======================================================================== The Secunia Weekly Advisory Summary 2007-02-01 - 2007-02-08 This week: 62 advisories ======================================================================== Table of Contents: 1.....................................................Word From Secunia 2....................................................This Week In Brief 3...............................This Weeks Top Ten Most Read Advisories 4.......................................Vulnerabilities Summary Listing 5.......................................Vulnerabilities Content Listing ======================================================================== 1) Word From Secunia: New Secunia blog entry about the "availability" of the latest Apple QuickTime security update. The update is ready, yet users are still only able to download the vulnerable version from Apple.com - without any indication or guidance about why or how to secure it: http://secunia.com/blog/7/ Exploitation appears to be straight forward and the QuickTime player is installed on more than 50% of all computers! Use the Secunia Software Inspector for verification and real guidance on how to secure your QuickTime player: http://secunia.com/software_Inspector/ -- Should you be interesting a career within Secunia, the current job openings are available right now: Security Sales Engineer: http://corporate.secunia.com/about_secunia/54/ German Key Account Manager: http://corporate.secunia.com/about_secunia/55/ International Account Manager - Enterprise Sales: http://corporate.secunia.com/about_secunia/52/ International Sales Manager - IT Security Partner: http://corporate.secunia.com/about_secunia/51/ Danish: Disassembling og Reversing http://secunia.com/Disassembling_og_Reversing/ ======================================================================== 2) This Week in Brief: A new vulnerability in Microsoft Office has reportedly been exploited, making it the second time this year that a Microsoft product has been used in a zero-day attack. The new vulnerability is reportedly due to the way that Office applications handle strings, and can be exploited to cause memory corruption. The attack was reported to use Microsoft Excel, but other Office applications may also be affected. An in-the-wild malware is available. The vulnerability is currently unpatched, and Microsoft has not yet issued an estimated time of patch availability. Users are advised not to open untrusted Office documents, such as Word documents, Excel spreadsheets, and Powerpoint presentations. Due to the availability of a malware exploiting this vulnerability, Secunia has rated its advisory as "Extremely Critical", the highest criticality of all advisories. For more information, refer to the following: http://secunia.com/advisories/24008/ -- Four vulnerabilities were reported in Samba this week, which could allow system access, or cause a denial of service (DoS). Under certain conditions, smbd fails to remove requests from the deferred file open queue. This can be exploited to cause a DoS due to heavy resource usage when renaming a file under special circumstances triggers an infinite loop. Samba uses filenames as format string parameter in a call to "sprintf()" when setting Windows NT Access Control Lists using the afsacl.so VFS plugin. This can potentially be exploited to execute arbitrary code, given that an AFS file system is shared to CIFS clients using the afsacl.so VFS module and that the attacker has write access to the share. Two vulnerabilities caused due to boundary errors within the "gethostbyname()" and "getipnodebyname()" functions in the "nss_winbind.so.1" library can be exploited to cause a buffer overflow via an overly large string passed to the NSS interface. Successful exploitation may allow execution of arbitrary code, but requires that the winbindd daemon is running and configured to use the "nss_winbind.so.1" library. Due to the potential impact of allowing an attacker to execute arbitrary code, Secunia has rated these advisories as "Moderately Critical". Samba has released a security update to address these issues. For more information, refer to: http://secunia.com/advisories/24046/ http://secunia.com/advisories/24043/ -- Multiple denial of service (DoS) vulnerabilities were reported in Wireshark this week by the vendor. Errors within the TCP, HTTP, IEEE 802.11, and LLT parsers can be exploited to cause a crash or consume large amounts of memory when parsing a specially crafted packet that is either captured off the wire or loaded via a capture file. Secunia has tagged these vulnerabilities as "Moderately critical". Wireshark has released a security update to address these issues. For more information, refer to: http://secunia.com/advisories/24016/ -- VIRUS ALERTS: During the past week Secunia collected 176 virus descriptions from the Antivirus vendors. However, none were deemed MEDIUM risk or higher according to the Secunia assessment scale. ======================================================================== 3) This Weeks Top Ten Most Read Advisories: 1. [SA24008] Microsoft Office Unspecified String Handling Vulnerability 2. [SA23950] Microsoft Word Unspecified String Handling Memory Corruption 3. [SA18787] Internet Explorer Drag-and-Drop Vulnerability 4. [SA23666] Adobe Reader Unspecified Heap Corruption Vulnerability 5. [SA23996] Solaris 10 Loopback FileSystem Security Bypass 6. [SA24009] CA BrightStor ARCserve Backup RPC Server Denial of Service 7. [SA23994] GOM Player ASX Playlist Buffer Overflow 8. [SA23995] IBM AIX Various R Commands Privilege Escalation Vulnerability 9. [SA23988] Debian update for mozilla-firefox 10. [SA24016] Wireshark Multiple Denial of Service Vulnerabilities ======================================================================== 4) Vulnerabilities Summary Listing Windows: [SA24063] Alipay PTA Module ActiveX Control Code Execution Vulnerability [SA24051] SmartFTP Banner Handling Buffer Overflow Vulnerability [SA24049] Blue Coat WinProxy CONNECT Buffer Overflow Vulnerability [SA24031] Bugzilla Cross-Site Scripting Vulnerability [SA24064] FreeProxy "Host" Header Denial of Service Vulnerability [SA24069] Trend Micro Products IOCTL Handler Privilege Escalation [SA24068] avast! Server Edition Password Setting Security Issue [SA24045] X-Kryptor Secure Client Privilege Escalation Vulnerability UNIX/Linux: [SA24099] Red Hat update for java-1.4.2-ibm [SA24092] Webmatic Two File Inclusion Vulnerabilities [SA24078] Debian update for mozilla-thunderbird [SA24074] Maian Recipe "path_to_folder" File Inclusion Vulnerability [SA24102] SysCP Execution of Arbitrary Commands [SA24100] Mandriva update for kernel [SA24084] Fedora update for wireshark [SA24072] ACGVannu "index2.php" Security Bypass [SA24032] dB Masters' Curium CMS "c_id" SQL Injection [SA24025] rPath update for wireshark and tshark [SA24067] Ubuntu update for samba [SA24060] Debian update for samba [SA24046] Samba Denial of Service and Format String Vulnerability [SA24043] Samba Winbind Library Buffer Overflow Vulnerabilities [SA24095] Mandriva update for gtk+2.0 [SA24083] Red Hat update for bind [SA24054] Trustix update for bind and ed [SA24053] Mandriva update for gd [SA24052] Mandriva update for libwmf [SA24048] Ubuntu update for bind [SA24101] Slackware update for samba [SA24094] Red Hat update for postgresql [SA24057] Fedora update for postgresql [SA24050] Mandriva update for postregsql [SA24042] rPath update for postgresql and postgresql-server [SA24033] PostgreSQL Denial of Service and Information Disclosure [SA24030] rPath update for samba and samba-swat [SA24028] Ubuntu update for postgresql [SA24041] HP Tru64 Process Environment Disclosure Security Issue [SA24065] Ubuntu update for kdelibs [SA24061] pam_ssh "allow_blank_passphrase" Bypass Security Issue [SA24059] Red Hat update for dbus Other: [SA24047] Avaya Products GnuPG Multiple Vulnerabilities [SA24055] Avaya Products OpenSSH Privilege Separation Monitor Weakness Cross Platform: [SA24087] Trend Micro Products UPX Processing Buffer Overflow Vulnerability [SA24037] DreamStats "rootpath" File Inclusion Vulnerability [SA24035] SMA-DB "pfad_z" File Inclusion Vulnerability [SA24034] phpBB++ "phpbb_root_path" File Inclusion Vulnerability [SA24077] RARLabs UnRAR Password Prompt Buffer Overflow Vulnerability [SA24071] FlashChat "info.php" Script Insertion Vulnerabilities [SA24070] Jetty Predictable Session Identifier Security Issue [SA24058] VirtueMart Unspecified SQL Injection and Cross-Site Scripting [SA24040] Simple Invoices "module/view" Local File Inclusion Vulnerability [SA24038] EQdkp Backup Referer Security Bypass [SA24029] Photo Galerie Script "id" SQL Injection Vulnerability [SA24096] MoinMoin Script Insertion Vulnerabilities [SA24085] vBulletin "Attachment Manager" Cross-Site Scripting [SA24062] HLstats Search Class Cross-Site Scripting Vulnerability [SA24044] Mambo Unspecified Content Edit Cancel SQL Injection [SA24039] MediaWiki Sortable Tables Script Insertion Vulnerability [SA24027] Woltlab Burning Board Lite "pmid[0]" SQL Injection [SA24026] zenphoto Directory Listing Disclosure Vulnerability [SA24024] STLport Buffer Overflow Weaknesses [SA24056] Avaya CMS / IR Sun Solaris rpcbind Denial of Service ======================================================================== 5) Vulnerabilities Content Listing Windows:-- [SA24063] Alipay PTA Module ActiveX Control Code Execution Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2007-02-08 cocoruder has discovered a