Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2004-09-15

Leon Juranic has reported a vulnerability in SUS, allowing malicious
users to escalate their privileges.

Full Advisory:
http://secunia.com/advisories/12530/

 --

[SA12501] Fedora update for cdrtools

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2004-09-10

Fedora has issued an update for cdrtools. This fixes a vulnerability,
which can be exploited by malicious, local users to gain escalated
privileges.

Full Advisory:
http://secunia.com/advisories/12501/


Other:--

[SA12523] Pingtel Xpressa HTTP Management Interface Denial of Service

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2004-09-15

@stake has reported a vulnerability in Pingtel Xpressa, which can be
exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/12523/


Cross Platform:--

[SA12526] Mozilla Multiple Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data, Exposure of
sensitive information, System access
Released:    2004-09-14

Details have been released about several vulnerabilities in Mozilla,
Mozilla Firefox, and Thunderbird. These can potentially be exploited by
malicious people to conduct cross-site scripting attacks, access and
modify sensitive information, and compromise a user's system.

Full Advisory:
http://secunia.com/advisories/12526/

 --

[SA12509] BBS E-Market Professional Arbitrary File Inclusion
Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      Exposure of system information, System access
Released:    2004-09-13

y3dips has reported a vulnerability in BBS E-Market Professional, which
can be exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/12509/

 --

[SA12540] Apache apr-util Library and Environment Variable Expansion
Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Privilege escalation, DoS, System access
Released:    2004-09-15

Two vulnerabilities have been reported in Apache, which can be
exploited by malicious people to cause a DoS (Denial of Service) or
potentially compromise a system, or by malicious, local users to gain
escalated privileges.

Full Advisory:
http://secunia.com/advisories/12540/

 --

[SA12531] vBulletin "x_invoice_num" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2004-09-15

al3ndaleeb has reported a vulnerability in vBulletin, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/12531/

 --

[SA12524] BEA WebLogic Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Manipulation of data, Exposure of system
information, Exposure of sensitive information, DoS
Released:    2004-09-14

Multiple vulnerabilities have been reported in WebLogic, where the most
critical can be exploited by malicious people to access sensitive
information.

Full Advisory:
http://secunia.com/advisories/12524/

 --

[SA12504] Halo Client Response Off-By-One Denial of Service
Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2004-09-10

Luigi Auriemma has reported a vulnerability in Halo, which can be
exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/12504/

 --

[SA12527] Apache "mod_dav" LOCK Request Denial of Service
Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2004-09-14

A vulnerability has been reported in Apache, which can be exploited by
malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/12527/

 --

[SA12522] Lexar JumpDrive Secure Password Disclosure Security Issue

Critical:    Less critical
Where:       Local system
Impact:      Exposure of sensitive information
Released:    2004-09-14

@stake has reported a security issue in Lexar Lexar JumpDrive Secure,
which can be exploited by malicious people to gain knowledge of
sensitive information.

Full Advisory:
http://secunia.com/advisories/12522/



========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Subscribe:
http://secunia.com/secunia_weekly_summary/

Contact details:
Web	: http://secunia.com/
E-mail	: support@private
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45

========================================================================



_________________________________________
Donate online for the Ron Santo Walk to Cure Diabetes - http://www.c4i.org/ethan.html



This archive was generated by hypermail 2.1.3 : Fri Sep 17 2004 - 08:21:46 PDT