======================================================================== The Secunia Weekly Advisory Summary 2007-09-27 - 2007-10-04 This week: 64 advisories ======================================================================== Table of Contents: 1.....................................................Word From Secunia 2....................................................This Week In Brief 3...............................This Weeks Top Ten Most Read Advisories 4.......................................Vulnerabilities Summary Listing 5.......................................Vulnerabilities Content Listing ======================================================================== 1) Word From Secunia: The Secunia Network Software Inspector (NSI) is a revolutionary tool that makes the identification of vulnerable applications as easy as the click of a mouse. The NSI provides organisations with peace of mind by generating a complete software security overview of the network: identifying which systems have software that are unpatched against certain vulnerabilities. Information gathered by NSI inspections can be used to dynamically alert the corporate security team when a new vulnerability is discovered. Inspections can be conducted on-demand, automated, or scheduled, and results are archived to allow easy generation of advanced reports based on historic and present data. Request your account, the Secunia Network Software Inspector (NSI): http://secunia.com/network_software_inspector/ ======================================================================== 2) This Week in Brief: Google has acknowledged a cross-site scripting vulnerability in its Google Mini Search Appliance, which can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is caused by not properly sanitising input passed to the "ie" parameter when performing a search. The vulnerability affects Google Mini Search Appliance version 3.4.14. Google has released a workaround available in their advisory. For more information, refer to: http://secunia.com/advisories/26946/ -- Some vulnerabilities were reported this week in the X.Org X11 X Font Server (XFS) and XFree86, which can be exploited by malicious, local users to gain escalated privileges. Handlers for the X protocol requests "QueryXBitmaps" and "QueryXExtents" do not correctly check the "length" parameters before passing them to the "build_range()" function, which can lead to an integer overflow. This can be exploited to cause a heap-based buffer overflow by sending specially crafted "QueryXBitmaps" and "QueryXExtents" requests to a vulnerable service. An error within the handler for the X protocol requests "QueryXBitmaps" and "QueryXExtents" when calling the "swap_char2b()" function can be exploited to swap an arbitrary number of bytes on the heap, resulting in a heap corruption. These vulnerabilities may be remotely exploited on certain systems (e.g. Sun Solaris),via port 7100/TCP. Users of X.Org X11 XFS are urged to update to X.Org XFS 1.0.5 to solve these vulnerabilities. However, users of Xfree86 are urged in the meantime to restrict access to trusted users only. For more information, refer to: http://secunia.com/advisories/27040/ http://secunia.com/advisories/27060/ -- Apple patched a year-old vulnerability this week with their Security Update for Quicktime 7.2 for Windows. The vulnerability, which had been reported in September of last year, is caused due to missing input validation when processing the "qtnext" attribute in an "embed" tag of a QuickTime Media Link file. This can be exploited e.g. by a malicious web site to open local content in the browser via the "qtnext" attribute of the "embed" tag in a Quicktime Media Link file opened by the QuickTime Plug-In. Additional information about how to exploit the vulnerability using Mozilla Firefox was reported in September of this year, as the original reporter highlighted the fact that the issue was still unpatched. The security advisory is tagged by Secunia as "Highly critical" due to the fact that the vulnerability could be further exploited to pass arbitrary parameters to the default browser when a specially crafted file is opened with QuickTime or the QuickTime Plug-In, and possibly execution of arbitrary code on a user's system. All users are urged to apply the security update to affected systems. For more information, refer to: http://secunia.com/advisories/22048/ Secunia has constructed the Secunia Personal Software Inspector, which you can use to check if your system is vulnerable: https://psi.secunia.com/ Corporate users can request for a trial of the Secunia Network Software Inspector, which you can use to check which systems in your network are vulnerable: http://secunia.com/network_software_inspector/ -- VIRUS ALERTS: During the past week Secunia collected 255 virus descriptions from the Antivirus vendors. However, none were deemed MEDIUM risk or higher according to the Secunia assessment