[ISN] Secunia Weekly Summary - Issue: 2007-5

From: InfoSec News (alerts@private)
Date: Thu Feb 01 2007 - 22:14:40 PST


========================================================================

                  The Secunia Weekly Advisory Summary                  
                        2007-01-25 - 2007-02-01                        

                       This week: 61 advisories                        

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing

========================================================================
1) Word From Secunia:

New Secunia blog entry about the "availability" of the latest Apple
QuickTime security update.

The update is ready, yet users are still only able to download the
vulnerable version from Apple.com - without any indication or guidance
about why or how to secure it:
http://secunia.com/blog/7/

Exploitation appears to be straight forward and the QuickTime player
is installed on more than 50% of all computers!

Use the Secunia Software Inspector for verification and real guidance
on how to secure your QuickTime player:
http://secunia.com/software_Inspector/

 --

Should you be interesting a career within Secunia, the current job
openings are available right now:

Security Sales Engineer:
http://corporate.secunia.com/about_secunia/54/

German Key Account Manager:
http://corporate.secunia.com/about_secunia/55/

International Account Manager - Enterprise Sales:
http://corporate.secunia.com/about_secunia/52/

International Sales Manager - IT Security Partner:
http://corporate.secunia.com/about_secunia/51/

Danish: Disassembling og Reversing
http://secunia.com/Disassembling_og_Reversing/

========================================================================
2) This Week in Brief:

A zero-day vulnerability has been reported in Microsoft Word, which can
be exploited by malicious people to compromise a user's system. The
zero-day exploit was first identified in the form of a trojan dropper
reportedly available in the wild.

The vulnerability is caused due to an unspecified error when parsing
strings in Word documents and can be exploited to corrupt memory
thereby allowing execution of arbitrary code on the user's system.
It is reported to affect Microsoft Word 2000. Other versions may also
be affected.

This is the fourth Microsoft Word zero-day to be released in two
months. All four remain unpatched.  Because of active exploitation of
these vulnerabilities, Secunia has tagged these as "Extremely
Critical", the maximum severity rating for Secunia advisories.
Secunia therefore urges all Microsoft Office users to refrain from
opening untrusted Word documents.

For more information on this vulnerability:
http://secunia.com/advisories/23950/

 --

A vulnerability has been discovered in Yahoo! Messenger, which may
allow an attacker to execute a limited amount of arbitrary script code
in the Local Zone context. The vulnerability is due to the input in the
"First Name", "Last Name", and "Nickname" fields in the "Contact
Details" option not being sanitised properly when displaying status
notification messages to a user in a chat box.

A possible scenario is as follows: (1) the user is tricked into adding
the attacker to his or her messenger list,  (2) the attacker sends an
instant message to the user, then (3) the attacker changes his or her
status (for example, from "available to everyone" to "invisible").
Successful exploitation only occurs if the attacker is in the messenger
list of the user.

This vulnerability is tagged by Secunia as "Less critical" due to
limitations in the amount of script code that can be executed. This is
because the contact details only accept a limited number of characters;
script code inserted into the contact details are truncated if it
exceeds the number of available characters.

Secunia urges Yahoo! Messenger users to add only trusted users to their
messenger lists. This vulnerability is currently unpatched, and is
confirmed to affect version 8.1.0.209.

For more information about this vulnerability:
http://secunia.com/advisories/23928/

 --

VIRUS ALERTS:

During the past week Secunia collected 159 virus descriptions from the
Antivirus vendors. However, none were deemed MEDIUM risk or higher
according to the Secunia assessment scale.

