[ISN] Secunia Weekly Summary - Issue: 2007-36

From: InfoSec News (alerts@private)
Date: Fri Sep 07 2007 - 01:23:43 PDT


========================================================================

                  The Secunia Weekly Advisory Summary                  
                        2007-08-30 - 2007-09-06                        

                       This week: 60 advisories                        

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing

========================================================================
1) Word From Secunia:

Try a new way to discover vulnerabilities that ALREADY EXIST in your
IT infrastructure.

The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT
vulnerabilities in more than 4,700 different Windows applications.

Request your account, the Secunia Network Software Inspector (NSI):
http://secunia.com/network_software_inspector/

========================================================================
2) This Week in Brief:

The BIND spoofing vulnerability discovered last July (SA26152) has also
been reported in HP Tru64 UNIX and HP Internet Express for Tru64 UNIX,
prompting the company to issue an advisory this week. 

The vulnerability, which can be used by attackers to poison the DNS
cache, is due to BIND having predictable query IDs in outgoing queries.
If a remote malicious user guesses the query ID correctly, then he or
she can then use this information to poison the cache. 

HP has released patches to solve the vulnerability. Customers are
advised to apply patches for Tru64 UNIX, and install the appropriate
Tru64 UNIX ERP kit for Internet Express.

For more information, refer to:
http://secunia.com/advisories/26605/

 --

Two vulnerabilities in the Move Media Player Quantum Streaming IE
Player ActiveX control have also been discovered this week. The
vulnerabilities are due to boundary errors within the ActiveX control
when handling arguments passed to the "Play()" and "Buzzer()" methods.
A malicious person can exploit these to cause a buffer overflow by
passing overly-long strings to the affected methods.

Successful exploitation requires that a user be, for example, tricked
into visiting a malicious website, but allows the attacker to execute
arbitrary code on the system.

As of this writing, the vulnerabilities are unpatched. Users are urged
to avoid visiting untrusted sites, or to set the kill-bit for the
affected ActiveX control.

For more information, refer to:
http://secunia.com/advisories/26600/

 --

US-CERT has reported some vulnerabilities in Intuit QuickBooks Online
Edition ActiveX control, which can be exploited by malicious people
to compromise a vulnerable system.

The QuickBooks Online Edition ActiveX contains the insecure methods
"httpGETToFile()" and "httpPOSTFromFile()", which can be exploited
to download or upload files in arbitrary locations.

The same ActiveX control is also reported to have several unspecified
boundary errors, which can be exploited to cause stack-based buffer
overflows.

Successful exploitation of the vulnerabilities allows execution of
arbitrary code, but requires that a user is, for example, tricked
into viewing a malicious web page.

The vulnerabilities are reported in version 9, and the vendor has
released version 10 to solve the vulnerabilities. Users are urged to
update their versions immediately.

For more information, refer to:
http://secunia.com/advisories/26659/

 --

Some vulnerabilities were reported in Kerberos this week, which can be
exploited to compromise a vulnerable system.

The implementation of the RPCSEC_GSS authentication type contains a
boundary error withinthe "svcauth_gss_validate()" function in
src/lib/rpc/svc_auth_gss.c. This can be exploited to cause a
stack-based buffer overflow by sending a specially crafted RPC message
to a vulnerable server.

Successful exploitation potentially allows the execution of arbitrary
code. In addition, products linking to the RPC library may also be
affected. This vulnerability is reported in krb5-1.4 through
krb5-1.6.2.

The "kadm5_modify_policy_internal()" function in
src/lib/kadm5/srv/svr_policy.c does not correctly check return values
of the "krb5_db_get_policy()" function.

This can be exploited to cause memory corruption and may potentially
allow the execution of arbitrary code, but modifying policies requires
the attacker to have valid user credentials and privileges. This
vulnerability is reported in krb5-1.5 through krb5-1.6.2.

The vendor has released a patch, but users are also urged to upgrade
to versions 1.5.5 or 1.6.3 as soon as these are available.

For more information, refer to:
http://secunia.com/advisories/26676/

 --

VIRUS ALERTS:

During the past week Secunia collected 124 virus descriptions from the
Antivirus vendors. However, none were deemed MEDIUM risk or higher
according to the Secunia assessment scale.

