[ISN] Secunia Weekly Summary - Issue: 2007-18

From: InfoSec News (alerts@private)
Date: Thu May 03 2007 - 23:21:24 PDT


========================================================================

                  The Secunia Weekly Advisory Summary                  
                        2007-04-26 - 2007-05-03                        

                       This week: 57 advisories                        

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing

========================================================================
1) Word From Secunia:

BETA TEST: The Network Software Inspector

Try a new way to discover vulnerabilities that ALREADY EXIST in your
IT infrastructure.

Join the FREE BETA test of the Network Software Inspector (NSI)!
http://secunia.com/network_software_Inspector/

The NSI enables you to INSPECT, DISCOVER, and DOCUMENT
vulnerabilities in more than 4,000 different Windows applications.

 --

NEW BLOG ENTRY
 
Last December, Secunia released the Software Inspector, a
revolutionary tool that changed the way users all across the globe
identified missing security updates.

Since then, over 300,000 inspections has been made using the Software
Inspector. Secunia has received hundreds of emails with feedback,
feature requests, and suggestions, all of which were thoroughly read
and taken note of. Because of these, Secunia is able to finetune and
improve the Software Inspector so that it can be a better tool for
computer users everywhere.

Now, Secunia is planning to release the Network Software Inspector
(NSI) which basically is an expanded version of the Software Inspector
geared for scanning on internal corporate networks.

Read More:
http://secunia.com/blog/9/

========================================================================
2) This Week in Brief:

The Month of ActiveX Bugs project was launched in the beginning of the
month, with what even the reporter claimed was just another Denial of
Service bug in a Powerpoint viewer. However, Secunia Research was able
to confirm that it was remotely exploitable, due to boundary errors
within several areas in the code. These errors could be exploited to
cause stack-based buffer overflows by passing long arguments to certain
vulnerable methods.

The vulnerable code was also confirmed to be in the Excel viewer and
Word viewer products all from the same vendor. These vulnerabilities
remain unpatched, and successful exploitation can occur if a user is
tricked into visiting a malicious website. Secunia urges users to
refrain from browsing untrusted websites.

For more information, please refer to:
http://secunia.com/advisories/25092/
http://secunia.com/advisories/25077/
http://secunia.com/advisories/25100/

 --

Several vulnerabilities have been discovered in Trillian, the popular
instant messaging application capable of connecting to various IM
services. These vulnerabilities can be used by attackers to gain
control of a user's system, or to read instant messages without the
user's knowledge.

These vulnerabilities have been patched in the latest version of
Trillian, which is available in the vendor website. For more
information, please refer to:
http://secunia.com/advisories/25086/

 --

A vulnerability has been discovered in Winamp, which can be used by
attackers to gain access to a vulnerable computer. The vulnerability
is due to an error in the way that Winamp handles MP4 files.
Successful exploitation allows an attacker to execute arbitrary code
on a system, but requires that the user is first tricked into opening
a specially crafted MP4 file.

The vulnerability remains unpatched; thus users are urged to avoid
opening untrusted MP4 files. The vendor expects to release a new
Winamp version to fix this vulnerability within the next few days.
For more information:
http://secunia.com/advisories/25089/

 --

An error in the way that PNG files are handled was discovered in four
different graphics editor programs: Corel Paint Shop Pro, Adobe
Photoshop CS2 and CS3, and Adobe Photoshop Elements Editor for
Windows.

These programs were found to be vulnerable to various boundary errors
in handling PNG files, which could be exploited to cause stack-based
buffer overflows. Successful exploitation requires that an attacker
create a specially crafted PNG file, and allows execution of arbitrary
code.

These vulnerabilities are unpatched, and users are urged to avoid
opening untrusted PNG files. For more information:

Corel Paint Shop Pro:
http://secunia.com/advisories/25034/

Adobe Products:
http://secunia.com/advisories/25044/

 --

Join the FREE BETA test of the Network Software Inspector (NSI)!
http://secunia.com/network_software_Inspector/

 --

VIRUS ALERTS:

During the past week Secunia collected 169 virus descriptions from the
Antivirus vendors. However, none were deemed MEDIUM risk or higher
according to the Secunia assessment scale.

