======================================================================== The Secunia Weekly Advisory Summary 2005-02-10 - 2005-02-17 This week : 70 advisories ======================================================================== Table of Contents: 1.....................................................Word From Secunia 2....................................................This Week In Brief 3...............................This Weeks Top Ten Most Read Advisories 4.......................................Vulnerabilities Summary Listing 5.......................................Vulnerabilities Content Listing ======================================================================== 1) Word From Secunia: The Secunia staff is spending hours every day to assure you the best and most reliable source for vulnerability information. Every single vulnerability report is being validated and verified before a Secunia advisory is written. Secunia validates and verifies vulnerability reports in many different ways e.g. by downloading the software and performing comprehensive tests, by reviewing source code, or by validating the credibility of the source from which the vulnerability report was issued. As a result, Secunia's database is the most correct and complete source for recent vulnerability information available on the Internet. Secunia Online Vulnerability Database: http://secunia.com/ ======================================================================== 2) This Week in Brief: Since the IDN Spoofing issue was reported again on 7th February, it has spawned a new intense debate about who is to blame and whether it actually constitutes a vulnerability. The issue is rather simple. Currently, it is possible to register domain names under e.g. the .com top level domain (TLD), which utilises national character sets such as Chinese, Scandinavian, Cyrillic, and others. This huge variety of characters can be used to display domain names, which appear very similar to traditional ASCII character based domains. This can obviously be exploited to trick people into believing that they are actually on a trusted web site in a much more convincing way than the usual obfuscated ASCII based domains names with missing dots, slight misspellings, use of "1" instead of "l" and so on. Those, who are in favour of using IDN domains, argue that either the browser vendors should spawn an informational message to the user whenever an IDN domain is visited with a clear indication of the individual national characters or that the registrars should blacklist domain names and characters that could be exploited trick the users. In other words, either users must live with yet another informational / warning pop-up about a potentially dangerous issue, or we all have to trust and rely on the registrars ability to figure out all possible malicious combinations of thousands of different characters, which most people have never seen before. While it is clear that the Internet to a certain degree discriminates the non-english speaking parts of the world because only a limited subset of the standard ASCII characters are allowed in domains names, the IDN standard actually allows for one very easy solution that won't discriminate anyone and at the same time will leave the domains as trustworthy as they are today: Allow the Japanese to use Japanese characters under .jp, the Chinese under .cn, the Germans under .de and so forth. This will effectively limit the use of national characters to national domains and the users, who are used to those characters - those users are also the users, who will truly benefit from the use of national characters. After all, the .com TLD was meant to be the commercial top level domain that could be used and accessed by businesses all over the world. Accessing a .com domain with Chinese letters would be almost impossible using an English keyboard. There are a lot of very good reasons why ICANN, the browser vendors, and other parties should go back to the drawing board and reconsider the implementation of the IDN standard before Microsoft launches IDN support in Internet Explorer, as this certainly will spawn a massive race between legitimate businesses, who try to protect their trademarks and the scamsters, who want to trick credit card details and other valuable information from the users. Being a Danish national, I appreciate being able to use the Danish national characters under the .dk top level domain, but I see absolutely no need for the use of those characters under .com and other international top level domains. Kind