[ISN] Secunia Weekly Summary - Issue: 2007-37

From: InfoSec News (alerts@private)
Date: Thu Sep 13 2007 - 23:18:01 PDT


========================================================================

                  The Secunia Weekly Advisory Summary                  
                        2007-09-06 - 2007-09-13                        

                       This week: 64 advisories                        

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing

========================================================================
1) Word From Secunia:

Try a new way to discover vulnerabilities that ALREADY EXIST in your
IT infrastructure.

The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT
vulnerabilities in more than 4,700 different Windows applications.

Request your account, the Secunia Network Software Inspector (NSI):
http://secunia.com/network_software_inspector/

========================================================================
2) This Week in Brief:

Microsoft released four security bulletins this week, two of which are
rated as "Highly Critical", one as "Moderately Critical", and one
as "Less Critical".

A patch for the MSN Messenger vulnerability reported in late August is
included, as is a patch for vulnerabilities in Microsoft Windows
Services for UNIX, and a Microsoft Agent ActiveX control, and a Visual
Studio patch for the Crystal Reports RPT Processing vulnerability
reported in November 2006.

More information on the MSN Messenger vulnerability can be found here:
http://secunia.com/advisories/26570/

More information on the Visual Studio Crystal Reports vulnerability can
be found here: http://secunia.com/advisories/26754/

The vulnerability in Microsoft Windows Services for UNIX is due to an
unspecified error and can be exploited to execute arbitrary code with
escalated privileges by running a specially crafted setuid binary.
Microsoft also reports that "limited distribution" of the
vulnerability details exists. For more information, refer to:
http://secunia.com/advisories/26757/

An ActiveX control in the Microsoft Agent was found to be vulnerable to
a boundary error when processing specially crafted URLs passed as
arguments to a certain method.  This can be used to trigger a
stack-based buffer overflow when, for example, a user visits a
malicious website. For more information, refer to:
http://secunia.com/advisories/26753/

Secunia has constructed the Secunia Software Inspector, which you can
use to check if your system is vulnerable:
http://secunia.com/software_inspector/

 --

Apple released a security update for iTunes late last week, which can
be exploited to allow malicious people to compromise a user's system.

A boundary error when processing the "covr" atom in media files can
be exploited to cause a heap-based buffer overflow by using a
specially crafted cover art embedded in a media file.

Apple has released version 7.4 for both Windows and Mac systems. For
more information, refer to:
http://secunia.com/advisories/26725/

Secunia has constructed the Secunia Software Inspector, which you can
use to check if your system is vulnerable:
http://secunia.com/software_inspector/

 --

Several vulnerabilities were reported in Wordpress this week, which can
be used to conduct script-insertion and SQL injection attacks.

A malicious user could bypass the "unfiltered_html" privilege feature
by adding a field named "no_filter". This can be exploited to, for
example, post blog entries with arbitrary content by using specially
crafted POST requests.

A malicious person could manipulate SQL queries by injecting arbitrary
SQL code to certain parameters (for example, the "post_type"
parameter of the URL passed to the
"pingback.extensions.getPingbacks()" XMLRPC method), which are not
properly sanitised.

Wordpress has released version 2.2.3, and MU version 1.2.5a., which
solve these vulnerabilities. For more information, refer to:
http://secunia.com/advisories/26771/
 
 --

VIRUS ALERTS:

During the past week Secunia collected 124 virus descriptions from the
Antivirus vendors. However, none were deemed MEDIUM risk or higher
according to the Secunia assessment scale.

========================================================================
3) This Weeks Top Ten Most Read Advisories:

1.  [SA26725] Apple iTunes "covr" Atom Buffer Overflow Vulnerability  
2.  [SA26734] Total Commander FTP Download Directory Traversal
              Vulnerability 
3.  [SA26692] Novell iChain HTTP Unicode Encoding Detection Bypass
4.  [SA26677] Cisco Adaptive Security Appliance Password Logging
              Weakness
5.  [SA26715] IBM AIX Multiple Vulnerabilities        
6.  [SA26739] Unreal Commander FTP Download Directory Traversal
              Vulnerability
7.  [SA26722] IBM HTTP Server mod_proxy "date" Denial of Service
              Vulnerability
8.  [SA26698] Novell BorderManager Unicode Encoding Detection Bypass
9.  [SA26729] ER Mapper ECW JPEG 2000 Plug-ins NCSView ActiveX Control
              Buffer Overflows
10. [SA26695] Novell Access Manager HTTP Unicode Encoding Detection
              Bypass

