[ISN] Secunia Weekly Summary - Issue: 2005-19

From: InfoSec News (isn@private)
Date: Fri May 13 2005 - 04:09:44 PDT


========================================================================

                  The Secunia Weekly Advisory Summary                  
                        2005-05-05 - 2005-05-12                        

                       This week : 73 advisories                       

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing

========================================================================
1) Word From Secunia:

Want a new IT Security job?

Vacant positions at Secunia:
http://secunia.com/secunia_vacancies/

========================================================================
2) This Week in Brief:

Secunia issued a rare "Extremely Critical" advisory regarding
Mozilla FireFox, as details about a system compromise vulnerability
including exploit code had been released on public mailing lists.

The Mozilla Foundation has released an updated version, which corrects
this vulnerability.

Reference:
http://secunia.com/SA15135

--

Apple has released an updated version of iTunes, which corrects a
vulnerability, that potentially can be exploited to compromise a
vulnerable system.

Please refer to Secunia advisory below for details.

References:
http://secunia.com/SA15310


VIRUS ALERTS:

During the last week, Secunia issued 2 MEDIUM RISK virus alerts.
Please refer to the grouped virus profile below for more information:

Wurmark-J - MEDIUM RISK Virus Alert - 2005-05-11 13:55 GMT+1
http://secunia.com/virus_information/17848/wurmark-j/

MYTOB.ED - MEDIUM RISK Virus Alert - 2005-05-11 06:46 GMT+1
http://secunia.com/virus_information/17840/mytob.ed/

========================================================================
3) This Weeks Top Ten Most Read Advisories:

1.  [SA15292] Mozilla Firefox Two Vulnerabilities
2.  [SA14820] Mozilla Firefox JavaScript Engine Information Disclosure
              Vulnerability
3.  [SA15310] iTunes MPEG-4 File Parsing Buffer Overflow Vulnerability
4.  [SA11482] Windows Explorer / Internet Explorer Long Share Name
              Buffer Overflow
5.  [SA15017] Microsoft Windows Explorer Web View Script Insertion
              Vulnerability
6.  [SA14938] Mozilla Firefox Multiple Vulnerabilities
7.  [SA15296] Mozilla "IFRAME" JavaScript URL Cross-Site Scripting
8.  [SA15227] Mac OS X Security Update Fixes Multiple Vulnerabilities
9.  [SA15103] Netscape GIF Image Netscape Extension 2 Buffer Overflow
10. [SA12758] Microsoft Word Document Parsing Buffer Overflow
              Vulnerabilities

========================================================================
4) Vulnerabilities Summary Listing

Windows:
[SA15330] GeoVision Digital Video Surveillance System Authentication
Bypass
[SA15329] MaxWebPortal Cross-Site Scripting and SQL Injection
[SA15302] Orenosv HTTP/FTP Server Buffer Overflow Vulnerabilities
[SA15300] ShowOff! Digital Media Software Two Vulnerabilities
[SA15299] NiteEnterprises Remote File Manager Denial of Service
[SA15291] datatrac Denial of Service Vulnerability
[SA15271] Hosting Controller "addsubsite.asp" Security Bypass
[SA15268] PostMaster Multiple Vulnerabilities
[SA15288] Subject Search Server "Search for" Field Cross-Site
Scripting
[SA15274] MyServer Directory Listing and Cross-Site Scripting
Vulnerability
[SA15287] H-Sphere Exposure of User Credentials

