[ISN] Secunia Weekly Summary - Issue: 2007-11

From: InfoSec News (alerts@private)
Date: Thu Mar 15 2007 - 22:21:06 PST


========================================================================

                  The Secunia Weekly Advisory Summary                  
                        2007-03-08 - 2007-03-15                        

                       This week: 56 advisories                        

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing

========================================================================
1) Word From Secunia:

Should you be interested in a career within Secunia, the current job
openings are available right now:

Security Sales Engineer:
http://corporate.secunia.com/about_secunia/54/

German Key Account Manager:
http://corporate.secunia.com/about_secunia/55/

International Account Manager - Enterprise Sales:
http://corporate.secunia.com/about_secunia/52/

International Sales Manager - IT Security Partner:
http://corporate.secunia.com/about_secunia/51/

Danish: Disassembling og Reversing
http://secunia.com/Disassembling_og_Reversing/

========================================================================
2) This Week in Brief:

A vulnerability in Internet Explorer (IE) 7 has been discovered, which
can be exploited to perform phishing attacks. An input validation
error exists in the local file "navcancl.htm" when generating the
"Refresh the page" link. An attacker can exploit this error to spoof
the contents of an arbitrary site when a user clicks on the "Refresh
the page" link.

Secunia has constructed a test that can be used to check if a browser
is vulnerable:
http://secunia.com/Internet_Explorer_7_navcancl.htm_Cross-Site_Scripting_Vulnerability/

This vulnerability is confirmed in IE7, and is currently unpatched.
Other versions may also be affected. As a temporary workaround, users
are advised not to click on the "Refresh the page" link when the
"Navigation Canceled" page is displayed.

For more information, refer to:
http://secunia.com/advisories/24535/

 --

An ActiveX control in the McAfee ePolicy Orchestrator and
ProtectionPilot is vulnerable to stack-based buffer overflows in
two of its methods. The "ExportSiteList()" and 
"VerifyPackageCatalog()" methods can be exploited by passing overly
long strings as argument to them, which may result in an attacker
executing arbitrary code on the vulnerable system.

McAfee has released patches for the vulnerable products, and advises
all users to update their software immediately.

For more information, refer to:
http://secunia.com/advisories/24466/

 --

Apple has released a security update that fixes more than thirty
vulnerabilities, most of which were reported in the Month of Apple
Bugs (MoAB) and Month of Kernel Bugs (MoKB) projects from a few
months back.

The vulnerabilities are reported in various applications, including
Apple Quickdraw, OpenSSH, AppleTalk, HFS+file system, Crash Reporter,
and others. Several of these vulnerabilities are capable of allowing
an attacker to execute arbitrary code on a system; thus Secunia has
rated its advisory as "Highly Critical".

All Mac users are advised to update their systems immediately. For
more information, refer to:
http://secunia.com/advisories/24479/

 --

VIRUS ALERTS:

During the past week Secunia collected 343 virus descriptions from the
Antivirus vendors. However, none were deemed MEDIUM risk or higher
according to the Secunia assessment scale.

========================================================================
3) This Weeks Top Ten Most Read Advisories:

1.  [SA24205] Mozilla Firefox Multiple Vulnerabilities
2.  [SA24359] Apple QuickTime Multiple Vulnerabilities
3.  [SA18787] Internet Explorer Drag-and-Drop Vulnerability
4.  [SA24466] McAfee ePolicy Orchestrator / ProtectionPilot ActiveX
              Control Buffer Overflows
5.  [SA23014] Internet Explorer "onunload" Event Spoofing Vulnerability
6.  [SA24452] TFTP Server TFTPDWIN Long Message Denial of Service
7.  [SA24436] Linux Kernel Omnikey CardMan 4040 Driver Buffer Overflow
8.  [SA24470] Trac "download wiki page as text" Cross-Site Scripting
              Vulnerability
9.  [SA24445] Novell Netmail WebAdmin Long Username Buffer Overflow
10. [SA24486] KTorrent Two Vulnerabilities