========================================================================
3) This Weeks Top Ten Most Read Advisories:

1.  [SA23950] Microsoft Word Unspecified String Handling Memory
              Corruption
2.  [SA23867] Cisco IOS Multiple Vulnerabilities
3.  [SA23904] ISC BIND Denial of Service Vulnerabilities
4.  [SA23666] Adobe Reader Unspecified Heap Corruption Vulnerability
5.  [SA18787] Internet Explorer Drag-and-Drop Vulnerability
6.  [SA23914] GuppY "error.php" Cookie Remote Code Execution
7.  [SA23475] NCTsoft Products NCTAudioFile2 ActiveX Control Buffer 
              Overflow
8.  [SA23757] Sun Java JRE GIF Image Processing Buffer Overflow
              Vulnerability
9.  [SA23938] PGP Desktop Service Code Execution Vulnerability
10. [SA23316] Bluetrait "bt-trackback.php" SQL-Injection
              Vulnerabilities

========================================================================
4) Vulnerabilities Summary Listing

Windows:
[SA23950] Microsoft Word Unspecified String Handling Memory Corruption
[SA23964] HTTP Commander Cross-Site Scripting Vulnerabilities
[SA23938] PGP Desktop Service Code Execution Vulnerability

UNIX/Linux:
[SA23992] phpIndexPage "env[inc_path]" File Inclusion Vulnerability
[SA23970] ACGVclick "path" File Inclusion Vulnerability
[SA23967] xt-stats "server_base_dir" File Inclusion Vulnerability
[SA23958] Flip4Mac WMV Parsing Memory Corruption Vulnerability
[SA23941] Debian update for cacti
[SA23984] SUSE Update for Multiple Packages
[SA23982] Sun Solaris ICMP Denial of Service Vulnerability
[SA23975] CHMlib Page Block Length Memory Corruption Vulnerability
[SA23971] Debian update for vlc
[SA23962] PHPFootball "show.php" Database Retrieval
[SA23956] Galeria "galeria" Local File Inclusion
[SA23954] xNews "id" SQL Injection Vulnerability
[SA23939] Sun Solaris FreeType Integer Overflow and Underflow
Vulnerabilities
[SA24005] Gentoo update for elinks
[SA24014] Fedora update for bind
[SA24006] Debian update for gtk+2.0
[SA23997] Red Hat update for kernel
[SA23979] Sun Java System Access Manager Cross-Site Scripting
[SA23977] Mandriva update for bind
[SA23976] Fedora update for libsoup
[SA23974] Fedora update for bind
[SA23972] Slackware update for bind
[SA23968] Webfwlog "conffile" Directory Traversal Vulnerability
[SA23961] Mandriva update for libsoup
[SA23946] Gentoo update for squid
[SA23944] Debian update for bind9
[SA23943] SUSE update for bind
[SA24015] Debian update for libgtop2
[SA23991] Avaya CMS / IR ld.so Directory Traversal and Buffer Overflow
[SA23966] Gentoo update for xorg-server
[SA23955] Linux Kernel "listxattr" Memory Corruption Vulnerability
[SA23937] smb4K Multiple Vulnerabilities
[SA23983] Drupal Captcha Module Security Bypass
[SA23945] Apple Mac OS X iChat Bonjour Denial of Service
[SA23993] NX Server "nxconfigure.sh" Denial of Service

Other:
[SA23978] Cisco IOS SIP Packet Handling Reload Denial of Service
[SA23989] Intel Enterprise Southbridge 2 BMC Interface Commands Access

Cross Platform:
[SA23990] vbDrupal Comment Preview Arbitrary Code Execution
[SA23987] EncapsCMS "config[path]" File Inclusion Vulnerability
[SA23973] MyNews "myNewsConf[path][sys][index]" File Inclusion
Vulnerability
[SA23969] nsGalPHP "racineTBS" File Inclusion Vulnerability
[SA23960] Drupal Comment Preview Arbitrary Code Execution
[SA23959] phpMyReports "cfgPathModule" File Inclusion Vulnerability
[SA23952] Xero Portal "phpbb_root_path" File Inclusion Vulnerability
[SA23949] Foro Domus "sesion_idioma" File Inclusion Vulnerability
[SA24016] Wireshark Multiple Denial of Service Vulnerabilities
[SA23981] WebGUI Asset Deletion Vulnerability
[SA23965] CascadianFAQ "catid" SQL Injection Vulnerability
[SA23963] Nexuiz "gamedir" Information Disclosure and Data
Manipulation
[SA23957] IBM AIX Mail Services Authentication Vulnerability
[SA23953] FileDownload Snippet for MODx Arbitrary File Download
[SA23948] MAXdev MD-Pro "startrow" SQL Injection Vulnerability
[SA23947] FD Script "fname" Arbitrary File Download Vulnerability
[SA23980] Movable Type Cross-Site Scripting and Security Bypass
[SA23951] CMSsimple mailform "sender" Cross-Site Scripting
Vulnerability
[SA23940] CVSTrac SQL Injection Vulnerability
[SA23942] gtalkbot Disclosure of User Credentials
[SA23985] Drupal Textimage Module Security Bypass

