[ISN] Secunia Weekly Summary - Issue: 2007-10

From: InfoSec News (alerts@private)
Date: Fri Mar 09 2007 - 00:04:00 PST


========================================================================

                  The Secunia Weekly Advisory Summary                  
                        2007-03-01 - 2007-03-08                        

                       This week: 81 advisories                        

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing

========================================================================
1) Word From Secunia:

Should you be interested in a career within Secunia, the current job
openings are available right now:

Security Sales Engineer:
http://corporate.secunia.com/about_secunia/54/

German Key Account Manager:
http://corporate.secunia.com/about_secunia/55/

International Account Manager - Enterprise Sales:
http://corporate.secunia.com/about_secunia/52/

International Sales Manager - IT Security Partner:
http://corporate.secunia.com/about_secunia/51/

Danish: Disassembling og Reversing
http://secunia.com/Disassembling_og_Reversing/

========================================================================
2) This Week in Brief:

Some vulnerabilities have been reported in Apple QuickTime, which
potentially can be exploited by malicious people to compromise a
user's system.

Secunia has constructed the Secunia Software Inspector, which you can
use to check if your system is vulnerable:
http://secunia.com/software_inspector/

The vendor has issued new versions correcting these vulnerabilities.

Reference:
http://secunia.com/advisories/24359/

 --

A vulnerability has been reported in Kaspersky's Anti-Virus engine,
which can be exploited by malicious people to cause a DoS (Denial of
Service)

The fix has reportedly been available via automatic updates since
February 7, 2007.

Reference:
http://secunia.com/advisories/24391/

 --

VIRUS ALERTS:

During the past week Secunia collected 189 virus descriptions from the
Antivirus vendors. However, none were deemed MEDIUM risk or higher
according to the Secunia assessment scale.

========================================================================
3) This Weeks Top Ten Most Read Advisories:

1.  [SA24205] Mozilla Firefox Multiple Vulnerabilities
2.  [SA24350] Citrix Presentation Server Client Unspecified Code
              Execution
3.  [SA24359] Apple QuickTime Multiple Vulnerabilities
4.  [SA23014] Internet Explorer "onunload" Event Spoofing
              Vulnerability
5.  [SA24344] Cisco Products NAM SNMP Spoofing Vulnerability
6.  [SA24341] vBulletin "postids" SQL Injection Vulnerability
7.  [SA24371] Symantec Mail Security for SMTP Unspecified Message
              Handling Vulnerability
8.  [SA24318] tcpdump 802.11 "parse_elements()" Off-By-One
              Vulnerability
9.  [SA18787] Internet Explorer Drag-and-Drop Vulnerability
10. [SA24369] Novell Access Manager SSLVPN Server "policy.txt"
              Security Bypass

========================================================================
4) Vulnerabilities Summary Listing

Windows:
[SA24445] Novell Netmail WebAdmin Long Username Buffer Overflow
[SA24422] Ipswitch IMail Server/Collaboration Suite IMAILAPI.DLL
ActiveX Control Buffer Overflows
[SA24371] Symantec Mail Security for SMTP Unspecified Message Handling
Vulnerability
[SA24367] Mercury Mail Transport System IMAP Data Handling Buffer
Overflow
[SA24368] ANGEL Learning Management Suite "id" SQL Injection
[SA24361] MailEnable IMAP Service "APPEND" Buffer Overflow
[SA24358] Snitz Forums 2000 "MSN" Script Insertion Vulnerability
[SA24408] Adobe Reader and Acrobat PDF "file://" URL Handling Security
Issue

