[ISN] Secunia Weekly Summary - Issue: 2004-50

From: InfoSec News (isn@private)
Date: Fri Dec 10 2004 - 02:28:04 PST


========================================================================

                  The Secunia Weekly Advisory Summary                  
                        2004-12-02 - 2004-12-09                        

                       This week : 46 advisories                       

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing

========================================================================
1) Word From Secunia:

Monitor, Filter, and Manage Security Information
- Filtering and Management of Secunia advisories
- Overview, documentation, and detailed reports
- Alerting via email and SMS

Request Trial:
https://ca.secunia.com/?f=s

========================================================================
2) This Week in Brief:


ADVISORIES:

Secunia Research has reported a vulnerability, which affects most
browsers. The vulnerability allows a malicious web site to "hi-jack" a
trusted site's pop-up window.

This could be exploited by phishers to convince people into disclosing
confidential information, or to download and install malicious
programs, which the user believes comes from a trusted web site.

Secunia has constructed a test, which can be used to check if your
browser is affected by this issue:
http://secunia.com/multiple_browsers_window_injection_vulnerability_test/

Please refer to the test above, or the Secunia advisories below for
additional details.

References:
http://secunia.com/SA13251/
http://secunia.com/SA13129/
http://secunia.com/SA13253/
http://secunia.com/SA13254/
http://secunia.com/SA13252/
http://secunia.com/SA13402/

--

Apple has issued a new Mac OS X Security Update, which fixes multiple
vulnerabilities.

An extensive round up of the vulnerabilities are available in the
referenced Secunia advisory below.

References:
http://secunia.com/SA13362


VIRUS ALERTS:

Secunia has not issued any virus alerts during the last week.

========================================================================
3) This Weeks Top Ten Most Read Advisories:

1.  [SA13129] Mozilla / Mozilla Firefox Window Injection Vulnerability
2.  [SA13251] Microsoft Internet Explorer Window Injection
              Vulnerability
3.  [SA12959] Internet Explorer HTML Elements Buffer Overflow
              Vulnerability
4.  [SA13362] Mac OS X Security Update Fixes Multiple Vulnerabilities
5.  [SA12889] Microsoft Internet Explorer Two Vulnerabilities
6.  [SA13269] Winamp "IN_CDDA.dll" Buffer Overflow Vulnerability
7.  [SA13252] Safari Window Injection Vulnerability
8.  [SA13253] Opera Window Injection Vulnerability
9.  [SA13402] Netscape Window Injection Vulnerability
10. [SA13254] Konqueror Window Injection Vulnerability

========================================================================
4) Vulnerabilities Summary Listing

Windows:
[SA13391] GetRight "DUNZIP32.dll" Buffer Overflow Vulnerability
[SA13365] Microsoft Browser Client Context Tool Three Vulnerabilities
[SA13361] Kreed Format String and Denial of Service Vulnerabilities
[SA13368] Battlefield 1942 / Battlefield Vietnam Denial of Service
Vulnerability
[SA13389] Remote Execute Multiple Connection Denial of Service
Vulnerability
[SA13372] Cisco CNS Network Registrar Denial of Service
Vulnerabilities
[SA13396] Microsoft Internet Explorer "sysimage:" Local File Detection
Weakness

UNIX/Linux:
[SA13406] Red Hat update for ImageMagick
[SA13395] SUSE Updates for Multiple Packages
[SA13386] Mandrake update for ImageMagick
[SA13382] Gentoo update for imlib
[SA13381] Imlib Image Decoding Integer Overflow Vulnerabilities
[SA13378] LessTif libXpm Multiple Image Processing Vulnerabilities
[SA13373] Gentoo update for pdflib
[SA13366] SUSE update for cyrus-imapd
[SA13362] Mac OS X Security Update Fixes Multiple Vulnerabilities
[SA13380] Debian update for ViewCVS
[SA13367] Darwin Streaming Server "DESCRIBE" Request Denial of Service
Vulnerability
[SA13358] Big Medium Unspecified Script Upload Vulnerability
[SA13401] Sun Solaris in.rwhod Unspecified Vulnerability
[SA13371] Debian hpsockd Buffer Overflow Vulnerability
[SA13359] Red Hat update for kernel
[SA13407] Fedora update for mysql
[SA13403] Debian update for nfs-utils
[SA13390] Mandrake update for nfs-utils
[SA13384] nfs-utils "SIGPIPE" TCP Connection Termination Denial of
Service Vulnerability
[SA13405] rootsh Escape Sequences Logging Security Bypass
[SA13392] Gentoo mirrorselect Insecure Temporary File Creation
Vulnerability
[SA13388] Gentoo update for perl
[SA13387] Mandrake update for gzip
[SA13385] Mandrake update for lvm
[SA13383] Mandrake update for openssl
[SA13379] Gentoo rssh Arbitrary Command Execution Vulnerability
[SA13376] file Unspecified ELF Header Parsing Vulnerability
[SA13370] AIX Unspecified System Startup Scripts Vulnerability
[SA13369] Gentoo update for scponly
[SA13364] scponly Security Bypass Arbitrary Command Execution
Vulnerability
[SA13363] rssh Security Bypass Arbitrary Command Execution
Vulnerability

