======================================================================== The Secunia Weekly Advisory Summary 2005-08-11 - 2005-08-18 This week : 77 advisories ======================================================================== Table of Contents: 1.....................................................Word From Secunia 2....................................................This Week In Brief 3...............................This Weeks Top Ten Most Read Advisories 4.......................................Vulnerabilities Summary Listing 5.......................................Vulnerabilities Content Listing ======================================================================== 1) Word From Secunia: The Secunia staff is spending hours every day to assure you the best and most reliable source for vulnerability information. Every single vulnerability report is being validated and verified before a Secunia advisory is written. Secunia validates and verifies vulnerability reports in many different ways e.g. by downloading the software and performing comprehensive tests, by reviewing source code, or by validating the credibility of the source from which the vulnerability report was issued. As a result, Secunia's database is the most correct and complete source for recent vulnerability information available on the Internet. Secunia Online Vulnerability Database: http://secunia.com/ ======================================================================== 2) This Week in Brief: A vulnerability has been reported in Adobe Reader and Adobe Acrobat, which potentially can be exploited by malicious people to compromise a user's system. Adobe has released updated versions, which corrects this vulnerability. More information about affected versions can be found in the referenced Secunia advisory. Reference: http://secunia.com/SA16466 -- Apple has issued a security update for Mac OS X, which fixes more than 40 vulnerabilities. Please read the referenced Secunia advisory for a complete list of vulnerabilities fixed. Reference: http://secunia.com/SA16449 VIRUS ALERTS: During the last week, Secunia issued 2 MEDIUM RISK virus alerts. Please refer to the grouped virus profiles below for more information: RBOT.CBQ - MEDIUM RISK Virus Alert - 2005-08-17 02:34 GMT+1 http://secunia.com/virus_information/20737/rbot.cbq/ IRCBot.es - MEDIUM RISK Virus Alert - 2005-08-17 01:52 GMT+1 http://secunia.com/virus_information/20679/ircbot.es/ ======================================================================== 3) This Weeks Top Ten Most Read Advisories: 1. [SA16466] Adobe Acrobat / Reader Plug-in Buffer Overflow Vulnerability 2. [SA16373] Internet Explorer Three Vulnerabilities 3. [SA16372] Microsoft Windows Plug-and-Play Service Buffer Overflow 4. [SA16449] Mac OS X Security Update Fixes Multiple Vulnerabilities 5. [SA15601] Mozilla / Mozilla Firefox Frame Injection Vulnerability 6. [SA16403] VERITAS Backup Exec / NetBackup Arbitrary File Download Vulnerability 7. [SA16386] WordPress "cache_lastpostdate" PHP Code Insertion 8. [SA12758] Microsoft Word Document Parsing Buffer Overflow Vulnerabilities 9. [SA16406] Linux Kernel XDR Encode/Decode Buffer Overflow Vulnerability 10. [SA16418] SUSE update for mozilla / MozillaFirefox ======================================================================== 4) Vulnerabilities Summary Listing Windows: [SA16444] JaguarEditControl ActiveX Control Buffer Overflow Vulnerability [SA16408] MindAlign Multiple Unspecified Vulnerabilities [SA16403] VERITAS Backup Exec / NetBackup Arbitrary File Download Vulnerability [SA16393] Novell eDirectory iMonitor Buffer Overflow Vulnerability [SA16430] Hummingbird FTP User Password Encryption Weakness [SA16410] ePolicy Orchestrator / ProtectionPilot Insecure Directory Permissions [SA16396] Linksys WLAN Monitor Privilege Escalation Vulnerability [SA16422] Bloodshed Dev-Pascal NULL Character File Display Weakness [SA16420] Dev-PHP NULL Character File Display Weakness [SA16398] PHP Designer 2005 NULL Character File Display Weakness UNIX/Linux: [SA16460] Nucleus CMS XML-RPC Nested XML Tags PHP Code Execution [SA16458] Debian update for clamav [SA16455] Fedora update for evolution [SA16449] Mac OS X Security Update Fixes Multiple Vulnerabilities [SA16442] Mandriva update for gaim [SA16439] Gentoo update for awstats [SA16437] SGI Advanced Linux Environment Multiple Updates [SA16436] Gentoo update for gaim [SA16434] ezUpload "path" Arbitrary File Inclusion Vulnerability [SA16433] Discuz! Multiple File Extensions Script Upload Vulnerability [SA16423] Ubuntu update for gaim [SA16418] SUSE update for mozilla / MozillaFirefox [SA16413] Debian amd64 