regards, Thomas Kristensen CTO, Secunia VIRUS ALERTS: During the last week, Secunia issued 2 MEDIUM RISK virus alerts. Please refer to the grouped virus profile below for more information: Mydoom.AS - MEDIUM RISK Virus Alert - 2005-02-17 09:25 GMT+1 http://secunia.com/virus_information/15293/mydoom.as/ Mydoom.bb - MEDIUM RISK Virus Alert - 2005-02-17 03:19 GMT+1 http://secunia.com/virus_information/15463/mydoom.bb/ ======================================================================== 3) This Weeks Top Ten Most Read Advisories: 1. [SA14163] Mozilla Products IDN Spoofing Security Issue 2. [SA14179] Symantec Multiple Products UPX Parsing Engine Buffer Overflow 3. [SA14160] Mozilla / Firefox Three Vulnerabilities 4. [SA11165] Microsoft Internet Explorer Multiple Vulnerabilities 5. [SA14164] Safari IDN Spoofing Security Issue 6. [SA14209] VeriSign i-Nav Plug-In IDN Spoofing Security Issue 7. [SA12889] Microsoft Internet Explorer Multiple Vulnerabilities 8. [SA14154] Opera IDN Spoofing Security Issue 9. [SA13129] Mozilla / Mozilla Firefox Window Injection Vulnerability 10. [SA14295] Linux Kernel Multiple Vulnerabilities ======================================================================== 4) Vulnerabilities Summary Listing Windows: [SA14283] Sami HTTP Server Denial of Service and Directory Traversal [SA14274] IBM WebSphere Application Server JSP Source Code Disclosure [SA14304] Internet Explorer/Outlook Express Status Bar Spoofing [SA14256] ZoneAlarm / Integrity "NtConnectPort()" Hook Invalid Pointer Dereference UNIX/Linux: [SA14315] Ubuntu update for lesstif2 [SA14301] Conectiva update for XFree86 [SA14287] Debian update for awstats [SA14260] SGI Advanced Linux Environment update for less/xpdf [SA14259] SGI Advanced Linux Environment Multiple Updates [SA14318] Debian update for emacs21 [SA14308] Gentoo update for lighttpd [SA14307] Gentoo update for emacs/xemacs [SA14305] Mandrake update for emacs [SA14297] lighttpd "%00" Application Source Code Disclosure Vulnerability [SA14296] Ubuntu update for kernel [SA14295] Linux Kernel Multiple Vulnerabilities [SA14288] Mandrake update for mailman [SA14282] Gentoo update for opera [SA14281] Fedora update for xemacs [SA14279] Red Hat update for python [SA14267] Trustix Updates for Multiple Packages [SA14258] Conectiva update for evolution [SA14257] SUSE update for mailman [SA14252] SUSE Updates for Multiple Packages [SA14251] Red Hat update for squid [SA14314] Gentoo update for kdeedu [SA14306] KDE fliccd Buffer Overflow Vulnerabilities [SA14261] SGI Advanced Linux Environment update for krb5 [SA14303] Debian update for htdig [SA14290] Gentoo update for postgresql [SA14285] Sun Solaris FTP Server PASV Commands Denial of Service [SA14280] Red Hat update for postgresql [SA14276] Gentoo update for htdig [SA14275] Gentoo update for pdns [SA14271] Squid FQDN Lookup Denial of Service Vulnerability [SA14269] Gentoo update for mod_python [SA14255] ht://Dig "config" Parameter Cross-Site Scripting Vulnerability [SA14253] Open WebMail Login Page Cross-Site Scripting Vulnerability [SA14249] Ubuntu update for mod_python [SA14316] Gentoo update for wpa_supplicant [SA14310] Debian update for postgresql [SA14309] Mandrake update for rwho [SA14286] Sun Solaris ARP Flooding Denial of Service Vulnerability [SA14278] Debian update for netkit-rwho [SA14266] netkit-rwho rwhod Packet Validation Denial of Service [SA14265] Gentoo webmin Encrypted Root Password Disclosure [SA14300] Debian update for synaesthesia [SA14292] Gentoo update for VMware [SA14291] VMware Workstation gdk-pixbuf Path Searching Vulnerability [SA14277] Debian toolchain-source "tpkg-*" Privilege Escalation [SA14270] Linux Kernel Memory Disclosure and Privilege Escalation [SA14264] Gentoo update for perl [SA14254] KDE kdelibs dcopidlng Script Insecure Temporary File Creation [SA14250] Debian update for xpcd [SA14248] xpcd Buffer Overflow Vulnerabilities [SA14317] Debian update for typespeed [SA14312] Typespeed Format String Vulnerability Other: Cross Platform: [SA14311] HP Web-Enabled Management Software HTTP Server Buffer Overflow [SA14268] ELOG Two Vulnerabilities [SA14273] Quake3 Engine Query Handling Denial of Service Vulnerability [SA14272] CubeCart "language" Local File Inclusion Vulnerability [SA14263] Siteman Site Owner Registration Security Bypass Vulnerability [SA14293] BrightStor ARCserve Backup Discovery Service SERVICEPC Buffer Overflow [SA14299] AWStats Multiple Vulnerabilities [SA14298] BEA WebLogic Server/Express User Account Enumeration [SA14294] OpenConf Title Script Insertion Vulnerability [SA14289] PHP-Nuke Cross-Site Scripting Vulnerabilities [SA14262] NewsBruiser Comment System Security Bypass Vulnerability [SA14313] wpa_supplicant EAPOL-Key Frames Buffer Overflow [SA14284] Mercuryboard "debug" Debug Information Disclosure ======================================================================== 5) Vulnerabilities Content Listing Windows:-- [SA14283] Sami HTTP Server Denial of Service and Directory Traversal Critical: Moderately critical Where: From remote Impact: Security Bypass, Exposure of system information, Exposure of sensitive information, DoS Released: 2005-02-15 Ziv Kamir has reported two vulnerabilities in Sami HTTP Server, which can be exploited by malicious people to disclose sensitive information or cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14283/ -- [SA14274] IBM WebSphere Application Server JSP Source Code Disclosure Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information Released: 2005-02-14 A vulnerability has been reported in WebSphere Application Server, which can be exploited by malicious people to gain knowledge of potentially sensitive information. Full Advisory: http://secunia.com/advisories/14274/ -- [SA14304] Internet Explorer/Outlook Express Status Bar Spoofing Critical: Not critical Where: From remote Impact: Security Bypass Released: 2005-02-17 bitlance winter has discovered a weakness in Internet Explorer/Outlook Express, which can be exploited by malicious people to trick users into visiting a malicious web site by obfuscating URLs. Full Advisory: http://secunia.com/advisories/14304/ -- [SA14256] ZoneAlarm / Integrity "NtConnectPort()" Hook Invalid Pointer Dereference Critical: Not critical Where: Local system Impact: DoS Released: 2005-02-14 iDEFENSE has reported a vulnerability in various ZoneAlarm products and Check Point Integrity Client, which can be exploited by malicious, local users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14256/ UNIX/Linux:-- [SA14315] Ubuntu update for lesstif2 Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2005-02-17 Ubuntu has issued an update for lesstif2. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14315/ -- [SA14301] Conectiva update for XFree86 Critical: Highly critical Where: From remote Impact: System access Released: 2005-02-15 Conectiva has issued an update for XFree86. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14301/ -- [SA14287] Debian update for awstats Critical: Highly critical Where: From remote Impact: System access Released: 2005-02-15 Debian has issued an update for awstats. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14287/ -- [SA14260] SGI Advanced Linux Environment update for less/xpdf Critical: Highly critical Where: From remote Impact: System access Released: 2005-02-14 SGI has issued a patch for less and xpdf in SGI Advanced Linux Environment. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/14260/ -- [SA14259] SGI Advanced Linux Environment Multiple Updates Critical: Highly critical Where: From remote Impact: Privilege escalation, DoS, System access Released: 2005-02-14 SGI has issued a patch for SGI Advanced Linux Environment. This fixes some vulnerabilities, which can be exploited to cause a DoS (Denial of Service), gain escalated privileges, or potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14259/ -- [SA14318] Debian update for emacs21 Critical: Moderately critical Where: From remote Impact: System access Released: 2005-02-17 Debian has issued an update for emacs21. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/14318/ -- [SA14308] Gentoo update for lighttpd Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information Released: 2005-02-16 Gentoo has issued an update for lighttpd. This fixes a vulnerability, which can be exploited by malicious people to disclose some potentially sensitive information. Full Advisory: http://secunia.com/advisories/14308/ -- [SA14307] Gentoo update for emacs/xemacs Critical: Moderately critical Where: From remote Impact: System access Released: 2005-02-16 Gentoo has issued updates for emacs and xemacs. These fix a vulnerability, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/14307/ -- [SA14305] Mandrake update for emacs Critical: Moderately critical Where: From remote Impact: System access Released: 2005-02-16 MandrakeSoft has issued an update for emacs. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/14305/ -- [SA14297] lighttpd "%00" Application Source Code Disclosure Vulnerability Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information Released: 2005-02-16 A vulnerability has been reported in lighttpd, which can be exploited by malicious people to disclose some potentially sensitive information. Full Advisory: http://secunia.com/advisories/14297/ -- [SA14296] Ubuntu update for kernel Critical: Moderately critical Where: From remote Impact: Unknown, Security Bypass, Exposure of sensitive information, DoS Released: 2005-02-16 Ubuntu has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain knowledge of potentially sensitive information or cause a DoS (Denial of Service), or by malicious people to cause a DoS or bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/14296/ -- [SA14295] Linux Kernel Multiple Vulnerabilities Critical: Moderately critical Where: From remote Impact: Unknown, Security Bypass, Exposure of sensitive information, DoS Released: 2005-02-16 Some vulnerabilities have been reported in the Linux kernel. These can be exploited by malicious, local users to gain knowledge of potentially sensitive information or cause a DoS (Denial of Service), or by malicious people to cause a DoS or bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/14295/ -- [SA14288] Mandrake update for mailman Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information Released: 2005-02-15 MandrakeSoft has issued an update for mailman. This fixes a vulnerability, which can be exploited by malicious people to gain knowledge of users' passwords. Full Advisory: http://secunia.com/advisories/14288/ -- [SA14282] Gentoo update for opera Critical: Moderately critical Where: From remote Impact: Spoofing, Exposure of system information, Privilege escalation, System access Released: 2005-02-15 Gentoo has issued an update for opera. This fixes some vulnerabilities, which can be exploited by malicious people to disclose some system information, spoof the content of websites, trick a user into executing malicious files and compromise a user's system. Full Advisory: http://secunia.com/advisories/14282/ -- [SA14281] Fedora update for xemacs Critical: Moderately critical Where: From remote Impact: System access Released: 2005-02-15 Fedora has issued an update for xemacs. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/14281/ -- [SA14279] Red Hat update for python Critical: Moderately critical Where: From remote Impact: Security Bypass, Manipulation of data, Exposure of sensitive information, System access Released: 2005-02-14 Red Hat has issued an update for python. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/14279/ -- [SA14267] Trustix Updates for Multiple Packages Critical: Moderately critical Where: From remote Impact: Unknown, Security Bypass, Manipulation of data, Exposure of sensitive information, Privilege escalation, DoS, System access Released: 2005-02-14 Trustix has issued updates for bind, clamav, cpio, cups, mod_python, perl, postgresql, python and squid. These fix some vulnerabilities, one with an unknown impact and others which can be exploited to gain escalated privileges, cause a DoS (Denial of Service), disclose and manipulate sensitive information, bypass certain security restrictions and compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14267/ -- [SA14258] Conectiva update for evolution Critical: Moderately critical Where: From remote Impact: Privilege escalation, System access Released: 2005-02-17 Conectiva has issued an update for evolution. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/14258/ -- [SA14257] SUSE update for mailman Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information Released: 2005-02-15 SUSE has issued an update for mailman. This fixes a vulnerability, which can be exploited by malicious people to gain knowledge of users' passwords. Full Advisory: http://secunia.com/advisories/14257/ -- [SA14252] SUSE Updates for Multiple Packages Critical: Moderately critical Where: From remote Impact: Privilege escalation, DoS, System access Released: 2005-02-14 SUSE has issued updates for multiple packages. These fix various vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to cause a DoS (Denial of Service) and compromise a user's system. Full Advisory: http://secunia.com/advisories/14252/ -- [SA14251] Red Hat update for squid Critical: Moderately critical Where: From remote Impact: Security Bypass, DoS, System access Released: 2005-02-14 Red Hat has issued an update for squid. This fixes multiple vulnerabilities, which can be exploited to cause a DoS (Denial of Service), bypass certain security restrictions, or potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14251/ -- [SA14314] Gentoo update for kdeedu Critical: Moderately critical Where: From local network Impact: Privilege escalation, System access Released: 2005-02-17 Gentoo has issued an update for kdeedu. