======================================================================== The Secunia Weekly Advisory Summary 2007-03-01 - 2007-03-08 This week: 81 advisories ======================================================================== Table of Contents: 1.....................................................Word From Secunia 2....................................................This Week In Brief 3...............................This Weeks Top Ten Most Read Advisories 4.......................................Vulnerabilities Summary Listing 5.......................................Vulnerabilities Content Listing ======================================================================== 1) Word From Secunia: Should you be interested in a career within Secunia, the current job openings are available right now: Security Sales Engineer: http://corporate.secunia.com/about_secunia/54/ German Key Account Manager: http://corporate.secunia.com/about_secunia/55/ International Account Manager - Enterprise Sales: http://corporate.secunia.com/about_secunia/52/ International Sales Manager - IT Security Partner: http://corporate.secunia.com/about_secunia/51/ Danish: Disassembling og Reversing http://secunia.com/Disassembling_og_Reversing/ ======================================================================== 2) This Week in Brief: Some vulnerabilities have been reported in Apple QuickTime, which potentially can be exploited by malicious people to compromise a user's system. Secunia has constructed the Secunia Software Inspector, which you can use to check if your system is vulnerable: http://secunia.com/software_inspector/ The vendor has issued new versions correcting these vulnerabilities. Reference: http://secunia.com/advisories/24359/ -- A vulnerability has been reported in Kaspersky's Anti-Virus engine, which can be exploited by malicious people to cause a DoS (Denial of Service) The fix has reportedly been available via automatic updates since February 7, 2007. Reference: http://secunia.com/advisories/24391/ -- VIRUS ALERTS: During the past week Secunia collected 189 virus descriptions from the Antivirus vendors. However, none were deemed MEDIUM risk or higher according to the Secunia assessment scale. ======================================================================== 3) This Weeks Top Ten Most Read Advisories: 1. [SA24205] Mozilla Firefox Multiple Vulnerabilities 2. [SA24350] Citrix Presentation Server Client Unspecified Code Execution 3. [SA24359] Apple QuickTime Multiple Vulnerabilities 4. [SA23014] Internet Explorer "onunload" Event Spoofing Vulnerability 5. [SA24344] Cisco Products NAM SNMP Spoofing Vulnerability 6. [SA24341] vBulletin "postids" SQL Injection Vulnerability 7. [SA24371] Symantec Mail Security for SMTP Unspecified Message Handling Vulnerability 8. [SA24318] tcpdump 802.11 "parse_elements()" Off-By-One Vulnerability 9. [SA18787] Internet Explorer Drag-and-Drop Vulnerability 10. [SA24369] Novell Access Manager SSLVPN Server "policy.txt" Security Bypass ======================================================================== 4) Vulnerabilities Summary Listing Windows: [SA24445] Novell Netmail WebAdmin Long Username Buffer Overflow [SA24422] Ipswitch IMail Server/Collaboration Suite IMAILAPI.DLL ActiveX Control Buffer Overflows [SA24371] Symantec Mail Security for SMTP Unspecified Message Handling Vulnerability [SA24367] Mercury Mail Transport System IMAP Data Handling Buffer Overflow [SA24368] ANGEL Learning Management Suite "id" SQL Injection [SA24361] MailEnable IMAP Service "APPEND" Buffer Overflow [SA24358] Snitz Forums 2000 "MSN" Script Insertion Vulnerability [SA24408] Adobe Reader and Acrobat PDF "file://" URL Handling Security Issue UNIX/Linux: [SA24457] Slackware update for seamonkey [SA24456] Slackware update for mozilla-thunderbird [SA24455] Slackware update for mozilla-firefox [SA24433] Flat Chat "Chat Name" PHP Code Execution [SA24410] Ubuntu update for thunderbird [SA24406] Fedora update for thunderbird [SA24395] Red Hat update for thunderbird [SA24393] Gentoo update for mozilla-firefox and mozilla-firefox-bin [SA24389] Mandriva update for thunderbird [SA24384] SUSE update for MozillaFirefox and seamonkey [SA24458] Slackware update for imagemagick [SA24438] Slackware update for gnupg [SA24435] HP-UX update for GZIP [SA24431] SILC Server Invalid hmac/cipher Denial of Service [SA24425] Debian update for clamav [SA24421] Debian update for php4 [SA24420] Ubuntu update for gnupg [SA24417] GNUMail "--status-fd" Incorrect GnuPG Usage [SA24415] Mutt "--status-fd" Incorrect GnuPG Usage [SA24414] Sylpheed "--status-fd" Incorrect GnuPG Usage [SA24413] KMail "--status-fd" Incorrect GnuPG Usage [SA24412] Evolution "--status-fd" Incorrect GnuPG Usage [SA24382] Rigter Portal System "categoria" SQL Injection [SA24380] Asterisk SIP Message Handling Denial of Service [SA24379] Debian update for gnomemeeting and ekiga [SA24365] Red Hat update for gnupg [SA24369] Novell Access Manager SSLVPN Server "policy.txt" Security Bypass [SA24428] Gentoo update for stlport [SA24424] Ubuntu update for modpython [SA24423] Ubuntu update for tcpdump [SA24418] rPath update for mod_python [SA24400] Fedora update for kernel [SA24429] rPath update for kernel [SA24401] Slackware update for x11 [SA24442] rPath update for kdelibs [SA24436] Linux Kernel Omnikey CardMan 4040 Driver Buffer Overflow [SA24381] PuTTY "puttygen" Insecure File Permissions Other: [SA24432] Avaya Products PHP Multiple Vulnerabilities [SA24397] Avaya Communications Manager Cross-Site Scripting Vulnerability [SA24388] SnapGear Packet Handling Denial of Service [SA24434] Avaya Products Unspecified Shell Command Injection [SA24447] Sun Fire X2100 / X2200 "ipmitool" Privilege Escalation Vulnerability Cross Platform: [SA24403] WebCalendar "noSet" Variable Overwrite Vulnerability [SA24398] Apache Tomcat JK Web Server Connector Long URL Buffer Overflow [SA24394] Mani Stats Reader "ipath" File Inclusion Vulnerability [SA24374] WordPress Command Execution and PHP "eval()" Injection [SA24359] Apple QuickTime Multiple Vulnerabilities [SA24357] Netrek Vanilla Server EVENTLOG Format String Vulnerability [SA24416] Enigmail "--status-fd" Incorrect GnuPG Usage [SA24411] Sava's GuestBook Script Insertion and SQL Injection [SA24402] Simple Invoices PDF Print Preview Security Bypass [SA24392] HyperBook Guestbook "data/gbconfiguration.dat" Information Disclosure [SA24391] Kaspersky Anti-Virus Engine UPX Processing Denial of Service [SA24383] Ezstream Buffer Overflow Vulnerabilities [SA24378] AJ Forum "td_id" SQL Injection Vulnerability [SA24376] AJDating "user_id" SQL Injection Vulnerability [SA24375] AJ Auction Pro "cate_id" SQL Injection Vulnerability [SA24370] Conquest "metaGetServerList()" and "processPacket()" Vulnerabilities [SA24366] SQL-Ledger Directory Traversal Vulnerability [SA24363] LedgerSMB Multiple Vulnerabilities [SA24362] EMC NetWorker Management Console Weak Authentication [SA24430] WordPress "demo" Cross-Site Scripting Vulnerability [SA24404] Woltlab Burning Board Lite register.php Cross-Site Scripting [SA24399] VirtueMart Multiple Cross-Site Scripting Vulnerabilities [SA24396] Phorum "admin.php" Cross-Site Scripting Vulnerability [SA24386] Woltlab Burning Board register.php Cross-Site Scripting [SA24385] Tyger Bug Tracking System Multiple Vulnerabilities [SA24373] ModSecurity POST Data NULL Byte Rule Bypass [SA24372] Drupal Nodefamily Module Profile Security Bypass [SA24364] Contelligent "MoveSortedContentAction" Security Bypass [SA24387] IBM DB2 Fenced UserID Directory Access Authentication Bypass [SA24405] Avaya CMS / IR Sun Solaris rm Race Condition Vulnerability [SA24356] PHP4 ZVAL Reference Counter Overflow and Cross-Site Scripting ======================================================================== 5) Vulnerabilities Content Listing Windows:-- [SA24445] Novell Netmail WebAdmin Long Username Buffer Overflow Critical: Highly critical Where: From remote Impact: System access Released: 2007-03-08 A vulnerability has been reported in Novell Netmail, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/24445/ -- [SA24422] Ipswitch IMail Server/Collaboration Suite IMAILAPI.DLL ActiveX Control Buffer Overflows Critical: Highly critical Where: From remote Impact: System access Released: 2007-03-07 Some vulnerabilities have been reported in Ipswitch IMail Server/Collaboration Suite, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/24422/ -- [SA24371] Symantec Mail Security for SMTP Unspecified Message Handling Vulnerability Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2007-03-02 A vulnerability has been reported in Symantec Mail Security for SMTP, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/24371/ -- [SA24367] Mercury Mail Transport System IMAP Data Handling Buffer Overflow Critical: Highly critical Where: From remote Impact: System access Released: 2007-03-07 mu-b has discovered a vulnerability in Mercury Mail Transport System, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/24367/ -- [SA24368] ANGEL Learning Management Suite "id" SQL Injection Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2007-03-05 Craig Heffner has reported a vulnerability in ANGEL Learning Management Suite, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/24368/ -- [SA24361] MailEnable IMAP Service "APPEND" Buffer Overflow Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2007-03-05 mu-b has discovered a vulnerability in MailEnable, which can be exploited by