========================================================================
The Secunia Weekly Advisory Summary
2005-10-27 - 2005-11-03
This week : 47 advisories
========================================================================
Table of Contents:
1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing
========================================================================
1) Word From Secunia:
The Secunia staff is spending hours every day to assure you the best
and most reliable source for vulnerability information. Every single
vulnerability report is being validated and verified before a Secunia
advisory is written.
Secunia validates and verifies vulnerability reports in many different
ways e.g. by downloading the software and performing comprehensive
tests, by reviewing source code, or by validating the credibility of
the source from which the vulnerability report was issued.
As a result, Secunia's database is the most correct and complete source
for recent vulnerability information available on the Internet.
Secunia Online Vulnerability Database:
http://secunia.com/
========================================================================
2) This Week in Brief:
A security issue has been reported in First4Internet XCP DRM software
used to playback Sony copy-protected music CDs, which can be exploited
by malicious, local users to hide certain actions on a vulnerable
system from the Administrator.
Reference:
http://secunia.com/SA17408
--
Apple has released a security update for Mac OS X, which fixes some
vulnerabilities.
A complete list and details about the vulnerabilities fixed can be
found in the referenced Secunia advisory.
Reference:
http://secunia.com/SA17368
--
Some vulnerabilities have been reported in PHP, which can be exploited
by malicious people to conduct cross-site scripting attacks, bypass
certain security restrictions, and potentially compromise a vulnerable
system.
Additional details about the vulnerabilities can be found in the
referenced Secunia advisory.
Reference:
http://secunia.com/SA17371
VIRUS ALERTS:
Secunia has not issued any virus alerts during the week.
========================================================================
3) This Weeks Top Ten Most Read Advisories:
1. [SA17305] Skype Multiple Buffer Overflow Vulnerabilities
2. [SA17371] PHP Multiple Vulnerabilities
3. [SA16502] PCRE Quantifier Values Integer Overflow Vulnerability
4. [SA12758] Microsoft Word Document Parsing Buffer Overflow
Vulnerabilities
5. [SA15601] Mozilla / Mozilla Firefox Frame Injection Vulnerability
6. [SA16560] Windows Registry Editor Utility String Concealment
Weakness
7. [SA17358] Novell ZENworks Patch Management SQL Injection
Vulnerability
8. [SA17366] phpBB "register_globals" Deregistration Bypass
Vulnerabilities
9. [SA17351] GNUMP3d Cross-Site Scripting and Directory Traversal
Vulnerabilities
10. [SA17384] Linux Kernel Potential Buffer Overflow Vulnerabilities
========================================================================
4) Vulnerabilities Summary Listing
Windows:
[SA17409] Serv-U FTP Server Potential Denial of Service Vulnerability
[SA17394] CheckMark MultiLedger DUNZIP32.dll Buffer Overflow
Vulnerability
[SA17387] ASP Fast Forum "error" Cross-Site Scripting Vulnerability
[SA17385] Snitz Forums 2000 "post.asp" Cross-Site Scripting
Vulnerability
[SA17383] Ringtail CaseBook Cross-Site Scripting and Username
Enumeration
[SA17379] Hyper Estraier Windows Unicode Filename Handling
Vulnerability
[SA17361] F-Secure Products Web Console Directory Traversal
Vulnerability
[SA17408] Sony CD First4Internet XCP DRM Software Security Issue
UNIX/Linux:
[SA17389] NetBSD Update Fixes Multiple Vulnerabilities
[SA17377] Gentoo update for ethereal
[SA17362] Gentoo update for mantis
[SA17360] Debian update for lynx-ssl
[SA17405] MailWatch for MailScanner Two Vulnerabilities
[SA17403] Red Hat update for curl
[SA17401] Red Hat update for openssl096b
[SA17400] Red Hat update for wget
[SA17398] Red Hat update for openssl
[SA17397] Cisco Management Center for IPS Sensors Security Issue
[SA17392] Avaya Multiple Ethereal Vulnerabilities
[SA17391] Ubuntu update for libgda2-1 / libgda2-3
[SA17381] Fedora update for openssl096b