========================================================================
5) Vulnerabilities Content Listing

Windows:--

[SA23950] Microsoft Word Unspecified String Handling Memory Corruption

Critical:    Extremely critical
Where:       From remote
Impact:      System access
Released:    2007-01-26

A vulnerability has been reported in Microsoft Word, which can be
exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/23950/

 --

[SA23964] HTTP Commander Cross-Site Scripting Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-01-29

Two vulnerabilities have been discovered in HTTP Commander, which can
be exploited by malicious people to conduct cross-site scripting
attacks.

Full Advisory:
http://secunia.com/advisories/23964/

 --

[SA23938] PGP Desktop Service Code Execution Vulnerability

Critical:    Less critical
Where:       From local network
Impact:      System access
Released:    2007-01-26

Peter Winter-Smith of NGSSoftware has reported a vulnerability in PGP
Desktop, which can be exploited by malicious users  to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/23938/


UNIX/Linux:--

[SA23992] phpIndexPage "env[inc_path]" File Inclusion Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-01-30

DeltahackingTEAM has discovered a vulnerability in phpIndexPage, which
can be exploited by malicious people to compromise vulnerable systems.

Full Advisory:
http://secunia.com/advisories/23992/

 --

[SA23970] ACGVclick "path" File Inclusion Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-01-29

ajann has discovered a vulnerability in ACGVclick, which can be
exploited by malicious people to compromise vulnerable systems.

Full Advisory:
http://secunia.com/advisories/23970/

 --

[SA23967] xt-stats "server_base_dir" File Inclusion Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-01-29

ThE dE@Th has reported a vulnerability in xt-stats, which can be
exploited by malicious people to compromise vulnerable systems.

Full Advisory:
http://secunia.com/advisories/23967/

 --

[SA23958] Flip4Mac WMV Parsing Memory Corruption Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-01-29

KF and LMH have reported a vulnerability in Flip4Mac, which can
potentially be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/23958/

 --

[SA23941] Debian update for cacti

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Manipulation of data, System access
Released:    2007-01-26

Debian has issued an update for cacti. This fixes some vulnerabilities,
which can be exploited by malicious people to bypass certain security
restrictions, manipulate data and compromise vulnerable systems.

Full Advisory:
http://secunia.com/advisories/23941/

 --

[SA23984] SUSE Update for Multiple Packages

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data, Exposure of sensitive information,
Privilege escalation, DoS, System access
Released:    2007-01-29

SUSE has issued an update for multiple packages. This fixes some
vulnerabilities, which can be exploited by malicious, local users to
gain knowledge of potentially sensitive information, cause a DoS
(Denial of Service), or gain escalated privileges; by malicious users
to manipulate data, disclose sensitive information, or compromise a
vulnerable system; and by malicious people to cause a DoS.

Full Advisory:
http://secunia.com/advisories/23984/

 --

[SA23982] Sun Solaris ICMP Denial of Service Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2007-01-31

Sun has acknowledged a vulnerability in Solaris, which can be exploited
by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/23982/

 --

[SA23975] CHMlib Page Block Length Memory Corruption Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2007-01-29

iDefense Labs has reported a vulnerability in CHM Lib, which
potentially can be exploited by malicious people to compromise an
application using the vulnerable library.