Update for Multiple Packages [SA16412] Ubuntu update for awstats [SA16399] Red Hat update for ethereal [SA16397] Ubuntu update for evolution [SA16394] GNOME Evolution Multiple Format String Vulnerabilities [SA16473] Debian update for mozilla [SA16453] BlueZ Arbitrary Command Execution Vulnerability [SA16448] Mandriva update for proftpd [SA16447] Kismet Multiple Vulnerabilities [SA16446] Debian update for mozilla-firefox [SA16443] PHPTB "mid" Parameter SQL Injection Vulnerability [SA16421] Debian update for fetchmail [SA16419] Fedora update for vim [SA16395] Mandriva update for netpbm [SA16470] Sun StorEdge Enterprise Backup Vulnerabilities [SA16426] SGI ProPack arrayd Authentication Spoofing Vulnerability [SA16406] Linux Kernel XDR Encode/Decode Buffer Overflow Vulnerability [SA16452] Fedora update for xpdf [SA16450] SUSE update for apache / apache2 [SA16440] Gentoo update for xpdf/kpdf/gpdf [SA16417] Mandriva update for cups [SA16415] Mandriva update for xpdf [SA16404] Red Hat update for gpdf [SA16401] HP Tru64 UNIX IPsec Tunnel ESP Mode Encrypted Data Disclosure [SA16400] GNOME gpdf Temporary File Writing Denial of Service [SA16456] HP Ignite-UX TFTP Service Two Vulnerabilities [SA16416] Mandriva update for ucd-snmp [SA16411] Sun Solaris Multiple MySQL Vulnerabilities [SA16451] Fedora update for kdeedu [SA16428] KDE langen2kvtml Insecure Temporary File Creation [SA16425] Kaspersky Anti-Virus Insecure Log Directory Security Issue Other: [SA16467] Xerox Document Centre MicroServer Web Server Vulnerabilities [SA16457] Linksys WRT54GS Wireless Encryption Security Bypass [SA16402] HP ProLiant DL585 Server Unspecified Access Vulnerability [SA16445] BONA ADSL-FR4II Multiple Vulnerabilities [SA16438] Grandstream BudgeTone Denial of Service Vulnerability [SA16409] Wyse Winterm 1125SE IP Option Length Denial of Service Cross Platform: [SA16469] phpPgAds Multiple Vulnerabilities [SA16468] phpAdsNew Multiple Vulnerabilities [SA16466] Adobe Acrobat / Reader Plug-in Buffer Overflow Vulnerability [SA16465] eGroupWare XML-RPC Nested XML Tags PHP Code Execution [SA16462] CPAINT Ajax Toolkit Unspecified Command Execution Vulnerability [SA16454] CPAINT Ajax Toolkit Command Execution Vulnerabilities [SA16441] phpMyFAQ XML-RPC Nested XML Tags PHP Code Execution [SA16432] Drupal XML-RPC PHP Code Execution Vulnerability [SA16431] XML-RPC for PHP Nested XML Tags PHP Code Execution [SA16429] PEAR XML_RPC Nested XML Tags PHP Code Execution [SA16471] phpWebSite "module" Parameter SQL Injection Vulnerability [SA16459] ECW-Shop SQL Injection and Cross-Site Scripting Vulnerabilities [SA16435] Dada Mail Archived Messages Script Insertion Vulnerability [SA16427] SafeHTML UTF-7 XSS and CSS Comments Handling Security Bypass [SA16414] FUDforum "Tree View" Security Bypass Vulnerability [SA16464] Legato NetWorker Multiple Vulnerabilities [SA16407] Dokeos Multiple Directory Traversal Vulnerabilities [SA16405] My Image Gallery Cross-Site Scripting Vulnerabilities ======================================================================== 5) Vulnerabilities Content Listing Windows:-- [SA16444] JaguarEditControl ActiveX Control Buffer Overflow Vulnerability Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2005-08-16 Tacettin Karadeniz has discovered a vulnerability in JaguarEditControl, which potentially can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/16444/ -- [SA16408] MindAlign Multiple Unspecified Vulnerabilities Critical: Moderately critical Where: From remote Impact: Security Bypass, Exposure of system information, Exposure of sensitive information, DoS Released: 2005-08-15 NISCC has reported some vulnerabilities in MindAlign, which can be exploited to enumerate valid users, gain knowledge of various information, conduct cross-site scripting attacks, cause a DoS (Denial of Service), or bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/16408/ -- [SA16403] VERITAS Backup Exec / NetBackup Arbitrary File Download Vulnerability Critical: Moderately critical Where: From local network Impact: Security Bypass Released: 2005-08-12 A vulnerability has been reported in VERITAS Backup Exec and NetBackup, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/16403/ -- [SA16393] Novell eDirectory iMonitor Buffer Overflow Vulnerability Critical: Moderately critical Where: From local network Impact: System access Released: 2005-08-12 Peter Winter-Smith of NGSSoftware has reported a vulnerability in Novell eDirectory, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/16393/ -- [SA16430] Hummingbird FTP User Password Encryption Weakness Critical: Less critical Where: Local system Impact: Exposure of sensitive