[ISN] Secunia Weekly Summary - Issue: 2007-6

From: InfoSec News (alerts@private)
Date: Thu Feb 08 2007 - 22:05:23 PST


========================================================================

                  The Secunia Weekly Advisory Summary                  
                        2007-02-01 - 2007-02-08                        

                       This week: 62 advisories                        

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing

========================================================================
1) Word From Secunia:

New Secunia blog entry about the "availability" of the latest Apple
QuickTime security update.

The update is ready, yet users are still only able to download the
vulnerable version from Apple.com - without any indication or guidance
about why or how to secure it:
http://secunia.com/blog/7/

Exploitation appears to be straight forward and the QuickTime player
is installed on more than 50% of all computers!

Use the Secunia Software Inspector for verification and real guidance
on how to secure your QuickTime player:
http://secunia.com/software_Inspector/

 --

Should you be interesting a career within Secunia, the current job
openings are available right now:

Security Sales Engineer:
http://corporate.secunia.com/about_secunia/54/

German Key Account Manager:
http://corporate.secunia.com/about_secunia/55/

International Account Manager - Enterprise Sales:
http://corporate.secunia.com/about_secunia/52/

International Sales Manager - IT Security Partner:
http://corporate.secunia.com/about_secunia/51/

Danish: Disassembling og Reversing
http://secunia.com/Disassembling_og_Reversing/

========================================================================
2) This Week in Brief:

A new vulnerability in Microsoft Office has reportedly been exploited,
making it the second time this year that a Microsoft product has been
used in a zero-day attack. The new vulnerability is reportedly due to
the way that Office applications handle strings, and can be exploited
to cause memory corruption.

The attack was reported to use Microsoft Excel, but other Office
applications may also be affected. An in-the-wild malware is
available. The vulnerability is currently unpatched, and Microsoft has
not yet issued an estimated time of patch availability.

Users are advised not to open untrusted Office documents, such as Word
documents, Excel spreadsheets, and Powerpoint presentations. Due to the
availability of a malware exploiting this vulnerability, Secunia has
rated its advisory as "Extremely Critical", the highest criticality
of all advisories.

For more information, refer to the following:
http://secunia.com/advisories/24008/

 --

Four vulnerabilities were reported in Samba this week, which could
allow system access, or cause a denial of service (DoS).

Under certain conditions, smbd fails to remove requests from the
deferred file open queue. This can be exploited to cause a DoS due to
heavy resource usage when renaming a file under special circumstances
triggers an infinite loop.

Samba uses filenames as format string parameter in a call to
"sprintf()" when setting Windows NT Access Control Lists using the
afsacl.so VFS plugin. This can potentially be exploited to execute
arbitrary code, given that an AFS file system is shared to CIFS
clients using the afsacl.so VFS module and that the attacker has
write access to the share.

Two vulnerabilities caused due to boundary errors within the
"gethostbyname()" and "getipnodebyname()" functions in the
"nss_winbind.so.1" library can be exploited to cause a buffer
overflow via an overly large string passed to the NSS interface.
Successful exploitation may allow execution of arbitrary code, but
requires that the winbindd daemon is running and configured to use
the "nss_winbind.so.1" library.

Due to the potential impact of allowing an attacker to execute
arbitrary code, Secunia has rated these advisories as "Moderately
Critical". Samba has released a security update to address these
issues.

For more information, refer to:
http://secunia.com/advisories/24046/
http://secunia.com/advisories/24043/

 --

Multiple denial of service (DoS) vulnerabilities were reported in
Wireshark this week by the vendor.

Errors within the TCP, HTTP, IEEE 802.11, and LLT parsers can be
exploited to cause a crash or consume large amounts of memory when
parsing a specially crafted packet that is either captured off the
wire or loaded via a capture file.

Secunia has tagged these vulnerabilities as "Moderately critical".
Wireshark has released a security update to address these issues.

For more information, refer to:
http://secunia.com/advisories/24016/

 --

VIRUS ALERTS:

During the past week Secunia collected 176 virus descriptions from the
Antivirus vendors. However, none were deemed MEDIUM risk or higher
according to the Secunia assessment scale.