scale. ======================================================================== 3) This Weeks Top Ten Most Read Advisories: 1. [SA26983] Apple iPhone Multiple Vulnerabilities 2. [SA27007] Internet Explorer "OnKeyDown" Event Focus Weakness 3. [SA26914] CA BrightStor Hierarchical Storage Manager CsAgent Vulnerabilities 4. [SA26990] NukeSentinel "write_ban()" SQL Injection 5. [SA26988] Cisco Catalyst 6500 / Cisco 7600 Series Devices Accessible Loopback Address Weakness 6. [SA21910] Internet Explorer Multiple Vulnerabilities 7. [SA26986] Xen Multiple Vulnerabilities 8. [SA26991] IntegraMOD Nederland(s) "phpbb_root_path" File Inclusion 9. [SA26950] Sun Solaris Thread Context Handling Denial of Service 10. [SA27004] Aipo / Aipo ASP Session Fixation Vulnerability ======================================================================== 4) Vulnerabilities Summary Listing Windows: [SA27036] Prey Doom 3 Engine Format String Vulnerability [SA27023] Quake 4 Doom 3 Engine Format String Vulnerability [SA27017] EDraw Office Viewer Component ActiveX Control Buffer Overflow [SA27002] Doom 3 Engine Format String Vulnerability [SA27034] Y&K Iletism Formu Script Insertion Vulnerabilities [SA27033] Ohesa Emlak Portali SQL Injection Vulnerabilities [SA27032] Netkamp Emlak Scripti SQL Injection and Cross-Site Scripting [SA27015] America's Army Special Forces Unreal Engine Denial Of Service [SA27039] CyberLink PowerDVD CLSetting ActiveX Control Insecure Method [SA27022] OdysseySuite "idkey" Cross-Site Scripting Vulnerability [SA26996] FeedReader RSS Feed Item "description" Script Insertion [SA27007] Internet Explorer "OnKeyDown" Event Focus Weakness UNIX/Linux: [SA27051] rPath update for openssl [SA27050] Poppawid "form" File Inclusion Vulnerability [SA27048] Ubuntu update for imagemagick [SA27031] Debian update for openssl [SA27021] Ubuntu update for openssl [SA27020] Public Media Manager "indir" File Inclusion [SA27012] FreeBSD update for openssl [SA27008] FSD Two Buffer Overflow Vulnerabilities [SA26997] Gentoo update for lighttpd [SA27053] rPath update for qt-x11-free [SA27043] Red Hat update for nfs-utils-lib [SA27018] Mandriva update for libsndfile [SA27016] Mandriva update for mplayer [SA27014] SmbFTPD "SMBDirList()" Format String Vulnerability [SA27049] Debian update for quagga [SA26993] IBM WebSphere Application Server for z/OS HTTP Server Vulnerabilities [SA26992] Fedora update for t1lib [SA27062] Red Hat update for elinks [SA27038] Debian update for elinks [SA27060] XFree86 X Font Server Multiple Vulnerabilities [SA27052] rPath update for xorg-x11 [SA27047] Red Hat update for xen [SA27040] X.Org X11 X Font Server Multiple Vulnerabilities [SA27030] rPath rMake Local Privilege Escalation Vulnerability [SA27024] Sun Solaris FIFO File System Unauthorized Data Access [SA26995] Red Hat update for kernel [SA26994] Debian update for kernel [SA27059] Avaya CMS / IR Solaris Thread Context Handling Denial of Service [SA27019] Avaya CMS Solaris Human Interface Device Denial of Service Other: [SA27003] Peakflow SP Security Bypass and Script Insertion [SA27027] Sun Fire X2100 / X2200 Embedded Lights Out Manager Security Bypass Cross Platform: [SA27045] FSFDT FSD Two Buffer Overflow Vulnerabilities [SA27029] Original Photo Gallery "exif_prog" Arbitrary Command Execution [SA27028] Zomplog File Upload Two Vulnerabilities [SA27025] Segue CMS "index.php" File Inclusion Vulnerability [SA27011] MxBB Portal Mx At A Glance Module "mx_root_path" File Inclusion [SA27009] Sun Java JRE Multiple Vulnerabilities [SA27001] phpBB phpbb-openid Module "openid_root_path" File Inclusion [SA26991] IntegraMOD Nederland(s) "phpbb_root_path" File Inclusion [SA27006] XOOPS Uploader Class Unspecified Vulnerability [SA26999] actSite "do" Local File Inclusion Vulnerability [SA26998] Quicksilver Forums PM Delete and Database Password Disclosure [SA27065] DRBGuestbook "action" Cross-Site Scripting Vulnerability [SA27064] Drupal Project Issue Tracking Module Subscription Form Script Insertion [SA27056] Irrlicht libpng tRNS Chunk Denial of Service [SA27055] FeedBurner FeedSmith Cross-Site Request Forgery Vulnerability [SA27046] GForge "confirm_hash" Cross-Site Scripting Vulnerability [SA27041] AppFuse messages.jsp Cross-Site Scripting Vulnerability [SA27026] SysAid Cross-Site Request Forgery Vulnerability [SA27005] BlackBoard Learning System Script Insertion Vulnerabilities [SA27004] Aipo / Aipo ASP Session Fixation Vulnerability [SA27010] Pidgin MSN "nudge" Denial of Service ======================================================================== 5) Vulnerabilities Content Listing Windows:-- [SA27036] Prey Doom 3 Engine Format String Vulnerability Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2007-10-02 Luigi Auriemma has reported a vulnerability in Prey, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27036/ -- [SA27023] Quake 4 Doom 3 Engine Format String Vulnerability Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2007-10-02 Luigi Auriemma has