UNIX/Linux:
[SA15334] Red Hat update for gaim
[SA15326] Ubuntu update for mozilla-browser/mozilla-firefox
[SA15316] Debian update for xfree86
[SA15314] Mandriva update for ethereal
[SA15295] Easy Message Board "print" Shell Command Injection
[SA15285] Debian update for smail
[SA15284] Ubuntu update for xine-lib
[SA15283] Mandriva update for OpenOffice.org
[SA15280] Gentoo update for ethereal
[SA15277] SGI Advanced Linux Environment Multiple Updates
[SA15272] Fedora update for ethereal
[SA15264] Mandriva update for XFree86
[SA15256] Ubuntu update for openoffice.org
[SA15333] Gentoo update for hteditor
[SA15331] Gentoo update for libtiff
[SA15320] libTIFF BitsPerSample Tag Buffer Overflow Vulnerability
[SA15278] 4D WebSTAR Tomcat Plugin URL Buffer Overflow
[SA15270] Fedora update for gnutls
[SA15258] Gentoo update for gnutls
[SA15318] Fedora update for postgresql
[SA15273] Gentoo update for oops
[SA15266] Oops! Proxy Server "auth()" Format String Vulnerability
[SA15335] IPCop update for various packages
[SA15322] Red Hat update for tcpdump
[SA15309] Gentoo update for tcpdump
[SA15308] Gentoo update for gzip
[SA15263] Avaya Intuity Audix TCP Connection Reset Vulnerability
[SA15294] Squid DNS Lookup Spoofing Vulnerability
[SA15275] Sun Solaris Unspecified NIS+ Service Denial of Service
[SA15313] Avaya CMS/IR newgrp Privilege Escalation Vulnerability
[SA15303] Avaya CMS dtmail Privilege Escalation Vulnerability
[SA15262] FreeBSD Kernel Memory Disclosure Vulnerabilities
[SA15261] FreeBSD "i386_get_ldt()" Kernel Memory Disclosure
Vulnerability
[SA15260] FreeBSD Insecure iir Driver Permissions
[SA15301] Mac OS X Mail Account Wizard Exposure of User Credentials
[SA15276] Fedora update for libexif
[SA15259] libexif EXIF Tag Parsing Denial of Service Vulnerability
[SA15323] Sun Solaris automountd Denial of Service Vulnerability
[SA15293] Viewglob "vgd" Server Exposure of Directory Information

Other:
[SA15306] Sun StorEdge 6130 Array Unspecified Unauthorised Access

Cross Platform:
[SA15292] Mozilla Firefox Two Vulnerabilities
[SA15328] Gaim URL Processing Buffer Overflow Vulnerability
[SA15312] BoastMachine File Upload Vulnerability
[SA15310] iTunes MPEG-4 File Parsing Buffer Overflow Vulnerability
[SA15282] e107 Multiple Vulnerabilities
[SA15279] PHP Advanced Transfer Manager File Upload Vulnerability
[SA15257] Fusion SBX "is_logged" Authentication Bypass
[SA15317] Woltlab Burning Board Unspecified Vulnerability
[SA15315] PwsPHP Multiple Vulnerabilities
[SA15304] HT Editor ELF and PE Parser Vulnerabilities
[SA15298] phpBB Unspecified URL / BB Code Vulnerability
[SA15296] Mozilla "IFRAME" JavaScript URL Cross-Site Scripting
[SA15290] WebAPP Guestbook PRO Module Message Script Insertion
[SA15289] AutoTheme and AT-Lite Unspecified Vulnerabilities
[SA15286] SiteStudio and H-Sphere "name" Script Insertion
Vulnerability
[SA15281] CJ Ultra Plus "perm" SQL Injection Vulnerability
[SA15269] MidiCart PHP Shopping Cart Cross-Site Scripting and SQL
Injection
[SA15265] Invision Power Board Cross-Site Scripting and SQL Injection
[SA15332] Nuke ET "codigo" Cross-Site Scripting Vulnerability
[SA15311] NukeScripts NukeSentinel URL Encoding Filter Bypass
[SA15297] Quick.Cart "sWord" Cross-Site Scripting Vulnerability
[SA15267] Netscape HTTP Authentication Prompt Spoofing Vulnerability

========================================================================
5) Vulnerabilities Content Listing

Windows:--

[SA15330] GeoVision Digital Video Surveillance System Authentication
Bypass

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of sensitive information
Released:    2005-05-11

Tirath Rai has reported a security issue in GeoVision Digital Video
Surveillance System, which can be exploited by malicious people to
disclose sensitive information.

