======================================================================== The Secunia Weekly Advisory Summary 2007-05-03 - 2007-05-10 This week: 81 advisories ======================================================================== Table of Contents: 1.....................................................Word From Secunia 2....................................................This Week In Brief 3...............................This Weeks Top Ten Most Read Advisories 4.......................................Vulnerabilities Summary Listing 5.......................................Vulnerabilities Content Listing ======================================================================== 1) Word From Secunia: BETA TEST: The Network Software Inspector Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure. Join the FREE BETA test of the Network Software Inspector (NSI)! http://secunia.com/network_software_Inspector/ The NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,000 different Windows applications. -- NEW BLOG ENTRY Last December, Secunia released the Software Inspector, a revolutionary tool that changed the way users all across the globe identified missing security updates. Since then, over 300,000 inspections has been made using the Software Inspector. Secunia has received hundreds of emails with feedback, feature requests, and suggestions, all of which were thoroughly read and taken note of. Because of these, Secunia is able to finetune and improve the Software Inspector so that it can be a better tool for computer users everywhere. Now, Secunia is planning to release the Network Software Inspector (NSI) which basically is an expanded version of the Software Inspector geared for scanning on internal corporate networks. Read More: http://secunia.com/blog/9/ ======================================================================== 2) This Week in Brief: Microsoft Tuesday kicked off this week, with the vendor releasing six security bulletins. The bulletins covered a cumulative security update for Internet Explorer, one for an API COM, one for the Microsoft Exchange Server, and three for various Microsoft Office products, including a fix for the Microsoft Word 0-day vulnerability seen last February. All six bulletins are rated by Secunia as Highly Critical, except for the Word 0-day advisory (SA24122, rated as Extremely Critical), due to the availability of a working exploit. The Microsoft Exchange Server advisory (SA25183) contains four vulnerabilities, which could be used to perform cross-site scripting or Denial of Service attacks, or to execute arbitrary code in a vulnerable system. The CAPICOM ActiveX control vulnerability (SA25185) can also be exploited to execute arbitrary code on a user's system if the user visits a malicious web site. Three vulnerabilities in Microsoft Excel (SA25150) can be exploited to compromise a user's system. The errors are in the way that Excel handles malformed BIFF records, set font values, and filter records. An error in the way that Microsoft Office (SA25178) parses drawing objects can be exploited via a malicious Office file that contains a specially crafted drawing object. Successful exploitation allows an attacker to execute arbitrary code on the system. The Internet Explorer advisory (SA23769) contains details on six IE vulnerabilities, which can all be exploited to execute arbitrary code on a system. Successful exploitation is possible by tricking the user into viewing a specially crafted web page. Three vulnerabilities in Microsoft Word, including the 0-day bug made public in February, are also included in this month's releases (SA24122). Successful exploitation of these vulnerabilities is possible by tricking the user into handling a specially crafted Word file. All Windows users are advised to updated their systems accordingly. For more information on this month's Microsoft updates: http://secunia.com/advisories/24122/ http://secunia.com/advisories/23769/ http://secunia.com/advisories/25178/ http://secunia.com/advisories/25185/ http://secunia.com/advisories/25183/ http://secunia.com/advisories/24122/ -- PHP released its next minor versions this week, making 5.2.2 and 4.4.7 available. These versions fix multiple vulnerabilities, most of which were discussed during the Month of PHP bugs. Most of these bugs are exploitable to execute arbitrary code, and some issues can be triggered remotely under certain circumstances; thus Secunia rates its PHP advisory as Highly Critical. All PHP users are advised to update their systems accordingly. For more information, please refer to: http://secunia.com/advisories/25123/ -- A "Highly