======================================================================== The Secunia Weekly Advisory Summary 2007-03-08 - 2007-03-15 This week: 56 advisories ======================================================================== Table of Contents: 1.....................................................Word From Secunia 2....................................................This Week In Brief 3...............................This Weeks Top Ten Most Read Advisories 4.......................................Vulnerabilities Summary Listing 5.......................................Vulnerabilities Content Listing ======================================================================== 1) Word From Secunia: Should you be interested in a career within Secunia, the current job openings are available right now: Security Sales Engineer: http://corporate.secunia.com/about_secunia/54/ German Key Account Manager: http://corporate.secunia.com/about_secunia/55/ International Account Manager - Enterprise Sales: http://corporate.secunia.com/about_secunia/52/ International Sales Manager - IT Security Partner: http://corporate.secunia.com/about_secunia/51/ Danish: Disassembling og Reversing http://secunia.com/Disassembling_og_Reversing/ ======================================================================== 2) This Week in Brief: A vulnerability in Internet Explorer (IE) 7 has been discovered, which can be exploited to perform phishing attacks. An input validation error exists in the local file "navcancl.htm" when generating the "Refresh the page" link. An attacker can exploit this error to spoof the contents of an arbitrary site when a user clicks on the "Refresh the page" link. Secunia has constructed a test that can be used to check if a browser is vulnerable: http://secunia.com/Internet_Explorer_7_navcancl.htm_Cross-Site_Scripting_Vulnerability/ This vulnerability is confirmed in IE7, and is currently unpatched. Other versions may also be affected. As a temporary workaround, users are advised not to click on the "Refresh the page" link when the "Navigation Canceled" page is displayed. For more information, refer to: http://secunia.com/advisories/24535/ -- An ActiveX control in the McAfee ePolicy Orchestrator and ProtectionPilot is vulnerable to stack-based buffer overflows in two of its methods. The "ExportSiteList()" and "VerifyPackageCatalog()" methods can be exploited by passing overly long strings as argument to them, which may result in an attacker executing arbitrary code on the vulnerable system. McAfee has released patches for the vulnerable products, and advises all users to update their software immediately. For more information, refer to: http://secunia.com/advisories/24466/ -- Apple has released a security update that fixes more than thirty vulnerabilities, most of which were reported in the Month of Apple Bugs (MoAB) and Month of Kernel Bugs (MoKB) projects from a few months back. The vulnerabilities are reported in various applications, including Apple Quickdraw, OpenSSH, AppleTalk, HFS+file system, Crash Reporter, and others. Several of these vulnerabilities are capable of allowing an attacker to execute arbitrary code on a system; thus Secunia has rated its advisory as "Highly Critical". All Mac users are advised to update their systems immediately. For more information, refer to: http://secunia.com/advisories/24479/ -- VIRUS ALERTS: During the past week Secunia collected 343 virus descriptions from the Antivirus vendors. However, none were deemed MEDIUM risk or higher according to the Secunia assessment scale. ======================================================================== 3) This Weeks Top Ten Most Read Advisories: 1. [SA24205] Mozilla Firefox Multiple Vulnerabilities 2. [SA24359] Apple QuickTime Multiple Vulnerabilities 3. [SA18787] Internet Explorer Drag-and-Drop Vulnerability 4. [SA24466] McAfee ePolicy Orchestrator / ProtectionPilot ActiveX Control Buffer Overflows 5. [SA23014] Internet Explorer "onunload" Event Spoofing Vulnerability 6. [SA24452] TFTP Server TFTPDWIN Long Message Denial of Service 7. [SA24436] Linux Kernel Omnikey CardMan 4040 Driver Buffer Overflow 8. [SA24470] Trac "download wiki page as text" Cross-Site Scripting Vulnerability 9. [SA24445] Novell Netmail WebAdmin Long Username Buffer Overflow 10. [SA24486] KTorrent Two Vulnerabilities ======================================================================== 4) Vulnerabilities Summary Listing Windows: [SA24494] War FTP Daemon Unspecified Buffer Overflow Vulnerability [SA24491] NewsBin Pro Article Processing yEncode "name" Buffer Overflow [SA24487] NewsReactor Article Processing yEncode "name" Buffer Overflow [SA24466] McAfee ePolicy Orchestrator / ProtectionPilot ActiveX Control Buffer Overflows [SA24502] X-ice Haber Sistemi "id" SQL Injection Vulnerability [SA24488] Adobe JRun IIS 6 Connector Denial of Service [SA24473] BP Blog "layout" SQL Injection Vulnerability [SA24535] Internet Explorer 7 navcancl.htm Cross-Site Scripting Vulnerability [SA24475] Oracle "PROCESS_DUP_HANDLE" Privilege Escalation