reported a vulnerability in Quake 4, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27023/ -- [SA27017] EDraw Office Viewer Component ActiveX Control Buffer Overflow Critical: Highly critical Where: From remote Impact: System access Released: 2007-10-02 shinnai has discovered a vulnerability in EDraw Office Viewer Component, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/27017/ -- [SA27002] Doom 3 Engine Format String Vulnerability Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2007-10-02 Luigi Auriemma has reported a vulnerability in Doom 3, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27002/ -- [SA27034] Y&K Iletism Formu Script Insertion Vulnerabilities Critical: Moderately critical Where: From remote Impact: Cross Site Scripting Released: 2007-10-01 GeFORC3 (G3) has discovered some vulnerabilities in Y&K Iletisim Formu, which can be exploited by malicious people to conduct script insertion attacks. Full Advisory: http://secunia.com/advisories/27034/ -- [SA27033] Ohesa Emlak Portali SQL Injection Vulnerabilities Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2007-10-01 GeFORC3 has reported two vulnerabilities in Ohesa Emlak Portali, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/27033/ -- [SA27032] Netkamp Emlak Scripti SQL Injection and Cross-Site Scripting Critical: Moderately critical Where: From remote Impact: Cross Site Scripting, Manipulation of data Released: 2007-10-01 GeFORC3 has reported two vulnerabilities in Netkamp Emlak Scripti, which can be exploited by malicious people to conduct cross-site scripting attacks and SQL injection attacks. Full Advisory: http://secunia.com/advisories/27032/ -- [SA27015] America's Army Special Forces Unreal Engine Denial Of Service Critical: Moderately critical Where: From remote Impact: DoS Released: 2007-10-02 Luigi Auriemma has reported some vulnerabilities in America's Army, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/27015/ -- [SA27039] CyberLink PowerDVD CLSetting ActiveX Control Insecure Method Critical: Less critical Where: From remote Impact: Manipulation of data Released: 2007-10-02 rgod has discovered a vulnerability in CyberLink PowerDVD, which can be exploited by malicious people to overwrite arbitrary files. Full Advisory: http://secunia.com/advisories/27039/ -- [SA27022] OdysseySuite "idkey" Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-10-02 r0t has reported a vulnerability in OdysseySuite, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/27022/ -- [SA26996] FeedReader RSS Feed Item "description" Script Insertion Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-10-01 Guy Mizrahi has discovered a vulnerability in FeedReader, which can be exploited by malicious people to conduct script insertion attacks. Full Advisory: http://secunia.com/advisories/26996/ -- [SA27007] Internet Explorer "OnKeyDown" Event Focus Weakness Critical: Not critical Where: From remote Impact: Exposure of sensitive information Released: 2007-09-28 Ronald van den Heetkamp has discovered a weakness in Internet Explorer, which potentially can be exploited by malicious people to disclose sensitive information. Full Advisory: http://secunia.com/advisories/27007/ UNIX/Linux:-- [SA27051] rPath update for openssl Critical: Highly critical Where: From remote Impact: System access Released: 2007-10-04 rPath has issued an update for openssl. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27051/ -- [SA27050] Poppawid "form" File Inclusion Vulnerability Critical: Highly critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information, System access Released: 2007-10-03 0in has discovered a vulnerability in Poppawid, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27050/ -- [SA27048] Ubuntu update for imagemagick Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2007-10-04 Ubuntu has issued an update for imagemagick. This fixes some vulnerabilities, which can be exploited by malicious people to conduct DoS (Denial of Service) attacks or compromise a user's system. Full Advisory: http://secunia.com/advisories/27048/ -- [SA27031] Debian update for openssl Critical: Highly critical Where: From remote Impact: System access Released: 2007-10-03 Debian has issued an update for openssl. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27031/ -- [SA27021] Ubuntu update for openssl Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2007-10-01 Ubuntu has issued an update for openssl. This fixes a vulnerability, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27021/ -- [SA27020] Public Media Manager "indir" File Inclusion Critical: Highly critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information, System access Released: 2007-10-01 arfis project has discovered a vulnerability in Public Media Manager, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27020/ -- [SA27012] FreeBSD update for openssl Critical: Highly critical Where: From remote Impact: System access Released: 2007-10-04 FreeBSD has issued an update for openssl. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27012/ -- [SA27008] FSD Two Buffer Overflow Vulnerabilities Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2007-10-02 Luigi Auriemma has reported two vulnerabilities in FSD, which potentially can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27008/ -- [SA26997] Gentoo update for lighttpd Critical: Highly critical Where: From remote Impact: System access Released: 2007-09-28 Gentoo has issued an update for lighttpd. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/26997/ -- [SA27053] rPath update for qt-x11-free Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2007-10-04 rPath has issued an update for qt-x11-free. This fixes a vulnerability, which can potentially be exploited by malicious people to cause a DoS (Denial of Service) or to compromise an application using the library. Full Advisory: http://secunia.com/advisories/27053/ -- [SA27043] Red Hat update for nfs-utils-lib Critical: Moderately critical Where: From remote Impact: DoS Released: 2007-10-03 Red Hat has issued an update for nfs-utils-lib. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/27043/ -- [SA27018] Mandriva update for libsndfile Critical: Moderately critical Where: From remote Impact: System access Released: 2007-10-02 Mandriva has issued an update for libsndfile. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise an application using the library. Full Advisory: http://secunia.com/advisories/27018/ -- [SA27016] Mandriva update for mplayer Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2007-10-02 Mandriva has issued an update for mplayer. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a user's system. Full Advisory: http://secunia.com/advisories/27016/ -- [SA27014] SmbFTPD "SMBDirList()" Format String Vulnerability Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2007-10-01 A vulnerability has been reported in SmbFTPD, which potentially can be exploited by malicious users to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27014/ -- [SA27049] Debian update for quagga Critical: Less critical Where: From remote Impact: DoS Released: 2007-10-03 Debian has issued an update for quagga. This fixes some vulnerabilities, which can be exploited by malicious users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/27049/ -- [SA26993] IBM WebSphere Application Server for z/OS HTTP Server Vulnerabilities Critical: Less critical Where: From remote Impact: Cross Site Scripting, DoS Released: 2007-09-28 IBM has acknowledged some vulnerabilities in IBM Websphere Application server for z/OS, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or by malicious people to conduct cross-site scripting attacks or cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/26993/ -- [SA26992] Fedora update for t1lib Critical: Less critical Where: From remote Impact: DoS, System access Released: 2007-10-01 Fedora has issued an update for t1lib. This fixes a vulnerability, which can be exploited by malicious users to potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/26992/ -- [SA27062] Red Hat update for elinks Critical: Less critical Where: From local network Impact: Exposure of sensitive information Released: 2007-10-04 Red Hat has issued an update for elinks. This fixes a weakness, which can be exploited by malicious people to disclose sensitive information. Full Advisory: http://secunia.com/advisories/27062/ -- [SA27038] Debian update for elinks Critical: Less critical Where: From local network Impact: Exposure of sensitive information Released: 2007-10-03 Debian has issued an update for elinks. This fixes a weakness, which can be exploited by malicious people to disclose sensitive information. Full Advisory: http://secunia.com/advisories/27038/ -- [SA27060] XFree86 X Font Server Multiple Vulnerabilities Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2007-10-03 Some vulnerabilities have been reported in XFree86, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/27060/ -- [SA27052] rPath update for xorg-x11 Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2007-10-04 rPath has issued an update for xorg-x11. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/27052/ -- [SA27047] Red Hat update for xen Critical: Less critical Where: Local system Impact: Security Bypass, Privilege escalation Released: 2007-10-03 Red Hat has issued an update for xen. This fixes some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions or gain escalated privileges. Full Advisory: http://secunia.com/advisories/27047/ -- [SA27040] X.Org X11 X Font Server Multiple Vulnerabilities Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2007-10-03 Some vulnerabilities have been reported in the X.Org X11 X Font Server (XFS), which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/27040/ -- [SA27030] rPath rMake Local Privilege Escalation Vulnerability Critical: Less critical Where: Local system Impact: Privilege