Full Advisory:
http://secunia.com/advisories/23975/

 --

[SA23971] Debian update for vlc

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2007-01-29

Debian has issued an update for vlc. This fixes a vulnerability, which
can be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/23971/

 --

[SA23962] PHPFootball "show.php" Database Retrieval

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Exposure of sensitive information
Released:    2007-01-31

ajann has discovered a vulnerability in PHPFootball, which can be
exploited by malicious people to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/23962/

 --

[SA23956] Galeria "galeria" Local File Inclusion

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information
Released:    2007-01-31

ajann has reported a vulnerability in Galeria, which can be exploited
by malicious people to disclose sensitive information.

Full Advisory:
http://secunia.com/advisories/23956/

 --

[SA23954] xNews "id" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data, Exposure of sensitive information
Released:    2007-01-29

ajann has discovered a vulnerability in xNews, which can be exploited
by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/23954/

 --

[SA23939] Sun Solaris FreeType Integer Overflow and Underflow
Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-01-29

Sun has acknowledged some vulnerabilities in Solaris, which can be
exploited by malicious people to cause a DoS (Denial of Service) and
potentially compromise applications using the library.

Full Advisory:
http://secunia.com/advisories/23939/

 --

[SA24005] Gentoo update for elinks

Critical:    Moderately critical
Where:       From local network
Impact:      Manipulation of data, Exposure of system information,
Exposure of sensitive information
Released:    2007-02-01

Gentoo has issued an update for elinks. This fixes a vulnerability,
which can be exploited by malicious people to expose sensitive
information and manipulate data.

Full Advisory:
http://secunia.com/advisories/24005/

 --

[SA24014] Fedora update for bind

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2007-02-01

Fedora has issued an update for bind. This fixes some vulnerabilities,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/24014/

 --

[SA24006] Debian update for gtk+2.0

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2007-02-01

Debian has issued an update for gtk+2.0. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/24006/

 --

[SA23997] Red Hat update for kernel

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2007-01-31

Red Hat has issued an update for the kernel. This fixes some
vulnerabilities, which can be exploited by malicious, local users to
disclose potentially sensitive information, gain escalated privileges,
and cause a DoS (Denial of Service), and by malicious people to cause a
DoS.

Full Advisory:
http://secunia.com/advisories/23997/

 --

[SA23979] Sun Java System Access Manager Cross-Site Scripting

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-01-30

A vulnerability has been reported in Sun Java System Access Manager,
which can be exploited by malicious people to conduct cross-site
scripting attacks.

Full Advisory:
http://secunia.com/advisories/23979/

 --

[SA23977] Mandriva update for bind

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2007-01-31

Mandriva has issued an update for bind. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/23977/

 --

[SA23976] Fedora update for libsoup

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2007-01-30

Fedora has issued an update for libsoup. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/23976/

 --

[SA23974] Fedora update for bind

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2007-01-30

Fedora has issued an update for bind. This fixes a vulnerability, which
can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/23974/

 --

[SA23972] Slackware update for bind

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2007-01-29

Slackware has issued an update for bind. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/23972/

 --

[SA23968] Webfwlog "conffile" Directory Traversal Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information
Released:    2007-01-30

GolD_M has discovered a vulnerability in Webfwlog, which can be
exploited by malicious people to disclose sensitive information.

Full Advisory:
http://secunia.com/advisories/23968/

 --

[SA23961] Mandriva update for libsoup

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2007-01-29

Mandriva has issued an update for libsoup. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/23961/

 --

[SA23946] Gentoo update for squid

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2007-01-26

Gentoo has issued an update for squid. This fixes some vulnerabilities,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/23946/

 --

[SA23944] Debian update for bind9

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2007-01-29

Debian has issued an update for bind9. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/23944/

 --

[SA23943] SUSE update for bind

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2007-01-30

SUSE has issued an update for bind. This fixes a vulnerability, which
can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/23943/

 --

[SA24015] Debian update for libgtop2

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-02-01

Debian has issued an update for libgtop2. This fixes a vulnerability,
which can be exploited by malicious, local users to gain escalated
privileges.