Vulnerability UNIX/Linux: [SA24534] Dayfox Blog "cat" PHP Code Execution Vulnerability [SA24533] Sun Solaris Adobe Acrobat Multiple Vulnerabilities [SA24490] OpenBSD ICMP6 Packet "mbuf" Memory Corruption Vulnerability [SA24479] Mac OS X Security Update Fixes Multiple Vulnerabilities [SA24468] HP-UX update for JRE / JDK [SA24462] Ubuntu update for xine-lib [SA24516] Gentoo net-misc/ssh Vulnerability [SA24515] Red Hat update for wireshark [SA24514] SUSE update for php4 and php5 [SA24511] Debian update for gnupg [SA24510] Gentoo update for amarok [SA24498] Plash Sandboxed Process TIOCSTI ioctl() Privilege Escalation [SA24496] SQL-Ledger "admin.pl" Authentication Bypass Vulnerability [SA24492] Linux Kernel NULL Pointer Dereferences and Security Bypass [SA24489] Fedora update for gnupg [SA24486] KTorrent Two Vulnerabilities [SA24480] AstroCam Message Queue Data Handling Denial of Service [SA24477] HC Newssystem "ID" SQL Injection Vulnerability [SA24459] Ubuntu update for ktorrent [SA24531] Sun Java System Web Server Revoked Certificate Security Bypass [SA24530] Fedora update for cups [SA24517] CUPS Incomplete SSL Negotiation Denial of Service [SA24482] Mandriva update for kernel [SA24518] Fedora update for kernel [SA24493] Linux Kernel "ipv6_getsockopt_sticky()" DoS and Information Leak [SA24469] Gentoo update for smb4k [SA24464] netperf "netperf.debug" Insecure File Creation Vulnerability [SA24463] Gentoo update for kdelibs [SA24497] Sun Java DMK JMX RMI-IIOP Security Issue Other: Cross Platform: [SA24500] MySQL Commander "home" File Inclusion Vulnerability [SA24481] CARE2X File Inclusion and Information Exposure [SA24476] WORK system e-commerce "g_include" File Inclusion Vulnerability [SA24520] Zomplog "settings[skin]" Local File Inclusion Vulnerability [SA24509] PHProjekt Multiple Vulnerabilities [SA24504] PennMUSH "speak()" and "buy()" Denial of Service [SA24495] FiSH Multiple Buffer Overflow Vulnerabilities [SA24484] PHP-Nuke "lang" Local File Inclusion Vulnerability [SA24474] SonicMailer Pro "list" SQL Injection Vulnerability [SA24471] PECL zip Extension URL Buffer Overflow Vulnerability [SA24467] LedgerSMB admin.pl Password Checks Vulnerability [SA24485] WordPress "year" Cross-Site Scripting Vulnerability [SA24483] MySQL Single-Row Subselect Denial of Service [SA24470] Trac "download wiki page as text" Cross-Site Scripting Vulnerability [SA24461] PHPEcho CMS Admin Panel SQL Injection [SA24505] PHP Session Handling Double Free Vulnerabilities [SA24501] Zend Platform "ini_modifier" Password Bypass and Insecure Permissions [SA24503] vBulletin "Attached Before" SQL Injection Vulnerability ======================================================================== 5) Vulnerabilities Content Listing Windows:-- [SA24494] War FTP Daemon Unspecified Buffer Overflow Vulnerability Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2007-03-14 Immunity has reported a vulnerability in WarFTP Daemon, which potentially can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/24494/ -- [SA24491] NewsBin Pro Article Processing yEncode "name" Buffer Overflow Critical: Highly critical Where: From remote Impact: System access Released: 2007-03-13 Marsu Pilami has discovered a vulnerability in NewsBin Pro, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/24491/ -- [SA24487] NewsReactor Article Processing yEncode "name" Buffer Overflow Critical: Highly critical Where: From remote Impact: System access Released: 2007-03-13 Marsu Pilami has discovered a vulnerability in NewsReactor, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/24487/ -- [SA24466] McAfee ePolicy Orchestrator / ProtectionPilot ActiveX Control Buffer Overflows Critical: Highly critical Where: From remote Impact: System access Released: 2007-03-14 cocoruder has reported some vulnerabilities in McAfee ePolicy Orchestrator and ProtectionPilot, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/24466/ -- [SA24502] X-ice Haber Sistemi "id" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2007-03-14 CyberGhost has reported a vulnerability in X-ice Haber Sistemi, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/24502/ -- [SA24488] Adobe JRun IIS 6 Connector Denial of Service Critical: Moderately critical Where: From remote Impact: DoS Released: 2007-03-14 A vulnerability has been reported in Adobe JRun, which potentially can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/24488/ -- [SA24473] BP Blog "layout" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2007-03-13 BeyazKurt has reported a vulnerability in BP Blog, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/24473/ -- [SA24535] Internet Explorer 7 navcancl.htm Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting, Spoofing Released: 2007-03-15 Aviv Raff has discovered a vulnerability in Internet Explorer 7, which can be exploited by malicious people to conduct phishing attacks. Full Advisory: http://secunia.com/advisories/24535/ -- [SA24475] Oracle "PROCESS_DUP_HANDLE" Privilege Escalation Vulnerability Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2007-03-12 