======================================================================== The Secunia Weekly Advisory Summary 2007-06-14 - 2007-06-21 This week: 73 advisories ======================================================================== Table of Contents: 1.....................................................Word From Secunia 2....................................................This Week In Brief 3...............................This Weeks Top Ten Most Read Advisories 4.......................................Vulnerabilities Summary Listing 5.......................................Vulnerabilities Content Listing ======================================================================== 1) Word From Secunia: Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure. The Full Featured Secunia Network Software Inspector (NSI) is now available: http://secunia.com/network_software_inspector/ The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,000 different Windows applications. ======================================================================== 2) This Week in Brief: The Sun StarOffice team released patches this week for two vulnerabilities in their product. A parsing error when handling RTF files can be exploited to cause a heap-based buffer overflow and run arbitrary code, but requires that a user is tricked into opening a specially crafted RTF file. The second vulnerability is due to StarOffice using a version of the Freetype library with a known vulnerability. The vulnerability is due to an error when parsing malformed TTF fonts, and can also be exploited to cause a heap-based buffer overflow, but requires that a user is tricked into opening a specially crafted RTF file. This vulnerability reportedly does not affect the Windows version of StarOffice. Sun has released patched for these two issues, and all users are urged to apply them immediately. For more information: http://secunia.com/advisories/25705/ -- Some formatting error vulnerabilities were reported in the VLC Media Player this week, which could be used by an attacker to compromise a vulnerable system. The vulnerabilities are located in the Ogg/Vorbis, Ogg/Theora, CDDA, and SAP plugins. Successful exploitation is possible if a user is tricked into opening or handling a specially crafted .ogg or .ogm file, a CDDB entry, or an SAP/SDP message. VLC has released a patch to fix these issues, and all users are advised to upgrade. For more information: http://secunia.com/advisories/25753/ -- Trillian, the popular messaging application, released an update this week to fix a security vulnerability in previous versions. A boundary error when word-wrapping UTF-8 strings could be exploited to cause a heap-based buffer overflow when a user views an overly long, specially crafted message using any of the available messaging protocols. Successful exploitation may allow an attacker to execute arbitrary code on the system. For more information: http://secunia.com/advisories/25736/ -- VIRUS ALERTS: During the past week Secunia collected 207 virus descriptions from the Antivirus vendors. However, none were deemed MEDIUM risk or higher according to the Secunia assessment scale. ======================================================================== 3) This Weeks Top Ten Most Read Advisories: 1. [SA25736] Trillian UTF-8 Word Wrap Buffer Overflow Vulnerability 2. [SA25697] Novell NetWare XNFS Buffer Overflow Vulnerability 3. [SA25694] Astaro Secure Gateway SMTP Proxy Unspecified Denial of Service 4. [SA25699] Ruby on Rails "to_json" Cross-Site Scripting Vulnerability 5. [SA25666] Sun Java System Directory Server Two Vulnerabilities 6. [SA25659] WordPress AndyBlue Theme URL Cross-Site Scripting 7. [SA25645] Slackware update for libexif 8. [SA25668] Sun Solaris 10 NFS XDR Handling Vulnerability 9. [SA25687] PHP::HTML "htmlclass_path" File Inclusion 10. [SA25678] Apache Tomcat Manager Cross-Site Scripting ======================================================================== 4) Vulnerabilities Summary Listing Windows: [SA25757] RealNetworks GameHouse dldisplay ActiveX Control Buffer Overflows [SA25736] Trillian UTF-8 Word Wrap Buffer Overflow Vulnerability [SA25732] Altap Salamander PDB Filename Handling Buffer Overflow [SA25727] Avaya one-X Desktop Edition Denial of Service [SA25719] FCKeditor ADS File Upload Vulnerability [SA25710] Novell exteNd Director LocalExec ActiveX Control "launch()" Insecure Method [SA25752] RaidenHTTPD Unspecified Cross-Site Scripting