information Released: 2005-08-15 nnposter has discovered a weakness in Hummingbird FTP, which can be exploited by malicious, local users to disclose certain sensitive information. Full Advisory: http://secunia.com/advisories/16430/ -- [SA16410] ePolicy Orchestrator / ProtectionPilot Insecure Directory Permissions Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-08-15 Reed Arvin has reported a security issue in ePolicy Orchestrator, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/16410/ -- [SA16396] Linksys WLAN Monitor Privilege Escalation Vulnerability Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-08-11 Reed Arvin has discovered a vulnerability in Linksys WLAN Monitor, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/16396/ -- [SA16422] Bloodshed Dev-Pascal NULL Character File Display Weakness Critical: Not critical Where: From remote Impact: Unknown Released: 2005-08-12 rgod has discovered a weakness in Bloodshed Dev-Pascal, which can be exploited by malicious people to hide the contents of certain source files. Full Advisory: http://secunia.com/advisories/16422/ -- [SA16420] Dev-PHP NULL Character File Display Weakness Critical: Not critical Where: From remote Impact: Unknown Released: 2005-08-12 rgod has discovered a weakness in Dev-PHP, which can be exploited by malicious people to hide the contents of certain source files. Full Advisory: http://secunia.com/advisories/16420/ -- [SA16398] PHP Designer 2005 NULL Character File Display Weakness Critical: Not critical Where: From remote Impact: Unknown Released: 2005-08-12 rgod has discovered a weakness in PHP Designer 2005, which can be exploited by malicious people to hide the contents of certain source files. Full Advisory: http://secunia.com/advisories/16398/ UNIX/Linux:-- [SA16460] Nucleus CMS XML-RPC Nested XML Tags PHP Code Execution Critical: Highly critical Where: From remote Impact: System access Released: 2005-08-16 A vulnerability has been reported in Nucleus CMS, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/16460/ -- [SA16458] Debian update for clamav Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2005-08-16 Debian has issued an update for clamav. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/16458/ -- [SA16455] Fedora update for evolution Critical: Highly critical Where: From remote Impact: System access Released: 2005-08-16 Fedora has issued an update for evolution. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/16455/ -- [SA16449] Mac OS X Security Update Fixes Multiple Vulnerabilities Critical: Highly critical Where: From remote Impact: Security Bypass, Cross Site Scripting, Manipulation of data, Exposure of sensitive information, Privilege escalation, DoS, System access Released: 2005-08-16 Apple has issued a security update for Mac OS X, which fixes more than 40 vulnerabilities. Full Advisory: http://secunia.com/advisories/16449/ -- [SA16442] Mandriva update for gaim Critical: Highly critical Where: From remote Impact: System access, DoS Released: 2005-08-16 Mandriva has issued an update for gaim. This fixes a vulnerability and two weaknesses, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a user's system. Full Advisory: http://secunia.com/advisories/16442/ -- [SA16439] Gentoo update for awstats Critical: Highly critical Where: From remote Impact: System access Released: 2005-08-16 Gentoo has issued an update for awstats. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/16439/ -- [SA16437] SGI Advanced Linux Environment Multiple Updates Critical: Highly critical Where: From remote Impact: System access, DoS, Manipulation of data, Spoofing, Cross Site Scripting, Security Bypass Released: 2005-08-15 SGI has issued a patch for SGI Advanced Linux Environment, which fixes multiple vulnerabilities in various packages. Full Advisory: http://secunia.com/advisories/16437/ -- [SA16436] Gentoo update for gaim Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2005-08-15 Gentoo has issued an update for gaim. This fixes a vulnerability and a weakness, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a user's system. Full Advisory: http://secunia.com/advisories/16436/ -- [SA16434] ezUpload "path" Arbitrary File Inclusion Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2005-08-16 Johnnie Walker has reported a vulnerability in ezUpload, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/16434/ -- [SA16433] Discuz! Multiple File Extensions Script Upload Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2005-08-16 Jeremy Bae has reported a vulnerability in Discuz!, which potentially can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/16433/ -- [SA16423] Ubuntu update for gaim Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2005-08-12 Ubuntu has issued an update for gaim. This fixes a vulnerability and two weaknesses, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a user's system. Full Advisory: http://secunia.com/advisories/16423/ -- [SA16418] SUSE update for mozilla / MozillaFirefox Critical: Highly critical Where: From remote Impact: Security Bypass, Cross Site Scripting, Spoofing, System access Released: 2005-08-12 SUSE has issued an update for mozilla / MozillaFirefox. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, spoof the contents of web sites, spoof dialog boxes, and compromise a user's system. Full Advisory: http://secunia.com/advisories/16418/ -- [SA16413] Debian amd64 Update for Multiple Packages Critical: Highly critical Where: From remote Impact: Exposure of sensitive information, Privilege escalation, DoS, System access Released: 2005-08-12 Debian has issued updates for multiple packages. These fix several vulnerabilities and covers all security updates since the release of sarge for the stable amd64 distribution. Full Advisory: http://secunia.com/advisories/16413/ -- [SA16412] Ubuntu update for awstats Critical: Highly critical Where: From remote Impact: System access Released: 2005-08-12 Ubuntu has issued an update for awstats. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/16412/ -- [SA16399] Red Hat update for ethereal Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2005-08-11 Red Hat has issued an update for ethereal. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/16399/ -- [SA16397] Ubuntu update for evolution Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2005-08-11 Ubuntu has issued an update for evolution. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/16397/ -- [SA16394] GNOME Evolution Multiple Format String Vulnerabilities Critical: Highly critical Where: From remote Impact: System access Released: 2005-08-11 Ulf Harnhammar has reported some vulnerabilities in Evolution, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/16394/ -- [SA16473] Debian update for mozilla Critical: Moderately critical Where: From remote Impact: Spoofing Released: 2005-08-17 Debian has issued an update for mozilla. This fixes a vulnerability, which can be exploited by malicious people to spoof the contents of web sites. Full Advisory: http://secunia.com/advisories/16473/ -- [SA16453] BlueZ Arbitrary Command Execution Vulnerability Critical: Moderately critical Where: From remote Impact: Security Bypass, System access Released: 2005-08-16 Henryk Plotz has reported a vulnerability in BlueZ, which can be exploited by malicious people to bypass certain security restrictions or compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/16453/ -- [SA16448] Mandriva update for proftpd Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information, DoS, System access Released: 2005-08-16 Mandriva has issued an update for proftpd. This fixes two vulnerabilities, which can be exploited by malicious users to disclose certain sensitive information, cause a DoS (Denial of Service), or potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/16448/ -- [SA16447] Kismet Multiple Vulnerabilities Critical: Moderately critical Where: From remote Impact: Unknown, System access Released: 2005-08-16 Some vulnerabilities have been reported in Kismet, which potentially can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/16447/ -- [SA16446] Debian update for mozilla-firefox Critical: Moderately critical Where: From remote Impact: Spoofing Released: 2005-08-15 Debian has issued an update for mozilla-firefox. This fixes a vulnerability, which can be exploited by malicious people to spoof the contents of web sites. Full Advisory: http://secunia.com/advisories/16446/ -- [SA16443] PHPTB "mid" Parameter SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2005-08-15 aLMaSTeR HaCKeR has reported a vulnerability in PHPTB, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/16443/ -- [SA16421] Debian update for fetchmail Critical: Moderately critical Where: From remote Impact: System access Released: 2005-08-12 Debian has issued an update for fetchmail. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/16421/ -- [SA16419] Fedora update for vim Critical: Moderately critical Where: From remote Impact: System access Released: 2005-08-12 Fedora has issued an update for vim. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/16419/ -- [SA16395] Mandriva update for netpbm Critical: Moderately critical Where: From remote Impact: System access Released: 2005-08-11 Mandriva has issued an update for netpbm. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/16395/ -- [SA16470] Sun StorEdge Enterprise Backup Vulnerabilities Critical: Moderately critical Where: From local network Impact: Security Bypass, Exposure of sensitive information, DoS Released: 2005-08-17 Sun Microsystems has acknowledged some vulnerabilities in Sun StorEdge Enterprise Backup / Solstice Backup, which can be exploited by malicious people to cause a DoS (Denial of Service), gain knowledge of sensitive information, or bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/16470/ -- [SA16426] SGI ProPack arrayd Authentication Spoofing Vulnerability Critical: Moderately critical Where: From local network Impact: Spoofing Released: 2005-08-15 SGI has acknowledged a vulnerability in SGI ProPack, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/16426/ -- [SA16406] Linux Kernel XDR Encode/Decode Buffer Overflow Vulnerability Critical: Moderately critical Where: From local network Impact: DoS, System access Released: 2005-08-12 Florian Weimer has reported a vulnerability in the Linux kernel, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/16406/ -- [SA16452] Fedora update for xpdf Critical: Less critical Where: From remote Impact: DoS Released: 2005-08-16 Fedora has issued an update for xpdf. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) on a vulnerable system. Full Advisory: http://secunia.com/advisories/16452/ -- [SA16450] SUSE update for apache / apache2 Critical: Less critical Where: From remote Impact: Security Bypass, Cross Site Scripting, Manipulation of data, DoS Released: 2005-08-16 SUSE has issued updates for apache and apache2. These fix two vulnerabilities, which can be exploited by malicious people to potentially cause a DoS (Denial of Service) and conduct HTTP request smuggling attacks. Full Advisory: http://secunia.com/advisories/16450/ -- [SA16440] Gentoo update for xpdf/kpdf/gpdf Critical: Less critical Where: From remote Impact: DoS Released: 2005-08-16 Gentoo has issued updates for xpdf, kpdf, and gpdf. These fix a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/16440/ -- [SA16417] Mandriva update for cups Critical: Less critical Where: From remote Impact: DoS Released: 2005-08-12 Mandriva has issued an update for cups. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) on a vulnerable system. Full Advisory: http://secunia.com/advisories/16417/ -- [SA16415] Mandriva update for xpdf Critical: Less critical Where: From remote Impact: DoS Released: 2005-08-12 Mandriva has issued an update for xpdf. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/16415/ -- [SA16404] Red Hat update for gpdf Critical: Less critical Where: From remote Impact: DoS Released: 2005-08-11 Red Hat has issued an update for gpdf. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/16404/ -- [SA16401] HP Tru64 UNIX IPsec Tunnel ESP Mode Encrypted Data Disclosure Critical: Less critical Where: From remote Impact: Exposure of sensitive information Released: 2005-08-11 HP has acknowledged a vulnerability in HP Tru64 UNIX, which can be exploited by malicious people to disclose certain sensitive information. Full Advisory: http://secunia.com/advisories/16401/ -- [SA16400] GNOME gpdf Temporary File Writing Denial of Service Critical: Less critical Where: From remote Impact: DoS Released: 2005-08-11 A vulnerability has been reported in gpdf, which can be exploited by malicious people to cause a DoS (Denial of Service) on a vulnerable system. Full Advisory: http://secunia.com/advisories/16400/ -- [SA16456] HP Ignite-UX TFTP Service Two Vulnerabilities Critical: Less critical Where: From local network Impact: Manipulation of data, Exposure of sensitive information Released: 2005-08-16 Martin O'Neal of Corsaire has reported two vulnerabilities in HP Ignite-UX, which can be exploited by malicious people to gain access to the file system or disclose certain sensitive information. Full Advisory: http://secunia.com/advisories/16456/ -- [SA16416] Mandriva update for ucd-snmp Critical: Less critical Where: From local network Impact: DoS Released: 2005-08-12 Mandriva has issued an update for ucd-snmp. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/16416/ -- [SA16411] Sun Solaris Multiple MySQL Vulnerabilities Critical: Less critical Where: From local network Impact: Security Bypass, Privilege escalation, DoS Released: 2005-08-12 Sun Microsystems has acknowledged some vulnerabilities in the MySQL package bundled with Solaris, which can be exploited by malicious users to bypass certain security restrictions, cause a DoS (Denial of Service), or compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/16411/ -- [SA16451] Fedora update for kdeedu Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-08-16 Fedora has issued an update for kdeedu. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions with escalated privileges on a vulnerable system. Full Advisory: http://secunia.com/advisories/16451/ -- [SA16428] KDE langen2kvtml Insecure Temporary File Creation Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-08-15 A vulnerability has been reported in KDE, which can be exploited by malicious, local users to perform certain actions with escalated privileges on a vulnerable system. Full Advisory: http://secunia.com/advisories/16428/ -- [SA16425] Kaspersky Anti-Virus Insecure Log Directory Security Issue Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-08-15 Dr. Peter Bieringer has reported a security issue in Kaspersky Anti-Virus for Linux File Server, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges. Full Advisory: http://secunia.com/advisories/16425/ Other:-- [SA16467] Xerox Document Centre MicroServer Web Server Vulnerabilities Critical: Moderately critical Where: From remote Impact: Security Bypass, Cross Site Scripting, Exposure of system information, Exposure of sensitive information, DoS Released: 2005-08-17 Multiple vulnerabilities have been reported in Xerox Document Centre, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, or cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/16467/ -- [SA16457] Linksys WRT54GS Wireless Encryption Security Bypass Critical: Moderately critical Where: From remote Impact: Security Bypass Released: 2005-08-17 Steve Scherf has reported a security issue in Linksys WRT54GS, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/16457/ -- [SA16402] HP ProLiant DL585 Server Unspecified Access Vulnerability Critical: Moderately critical Where: From local network Impact: Security Bypass Released: 2005-08-11 A vulnerability has been reported in HP ProLiant DL585 Server, which can be exploited by malicious people to gain unauthorised access to the server controls. Full Advisory: http://secunia.com/advisories/16402/ -- [SA16445] BONA ADSL-FR4II Multiple Vulnerabilities Critical: Less critical Where: From local network Impact: Exposure of sensitive information, DoS Released: 2005-08-15 Tim Brown has reported some vulnerabilities in ADSL-FR4II, which can be exploited by malicious people to cause a DoS (Denial of Service) or gain knowledge of certain sensitive information. Full Advisory: http://secunia.com/advisories/16445/ -- [SA16438] Grandstream BudgeTone Denial of Service Vulnerability Critical: Less critical Where: From local network Impact: DoS Released: 2005-08-15 Pierre Kroma has reported a vulnerability in Grandstream BudgeTone 100 Series SIP Phones, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/16438/ -- [SA16409] Wyse Winterm 1125SE IP Option Length Denial of Service Critical: Less critical Where: From local network Impact: DoS Released: 2005-08-12 Josh Zlatin-Amishav has reported a vulnerability in Wyse Winterm, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/16409/ Cross Platform:-- [SA16469] phpPgAds Multiple Vulnerabilities Critical: Highly critical Where: From remote Impact: Manipulation of data, Exposure of sensitive information, System access Released: 2005-08-17 Some vulnerabilities have been reported in phpPgAds, which can be exploited by malicious people to disclose certain sensitive information, conduct SQL injection attacks or compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/16469/ -- [SA16468] phpAdsNew Multiple Vulnerabilities Critical: Highly critical Where: From remote Impact: Manipulation of data, Exposure of sensitive information, System access Released: 2005-08-17 Some vulnerabilities have been reported in phpAdsNew, which can be exploited by malicious people to disclose certain sensitive information, conduct SQL injection attacks, or compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/16468/ -- [SA16466] Adobe Acrobat / Reader Plug-in Buffer Overflow Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2005-08-16 A vulnerability has been reported in Adobe Reader and Adobe Acrobat, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/16466/ -- [SA16465] eGroupWare XML-RPC Nested XML Tags PHP Code Execution Critical: Highly critical Where: From remote Impact: System access Released: 2005-08-16 A vulnerability has been reported in eGroupWare, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/16465/ -- [SA16462] CPAINT Ajax Toolkit Unspecified Command Execution Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2005-08-16 A vulnerability has been reported in