[ISN] Secunia Weekly Summary - Issue: 2007-42

From: InfoSec News (alerts@private)
Date: Thu Oct 18 2007 - 22:09:18 PDT


========================================================================

                  The Secunia Weekly Advisory Summary                  
                        2007-10-11 - 2007-10-18                        

                       This week: 76 advisories                        

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing

========================================================================
1) Word From Secunia:

2003: 2,700 advisories published
2004: 3,100 advisories published
2005: 4,600 advisories published
2006: 5,300 advisories published

How do you know which Secunia advisories are important to you?

The Secunia Vulnerability Intelligence Solutions allows you to filter
and structure all the information you need, so you can address issues
effectively.

Get a free trial of the Secunia Vulnerability Intelligence Solutions:
http://corporate.secunia.com/how_to_buy/38/vi/?ref=summary_sm

========================================================================
2) This Week in Brief:

Secunia Research disclosed a vulnerability this week in Irfanview, the
popular Windows image viewer software. The vulnerability is due to a
boundary error when importing palette (.PAL) files, and can cause a
stack-based buffer overflow.

The vulnerability can easily be exploited by enticing a user into
importing a specially crafted .PAL file, and allows an attacker to
execute arbitrary code on the system.

Users are urged to upgrade to the latest version, 4.10, to solve this
vulnerability. For more information, refer to:
http://secunia.com/advisories/26619/

Secunia has constructed the Secunia Personal Software Inspector, which
you can use to check if your personal system is vulnerable:
https://psi.secunia.com/

Corporate users can request for a trial of the Secunia Network Software
Inspector, which you can use to check which systems in your network are
vulnerable:
http://secunia.com/network_software_inspector/

 --

Oracle released a patch for more than 50 vulnerabilities last Tuesday.
While majority of the vulnerabilities have unknown impacts, details are
available for the following:

1) An input validation error within the GIOP service in Oracle TNS
Listener when processing connect GIOP packets can be exploited to crash
the TNS Listener or to disclose potential sensitive information via a
specially crafted packet.

2) Certain input processed by the CTX_DOC package can be exploited to
manipulate SQL queries by injecting arbitrary SQL code via the THEMES,
GIST, TOKENS, FILTER, HIGHLIGHT, and MARKUP procedures.

3) An error in Oracle RDBMS when processing TNS data packets can be
exploited to cause high CPU usage via a specially crafted packet
sequence.

4) Certain input processed by the LT package can be exploited to
manipulate SQL queries by injecting arbitrary SQL code via the
FINDRICSET procedure. Successful exploitation of this vulnerability
allows an attacker to gain "SYS" privileges.

5) An error in the Oracle XML DB ftp service leads to incorrect
"USERID" entries in the audit trail.

Among the affected software are: Oracle Application Server 10g, Oracle
Collaboration Suite 10.x, Oracle Database 10.x and 9i, Oracle
E-Business Suite 11i and 12.x, Oracle Enterprise Manager 10.x, and
PeopleSoft Enterprise Human Capital Management 8.x and 9.x

Oracle users should apply updates immediately. For more information,
refer to: 
http://secunia.com/advisories/27251/

 --

A vulnerability has been reported in Apple iPod touch and Apple iPhone,
which potentially can be exploited by malicious people to compromise a
vulnerable device.

The vulnerability is caused due to an error in the processing of TIFF
images and can potentially be exploited to execute arbitrary code when
viewing a specially crafted TIFF image using, for example, the Safari
web browser. This may be related to a previously reported vulnerability
in libTIFF from August of last year.

The vulnerability is reported in iPod touch version 1.1.1 and iPhone
version 1.1.1. Other versions may also be affected.

No patch is available for this vulnerability. In the meantime Secunia
advises iPod touch and iPhone users to avoid opening untrusted TIFF
files or browsing untrusted websites. For more information, refer to:
http://secunia.com/advisories/27213/

 --

Two vulnerabilities have been reported in Opera, which can be exploited
by malicious people to conduct cross-site scripting attacks and to
compromise a user's system.