Vulnerability [SA25733] TDizin "ara" Cross-Site Scripting Vulnerability [SA25735] PHP Tidy Extension "tidy_parse_string()" Buffer Overflow UNIX/Linux: [SA25758] Knowledgeroot Knowledgebase PHPMailer "Sender" Command Execution [SA25755] Debian update for libphp-phpmailer [SA25750] Gentoo updates for Mozilla Products [SA25705] Sun StarOffice Office Suite RTF File and FreeType Font Parsing Vulnerabilities [SA25685] Debian update for iceweasel [SA25770] Apple Mac OS X IPv6 Type 0 Route Headers Denial of Service [SA25748] Gentoo update for phprojekt [SA25746] Mandriva update for libexif [SA25737] Jasmine CMS SQL Injection and Local File Inclusion [SA25730] Red Hat update for mod_perl [SA25729] Sun Solaris Gnome PDF Viewer Multiple Vulnerabilities [SA25717] Debian update for libexif [SA25713] Debian update for mplayer [SA25700] Red Hat update for kernel [SA25691] rPath update for kernel and xen [SA25688] Gentoo update for clamav [SA25772] HP Internet Express for Tru64 UNIX Samba Vulnerabilities [SA25689] HP System Management Homepage Root Novell eDirectory Member Security Issue [SA25766] Evolution "SEQUENCE" Array Indexing Vulnerability [SA25743] Avaya Products sendmail Weakness [SA25742] Avaya Products libpng tRNS/sPLT Chunk Denial of Service [SA25724] Mandriva update for proftpd [SA25715] Sun Solaris 10 BIND DNSSEC Denial of Service [SA25714] Debian update for kernel-source-2.6.8 [SA25703] Mandriva update for jasper [SA25701] Debian update for libapache-mod-jk [SA25696] bbPress "post_content" SQL Injection Vulnerability [SA25692] rPath update for util-linux [SA25690] rPath update for squirrelmail [SA25683] SUSE update for kernel [SA25725] Debian update for postgresql-7.4 [SA25720] Debian update for postgresql-8.1 [SA25686] wmFrog Insecure Temporary File Creation Vulnerability [SA25749] Debian update for open-iscsi [SA25723] Avaya Products vixie-cron Local Denial of Service [SA25682] Linux Kernel "compat_sys_mount()" Denial of Service Security Issue Other: [SA25747] Avaya 4602SW SIP Phone Multiple Vulnerabilities [SA25694] Astaro Secure Gateway SMTP Proxy Unspecified Denial of Service [SA25745] Apple TV UPnP IGD Buffer Overflow Vulnerability [SA25697] Novell NetWare XNFS Buffer Overflow Vulnerability Cross Platform: [SA25753] VLC Media Player Multiple Plugins Format String Vulnerabilities [SA25751] MUSOO "ini_array[EXTLIB_PATH]" Multiple File Inclusion [SA25728] YourFreeScreamer "serverPath" File Inclusion Vulnerabilities [SA25711] Xvid Avi File Parsing Array Indexing Vulnerability [SA25687] PHP::HTML "htmlclass_path" File Inclusion [SA25744] LiveCMS SQL Injection and Script Insertion [SA25716] Solar Empire Generic "game_listing.php" SQL Injection [SA25709] WIKINDX Localization Module Security Bypass [SA25708] Papoo CMS Cross-Site Scripting and Script Insertion Vulnerabilities [SA25706] phpListPro "site_address" Script Insertion [SA25704] IBM WebSphere Application Server Multiple Vulnerabilities [SA25698] VirtueMart Unspecified SQL Injection Vulnerability [SA25693] WebIf "outconfig" Information Disclosure Vulnerability [SA25684] Elxis CMS "mb_tracker" SQL Injection [SA25738] F-Secure LHA and RAR Archives Security Bypass [SA25731] dKret Search Widget Cross-Site Scripting Vulnerability [SA25726] IPplan PHPMailer "Data()" Denial of Service [SA25721] Apache Tomcat Accept-Language Header Cross-Site Scripting [SA25712] Site@School "q" Cross-Site Scripting [SA25702] Utopia News Pro "password" Cross-Site Scripting Vulnerability [SA25699] Ruby on Rails "to_json" Cross-Site Scripting Vulnerability [SA25681] PHP Hosting Biller "order.php" Cross-Site Scripting Vulnerability [SA25734] YaBB "userlanguage" Local File Inclusion Vulnerability [SA25695] MailWasher Server LDAP Blank Password Security Issue ======================================================================== 5) Vulnerabilities Content Listing Windows:-- [SA25757] RealNetworks GameHouse dldisplay ActiveX Control Buffer Overflows Critical: Highly critical Where: From remote Impact: System access Released: 2007-06-20 Will Dormann has reported some vulnerabilities in RealNetworks GameHouse dldisplay ActiveX control, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/25757/ -- [SA25736] Trillian UTF-8 Word Wrap Buffer Overflow Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2007-06-19 A vulnerability has been reported in Trillian, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/25736/ -- [SA25732] Altap Salamander PDB Filename Handling Buffer Overflow