======================================================================== The Secunia Weekly Advisory Summary 2005-12-22 - 2005-12-29 This week : 24 advisories ======================================================================== Table of Contents: 1.....................................................Word From Secunia 2....................................................This Week In Brief 3...............................This Weeks Top Ten Most Read Advisories 4.......................................Vulnerabilities Summary Listing 5.......................................Vulnerabilities Content Listing ======================================================================== 1) Word From Secunia: The Secunia staff is spending hours every day to assure you the best and most reliable source for vulnerability information. Every single vulnerability report is being validated and verified before a Secunia advisory is written. Secunia validates and verifies vulnerability reports in many different ways e.g. by downloading the software and performing comprehensive tests, by reviewing source code, or by validating the credibility of the source from which the vulnerability report was issued. As a result, Secunia's database is the most correct and complete source for recent vulnerability information available on the Internet. Secunia Online Vulnerability Database: http://secunia.com/ ======================================================================== 2) This Week in Brief: A vulnerability has been discovered in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system. NOTE: This vulnerability can be exploited automatically when a user visits a malicious web site using Microsoft Internet Explorer. Additionally, exploit code is publicly available. This is being exploited in the wild. The vulnerability can also be triggered from explorer if the malicious file has been saved to a folder and renamed to other image file extensions like ".jpg", ".gif", ".tif", and ".png" etc. Please refer to the referenced Secunia advisory for additional details and information about a temporary workaround. Reference: http://secunia.com/SA18255 VIRUS ALERTS: Secunia has not issued any virus alerts during the week. ======================================================================== 3) This Weeks Top Ten Most Read Advisories: 1. [SA18131] Symantec AntiVirus RAR Archive Decompression Buffer Overflow 2. [SA18255] Microsoft Windows WMF "SETABORTPROC" Arbitrary Code Execution 3. [SA15546] Microsoft Internet Explorer "window()" Arbitrary Code Execution Vulnerability 4. [SA15368] Microsoft Internet Explorer Multiple Vulnerabilities 5. [SA11762] Opera Browser Favicon Displaying Address Bar Spoofing Vulnerability 6. [SA18169] McAfee SecurityCenter "mcinsctl.dll" ActiveX File Overwrite Vulnerability 7. [SA18162] VMware NAT Networking Buffer Overflow Vulnerability 8. [SA15601] Mozilla / Mozilla Firefox Frame Injection Vulnerability 9. [SA18149] Apple QuickTime / iTunes Memory Corruption Vulnerability 10. [SA18205] Linux Kernel Socket Data Buffering Denial of Service ======================================================================== 4) Vulnerabilities Summary Listing Windows: [SA18255] Microsoft Windows WMF "SETABORTPROC" Arbitrary Code Execution [SA18245] Golden FTP Server APPE Command Buffer Overflow [SA18226] WebDB SQL Injection Vulnerability [SA18243] Spb Kiosk Engine Program Execution Control Bypass Weakness UNIX/Linux: [SA18221] Gentoo update for mantis [SA18236] Gentoo update for scponly [SA18223] scponly Privilege Escalation and Security Bypass Vulnerabilities [SA18222] UnixWare TCP Timestamp Denial of Service [SA18237] Gentoo update for rssh [SA18230] Sun Solaris PC NetLink Insecure File Handling Vulnerability [SA18228] Debian update for dhis-tools-dns [SA18227] DHIS Tools Insecure Temporary File Creation [SA18224] rssh "chroot" Directory Privilege Escalation Vulnerability [SA18231] Mandriva update for fetchmail [SA18225] Debian update for ketm Other: Cross Platform: [SA18256] SimpBook "message" Script Insertion Vulnerability [SA18239] DEV web management system Cross-Site Scripting and SQL Injection [SA18238] BZFlag "callsign" Handling Denial of Service Vulnerability [SA18259] FatWire UpdateEngine Cross-Site Scripting Vulnerabilities [SA18258] communique "query" Cross-Site Scripting Vulnerability [SA18257] CommonSpot "bNewWindow" Cross-Site Scripting Vulnerability [SA18234] EPiX "query" Cross-Site Scripting Vulnerability [SA18232] Juniper NetScreen Security Manager Potential Denial of Service [SA18229] Ethereal GTP Dissector Denial of Service Vulnerability ======================================================================== 5) Vulnerabilities Content Listing Windows:-- [SA18255] Microsoft Windows WMF "SETABORTPROC" Arbitrary Code Execution Critical: Extremely critical Where: From remote Impact: System access Released: 2005-12-28 A vulnerability has been discovered in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/18255/ -- [SA18245] Golden FTP Server APPE Command Buffer Overflow Critical: Highly critical Where: From remote Impact: System access Released: 2005-12-26 Tim Shelton has discovered a vulnerability in Golden FTP Server, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/18245/ -- [SA18226] WebDB SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2005-12-23 r0t has reported a vulnerability in WebDB, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/18226/ -- [SA18243] Spb Kiosk Engine Program Execution Control Bypass Weakness Critical: Not critical Where: Local system Impact: Security Bypass Released: 2005-12-28 Seth Fogie has reported a weakness in Spb Kiosks Engine, which potentially can be exploited by malicious, local users to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/18243/ UNIX/Linux:-- [SA18221] Gentoo update for mantis Critical: Moderately critical Where: From remote Impact: Unknown, Cross Site Scripting, Manipulation of data Released: 2005-12-23 Gentoo has issued an update for mantis. This fixes some vulnerabilities, where some have unknown impacts and others potentially can be exploited by malicious people to conduct cross-site scripting, HTTP response