========================================================================
3) This Weeks Top Ten Most Read Advisories:

1.  [SA25023] Adobe Photoshop BMP.8BI Bitmap File Handling Buffer
              Overflow
2.  [SA25011] Apple QuickTime Java Extension "toQTPointer()" Code
              Execution
3.  [SA25044] Adobe Products PNG.8BI PNG File Handling Buffer Overflow
4.  [SA25089] Winamp MP4 File Handling Memory Corruption Vulnerability
5.  [SA25013] Symantec Products Information Disclosure and Buffer
              Overflow
6.  [SA25047] Cisco Products PHP "htmlentities()" and
              "htmlspecialchars()" Buffer Overflows
7.  [SA25057] Ubuntu update for php
8.  [SA25006] Sun Solaris X11 Multiple Vulnerabilities
9.  [SA25037] Sun Solaris PostgreSQL SECURITY DEFINER Privilege
              Escalation
10. [SA25045] IBM WebSphere Application Server Unspecified
              Vulnerability

========================================================================
4) Vulnerabilities Summary Listing

Windows:
[SA25100] Word Viewer OCX ActiveX Control Buffer Overflow
Vulnerabilities
[SA25092] PowerPoint Viewer OCX ActiveX Control Buffer Overflow
Vulnerabilities
[SA25089] Winamp MP4 File Handling Memory Corruption Vulnerability
[SA25086] Trillian Information Leakage and Buffer Overflow
Vulnerabilities
[SA25077] Excel Viewer OCX ActiveX Control Buffer Overflow
Vulnerabilities
[SA25076] LiveData Protocol Server WSDL Request Buffer Overflow
[SA25129] Progress WebSpeed "edit.r" Denial of Service Vulnerability
[SA25113] LiveData Server Unspecified COTP Denial of Service
[SA25126] AtomixMP3 mp3database.txt Handling Buffer Overflow
Vulnerability
[SA25087] Nukedit "terms" Cross-Site Scripting
[SA25064] ZoneAlarm Pro vsdatant Driver Denial of Service

UNIX/Linux:
[SA25072] SUSE Update for Multiple Packages
[SA25110] Gentoo update for mod_perl
[SA25097] Gentoo update for ktorrent
[SA25096] Gentoo update for freetype
[SA25095] Debian update for qemu
[SA25091] Sun Java System Directory Server Denial of Service
[SA25083] rPath update for kernel
[SA25071] Papoo CMS "menuid" SQL Injection Vulnerability
[SA25068] Linux Kernel IPv6 Type 0 Route Headers Denial of Service
[SA25062] Debian update for php5
[SA25057] Ubuntu update for php
[SA25073] QEMU Various Vulnerabilities
[SA25128] PHPChain Two Cross-Site Scripting Vulnerabilities
[SA25108] Debian update for wordpress
[SA25106] Gentoo update for tomcat
[SA25084] Gentoo update for quagga
[SA25115] Ubuntu update for net-snmp
[SA25078] Debian update for linux-2.6
[SA25061] iputils rarpd Replies Denial of Service
[SA25058] Ubuntu update for postgresql
[SA25112] Avaya CMS / IR Sun Solaris libX11 Integer Overflow
Vulnerability
[SA25098] Red Hat Update for Multiple Packages
[SA25080] Red Hat update for kernel
[SA25066] HP Power Manager Remote Agent Unspecified Code Execution
[SA25059] Gentoo update for beast
[SA25118] Mandriva update for xscreensaver
[SA25105] Red Hat update for xscreensaver
[SA25081] Sun Solaris 9 Auditing BSM Denial of Service
[SA25065] XScreenSaver "getpwuid()" Authentication Bypass Weakness

Other:
[SA25109] Cisco PIX and ASA Denial of Service and Security Bypass
[SA25094] OpenVMS Exception Handling Denial of Service

