======================================================================== The Secunia Weekly Advisory Summary 2005-01-06 - 2005-01-13 This week : 73 advisories ======================================================================== Table of Contents: 1.....................................................Word From Secunia 2....................................................This Week In Brief 3...............................This Weeks Top Ten Most Read Advisories 4.......................................Vulnerabilities Summary Listing 5.......................................Vulnerabilities Content Listing ======================================================================== 1) Word From Secunia: The Secunia staff is spending hours every day to assure you the best and most reliable source for vulnerability information. Every single vulnerability report is being validated and verified before a Secunia advisory is written. Secunia validates and verifies vulnerability reports in many different ways e.g. by downloading the software and performing comprehensive tests, by reviewing source code, or by validating the credibility of the source from which the vulnerability report was issued. As a result, Secunia's database is the most correct and complete source for recent vulnerability information available on the Internet. Secunia Online Vulnerability Database: http://secunia.com/ ======================================================================== 2) This Week in Brief: ADVISORIES: Last Friday, Secunia increased the rating of Secunia advisory SA12889 from "Highly Critical" to "Extremely Critical", which is our most severe rating of vulnerabilities. Additional information about terms and the criticality ratings that we use can be found here: http://secunia.com/about_secunia_advisories/ The criticality rating was increased due to exploit code being released on public mailing lists, and the fact that no solution was available from the vendor. Secunia also made a demonstration available for people to test if their systems were affected: http://secunia.com/internet_explorer_command_execution_vulnerability_test/ On Tuesday, as part of Microsoft's monthly patch release cycle a patch was released for this vulnerability. More information can be found in referenced Secunia advisory below. References: http://secunia.com/SA12889/ -- In addition, Microsoft also issued two other security bulletins, which corrects vulnerabilities in the handling of Icon and Cursor files and in the Indexing Service. Please refer to Secunia advisories below for more information. References: http://secunia.com/SA13802/ http://secunia.com/SA13645/ -- Apple released a new version of their very popular media player iTunes, which correct a buffer overflow vulnerability in the handling of certain play lists. User are advised to update to the latest version. References: http://secunia.com/SA13804/ -- Details was released about a vulnerability in the Opera browser, which can be exploited using a specially crafted "data:" URI, potentially tricking users into opening malicious files. Currently, no vendor supplied solution is available. However, a good precautionary meassure is never to open files from untrusted sources. References: http://secunia.com/SA13818/ VIRUS ALERTS: Secunia has not issued any virus alerts during the week. ======================================================================== 3) This Weeks Top Ten Most Read Advisories: 1. [SA12889] Microsoft Internet Explorer Multiple Vulnerabilities 2. [SA13599] Mozilla / Mozilla Firefox Download Dialog Source Spoofing 3. [SA13482] Internet Explorer DHTML Edit ActiveX Control Cross-Site Scripting 4. [SA13129] Mozilla / Mozilla Firefox Window Injection Vulnerability 5. [SA13704] Internet Explorer FTP Download Directory Traversal 6. [SA13645] Microsoft Windows Multiple Vulnerabilities 7. [SA12321] Microsoft Internet Explorer Drag and Drop Vulnerability 8. [SA12959] Internet Explorer HTML Elements Buffer Overflow Vulnerability 9. [SA13251] Microsoft Internet Explorer Window Injection Vulnerability 10. [SA13737] Apache Tomcat "Tomcat Manager" Cross-Site Scripting ======================================================================== 4) Vulnerabilities Summary Listing Windows: [SA13802] Microsoft Windows Indexing Service Buffer Overflow Vulnerability [SA13818] Opera "data:" URI Handler Spoofing Vulnerability [SA13781] Winamp Unspecified "in_cdda.dll" Buffer Overflow Vulnerability [SA13754] Amp II Engine Empty UDP Datagram Denial of Service [SA13738] WinHKI Archive Extraction Directory Traversal Vulnerability [SA13770] Gracebyte Network Assistant UDP Datagram Denial of Service [SA13786] Mozilla / Mozilla Firefox Dialog Overlapping Weakness UNIX/Linux: [SA13810] Gentoo update for imlib2 [SA13799] Gentoo update for koffice/kpdf [SA13798] Gentoo update for konqueror [SA13788] Gentoo update for mpg123 [SA13779] mpg123 Mpeg Layer-2 Buffer Overflow Vulnerability [SA13776] SUSE update for libtiff/tiff [SA13764] Gentoo update for dillo [SA13763] VHCS "include_path" File Inclusion Vulnerability [SA13760] Dillo "a_Capi_ccc()" Format String Vulnerability [SA13755] Fedora update for gpdf [SA13752] Debian update for imlib2 [SA13749] Conectiva update for wxgtk2 [SA13746] Mandrake update for libtiff [SA13744] Mandrake update for wxGTK2 [SA13739] Gentoo update for xine-lib [SA13811] Gentoo update for o3read [SA13780] Gentoo update for unrtf [SA13778] Gentoo update for pdftohtml [SA13775] pdftohtml "doImage()" Buffer Overflow Vulnerability [SA13774] Fedora update for libtiff [SA13772] Gentoo update for tikiwiki [SA13768] TikiWiki Wiki Edit Page Arbitrary Script Upload Vulnerability [SA13750] Debian update for tiff [SA13745] Gentoo update for phpgroupware [SA13741] Fedora update for exim [SA13740] Gentoo update for vilistextum [SA13809] Netscape Directory Server LDAP Request Handling Buffer Overflow [SA13808] Mandrake update for nfs-utils [SA13777] Ubuntu update for krb5 [SA13767] Debian update for linpopup [SA13757] Debian update for krb5 [SA13748] Conectiva update for samba [SA13800] Gentoo update for kdelibs [SA13797] Ubuntu update for mailman [SA13759] Debian update for kdelibs [SA13751] Debian update for namazu2 [SA13742] Mandrake update for nasm [SA13816] Gentoo update for hylafax [SA13815] Debian update for hylafax [SA13812] HylaFAX hfaxd Authentication Bypass Vulnerability [SA13805] UnixWare mountd Multiple Process Creation Denial of Service [SA13789] Squid NTLM fakeauth_auth Helper Denial of Service [SA13817] Debian update for exim [SA13796] Debian update for bmv [SA13793] BMV Insecure Temporary File Creation [SA13791] SquirrelMail Vacation Plugin Two Vulnerabilities [SA13785] Fedora update for kernel [SA13784] Linux Kernel Multiple Vulnerabilities [SA13758] iproute2 netbug Script Insecure Temporary File Creation [SA13756] Linux Kernel Binary Format Loaders Privilege Escalation [SA13743] Mandrake update for vim [SA13771] Debian lintian Insecure Temporary File Deletion Security Issue Other: [SA13766] Novell Netware CIFS Denial of Service Vulnerability [SA13753] Apple AirPort Express/Extreme WDS Denial of Service [SA13762] Amphor@ GATE Security Bypass Vulnerabilities Cross Platform: [SA13804] Apple iTunes Playlist Handling Buffer Overflow Vulnerability [SA13769] Zeroboard "dir" File Inclusion Vulnerability [SA13747] Sugar Sales "moduleDefaultFile" File Inclusion Vulnerability [SA13795] Guestserver "message" Script Insertion Vulnerability [SA13794] Dokeos Course Script Insertion Vulnerability [SA13783] Invision Community Blog Module "eid" SQL Injection [SA13765] VideoDB Multiple Vulnerabilities [SA13761] Greymatter Script Insertion Vulnerabilities [SA13801] Hitachi Directory Server LDAP Request Handling Buffer Overflow [SA13782] WoltLab Burning Board Lite "userid" Cross-Site Scripting [SA13737] Apache Tomcat "Tomcat Manager" Cross-Site Scripting ======================================================================== 5) Vulnerabilities Content Listing Windows:-- [SA13802] Microsoft Windows Indexing Service Buffer Overflow Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2005-01-11 A vulnerability has been reported in Microsoft Windows XP and 2003, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/13802/ -- [SA13818] Opera "data:" URI Handler Spoofing Vulnerability Critical: Moderately critical Where: From remote Impact: Spoofing Released: 2005-01-12 Michael Holzt has discovered a vulnerability in Opera, which can be exploited by malicious people to trick users into executing malicious files. Full Advisory: http://secunia.com/advisories/13818/ -- [SA13781] Winamp Unspecified "in_cdda.dll" Buffer Overflow Vulnerability Critical: Moderately critical Where: From remote Impact: Unknown Released: 2005-01-12 A vulnerability with an unknown impact has been reported in Winamp. Full Advisory: http://secunia.com/advisories/13781/ -- [SA13754] Amp II Engine Empty UDP Datagram Denial of Service Critical: Moderately critical Where: From remote Impact: DoS Released: 2005-01-07 Luigi Auriemma has reported a vulnerability in the Amp II engine, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/13754/ -- [SA13738] WinHKI Archive Extraction Directory Traversal Vulnerability Critical: Less critical Where: From remote Impact: System access Released: 2005-01-06 Rafel Ivgi has discovered a vulnerability in WinHKI, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/13738/ -- [SA13770] Gracebyte Network Assistant UDP Datagram Denial of Service Critical: Less critical Where: From local network Impact: DoS Released: 2005-01-11 Network security team has discovered a vulnerability in Network Assistant, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/13770/ -- [SA13786] Mozilla / Mozilla Firefox Dialog Overlapping Weakness