[SA17376] OpenVPN Format String and Denial of Service Vulnerabilities
[SA17369] Gentoo update for xli / xloadimage
[SA17367] Debian update for gallery
[SA17364] Red Hat update for kernel
[SA17363] Gentoo update for tikiwiki
[SA17390] Ubuntu update for sudo
[SA17382] Ntop Red Hat Initialisation Script Insecure Temporary File
Creation
[SA17380] IBM "chcons" Command Buffer Overflow Vulnerability
[SA17368] Mac OS X Update Fixes Multiple Vulnerabilities
[SA17370] Ethereal IRC Protocol Dissector Denial of Service
[SA17402] HP OpenVMS Unspecified Denial of Service Vulnerability
[SA17399] Mandriva update for wget
[SA17384] Linux Kernel Potential Buffer Overflow Vulnerabilities
[SA17365] Gentoo update for pam
Other:
[SA17413] Cisco IOS System Timers Potential Arbitrary Code Execution
[SA17406] Cisco Wireless LAN Controllers Encryption Bypass
Vulnerability
Cross Platform:
[SA17378] Subdreamer Login SQL Injection Vulnerabilities
[SA17366] phpBB "register_globals" Deregistration Bypass
Vulnerabilities
[SA17396] News2Net "category" SQL Injection Vulnerability
[SA17375] Invision Gallery "st" SQL Injection Vulnerability
[SA17374] MG2 Disclosure of Password Protected Images
[SA17373] oaboard SQL Injection Vulnerabilities
[SA17371] PHP Multiple Vulnerabilities
[SA17404] Simple PHP Blog Cross-Site Scripting Vulnerabilities
[SA17395] Sun Java System Communications Express Configuration File
Disclosure
[SA17393] Invision Gallery Image Script Insertion Vulnerability
========================================================================
5) Vulnerabilities Content Listing
Windows:--
[SA17409] Serv-U FTP Server Potential Denial of Service Vulnerability
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2005-11-02
A vulnerability has been reported in Serv-U, which potentially can be
exploited by malicious people to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/17409/
--
[SA17394] CheckMark MultiLedger DUNZIP32.dll Buffer Overflow
Vulnerability
Critical: Less critical
Where: From remote
Impact: System access
Released: 2005-10-31
Juha-Matti Laurio has reported a vulnerability in CheckMark
MultiLedger, which potentially can be exploited by malicious people to
compromise a user's system.
Full Advisory:
http://secunia.com/advisories/17394/
--
[SA17387] ASP Fast Forum "error" Cross-Site Scripting Vulnerability
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2005-10-31
syst3m_f4ult has reported a vulnerability in ASP Fast Forum, which can
be exploited by malicious people to conduct cross-site scripting
attacks.
Full Advisory:
http://secunia.com/advisories/17387/
--
[SA17385] Snitz Forums 2000 "post.asp" Cross-Site Scripting
Vulnerability
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2005-11-01
h4xorcrew has discovered a vulnerability in Snitz Forums 2000, which
can be exploited by malicious people to conduct cross-site scripting
attacks.
Full Advisory:
http://secunia.com/advisories/17385/
--
[SA17383] Ringtail CaseBook Cross-Site Scripting and Username
Enumeration
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting, Exposure of system information
Released: 2005-11-01
A weakness and a vulnerability has been reported in Ringtail CaseBook,
which can be exploited by malicious people to gain knowledge of certain
information and conduct cross-site scripting attacks.
Full Advisory:
http://secunia.com/advisories/17383/
--
[SA17379] Hyper Estraier Windows Unicode Filename Handling
Vulnerability
Critical: Less critical
Where: From remote
Impact: Exposure of sensitive information, DoS
Released: 2005-10-31
A vulnerability has been reported in Hyper Estraier, which can be
exploited by malicious users to cause a DoS (Denial of Service) or to
gain knowledge of certain sensitive information.
Full Advisory:
http://secunia.com/advisories/17379/
--
[SA17361] F-Secure Products Web Console Directory Traversal
Vulnerability
Critical: Less critical
Where: From local network
Impact: Exposure of sensitive information
Released: 2005-11-02
A vulnerability has been reported in F-Secure Anti-Virus for Microsoft
Exchange and F-Secure Internet Gatekeeper, which can be exploited by
malicious people to gain knowledge of potentially sensitive
information.