Critical" buffer overflow vulnerability in various McAfee products can be exploited to give an attacker control over a system. An error in the SecurityCenter Subscription Manager ActiveX control can be exploited by passing a certain argument to the "IsOldAppInstalled()" method. The vulnerability affects SecurityCenter versions prior to 7.2.147 and 6.0.25. The vendor has released patches, which are available via automatic updates for McAfee customers. For more information: http://secunia.com/advisories/25173/ -- Seven vulnerabilities in Trend Micro Serverprotect have been reported, which can be exploited to compromise a vulnerable system from a local network. These vulnerabilities are caused by boundary errors within specific functions, files, and libraries of Serverprotect, and can be exploited to allow an attacker to execute arbitrary code. Trend Micro Serverprotect users are advised to install the patches for version 5.58. For more information: http://secunia.com/advisories/25186/ -- Join the FREE BETA test of the Network Software Inspector (NSI)! http://secunia.com/network_software_Inspector/ -- VIRUS ALERTS: During the past week Secunia collected 172 virus descriptions from the Antivirus vendors. However, none were deemed MEDIUM risk or higher according to the Secunia assessment scale. ======================================================================== 3) This Weeks Top Ten Most Read Advisories: 1. [SA25123] PHP Multiple Vulnerabilities 2. [SA25183] Microsoft Exchange Multiple Vulnerabilities 3. [SA23769] Internet Explorer Multiple Vulnerabilities 4. [SA25093] AXIS Camera Control "SaveBMP()" Method Buffer Overflow 5. [SA25109] Cisco PIX and ASA Denial of Service and Security Bypass 6. [SA25089] Winamp MP4 File Handling Memory Corruption Vulnerability 7. [SA25135] HP Tru64 UNIX "ps" Command Information Disclosure 8. [SA25121] Solaris Xorg X Render Extension Denial of Service 9. [SA25144] Pre Classified Listings PHP "category" SQL Injection 10. [SA25132] rPath update for lftp ======================================================================== 4) Vulnerabilities Summary Listing Windows: [SA25218] RIM TeamOn Import Object ActiveX Control Buffer Overflow Vulnerability [SA25209] BarCodeWiz Barcode ActiveX Control Buffer Overflow Vulnerability [SA25203] SmartCode VNC Manager VNC Viewer ActiveX Control Buffer Overflow [SA25185] CAPICOM CAPICOM.Certificates ActiveX Control Vulnerability [SA25183] Microsoft Exchange Multiple Vulnerabilities [SA25180] TAL Bar Code ActiveX Control Buffer Overflow Vulnerability [SA25178] Microsoft Office Drawing Object Code Execution Vulnerability [SA25174] PHPtree "s_dir" File Inclusion Vulnerability [SA25173] McAfee SecurityCenter Subscription Manager ActiveX Control Buffer Overflow [SA25156] HTTP File Upload ActiveX Control Buffer Overflow Vulnerability [SA25150] Microsoft Excel Three Code Execution Vulnerabilities [SA25143] Office Viewer ActiveX Control Buffer Overflow Vulnerabilities [SA25212] Nokia Intellisync Mobile Suite Multiple Vulnerabilities [SA25172] Symantec Products NAVOpts.dll ActiveX Control Security Bypass Vulnerability [SA25158] Burak Yilmaz Blog "id" SQL Injection Vulnerability [SA25186] Trend Micro ServerProtect Multiple Buffer Overflow Vulnerabilities [SA25148] IBM DB2 Universal Database Unspecified Code Execution Vulnerability [SA25211] Adobe RoboHelp Cross-Site Scripting Vulnerability [SA25152] Panda AntiVirus Zoo Denial of Service Vulnerability [SA25160] Novell SecureLogin Two Unspecified Vulnerabilities UNIX/Linux: [SA25224] AForum "CommonAbsDir" and "header" File Inclusion [SA25210] phpMyPortal "GLOBALS[CHEMINMODULES]" File Inclusion [SA25189] Mandriva update for clamav [SA25187] Red Hat update for php [SA25164] Berylium "beryliumroot" File Inclusion Vulnerability [SA25147] phpChess Community Edition Multiple File Inclusion [SA25226] SUSE update for kernel [SA25182] Mandriva update for vim [SA25167] Gentoo update for gimp [SA25166] Gentoo update for lighttpd [SA25159] Red Hat update for vim [SA25151] Slackware update for php [SA25145] PHP Coupon Script "bus" SQL Injection [SA25142] Gentoo update for ipsec-tools [SA25217] Mandriva update for python [SA25208] Ubuntu update for moinmoin [SA25205] OTRS Cross-Site Scripting and Cross-Site Request Forgery [SA25196] Gentoo update for mysql [SA25157] Debian update for ldap-account-manager [SA25149] RSAuction Suspended Account Security Bypass [SA25133] Avaya Products file Integer Underflow Vulnerability [SA25184] Red Hat update for postgresql [SA25134] Asterisk IAX2 Channel Driver Information Disclosure [SA25216] Avaya CMS / IR X.Org X11 Multiple Vulnerabilities [SA25197] HP