[ISN] Secunia Weekly Summary - Issue: 2007-19

From: InfoSec News (alerts@private)
Date: Thu May 10 2007 - 22:37:12 PDT


========================================================================

                  The Secunia Weekly Advisory Summary                  
                        2007-05-03 - 2007-05-10                        

                       This week: 81 advisories                        

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing

========================================================================
1) Word From Secunia:

BETA TEST: The Network Software Inspector

Try a new way to discover vulnerabilities that ALREADY EXIST in your
IT infrastructure.

Join the FREE BETA test of the Network Software Inspector (NSI)!
http://secunia.com/network_software_Inspector/

The NSI enables you to INSPECT, DISCOVER, and DOCUMENT
vulnerabilities in more than 4,000 different Windows applications.

 --

NEW BLOG ENTRY
 
Last December, Secunia released the Software Inspector, a
revolutionary tool that changed the way users all across the globe
identified missing security updates.

Since then, over 300,000 inspections has been made using the Software
Inspector. Secunia has received hundreds of emails with feedback,
feature requests, and suggestions, all of which were thoroughly read
and taken note of. Because of these, Secunia is able to finetune and
improve the Software Inspector so that it can be a better tool for
computer users everywhere.

Now, Secunia is planning to release the Network Software Inspector
(NSI) which basically is an expanded version of the Software Inspector
geared for scanning on internal corporate networks.

Read More:
http://secunia.com/blog/9/

========================================================================
2) This Week in Brief:

Microsoft Tuesday kicked off this week, with the vendor releasing six
security bulletins. The bulletins covered a cumulative security update
for Internet Explorer, one for an API COM, one for the Microsoft
Exchange Server, and three for various Microsoft Office products,
including a fix for the Microsoft Word 0-day vulnerability seen last
February.

All six bulletins are rated by Secunia as Highly Critical, except for
the Word 0-day advisory (SA24122, rated as Extremely Critical), due to
the availability of a working exploit.

The Microsoft Exchange Server advisory (SA25183) contains four
vulnerabilities, which could be used to perform cross-site scripting or
Denial of Service attacks, or to execute arbitrary code in a vulnerable
system.

The CAPICOM ActiveX control vulnerability (SA25185) can also be
exploited to execute arbitrary code on a user's system if the user
visits a malicious web site.

Three vulnerabilities in Microsoft Excel (SA25150) can be exploited to
compromise a user's system. The errors are in the way that Excel
handles malformed BIFF records, set font values, and filter records.

An error in the way that Microsoft Office (SA25178) parses drawing
objects can be exploited via a malicious Office file that contains a
specially crafted drawing object. Successful exploitation allows an
attacker to execute arbitrary code on the system. 

The Internet Explorer advisory (SA23769) contains details on six IE
vulnerabilities, which can all be exploited to execute arbitrary code
on a system. Successful exploitation is possible by tricking the user
into viewing a specially crafted web page.

Three vulnerabilities in Microsoft Word, including the 0-day bug made
public in February, are also included in this month's releases
(SA24122). Successful exploitation of these vulnerabilities is
possible by tricking the user into handling a specially crafted Word
file.

All Windows users are advised to updated their systems accordingly.
For more information on this month's Microsoft updates:
http://secunia.com/advisories/24122/
http://secunia.com/advisories/23769/
http://secunia.com/advisories/25178/
http://secunia.com/advisories/25185/
http://secunia.com/advisories/25183/
http://secunia.com/advisories/24122/

 --

PHP released its next minor versions this week, making 5.2.2 and 4.4.7
available. These versions fix multiple vulnerabilities, most of which
were discussed during the Month of PHP bugs. Most of these bugs are
exploitable to execute arbitrary code, and some issues can be
triggered remotely under certain circumstances; thus Secunia rates
its PHP advisory as Highly Critical. 

All PHP users are advised to update their systems accordingly. For
more information, please refer to:
http://secunia.com/advisories/25123/

 --

A "Highly Critical" buffer overflow vulnerability in various McAfee
products can be exploited to give an attacker control over a system.
An error in the SecurityCenter Subscription Manager ActiveX control
can be exploited by passing a certain argument to the
"IsOldAppInstalled()" method.

The vulnerability affects SecurityCenter versions prior to 7.2.147
and 6.0.25.

