========================================================================
The Secunia Weekly Advisory Summary
2007-04-05 - 2007-04-12
This week: 60 advisories
========================================================================
Table of Contents:
1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing
========================================================================
1) Word From Secunia:
Should you be interested in a career within Secunia, the current job
openings are available right now:
Security Sales Engineer:
http://corporate.secunia.com/about_secunia/54/
German Key Account Manager:
http://corporate.secunia.com/about_secunia/55/
International Account Manager - Enterprise Sales:
http://corporate.secunia.com/about_secunia/52/
International Sales Manager - IT Security Partner:
http://corporate.secunia.com/about_secunia/51/
Danish: Disassembling og Reversing
http://secunia.com/Disassembling_og_Reversing/
Linux Security Specialist:
http://secunia.com/Linux_Security_Specialist/
========================================================================
2) This Week in Brief:
Microsoft Tuesday occurred this week, with the software giant releasing
Microsoft Security Bulletins 07-018 to 07-022 for various MS
vulnerabilities.
This patch release did not include last week's out-of-schedule patch
release for the .ANI cursor buffer overflow vulnerability that was the
latest in a line of 0-day attacks against Microsoft.
This Patch Tuesday release fixed six known vulnerabilities: one in the
OS kernel itself, one in Windows Vista, one in Windows XP's
plug-and-play system, two in the Microsoft CM Server, and one,
discovered by Secunia, in Microsoft Agent.
The CM Server vulnerabilities are considered by Secunia as "Highly
Critical", as they can be exploited to execute arbitrary code on a
vulnerable system. For more information, refer to:
http://secunia.com/advisories/24819/
The Windows XP Universal Plug and Play service encounters a boundary
error when processing certain headers in an HTTP request, which can be
exploited to cause a stack-based buffer overflow.
Successful exploitation allows an attacker to execute arbitrary code
with "Local service" privileges, hence Secunia has rated this
vulnerability as "Moderately critical". For more information, refer to:
http://secunia.com/advisories/24822/
Windows Vista has a vulnerability caused due to the incorrect
marshaling of system resources in the CSRSS when handling connections
during the startup and stopping of processes. The Windows Kernel's
Virtual DOS Machine is vulnerable to a race condition, which can result
in insecure permissions on a mapped memory segment.
Malicious, local users can exploit these vulnerabilities to run
arbitrary code with escalated privileges. Secunia has rated this
vulnerability as "Less critical" because of the limited pool of
attackers.
For more information:
http://secunia.com/advisories/24823/ (Windows Vista)
http://secunia.com/advisories/24834/ (Windows Kernel)
Secunia has constructed the Secunia Software Inspector, which you can
use to check if your system is missing any of the patches:
http://secunia.com/software_inspector/
--
Secunia Research has discovered a vulnerability in Microsoft Agent,
which has been patched by Microsoft this past Patch Tuesday.
The vulnerability results from an error in the way that Agent processes
specially crafted URLs as arguments to certain methods. Successful
exploitation allows an attacker to execute arbitrary code on a user's
system when, for example, the user visits a malicious website.
This vulnerability has been rated by Secunia as "Highly Critical".
For more information, refer to:
http://secunia.com/advisories/22896/
Secunia has constructed the Secunia Software Inspector, which you can
use to check if your system is missing this update:
http://secunia.com/software_inspector/
--
A vulnerability in an ActiveX control in Yahoo! Messenger was
disclosed this week,which could be used by malicious people to
compromise a user's system. It can be exploited by setting the
"socksHostname" and "hostName" properties to an overly large string
and then calling the "createAndJoinConference()" method, thus
resulting in a stack-based buffer overflow.
Secunia has rated this vulnerability as "Highly Critical" because
exploitation of the vulnerability is trivial. Yahoo! has released an
updated Yahoo! Messenger version, and users are advised to install the
update immediately.
For more information:
http://secunia.com/advisories/24742/
--
VIRUS ALERTS:
During the past week Secunia collected 152 virus descriptions from the
Antivirus vendors. However, none were deemed MEDIUM risk or higher
according to the Secunia assessment scale.
