[ISN] Secunia Weekly Summary - Issue: 2007-40

From: InfoSec News (alerts@private)
Date: Thu Oct 04 2007 - 23:15:33 PDT


========================================================================

                  The Secunia Weekly Advisory Summary                  
                        2007-09-27 - 2007-10-04                        

                       This week: 64 advisories                        

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing

========================================================================
1) Word From Secunia:

The Secunia Network Software Inspector (NSI) is a revolutionary tool
that makes the identification of vulnerable applications as easy as the
click of a mouse. The NSI provides organisations with peace of mind by
generating a complete software security overview of the network:
identifying which systems have software that are unpatched against
certain vulnerabilities. Information gathered by NSI inspections can
be used to dynamically alert the corporate security team when a new
vulnerability is discovered. Inspections can be conducted on-demand,
automated, or scheduled, and results are archived to allow easy
generation of advanced reports based on historic and present data. 

Request your account, the Secunia Network Software Inspector (NSI):
http://secunia.com/network_software_inspector/

========================================================================
2) This Week in Brief:

Google has acknowledged a cross-site scripting vulnerability in its
Google Mini Search Appliance, which can be exploited to execute
arbitrary HTML and script code in a user's browser session in context
of an affected site. The vulnerability is caused by not properly
sanitising input passed to the "ie" parameter when performing a
search. 

The vulnerability affects Google Mini Search Appliance version 3.4.14.
Google has released a workaround available in their advisory. For more
information, refer to:
http://secunia.com/advisories/26946/

 --

Some vulnerabilities were reported this week in the X.Org X11 X Font
Server (XFS) and XFree86, which can be exploited by malicious, local
users to gain escalated privileges.

Handlers for the X protocol requests "QueryXBitmaps" and
"QueryXExtents" do not correctly check the "length" parameters before
passing them to the "build_range()" function, which can lead to an
integer overflow. This  can be exploited to cause a heap-based buffer
overflow by sending specially crafted "QueryXBitmaps" and
"QueryXExtents" requests to a vulnerable service.

An error within the handler for the X protocol requests
"QueryXBitmaps" and "QueryXExtents" when calling the "swap_char2b()"
function can be exploited to swap an arbitrary number of bytes on the
heap, resulting in a heap corruption.

These vulnerabilities may be remotely exploited on certain systems
(e.g. Sun Solaris),via port 7100/TCP. Users of X.Org X11 XFS are
urged to update to X.Org XFS 1.0.5 to solve these vulnerabilities.
However, users of Xfree86 are urged in the meantime to restrict
access to trusted users only.

For more information, refer to:
http://secunia.com/advisories/27040/
http://secunia.com/advisories/27060/

 --

Apple patched a year-old vulnerability this week with their Security
Update for Quicktime 7.2 for Windows.

The vulnerability, which had been reported in September of last year,
is caused due to missing input validation when processing the "qtnext"
attribute in an "embed" tag of a QuickTime Media Link file. This can
be exploited e.g. by a malicious web site to open local content in
the browser via the "qtnext" attribute of the "embed" tag in a
Quicktime Media Link file opened by the QuickTime Plug-In.

Additional information about how to exploit the vulnerability using
Mozilla Firefox was reported in September of this year, as the
original reporter highlighted the fact that the issue was still
unpatched. The security advisory is tagged by Secunia as "Highly
critical" due to the fact that the vulnerability could be further
exploited to pass arbitrary parameters to the default browser when a
specially crafted file is opened with QuickTime or the QuickTime
Plug-In, and possibly execution of arbitrary code on a user's system.

All users are urged to apply the security update to affected systems.
For more information, refer to:
http://secunia.com/advisories/22048/

Secunia has constructed the Secunia Personal Software Inspector, which
you can use to check if your system is vulnerable:
https://psi.secunia.com/

Corporate users can request for a trial of the Secunia Network Software
Inspector, which you can use to check which systems in your network are
vulnerable:
http://secunia.com/network_software_inspector/
	
 --

VIRUS ALERTS:

During the past week Secunia collected 255 virus descriptions from the
Antivirus vendors. However, none were deemed MEDIUM risk or higher
according to the Secunia assessment scale.