Full Advisory:
http://secunia.com/advisories/15330/

 --

[SA15329] MaxWebPortal Cross-Site Scripting and SQL Injection

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data
Released:    2005-05-11

Zinho has reported some vulnerabilities in MaxWebPortal, which can be
exploited by malicious people to conduct cross-site scripting and SQL
injection attacks.

Full Advisory:
http://secunia.com/advisories/15329/

 --

[SA15302] Orenosv HTTP/FTP Server Buffer Overflow Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Privilege escalation, DoS, System access
Released:    2005-05-09

Tan Chew Keong has reported some vulnerabilities in Orenosv HTTP/FTP
Server, which can be exploited by malicious users to cause a DoS
(Denial of Service) and potentially compromise the system.

Full Advisory:
http://secunia.com/advisories/15302/

 --

[SA15300] ShowOff! Digital Media Software Two Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of sensitive information, DoS
Released:    2005-05-11

dr_insane has discovered two vulnerabilities in ShowOff! Digital Media
Software, which can be exploited by malicious people to cause a DoS
(Denial of Service) and disclose sensitive information.

Full Advisory:
http://secunia.com/advisories/15300/

 --

[SA15299] NiteEnterprises Remote File Manager Denial of Service

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2005-05-09

eric basher has reported a vulnerability in NiteEnterprises Remote File
Manager, which can be exploited by malicious people to cause a DoS
(Denial of Service).

Full Advisory:
http://secunia.com/advisories/15299/

 --

[SA15291] datatrac Denial of Service Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2005-05-09

eric basher has reported a vulnerability in datatrac, which can be
exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/15291/

 --

[SA15271] Hosting Controller "addsubsite.asp" Security Bypass

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2005-05-06

Mouse has reported a vulnerability in Hosting Controller, which can be
exploited by malicious people to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/15271/

 --

[SA15268] PostMaster Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, Exposure of system
information
Released:    2005-05-11

Dr_insane has reported some vulnerabilities in PostMaster, which can be
exploited by malicious people to detect the presence of local files,
enumerate usernames, conduct cross-site scripting attacks and bypass
certain security restrictions.

Full Advisory:
http://secunia.com/advisories/15268/

 --

[SA15288] Subject Search Server "Search for" Field Cross-Site
Scripting

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-05-10

Dr_insane has discovered a vulnerability in Subject Search Server,
which can be exploited by malicious people to conduct cross-site
scripting attacks.

Full Advisory:
http://secunia.com/advisories/15288/

 --

[SA15274] MyServer Directory Listing and Cross-Site Scripting
Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting, Exposure of system information
Released:    2005-05-10

Dr_insane has discovered a vulnerability in MyServer, which can be
exploited by malicious people to gain knowledge of certain system
information or conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/15274/

 --

[SA15287] H-Sphere Exposure of User Credentials

Critical:    Less critical
Where:       Local system
Impact:      Exposure of sensitive information
Released:    2005-05-10

Donnie Werner has reported a security issue in H-Sphere, which can be
exploited by malicious, local users to disclose sensitive information.

Full Advisory:
http://secunia.com/advisories/15287/


UNIX/Linux:--

[SA15334] Red Hat update for gaim

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-05-11

Red Hat has issued an update for gaim. This fixes a vulnerability and a
weakness, which can be exploited by malicious people to cause a DoS
(Denial of Service) or compromise a user's system.

Full Advisory:
http://secunia.com/advisories/15334/

 --

[SA15326] Ubuntu update for mozilla-browser/mozilla-firefox

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, System access
Released:    2005-05-11

Ubuntu has issued updates for mozilla-browser and mozilla-firefox.
These fix some vulnerabilities, which can be exploited by malicious
people to conduct cross-site scripting attacks, bypass certain security
restrictions, and compromise a user's system.