Tru64 UNIX "dop" Command Privilege Escalation [SA25195] Gentoo update for libXfont and tightvnc [SA25163] Linux Kernel Multiple Vulnerabilities [SA25135] HP Tru64 UNIX "ps" Command Information Disclosure [SA25132] rPath update for lftp [SA25198] Ubuntu update for elinks [SA25169] ELinks "add_filename_to_string()" Privilege Escalation [SA25162] Sun Solaris "acl()" Local Denial of Service [SA25161] rPath update for cpio Other: [SA25199] Cisco IOS FTP Server Multiple Vulnerabilities [SA25137] avast! Zoo Denial of Service Vulnerability [SA25138] Bradford Campus Manager Information Disclosure Cross Platform: [SA25214] CGX "pathCGX" File Inclusion Vulnerability [SA25179] Tropicalm Crowell Resource "RESPATH" File Inclusion [SA25177] PMECMS "pathMod" File Inclusion Vulnerabilities [SA25176] DynamicPAD "HomeDir" File Inclusion Vulnerabilities [SA25175] PHP TopTree BBS "right_file" File Inclusion Vulnerability [SA25170] Wikivi5 "sous_rep" File Inclusion Vulnerability [SA25146] Open Translation Engine "ote_home" File Inclusion [SA25223] SimpleNews "news_id" SQL Injection Vulnerability [SA25222] TutorialCMS Multiple SQL Injection Vulnerabilities [SA25219] IBM WebSphere Application Server Java Message Service Unspecified Vulnerability [SA25207] SurgeMail webmail Unspecified Security Bypass [SA25171] wfquotes Module for XOOPS "c" SQL Injection [SA25165] Nuked-Klan "X-Forwarded-For" SQL Injection Vulnerability [SA25155] XOOPS Flashgames Module "lid" SQL Injection [SA25154] RunCMS "executed_queries" SQL Injection [SA25153] Advanced Guestbook Multiple Vulnerabilities [SA25144] Pre Classified Listings PHP "category" SQL Injection [SA25141] Censura "vendorid" SQL Injection Vulnerability [SA25200] SquirrelMail Cross-Site Scripting and Request Forgery Vulnerabilities [SA25190] Python "PyLocale_strxfrm()" Off-By-One Information Disclosure [SA25181] WikkaWiki Information Disclosure and Cross-Site Scripting [SA25168] OpenLD Search Cross-Site Scripting Vulnerability [SA25140] Avira AntiVir Zoo Denial of Service Vulnerability [SA25139] Simple Machines Forum Session Fixation Vulnerability [SA25188] MySQL IF Query Denial of Service Vulnerability ======================================================================== 5) Vulnerabilities Content Listing Windows:-- [SA25218] RIM TeamOn Import Object ActiveX Control Buffer Overflow Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2007-05-09 Will Dormann has reported a vulnerability in RIM's TeamOn Import Object ActiveX control, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/25218/ -- [SA25209] BarCodeWiz Barcode ActiveX Control Buffer Overflow Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2007-05-09 shinnai has discovered a vulnerability in BarCodeWiz Barcode ActiveX control, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/25209/ -- [SA25203] SmartCode VNC Manager VNC Viewer ActiveX Control Buffer Overflow Critical: Highly critical Where: From remote Impact: System access Released: 2007-05-08 shinnai has discovered a vulnerability in SmartCode VNC Manager, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/25203/ -- [SA25185] CAPICOM CAPICOM.Certificates ActiveX Control Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2007-05-08 A vulnerability has been reported in CAPICOM (Cryptographic API Component Object Model), which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/25185/ -- [SA25183] Microsoft Exchange Multiple Vulnerabilities Critical: Highly critical Where: From remote Impact: Cross Site Scripting, DoS, System access Released: 2007-05-08 Some vulnerabilities have been reported in Microsoft Exchange, which can be exploited by malicious people to conduct script insertion attacks, cause a DoS (Denial of Service), or compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25183/ -- [SA25180] TAL Bar Code ActiveX Control Buffer Overflow Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2007-05-08 Michal Bucko has discovered a vulnerability in TAL Bar Code ActiveX Control, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/25180/ -- [SA25178] Microsoft Office Drawing Object Code Execution Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2007-05-08 A vulnerability has been reported in Microsoft Office, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/25178/ -- [SA25174] PHPtree "s_dir" File Inclusion Vulnerability Critical: Highly critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information, System access Released: 2007-05-08 ThE TiGeR has reported a vulnerability in PHPtree, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25174/ -- [SA25173] McAfee SecurityCenter Subscription Manager