========================================================================
4) Vulnerabilities Summary Listing

Windows:
[SA24494] War FTP Daemon Unspecified Buffer Overflow Vulnerability
[SA24491] NewsBin Pro Article Processing yEncode "name" Buffer
Overflow
[SA24487] NewsReactor Article Processing yEncode "name" Buffer
Overflow
[SA24466] McAfee ePolicy Orchestrator / ProtectionPilot ActiveX Control
Buffer Overflows
[SA24502] X-ice Haber Sistemi "id" SQL Injection Vulnerability
[SA24488] Adobe JRun IIS 6 Connector Denial of Service
[SA24473] BP Blog "layout" SQL Injection Vulnerability
[SA24535] Internet Explorer 7 navcancl.htm Cross-Site Scripting
Vulnerability
[SA24475] Oracle "PROCESS_DUP_HANDLE" Privilege Escalation
Vulnerability

UNIX/Linux:
[SA24534] Dayfox Blog "cat" PHP Code Execution Vulnerability
[SA24533] Sun Solaris Adobe Acrobat Multiple Vulnerabilities
[SA24490] OpenBSD ICMP6 Packet "mbuf" Memory Corruption Vulnerability
[SA24479] Mac OS X Security Update Fixes Multiple Vulnerabilities
[SA24468] HP-UX update for JRE / JDK
[SA24462] Ubuntu update for xine-lib
[SA24516] Gentoo net-misc/ssh Vulnerability
[SA24515] Red Hat update for wireshark
[SA24514] SUSE update for php4 and php5
[SA24511] Debian update for gnupg
[SA24510] Gentoo update for amarok
[SA24498] Plash Sandboxed Process TIOCSTI ioctl() Privilege Escalation
[SA24496] SQL-Ledger "admin.pl" Authentication Bypass Vulnerability
[SA24492] Linux Kernel NULL Pointer Dereferences and Security Bypass
[SA24489] Fedora update for gnupg
[SA24486] KTorrent Two Vulnerabilities
[SA24480] AstroCam Message Queue Data Handling Denial of Service
[SA24477] HC Newssystem "ID" SQL Injection Vulnerability
[SA24459] Ubuntu update for ktorrent
[SA24531] Sun Java System Web Server Revoked Certificate Security
Bypass
[SA24530] Fedora update for cups
[SA24517] CUPS Incomplete SSL Negotiation Denial of Service
[SA24482] Mandriva update for kernel
[SA24518] Fedora update for kernel
[SA24493] Linux Kernel "ipv6_getsockopt_sticky()" DoS and Information
Leak
[SA24469] Gentoo update for smb4k
[SA24464] netperf "netperf.debug" Insecure File Creation Vulnerability
[SA24463] Gentoo update for kdelibs
[SA24497] Sun Java DMK JMX RMI-IIOP Security Issue

Other:


Cross Platform:
[SA24500] MySQL Commander "home" File Inclusion Vulnerability
[SA24481] CARE2X File Inclusion and Information Exposure
[SA24476] WORK system e-commerce "g_include" File Inclusion
Vulnerability
[SA24520] Zomplog "settings[skin]" Local File Inclusion Vulnerability
[SA24509] PHProjekt Multiple Vulnerabilities
[SA24504] PennMUSH "speak()" and "buy()" Denial of Service
[SA24495] FiSH Multiple Buffer Overflow Vulnerabilities
[SA24484] PHP-Nuke "lang" Local File Inclusion Vulnerability
[SA24474] SonicMailer Pro "list" SQL Injection Vulnerability
[SA24471] PECL zip Extension URL Buffer Overflow Vulnerability
[SA24467] LedgerSMB admin.pl Password Checks Vulnerability
[SA24485] WordPress "year" Cross-Site Scripting Vulnerability
[SA24483] MySQL Single-Row Subselect Denial of Service
[SA24470] Trac "download wiki page as text" Cross-Site Scripting
Vulnerability
[SA24461] PHPEcho CMS Admin Panel SQL Injection
[SA24505] PHP Session Handling Double Free Vulnerabilities
[SA24501] Zend Platform "ini_modifier" Password Bypass and Insecure
Permissions
[SA24503] vBulletin "Attached Before" SQL Injection Vulnerability