malicious users to cause a DoS (Denial of Service) or to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/24361/ -- [SA24358] Snitz Forums 2000 "MSN" Script Insertion Vulnerability Critical: Moderately critical Where: From remote Impact: Cross Site Scripting Released: 2007-03-07 Stefano Angaran has discovered a vulnerability in Snitz Forums 2000, which can be exploited by malicious users to conduct script insertion attacks. Full Advisory: http://secunia.com/advisories/24358/ -- [SA24408] Adobe Reader and Acrobat PDF "file://" URL Handling Security Issue Critical: Less critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information Released: 2007-03-06 pdp has discovered a security issue in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to disclose sensitive information. Full Advisory: http://secunia.com/advisories/24408/ UNIX/Linux:-- [SA24457] Slackware update for seamonkey Critical: Highly critical Where: From remote Impact: Security Bypass, Cross Site Scripting, Spoofing, Exposure of sensitive information, System access Released: 2007-03-08 Slackware has issued an update for seamonkey. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting and spoofing attacks, gain knowledge of sensitive information, and potentially compromise a user's system. Full Advisory: http://secunia.com/advisories/24457/ -- [SA24456] Slackware update for mozilla-thunderbird Critical: Highly critical Where: From remote Impact: System access Released: 2007-03-08 Slackware has issued an update for mozilla-thunderbird. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/24456/ -- [SA24455] Slackware update for mozilla-firefox Critical: Highly critical Where: From remote Impact: Security Bypass, Cross Site Scripting, Spoofing, Exposure of sensitive information, System access Released: 2007-03-08 Slackware has issued an update for mozilla-firefox. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting and spoofing attacks, gain knowledge of sensitive information, and potentially compromise a user's system. Full Advisory: http://secunia.com/advisories/24455/ -- [SA24433] Flat Chat "Chat Name" PHP Code Execution Critical: Highly critical Where: From remote Impact: System access Released: 2007-03-08 Dj7xpl has discovered a vulnerability in Flat Chat, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/24433/ -- [SA24410] Ubuntu update for thunderbird Critical: Highly critical Where: From remote Impact: System access Released: 2007-03-07 Ubuntu has issued an update for thunderbird. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/24410/ -- [SA24406] Fedora update for thunderbird Critical: Highly critical Where: From remote Impact: System access Released: 2007-03-06 Fedora has issued an update for thunderbird. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/24406/ -- [SA24395] Red Hat update for thunderbird Critical: Highly critical Where: From remote Impact: System access Released: 2007-03-05 Red Hat has issued an update for thunderbird. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/24395/ -- [SA24393] Gentoo update for mozilla-firefox and mozilla-firefox-bin Critical: Highly critical Where: From remote Impact: Security Bypass, Cross Site Scripting, Spoofing, Exposure of sensitive information, System access Released: 2007-03-05 Gentoo has issued an update for mozilla-firefox and mozilla-firefox-bin. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting and spoofing attacks, gain knowledge of sensitive information, and potentially compromise a user's system. Full Advisory: http://secunia.com/advisories/24393/ -- [SA24389] Mandriva update for thunderbird Critical: Highly critical Where: From remote Impact: System access Released: 2007-03-07 Mandriva has issued an update for thunderbird. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/24389/ -- [SA24384] SUSE update for MozillaFirefox and seamonkey Critical: Highly critical Where: From remote Impact: Cross Site Scripting, Spoofing, Exposure of sensitive information, System access Released: 2007-03-07 SUSE has issued an update for MozillaFirefox and seamonkey. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting and spoofing attacks, gain knowledge of sensitive information, and potentially compromise a user's system. Full Advisory: http://secunia.com/advisories/24384/ -- [SA24458] Slackware update for imagemagick Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2007-03-08 Slackware has issued an update for imagemagick. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/24458/ -- [SA24438] Slackware update for gnupg Critical: Moderately critical Where: From remote Impact: Security Bypass Released: 2007-03-08 Slackware has issued an update for gnupg. This fixes a vulnerability, which potentially can be exploited by malicious people to bypass certain security restrictions when applications use GnuPG in an insecure manner. Full Advisory: http://secunia.com/advisories/24438/ -- [SA24435] HP-UX update for GZIP Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2007-03-07 HP has issued an update for GZIP. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/24435/ -- [SA24431] SILC Server Invalid hmac/cipher Denial of Service Critical: Moderately critical Where: From remote Impact: DoS Released: 2007-03-07 Frank Benkstein has reported a vulnerability in SILC Server, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/24431/ -- [SA24425] Debian update for clamav Critical: Moderately critical Where: From remote Impact: DoS Released: 2007-03-07 Debian has issued an update for clamav. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/24425/ -- [SA24421] Debian update for php4 Critical: Moderately critical Where: From remote Impact: Security Bypass, Exposure of sensitive information, DoS, System access Released: 2007-03-08 Debian has issued an update for php4. This fixes some vulnerabilities and a weakness, which can be exploited by malicious people to disclose potentially sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service) and potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/24421/ -- [SA24420] Ubuntu update for gnupg Critical: Moderately critical Where: From remote Impact: Security Bypass Released: 2007-03-08 Ubuntu has issued an update for gnupg. This fixes a vulnerability, which potentially can be exploited by malicious people to bypass certain security restrictions when applications use GnuPG in an insecure manner. Full Advisory: http://secunia.com/advisories/24420/ -- [SA24417] GNUMail "--status-fd" Incorrect GnuPG Usage Critical: Moderately critical Where: From remote Impact: Security Bypass Released: 2007-03-06 Gerardo Richarte has reported a vulnerability in GNUMail, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/24417/ -- [SA24415] Mutt "--status-fd" Incorrect GnuPG Usage Critical: Moderately critical Where: From remote Impact: Security Bypass Released: 2007-03-06 Gerardo Richarte has reported a vulnerability in Mutt, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/24415/ -- [SA24414] Sylpheed "--status-fd" Incorrect GnuPG Usage Critical: Moderately critical Where: From remote Impact: Security Bypass Released: 2007-03-06 Gerardo Richarte has reported a vulnerability in Sylpheed, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/24414/ -- [SA24413] KMail "--status-fd" Incorrect GnuPG Usage Critical: Moderately critical Where: From remote Impact: Security Bypass Released: 2007-03-06 Gerardo Richarte has reported a vulnerability in KMail, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/24413/ -- [SA24412] Evolution "--status-fd" Incorrect GnuPG Usage Critical: Moderately critical Where: From remote Impact: Security Bypass Released: 2007-03-06 Gerardo Richarte has reported a vulnerability in Evolution, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/24412/ -- [SA24382] Rigter Portal System "categoria" SQL Injection Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2007-03-05 s0cratex has discovered a vulnerability in Rigter Portal System, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/24382/ -- [SA24380] Asterisk SIP Message Handling Denial of Service Critical: Moderately critical Where: From remote Impact: DoS Released: 2007-03-07 MU Security Research Team has reported a vulnerability in Asterisk, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/24380/ -- [SA24379] Debian update for gnomemeeting and ekiga Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2007-03-05 Debian has issued an update for gnomemeeting and ekiga. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/24379/ -- [SA24365] Red Hat update for gnupg Critical: Moderately critical Where: From remote Impact: Security Bypass Released: 2007-03-06 Red Hat has issued an update for gnupg. This fixes a vulnerability, which potentially can be exploited by malicious people to bypass certain security restrictions when applications use GnuPG in an insecure manner. Full Advisory: http://secunia.com/advisories/24365/ -- [SA24369] Novell Access Manager SSLVPN Server "policy.txt" Security Bypass Critical: Moderately critical Where: From local network Impact: Security Bypass Released: 2007-03-02 A security issue has been reported in Novell Access Manager, which can be exploited by malicious users to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/24369/ -- [SA24428] Gentoo update for stlport Critical: Less critical Where: From remote Impact: Unknown Released: 2007-03-07 Gentoo has issued an update for stlport. This fixes two weaknesses with