======================================================================== The Secunia Weekly Advisory Summary 2007-10-11 - 2007-10-18 This week: 76 advisories ======================================================================== Table of Contents: 1.....................................................Word From Secunia 2....................................................This Week In Brief 3...............................This Weeks Top Ten Most Read Advisories 4.......................................Vulnerabilities Summary Listing 5.......................................Vulnerabilities Content Listing ======================================================================== 1) Word From Secunia: 2003: 2,700 advisories published 2004: 3,100 advisories published 2005: 4,600 advisories published 2006: 5,300 advisories published How do you know which Secunia advisories are important to you? The Secunia Vulnerability Intelligence Solutions allows you to filter and structure all the information you need, so you can address issues effectively. Get a free trial of the Secunia Vulnerability Intelligence Solutions: http://corporate.secunia.com/how_to_buy/38/vi/?ref=summary_sm ======================================================================== 2) This Week in Brief: Secunia Research disclosed a vulnerability this week in Irfanview, the popular Windows image viewer software. The vulnerability is due to a boundary error when importing palette (.PAL) files, and can cause a stack-based buffer overflow. The vulnerability can easily be exploited by enticing a user into importing a specially crafted .PAL file, and allows an attacker to execute arbitrary code on the system. Users are urged to upgrade to the latest version, 4.10, to solve this vulnerability. For more information, refer to: http://secunia.com/advisories/26619/ Secunia has constructed the Secunia Personal Software Inspector, which you can use to check if your personal system is vulnerable: https://psi.secunia.com/ Corporate users can request for a trial of the Secunia Network Software Inspector, which you can use to check which systems in your network are vulnerable: http://secunia.com/network_software_inspector/ -- Oracle released a patch for more than 50 vulnerabilities last Tuesday. While majority of the vulnerabilities have unknown impacts, details are available for the following: 1) An input validation error within the GIOP service in Oracle TNS Listener when processing connect GIOP packets can be exploited to crash the TNS Listener or to disclose potential sensitive information via a specially crafted packet. 2) Certain input processed by the CTX_DOC package can be exploited to manipulate SQL queries by injecting arbitrary SQL code via the THEMES, GIST, TOKENS, FILTER, HIGHLIGHT, and MARKUP procedures. 3) An error in Oracle RDBMS when processing TNS data packets can be exploited to cause high CPU usage via a specially crafted packet sequence. 4) Certain input processed by the LT package can be exploited to manipulate SQL queries by injecting arbitrary SQL code via the FINDRICSET procedure. Successful exploitation of this vulnerability allows an attacker to gain "SYS" privileges. 5) An error in the Oracle XML DB ftp service leads to incorrect "USERID" entries in the audit trail. Among the affected software are: Oracle Application Server 10g, Oracle Collaboration Suite 10.x, Oracle Database 10.x and 9i, Oracle E-Business Suite 11i and 12.x, Oracle Enterprise Manager 10.x, and PeopleSoft Enterprise Human Capital Management 8.x and 9.x Oracle users should apply updates immediately. For more information, refer to: http://secunia.com/advisories/27251/ -- A vulnerability has been reported in Apple iPod touch and Apple iPhone, which potentially can be exploited by malicious people to compromise a vulnerable device. The vulnerability is caused due to an error in the processing of TIFF images and can potentially be exploited to execute arbitrary code when viewing a specially crafted TIFF image using, for example, the Safari web browser. This may be related to a previously reported vulnerability in libTIFF from August of last year. The vulnerability is reported in iPod touch version 1.1.1 and iPhone version 1.1.1. Other versions may also be affected. No patch is available for this vulnerability. In the meantime Secunia advises iPod touch and iPhone users to avoid opening untrusted TIFF files or browsing untrusted websites. For more information, refer to: http://secunia.com/advisories/27213/ -- Two vulnerabilities have been reported in Opera, which can be exploited by malicious people to conduct cross-site scripting attacks and to compromise a user's system. 1) Opera may incorrectly launch external email or newsgroup clients, which can be exploited to execute arbitrary commands by, for example, visiting a malicious website. Successful exploitation requires that the user has configured an external email or newsgroup client. 