vulnerability in Alipay PTA Module ActiveX Control, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/24063/ -- [SA24051] SmartFTP Banner Handling Buffer Overflow Vulnerability Critical: Moderately critical Where: From remote Impact: System access Released: 2007-02-05 Marsu Pilami has discovered a vulnerability in SmartFTP, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/24051/ -- [SA24049] Blue Coat WinProxy CONNECT Buffer Overflow Vulnerability Critical: Moderately critical Where: From local network Impact: DoS, System access Released: 2007-02-06 Manuel Santamarina Suarez has reported a vulnerability in Blue Coat WinProxy, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/24049/ -- [SA24031] Bugzilla Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-02-05 A vulnerability has been reported in Bugzilla, which can be exploited by malicious users to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/24031/ -- [SA24064] FreeProxy "Host" Header Denial of Service Vulnerability Critical: Less critical Where: From local network Impact: DoS Released: 2007-02-08 Tim Brown has reported a vulnerability in FreeProxy, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/24064/ -- [SA24069] Trend Micro Products IOCTL Handler Privilege Escalation Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2007-02-08 A vulnerability has been reported in various Trend Micro products, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/24069/ -- [SA24068] avast! Server Edition Password Setting Security Issue Critical: Less critical Where: Local system Impact: Security Bypass Released: 2007-02-06 A security issue has been reported in avast! Server Edition, which can be exploited by malicious, local users to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/24068/ -- [SA24045] X-Kryptor Secure Client Privilege Escalation Vulnerability Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2007-02-06 A vulnerability has been reported in X-Kryptor Secure Client, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/24045/ UNIX/Linux:-- [SA24099] Red Hat update for java-1.4.2-ibm Critical: Highly critical Where: From remote Impact: Security Bypass, Privilege escalation, System access Released: 2007-02-08 Red Hat has issued an update for java-1.4.2-ibm. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system. Full Advisory: http://secunia.com/advisories/24099/ -- [SA24092] Webmatic Two File Inclusion Vulnerabilities Critical: Highly critical Where: From remote Impact: System access Released: 2007-02-08 MadNet has discovered two vulnerabilities in Webmatic, which can be exploited by malicious people to compromise vulnerable systems. Full Advisory: http://secunia.com/advisories/24092/ -- [SA24078] Debian update for mozilla-thunderbird Critical: Highly critical Where: From remote Impact: Cross Site Scripting, DoS, System access Released: 2007-02-07 Debian has issued an update for mozilla-thunderbird. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks and potentially compromise a user's system. Full Advisory: http://secunia.com/advisories/24078/ -- [SA24074] Maian Recipe "path_to_folder" File Inclusion Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2007-02-08 Denven has discovered a vulnerability in Maian Recipe, which can be exploited by malicious people to compromise vulnerable systems. Full Advisory: http://secunia.com/advisories/24074/ -- [SA24102] SysCP Execution of Arbitrary Commands Critical: Moderately critical Where: From remote Impact: System access Released: 2007-02-08 A vulnerability and a weakness have been reported in SysCP, which can be exploited by malicious users to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/24102/ -- [SA24100] Mandriva update for kernel Critical: Moderately critical Where: From remote Impact: Unknown, Privilege escalation, DoS Released: 2007-02-08 Mandriva has issued an update for the kernel. This fixes a security issue with unknown impact and some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or potentially gain escalated privileges. Full Advisory: http://secunia.com/advisories/24100/ -- [SA24084] Fedora update for wireshark Critical: Moderately critical Where: From remote Impact: DoS Released: 2007-02-07 Fedora has issued an update for wireshark. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/24084/ -- [SA24072] ACGVannu "index2.php" Security Bypass Critical: Moderately critical Where: From remote Impact: Security Bypass, Manipulation of data Released: 2007-02-06 ajann has discovered a vulnerability in ACGVannu, which can be exploited by malicious people to bypass certain security restrictions and manipulate data. Full Advisory: http://secunia.com/advisories/24072/ -- [SA24032] dB Masters' Curium CMS "c_id" SQL Injection Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2007-02-06 ajann has reported a vulnerability in dB Masters' Curium CMS, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/24032/ -- [SA24025] rPath update for wireshark and tshark Critical: Moderately critical Where: From remote Impact: DoS Released: 2007-02-05 rPath has issued an update for wireshark and tshark. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/24025/ -- [SA24067] Ubuntu update for samba Critical: Moderately critical Where: From local network Impact: DoS, System access Released: 2007-02-07 Ubuntu has issued an update for samba. This fixes some vulnerabilities, which can be exploited by malicious users to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/24067/ -- [SA24060] Debian update for samba Critical: Moderately critical Where: From local network Impact: DoS, System access Released: 2007-02-06 Debian has issued an update for samba. This fixes some vulnerabilities, which can be exploited by malicious users to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/24060/ -- [SA24046] Samba Denial of Service and Format String Vulnerability Critical: Moderately critical Where: From local network Impact: DoS, System access Released: 2007-02-06 Some vulnerabilities have been reported in Samba, which can be exploited by malicious users to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/24046/ -- [SA24043] Samba Winbind Library Buffer Overflow Vulnerabilities Critical: Moderately critical Where: From local network Impact: System access Released: 2007-02-06 Two vulnerabilities have been reported in Samba, which potentially can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/24043/ -- [SA24095] Mandriva update for gtk+2.0 Critical: Less critical Where: From remote Impact: DoS Released: 2007-02-08 Mandriva has issued an update for gtk+2.0. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/24095/ -- [SA24083] Red Hat update for bind Critical: Less critical Where: From remote Impact: DoS Released: 2007-02-07 Red Hat has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/24083/ -- [SA24054] Trustix update for bind and ed Critical: Less critical Where: From remote Impact: Privilege escalation, DoS Released: 2007-02-05 Trustix has issued an update for bind and ed. This fixes some vulnerabilities, which can be exploited by malicious, local users to perform certain actions with escalated privileges and by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/24054/ -- [SA24053] Mandriva update for gd Critical: Less critical Where: From remote Impact: DoS Released: 2007-02-07 Mandriva has issued an update for gd. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/24053/ -- [SA24052] Mandriva update for libwmf Critical: Less critical Where: From remote Impact: DoS Released: 2007-02-07 Mandriva has issued an update for libwmf. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/24052/ -- [SA24048] Ubuntu update for bind Critical: Less critical Where: From remote Impact: DoS Released: 2007-02-06 Ubuntu has issued an update for bind. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/24048/ -- [SA24101] Slackware update for samba Critical: Less critical Where: From local network Impact: DoS Released: 2007-02-08 Slackware has issued an update for samba. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/24101/ -- [SA24094] Red Hat update for postgresql Critical: Less critical Where: From local network Impact: Exposure of sensitive information, DoS Released: 2007-02-08 Red Hat has issued an update for postgresql. This fixes some vulnerabilities, which can be exploited by malicious users to gain knowledge of potentially sensitive information and cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/24094/ -- [SA24057] Fedora update for postgresql Critical: Less critical Where: From local network Impact: Exposure of sensitive information, DoS Released: 2007-02-06 Fedora has issued an update for postgresql. This fixes some vulnerabilities, which can be exploited by malicious people to gain knowledge of potentially sensitive information or cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/24057/ -- [SA24050] Mandriva update for postregsql Critical: Less critical Where: From local network Impact: Exposure of sensitive information, DoS Released: 2007-02-07 Mandriva has issued an update for postgresql. This fixes some vulnerabilities, which can be exploited by malicious people to gain knowledge of potentially sensitive information or cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/24050/ -- [SA24042] rPath update for postgresql and postgresql-server Critical: Less critical Where: From local network Impact: Exposure of sensitive information, DoS Released: 2007-02-06 rPath has issued an update for postgresql and postgresql-server. This