1) Opera may incorrectly launch external email or newsgroup clients,
which can be exploited to execute arbitrary commands by, for example,
visiting a malicious website. Successful exploitation requires that the
user has configured an external email or newsgroup client.

2) An error when processing frames from different websites can be
exploited to bypass the same-origin policy. This allows overwriting
functions of those frames and executing arbitrary HTML and script code
in a user's browser session in context of other sites.

Opera has released version 9.24 to solve these vulnerabilities. For
more information, refer to:
http://secunia.com/advisories/27277/

Secunia has constructed the Secunia Personal Software Inspector, which
you can use to check if your personal system is vulnerable:
https://psi.secunia.com/

Corporate users can request for a trial of the Secunia Network Software
Inspector, which you can use to check which systems in your network are
vulnerable:
http://secunia.com/network_software_inspector/

 --

VIRUS ALERTS:

During the past week Secunia collected 128 virus descriptions from the
Antivirus vendors. However, none were deemed MEDIUM risk or higher
according to the Secunia assessment scale.

========================================================================
3) This Weeks Top Ten Most Read Advisories:

1.  [SA27213] Apple iPod touch / iPhone TIFF Image Processing
              Vulnerability
2.  [SA25878] OpenSSL DTLS Implementation Vulnerability
3.  [SA23469] Internet Explorer File Download Handling Memory
              Corruption
4.  [SA26619] IrfanView Palette File Importing Buffer Overflow
              Vulnerability
5.  [SA27223] Winamp FLAC Media File Processing Integer Overflows
6.  [SA27219] KwsPHP "newsletter" SQL Injection Vulnerability
7.  [SA27196] Joomla! "searchword" Cross-Site Scripting
8.  [SA27195] MouseoverDictionary Unspecified Script Execution
              Vulnerability
9.  [SA27216] Sun Solaris update for mozilla
10. [SA27210] FLAC Media File Processing Integer Overflow
              Vulnerabilities

========================================================================
4) Vulnerabilities Summary Listing

Windows:
[SA27242] Live for Speed Buffer Overflow Vulnerability
[SA27223] Winamp FLAC Media File Processing Integer Overflows
[SA27287] Miranda Multiple Buffer Overflow Vulnerabilities
[SA27268] Okul Otomasyon Portal "id" SQL Injection
[SA27214] Cisco Products Unspecified Unauthorized Access Vulnerability

UNIX/Linux:
[SA27261] SUSE update for Sun Java
[SA27229] SUSE Update for Multiple Packages
[SA27220] eXtremail Multiple Vulnerabilities
[SA27217] Fedora update for openssl
[SA27216] Sun Solaris update for mozilla
[SA27206] Red Hat update for java
[SA27205] Red Hat update for openssl
[SA27203] Red Hat update for java-1.5.0-bea
[SA27281] Avaya Products CUPS "StreamPredictor" Multiple
Vulnerabilities
[SA27296] Cisco Unified Communications Manager Two Vulnerabilities
[SA27278] Asterisk-Addons "cdr_addon_mysql" SQL Injection
Vulnerability
[SA27254] Gentoo update for denyhosts
[SA27241] Debian update for wesnoth
[SA27237] Avaya Products Cyrus SASL DIGEST-MD5 Pre-Authentication
Denial of Service
[SA27227] SUSE update for kernel
[SA27222] Sun Solaris libtiff Multiple Vulnerabilities
[SA27218] Fedora update for wesnoth
[SA27212] Mandriva update for kernel
[SA27207] Ubuntu update for tk
[SA27275] Avaya Products Qt Overlong UTF-8 Sequence Cross-Site
Scripting
[SA27272] Gentoo update for balsa
[SA27267] HP Tru64 Internet Express update for Apache Tomcat
[SA27262] DCC SOCKS Denial Of Service Vulnerability
[SA27253] Gentoo update for ampache
[SA27239] Gentoo update for t1lib
[SA27209] HP-UX update for Apache
[SA27204] OpenSER Authentication Header Hijacking Security Issue
[SA27247] Gentoo update for skktools
[SA27244] Tramp Insecure Temporary Files
[SA27240] Gentoo update for xfs
[SA27232] Fedora update for hplip
[SA27228] SUSE update for XOrg
[SA27221] Ubuntu update for hplip
[SA27202] HPLIP hpssd Command Injection Vulnerability
[SA27235] Fedora update for openssh
[SA27265] HP-UX update for OpenSSL
[SA27224] Red Hat update for hplib
[SA27215] rPath initscripts Incorrect /var/log/btmp Permissions