========================================================================
3) This Weeks Top Ten Most Read Advisories:

1.  [SA26579] Yahoo! Messenger YVerInfo.dll ActiveX Control Buffer
              Overflows
2.  [SA26642] PHP Multiple Vulnerabilities
3.  [SA26636] Apache mod_proxy "date" Denial of Service Vulnerability
4.  [SA26615] Firebird Multiple Vulnerabilities
5.  [SA26641] Cisco CallManager / CUCM Cross-Site Scripting and SQL
              Injection
6.  [SA26650] Our Space uploadmedia.cgi File Upload
7.  [SA26623] Python tarfile Module Directory Traversal and Symlink
              Vulnerability
8.  [SA26635] SUSE update for opera
9.  [SA26657] Backup Manager Information Disclosure Security Issue
10. [SA26649] Debian update for postfix-policyd

========================================================================
4) Vulnerabilities Summary Listing

Windows:
[SA26717] Broderbund Expressit 3DGreetings Player ActiveX Control
Multiple Buffer Overflows
[SA26674] SUSE Updates for Multiple Packages
[SA26667] OtsTurntables M3U Playlist Buffer Overflow Vulnerability
[SA26665] Virtual DJ M3U Playlist Buffer Overflow Vulnerability
[SA26661] MailMarshal tar Archive Directory Traversal
[SA26659] Intuit QuickBooks Online Edition ActiveX Control Multiple
Vulnerabilities
[SA26666] Hexamail Server "USER" Buffer Overflow Vulnerability

UNIX/Linux:
[SA26713] Sun Solaris Kerberos RPCSEC_GSS Vulnerability
[SA26705] librpcsecgss "svcauth_gss_validate()" Buffer Overflow
[SA26701] Fedora update for vavoom
[SA26700] Red Hat update for krb5
[SA26697] Debian update for librpcsecgss
[SA26691] Debian update for krb5
[SA26684] Ubuntu update for krb5 and librpcsecgss
[SA26683] Mandriva update for clamav
[SA26680] Fedora update for krb5
[SA26676] Kerberos Multiple Vulnerabilities
[SA26656] eNetman "page" File Inclusion Vulnerability
[SA26654] Debian update for clamav
[SA26719] Fedora update for gallery2
[SA26718] Fedora update for mapserver
[SA26708] Red Hat update for cyrus-sasl
[SA26702] Pawfaliki "page" Directory Traversal Vulnerability
[SA26688] PHD Help Desk Unspecified SQL Injection Vulnerability
[SA26687] Red Hat Network Satellite Server Code Execution
Vulnerability
[SA26664] SUSE update for kernel
[SA26663] rPath Update for gd and Multiple php Packages
[SA26653] Debian update for vim
[SA26651] Ubuntu update for kernel
[SA26690] rPath update for kdebase and kdelibs
[SA26678] reprepro Improper Signature Verification Security Bypass
[SA26673] rPath update for star
[SA26672] Red Hat update for star
[SA26655] Mandriva update for tar
[SA26715] IBM AIX Multiple Vulnerabilities
[SA26679] TorrentTrader Insecure File Permissions Security Issues
[SA26675] Debian debian-goodies Command Execution Vulnerability
[SA26657] Backup Manager Information Disclosure Security Issue
[SA26677] Cisco Adaptive Security Appliance Password Logging Weakness
[SA26711] Red Hat update for aide
[SA26709] Red Hat update for kernel

Other:
[SA26724] Cisco Catalyst Content Switching Modules Denial of Service
Vulnerabilities
[SA26703] Apple AirPort Extreme Base Station IPv6 Type 0 Route Headers
Denial of Service
[SA26721] Cisco Video Surveillance IP Gateway and Services Platform
Authentication Bypass

