[ISN] Secunia Weekly Summary - Issue: 2004-49

From: InfoSec News (isn@private)
Date: Fri Dec 03 2004 - 01:40:00 PST


========================================================================

                  The Secunia Weekly Advisory Summary                  
                        2004-11-25 - 2004-12-02                        

                       This week : 40 advisories                       

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing

========================================================================
1) Word From Secunia:

Monitor, Filter, and Manage Security Information
- Filtering and Management of Secunia advisories
- Overview, documentation, and detailed reports
- Alerting via email and SMS

Request Trial:
https://ca.secunia.com/?f=s

========================================================================
2) This Week in Brief:


ADVISORIES:

Microsoft has issued a patch for Internet Explorer, which addresses a
buffer overflow vulnerability (also known as the IFRAME vulnerability)
in several HTML elements.

The patch has been long awaited, and all users not running systems with
Windows XP Service Pack 2 installed, are urged to install this update
as soon as possible.

See Secunia advisory below for patch links.

References:
http://secunia.com/SA12959


VIRUS ALERTS:

Secunia has not issued any virus alerts during the last week.

========================================================================
3) This Weeks Top Ten Most Read Advisories:

1.  [SA13269] Winamp "IN_CDDA.dll" Buffer Overflow Vulnerability
2.  [SA12959] Internet Explorer HTML Elements Buffer Overflow
              Vulnerability
3.  [SA13317] Microsoft Internet Explorer "Save Picture As" Image
              Download Spoofing
4.  [SA13271] Sun Java Plug-in Sandbox Security Bypass Vulnerability
5.  [SA12889] Microsoft Internet Explorer Two Vulnerabilities
6.  [SA13328] Microsoft Windows WINS Replication Packet Handling
              Vulnerability
7.  [SA13203] Microsoft Internet Explorer Two Vulnerabilities
8.  [SA12758] Microsoft Word Document Parsing Buffer Overflow
              Vulnerability
9.  [SA13334] WS_FTP Server FTP Commands Buffer Overflow
              Vulnerabilities
10. [SA13308] Linux Kernel Local DoS and Memory Content Disclosure
              Vulnerabilities

========================================================================
4) Vulnerabilities Summary Listing

Windows:
[SA13334] WS_FTP Server FTP Commands Buffer Overflow Vulnerabilities
[SA13318] MailEnable IMAP Service Buffer Overflow Vulnerabilities
[SA13317] Microsoft Internet Explorer "Save Picture As" Image Download
Spoofing
[SA13328] Microsoft Windows WINS Replication Packet Handling
Vulnerability
[SA13333] JanaServer Two Denial of Service Vulnerabilities

UNIX/Linux:
[SA13349] Fedora update for cyrus-imapd
[SA13346] Conectiva update for cyrus-imapd
[SA13345] SUSE Updates For Multiple Packages
[SA13341] Sun Solaris Netscape PNG Image Handling Vulnerabilities
[SA13335] Fedora update for gaim
[SA13332] Gentoo update for
sun-jdk/sun-jre-bin/blackdown-jdk/blackdown-jre
[SA13320] Debian update for tetex-bin
[SA13315] Mandrake update for cyrus-imapd
[SA13310] Debian update for cyrus-imapd
[SA13309] Gentoo update for cyrus-imapd
[SA13307] jabberd Client to Server Component Buffer Overflow
Vulnerability
[SA13344] Conectiva update for abiword
[SA13338] Debian update for libgd
[SA13337] Debian update for libgd2
[SA13323] Fedora update for squirrelmail
[SA13339] SUSE update for kernel
[SA13336] Fedora update for samba
[SA13313] Debian update for yardradius
[SA13312] YardRadius "process_menu()" Buffer Overflow Vulnerability
[SA13354] Fedora update for iptables
[SA13326] Gentoo update for opendchub
[SA13325] Open DC Hub "RedirectAll" Buffer Overflow Vulnerability
[SA13324] Gentoo update for phpwebsite
[SA13322] Gentoo update for phpmyadmin
[SA13343] Debian update for openssl
[SA13340] Sun Solaris ping Utility Privilege Escalation Vulnerability
[SA13316] Mandrake update for a2ps
[SA13314] Mandrake update for zip
[SA13308] Linux Kernel Local DoS and Memory Content Disclosure
Vulnerabilities