Other:
[SA27213] Apple iPod touch / iPhone TIFF Image Processing
Vulnerability
[SA27236] Cisco FWSM HTTPS/MGCP Packet Processing Denial of Service
[SA27252] Nortel IP Softphone 2050 Buffer Overflow Vulnerability
[SA27274] Sun Solaris bzip2 Multiple Vulnerabilities
[SA27238] Netgear SSL312 "err" Cross-Site Scripting Vulnerability
[SA27282] Nortel CS1000 Denial of Service Vulnerability
[SA27234] Nortel Products Multiple Vulnerabilities
[SA27231] Cisco CallManager Authentication Header Hijacking Security
Issue
[SA27201] Sun StorageTek 3510 FC Array FTP Denial of Service

Cross Platform:
[SA27288] LimeSurvey "rootdir" File Inclusion Vulnerability
[SA27277] Opera Multiple Vulnerabilities
[SA27208] PicoFlat CMS "pagina" File Inclusion Vulnerability
[SA27269] artmedic CMS "page" Local File Inclusion
[SA27259] 1024 CMS Cross-Site Request Forgery Vulnerability
[SA27258] Softbiz Recipes Portal Script "sbcat_id" SQL Injection
[SA27257] PHP File Sharing System "cam" Directory Traversal
[SA27255] doop "page" Local File Inclusion Vulnerability
[SA27251] Oracle Products Multiple Vulnerabilities
[SA27250] VirtueMart Unspecified PHP Code Execution
[SA27249] IBM WebSphere Application Server Unspecified Vulnerability
[SA27230] RunCms newbb_plus Unspecified Vulnerability
[SA27219] KwsPHP "newsletter" SQL Injection Vulnerability
[SA27211] HP Select Identity Unspecified Unauthorized Access
Vulnerability
[SA27210] FLAC Media File Processing Integer Overflow Vulnerabilities
[SA27293] vbDrupal Multiple Vulnerabilities
[SA27292] Drupal Multiple Vulnerabilities
[SA27290] Drupal Code Execution and Cross-Site Request Forgery
[SA27289] Drupal Web Links Module Cross-Site Scripting
[SA27264] Simple PHP Blog Cross-Site Request Forgery
[SA27263] mnoGoSearch Default Template "t" Cross-Site Scripting
[SA27246] phpMyAdmin "server_status.php" Cross-Site Scripting
[SA27245] WebMod "auth.w" Cross-Site Scripting Vulnerability
[SA27225] InnovaPortal Multiple Cross-Site Scripting Vulnerabilities

========================================================================
5) Vulnerabilities Content Listing

Windows:--

[SA27242] Live for Speed Buffer Overflow Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-10-15

Luigi Auriemma has reported a vulnerability in Live for Speed, which
can be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/27242/

 --

[SA27223] Winamp FLAC Media File Processing Integer Overflows

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-10-12

Some vulnerabilities have been reported in Winamp, which can be
exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/27223/

 --

[SA27287] Miranda Multiple Buffer Overflow Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-10-18

Some vulnerabilities have been reported in Miranda, which potentially
can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/27287/

 --

[SA27268] Okul Otomasyon Portal "id" SQL Injection

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-10-17

dumenci has reported a vulnerability in Okul Otomasyon Portal, which
can be exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/27268/

 --

[SA27214] Cisco Products Unspecified Unauthorized Access Vulnerability

Critical:    Less critical
Where:       From local network
Impact:      Security Bypass, Manipulation of data, Exposure of
sensitive information
Released:    2007-10-18

A vulnerability has been reported in Cisco products, which can be
exploited by malicious users to bypass certain security restrictions,
disclose certain sensitive information, and manipulate certain data.