splitting, and SQL injection attacks. Full Advisory: http://secunia.com/advisories/18221/ -- [SA18236] Gentoo update for scponly Critical: Less critical Where: From remote Impact: Security Bypass, Privilege escalation Released: 2005-12-29 Gentoo has issued an update for scponly. This fixes two vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges, or by malicious users to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/18236/ -- [SA18223] scponly Privilege Escalation and Security Bypass Vulnerabilities Critical: Less critical Where: From remote Impact: Security Bypass, Privilege escalation Released: 2005-12-23 Two vulnerabilities have been reported in scponly, which can be exploited by malicious, local users to gain escalated privileges, or by malicious users to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/18223/ -- [SA18222] UnixWare TCP Timestamp Denial of Service Critical: Less critical Where: From remote Impact: DoS Released: 2005-12-23 A vulnerability has been reported in UnixWare, which can be exploited by malicious people to cause a DoS (Denial of Service) on active TCP sessions. Full Advisory: http://secunia.com/advisories/18222/ -- [SA18237] Gentoo update for rssh Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-12-28 Gentoo has issued an update for rssh. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/18237/ -- [SA18230] Sun Solaris PC NetLink Insecure File Handling Vulnerability Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-12-26 Two vulnerabilities have been reported in Sun Solaris PC NetLink, which potentially can be exploited by malicious, local users to perform certain actions with escalated privileges. Full Advisory: http://secunia.com/advisories/18230/ -- [SA18228] Debian update for dhis-tools-dns Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-12-27 Debian has issued an update for dhis-tools-dns. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges. Full Advisory: http://secunia.com/advisories/18228/ -- [SA18227] DHIS Tools Insecure Temporary File Creation Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-12-27 Javier Fernandez-Sanguino Pena has reported a vulnerability in DHIS Tools, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges. Full Advisory: http://secunia.com/advisories/18227/ -- [SA18224] rssh "chroot" Directory Privilege Escalation Vulnerability Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-12-23 Max Vozeler has reported a vulnerability in rssh, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/18224/ -- [SA18231] Mandriva update for fetchmail Critical: Not critical Where: From remote Impact: DoS Released: 2005-12-26 Mandriva has issued an update for fetchmail. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/18231/ -- [SA18225] Debian update for ketm Critical: Not critical Where: Local system Impact: Privilege escalation Released: 2005-12-27 Steve Kemp has reported a vulnerability in ketm, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/18225/ Other: Cross Platform:-- [SA18256] SimpBook "message" Script Insertion Vulnerability Critical: Moderately critical Where: From remote Impact: Cross Site Scripting Released: 2005-12-26 0o_zeus_o0 has discovered a vulnerability in SimpBook, which can be exploited by malicious people to conduct script insertion attacks. Full Advisory: http://secunia.com/advisories/18256/ -- [SA18239] DEV web management system Cross-Site Scripting and SQL Injection Critical: Moderately critical Where: From remote Impact: Cross Site Scripting, Manipulation of data Released: 2005-12-27 rgod has reported some vulnerabilities in DEV web management system, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks. Full Advisory: http://secunia.com/advisories/18239/ -- [SA18238] BZFlag "callsign" Handling Denial of Service Vulnerability Critical: Moderately critical Where: From remote Impact: DoS Released: 2005-12-27 Luigi Auriemma has reported a vulnerability in BZFlag, which potentially can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/18238/ -- [SA18259] FatWire UpdateEngine Cross-Site Scripting Vulnerabilities Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2005-12-27 r0t has reported two vulnerabilities in FatWire UpdateEngine, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/18259/ -- [SA18258] communique "query" Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2005-12-27 r0t has reported a vulnerability in communique, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/18258/ -- [SA18257] CommonSpot "bNewWindow" Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting, Exposure of system information Released: 2005-12-27 r0t has reported a vulnerability in CommonSpot, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/18257/ -- [SA18234] EPiX "query" Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2005-12-27 r0t has reported a vulnerability in EPiX, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/18234/ -- [SA18232] Juniper NetScreen Security Manager Potential Denial of Service Critical: Less critical Where: From local network Impact: DoS Released: 2005-12-29 David Maciejak has reported a vulnerability in NetScreen Security Manager (NSM) which potentially can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/18232/ -- [SA18229] Ethereal GTP Dissector Denial of Service Vulnerability Critical: Not critical Where: From remote Impact: DoS Released: 2005-12-28 A vulnerability has been reported in Ethereal, which potentially can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/18229/ ======================================================================== Secunia recommends that you verify all advisories you receive, by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Subscribe: http://secunia.com/secunia_weekly_summary/ Contact details: Web : http://secunia.com/ E-mail : support@private Tel : +45 70 20 51 44 Fax : +45 70 20 51 45 _________________________________________ Earn your Master's degree in Information Security ONLINE www.msia.norwich.edu/csi Study IA management practices and the latest infosec issues. Norwich University is an NSA Center of Excellence.
This archive was generated by hypermail 2.1.3 : Fri Dec 30 2005 - 18:56:14 PST