Other:


Cross Platform:
[SA13327] Orbz Password Field Buffer Overflow Vulnerability
[SA13331] FreeImage Library Interleaved Bitmap Image Buffer Overflow
Vulnerability
[SA13329] Nuked-Klan "Links" Module Script Insertion Vulnerability
[SA13319] YaBB Unspecified "shadow" Tags Script Insertion
Vulnerability
[SA13321] Groupmax World Wide Web Cross-Site Scripting and Directory
Traversal
[SA13330] IberAgents Clear Text User Credential Disclosure

========================================================================
5) Vulnerabilities Content Listing

Windows:--

[SA13334] WS_FTP Server FTP Commands Buffer Overflow Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2004-11-30

Reed Arvin has discovered some vulnerabilities in WS_FTP Server, which
can be exploited by malicious users to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/13334/

 --

[SA13318] MailEnable IMAP Service Buffer Overflow Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2004-11-26

Hat-Squad has reported two vulnerabilities in MailEnable Professional
and MailEnable Enterprise Edition, which can be exploited by malicious
people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/13318/

 --

[SA13317] Microsoft Internet Explorer "Save Picture As" Image Download
Spoofing

Critical:    Moderately critical
Where:       From remote
Impact:      Spoofing
Released:    2004-11-26

cyber flash has discovered a vulnerability in Microsoft Internet
Explorer, which can be exploited by malicious people to trick users
into downloading malicious files.

Full Advisory:
http://secunia.com/advisories/13317/

 --

[SA13328] Microsoft Windows WINS Replication Packet Handling
Vulnerability

Critical:    Moderately critical
Where:       From local network
Impact:      System access
Released:    2004-11-29

Nicolas Waisman has reported a vulnerability in Microsoft Windows,
which can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/13328/

 --

[SA13333] JanaServer Two Denial of Service Vulnerabilities

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2004-12-01

Luigi Auriemma has reported two vulnerabilities in JanaServer, which
can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/13333/


UNIX/Linux:--

[SA13349] Fedora update for cyrus-imapd

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2004-12-02

Fedora has issued an update for cyrus-imapd. This fixes some
vulnerabilities, which can be exploited by malicious people to
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/13349/

 --

[SA13346] Conectiva update for cyrus-imapd

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2004-12-02

Conectiva has issued an update for cyrus-imapd. This fixes some
vulnerabilities, which can be exploited by malicious people to
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/13346/

 --

[SA13345] SUSE Updates For Multiple Packages

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, DoS, System access
Released:    2004-12-01

SUSE has issued updates for multiple packages. These fix various
vulnerabilities, which can be exploited to bypass certain security
functionality, cause a DoS (Denial-of-Service), and potentially
compromise a user's system.

Full Advisory:
http://secunia.com/advisories/13345/

 --

[SA13341] Sun Solaris Netscape PNG Image Handling Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2004-12-01

Sun has acknowledged some vulnerabilities in the Netscape browser for
Solaris, which can be exploited by malicious people to cause a DoS
(Denial of Service) or compromise a user's system.

Full Advisory:
http://secunia.com/advisories/13341/

 --

[SA13335] Fedora update for gaim

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2004-11-30

Fedora has issued an update for gaim. This fixes a vulnerability, which
potentially can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/13335/

 --

[SA13332] Gentoo update for
sun-jdk/sun-jre-bin/blackdown-jdk/blackdown-jre

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2004-11-30

Gentoo has issued updates for sun-jdk, sun-jre-bin, blackdown-jdk, and
blackdown-jre. These fix a vulnerability, which can be exploited by
malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/13332/

 --

[SA13320] Debian update for tetex-bin

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2004-11-26

Debian has issued an update for tetex-bin. This fixes some
vulnerabilities, which potentially can be exploited by malicious people
to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/13320/