========================================================================
3) This Weeks Top Ten Most Read Advisories:

1.  [SA24008] Microsoft Office Unspecified String Handling
              Vulnerability
2.  [SA23950] Microsoft Word Unspecified String Handling Memory
              Corruption
3.  [SA18787] Internet Explorer Drag-and-Drop Vulnerability
4.  [SA23666] Adobe Reader Unspecified Heap Corruption Vulnerability
5.  [SA23996] Solaris 10 Loopback FileSystem Security Bypass
6.  [SA24009] CA BrightStor ARCserve Backup RPC Server Denial of
              Service
7.  [SA23994] GOM Player ASX Playlist Buffer Overflow
8.  [SA23995] IBM AIX Various R Commands Privilege Escalation
              Vulnerability
9.  [SA23988] Debian update for mozilla-firefox
10. [SA24016] Wireshark Multiple Denial of Service Vulnerabilities

========================================================================
4) Vulnerabilities Summary Listing

Windows:
[SA24063] Alipay PTA Module ActiveX Control Code Execution
Vulnerability
[SA24051] SmartFTP Banner Handling Buffer Overflow Vulnerability
[SA24049] Blue Coat WinProxy CONNECT Buffer Overflow Vulnerability
[SA24031] Bugzilla Cross-Site Scripting Vulnerability
[SA24064] FreeProxy "Host" Header Denial of Service Vulnerability
[SA24069] Trend Micro Products IOCTL Handler Privilege Escalation
[SA24068] avast! Server Edition Password Setting Security Issue
[SA24045]  X-Kryptor Secure Client Privilege Escalation Vulnerability

UNIX/Linux:
[SA24099] Red Hat update for java-1.4.2-ibm
[SA24092] Webmatic Two File Inclusion Vulnerabilities
[SA24078] Debian update for mozilla-thunderbird
[SA24074] Maian Recipe "path_to_folder" File Inclusion Vulnerability
[SA24102] SysCP Execution of Arbitrary Commands
[SA24100] Mandriva update for kernel
[SA24084] Fedora update for wireshark
[SA24072] ACGVannu "index2.php" Security Bypass
[SA24032] dB Masters' Curium CMS "c_id" SQL Injection
[SA24025] rPath update for wireshark and tshark
[SA24067] Ubuntu update for samba
[SA24060] Debian update for samba
[SA24046] Samba Denial of Service and Format String Vulnerability
[SA24043] Samba Winbind Library Buffer Overflow Vulnerabilities
[SA24095] Mandriva update for gtk+2.0
[SA24083] Red Hat update for bind
[SA24054] Trustix update for bind and ed
[SA24053] Mandriva update for gd
[SA24052] Mandriva update for libwmf
[SA24048] Ubuntu update for bind
[SA24101] Slackware update for samba
[SA24094] Red Hat update for postgresql
[SA24057] Fedora update for postgresql
[SA24050] Mandriva update for postregsql
[SA24042] rPath update for postgresql and postgresql-server
[SA24033] PostgreSQL Denial of Service and Information Disclosure
[SA24030] rPath update for samba and samba-swat
[SA24028] Ubuntu update for postgresql
[SA24041] HP Tru64 Process Environment Disclosure Security Issue
[SA24065] Ubuntu update for kdelibs
[SA24061] pam_ssh "allow_blank_passphrase" Bypass Security Issue
[SA24059] Red Hat update for dbus

Other:
[SA24047] Avaya Products GnuPG Multiple Vulnerabilities
[SA24055] Avaya Products OpenSSH Privilege Separation Monitor Weakness

Cross Platform:
[SA24087] Trend Micro Products UPX Processing Buffer Overflow
Vulnerability
[SA24037] DreamStats "rootpath" File Inclusion Vulnerability
[SA24035] SMA-DB "pfad_z" File Inclusion Vulnerability
[SA24034] phpBB++ "phpbb_root_path" File Inclusion Vulnerability
[SA24077] RARLabs UnRAR Password Prompt Buffer Overflow Vulnerability
[SA24071] FlashChat "info.php" Script Insertion Vulnerabilities
[SA24070] Jetty Predictable Session Identifier Security Issue
[SA24058] VirtueMart Unspecified SQL Injection and Cross-Site
Scripting
[SA24040] Simple Invoices "module/view" Local File Inclusion
Vulnerability
[SA24038] EQdkp Backup Referer Security Bypass
[SA24029] Photo Galerie Script "id" SQL Injection Vulnerability
[SA24096] MoinMoin Script Insertion Vulnerabilities
[SA24085] vBulletin "Attachment Manager" Cross-Site Scripting
[SA24062] HLstats Search Class Cross-Site Scripting Vulnerability
[SA24044] Mambo Unspecified Content Edit Cancel SQL Injection
[SA24039] MediaWiki Sortable Tables Script Insertion Vulnerability
[SA24027] Woltlab Burning Board Lite "pmid[0]" SQL Injection
[SA24026] zenphoto Directory Listing Disclosure Vulnerability
[SA24024] STLport Buffer Overflow Weaknesses
[SA24056] Avaya CMS / IR Sun Solaris rpcbind Denial of Service