Full Advisory:
http://secunia.com/advisories/15326/

 --

[SA15316] Debian update for xfree86

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-05-10

Debian has issued an update for xfree86. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/15316/

 --

[SA15314] Mandriva update for ethereal

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-05-11

Mandriva has issued an update for ethereal. This fixes multiple
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service) or compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/15314/

 --

[SA15295] Easy Message Board "print" Shell Command Injection

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-05-09

SoulBlack Security Research has reported a vulnerability in Easy
Message Board, which can be exploited by malicious people to compromise
a vulnerable system.

Full Advisory:
http://secunia.com/advisories/15295/

 --

[SA15285] Debian update for smail

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-05-09

Debian has issued an update for smail. This fixes a vulnerability,
which can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/15285/

 --

[SA15284] Ubuntu update for xine-lib

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-05-09

Ubuntu has issued an update for xine-lib. This fixes some
vulnerabilities, which potentially can be exploited by malicious people
to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/15284/

 --

[SA15283] Mandriva update for OpenOffice.org

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-05-09

Mandriva has issued an update for OpenOffice.org. This fixes a
vulnerability, which can be exploited by malicious people to compromise
a user's system.

Full Advisory:
http://secunia.com/advisories/15283/

 --

[SA15280] Gentoo update for ethereal

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-05-09

Gentoo has issued an update for ethereal. This fixes multiple
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service) or compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/15280/

 --

[SA15277] SGI Advanced Linux Environment Multiple Updates

Critical:    Highly critical
Where:       From remote
Impact:      Unknown, Security Bypass, Cross Site Scripting, Spoofing,
Manipulation of data, Exposure of system information, Exposure of
sensitive information, Privilege escalation, DoS, System access
Released:    2005-05-09

SGI has issued a patch for SGI Advanced Linux Environment. This fixes
multiple vulnerabilities, which can be exploited by malicious, local
users to gain knowledge of sensitive information and conduct certain
actions on a vulnerable system with escalated privileges, and by
malicious people to cause a DoS (Denial of Service), conduct spoofing
and cross-site scripting attacks, disclose sensitive and system
information, bypass certain security restrictions, trick users into
downloading malicious files, and compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/15277/

 --

[SA15272] Fedora update for ethereal

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-05-09

Fedora has issued an update for ethereal. This fixes multiple
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service) or compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/15272/

 --

[SA15264] Mandriva update for XFree86

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-05-06

Mandriva has issued an update for XFree86. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/15264/

 --

[SA15256] Ubuntu update for openoffice.org

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-05-09

Ubuntu has issued an update for openoffice.org. This fixes a
vulnerability, which can be exploited by malicious people to compromise
a user's system.

Full Advisory:
http://secunia.com/advisories/15256/

 --

[SA15333] Gentoo update for hteditor

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2005-05-11

Gentoo has issued an update for hteditor. This fixes two
vulnerabilities, which potentially can be exploited by malicious people
to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/15333/

 --

[SA15331] Gentoo update for libtiff

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2005-05-11

Gentoo has issued an update for libtiff. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/15331/

 --

[SA15320] libTIFF BitsPerSample Tag Buffer Overflow Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2005-05-11

Tavis Ormandy has reported a vulnerability in libTIFF, which
potentially can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/15320/

 --

[SA15278] 4D WebSTAR Tomcat Plugin URL Buffer Overflow

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-05-09

Braden Thomas has reported a vulnerability in 4D WebSTAR, which can be
exploited by malicious people to cause a DoS (Denial of Service) or
potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/15278/

 --

[SA15270] Fedora update for gnutls

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2005-05-06

Fedora has issued an update for gnutls. This fixes a vulnerability,
which potentially can be exploited by malicious people to cause a DoS
(Denial of Service).

Full Advisory:
http://secunia.com/advisories/15270/

 --

[SA15258] Gentoo update for gnutls

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2005-05-09

Gentoo has issued an update for gnutls. This fixes a vulnerability,
which potentially can be exploited by malicious people to cause a DoS
(Denial of Service).