========================================================================
3) This Weeks Top Ten Most Read Advisories:

1.  [SA26983] Apple iPhone Multiple Vulnerabilities
2.  [SA27007] Internet Explorer "OnKeyDown" Event Focus Weakness
3.  [SA26914] CA BrightStor Hierarchical Storage Manager CsAgent
              Vulnerabilities
4.  [SA26990] NukeSentinel "write_ban()" SQL Injection
5.  [SA26988] Cisco Catalyst 6500 / Cisco 7600 Series Devices
              Accessible Loopback Address Weakness
6.  [SA21910] Internet Explorer Multiple Vulnerabilities
7.  [SA26986] Xen Multiple Vulnerabilities
8.  [SA26991] IntegraMOD Nederland(s) "phpbb_root_path" File Inclusion
9.  [SA26950] Sun Solaris Thread Context Handling Denial of Service
10. [SA27004] Aipo / Aipo ASP Session Fixation Vulnerability

========================================================================
4) Vulnerabilities Summary Listing

Windows:
[SA27036] Prey Doom 3 Engine Format String Vulnerability
[SA27023] Quake 4 Doom 3 Engine Format String Vulnerability
[SA27017] EDraw Office Viewer Component ActiveX Control Buffer
Overflow
[SA27002] Doom 3 Engine Format String Vulnerability
[SA27034] Y&K Iletism Formu Script Insertion Vulnerabilities
[SA27033] Ohesa Emlak Portali SQL Injection Vulnerabilities
[SA27032] Netkamp Emlak Scripti SQL Injection and Cross-Site Scripting
[SA27015] America's Army Special Forces Unreal Engine Denial Of
Service
[SA27039] CyberLink PowerDVD CLSetting ActiveX Control Insecure Method
[SA27022] OdysseySuite "idkey" Cross-Site Scripting Vulnerability
[SA26996] FeedReader RSS Feed Item "description" Script Insertion
[SA27007] Internet Explorer "OnKeyDown" Event Focus Weakness

UNIX/Linux:
[SA27051] rPath update for openssl
[SA27050] Poppawid "form" File Inclusion Vulnerability
[SA27048] Ubuntu update for imagemagick
[SA27031] Debian update for openssl
[SA27021] Ubuntu update for openssl
[SA27020] Public Media Manager "indir" File Inclusion
[SA27012] FreeBSD update for openssl
[SA27008] FSD Two Buffer Overflow Vulnerabilities
[SA26997] Gentoo update for lighttpd
[SA27053] rPath update for qt-x11-free
[SA27043] Red Hat update for nfs-utils-lib
[SA27018] Mandriva update for libsndfile
[SA27016] Mandriva update for mplayer
[SA27014] SmbFTPD "SMBDirList()" Format String Vulnerability
[SA27049] Debian update for quagga
[SA26993] IBM WebSphere Application Server for z/OS HTTP Server
Vulnerabilities
[SA26992] Fedora update for t1lib
[SA27062] Red Hat update for elinks
[SA27038] Debian update for elinks
[SA27060] XFree86 X Font Server Multiple Vulnerabilities
[SA27052] rPath update for xorg-x11
[SA27047] Red Hat update for xen
[SA27040] X.Org X11 X Font Server Multiple Vulnerabilities
[SA27030] rPath rMake Local Privilege Escalation Vulnerability
[SA27024] Sun Solaris FIFO File System Unauthorized Data Access
[SA26995] Red Hat update for kernel
[SA26994] Debian update for kernel
[SA27059] Avaya CMS / IR Solaris Thread Context Handling Denial of
Service
[SA27019] Avaya CMS Solaris Human Interface Device Denial of Service

Other:
[SA27003] Peakflow SP Security Bypass and Script Insertion
[SA27027] Sun Fire X2100 / X2200 Embedded Lights Out Manager Security
Bypass

Cross Platform:
[SA27045] FSFDT FSD Two Buffer Overflow Vulnerabilities
[SA27029] Original Photo Gallery "exif_prog" Arbitrary Command
Execution
[SA27028] Zomplog File Upload Two Vulnerabilities
[SA27025] Segue CMS "index.php" File Inclusion Vulnerability
[SA27011] MxBB Portal Mx At A Glance Module "mx_root_path" File
Inclusion
[SA27009] Sun Java JRE Multiple Vulnerabilities
[SA27001] phpBB phpbb-openid Module "openid_root_path" File Inclusion
[SA26991] IntegraMOD Nederland(s) "phpbb_root_path" File Inclusion
[SA27006] XOOPS Uploader Class Unspecified Vulnerability
[SA26999] actSite "do" Local File Inclusion Vulnerability
[SA26998] Quicksilver Forums PM Delete and Database Password
Disclosure
[SA27065] DRBGuestbook "action" Cross-Site Scripting Vulnerability
[SA27064] Drupal Project Issue Tracking Module Subscription Form Script
Insertion
[SA27056] Irrlicht libpng tRNS Chunk Denial of Service
[SA27055] FeedBurner FeedSmith Cross-Site Request Forgery
Vulnerability
[SA27046] GForge "confirm_hash" Cross-Site Scripting Vulnerability
[SA27041] AppFuse messages.jsp Cross-Site Scripting Vulnerability
[SA27026] SysAid Cross-Site Request Forgery Vulnerability
[SA27005] BlackBoard Learning System Script Insertion Vulnerabilities
[SA27004] Aipo / Aipo ASP Session Fixation Vulnerability
[SA27010] Pidgin MSN "nudge" Denial of Service