========================================================================
5) Vulnerabilities Content Listing

Windows:--

[SA24494] War FTP Daemon Unspecified Buffer Overflow Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-03-14

Immunity has reported a vulnerability in WarFTP Daemon, which
potentially can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/24494/

 --

[SA24491] NewsBin Pro Article Processing yEncode "name" Buffer
Overflow

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-03-13

Marsu Pilami has discovered a vulnerability in NewsBin Pro, which can
be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/24491/

 --

[SA24487] NewsReactor Article Processing yEncode "name" Buffer
Overflow

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-03-13

Marsu Pilami has discovered a vulnerability in NewsReactor, which can
be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/24487/

 --

[SA24466] McAfee ePolicy Orchestrator / ProtectionPilot ActiveX Control
Buffer Overflows

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-03-14

cocoruder has reported some vulnerabilities in McAfee ePolicy
Orchestrator and ProtectionPilot, which can be exploited by malicious
people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/24466/

 --

[SA24502] X-ice Haber Sistemi "id" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-03-14

CyberGhost has reported a vulnerability in X-ice Haber Sistemi, which
can be exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/24502/

 --

[SA24488] Adobe JRun IIS 6 Connector Denial of Service

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2007-03-14

A vulnerability has been reported in Adobe JRun, which potentially can
be exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/24488/

 --

[SA24473] BP Blog "layout" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-03-13

BeyazKurt has reported a vulnerability in BP Blog, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/24473/

 --

[SA24535] Internet Explorer 7 navcancl.htm Cross-Site Scripting
Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting, Spoofing
Released:    2007-03-15

Aviv Raff has discovered a vulnerability in Internet Explorer 7, which
can be exploited by malicious people to conduct phishing attacks.

Full Advisory:
http://secunia.com/advisories/24535/

 --

[SA24475] Oracle "PROCESS_DUP_HANDLE" Privilege Escalation
Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-03-12

Cesar Cerrudo has reported a vulnerability in Oracle Database 10, which
can be exploited by malicious, local users to gain escalated
privileges.

Full Advisory:
http://secunia.com/advisories/24475/


UNIX/Linux:--

[SA24534] Dayfox Blog "cat" PHP Code Execution Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-03-15

Dj7xpl has discovered a vulnerability in Dayfox Blog, which can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/24534/

 --

[SA24533] Sun Solaris Adobe Acrobat Multiple Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      Cross Site Scripting, System access
Released:    2007-03-15

Sun has acknowledged some vulnerabilities within the Adobe Reader,
which can be exploited by malicious people to conduct cross-site
scripting attacks and potentially compromise a user's system.

Full Advisory:
http://secunia.com/advisories/24533/

 --

[SA24490] OpenBSD ICMP6 Packet "mbuf" Memory Corruption Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-03-12

A vulnerability has been reported in OpenBSD, which can be exploited by
malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/24490/

 --

[SA24479] Mac OS X Security Update Fixes Multiple Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, Manipulation of
data, Exposure of sensitive information, Privilege escalation, DoS,
System access
Released:    2007-03-14

Apple has issued a security update for Mac OS X, which fixes multiple
vulnerabilities.