Full Advisory:
http://secunia.com/advisories/24015/

 --

[SA23991] Avaya CMS / IR ld.so Directory Traversal and Buffer Overflow

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-01-30

Avaya has acknowledged a vulnerability and a security issue in Avaya
CMS / IR, which can be exploited by malicious, local users to disclose
sensitive information or potentially gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/23991/

 --

[SA23966] Gentoo update for xorg-server

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-01-29

Gentoo has issued an update for xorg-server. This fixes some
vulnerabilities, which can be exploited by malicious, local users to
gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/23966/

 --

[SA23955] Linux Kernel "listxattr" Memory Corruption Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation, DoS
Released:    2007-01-31

A vulnerability has been reported in the Linux Kernel, which can be
exploited by malicious, local users to cause a DoS (Denial of Service)
or potentially gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/23955/

 --

[SA23937] smb4K Multiple Vulnerabilities

Critical:    Less critical
Where:       Local system
Impact:      Exposure of sensitive information, Privilege escalation,
DoS
Released:    2007-01-29

Kees Cook has reported some vulnerabilities in smb4K, which can be
exploited by malicious, local users to kill arbitrary processes,
disclose potentially sensitive information, and gain escalated
privileges.

Full Advisory:
http://secunia.com/advisories/23937/

 --

[SA23983] Drupal Captcha Module Security Bypass

Critical:    Not critical
Where:       From remote
Impact:      Security Bypass
Released:    2007-01-31

A weakness has been reported in the Captcha module for Drupal, which
can be exploited by malicious people to bypass certain security
restrictions.

Full Advisory:
http://secunia.com/advisories/23983/

 --

[SA23945] Apple Mac OS X iChat Bonjour Denial of Service

Critical:    Not critical
Where:       From local network
Impact:      DoS
Released:    2007-01-31

LMH has reported a vulnerability in Apple iChat, which can be exploited
by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/23945/

 --

[SA23993] NX Server "nxconfigure.sh" Denial of Service

Critical:    Not critical
Where:       Local system
Impact:      DoS
Released:    2007-01-30

A security issue has been reported in NX Server, which can be exploited
by malicious, local users to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/23993/


Other:--

[SA23978] Cisco IOS SIP Packet Handling Reload Denial of Service

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2007-01-31

A vulnerability has been reported in Cisco IOS, which can be exploited
by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/23978/

 --

[SA23989] Intel Enterprise Southbridge 2 BMC Interface Commands Access

Critical:    Less critical
Where:       From local network
Impact:      Security Bypass
Released:    2007-01-31

A security issue has been reported in Intel Enterprise Southbridge 2
Baseboard Management Controller (BMC), which can be exploited by
malicious people to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/23989/


Cross Platform:--

[SA23990] vbDrupal Comment Preview Arbitrary Code Execution

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-01-30

A vulnerability has been reported in vbDrupal, which can be exploited
by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/23990/

 --

[SA23987] EncapsCMS "config[path]" File Inclusion Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-01-31

Tr_ZiNDaN has reported a vulnerability in EncapsCMS, which can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/23987/

 --

[SA23973] MyNews "myNewsConf[path][sys][index]" File Inclusion
Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-01-31

GolD_M has reported a vulnerability in MyNews, which can be exploited
by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/23973/

 --

[SA23969] nsGalPHP "racineTBS" File Inclusion Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-01-29

S.W.A.T. has reported a vulnerability in nsGalPHP, which can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/23969/

 --

[SA23960] Drupal Comment Preview Arbitrary Code Execution

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-01-30

A vulnerability has been reported in Drupal, which can be exploited by
malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/23960/

 --

[SA23959] phpMyReports "cfgPathModule" File Inclusion Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-01-29

GolD_M has discovered a vulnerability in phpMyReports, which can be
exploited by malicious people to compromise vulnerable systems.