escalation, DoS Released: 2007-10-03 A vulnerability has been reported in rPath rMake, which can be exploited by malicious, local users to cause a Denial of Service (DoS) or potentially to gain escalated privileges. Full Advisory: http://secunia.com/advisories/27030/ -- [SA27024] Sun Solaris FIFO File System Unauthorized Data Access Critical: Less critical Where: Local system Impact: Exposure of sensitive information Released: 2007-10-03 Sun has acknowledged a vulnerability in Sun Solaris, which can be exploited by malicious, local users to disclose potentially sensitive information. Full Advisory: http://secunia.com/advisories/27024/ -- [SA26995] Red Hat update for kernel Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2007-09-28 Red Hat has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/26995/ -- [SA26994] Debian update for kernel Critical: Less critical Where: Local system Impact: Privilege escalation, DoS Released: 2007-10-03 Debian has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or to gain escalated privileges. Full Advisory: http://secunia.com/advisories/26994/ -- [SA27059] Avaya CMS / IR Solaris Thread Context Handling Denial of Service Critical: Not critical Where: Local system Impact: DoS Released: 2007-10-03 Avaya has acknowledged a vulnerability in Avaya CMS and IR, which can be exploited by malicious, local users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/27059/ -- [SA27019] Avaya CMS Solaris Human Interface Device Denial of Service Critical: Not critical Where: Local system Impact: DoS Released: 2007-10-03 Avaya has acknowledged a vulnerability in Avaya CMS, which can be exploited by malicious, local users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/27019/ Other:-- [SA27003] Peakflow SP Security Bypass and Script Insertion Critical: Less critical Where: From remote Impact: Security Bypass, Cross Site Scripting Released: 2007-10-03 Some vulnerabilities have been reported in Arbor Networks Peakflow SP, which can be exploited by malicious users to bypass certain security restrictions and conduct script insertion attacks. Full Advisory: http://secunia.com/advisories/27003/ -- [SA27027] Sun Fire X2100 / X2200 Embedded Lights Out Manager Security Bypass Critical: Less critical Where: From local network Impact: Security Bypass Released: 2007-10-01 A security issue has been reported in Sun Fire X2100 and X2200 M2, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/27027/ Cross Platform:-- [SA27045] FSFDT FSD Two Buffer Overflow Vulnerabilities Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2007-10-02 Luigi Auriemma has reported two vulnerabilities in FSFDT FSD, which potentially can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27045/ -- [SA27029] Original Photo Gallery "exif_prog" Arbitrary Command Execution Critical: Highly critical Where: From remote Impact: System access Released: 2007-10-03 Francesco Ongaro and Antonio Parata have discovered a vulnerability in Original Photo Gallery, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27029/ -- [SA27028] Zomplog File Upload Two Vulnerabilities Critical: Highly critical Where: From remote Impact: System access, Security Bypass Released: 2007-10-04 InATeam has discovered two vulnerabilities in Zomplog, which can be exploited by malicious people to bypass certain security restrictions and to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27028/ -- [SA27025] Segue CMS "index.php" File Inclusion Vulnerability Critical: Highly critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information, System access Released: 2007-10-03 K3ZZAP66345 has discovered a vulnerability in Segue CMS, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27025/ -- [SA27011] MxBB Portal Mx At A Glance Module "mx_root_path" File Inclusion Critical: Highly critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information, System access Released: 2007-10-01 bd0rk has discovered a vulnerability in the Mx At A Glance (mx_glance) module for MxBB Portal, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27011/ -- [SA27009] Sun Java JRE Multiple Vulnerabilities Critical: Highly critical Where: From remote Impact: Security Bypass, Manipulation of data, Exposure of system information, Exposure of sensitive information, System access Released: 2007-10-04 Multiple vulnerabilities have been reported in Sun Java JRE (Java Runtime Environment), which can be exploited by malicious people to bypass certain security restrictions, manipulate data, disclose sensitive/system information, or potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27009/ -- [SA27001] phpBB phpbb-openid Module "openid_root_path" File Inclusion Critical: Highly critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information, System access Released: 2007-10-02 xoron has reported a vulnerability in the phpbb-openid module for phpBB, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27001/ -- [SA26991] IntegraMOD