UNIX/Linux:
[SA24457] Slackware update for seamonkey
[SA24456] Slackware update for mozilla-thunderbird
[SA24455] Slackware update for mozilla-firefox
[SA24433] Flat Chat "Chat Name" PHP Code Execution
[SA24410] Ubuntu update for thunderbird
[SA24406] Fedora update for thunderbird
[SA24395] Red Hat update for thunderbird
[SA24393] Gentoo update for mozilla-firefox and mozilla-firefox-bin
[SA24389] Mandriva update for thunderbird
[SA24384] SUSE update for MozillaFirefox and seamonkey
[SA24458] Slackware update for imagemagick
[SA24438] Slackware update for gnupg
[SA24435] HP-UX update for GZIP
[SA24431] SILC Server Invalid hmac/cipher Denial of Service
[SA24425] Debian update for clamav
[SA24421] Debian update for php4
[SA24420] Ubuntu update for gnupg
[SA24417] GNUMail "--status-fd" Incorrect GnuPG Usage
[SA24415] Mutt "--status-fd" Incorrect GnuPG Usage
[SA24414] Sylpheed "--status-fd" Incorrect GnuPG Usage
[SA24413] KMail "--status-fd" Incorrect GnuPG Usage
[SA24412] Evolution "--status-fd" Incorrect GnuPG Usage
[SA24382] Rigter Portal System "categoria" SQL Injection
[SA24380] Asterisk SIP Message Handling Denial of Service
[SA24379] Debian update for gnomemeeting and ekiga
[SA24365] Red Hat update for gnupg
[SA24369] Novell Access Manager SSLVPN Server "policy.txt" Security
Bypass
[SA24428] Gentoo update for stlport
[SA24424] Ubuntu update for modpython
[SA24423] Ubuntu update for tcpdump
[SA24418] rPath update for mod_python
[SA24400] Fedora update for kernel
[SA24429] rPath update for kernel
[SA24401] Slackware update for x11
[SA24442] rPath update for kdelibs
[SA24436] Linux Kernel Omnikey CardMan 4040 Driver Buffer Overflow
[SA24381] PuTTY "puttygen" Insecure File Permissions

Other:
[SA24432] Avaya Products PHP Multiple Vulnerabilities
[SA24397] Avaya Communications Manager Cross-Site Scripting
Vulnerability
[SA24388] SnapGear Packet Handling Denial of Service
[SA24434] Avaya Products Unspecified Shell Command Injection
[SA24447] Sun Fire X2100 / X2200 "ipmitool" Privilege Escalation
Vulnerability

Cross Platform:
[SA24403] WebCalendar "noSet" Variable Overwrite Vulnerability
[SA24398] Apache Tomcat JK Web Server Connector Long URL Buffer
Overflow
[SA24394] Mani Stats Reader "ipath" File Inclusion Vulnerability
[SA24374] WordPress Command Execution and PHP "eval()" Injection
[SA24359] Apple QuickTime Multiple Vulnerabilities
[SA24357] Netrek Vanilla Server EVENTLOG Format String Vulnerability
[SA24416] Enigmail "--status-fd" Incorrect GnuPG Usage
[SA24411] Sava's GuestBook Script Insertion and SQL Injection
[SA24402] Simple Invoices PDF Print Preview Security Bypass
[SA24392] HyperBook Guestbook "data/gbconfiguration.dat" Information
Disclosure
[SA24391] Kaspersky Anti-Virus Engine UPX Processing Denial of Service
[SA24383] Ezstream Buffer Overflow Vulnerabilities
[SA24378] AJ Forum "td_id" SQL Injection Vulnerability
[SA24376] AJDating "user_id" SQL Injection Vulnerability
[SA24375] AJ Auction Pro "cate_id" SQL Injection Vulnerability
[SA24370] Conquest "metaGetServerList()" and "processPacket()"
Vulnerabilities
[SA24366] SQL-Ledger Directory Traversal Vulnerability
[SA24363] LedgerSMB Multiple Vulnerabilities
[SA24362] EMC NetWorker Management Console Weak Authentication
[SA24430] WordPress "demo" Cross-Site Scripting Vulnerability
[SA24404] Woltlab Burning Board Lite register.php Cross-Site Scripting
[SA24399] VirtueMart Multiple Cross-Site Scripting Vulnerabilities
[SA24396] Phorum "admin.php" Cross-Site Scripting Vulnerability
[SA24386] Woltlab Burning Board register.php Cross-Site Scripting
[SA24385] Tyger Bug Tracking System Multiple Vulnerabilities
[SA24373] ModSecurity POST Data NULL Byte Rule Bypass
[SA24372] Drupal Nodefamily Module Profile Security Bypass
[SA24364] Contelligent "MoveSortedContentAction" Security Bypass
[SA24387] IBM DB2 Fenced UserID Directory Access Authentication Bypass
[SA24405] Avaya CMS / IR Sun Solaris rm Race Condition Vulnerability
[SA24356] PHP4 ZVAL Reference Counter Overflow and Cross-Site
Scripting

