======================================================================== The Secunia Weekly Advisory Summary 2005-03-10 - 2005-03-17 This week : 52 advisories ======================================================================== Table of Contents: 1.....................................................Word From Secunia 2....................................................This Week In Brief 3...............................This Weeks Top Ten Most Read Advisories 4.......................................Vulnerabilities Summary Listing 5.......................................Vulnerabilities Content Listing ======================================================================== 1) Word From Secunia: Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secunia_vacancies/ ======================================================================== 2) This Week in Brief: A vulnerability has been reported in various Symantec gateway products, which can be exploited by malicious people to poison the DNS cache. The vendor has issued patches, please review Secunia advisory below for additional details. References: http://secunia.com/SA14595 VIRUS ALERTS: Secunia has not issued any virus alerts during the week. ======================================================================== 3) This Weeks Top Ten Most Read Advisories: 1. [SA14163] Mozilla Products IDN Spoofing Security Issue 2. [SA14565] Firefox "Save Link As..." Status Bar Spoofing Weakness 3. [SA14512] Microsoft Windows LAND Attack Denial of Service 4. [SA14547] MySQL Two Vulnerabilities 5. [SA12889] Microsoft Internet Explorer Multiple Vulnerabilities 6. [SA12758] Microsoft Word Document Parsing Buffer Overflow Vulnerability 7. [SA14568] Mozilla "Save Link Target As..." Status Bar Spoofing Weakness 8. [SA14543] Microsoft Exchange Server 2003 Folder Handling Denial of Service 9. [SA14567] Thunderbird "Save Link Target As..." Status Bar Spoofing Weakness 10. [SA14548] Linux Kernel "sys_epoll_wait()" Function Integer Overflow ======================================================================== 4) Vulnerabilities Summary Listing Windows: [SA14580] aeNovo Database Disclosure of Sensitive Information [SA14553] Active Webcam Denial of Service and Local File Detection [SA14601] GoodTech Telnet Server Buffer Overflow Vulnerability [SA14564] MySQL MS-DOS Device Names Denial of Service Vulnerability UNIX/Linux: [SA14597] Mandrake update for cyrus-sasl [SA14574] Gentoo update for libexif [SA14572] Gentoo update for xorg-x11 [SA14552] SUSE update for realplayer [SA14606] Fedora update for sylpheed [SA14603] Gentoo update for ringtonetools [SA14596] Mandrake update for ethereal [SA14594] Ubuntu update for kernel [SA14587] Fedora update for ipsec-tools [SA14586] IPsec-Tools ISAKMP Header Parsing Denial of Service [SA14584] KAME Racoon ISAKMP Header Parsing Denial of Service [SA14573] Gentoo update for ethereal [SA14570] Linux Kernel PPP Server Denial of Service Vulnerability [SA14598] Mandrake update for openslp [SA14581] SUSE update for openslp [SA14561] OpenSLP Buffer Overflow Vulnerabilities [SA14593] Ubuntu update for mysql [SA14582] Debian luxman Privilege Escalation Vulnerability [SA14562] rxvt-unicode Terminal Input Buffer Overflow Vulnerability [SA14563] Conectiva update for gaim [SA14558] Red Hat update for gaim [SA14591] KDE Desktop Communication Protocol Denial of Service Vulnerability Other: [SA14557] Xerox MicroServer Web Server URL Handling Denial of Service [SA14556] Xerox Document Centre Web Server Unauthorised Access Vulnerability Cross Platform: [SA14600] PHPOpenChat "sourcedir" File Inclusion Vulnerability [SA14577] VoteBox "VoteBoxPath" File Inclusion Vulnerability [SA14566] holaCMS "vote_filename" Directory Traversal Vulnerability [SA14559] WEBInsta Limbo "absolute_path" File Inclusion Vulnerability [SA14602] ZPanel "uname" SQL Injection and Security Bypass [SA14595] Symantec Products Unspecified DNS Cache Poisoning Vulnerability [SA14590] paBox "posticon" Script Insertion Vulnerability [SA14583] SimpGB "quote" SQL Injection Vulnerability [SA14579] Spinworks Application Server Web Server Denial of Service [SA14578] UBB.threads "Number" SQL Injection Vulnerability [SA14576] PhotoPost PHP Pro Multiple Vulnerabilities [SA14555] LimeWire Gnutella Disclosure of Sensitive Information [SA14599] phpMyAdmin "_" Wildcard Permissions Security Bypass [SA14592] phpPgAds / phpAdsNew "refresh" Cross-Site Scripting Vulnerability [SA14589] WebSphere Commerce Private Information Disclosure [SA14554] Phorum Script Insertion Vulnerabilities [SA14588] Cosminexus Server Component Container Tomcat Denial of Service [SA14575] MaxDB Web Agent Denial of Service Vulnerabilities [SA14569] Apache Tomcat AJP12 Protocol Denial of Service Vulnerability [SA14607] Novell iChain miniFTP Server Brute Force Weakness [SA14568] Mozilla "Save Link Target As..." Status Bar Spoofing Weakness [SA14567] Thunderbird "Save Link Target As..." Status Bar Spoofing Weakness [SA14565] Firefox "Save Link As..." Status Bar Spoofing Weakness [SA14560] Citrix MetaFrame Password Manager Secondary Password Disclosure ======================================================================== 5) Vulnerabilities Content Listing Windows:-- [SA14580] aeNovo Database Disclosure