Critical: Moderately critical Where: From remote Impact: System access Released: 2007-06-20 Tan Chew Keong has reported a vulnerability in Altap Salamander, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/25732/ -- [SA25727] Avaya one-X Desktop Edition Denial of Service Critical: Moderately critical Where: From remote Impact: DoS Released: 2007-06-20 Two vulnerabilities have been reported in Avaya one-X Desktop Edition, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25727/ -- [SA25719] FCKeditor ADS File Upload Vulnerability Critical: Moderately critical Where: From remote Impact: Security Bypass Released: 2007-06-18 A vulnerability has been discovered in FCKeditor, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/25719/ -- [SA25710] Novell exteNd Director LocalExec ActiveX Control "launch()" Insecure Method Critical: Moderately critical Where: From remote Impact: System access Released: 2007-06-18 Will Dormann has reported a vulnerability in Novell exteNd Director, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/25710/ -- [SA25752] RaidenHTTPD Unspecified Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-06-21 A vulnerability has been reported in RaidenHTTPD, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/25752/ -- [SA25733] TDizin "ara" Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-06-19 A vulnerability has been reported in TDizin, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/25733/ -- [SA25735] PHP Tidy Extension "tidy_parse_string()" Buffer Overflow Critical: Less critical Where: Local system Impact: Security Bypass Released: 2007-06-21 rgod has discovered a vulnerability in the PHP tidy extension, which can be exploited by malicious users to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/25735/ UNIX/Linux:-- [SA25758] Knowledgeroot Knowledgebase PHPMailer "Sender" Command Execution Critical: Highly critical Where: From remote Impact: System access Released: 2007-06-20 A vulnerability has been reported in Knowledgeroot Knowledgebase, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25758/ -- [SA25755] Debian update for libphp-phpmailer Critical: Highly critical Where: From remote Impact: System access Released: 2007-06-20 Debian has issued an update for libphp-phpmailer. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25755/ -- [SA25750] Gentoo updates for Mozilla Products Critical: Highly critical Where: From remote Impact: Security Bypass, Spoofing, Exposure of sensitive information, DoS, System access Released: 2007-06-20 Gentoo has issued updates for Mozilla products. These fix some vulnerabilities, which can be exploited by malicious people to conduct spoofing attacks, bypass certain security restrictions, and potentially compromise a user's system. Full Advisory: http://secunia.com/advisories/25750/ -- [SA25705] Sun StarOffice Office Suite RTF File and FreeType Font Parsing Vulnerabilities Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2007-06-18 Sun has acknowledged two vulnerabilities in Sun StarOffice, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/25705/ -- [SA25685] Debian update for iceweasel Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2007-06-15 Debian has issued an update for iceweasel. This fixes some vulnerabilities, which can be exploited by malicious people to conduct spoofing attacks, bypass certain security restrictions, and potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25685/ -- [SA25770] Apple Mac OS X IPv6 Type 0 Route Headers Denial of Service Critical: Moderately critical Where: From remote Impact: DoS Released: 2007-06-21 A security issue has been reported in Apple Mac OS X, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25770/ -- [SA25748] Gentoo update for phprojekt Critical: Moderately critical Where: From remote Impact: Hijacking, Cross Site Scripting, Manipulation of data, System access Released: 2007-06-20 Gentoo has issued an update for phprojekt. This fixes some vulnerabilities, which can be exploited by malicious users to conduct cross-site scripting, script insertion, cross-site request forgery, and SQL injection attacks and potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25748/ -- [SA25746] Mandriva update for libexif Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2007-06-20 Mandriva has issued an update for libexif. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library. Full Advisory: http://secunia.com/advisories/25746/ -- [SA25737] Jasmine CMS SQL Injection and Local File Inclusion Critical: Moderately critical Where: From remote Impact: Manipulation of data, Exposure of system information, Exposure of sensitive information Released: 2007-06-20 Silentz has discovered some vulnerabilities in Jasmine CMS, which can be exploited by malicious people to conduct SQL injection attacks and by malicious users to disclose sensitive information. Full Advisory: http://secunia.com/advisories/25737/ -- [SA25730] Red Hat update for mod_perl Critical: Moderately critical Where: From remote Impact: DoS Released: 2007-06-18 Red Hat has issued an update for mod_perl. This fixes a vulnerability, which potentially can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25730/ -- [SA25729] Sun Solaris Gnome PDF Viewer Multiple Vulnerabilities Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2007-06-21 Sun has acknowledged some vulnerabilities in Sun Solaris, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25729/ -- [SA25717] Debian update for libexif Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2007-06-18 Debian has issued an update for libexif. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library. Full Advisory: http://secunia.com/advisories/25717/ -- [SA25713] Debian update for mplayer Critical: Moderately critical Where: From remote Impact: System access Released: 2007-06-20 Debian has issued an update for mplayer. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/25713/ -- [SA25700] Red Hat update for kernel Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information, DoS, Brute force Released: 2007-06-15 Red Hat has issued an update for the kernel. This fixes some vulnerabilities and weaknesses, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or disclose potentially sensitive information, and by malicious people to cause a DoS. Full Advisory: http://secunia.com/advisories/25700/ -- [SA25691] rPath update for kernel and xen Critical: Moderately critical Where: From remote Impact: Security Bypass, Exposure of sensitive information, Privilege escalation, DoS Released: 2007-06-15 rPath has issued an update for the kernel and xen. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, and gain escalated privileges, and by malicious people to bypass certain security restrictions and cause a DoS. Full Advisory: http://secunia.com/advisories/25691/ -- [SA25688] Gentoo update for clamav Critical: Moderately critical Where: From remote Impact: DoS Released: 2007-06-18 Gentoo has issued an update for clamav. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25688/ -- [SA25772] HP Internet Express for Tru64 UNIX Samba Vulnerabilities Critical: Moderately critical Where: From local network Impact: Privilege escalation, System access Released: 2007-06-21 HP has acknowledged some vulnerabilities in HP Internet Express for Tru64 UNIX, which can be exploited by malicious users to perform certain actions with escalated privileges and to compromise a vulnerable system, and by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25772/ -- [SA25689] HP System Management Homepage Root Novell eDirectory Member Security Issue Critical: Moderately critical Where: From local network Impact: Security Bypass Released: 2007-06-18 A security issue has been reported in HP System Management Homepage (SMH), which may result in malicious people gaining access to the application. Full Advisory: http://secunia.com/advisories/25689/ -- [SA25766] Evolution "SEQUENCE" Array Indexing Vulnerability Critical: Less critical Where: From remote Impact: DoS, System access Released: 2007-06-21 Philip Van Hoof has reported a vulnerability in Evolution, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/25766/ -- [SA25743] Avaya Products sendmail Weakness Critical: Less critical Where: From remote Impact: Security Bypass Released: 2007-06-20 Avaya has acknowledged a weakness in various Avaya products, which can be exploited by malicious people to spoof emails. Full Advisory: http://secunia.com/advisories/25743/ -- [SA25742] Avaya Products libpng tRNS/sPLT Chunk Denial of Service Critical: Less critical Where: From remote Impact: DoS Released: 2007-06-20 Avaya has acknowledged some vulnerabilities in various Avaya products, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25742/ -- [SA25724] Mandriva update for proftpd Critical: Less critical Where: From remote Impact: Security Bypass Released: 2007-06-21 Mandriva has issued an update for proftpd. This fixes a security issue, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/25724/ -- [SA25715] Sun Solaris 10 BIND DNSSEC Denial of Service Critical: Less critical Where: From remote Impact: DoS Released: 2007-06-19 Sun has acknowledged a vulnerability in Sun Solaris, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25715/ -- [SA25714] Debian update for kernel-source-2.6.8 Critical: Less critical Where: From remote Impact: Privilege escalation, DoS Released: 2007-06-18 Debian has issued an update for kernel-source-2.6.8. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and gain escalated privileges, and by malicious people to cause a DoS. Full Advisory: http://secunia.com/advisories/25714/ -- [SA25703] Mandriva update for jasper Critical: Less critical Where: From remote Impact: DoS Released: 2007-06-20 Mandriva has issued an update for jasper. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25703/ -- [SA25701] Debian update for libapache-mod-jk Critical: Less critical Where: From remote Impact: Security Bypass Released: 2007-06-18 Debian has issued an update for libapache-mod-jk. This fixes a security issue, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/25701/ -- [SA25696] bbPress "post_content" SQL Injection Vulnerability Critical: Less critical Where: From remote Impact: Manipulation of data Released: 2007-06-15 chrishajer has reported a vulnerability in bbPress, which can be exploited by malicious users to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/25696/ -- [SA25692] rPath update for util-linux Critical: Less critical Where: From remote Impact: Security Bypass Released: 2007-06-18 rPath has issued an update for util-linux. This fixes a security issue, which can be exploited by malicious users to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/25692/ -- [SA25690] rPath update for squirrelmail Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-06-15 rPath has issued an update for squirrelmail. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/25690/ -- [SA25683] SUSE update for kernel Critical: Less critical Where: From remote Impact: Unknown, Exposure of sensitive information, Privilege escalation, DoS Released: 2007-06-15 SUSE has issued an update for the kernel. This fixes some vulnerabilities and a security issue, where one has an unknown impact and others can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, or gain escalated privileges, and by malicious people to cause a DoS. Full Advisory: http://secunia.com/advisories/25683/ -- [SA25725] Debian update for postgresql-7.4 Critical: Less critical Where: From local network Impact: Privilege escalation Released: 2007-06-18 Debian has issued an update for postgresql-7.4. This fixes a security issue, which can be exploited by malicious users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/25725/ -- [SA25720] Debian update for postgresql-8.1 Critical: Less critical Where: From local network Impact: Privilege escalation Released: 2007-06-19 Debian has issued an update for postgresql-8.1. This fixes a security issue, which can be exploited by malicious users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/25720/ -- [SA25686] wmFrog Insecure Temporary File Creation Vulnerability Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2007-06-18 A vulnerability has been reported in wmFrog, which potentially can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges. Full Advisory: http://secunia.com/advisories/25686/ -- [SA25749] Debian update for open-iscsi Critical: Not critical Where: Local system Impact: DoS Released: 2007-06-20 Debian has issued an update for open-iscsi. This fixes some security issues, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25749/ -- [SA25723] Avaya Products vixie-cron Local Denial of Service Critical: Not critical Where: Local system Impact: DoS Released: 2007-06-20 Avaya has acknowledged a vulnerability in various Avaya products, which can be exploited by malicious, local users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25723/ -- [SA25682] Linux Kernel "compat_sys_mount()" Denial of Service Security Issue Critical: Not critical Where: Local system Impact: DoS Released: 2007-06-15 A security issue has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25682/ Other:-- [SA25747] Avaya 4602SW SIP Phone Multiple Vulnerabilities Critical: Moderately critical Where: From remote Impact: Hijacking, Security Bypass, DoS Released: 2007-06-20 Sipera VIPER Lab has reported some