Full Advisory:
http://secunia.com/advisories/15258/

 --

[SA15318] Fedora update for postgresql

Critical:    Moderately critical
Where:       From local network
Impact:      Unknown, Privilege escalation, DoS
Released:    2005-05-11

Fedora has released an update for postgresql. This fixes two
vulnerabilities, which can be exploited by malicious users to cause a
DoS (Denial of Service) or potentially gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/15318/

 --

[SA15273] Gentoo update for oops

Critical:    Moderately critical
Where:       From local network
Impact:      System access
Released:    2005-05-06

Gentoo has issued an update for oops. This fixes a vulnerability, which
potentially can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/15273/

 --

[SA15266] Oops! Proxy Server "auth()" Format String Vulnerability

Critical:    Moderately critical
Where:       From local network
Impact:      System access
Released:    2005-05-06

Edisan has reported a vulnerability in Oops!, which potentially can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/15266/

 --

[SA15335] IPCop update for various packages

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass, Privilege escalation
Released:    2005-05-11

An updated version of IPCop has been released. This fixes some
vulnerabilities in various packages, which can be exploited to gain
escalated privileges, cause a DoS (Denial of Service), or extract files
to arbitrary directories.

Full Advisory:
http://secunia.com/advisories/15335/

 --

[SA15322] Red Hat update for tcpdump

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2005-05-11

Red Hat has issued an update for tcpdump. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/15322/

 --

[SA15309] Gentoo update for tcpdump

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2005-05-10

Gentoo has issued an update for tcpdump. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/15309/

 --

[SA15308] Gentoo update for gzip

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass, Manipulation of data
Released:    2005-05-10

Gentoo has issued an update for gzip. This fixes a vulnerability, which
potentially can be exploited by malicious people to extract files to
arbitrary directories on a user's system.

Full Advisory:
http://secunia.com/advisories/15308/

 --

[SA15263] Avaya Intuity Audix TCP Connection Reset Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2005-05-06

Avaya has acknowledged a vulnerability in Intuity Audix, which can be
exploited by malicious people to reset established TCP connections on a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/15263/

 --

[SA15294] Squid DNS Lookup Spoofing Vulnerability

Critical:    Less critical
Where:       From local network
Impact:      Spoofing
Released:    2005-05-11

A vulnerability has been reported in Squid, which can be exploited by
malicious people to spoof DNS lookups.

Full Advisory:
http://secunia.com/advisories/15294/

 --

[SA15275] Sun Solaris Unspecified NIS+ Service Denial of Service

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2005-05-09

A vulnerability has been reported in Solaris, which can be exploited by
malicious users to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/15275/

 --

[SA15313] Avaya CMS/IR newgrp Privilege Escalation Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-05-10

Avaya has acknowledged a vulnerability in Avaya Call Management System
(CMS) and Avaya Interactive Response (IR), which can be exploited by
malicious, local users to gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/15313/

 --

[SA15303] Avaya CMS dtmail Privilege Escalation Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-05-11

Avaya has acknowledged a vulnerability in Avaya Call Management System
(CMS), which can be exploited by malicious, local users to gain
escalated privileges.

Full Advisory:
http://secunia.com/advisories/15303/

 --

[SA15262] FreeBSD Kernel Memory Disclosure Vulnerabilities

Critical:    Less critical
Where:       Local system
Impact:      Exposure of sensitive information
Released:    2005-05-06

Christian S.J. Peron has reported some vulnerabilities in FreeBSD,
which can be exploited by malicious, local users to gain knowledge of
potentially sensitive information.

Full Advisory:
http://secunia.com/advisories/15262/

 --

[SA15261] FreeBSD "i386_get_ldt()" Kernel Memory Disclosure
Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Exposure of sensitive information
Released:    2005-05-06

Christer Oberg has reported a vulnerability in FreeBSD, which can be
exploited by malicious, local users to gain knowledge of potentially
sensitive information.