========================================================================
5) Vulnerabilities Content Listing

Windows:--

[SA27036] Prey Doom 3 Engine Format String Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-10-02

Luigi Auriemma has reported a vulnerability in Prey, which can be
exploited by malicious people to cause a DoS (Denial of Service) or
potentially to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/27036/

 --

[SA27023] Quake 4 Doom 3 Engine Format String Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-10-02

Luigi Auriemma has reported a vulnerability in Quake 4, which can be
exploited by malicious people to cause a DoS (Denial of Service) or
potentially to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/27023/

 --

[SA27017] EDraw Office Viewer Component ActiveX Control Buffer
Overflow

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-10-02

shinnai has discovered a vulnerability in EDraw Office Viewer
Component, which can be exploited by malicious people to compromise a
user's system.

Full Advisory:
http://secunia.com/advisories/27017/

 --

[SA27002] Doom 3 Engine Format String Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-10-02

Luigi Auriemma has reported a vulnerability in Doom 3, which can be
exploited by malicious people to cause a DoS (Denial of Service) or
potentially to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/27002/

 --

[SA27034] Y&K Iletism Formu Script Insertion Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-10-01

GeFORC3 (G3) has discovered some vulnerabilities in Y&K Iletisim Formu,
which can be exploited by malicious people to conduct script insertion
attacks.

Full Advisory:
http://secunia.com/advisories/27034/

 --

[SA27033] Ohesa Emlak Portali SQL Injection Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-10-01

GeFORC3 has reported two vulnerabilities in Ohesa Emlak Portali, which
can be exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/27033/

 --

[SA27032] Netkamp Emlak Scripti SQL Injection and Cross-Site Scripting

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data
Released:    2007-10-01

GeFORC3 has reported two vulnerabilities in Netkamp Emlak Scripti,
which can be exploited by malicious people to conduct cross-site
scripting attacks and SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/27032/

 --

[SA27015] America's Army Special Forces Unreal Engine Denial Of
Service

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2007-10-02

Luigi Auriemma has reported some vulnerabilities in America's Army,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/27015/

 --

[SA27039] CyberLink PowerDVD CLSetting ActiveX Control Insecure Method

Critical:    Less critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-10-02

rgod has discovered a vulnerability in CyberLink PowerDVD, which can be
exploited by malicious people to overwrite arbitrary files.

Full Advisory:
http://secunia.com/advisories/27039/

 --

[SA27022] OdysseySuite "idkey" Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-10-02

r0t has reported a vulnerability in OdysseySuite, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/27022/

 --

[SA26996] FeedReader RSS Feed Item "description" Script Insertion

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-10-01

Guy Mizrahi has discovered a vulnerability in FeedReader, which can be
exploited by malicious people to conduct script insertion attacks.

Full Advisory:
http://secunia.com/advisories/26996/

 --

[SA27007] Internet Explorer "OnKeyDown" Event Focus Weakness

Critical:    Not critical
Where:       From remote
Impact:      Exposure of sensitive information
Released:    2007-09-28

Ronald van den Heetkamp has discovered a weakness in Internet Explorer,
which potentially can be exploited by malicious people to disclose
sensitive information.

Full Advisory:
http://secunia.com/advisories/27007/


UNIX/Linux:--

[SA27051] rPath update for openssl

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-10-04

rPath has issued an update for openssl. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/27051/

 --

[SA27050] Poppawid "form" File Inclusion Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information, System access
Released:    2007-10-03

0in has discovered a vulnerability in Poppawid, which can be exploited
by malicious people to disclose sensitive information or to compromise
a vulnerable system.

Full Advisory:
http://secunia.com/advisories/27050/

 --

[SA27048] Ubuntu update for imagemagick

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-10-04

Ubuntu has issued an update for imagemagick. This fixes some
vulnerabilities, which can be exploited by malicious people to conduct
DoS (Denial of Service) attacks or compromise a user's system.

