======================================================================== The Secunia Weekly Advisory Summary 2006-09-28 - 2006-10-05 This week: 71 advisories ======================================================================== Table of Contents: 1.....................................................Word From Secunia 2....................................................This Week In Brief 3...............................This Weeks Top Ten Most Read Advisories 4.......................................Vulnerabilities Summary Listing 5.......................................Vulnerabilities Content Listing ======================================================================== 1) Word From Secunia: Secunia Corporate Website has been Released Learn more about what Secunia can offer you and your company, see and download detailed product descriptions, and view comprehensive flash presentations of both our products and corporate profile. Visit the Secunia Corporate Website: http://corporate.secunia.com/ Secunia Vulnerability and Advisory Portal has been Updated Our publicly available Vulnerability and Advisory Portal secunia.com has been updated with improved accessibility and usability, enhanced features, and improved search capabilities along with availability of extensive product reports. Over the years, the Secunia brand has become synonymous with credible, accurate, and reliable vulnerability intelligence and our services are used by more than 5 million unique users every year at secunia.com. Visit the Secunia Vulnerability and Advisory Portal: http://secunia.com/ ======================================================================== 2) This Week in Brief: Tom Ferris has reported a vulnerability in Skype for Mac, which potentially can be exploited by malicious people to compromise a user's system. The vendor has released an updated version that corrects this vulnerability. References: http://secunia.com/SA22185 -- Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities. Please refer to the referenced Secunia advisory for a comprehensive listing of the issues corrected with this update. References: http://secunia.com/SA22187 -- VIRUS ALERTS: During the past week Secunia collected 196 virus descriptions from the Antivirus vendors. However, none were deemed MEDIUM risk or higher according to the Secunia assessment scale. ======================================================================== 3) This Weeks Top Ten Most Read Advisories: 1. [SA22159] Microsoft Windows Shell Code Execution Vulnerability 2. [SA22127] Microsoft PowerPoint Code Execution Vulnerability 3. [SA21910] Internet Explorer daxctle.ocx "KeyFrame()" Method Vulnerability 4. [SA21906] Mozilla Firefox Multiple Vulnerabilities 5. [SA21989] Microsoft Vector Graphics Rendering Library Buffer Overflow 6. [SA22173] OpenSSH Signal Handling Vulnerability 7. [SA22130] OpenSSL Multiple Vulnerabilities 8. [SA20153] Microsoft Word Malformed Object Pointer Vulnerability 9. [SA22187] Mac OS X Security Update Fixes Multiple Vulnerabilities 10. [SA22185] Skype URI Argument Handling Format String Vulnerability ======================================================================== 4) Vulnerabilities Summary Listing Windows: [SA22249] IBM Rational RequisitePro OpenSSL Vulnerability [SA22232] OpenVPN Multiple Vulnerabilities [SA22179] MailEnable Multiple Vulnerabilities [SA22244] GroupWise Messenger Blowfish Zero-Sized Strings Denial of Service [SA22229] CA Unicenter Web Service Distributed Management Directory Traversal [SA22224] OfficeScan Corporate Edition "ATXCONSOLE.OCX" Format String Vulnerability [SA22222] McAfee ePolicy Orchestrator / ProtectionPilot Source Header Buffer Overflow [SA22234] Kerio Personal Firewall Hooked Functions Denial of Service UNIX/Linux: [SA22259] Mandriva update for ntp [SA22245] Mandriva update for openssh [SA22240] Debian update for openssl [SA22236] FreeBSD update for openssh [SA22220] rPath update for openssl [SA22216] Kolab Server Multiple Vulnerabilities [SA22212] Mandriva update for openssl [SA22210] Ubuntu update for firefox [SA22208] Ubuntu update for openssh [SA22207] Slackware update for openssl [SA22203] Mandriva update for gstreamer-ffmpeg [SA22202] GStreamer FFmpeg Plug-in Multiple Buffer Overflows [SA22201] Mandriva update for mplayer [SA22200] Mandriva update for xine-lib [SA22199] Gentoo update for dokuwiki [SA22195] Gentoo update for mozilla-firefox [SA22193] rPath update for openssl [SA22191] Mandriva update for libmusicbrainz [SA22190] HP-UX Ignite-UX Server Unspecified Vulnerability [SA22187] Mac OS X Security Update Fixes Multiple Vulnerabilities [SA22186] Red Hat update for openssl [SA22185] Skype URI Argument Handling Format String Vulnerability [SA22183] Red Hat update for openssh [SA22181] xine-lib FFmpeg Multiple Buffer Overflow Vulnerabilities [SA22180] FFmpeg Multiple Buffer Overflow Vulnerabilities [SA22260] Mandriva update for MySQL [SA22239] Debian update for cscope [SA22227] Debian update for mailman [SA22226] Sun Solaris RSA Signature Forgery Vulnerability [SA22219] rPath update for openldap [SA22205] Ubuntu update for gdb [SA22243] Debian update for migrationtools [SA22223] IBM Informix Dynamic Server Insecure Temporary File Creation [SA22213] IBM AIX acctctl Privilege Escalation Vulnerability Other: Cross Platform: [SA22261] Drupal IMCE Module Multiple Vulnerabilities [SA22256] Minerva "phpbb_root_path" File Inclusion Vulnerability [SA22242] HAMweather "do_parse_code" Command Injection Vulnerability [SA22231] BasiliX "BSX_LIBDIR" File Inclusion Vulnerabilities [SA22214] Forum82 "repertorylevel" File Inclusion Vulnerabilities [SA22209] PowerPortal "file_name[]" File Inclusion Vulnerability [SA22198] Mandriva update for ffmpeg [SA22196] Red Hat update for openssh [SA22194] Travelsized CMS "setup_folder" File Inclusion Vulnerability [SA22192] DokuWiki Denial of Service and Command Injection [SA22184] VideoDB "config[pdf_module]" File Inclusion Vulnerability [SA22182] MPlayer FFmpeg Multiple Buffer Overflow Vulnerabilities [SA22178] phpMyWebmin File Inclusions and Information Disclosure [SA22177] phpBB XS "phpbb_root_path" File Inclusion Vulnerability [SA22262] IBM WebSphere Application Server Apache mod_rewrite Vulnerability [SA22257] Taskjitsu "key" SQL Injection Vulnerability [SA22241] OlateDownload Script Insertion and SQL Injection [SA22238] OpenBiblio Local File Inclusion and SQL Injection [SA22206] Intoto iGateway VPN / SSL-VPN Denial of Service Vulnerability [SA22176] DeluxeBB "templatefolder" File Inclusion Vulnerability [SA22255] net2ftp "username" Cross-Site Scripting Vulnerability [SA22248] TeraStation HD-HTGL Series Cross-Site Request Forgery [SA22215] Mercury SiteScope Multiple Script Insertion Vulnerabilities [SA22211] WWWthreads "Cat" Cross-Site Scripting Vulnerabilities [SA22204] Sun Java JDK / SDK RSA Signature Forgery Vulnerability [SA22197] PostNuke "hits" SQL Injection Vulnerability [SA22188] phpBB "avatar_path" PHP Code Execution Vulnerability [SA22235] PHP "open_basedir" Symlink Security Bypass Vulnerability ======================================================================== 5) Vulnerabilities Content Listing Windows:-- [SA22249] IBM Rational RequisitePro OpenSSL Vulnerability Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2006-10-04 IBM has acknowledged a vulnerability in Rational RequisitePro RequisiteWeb, which can be exploited by malicious people to cause a DoS (Denial of Service) or to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/22249/ -- [SA22232] OpenVPN Multiple Vulnerabilities Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2006-10-02 Some vulnerabilities have been reported in OpenVPN, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/22232/ -- [SA22179] MailEnable Multiple Vulnerabilities Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2006-10-02 Some vulnerabilities have been reported in MailEnable, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/22179/ -- [SA22244] GroupWise Messenger Blowfish Zero-Sized Strings Denial of Service Critical: Moderately critical Where: From remote Impact: DoS Released: 2006-10-03 A vulnerability has been reported in GroupWise Messenger, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/22244/ -- [SA22229] CA Unicenter Web Service Distributed Management Directory Traversal Critical: Moderately critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information Released: 2006-10-04 A vulnerability has been reported in CA Unicenter Web Services Distributed Management (WSDM), which can be exploited by malicious people to disclose sensitive information. Full Advisory: http://secunia.com/advisories/22229/ -- [SA22224] OfficeScan Corporate Edition "ATXCONSOLE.OCX" Format String Vulnerability Critical: Moderately critical Where: From local network Impact: DoS, System access Released: 2006-10-02 A vulnerability has been reported in Trend Micro OfficeScan Corporate Edition, which can be exploited by malicious people to potentially compromise a user's system. Full Advisory: http://secunia.com/advisories/22224/ -- [SA22222] McAfee ePolicy Orchestrator / ProtectionPilot