weaknesses and a vulnerability in Avaya 4602SW SIP Phone, which can be exploited by malicious people to hijack calls, bypass certain security restrictions, or cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25747/ -- [SA25694] Astaro Secure Gateway SMTP Proxy Unspecified Denial of Service Critical: Moderately critical Where: From remote Impact: DoS Released: 2007-06-15 A vulnerability has been reported in Astaro Secure Gateway, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25694/ -- [SA25745] Apple TV UPnP IGD Buffer Overflow Vulnerability Critical: Moderately critical Where: From local network Impact: DoS, System access Released: 2007-06-21 A vulnerability has been reported in Apple TV, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable device. Full Advisory: http://secunia.com/advisories/25745/ -- [SA25697] Novell NetWare XNFS Buffer Overflow Vulnerability Critical: Less critical Where: From local network Impact: DoS Released: 2007-06-15 A vulnerability has been reported in Novell NetWare, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25697/ Cross Platform:-- [SA25753] VLC Media Player Multiple Plugins Format String Vulnerabilities Critical: Highly critical Where: From remote Impact: System access Released: 2007-06-20 Some vulnerabilities have been reported in VLC Media Player, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/25753/ -- [SA25751] MUSOO "ini_array[EXTLIB_PATH]" Multiple File Inclusion Critical: Highly critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information, System access Released: 2007-06-20 GoLd_M has reported some vulnerabilities in MUSOO, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25751/ -- [SA25728] YourFreeScreamer "serverPath" File Inclusion Vulnerabilities Critical: Highly critical Where: From remote Impact: System access Released: 2007-06-18 Some vulnerabilities have been reported in YourFreeScreamer, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25728/ -- [SA25711] Xvid Avi File Parsing Array Indexing Vulnerability Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2007-06-20 Trixter Jack has reported a vulnerability in the Xvid library, which can be exploited by malicious people to compromise an application using the library. Full Advisory: http://secunia.com/advisories/25711/ -- [SA25687] PHP::HTML "htmlclass_path" File Inclusion Critical: Highly critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information, System access Released: 2007-06-15 o0xxdark0o has discovered a vulnerability in PHP::HTML, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/25687/ -- [SA25744] LiveCMS SQL Injection and Script Insertion Critical: Moderately critical Where: From remote Impact: Cross Site Scripting, Manipulation of data, Exposure of sensitive information Released: 2007-06-21 Vipsta and Clorox have discovered some vulnerabilities in LiveCMS, which can be exploited by malicious users to conduct cross-site scripting attacks and by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/25744/ -- [SA25716] Solar Empire Generic "game_listing.php" SQL Injection Critical: Moderately critical Where: From remote Impact: Manipulation of data, Exposure of sensitive information Released: 2007-06-19 BlackHawk has discovered a vulnerability in Solar Empire Generic, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/25716/ -- [SA25709] WIKINDX Localization Module Security Bypass Critical: Moderately critical Where: From remote Impact: Security Bypass Released: 2007-06-18 A vulnerability has been reported in the Localization Module for WIKINDX, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/25709/ -- [SA25708] Papoo CMS Cross-Site Scripting and Script Insertion Vulnerabilities Critical: Moderately critical Where: From remote Impact: Cross Site Scripting Released: 2007-06-19 Nico Leidecker has discovered some vulnerabilities in Papoo CMS, which can be exploited by malicious users and malicious people to conduct script insertion and cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/25708/ -- [SA25706] phpListPro "site_address" Script Insertion Critical: Moderately critical Where: From remote Impact: Cross Site Scripting Released: 2007-06-18 A vulnerability has been discovered in phpListPro, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/25706/ -- [SA25704] IBM WebSphere Application Server Multiple Vulnerabilities Critical: Moderately critical Where: From remote Impact: Unknown, Security Bypass, DoS Released: 2007-06-18 Some