unknown impact. Full Advisory: http://secunia.com/advisories/24428/ -- [SA24424] Ubuntu update for modpython Critical: Less critical Where: From remote Impact: Exposure of sensitive information Released: 2007-03-07 Ubuntu has issued an update for modpython. This fixes a security issue, which can potentially be exploited to disclose certain sensitive information. Full Advisory: http://secunia.com/advisories/24424/ -- [SA24423] Ubuntu update for tcpdump Critical: Less critical Where: From remote Impact: DoS Released: 2007-03-07 Ubuntu has issued an update for tcpdump. This fixes a vulnerability, which potentially can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/24423/ -- [SA24418] rPath update for mod_python Critical: Less critical Where: From remote Impact: Exposure of sensitive information Released: 2007-03-08 rPath has issued an update for mod_python. This fixes a security issue, which can potentially be exploited to disclose certain sensitive information. Full Advisory: http://secunia.com/advisories/24418/ -- [SA24400] Fedora update for kernel Critical: Less critical Where: From local network Impact: Privilege escalation, DoS Released: 2007-03-05 Fedora has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges, and by malicious people to cause a DoS. Full Advisory: http://secunia.com/advisories/24400/ -- [SA24429] rPath update for kernel Critical: Less critical Where: Local system Impact: Privilege escalation, DoS Released: 2007-03-07 rPath has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or potentially gain escalated privileges. Full Advisory: http://secunia.com/advisories/24429/ -- [SA24401] Slackware update for x11 Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2007-03-08 Slackware has issued an update for x11. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/24401/ -- [SA24442] rPath update for kdelibs Critical: Not critical Where: From remote Impact: Cross Site Scripting Released: 2007-03-08 rPath has issued an update for kdelibs. This fixes a weakness, which potentially can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/24442/ -- [SA24436] Linux Kernel Omnikey CardMan 4040 Driver Buffer Overflow Critical: Not critical Where: Local system Impact: Privilege escalation, DoS Released: 2007-03-08 A vulnerability has been reported in the Linux Kernel, which potentially can be exploited by malicious, local users to cause a DoS (Denial of Service) or gain escalated privileges. Full Advisory: http://secunia.com/advisories/24436/ -- [SA24381] PuTTY "puttygen" Insecure File Permissions Critical: Not critical Where: Local system Impact: Exposure of sensitive information Released: 2007-03-05 Daniel Kahn Gillmor has discovered a weakness in PuTTY, which can be exploited by malicious, local users to gain knowledge of sensitive information. Full Advisory: http://secunia.com/advisories/24381/ Other:-- [SA24432] Avaya Products PHP Multiple Vulnerabilities Critical: Moderately critical Where: From remote Impact: Security Bypass, Exposure of sensitive information, DoS, System access Released: 2007-03-07 Avaya has acknowledged some vulnerabilities and a weakness in various Avaya products, which can be exploited by malicious people to disclose potentially sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service) and potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/24432/ -- [SA24397] Avaya Communications Manager Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-03-08 A vulnerability has been reported in Avaya Communications Manager, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/24397/ -- [SA24388] SnapGear Packet Handling Denial of Service Critical: Less critical Where: From remote Impact: DoS Released: 2007-03-06 A vulnerability has been reported in SnapGear, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/24388/ -- [SA24434] Avaya Products Unspecified Shell Command Injection Critical: Less critical Where: From local network Impact: System access Released: 2007-03-07 A vulnerability has been reported in various Avaya products, which can be exploited by malicious users to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/24434/ -- [SA24447] Sun Fire X2100 / X2200 "ipmitool" Privilege Escalation Vulnerability Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2007-03-08 A vulnerability has been reported in Sun Fire X2100 and Sun Fire X2200, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/24447/ Cross Platform:-- [SA24403] WebCalendar "noSet" Variable Overwrite Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2007-03-06 A vulnerability has been discovered in WebCalendar, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/24403/ -- [SA24398] Apache Tomcat JK Web Server Connector Long URL Buffer Overflow