The vendor has released patches, which are available via automatic
updates for McAfee customers. For more information:
http://secunia.com/advisories/25173/

 --

Seven vulnerabilities in Trend Micro Serverprotect have been reported,
which can be exploited to compromise a vulnerable system from a local
network.

These vulnerabilities are caused by boundary errors within specific
functions, files, and libraries of Serverprotect, and can be exploited
to allow an attacker to execute arbitrary code.

Trend Micro Serverprotect users are advised to install the patches for
version 5.58. For more information:
http://secunia.com/advisories/25186/

 --

Join the FREE BETA test of the Network Software Inspector (NSI)!
http://secunia.com/network_software_Inspector/

 --

VIRUS ALERTS:

During the past week Secunia collected 172 virus descriptions from the
Antivirus vendors. However, none were deemed MEDIUM risk or higher
according to the Secunia assessment scale.

========================================================================
3) This Weeks Top Ten Most Read Advisories:

1.  [SA25123] PHP Multiple Vulnerabilities
2.  [SA25183] Microsoft Exchange Multiple Vulnerabilities
3.  [SA23769] Internet Explorer Multiple Vulnerabilities
4.  [SA25093] AXIS Camera Control "SaveBMP()" Method Buffer Overflow
5.  [SA25109] Cisco PIX and ASA Denial of Service and Security Bypass
6.  [SA25089] Winamp MP4 File Handling Memory Corruption Vulnerability
7.  [SA25135] HP Tru64 UNIX "ps" Command Information Disclosure
8.  [SA25121] Solaris Xorg X Render Extension Denial of Service
9.  [SA25144] Pre Classified Listings PHP "category" SQL Injection
10. [SA25132] rPath update for lftp

========================================================================
4) Vulnerabilities Summary Listing

Windows:
[SA25218] RIM TeamOn Import Object ActiveX Control Buffer Overflow
Vulnerability
[SA25209] BarCodeWiz Barcode ActiveX Control Buffer Overflow
Vulnerability
[SA25203] SmartCode VNC Manager VNC Viewer ActiveX Control Buffer
Overflow
[SA25185] CAPICOM CAPICOM.Certificates ActiveX Control Vulnerability
[SA25183] Microsoft Exchange Multiple Vulnerabilities
[SA25180] TAL Bar Code ActiveX Control Buffer Overflow Vulnerability
[SA25178] Microsoft Office Drawing Object Code Execution Vulnerability
[SA25174] PHPtree "s_dir" File Inclusion Vulnerability
[SA25173] McAfee SecurityCenter Subscription Manager ActiveX Control
Buffer Overflow
[SA25156] HTTP File Upload ActiveX Control Buffer Overflow
Vulnerability
[SA25150] Microsoft Excel Three Code Execution Vulnerabilities
[SA25143] Office Viewer ActiveX Control Buffer Overflow
Vulnerabilities
[SA25212] Nokia Intellisync Mobile Suite Multiple Vulnerabilities
[SA25172] Symantec Products NAVOpts.dll ActiveX Control Security Bypass
Vulnerability
[SA25158] Burak Yilmaz Blog "id" SQL Injection Vulnerability
[SA25186] Trend Micro ServerProtect Multiple Buffer Overflow
Vulnerabilities
[SA25148] IBM DB2 Universal Database Unspecified Code Execution
Vulnerability
[SA25211] Adobe RoboHelp Cross-Site Scripting Vulnerability
[SA25152] Panda AntiVirus Zoo Denial of Service Vulnerability
[SA25160] Novell SecureLogin Two Unspecified Vulnerabilities