========================================================================
5) Vulnerabilities Content Listing

Windows:--

[SA24445] Novell Netmail WebAdmin Long Username Buffer Overflow

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-03-08

A vulnerability has been reported in Novell Netmail, which can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/24445/

 --

[SA24422] Ipswitch IMail Server/Collaboration Suite IMAILAPI.DLL
ActiveX Control Buffer Overflows

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-03-07

Some vulnerabilities have been reported in Ipswitch IMail
Server/Collaboration Suite, which can be exploited by malicious people
to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/24422/

 --

[SA24371] Symantec Mail Security for SMTP Unspecified Message Handling
Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-03-02

A vulnerability has been reported in Symantec Mail Security for SMTP,
which can be exploited by malicious people to cause a DoS (Denial of
Service) and potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/24371/

 --

[SA24367] Mercury Mail Transport System IMAP Data Handling Buffer
Overflow

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-03-07

mu-b has discovered a vulnerability in Mercury Mail Transport System,
which can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/24367/

 --

[SA24368] ANGEL Learning Management Suite "id" SQL Injection

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-03-05

Craig Heffner has reported a vulnerability in ANGEL Learning Management
Suite, which can be exploited by malicious people to conduct SQL
injection attacks.

Full Advisory:
http://secunia.com/advisories/24368/

 --

[SA24361] MailEnable IMAP Service "APPEND" Buffer Overflow

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-03-05

mu-b has discovered a vulnerability in MailEnable, which can be
exploited by malicious users to cause a DoS (Denial of Service) or to
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/24361/

 --

[SA24358] Snitz Forums 2000 "MSN" Script Insertion Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-03-07

Stefano Angaran has discovered a vulnerability in Snitz Forums 2000,
which can be exploited by malicious users to conduct script insertion
attacks.

Full Advisory:
http://secunia.com/advisories/24358/

 --

[SA24408] Adobe Reader and Acrobat PDF "file://" URL Handling Security
Issue

Critical:    Less critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information
Released:    2007-03-06

pdp has discovered a security issue in Adobe Reader and Adobe Acrobat,
which can be exploited by malicious people to disclose sensitive
information.

Full Advisory:
http://secunia.com/advisories/24408/


UNIX/Linux:--

[SA24457] Slackware update for seamonkey

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, Spoofing, Exposure
of sensitive information, System access
Released:    2007-03-08

Slackware has issued an update for seamonkey. This fixes some
vulnerabilities, which can be exploited by malicious people to bypass
certain security restrictions, conduct cross-site scripting and
spoofing attacks, gain knowledge of sensitive information, and
potentially compromise a user's system.

Full Advisory:
http://secunia.com/advisories/24457/

 --

[SA24456] Slackware update for mozilla-thunderbird

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-03-08

Slackware has issued an update for mozilla-thunderbird. This fixes some
vulnerabilities, which can be exploited by malicious people to
compromise a user's system.

Full Advisory:
http://secunia.com/advisories/24456/

 --

[SA24455] Slackware update for mozilla-firefox

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, Spoofing, Exposure
of sensitive information, System access
Released:    2007-03-08

Slackware has issued an update for mozilla-firefox. This fixes some
vulnerabilities, which can be exploited by malicious people to bypass
certain security restrictions, conduct cross-site scripting and
spoofing attacks, gain knowledge of sensitive information, and
potentially compromise a user's system.