========================================================================
5) Vulnerabilities Content Listing

Windows:--

[SA24063] Alipay PTA Module ActiveX Control Code Execution
Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-02-08

cocoruder has discovered a vulnerability in Alipay PTA Module ActiveX
Control, which can be exploited by malicious people to compromise a
user's system.

Full Advisory:
http://secunia.com/advisories/24063/

 --

[SA24051] SmartFTP Banner Handling Buffer Overflow Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2007-02-05

Marsu Pilami has discovered a vulnerability in SmartFTP, which can be
exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/24051/

 --

[SA24049] Blue Coat WinProxy CONNECT Buffer Overflow Vulnerability

Critical:    Moderately critical
Where:       From local network
Impact:      DoS, System access
Released:    2007-02-06

Manuel Santamarina Suarez has reported a vulnerability in Blue Coat
WinProxy, which can be exploited by malicious people to cause a DoS
(Denial of Service) or potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/24049/

 --

[SA24031] Bugzilla Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-02-05

A vulnerability has been reported in Bugzilla, which can be exploited
by malicious users to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/24031/

 --

[SA24064] FreeProxy "Host" Header Denial of Service Vulnerability

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2007-02-08

Tim Brown has reported a vulnerability in FreeProxy, which can be
exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/24064/

 --

[SA24069] Trend Micro Products IOCTL Handler Privilege Escalation

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-02-08

A vulnerability has been reported in various Trend Micro products,
which can be exploited by malicious, local users to gain escalated
privileges.

Full Advisory:
http://secunia.com/advisories/24069/

 --

[SA24068] avast! Server Edition Password Setting Security Issue

Critical:    Less critical
Where:       Local system
Impact:      Security Bypass
Released:    2007-02-06

A security issue has been reported in avast! Server Edition, which can
be exploited by malicious, local users to bypass certain security
restrictions.

Full Advisory:
http://secunia.com/advisories/24068/

 --

[SA24045]  X-Kryptor Secure Client Privilege Escalation Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-02-06

A vulnerability has been reported in X-Kryptor Secure Client, which can
be exploited by malicious, local users to gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/24045/


UNIX/Linux:--

[SA24099] Red Hat update for java-1.4.2-ibm

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Privilege escalation, System access
Released:    2007-02-08

Red Hat has issued an update for java-1.4.2-ibm. This fixes some
vulnerabilities, which can be exploited by malicious people to bypass
certain security restrictions and compromise a user's system.

Full Advisory:
http://secunia.com/advisories/24099/

 --

[SA24092] Webmatic Two File Inclusion Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-02-08

MadNet has discovered two vulnerabilities in Webmatic, which can be
exploited by malicious people to compromise vulnerable systems.

Full Advisory:
http://secunia.com/advisories/24092/

 --

[SA24078] Debian update for mozilla-thunderbird

Critical:    Highly critical
Where:       From remote
Impact:      Cross Site Scripting, DoS, System access
Released:    2007-02-07

Debian has issued an update for mozilla-thunderbird. This fixes some
vulnerabilities, which can be exploited by malicious people to conduct
cross-site scripting attacks and potentially compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/24078/

 --

[SA24074] Maian Recipe "path_to_folder" File Inclusion Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-02-08

Denven has discovered a vulnerability in Maian Recipe, which can be
exploited by malicious people to compromise vulnerable systems.

Full Advisory:
http://secunia.com/advisories/24074/

 --

[SA24102] SysCP Execution of Arbitrary Commands

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2007-02-08

A vulnerability and a weakness have been reported in SysCP, which can
be exploited by malicious users to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/24102/

 --

[SA24100] Mandriva update for kernel

Critical:    Moderately critical
Where:       From remote
Impact:      Unknown, Privilege escalation, DoS
Released:    2007-02-08

Mandriva has issued an update for the kernel. This fixes a security
issue with unknown impact and some vulnerabilities, which can be
exploited by malicious, local users to cause a DoS (Denial of Service)
or potentially gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/24100/

 --

[SA24084] Fedora update for wireshark

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2007-02-07

Fedora has issued an update for wireshark. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/24084/

 --

[SA24072] ACGVannu "index2.php" Security Bypass

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Manipulation of data
Released:    2007-02-06

ajann has discovered a vulnerability in ACGVannu, which can be
exploited by malicious people to bypass certain security restrictions
and manipulate data.