UNIX/Linux:
[SA25224] AForum "CommonAbsDir" and "header" File Inclusion
[SA25210] phpMyPortal "GLOBALS[CHEMINMODULES]" File Inclusion
[SA25189] Mandriva update for clamav
[SA25187] Red Hat update for php
[SA25164] Berylium "beryliumroot" File Inclusion Vulnerability
[SA25147] phpChess Community Edition Multiple File Inclusion
[SA25226] SUSE update for kernel
[SA25182] Mandriva update for vim
[SA25167] Gentoo update for gimp
[SA25166] Gentoo update for lighttpd
[SA25159] Red Hat update for vim
[SA25151] Slackware update for php
[SA25145] PHP Coupon Script "bus" SQL Injection
[SA25142] Gentoo update for ipsec-tools
[SA25217] Mandriva update for python
[SA25208] Ubuntu update for moinmoin
[SA25205] OTRS Cross-Site Scripting and Cross-Site Request Forgery
[SA25196] Gentoo update for mysql
[SA25157] Debian update for ldap-account-manager
[SA25149] RSAuction Suspended Account Security Bypass
[SA25133] Avaya Products file Integer Underflow Vulnerability
[SA25184] Red Hat update for postgresql
[SA25134] Asterisk IAX2 Channel Driver Information Disclosure
[SA25216] Avaya CMS / IR X.Org X11 Multiple Vulnerabilities
[SA25197] HP Tru64 UNIX "dop" Command Privilege Escalation
[SA25195] Gentoo update for libXfont and tightvnc
[SA25163] Linux Kernel Multiple Vulnerabilities
[SA25135] HP Tru64 UNIX "ps" Command Information Disclosure
[SA25132] rPath update for lftp
[SA25198] Ubuntu update for elinks
[SA25169] ELinks "add_filename_to_string()" Privilege Escalation
[SA25162] Sun Solaris "acl()" Local Denial of Service
[SA25161] rPath update for cpio

Other:
[SA25199] Cisco IOS FTP Server Multiple Vulnerabilities
[SA25137] avast! Zoo Denial of Service Vulnerability
[SA25138] Bradford Campus Manager Information Disclosure

Cross Platform:
[SA25214] CGX "pathCGX" File Inclusion Vulnerability
[SA25179] Tropicalm Crowell Resource "RESPATH" File Inclusion
[SA25177] PMECMS "pathMod" File Inclusion Vulnerabilities
[SA25176] DynamicPAD "HomeDir" File Inclusion Vulnerabilities
[SA25175] PHP TopTree BBS "right_file" File Inclusion Vulnerability
[SA25170] Wikivi5 "sous_rep" File Inclusion Vulnerability
[SA25146] Open Translation Engine "ote_home" File Inclusion
[SA25223] SimpleNews "news_id" SQL Injection Vulnerability
[SA25222] TutorialCMS Multiple SQL Injection Vulnerabilities
[SA25219] IBM WebSphere Application Server Java Message Service
Unspecified Vulnerability
[SA25207] SurgeMail webmail Unspecified Security Bypass
[SA25171] wfquotes Module for XOOPS "c" SQL Injection
[SA25165] Nuked-Klan "X-Forwarded-For" SQL Injection Vulnerability
[SA25155] XOOPS Flashgames Module "lid" SQL Injection
[SA25154] RunCMS "executed_queries" SQL Injection
[SA25153] Advanced Guestbook Multiple Vulnerabilities
[SA25144] Pre Classified Listings PHP "category" SQL Injection
[SA25141] Censura "vendorid" SQL Injection Vulnerability
[SA25200] SquirrelMail Cross-Site Scripting and Request Forgery
Vulnerabilities
[SA25190] Python "PyLocale_strxfrm()" Off-By-One Information
Disclosure
[SA25181] WikkaWiki Information Disclosure and Cross-Site Scripting
[SA25168] OpenLD Search Cross-Site Scripting Vulnerability
[SA25140] Avira AntiVir Zoo Denial of Service Vulnerability
[SA25139] Simple Machines Forum Session Fixation Vulnerability
[SA25188] MySQL IF Query Denial of Service Vulnerability

========================================================================
5) Vulnerabilities Content Listing

Windows:--

[SA25218] RIM TeamOn Import Object ActiveX Control Buffer Overflow
Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-05-09

Will Dormann has reported a vulnerability in RIM's TeamOn Import Object
ActiveX control, which can be exploited by malicious people to
compromise a user's system.

Full Advisory:
http://secunia.com/advisories/25218/

 --

[SA25209] BarCodeWiz Barcode ActiveX Control Buffer Overflow
Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-05-09

shinnai has discovered a vulnerability in BarCodeWiz Barcode ActiveX
control, which can be exploited by malicious people to compromise a
user's system.

Full Advisory:
http://secunia.com/advisories/25209/

 --

[SA25203] SmartCode VNC Manager VNC Viewer ActiveX Control Buffer
Overflow

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-05-08

shinnai has discovered a vulnerability in SmartCode VNC Manager, which
can be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/25203/

 --

[SA25185] CAPICOM CAPICOM.Certificates ActiveX Control Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-05-08

A vulnerability has been reported in CAPICOM (Cryptographic API
Component Object Model), which can be exploited by malicious people to
compromise a user's system.