2) An error when processing frames from different websites can be exploited to bypass the same-origin policy. This allows overwriting functions of those frames and executing arbitrary HTML and script code in a user's browser session in context of other sites. Opera has released version 9.24 to solve these vulnerabilities. For more information, refer to: http://secunia.com/advisories/27277/ Secunia has constructed the Secunia Personal Software Inspector, which you can use to check if your personal system is vulnerable: https://psi.secunia.com/ Corporate users can request for a trial of the Secunia Network Software Inspector, which you can use to check which systems in your network are vulnerable: http://secunia.com/network_software_inspector/ -- VIRUS ALERTS: During the past week Secunia collected 128 virus descriptions from the Antivirus vendors. However, none were deemed MEDIUM risk or higher according to the Secunia assessment scale. ======================================================================== 3) This Weeks Top Ten Most Read Advisories: 1. [SA27213] Apple iPod touch / iPhone TIFF Image Processing Vulnerability 2. [SA25878] OpenSSL DTLS Implementation Vulnerability 3. [SA23469] Internet Explorer File Download Handling Memory Corruption 4. [SA26619] IrfanView Palette File Importing Buffer Overflow Vulnerability 5. [SA27223] Winamp FLAC Media File Processing Integer Overflows 6. [SA27219] KwsPHP "newsletter" SQL Injection Vulnerability 7. [SA27196] Joomla! "searchword" Cross-Site Scripting 8. [SA27195] MouseoverDictionary Unspecified Script Execution Vulnerability 9. [SA27216] Sun Solaris update for mozilla 10. [SA27210] FLAC Media File Processing Integer Overflow Vulnerabilities ======================================================================== 4) Vulnerabilities Summary Listing Windows: [SA27242] Live for Speed Buffer Overflow Vulnerability [SA27223] Winamp FLAC Media File Processing Integer Overflows [SA27287] Miranda Multiple Buffer Overflow Vulnerabilities [SA27268] Okul Otomasyon Portal "id" SQL Injection [SA27214] Cisco Products Unspecified Unauthorized Access Vulnerability UNIX/Linux: [SA27261] SUSE update for Sun Java [SA27229] SUSE Update for Multiple Packages [SA27220] eXtremail Multiple Vulnerabilities [SA27217] Fedora update for openssl [SA27216] Sun Solaris update for mozilla [SA27206] Red Hat update for java [SA27205] Red Hat update for openssl [SA27203] Red Hat update for java-1.5.0-bea [SA27281] Avaya Products CUPS "StreamPredictor" Multiple Vulnerabilities [SA27296] Cisco Unified Communications Manager Two Vulnerabilities [SA27278] Asterisk-Addons "cdr_addon_mysql" SQL Injection Vulnerability [SA27254] Gentoo update for denyhosts [SA27241] Debian update for wesnoth [SA27237] Avaya Products Cyrus SASL DIGEST-MD5 Pre-Authentication Denial of Service [SA27227] SUSE update for kernel [SA27222] Sun Solaris libtiff Multiple Vulnerabilities [SA27218] Fedora update for wesnoth [SA27212] Mandriva update for kernel [SA27207] Ubuntu update for tk [SA27275] Avaya Products Qt Overlong UTF-8 Sequence Cross-Site Scripting [SA27272] Gentoo update for balsa [SA27267] HP Tru64 Internet Express update for Apache Tomcat [SA27262] DCC SOCKS Denial Of Service Vulnerability [SA27253] Gentoo update for ampache [SA27239] Gentoo update for t1lib [SA27209] HP-UX update for Apache [SA27204] OpenSER Authentication Header Hijacking Security Issue [SA27247] Gentoo update for skktools [SA27244] Tramp Insecure Temporary Files [SA27240] Gentoo update for xfs [SA27232] Fedora update for hplip [SA27228] SUSE update for XOrg [SA27221] Ubuntu update for hplip [SA27202] HPLIP hpssd Command Injection Vulnerability [SA27235] Fedora update for openssh [SA27265] HP-UX update for OpenSSL [SA27224] Red Hat update for hplib [SA27215] rPath initscripts Incorrect /var/log/btmp Permissions Other: [SA27213] Apple iPod touch / iPhone TIFF Image Processing Vulnerability [SA27236] Cisco FWSM HTTPS/MGCP Packet Processing Denial of Service [SA27252] Nortel IP Softphone 2050 Buffer Overflow Vulnerability [SA27274] Sun Solaris bzip2 Multiple Vulnerabilities [SA27238] Netgear SSL312 "err" Cross-Site Scripting Vulnerability [SA27282] Nortel CS1000 Denial of Service Vulnerability [SA27234] Nortel Products Multiple Vulnerabilities [SA27231] Cisco CallManager Authentication Header Hijacking Security Issue [SA27201] Sun StorageTek 3510 FC Array FTP Denial of Service Cross Platform: [SA27288] LimeSurvey "rootdir" File Inclusion Vulnerability [SA27277] Opera Multiple Vulnerabilities [SA27208] PicoFlat CMS "pagina" File Inclusion Vulnerability [SA27269] artmedic CMS "page" Local File Inclusion [SA27259] 1024 CMS Cross-Site Request Forgery Vulnerability [SA27258] Softbiz Recipes Portal Script "sbcat_id" SQL Injection [SA27257] PHP File Sharing System "cam" Directory Traversal [SA27255] doop "page" Local File Inclusion Vulnerability [SA27251] Oracle Products Multiple Vulnerabilities [SA27250] VirtueMart