Other:


Cross Platform:
[SA13402] Netscape Window Injection Vulnerability
[SA13400] WebLibs Directory Traversal Vulnerability
[SA13375] ViewCVS Restricted Directory Access Security Bypass
[SA13397] MaxDB Web Tools Buffer Overflow and Denial of Service
Vulnerabilities
[SA13393] Codestriker Unspecified Repository Security Bypass Issue
[SA13360] Jakarta Lucene "results.jsp" Cross-Site Scripting
Vulnerability
[SA13357] Serendipity "searchTerm" Cross-Site Scripting Vulnerability
[SA13377] Novell NetMail Default NMAP Authentication Credential
Security Issue

========================================================================
5) Vulnerabilities Content Listing

Windows:--

[SA13391] GetRight "DUNZIP32.dll" Buffer Overflow Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2004-12-07

ATmaCA has reported a vulnerability in GetRight, which potentially can
be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/13391/

 --

[SA13365] Microsoft Browser Client Context Tool Three Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      Cross Site Scripting, System access
Released:    2004-12-07

Nicolas Gregoire has reported some vulnerabilities in Microsoft Browser
Client Context Tool (W3Who.dll), which can be exploited by malicious
people to conduct cross-site scripting attacks or potentially
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/13365/

 --

[SA13361] Kreed Format String and Denial of Service Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2004-12-03

Luigi Auriemma has reported some vulnerabilities in Kreed, which can be
exploited by malicious people to cause a DoS (Denial of Service) and
potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/13361/

 --

[SA13368] Battlefield 1942 / Battlefield Vietnam Denial of Service
Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2004-12-07

Luigi Auriemma has reported a vulnerability in Battlefield 1942 and
Battlefield Vietnam, which can be exploited by malicious people to
cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/13368/

 --

[SA13389] Remote Execute Multiple Connection Denial of Service
Vulnerability

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2004-12-07

Paul Craig has reported a vulnerability in Remote Execute, which can be
exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/13389/

 --

[SA13372] Cisco CNS Network Registrar Denial of Service
Vulnerabilities

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2004-12-03

Qualys Security Research Team has reported two vulnerabilities in Cisco
CNS Network Registrar, which can be exploited by malicious people to
cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/13372/

 --

[SA13396] Microsoft Internet Explorer "sysimage:" Local File Detection
Weakness

Critical:    Not critical
Where:       From remote
Impact:      Exposure of system information
Released:    2004-12-08

Gregory R. Panakkal has discovered a weakness in Internet Explorer,
which can be exploited by malicious people to detect the presence of
local files.

Full Advisory:
http://secunia.com/advisories/13396/


UNIX/Linux:--

[SA13406] Red Hat update for ImageMagick

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2004-12-09

Red Hat has issued an update for ImageMagick. This fixes some
vulnerabilities, which potentially can be exploited by malicious people
to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/13406/

 --

[SA13395] SUSE Updates for Multiple Packages

Critical:    Highly critical
Where:       From remote
Impact:      Privilege escalation, DoS, System access
Released:    2004-12-08

SUSE has issued updates for multiple packages. These fix various
vulnerabilities, which can be exploited to overwrite files, gain
escalated privileges, or potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/13395/

 --

[SA13386] Mandrake update for ImageMagick

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2004-12-07

MandrakeSoft has issued an update for ImageMagick. This fixes a
vulnerability, which potentially can be exploited by malicious people
to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/13386/

 --

[SA13382] Gentoo update for imlib

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2004-12-07

Gentoo has issued an update for imlib. This fixes some vulnerabilities,
which potentially can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/13382/

 --

[SA13381] Imlib Image Decoding Integer Overflow Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2004-12-07

Pavel Kankovsky has reported multiple vulnerabilities in imlib, which
potentially can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/13381/

 --

[SA13378] LessTif libXpm Multiple Image Processing Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2004-12-06

Multiple vulnerabilities have been reported in LessTif, which can be
exploited by malicious people to cause a DoS (Denial of Service) or
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/13378/

 --

[SA13373] Gentoo update for pdflib

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2004-12-06

Gentoo has issued an update for pdflib. This fixes some
vulnerabilities, which can be exploited by malicious people to
compromise a vulnerable system or cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/13373/

 --

[SA13366] SUSE update for cyrus-imapd

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2004-12-06

SUSE has issued an update for cyrus-imapd. This fixes some
vulnerabilities, which can be exploited by malicious people to
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/13366/

 --

[SA13362] Mac OS X Security Update Fixes Multiple Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Spoofing, Exposure of sensitive
information, Privilege escalation, DoS, System access
Released:    2004-12-03

Apple has issued a security update for Mac OS X, which fixes various
vulnerabilities.