Full Advisory:
http://secunia.com/advisories/24479/

 --

[SA24468] HP-UX update for JRE / JDK

Critical:    Highly critical
Where:       From remote
Impact:      Privilege escalation, System access
Released:    2007-03-13

HP has issued an update for JRE / JDK. This fixes some vulnerabilities,
which can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/24468/

 --

[SA24462] Ubuntu update for xine-lib

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-03-13

Ubuntu has issued an update for xine-lib. This fixes some
vulnerabilities, which can be exploited by malicious people to
compromise a user's system.

Full Advisory:
http://secunia.com/advisories/24462/

 --

[SA24516] Gentoo net-misc/ssh Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2007-03-15

Gentoo has acknowledged a vulnerability in net-misc/ssh, which
potentially can be exploited by malicious users to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/24516/

 --

[SA24515] Red Hat update for wireshark

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2007-03-15

Red Hat has issued an update for wireshark. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/24515/

 --

[SA24514] SUSE update for php4 and php5

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Exposure of sensitive information, DoS,
System access
Released:    2007-03-15

SUSE has issued an update for php4 and php5. This fixes some
vulnerabilities, which can be exploited by malicious people to disclose
potentially sensitive information, bypass certain security restrictions,
cause a DoS (Denial of Service) and potentially compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/24514/

 --

[SA24511] Debian update for gnupg

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2007-03-14

Debian has issued an update for gnupg. This fixes a vulnerability,
which can be exploited by malicious people to bypass certain security
restrictions when applications use GnuPG in an insecure manner.

Full Advisory:
http://secunia.com/advisories/24511/

 --

[SA24510] Gentoo update for amarok

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2007-03-14

Gentoo has issued an update for amarok. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
user's system.

Full Advisory:
http://secunia.com/advisories/24510/

 --

[SA24498] Plash Sandboxed Process TIOCSTI ioctl() Privilege Escalation

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Privilege escalation
Released:    2007-03-12

Mark Seaborn has reported a vulnerability in Plash, which can be
exploited by malicious people to bypass certain security restrictions
and gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/24498/

 --

[SA24496] SQL-Ledger "admin.pl" Authentication Bypass Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2007-03-12

A vulnerability has been reported in SQL-Ledger, which can be exploited
by malicious people to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/24496/

 --

[SA24492] Linux Kernel NULL Pointer Dereferences and Security Bypass

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, DoS
Released:    2007-03-14

Some vulnerabilities have been reported in the Linux Kernel, which
potentially can be exploited by malicious people to bypass certain
security restrictions or cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/24492/

 --

[SA24489] Fedora update for gnupg

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2007-03-13

Fedora has issued an update for gnupg. This fixes a vulnerability,
which can be exploited by malicious people to bypass certain security
restrictions when applications use GnuPG in an insecure manner.

Full Advisory:
http://secunia.com/advisories/24489/

 --

[SA24486] KTorrent Two Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data, System access
Released:    2007-03-12

Two vulnerabilities have been reported in KTorrent, which can be
exploited by malicious people to overwrite arbitrary files on a user's
system or to potentially compromise a user's system.

Full Advisory:
http://secunia.com/advisories/24486/

 --

[SA24480] AstroCam Message Queue Data Handling Denial of Service

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2007-03-12

A vulnerability has been reported in AstroCam, which can be exploited
by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/24480/

 --

[SA24477] HC Newssystem "ID" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data, Exposure of sensitive information
Released:    2007-03-12

UniquE-Key{UniquE-Cracker} has discovered a vulnerability in HC
Newssystem, which can be exploited by malicious people to conduct SQL
injection attacks.

Full Advisory:
http://secunia.com/advisories/24477/

 --

[SA24459] Ubuntu update for ktorrent

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data, System access
Released:    2007-03-13

Ubuntu has issued an update for ktorrent. This fixes some
vulnerabilities, which can be exploited by malicious people to
overwrite arbitrary files on a user's system or to potentially
compromise a user's system.

Full Advisory:
http://secunia.com/advisories/24459/

 --

[SA24531] Sun Java System Web Server Revoked Certificate Security
Bypass

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass
Released:    2007-03-15

Sun has acknowledged a vulnerability in Sun Java System Web Server,
which can be exploited by malicious users to bypass certain security
restriction.