ActiveX Control Buffer Overflow Critical: Highly critical Where: From remote Impact: System access Released: 2007-05-09 A vulnerability has been reported in various McAfee products, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/25173/ -- [SA25156] HTTP File Upload ActiveX Control Buffer Overflow Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2007-05-07 shinnai has discovered a vulnerability in HTTP File Upload ActiveX Control, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/25156/ -- [SA25150] Microsoft Excel Three Code Execution Vulnerabilities Critical: Highly critical Where: From remote Impact: System access Released: 2007-05-08 Three vulnerabilities have been reported in Microsoft Excel, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/25150/ -- [SA25143] Office Viewer ActiveX Control Buffer Overflow Vulnerabilities Critical: Highly critical Where: From remote Impact: System access Released: 2007-05-07 shinnai has discovered some vulnerabilities in Office Viewer OCX, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/25143/ -- [SA25212] Nokia Intellisync Mobile Suite Multiple Vulnerabilities Critical: Moderately critical Where: From remote Impact: Cross Site Scripting, Exposure of system information, Exposure of sensitive information, DoS Released: 2007-05-09 Johannes Greil has reported some vulnerabilities in Nokia's Intellisync Mobile Suite, which can be exploited by malicious people to gain knowledge of sensitive information, conduct cross-site scripting attacks, manipulate certain data, or cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25212/ -- [SA25172] Symantec Products NAVOpts.dll ActiveX Control Security Bypass Vulnerability Critical: Moderately critical Where: From remote Impact: Security Bypass Released: 2007-05-10 A vulnerability has been reported in various Symantec products, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/25172/ -- [SA25158] Burak Yilmaz Blog "id" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2007-05-08 RMx has reported a vulnerability in Burak Yilmaz Blog, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/25158/ -- [SA25186] Trend Micro ServerProtect Multiple Buffer Overflow Vulnerabilities Critical: Moderately critical Where: From local network Impact: System access Released: 2007-05-08 Some vulnerabilities have been reported in Trend Micro ServerProtect, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25186/ -- [SA25148] IBM DB2 Universal Database Unspecified Code Execution Vulnerability Critical: Moderately critical Where: From local network Impact: System access Released: 2007-05-09 A vulnerability has been reported in IBM DB2, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25148/ -- [SA25211] Adobe RoboHelp Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-05-09 A vulnerability has been reported in RoboHelp, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/25211/ -- [SA25152] Panda AntiVirus Zoo Denial of Service Vulnerability Critical: Less critical Where: From remote Impact: DoS Released: 2007-05-08 Jean-Sebastien Guay-Leroux has reported a vulnerability in Panda AntiVirus, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25152/ -- [SA25160] Novell SecureLogin Two Unspecified Vulnerabilities Critical: Less critical Where: From local network Impact: Unknown, Privilege escalation Released: 2007-05-07 Two vulnerabilities have been reported in Novell SecureLogin, where one has an unknown impact and the other can potentially be exploited to gain escalated privileges. Full Advisory: http://secunia.com/advisories/25160/ UNIX/Linux:-- [SA25224] AForum "CommonAbsDir" and "header" File Inclusion Critical: Highly critical Where: From remote Impact: System access Released: 2007-05-10 Some vulnerabilities have been reported in AForum, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25224/ -- [SA25210] phpMyPortal "GLOBALS[CHEMINMODULES]" File Inclusion Critical: Highly critical Where: From remote Impact: System access Released: 2007-05-10 Mahmood_ali has discovered a vulnerability in phpMyPortal, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25210/ -- [SA25189] Mandriva update for clamav Critical: Highly critical Where: From remote Impact: Unknown, DoS, System access Released: 2007-05-09 Mandriva has issued an update for clamav. This fixes some vulnerabilities, where one has an unknown impact and the others can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25189/ -- [SA25187] Red Hat update for php Critical: Highly critical Where: From remote Impact: Unknown, Security Bypass, System access Released: 2007-05-09 Red Hat has issued an update for php. This fixes some