Cross Platform:
[SA26696] anyInventory "DIR_PREFIX" File Inclusion Vulnerability
[SA26694] Opensymphony WebWork XWork Input Validation OGNL Command
Injection
[SA26693] Apache Struts XWork Input Validation OGNL Command Injection
Vulnerability
[SA26681] XWork Input Validation OGNL Command Injection Vulnerability
[SA26658] STPHPLib Multiple File Inclusion Vulnerabilities
[SA26716] Gallery WebDAV and Reupload Module Data Manipulation
Vulnerabilities
[SA26706] Mambo AkoBook Component Script Insertion
[SA26689] Joomla NeoRecruit Component "id" SQL Injection
[SA26686] eZ Publish Two Security Bypass Vulnerabilities
[SA26685] Claroline Multiple Vulnerabilities
[SA26652] NMDeluxe "id" SQL Injection Vulnerability
[SA26668] Hitachi JP1/Cm2/Network Node Manager Shared Trace Service
Vulnerability
[SA26682] Urchin Multiple Cross-Site Scripting
[SA26671] Hitachi Cosminexus Products JavaDoc Cross-Site Scripting
[SA26662] Toms Gstebuch Multiple Cross-Site Scripting
[SA26660] Interstage Application Server Multiple Vulnerabilities

========================================================================
5) Vulnerabilities Content Listing

Windows:--

[SA26717] Broderbund Expressit 3DGreetings Player ActiveX Control
Multiple Buffer Overflows

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-09-06

Will Dormann has reported some vulnerabilities in the Broderbund
Expressit 3DGreetings Player ActiveX control, which potentially can be
exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/26717/

 --

[SA26674] SUSE Updates for Multiple Packages

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-09-03

SUSE has issued updates for multiple packages. These fix some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service) or compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26674/

 --

[SA26667] OtsTurntables M3U Playlist Buffer Overflow Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-09-03

0x58 has discovered a vulnerability in OtsTurntables, which can be
exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/26667/

 --

[SA26665] Virtual DJ M3U Playlist Buffer Overflow Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-09-03

0x58 has discovered a vulnerability in Virtual DJ, which can be
exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/26665/

 --

[SA26661] MailMarshal tar Archive Directory Traversal

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-09-04

Sebastian Vandersee has reported a vulnerability in MailMarshal, which
can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/26661/

 --

[SA26659] Intuit QuickBooks Online Edition ActiveX Control Multiple
Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-09-05

Will Dormann has reported some vulnerabilities in Intuit QuickBooks
Online Edition ActiveX control, which can be exploited by malicious
people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26659/

 --

[SA26666] Hexamail Server "USER" Buffer Overflow Vulnerability

Critical:    Moderately critical
Where:       From local network
Impact:      DoS, System access
Released:    2007-09-03

rgod has reported a vulnerability in Hexamail Server, which can be
exploited by malicious people to cause a DoS (Denial of Service) or
potentially to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26666/


UNIX/Linux:--

[SA26713] Sun Solaris Kerberos RPCSEC_GSS Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-09-06

Sun has acknowledged a vulnerability in Sun Solaris, which can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26713/

 --

[SA26705] librpcsecgss "svcauth_gss_validate()" Buffer Overflow

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-09-05

A vulnerability has been reported in librpcsecgss, which can be
exploited by malicious people to compromise an application using the
library.

Full Advisory:
http://secunia.com/advisories/26705/

 --

[SA26701] Fedora update for vavoom

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-09-06

Fedora has issued an update for vavoom. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service) or potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26701/

 --

[SA26700] Red Hat update for krb5

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-09-05

Red Hat has issued an updated for krb5. This fixes some
vulnerabilities, which can be exploited by malicious users and
malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26700/

 --

[SA26697] Debian update for librpcsecgss

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-09-05

Debian has issued an update for librpcsecgss. This fixes a
vulnerability, which can be exploited by malicious people to compromise
a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26697/

 --

[SA26691] Debian update for krb5

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-09-05

Debian has issued an update for krb5. This fixes a vulnerability, which
can be exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26691/

 --

[SA26684] Ubuntu update for krb5 and librpcsecgss

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-09-05

Ubuntu has issued an update for krb5 and librpcsecgss. This fixes a
vulnerability, which can be exploited by malicious people to compromise
a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26684/