Full Advisory:
http://secunia.com/advisories/27214/


UNIX/Linux:--

[SA27261] SUSE update for Sun Java

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Manipulation of data, Exposure of system
information, Exposure of sensitive information, System access
Released:    2007-10-18

SUSE has issued an update for Sun Java. This fixes some
vulnerabilities, which can be exploited by malicious people to bypass
certain security restrictions, manipulate data, disclose
sensitive/system information, or potentially compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/27261/

 --

[SA27229] SUSE Update for Multiple Packages

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Spoofing, Privilege escalation, DoS,
System access
Released:    2007-10-15

SUSE has issued updates for multiple packages. This fixes some
vulnerabilities, which can be exploited by malicious, local users to
bypass certain security restrictions or gain escalated privileges, and
by malicious people to cause a DoS (Denial of Service) or to compromise
a vulnerable system.

Full Advisory:
http://secunia.com/advisories/27229/

 --

[SA27220] eXtremail Multiple Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-10-16

mu-b has reported multiple vulnerabilities in eXtremail, which can be
exploited by malicious people to cause a DoS (Denial of Service) or to
potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/27220/

 --

[SA27217] Fedora update for openssl

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-10-16

Fedora has issued an update for openssl. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service) or to potentially compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/27217/

 --

[SA27216] Sun Solaris update for mozilla

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-10-12

Sun Solaris has issued an update for mozilla. This fixes some
vulnerabilities, which potentially can be exploited by malicious people
to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/27216/

 --

[SA27206] Red Hat update for java

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Manipulation of data, Exposure of system
information, Exposure of sensitive information, System access
Released:    2007-10-12

Red Hat has issued an update for java. This fixes some vulnerabilities,
which can be exploited by malicious people to bypass certain security
restrictions, manipulate data, disclose sensitive and system
information, or potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/27206/

 --

[SA27205] Red Hat update for openssl

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-10-12

Red Hat has issued an update for openssl. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service) or potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/27205/

 --

[SA27203] Red Hat update for java-1.5.0-bea

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, DoS, System access
Released:    2007-10-16

Red Hat has issued an update for java-1.5.0-bea. This fixes some
vulnerabilities, which can be exploited by malicious people to bypass
certain security restrictions, conduct cross-site scripting attacks,
cause a DoS (Denial of Service), or compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/27203/

 --

[SA27281] Avaya Products CUPS "StreamPredictor" Multiple
Vulnerabilities

Critical:    Highly critical
Where:       From local network
Impact:      System access
Released:    2007-10-17

Avaya has acknowledged some vulnerabilities in various Avaya products,
which can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/27281/

 --

[SA27296] Cisco Unified Communications Manager Two Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-10-18

Two vulnerabilities have been reported in Cisco Unified Communications
Manager (CUCM), which can be exploited by malicious people to cause a
DoS (Denial of Service) or compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/27296/

 --

[SA27278] Asterisk-Addons "cdr_addon_mysql" SQL Injection
Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-10-17

A vulnerability has been reported in Asterisk-Addons, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/27278/

 --

[SA27254] Gentoo update for denyhosts

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2007-10-15

Gentoo has issued an update for denyhosts. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/27254/

 --

[SA27241] Debian update for wesnoth

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2007-10-15

Debian has issued an update for wesnoth. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/27241/

 --

[SA27237] Avaya Products Cyrus SASL DIGEST-MD5 Pre-Authentication
Denial of Service

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2007-10-17

Avaya has acknowledged a vulnerability in various Avaya products, which
can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/27237/

 --

[SA27227] SUSE update for kernel

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of sensitive information, Privilege escalation,
DoS
Released:    2007-10-15

SUSE has issued an update for the kernel. This fixes some
vulnerabilities, which can be exploited by malicious, local users to
disclose potential sensitive information, gain escalated privileges,
and cause a DoS (Denial of Service) and by malicious people to cause a
DoS.