Critical: Highly critical Where: From remote Impact: System access Released: 2007-03-05 A vulnerability has been reported in Apache Tomcat JK Web Server Connector, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/24398/ -- [SA24394] Mani Stats Reader "ipath" File Inclusion Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2007-03-06 mozi has discovered a vulnerability in Mani Stats Reader, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/24394/ -- [SA24374] WordPress Command Execution and PHP "eval()" Injection Critical: Highly critical Where: From remote Impact: System access Released: 2007-03-05 Ivan Fratric has reported two vulnerabilities in WordPress, which can be exploited by malicious people to compromise vulnerable systems. Full Advisory: http://secunia.com/advisories/24374/ -- [SA24359] Apple QuickTime Multiple Vulnerabilities Critical: Highly critical Where: From remote Impact: System access Released: 2007-03-06 Some vulnerabilities have been reported in Apple QuickTime, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/24359/ -- [SA24357] Netrek Vanilla Server EVENTLOG Format String Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2007-03-02 A vulnerability has been reported in Netrek Vanilla Server, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/24357/ -- [SA24416] Enigmail "--status-fd" Incorrect GnuPG Usage Critical: Moderately critical Where: From remote Impact: Security Bypass Released: 2007-03-06 Gerardo Richarte has reported a vulnerability in Enigmail, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/24416/ -- [SA24411] Sava's GuestBook Script Insertion and SQL Injection Critical: Moderately critical Where: From remote Impact: Cross Site Scripting, Manipulation of data Released: 2007-03-06 Belsec Team has discovered some vulnerabilities in Sava's Guestbook, which can be exploited by malicious people to conduct script insertion and SQL injection attacks. Full Advisory: http://secunia.com/advisories/24411/ -- [SA24402] Simple Invoices PDF Print Preview Security Bypass Critical: Moderately critical Where: From remote Impact: Security Bypass Released: 2007-03-05 justin has reported a vulnerability in Simple Invoices, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/24402/ -- [SA24392] HyperBook Guestbook "data/gbconfiguration.dat" Information Disclosure Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information Released: 2007-03-06 SaO has discovered a security issue in HyperBook Guestbook, which can be exploited by malicious people to disclose sensitive information. Full Advisory: http://secunia.com/advisories/24392/ -- [SA24391] Kaspersky Anti-Virus Engine UPX Processing Denial of Service Critical: Moderately critical Where: From remote Impact: DoS Released: 2007-03-05 A vulnerability has been reported in Kaspersky's Anti-Virus engine, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/24391/ -- [SA24383] Ezstream Buffer Overflow Vulnerabilities Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2007-03-06 Some vulnerabilities have been reported in Ezstream, which can potentially be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/24383/ -- [SA24378] AJ Forum "td_id" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data, Exposure of sensitive information Released: 2007-03-05 ajann has reported a vulnerability in AJ Forum, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/24378/ -- [SA24376] AJDating "user_id" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2007-03-05 ajann has reported a vulnerability in AJDating, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/24376/ -- [SA24375] AJ Auction Pro "cate_id" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data, Exposure of sensitive information Released: 2007-03-05 ajann has reported a vulnerability in AJ Auction Pro, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/24375/ -- [SA24370] Conquest "metaGetServerList()" and "processPacket()" Vulnerabilities Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2007-03-07 Luigi Auriemma has reported some vulnerabilities in Conquest, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/24370/ -- [SA24366] SQL-Ledger Directory Traversal Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data, Exposure of sensitive information, System access Released: 2007-03-08 Some vulnerabilities have been reported in SQL-Ledger, which can potentially be exploited by malicious people to bypass certain security restrictions and to manipulate data, and by malicious users to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/24366/ -- [SA24363] LedgerSMB Multiple Vulnerabilities Critical: Moderately critical Where: From remote Impact: Security Bypass, Manipulation of data, System access Released: 2007-03-08 