 --

[SA26683] Mandriva update for clamav

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-09-03

Mandriva has issued an update for clamav. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service) or potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26683/

 --

[SA26680] Fedora update for krb5

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-09-06

Fedora has issued an update for krb5. This fixes some vulnerabilities,
which can be exploited by malicious users and malicious people to
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26680/

 --

[SA26676] Kerberos Multiple Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-09-05

Some vulnerabilities have been reported in Kerberos, which can be
exploited by malicious users and malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/26676/

 --

[SA26656] eNetman "page" File Inclusion Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information, System access
Released:    2007-09-04

JaheeM has discovered a vulnerability in eNetman, which can be
exploited by malicious people to disclose sensitive information or to
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26656/

 --

[SA26654] Debian update for clamav

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-09-03

Debian has issued an update for clamav. This fixes some
vulnerabilities, which can potentially be exploited by malicious people
to cause a DoS (Denial of Service) or to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/26654/

 --

[SA26719] Fedora update for gallery2

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-09-06

Fedora has issued an update for gallery2. This fixes some
vulnerabilities, which can be exploited by malicious users to
manipulate certain data.

Full Advisory:
http://secunia.com/advisories/26719/

 --

[SA26718] Fedora update for mapserver

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, DoS, System access
Released:    2007-09-06

Fedora has issued an update for mapserver. This fixes some
vulnerabilities, which can be exploited by malicious people to conduct
cross-site scripting attacks or to potentially compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/26718/

 --

[SA26708] Red Hat update for cyrus-sasl

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2007-09-05

Red Hat has issued an update for cyrus-sasl. This fixes a
vulnerability, which can be exploited by malicious people to cause a
DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/26708/

 --

[SA26702] Pawfaliki "page" Directory Traversal Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information
Released:    2007-09-05

mafialbano has discovered a vulnerability in Pawfaliki, which can be
exploited by malicious people to disclose sensitive information.

Full Advisory:
http://secunia.com/advisories/26702/

 --

[SA26688] PHD Help Desk Unspecified SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-09-03

A vulnerability has been reported in PHD Help Desk, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/26688/

 --

[SA26687] Red Hat Network Satellite Server Code Execution
Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2007-09-04

A vulnerability has been reported in Red Hat Network Satellite Server,
which can be exploited by malicious users to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/26687/

 --

[SA26664] SUSE update for kernel

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Brute force, Privilege escalation, DoS
Released:    2007-09-05

SUSE has issued an update for the kernel. This fixes some security
issues and vulnerabilities, which can be exploited by malicious, local
users to bypass certain security restrictions, cause a DoS (Denial of
Service), and gain escalated privileges, or by malicious people to
cause a DoS.

Full Advisory:
http://secunia.com/advisories/26664/

 --

[SA26663] rPath Update for gd and Multiple php Packages

Critical:    Moderately critical
Where:       From remote
Impact:      Unknown, DoS
Released:    2007-09-06

rPath has issued an update for gd and multiple php packages. This fixes
some vulnerabilities, where some have an unknown impact and others can
potentially be exploited to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/26663/

 --

[SA26653] Debian update for vim

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2007-09-03

Debian has issued an update for vim. This fixes some vulnerabilities,
which can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/26653/

 --

[SA26651] Ubuntu update for kernel

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Privilege escalation, DoS
Released:    2007-08-31

Ubuntu has issued an update for the kernel. This fixes some
vulnerabilities and a security issue, which can be exploited by
malicious, local users to cause a DoS (Denial of Service), bypass
certain security restrictions, or gain escalated privileges, and by
malicious people to cause a DoS.

Full Advisory:
http://secunia.com/advisories/26651/

 --

[SA26690] rPath update for kdebase and kdelibs

Critical:    Less critical
Where:       From remote
Impact:      Spoofing
Released:    2007-09-06

rPath has issued an update for kdebase and kdelibs. This fixes a
vulnerability, which can be exploited by malicious people to conduct
spoofing attacks.