========================================================================
4) Vulnerabilities Summary Listing

Windows:
[SA26808] MyMPC AVI File Processing Buffer Overflow
[SA26807] Storm Player AVI File Processing Buffer Overflow
[SA26806] Media Player Classic AVI File Processing Buffer Overflow
[SA26789] Callisto PhotoParade Player PhPInfo ActiveX Control Buffer
Overflow
[SA26765] CellFactor: Revolution Format String and Buffer Overflow
Vulnerabilities
[SA26753] Microsoft Agent ActiveX Control URL Handling Buffer Overflow
Vulnerability
[SA26749] Baofeng Storm Multiple Buffer Overflow Vulnerabilities
[SA26729] ER Mapper ECW JPEG 2000 Plug-ins NCSView ActiveX Control
Buffer Overflows
[SA26754] Visual Studio Crystal Reports RPT Processing Buffer Overflow
[SA26741] Plesk "PLESKSESSID" SQL Injection Vulnerability
[SA26739] Unreal Commander FTP Download Directory Traversal
Vulnerability
[SA26737] Magellan Explorer FTP Directory Traversal Vulnerability
[SA26736] Husrev Forums Cross-Site Scripting and SQL Injection
[SA26735] Proxy Anket "id" SQL Injection Vulnerability
[SA26734] Total Commander FTP Download Directory Traversal
Vulnerability
[SA26757] Microsoft Windows Services for UNIX Privilege Escalation

UNIX/Linux:
[SA26794] Fedora update for lighttpd
[SA26792] Mandriva update for librpcsecgss
[SA26784] Debian update for phpwiki
[SA26783] Gentoo update for mit-krb5
[SA26751] Fedora update for clamav
[SA26746] Fedora update for snort
[SA26732] lighttpd mod_fastcgi PHP Header Overflow
[SA26728] Mandriva update for krb5
[SA26796] Fedora update for wordpress
[SA26773] Debian update for ktorrent
[SA26769] Debian update for jffnms
[SA26766] Fedora update for gd
[SA26760] Red Hat update for kernel
[SA26748] Slackware update for php
[SA26727] Mandriva update for eggdrop
[SA26744] Quagga Multiple Denial of Service Vulnerabilities
[SA26742] DirectAdmin "user" Cross-Site Scripting Vulnerability
[SA26733] Debian update for phpmyadmin
[SA26795] Fedora update for samba
[SA26793] Mandriva update for id3lib
[SA26776] Slackware update for samba
[SA26764] Samba "winbind nss info" Privilege Escalation Security Issue
[SA26763] Mandriva update for x11-server
[SA26755] Debian update for xorg-server
[SA26743] X.org X11 Composite Pixmap Privilege Escalation
Vulnerability
[SA26759] IBM HTTP Server Multi-Processing Module Denial of Service
[SA26738] Fedora update for qgit
[SA26731] Avaya CMS / IR Solaris Special File System "strfreectty()"
Security Issue

Other:
[SA26798] Cisco IOS Regular Expressions Denial of Service

Cross Platform:
[SA26775] Focus/SIS "staticpath" File Inclusion Vulnerabilities
[SA26767] Online Fantasy Football League "DOC_ROOT" File Inclusion
[SA26756] Joomla Restaurante Component File Upload Vulnerability
[SA26750] Focus/SIS "FocusPath" File Inclusion Vulnerabilities
[SA26747] AuraCMS Multiple Vulnerabilities
[SA26805] CS GuestBook User Credentials Information Disclosure
[SA26774] Psi Social Networking Script "u" SQL Injection Vulnerability
[SA26771] Wordpress Script Insertion and SQL Injection Vulnerabilities
[SA26762] phpMyQuote "id" SQL Injection and Cross-Site Scripting
[SA26761] IBM WebSphere Application Server Unspecified Vulnerability
[SA26758] Webace Linkscript "id" SQL Injection Vulnerability
[SA26752] TLM CMS Multiple SQL Injection Vulnerabilities
[SA26740] fuzzylime (cms) "p" Local File Inclusion
[SA26788] Invision Power Board Multiple Vulnerabilities
[SA26777] XWiki Multiwiki Information Disclosure Security Issue
[SA26772] MediaWiki Cross-Site Scripting Vulnerability
[SA26770] Adobe Connect Enterprise Server Information Disclosure
Vulnerability
[SA26726] Sophos Anti-Virus Multiple Archive Detection Bypass
[SA26745] QGit "DataLoader::doStart()" Insecure Temporary Files