Full Advisory:
http://secunia.com/advisories/25185/

 --

[SA25183] Microsoft Exchange Multiple Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      Cross Site Scripting, DoS, System access
Released:    2007-05-08

Some vulnerabilities have been reported in Microsoft Exchange, which
can be exploited by malicious people to conduct script insertion
attacks, cause a DoS (Denial of Service), or compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/25183/

 --

[SA25180] TAL Bar Code ActiveX Control Buffer Overflow Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-05-08

Michal Bucko has discovered a vulnerability in TAL Bar Code ActiveX
Control, which can be exploited by malicious people to compromise a
user's system.

Full Advisory:
http://secunia.com/advisories/25180/

 --

[SA25178] Microsoft Office Drawing Object Code Execution Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-05-08

A vulnerability has been reported in Microsoft Office, which can be
exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/25178/

 --

[SA25174] PHPtree "s_dir" File Inclusion Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information, System access
Released:    2007-05-08

ThE TiGeR has reported a vulnerability in PHPtree, which can be
exploited by malicious people to disclose sensitive information or to
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/25174/

 --

[SA25173] McAfee SecurityCenter Subscription Manager ActiveX Control
Buffer Overflow

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-05-09

A vulnerability has been reported in various McAfee products, which can
be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/25173/

 --

[SA25156] HTTP File Upload ActiveX Control Buffer Overflow
Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-05-07

shinnai has discovered a vulnerability in HTTP File Upload ActiveX
Control, which can be exploited by malicious people to compromise a
user's system.

Full Advisory:
http://secunia.com/advisories/25156/

 --

[SA25150] Microsoft Excel Three Code Execution Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-05-08

Three vulnerabilities have been reported in Microsoft Excel, which can
be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/25150/

 --

[SA25143] Office Viewer ActiveX Control Buffer Overflow
Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-05-07

shinnai has discovered some vulnerabilities in Office Viewer OCX, which
can be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/25143/

 --

[SA25212] Nokia Intellisync Mobile Suite Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Exposure of system information,
Exposure of sensitive information, DoS
Released:    2007-05-09

Johannes Greil has reported some vulnerabilities in Nokia's Intellisync
Mobile Suite, which can be exploited by malicious people to gain
knowledge of sensitive information, conduct cross-site scripting
attacks, manipulate certain data, or cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/25212/

 --

[SA25172] Symantec Products NAVOpts.dll ActiveX Control Security Bypass
Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2007-05-10

A vulnerability has been reported in various Symantec products, which
can be exploited by malicious people to bypass certain security
restrictions.

Full Advisory:
http://secunia.com/advisories/25172/

 --

[SA25158] Burak Yilmaz Blog "id" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-05-08

RMx has reported a vulnerability in Burak Yilmaz Blog, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/25158/

 --

[SA25186] Trend Micro ServerProtect Multiple Buffer Overflow
Vulnerabilities

Critical:    Moderately critical
Where:       From local network
Impact:      System access
Released:    2007-05-08

Some vulnerabilities have been reported in Trend Micro ServerProtect,
which can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/25186/

 --

[SA25148] IBM DB2 Universal Database Unspecified Code Execution
Vulnerability

Critical:    Moderately critical
Where:       From local network
Impact:      System access
Released:    2007-05-09

A vulnerability has been reported in IBM DB2, which can be exploited by
malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/25148/

 --

[SA25211] Adobe RoboHelp Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-05-09

A vulnerability has been reported in RoboHelp, which can be exploited
by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/25211/

 --

[SA25152] Panda AntiVirus Zoo Denial of Service Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2007-05-08

Jean-Sebastien Guay-Leroux has reported a vulnerability in Panda
AntiVirus, which can be exploited by malicious people to cause a DoS
(Denial of Service).

Full Advisory:
http://secunia.com/advisories/25152/

 --

[SA25160] Novell SecureLogin Two Unspecified Vulnerabilities

Critical:    Less critical
Where:       From local network
Impact:      Unknown, Privilege escalation
Released:    2007-05-07

Two vulnerabilities have been reported in Novell SecureLogin, where one
has an unknown impact and the other can potentially be exploited to gain
escalated privileges.