Full Advisory:
http://secunia.com/advisories/26690/

 --

[SA26678] reprepro Improper Signature Verification Security Bypass

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass
Released:    2007-09-03

A vulnerability has been reported in reprepro, which can be exploited
by malicious people to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/26678/

 --

[SA26673] rPath update for star

Critical:    Less critical
Where:       From remote
Impact:      System access
Released:    2007-09-06

rPath has issued an update for star. This fixes a vulnerability, which
can be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/26673/

 --

[SA26672] Red Hat update for star

Critical:    Less critical
Where:       From remote
Impact:      System access
Released:    2007-09-05

Red Hat has issued an update for star. This fixes a vulnerability,
which can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/26672/

 --

[SA26655] Mandriva update for tar

Critical:    Less critical
Where:       From remote
Impact:      System access
Released:    2007-09-05

Mandriva has issued an update for tar. This fixes a vulnerability,
which can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/26655/

 --

[SA26715] IBM AIX Multiple Vulnerabilities

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation, DoS, Manipulation of data
Released:    2007-09-06

Multiple vulnerabilities have been reported in IBM AIX, which can be
exploited by malicious, local users to delete certain system files,
cause a DoS (Denial of Service), or gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/26715/

 --

[SA26679] TorrentTrader Insecure File Permissions Security Issues

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-09-04

Some security issues have been reported in TorrentTrader, which can be
exploited by malicious, local users to gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/26679/

 --

[SA26675] Debian debian-goodies Command Execution Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-09-06

Thomas de Grenier de Latour has discovered a vulnerability in the
debian-goodies package for Debian Linux, which can be exploited by
malicious, local users to perform actions with escalated privileges.

Full Advisory:
http://secunia.com/advisories/26675/

 --

[SA26657] Backup Manager Information Disclosure Security Issue

Critical:    Less critical
Where:       Local system
Impact:      Exposure of sensitive information
Released:    2007-08-31

Micha Lenk has reported a security issue in Backup Manager, which can
be exploited by malicious, local users to disclose sensitive
information.

Full Advisory:
http://secunia.com/advisories/26657/

 --

[SA26677] Cisco Adaptive Security Appliance Password Logging Weakness

Critical:    Not critical
Where:       From local network
Impact:      Exposure of sensitive information
Released:    2007-09-06

A weakness has been reported in Cisco Adaptive Security Appliance
(ASA), which can be exploited by malicious people to disclose sensitive
information.

Full Advisory:
http://secunia.com/advisories/26677/

 --

[SA26711] Red Hat update for aide

Critical:    Not critical
Where:       Local system
Impact:      Security Bypass
Released:    2007-09-05

Red Hat has issued an update for aide. This fixes a security issue,
which can be exploited by malicious, local users to bypass certain
security restrictions.

Full Advisory:
http://secunia.com/advisories/26711/

 --

[SA26709] Red Hat update for kernel

Critical:    Not critical
Where:       Local system
Impact:      DoS
Released:    2007-09-05

Red Hat has issued an update for the kernel. This fixes a
vulnerability, which can be exploited by malicious, local users to
cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/26709/


Other:--

[SA26724] Cisco Catalyst Content Switching Modules Denial of Service
Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2007-09-06

Two vulnerabilities have been reported in the Cisco Catalyst Content
Switching Modules (CSM) and Cisco Catalyst Content Switching Module
with SSL (CSM-S), which can be exploited by malicious people to cause a
DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/26724/

 --

[SA26703] Apple AirPort Extreme Base Station IPv6 Type 0 Route Headers
Denial of Service

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2007-09-05

A security issue has been reported in Apple AirPort Extreme Base
Station, which can be exploited by malicious people to cause a DoS
(Denial of Service).