Unspecified PHP Code Execution [SA27249] IBM WebSphere Application Server Unspecified Vulnerability [SA27230] RunCms newbb_plus Unspecified Vulnerability [SA27219] KwsPHP "newsletter" SQL Injection Vulnerability [SA27211] HP Select Identity Unspecified Unauthorized Access Vulnerability [SA27210] FLAC Media File Processing Integer Overflow Vulnerabilities [SA27293] vbDrupal Multiple Vulnerabilities [SA27292] Drupal Multiple Vulnerabilities [SA27290] Drupal Code Execution and Cross-Site Request Forgery [SA27289] Drupal Web Links Module Cross-Site Scripting [SA27264] Simple PHP Blog Cross-Site Request Forgery [SA27263] mnoGoSearch Default Template "t" Cross-Site Scripting [SA27246] phpMyAdmin "server_status.php" Cross-Site Scripting [SA27245] WebMod "auth.w" Cross-Site Scripting Vulnerability [SA27225] InnovaPortal Multiple Cross-Site Scripting Vulnerabilities ======================================================================== 5) Vulnerabilities Content Listing Windows:-- [SA27242] Live for Speed Buffer Overflow Vulnerability Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2007-10-15 Luigi Auriemma has reported a vulnerability in Live for Speed, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/27242/ -- [SA27223] Winamp FLAC Media File Processing Integer Overflows Critical: Highly critical Where: From remote Impact: System access Released: 2007-10-12 Some vulnerabilities have been reported in Winamp, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/27223/ -- [SA27287] Miranda Multiple Buffer Overflow Vulnerabilities Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2007-10-18 Some vulnerabilities have been reported in Miranda, which potentially can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27287/ -- [SA27268] Okul Otomasyon Portal "id" SQL Injection Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2007-10-17 dumenci has reported a vulnerability in Okul Otomasyon Portal, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/27268/ -- [SA27214] Cisco Products Unspecified Unauthorized Access Vulnerability Critical: Less critical Where: From local network Impact: Security Bypass, Manipulation of data, Exposure of sensitive information Released: 2007-10-18 A vulnerability has been reported in Cisco products, which can be exploited by malicious users to bypass certain security restrictions, disclose certain sensitive information, and manipulate certain data. Full Advisory: http://secunia.com/advisories/27214/ UNIX/Linux:-- [SA27261] SUSE update for Sun Java Critical: Highly critical Where: From remote Impact: Security Bypass, Manipulation of data, Exposure of system information, Exposure of sensitive information, System access Released: 2007-10-18 SUSE has issued an update for Sun Java. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, manipulate data, disclose sensitive/system information, or potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27261/ -- [SA27229] SUSE Update for Multiple Packages Critical: Highly critical Where: From remote Impact: Security Bypass, Spoofing, Privilege escalation, DoS, System access Released: 2007-10-15 SUSE has issued updates for multiple packages. This fixes some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions or gain escalated privileges, and by malicious people to cause a DoS (Denial of Service) or to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27229/ -- [SA27220] eXtremail Multiple Vulnerabilities Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2007-10-16 mu-b has reported multiple vulnerabilities in eXtremail, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27220/ -- [SA27217] Fedora update for openssl Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2007-10-16 Fedora has issued an update for openssl. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27217/ -- [SA27216] Sun Solaris update for mozilla Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2007-10-12 Sun Solaris has issued an update for mozilla. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/27216/ -- [SA27206] Red Hat update for java Critical: Highly critical Where: From remote Impact: Security Bypass, Manipulation of data, Exposure of system information, Exposure of sensitive information, System access Released: 2007-10-12 Red Hat has issued an update for java. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, manipulate data, disclose sensitive and system information, or potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27206/ -- [SA27205] Red Hat update for openssl Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2007-10-12 Red Hat has issued an update for openssl. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27205/ -- [SA27203] Red Hat update for java-1.5.0-bea Critical: Highly critical Where: From remote Impact: Security Bypass, Cross Site Scripting, DoS, System access Released: 2007-10-16 Red Hat has issued an update for java-1.5.0-bea. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, cause a DoS (Denial of Service), or compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27203/ -- [SA27281] Avaya Products CUPS "StreamPredictor" Multiple Vulnerabilities Critical: Highly critical Where: From local network Impact: System access Released: 2007-10-17 Avaya has acknowledged some vulnerabilities in various Avaya products, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27281/ -- [SA27296] Cisco Unified Communications Manager Two Vulnerabilities Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2007-10-18 Two vulnerabilities have been reported in Cisco Unified Communications Manager (CUCM), which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27296/ -- [SA27278] Asterisk-Addons "cdr_addon_mysql" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2007-10-17 A vulnerability has been reported in Asterisk-Addons, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/27278/ -- [SA27254] Gentoo update for denyhosts Critical: Moderately critical Where: From remote Impact: DoS Released: 2007-10-15 Gentoo has issued an update for denyhosts. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/27254/ -- [SA27241] Debian update for wesnoth Critical: Moderately critical Where: From remote Impact: DoS Released: 2007-10-15 Debian has issued an update for wesnoth. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/27241/ -- [SA27237] Avaya Products Cyrus SASL DIGEST-MD5 Pre-Authentication Denial of Service Critical: Moderately critical Where: From remote Impact: DoS Released: 2007-10-17 Avaya has acknowledged a vulnerability in various Avaya products, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/27237/ -- [SA27227] SUSE update for kernel Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information, Privilege escalation, DoS Released: 2007-10-15 SUSE has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to disclose potential sensitive information, gain escalated privileges, and cause a DoS (Denial of Service) and by malicious people to cause a DoS. Full Advisory: http://secunia.com/advisories/27227/ -- [SA27222] Sun Solaris libtiff Multiple Vulnerabilities Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2007-10-12 Sun has acknowledged some vulnerabilities in Sun Solaris, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27222/ -- [SA27218] Fedora update for wesnoth Critical: Moderately critical Where: From remote Impact: DoS Released: 2007-10-12 Fedora has issued an update for wesnoth. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/27218/ -- [SA27212] Mandriva update for kernel Critical: Moderately critical Where: From remote Impact: Security Bypass, Privilege escalation, DoS Released: 2007-10-16 Mandriva has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions, cause a DoS (Denial of Service), or gain escalated privileges, and by malicious people to cause a DoS. Full Advisory: http://secunia.com/advisories/27212/ -- [SA27207] Ubuntu update for tk Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2007-10-12 Ubuntu has issued an update for tk. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise an application using the library. Full Advisory: http://secunia.com/advisories/27207/ -- [SA27275] Avaya Products Qt Overlong UTF-8 Sequence Cross-Site Scripting Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-10-17 Avaya has acknowledged a vulnerability in various Avaya products, which potentially can be exploited to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/27275/ -- [SA27272] Gentoo update for balsa Critical: Less critical Where: From remote Impact: DoS, System access Released: 2007-10-17 Gentoo has issued an update for balsa. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/27272/ -- [SA27267] HP Tru64 Internet Express update for Apache Tomcat Critical: Less critical Where: From remote Impact: Cross Site Scripting, Exposure of sensitive information Released: 2007-10-17 HP has issued an update for Apache Tomcat. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information or conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/27267/ -- [SA27262] DCC SOCKS Denial Of Service Vulnerability Critical: Less critical Where: From remote Impact: DoS Released: 2007-10-16 A vulnerability has been reported in DCC, which can potentially be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/27262/ -- [SA27253] Gentoo update for ampache Critical: Less critical Where: From remote Impact: Hijacking, Manipulation of data Released: 2007-10-15 Gentoo has issued an update for ampache. This fixes some vulnerabilities, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct session fixation attacks. Full Advisory: http://secunia.com/advisories/27253/ -- [SA27239] Gentoo update for t1lib Critical: Less critical Where: From remote Impact: DoS, System access Released: 2007-10-15 Gentoo has issued an update for t1lib. This fixes a vulnerability, which can be exploited by malicious users to potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27239/ -- [SA27209] HP-UX update for Apache Critical: Less critical Where: From remote Impact: DoS Released: 2007-10-12 HP has issued an update for Apache. This fixes some vulnerabilities, which can be exploited by malicious, local users and malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/27209/ -- [SA27204] OpenSER Authentication Header Hijacking Security Issue Critical: Less critical Where: From local network Impact: Hijacking Released: 2007-10-15 A security issue has been reported in OpenSER, which can be exploited by malicious people to hijack user sessions. Full Advisory: http://secunia.com/advisories/27204/ -- [SA27247] Gentoo update for skktools Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2007-10-15 Gentoo has issued an update for skktools. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges. Full Advisory: http://secunia.com/advisories/27247/ -- [SA27244] Tramp Insecure Temporary Files Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2007-10-15 Stefan Monnier has reported a vulnerability in Tramp, which can be exploited by malicious, local users to perform certain actions with escalated privileges. Full Advisory: http://secunia.com/advisories/27244/ -- [SA27240] Gentoo update for xfs Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2007-10-15 Gentoo has issued an update for xfs. This fixes some vulnerabilities, which can be exploited by malicious, local users to perform certain actions with escalated privileges or gain escalated privileges. Full Advisory: http://secunia.com/advisories/27240/ -- [SA27232] Fedora update for hplip Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2007-10-15 Fedora has issued an update for hplip. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/27232/ -- [SA27228] SUSE update for XOrg Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2007-10-15 SUSE has issued an update for XOrg. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/27228/ -- [SA27221] Ubuntu update for hplip Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2007-10-15 Ubuntu has issued an update for hplip. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/27221/ -- [SA27202] HPLIP hpssd Command Injection Vulnerability Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2007-10-12 Kees Cook has reported a vulnerability in HPLIB, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/27202/ -- [SA27235] Fedora update for openssh Critical: Not critical Where: From remote Impact: Manipulation of data Released: 2007-10-16 Fedora has issued an update for openssh. This fixes a vulnerability, which can be exploited by malicious people to inject certain data. Full Advisory: http://secunia.com/advisories/27235/ -- [SA27265] HP-UX update for OpenSSL Critical: Not critical Where: Local system Impact: DoS Released: 2007-10-17 HP has issued an update for OpenSSL. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/27265/ -- [SA27224] Red Hat update for hplib Critical: Not critical Where: Local system Impact: Privilege escalation Released: 2007-10-12 Red Hat has issued an update for hplib. This fixes a vulnerability, which potentially can be exploited by malicious, local users to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27224/ -- [SA27215] rPath initscripts Incorrect /var/log/btmp Permissions Critical: Not critical Where: Local system Impact: Exposure of sensitive information Released: 2007-10-12 rPath has acknowledged a security issue in initscripts, which potentially can be exploited by malicious, local users to disclose sensitive information. Full Advisory: http://secunia.com/advisories/27215/ Other:-- [SA27213] Apple iPod touch / iPhone TIFF Image Processing Vulnerability Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2007-10-12 A vulnerability has been reported in Apple iPod touch and Apple iPhone, which potentially can be exploited by malicious people to compromise a vulnerable device. Full Advisory: http://secunia.com/advisories/27213/ -- [SA27236] Cisco FWSM HTTPS/MGCP Packet Processing Denial of Service Critical: Moderately critical Where: From remote Impact: DoS Released: 2007-10-18 Cisco has acknowledged some vulnerabilities in Cisco Firewall Services Module (FWSM), which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/27236/ -- [SA27252] Nortel IP Softphone 2050 Buffer Overflow Vulnerability Critical: Moderately critical Where: From local network Impact: DoS, System access Released: 2007-10-18 A vulnerability has been reported in Nortel IP Softphone 2050, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27252/ -- [SA27274] Sun Solaris bzip2 Multiple Vulnerabilities Critical: Less critical Where: From remote Impact: Privilege escalation, DoS Released: 2007-10-17 Sun has acknowledged a vulnerability in Sun Solaris, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/27274/ -- [SA27238] Netgear SSL312 "err" Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-10-18 SkyOut