vulnerabilities have been reported in IBM WebSphere Application Server, where some have unknown impacts and others can potentially be exploited by malicious people to bypass certain security restrictions or cause a DoS (Denial of Service) Full Advisory: http://secunia.com/advisories/25704/ -- [SA25698] VirtueMart Unspecified SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2007-06-15 A vulnerability has been reported in VirtueMart, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/25698/ -- [SA25693] WebIf "outconfig" Information Disclosure Vulnerability Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information Released: 2007-06-21 maiosyet has reported a vulnerability in WebIf, which potentially can be exploited by malicious people to disclose sensitive information. Full Advisory: http://secunia.com/advisories/25693/ -- [SA25684] Elxis CMS "mb_tracker" SQL Injection Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2007-06-15 Nico Leidecker has reported a vulnerability in Elxis CMS, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/25684/ -- [SA25738] F-Secure LHA and RAR Archives Security Bypass Critical: Less critical Where: From remote Impact: Security Bypass Released: 2007-06-19 A vulnerability has been reported in various F-Secure products, which can be exploited by malware to bypass the scanning functionality. Full Advisory: http://secunia.com/advisories/25738/ -- [SA25731] dKret Search Widget Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-06-18 A vulnerability has been reported in dKret, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/25731/ -- [SA25726] IPplan PHPMailer "Data()" Denial of Service Critical: Less critical Where: From remote Impact: DoS Released: 2007-06-18 A vulnerability has been reported in IPplan, which can be exploited by malicious users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/25726/ -- [SA25721] Apache Tomcat Accept-Language Header Cross-Site Scripting Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-06-19 A vulnerability has been reported in Apache Tomcat, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/25721/ -- [SA25712] Site@School "q" Cross-Site Scripting Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-06-18 MurderSkillz and Clorox have discovered a vulnerability in Site@School, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/25712/ -- [SA25702] Utopia News Pro "password" Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-06-18 Jesper Jurcenoks has discovered a vulnerability in Utopia News Pro, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/25702/ -- [SA25699] Ruby on Rails "to_json" Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-06-15 BCC has reported a vulnerability in Ruby on Rails, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/25699/ -- [SA25681] PHP Hosting Biller "order.php" Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-06-19 serapis.net has discovered a vulnerability in PHP Hosting Biller, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/25681/ -- [SA25734] YaBB "userlanguage" Local File Inclusion Vulnerability Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2007-06-21 Maciej Kukla has discovered a vulnerability in YaBB, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/25734/ -- [SA25695] MailWasher Server LDAP Blank Password Security Issue Critical: Not critical Where: From remote Impact: Security Bypass Released: 2007-06-18 A security issue has been reported in MailWasher Server, which can be exploited by malicious users to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/25695/ ======================================================================== Secunia recommends that you verify all advisories you receive, by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Subscribe: http://secunia.com/secunia_weekly_summary/ Contact details: Web : http://secunia.com/ E-mail : support@private Tel : +45 70 20 51 44 Fax : +45 70 20 51 45 _____________________________________________________ Attend Black Hat USA, July 28-August 2 in Las Vegas, the world's premier technical event for ICT security experts. Featuring 30 hands-on training courses and 90 Briefings presentations with lots of new content and new tools. Network with 4,000 delegates from 70 nations. Visit product displays by 30 top sponsors in a relaxed setting. Rates increase on June 1 so register today. http://www.blackhat.com
This archive was generated by hypermail 2.1.3 : Fri Jun 22 2007 - 00:11:40 PDT