Full Advisory:
http://secunia.com/advisories/27227/

 --

[SA27222] Sun Solaris libtiff Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-10-12

Sun has acknowledged some vulnerabilities in Sun Solaris, which can be
exploited by malicious people to cause a DoS (Denial of Service) or
potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/27222/

 --

[SA27218] Fedora update for wesnoth

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2007-10-12

Fedora has issued an update for wesnoth. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/27218/

 --

[SA27212] Mandriva update for kernel

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Privilege escalation, DoS
Released:    2007-10-16

Mandriva has issued an update for the kernel. This fixes some
vulnerabilities, which can be exploited by malicious, local users to
bypass certain security restrictions, cause a DoS (Denial of Service),
or gain escalated privileges, and by malicious people to cause a DoS.

Full Advisory:
http://secunia.com/advisories/27212/

 --

[SA27207] Ubuntu update for tk

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-10-12

Ubuntu has issued an update for tk. This fixes a vulnerability, which
can potentially be exploited by malicious people to compromise an
application using the library.

Full Advisory:
http://secunia.com/advisories/27207/

 --

[SA27275] Avaya Products Qt Overlong UTF-8 Sequence Cross-Site
Scripting

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-10-17

Avaya has acknowledged a vulnerability in various Avaya products, which
potentially can be exploited to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/27275/

 --

[SA27272] Gentoo update for balsa

Critical:    Less critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-10-17

Gentoo has issued an update for balsa. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
user's system.

Full Advisory:
http://secunia.com/advisories/27272/

 --

[SA27267] HP Tru64 Internet Express update for Apache Tomcat

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting, Exposure of sensitive information
Released:    2007-10-17

HP has issued an update for Apache Tomcat. This fixes some
vulnerabilities, which can be exploited by malicious people to disclose
potentially sensitive information or conduct cross-site scripting
attacks.

Full Advisory:
http://secunia.com/advisories/27267/

 --

[SA27262] DCC SOCKS Denial Of Service Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2007-10-16

A vulnerability has been reported in DCC, which can potentially be
exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/27262/

 --

[SA27253] Gentoo update for ampache

Critical:    Less critical
Where:       From remote
Impact:      Hijacking, Manipulation of data
Released:    2007-10-15

Gentoo has issued an update for ampache. This fixes some
vulnerabilities, which can be exploited by malicious users to conduct
SQL injection attacks and by malicious people to conduct session
fixation attacks.

Full Advisory:
http://secunia.com/advisories/27253/

 --

[SA27239] Gentoo update for t1lib

Critical:    Less critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-10-15

Gentoo has issued an update for t1lib. This fixes a vulnerability,
which can be exploited by malicious users to potentially compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/27239/

 --

[SA27209] HP-UX update for Apache

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2007-10-12

HP has issued an update for Apache. This fixes some vulnerabilities,
which can be exploited by malicious, local users and malicious people
to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/27209/

 --

[SA27204] OpenSER Authentication Header Hijacking Security Issue

Critical:    Less critical
Where:       From local network
Impact:      Hijacking
Released:    2007-10-15

A security issue has been reported in OpenSER, which can be exploited
by malicious people to hijack user sessions.

Full Advisory:
http://secunia.com/advisories/27204/

 --

[SA27247] Gentoo update for skktools

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-10-15

Gentoo has issued an update for skktools. This fixes a security issue,
which can be exploited by malicious, local users to perform certain
actions with escalated privileges.