of Sensitive Information Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information Released: 2005-03-14 farhad koosha has reported a security issue in aeNovo, which can be exploited by malicious people to disclose sensitive information. Full Advisory: http://secunia.com/advisories/14580/ -- [SA14553] Active Webcam Denial of Service and Local File Detection Critical: Moderately critical Where: From remote Impact: Exposure of system information, DoS Released: 2005-03-10 Sowhat has reported two vulnerabilities and a weakness in Active Webcam, which can be exploited by malicious people to cause a DoS (Denial of Service) and detect the presence of local files. Full Advisory: http://secunia.com/advisories/14553/ -- [SA14601] GoodTech Telnet Server Buffer Overflow Vulnerability Critical: Moderately critical Where: From local network Impact: System access Released: 2005-03-16 Komrade has reported a vulnerability in GoodTech Telnet Server, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14601/ -- [SA14564] MySQL MS-DOS Device Names Denial of Service Vulnerability Critical: Not critical Where: From local network Impact: DoS Released: 2005-03-14 Luca Ercoli has reported a vulnerability in MySQL, which can be exploited by malicious users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14564/ UNIX/Linux:-- [SA14597] Mandrake update for cyrus-sasl Critical: Highly critical Where: From remote Impact: System access Released: 2005-03-16 MandrakeSoft has issued an update for cyrus-sasl. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14597/ -- [SA14574] Gentoo update for libexif Critical: Highly critical Where: From remote Impact: System access, DoS Released: 2005-03-14 Gentoo has issued an update for libexif. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14574/ -- [SA14572] Gentoo update for xorg-x11 Critical: Highly critical Where: From remote Impact: System access Released: 2005-03-14 Gentoo has issued an update for xorg-x11. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14572/ -- [SA14552] SUSE update for realplayer Critical: Highly critical Where: From remote Impact: System access Released: 2005-03-10 SUSE has issued an update for realplayer. This fixes two vulnerabilities, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/14552/ -- [SA14606] Fedora update for sylpheed Critical: Moderately critical Where: From remote Impact: System access Released: 2005-03-16 Fedora has issued an update for sylpheed. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/14606/ -- [SA14603] Gentoo update for ringtonetools Critical: Moderately critical Where: From remote Impact: System access Released: 2005-03-16 Gentoo has issued an update for ringtonetools. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/14603/ -- [SA14596] Mandrake update for ethereal Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2005-03-16 MandrakeSoft has issued an update for ethereal. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14596/ -- [SA14594] Ubuntu update for kernel Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information, Privilege escalation, DoS Released: 2005-03-16 Ubuntu has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited disclose kernel memory, gain escalated privileges or cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14594/ -- [SA14587] Fedora update for ipsec-tools Critical: Moderately critical Where: From remote Impact: DoS Released: 2005-03-15 Fedora has issued an update for ipsec-tools. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14587/ -- [SA14586] IPsec-Tools ISAKMP Header Parsing Denial of Service Critical: Moderately critical Where: From remote Impact: DoS Released: 2005-03-15 A vulnerability has been reported in IPsec-Tools, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14586/ -- [SA14584] KAME Racoon ISAKMP Header Parsing Denial of Service Critical: Moderately critical Where: From remote Impact: DoS Released: 2005-03-15 Sebastian Krahmer has reported a vulnerability in KAME Racoon, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14584/ -- [SA14573] Gentoo update for ethereal Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2005-03-14 Gentoo has issued an update for ethereal. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14573/ -- [SA14570] Linux Kernel PPP Server Denial of Service Vulnerability Critical: Moderately critical Where: From remote Impact: DoS Released: 2005-03-16 Ben Martel and Stephen Blackheath have reported a vulnerability in the Linux kernel, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14570/ -- [SA14598] Mandrake update for openslp Critical: Moderately critical Where: From local network Impact: System access Released: 2005-03-16 MandrakeSoft has issued an update for openslp. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14598/ -- [SA14581] SUSE update for openslp Critical: Moderately critical Where: From local network Impact: System access Released: 2005-03-15 SUSE has issued an update for openslp. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14581/ -- [SA14561] OpenSLP Buffer Overflow Vulnerabilities Critical: Moderately critical Where: From local network Impact: System access Released: 2005-03-15 SUSE Security Team has reported some vulnerabilities in OpenSLP, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14561/ -- [SA14593] Ubuntu update for mysql Critical: Less critical Where: From local network Impact: Privilege escalation, System access Released: 2005-03-16 Ubuntu has issued an update for mysql. This fixes some vulnerabilities, which potentially can be exploited by malicious users to compromise a vulnerable system and by malicious, local users to perform certain actions on a vulnerable system with escalated privileges. Full Advisory: http://secunia.com/advisories/14593/ -- [SA14582] Debian luxman Privilege Escalation Vulnerability Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-03-15 Debian has issued an update for luxman. This fixes a vulnerability, which potentially can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/14582/ -- [SA14562] rxvt-unicode Terminal Input Buffer Overflow Vulnerability Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-03-15 A vulnerability has been reported in rxvt-unicode, which potentially can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/14562/ -- [SA14563] Conectiva update for gaim Critical: Not critical Where: From remote Impact: DoS Released: 2005-03-15 Conectiva has issued an update for gaim. This fixes three weaknesses, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14563/ -- [SA14558] Red Hat update for gaim Critical: Not critical Where: From remote Impact: DoS Released: 2005-03-11 Red Hat has issued an update for gaim. This fixes three weaknesses, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14558/ -- [SA14591] KDE Desktop Communication Protocol Denial of Service Vulnerability Critical: Not critical Where: Local system Impact: DoS Released: 2005-03-16 Sebastian Krahmer has reported a vulnerability in KDE, which can be exploited by malicious, local users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14591/ Other:-- [SA14557] Xerox MicroServer Web Server URL Handling Denial of Service Critical: Less critical Where: From local network Impact: DoS Released: 2005-03-11 A vulnerability has been reported in Xerox Document Centre, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14557/ -- [SA14556] Xerox Document Centre Web Server Unauthorised Access Vulnerability Critical: Less critical Where: From local network Impact: Security Bypass Released: 2005-03-11 A vulnerability has been reported in Xerox Document Centre, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/14556/ Cross Platform:-- [SA14600] PHPOpenChat "sourcedir" File Inclusion Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2005-03-16 Mafia_Boy has reported a vulnerability in PHPOpenChat, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14600/ -- [SA14577] VoteBox "VoteBoxPath" File Inclusion Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2005-03-15 SmOk3 has reported a vulnerability in VoteBox, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14577/ -- [SA14566] holaCMS "vote_filename" Directory Traversal Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2005-03-14 Virginity has reported a vulnerability in holaCMS, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14566/ -- [SA14559] WEBInsta Limbo "absolute_path" File Inclusion Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2005-03-11 Fidel Costa has discovered a vulnerability in WEBInsta Limbo, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14559/ -- [SA14602] ZPanel "uname" SQL Injection and Security Bypass Critical: Moderately critical Where: From remote Impact: Security Bypass, Manipulation of data Released: 2005-03-16 Mikhail has reported a vulnerability and a security issue in ZPanel, which can be exploited by malicious people to conduct SQL injection attacks and bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/14602/ -- [SA14595] Symantec Products Unspecified DNS Cache Poisoning Vulnerability Critical: Moderately critical Where: From remote Impact: Spoofing, Manipulation of data Released: 2005-03-16 A vulnerability has been reported in various Symantec gateway products, which can be exploited by malicious people to poison the DNS cache. Full Advisory: http://secunia.com/advisories/14595/ -- [SA14590] paBox "posticon" Script Insertion Vulnerability Critical: Moderately critical Where: From remote Impact: Cross Site Scripting Released: 2005-03-15 Rift has discovered a vulnerability in paBox, which can be exploited by malicious people to conduct script insertion attacks. Full Advisory: http://secunia.com/advisories/14590/ -- [SA14583] SimpGB "quote" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2005-03-15 Alexander Müller has reported a vulnerability in SimpGB, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/14583/ -- [SA14579] Spinworks Application Server Web Server Denial of Service Critical: Moderately critical Where: From remote Impact: DoS Released: 2005-03-14 Dr_insane has discovered a vulnerability in Spinworks Application Server, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14579/ -- [SA14578] UBB.threads "Number" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2005-03-14 ADZ Security Team has reported a vulnerability in UBB.threads, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/14578/ -- [SA14576] PhotoPost PHP Pro Multiple Vulnerabilities Critical: Moderately