Full Advisory:
http://secunia.com/advisories/25160/


UNIX/Linux:--

[SA25224] AForum "CommonAbsDir" and "header" File Inclusion

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-05-10

Some vulnerabilities have been reported in AForum, which can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/25224/

 --

[SA25210] phpMyPortal "GLOBALS[CHEMINMODULES]" File Inclusion

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-05-10

Mahmood_ali has discovered a vulnerability in phpMyPortal, which can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/25210/

 --

[SA25189] Mandriva update for clamav

Critical:    Highly critical
Where:       From remote
Impact:      Unknown, DoS, System access
Released:    2007-05-09

Mandriva has issued an update for clamav. This fixes some
vulnerabilities, where one has an unknown impact and the others can be
exploited by malicious people to cause a DoS (Denial of Service) or
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/25189/

 --

[SA25187] Red Hat update for php

Critical:    Highly critical
Where:       From remote
Impact:      Unknown, Security Bypass, System access
Released:    2007-05-09

Red Hat has issued an update for php. This fixes some vulnerabilities,
where some have unknown impacts and others can be exploited by
malicious users to bypass certain security restrictions and potentially
by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/25187/

 --

[SA25164] Berylium "beryliumroot" File Inclusion Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information, System access
Released:    2007-05-08

ThE TiGeR has reported a vulnerability in Berylium, which can be
exploited by malicious people to disclose sensitive information or to
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/25164/

 --

[SA25147] phpChess Community Edition Multiple File Inclusion

Critical:    Highly critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information, System access
Released:    2007-05-04

GolD_M has discovered some vulnerabilities in phpChess Community
Edition, which can be exploited by malicious people to disclose
sensitive information or to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/25147/

 --

[SA25226] SUSE update for kernel

Critical:    Moderately critical
Where:       From remote
Impact:      Privilege escalation, DoS, Unknown
Released:    2007-05-10

SUSE has issued an update for the kernel. This fixes some
vulnerabilities, where one has an unknown impact and others can be
exploited by malicious, local users to cause a DoS (Denial of Service)
or gain escalated privileges, and by malicious people to cause a DoS.

Full Advisory:
http://secunia.com/advisories/25226/

 --

[SA25182] Mandriva update for vim

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2007-05-10

Mandriva has issued an update for vim. This fixes a vulnerability,
which can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/25182/

 --

[SA25167] Gentoo update for gimp

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2007-05-08

Gentoo has issued an update for gimp. This fixes a vulnerability, which
can be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/25167/

 --

[SA25166] Gentoo update for lighttpd

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2007-05-08

Gentoo has issued an update for lighttpd. This fixes some
vulnerabilities, which can be exploited by malicious users and
malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/25166/

 --

[SA25159] Red Hat update for vim

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2007-05-09

Red Hat has issued an update for vim. This fixes a vulnerability, which
can be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/25159/

 --

[SA25151] Slackware update for php

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, Manipulation of
data, Exposure of system information, Exposure of sensitive
information, DoS, System access
Released:    2007-05-08

Slackware has issued an update for php. This fixes some
vulnerabilities, which can be exploited by malicious users to
manipulate certain data, disclose potentially sensitive information,
bypass certain security restrictions, cause a DoS (Denial of Service),
or to compromise a vulnerable system, and by malicious people to
disclose potentially sensitive information, conduct cross-site
scripting attacks, or cause a DoS.

Full Advisory:
http://secunia.com/advisories/25151/

 --

[SA25145] PHP Coupon Script "bus" SQL Injection

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data, Exposure of sensitive information
Released:    2007-05-04

Cyber-Security has reported a vulnerability in PHP Coupon Script, which
can be exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/25145/

 --

[SA25142] Gentoo update for ipsec-tools

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2007-05-08

Gentoo has issued an update for ipsec-tools. This fixes a
vulnerability, which can be exploited by malicious people to cause a
DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/25142/

 --

[SA25217] Mandriva update for python

Critical:    Less critical
Where:       From remote
Impact:      Exposure of sensitive information
Released:    2007-05-09

Mandriva has issued an update for python. This fixes a security issue,
which can be exploited by malicious people to disclose potentially
sensitive information.