vulnerabilities, where some have unknown impacts and others can be exploited by malicious users to bypass certain security restrictions and potentially by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25187/ -- [SA25164] Berylium "beryliumroot" File Inclusion Vulnerability Critical: Highly critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information, System access Released: 2007-05-08 ThE TiGeR has reported a vulnerability in Berylium, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25164/ -- [SA25147] phpChess Community Edition Multiple File Inclusion Critical: Highly critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information, System access Released: 2007-05-04 GolD_M has discovered some vulnerabilities in phpChess Community Edition, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25147/ -- [SA25226] SUSE update for kernel Critical: Moderately critical Where: From remote Impact: Privilege escalation, DoS, Unknown Released: 2007-05-10 SUSE has issued an update for the kernel. This fixes some vulnerabilities, where one has an unknown impact and others can be exploited by malicious, local users to cause a DoS (Denial of Service) or gain escalated privileges, and by malicious people to cause a DoS. Full Advisory: http://secunia.com/advisories/25226/ -- [SA25182] Mandriva update for vim Critical: Moderately critical Where: From remote Impact: System access Released: 2007-05-10 Mandriva has issued an update for vim. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/25182/ -- [SA25167] Gentoo update for gimp Critical: Moderately critical Where: From remote Impact: System access Released: 2007-05-08 Gentoo has issued an update for gimp. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/25167/ -- [SA25166] Gentoo update for lighttpd Critical: Moderately critical Where: From remote Impact: DoS Released: 2007-05-08 Gentoo has issued an update for lighttpd. This fixes some vulnerabilities, which can be exploited by malicious users and malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25166/ -- [SA25159] Red Hat update for vim Critical: Moderately critical Where: From remote Impact: System access Released: 2007-05-09 Red Hat has issued an update for vim. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/25159/ -- [SA25151] Slackware update for php Critical: Moderately critical Where: From remote Impact: Security Bypass, Cross Site Scripting, Manipulation of data, Exposure of system information, Exposure of sensitive information, DoS, System access Released: 2007-05-08 Slackware has issued an update for php. This fixes some vulnerabilities, which can be exploited by malicious users to manipulate certain data, disclose potentially sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service), or to compromise a vulnerable system, and by malicious people to disclose potentially sensitive information, conduct cross-site scripting attacks, or cause a DoS. Full Advisory: http://secunia.com/advisories/25151/ -- [SA25145] PHP Coupon Script "bus" SQL Injection Critical: Moderately critical Where: From remote Impact: Manipulation of data, Exposure of sensitive information Released: 2007-05-04 Cyber-Security has reported a vulnerability in PHP Coupon Script, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/25145/ -- [SA25142] Gentoo update for ipsec-tools Critical: Moderately critical Where: From remote Impact: DoS Released: 2007-05-08 Gentoo has issued an update for ipsec-tools. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25142/ -- [SA25217] Mandriva update for python Critical: Less critical Where: From remote Impact: Exposure of sensitive information Released: 2007-05-09 Mandriva has issued an update for python. This fixes a security issue, which can be exploited by malicious people to disclose potentially sensitive information. Full Advisory: http://secunia.com/advisories/25217/ -- [SA25208] Ubuntu update for moinmoin Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-05-08 Ubuntu has issued an update for moinmoin. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/25208/ -- [SA25205] OTRS Cross-Site Scripting and Cross-Site Request Forgery Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-05-08 ciri has reported some vulnerabilities in OTRS (Open Ticket Request System), which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks. Full Advisory: http://secunia.com/advisories/25205/ -- [SA25196] Gentoo update for mysql Critical: Less critical Where: From remote Impact: DoS Released: 2007-05-09 Gentoo has issued an update for mysql. This fixes two vulnerabilities, which can be exploited by malicious users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25196/ -- [SA25157] Debian update for ldap-account-manager Critical: Less critical Where: From remote Impact: Cross Site Scripting, Privilege escalation Released: 2007-05-08 Debian has issued an update for ldap-account-manager. This fixes some vulnerabilities, which can be exploited by malicious, local users to perform actions with escalated privileges and by malicious users to conduct script insertion attacks. Full Advisory: http://secunia.com/advisories/25157/ -- [SA25149] RSAuction Suspended Account Security Bypass Critical: Less critical Where: From remote Impact: Security Bypass Released: 2007-05-09 switzer has reported a vulnerability in RSAuction, which can be exploited by malicious users to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/25149/ -- [SA25133] Avaya Products file Integer Underflow Vulnerability Critical: Less critical Where: From remote Impact: DoS, System access Released: 2007-05-07 Avaya has acknowledged a vulnerability in various Avaya products, which can potentially be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25133/ -- [SA25184] Red Hat update for postgresql Critical: Less critical Where: From local network Impact: Privilege escalation Released: 2007-05-09 Red Hat has issued an update for postgresql. This fixes a security issue, which can potentially be exploited by malicious users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/25184/ -- [SA25134] Asterisk IAX2 Channel Driver Information Disclosure Critical: Less critical Where: From local network Impact: Exposure of sensitive information Released: 2007-05-07 A vulnerability has been reported in Asterisk, which can be exploited by malicious users to disclose potential sensitive information. Full Advisory: http://secunia.com/advisories/25134/ -- [SA25216] Avaya CMS / IR X.Org X11 Multiple Vulnerabilities Critical: Less critical Where: Local system Impact: Exposure of sensitive information, Privilege escalation, DoS Released: 2007-05-10 Avaya has acknowledged some vulnerabilities in Avaya CMS and IR, which can be exploited by malicious, local users to disclose sensitive information, cause a DoS (Denial of Service), and gain escalated privileges. Full Advisory: http://secunia.com/advisories/25216/ -- [SA25197] HP Tru64 UNIX "dop" Command Privilege Escalation Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2007-05-09 A vulnerability has been reported in HP Tru64 UNIX, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/25197/ -- [SA25195] Gentoo update for libXfont and tightvnc Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2007-05-09 Gentoo has issued an update for libXfont and tightvnc. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/25195/ -- [SA25163] Linux Kernel Multiple Vulnerabilities Critical: Less critical Where: Local system Impact: Exposure of sensitive information, DoS Released: 2007-05-08 Some vulnerabilities have been reported in the Linux Kernel, which potentially can be exploited by malicious, local users to cause a DoS (Denial of Service) or disclose potentially sensitive information. Full Advisory: http://secunia.com/advisories/25163/ -- [SA25135] HP Tru64 UNIX "ps" Command Information Disclosure Critical: Less critical Where: Local system Impact: Exposure of sensitive information Released: 2007-05-04 A security issue has been reported in HP Tru64, which can be exploited by malicious, local users to gain knowledge of potentially sensitive information. Full Advisory: http://secunia.com/advisories/25135/ -- [SA25132] rPath update for lftp Critical: Not critical Where: From remote Impact: System access Released: 2007-05-04 rPath has issued an update for lftp. This fixes a weakness, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/25132/ -- [SA25198] Ubuntu update for elinks Critical: Not critical Where: Local system Impact: Privilege escalation Released: 2007-05-08 Ubuntu has issued an update for elinks. This fixes a weakness, which potentially can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/25198/ -- [SA25169] ELinks "add_filename_to_string()" Privilege Escalation Critical: Not critical Where: Local system Impact: Privilege escalation Released: 2007-05-08 Arnaud Giersch has reported a weakness in ELinks, which potentially can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/25169/ -- [SA25162] Sun Solaris "acl()" Local Denial of Service Critical: Not critical Where: Local system Impact: DoS Released: 2007-05-08 A vulnerability has been reported in Sun Solaris, which can be exploited by malicious, local users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25162/ -- [SA25161] rPath update for cpio Critical: Not critical Where: Local system Impact: DoS Released: 2007-05-08 rPath has issued an update for cpio. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25161/ Other:-- [SA25199] Cisco IOS FTP Server Multiple Vulnerabilities Critical: Moderately critical Where: From remote Impact: Security Bypass, DoS, System access Released: 2007-05-10 Some vulnerabilities have been reported in Cisco IOS, which can be exploited by malicious users and malicious people to bypass certain security restrictions, cause a DoS (Denial of Service), or potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25199/ -- [SA25137] avast! Zoo Denial of Service Vulnerability Critical: Less critical Where: From remote Impact: DoS Released: 2007-05-08 Jean-Sebastien Guay-Leroux has reported a vulnerability in avast!, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25137/ -- [SA25138] Bradford Campus Manager Information Disclosure Critical: Less critical Where: From local network Impact: Exposure of sensitive information Released: 2007-05-08 John Martinelli has reported a vulnerability in Bradford Campus Manager, which can be exploited by malicious people to gain unprivileged access to restricted data. Full Advisory: http://secunia.com/advisories/25138/ Cross Platform:-- [SA25214] CGX "pathCGX" File Inclusion Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2007-05-09 GolD_M has reported some vulnerabilities in CGX, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/25214/ -- [SA25179] Tropicalm Crowell Resource "RESPATH" File Inclusion Critical: Highly critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information, System access Released: 2007-05-08 kezzap66345 has discovered a vulnerability in Tropicalm Crowell Resource, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25179/ -- [SA25177] PMECMS "pathMod" File Inclusion Vulnerabilities Critical: Highly critical Where: From remote Impact: System access Released: 2007-05-07 Some vulnerabilities have been reported in PMECMS, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25177/ -- [SA25176] DynamicPAD "HomeDir" File Inclusion Vulnerabilities Critical: Highly critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information, System access Released: 2007-05-08 ThE TiGeR has discovered two vulnerabilities in DynamicPAD, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25176/ -- [SA25175] PHP TopTree BBS "right_file" File Inclusion Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2007-05-07 kezzap66345 has reported a vulnerability in PHP TopTree BBS, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25175/ -- [SA25170] Wikivi5 "sous_rep" File Inclusion Vulnerability Critical: Highly critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information, System access Released: 2007-05-07 GolD_M has reported a vulnerability in Wikivi5, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25170/ -- [SA25146] Open Translation Engine "ote_home" File Inclusion Critical: Highly critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information, System access Released: 2007-05-04 GolD_M has discovered a vulnerability in Open Translation Engine, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25146/ -- [SA25223] SimpleNews "news_id" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2007-05-10 Silentz has discovered a vulnerability in SimpleNews, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/25223/ -- [SA25222] TutorialCMS Multiple SQL Injection Vulnerabilities Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2007-05-10 Silentz has discovered some vulnerabilities in TutorialCMS, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/25222/ -- [SA25219] IBM WebSphere Application Server Java Message Service Unspecified Vulnerability Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2007-05-09 A vulnerability has been reported in IBM WebSphere Application Server, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25219/ -- [SA25207] SurgeMail webmail Unspecified Security Bypass Critical: Moderately critical Where: From remote Impact: Security Bypass Released: 2007-05-10 A vulnerability has been reported in SurgeMail, which can be exploited by malicious users to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/25207/ -- [SA25171] wfquotes Module for XOOPS "c" SQL Injection Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2007-05-07 A vulnerability has been reported in the wfquotes module for XOOPS, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/25171/ -- [SA25165] Nuked-Klan "X-Forwarded-For" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2007-05-07 DarkFig has discovered a