CPAINT, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/16462/ -- [SA16454] CPAINT Ajax Toolkit Command Execution Vulnerabilities Critical: Highly critical Where: From remote Impact: Cross Site Scripting, System access Released: 2005-08-17 Thor Larholm has reported some vulnerabilities in CPAINT, which can be exploited by malicious people to conduct cross-site scripting attacks or compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/16454/ -- [SA16441] phpMyFAQ XML-RPC Nested XML Tags PHP Code Execution Critical: Highly critical Where: From remote Impact: System access Released: 2005-08-15 A vulnerability has been reported in phpMyFAQ, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/16441/ -- [SA16432] Drupal XML-RPC PHP Code Execution Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2005-08-15 A vulnerability has been reported in Drupal, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/16432/ -- [SA16431] XML-RPC for PHP Nested XML Tags PHP Code Execution Critical: Highly critical Where: From remote Impact: System access Released: 2005-08-15 Stefan Esser has reported a vulnerability in XML-RPC, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/16431/ -- [SA16429] PEAR XML_RPC Nested XML Tags PHP Code Execution Critical: Highly critical Where: From remote Impact: System access Released: 2005-08-15 Stefan Esser has reported a vulnerability in PEAR XML-RPC, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/16429/ -- [SA16471] phpWebSite "module" Parameter SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2005-08-17 matrix_killer has discovered a vulnerability in phpWebSite, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/16471/ -- [SA16459] ECW-Shop SQL Injection and Cross-Site Scripting Vulnerabilities Critical: Moderately critical Where: From remote Impact: Cross Site Scripting, Manipulation of data Released: 2005-08-17 John Cobb has discovered some vulnerabilities in ECW-Shop, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks. Full Advisory: http://secunia.com/advisories/16459/ -- [SA16435] Dada Mail Archived Messages Script Insertion Vulnerability Critical: Moderately critical Where: From remote Impact: Cross Site Scripting Released: 2005-08-16 A vulnerability has been reported in Dada Mail, which potentially can be exploited by malicious people to conduct script insertion attacks. Full Advisory: http://secunia.com/advisories/16435/ -- [SA16427] SafeHTML UTF-7 XSS and CSS Comments Handling Security Bypass Critical: Moderately critical Where: From remote Impact: Security Bypass Released: 2005-08-16 A vulnerability has been reported in SafeHTML, which potentially can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/16427/ -- [SA16414] FUDforum "Tree View" Security Bypass Vulnerability Critical: Moderately critical Where: From remote Impact: Security Bypass Released: 2005-08-12 Alexander Heidenreich has discovered a vulnerability in FUDforum, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/16414/ -- [SA16464] Legato NetWorker Multiple Vulnerabilities Critical: Moderately critical Where: From local network Impact: Security Bypass, Exposure of system information, Exposure of sensitive information, DoS Released: 2005-08-17 Three vulnerabilities have been reported in Legato NetWorker, which can be exploited by malicious people to cause a DoS (Denial of Service), gain knowledge of sensitive information, or bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/16464/ -- [SA16407] Dokeos Multiple Directory Traversal Vulnerabilities Critical: Less critical Where: From remote Impact: Manipulation of data, Exposure of sensitive information Released: 2005-08-15 Some vulnerabilities have been discovered in Dokeos, which can exploited by malicious users to conduct directory traversal attacks. Full Advisory: http://secunia.com/advisories/16407/ -- [SA16405] My Image Gallery Cross-Site Scripting Vulnerabilities Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2005-08-16 Two vulnerabilities have been reported in My Image Gallery, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/16405/ ======================================================================== Secunia recommends that you verify all advisories you receive, by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Subscribe: http://secunia.com/secunia_weekly_summary/ Contact details: Web : http://secunia.com/ E-mail : support@private Tel : +45 70 20 51 44 Fax : +45 70 20 51 45 _________________________________________ Attend ToorCon Sept 16-18th, 2005 Convention Center San Diego, California www.toorcon.org
This archive was generated by hypermail 2.1.3 : Fri Aug 19 2005 - 00:57:54 PDT