Critical: Not critical Where: From remote Impact: Spoofing Released: 2005-01-12 mikx has discovered a weakness in Mozilla and Mozilla Firefox, which potentially can be exploited by malicious people to trick users into performing unintended actions. Full Advisory: http://secunia.com/advisories/13786/ UNIX/Linux:-- [SA13810] Gentoo update for imlib2 Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2005-01-12 Gentoo has issued an update for imlib2. This fixes multiple vulnerabilities, which potentially can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/13810/ -- [SA13799] Gentoo update for koffice/kpdf Critical: Highly critical Where: From remote Impact: System access Released: 2005-01-11 Gentoo has issued updates for koffice and kpdf. These fix some vulnerabilities, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/13799/ -- [SA13798] Gentoo update for konqueror Critical: Highly critical Where: From remote Impact: System access Released: 2005-01-11 Gentoo has issued an update for konqueror. This fixes two vulnerabilities, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/13798/ -- [SA13788] Gentoo update for mpg123 Critical: Highly critical Where: From remote Impact: System access Released: 2005-01-11 Gentoo has issued an update for mpg123. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/13788/ -- [SA13779] mpg123 Mpeg Layer-2 Buffer Overflow Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2005-01-11 Yuri D'Elia has reported a vulnerability in mpg123, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/13779/ -- [SA13776] SUSE update for libtiff/tiff Critical: Highly critical Where: From remote Impact: System access Released: 2005-01-11 SUSE has issued updates for libtiff and tiff. These fix some vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/13776/ -- [SA13764] Gentoo update for dillo Critical: Highly critical Where: From remote Impact: System access Released: 2005-01-10 Gentoo has issued an update for dillo. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/13764/ -- [SA13763] VHCS "include_path" File Inclusion Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2005-01-10 FraMe has reported a vulnerability in VHCS, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/13763/ -- [SA13760] Dillo "a_Capi_ccc()" Format String Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2005-01-10 Tavis Ormandy has reported a vulnerability in Dillo, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/13760/ -- [SA13755] Fedora update for gpdf Critical: Highly critical Where: From remote Impact: System access Released: 2005-01-07 Fedora has issued an update for gpdf. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/13755/ -- [SA13752] Debian update for imlib2 Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2005-01-07 Debian has issued an update for imlib2. This fixes multiple vulnerabilities, which potentially can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/13752/ -- [SA13749] Conectiva update for wxgtk2 Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2005-01-07 Conectiva has issued an update for wxgtk2. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a vulnerable system or cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/13749/ -- [SA13746] Mandrake update for libtiff Critical: Highly critical Where: From remote Impact: System access Released: 2005-01-07 MandrakeSoft has issued an update for libtiff. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/13746/ -- [SA13744] Mandrake update for wxGTK2 Critical: Highly critical Where: From remote Impact: System access Released: 2005-01-07 MandrakeSoft has issued an update for wxGTK2. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/13744/ -- [SA13739] Gentoo update for xine-lib Critical: Highly critical Where: From remote Impact: Unknown, System access Released: 2005-01-06 Gentoo has issued an update for xine-lib. This fixes some vulnerabilities, where some have an unspecified impact and others can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/13739/ -- [SA13811] Gentoo update for o3read Critical: Moderately critical Where: From remote Impact: System access Released: 2005-01-12 Gentoo has issued an update for o3read. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/13811/ -- [SA13780] Gentoo update for unrtf Critical: Moderately critical Where: From remote Impact: System access Released: 2005-01-11 Gentoo has issued an update for unrtf. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/13780/ -- [SA13778] Gentoo update for pdftohtml Critical: Moderately critical Where: From remote Impact: System access Released: 2005-01-10 Gentoo has issued an update for pdftohtml. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/13778/ -- [SA13775] pdftohtml "doImage()" Buffer Overflow Vulnerability Critical: Moderately critical Where: From remote Impact: System access Released: 2005-01-10 A vulnerability has been reported in pdftohtml, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/13775/ -- [SA13774] Fedora update for libtiff Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2005-01-10 Fedora has issued an update for libtiff. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/13774/ -- [SA13772] Gentoo update for tikiwiki Critical: Moderately critical Where: From remote Impact: System access Released: 2005-01-10 Gentoo has issued an update for tikiwiki. This fixes a vulnerability, which can be exploited by certain malicious users to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/13772/ -- [SA13768] TikiWiki Wiki Edit Page Arbitrary Script Upload Vulnerability Critical: Moderately critical Where: From remote Impact: System access Released: 2005-01-10 A vulnerability has been reported in TikiWiki, which can be exploited by certain malicious users to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/13768/ -- [SA13750] Debian update for tiff Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2005-01-07 Debian has issued an update for tiff. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/13750/ -- [SA13745] Gentoo update for phpgroupware Critical: Moderately critical Where: From remote Impact: Cross Site Scripting, Manipulation of data, Exposure of system information Released: 2005-01-07 Gentoo has issued an update for phpgroupware. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks. Full Advisory: http://secunia.com/advisories/13745/ -- [SA13741] Fedora update for exim Critical: Moderately critical Where: From remote Impact: Privilege escalation, System access Released: 2005-01-07 Fedora has issued an update for exim. This fixes two vulnerabilities, which potentially can be exploited by malicious, local users to gain escalated privileges and by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/13741/ -- [SA13740] Gentoo update for vilistextum Critical: Moderately critical Where: From remote Impact: System access Released: 2005-01-07 Gentoo has issued an update for vilistextum. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/13740/ -- [SA13809] Netscape Directory Server LDAP Request Handling Buffer Overflow Critical: Moderately critical Where: From local network Impact: DoS, System access Released: 2005-01-12 A vulnerability has been reported in Netscape Directory Server, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/13809/ -- [SA13808] Mandrake update for nfs-utils Critical: Moderately critical Where: From local network Impact: System access Released: 2005-01-12 MandrakeSoft has issued an update for nfs-utils. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/13808/ -- [SA13777] Ubuntu update for krb5 Critical: Moderately critical Where: From local network Impact: System access Released: 2005-01-10 Ubuntu has issued an update for krb5. This fixes a vulnerability, which potentially can be exploited by malicious users to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/13777/ -- [SA13767] Debian update for linpopup Critical: Moderately critical Where: From local network Impact: System access Released: 2005-01-10 Debian has issued an update for linpopup. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/13767/ -- [SA13757] Debian update for krb5 Critical: Moderately critical Where: From local network Impact: System access Released: 2005-01-10 Debian has issued an update for krb5. This fixes a vulnerability, which potentially can be exploited by malicious users to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/13757/ -- [SA13748] Conectiva update for samba Critical: Moderately critical Where: From local network Impact: System access Released: 2005-01-07 Conectiva has issued an update for samba. This fixes a vulnerability, which can be exploited by malicious users to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/13748/ -- [SA13800] Gentoo update for kdelibs Critical: Less critical Where: From remote Impact: Manipulation of data Released: 2005-01-11 Gentoo has issued an update for kdelibs. This fixes a vulnerability, which can be exploited by malicious people to conduct FTP command injection attacks. Full Advisory: http://secunia.com/advisories/13800/ -- [SA13797] Ubuntu update for mailman Critical: Less critical Where: From remote Impact: Cross Site Scripting, Exposure of system information, Exposure of sensitive information Released: 2005-01-12 Ubuntu has issued an update for mailman. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/13797/ -- [SA13759] Debian update for kdelibs Critical: Less critical Where: From remote Impact: Manipulation of data Released: 2005-01-10 Debian has issued an update for kdelibs. This fixes a vulnerability, which can be exploited by malicious people to conduct FTP command injection attacks. Full Advisory: http://secunia.com/advisories/13759/ -- [SA13751] Debian update for namazu2 Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2005-01-07 Debian has issued an update for namazu2. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/13751/ -- [SA13742] Mandrake update for nasm Critical: Less critical Where: From remote Impact: System access Released: 2005-01-07 MandrakeSoft has issued an update for nasm. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/13742/ -- [SA13816] Gentoo update for hylafax Critical: Less critical Where: From local network Impact: Security Bypass Released: 2005-01-12 Gentoo has issued an update for hylafax. This fixes a vulnerability, which potentially can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/13816/ -- [SA13815] Debian update for hylafax Critical: Less critical Where: From local network Impact: Security Bypass Released: 2005-01-12 Debian has issued an update for hylafax. This fixes a vulnerability, which potentially can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/13815/ -- [SA13812] HylaFAX hfaxd Authentication Bypass Vulnerability Critical: Less critical Where: From local network Impact: Security Bypass Released: 2005-01-12 Patrice Fournier has reported a vulnerability in HylaFAX, which potentially can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/13812/ -- [SA13805] UnixWare mountd Multiple Process Creation Denial of Service Critical: Less critical Where: From local network Impact: DoS Released: 2005-01-12 Yun Jonglim has reported a vulnerability in UnixWare, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/13805/ -- [SA13789] Squid NTLM fakeauth_auth Helper Denial of Service Critical: Less critical Where: From local network Impact: DoS Released: 2005-01-11 A vulnerability have been reported in Squid, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/13789/ -- [SA13817] Debian update for exim Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-01-12 Debian has issued an update for exim. This fixes a vulnerability, which potentially can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/13817/ -- [SA13796] Debian update for bmv Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-01-12 Debian has issued an update for bmv. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges. Full Advisory: http://secunia.com/advisories/13796/ -- [SA13793] BMV Insecure Temporary File Creation Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-01-12 Peter Samuelson has reported a vulnerability in BMV, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges. Full Advisory: http://secunia.com/advisories/13793/ -- [SA13791] SquirrelMail Vacation Plugin Two Vulnerabilities Critical: Less critical Where: Local system Impact: Exposure of sensitive information, Privilege escalation Released: 2005-01-11 LSS Security Team has reported two vulnerabilities in the Vacation plugin for SquirrelMail, which can be exploited by malicious, local users to gain escalated privileges and disclose sensitive information. Full Advisory: http://secunia.com/advisories/13791/ -- [SA13785] Fedora update for kernel Critical: Less critical Where: Local system Impact: Exposure of system information, Exposure of sensitive information, Privilege escalation, DoS Released: 2005-01-11 Fedora has issued an update for the kernel. This fixes multiple vulnerabilities, which potentially can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose sensitive information, or gain escalated privileges on a vulnerable system. Full Advisory: http://secunia.com/advisories/13785/ -- [SA13784] Linux Kernel Multiple Vulnerabilities Critical: Less critical Where: Local system Impact: Exposure of system information, Exposure of sensitive information, Privilege escalation, DoS Released: 2005-01-11 Multiple vulnerabilities have been reported in the Linux kernel, which potentially can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose sensitive information, or gain escalated privileges on a vulnerable system. Full Advisory: http://secunia.com/advisories/13784/ -- [SA13758] iproute2 netbug Script Insecure Temporary File Creation Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-01-10 Javier Fernández-Sanguino Peña has reported a vulnerability in iproute2, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges. Full Advisory: http://secunia.com/advisories/13758/ -- [SA13756] Linux Kernel Binary Format Loaders Privilege Escalation Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-01-10 Paul Starzetz has reported a vulnerability in the Linux kernel, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/13756/ -- [SA13743] Mandrake update for vim Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-01-07 MandrakeSoft has issued an update for vim. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/13743/ -- [SA13771] Debian lintian Insecure Temporary File Deletion Security Issue Critical: Not critical Where: Local system Impact: Privilege escalation Released: 2005-01-10 Jeroen van Wolffelaar has reported a security issue in lintian, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges. Full Advisory: http://secunia.com/advisories/13771/ Other:-- [SA13766] Novell Netware CIFS Denial of Service Vulnerability Critical: Less critical Where: From local network Impact: DoS Released: 2005-01-10 A vulnerability has been reported in NetWare 5.1 and 6.0, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/13766/ -- [SA13753] Apple AirPort Express/Extreme WDS Denial of Service Critical: Less critical Where: From local network Impact: DoS Released: 2005-01-12 Dylan Griffiths has reported a vulnerability in AirPort Express and Airport Extreme, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/13753/ -- [SA13762] Amphor@ GATE Security Bypass Vulnerabilities Critical: Less critical Where: Local system Impact: Security Bypass Released: 2005-01-12 MaDj0kEr has reported some vulnerabilities in Amphor@ GATE, which potentially can be exploited by malicious users to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/13762/ Cross Platform:-- [SA13804] Apple iTunes Playlist Handling Buffer Overflow Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2005-01-12 Sean de Regge has reported a vulnerability in iTunes, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/13804/ -- [SA13769] Zeroboard "dir" File Inclusion Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2005-01-10 Optik4Lab has reported a vulnerability in Zeroboard, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/13769/ -- [SA13747] Sugar Sales "moduleDefaultFile" File Inclusion Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2005-01-07 Santiago Cortes has reported a vulnerability in Sugar Sales, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/13747/ -- [SA13795] Guestserver "message" Script Insertion Vulnerability Critical: Moderately critical Where: From remote Impact: Cross Site Scripting, Exposure of system information Released: 2005-01-12 SmOk3 has reported a vulnerability in Guestserver, which can be exploited by malicious people to conduct script insertion attacks. Full Advisory: http://secunia.com/advisories/13795/ -- [SA13794] Dokeos Course Script Insertion Vulnerability Critical: Moderately critical Where: From remote Impact: Cross Site Scripting Released: 2005-01-12 bratax has reported a vulnerability in Dokeos, which can be exploited by malicious people to conduct script insertion attacks. Full Advisory: http://secunia.com/advisories/13794/ -- [SA13783] Invision Community Blog Module "eid" SQL Injection Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2005-01-11 darkhawk matrix has reported a vulnerability in the Invision Community Blog module for Invision Power Board, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/13783/ -- [SA13765] VideoDB Multiple Vulnerabilities Critical: Moderately critical Where: From remote Impact: Security Bypass, Cross Site Scripting, Manipulation of data Released: 2005-01-11 Multiple vulnerabilities have been reported in VideoDB, which can be exploited by malicious people to conduct SQL and cross-site scripting attacks, and bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/13765/ -- [SA13761] Greymatter Script Insertion Vulnerabilities Critical: Moderately critical Where: From remote Impact: Cross Site Scripting Released: 2005-01-11 FraMe has reported some vulnerabilities in Greymatter, which can be exploited by malicious people to conduct script insertion attacks. Full Advisory: http://secunia.com/advisories/13761/ -- [SA13801] Hitachi Directory Server LDAP Request Handling Buffer Overflow Critical: Moderately critical Where: From local network Impact: DoS, System access Released: 2005-01-12 A vulnerability has been reported in Hitachi Directory Server, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/13801/ -- [SA13782] WoltLab Burning Board Lite "userid" Cross-Site Scripting Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2005-01-11 drhankey has reported a vulnerability in Burning Board Lite, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/13782/ -- [SA13737] Apache Tomcat "Tomcat Manager" Cross-Site Scripting Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2005-01-06 Oliver Karow has discovered some vulnerabilities in Apache Tomcat, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/13737/ ======================================================================== Secunia recommends that you verify all advisories you receive, by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Subscribe: http://secunia.com/secunia_weekly_summary/ Contact details: Web : http://secunia.com/ E-mail : support@private Tel : +45 70 20 51 44 Fax : +45 70 20 51 45 _________________________________________ Open Source Vulnerability Database (OSVDB) Everything is Vulnerable - http://www.osvdb.org/
This archive was generated by hypermail 2.1.3 : Thu Jan 13 2005 - 09:18:14 PST