vulnerability in Nuked-Klan, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/25165/ -- [SA25155] XOOPS Flashgames Module "lid" SQL Injection Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2007-05-07 A vulnerability has been reported in the Flashgames module for XOOPS, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/25155/ -- [SA25154] RunCMS "executed_queries" SQL Injection Critical: Moderately critical Where: From remote Impact: Manipulation of data, Exposure of sensitive information Released: 2007-05-07 rgod has discovered a vulnerability in RunCMS, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/25154/ -- [SA25153] Advanced Guestbook Multiple Vulnerabilities Critical: Moderately critical Where: From remote Impact: Cross Site Scripting, Exposure of system information, Exposure of sensitive information Released: 2007-05-09 Jesper Jurcenoks has discovered some vulnerabilities in Advanced Guestbook, which can be exploited by malicious people to disclose sensitive information or to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/25153/ -- [SA25144] Pre Classified Listings PHP "category" SQL Injection Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2007-05-04 Cyber-Security has reported a vulnerability in Pre Classified Listings PHP, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/25144/ -- [SA25141] Censura "vendorid" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2007-05-04 Cyber-Security has reported a vulnerability in Censura, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/25141/ -- [SA25200] SquirrelMail Cross-Site Scripting and Request Forgery Vulnerabilities Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-05-10 Some vulnerabilities have been reported in SquirrelMail, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks. Full Advisory: http://secunia.com/advisories/25200/ -- [SA25190] Python "PyLocale_strxfrm()" Off-By-One Information Disclosure Critical: Less critical Where: From remote Impact: Exposure of sensitive information Released: 2007-05-09 Piotr Engelking has reported a security issue in Python, which can be exploited by malicious people to disclose potentially sensitive information. Full Advisory: http://secunia.com/advisories/25190/ -- [SA25181] WikkaWiki Information Disclosure and Cross-Site Scripting Critical: Less critical Where: From remote Impact: Cross Site Scripting, Exposure of sensitive information Released: 2007-05-08 Some vulnerabilities have been reported in WikkaWiki, which can be exploited by malicious people to disclose potentially sensitive information and to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/25181/ -- [SA25168] OpenLD Search Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-05-09 A vulnerability has been reported in OpenLD, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/25168/ -- [SA25140] Avira AntiVir Zoo Denial of Service Vulnerability Critical: Less critical Where: From remote Impact: DoS Released: 2007-05-10 Jean-Sebastien Guay-Leroux has reported a vulnerability in Avira AntiVir, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25140/ -- [SA25139] Simple Machines Forum Session Fixation Vulnerability Critical: Less critical Where: From remote Impact: Hijacking Released: 2007-05-07 David Vieira-Kurz has discovered a vulnerability in Simple Machines Forum, which can be exploited by malicious people to conduct session fixation attacks. Full Advisory: http://secunia.com/advisories/25139/ -- [SA25188] MySQL IF Query Denial of Service Vulnerability Critical: Less critical Where: From local network Impact: DoS Released: 2007-05-10 Neil Kettle has reported a vulnerability in MySQL, which can be exploited by malicious users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25188/ ======================================================================== Secunia recommends that you verify all advisories you receive, by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Subscribe: http://secunia.com/secunia_weekly_summary/ Contact details: Web : http://secunia.com/ E-mail : support@private Tel : +45 70 20 51 44 Fax : +45 70 20 51 45 _____________________________________________________ Attend Black Hat USA, July 28-August 2 in Las Vegas, the world's premier technical event for ICT security experts. Featuring 30 hands-on training courses and 90 Briefings presentations with lots of new content and new tools. Network with 4,000 delegates from 70 nations. Visit product displays by 30 top sponsors in a relaxed setting. Rates increase on June 1 so register today. http://www.blackhat.com
This archive was generated by hypermail 2.1.3 : Thu May 10 2007 - 22:46:47 PDT