========================================================================
3) This Weeks Top Ten Most Read Advisories:
1. [SA24659] Microsoft Windows Animated Cursor Buffer Overflow
Vulnerability
2. [SA23370] Debian update for kernel
3. [SA22896] Microsoft Agent URL Parsing Memory Corruption
Vulnerability
4. [SA24778] Kaspersky Products Multiple Vulnerabilities
5. [SA24743] Mozilla Firefox Firebug Extension Two Cross-Context
Scripting Vulnerabilities
6. [SA22628] Internet Explorer 7 Window Injection Vulnerability
7. [SA18787] Internet Explorer Drag-and-Drop Vulnerability
8. [SA18649] Winamp Three Playlist Parsing Buffer Overflow
Vulnerabilities
9. [SA24788] VMware ESX Server Multiple Vulnerabilities
10. [SA24799] IBM OpenSSH for AIX Two Vulnerabilities
========================================================================
4) Vulnerabilities Summary Listing
Windows:
[SA24820] SignKorea SKCrypAX ActiveX Control Multiple Buffer Overflows
[SA24819] Microsoft Content Management Server Two Vulnerabilities
[SA24816] iPIX Image Well ActiveX Control Unspecified Buffer Overflows
[SA24872] FAC Guestbook Database Disclosure Security Issue
[SA24822] Microsoft Windows XP UPnP Memory Corruption Vulnerability
[SA24840] CompreXX Archive Handling Directory Traversal Vulnerability
[SA24827] ArchiveXpert Archive Handling Directory Traversal
Vulnerability
[SA24812] CMailServer Two Cross-Site Scripting Vulnerabilities
[SA24803] ICQ File Transfer Directory Traversal Vulnerability
[SA24834] Microsoft Windows Kernel Mapped Memory Insecure Permissions
[SA24823] Windows Vista CSRSS Privilege Escalation Vulnerability
UNIX/Linux:
[SA24863] Weatimages "ini[langpack]" File Inclusion Vulnerability
[SA24860] phpGalleryScript "include_class" File Inclusion
Vulnerability
[SA24851] SimpCMS Light "site" File Inclusion Vulnerability
[SA24810] rPath update for openoffice.org
[SA24809] Scorp Book "config" File Inclusion Vulnerability
[SA24805] Globus Toolkit GSI-OpenSSH Two Vulnerabilities
[SA24877] Opera Unspecified Flash Player Plug-In Vulnerability
[SA24856] Sun StarOffice and StarSuite 8 WordPerfect Vulnerability
[SA24845] CoSign POST Request Carriage Return Insertion
Vulnerabilities
[SA24841] Mandriva update for madwifi-source
[SA24839] Mandriva update for apache-mod_perl
[SA24838] Battle.net Clan Script "user" SQL Injection
[SA24836] AlstraSoft Video Share Enterprise SQL Injection and Missing
Authentication
[SA24833] Ubuntu update for ipsec-tools
[SA24817] SGI update for krb5
[SA24806] eBoard "GLOBALS[name]" Local File Inclusion Vulnerability
[SA24804] Debian update for xmms
[SA24864] bftpd GET/MGET File Transfer Denial of Service Vulnerability
[SA24861] DropAFew "id" SQL Injection, Calorie Log Disclosure and Link
Weaknesses
[SA24847] Ubuntu update for kdelibs and qt-x11-free
[SA24843] PunBB "referer" and Category Name Cross-Site Scripting
Vulnerabilities
[SA24808] Quagga "reachable/unreachable" NLRI Attributes Denial of
Service
[SA24855] HP-UX Portable File System Unspecified Privilege Escalation
[SA24850] Adobe ColdFusion MX Insecure Directory and File Permissions
[SA24828] Debian update for man-db
[SA24801] man-db "BROWSER" Privilege Escalation Vulnerability
[SA24854] Adobe Bridge Update Installation Unspecified Privilege
Escalation
Other:
[SA24830] Apple AirPort Extreme Base Station Two Weaknesses
Cross Platform:
[SA24846] CodeBreak "process_method" File Inclusion Vulnerability
[SA24842] Inout Mailing List Manager Multiple Vulnerabilities
[SA24835] Hiox Guestbook "from" PHP Code Execution Vulnerability
[SA24832] Request It : Song Request System "id" File Inclusion
Vulnerability
[SA24818] PHP121 Instant Messenger "php121dir" File Inclusion
Vulnerability
[SA24862] Crea-book Multiple SQL Injection Vulnerabilities
[SA24825] eCardMAX HotEditor "first" Local File Inclusion
