[ISN] Secunia Weekly Summary - Issue: 2006-1

From: InfoSec News (isn@private)
Date: Mon Jan 09 2006 - 01:34:48 PST


========================================================================

                  The Secunia Weekly Advisory Summary                  
                        2005-12-29 - 2006-01-05                        

                       This week : 36 advisories                       

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing

========================================================================
1) Word From Secunia:

The Secunia staff is spending hours every day to assure you the best
and most reliable source for vulnerability information. Every single 
vulnerability report is being validated and verified before a Secunia
advisory is written.

Secunia validates and verifies vulnerability reports in many different
ways e.g. by downloading the software and performing comprehensive
tests, by reviewing source code, or by validating the credibility of
the source from which the vulnerability report was issued.

As a result, Secunia's database is the most correct and complete source
for recent vulnerability information available on the Internet.

Secunia Online Vulnerability Database:
http://secunia.com/

========================================================================
2) This Week in Brief:

Due to the seriousness of the latest vulnerability in Microsoft
Windows and the lack of an available patch, Secunia have chosen to
include last weeks warning again in todays issue.

A vulnerability has been discovered in Microsoft Windows, which can be
exploited by malicious people to compromise a vulnerable system.

NOTE: This vulnerability can be exploited automatically when a user
visits a malicious web site using Microsoft Internet Explorer.

Additionally, exploit code is publicly available. This is being
exploited in the wild. The vulnerability can also be triggered from
explorer if the malicious file has been saved to a folder and renamed
to other image file extensions like ".jpg", ".gif", ".tif", and
".png" etc.

Please refer to the referenced Secunia advisory for additional
details and information about a temporary workaround.

Reference:
http://secunia.com/SA18255


VIRUS ALERTS:

Secunia has not issued any virus alerts during the week.

========================================================================
3) This Weeks Top Ten Most Read Advisories:

1.  [SA18255] Microsoft Windows WMF "SETABORTPROC" Arbitrary Code
              Execution
2.  [SA18131] Symantec AntiVirus RAR Archive Decompression Buffer
              Overflow
3.  [SA15546] Microsoft Internet Explorer "window()" Arbitrary Code
              Execution Vulnerability
4.  [SA18277] BlackBerry Enterprise Server Denial of Service
              Vulnerabilities
5.  [SA15601] Mozilla / Mozilla Firefox Frame Injection Vulnerability
6.  [SA17498] Microsoft Windows WMF/EMF File Rendering Arbitrary Code
              Execution
7.  [SA18250] VMware ESX Server Management Interface Unspecified
              Vulnerability
8.  [SA17934] Mozilla Firefox History Information Denial of Service
              Weakness
9.  [SA18162] VMware NAT Networking Buffer Overflow Vulnerability
10. [SA18261] ImageMagick Utilities Image Filename Handling Two
              Vulnerabilities

========================================================================
4) Vulnerabilities Summary Listing

Windows:
[SA18279] eFileGo Multiple Vulnerabilities
[SA18294] ArcPad ".apm" Map File Handling Buffer Overflow
[SA18263] Web Wiz Products "txtUserName" SQL Injection Vulnerability
[SA18286] Intel "ialmrnt5" Graphics Accelerator Driver Denial of
Service Vulnerability

UNIX/Linux:
[SA18291] SCO OpenServer update for BIND
[SA18289] SCO OpenServer update for libtiff
[SA18285] Open-Xchange Webmail HTML Attachment Script Insertion
Vulnerability
[SA18261] ImageMagick Utilities Image Filename Handling Two
Vulnerabilities
[SA18290] SCO OpenServer update for cpio
[SA18283] Discus Error Message Cross-Site Scripting Vulnerability
[SA18287] Mandriva update for printer-filters-utils
[SA18284] Gentoo pinentry Insecure Permissions setgid Binaries Security
Issue
[SA18266] Ubuntu update for fetchmail
[SA18280] Ubuntu update for cpio
[SA18278] Fedora update for cpio