========================================================================
5) Vulnerabilities Content Listing

Windows:--

[SA26808] MyMPC AVI File Processing Buffer Overflow

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-09-13

Code Audit Labs has discovered a vulnerability in MyMPC, which can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26808/

 --

[SA26807] Storm Player AVI File Processing Buffer Overflow

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-09-13

Code Audit Labs has discovered a vulnerability in Storm Player, which
can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/26807/

 --

[SA26806] Media Player Classic AVI File Processing Buffer Overflow

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-09-13

Code Audit Labs has discovered a vulnerability in Media Player Classic,
which can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/26806/

 --

[SA26789] Callisto PhotoParade Player PhPInfo ActiveX Control Buffer
Overflow

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-09-13

Will Dormann has reported a vulnerability in the Callisto PhotoParade
Player PhPInfo ActiveX control, which potentially can be exploited by
malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26789/

 --

[SA26765] CellFactor: Revolution Format String and Buffer Overflow
Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-09-10

Luigi Auriemma has reported two vulnerabilities in CellFactor:
Revolution, which potentially can be exploited by malicious people to
cause a DoS (Denial of Service) or compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26765/

 --

[SA26753] Microsoft Agent ActiveX Control URL Handling Buffer Overflow
Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-09-11

A vulnerability has been reported in Microsoft Windows 2000, which can
be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/26753/

 --

[SA26749] Baofeng Storm Multiple Buffer Overflow Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-09-10

ZhenHan.Liu has discovered some vulnerabilities in Baofeng Storm, which
can be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/26749/

 --

[SA26729] ER Mapper ECW JPEG 2000 Plug-ins NCSView ActiveX Control
Buffer Overflows

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-09-07

Will Dormann has reported some vulnerabilities in ER Mapper ECW JPEG
2000 Plug-ins, which can be exploited by malicious people to compromise
a user's system.

Full Advisory:
http://secunia.com/advisories/26729/

 --

[SA26754] Visual Studio Crystal Reports RPT Processing Buffer Overflow

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2007-09-11

A vulnerability has been reported in Visual Studio, which can be
exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/26754/

 --

[SA26741] Plesk "PLESKSESSID" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-09-13

A vulnerability has been reported in Plesk, which can be exploited by
malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/26741/

 --

[SA26739] Unreal Commander FTP Download Directory Traversal
Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2007-09-07

Gynvael Coldwind has reported a vulnerability in Unreal Commander,
which can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/26739/

 --

[SA26737] Magellan Explorer FTP Directory Traversal Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2007-09-07

Gynvael Coldwind has discovered a vulnerability in Magellan Explorer,
which can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/26737/

 --

[SA26736] Husrev Forums Cross-Site Scripting and SQL Injection

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data
Released:    2007-09-12

Two vulnerabilities have been reported in Husrev Forums, which can be
exploited by malicious people to conduct cross-site scripting and SQL
injection attacks.

Full Advisory:
http://secunia.com/advisories/26736/

 --

[SA26735] Proxy Anket "id" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-09-11

A vulnerability has been discovered in Proxy Anket, which can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26735/

 --

[SA26734] Total Commander FTP Download Directory Traversal
Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2007-09-07

Gynvael Coldwind has reported a vulnerability in Total Commander, which
can be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/26734/

 --

[SA26757] Microsoft Windows Services for UNIX Privilege Escalation

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-09-11

A vulnerability has been reported in Microsoft Windows Services for
UNIX, which can be exploited by malicious, local users to gain
escalated privileges.