[SA24815] IPsec Tools "isakmp_inf.c" Denial of Service
[SA24813] WitShare "menu" Local File Inclusion Vulnerability
[SA24811] Beryo "chemin" Directory Traversal Vulnerability
[SA24807] cattaDoc "download2.php" File Disclosure Vulnerability
[SA24802] SmodBIP "zoom" SQL Injection Vulnerability
[SA24876] Openads "adclick.php" HTTP Header Injection
[SA24874] TuMusika Evolution "msg" Cross-Site Scripting Vulnerability
[SA24848] Drupal Database Administration Module Multiple
Vulnerabilities
[SA24844] DeskPRO "username" Cross-Site Scripting Vulnerability
[SA24831] QuizShock "forward_to" Cross-Site Scripting
[SA24829] DotClear "post_id" / "tool_url" Cross-Site Scripting
Vulnerabilities
[SA24824] PHP "FILTER_VALIDATE_EMAIL" Filter Newline Injection
[SA24814] PHP "readwbmp()" Integer Overflow Vulnerability
[SA24800] Nuke ET "Your_Account" User Deletion Vulnerability
========================================================================
5) Vulnerabilities Content Listing
Windows:--
[SA24820] SignKorea SKCrypAX ActiveX Control Multiple Buffer Overflows
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2007-04-09
Sukhee Jung has reported some vulnerabilities in SignKorea's SKCrypAX
ActiveX control, which can be exploited by malicious people to
compromise a user's system.
Full Advisory:
http://secunia.com/advisories/24820/
--
[SA24819] Microsoft Content Management Server Two Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: Cross Site Scripting, System access
Released: 2007-04-10
Some vulnerabilities have been reported in Microsoft Content Management
Server, which can be exploited by malicious people to conduct cross-site
scripting attacks or compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/24819/
--
[SA24816] iPIX Image Well ActiveX Control Unspecified Buffer Overflows
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2007-04-10
Will Dormann has reported some vulnerabilities in iPIX Image Well
ActiveX control, which can be exploited by malicious people to
compromise a user's system.
Full Advisory:
http://secunia.com/advisories/24816/
--
[SA24872] FAC Guestbook Database Disclosure Security Issue
Critical: Moderately critical
Where: From remote
Impact: Exposure of sensitive information
Released: 2007-04-12
the_Edit0r has discovered a security issue in FAC Guestbook, which can
be exploited by malicious people to gain knowledge of potentially
sensitive information.
Full Advisory:
http://secunia.com/advisories/24872/
--
[SA24822] Microsoft Windows XP UPnP Memory Corruption Vulnerability
Critical: Moderately critical
Where: From local network
Impact: System access
Released: 2007-04-10
A vulnerability has been reported in Microsoft Windows, which can be
exploited by malicious people to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/24822/
--
[SA24840] CompreXX Archive Handling Directory Traversal Vulnerability
Critical: Less critical
Where: From remote
Impact: System access
Released: 2007-04-10
Hamid Ebadi has reported a vulnerability in CompreXX, which potentially
can be exploited by malicious people to compromise a user's system.
Full Advisory:
http://secunia.com/advisories/24840/
--
[SA24827] ArchiveXpert Archive Handling Directory Traversal
Vulnerability
Critical: Less critical
Where: From remote
Impact: System access
Released: 2007-04-09
Hamid Ebadi has discovered a vulnerability in ArchiveXpert, which
potentially can be exploited by malicious people to compromise a user's
system.
Full Advisory:
http://secunia.com/advisories/24827/
--
[SA24812] CMailServer Two Cross-Site Scripting Vulnerabilities
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2007-04-09
Two vulnerabilities have been discovered in CMailServer, which can be
exploited by malicious people to conduct cross-site scripting attacks.