Full Advisory:
http://secunia.com/advisories/27247/

 --

[SA27244] Tramp Insecure Temporary Files

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-10-15

Stefan Monnier has reported a vulnerability in Tramp, which can be
exploited by malicious, local users to perform certain actions with
escalated privileges.

Full Advisory:
http://secunia.com/advisories/27244/

 --

[SA27240] Gentoo update for xfs

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-10-15

Gentoo has issued an update for xfs. This fixes some vulnerabilities,
which can be exploited by malicious, local users to perform certain
actions with escalated privileges or gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/27240/

 --

[SA27232] Fedora update for hplip

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-10-15

Fedora has issued an update for hplip. This fixes a vulnerability,
which can be exploited by malicious, local users to gain escalated
privileges.

Full Advisory:
http://secunia.com/advisories/27232/

 --

[SA27228] SUSE update for XOrg

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-10-15

SUSE has issued an update for XOrg. This fixes some vulnerabilities,
which can be exploited by malicious, local users to gain escalated
privileges.

Full Advisory:
http://secunia.com/advisories/27228/

 --

[SA27221] Ubuntu update for hplip

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-10-15

Ubuntu has issued an update for hplip. This fixes a vulnerability,
which can be exploited by malicious, local users to gain escalated
privileges.

Full Advisory:
http://secunia.com/advisories/27221/

 --

[SA27202] HPLIP hpssd Command Injection Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-10-12

Kees Cook has reported a vulnerability in HPLIB, which can be exploited
by malicious, local users to gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/27202/

 --

[SA27235] Fedora update for openssh

Critical:    Not critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-10-16

Fedora has issued an update for openssh. This fixes a vulnerability,
which can be exploited by malicious people to inject certain data.

Full Advisory:
http://secunia.com/advisories/27235/

 --

[SA27265] HP-UX update for OpenSSL

Critical:    Not critical
Where:       Local system
Impact:      DoS
Released:    2007-10-17

HP has issued an update for OpenSSL. This fixes a vulnerability, which
can be exploited by malicious, local users to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/27265/

 --

[SA27224] Red Hat update for hplib

Critical:    Not critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-10-12

Red Hat has issued an update for hplib. This fixes a vulnerability,
which potentially can be exploited by malicious, local users to
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/27224/

 --

[SA27215] rPath initscripts Incorrect /var/log/btmp Permissions

Critical:    Not critical
Where:       Local system
Impact:      Exposure of sensitive information
Released:    2007-10-12

rPath has acknowledged a security issue in initscripts, which
potentially can be exploited by malicious, local users to disclose
sensitive information.

Full Advisory:
http://secunia.com/advisories/27215/


Other:--

[SA27213] Apple iPod touch / iPhone TIFF Image Processing
Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-10-12

A vulnerability has been reported in Apple iPod touch and Apple iPhone,
which potentially can be exploited by malicious people to compromise a
vulnerable device.

Full Advisory:
http://secunia.com/advisories/27213/

 --

[SA27236] Cisco FWSM HTTPS/MGCP Packet Processing Denial of Service

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2007-10-18

Cisco has acknowledged some vulnerabilities in Cisco Firewall Services
Module (FWSM), which can be exploited by malicious people to cause a
DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/27236/

 --

[SA27252] Nortel IP Softphone 2050 Buffer Overflow Vulnerability

Critical:    Moderately critical
Where:       From local network
Impact:      DoS, System access
Released:    2007-10-18

A vulnerability has been reported in Nortel IP Softphone 2050, which
can be exploited by malicious people to cause a DoS (Denial of Service)
and potentially to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/27252/

 --

[SA27274] Sun Solaris bzip2 Multiple Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Privilege escalation, DoS
Released:    2007-10-17

Sun has acknowledged a vulnerability in Sun Solaris, which can be
exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/27274/

 --

[SA27238] Netgear SSL312 "err" Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-10-18

SkyOut has reported a vulnerability in Netgear SSL312, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/27238/

 --

[SA27282] Nortel CS1000 Denial of Service Vulnerability

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2007-10-18

A vulnerability has been reported in Nortel CS1000, which potentially
can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/27282/

 --

[SA27234] Nortel Products Multiple Vulnerabilities

Critical:    Less critical
Where:       From local network
Impact:      Exposure of sensitive information, DoS
Released:    2007-10-18

Some vulnerabilities have been reported in various Nortel products,
which can be exploited by malicious people to cause a DoS (Denial of
Service) and to eavesdrop with affected devices.