Full Advisory:
http://secunia.com/advisories/13362/

 --

[SA13380] Debian update for ViewCVS

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2004-12-06

Debian has issued an update for viewcvs. This fixes a vulnerability,
which can be exploited by malicious users to bypass certain security
restrictions.

Full Advisory:
http://secunia.com/advisories/13380/

 --

[SA13367] Darwin Streaming Server "DESCRIBE" Request Denial of Service
Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2004-12-08

A vulnerability has been reported in Darwin Streaming Server, which can
be exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/13367/

 --

[SA13358] Big Medium Unspecified Script Upload Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2004-12-02

A vulnerability has been reported in Big Medium, which potentially can
be exploited by malicious users to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/13358/

 --

[SA13401] Sun Solaris in.rwhod Unspecified Vulnerability

Critical:    Moderately critical
Where:       From local network
Impact:      System access
Released:    2004-12-08

A vulnerability has been reported in Sun Solaris, which can be
exploited by malicious users to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/13401/

 --

[SA13371] Debian hpsockd Buffer Overflow Vulnerability

Critical:    Moderately critical
Where:       From local network
Impact:      DoS, System access
Released:    2004-12-03

infamous41md has reported a vulnerability in hpsockd, which can be
exploited by malicious people to cause a DoS (Denial of Service) and
potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/13371/

 --

[SA13359] Red Hat update for kernel

Critical:    Moderately critical
Where:       From local network
Impact:      Security Bypass, Privilege escalation, DoS
Released:    2004-12-03

Red Hat has issued an update for the kernel. This fixes multiple
vulnerabilities, which potentially can be exploited to gain escalated
privileges, bypass certain security restrictions, or cause a DoS
(Denial of Service).

Full Advisory:
http://secunia.com/advisories/13359/

 --

[SA13407] Fedora update for mysql

Critical:    Less critical
Where:       From local network
Impact:      Security Bypass, Privilege escalation, DoS, System access
Released:    2004-12-09

Fedora has issued an update for mysql. This fixes multiple
vulnerabilities, which can be exploited to perform certain actions on a
system with escalated privileges, bypass certain security restrictions,
cause a DoS (Denial of Service), or potentially compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/13407/

 --

[SA13403] Debian update for nfs-utils

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2004-12-09

Debian has issued an update for nfs-utils. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/13403/

 --

[SA13390] Mandrake update for nfs-utils

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2004-12-07

MandrakeSoft has issued an update for nfs-utils. This fixes a
vulnerability, which can be exploited by malicious people to cause a
DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/13390/

 --

[SA13384] nfs-utils "SIGPIPE" TCP Connection Termination Denial of
Service Vulnerability

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2004-12-07

SGI has reported a vulnerability in nfs-utils, which can be exploited
by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/13384/

 --

[SA13405] rootsh Escape Sequences Logging Security Bypass

Critical:    Less critical
Where:       Local system
Impact:      Security Bypass
Released:    2004-12-09

A security issue has been reported in rootsh, which can be exploited by
malicious, local users to bypass the logging functionality.

Full Advisory:
http://secunia.com/advisories/13405/

 --

[SA13392] Gentoo mirrorselect Insecure Temporary File Creation
Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2004-12-07

Ervin Nemeth has reported a vulnerability in mirrorselect, which can be
exploited by malicious, local users to perform certain actions on a
vulnerable system with escalated privileges.

Full Advisory:
http://secunia.com/advisories/13392/

 --

[SA13388] Gentoo update for perl

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2004-12-07

Gentoo has issued an update for perl. This fixes some vulnerabilities,
which can be exploited by malicious, local users to perform certain
actions on a vulnerable system with escalated privileges.

Full Advisory:
http://secunia.com/advisories/13388/

 --

[SA13387] Mandrake update for gzip

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2004-12-07

MandrakeSoft has issued an update for gzip. This fixes some
vulnerabilities, which can be exploited by malicious, local users to
perform certain actions on a vulnerable system with escalated
privileges.