Full Advisory:
http://secunia.com/advisories/27048/

 --

[SA27031] Debian update for openssl

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-10-03

Debian has issued an update for openssl. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/27031/

 --

[SA27021] Ubuntu update for openssl

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-10-01

Ubuntu has issued an update for openssl. This fixes a vulnerability,
which potentially can be exploited by malicious people to cause a DoS
(Denial of Service) or potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/27021/

 --

[SA27020] Public Media Manager "indir" File Inclusion

Critical:    Highly critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information, System access
Released:    2007-10-01

arfis project has discovered a vulnerability in Public Media Manager,
which can be exploited by malicious people to disclose sensitive
information or to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/27020/

 --

[SA27012] FreeBSD update for openssl

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-10-04

FreeBSD has issued an update for openssl. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/27012/

 --

[SA27008] FSD Two Buffer Overflow Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-10-02

Luigi Auriemma has reported two vulnerabilities in FSD, which
potentially can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/27008/

 --

[SA26997] Gentoo update for lighttpd

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-09-28

Gentoo has issued an update for lighttpd. This fixes a vulnerability,
which can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/26997/

 --

[SA27053] rPath update for qt-x11-free

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-10-04

rPath has issued an update for qt-x11-free. This fixes a vulnerability,
which can potentially be exploited by malicious people to cause a DoS
(Denial of Service) or to compromise an application using the library.

Full Advisory:
http://secunia.com/advisories/27053/

 --

[SA27043] Red Hat update for nfs-utils-lib

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2007-10-03

Red Hat has issued an update for nfs-utils-lib. This fixes a
vulnerability, which can be exploited by malicious people to cause a
DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/27043/

 --

[SA27018] Mandriva update for libsndfile

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2007-10-02

Mandriva has issued an update for libsndfile. This fixes a
vulnerability, which potentially can be exploited by malicious people
to compromise an application using the library.

Full Advisory:
http://secunia.com/advisories/27018/

 --

[SA27016] Mandriva update for mplayer

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-10-02

Mandriva has issued an update for mplayer. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service) or potentially compromise a user's system.

Full Advisory:
http://secunia.com/advisories/27016/

 --

[SA27014] SmbFTPD "SMBDirList()" Format String Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-10-01

A vulnerability has been reported in SmbFTPD, which potentially can be
exploited by malicious users to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/27014/

 --

[SA27049] Debian update for quagga

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2007-10-03

Debian has issued an update for quagga. This fixes some
vulnerabilities, which can be exploited by malicious users to cause a
DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/27049/

 --

[SA26993] IBM WebSphere Application Server for z/OS HTTP Server
Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting, DoS
Released:    2007-09-28

IBM has acknowledged some vulnerabilities in IBM Websphere Application
server for z/OS, which can be exploited by malicious, local users to
cause a DoS (Denial of Service) or by malicious people to conduct
cross-site scripting attacks or cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/26993/

 --

[SA26992] Fedora update for t1lib

Critical:    Less critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-10-01

Fedora has issued an update for t1lib. This fixes a vulnerability,
which can be exploited by malicious users to potentially compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/26992/

 --

[SA27062] Red Hat update for elinks

Critical:    Less critical
Where:       From local network
Impact:      Exposure of sensitive information
Released:    2007-10-04

Red Hat has issued an update for elinks. This fixes a weakness, which
can be exploited by malicious people to disclose sensitive
information.

Full Advisory:
http://secunia.com/advisories/27062/

 --

[SA27038] Debian update for elinks

Critical:    Less critical
Where:       From local network
Impact:      Exposure of sensitive information
Released:    2007-10-03

Debian has issued an update for elinks. This fixes a weakness, which
can be exploited by malicious people to disclose sensitive
information.

Full Advisory:
http://secunia.com/advisories/27038/

 --

[SA27060] XFree86 X Font Server Multiple Vulnerabilities

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-10-03

Some vulnerabilities have been reported in XFree86, which can be
exploited by malicious, local users to gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/27060/

 --

[SA27052] rPath update for xorg-x11

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-10-04

rPath has issued an update for xorg-x11. This fixes some
vulnerabilities, which can be exploited by malicious, local users to
gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/27052/

 --

[SA27047] Red Hat update for xen

Critical:    Less critical
Where:       Local system
Impact:      Security Bypass, Privilege escalation
Released:    2007-10-03

Red Hat has issued an update for xen. This fixes some vulnerabilities,
which can be exploited by malicious, local users to bypass certain
security restrictions or gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/27047/

 --

[SA27040] X.Org X11 X Font Server Multiple Vulnerabilities

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-10-03

Some vulnerabilities have been reported in the X.Org X11 X Font Server
(XFS), which can be exploited by malicious, local users to gain
escalated privileges.