has reported a vulnerability in Netgear SSL312, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/27238/ -- [SA27282] Nortel CS1000 Denial of Service Vulnerability Critical: Less critical Where: From local network Impact: DoS Released: 2007-10-18 A vulnerability has been reported in Nortel CS1000, which potentially can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/27282/ -- [SA27234] Nortel Products Multiple Vulnerabilities Critical: Less critical Where: From local network Impact: Exposure of sensitive information, DoS Released: 2007-10-18 Some vulnerabilities have been reported in various Nortel products, which can be exploited by malicious people to cause a DoS (Denial of Service) and to eavesdrop with affected devices. Full Advisory: http://secunia.com/advisories/27234/ -- [SA27231] Cisco CallManager Authentication Header Hijacking Security Issue Critical: Less critical Where: From local network Impact: Hijacking Released: 2007-10-18 A security issue has been reported in Cisco CallManager, which can be exploited by malicious people to hijack user sessions. Full Advisory: http://secunia.com/advisories/27231/ -- [SA27201] Sun StorageTek 3510 FC Array FTP Denial of Service Critical: Not critical Where: From local network Impact: DoS Released: 2007-10-16 Sun has acknowledged a vulnerability in Sun StorageTek 3510 FC Array, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/27201/ Cross Platform:-- [SA27288] LimeSurvey "rootdir" File Inclusion Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2007-10-18 S.W.A.T. has discovered a vulnerability in LimeSurvey, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27288/ -- [SA27277] Opera Multiple Vulnerabilities Critical: Highly critical Where: From remote Impact: Cross Site Scripting, System access, Unknown Released: 2007-10-17 Some vulnerabilities have been reported in Opera, where one vulnerability has an unknown impact and others can be exploited by malicious people to conduct cross-site scripting attacks and to compromise a user's system. Full Advisory: http://secunia.com/advisories/27277/ -- [SA27208] PicoFlat CMS "pagina" File Inclusion Vulnerability Critical: Highly critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information, System access Released: 2007-10-12 0in has reported a vulnerability in PicoFlat CMS, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27208/ -- [SA27269] artmedic CMS "page" Local File Inclusion Critical: Moderately critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information Released: 2007-10-17 iNs has discovered a vulnerability in artmedic CMS, which can be exploited by malicious people to disclose sensitive information. Full Advisory: http://secunia.com/advisories/27269/ -- [SA27259] 1024 CMS Cross-Site Request Forgery Vulnerability Critical: Moderately critical Where: From remote Impact: Hijacking Released: 2007-10-17 nights shadow has discovered a vulnerability in 1024 CMS, which can be exploited by malicious people to conduct cross-site request forgery attacks. Full Advisory: http://secunia.com/advisories/27259/ -- [SA27258] Softbiz Recipes Portal Script "sbcat_id" SQL Injection Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2007-10-15 IRCRASH has reported a vulnerability in Softbiz Recipes Portal Script, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/27258/ -- [SA27257] PHP File Sharing System "cam" Directory Traversal Critical: Moderately critical Where: From remote Impact: Manipulation of data, Exposure of sensitive information Released: 2007-10-16 Jonas Thambert has discovered a vulnerability in PHP File Sharing System, which can be exploited by malicious people to conduct directory traversal attacks. Full Advisory: http://secunia.com/advisories/27257/ -- [SA27255] doop "page" Local File Inclusion Vulnerability Critical: Moderately critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information Released: 2007-10-16 vladii has discovered a vulnerability in doop, which can be exploited by malicious people to disclose sensitive information. Full Advisory: http://secunia.com/advisories/27255/ -- [SA27251] Oracle Products Multiple Vulnerabilities Critical: Moderately critical Where: From remote Impact: Unknown, Manipulation of data, Exposure of sensitive information, DoS Released: 2007-10-17 Multiple vulnerabilities have been reported for various Oracle products. Some have unknown impacts, others can be exploited to disclose sensitive information, conduct SQL injection attacks, or to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/27251/ -- [SA27250] VirtueMart Unspecified PHP Code Execution Critical: Moderately critical Where: From remote Impact: System access Released: 2007-10-16 A vulnerability has been reported in VirtueMart, which can be exploited by malicious users to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27250/ -- [SA27249] IBM WebSphere Application Server Unspecified Vulnerability Critical: Moderately critical