Full Advisory:
http://secunia.com/advisories/24812/
--
[SA24803] ICQ File Transfer Directory Traversal Vulnerability
Critical: Less critical
Where: From remote
Impact: System access
Released: 2007-04-10
A vulnerability has been reported in ICQ, which potentially can be
exploited by malicious users to compromise another user's system.
Full Advisory:
http://secunia.com/advisories/24803/
--
[SA24834] Microsoft Windows Kernel Mapped Memory Insecure Permissions
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2007-04-10
eEye Digital Security has reported a vulnerability in Microsoft
Windows, which can be exploited by malicious, local users to gain
escalated privileges.
Full Advisory:
http://secunia.com/advisories/24834/
--
[SA24823] Windows Vista CSRSS Privilege Escalation Vulnerability
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2007-04-10
eEye Digital Security has reported a vulnerability in Windows Vista,
which can be exploited by malicious, local users to gain escalated
privileges.
Full Advisory:
http://secunia.com/advisories/24823/
UNIX/Linux:--
[SA24863] Weatimages "ini[langpack]" File Inclusion Vulnerability
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2007-04-11
Co-Sarper-Der has discovered a vulnerability in Weatimages, which can
be exploited by malicious people to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/24863/
--
[SA24860] phpGalleryScript "include_class" File Inclusion
Vulnerability
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2007-04-11
z12xxa has discovered a vulnerability in phpGalleryScript, which can be
exploited by malicious people to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/24860/
--
[SA24851] SimpCMS Light "site" File Inclusion Vulnerability
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2007-04-11
Dr.RoVeR has discovered a vulnerability in SimpCMS Light, which can be
exploited by malicious people to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/24851/
--
[SA24810] rPath update for openoffice.org
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2007-04-10
rPath has issued an update for openoffice.org. This fixes some
vulnerabilities, which can be exploited by malicious people to
compromise a user's system.
Full Advisory:
http://secunia.com/advisories/24810/
--
[SA24809] Scorp Book "config" File Inclusion Vulnerability
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2007-04-10
Dj7xpl has discovered a vulnerability in Scorp Book, which can be
exploited by malicious people to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/24809/
--
[SA24805] Globus Toolkit GSI-OpenSSH Two Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: DoS, System access
Released: 2007-04-10
Globus has acknowledged two vulnerabilities in GSI-OpenSSH, which can
be exploited by malicious people to cause a DoS (Denial of Service) or
to potentially compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/24805/
--
[SA24877] Opera Unspecified Flash Player Plug-In Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Unknown
Released: 2007-04-12
A vulnerability with an unknown impact has been reported in Opera.
Full Advisory:
http://secunia.com/advisories/24877/
--
[SA24856] Sun StarOffice and StarSuite 8 WordPerfect Vulnerability
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2007-04-11
Sun has acknowledged a vulnerability in StarOffice and StarSuite, which
can be exploited by malicious people to compromise a user's system.
Full Advisory:
http://secunia.com/advisories/24856/
--
[SA24845] CoSign POST Request Carriage Return Insertion
Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Hijacking, Security Bypass
Released: 2007-04-12
Jon Oberheide has reported two vulnerabilities in CoSign, which can be
exploited by malicious users to hijack other user sessions and by
malicious people to bypass certain security restrictions.
Full Advisory:
http://secunia.com/advisories/24845/
--
[SA24841] Mandriva update for madwifi-source
Critical: Moderately critical
Where: From remote
Impact: Exposure of sensitive information, DoS
Released: 2007-04-12
Mandriva has issued an update for madwifi-source. This fixes some
vulnerabilities, which can be exploited by malicious people to gain
knowledge of potentially sensitive information or cause a DoS (Denial
of Service).