Full Advisory:
http://secunia.com/advisories/17361/
--
[SA17408] Sony CD First4Internet XCP DRM Software Security Issue
Critical: Less critical
Where: Local system
Impact: Security Bypass
Released: 2005-11-02
A security issue has been reported in First4Internet XCP DRM software
used to playback Sony copy-protected music CDs, which can be exploited
by malicious, local users to hide certain actions on a vulnerable
system from the Administrator.
Full Advisory:
http://secunia.com/advisories/17408/
UNIX/Linux:--
[SA17389] NetBSD Update Fixes Multiple Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: Security Bypass, Privilege escalation, DoS, System access
Released: 2005-11-02
Some vulnerabilities have been reported in NetBSD, which can be
exploited by malicious, local users to gain escalated privileges, or by
malicious users to cause a DoS (Denial of Service) and compromise a
vulnerable system, or by malicious people to bypass certain security
restrictions and compromise a user's system.
Full Advisory:
http://secunia.com/advisories/17389/
--
[SA17377] Gentoo update for ethereal
Critical: Highly critical
Where: From remote
Impact: DoS, System access
Released: 2005-10-31
Gentoo has issued an update for ethereal. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service) or compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/17377/
--
[SA17362] Gentoo update for mantis
Critical: Highly critical
Where: From remote
Impact: Cross Site Scripting, Manipulation of data, System access
Released: 2005-10-28
Gentoo has issued an update for mantis. This fixes some
vulnerabilities, which can be exploited by malicious people to conduct
cross-site scripting, script insertion, and SQL injection attacks, and
compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/17362/
--
[SA17360] Debian update for lynx-ssl
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2005-10-28
Debian has issued an update for lynx-ssl. This fixes a vulnerability,
which can be exploited by malicious people to compromise a user's
system.
Full Advisory:
http://secunia.com/advisories/17360/
--
[SA17405] MailWatch for MailScanner Two Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Unknown, Manipulation of data
Released: 2005-11-02
Two vulnerabilities have been reported in MailWatch for MailScanner,
where one has an unknown impact, and the other potentially can be
exploited by malicious people to conduct SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/17405/
--
[SA17403] Red Hat update for curl
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2005-11-02
Red Hat has issued an update for curl. This fixes a vulnerability,
which can be exploited by malicious people to compromise a user's
system.
Full Advisory:
http://secunia.com/advisories/17403/
--
[SA17401] Red Hat update for openssl096b
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2005-11-02
Red Hat has issued an update for openssl096b. This fixes a
vulnerability, which can be exploited by malicious people to cause a
DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/17401/
--
[SA17400] Red Hat update for wget
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2005-11-02
Red Hat has issued an update for wget. This fixes a vulnerability,
which can be exploited by malicious people to compromise a user's
system.
Full Advisory:
http://secunia.com/advisories/17400/
--
[SA17398] Red Hat update for openssl
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2005-11-02
Red Hat has issued an update for openssl. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).
Full Advisory:
http://secunia.com/advisories/17398/
--
[SA17397] Cisco Management Center for IPS Sensors Security Issue
Critical: Moderately critical
Where: From remote
Impact: Security Bypass
Released: 2005-11-02
A security issue has been reported in Cisco Management Center for IPS
Sensors (IPS MC), which can be exploited by malicious people to bypass
certain security restrictions.
Full Advisory:
http://secunia.com/advisories/17397/
--
[SA17392] Avaya Multiple Ethereal Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: DoS, System access
Released: 2005-10-31
Avaya has acknowledged some vulnerabilities in Ethereal included in
some products, which can be exploited by malicious people to cause a
DoS (Denial of Service) or compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/17392/
--
[SA17391] Ubuntu update for libgda2-1 / libgda2-3
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2005-10-31
Ubuntu has issued updates for libgda2-1 and libgda2-3. These fix a
vulnerability, which potentially can be exploited by malicious people
to compromise a user's system.
Full Advisory:
http://secunia.com/advisories/17391/
--
[SA17381] Fedora update for openssl096b
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2005-11-01
Fedora has issued an update for openssl096b. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/17381/
--
[SA17376] OpenVPN Format String and Denial of Service Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: DoS, System access
Released: 2005-11-01
Two vulnerabilities have been reported in OpenVPN, which can be
exploited by malicious people to cause a DoS (Denial of Service) and
potentially to compromise a user's system.