Full Advisory:
http://secunia.com/advisories/25217/

 --

[SA25208] Ubuntu update for moinmoin

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-05-08

Ubuntu has issued an update for moinmoin. This fixes a vulnerability,
which can be exploited by malicious people to conduct cross-site
scripting attacks.

Full Advisory:
http://secunia.com/advisories/25208/

 --

[SA25205] OTRS Cross-Site Scripting and Cross-Site Request Forgery

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-05-08

ciri has reported some vulnerabilities in OTRS (Open Ticket Request
System), which can be exploited by malicious people to conduct
cross-site scripting and cross-site request forgery attacks.

Full Advisory:
http://secunia.com/advisories/25205/

 --

[SA25196] Gentoo update for mysql

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2007-05-09

Gentoo has issued an update for mysql. This fixes two vulnerabilities,
which can be exploited by malicious users to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/25196/

 --

[SA25157] Debian update for ldap-account-manager

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting, Privilege escalation
Released:    2007-05-08

Debian has issued an update for ldap-account-manager. This fixes some
vulnerabilities, which can be exploited by malicious, local users to
perform actions with escalated privileges and by malicious users to
conduct script insertion attacks.

Full Advisory:
http://secunia.com/advisories/25157/

 --

[SA25149] RSAuction Suspended Account Security Bypass

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass
Released:    2007-05-09

switzer has reported a vulnerability in RSAuction, which can be
exploited by malicious users to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/25149/

 --

[SA25133] Avaya Products file Integer Underflow Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-05-07

Avaya has acknowledged a vulnerability in various Avaya products, which
can potentially be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/25133/

 --

[SA25184] Red Hat update for postgresql

Critical:    Less critical
Where:       From local network
Impact:      Privilege escalation
Released:    2007-05-09

Red Hat has issued an update for postgresql. This fixes a security
issue, which can potentially be exploited by malicious users to gain
escalated privileges.

Full Advisory:
http://secunia.com/advisories/25184/

 --

[SA25134] Asterisk IAX2 Channel Driver Information Disclosure

Critical:    Less critical
Where:       From local network
Impact:      Exposure of sensitive information
Released:    2007-05-07

A vulnerability has been reported in Asterisk, which can be exploited
by malicious users to disclose potential sensitive information.

Full Advisory:
http://secunia.com/advisories/25134/

 --

[SA25216] Avaya CMS / IR X.Org X11 Multiple Vulnerabilities

Critical:    Less critical
Where:       Local system
Impact:      Exposure of sensitive information, Privilege escalation,
DoS
Released:    2007-05-10

Avaya has acknowledged some vulnerabilities in Avaya CMS and IR, which
can be exploited by malicious, local users to disclose sensitive
information, cause a DoS (Denial of Service), and gain escalated
privileges.

Full Advisory:
http://secunia.com/advisories/25216/

 --

[SA25197] HP Tru64 UNIX "dop" Command Privilege Escalation

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-05-09

A vulnerability has been reported in HP Tru64 UNIX, which can be
exploited by malicious, local users to gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/25197/

 --

[SA25195] Gentoo update for libXfont and tightvnc

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-05-09

Gentoo has issued an update for libXfont and tightvnc. This fixes some
vulnerabilities, which can be exploited by malicious, local users to
gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/25195/

 --

[SA25163] Linux Kernel Multiple Vulnerabilities

Critical:    Less critical
Where:       Local system
Impact:      Exposure of sensitive information, DoS
Released:    2007-05-08

Some vulnerabilities have been reported in the Linux Kernel, which
potentially can be exploited by malicious, local users to cause a DoS
(Denial of Service) or disclose potentially sensitive information.

Full Advisory:
http://secunia.com/advisories/25163/

 --

[SA25135] HP Tru64 UNIX "ps" Command Information Disclosure

Critical:    Less critical
Where:       Local system
Impact:      Exposure of sensitive information
Released:    2007-05-04

A security issue has been reported in HP Tru64, which can be exploited
by malicious, local users to gain knowledge of potentially sensitive
information.

Full Advisory:
http://secunia.com/advisories/25135/

 --

[SA25132] rPath update for lftp

Critical:    Not critical
Where:       From remote
Impact:      System access
Released:    2007-05-04

rPath has issued an update for lftp. This fixes a weakness, which
potentially can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/25132/

 --

[SA25198] Ubuntu update for elinks

Critical:    Not critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-05-08

Ubuntu has issued an update for elinks. This fixes a weakness, which
potentially can be exploited by malicious, local users to gain
escalated privileges.