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges and potentially by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14314/ -- [SA14306] KDE fliccd Buffer Overflow Vulnerabilities Critical: Moderately critical Where: From local network Impact: Privilege escalation, System access Released: 2005-02-16 Erik Sjölund has reported some vulnerabilities in KDE, which can be exploited by malicious, local users to gain escalated privileges and potentially by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14306/ -- [SA14261] SGI Advanced Linux Environment update for krb5 Critical: Moderately critical Where: From local network Impact: Privilege escalation, System access Released: 2005-02-14 SGI has issued a patch for krb5 in SGI Advanced Linux Environment. This fixes two vulnerabilities, which can be exploited to perform certain actions on a vulnerable system with escalated privileges or potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14261/ -- [SA14303] Debian update for htdig Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2005-02-15 Debian has issued an update for htdig. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/14303/ -- [SA14290] Gentoo update for postgresql Critical: Less critical Where: From remote Impact: Privilege escalation Released: 2005-02-15 Gentoo has issued an update for postgresql. This fixes a vulnerability, which can be exploited by malicious users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/14290/ -- [SA14285] Sun Solaris FTP Server PASV Commands Denial of Service Critical: Less critical Where: From remote Impact: DoS Released: 2005-02-15 Sun has acknowledged an older vulnerability in Sun Solaris, which can be exploited by malicious users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14285/ -- [SA14280] Red Hat update for postgresql Critical: Less critical Where: From remote Impact: Security Bypass, Privilege escalation, DoS Released: 2005-02-14 Red Hat has issued an update for postgresql. This fixes various vulnerabilities, which can be exploited by malicious users to gain escalated privileges, cause a DoS (Denial of Service), or bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/14280/ -- [SA14276] Gentoo update for htdig Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2005-02-14 Gentoo has issued an update for htdig. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/14276/ -- [SA14275] Gentoo update for pdns Critical: Less critical Where: From remote Impact: DoS Released: 2005-02-14 Gentoo has issued an update for pdns. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14275/ -- [SA14271] Squid FQDN Lookup Denial of Service Vulnerability Critical: Less critical Where: From remote Impact: DoS Released: 2005-02-14 A vulnerability has been reported in Squid, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14271/ -- [SA14269] Gentoo update for mod_python Critical: Less critical Where: From remote Impact: Exposure of sensitive information Released: 2005-02-14 Gentoo has issued an update for mod_python. This fixes a vulnerability, which potentially can be exploited by malicious people to disclose sensitive information. Full Advisory: http://secunia.com/advisories/14269/ -- [SA14255] ht://Dig "config" Parameter Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2005-02-14 Michael Krax has reported a vulnerability in ht://Dig, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/14255/ -- [SA14253] Open WebMail Login Page Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2005-02-14 Oriol Torrent Santiago has reported a vulnerability in Open WebMail, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/14253/ -- [SA14249] Ubuntu update for mod_python Critical: Less critical Where: From remote Impact: Exposure of sensitive information Released: 2005-02-11 Ubuntu has issued an update for mod_python. This fixes a vulnerability, which potentially can be exploited by malicious people to disclose sensitive information. Full Advisory: http://secunia.com/advisories/14249/ -- [SA14316] Gentoo update for wpa_supplicant Critical: Less critical Where: From local network Impact: DoS Released: 2005-02-17 Gentoo has issued an update for wpa_supplicant. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14316/ -- [SA14310] Debian update for postgresql Critical: Less critical Where: From local network Impact: Privilege escalation Released: 2005-02-16 Debian has issued an update for postgresql. This fixes some vulnerabilities, which can be exploited by malicious users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/14310/ -- [SA14309] Mandrake update for rwho Critical: Less critical Where: From local network Impact: DoS Released: 2005-02-17 MandrakeSoft has issued an update for rwho. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14309/ -- [SA14286] Sun Solaris ARP Flooding Denial of Service Vulnerability Critical: Less critical Where: From local network Impact: DoS Released: 2005-02-15 A vulnerability has been reported in Sun Solaris, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14286/ -- [SA14278] Debian update for netkit-rwho Critical: Less critical Where: From local network Impact: DoS Released: 2005-02-14 Debian has issued an update for netkit-rwho. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14278/ -- [SA14266] netkit-rwho rwhod Packet Validation Denial of Service Critical: Less critical Where: From local network Impact: DoS Released: 2005-02-14 Vlad902 has reported a vulnerability in netkit-rwho, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14266/ -- [SA14265] Gentoo webmin Encrypted Root Password Disclosure Critical: Less critical Where: From local network Impact: Exposure of sensitive information Released: 2005-02-14 Gentoo has issued an update for webmin. This fixes a security issue, which may disclose sensitive information to malicious people. Full Advisory: http://secunia.com/advisories/14265/ -- [SA14300] Debian update for synaesthesia Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-02-15 Debian has issued an update for synaesthesia. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges. Full Advisory: http://secunia.com/advisories/14300/ -- [SA14292] Gentoo update for VMware Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-02-15 Gentoo has issued an update for VMware. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/14292/ -- [SA14291] VMware Workstation gdk-pixbuf Path Searching Vulnerability Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-02-15 Tavis Ormandy has discovered a vulnerability in VMware Workstation, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/14291/ -- [SA14277] Debian toolchain-source "tpkg-*" Privilege Escalation Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-02-14 Sean Finney has reported some vulnerabilities in toolchain-source, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges. Full Advisory: http://secunia.com/advisories/14277/ -- [SA14270] Linux Kernel Memory Disclosure and Privilege Escalation Critical: Less critical Where: Local system Impact: Unknown, Exposure of sensitive information, Privilege escalation Released: 2005-02-15 Some vulnerabilities have been reported in the Linux Kernel, which potentially can be exploited by malicious, local users to disclose kernel memory or gain escalated privileges. Full Advisory: http://secunia.com/advisories/14270/ -- [SA14264] Gentoo update for perl Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-02-14 Gentoo has issued an update for perl. This fixes two vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/14264/ -- [SA14254] KDE kdelibs dcopidlng Script Insecure Temporary File Creation Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-02-14 Davide Madrisan has reported a vulnerability in KDE kdelibs, which can be exploited by malicious, local users to perform certain actions with escalated privileges on a vulnerable system. Full Advisory: http://secunia.com/advisories/14254/ -- [SA14250] Debian update for xpcd Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-02-11 Debian has issued an update for xpcd. This fixes some vulnerabilities, which potentially can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/14250/ -- [SA14248] xpcd Buffer Overflow Vulnerabilities Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-02-11 Erik Sjölund has reported some vulnerabilities in xpcd, which may be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/14248/ -- [SA14317] Debian update for typespeed Critical: Not critical Where: Local system Impact: Privilege escalation Released: 2005-02-17 Debian has issued an update for typespeed. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/14317/ -- [SA14312] Typespeed Format String Vulnerability Critical: Not critical Where: Local system Impact: Privilege escalation Released: 2005-02-17 Ulf Härnhammar has reported a vulnerability in Typespeed, which potentially can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/14312/ Other: Cross Platform:-- [SA14311] HP Web-Enabled Management Software HTTP Server Buffer Overflow Critical: Highly critical Where: From remote Impact: System access Released: 2005-02-16 A vulnerability has been reported in HP HTTP Server, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14311/ -- [SA14268] ELOG Two Vulnerabilities Critical: Highly critical Where: From remote Impact: Exposure of sensitive information, System access Released: 2005-02-15 Two vulnerabilities have been reported in ELOG, which can be exploited by malicious people to disclose sensitive information and compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14268/ -- [SA14273] Quake3 Engine Query Handling Denial of Service Vulnerability Critical: Moderately critical Where: From remote Impact: DoS Released: 2005-02-14 Luigi Auriemma has reported a vulnerability in Quake3 Engine, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14273/ -- [SA14272] CubeCart "language" Local File Inclusion Vulnerability Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information Released: 2005-02-14 John Cobb has reported a vulnerability in CubeCart, which can be exploited by malicious people to disclose sensitive information. Full Advisory: http://secunia.com/advisories/14272/ -- [SA14263] Siteman Site Owner Registration Security Bypass Vulnerability Critical: Moderately critical Where: From remote Impact: Security Bypass Released: 2005-02-15 A vulnerability has been reported in Siteman, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/14263/ -- [SA14293] BrightStor ARCserve Backup Discovery Service SERVICEPC Buffer Overflow Critical: Moderately critical Where: From local network Impact: System access Released: 2005-02-15 cybertronic has reported a vulnerability in BrightStor ARCserve/Enterprise Backup, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14293/ -- [SA14299] AWStats Multiple Vulnerabilities Critical: Less critical Where: From remote Impact: Privilege escalation, DoS Released: 2005-02-15 GHC has reported some vulnerabilities in AWStats, which potentially can be exploited by malicious, local users to gain escalated privileges, and by malicious people to disclose system information and cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14299/ -- [SA14298] BEA WebLogic Server/Express User Account Enumeration Critical: Less critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information Released: 2005-02-15 A security issue has been reported in WebLogic Server and WebLogic Express, which can be exploited by malicious people to enumerate valid user accounts. Full Advisory: http://secunia.com/advisories/14298/ -- [SA14294] OpenConf Title Script Insertion Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2005-02-15 RedTeam has reported a vulnerability in OpenConf, which can be exploited by malicious users to conduct script insertion attacks. Full Advisory: http://secunia.com/advisories/14294/ -- [SA14289] PHP-Nuke Cross-Site Scripting Vulnerabilities Critical: Less critical Where: From remote Impact: Cross Site Scripting, Exposure of system information Released: 2005-02-15 Janek Vind "waraxe" has reported two vulnerabilities in PHP-Nuke, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/14289/ -- [SA14262] NewsBruiser Comment System Security Bypass Vulnerability Critical: Less critical Where: From remote Impact: Security Bypass Released: 2005-02-17 Jarno has reported a vulnerability in NewsBruiser, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/14262/ -- [SA14313] wpa_supplicant EAPOL-Key Frames Buffer Overflow Critical: Less critical Where: From local network Impact: DoS Released: 2005-02-17 A vulnerability has been reported in wpa_supplicant, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14313/ -- [SA14284] Mercuryboard "debug" Debug Information Disclosure Critical: Not critical Where: From remote Impact: Exposure of system information Released: 2005-02-15 Lostmon has discovered a weakness in Mercuryboard, which can be exploited by malicious people to disclose some system information. Full Advisory: http://secunia.com/advisories/14284/ ======================================================================== Secunia recommends that you verify all advisories you receive, by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Subscribe: http://secunia.com/secunia_weekly_summary/ Contact details: Web : http://secunia.com/ E-mail : support@private Tel : +45 70 20 51 44 Fax : +45 70 20 51 45 _________________________________________ Bellua Cyber Security Asia 2005 - http://www.bellua.com/bcs2005
This archive was generated by hypermail 2.1.3 : Fri Feb 18 2005 - 02:03:27 PST