critical Where: From remote Impact: Security Bypass, Cross Site Scripting, Manipulation of data Released: 2005-03-14 Igor Franchuk has reported some vulnerabilities in PhotoPost PHP Pro, which can be exploited to conduct script insertion and SQL injection attacks, bypass certain security restrictions and manipulate potentially sensitive information. Full Advisory: http://secunia.com/advisories/14576/ -- [SA14555] LimeWire Gnutella Disclosure of Sensitive Information Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information Released: 2005-03-15 Kevin Walsh has reported two vulnerabilities in LimeWire, which can be exploited by malicious people to disclose sensitive information. Full Advisory: http://secunia.com/advisories/14555/ -- [SA14599] phpMyAdmin "_" Wildcard Permissions Security Bypass Critical: Less critical Where: From remote Impact: Security Bypass Released: 2005-03-16 A vulnerability has been reported in phpMyAdmin, which can be exploited by malicious users to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/14599/ -- [SA14592] phpPgAds / phpAdsNew "refresh" Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2005-03-15 Maksymilian Arciemowicz has reported a vulnerability in phpPgAds and phpAdsNew, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/14592/ -- [SA14589] WebSphere Commerce Private Information Disclosure Critical: Less critical Where: From remote Impact: Exposure of sensitive information Released: 2005-03-15 A security issue has been reported in WebSphere Commerce, which may result in sensitive information being disclosed to malicious people. Full Advisory: http://secunia.com/advisories/14589/ -- [SA14554] Phorum Script Insertion Vulnerabilities Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2005-03-11 Jon Oberheide has reported some vulnerabilities in Phorum, which can be exploited by malicious users to conduct script insertion attacks. Full Advisory: http://secunia.com/advisories/14554/ -- [SA14588] Cosminexus Server Component Container Tomcat Denial of Service Critical: Less critical Where: From local network Impact: DoS Released: 2005-03-15 The vendor has acknowledged a vulnerability in Cosminexus Server Component Container and Cosminexus Server Component Container for Java, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14588/ -- [SA14575] MaxDB Web Agent Denial of Service Vulnerabilities Critical: Less critical Where: From local network Impact: DoS Released: 2005-03-15 Some vulnerabilities have been reported in MaxDB, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14575/ -- [SA14569] Apache Tomcat AJP12 Protocol Denial of Service Vulnerability Critical: Less critical Where: From local network Impact: DoS Released: 2005-03-15 Hitachi Incident Response Team has reported a vulnerability in Tomcat, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14569/ -- [SA14607] Novell iChain miniFTP Server Brute Force Weakness Critical: Not critical Where: From remote Impact: Brute force Released: 2005-03-16 Francisco Amato has reported a weakness in Novell iChain, which can be exploited by malicious people to potentially brute force a user's password. Full Advisory: http://secunia.com/advisories/14607/ -- [SA14568] Mozilla "Save Link Target As..." Status Bar Spoofing Weakness Critical: Not critical Where: From remote Impact: Spoofing Released: 2005-03-14 bitlance winter has discovered a weakness in Mozilla, which can be exploited by malicious people to trick users into saving malicious files by obfuscating URLs. Full Advisory: http://secunia.com/advisories/14568/ -- [SA14567] Thunderbird "Save Link Target As..." Status Bar Spoofing Weakness Critical: Not critical Where: From remote Impact: Spoofing Released: 2005-03-14 bitlance winter has discovered a weakness in Thunderbird, which can be exploited by malicious people to trick users into saving malicious files by obfuscating URLs. Full Advisory: http://secunia.com/advisories/14567/ -- [SA14565] Firefox "Save Link As..." Status Bar Spoofing Weakness Critical: Not critical Where: From remote Impact: Spoofing Released: 2005-03-14 bitlance winter has discovered a weakness in Firefox, which can be exploited by malicious people to trick users into saving malicious files by obfuscating URLs. Full Advisory: http://secunia.com/advisories/14565/ -- [SA14560] Citrix MetaFrame Password Manager Secondary Password Disclosure Critical: Not critical Where: From local network Impact: Security Bypass, Exposure of sensitive information Released: 2005-03-16 A security issue has been reported in MetaFrame Password Manager, which can be exploited by malicious users to gain knowledge of potentially sensitive information. Full Advisory: http://secunia.com/advisories/14560/ ======================================================================== Secunia recommends that you verify all advisories you receive, by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Subscribe: http://secunia.com/secunia_weekly_summary/ Contact details: Web : http://secunia.com/ E-mail : support@private Tel : +45 70 20 51 44 Fax : +45 70 20 51 45 _________________________________________ Bellua Cyber Security Asia 2005 - http://www.bellua.com/bcs2005
This archive was generated by hypermail 2.1.3 : Fri Mar 18 2005 - 01:12:50 PST