Full Advisory:
http://secunia.com/advisories/25198/

 --

[SA25169] ELinks "add_filename_to_string()" Privilege Escalation

Critical:    Not critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-05-08

Arnaud Giersch has reported a weakness in ELinks, which potentially can
be exploited by malicious, local users to gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/25169/

 --

[SA25162] Sun Solaris "acl()" Local Denial of Service

Critical:    Not critical
Where:       Local system
Impact:      DoS
Released:    2007-05-08

A vulnerability has been reported in Sun Solaris, which can be
exploited by malicious, local users to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/25162/

 --

[SA25161] rPath update for cpio

Critical:    Not critical
Where:       Local system
Impact:      DoS
Released:    2007-05-08

rPath has issued an update for cpio. This fixes a vulnerability, which
can be exploited by malicious, local users to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/25161/


Other:--

[SA25199] Cisco IOS FTP Server Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, DoS, System access
Released:    2007-05-10

Some vulnerabilities have been reported in Cisco IOS, which can be
exploited by malicious users and malicious people to bypass certain
security restrictions, cause a DoS (Denial of Service), or potentially
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/25199/

 --

[SA25137] avast! Zoo Denial of Service Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2007-05-08

Jean-Sebastien Guay-Leroux has reported a vulnerability in avast!,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/25137/

 --

[SA25138] Bradford Campus Manager Information Disclosure

Critical:    Less critical
Where:       From local network
Impact:      Exposure of sensitive information
Released:    2007-05-08

John Martinelli has reported a vulnerability in Bradford Campus
Manager, which can be exploited by malicious people to gain
unprivileged access to restricted data.

Full Advisory:
http://secunia.com/advisories/25138/


Cross Platform:--

[SA25214] CGX "pathCGX" File Inclusion Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-05-09

GolD_M has reported some vulnerabilities in CGX, which can be exploited
by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/25214/

 --

[SA25179] Tropicalm Crowell Resource "RESPATH" File Inclusion

Critical:    Highly critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information, System access
Released:    2007-05-08

kezzap66345 has discovered a vulnerability in Tropicalm Crowell
Resource, which can be exploited by malicious people to disclose
sensitive information or to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/25179/

 --

[SA25177] PMECMS "pathMod" File Inclusion Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-05-07

Some vulnerabilities have been reported in PMECMS, which can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/25177/

 --

[SA25176] DynamicPAD "HomeDir" File Inclusion Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information, System access
Released:    2007-05-08

ThE TiGeR has discovered two vulnerabilities in DynamicPAD, which can
be exploited by malicious people to disclose sensitive information or
to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/25176/

 --

[SA25175] PHP TopTree BBS "right_file" File Inclusion Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-05-07

kezzap66345 has reported a vulnerability in PHP TopTree BBS, which can
be exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/25175/

 --

[SA25170] Wikivi5 "sous_rep" File Inclusion Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information, System access
Released:    2007-05-07

GolD_M has reported a vulnerability in Wikivi5, which can be exploited
by malicious people to disclose sensitive information or to compromise
a vulnerable system.

Full Advisory:
http://secunia.com/advisories/25170/

 --

[SA25146] Open Translation Engine "ote_home" File Inclusion

Critical:    Highly critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information, System access
Released:    2007-05-04

GolD_M has discovered a vulnerability in Open Translation Engine, which
can be exploited by malicious people to disclose sensitive information
or to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/25146/

 --

[SA25223] SimpleNews "news_id" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-05-10

Silentz has discovered a vulnerability in SimpleNews, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/25223/

 --

[SA25222] TutorialCMS Multiple SQL Injection Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-05-10

Silentz has discovered some vulnerabilities in TutorialCMS, which can
be exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/25222/

 --

[SA25219] IBM WebSphere Application Server Java Message Service
Unspecified Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-05-09

A vulnerability has been reported in IBM WebSphere Application Server,
which potentially can be exploited by malicious people to cause a DoS
(Denial of Service) or to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/25219/

 --

[SA25207] SurgeMail webmail Unspecified Security Bypass

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2007-05-10

A vulnerability has been reported in SurgeMail, which can be exploited
by malicious users to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/25207/

 --

[SA25171] wfquotes Module for XOOPS "c" SQL Injection

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-05-07

A vulnerability has been reported in the wfquotes module for XOOPS,
which can be exploited by malicious people to conduct SQL injection
attacks.