Cesar Cerrudo has reported a vulnerability in Oracle Database 10, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/24475/ UNIX/Linux:-- [SA24534] Dayfox Blog "cat" PHP Code Execution Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2007-03-15 Dj7xpl has discovered a vulnerability in Dayfox Blog, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/24534/ -- [SA24533] Sun Solaris Adobe Acrobat Multiple Vulnerabilities Critical: Highly critical Where: From remote Impact: Cross Site Scripting, System access Released: 2007-03-15 Sun has acknowledged some vulnerabilities within the Adobe Reader, which can be exploited by malicious people to conduct cross-site scripting attacks and potentially compromise a user's system. Full Advisory: http://secunia.com/advisories/24533/ -- [SA24490] OpenBSD ICMP6 Packet "mbuf" Memory Corruption Vulnerability Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2007-03-12 A vulnerability has been reported in OpenBSD, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/24490/ -- [SA24479] Mac OS X Security Update Fixes Multiple Vulnerabilities Critical: Highly critical Where: From remote Impact: Security Bypass, Cross Site Scripting, Manipulation of data, Exposure of sensitive information, Privilege escalation, DoS, System access Released: 2007-03-14 Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities. Full Advisory: http://secunia.com/advisories/24479/ -- [SA24468] HP-UX update for JRE / JDK Critical: Highly critical Where: From remote Impact: Privilege escalation, System access Released: 2007-03-13 HP has issued an update for JRE / JDK. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/24468/ -- [SA24462] Ubuntu update for xine-lib Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2007-03-13 Ubuntu has issued an update for xine-lib. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/24462/ -- [SA24516] Gentoo net-misc/ssh Vulnerability Critical: Moderately critical Where: From remote Impact: System access Released: 2007-03-15 Gentoo has acknowledged a vulnerability in net-misc/ssh, which potentially can be exploited by malicious users to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/24516/ -- [SA24515] Red Hat update for wireshark Critical: Moderately critical Where: From remote Impact: DoS Released: 2007-03-15 Red Hat has issued an update for wireshark. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/24515/ -- [SA24514] SUSE update for php4 and php5 Critical: Moderately critical Where: From remote Impact: Security Bypass, Exposure of sensitive information, DoS, System access Released: 2007-03-15 SUSE has issued an update for php4 and php5. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service) and potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/24514/ -- [SA24511] Debian update for gnupg Critical: Moderately critical Where: From remote Impact: Security Bypass Released: 2007-03-14 Debian has issued an update for gnupg. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions when applications use GnuPG in an insecure manner. Full Advisory: http://secunia.com/advisories/24511/ -- [SA24510] Gentoo update for amarok Critical: Moderately critical Where: From remote Impact: System access Released: 2007-03-14 Gentoo has issued an update for amarok. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/24510/ -- [SA24498] Plash Sandboxed Process TIOCSTI ioctl() Privilege Escalation Critical: Moderately critical Where: From remote Impact: Security Bypass, Privilege escalation Released: 2007-03-12 Mark Seaborn has reported a vulnerability in Plash, which can be exploited by malicious people to bypass certain security restrictions and gain escalated privileges. Full Advisory: http://secunia.com/advisories/24498/ -- [SA24496] SQL-Ledger "admin.pl" Authentication Bypass Vulnerability Critical: Moderately critical Where: From remote Impact: Security Bypass Released: 2007-03-12 A vulnerability has been reported in SQL-Ledger, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/24496/ -- [SA24492] Linux Kernel NULL Pointer Dereferences and Security Bypass Critical: Moderately critical Where: From remote Impact: Security Bypass, DoS Released: 2007-03-14 Some vulnerabilities have been reported in the Linux Kernel, which potentially can be exploited by malicious people to bypass certain security restrictions or cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/24492/ -- [SA24489] Fedora update for gnupg Critical: Moderately critical Where: From remote Impact: Security Bypass Released: 2007-03-13 Fedora has issued an update for gnupg. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions when applications use GnuPG in an insecure manner. Full Advisory: http://secunia.com/advisories/24489/ -- [SA24486] KTorrent Two Vulnerabilities Critical: Moderately critical Where: From remote Impact: Manipulation of data, System access Released: 2007-03-12 Two vulnerabilities have been reported in KTorrent, which can be exploited by malicious people to overwrite arbitrary files on a user's system or to potentially compromise a user's system. Full Advisory: http://secunia.com/advisories/24486/ -- [SA24480] AstroCam Message Queue Data Handling Denial of Service Critical: Moderately critical Where: From remote Impact: DoS Released: 2007-03-12 A vulnerability has been reported in AstroCam, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/24480/ -- [SA24477] HC Newssystem "ID" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data, Exposure of sensitive information Released: 2007-03-12 UniquE-Key{UniquE-Cracker} has discovered a vulnerability in HC Newssystem, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/24477/ -- [SA24459] Ubuntu update for ktorrent Critical: Moderately critical Where: From remote Impact: Manipulation of data, System access Released: 2007-03-13 Ubuntu has issued an update for ktorrent. This fixes some vulnerabilities, which can be exploited by malicious people to overwrite arbitrary files on a user's system or to potentially compromise a user's system. Full Advisory: http://secunia.com/advisories/24459/ -- [SA24531] Sun Java System Web Server Revoked Certificate Security Bypass Critical: Less critical Where: From remote Impact: Security Bypass Released: 2007-03-15 Sun has acknowledged a vulnerability in Sun Java System Web Server, which can be exploited by malicious users to bypass certain security restriction. Full Advisory: http://secunia.com/advisories/24531/ -- [SA24530] Fedora update for cups Critical: Less critical Where: From local network Impact: DoS Released: 2007-03-15 Fedora has issued an update for cups. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/24530/ -- [SA24517] CUPS Incomplete SSL Negotiation Denial of Service Critical: Less critical Where: From local network Impact: DoS Released: 2007-03-15 A vulnerability has been reported in CUPS, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/24517/ -- [SA24482] Mandriva update for kernel Critical: Less critical Where: From local network Impact: Privilege escalation, DoS Released: 2007-03-12 Mandriva has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or potentially gain escalated privileges, and by malicious people to cause a DoS. Full Advisory: http://secunia.com/advisories/24482/ -- [SA24518] Fedora update for kernel Critical: Less critical Where: Local system Impact: Exposure of sensitive information, Privilege escalation, DoS Released: 2007-03-15 Fedora has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, and potentially gain escalated privileges. Full Advisory: http://secunia.com/advisories/24518/ -- [SA24493] Linux Kernel "ipv6_getsockopt_sticky()" DoS and Information Leak Critical: Less critical Where: Local system Impact: Exposure of sensitive information, DoS Released: 2007-03-12 A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or disclose potentially sensitive information. Full Advisory: http://secunia.com/advisories/24493/ -- [SA24469] Gentoo update for smb4k Critical: Less critical Where: Local system Impact: Exposure of sensitive information, Privilege escalation, DoS Released: 2007-03-12 Gentoo has issued an update for smb4k. This fixes some vulnerabilities, which can be exploited by malicious, local users to kill arbitrary processes, disclose potentially sensitive information, and gain escalated privileges. Full Advisory: http://secunia.com/advisories/24469/ -- [SA24464] netperf "netperf.debug" Insecure File Creation Vulnerability Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2007-03-12 Ben Hutchings has discovered a vulnerability in netperf, which can be exploited by malicious, local users to perform certain actions with escalated privileges. Full Advisory: http://secunia.com/advisories/24464/ -- [SA24463] Gentoo update for kdelibs Critical: Not critical Where: From remote Impact: Cross Site Scripting Released: 2007-03-12 Gentoo has issued an update for kdelibs. This fixes a weakness, which can potentially be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/24463/ -- [SA24497] Sun Java DMK JMX RMI-IIOP Security Issue Critical: Not critical Where: Local system Impact: Privilege escalation Released: 2007-03-12 A security issue has been reported in Sun Java Dynamic Management Kit (DMK), which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/24497/ Other: Cross Platform:-- [SA24500] MySQL Commander "home" File Inclusion Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2007-03-14 M.Hasran Addahroni has discovered a vulnerability in MySQL Commander, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/24500/ -- [SA24481] CARE2X File Inclusion and Information Exposure Critical: Highly critical Where: From remote Impact: Exposure of system information, System access Released: 2007-03-14 Some vulnerabilities have been discovered in CARE2X, which can be exploited by malicious people to compromise vulnerable systems and to disclose system information. Full Advisory: http://secunia.com/advisories/24481/ -- [SA24476] WORK system e-commerce "g_include" File Inclusion Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2007-03-12 Rodrigo Duarte has