Other:


Cross Platform:
[SA18302] NKads Login SQL Injection Vulnerability
[SA18268] phpBook "email" PHP Code Injection Vulnerability
[SA18305] SiteSuite CMS "page" SQL Injection Vulnerability
[SA18299] vBulletin "Add Reminder" Script Insertion Vulnerability
[SA18297] Lizard Cart CMS "id" SQL Injection Vulnerability
[SA18292] raSMP User-Agent Script Insertion Vulnerability
[SA18281] MyBB Multiple Vulnerabilities
[SA18277] BlackBerry Enterprise Server Denial of Service
Vulnerabilities
[SA18273] VEGO Web Forum "theme_id" SQL Injection Vulnerability
[SA18272] VEGO Links Builder "username" SQL Injection Vulnerability
[SA18271] B-net Software Script Insertion Vulnerabilities
[SA18270] Chipmunk GuestBook Script Insertion Vulnerability
[SA18269] PHPenpals "personalID" SQL Injection Vulnerability
[SA18265] PHPjournaler "readold" SQL Injection Vulnerability
[SA18264] Primo Cart SQL Injection Vulnerabilities
[SA18262] TinyMCE compressor Cross-Site Scripting and File Disclosure
[SA18310] Enhanced Simple PHP Gallery "dir" Cross-Site Scripting
Vulnerability
[SA18309] Next Generation Image Gallery "page" Cross-Site Scripting
Vulnerability
[SA18306] @Card ME PHP "cat" Cross-Site Scripting Vulnerability
[SA18298] IDV Directory Viewer Directory Listing Disclosure
Vulnerability
[SA18282] BugPort Cross-Site Scripting and SQL Injection
Vulnerabilities

========================================================================
5) Vulnerabilities Content Listing

Windows:--

[SA18279] eFileGo Multiple Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      Exposure of sensitive information, DoS, System access
Released:    2006-01-02

dr_insane has reported some vulnerabilities in eFileGo, which can be
exploited by malicious people to cause a DoS (Denial of Service),
disclose sensitive information, and potentially compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/18279/

 --

[SA18294] ArcPad ".apm" Map File Handling Buffer Overflow

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2006-01-04

bratax has discovered a vulnerability in ArcPad, which potentially can
be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/18294/

 --

[SA18263] Web Wiz Products "txtUserName" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Manipulation of data
Released:    2006-01-02

DevilBox has reported a vulnerability in various Web Wiz Products,
which can be exploited by malicious people to conduct SQL injection
attacks.

Full Advisory:
http://secunia.com/advisories/18263/

 --

[SA18286] Intel "ialmrnt5" Graphics Accelerator Driver Denial of
Service Vulnerability

Critical:    Not critical
Where:       From remote
Impact:      DoS
Released:    2006-01-03

$um$id has discovered a vulnerability in Intel Graphics Accelerator
Driver, which can be exploited by malicious people to cause a DoS
(Denial of Service).

Full Advisory:
http://secunia.com/advisories/18286/


UNIX/Linux:--

[SA18291] SCO OpenServer update for BIND

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2006-01-04

SCO has issued an update for BIND. This fixes a vulnerability, which
can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/18291/

 --

[SA18289] SCO OpenServer update for libtiff

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2006-01-04

SCO has issued an update for libtiff. This fixes a vulnerability, which
potentially can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/18289/

 --

[SA18285] Open-Xchange Webmail HTML Attachment Script Insertion
Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2006-01-04

Thomas Pollet has reported a vulnerability in Open-Xchange, which can
be exploited by malicious people to conduct script insertion attacks.

Full Advisory:
http://secunia.com/advisories/18285/

 --

[SA18261] ImageMagick Utilities Image Filename Handling Two
Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2005-12-30

Two vulnerabilities have been discovered in ImageMagick, which
potentially can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/18261/

 --

[SA18290] SCO OpenServer update for cpio

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass, Manipulation of data
Released:    2006-01-04

SCO has issued an update for cpio. This fixes a vulnerability, which
can be exploited by malicious people to cause files to be unpacked to
arbitrary locations on a user's system.

