======================================================================== The Secunia Weekly Advisory Summary 2006-02-09 - 2006-02-16 This week : 110 advisories ======================================================================== Table of Contents: 1.....................................................Word From Secunia 2....................................................This Week In Brief 3...............................This Weeks Top Ten Most Read Advisories 4.......................................Vulnerabilities Summary Listing 5.......................................Vulnerabilities Content Listing ======================================================================== 1) Word From Secunia: The Secunia staff is spending hours every day to assure you the best and most reliable source for vulnerability information. Every single vulnerability report is being validated and verified before a Secunia advisory is written. Secunia validates and verifies vulnerability reports in many different ways e.g. by downloading the software and performing comprehensive tests, by reviewing source code, or by validating the credibility of the source from which the vulnerability report was issued. As a result, Secunia's database is the most correct and complete source for recent vulnerability information available on the Internet. Secunia Online Vulnerability Database: http://secunia.com/ ======================================================================== 2) This Week in Brief: Microsoft has released 7 security bulletins as part of their monthly patch release cycle. All users are advised to visit Windows Update and apply available patches. For additional details about the issues corrected, please refer to the referenced Secunia advisories below. References: http://secunia.com/SA18865 http://secunia.com/SA18859 http://secunia.com/SA18853 http://secunia.com/SA18852 http://secunia.com/SA18835 http://secunia.com/SA18729 -- Secunia Research has discovered multiple vulnerabilities in Lotus Notes, which can be exploited by malicious people to bypass certain security restrictions or compromise a user's system. Additionally, Secunia Research also reported multiple vulnerabilities in Lotus Domino and iNotes Client, which can be exploited by malicious people to cause a DoS (Denial of Service) or conduct script insertion attacks. Please refer to the referenced Secunia advisories below for details. References: http://secunia.com/SA16340 http://secunia.com/SA16280 VIRUS ALERTS: Secunia has not issued any virus alerts during the week. ======================================================================== 3) This Weeks Top Ten Most Read Advisories: 1. [SA16280] IBM Lotus Notes Multiple Vulnerabilities 2. [SA18760] Sun Java JRE "reflection" APIs Sandbox Security Bypass Vulnerabilities 3. [SA16340] IBM Lotus Domino Multiple Vulnerabilities 4. [SA18700] Firefox Multiple Vulnerabilities 5. [SA18649] Winamp Three Playlist Parsing Buffer Overflow Vulnerabilities 6. [SA18835] Windows Media Player Bitmap File Processing Vulnerability 7. [SA15546] Microsoft Internet Explorer "window()" Arbitrary Code Execution Vulnerability 8. [SA15601] Mozilla / Mozilla Firefox Frame Injection Vulnerability 9. [SA18787] Internet Explorer Drag-and-Drop Vulnerability 10. [SA18789] HP Systems Insight Manager JBoss and Directory Traversal ======================================================================== 4) Vulnerabilities Summary Listing Windows: [SA18912] Avaya Products WMF Image Parsing Vulnerability [SA18852] Windows Media Player Plug-in EMBED Element Buffer Overflow [SA18835] Windows Media Player Bitmap File Processing Vulnerability [SA18872] eStara SoftPhone SIP Packet Handling Denial of Service [SA18828] SSH Tectia Server SFTP Service Unspecified Vulnerability [SA18789] HP Systems Insight Manager JBoss and Directory Traversal [SA18859] Microsoft Windows / Office Korean Input Method Editor Vulnerability [SA18865] Microsoft PowerPoint Temporary Internet Files Information Disclosure [SA18787] Internet Explorer Drag-and-Drop Vulnerability [SA18888] MailSite LDAP Service Denial of Service Vulnerability [SA18853] Microsoft Windows IGMP Denial of Service Vulnerability [SA18857] Microsoft Windows Web Client Service Vulnerability [SA18813] iE Integrator Configuration Information Disclosure Weakness UNIX/Linux: [SA18884] Gentoo update for sun-jdk/sun-jre-bin [SA18796] Metamail Mail Boundary Handling Buffer Overflow [SA18911] Avaya Products Ethereal Vulnerabilities [SA18887] Debian update for otrs [SA18882] Debian update for pdfkit.framework [SA18875] Debian update for gpdf [SA18871] Red Hat update for imagemagick [SA18870] Dovecot "imap/pop3-login" Denial of Service Vulnerability [SA18864] Red Hat update for xpdf [SA18863] Red Hat update for libpng [SA18862] Red Hat update for kdegraphics [SA18861] Ubuntu update for kernel [SA18860] Ubuntu update for xpdf/poppler/kdegraphics [SA18851] Gentoo update for imagemagick [SA18839] Fedora update for poppler [SA18838] Fedora update for xpdf [SA18837] Fedora update for kdegraphics [SA18834] Debian update for xpdf [SA18832] Red Hat update for gnutls [SA18830] Mandriva update for gnutls [SA18826] Gentoo update for kdegraphics/kpdf [SA18825] Gentoo update for xpdf/poppler [SA18821] XMB Forums today.php Cookie Data SQL Injection [SA18815] Fedora update for gnutls [SA18799] VHCS Security Issue and Multiple Vulnerabilities [SA18794] GnuTLS libtasn1 DER Decoding Denial of Service Vulnerabilities [SA18788] SUSE update for kernel [SA18785] NeoMail neomail-prefs.pl Missing Session ID Validation [SA18784] Trustix update for kernel [SA18889] Debian update for nfs-user-server [SA18818] Isode M-Vault Server LDAP Vulnerability [SA18845] GnuPG "gpgv" Signature Verification Security Issue [SA18841] Power Daemon WHATIDO syslog Format String Vulnerability [SA18827] Debian update for kronolith [SA18916] Debian update for libast [SA18891] Sun Solaris "in.rexecd" Privilege Escalation Vulnerability [SA18829] Debian update for scponly [SA18812] Debian update for noweb [SA18811] SUSE ld Insecure RPATH Privilege Escalation [SA18809] noweb Insecure Temporary File Creation Vulnerabilities [SA18806] Ubuntu update for heimdal [SA18867] Honeyd IP Reassembly Remote Detection Weakness [SA18824] Kadu Image Send Request Denial of Service [SA18797] CGIWrap Error Message System Information Disclosure [SA18907] Mac OS X Kernel Local Denial of Service Vulnerability [SA18850] SUSE update for openssh [SA18798] OpenBSD update for openssh [SA18795] AIX Kernel Unspecified Local Denial of Service Vulnerability Other: [SA18836] Avaya CSU/VSU ISAKMP IKE Message Processing Vulnerabilities [SA18833] D-Link Wireless Access Point Denial of Service Vulnerability [SA18904] Cisco Products TACACS+ Authentication Bypass [SA18844] FortiGate URL Filter and Virus Scanning Bypass Vulnerabilities Cross Platform: [SA18883] Plume CMS prepend.php File Inclusion Vulnerability [SA18879] dotProject File Inclusion and Information Disclosure Vulnerabilities [SA18878] Magic News Lite File Inclusion and Profile Update Vulnerabilities [SA18847] Flyspray Installation Script "adodbpath" File Inclusion Vulnerability [SA18808] LinPHA "lang" Local File Inclusion Vulnerability [SA18807] HiveMail Multiple Vulnerabilities [SA18803] DocMGR process.php File Inclusion Vulnerability [SA18800] Runcms File Upload and File Inclusion Vulnerabilities [SA18905] HTML::BBCode Script Insertion Vulnerability [SA18885] webSPELL "search.php" SQL Injection Vulnerability [SA18881] PHP Classifieds "member_login.php" SQL Injection [SA18880] SAP Business Connector Arbitrary File Access and Spoofing [SA18877] Magic Downloads Settings Update Authentication Bypass [SA18876] Teca Diary Personal Edition SQL Injection Vulnerability [SA18874] @Mail Webmail Image Tag Script Insertion Vulnerability [SA18873] Clever Copy Private Message "Subject" Script Insertion Vulnerability [SA18869] Lighttpd Case-Insensitive Filename Source Code Disclosure [SA18868] Squishdot Mail Header Injection Vulnerability [SA18858] PyBlosxom Arbitrary File Disclosure Vulnerability [SA18856] CALimba rb_auth.php SQL Injection Vulnerability [SA18855] Magic Calendar Lite SQL Injection Vulnerability [SA18854] Time Tracking Software Multiple Vulnerabilities [SA18849] Gästebuch Homepage URL Script Insertion Vulnerability [SA18843] WRQ Reflection Secure IT SFTP Format String Vulnerability [SA18840] Invision Power Board Army System Mod SQL Injection [SA18831] RunCMS pmlite.php SQL Injection Vulnerability [SA18823] SmE GB Host Username SQL Injection Vulnerability [SA18822] PHP/MYSQL Timesheet SQL Injection Vulnerabilities [SA18819] WebGUI User Account Creation Vulnerability [SA18817] Hitachi Business Logic Cross-Site Scripting and SQL Injection [SA18816] e107 Unspecified BBCode Script Insertion Vulnerabilities [SA18810] Ansilove File Disclosure and File Upload Vulnerabilities [SA18805] DB_eSession "deleteSession()" Function SQL Injection [SA18802] ImageVue Multiple Vulnerabilities [SA18801] Zen Cart Unspecified SQL Injection Vulnerabilities [SA18793] phphd Multiple Vulnerabilities [SA18791] PHPStatus Multiple Vulnerabilities [SA18790] Clever Copy HTTP Headers Script Insertion Vulnerabilities [SA18786] SmE GB Host / Blog Host "url" BBcode Script Insertion [SA18897] MyBB managegroup.php SQL Injection and Cross-Site Scripting [SA18820] PHP-Nuke "pagetitle" Cross-Site Scripting Vulnerability [SA18814] QwikiWiki "search.php" Cross-Site Scripting Vulnerability [SA18804] Siteframe "q" Cross-Site Scripting Vulnerability [SA18792] PHP Event Calendar User Information Manipulation [SA18890] PostgreSQL Privilege Escalation and Denial of Service ======================================================================== 5) Vulnerabilities Content Listing Windows:-- [SA18912] Avaya Products WMF Image Parsing Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2006-02-16 Avaya has acknowledged a vulnerability in various products, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/18912/ -- [SA18852] Windows Media Player Plug-in EMBED Element Buffer Overflow Critical: Highly critical Where: From remote Impact: System access Released: 2006-02-14 A vulnerability has been reported in Windows Media Player plug-in, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/18852/ -- [SA18835] Windows Media Player Bitmap File Processing Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2006-02-14 eEye Digital Security has reported a vulnerability in Windows Media Player, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/18835/ -- [SA18872] eStara SoftPhone SIP Packet Handling Denial of Service Critical: Moderately critical Where: From remote Impact: DoS Released: 2006-02-15 ZwelL has discovered some vulnerabilities in eStara SoftPhone, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/18872/ -- [SA18828] SSH Tectia Server SFTP Service Unspecified Vulnerability Critical: Moderately critical Where: From remote Impact: System