Full Advisory:
http://secunia.com/advisories/17376/
--
[SA17369] Gentoo update for xli / xloadimage
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2005-10-31
Gentoo has issued updates for xli and xloadimage. These fix a
vulnerability, which potentially can be exploited by malicious people
to compromise a user's system.
Full Advisory:
http://secunia.com/advisories/17369/
--
[SA17367] Debian update for gallery
Critical: Less critical
Where: From remote
Impact: Security Bypass
Released: 2005-11-02
Debian has issued an update for gallery. This fixes a security issue,
which can be exploited by malicious users to bypass certain security
restrictions.
Full Advisory:
http://secunia.com/advisories/17367/
--
[SA17364] Red Hat update for kernel
Critical: Less critical
Where: From remote
Impact: DoS
Released: 2005-10-28
Red Hat has issued an update for kernel. This fixes some
vulnerabilities, which can be exploited by malicious, local users to
cause a DoS (Denial of Service), or by malicious people to disclose
certain sensitive information and cause a DoS.
Full Advisory:
http://secunia.com/advisories/17364/
--
[SA17363] Gentoo update for tikiwiki
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2005-10-28
Gentoo has issued an update for tikiwiki. This fixes a vulnerability,
which can be exploited by malicious people to conduct cross-site
scripting attacks.
Full Advisory:
http://secunia.com/advisories/17363/
--
[SA17390] Ubuntu update for sudo
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2005-10-31
Ubuntu has issued an update for sudo. This fixes a vulnerability, which
can be exploited by malicious, local users to gain escalated
privileges.
Full Advisory:
http://secunia.com/advisories/17390/
--
[SA17382] Ntop Red Hat Initialisation Script Insecure Temporary File
Creation
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2005-10-31
nnposter has reported a vulnerability in Ntop, which can be exploited
by malicious, local users to perform certain actions on a vulnerable
system with escalated privileges.
Full Advisory:
http://secunia.com/advisories/17382/
--
[SA17380] IBM "chcons" Command Buffer Overflow Vulnerability
Critical: Less critical
Where: Local system
Impact: Unknown
Released: 2005-10-31
A vulnerability has been reported in AIX, which has an unknown impact.
Full Advisory:
http://secunia.com/advisories/17380/
--
[SA17368] Mac OS X Update Fixes Multiple Vulnerabilities
Critical: Less critical
Where: Local system
Impact: Security Bypass, Exposure of system information, Exposure
of sensitive information
Released: 2005-11-01
Apple has issued an update for Mac OS X. This fixes some
vulnerabilities and a security issue, which can be exploited by
malicious, local users to bypass certain security restrictions or to
gain knowledge of potentially sensitive information.
Full Advisory:
http://secunia.com/advisories/17368/
--
[SA17370] Ethereal IRC Protocol Dissector Denial of Service
Critical: Not critical
Where: From remote
Impact: DoS
Released: 2005-10-31
Daniel Gryniewicz has reported a vulnerability in Ethereal, which
potentially can be exploited by malicious people to cause a DoS (Denial
of Service).
Full Advisory:
http://secunia.com/advisories/17370/
--
[SA17402] HP OpenVMS Unspecified Denial of Service Vulnerability
Critical: Not critical
Where: Local system
Impact: DoS
Released: 2005-11-02
A vulnerability has been reported in OpenVMS, which can be exploited by
malicious, local users to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/17402/
--
[SA17399] Mandriva update for wget
Critical: Not critical
Where: Local system
Impact: Privilege escalation
Released: 2005-11-02
Mandriva has issued an update for wget. This fixes a vulnerability,
which can be exploited by malicious, local users to perform certain
actions on a vulnerable system with escalated privileges.
Full Advisory:
http://secunia.com/advisories/17399/
--
[SA17384] Linux Kernel Potential Buffer Overflow Vulnerabilities
Critical: Not critical
Where: Local system
Impact: Unknown
Released: 2005-11-01
Two vulnerabilities have been reported in the Linux Kernel, with an
unknown impact.
Full Advisory:
http://secunia.com/advisories/17384/
--
[SA17365] Gentoo update for pam
Critical: Not critical
Where: Local system
Impact: Security Bypass
Released: 2005-10-28
Gentoo has issued an update for pam. This fixes a security issue, which
potentially can be exploited by malicious, local users to bypass certain
security restrictions.