Full Advisory:
http://secunia.com/advisories/18290/

 --

[SA18283] Discus Error Message Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2006-01-02

$um$id has discovered a vulnerability in Discus, which can be exploited
by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/18283/

 --

[SA18287] Mandriva update for printer-filters-utils

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2006-01-02

Mandriva has issued an update for printer-filters-utils. This fixes a
vulnerability, which potentially can be exploited by malicious, local
users to gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/18287/

 --

[SA18284] Gentoo pinentry Insecure Permissions setgid Binaries Security
Issue

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2006-01-04

Tavis Ormandy has reported a security issue in pinentry, which
potentially can be exploited by malicious, local users to perform
certain actions on a vulnerable system with escalated privileges.

Full Advisory:
http://secunia.com/advisories/18284/

 --

[SA18266] Ubuntu update for fetchmail

Critical:    Not critical
Where:       From remote
Impact:      DoS
Released:    2006-01-03

Ubuntu has issued an update for fetchmail. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/18266/

 --

[SA18280] Ubuntu update for cpio

Critical:    Not critical
Where:       Local system
Impact:      DoS
Released:    2006-01-03

Ubuntu has issued an update for cpio. This fixes a vulnerability, which
potentially can be exploited by malicious, local users to cause a DoS
(Denial of Service).

Full Advisory:
http://secunia.com/advisories/18280/

 --

[SA18278] Fedora update for cpio

Critical:    Not critical
Where:       Local system
Impact:      DoS
Released:    2006-01-03

Fedora has issued an update for cpio. This fixes a vulnerability, which
potentially can be exploited by malicious, local users to cause a DoS
(Denial of Service).

Full Advisory:
http://secunia.com/advisories/18278/


Other:


Cross Platform:--

[SA18302] NKads Login SQL Injection Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Manipulation of data, System access
Released:    2006-01-04

SoulBlack Security Research has discovered a vulnerability in NKads,
which can be exploited by malicious people to conduct SQL injection
attacks and compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/18302/

 --

[SA18268] phpBook "email" PHP Code Injection Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2006-01-02

Aliaksandr Hartsuyeu has discovered a vulnerability in phpBook, which
can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/18268/

 --

[SA18305] SiteSuite CMS "page" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2006-01-04

Preddy has reported a vulnerability in SiteSuite CMS, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/18305/

 --

[SA18299] vBulletin "Add Reminder" Script Insertion Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2006-01-04

trueend5 has reported a vulnerability in vBulletin, which can be
exploited by malicious people to conduct script insertion attacks.

Full Advisory:
http://secunia.com/advisories/18299/

 --

[SA18297] Lizard Cart CMS "id" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2006-01-04

Aliaksandr Hartsuyeu has discovered a vulnerability in Lizard Cart CMS,
which can be exploited by malicious people to conduct SQL injection
attacks.

Full Advisory:
http://secunia.com/advisories/18297/

 --

[SA18292] raSMP User-Agent Script Insertion Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2006-01-04

Aliaksandr Hartsuyeu has discovered a vulnerability in raSMP, which can
be exploited by malicious people to conduct script insertion attacks.

Full Advisory:
http://secunia.com/advisories/18292/

 --

[SA18281] MyBB Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Unknown, Cross Site Scripting, Manipulation of data
Released:    2006-01-02

Some vulnerabilities have been reported in MyBB, where some have
unknown impacts and others can be exploited by malicious people to
conduct script insertion and SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/18281/

 --

[SA18277] BlackBerry Enterprise Server Denial of Service
Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2006-01-02

FX has reported some vulnerabilities in BlackBerry Enterprise Server,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/18277/

 --

[SA18273] VEGO Web Forum "theme_id" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2006-01-02

Aliaksandr Hartsuyeu has discovered a vulnerability in VEGO Web Forum,
which can be exploited by malicious people to conduct SQL injection
attacks.