Full Advisory:
http://secunia.com/advisories/24072/

 --

[SA24032] dB Masters' Curium CMS "c_id" SQL Injection

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-02-06

ajann has reported a vulnerability in dB Masters' Curium CMS, which can
be exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/24032/

 --

[SA24025] rPath update for wireshark and tshark

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2007-02-05

rPath has issued an update for wireshark and tshark. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/24025/

 --

[SA24067] Ubuntu update for samba

Critical:    Moderately critical
Where:       From local network
Impact:      DoS, System access
Released:    2007-02-07

Ubuntu has issued an update for samba. This fixes some vulnerabilities,
which can be exploited by malicious users to cause a DoS (Denial of
Service) or potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/24067/

 --

[SA24060] Debian update for samba

Critical:    Moderately critical
Where:       From local network
Impact:      DoS, System access
Released:    2007-02-06

Debian has issued an update for samba. This fixes some vulnerabilities,
which can be exploited by malicious users to cause a DoS (Denial of
Service) or potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/24060/

 --

[SA24046] Samba Denial of Service and Format String Vulnerability

Critical:    Moderately critical
Where:       From local network
Impact:      DoS, System access
Released:    2007-02-06

Some vulnerabilities have been reported in Samba, which can be
exploited by malicious users to cause a DoS (Denial of Service) or
potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/24046/

 --

[SA24043] Samba Winbind Library Buffer Overflow Vulnerabilities

Critical:    Moderately critical
Where:       From local network
Impact:      System access
Released:    2007-02-06

Two vulnerabilities have been reported in Samba, which potentially can
be exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/24043/

 --

[SA24095] Mandriva update for gtk+2.0

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2007-02-08

Mandriva has issued an update for gtk+2.0. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/24095/

 --

[SA24083] Red Hat update for bind

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2007-02-07

Red Hat has issued an update for bind. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/24083/

 --

[SA24054] Trustix update for bind and ed

Critical:    Less critical
Where:       From remote
Impact:      Privilege escalation, DoS
Released:    2007-02-05

Trustix has issued an update for bind and ed. This fixes some
vulnerabilities, which can be exploited by malicious, local users to
perform certain actions with escalated privileges and by malicious
people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/24054/

 --

[SA24053] Mandriva update for gd

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2007-02-07

Mandriva has issued an update for gd. This fixes a vulnerability, which
can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/24053/

 --

[SA24052] Mandriva update for libwmf

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2007-02-07

Mandriva has issued an update for libwmf. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/24052/

 --

[SA24048] Ubuntu update for bind

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2007-02-06

Ubuntu has issued an update for bind. This fixes some vulnerabilities,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/24048/

 --

[SA24101] Slackware update for samba

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2007-02-08

Slackware has issued an update for samba. This fixes a vulnerability,
which can be exploited by malicious users to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/24101/

 --

[SA24094] Red Hat update for postgresql

Critical:    Less critical
Where:       From local network
Impact:      Exposure of sensitive information, DoS
Released:    2007-02-08

Red Hat has issued an update for postgresql. This fixes some
vulnerabilities, which can be exploited by malicious users to gain
knowledge of potentially sensitive information and cause a DoS (Denial
of Service).

Full Advisory:
http://secunia.com/advisories/24094/

 --

[SA24057] Fedora update for postgresql

Critical:    Less critical
Where:       From local network
Impact:      Exposure of sensitive information, DoS
Released:    2007-02-06

Fedora has issued an update for postgresql. This fixes some
vulnerabilities, which can be exploited by malicious people to gain
knowledge of potentially sensitive information or cause a DoS (Denial
of Service).

Full Advisory:
http://secunia.com/advisories/24057/

 --

[SA24050] Mandriva update for postregsql

Critical:    Less critical
Where:       From local network
Impact:      Exposure of sensitive information, DoS
Released:    2007-02-07

Mandriva has issued an update for postgresql. This fixes some
vulnerabilities, which can be exploited by malicious people to gain
knowledge of potentially sensitive information or cause a DoS (Denial
of Service).