Full Advisory:
http://secunia.com/advisories/27040/

 --

[SA27030] rPath rMake Local Privilege Escalation Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation, DoS
Released:    2007-10-03

A vulnerability has been reported in rPath rMake, which can be
exploited by malicious, local users to cause a Denial of Service (DoS)
or potentially to gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/27030/

 --

[SA27024] Sun Solaris FIFO File System Unauthorized Data Access

Critical:    Less critical
Where:       Local system
Impact:      Exposure of sensitive information
Released:    2007-10-03

Sun has acknowledged a vulnerability in Sun Solaris, which can be
exploited by malicious, local users to disclose potentially sensitive
information.

Full Advisory:
http://secunia.com/advisories/27024/

 --

[SA26995] Red Hat update for kernel

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-09-28

Red Hat has issued an update for the kernel. This fixes a
vulnerability, which can be exploited by malicious, local users to gain
escalated privileges.

Full Advisory:
http://secunia.com/advisories/26995/

 --

[SA26994] Debian update for kernel

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation, DoS
Released:    2007-10-03

Debian has issued an update for the kernel. This fixes some
vulnerabilities, which can be exploited by malicious, local users to
cause a DoS (Denial of Service) or to gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/26994/

 --

[SA27059] Avaya CMS / IR Solaris Thread Context Handling Denial of
Service

Critical:    Not critical
Where:       Local system
Impact:      DoS
Released:    2007-10-03

Avaya has acknowledged a vulnerability in Avaya CMS and IR, which can
be exploited by malicious, local users to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/27059/

 --

[SA27019] Avaya CMS Solaris Human Interface Device Denial of Service

Critical:    Not critical
Where:       Local system
Impact:      DoS
Released:    2007-10-03

Avaya has acknowledged a vulnerability in Avaya CMS, which can be
exploited by malicious, local users to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/27019/


Other:--

[SA27003] Peakflow SP Security Bypass and Script Insertion

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting
Released:    2007-10-03

Some vulnerabilities have been reported in Arbor Networks Peakflow SP,
which can be exploited by malicious users to bypass certain security
restrictions and conduct script insertion attacks.

Full Advisory:
http://secunia.com/advisories/27003/

 --

[SA27027] Sun Fire X2100 / X2200 Embedded Lights Out Manager Security
Bypass

Critical:    Less critical
Where:       From local network
Impact:      Security Bypass
Released:    2007-10-01

A security issue has been reported in Sun Fire X2100 and X2200 M2,
which can be exploited by malicious people to bypass certain security
restrictions.

Full Advisory:
http://secunia.com/advisories/27027/


Cross Platform:--

[SA27045] FSFDT FSD Two Buffer Overflow Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-10-02

Luigi Auriemma has reported two vulnerabilities in FSFDT FSD, which
potentially can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/27045/

 --

[SA27029] Original Photo Gallery "exif_prog" Arbitrary Command
Execution

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-10-03

Francesco Ongaro and Antonio Parata have discovered a vulnerability in
Original Photo Gallery, which can be exploited by malicious people to
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/27029/

 --

[SA27028] Zomplog File Upload Two Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      System access, Security Bypass
Released:    2007-10-04

InATeam has discovered two vulnerabilities in Zomplog, which can be
exploited by malicious people to bypass certain security restrictions
and to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/27028/

 --

[SA27025] Segue CMS "index.php" File Inclusion Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information, System access
Released:    2007-10-03

K3ZZAP66345 has discovered a vulnerability in Segue CMS, which can be
exploited by malicious people to disclose sensitive information or to
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/27025/

 --

[SA27011] MxBB Portal Mx At A Glance Module "mx_root_path" File
Inclusion

Critical:    Highly critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information, System access
Released:    2007-10-01

bd0rk has discovered a vulnerability in the Mx At A Glance (mx_glance)
module for MxBB Portal, which can be exploited by malicious people to
disclose sensitive information or to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/27011/

 --

[SA27009] Sun Java JRE Multiple Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Manipulation of data, Exposure of system
information, Exposure of sensitive information, System access
Released:    2007-10-04