Full Advisory:
http://secunia.com/advisories/26757/


UNIX/Linux:--

[SA26794] Fedora update for lighttpd

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-09-13

Fedora has issued an update for lighttpd. This fixes a vulnerability,
which can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/26794/

 --

[SA26792] Mandriva update for librpcsecgss

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-09-13

Mandriva has issued an update for librpcsecgss. This fixes a
vulnerability, which can be exploited by malicious people to compromise
a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26792/

 --

[SA26784] Debian update for phpwiki

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, System access
Released:    2007-09-12

Debian has issued an update for phpwiki. This fixes some
vulnerabilities, which can be exploited by malicious people to bypass
certain security restrictions or compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26784/

 --

[SA26783] Gentoo update for mit-krb5

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-09-12

Gentoo has issued an update for mit-krb5. This fixes some
vulnerabilities, which can be exploited by malicious users and
malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26783/

 --

[SA26751] Fedora update for clamav

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-09-10

Fedora has issued an update for clamav. This fixes some
vulnerabilities, which potentially can be exploited by malicious people
to cause a DoS (Denial of Service) or to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/26751/

 --

[SA26746] Fedora update for snort

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-09-10

Fedora has issued an update for snort. This fixes a vulnerability,
which can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/26746/

 --

[SA26732] lighttpd mod_fastcgi PHP Header Overflow

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-09-10

Mattias Bengtsson and Philip Olausson have reported a vulnerability in
lighttpd, which can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/26732/

 --

[SA26728] Mandriva update for krb5

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-09-07

Mandriva has issued an update for krb5. This fixes some
vulnerabilities, which can be exploited by malicious users and
malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26728/

 --

[SA26796] Fedora update for wordpress

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data
Released:    2007-09-13

Fedora has issued an update for wordpress. This fixes some
vulnerabilities, which can be exploited by malicious users to conduct
script insertion attacks and by malicious people to conduct SQL
injection attacks.

Full Advisory:
http://secunia.com/advisories/26796/

 --

[SA26773] Debian update for ktorrent

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-09-12

Debian has issued an update for ktorrent. This fixes a vulnerability,
which potentially can be exploited by malicious people to overwrite
arbitrary files on a user's system.

Full Advisory:
http://secunia.com/advisories/26773/

 --

[SA26769] Debian update for jffnms

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data, Exposure of
sensitive information
Released:    2007-09-12

Debian has issued an update for jffnms. This fixes some
vulnerabilities, which can be exploited by malicious people to disclose
sensitive information or conduct cross-site scripting and SQL injection
attacks.

Full Advisory:
http://secunia.com/advisories/26769/

 --

[SA26766] Fedora update for gd

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2007-09-10

Fedora has issued an update for gd. This fixes some vulnerabilities,
which can potentially be exploited to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/26766/

 --

[SA26760] Red Hat update for kernel

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Exposure of sensitive information,
Privilege escalation, DoS
Released:    2007-09-13

Red Hat has issued an update for the kernel. This fixes some
weaknesses, a security issue, and some vulnerabilities, which can be
exploited by malicious, local users to cause a DoS (Denial of Service),
disclose potentially sensitive information, and gain escalated
privileges, and by malicious people to bypass certain security
restrictions and cause a DoS.

Full Advisory:
http://secunia.com/advisories/26760/

 --

[SA26748] Slackware update for php

Critical:    Moderately critical
Where:       From remote
Impact:      Unknown, Security Bypass, Privilege escalation
Released:    2007-09-13

Slackware has issued an update for php. This fixes a weakness and some
vulnerabilities, where some have unknown impacts and others can be
exploited by malicious users and malicious, local users to bypass
certain security restrictions.

Full Advisory:
http://secunia.com/advisories/26748/

 --

[SA26727] Mandriva update for eggdrop

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2007-09-07

Mandriva has issued an update for eggdrop. This fixes a vulnerability,
which can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/26727/

 --

[SA26744] Quagga Multiple Denial of Service Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2007-09-11

Some vulnerabilities have been reported in Quagga, which can be
exploited by malicious users to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/26744/

 --

[SA26742] DirectAdmin "user" Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-09-12

r0t has reported a vulnerability in DirectAdmin, which can be exploited
by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/26742/

 --

[SA26733] Debian update for phpmyadmin

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-09-10

Debian has issued an update for phpmyadmin. This fixes some
vulnerabilities, which can be exploited by malicious users to conduct
script insertion attacks and by malicious people to conduct cross-site
scripting attacks.