Full Advisory:
http://secunia.com/advisories/18273/

 --

[SA18272] VEGO Links Builder "username" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Manipulation of data
Released:    2006-01-02

Aliaksandr Hartsuyeu has discovered a vulnerability in VEGO Links
Builder, which can be exploited by malicious people to conduct SQL
injection attacks.

Full Advisory:
http://secunia.com/advisories/18272/

 --

[SA18271] B-net Software Script Insertion Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2006-01-03

Aliaksandr Hartsuyeu has discovered some vulnerabilities in B-net
Software, which can be exploited by malicious people to conduct script
insertion attacks.

Full Advisory:
http://secunia.com/advisories/18271/

 --

[SA18270] Chipmunk GuestBook Script Insertion Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2006-01-02

Aliaksandr Hartsuyeu has discovered a vulnerability in Chipmunk
GuestBook, which can be exploited by malicious people to conduct script
insertion attacks.

Full Advisory:
http://secunia.com/advisories/18270/

 --

[SA18269] PHPenpals "personalID" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2006-01-02

Aliaksandr Hartsuyeu has discovered a vulnerability in PHPenpals, which
can be exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/18269/

 --

[SA18265] PHPjournaler "readold" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2006-01-02

Aliaksandr Hartsuyeu has discovered a vulnerability in PHPjournaler,
which can be exploited by malicious people to conduct SQL injection
attacks.

Full Advisory:
http://secunia.com/advisories/18265/

 --

[SA18264] Primo Cart SQL Injection Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2006-01-02

r0t has reported two vulnerabilities in Primo Cart, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/18264/

 --

[SA18262] TinyMCE compressor Cross-Site Scripting and File Disclosure

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Exposure of sensitive information
Released:    2005-12-30

Stefan Esser has reported some vulnerabilities in TinyMCE compressor,
which can be exploited by malicious people to conduct cross-site
scripting attacks and disclose sensitive information.

Full Advisory:
http://secunia.com/advisories/18262/

 --

[SA18310] Enhanced Simple PHP Gallery "dir" Cross-Site Scripting
Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2006-01-04

preddy has discovered a vulnerability in Enhanced Simple PHP Gallery,
which can be exploited by malicious people to conduct cross-site
scripting attacks.

Full Advisory:
http://secunia.com/advisories/18310/

 --

[SA18309] Next Generation Image Gallery "page" Cross-Site Scripting
Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2006-01-04

Preddy has reported a vulnerability in Next Generation Image Gallery,
which can be exploited by malicious people to conduct cross-site
scripting attacks.

Full Advisory:
http://secunia.com/advisories/18309/

 --

[SA18306] @Card ME PHP "cat" Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2006-01-04

Preddy has reported a vulnerability in @Card ME PHP, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/18306/

 --

[SA18298] IDV Directory Viewer Directory Listing Disclosure
Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Exposure of system information
Released:    2006-01-04

A vulnerability has been reported in IDV Directory Viewer, which can be
exploited by malicious people to disclose  system information.

Full Advisory:
http://secunia.com/advisories/18298/

 --

[SA18282] BugPort Cross-Site Scripting and SQL Injection
Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data
Released:    2006-01-02

r0t has reported some vulnerabilities in BugPort, which can be
exploited by malicious users to conduct SQL injection attacks and by
malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/18282/



========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Subscribe:
http://secunia.com/secunia_weekly_summary/

Contact details:
Web	: http://secunia.com/
E-mail	: support@private
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45




_________________________________________
Earn your Master's degree in Information Security ONLINE
www.msia.norwich.edu/csi
Study IA management practices and the latest infosec issues.
Norwich University is an NSA Center of Excellence.



This archive was generated by hypermail 2.1.3 : Mon Jan 09 2006 - 01:44:55 PST