Cross Platform:
[SA25074] WordPress wordTube Plugin "wpPATH" File Inclusion
[SA25063] WordPress wp-Table Plugin "wpPATH" File Inclusion
[SA25060] OPeNDAP CGI Server Command Execution Vulnerability
[SA25120] 1024 CMS "item" Directory Traversal
[SA25085] sendcard Local File Inclusion and Cross-Site Scripting
[SA25082] CMS Made Simple "templateid" SQL Injection
[SA25070] ISC BIND "query_addsoa" Denial of Service
[SA25069] Java 2 Platform Privilege Escalation Vulnerability
[SA25079] VMware Products Multiple Vulnerabilities
[SA25127] DVDdb Cross-Site Scripting Vulnerabilities
[SA25124] CodePress codepress.html Cross-Site Scripting
[SA25090] Ariadne "ARLogin" Cross-Site Scripting
[SA25088] All In One Control Panel (AIOCP) Cross-Site Scripting
Vulnerability
[SA25075] FileRun SQL Injection and Cross-Site Scripting
[SA25067] LAN Management System "OD" Cross-Site Scripting
Vulnerability

========================================================================
5) Vulnerabilities Content Listing

Windows:--

[SA25100] Word Viewer OCX ActiveX Control Buffer Overflow
Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-05-03

shinnai has discovered some vulnerabilities in Word Viewer OCX, which
can be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/25100/

 --

[SA25092] PowerPoint Viewer OCX ActiveX Control Buffer Overflow
Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-05-02

shinnai has discovered some vulnerabilities in PowerPoint Viewer OCX,
which can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/25092/

 --

[SA25089] Winamp MP4 File Handling Memory Corruption Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-05-01

Marsu has reported a vulnerability in Winamp, which can be exploited by
malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/25089/

 --

[SA25086] Trillian Information Leakage and Buffer Overflow
Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      Exposure of sensitive information, System access
Released:    2007-05-01

Some vulnerabilities have been reported in Trillian, which can be
exploited by malicious people to gain knowledge of sensitive
information or compromise a user's system.

Full Advisory:
http://secunia.com/advisories/25086/

 --

[SA25077] Excel Viewer OCX ActiveX Control Buffer Overflow
Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-05-02

shinnai has discovered some vulnerabilities in Excel Viewer OCX, which
can be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/25077/

 --

[SA25076] LiveData Protocol Server WSDL Request Buffer Overflow

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-05-03

A vulnerability has been reported in LiveData Protocol Server, which
can be exploited by malicious people to cause a DoS (Denial of Service)
or to potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/25076/

 --

[SA25129] Progress WebSpeed "edit.r" Denial of Service Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2007-05-03

Eelko Neven has reported a vulnerability in Progress, which can be
exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/25129/

 --

[SA25113] LiveData Server Unspecified COTP Denial of Service

Critical:    Moderately critical
Where:       From local network
Impact:      DoS
Released:    2007-05-03

A vulnerability has been reported in LiveData Server, which can be
exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/25113/

 --

[SA25126] AtomixMP3 mp3database.txt Handling Buffer Overflow
Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      System access
Released:    2007-05-03

Preth00nker has discovered a vulnerability in AtomixMP3, which can be
exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/25126/

 --

[SA25087] Nukedit "terms" Cross-Site Scripting

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-05-01

Nexus has reported a vulnerability in Nukedit, which can be exploited
by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/25087/

 --

[SA25064] ZoneAlarm Pro vsdatant Driver Denial of Service

Critical:    Not critical
Where:       Local system
Impact:      DoS
Released:    2007-05-02

Matousec has discovered a vulnerability in ZoneAlarm Pro, which can be
exploited by malicious, local users to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/25064/


UNIX/Linux:--

[SA25072] SUSE Update for Multiple Packages

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-04-30

SUSE has issued an update for multiple packages. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service) or potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/25072/

 --

[SA25110] Gentoo update for mod_perl

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2007-05-02

Gentoo has issued an update for mod_perl. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/25110/

 --

[SA25097] Gentoo update for ktorrent

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data, System access
Released:    2007-05-02

Gentoo has issued an update for ktorrent. This fixes two
vulnerabilities, which can be exploited by malicious people to
overwrite arbitrary files on a user's system or potentially compromise
a user's system.