Full Advisory:
http://secunia.com/advisories/26703/

 --

[SA26721] Cisco Video Surveillance IP Gateway and Services Platform
Authentication Bypass

Critical:    Moderately critical
Where:       From local network
Impact:      Security Bypass, System access
Released:    2007-09-06

Some vulnerabilities have been reported in Cisco Video IP Gateway and
Services Platform, which can be exploited by malicious people to bypass
certain security restrictions and compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26721/


Cross Platform:--

[SA26696] anyInventory "DIR_PREFIX" File Inclusion Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information, System access
Released:    2007-09-06

ThE TiGeR has discovered a vulnerability in anyInventory, which can be
exploited by malicious people to disclose sensitive information or to
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26696/

 --

[SA26694] Opensymphony WebWork XWork Input Validation OGNL Command
Injection

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-09-04

A vulnerability has been reported in Opensymphony WebWork, which can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26694/

 --

[SA26693] Apache Struts XWork Input Validation OGNL Command Injection
Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-09-04

A vulnerability has been reported in Apache Struts, which can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26693/

 --

[SA26681] XWork Input Validation OGNL Command Injection Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-09-04

A vulnerability has been reported in XWork, which can be exploited by
malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26681/

 --

[SA26658] STPHPLib Multiple File Inclusion Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information, System access
Released:    2007-09-04

Some vulnerabilities have been discovered in STPHPLib (SpeedTech PHP
Library), which can be exploited by malicious people to disclose
sensitive information or to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26658/

 --

[SA26716] Gallery WebDAV and Reupload Module Data Manipulation
Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-09-06

Some vulnerabilities have been reported in Gallery, which can be
exploited by malicious users to manipulate data.

Full Advisory:
http://secunia.com/advisories/26716/

 --

[SA26706] Mambo AkoBook Component Script Insertion

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-09-06

Rubn Ventura Pia has discovered two vulnerabilities in the AkoBook
component for Mambo, which can be exploited by malicious people to
conduct script insertion attacks.

Full Advisory:
http://secunia.com/advisories/26706/

 --

[SA26689] Joomla NeoRecruit Component "id" SQL Injection

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-09-06

ajann has reported a vulnerability in the NeoRecruit component for
Joomla, which can be exploited by malicious people to conduct SQL
injection attacks.

Full Advisory:
http://secunia.com/advisories/26689/

 --

[SA26686] eZ Publish Two Security Bypass Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2007-09-04

Two vulnerabilities have been reported in eZ Publish, which can be
exploited by malicious people to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/26686/

 --

[SA26685] Claroline Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Exposure of sensitive information
Released:    2007-09-03

Some vulnerabilities have been reported in Claroline, which can be
exploited by malicious people to conduct cross-site scripting or to
disclose sensitive information.

Full Advisory:
http://secunia.com/advisories/26685/

 --

[SA26652] NMDeluxe "id" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data, Exposure of sensitive information
Released:    2007-08-31

R00T[ATI] has discovered a vulnerability in NMDeluxe, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/26652/

 --

[SA26668] Hitachi JP1/Cm2/Network Node Manager Shared Trace Service
Vulnerability

Critical:    Moderately critical
Where:       From local network
Impact:      System access
Released:    2007-09-03

A vulnerability has been reported in Hitachi JP1/Cm2/Network Node
Manager, which can be exploited by malicious users to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/26668/

 --

[SA26682] Urchin Multiple Cross-Site Scripting

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-09-05

r0t has reported some vulnerabilities in Urchin, which can be exploited
by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/26682/

 --

[SA26671] Hitachi Cosminexus Products JavaDoc Cross-Site Scripting

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-09-03

A vulnerability has been reported in various Hitachi Cosminexus
products, which can be exploited by malicious people to conduct
cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/26671/

 --

[SA26662] Toms Gstebuch Multiple Cross-Site Scripting

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-09-03

cod3in has discovered some vulnerabilities in Toms Gstebuch, which can
be exploited by malicious people to conduct cross-site scripting
attacks.

Full Advisory:
http://secunia.com/advisories/26662/

 --

[SA26660] Interstage Application Server Multiple Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting
Released:    2007-09-06

Some vulnerabilities and security issues have been reported in
Interstage Application Server, which can be exploited by malicious
people to conduct cross-site scripting attacks or bypass certain
security restrictions.

Full Advisory:
http://secunia.com/advisories/26660/



========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Subscribe:
http://secunia.com/secunia_weekly_summary/

Contact details:
Web	: http://secunia.com/
E-mail	: support@private
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45


____________________________________
Visit the InfoSec News Bookstore
http://www.shopinfosecnews.org



This archive was generated by hypermail 2.1.3 : Fri Sep 07 2007 - 04:00:08 PDT