Full Advisory:
http://secunia.com/advisories/13387/

 --

[SA13385] Mandrake update for lvm

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2004-12-07

MandrakeSoft has issued an update for lvm. This fixes a vulnerability,
which can be exploited by malicious, local users to perform certain
actions on a vulnerable system with escalated privileges.

Full Advisory:
http://secunia.com/advisories/13385/

 --

[SA13383] Mandrake update for openssl

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2004-12-07

MandrakeSoft has issued an update for openssl. This fixes a
vulnerability, which can be exploited by malicious, local users to
perform certain actions on a vulnerable system with escalated
privileges.

Full Advisory:
http://secunia.com/advisories/13383/

 --

[SA13379] Gentoo rssh Arbitrary Command Execution Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Security Bypass
Released:    2004-12-06

Gentoo has acknowledged a vulnerability in rssh, which can be exploited
by malicious users to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/13379/

 --

[SA13376] file Unspecified ELF Header Parsing Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Unknown
Released:    2004-12-06

A vulnerability with an unknown impact has been reported in file.

Full Advisory:
http://secunia.com/advisories/13376/

 --

[SA13370] AIX Unspecified System Startup Scripts Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Manipulation of data, DoS
Released:    2004-12-03

A vulnerability has been reported in AIX, which can be exploited by
malicious, local users to inject arbitrary data into the ODM (Object
Data Manager) or cause a vulnerable system to hang during boot.

Full Advisory:
http://secunia.com/advisories/13370/

 --

[SA13369] Gentoo update for scponly

Critical:    Less critical
Where:       Local system
Impact:      Security Bypass
Released:    2004-12-06

Gentoo has issued an update for scponly. This fixes a vulnerability,
which can be exploited by malicious users to bypass certain security
restrictions.

Full Advisory:
http://secunia.com/advisories/13369/

 --

[SA13364] scponly Security Bypass Arbitrary Command Execution
Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Security Bypass
Released:    2004-12-03

Jason Wies has reported a vulnerability in scponly, which can be
exploited by malicious users to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/13364/

 --

[SA13363] rssh Security Bypass Arbitrary Command Execution
Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Security Bypass
Released:    2004-12-03

Jason Wies has reported a vulnerability in rssh, which can be exploited
to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/13363/


Other:


Cross Platform:--

[SA13402] Netscape Window Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Spoofing
Released:    2004-12-08

A vulnerability has been reported in Netscape, which can be exploited
by malicious people to spoof the content of websites.

Full Advisory:
http://secunia.com/advisories/13402/

 --

[SA13400] WebLibs Directory Traversal Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information
Released:    2004-12-08

John Bissell has reported a vulnerability in WebLibs, which can be
exploited by malicious people to access sensitive information.

Full Advisory:
http://secunia.com/advisories/13400/

 --

[SA13375] ViewCVS Restricted Directory Access Security Bypass

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2004-12-06

Hajvan Sehic has reported a vulnerability in ViewCVS, which can be
exploited by malicious users to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/13375/

 --

[SA13397] MaxDB Web Tools Buffer Overflow and Denial of Service
Vulnerabilities

Critical:    Moderately critical
Where:       From local network
Impact:      DoS, System access
Released:    2004-12-08

Evgeny Demidov has reported two vulnerabilities in MaxDB, which can be
exploited by malicious people to cause a DoS (Denial of Service) or
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/13397/

 --

[SA13393] Codestriker Unspecified Repository Security Bypass Issue

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass
Released:    2004-12-08

A security issue has been reported in Codestriker, which can be
exploited by malicious users to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/13393/

 --

[SA13360] Jakarta Lucene "results.jsp" Cross-Site Scripting
Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2004-12-03

A vulnerability has been reported in Jakarta Lucene, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/13360/

 --

[SA13357] Serendipity "searchTerm" Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2004-12-02

Stefan Esser has reported a vulnerability in Serendipity, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/13357/

 --

[SA13377] Novell NetMail Default NMAP Authentication Credential
Security Issue

Critical:    Less critical
Where:       From local network
Impact:      Manipulation of data, Exposure of system information,
Exposure of sensitive information
Released:    2004-12-06

A security issue has been reported in NetMail, which can be exploited
by malicious people to access the mail store.

Full Advisory:
http://secunia.com/advisories/13377/



========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Subscribe:
http://secunia.com/secunia_weekly_summary/

Contact details:
Web	: http://secunia.com/
E-mail	: support@private
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45

========================================================================




_________________________________________
Open Source Vulnerability Database (OSVDB) Everything is Vulnerable - http://www.osvdb.org/



This archive was generated by hypermail 2.1.3 : Fri Dec 10 2004 - 03:08:44 PST