Nederland(s) "phpbb_root_path" File Inclusion Critical: Highly critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information, System access Released: 2007-09-28 xoron has discovered a vulnerability in IntegraMOD Nederland(s), which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/26991/ -- [SA27006] XOOPS Uploader Class Unspecified Vulnerability Critical: Moderately critical Where: From remote Impact: System access Released: 2007-10-01 A vulnerability has been reported in XOOPS, which potentially can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27006/ -- [SA26999] actSite "do" Local File Inclusion Vulnerability Critical: Moderately critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information Released: 2007-10-01 DNX has reported a vulnerability in actSite, which can be exploited by malicious people to disclose sensitive information. Full Advisory: http://secunia.com/advisories/26999/ -- [SA26998] Quicksilver Forums PM Delete and Database Password Disclosure Critical: Moderately critical Where: From remote Impact: Manipulation of data, Exposure of sensitive information Released: 2007-10-01 A vulnerability and a security issue have been reported in Quicksilver Forums, which can be exploited by malicious users to manipulate data and by malicious people to disclose sensitive information. Full Advisory: http://secunia.com/advisories/26998/ -- [SA27065] DRBGuestbook "action" Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-10-04 Gokhan has discovered a vulnerability in DRBGuestbook, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/27065/ -- [SA27064] Drupal Project Issue Tracking Module Subscription Form Script Insertion Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-10-04 Chad Phillips has reported a vulnerability in the Project issue tracking module for Drupal, which can be exploited by malicious users to conduct script insertion attacks. Full Advisory: http://secunia.com/advisories/27064/ -- [SA27056] Irrlicht libpng tRNS Chunk Denial of Service Critical: Less critical Where: From remote Impact: DoS Released: 2007-10-03 A vulnerability has been reported in Irrlicht, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/27056/ -- [SA27055] FeedBurner FeedSmith Cross-Site Request Forgery Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-10-04 David Kierznowski has reported a vulnerability in FeedBurner FeedSmith, which can be exploited by malicious people to conduct cross-site request forgery attacks. Full Advisory: http://secunia.com/advisories/27055/ -- [SA27046] GForge "confirm_hash" Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-10-04 A vulnerability has been reported in GForge, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/27046/ -- [SA27041] AppFuse messages.jsp Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-10-04 A vulnerability has been reported in AppFuse, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/27041/ -- [SA27026] SysAid Cross-Site Request Forgery Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-10-01 nights shadow has discovered a vulnerability in SysAid, which can be exploited by malicious people to conduct cross-site request forgery attacks. Full Advisory: http://secunia.com/advisories/27026/ -- [SA27005] BlackBoard Learning System Script Insertion Vulnerabilities Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-10-04 Trew has reported some vulnerabilities in BlackBoard Learning System, which can be exploited by malicious users to conduct script insertion attacks. Full Advisory: http://secunia.com/advisories/27005/ -- [SA27004] Aipo / Aipo ASP Session Fixation Vulnerability Critical: Less critical Where: From remote Impact: Hijacking Released: 2007-09-28 A vulnerability has been reported in Aipo and Aipo ASP, which can be exploited by malicious people to conduct session fixation attacks. Full Advisory: http://secunia.com/advisories/27004/ -- [SA27010] Pidgin MSN "nudge" Denial of Service Critical: Not critical Where: From remote Impact: DoS Released: 2007-10-01 A weakness has been reported in Pidgin, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/27010/ ======================================================================== Secunia recommends that you verify all advisories you receive, by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Subscribe: http://secunia.com/secunia_weekly_summary/ Contact details: Web : http://secunia.com/ E-mail : support@private Tel : +45 70 20 51 44 Fax : +45 70 20 51 45 __________________________________________________________________ CSI 2007 is the only conference that delivers a business-focused overview of enterprise security. It will convene 1,500+ delegates, 80 exhibitors and features 100+ sessions/seminars providing a roadmap for integrating policies and procedures with new tools and techniques. Register now for savings on conference fees and/or free exhibits admission. - www.csiannual.com
This archive was generated by hypermail 2.1.3 : Thu Oct 04 2007 - 23:33:01 PDT