access Released: 2006-02-13 A vulnerability has been reported in SSH Tectia Server, which potentially can be exploited by malicious users to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/18828/ -- [SA18789] HP Systems Insight Manager JBoss and Directory Traversal Critical: Moderately critical Where: From remote Impact: Security Bypass, Exposure of system information Released: 2006-02-10 HP has acknowledged a weakness and a vulnerability in HP Systems Insight Manager, which can be exploited by malicious people to disclose system information and potentially to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/18789/ -- [SA18859] Microsoft Windows / Office Korean Input Method Editor Vulnerability Critical: Moderately critical Where: From local network Impact: System access Released: 2006-02-14 Ryan Lee has reported a vulnerability in various Microsoft products, which can be exploited by malicious people to gain escalated privileges or compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/18859/ -- [SA18865] Microsoft PowerPoint Temporary Internet Files Information Disclosure Critical: Less critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information Released: 2006-02-14 A vulnerability has been reported in Microsoft PowerPoint 2000, which can be exploited by malicious people to gain knowledge of sensitive information. Full Advisory: http://secunia.com/advisories/18865/ -- [SA18787] Internet Explorer Drag-and-Drop Vulnerability Critical: Less critical Where: From remote Impact: System access Released: 2006-02-14 Matthew Murphy has reported a vulnerability in Internet Explorer, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/18787/ -- [SA18888] MailSite LDAP Service Denial of Service Vulnerability Critical: Less critical Where: From local network Impact: DoS Released: 2006-02-15 Evgeny Legerov has reported a vulnerability in MailSite, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/18888/ -- [SA18853] Microsoft Windows IGMP Denial of Service Vulnerability Critical: Less critical Where: From local network Impact: DoS Released: 2006-02-14 A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/18853/ -- [SA18857] Microsoft Windows Web Client Service Vulnerability Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2006-02-14 A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/18857/ -- [SA18813] iE Integrator Configuration Information Disclosure Weakness Critical: Not critical Where: From remote Impact: Exposure of system information Released: 2006-02-14 D Scholefield has reported a weakness in iE Integrator, which can be exploited by malicious people to disclose certain system information. Full Advisory: http://secunia.com/advisories/18813/ UNIX/Linux:-- [SA18884] Gentoo update for sun-jdk/sun-jre-bin Critical: Highly critical Where: From remote Impact: System access Released: 2006-02-15 Gentoo has issued updates for sun-jdk and sun-jre-bin. These fix some vulnerabilities, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/18884/ -- [SA18796] Metamail Mail Boundary Handling Buffer Overflow Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2006-02-14 Ulf Harnhammar has reported a vulnerability in Metamail, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/18796/ -- [SA18911] Avaya Products Ethereal Vulnerabilities Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2006-02-16 Avaya has acknowledged some vulnerabilities in ethereal included in various Avaya products, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system. Full Advisory: http://secunia.com/advisories/18911/ -- [SA18887] Debian update for otrs Critical: Moderately critical Where: From remote Impact: Manipulation of data, Cross Site Scripting Released: 2006-02-15 Debian has issued an update for otrs. This fixes some vulnerabilities, which can be exploited by malicious people to conduct SQL injection, script insertion, and cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/18887/ -- [SA18882] Debian update for pdfkit.framework Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2006-02-15 Debian has issued an update for pdfkit.framework. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system. Full Advisory: http://secunia.com/advisories/18882/ -- [SA18875] Debian update for gpdf Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2006-02-15 Debian has issued an update for gpdf. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system. Full Advisory: http://secunia.com/advisories/18875/ -- [SA18871] Red Hat update for imagemagick Critical: Moderately critical Where: From remote Impact: System access Released: 2006-02-15 Red Hat has issued an update for imagemagick. This fixes two vulnerabilities, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/18871/ -- [SA18870] Dovecot "imap/pop3-login" Denial of Service Vulnerability Critical: Moderately critical Where: From remote Impact: DoS Released: 2006-02-15 A vulnerability have been reported in Dovecot, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/18870/ -- [SA18864] Red Hat update for xpdf Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2006-02-14 Red Hat has issued an update for xpdf. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system. Full Advisory: http://secunia.com/advisories/18864/ -- [SA18863] Red Hat update for libpng Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2006-02-14 Red Hat has issued an update for libpng. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) against applications using libpng or potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/18863/ -- [SA18862] Red Hat update for kdegraphics Critical: Moderately critical Where: From remote Impact: System access, DoS Released: 2006-02-14 Red Hat has issued an update for kdegraphics. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system. Full Advisory: http://secunia.com/advisories/18862/ -- [SA18861] Ubuntu update for kernel Critical: Moderately critical Where: From remote Impact: DoS Released: 2006-02-15 Ubuntu has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/18861/ -- [SA18860] Ubuntu update for xpdf/poppler/kdegraphics Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2006-02-15 Ubuntu has issued updates for xpdf, poppler, and kdegraphics. These fix a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system. Full Advisory: http://secunia.com/advisories/18860/ -- [SA18851] Gentoo update for imagemagick Critical: Moderately critical Where: From remote Impact: System access Released: 2006-02-14 Gentoo has issued an update for imagemagick. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/18851/ -- [SA18839] Fedora update for poppler Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2006-02-13 Fedora has issued an update for poppler. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system. Full Advisory: http://secunia.com/advisories/18839/ -- [SA18838] Fedora update for xpdf Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2006-02-13 Fedora has issued an update for xpdf. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system. Full Advisory: http://secunia.com/advisories/18838/ -- [SA18837] Fedora update for kdegraphics Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2006-02-13 Fedora has issued an update for kdegraphics. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system. Full Advisory: http://secunia.com/advisories/18837/ -- [SA18834] Debian update for xpdf Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2006-02-14 Debian has issued an update for xpdf. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system. Full Advisory: http://secunia.com/advisories/18834/ -- [SA18832] Red Hat update for gnutls Critical: Moderately critical Where: From remote Impact: DoS Released: 2006-02-13 Red Hat has issued an update for gnutls. This fixes some vulnerabilities, which potentially can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/18832/ -- [SA18830] Mandriva update for gnutls Critical: Moderately critical Where: From remote Impact: DoS Released: 2006-02-14 Mandriva has issued an update for gnutls. This fixes some vulnerabilities, which potentially can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/18830/ -- [SA18826] Gentoo update for kdegraphics/kpdf Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2006-02-13 Gentoo has issued updates for kdegraphics and kpdf. These fix a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system. Full Advisory: http://secunia.com/advisories/18826/ -- [SA18825] Gentoo update for xpdf/poppler Critical: Moderately critical Where: From remote Impact: System access, DoS Released: 2006-02-13 Gentoo has issued updates for xpdf and poppler. These fix a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system. Full Advisory: http://secunia.com/advisories/18825/ -- [SA18821] XMB Forums today.php Cookie Data SQL Injection Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2006-02-13 James Bercegay has reported a vulnerability in XMB Forums, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/18821/ -- [SA18815] Fedora update for gnutls Critical: Moderately critical Where: From remote Impact: DoS Released: 2006-02-13 Fedora has issued an update for gnutls. This fixes some vulnerabilities, which potentially can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/18815/ -- [SA18799] VHCS Security Issue and Multiple Vulnerabilities Critical: Moderately critical Where: From remote Impact: Security Bypass, Cross Site Scripting, Privilege escalation Released: 2006-02-13 Román Medina-Heigl Hernández has reported some vulnerabilities in VHCS, which can be exploited by malicious people to conduct script insertion attacks, and by malicious users to bypass certain security restrictions and gain escalated privileges. Full Advisory: http://secunia.com/advisories/18799/ -- [SA18794] GnuTLS libtasn1 DER Decoding Denial of Service Vulnerabilities Critical: Moderately critical Where: From remote Impact: DoS Released: 2006-02-10 Evgeny Legerov has reported some vulnerabilities in GnuTLS libtasn1, which potentially can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/18794/ -- [SA18788] SUSE update for kernel Critical: Moderately critical Where: From remote Impact: Security Bypass, Exposure of sensitive information, DoS Released: 2006-02-10 SUSE has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by local users to gain knowledge of potentially sensitive information, bypass certain security restrictions, and cause a DoS (Denial of Service), or by malicious people to cause a DoS. Full Advisory: http://secunia.com/advisories/18788/ -- [SA18785] NeoMail neomail-prefs.pl Missing Session ID Validation Critical: Moderately critical Where: From remote Impact: Security Bypass Released: 2006-02-14 Secunia Research has discovered a vulnerability in NeoMail, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/18785/ -- [SA18784] Trustix update for kernel Critical: Moderately critical Where: From remote Impact: Security Bypass, DoS