Full Advisory:
http://secunia.com/advisories/24050/

 --

[SA24042] rPath update for postgresql and postgresql-server

Critical:    Less critical
Where:       From local network
Impact:      Exposure of sensitive information, DoS
Released:    2007-02-06

rPath has issued an update for postgresql and postgresql-server. This
fixes some vulnerabilities, which can be exploited by malicious users
to gain knowledge of potentially sensitive information and to cause a
DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/24042/

 --

[SA24033] PostgreSQL Denial of Service and Information Disclosure

Critical:    Less critical
Where:       From local network
Impact:      Exposure of sensitive information, DoS
Released:    2007-02-05

Some vulnerabilities have been reported in PostgreSQL, which can be
exploited by malicious users to gain knowledge of potentially sensitive
information and cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/24033/

 --

[SA24030] rPath update for samba and samba-swat

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2007-02-07

rPath has issued an update for samba and samba-swat. This fixes a
vulnerability, which can be exploited by malicious users to cause a DoS
(Denial of Service).

Full Advisory:
http://secunia.com/advisories/24030/

 --

[SA24028] Ubuntu update for postgresql

Critical:    Less critical
Where:       From local network
Impact:      Exposure of sensitive information, DoS
Released:    2007-02-06

Ubuntu has issued an update for postgresql. This fixes some
vulnerabilities, which can be exploited by malicious users to gain
knowledge of potentially sensitive information and cause a DoS (Denial
of Service).

Full Advisory:
http://secunia.com/advisories/24028/

 --

[SA24041] HP Tru64 Process Environment Disclosure Security Issue

Critical:    Less critical
Where:       Local system
Impact:      Exposure of sensitive information
Released:    2007-02-06

Andrea "bunker" Purificato has reported a security issue in HP Tru64,
which can be exploited by malicious, local users to gain knowledge of
potentially sensitive information.

Full Advisory:
http://secunia.com/advisories/24041/

 --

[SA24065] Ubuntu update for kdelibs

Critical:    Not critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-02-07

Ubuntu has issued an update for kdelibs. This fixes a weakness, which
can potentially be exploited by malicious people to conduct cross-site
scripting attacks.

Full Advisory:
http://secunia.com/advisories/24065/

 --

[SA24061] pam_ssh "allow_blank_passphrase" Bypass Security Issue

Critical:    Not critical
Where:       From remote
Impact:      Security Bypass
Released:    2007-02-08

A security issue has been reported in pam_ssh, which can be exploited
by malicious users to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/24061/

 --

[SA24059] Red Hat update for dbus

Critical:    Not critical
Where:       Local system
Impact:      DoS
Released:    2007-02-08

Red Hat has issued an update for dbus. This fixes a weakness, which can
be exploited by malicious, local users to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/24059/


Other:--

[SA24047] Avaya Products GnuPG Multiple Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-02-06

Avaya has acknowledged some vulnerabilities in various Avaya products,
which can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/24047/

 --

[SA24055] Avaya Products OpenSSH Privilege Separation Monitor Weakness

Critical:    Not critical
Where:       From remote
Impact:      Security Bypass
Released:    2007-02-05

Avaya has acknowledged a weakness in various Avaya products, which can
be exploited by malicious people to bypass certain security
restrictions.

Full Advisory:
http://secunia.com/advisories/24055/


Cross Platform:--

[SA24087] Trend Micro Products UPX Processing Buffer Overflow
Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-02-08

A vulnerability has been reported in Trend Micro products, which can be
exploited by malicious people to cause a DoS (Denial of Service) or
potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/24087/

 --

[SA24037] DreamStats "rootpath" File Inclusion Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-02-05

ThE dE@Th has discovered a vulnerability in DreamStats, which can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/24037/

 --

[SA24035] SMA-DB "pfad_z" File Inclusion Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-02-06

ThE dE@Th has reported a vulnerability in SMA-DB, which can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/24035/

 --

[SA24034] phpBB++ "phpbb_root_path" File Inclusion Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-02-05

xoron has reported a vulnerability in phpBB++, which can be exploited
by malicious people to compromise vulnerable systems.