Full Advisory:
http://secunia.com/advisories/24455/

 --

[SA24433] Flat Chat "Chat Name" PHP Code Execution

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-03-08

Dj7xpl has discovered a vulnerability in Flat Chat, which can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/24433/

 --

[SA24410] Ubuntu update for thunderbird

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-03-07

Ubuntu has issued an update for thunderbird. This fixes some
vulnerabilities, which can be exploited by malicious people to
compromise a user's system.

Full Advisory:
http://secunia.com/advisories/24410/

 --

[SA24406] Fedora update for thunderbird

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-03-06

Fedora has issued an update for thunderbird. This fixes some
vulnerabilities, which potentially can be exploited by malicious people
to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/24406/

 --

[SA24395] Red Hat update for thunderbird

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-03-05

Red Hat has issued an update for thunderbird. This fixes some
vulnerabilities, which potentially can be exploited by malicious people
to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/24395/

 --

[SA24393] Gentoo update for mozilla-firefox and mozilla-firefox-bin

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, Spoofing, Exposure
of sensitive information, System access
Released:    2007-03-05

Gentoo has issued an update for mozilla-firefox and
mozilla-firefox-bin. This fixes some vulnerabilities, which can be
exploited by malicious people to bypass certain security restrictions,
conduct cross-site scripting and spoofing attacks,  gain knowledge of
sensitive information, and potentially compromise a user's system.

Full Advisory:
http://secunia.com/advisories/24393/

 --

[SA24389] Mandriva update for thunderbird

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-03-07

Mandriva has issued an update for thunderbird. This fixes some
vulnerabilities, which can be exploited by malicious people to
compromise a user's system.

Full Advisory:
http://secunia.com/advisories/24389/

 --

[SA24384] SUSE update for MozillaFirefox and seamonkey

Critical:    Highly critical
Where:       From remote
Impact:      Cross Site Scripting, Spoofing, Exposure of sensitive
information, System access
Released:    2007-03-07

SUSE has issued an update for MozillaFirefox and seamonkey. This fixes
some vulnerabilities, which can be exploited by malicious people to
bypass certain security restrictions, conduct cross-site scripting and
spoofing attacks, gain knowledge of sensitive information, and
potentially compromise a user's system.

Full Advisory:
http://secunia.com/advisories/24384/

 --

[SA24458] Slackware update for imagemagick

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-03-08

Slackware has issued an update for imagemagick. This fixes a
vulnerability, which can be exploited by malicious people to cause a
DoS (Denial of Service) and potentially compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/24458/

 --

[SA24438] Slackware update for gnupg

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2007-03-08

Slackware has issued an update for gnupg. This fixes a vulnerability,
which potentially can be exploited by malicious people to bypass
certain security restrictions when applications use GnuPG in an
insecure manner.

Full Advisory:
http://secunia.com/advisories/24438/

 --

[SA24435] HP-UX update for GZIP

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-03-07

HP has issued an update for GZIP. This fixes some vulnerabilities,
which can be exploited by malicious people to cause a DoS (Denial of
Service) and potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/24435/

 --

[SA24431] SILC Server Invalid hmac/cipher Denial of Service

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2007-03-07

Frank Benkstein has reported a vulnerability in SILC Server, which can
be exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/24431/

 --

[SA24425] Debian update for clamav

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2007-03-07

Debian has issued an update for clamav. This fixes two vulnerabilities,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/24425/

 --

[SA24421] Debian update for php4

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Exposure of sensitive information, DoS,
System access
Released:    2007-03-08

Debian has issued an update for php4. This fixes some vulnerabilities
and a weakness, which can be exploited by malicious people to disclose
potentially sensitive information, bypass certain security
restrictions, cause a DoS (Denial of Service) and potentially
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/24421/

 --

[SA24420] Ubuntu update for gnupg

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2007-03-08

Ubuntu has issued an update for gnupg. This fixes a vulnerability,
which potentially can be exploited by malicious people to bypass
certain security restrictions when applications use GnuPG in an
insecure manner.