Released: 2006-02-10 Trustix has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions, and by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/18784/ -- [SA18889] Debian update for nfs-user-server Critical: Moderately critical Where: From local network Impact: System access Released: 2006-02-15 Debian has issued an update for nfs-user-server. This fixes a vulnerability, which can be exploited by malicious users to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/18889/ -- [SA18818] Isode M-Vault Server LDAP Vulnerability Critical: Moderately critical Where: From local network Impact: DoS, System access Released: 2006-02-14 Evgeny Legerov has reported a vulnerability in Isode M-Vault Server, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/18818/ -- [SA18845] GnuPG "gpgv" Signature Verification Security Issue Critical: Less critical Where: From remote Impact: Security Bypass Released: 2006-02-15 A security issue has been reported in GnuPG, which potentially can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/18845/ -- [SA18841] Power Daemon WHATIDO syslog Format String Vulnerability Critical: Less critical Where: From remote Impact: DoS, System access Released: 2006-02-13 Gotfault Security has discovered a vulnerability in Power Daemon (powerd), which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/18841/ -- [SA18827] Debian update for kronolith Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2006-02-14 Debian has issued an update for kronolith. This fixes some vulnerabilities, which can be exploited by malicious users to conduct script insertion attacks. Full Advisory: http://secunia.com/advisories/18827/ -- [SA18916] Debian update for libast Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2006-02-16 Debian has issued an update for libast. This fixes a vulnerability, which potentially can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/18916/ -- [SA18891] Sun Solaris "in.rexecd" Privilege Escalation Vulnerability Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2006-02-15 A vulnerability has been reported in Sun Solaris, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/18891/ -- [SA18829] Debian update for scponly Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2006-02-13 Debian has issued an update for scponly. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/18829/ -- [SA18812] Debian update for noweb Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2006-02-13 Debian has issued an update for noweb. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges. Full Advisory: http://secunia.com/advisories/18812/ -- [SA18811] SUSE ld Insecure RPATH Privilege Escalation Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2006-02-13 A vulnerability has been reported in SUSE Linux, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/18811/ -- [SA18809] noweb Insecure Temporary File Creation Vulnerabilities Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2006-02-13 Javier Fernández-Sanguino Peña has reported multiple vulnerabilities in noweb, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges. Full Advisory: http://secunia.com/advisories/18809/ -- [SA18806] Ubuntu update for heimdal Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2006-02-13 Ubuntu has issued an update for heimdal. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/18806/ -- [SA18867] Honeyd IP Reassembly Remote Detection Weakness Critical: Not critical Where: From remote Impact: Exposure of system information Released: 2006-02-15 A weakness has been reported in Honeyd, which can be exploited by malicious people to disclose certain system information. Full Advisory: http://secunia.com/advisories/18867/ -- [SA18824] Kadu Image Send Request Denial of Service Critical: Not critical Where: From remote Impact: DoS Released: 2006-02-15 Piotr Bania has reported a vulnerability in Kadu, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/18824/ -- [SA18797] CGIWrap Error Message System Information Disclosure Critical: Not critical Where: From remote Impact: Exposure of system information Released: 2006-02-15 A weakness has been reported in CGIWrap, which can be exploited by malicious people to disclose certain system information. Full Advisory: http://secunia.com/advisories/18797/ -- [SA18907] Mac OS X Kernel Local Denial of Service Vulnerability Critical: Not critical Where: Local system Impact: DoS Released: 2006-02-16 A vulnerability has been reported in Mac OS X, which can be exploited by malicious, local users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/18907/ -- [SA18850] SUSE update for openssh Critical: Not critical Where: Local system Impact: Privilege escalation Released: 2006-02-14 SUSE has issued an update for openssh. This fixes a weakness, which potentially can be exploited by malicious, local users to perform certain actions with escalated privileges. Full Advisory: http://secunia.com/advisories/18850/ -- [SA18798] OpenBSD update for openssh Critical: Not critical Where: Local system Impact: Privilege escalation Released: 2006-02-13 OpenBSD has issued an update for openssh. This fixes a weakness, which potentially can be exploited by malicious, local users to perform certain actions with escalated privileges. Full Advisory: http://secunia.com/advisories/18798/ -- [SA18795] AIX Kernel Unspecified Local Denial of Service Vulnerability Critical: Not critical Where: Local system Impact: DoS Released: 2006-02-14 A vulnerability has