Full Advisory:
http://secunia.com/advisories/24841/
--
[SA24839] Mandriva update for apache-mod_perl
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2007-04-12
Mandriva has issued an update for apache-mod_perl. This fixes a
vulnerability, which can be exploited by malicious people to cause a
DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/24839/
--
[SA24838] Battle.net Clan Script "user" SQL Injection
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2007-04-10
hacker_X has discovered a vulnerability in Battle.net Clan Script,
which can be exploited by malicious people to conduct SQL injection
attacks.
Full Advisory:
http://secunia.com/advisories/24838/
--
[SA24836] AlstraSoft Video Share Enterprise SQL Injection and Missing
Authentication
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data, Exposure of sensitive information
Released: 2007-04-10
VietMafia has reported some vulnerabilities in AlstraSoft Video Share
Enterprise, which can be exploited by malicious users to conduct SQL
injection attacks, and by malicious people to disclose or modify
sensitive information.
Full Advisory:
http://secunia.com/advisories/24836/
--
[SA24833] Ubuntu update for ipsec-tools
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2007-04-10
Ubuntu has issued an update for ipsec-tools. This fixes a
vulnerability, which can be exploited by malicious people to cause a
DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/24833/
--
[SA24817] SGI update for krb5
Critical: Moderately critical
Where: From remote
Impact: Security Bypass, DoS, System access
Released: 2007-04-09
SGI has issued an update for SGI Advanced Linux Environment. This fixes
some vulnerabilities, which can be exploited by malicious people to
bypass certain security restrictions and by malicious users to cause a
DoS (Denial of Service) or to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/24817/
--
[SA24806] eBoard "GLOBALS[name]" Local File Inclusion Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Exposure of sensitive information
Released: 2007-04-09
bd0rk has reported a vulnerability in eBoard module for PHP-Nuke, which
can be exploited by malicious people to disclose potentially sensitive
information.
Full Advisory:
http://secunia.com/advisories/24806/
--
[SA24804] Debian update for xmms
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2007-04-09
Debian has issued an update for xmms. This fixes two vulnerabilities,
which can be exploited by malicious people to compromise a user's
system.
Full Advisory:
http://secunia.com/advisories/24804/
--
[SA24864] bftpd GET/MGET File Transfer Denial of Service Vulnerability
Critical: Less critical
Where: From remote
Impact: DoS
Released: 2007-04-11
A vulnerability has been reported in bftpd, which can be exploited by
malicious users to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/24864/
--
[SA24861] DropAFew "id" SQL Injection, Calorie Log Disclosure and Link
Weaknesses
Critical: Less critical
Where: From remote
Impact: Exposure of sensitive information, Manipulation of data,
Security Bypass
Released: 2007-04-11
Alexander Klink has reported some vulnerabilities and weaknesses in
DropAFew, which can be exploited by malicious users to conduct SQL
injection attacks, disclose potentially sensitive information and
bypass certain security restrictions.
Full Advisory:
http://secunia.com/advisories/24861/
--
[SA24847] Ubuntu update for kdelibs and qt-x11-free
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2007-04-12
Ubuntu has issued an update for kdelibs and qt-x11-free. This fixes a
vulnerability, which potentially can be exploited by malicious people
to conduct cross-site scripting attacks.
Full Advisory:
http://secunia.com/advisories/24847/
--
[SA24843] PunBB "referer" and Category Name Cross-Site Scripting
Vulnerabilities
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2007-04-12
Some vulnerabilities have been reported in PunBB, which can be
exploited by malicious people to conduct cross-site scripting attacks.
Full Advisory:
http://secunia.com/advisories/24843/
--
[SA24808] Quagga "reachable/unreachable" NLRI Attributes Denial of
Service
Critical: Less critical
Where: From remote
Impact: DoS
Released: 2007-04-10
Paul Jakma has reported a vulnerability in Quagga, which can be
exploited by malicious users to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/24808/
--
[SA24855] HP-UX Portable File System Unspecified Privilege Escalation
Critical: Less critical
Where: From local network
Impact: Privilege escalation
Released: 2007-04-11
A vulnerability has been reported in HP-UX, which can be exploited by
malicious people to gain escalated privileges.
Full Advisory:
http://secunia.com/advisories/24855/
--
[SA24850] Adobe ColdFusion MX Insecure Directory and File Permissions
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2007-04-11
A security issue has been reported in Adobe ColdFusion MX, which can be
exploited by malicious, local users to gain escalated privileges.