Full Advisory:
http://secunia.com/advisories/24420/

 --

[SA24417] GNUMail "--status-fd" Incorrect GnuPG Usage

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2007-03-06

Gerardo Richarte has reported a vulnerability in GNUMail, which can be
exploited by malicious people to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/24417/

 --

[SA24415] Mutt "--status-fd" Incorrect GnuPG Usage

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2007-03-06

Gerardo Richarte has reported a vulnerability in Mutt, which can be
exploited by malicious people to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/24415/

 --

[SA24414] Sylpheed "--status-fd" Incorrect GnuPG Usage

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2007-03-06

Gerardo Richarte has reported a vulnerability in Sylpheed, which can be
exploited by malicious people to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/24414/

 --

[SA24413] KMail "--status-fd" Incorrect GnuPG Usage

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2007-03-06

Gerardo Richarte has reported a vulnerability in KMail, which can be
exploited by malicious people to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/24413/

 --

[SA24412] Evolution "--status-fd" Incorrect GnuPG Usage

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2007-03-06

Gerardo Richarte has reported a vulnerability in Evolution, which can
be exploited by malicious people to bypass certain security
restrictions.

Full Advisory:
http://secunia.com/advisories/24412/

 --

[SA24382] Rigter Portal System "categoria" SQL Injection

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-03-05

s0cratex has discovered a vulnerability in Rigter Portal System, which
can be exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/24382/

 --

[SA24380] Asterisk SIP Message Handling Denial of Service

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2007-03-07

MU Security Research Team has reported a vulnerability in Asterisk,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/24380/

 --

[SA24379] Debian update for gnomemeeting and ekiga

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-03-05

Debian has issued an update for gnomemeeting and ekiga. This fixes a
vulnerability, which potentially can be exploited by malicious people
to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/24379/

 --

[SA24365] Red Hat update for gnupg

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2007-03-06

Red Hat has issued an update for gnupg. This fixes a vulnerability,
which potentially can be exploited by malicious people to bypass
certain security restrictions when applications use GnuPG in an
insecure manner.

Full Advisory:
http://secunia.com/advisories/24365/

 --

[SA24369] Novell Access Manager SSLVPN Server "policy.txt" Security
Bypass

Critical:    Moderately critical
Where:       From local network
Impact:      Security Bypass
Released:    2007-03-02

A security issue has been reported in Novell Access Manager, which can
be exploited by malicious users to bypass certain security
restrictions.

Full Advisory:
http://secunia.com/advisories/24369/

 --

[SA24428] Gentoo update for stlport

Critical:    Less critical
Where:       From remote
Impact:      Unknown
Released:    2007-03-07

Gentoo has issued an update for stlport. This fixes two weaknesses with
unknown impact.

Full Advisory:
http://secunia.com/advisories/24428/

 --

[SA24424] Ubuntu update for modpython

Critical:    Less critical
Where:       From remote
Impact:      Exposure of sensitive information
Released:    2007-03-07

Ubuntu has issued an update for modpython. This fixes a security issue,
which can potentially be exploited to disclose certain sensitive
information.

Full Advisory:
http://secunia.com/advisories/24424/

 --

[SA24423] Ubuntu update for tcpdump

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2007-03-07

Ubuntu has issued an update for tcpdump. This fixes a vulnerability,
which potentially can be exploited by malicious people to cause a DoS
(Denial of Service).

Full Advisory:
http://secunia.com/advisories/24423/

 --

[SA24418] rPath update for mod_python

Critical:    Less critical
Where:       From remote
Impact:      Exposure of sensitive information
Released:    2007-03-08

rPath has issued an update for mod_python. This fixes a security issue,
which can potentially be exploited to disclose certain sensitive
information.