Full Advisory:
http://secunia.com/advisories/25171/

 --

[SA25165] Nuked-Klan "X-Forwarded-For" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-05-07

DarkFig has discovered a vulnerability in Nuked-Klan, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/25165/

 --

[SA25155] XOOPS Flashgames Module "lid" SQL Injection

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-05-07

A vulnerability has been reported in the Flashgames module for XOOPS,
which can be exploited by malicious people to conduct SQL injection
attacks.

Full Advisory:
http://secunia.com/advisories/25155/

 --

[SA25154] RunCMS "executed_queries" SQL Injection

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data, Exposure of sensitive information
Released:    2007-05-07

rgod has discovered a vulnerability in RunCMS, which can be exploited
by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/25154/

 --

[SA25153] Advanced Guestbook Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Exposure of system information,
Exposure of sensitive information
Released:    2007-05-09

Jesper Jurcenoks has discovered some vulnerabilities in Advanced
Guestbook, which can be exploited by malicious people to disclose
sensitive information or to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/25153/

 --

[SA25144] Pre Classified Listings PHP "category" SQL Injection

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-05-04

Cyber-Security has reported a vulnerability in Pre Classified Listings
PHP, which can be exploited by malicious people to conduct SQL
injection attacks.

Full Advisory:
http://secunia.com/advisories/25144/

 --

[SA25141] Censura "vendorid" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-05-04

Cyber-Security has reported a vulnerability in Censura, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/25141/

 --

[SA25200] SquirrelMail Cross-Site Scripting and Request Forgery
Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-05-10

Some vulnerabilities have been reported in SquirrelMail, which can be
exploited by malicious people to conduct cross-site scripting and
cross-site request forgery attacks.

Full Advisory:
http://secunia.com/advisories/25200/

 --

[SA25190] Python "PyLocale_strxfrm()" Off-By-One Information
Disclosure

Critical:    Less critical
Where:       From remote
Impact:      Exposure of sensitive information
Released:    2007-05-09

Piotr Engelking has reported a security issue in Python, which can be
exploited by malicious people to disclose potentially sensitive
information.

Full Advisory:
http://secunia.com/advisories/25190/

 --

[SA25181] WikkaWiki Information Disclosure and Cross-Site Scripting

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting, Exposure of sensitive information
Released:    2007-05-08

Some vulnerabilities have been reported in WikkaWiki, which can be
exploited by malicious people to disclose potentially sensitive
information and to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/25181/

 --

[SA25168] OpenLD Search Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-05-09

A vulnerability has been reported in OpenLD, which can be exploited by
malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/25168/

 --

[SA25140] Avira AntiVir Zoo Denial of Service Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2007-05-10

Jean-Sebastien Guay-Leroux has reported a vulnerability in Avira
AntiVir, which can be exploited by malicious people to cause a DoS
(Denial of Service).

Full Advisory:
http://secunia.com/advisories/25140/

 --

[SA25139] Simple Machines Forum Session Fixation Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Hijacking
Released:    2007-05-07

David Vieira-Kurz has discovered a vulnerability in Simple Machines
Forum, which can be exploited by malicious people to conduct session
fixation attacks.

Full Advisory:
http://secunia.com/advisories/25139/

 --

[SA25188] MySQL IF Query Denial of Service Vulnerability

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2007-05-10

Neil Kettle has reported a vulnerability in MySQL, which can be
exploited by malicious users to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/25188/



========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Subscribe:
http://secunia.com/secunia_weekly_summary/

Contact details:
Web	: http://secunia.com/
E-mail	: support@private
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45


_____________________________________________________
Attend Black Hat USA, July 28-August 2 in Las Vegas, 
the world's premier technical event for ICT security 
experts. Featuring 30 hands-on training courses and 
90 Briefings presentations with lots of new content 
and new tools. Network with 4,000 delegates from 
70 nations.   Visit product displays by 30 top
sponsors in a relaxed setting. Rates increase on 
June 1 so register today. http://www.blackhat.com



This archive was generated by hypermail 2.1.3 : Thu May 10 2007 - 22:46:47 PDT