been reported in AIX, which can be exploited by malicious, local users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/18795/ Other:-- [SA18836] Avaya CSU/VSU ISAKMP IKE Message Processing Vulnerabilities Critical: Moderately critical Where: From remote Impact: DoS Released: 2006-02-13 Avaya has acknowledged some vulnerabilities in Avaya CSU/VSU, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/18836/ -- [SA18833] D-Link Wireless Access Point Denial of Service Vulnerability Critical: Moderately critical Where: From remote Impact: DoS Released: 2006-02-14 Aaron Portnoy and Keefe Johnson has reported a vulnerability in D-Link Wireless Access Point, which potentially can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/18833/ -- [SA18904] Cisco Products TACACS+ Authentication Bypass Critical: Less critical Where: From remote Impact: Security Bypass Released: 2006-02-16 A security issue has been reported in various Cisco products, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/18904/ -- [SA18844] FortiGate URL Filter and Virus Scanning Bypass Vulnerabilities Critical: Less critical Where: From local network Impact: Security Bypass Released: 2006-02-13 Mathieu Dessus has reported two vulnerabilities in FortiGate, which can be exploited by malicious people and users to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/18844/ Cross Platform:-- [SA18883] Plume CMS prepend.php File Inclusion Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2006-02-15 unitedbr has discovered a vulnerability in Plume CMS, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/18883/ -- [SA18879] dotProject File Inclusion and Information Disclosure Vulnerabilities Critical: Highly critical Where: From remote Impact: Exposure of system information, System access Released: 2006-02-15 Robin Verton has discovered some vulnerabilities in dotProject, which can be exploited by malicious people to disclose certain system information and compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/18879/ -- [SA18878] Magic News Lite File Inclusion and Profile Update Vulnerabilities Critical: Highly critical Where: From remote Impact: Security Bypass, System access Released: 2006-02-15 Aliaksandr Hartsuyeu has discovered some vulnerabilities in Magic News Lite, which can be exploited by malicious people to bypass certain security restrictions and to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/18878/ -- [SA18847] Flyspray Installation Script "adodbpath" File Inclusion Vulnerability Critical: Highly critical Where: From remote Impact: Exposure of sensitive information, System access Released: 2006-02-14 rgod has reported a vulnerability in Flyspray, which can be exploited by malicious people to disclose potentially sensitive information and to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/18847/ -- [SA18808] LinPHA "lang" Local File Inclusion Vulnerability Critical: Highly critical Where: From remote Impact: Exposure of sensitive information, System access Released: 2006-02-13 rgod has discovered a vulnerability in Linpha, which can be exploited by malicious people to disclose sensitive information and potentially to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/18808/ -- [SA18807] HiveMail Multiple Vulnerabilities Critical: Highly critical Where: From remote Impact: Cross Site Scripting, Manipulation of data, System access Released: 2006-02-13 James Bercegay has reported multiple vulnerabilities in HiveMail, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks or compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/18807/ -- [SA18803] DocMGR process.php File Inclusion Vulnerability Critical: Highly critical Where: From remote Impact: Exposure of sensitive information, System access Released: 2006-02-13 rgod has reported a vulnerability in DocMGR, which can be exploited by malicious people to disclose potentially sensitive information and to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/18803/ -- [SA18800] Runcms File Upload and File Inclusion Vulnerabilities Critical: Highly critical Where: From remote Impact: System access Released: 2006-02-10 rgod has reported some vulnerabilities in Runcms, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/18800/ -- [SA18905] HTML::BBCode Script Insertion Vulnerability Critical: Moderately critical Where: From remote Impact: Cross Site Scripting Released: 2006-02-16 Aliaksandr Hartsuyeu has reported a vulnerability in HTML::BBCode, which can be exploited by malicious people to conduct script insertion attacks. Full Advisory: http://secunia.com/advisories/18905/ -- [SA18885] webSPELL "search.php" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2006-02-15 x128 has discovered a vulnerability in webSPELL, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/18885/ -- [SA18881] PHP Classifieds "member_login.php" SQL Injection Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2006-02-15 Audun Larsen has reported a vulnerability in PHP Classifieds, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/18881/ -- [SA18880] SAP Business Connector Arbitrary File Access and Spoofing Critical: Moderately critical Where: From remote Impact: Spoofing, Manipulation of data Released: 2006-02-15 Leandro Meiners has reported two vulnerabilities in SAP Business Connect (BC), which can be exploited by malicious people to conduct spoofing attacks or by malicious users to perform certain actions with escalated privileges. Full Advisory: http://secunia.com/advisories/18880/ -- [SA18877] Magic Downloads Settings Update Authentication Bypass Critical: Moderately critical Where: From remote Impact: Security Bypass Released: 2006-02-15 Aliaksandr Hartsuyeu has reported a vulnerability in Magic Downloads, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/18877/ -- [SA18876] Teca Diary Personal Edition SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2006-02-16 Aliaksandr Hartsuyeu has reported a vulnerability in Teca Diary Personal Edition, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/18876/ -- [SA18874] @Mail Webmail Image Tag Script Insertion Vulnerability Critical: Moderately critical Where: From remote Impact: Cross Site Scripting Released: 2006-02-16 Thomas Pollet has discovered a vulnerability in @Mail, which can be exploited by malicious people to conduct script insertion attacks. Full Advisory: http://secunia.com/advisories/18874/ -- [SA18873] Clever Copy Private Message "Subject" Script Insertion Vulnerability Critical: Moderately critical Where: From remote Impact: Cross Site Scripting Released: 2006-02-16 Thomas Pollet has discovered a vulnerability in Clever Copy, which can be exploited by malicious people to conduct script insertion attacks. Full Advisory: http://secunia.com/advisories/18873/ -- [SA18869] Lighttpd Case-Insensitive Filename Source Code Disclosure Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information Released: 2006-02-15 A vulnerability has been reported in lighttpd, which can be exploited by malicious people to disclose potentially sensitive information. Full Advisory: http://secunia.com/advisories/18869/ -- [SA18868] Squishdot Mail Header Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Security Bypass Released: 2006-02-15 A vulnerability has been reported in Squishdot, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/18868/ -- [SA18858] PyBlosxom Arbitrary File Disclosure Vulnerability Critical: Moderately critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information Released: 2006-02-14 A vulnerability has been reported in PyBlosxom, which potentially can be exploited by malicious people to disclose certain sensitive information. Full Advisory: http://secunia.com/advisories/18858/ -- [SA18856] CALimba rb_auth.php SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2006-02-14 Aliaksandr Hartsuyeu has reported a vulnerability in CALimba, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/18856/ -- [SA18855] Magic Calendar Lite SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2006-02-14 Aliaksandr Hartsuyeu has reported a vulnerability in Magic Calendar Lite, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/18855/ -- [SA18854] Time Tracking Software Multiple Vulnerabilities Critical: Moderately critical Where: From remote Impact: Security Bypass, Cross Site Scripting, Manipulation of data Released: 2006-02-14 Aliaksandr Hartsuyeu has reported some vulnerabilities in Time Tracking Software, which can be exploited by malicious people to bypass certain security restrictions, and to conduct SQL injection and script insertion attacks. Full Advisory: http://secunia.com/advisories/18854/ -- [SA18849] Gästebuch Homepage URL Script Insertion Vulnerability Critical: Moderately critical Where: From remote Impact: Cross Site Scripting Released: 2006-02-14 Micha Borrmann has reported a vulnerability in Gästebuch (gastbuch), which can be exploited by malicious people to conduct script insertion attacks. Full Advisory: http://secunia.com/advisories/18849/ -- [SA18843] WRQ Reflection Secure IT SFTP Format String Vulnerability Critical: Moderately critical Where: From remote Impact: System access Released: 2006-02-14 A vulnerability has been reported in Reflection Secure IT, which can be exploited by malicious users to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/18843/ -- [SA18840] Invision Power Board Army System Mod SQL Injection Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2006-02-14 fRoGGz and Alex has reported a vulnerability in Invision Power Board Army System Mod, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/18840/ -- [SA18831] RunCMS pmlite.php SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2006-02-14 Hamid Ebadi has discovered a vulnerability in RunCMS, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/18831/ -- [SA18823] SmE GB Host Username SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Released: 2006-02-13 Aliaksandr Hartsuyeu has reported a vulnerability in SmE GB Host, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/18823/ -- [SA18822] PHP/MYSQL Timesheet SQL Injection Vulnerabilities Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2006-02-13 Aliaksandr Hartsuyeu has reported some vulnerabilities in PHP/MYSQL Timesheet, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/18822/ -- [SA18819] WebGUI User Account Creation Vulnerability Critical: Moderately critical Where: From remote Impact: Security Bypass Released: 2006-02-13 A vulnerability has been reported in WebGUI, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/18819/ -- [SA18817] Hitachi Business Logic Cross-Site Scripting and SQL Injection Critical: Moderately critical Where: From remote Impact: Cross Site Scripting, Manipulation of data Released: 2006-02-13 Two vulnerabilities have been reported in Hitachi Business Logic, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks. Full Advisory: http://secunia.com/advisories/18817/ -- [SA18816] e107 Unspecified BBCode Script Insertion Vulnerabilities Critical: Moderately critical Where: From remote Impact: Cross Site Scripting Released: 2006-02-13 Some vulnerabilities have been reported in e107, which can be exploited by malicious people to conduct script insertion attacks. Full Advisory: http://secunia.com/advisories/18816/ -- [SA18810] Ansilove File Disclosure and File Upload Vulnerabilities Critical: Moderately critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information, System access Released: 2006-02-13 Some vulnerabilities have been reported in Ansilove, which can be exploited by malicious users to disclose certain sensitive information and potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/18810/ -- [SA18805] DB_eSession "deleteSession()" Function SQL Injection Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2006-02-13 James Bercegay has reported a vulnerability in DB_eSession, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/18805/ -- [SA18802] ImageVue Multiple Vulnerabilities Critical: Moderately critical Where: From remote Impact: Cross Site Scripting, Exposure of system information, System access Released: 2006-02-14 zjieb has reported some vulnerabilities in ImageVue, which can be exploited by malicious people to gain knowledge of certain system information, conduct cross-site scripting attacks, and potentially by malicious users to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/18802/ -- [SA18801] Zen Cart Unspecified SQL Injection Vulnerabilities Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2006-02-13 A vulnerability has been reported in Zen Cart, which potentially can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/18801/ -- [SA18793] phphd Multiple Vulnerabilities Critical: Moderately critical Where: From remote Impact: Security Bypass, Cross Site Scripting, Manipulation of data Released: 2006-02-10 Aliaksandr Hartsuyeu has reported some vulnerabilities in phphd, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks, and bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/18793/ -- [SA18791] PHPStatus Multiple Vulnerabilities Critical: Moderately critical Where: From remote Impact: Security Bypass, Cross Site Scripting, Manipulation of data Released: 2006-02-10 Aliaksandr Hartsuyeu has reported some vulnerabilities in PHPStatus, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks, and bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/18791/ -- [SA18790] Clever Copy HTTP Headers Script Insertion Vulnerabilities Critical: Moderately critical Where: From remote Impact: Cross Site Scripting Released: 2006-02-10 Aliaksandr Hartsuyeu has reported two vulnerabilities in Clever Copy, which can be exploited by malicious people to conduct script insertion attacks. Full Advisory: http://secunia.com/advisories/18790/ -- [SA18786] SmE GB Host / Blog Host "url" BBcode Script Insertion Critical: Moderately critical Where: From remote Impact: Cross Site Scripting Released: 2006-02-10 Aliaksandr Hartsuyeu has reported a vulnerability in SmE GB Host and SmE Blog Host, which can be exploited by malicious people to conduct script insertion attacks. Full Advisory: http://secunia.com/advisories/18786/ -- [SA18897] MyBB managegroup.php SQL Injection and Cross-Site Scripting Critical: Less critical Where: From remote Impact: Manipulation of data Released: 2006-02-16 imei addmimistrator has discovered vulnerabilities in MyBB, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/18897/ -- [SA18820] PHP-Nuke "pagetitle" Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2006-02-13 Janek Vind "waraxe" has discovered a vulnerability in PHP-Nuke, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/18820/ -- [SA18814] QwikiWiki "search.php" Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2006-02-14 Citynova has discovered a vulnerability in QwikiWiki, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/18814/ -- [SA18804] Siteframe "q" Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2006-02-13 Kiki has reported a vulnerability in Siteframe, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/18804/ -- [SA18792] PHP Event Calendar User Information Manipulation Critical: Less critical Where: From remote Impact: Cross Site Scripting, Manipulation of data Released: 2006-02-10 Aliaksandr Hartsuyeu has discovered a vulnerability in PHP Event Calendar, which can be exploited by malicious users to manipulate certain information and conduct script insertion attacks. Full Advisory: http://secunia.com/advisories/18792/ -- [SA18890] PostgreSQL Privilege Escalation and Denial of Service Critical: Less critical Where: From local network Impact: Privilege escalation, DoS Released: 2006-02-15 Two vulnerabilities have been reported in PostgreSQL, which can be exploited by malicious users to cause a DoS (Denial of Service) or gain escalated privileges. Full Advisory: http://secunia.com/advisories/18890/ ======================================================================== Secunia recommends that you verify all advisories you receive, by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Subscribe: http://secunia.com/secunia_weekly_summary/ Contact details: Web : http://secunia.com/ E-mail : support@private Tel : +45 70 20 51 44 Fax : +45 70 20 51 45 _________________________________ InfoSec News v2.0 - Coming Soon! http://www.infosecnews.org
This archive was generated by hypermail 2.1.3 : Fri Feb 17 2006 - 00:32:13 PST