Where: From remote Impact: Unknown Released: 2007-10-15 A vulnerability with an unknown impact has been reported in IBM WebSphere Application Server. Full Advisory: http://secunia.com/advisories/27249/ -- [SA27230] RunCms newbb_plus Unspecified Vulnerability Critical: Moderately critical Where: From remote Impact: Unknown Released: 2007-10-17 A vulnerability with an unknown impact has been reported in RunCms. Full Advisory: http://secunia.com/advisories/27230/ -- [SA27219] KwsPHP "newsletter" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2007-10-12 S4mi has discovered a vulnerability in KwsPHP, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/27219/ -- [SA27211] HP Select Identity Unspecified Unauthorized Access Vulnerability Critical: Moderately critical Where: From remote Impact: Security Bypass Released: 2007-10-12 A vulnerability has been reported in HP Select Identity, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/27211/ -- [SA27210] FLAC Media File Processing Integer Overflow Vulnerabilities Critical: Moderately critical Where: From remote Impact: System access Released: 2007-10-12 Some vulnerabilities have been reported in FLAC, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/27210/ -- [SA27293] vbDrupal Multiple Vulnerabilities Critical: Less critical Where: From remote Impact: Security Bypass, Cross Site Scripting, System access Released: 2007-10-18 Some vulnerabilities have been reported in vbDrupal, which can be exploited by malicious users to conduct HTTP response splitting attacks, and by malicious people to conduct cross-site scripting and cross-site request forgery attacks, bypass certain security restrictions, and compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27293/ -- [SA27292] Drupal Multiple Vulnerabilities Critical: Less critical Where: From remote Impact: Security Bypass, Cross Site Scripting Released: 2007-10-18 Some vulnerabilities have been reported in Drupal, which can be exploited by malicious people to conduct cross-site scripting attacks and bypass certain security restrictions, and by malicious users to conduct HTTP response splitting attacks. Full Advisory: http://secunia.com/advisories/27292/ -- [SA27290] Drupal Code Execution and Cross-Site Request Forgery Critical: Less critical Where: From remote Impact: Cross Site Scripting, System access Released: 2007-10-18 Some vulnerabilities have been reported in Drupal, which can be exploited by malicious people to conduct cross-site request forgery attacks and to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27290/ -- [SA27289] Drupal Web Links Module Cross-Site Scripting Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-10-18 Brandon Bergren has reported a vulnerability in the Web Links module for Drupal, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/27289/ -- [SA27264] Simple PHP Blog Cross-Site Request Forgery Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-10-18 Demential has discovered a vulnerability in Simple PHP Blog, which can be exploited by malicious people to conduct cross-site request forgery attacks. Full Advisory: http://secunia.com/advisories/27264/ -- [SA27263] mnoGoSearch Default Template "t" Cross-Site Scripting Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-10-18 A vulnerability has been reported in mnoGoSearch, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/27263/ -- [SA27246] phpMyAdmin "server_status.php" Cross-Site Scripting Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-10-18 Omer Singer has discovered a vulnerability in phpMyAdmin, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/27246/ -- [SA27245] WebMod "auth.w" Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-10-16 Nemessis has reported a vulnerability in WebMod, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/27245/ -- [SA27225] InnovaPortal Multiple Cross-Site Scripting Vulnerabilities Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-10-18 Jose Luis Gngora Fernndez has reported some vulnerabilities in InnovaPortal, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/27225/ ======================================================================== Secunia recommends that you verify all advisories you receive, by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Subscribe: http://secunia.com/secunia_weekly_summary/ Contact details: Web : http://secunia.com/ E-mail : support@private Tel : +45 70 20 51 44 Fax : +45 70 20 51 45 __________________________________________________________________ CSI 2007 is the only conference that delivers a business-focused overview of enterprise security. It will convene 1,500+ delegates, 80 exhibitors and features 100+ sessions/seminars providing a roadmap for integrating policies and procedures with new tools and techniques. Register now for savings on conference fees and/or free exhibits admission. - www.csiannual.com
This archive was generated by hypermail 2.1.3 : Thu Oct 18 2007 - 22:38:41 PDT