Some vulnerabilities have been reported in LedgerSMB, which can potentially be exploited by malicious people to bypass certain security restrictions or to manipulate data, and by malicious users to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/24363/ -- [SA24362] EMC NetWorker Management Console Weak Authentication Critical: Moderately critical Where: From local network Impact: Security Bypass Released: 2007-03-05 A vulnerability has been reported in EMC NetWorker, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/24362/ -- [SA24430] WordPress "demo" Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-03-07 Alexander Concha has discovered a vulnerability in WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/24430/ -- [SA24404] Woltlab Burning Board Lite register.php Cross-Site Scripting Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-03-07 Samenspender has discovered several vulnerabilities in Woltlab Burning Board Lite, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/24404/ -- [SA24399] VirtueMart Multiple Cross-Site Scripting Vulnerabilities Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-03-05 Some vulnerabilities have been reported in VirtueMart, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/24399/ -- [SA24396] Phorum "admin.php" Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-03-06 Hasadya Raed has discovered a vulnerability in Phorum, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/24396/ -- [SA24386] Woltlab Burning Board register.php Cross-Site Scripting Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-03-07 Samenspender has reported two vulnerabilities in Woltlab Burning Board, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/24386/ -- [SA24385] Tyger Bug Tracking System Multiple Vulnerabilities Critical: Less critical Where: From remote Impact: Cross Site Scripting, Manipulation of data Released: 2007-03-05 Some vulnerabilities have been reported in Tyger Bug Tracking System, which can be exploited by malicious people to conduct cross-site scripting attacks and by malicious users to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/24385/ -- [SA24373] ModSecurity POST Data NULL Byte Rule Bypass Critical: Less critical Where: From remote Impact: Security Bypass Released: 2007-03-07 Stefan Esser has discovered a vulnerability in ModSecurity, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/24373/ -- [SA24372] Drupal Nodefamily Module Profile Security Bypass Critical: Less critical Where: From remote Impact: Security Bypass, Manipulation of data Released: 2007-03-07 A vulnerability has been reported in the Nodefamily module for Drupal, which can be exploited by malicious users to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/24372/ -- [SA24364] Contelligent "MoveSortedContentAction" Security Bypass Critical: Less critical Where: From remote Impact: Security Bypass Released: 2007-03-02 A security issue has been reported in Contelligent, which can be exploited by malicious users to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/24364/ -- [SA24387] IBM DB2 Fenced UserID Directory Access Authentication Bypass Critical: Less critical Where: From local network Impact: Security Bypass Released: 2007-03-07 A security issue has been reported in IBM DB2, which can be exploited by malicious users to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/24387/ -- [SA24405] Avaya CMS / IR Sun Solaris rm Race Condition Vulnerability Critical: Less critical Where: Local system Impact: Manipulation of data, Privilege escalation Released: 2007-03-07 Avaya has acknowledged a vulnerability in Avaya CMS and IR, which can be exploited by malicious, local users to perform certain actions with escalated privileges. Full Advisory: http://secunia.com/advisories/24405/ -- [SA24356] PHP4 ZVAL Reference Counter Overflow and Cross-Site Scripting Critical: Less critical Where: Local system Impact: Security Bypass, Cross Site Scripting Released: 2007-03-05 Stefan Esser has discovered some vulnerabilities in PHP4, which can be exploited by malicious, local users to bypass certain security restrictions, and by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/24356/ ======================================================================== Secunia recommends that you verify all advisories you receive, by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Subscribe: http://secunia.com/secunia_weekly_summary/ Contact details: Web : http://secunia.com/ E-mail : support@private Tel : +45 70 20 51 44 Fax : +45 70 20 51 45 _________________________________________ Visit the InfoSec News Security Bookstore http://www.shopinfosecnews.org
This archive was generated by hypermail 2.1.3 : Fri Mar 09 2007 - 00:11:03 PST