reported a vulnerability in WORK system e-commerce, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/24476/ -- [SA24520] Zomplog "settings[skin]" Local File Inclusion Vulnerability Critical: Moderately critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information Released: 2007-03-15 Bl0od3r has discovered a vulnerability in Zomplog, which can be exploited by malicious people to disclose sensitive information. Full Advisory: http://secunia.com/advisories/24520/ -- [SA24509] PHProjekt Multiple Vulnerabilities Critical: Moderately critical Where: From remote Impact: Hijacking, Cross Site Scripting, Manipulation of data, System access Released: 2007-03-14 Some vulnerabilities have been reported in PHProjekt, which can be exploited by malicious users to conduct cross-site scripting, script insertion, cross-site request forgery, and SQL injection attacks and potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/24509/ -- [SA24504] PennMUSH "speak()" and "buy()" Denial of Service Critical: Moderately critical Where: From remote Impact: DoS Released: 2007-03-13 Some vulnerabilities have been reported in PennMUSH, which can be exploited by malicious users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/24504/ -- [SA24495] FiSH Multiple Buffer Overflow Vulnerabilities Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2007-03-12 ilja has reported some vulnerabilities in FiSH, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/24495/ -- [SA24484] PHP-Nuke "lang" Local File Inclusion Vulnerability Critical: Moderately critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information Released: 2007-03-12 Aleksandar has discovered a vulnerability in PHP-Nuke, which can be exploited by malicious people to disclose sensitive information. Full Advisory: http://secunia.com/advisories/24484/ -- [SA24474] SonicMailer Pro "list" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2007-03-12 ajann has reported a vulnerability in SonicMailer Pro, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/24474/ -- [SA24471] PECL zip Extension URL Buffer Overflow Vulnerability Critical: Moderately critical Where: From remote Impact: System access Released: 2007-03-09 Stefan Esser has reported a vulnerability in the PECL zip Extension, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/24471/ -- [SA24467] LedgerSMB admin.pl Password Checks Vulnerability Critical: Moderately critical Where: From remote Impact: Security Bypass Released: 2007-03-09 A vulnerability has been reported in LedgerSMB, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/24467/ -- [SA24485] WordPress "year" Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-03-12 g30rg3_x has discovered a vulnerability in WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/24485/ -- [SA24483] MySQL Single-Row Subselect Denial of Service Critical: Less critical Where: From remote Impact: DoS Released: 2007-03-12 S. Streichbier and B. Mueller have reported a vulnerability in MySQL, which can be exploited by malicious users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/24483/ -- [SA24470] Trac "download wiki page as text" Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-03-09 A vulnerability has been reported in Trac, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/24470/ -- [SA24461] PHPEcho CMS Admin Panel SQL Injection Critical: Less critical Where: From remote Impact: Manipulation of data Released: 2007-03-13 Some vulnerabilities have been reported in PHPEcho CMS, which can be exploited by malicious users to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/24461/ -- [SA24505] PHP Session Handling Double Free Vulnerabilities Critical: Less critical Where: Local system Impact: System access Released: 2007-03-15 Stefan Esser has reported some vulnerabilities in PHP, which can be exploited by malicious users people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/24505/ -- [SA24501] Zend Platform "ini_modifier" Password Bypass and Insecure Permissions Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2007-03-15 Stefan Esser has reported a vulnerability and a security issue in Zend Platform, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/24501/ -- [SA24503] vBulletin "Attached Before" SQL Injection Vulnerability Critical: Not critical Where: From remote Impact: Manipulation of data Released: 2007-03-14 A vulnerability has been reported in vBulletin, which can be exploited by malicious users to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/24503/ ======================================================================== Secunia recommends that you verify all advisories you receive, by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Subscribe: http://secunia.com/secunia_weekly_summary/ Contact details: Web : http://secunia.com/ E-mail : support@private Tel : +45 70 20 51 44 Fax : +45 70 20 51 45 _________________________________________ Visit the InfoSec News Security Bookstore http://www.shopinfosecnews.org
This archive was generated by hypermail 2.1.3 : Thu Mar 15 2007 - 22:36:35 PST