Full Advisory:
http://secunia.com/advisories/27234/

 --

[SA27231] Cisco CallManager Authentication Header Hijacking Security
Issue

Critical:    Less critical
Where:       From local network
Impact:      Hijacking
Released:    2007-10-18

A security issue has been reported in Cisco CallManager, which can be
exploited by malicious people to hijack user sessions.

Full Advisory:
http://secunia.com/advisories/27231/

 --

[SA27201] Sun StorageTek 3510 FC Array FTP Denial of Service

Critical:    Not critical
Where:       From local network
Impact:      DoS
Released:    2007-10-16

Sun has acknowledged a vulnerability in Sun StorageTek 3510 FC Array,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/27201/


Cross Platform:--

[SA27288] LimeSurvey "rootdir" File Inclusion Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-10-18

S.W.A.T. has discovered a vulnerability in LimeSurvey, which can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/27288/

 --

[SA27277] Opera Multiple Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      Cross Site Scripting, System access, Unknown
Released:    2007-10-17

Some vulnerabilities have been reported in Opera, where one
vulnerability has an unknown impact and others can be exploited by
malicious people to conduct cross-site scripting attacks and to
compromise a user's system.

Full Advisory:
http://secunia.com/advisories/27277/

 --

[SA27208] PicoFlat CMS "pagina" File Inclusion Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information, System access
Released:    2007-10-12

0in has reported a vulnerability in PicoFlat CMS, which can be
exploited by malicious people to disclose sensitive information or to
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/27208/

 --

[SA27269] artmedic CMS "page" Local File Inclusion

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information
Released:    2007-10-17

iNs has discovered a vulnerability in artmedic CMS, which can be
exploited by malicious people to disclose sensitive information.

Full Advisory:
http://secunia.com/advisories/27269/

 --

[SA27259] 1024 CMS Cross-Site Request Forgery Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Hijacking
Released:    2007-10-17

nights shadow has discovered a vulnerability in 1024 CMS, which can be
exploited by malicious people to conduct cross-site request forgery
attacks.

Full Advisory:
http://secunia.com/advisories/27259/

 --

[SA27258] Softbiz Recipes Portal Script "sbcat_id" SQL Injection

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-10-15

IRCRASH has reported a vulnerability in Softbiz Recipes Portal Script,
which can be exploited by malicious people to conduct SQL injection
attacks.

Full Advisory:
http://secunia.com/advisories/27258/

 --

[SA27257] PHP File Sharing System "cam" Directory Traversal

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data, Exposure of sensitive information
Released:    2007-10-16

Jonas Thambert has discovered a vulnerability in PHP File Sharing
System, which can be exploited by malicious people to conduct directory
traversal attacks.

Full Advisory:
http://secunia.com/advisories/27257/

 --

[SA27255] doop "page" Local File Inclusion Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information
Released:    2007-10-16

vladii has discovered a vulnerability in doop, which can be exploited
by malicious people to disclose sensitive information.

Full Advisory:
http://secunia.com/advisories/27255/

 --

[SA27251] Oracle Products Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Unknown, Manipulation of data, Exposure of sensitive
information, DoS
Released:    2007-10-17

Multiple vulnerabilities have been reported for various Oracle
products. Some have unknown impacts, others can be exploited to
disclose sensitive information, conduct SQL injection attacks, or to
cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/27251/

 --

[SA27250] VirtueMart Unspecified PHP Code Execution

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2007-10-16

A vulnerability has been reported in VirtueMart, which can be exploited
by malicious users to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/27250/

 --

[SA27249] IBM WebSphere Application Server Unspecified Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Unknown
Released:    2007-10-15

A vulnerability with an unknown impact has been reported in IBM
WebSphere Application Server.