fixes some vulnerabilities, which can be exploited by malicious users to gain knowledge of potentially sensitive information and to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/24042/ -- [SA24033] PostgreSQL Denial of Service and Information Disclosure Critical: Less critical Where: From local network Impact: Exposure of sensitive information, DoS Released: 2007-02-05 Some vulnerabilities have been reported in PostgreSQL, which can be exploited by malicious users to gain knowledge of potentially sensitive information and cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/24033/ -- [SA24030] rPath update for samba and samba-swat Critical: Less critical Where: From local network Impact: DoS Released: 2007-02-07 rPath has issued an update for samba and samba-swat. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/24030/ -- [SA24028] Ubuntu update for postgresql Critical: Less critical Where: From local network Impact: Exposure of sensitive information, DoS Released: 2007-02-06 Ubuntu has issued an update for postgresql. This fixes some vulnerabilities, which can be exploited by malicious users to gain knowledge of potentially sensitive information and cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/24028/ -- [SA24041] HP Tru64 Process Environment Disclosure Security Issue Critical: Less critical Where: Local system Impact: Exposure of sensitive information Released: 2007-02-06 Andrea "bunker" Purificato has reported a security issue in HP Tru64, which can be exploited by malicious, local users to gain knowledge of potentially sensitive information. Full Advisory: http://secunia.com/advisories/24041/ -- [SA24065] Ubuntu update for kdelibs Critical: Not critical Where: From remote Impact: Cross Site Scripting Released: 2007-02-07 Ubuntu has issued an update for kdelibs. This fixes a weakness, which can potentially be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/24065/ -- [SA24061] pam_ssh "allow_blank_passphrase" Bypass Security Issue Critical: Not critical Where: From remote Impact: Security Bypass Released: 2007-02-08 A security issue has been reported in pam_ssh, which can be exploited by malicious users to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/24061/ -- [SA24059] Red Hat update for dbus Critical: Not critical Where: Local system Impact: DoS Released: 2007-02-08 Red Hat has issued an update for dbus. This fixes a weakness, which can be exploited by malicious, local users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/24059/ Other:-- [SA24047] Avaya Products GnuPG Multiple Vulnerabilities Critical: Highly critical Where: From remote Impact: System access Released: 2007-02-06 Avaya has acknowledged some vulnerabilities in various Avaya products, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/24047/ -- [SA24055] Avaya Products OpenSSH Privilege Separation Monitor Weakness Critical: Not critical Where: From remote Impact: Security Bypass Released: 2007-02-05 Avaya has acknowledged a weakness in various Avaya products, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/24055/ Cross Platform:-- [SA24087] Trend Micro Products UPX Processing Buffer Overflow Vulnerability Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2007-02-08 A vulnerability has been reported in Trend Micro products, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/24087/ -- [SA24037] DreamStats "rootpath" File Inclusion Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2007-02-05 ThE dE@Th has discovered a vulnerability in DreamStats, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/24037/ -- [SA24035] SMA-DB "pfad_z" File Inclusion Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2007-02-06 ThE dE@Th has reported a vulnerability in SMA-DB, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/24035/ -- [SA24034] phpBB++ "phpbb_root_path" File Inclusion Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2007-02-05 xoron has reported a vulnerability in phpBB++, which can be exploited by malicious people to compromise vulnerable systems. Full Advisory: http://secunia.com/advisories/24034/ -- [SA24077] RARLabs UnRAR Password Prompt Buffer Overflow Vulnerability Critical: Moderately critical Where: From remote Impact: System access Released: 2007-02-08 A vulnerability has been reported in RARLabs UnRAR, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/24077/ -- [SA24071] FlashChat "info.php" Script Insertion Vulnerabilities Critical: Moderately critical Where: From remote Impact: Cross Site Scripting Released: 2007-02-06 Some vulnerabilities have been reported in FlashChat, which can be exploited by malicious people to conduct script insertion attacks. Full Advisory: http://secunia.com/advisories/24071/ -- [SA24070] Jetty Predictable Session Identifier