Full Advisory:
http://secunia.com/advisories/23959/

 --

[SA23952] Xero Portal "phpbb_root_path" File Inclusion Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-01-26

xoron has reported a vulnerability in Xero Portal, which can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/23952/

 --

[SA23949] Foro Domus "sesion_idioma" File Inclusion Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-01-29

xoron has reported a vulnerability in Foro Domus, which can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/23949/

 --

[SA24016] Wireshark Multiple Denial of Service Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2007-02-01

Some vulnerabilities have been reported in Wireshark, which can be
exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/24016/

 --

[SA23981] WebGUI Asset Deletion Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-01-29

Lucas Bartholemy has reported a vulnerability in WebGUI, which can be
exploited by malicious users to delete assets.

Full Advisory:
http://secunia.com/advisories/23981/

 --

[SA23965] CascadianFAQ "catid" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-01-31

ajann has discovered a vulnerability in CascadianFAQ, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/23965/

 --

[SA23963] Nexuiz "gamedir" Information Disclosure and Data
Manipulation

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data, Exposure of sensitive information
Released:    2007-01-31

A vulnerability has been reported in Nexuiz, which can be exploited by
malicious people to disclose sensitive information or manipulate data.

Full Advisory:
http://secunia.com/advisories/23963/

 --

[SA23957] IBM AIX Mail Services Authentication Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2007-01-29

A vulnerability has been reported in AIX, which can be exploited by
malicious people to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/23957/

 --

[SA23953] FileDownload Snippet for MODx Arbitrary File Download

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information
Released:    2007-01-31

A vulnerability has been reported in the FileDownload snippet for MODx,
which can be exploited by malicious people to disclose sensitive
information.

Full Advisory:
http://secunia.com/advisories/23953/

 --

[SA23948] MAXdev MD-Pro "startrow" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-01-30

adex has discovered a vulnerability in MAXdev MD-Pro, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/23948/

 --

[SA23947] FD Script "fname" Arbitrary File Download Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of sensitive information
Released:    2007-01-29

ajann has discovered a vulnerability in FD Script, which can be
exploited by malicious people to gain knowledge of sensitive
information.

Full Advisory:
http://secunia.com/advisories/23947/

 --

[SA23980] Movable Type Cross-Site Scripting and Security Bypass

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting
Released:    2007-01-29

Some vulnerabilities have been reported in Movable Type, which can be
exploited by malicious people to bypass certain security restrictions
and conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/23980/

 --

[SA23951] CMSsimple mailform "sender" Cross-Site Scripting
Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-01-26

unsticky has discovered a vulnerability in CMSimple, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/23951/

 --

[SA23940] CVSTrac SQL Injection Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Manipulation of data, DoS
Released:    2007-01-30

Ralf S. Engelschall has reported a vulnerability in CVSTrac, which can
be exploited by malicious users to conduct SQL injection attacks and
cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/23940/

 --

[SA23942] gtalkbot Disclosure of User Credentials

Critical:    Less critical
Where:       Local system
Impact:      Exposure of sensitive information
Released:    2007-01-31

A security issue has been reported in gtalkbot, which can be exploited
by malicious, local users to disclose sensitive information.

Full Advisory:
http://secunia.com/advisories/23942/

 --

[SA23985] Drupal Textimage Module Security Bypass

Critical:    Not critical
Where:       From remote
Impact:      Security Bypass
Released:    2007-01-31

A weakness has been reported in the Textimage module for Drupal, which
can be exploited by malicious people to bypass certain security
restrictions.

Full Advisory:
http://secunia.com/advisories/23985/



========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Subscribe:
http://secunia.com/secunia_weekly_summary/

Contact details:
Web	: http://secunia.com/
E-mail	: support@private
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45


_____________________________
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn
 



This archive was generated by hypermail 2.1.3 : Thu Feb 01 2007 - 22:24:07 PST