Full Advisory:
http://secunia.com/advisories/24418/

 --

[SA24400] Fedora update for kernel

Critical:    Less critical
Where:       From local network
Impact:      Privilege escalation, DoS
Released:    2007-03-05

Fedora has issued an update for the kernel. This fixes some
vulnerabilities, which can be exploited by malicious, local users to
cause a DoS (Denial of Service) and potentially gain escalated
privileges, and by malicious people to cause a DoS.

Full Advisory:
http://secunia.com/advisories/24400/

 --

[SA24429] rPath update for kernel

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation, DoS
Released:    2007-03-07

rPath has issued an update for the kernel. This fixes some
vulnerabilities, which can be exploited by malicious, local users to
cause a DoS (Denial of Service) or potentially gain escalated
privileges.

Full Advisory:
http://secunia.com/advisories/24429/

 --

[SA24401] Slackware update for x11

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-03-08

Slackware has issued an update for x11. This fixes some
vulnerabilities, which can be exploited by malicious, local users to
gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/24401/

 --

[SA24442] rPath update for kdelibs

Critical:    Not critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-03-08

rPath has issued an update for kdelibs. This fixes a weakness, which
potentially can be exploited by malicious people to conduct cross-site
scripting attacks.

Full Advisory:
http://secunia.com/advisories/24442/

 --

[SA24436] Linux Kernel Omnikey CardMan 4040 Driver Buffer Overflow

Critical:    Not critical
Where:       Local system
Impact:      Privilege escalation, DoS
Released:    2007-03-08

A vulnerability has been reported in the Linux Kernel, which
potentially can be exploited by malicious, local users to cause a DoS
(Denial of Service) or gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/24436/

 --

[SA24381] PuTTY "puttygen" Insecure File Permissions

Critical:    Not critical
Where:       Local system
Impact:      Exposure of sensitive information
Released:    2007-03-05

Daniel Kahn Gillmor has discovered a weakness in PuTTY, which can be
exploited by malicious, local users to gain knowledge of sensitive
information.

Full Advisory:
http://secunia.com/advisories/24381/


Other:--

[SA24432] Avaya Products PHP Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Exposure of sensitive information, DoS,
System access
Released:    2007-03-07

Avaya has acknowledged some vulnerabilities and a weakness in various
Avaya products, which can be exploited by malicious people to disclose
potentially sensitive information, bypass certain security
restrictions, cause a DoS (Denial of Service) and potentially
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/24432/

 --

[SA24397] Avaya Communications Manager Cross-Site Scripting
Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-03-08

A vulnerability has been reported in Avaya Communications Manager,
which can be exploited by malicious people to conduct cross-site
scripting attacks.

Full Advisory:
http://secunia.com/advisories/24397/

 --

[SA24388] SnapGear Packet Handling Denial of Service

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2007-03-06

A vulnerability has been reported in SnapGear, which can be exploited
by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/24388/

 --

[SA24434] Avaya Products Unspecified Shell Command Injection

Critical:    Less critical
Where:       From local network
Impact:      System access
Released:    2007-03-07

A vulnerability has been reported in various Avaya products, which can
be exploited by malicious users to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/24434/

 --

[SA24447] Sun Fire X2100 / X2200 "ipmitool" Privilege Escalation
Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-03-08

A vulnerability has been reported in Sun Fire X2100 and Sun Fire X2200,
which can be exploited by malicious, local users to gain escalated
privileges.