Full Advisory:
http://secunia.com/advisories/25097/

 --

[SA25096] Gentoo update for freetype

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-05-02

Gentoo has issued an update for freetype. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service) and potentially compromise an application using the library.

Full Advisory:
http://secunia.com/advisories/25096/

 --

[SA25095] Debian update for qemu

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, DoS
Released:    2007-05-01

Debian has issued an update for qemu. This fixes some vulnerabilities,
which can be exploited by malicious users to bypass certain security
restrictions and cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/25095/

 --

[SA25091] Sun Java System Directory Server Denial of Service

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2007-05-02

A vulnerability has been reported in Sun Java System Directory Server,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/25091/

 --

[SA25083] rPath update for kernel

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2007-05-02

rPath has issued an update for the kernel. This fixes two
vulnerabilities, which can be exploited by malicious, local users and
malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/25083/

 --

[SA25071] Papoo CMS "menuid" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-04-30

Kacper has discovered a vulnerability in Papoo CMS, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/25071/

 --

[SA25068] Linux Kernel IPv6 Type 0 Route Headers Denial of Service

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2007-04-30

A security issue has been reported in the Linux Kernel, which can be
exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/25068/

 --

[SA25062] Debian update for php5

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Exposure of sensitive information, System
access
Released:    2007-04-30

Debian has issued an update for php5. This fixes some vulnerabilities,
which can be exploited by malicious, local users to bypass certain
security restrictions, malicious users to disclose potentially
sensitive information, bypass certain security restrictions or
compromise a vulnerable system, and by malicious people to bypass
certain security restrictions and compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/25062/

 --

[SA25057] Ubuntu update for php

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Privilege escalation, DoS, System access
Released:    2007-04-27

Ubuntu has issued an update for php. This fixes some vulnerabilities,
which can be exploited by malicious users to disclose potentially
sensitive information, bypass certain security restrictions, gain
escalated privileges, cause a DoS (Denial of Service), compromise a
vulnerable system, and by malicious people to disclose potentially
sensitive information, bypass certain security restrictions, cause a
DoS (Denial of Service), and potentially compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/25057/

 --

[SA25073] QEMU Various Vulnerabilities

Critical:    Moderately critical
Where:       Local system
Impact:      Security Bypass, DoS
Released:    2007-05-01

Tavis Ormandy has reported some vulnerabilities in QEMU, which can be
exploited by malicious uses to bypass certain security restrictions or
cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/25073/

 --

[SA25128] PHPChain Two Cross-Site Scripting Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-05-03

r0t has discovered some vulnerabilities in PHPChain, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/25128/

 --

[SA25108] Debian update for wordpress

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, Manipulation of
data, Exposure of sensitive information
Released:    2007-05-02

Debian has issued an update for wordpress. This fixes some
vulnerabilities, which can be exploited by malicious users to conduct
SQL injection attacks and bypass certain security restrictions, or by
malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/25108/

 --

[SA25106] Gentoo update for tomcat

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass
Released:    2007-05-02

Gentoo has issued an update for tomcat. This fixes a security issue,
which can be exploited by malicious people to bypass certain security
restrictions.

Full Advisory:
http://secunia.com/advisories/25106/

 --

[SA25084] Gentoo update for quagga

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2007-05-02

Gentoo has issued an update for quagga. This fixes a vulnerability,
which can be exploited by malicious users to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/25084/

 --

[SA25115] Ubuntu update for net-snmp

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2007-05-03

Ubuntu has issued an update for net-snmp. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/25115/

 --

[SA25078] Debian update for linux-2.6

Critical:    Less critical
Where:       From local network
Impact:      Privilege escalation, DoS
Released:    2007-05-03

Debian has issued an update for linux-2.6. This fixes some
vulnerabilities, which can be exploited by malicious, local users to
cause a DoS (Denial of Service) and gain escalated privileges, and by
malicious people to cause a DoS.

Full Advisory:
http://secunia.com/advisories/25078/

 --

[SA25061] iputils rarpd Replies Denial of Service

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2007-04-30

A vulnerability has been reported in iputils, which can be exploited by
malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/25061/

 --

[SA25058] Ubuntu update for postgresql

Critical:    Less critical
Where:       From local network
Impact:      Privilege escalation
Released:    2007-04-30

Ubuntu has issued an update for postgresql. This fixes a security
issue, which can be exploited by malicious users to gain escalated
privileges.