Source Header Buffer Overflow Critical: Moderately critical Where: From local network Impact: System access Released: 2006-10-02 A vulnerability has been reported in McAfee ProtectionPilot and McAfee ePolicy Orchestrator, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/22222/ -- [SA22234] Kerio Personal Firewall Hooked Functions Denial of Service Critical: Not critical Where: Local system Impact: DoS Released: 2006-10-02 David Matousek has reported some vulnerabilities in Kerio Personal Firewall, which can be exploited by malicious, local users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/22234/ UNIX/Linux:-- [SA22259] Mandriva update for ntp Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2006-10-03 Mandriva has issued an update for ntp. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/22259/ -- [SA22245] Mandriva update for openssh Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2006-10-04 Mandriva has issued an update for openssh. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/22245/ -- [SA22240] Debian update for openssl Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2006-10-02 Debian has issued an update for openssl. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/22240/ -- [SA22236] FreeBSD update for openssh Critical: Highly critical Where: From remote Impact: System access, DoS Released: 2006-10-02 FreeBSD has issued an update for openssh. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/22236/ -- [SA22220] rPath update for openssl Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2006-10-02 rPath has issued an update for openssl. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/22220/ -- [SA22216] Kolab Server Multiple Vulnerabilities Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2006-10-04 Some vulnerabilities have been reported in Kolab Server, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/22216/ -- [SA22212] Mandriva update for openssl Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2006-10-03 Mandriva has issued an update for openssl. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/22212/ -- [SA22210] Ubuntu update for firefox Critical: Highly critical Where: From remote Impact: Security Bypass, Cross Site Scripting, Spoofing, DoS, System access Released: 2006-10-04 Ubuntu has issued an update for firefox. This fixes some vulnerabilities, which can be exploited by malicious people to conduct man-in-the-middle, spoofing, and cross-site scripting attacks, and compromise a user's system. Full Advisory: http://secunia.com/advisories/22210/ -- [SA22208] Ubuntu update for openssh Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2006-10-03 Ubuntu has issued an update for openssh. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/22208/ -- [SA22207] Slackware update for openssl Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2006-09-29 Slackware has issued an update for openssl. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/22207/ -- [SA22203] Mandriva update for gstreamer-ffmpeg Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2006-09-29 Mandriva has issued an update for gstreamer-ffmpeg. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/22203/ -- [SA22202] GStreamer FFmpeg Plug-in Multiple Buffer Overflows Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2006-09-29 Some vulnerabilities have been reported in GStreamer FFmpeg Plug-in, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/22202/ -- [SA22201] Mandriva update for mplayer Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2006-09-29 Mandriva has issued an update for mplayer. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/22201/ -- [SA22200] Mandriva update for xine-lib Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2006-09-29 Mandriva has issued an update for xine-lib. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/22200/ -- [SA22199] Gentoo update for dokuwiki Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2006-09-29 Gentoo has issued an update for dokuwiki. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/22199/ -- [SA22195] Gentoo update for mozilla-firefox Critical: Highly critical Where: From remote Impact: Security Bypass, Cross Site Scripting, Spoofing, DoS, System access Released: 2006-09-29 Gentoo has issued an update for mozilla-firefox. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service), conduct man-in-the-middle, spoofing, and cross-site scripting attacks, and potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/22195/ -- [SA22193] rPath update for openssl Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2006-09-29 rPath has issued an update for openssl. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/22193/ -- [SA22191] Mandriva update for libmusicbrainz Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2006-09-29 Mandriva has issued an update for libmusicbrainz. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/22191/ -- [SA22190] HP-UX Ignite-UX Server Unspecified Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2006-10-03 A vulnerability has been reported in HP-UX, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/22190/ -- [SA22187] Mac OS X Security Update Fixes Multiple Vulnerabilities Critical: Highly critical Where: From remote Impact: Security Bypass, Spoofing, Exposure of sensitive information, Privilege escalation, DoS, System access Released: 2006-09-29 Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities. Full Advisory: http://secunia.com/advisories/22187/ -- [SA22186] Red Hat update for openssl Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2006-09-29 Red Hat has issued an update for openssl. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/22186/ -- [SA22185] Skype URI Argument Handling Format String Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2006-10-03 Tom Ferris has reported a vulnerability in Skype for Mac, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/22185/ -- [SA22183] Red Hat update for openssh Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2006-09-29 Red Hat has issued an update for openssh. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/22183/ -- [SA22181] xine-lib FFmpeg Multiple Buffer Overflow Vulnerabilities Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2006-09-29 Some vulnerabilities have been reported in xine-lib, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/22181/ -- [SA22180] FFmpeg Multiple Buffer Overflow Vulnerabilities Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2006-09-29 Some vulnerabilities have been reported in FFmpeg, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/22180/ -- [SA22260] Mandriva update for MySQL Critical: Moderately critical Where: From local network Impact: DoS, System access Released: 2006-10-03 Mandriva has issued an update for MySQL. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/22260/ -- [SA22239] Debian update for cscope Critical: Less critical Where: From remote Impact: DoS, System access Released: 2006-10-02 Debian has issued an update for cscope. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/22239/ -- [SA22227] Debian update for mailman Critical: Less critical Where: From remote Impact: Cross Site Scripting, Spoofing Released: 2006-10-04 Debian has issued an update for mailman. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and phishing attacks. Full Advisory: http://secunia.com/advisories/22227/ -- [SA22226] Sun Solaris RSA Signature Forgery Vulnerability Critical: Less critical Where: From remote Impact: Security Bypass Released: 2006-10-04 Sun has acknowledged a vulnerability in various products included in Solaris, which potentially can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/22226/ -- [SA22219] rPath update for openldap Critical: Less critical Where: From remote Impact: Security Bypass Released: 2006-10-02 rPath has issued an update for openldap. This fixes a security issue, which can be exploited by malicious users to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/22219/ -- [SA22205] Ubuntu update for gdb Critical: Less critical Where: From remote Impact: DoS, System access Released: 2006-10-03 Ubuntu has issued an update for gdb. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges or malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/22205/ -- [SA22243] Debian update for migrationtools Critical: Less critical Where: Local system Impact: Exposure of sensitive information Released: 2006-10-02 Debian has issued an update for migrationtools. This fixes a vulnerability, which can be exploited by malicious, local users to disclose potentially sensitive information and perform certain actions with escalated privileges on a vulnerable system. Full Advisory: http://secunia.com/advisories/22243/ -- [SA22223] IBM Informix Dynamic Server Insecure Temporary File Creation Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2006-10-03 Larry Cashdollar has discovered a vulnerability in IBM Informix Dynamic Server, which can be exploited by malicious, local users to perform certain actions with escalated privileges. Full Advisory: http://secunia.com/advisories/22223/ -- [SA22213] IBM AIX acctctl Privilege Escalation Vulnerability Critical: Not critical Where: Local system Impact: Privilege escalation Released: 2006-10-02 A vulnerability has been reported in IBM AIX, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/22213/ Other: Cross Platform:-- [SA22261] Drupal IMCE Module Multiple Vulnerabilities Critical: Highly critical Where: From remote Impact: Manipulation of data, System access Released: 2006-10-03 Some vulnerabilities have been reported in the IMCE Module for Drupal, which can be exploited by malicious users to delete files or compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/22261/ -- [SA22256] Minerva "phpbb_root_path" File Inclusion Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2006-10-03 SHiKaA has reported a vulnerability in Minerva, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/22256/ -- [SA22242] HAMweather "do_parse_code" Command Injection Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2006-10-03 Some vulnerabilities have been reported in HAMweather, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/22242/ -- [SA22231] BasiliX "BSX_LIBDIR" File Inclusion Vulnerabilities Critical: Highly critical Where: From remote Impact: System access Released: 2006-10-02 Kacper has reported some vulnerabilities in BasiliX, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/22231/ -- [SA22214] Forum82 "repertorylevel" File Inclusion Vulnerabilities Critical: Highly critical Where: From remote Impact: System access Released: 2006-10-02 Silahsiz Kuvvetler has discovered some vulnerabilities in Forum82, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/22214/ -- [SA22209] PowerPortal "file_name[]" File Inclusion Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2006-10-02 v1per-haCker has discovered a vulnerability in PowerPortal, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/22209/ -- [SA22198] Mandriva update for ffmpeg Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2006-09-29 Mandriva has issued an update for ffmpeg. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/22198/ -- [SA22196] Red Hat update for openssh Critical: Highly critical Where: From remote Impact: Security Bypass, Privilege escalation, DoS, System access Released: 2006-09-29 Red Hat has issued an update for openssh. This fixes some vulnerabilities, which can be exploited by malicious, local users to perform certain actions with escalated privileges, and by malicious people to bypass certain security restrictions, cause a DoS (Denial of Service), and potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/22196/ -- [SA22194] Travelsized CMS "setup_folder" File Inclusion Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2006-10-04 Kacper has discovered a vulnerability in Travelsized CMS, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/22194/ -- [SA22192] DokuWiki Denial of Service and Command Injection Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2006-09-29 Some vulnerabilities have been reported in DokuWiki, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/22192/ -- [SA22184] VideoDB "config[pdf_module]" File Inclusion Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2006-10-02 Kacper has discovered a vulnerability in VideoDB, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/22184/ -- [SA22182] MPlayer FFmpeg Multiple Buffer Overflow Vulnerabilities Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2006-09-29 Some vulnerabilities have been reported in MPlayer, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/22182/ -- [SA22178] phpMyWebmin File Inclusions and Information Disclosure Critical: Highly critical Where: From remote Impact: Exposure of system information, System access Released: 2006-09-29 Some vulnerabilities and two weaknesses have been discovered in phpMyWebmin, which can be exploited by malicious people to disclose system information and compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/22178/ -- [SA22177] phpBB XS "phpbb_root_path" File Inclusion Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2006-09-29 Solpot has discovered a vulnerability in phpBB XS, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/22177/ -- [SA22262] IBM WebSphere Application Server Apache mod_rewrite Vulnerability Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2006-10-03 IBM has acknowledged a vulnerability in WebSphere Application Server, which potentially can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/22262/ -- [SA22257] Taskjitsu "key" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2006-10-04 A vulnerability has been reported in Taskjitsu, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/22257/ -- [SA22241] OlateDownload Script Insertion and SQL Injection Critical: Moderately critical Where: From remote Impact: Cross Site Scripting, Manipulation of data Released: 2006-10-02 Hessam-x has reported some vulnerabilities in OlateDownload, which can be exploited by malicious people to conduct script insertion and SQL injection attacks. Full Advisory: http://secunia.com/advisories/22241/ -- [SA22238] OpenBiblio Local File Inclusion and SQL Injection Critical: Moderately critical Where: From remote Impact: Manipulation of data, Exposure of sensitive information Released: 2006-10-02 Some vulnerabilities have been reported in OpenBiblio, which can be exploited by malicious people to disclose potentially sensitive information, and by malicious users to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/22238/ -- [SA22206] Intoto iGateway VPN / SSL-VPN Denial of Service Vulnerability Critical: Moderately critical Where: From remote Impact: DoS Released: 2006-10-02 A vulnerability has been reported in Intoto iGateway VPN and Intoto iGateway SSL-VPN, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/22206/ -- [SA22176] DeluxeBB "templatefolder" File Inclusion Vulnerability Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information Released: 2006-10-02 r0ut3r has reported a vulnerability in DeluxeBB, which can be exploited by malicious people to disclose sensitive information. Full Advisory: http://secunia.com/advisories/22176/ -- [SA22255] net2ftp "username" Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2006-10-03 securfrog has discovered a vulnerability in net2ftp, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/22255/ -- [SA22248] TeraStation HD-HTGL Series Cross-Site Request Forgery Critical: Less critical Where: From remote Impact: Cross Site Scripting, Manipulation of data Released: 2006-10-03 A vulnerability has been reported in TeraStation HD-HTGL Series, which can be exploited by malicious people to conduct cross-site request forgery attacks. Full Advisory: http://secunia.com/advisories/22248/ -- [SA22215] Mercury SiteScope Multiple Script Insertion Vulnerabilities Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2006-10-03 Ozkan Aziz has reported some vulnerabilities in Mercury SiteScope, which can be exploited by malicious users to conduct script insertion attacks. Full Advisory: http://secunia.com/advisories/22215/ -- [SA22211] WWWthreads "Cat" Cross-Site Scripting Vulnerabilities Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2006-10-02 Root3r_H3ll has reported some vulnerabilities in WWWthreads, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/22211/ -- [SA22204] Sun Java JDK / SDK RSA Signature Forgery Vulnerability Critical: Less critical Where: From remote Impact: Security Bypass Released: 2006-10-04 Sun has acknowledged a vulnerability in Sun JDK / SDK, which potentially can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/22204/ -- [SA22197] PostNuke "hits" SQL Injection Vulnerability Critical: Less critical Where: From remote Impact: Manipulation of data Released: 2006-10-03 Omid has discovered a vulnerability in PostNuke, which can be exploited by malicious users to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/22197/ -- [SA22188] phpBB "avatar_path" PHP Code Execution Vulnerability Critical: Less critical Where: From remote Impact: System access Released: 2006-10-04 ShAnKaR has discovered a vulnerability in phpBB, which can be exploited by malicious users to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/22188/ -- [SA22235] PHP "open_basedir" Symlink Security Bypass Vulnerability Critical: Less critical Where: Local system Impact: Security Bypass Released: 2006-10-04 Stefan Esser has reported a vulnerability in PHP, which can be exploited by malicious, local users to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/22235/ ======================================================================== Secunia recommends that you verify all advisories you receive, by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Subscribe: http://secunia.com/secunia_weekly_summary/ Contact details: Web : http://secunia.com/ E-mail : support@private Tel : +45 70 20 51 44 Fax : +45 70 20 51 45 _________________________________ Donate online for the Ron Santo Walk to Cure Diabetes! http://www.c4i.org/ethan.html
This archive was generated by hypermail 2.1.3 : Thu Oct 05 2006 - 23:42:58 PDT