Full Advisory:
http://secunia.com/advisories/24447/


Cross Platform:--

[SA24403] WebCalendar "noSet" Variable Overwrite Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-03-06

A vulnerability has been discovered in WebCalendar, which can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/24403/

 --

[SA24398] Apache Tomcat JK Web Server Connector Long URL Buffer
Overflow

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-03-05

A vulnerability has been reported in Apache Tomcat JK Web Server
Connector, which can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/24398/

 --

[SA24394] Mani Stats Reader "ipath" File Inclusion Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-03-06

mozi has discovered a vulnerability in Mani Stats Reader, which can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/24394/

 --

[SA24374] WordPress Command Execution and PHP "eval()" Injection

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-03-05

Ivan Fratric has reported two vulnerabilities in WordPress, which can
be exploited by malicious people to compromise vulnerable systems.

Full Advisory:
http://secunia.com/advisories/24374/

 --

[SA24359] Apple QuickTime Multiple Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-03-06

Some vulnerabilities have been reported in Apple QuickTime, which
potentially can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/24359/

 --

[SA24357] Netrek Vanilla Server EVENTLOG Format String Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-03-02

A vulnerability has been reported in Netrek Vanilla Server, which
potentially can be exploited by malicious people to cause a DoS (Denial
of Service) or compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/24357/

 --

[SA24416] Enigmail "--status-fd" Incorrect GnuPG Usage

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2007-03-06

Gerardo Richarte has reported a vulnerability in Enigmail, which can be
exploited by malicious people to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/24416/

 --

[SA24411] Sava's GuestBook Script Insertion and SQL Injection

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data
Released:    2007-03-06

Belsec Team has discovered some vulnerabilities in Sava's Guestbook,
which can be exploited by malicious people to conduct script insertion
and SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/24411/

 --

[SA24402] Simple Invoices PDF Print Preview Security Bypass

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2007-03-05

justin has reported a vulnerability in Simple Invoices, which can be
exploited by malicious people to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/24402/

 --

[SA24392] HyperBook Guestbook "data/gbconfiguration.dat" Information
Disclosure

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of sensitive information
Released:    2007-03-06

SaO has discovered a security issue in HyperBook Guestbook, which can
be exploited by malicious people to disclose sensitive information.

Full Advisory:
http://secunia.com/advisories/24392/

 --

[SA24391] Kaspersky Anti-Virus Engine UPX Processing Denial of Service

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2007-03-05

A vulnerability has been reported in Kaspersky's Anti-Virus engine,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/24391/

 --

[SA24383] Ezstream Buffer Overflow Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-03-06

Some vulnerabilities have been reported in Ezstream, which can
potentially be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/24383/

 --

[SA24378] AJ Forum "td_id" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data, Exposure of sensitive information
Released:    2007-03-05

ajann has reported a vulnerability in AJ Forum, which can be exploited
by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/24378/

 --

[SA24376] AJDating "user_id" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-03-05

ajann has reported a vulnerability in AJDating, which can be exploited
by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/24376/

 --

[SA24375] AJ Auction Pro "cate_id" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data, Exposure of sensitive information
Released:    2007-03-05

ajann has reported a vulnerability in AJ Auction Pro, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/24375/

 --

[SA24370] Conquest "metaGetServerList()" and "processPacket()"
Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-03-07

Luigi Auriemma has reported some vulnerabilities in Conquest, which can
be exploited by malicious people to cause a DoS (Denial of Service) and
potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/24370/

 --

[SA24366] SQL-Ledger Directory Traversal Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data, Exposure of sensitive information,
System access
Released:    2007-03-08

Some vulnerabilities have been reported in SQL-Ledger, which can
potentially be exploited by malicious people to bypass certain security
restrictions and to manipulate data, and by malicious users to
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/24366/

 --

[SA24363] LedgerSMB Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Manipulation of data, System access
Released:    2007-03-08

Some vulnerabilities have been reported in LedgerSMB, which can
potentially be exploited by malicious people to bypass certain security
restrictions or to manipulate data, and by malicious users to compromise
a vulnerable system.