Security Issue Critical: Moderately critical Where: From remote Impact: Hijacking Released: 2007-02-06 Chris Anley has reported a security issue in Jetty, which can be exploited by malicious people to hijack user sessions. Full Advisory: http://secunia.com/advisories/24070/ -- [SA24058] VirtueMart Unspecified SQL Injection and Cross-Site Scripting Critical: Moderately critical Where: From remote Impact: Cross Site Scripting, Manipulation of data Released: 2007-02-06 Omid has reported some vulnerabilities in VirtueMart, which can be exploited by malicious people to conduct SQL injection attacks and cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/24058/ -- [SA24040] Simple Invoices "module/view" Local File Inclusion Vulnerability Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information Released: 2007-02-05 A vulnerability has been reported in Simple Invoices, which can be exploited by malicious people to disclose sensitive information. Full Advisory: http://secunia.com/advisories/24040/ -- [SA24038] EQdkp Backup Referer Security Bypass Critical: Moderately critical Where: From remote Impact: Security Bypass, Manipulation of data, Exposure of sensitive information Released: 2007-02-06 Eight10 has discovered a vulnerability in EQdkp, which can be exploited by malicious people to bypass certain security restrictions, disclose sensitive information and manipulate data. Full Advisory: http://secunia.com/advisories/24038/ -- [SA24029] Photo Galerie Script "id" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2007-02-05 ajann has discovered a vulnerability in Photo Galerie Script, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/24029/ -- [SA24096] MoinMoin Script Insertion Vulnerabilities Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-02-08 Some vulnerabilities have been reported in MoinMoin, which can be exploited by malicious users to conduct script insertion attacks. Full Advisory: http://secunia.com/advisories/24096/ -- [SA24085] vBulletin "Attachment Manager" Cross-Site Scripting Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-02-08 Doz has reported a vulnerability in vBulletin, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/24085/ -- [SA24062] HLstats Search Class Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-02-06 A vulnerability has been reported in HLstats, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/24062/ -- [SA24044] Mambo Unspecified Content Edit Cancel SQL Injection Critical: Less critical Where: From remote Impact: Manipulation of data Released: 2007-02-05 Omid has reported a vulnerability in Mambo, which can be exploited by malicious users to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/24044/ -- [SA24039] MediaWiki Sortable Tables Script Insertion Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-02-05 A vulnerability has been reported in MediaWiki, which can be exploited by malicious users to conduct script insertion attacks. Full Advisory: http://secunia.com/advisories/24039/ -- [SA24027] Woltlab Burning Board Lite "pmid[0]" SQL Injection Critical: Less critical Where: From remote Impact: Manipulation of data, Exposure of sensitive information Released: 2007-02-06 rgod has discovered a vulnerability in Woltlab Burning Board Lite, which can be exploited by malicious users to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/24027/ -- [SA24026] zenphoto Directory Listing Disclosure Vulnerability Critical: Less critical Where: From remote Impact: Exposure of system information Released: 2007-02-02 nicosomb has reported a vulnerability in zenphoto, which can be exploited by malicious people to disclose system information. Full Advisory: http://secunia.com/advisories/24026/ -- [SA24024] STLport Buffer Overflow Weaknesses Critical: Less critical Where: From remote Impact: Unknown Released: 2007-02-06 Two weaknesses with unknown impact have been reported in STLport. Full Advisory: http://secunia.com/advisories/24024/ -- [SA24056] Avaya CMS / IR Sun Solaris rpcbind Denial of Service Critical: Less critical Where: From local network Impact: DoS Released: 2007-02-05 Avaya has acknowledged a vulnerability in Avaya CMS / IR, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/24056/ ======================================================================== Secunia recommends that you verify all advisories you receive, by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Subscribe: http://secunia.com/secunia_weekly_summary/ Contact details: Web : http://secunia.com/ E-mail : support@private Tel : +45 70 20 51 44 Fax : +45 70 20 51 45 ______________________________________ Subscribe to the InfoSec News RSS Feed http://www.infosecnews.org/isn.rss
This archive was generated by hypermail 2.1.3 : Thu Feb 08 2007 - 22:20:08 PST