Multiple vulnerabilities have been reported in Sun Java JRE (Java
Runtime Environment), which can be exploited by malicious people to
bypass certain security restrictions, manipulate data, disclose
sensitive/system information, or potentially compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/27009/

 --

[SA27001] phpBB phpbb-openid Module "openid_root_path" File Inclusion

Critical:    Highly critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information, System access
Released:    2007-10-02

xoron has reported a vulnerability in the phpbb-openid module for
phpBB, which can be exploited by malicious people to disclose sensitive
information or to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/27001/

 --

[SA26991] IntegraMOD Nederland(s) "phpbb_root_path" File Inclusion

Critical:    Highly critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information, System access
Released:    2007-09-28

xoron has discovered a vulnerability in IntegraMOD Nederland(s), which
can be exploited by malicious people to disclose sensitive information
or to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26991/

 --

[SA27006] XOOPS Uploader Class Unspecified Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2007-10-01

A vulnerability has been reported in XOOPS, which potentially can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/27006/

 --

[SA26999] actSite "do" Local File Inclusion Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information
Released:    2007-10-01

DNX has reported a vulnerability in actSite, which can be exploited by
malicious people to disclose sensitive information.

Full Advisory:
http://secunia.com/advisories/26999/

 --

[SA26998] Quicksilver Forums PM Delete and Database Password
Disclosure

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data, Exposure of sensitive information
Released:    2007-10-01

A vulnerability and a security issue have been reported in Quicksilver
Forums, which can be exploited by malicious users to manipulate data
and by malicious people to disclose sensitive information.

Full Advisory:
http://secunia.com/advisories/26998/

 --

[SA27065] DRBGuestbook "action" Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-10-04

Gokhan has discovered a vulnerability in DRBGuestbook, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/27065/

 --

[SA27064] Drupal Project Issue Tracking Module Subscription Form Script
Insertion

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-10-04

Chad Phillips has reported a vulnerability in the Project issue
tracking module for Drupal, which can be exploited by malicious users
to conduct script insertion attacks.

Full Advisory:
http://secunia.com/advisories/27064/

 --

[SA27056] Irrlicht libpng tRNS Chunk Denial of Service

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2007-10-03

A vulnerability has been reported in Irrlicht, which can be exploited
by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/27056/

 --

[SA27055] FeedBurner FeedSmith Cross-Site Request Forgery
Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-10-04

David Kierznowski has reported a vulnerability in FeedBurner FeedSmith,
which can be exploited by malicious people to conduct cross-site request
forgery attacks.

Full Advisory:
http://secunia.com/advisories/27055/

 --

[SA27046] GForge "confirm_hash" Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-10-04

A vulnerability has been reported in GForge, which can be exploited by
malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/27046/

 --

[SA27041] AppFuse messages.jsp Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-10-04

A vulnerability has been reported in AppFuse, which can be exploited by
malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/27041/

 --

[SA27026] SysAid Cross-Site Request Forgery Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-10-01

nights shadow has discovered a vulnerability in SysAid, which can be
exploited by malicious people to conduct cross-site request forgery
attacks.

Full Advisory:
http://secunia.com/advisories/27026/

 --

[SA27005] BlackBoard Learning System Script Insertion Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-10-04

Trew has reported some vulnerabilities in BlackBoard Learning System,
which can be exploited by malicious users to conduct script insertion
attacks.

Full Advisory:
http://secunia.com/advisories/27005/

 --

[SA27004] Aipo / Aipo ASP Session Fixation Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Hijacking
Released:    2007-09-28

A vulnerability has been reported in Aipo and Aipo ASP, which can be
exploited by malicious people to conduct session fixation attacks.

Full Advisory:
http://secunia.com/advisories/27004/

 --

[SA27010] Pidgin MSN "nudge" Denial of Service

Critical:    Not critical
Where:       From remote
Impact:      DoS
Released:    2007-10-01

A weakness has been reported in Pidgin, which can be exploited by
malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/27010/



========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Subscribe:
http://secunia.com/secunia_weekly_summary/

Contact details:
Web	: http://secunia.com/
E-mail	: support@private
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45


__________________________________________________________________      
CSI 2007 is the only conference that delivers a business-focused
overview of enterprise security. It will convene 1,500+ delegates,
80 exhibitors and features 100+ sessions/seminars providing a
roadmap for integrating policies and procedures with new tools
and techniques.  Register now for savings on conference fees   
and/or free exhibits admission. - www.csiannual.com



This archive was generated by hypermail 2.1.3 : Thu Oct 04 2007 - 23:33:01 PDT