Full Advisory:
http://secunia.com/advisories/26733/

 --

[SA26795] Fedora update for samba

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-09-13

Fedora has issued an update for samba. This fixes a security issue,
which can be exploited by malicious, local users to gain escalated
privileges.

Full Advisory:
http://secunia.com/advisories/26795/

 --

[SA26793] Mandriva update for id3lib

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-09-13

Mandriva has issued an update for id3lib. This fixes a security issue,
which can be exploited by malicious, local users to gain escalated
privileges.

Full Advisory:
http://secunia.com/advisories/26793/

 --

[SA26776] Slackware update for samba

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-09-13

Slackware has issued an update for samba. This fixes a security issue,
which can be exploited by malicious, local users to gain escalated
privileges.

Full Advisory:
http://secunia.com/advisories/26776/

 --

[SA26764] Samba "winbind nss info" Privilege Escalation Security Issue

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-09-12

A security issue has been reported in Samba, which can be exploited by
malicious, local users to gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/26764/

 --

[SA26763] Mandriva update for x11-server

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-09-12

Mandriva has issued an update for x11-server. This fixes a
vulnerability, which potentially can be exploited by malicious, local
users to gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/26763/

 --

[SA26755] Debian update for xorg-server

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-09-10

Debian has issued an update for xorg-server. This fixes a
vulnerability, which can be exploited by malicious, local users to gain
escalated privileges.

Full Advisory:
http://secunia.com/advisories/26755/

 --

[SA26743] X.org X11 Composite Pixmap Privilege Escalation
Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-09-10

A vulnerability has been reported in X.org X11, which potentially can
be exploited by malicious, local users to gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/26743/

 --

[SA26759] IBM HTTP Server Multi-Processing Module Denial of Service

Critical:    Not critical
Where:       Local system
Impact:      DoS
Released:    2007-09-10

IBM has acknowledged a vulnerability in IBM HTTP Server, which can be
exploited by malicious, local users to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/26759/

 --

[SA26738] Fedora update for qgit

Critical:    Not critical
Where:       Local system
Impact:      Exposure of sensitive information, Privilege escalation
Released:    2007-09-11

Fedora has issued an update for qgit. This fixes a vulnerability, which
can be exploited by malicious, local users to gain escalated
privileges.

Full Advisory:
http://secunia.com/advisories/26738/

 --

[SA26731] Avaya CMS / IR Solaris Special File System "strfreectty()"
Security Issue

Critical:    Not critical
Where:       Local system
Impact:      DoS
Released:    2007-09-07

Avaya has acknowledged a security issue in Avaya CMS and IR, which can
be exploited by malicious, local users to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/26731/


Other:--

[SA26798] Cisco IOS Regular Expressions Denial of Service

Critical:    Not critical
Where:       Local system
Impact:      DoS
Released:    2007-09-13

A vulnerability has been reported in Cisco IOS, which can be exploited
by malicious, local users to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/26798/


Cross Platform:--

[SA26775] Focus/SIS "staticpath" File Inclusion Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      Exposure of sensitive information, System access
Released:    2007-09-12

ThE TiGeR has discovered some vulnerabilities in Focus/SIS, which can
be exploited by malicious people to disclose sensitive information or
to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26775/

 --

[SA26767] Online Fantasy Football League "DOC_ROOT" File Inclusion

Critical:    Highly critical
Where:       From remote
Impact:      Exposure of sensitive information, System access
Released:    2007-09-11

MhZ91 has discovered some vulnerabilities in Online Fantasy Football
League, which can be exploited by malicious people to disclose
sensitive information or compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26767/

 --

[SA26756] Joomla Restaurante Component File Upload Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-09-12

cold z3ro has reported a vulnerability in the Restaurante component for
Joomla, which can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/26756/

 --

[SA26750] Focus/SIS "FocusPath" File Inclusion Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      Exposure of sensitive information, System access
Released:    2007-09-12

ThE TiGeR has discovered some vulnerabilities in Focus/SIS, which can
be exploited by malicious people to disclose sensitive information or
to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26750/

 --

[SA26747] AuraCMS Multiple Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      Exposure of sensitive information, System access
Released:    2007-09-12

k1tk4t has discovered some vulnerabilities in AuraCMS, which can be
exploited by malicious people to disclose sensitive information or
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26747/

 --

[SA26805] CS GuestBook User Credentials Information Disclosure

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of sensitive information
Released:    2007-09-13

Cr@zy_King has discovered a security issue in CS GuestBook, which can
be exploited by malicious people to disclose potentially sensitive
information.