Full Advisory:
http://secunia.com/advisories/25058/

 --

[SA25112] Avaya CMS / IR Sun Solaris libX11 Integer Overflow
Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-05-03

Avaya has acknowledged a vulnerability in Avaya CMS and IR, which can
be exploited by malicious, local users to gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/25112/

 --

[SA25098] Red Hat Update for Multiple Packages

Critical:    Less critical
Where:       Local system
Impact:      Security Bypass, Spoofing, Privilege escalation, DoS,
System access
Released:    2007-05-02

Red Hat has issued updates for multiple packages. This fixes some
vulnerabilities and security issues, which can be exploited by
malicious, local users to perform certain actions on a vulnerable
system with escalated privileges or to gain escalated privileges,
bypass certain security restrictions, and cause a DoS (Denial of
Service), or by malicious users to bypass certain security restrictions
and malicious people to spoof emails, cause a DoS or potentially
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/25098/

 --

[SA25080] Red Hat update for kernel

Critical:    Less critical
Where:       Local system
Impact:      Exposure of sensitive information, DoS
Released:    2007-05-01

Red Hat has issued an update for the kernel. This fixes some
vulnerabilities, which can be exploited by malicious, local users to
cause a DoS (Denial of Service) or disclose potentially sensitive
information.

Full Advisory:
http://secunia.com/advisories/25080/

 --

[SA25066] HP Power Manager Remote Agent Unspecified Code Execution

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-04-30

A vulnerability has been reported in HP Power Manager Remote Agent
(RA), which can be exploited by malicious, local users to gain
escalated privileges.

Full Advisory:
http://secunia.com/advisories/25066/

 --

[SA25059] Gentoo update for beast

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-04-30

Gentoo has issued an update for beast. This fixes a security issue,
which can be exploited by malicious, local users to perform certain
actions with escalated privileges.

Full Advisory:
http://secunia.com/advisories/25059/

 --

[SA25118] Mandriva update for xscreensaver

Critical:    Not critical
Where:       Local system
Impact:      Security Bypass
Released:    2007-05-03

Mandriva has issued an update for xscreensaver. This fixes a weakness,
which can be exploited by malicious people to bypass certain security
restrictions.

Full Advisory:
http://secunia.com/advisories/25118/

 --

[SA25105] Red Hat update for xscreensaver

Critical:    Not critical
Where:       Local system
Impact:      Security Bypass
Released:    2007-05-03

Red Hat has issued an update for xscreensaver. This fixes a weakness,
which can be exploited by malicious people to bypass certain security
restrictions.

Full Advisory:
http://secunia.com/advisories/25105/

 --

[SA25081] Sun Solaris 9 Auditing BSM Denial of Service

Critical:    Not critical
Where:       Local system
Impact:      DoS
Released:    2007-05-02

A vulnerability has been reported in Sun Solaris, which can be
exploited by malicious, local users to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/25081/

 --

[SA25065] XScreenSaver "getpwuid()" Authentication Bypass Weakness

Critical:    Not critical
Where:       Local system
Impact:      Security Bypass
Released:    2007-05-03

Alex Yamauchi has reported a weakness in XScreenSaver, which
potentially can be exploited by malicious people to bypass certain
security restrictions.

Full Advisory:
http://secunia.com/advisories/25065/


Other:--

[SA25109] Cisco PIX and ASA Denial of Service and Security Bypass

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, DoS
Released:    2007-05-03

Some vulnerabilities have been reported in Cisco PIX and ASA, which can
be exploited by malicious people to bypass certain security restrictions
or cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/25109/

 --

[SA25094] OpenVMS Exception Handling Denial of Service

Critical:    Not critical
Where:       Local system
Impact:      DoS
Released:    2007-05-01

A vulnerability has been reported in OpenVMS, which can be exploited by
malicious, local users to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/25094/


Cross Platform:--

[SA25074] WordPress wordTube Plugin "wpPATH" File Inclusion

Critical:    Highly critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information, System access
Released:    2007-05-02