Full Advisory:
http://secunia.com/advisories/17365/
Other:--
[SA17413] Cisco IOS System Timers Potential Arbitrary Code Execution
Critical: Moderately critical
Where: From remote
Impact: Security Bypass
Released: 2005-11-03
A vulnerability has been reported in Cisco IOS, which potentially can
be exploited by malicious people to bypass certain security
restrictions.
Full Advisory:
http://secunia.com/advisories/17413/
--
[SA17406] Cisco Wireless LAN Controllers Encryption Bypass
Vulnerability
Critical: Less critical
Where: From local network
Impact: Security Bypass
Released: 2005-11-03
A vulnerability has been reported in Cisco WLAN (Wireless LAN)
Controllers, which can be exploited by malicious people to bypass
certain security restrictions.
Full Advisory:
http://secunia.com/advisories/17406/
Cross Platform:--
[SA17378] Subdreamer Login SQL Injection Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: Manipulation of data, System access, Security Bypass
Released: 2005-10-31
RST/GHC has reported some vulnerabilities in Subdreamer, which can be
exploited by malicious people to conduct SQL injection attacks and
compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/17378/
--
[SA17366] phpBB "register_globals" Deregistration Bypass
Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: Security Bypass, Cross Site Scripting, Manipulation of
data, System access
Released: 2005-10-31
Stefan Esser has reported some vulnerabilities in phpBB, which can be
exploited by malicious people to conduct cross-site scripting and SQL
injection attacks, bypass certain security restrictions, and compromise
a vulnerable system.
Full Advisory:
http://secunia.com/advisories/17366/
--
[SA17396] News2Net "category" SQL Injection Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2005-11-02
Mousehack has discovered a vulnerability in News2Net, which can be
exploited by malicious people to conduct SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/17396/
--
[SA17375] Invision Gallery "st" SQL Injection Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2005-11-01
almaster has reported a vulnerability in Invision Gallery, which can be
exploited by malicious people to conduct SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/17375/
--
[SA17374] MG2 Disclosure of Password Protected Images
Critical: Moderately critical
Where: From remote
Impact: Exposure of sensitive information
Released: 2005-10-31
Preben Nylokken has discovered a vulnerability in MG2, which can be
exploited by malicious people to disclose potentially sensitive
information.
Full Advisory:
http://secunia.com/advisories/17374/
--
[SA17373] oaboard SQL Injection Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2005-11-01
Abducter has discovered two vulnerabilities in oaboard, which can be
exploited by malicious people to conduct SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/17373/
--
[SA17371] PHP Multiple Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Security Bypass, Cross Site Scripting, DoS, System access
Released: 2005-10-31
Some vulnerabilities have been reported in PHP, which can be exploited
by malicious people to conduct cross-site scripting attacks, bypass
certain security restrictions, and potentially compromise a vulnerable
system.
Full Advisory:
http://secunia.com/advisories/17371/
--
[SA17404] Simple PHP Blog Cross-Site Scripting Vulnerabilities
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2005-11-02
Nenad Jovanovic has discovered some vulnerabilities in Simple PHP Blog,
which can be exploited by malicious people to conduct cross-site
scripting attacks.
Full Advisory:
http://secunia.com/advisories/17404/
--
[SA17395] Sun Java System Communications Express Configuration File
Disclosure
Critical: Less critical
Where: From remote
Impact: Exposure of sensitive information
Released: 2005-11-02
A vulnerability has been reported in Sun Java Communications Express,
which can be exploited by malicious users to gain knowledge of
potentially sensitive information.
Full Advisory:
http://secunia.com/advisories/17395/
--
[SA17393] Invision Gallery Image Script Insertion Vulnerability
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2005-11-02
Tatercrispies has reported a vulnerability in Invision Gallery, which
can be exploited by malicious people to conduct script insertion
attacks.
Full Advisory:
http://secunia.com/advisories/17393/
========================================================================
Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Subscribe:
http://secunia.com/secunia_weekly_summary/
Contact details:
Web : http://secunia.com/
E-mail : support@private
Tel : +45 70 20 51 44
Fax : +45 70 20 51 45
_________________________________________
Earn your Master's degree in Information Security ONLINE
www.msia.norwich.edu/csi
Study IA management practices and the latest infosec issues.
Norwich University is an NSA Center of Excellence.
This archive was generated by hypermail 2.1.3 : Fri Nov 04 2005 - 09:23:01 PST