Full Advisory:
http://secunia.com/advisories/24531/

 --

[SA24530] Fedora update for cups

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2007-03-15

Fedora has issued an update for cups. This fixes a vulnerability, which
can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/24530/

 --

[SA24517] CUPS Incomplete SSL Negotiation Denial of Service

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2007-03-15

A vulnerability has been reported in CUPS, which can be exploited by
malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/24517/

 --

[SA24482] Mandriva update for kernel

Critical:    Less critical
Where:       From local network
Impact:      Privilege escalation, DoS
Released:    2007-03-12

Mandriva has issued an update for the kernel. This fixes some
vulnerabilities, which can be exploited by malicious, local users to
cause a DoS (Denial of Service) or potentially gain escalated
privileges, and by malicious people to cause a DoS.

Full Advisory:
http://secunia.com/advisories/24482/

 --

[SA24518] Fedora update for kernel

Critical:    Less critical
Where:       Local system
Impact:      Exposure of sensitive information, Privilege escalation,
DoS
Released:    2007-03-15

Fedora has issued an update for the kernel. This fixes some
vulnerabilities, which can be exploited by malicious, local users to
cause a DoS (Denial of Service), disclose potentially sensitive
information, and potentially gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/24518/

 --

[SA24493] Linux Kernel "ipv6_getsockopt_sticky()" DoS and Information
Leak

Critical:    Less critical
Where:       Local system
Impact:      Exposure of sensitive information, DoS
Released:    2007-03-12

A vulnerability has been reported in the Linux Kernel, which can be
exploited by malicious, local users to cause a DoS (Denial of Service)
or disclose potentially sensitive information.

Full Advisory:
http://secunia.com/advisories/24493/

 --

[SA24469] Gentoo update for smb4k

Critical:    Less critical
Where:       Local system
Impact:      Exposure of sensitive information, Privilege escalation,
DoS
Released:    2007-03-12

Gentoo has issued an update for smb4k. This fixes some vulnerabilities,
which can be exploited by malicious, local users to kill arbitrary
processes, disclose potentially sensitive information, and gain
escalated privileges.

Full Advisory:
http://secunia.com/advisories/24469/

 --

[SA24464] netperf "netperf.debug" Insecure File Creation Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-03-12

Ben Hutchings has discovered a vulnerability in netperf, which can be
exploited by malicious, local users to perform certain actions with
escalated privileges.

Full Advisory:
http://secunia.com/advisories/24464/

 --

[SA24463] Gentoo update for kdelibs

Critical:    Not critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-03-12

Gentoo has issued an update for kdelibs. This fixes a weakness, which
can potentially be exploited by malicious people to conduct cross-site
scripting attacks.

Full Advisory:
http://secunia.com/advisories/24463/

 --

[SA24497] Sun Java DMK JMX RMI-IIOP Security Issue

Critical:    Not critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-03-12

A security issue has been reported in Sun Java Dynamic Management Kit
(DMK), which can be exploited by malicious, local users to gain
escalated privileges.

Full Advisory:
http://secunia.com/advisories/24497/


Other:


Cross Platform:--

[SA24500] MySQL Commander "home" File Inclusion Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-03-14

M.Hasran Addahroni has discovered a vulnerability in MySQL Commander,
which can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/24500/

 --

[SA24481] CARE2X File Inclusion and Information Exposure

Critical:    Highly critical
Where:       From remote
Impact:      Exposure of system information, System access
Released:    2007-03-14

Some vulnerabilities have been discovered in CARE2X, which can be
exploited by malicious people to compromise vulnerable systems and to
disclose system information.