Full Advisory:
http://secunia.com/advisories/24850/
--
[SA24828] Debian update for man-db
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2007-04-09
Debian has issued an update for man-db. This fixes a vulnerability,
which can be exploited by malicious, local users to gain escalated
privileges.
Full Advisory:
http://secunia.com/advisories/24828/
--
[SA24801] man-db "BROWSER" Privilege Escalation Vulnerability
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2007-04-09
Jochen Vo has reported a vulnerability in man-db, which can be
exploited by malicious, local users to gain escalated privileges.
Full Advisory:
http://secunia.com/advisories/24801/
--
[SA24854] Adobe Bridge Update Installation Unspecified Privilege
Escalation
Critical: Not critical
Where: Local system
Impact: Privilege escalation
Released: 2007-04-12
A vulnerability has been reported in Adobe Bridge, which potentially
can be exploited by malicious, local users to gain escalated
privileges.
Full Advisory:
http://secunia.com/advisories/24854/
Other:--
[SA24830] Apple AirPort Extreme Base Station Two Weaknesses
Critical: Less critical
Where: From remote
Impact: Security Bypass, Exposure of system information, Exposure
of sensitive information
Released: 2007-04-10
Two weaknesses have been reported in Apple AirPort Extreme Base
Station, which can be exploited by malicious people to bypass certain
security restrictions or to disclose certain sensitive information.
Full Advisory:
http://secunia.com/advisories/24830/
Cross Platform:--
[SA24846] CodeBreak "process_method" File Inclusion Vulnerability
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2007-04-12
John Martinelli has discovered a vulnerability in CodeBreak, which can
be exploited by malicious people to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/24846/
--
[SA24842] Inout Mailing List Manager Multiple Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: Security Bypass, Manipulation of data, System access
Released: 2007-04-11
BlackHawk has reported some vulnerabilities in Inout Mailing List
Manager, which can be exploited by malicious people to bypass certain
security restrictions, conduct SQL injection attacks, and potentially
to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/24842/
--
[SA24835] Hiox Guestbook "from" PHP Code Execution Vulnerability
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2007-04-12
Dj7xpl has discovered a vulnerability in Hiox Guestbook, which can be
exploited by malicious people to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/24835/
--
[SA24832] Request It : Song Request System "id" File Inclusion
Vulnerability
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2007-04-10
hackberry has reported a vulnerability in Request It : Song Request
System, which can be exploited by malicious people to compromise a
vulnerable system.
Full Advisory:
http://secunia.com/advisories/24832/
--
[SA24818] PHP121 Instant Messenger "php121dir" File Inclusion
Vulnerability
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2007-04-10
Dj7xpl has reported a vulnerability in PHP121 Instant Messenger, which
can be exploited by malicious people to compromise a vulnerable
system.
Full Advisory:
http://secunia.com/advisories/24818/
--
[SA24862] Crea-book Multiple SQL Injection Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2007-04-11
Some vulnerabilities have been reported in Crea-book, which can be
exploited by malicious people to conduct SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/24862/
--
[SA24825] eCardMAX HotEditor "first" Local File Inclusion
Critical: Moderately critical
Where: From remote
Impact: Exposure of sensitive information
Released: 2007-04-10
Liz0ziM has reported a vulnerability in eCardMAX HotEditor, which can
be exploited by malicious people to disclose sensitive information.
Full Advisory:
http://secunia.com/advisories/24825/
--
[SA24815] IPsec Tools "isakmp_inf.c" Denial of Service
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2007-04-10
A vulnerability has been reported in IPsec Tools, which can be
exploited by malicious people to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/24815/
--
[SA24813] WitShare "menu" Local File Inclusion Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Exposure of sensitive information
Released: 2007-04-09
the_Edit0r has discovered a vulnerability in WitShare, which can be
exploited by malicious people to disclose potentially sensitive
information.