Full Advisory:
http://secunia.com/advisories/24034/

 --

[SA24077] RARLabs UnRAR Password Prompt Buffer Overflow Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2007-02-08

A vulnerability has been reported in RARLabs UnRAR, which can be
exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/24077/

 --

[SA24071] FlashChat "info.php" Script Insertion Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-02-06

Some vulnerabilities have been reported in FlashChat, which can be
exploited by malicious people to conduct script insertion attacks.

Full Advisory:
http://secunia.com/advisories/24071/

 --

[SA24070] Jetty Predictable Session Identifier Security Issue

Critical:    Moderately critical
Where:       From remote
Impact:      Hijacking
Released:    2007-02-06

Chris Anley has reported a security issue in Jetty, which can be
exploited by malicious people to hijack user sessions.

Full Advisory:
http://secunia.com/advisories/24070/

 --

[SA24058] VirtueMart Unspecified SQL Injection and Cross-Site
Scripting

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data
Released:    2007-02-06

Omid has reported some vulnerabilities in VirtueMart, which can be
exploited by malicious people to conduct SQL injection attacks and
cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/24058/

 --

[SA24040] Simple Invoices "module/view" Local File Inclusion
Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of sensitive information
Released:    2007-02-05

A vulnerability has been reported in Simple Invoices, which can be
exploited by malicious people to disclose sensitive information.

Full Advisory:
http://secunia.com/advisories/24040/

 --

[SA24038] EQdkp Backup Referer Security Bypass

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Manipulation of data, Exposure of
sensitive information
Released:    2007-02-06

Eight10 has discovered a vulnerability in EQdkp, which can be exploited
by malicious people to bypass certain security restrictions, disclose
sensitive information and manipulate data.

Full Advisory:
http://secunia.com/advisories/24038/

 --

[SA24029] Photo Galerie Script "id" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-02-05

ajann has discovered a vulnerability in Photo Galerie Script, which can
be exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/24029/

 --

[SA24096] MoinMoin Script Insertion Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-02-08

Some vulnerabilities have been reported in MoinMoin, which can be
exploited by malicious users to conduct script insertion attacks.

Full Advisory:
http://secunia.com/advisories/24096/

 --

[SA24085] vBulletin "Attachment Manager" Cross-Site Scripting

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-02-08

Doz has reported a vulnerability in vBulletin, which can be exploited
by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/24085/

 --

[SA24062] HLstats Search Class Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-02-06

A vulnerability has been reported in HLstats, which can be exploited by
malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/24062/

 --

[SA24044] Mambo Unspecified Content Edit Cancel SQL Injection

Critical:    Less critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-02-05

Omid has reported a vulnerability in Mambo, which can be exploited by
malicious users to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/24044/

 --

[SA24039] MediaWiki Sortable Tables Script Insertion Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-02-05

A vulnerability has been reported in MediaWiki, which can be exploited
by malicious users to conduct script insertion attacks.

Full Advisory:
http://secunia.com/advisories/24039/

 --

[SA24027] Woltlab Burning Board Lite "pmid[0]" SQL Injection

Critical:    Less critical
Where:       From remote
Impact:      Manipulation of data, Exposure of sensitive information
Released:    2007-02-06

rgod has discovered a vulnerability in Woltlab Burning Board Lite,
which can be exploited by malicious users to conduct SQL injection
attacks.

Full Advisory:
http://secunia.com/advisories/24027/

 --

[SA24026] zenphoto Directory Listing Disclosure Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Exposure of system information
Released:    2007-02-02

nicosomb has reported a vulnerability in zenphoto, which can be
exploited by malicious people to disclose system information.

Full Advisory:
http://secunia.com/advisories/24026/

 --

[SA24024] STLport Buffer Overflow Weaknesses

Critical:    Less critical
Where:       From remote
Impact:      Unknown
Released:    2007-02-06

Two weaknesses with unknown impact have been reported in STLport.

Full Advisory:
http://secunia.com/advisories/24024/

 --

[SA24056] Avaya CMS / IR Sun Solaris rpcbind Denial of Service

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2007-02-05

Avaya has acknowledged a vulnerability in Avaya CMS / IR, which can be
exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/24056/



========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Subscribe:
http://secunia.com/secunia_weekly_summary/

Contact details:
Web	: http://secunia.com/
E-mail	: support@private
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45


______________________________________
Subscribe to the InfoSec News RSS Feed
http://www.infosecnews.org/isn.rss



This archive was generated by hypermail 2.1.3 : Thu Feb 08 2007 - 22:20:08 PST