Full Advisory:
http://secunia.com/advisories/15261/

 --

[SA15260] FreeBSD Insecure iir Driver Permissions

Critical:    Less critical
Where:       Local system
Impact:      Manipulation of data, Exposure of sensitive information
Released:    2005-05-06

Christian S.J. Peron has reported a security issue in FreeBSD, which
can be exploited by malicious, local users to gain knowledge of
sensitive information or corrupt data.

Full Advisory:
http://secunia.com/advisories/15260/

 --

[SA15301] Mac OS X Mail Account Wizard Exposure of User Credentials

Critical:    Not critical
Where:       From remote
Impact:      Exposure of sensitive information
Released:    2005-05-10

Markus Wörle has reported a security issue in Mac OS X, which may
expose sensitive information to malicious people.

Full Advisory:
http://secunia.com/advisories/15301/

 --

[SA15276] Fedora update for libexif

Critical:    Not critical
Where:       From remote
Impact:      DoS
Released:    2005-05-09

Fedora has issued an update for libexif. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/15276/

 --

[SA15259] libexif EXIF Tag Parsing Denial of Service Vulnerability

Critical:    Not critical
Where:       From remote
Impact:      DoS
Released:    2005-05-09

Matthias Clasen has reported a vulnerability in libexif, which can be
exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/15259/

 --

[SA15323] Sun Solaris automountd Denial of Service Vulnerability

Critical:    Not critical
Where:       Local system
Impact:      DoS
Released:    2005-05-11

A vulnerability has been reported in Solaris, which can be exploited by
malicious, local users to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/15323/

 --

[SA15293] Viewglob "vgd" Server Exposure of Directory Information

Critical:    Not critical
Where:       Local system
Impact:      Exposure of system information
Released:    2005-05-10

A weakness has been reported in Viewglob, which can be exploited by
malicious, local users to disclose system information.

Full Advisory:
http://secunia.com/advisories/15293/


Other:--

[SA15306] Sun StorEdge 6130 Array Unspecified Unauthorised Access

Critical:    Moderately critical
Where:       From local network
Impact:      Security Bypass
Released:    2005-05-11

A security issue has been reported in Sun StorEdge 6130 Array, which
can be exploited by malicious people to bypass certain security
restrictions.

Full Advisory:
http://secunia.com/advisories/15306/


Cross Platform:--

[SA15292] Mozilla Firefox Two Vulnerabilities

Critical:    Extremely critical
Where:       From remote
Impact:      Cross Site Scripting, System access
Released:    2005-05-08

Two vulnerabilities have been discovered in Firefox, which can be
exploited by malicious people to conduct cross-site scripting attacks
and compromise a user's system.

Full Advisory:
http://secunia.com/advisories/15292/

 --

[SA15328] Gaim URL Processing Buffer Overflow Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-05-11

A vulnerability and a weakness have been reported in Gaim, which can be
exploited by malicious people to cause a DoS (Denial of Service) or
compromise a user's system.

Full Advisory:
http://secunia.com/advisories/15328/

 --

[SA15312] BoastMachine File Upload Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-05-11

FraMe has reported a vulnerability in BoastMachine, which potentially
can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/15312/

 --

[SA15310] iTunes MPEG-4 File Parsing Buffer Overflow Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-05-10

A vulnerability has been reported in iTunes, which potentially can be
exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/15310/

 --

[SA15282] e107 Multiple Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Manipulation of data, Exposure of
sensitive information, System access
Released:    2005-05-10

Heintz has reported some vulnerabilities in e107, which can be
exploited by malicious people to disclose sensitive information,
conduct SQL injection attacks, and potentially bypass certain security
restrictions and compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/15282/

 --

[SA15279] PHP Advanced Transfer Manager File Upload Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-05-09

nst has reported a vulnerability in PHP Advanced Transfer Manager,
which potentially can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/15279/

 --

[SA15257] Fusion SBX "is_logged" Authentication Bypass

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, System access
Released:    2005-05-10

dave has reported a vulnerability in Fusion SBX, which can be exploited
by malicious people to bypass certain security restrictions and
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/15257/

 --

[SA15317] Woltlab Burning Board Unspecified Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Unknown
Released:    2005-05-10

A vulnerability with an unknown impact has been reported in Burning
Board and Burning Board Lite.