 --

[SA13315] Mandrake update for cyrus-imapd

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2004-11-26

MandrakeSoft has issued an update for cyrus-imapd. This fixes some
vulnerabilities, which can be exploited by malicious people to
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/13315/

 --

[SA13310] Debian update for cyrus-imapd

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2004-11-25

Debian has issued an update for cyrus-imapd. This fixes some
vulnerabilities, which can be exploited by malicious people to
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/13310/

 --

[SA13309] Gentoo update for cyrus-imapd

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2004-11-25

Gentoo has issued an update for cyrus-imapd. This fixes some
vulnerabilities, which can be exploited by malicious people to
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/13309/

 --

[SA13307] jabberd Client to Server Component Buffer Overflow
Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2004-11-25

Zhaowei has reported a vulnerability in jabberd, which can be exploited
by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/13307/

 --

[SA13344] Conectiva update for abiword

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2004-12-02

Conectiva has issued an update for abiword. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
user's system.

Full Advisory:
http://secunia.com/advisories/13344/

 --

[SA13338] Debian update for libgd

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2004-11-30

Debian has issued an update for libgd. This fixes some vulnerabilities,
which potentially can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/13338/

 --

[SA13337] Debian update for libgd2

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2004-11-30

Debian has issued an update for libgd2. This fixes some
vulnerabilities, which potentially can be exploited by malicious people
to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/13337/

 --

[SA13323] Fedora update for squirrelmail

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2004-11-29

Fedora has issued an update for SquirrelMail. This fixes a
vulnerability, which can be exploited by malicious people to conduct
script insertion attacks.

Full Advisory:
http://secunia.com/advisories/13323/

 --

[SA13339] SUSE update for kernel

Critical:    Moderately critical
Where:       From local network
Impact:      Privilege escalation, DoS, Exposure of sensitive
information
Released:    2004-12-02

SUSE has issued an update for the kernel. This fixes multiple
vulnerabilities, which potentially can be exploited by malicious, local
users to gain escalated privileges or by malicious people to cause a DoS
(Denial of Service)  or leak kernel memory.

Full Advisory:
http://secunia.com/advisories/13339/

 --

[SA13336] Fedora update for samba

Critical:    Moderately critical
Where:       From local network
Impact:      DoS, System access
Released:    2004-11-30

Fedora has issued an update for samba. This fixes two vulnerabilities,
which can be exploited by malicious users to cause a DoS (Denial of
Service) or compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/13336/

 --

[SA13313] Debian update for yardradius

Critical:    Moderately critical
Where:       From local network
Impact:      System access
Released:    2004-11-26

Debian has issued an updated for yardradius. This fixes a
vulnerability, which can be exploited by malicious people to compromise
a vulnerable system.

Full Advisory:
http://secunia.com/advisories/13313/

 --

[SA13312] YardRadius "process_menu()" Buffer Overflow Vulnerability

Critical:    Moderately critical
Where:       From local network
Impact:      System access
Released:    2004-11-26

Max Vozeler has reported a vulnerability in YardRadius, which can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/13312/

 --

[SA13354] Fedora update for iptables

Critical:    Less critical
Where:       From remote
Impact:      
Released:    2004-12-02

Fedora has issued an update for iptables. This fixes a security issue,
where iptables under some circumstances fails to load required
modules.

Full Advisory:
http://secunia.com/advisories/13354/

 --

[SA13326] Gentoo update for opendchub

Critical:    Less critical
Where:       From remote
Impact:      System access
Released:    2004-11-29

Gentoo has issued an update for  opendchub. This fixes a vulnerability,
which can be exploited by certain malicious users to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/13326/

 --

[SA13325] Open DC Hub "RedirectAll" Buffer Overflow Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      System access
Released:    2004-11-29

Donato Ferrante has reported a vulnerability in Open DC Hub, which can
be exploited by certain malicious users to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/13325/

 --

[SA13324] Gentoo update for phpwebsite

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2004-11-29

Gentoo has issued an update for phpwebsite. This fixes a vulnerability,
which can be exploited by malicious people to conduct cross-site
scripting attacks.