Full Advisory:
http://secunia.com/advisories/24363/

 --

[SA24362] EMC NetWorker Management Console Weak Authentication

Critical:    Moderately critical
Where:       From local network
Impact:      Security Bypass
Released:    2007-03-05

A vulnerability has been reported in EMC NetWorker, which can be
exploited by malicious people to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/24362/

 --

[SA24430] WordPress "demo" Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-03-07

Alexander Concha has discovered a vulnerability in WordPress, which can
be exploited by malicious people to conduct cross-site scripting
attacks.

Full Advisory:
http://secunia.com/advisories/24430/

 --

[SA24404] Woltlab Burning Board Lite register.php Cross-Site Scripting

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-03-07

Samenspender has discovered several vulnerabilities in Woltlab Burning
Board Lite, which can be exploited by malicious people to conduct
cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/24404/

 --

[SA24399] VirtueMart Multiple Cross-Site Scripting Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-03-05

Some vulnerabilities have been reported in VirtueMart, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/24399/

 --

[SA24396] Phorum "admin.php" Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-03-06

Hasadya Raed has discovered a vulnerability in Phorum, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/24396/

 --

[SA24386] Woltlab Burning Board register.php Cross-Site Scripting

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-03-07

Samenspender has reported two vulnerabilities in Woltlab Burning Board,
which can be exploited by malicious people to conduct cross-site
scripting attacks.

Full Advisory:
http://secunia.com/advisories/24386/

 --

[SA24385] Tyger Bug Tracking System Multiple Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data
Released:    2007-03-05

Some vulnerabilities have been reported in Tyger Bug Tracking System,
which can be exploited by malicious people to conduct cross-site
scripting attacks and by malicious users to conduct SQL injection
attacks.

Full Advisory:
http://secunia.com/advisories/24385/

 --

[SA24373] ModSecurity POST Data NULL Byte Rule Bypass

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass
Released:    2007-03-07

Stefan Esser has discovered a vulnerability in ModSecurity, which can
be exploited by malicious people to bypass certain security
restrictions.

Full Advisory:
http://secunia.com/advisories/24373/

 --

[SA24372] Drupal Nodefamily Module Profile Security Bypass

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass, Manipulation of data
Released:    2007-03-07

A vulnerability has been reported in the Nodefamily module for Drupal,
which can be exploited by malicious users to bypass certain security
restrictions.

Full Advisory:
http://secunia.com/advisories/24372/

 --

[SA24364] Contelligent "MoveSortedContentAction" Security Bypass

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass
Released:    2007-03-02

A security issue has been reported in Contelligent, which can be
exploited by malicious users to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/24364/

 --

[SA24387] IBM DB2 Fenced UserID Directory Access Authentication Bypass

Critical:    Less critical
Where:       From local network
Impact:      Security Bypass
Released:    2007-03-07

A security issue has been reported in IBM DB2, which can be exploited
by malicious users to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/24387/

 --

[SA24405] Avaya CMS / IR Sun Solaris rm Race Condition Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Manipulation of data, Privilege escalation
Released:    2007-03-07

Avaya has acknowledged a vulnerability in Avaya CMS and IR, which can
be exploited by malicious, local users to perform certain actions with
escalated privileges.

Full Advisory:
http://secunia.com/advisories/24405/

 --

[SA24356] PHP4 ZVAL Reference Counter Overflow and Cross-Site
Scripting

Critical:    Less critical
Where:       Local system
Impact:      Security Bypass, Cross Site Scripting
Released:    2007-03-05

Stefan Esser has discovered some vulnerabilities in PHP4, which can be
exploited by malicious, local users to bypass certain security
restrictions, and by malicious people to conduct cross-site scripting
attacks.

Full Advisory:
http://secunia.com/advisories/24356/



========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Subscribe:
http://secunia.com/secunia_weekly_summary/

Contact details:
Web	: http://secunia.com/
E-mail	: support@private
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45



_________________________________________
Visit the InfoSec News Security Bookstore
http://www.shopinfosecnews.org



This archive was generated by hypermail 2.1.3 : Fri Mar 09 2007 - 00:11:03 PST