Full Advisory:
http://secunia.com/advisories/15317/

 --

[SA15315] PwsPHP Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, Spoofing,
Manipulation of data, Exposure of system information
Released:    2005-05-10

fRoGGz has reported some vulnerabilities in PwsPHP, which can be
exploited by malicious people to conduct cross-site scripting, spoofing
and SQL injection attacks, and bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/15315/

 --

[SA15304] HT Editor ELF and PE Parser Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2005-05-11

Two vulnerabilities have been reported in HT Editor, which potentially
can be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/15304/

 --

[SA15298] phpBB Unspecified URL / BB Code Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Unknown
Released:    2005-05-09

A vulnerability with an unknown impact has been reported in phpBB.

Full Advisory:
http://secunia.com/advisories/15298/

 --

[SA15296] Mozilla "IFRAME" JavaScript URL Cross-Site Scripting

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-05-09

A vulnerability has been reported in Mozilla Suite, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/15296/

 --

[SA15290] WebAPP Guestbook PRO Module Message Script Insertion

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-05-11

SoulBlack Security Research has reported a vulnerability in the
Guestbook PRO module for WebAPP, which can be exploited by malicious
people to conduct script insertion attacks.

Full Advisory:
http://secunia.com/advisories/15290/

 --

[SA15289] AutoTheme and AT-Lite Unspecified Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Unknown
Released:    2005-05-10

Some vulnerabilities with unknown impacts have been reported in the
AutoTheme and AT-Lite modules for PostNuke.

Full Advisory:
http://secunia.com/advisories/15289/

 --

[SA15286] SiteStudio and H-Sphere "name" Script Insertion
Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-05-10

Donnie Werner has reported a vulnerability in SiteStudio and H-Sphere,
which can be exploited by malicious people to conduct script insertion
attacks.

Full Advisory:
http://secunia.com/advisories/15286/

 --

[SA15281] CJ Ultra Plus "perm" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-05-09

Kold has reported a vulnerability in CJ Ultra Plus, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/15281/

 --

[SA15269] MidiCart PHP Shopping Cart Cross-Site Scripting and SQL
Injection

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data, Exposure of
system information
Released:    2005-05-06

Exoduks has reported some vulnerabilities in MidiCart PHP Shopping
Cart, which can be exploited by malicious people to conduct cross-site
scripting and SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/15269/

 --

[SA15265] Invision Power Board Cross-Site Scripting and SQL Injection

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data
Released:    2005-05-06

James Bercegay has reported two vulnerabilities in Invision Power
Board, which can be exploited by malicious people to conduct cross-site
scripting and SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/15265/

 --

[SA15332] Nuke ET "codigo" Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-05-11

Suko and Lostmon have reported a vulnerability in Nuke ET, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/15332/

 --

[SA15311] NukeScripts NukeSentinel URL Encoding Filter Bypass

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass
Released:    2005-05-10

A vulnerability has been reported in NukeSentinel, which can be
exploited by malicious people to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/15311/

 --

[SA15297] Quick.Cart "sWord" Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-05-11

Lostmon has reported a vulnerability in Quick.Cart, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/15297/

 --

[SA15267] Netscape HTTP Authentication Prompt Spoofing Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Spoofing
Released:    2005-05-10

A vulnerability has been reported in Netscape, which can be exploited
by malicious people to spoof HTTP authentication prompts.

Full Advisory:
http://secunia.com/advisories/15267/



========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Subscribe:
http://secunia.com/secunia_weekly_summary/

Contact details:
Web	: http://secunia.com/
E-mail	: support@private
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45



_________________________________________
InfoSec News v2.0 - Coming Soon!
http://www.infosecnews.org



This archive was generated by hypermail 2.1.3 : Fri May 13 2005 - 16:52:31 PDT