Full Advisory:
http://secunia.com/advisories/24481/

 --

[SA24476] WORK system e-commerce "g_include" File Inclusion
Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-03-12

Rodrigo Duarte has reported a vulnerability in WORK system e-commerce,
which can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/24476/

 --

[SA24520] Zomplog "settings[skin]" Local File Inclusion Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information
Released:    2007-03-15

Bl0od3r has discovered a vulnerability in Zomplog, which can be
exploited by malicious people to disclose sensitive information.

Full Advisory:
http://secunia.com/advisories/24520/

 --

[SA24509] PHProjekt Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Hijacking, Cross Site Scripting, Manipulation of data,
System access
Released:    2007-03-14

Some vulnerabilities have been reported in PHProjekt, which can be
exploited by malicious users to conduct cross-site scripting, script
insertion, cross-site request forgery, and SQL injection attacks and
potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/24509/

 --

[SA24504] PennMUSH "speak()" and "buy()" Denial of Service

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2007-03-13

Some vulnerabilities have been reported in PennMUSH, which can be
exploited by malicious users to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/24504/

 --

[SA24495] FiSH Multiple Buffer Overflow Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-03-12

ilja has reported some vulnerabilities in FiSH, which can be exploited
by malicious people to cause a DoS (Denial of Service) or potentially
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/24495/

 --

[SA24484] PHP-Nuke "lang" Local File Inclusion Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information
Released:    2007-03-12

Aleksandar has discovered a vulnerability in PHP-Nuke, which can be
exploited by malicious people to disclose sensitive information.

Full Advisory:
http://secunia.com/advisories/24484/

 --

[SA24474] SonicMailer Pro "list" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-03-12

ajann has reported a vulnerability in SonicMailer Pro, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/24474/

 --

[SA24471] PECL zip Extension URL Buffer Overflow Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2007-03-09

Stefan Esser has reported a vulnerability in the PECL zip Extension,
which can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/24471/

 --

[SA24467] LedgerSMB admin.pl Password Checks Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2007-03-09

A vulnerability has been reported in LedgerSMB, which can be exploited
by malicious people to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/24467/

 --

[SA24485] WordPress "year" Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-03-12

g30rg3_x has discovered a vulnerability in WordPress, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/24485/

 --

[SA24483] MySQL Single-Row Subselect Denial of Service

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2007-03-12

S. Streichbier and B. Mueller have reported a vulnerability in MySQL,
which can be exploited by malicious users to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/24483/

 --

[SA24470] Trac "download wiki page as text" Cross-Site Scripting
Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-03-09

A vulnerability has been reported in Trac, which can be exploited by
malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/24470/

 --

[SA24461] PHPEcho CMS Admin Panel SQL Injection

Critical:    Less critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-03-13

Some vulnerabilities have been reported in PHPEcho CMS, which can be
exploited by malicious users to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/24461/

 --

[SA24505] PHP Session Handling Double Free Vulnerabilities

Critical:    Less critical
Where:       Local system
Impact:      System access
Released:    2007-03-15

Stefan Esser has reported some vulnerabilities in PHP, which can be
exploited by malicious users people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/24505/

 --

[SA24501] Zend Platform "ini_modifier" Password Bypass and Insecure
Permissions

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-03-15

Stefan Esser has reported a vulnerability and a security issue in Zend
Platform, which can be exploited by malicious, local users to gain
escalated privileges.

Full Advisory:
http://secunia.com/advisories/24501/

 --

[SA24503] vBulletin "Attached Before" SQL Injection Vulnerability

Critical:    Not critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-03-14

A vulnerability has been reported in vBulletin, which can be exploited
by malicious users to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/24503/



========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Subscribe:
http://secunia.com/secunia_weekly_summary/

Contact details:
Web	: http://secunia.com/
E-mail	: support@private
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45


_________________________________________
Visit the InfoSec News Security Bookstore
http://www.shopinfosecnews.org



This archive was generated by hypermail 2.1.3 : Thu Mar 15 2007 - 22:36:35 PST