Full Advisory:
http://secunia.com/advisories/13324/

 --

[SA13322] Gentoo update for phpmyadmin

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2004-11-29

Gentoo has issued an update for phpmyadmin. This fixes some
vulnerabilities, which can be exploited by malicious people to conduct
cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/13322/

 --

[SA13343] Debian update for openssl

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2004-12-02

Debian has issued an update for openssl. This fixes a vulnerability,
which can be exploited by malicious, local users to perform certain
actions on a vulnerable system with escalated privileges.

Full Advisory:
http://secunia.com/advisories/13343/

 --

[SA13340] Sun Solaris ping Utility Privilege Escalation Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2004-12-01

A vulnerability has been reported in Sun Solaris, which can be
exploited by malicious, local users to gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/13340/

 --

[SA13316] Mandrake update for a2ps

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2004-11-26

MandrakeSoft has issued an update for a2ps. This fixes a vulnerability,
which potentially can be exploited by malicious, local users to gain
escalated privileges.

Full Advisory:
http://secunia.com/advisories/13316/

 --

[SA13314] Mandrake update for zip

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2004-11-26

MandrakeSoft has issued an update for zip. This fixes a vulnerability,
which potentially can be exploited by malicious, local users to gain
escalated privileges.

Full Advisory:
http://secunia.com/advisories/13314/

 --

[SA13308] Linux Kernel Local DoS and Memory Content Disclosure
Vulnerabilities

Critical:    Less critical
Where:       Local system
Impact:      Exposure of sensitive information, DoS
Released:    2004-11-25

Two vulnerabilities have been reported in the Linux Kernel, which can
be exploited by malicious, local users to cause a DoS (Denial of
Service) or gain knowledge of potentially sensitive information.

Full Advisory:
http://secunia.com/advisories/13308/


Other:


Cross Platform:--

[SA13327] Orbz Password Field Buffer Overflow Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2004-11-30

Luigi Auriemma has reported a vulnerability in Orbz, which potentially
can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/13327/

 --

[SA13331] FreeImage Library Interleaved Bitmap Image Buffer Overflow
Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2004-11-30

A vulnerability has been reported in FreeImage, which can be exploited
by malicious people to cause a DoS (Denial of Service) and potentially
compromise a user's system.

Full Advisory:
http://secunia.com/advisories/13331/

 --

[SA13329] Nuked-Klan "Links" Module Script Insertion Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2004-11-29

XioNoX has reported a vulnerability in Nuked-Klan, which can be
exploited by malicious people to conduct script insertion attacks.

Full Advisory:
http://secunia.com/advisories/13329/

 --

[SA13319] YaBB Unspecified "shadow" Tags Script Insertion
Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2004-11-26

A vulnerability has been reported in YaBB, which can be exploited by
malicious people to conduct script insertion attacks.

Full Advisory:
http://secunia.com/advisories/13319/

 --

[SA13321] Groupmax World Wide Web Cross-Site Scripting and Directory
Traversal

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting, Exposure of sensitive information
Released:    2004-11-29

Two vulnerabilities have been reported in Groupmax World Wide Web and
Groupmax World Wide Web Desktop, which can be exploited to conduct
cross-site scripting attacks or access arbitrary HTML files.

Full Advisory:
http://secunia.com/advisories/13321/

 --

[SA13330] IberAgents Clear Text User Credential Disclosure

Critical:    Less critical
Where:       Local system
Impact:      Exposure of sensitive information
Released:    2004-11-29

A security issue has been reported in IberAgents, which can be
exploited by malicious, local users to gain knowledge of sensitive
information.

Full Advisory:
http://secunia.com/advisories/13330/



========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Subscribe:
http://secunia.com/secunia_weekly_summary/

Contact details:
Web	: http://secunia.com/
E-mail	: support@private
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45

========================================================================




_________________________________________
Open Source Vulnerability Database (OSVDB) Everything is Vulnerable - http://www.osvdb.org/



This archive was generated by hypermail 2.1.3 : Fri Dec 03 2004 - 02:13:05 PST