M.Hasran Addahroni has reported a vulnerability in the wordTube plugin
for WordPress, which can be exploited by malicious people to disclose
sensitive information or to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/25074/

 --

[SA25063] WordPress wp-Table Plugin "wpPATH" File Inclusion

Critical:    Highly critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information, System access
Released:    2007-05-02

M.Hasran Addahroni has reported a vulnerability in the wp-Table plugin
for WordPress, which can be exploited by malicious people to disclose
sensitive information or to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/25063/

 --

[SA25060] OPeNDAP CGI Server Command Execution Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-05-01

A vulnerability has been reported in OPeNDAP CGI Server, which can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/25060/

 --

[SA25120] 1024 CMS "item" Directory Traversal

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information
Released:    2007-05-03

Dj7xpl has discovered a vulnerability in 1024 CMS, which can be
exploited by malicious people to disclose sensitive information.

Full Advisory:
http://secunia.com/advisories/25120/

 --

[SA25085] sendcard Local File Inclusion and Cross-Site Scripting

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Exposure of system information,
Exposure of sensitive information
Released:    2007-05-02

Some vulnerabilities have been discovered in sendcard, which can be
exploited by malicious people to conduct cross-site scripting attacks
and to disclose sensitive information.

Full Advisory:
http://secunia.com/advisories/25085/

 --

[SA25082] CMS Made Simple "templateid" SQL Injection

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-05-02

Daniel Lucq has discovered a vulnerability in CMS Made Simple, which
can be exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/25082/

 --

[SA25070] ISC BIND "query_addsoa" Denial of Service

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2007-05-01

A vulnerability has been reported in BIND, which can be exploited by
malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/25070/

 --

[SA25069] Java 2 Platform Privilege Escalation Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2007-05-01

Sun has acknowledged a vulnerability in the Java Web Start of the Java
2 Platform, which can be exploited by malicious people to bypass
certain security restrictions.

Full Advisory:
http://secunia.com/advisories/25069/

 --

[SA25079] VMware Products Multiple Vulnerabilities

Critical:    Moderately critical
Where:       Local system
Impact:      Security Bypass, DoS
Released:    2007-05-01

Some vulnerabilities have been reported in various VMware products,
which can be exploited by malicious users to cause a DoS (Denial of
Service) or bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/25079/

 --

[SA25127] DVDdb Cross-Site Scripting Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-05-03

r0t has discovered vulnerabilities in DVDdb, which can be exploited by
malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/25127/

 --

[SA25124] CodePress codepress.html Cross-Site Scripting

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-05-03

A vulnerability has been reported in CodePress, which can be exploited
by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/25124/

 --

[SA25090] Ariadne "ARLogin" Cross-Site Scripting

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-05-01

Ronald van den Heetkamp has reported a vulnerability in Ariadne, which
can be exploited by malicious people to conduct cross-site scripting
attacks.

Full Advisory:
http://secunia.com/advisories/25090/

 --

[SA25088] All In One Control Panel (AIOCP) Cross-Site Scripting
Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-05-03

A vulnerability has been reported in All In One Control Panel (AIOCP),
which can be exploited by malicious people to conduct cross-site
scripting attacks.

Full Advisory:
http://secunia.com/advisories/25088/

 --

[SA25075] FileRun SQL Injection and Cross-Site Scripting

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data
Released:    2007-05-02

r0t has reported some vulnerabilities in FileRun, which can be
exploited by malicious users to conduct SQL injection attacks and by
malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/25075/

 --

[SA25067] LAN Management System "OD" Cross-Site Scripting
Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-04-30

A vulnerability has been reported in LAN Management System, which can
be exploited by malicious people to conduct cross-site scripting
attacks.

Full Advisory:
http://secunia.com/advisories/25067/



========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Subscribe:
http://secunia.com/secunia_weekly_summary/

Contact details:
Web	: http://secunia.com/
E-mail	: support@private
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45


__________________________
Subscribe to InfoSec News
http://www.infosecnews.org



This archive was generated by hypermail 2.1.3 : Thu May 03 2007 - 23:34:23 PDT