Full Advisory:
http://secunia.com/advisories/24813/
--
[SA24811] Beryo "chemin" Directory Traversal Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Exposure of sensitive information
Released: 2007-04-10
GolD_M has discovered a vulnerability in Beryo, which can be exploited
by malicious people to disclose sensitive information.
Full Advisory:
http://secunia.com/advisories/24811/
--
[SA24807] cattaDoc "download2.php" File Disclosure Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Exposure of sensitive information
Released: 2007-04-10
GolD_M has discovered a vulnerability in cattaDoc, which can be
exploited by malicious people to disclose potentially sensitive
information.
Full Advisory:
http://secunia.com/advisories/24807/
--
[SA24802] SmodBIP "zoom" SQL Injection Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data, Exposure of sensitive information
Released: 2007-04-10
Kacper has reported a vulnerability in SmodBIP, which can be exploited
by malicious people to conduct SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/24802/
--
[SA24876] Openads "adclick.php" HTTP Header Injection
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2007-04-12
A vulnerability has been reported in Openads, which can be exploited by
malicious people to conduct HTTP header injection attacks.
Full Advisory:
http://secunia.com/advisories/24876/
--
[SA24874] TuMusika Evolution "msg" Cross-Site Scripting Vulnerability
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2007-04-12
the_Edit0r has discovered a vulnerability in TuMusika Evolution, which
can be exploited by malicious people to conduct cross-site scripting
attacks.
Full Advisory:
http://secunia.com/advisories/24874/
--
[SA24848] Drupal Database Administration Module Multiple
Vulnerabilities
Critical: Less critical
Where: From remote
Impact: Hijacking, Cross Site Scripting
Released: 2007-04-12
Some vulnerabilities have been reported in Database Administration
(dba) module, which can be exploited by malicious people to conduct
cross-site scripting and request forgery attacks.
Full Advisory:
http://secunia.com/advisories/24848/
--
[SA24844] DeskPRO "username" Cross-Site Scripting Vulnerability
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2007-04-10
John Martinelli has reported a vulnerability in DeskPRO, which can be
exploited by malicious people to conduct cross-site scripting attacks.
Full Advisory:
http://secunia.com/advisories/24844/
--
[SA24831] QuizShock "forward_to" Cross-Site Scripting
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2007-04-10
John Martinelli has reported a vulnerability in QuizShock, which can be
exploited by malicious people to conduct cross-site scripting attacks.
Full Advisory:
http://secunia.com/advisories/24831/
--
[SA24829] DotClear "post_id" / "tool_url" Cross-Site Scripting
Vulnerabilities
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2007-04-11
nassim has reported some vulnerabilities in DotClear, which can be
exploited by malicious people to conduct cross-site scripting attacks.
Full Advisory:
http://secunia.com/advisories/24829/
--
[SA24824] PHP "FILTER_VALIDATE_EMAIL" Filter Newline Injection
Critical: Less critical
Where: From remote
Impact: Security Bypass
Released: 2007-04-09
Stefan Esser has reported a vulnerability in PHP, which can be
exploited by malicious people to bypass certain security restrictions.
Full Advisory:
http://secunia.com/advisories/24824/
--
[SA24814] PHP "readwbmp()" Integer Overflow Vulnerability
Critical: Less critical
Where: From remote
Impact: DoS
Released: 2007-04-10
Ivan Fratric has reported a vulnerability in PHP, which potentially can
be exploited by malicious people to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/24814/
--
[SA24800] Nuke ET "Your_Account" User Deletion Vulnerability
Critical: Less critical
Where: From remote
Impact: Manipulation of data
Released: 2007-04-06
mrzayas has reported a vulnerability in Nuke ET, which can be exploited
by malicious people to delete arbitrary users.
Full Advisory:
http://secunia.com/advisories/24800/
========================================================================
Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Subscribe:
http://secunia.com/secunia_weekly_summary/
Contact details:
Web : http://secunia.com/
E-mail : support@private
Tel : +45 70 20 51 44
Fax : +45 70 20 51 45
__________________________
Subscribe to InfoSec News
http://www.infosecnews.org
This archive was generated by hypermail 2.1.3 : Fri Apr 13 2007 - 00:35:32 PDT