Full Advisory:
http://secunia.com/advisories/26805/

 --

[SA26774] Psi Social Networking Script "u" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-09-11

Aria-Security Team has reported a vulnerability in Psi Social
Networking Script, which can be exploited by malicious people to
conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/26774/

 --

[SA26771] Wordpress Script Insertion and SQL Injection Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data
Released:    2007-09-12

Some vulnerabilities have been reported in Wordpress, which can be
exploited by malicious users to conduct script insertion attacks and by
malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/26771/

 --

[SA26762] phpMyQuote "id" SQL Injection and Cross-Site Scripting

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data
Released:    2007-09-11

Yollubunlar has discovered some vulnerabilities in phpMyQuote, which
can be exploited by malicious people to conduct cross-site scripting
and SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/26762/

 --

[SA26761] IBM WebSphere Application Server Unspecified Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Unknown
Released:    2007-09-10

A vulnerability with an unknown impact has been reported in IBM
WebSphere Application Server.

Full Advisory:
http://secunia.com/advisories/26761/

 --

[SA26758] Webace Linkscript "id" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-09-10

k1tk4t has discovered a vulnerability in Webace Linkscript, which can
be exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/26758/

 --

[SA26752] TLM CMS Multiple SQL Injection Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-09-12

k1tk4t has discovered some vulnerabilities in TLM CMS, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/26752/

 --

[SA26740] fuzzylime (cms) "p" Local File Inclusion

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of sensitive information
Released:    2007-09-12

[wHITe_ShEEp] has discovered a vulnerability in fuzzylime (cms), which
can be exploited by malicious people to disclose sensitive
information.

Full Advisory:
http://secunia.com/advisories/26740/

 --

[SA26788] Invision Power Board Multiple Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting
Released:    2007-09-13

Some vulnerabilities have been reported in Invision Power Board, which
can be exploited by malicious users to conduct script insertion attacks
or bypass certain access restrictions.

Full Advisory:
http://secunia.com/advisories/26788/

 --

[SA26777] XWiki Multiwiki Information Disclosure Security Issue

Critical:    Less critical
Where:       From remote
Impact:      Exposure of sensitive information
Released:    2007-09-12

A security issue has been reported in XWiki, which can be exploited by
malicious users to disclose potentially sensitive information.

Full Advisory:
http://secunia.com/advisories/26777/

 --

[SA26772] MediaWiki Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-09-11

A vulnerability has been reported in MediaWiki, which can be exploited
by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/26772/

 --

[SA26770] Adobe Connect Enterprise Server Information Disclosure
Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Exposure of sensitive information
Released:    2007-09-12

A vulnerability has been reported in Adobe Connect Enterprise Server,
which can be exploited by malicious users to disclose sensitive
information.

Full Advisory:
http://secunia.com/advisories/26770/

 --

[SA26726] Sophos Anti-Virus Multiple Archive Detection Bypass

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass
Released:    2007-09-07

Some vulnerabilities have been reported in Sophos Anti-Virus, which can
be exploited by malware to bypass the scanning functionality.

Full Advisory:
http://secunia.com/advisories/26726/

 --

[SA26745] QGit "DataLoader::doStart()" Insecure Temporary Files

Critical:    Not critical
Where:       Local system
Impact:      Exposure of sensitive information, Privilege escalation
Released:    2007-09-10

A vulnerability has been reported in QGit, which can be exploited by
malicious, local users to gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/26745/



========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Subscribe:
http://secunia.com/secunia_weekly_summary/

Contact details:
Web	: http://secunia.com/
E-mail	: support@private
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45


____________________________________
Visit the InfoSec News Bookstore
http://www.shopinfosecnews.org



This archive was generated by hypermail 2.1.3 : Thu Sep 13 2007 - 23:38:01 PDT