Full Advisory:
http://secunia.com/advisories/27249/

 --

[SA27230] RunCms newbb_plus Unspecified Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Unknown
Released:    2007-10-17

A vulnerability with an unknown impact has been reported in RunCms.

Full Advisory:
http://secunia.com/advisories/27230/

 --

[SA27219] KwsPHP "newsletter" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-10-12

S4mi has discovered a vulnerability in KwsPHP, which can be exploited
by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/27219/

 --

[SA27211] HP Select Identity Unspecified Unauthorized Access
Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2007-10-12

A vulnerability has been reported in HP Select Identity, which can be
exploited by malicious people to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/27211/

 --

[SA27210] FLAC Media File Processing Integer Overflow Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2007-10-12

Some vulnerabilities have been reported in FLAC, which can be exploited
by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/27210/

 --

[SA27293] vbDrupal Multiple Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, System access
Released:    2007-10-18

Some vulnerabilities have been reported in vbDrupal, which can be
exploited by malicious users to conduct HTTP response splitting
attacks, and by malicious people to conduct cross-site scripting and
cross-site request forgery attacks, bypass certain security
restrictions, and compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/27293/

 --

[SA27292] Drupal Multiple Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting
Released:    2007-10-18

Some vulnerabilities have been reported in Drupal, which can be
exploited by malicious people to conduct cross-site scripting attacks
and bypass certain security restrictions, and by malicious users to
conduct HTTP response splitting attacks.

Full Advisory:
http://secunia.com/advisories/27292/

 --

[SA27290] Drupal Code Execution and Cross-Site Request Forgery

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting, System access
Released:    2007-10-18

Some vulnerabilities have been reported in Drupal, which can be
exploited by malicious people to conduct cross-site request forgery
attacks and to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/27290/

 --

[SA27289] Drupal Web Links Module Cross-Site Scripting

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-10-18

Brandon Bergren has reported a vulnerability in the Web Links module
for Drupal, which can be exploited by malicious people to conduct
cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/27289/

 --

[SA27264] Simple PHP Blog Cross-Site Request Forgery

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-10-18

Demential has discovered a vulnerability in Simple PHP Blog, which can
be exploited by malicious people to conduct cross-site request forgery
attacks.

Full Advisory:
http://secunia.com/advisories/27264/

 --

[SA27263] mnoGoSearch Default Template "t" Cross-Site Scripting

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-10-18

A vulnerability has been reported in mnoGoSearch, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/27263/

 --

[SA27246] phpMyAdmin "server_status.php" Cross-Site Scripting

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-10-18

Omer Singer has discovered a vulnerability in phpMyAdmin, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/27246/

 --

[SA27245] WebMod "auth.w" Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-10-16

Nemessis has reported a vulnerability in WebMod, which can be exploited
by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/27245/

 --

[SA27225] InnovaPortal Multiple Cross-Site Scripting Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-10-18

Jose Luis Gngora Fernndez has reported some vulnerabilities in
InnovaPortal, which can be exploited by malicious people to conduct
cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/27225/



========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Subscribe:
http://secunia.com/secunia_weekly_summary/

Contact details:
Web	: http://secunia.com/
E-mail	: support@private
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45


__________________________________________________________________      
CSI 2007 is the only conference that delivers a business-focused
overview of enterprise security. It will convene 1,500+ delegates,
80 exhibitors and features 100+ sessions/seminars providing a
roadmap for integrating policies and procedures with new tools
and techniques.  Register now for savings on conference fees   
and/or free exhibits admission. - www.csiannual.com



This archive was generated by hypermail 2.1.3 : Thu Oct 18 2007 - 22:38:41 PDT