======================================================================== The Secunia Weekly Advisory Summary 2007-11-01 - 2007-11-08 This week: 93 advisories ======================================================================== Table of Contents: 1.....................................................Word From Secunia 2....................................................This Week In Brief 3...............................This Weeks Top Ten Most Read Advisories 4.......................................Vulnerabilities Summary Listing 5.......................................Vulnerabilities Content Listing ======================================================================== 1) Word From Secunia: 2003: 2,700 advisories published 2004: 3,100 advisories published 2005: 4,600 advisories published 2006: 5,300 advisories published How do you know which Secunia advisories are important to you? The Secunia Vulnerability Intelligence Solutions allows you to filter and structure all the information you need, so you can address issues effectively. Get a free trial of the Secunia Vulnerability Intelligence Solutions: http://corporate.secunia.com/how_to_buy/38/vi/?ref=summary_sm ======================================================================== 2) This Week in Brief: Multiple vulnerabilities have been reported in Apple QuickTime, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, and compromise a user's system. An error in the handling of image description atoms can be exploited to cause memory corruption when a user opens a specially crafted movie file. Boundary errors in the handling of Sample Table Sample Descriptor (STSD) atoms and processing of panorama sample atoms in QTVR (QuickTime Virtual Reality) movie files can be exploited to cause heap-based buffer overflows when a user opens a specially crafted movie file. A boundary error in the processing of PICT image files can be exploited to cause a stack-based buffer overflow when a user opens a specially crafted PICT image file containing an invalid length for the "UncompressedQuickTimeData" opcode. Errors exist in the parsing of Poly type opcodes (opcodes 0x0070-74) and the PackBitsRgn field (Opcode 0x0099) when processing PICT image files. These can be exploited to cause heap corruption when a user opens a specially crafted PICT image file. An error in the parsing of CTAB atoms can be exploited to cause a heap-based buffer overflow when a user opens a specially crafted movie file containing an invalid color table. QuickTime for Java also contains multiple errors, which can be exploited by untrusted Java applets to disclose sensitive information or to execute arbitrary code with escalated privileges when a user visits a web page containing a malicious Java applet. Successful exploitation of these vulnerabilities allows execution of arbitrary code. Apple has released version 7.3, which is not affected by these vulnerabilities. Users with Quicktime installed are encouraged to update immediately. Secunia has constructed the Secunia Personal Software Inspector, which you can use to check if your personal system is vulnerable: https://psi.secunia.com/ Corporate users can request for a trial of the Secunia Network Software Inspector, which you can use to check which systems in your network are vulnerable: http://secunia.com/network_software_inspector/ -- Two vulnerabilities in the IBM Websphere Server Community Edition were also disclosed this week. The first vulnerability is due to the affected applications using a version of SQLLoginModule that is vulnerable to being exploited by malicious people to bypass security restrictions. For more information, refer to: http://secunia.com/advisories/27478/ The second vulnerability is due to the affected applications using a configured write-enabled Webdav servlet that is vulnerable to being exploited by malicious users to disclose potentially sensitive information. For more information, refer to: http://secunia.com/advisories/27446/ Both vulnerabilities remain unpatched. However, a vendor workaround exists for the vulnerability due to the Webdav servlet. -- A vulnerability has been reported in the Microsoft Sysinternals DebugView tool, which can be exploited by malicious, local users to gain escalated privileges. The problem is that the application loads the Dbgv.sys driver, which is accessible by all users. This driver includes a certain unspecified function that can be exploited, for example, to copy arbitrary data to an arbitrary address. Successful exploitation allows execution of arbitrary code with kernel privileges, but requires that the application is first started by a user with administrative privileges. The vulnerability is reported in version 4.64 and fixed in version 4.72. Other versions may also be affected. For more information, refer to: http://secunia.com/advisories/27552/ Secunia has constructed the Secunia Personal Software Inspector, which you can use to check if your personal system is vulnerable: https://psi.secunia.com/ Corporate users can request for a trial of the Secunia Network Software Inspector, which you can use to check which systems in your network are vulnerable: http://secunia.com/network_software_inspector/ -- Secunia Research has discovered some highly critical vulnerabilities in Xpdf, which can be exploited by malicious people to compromise a user's system. An array indexing error within the "DCTStream::readProgressiveDataUnit()" method in xpdf/Stream.cc can be exploited to corrupt memory via a specially crafted PDF file. An integer overflow error within the "DCTStream::reset()" method in xpdf/Stream.cc can be exploited to cause a heap-based buffer overflow via a specially crafted PDF file. A boundary error within the "CCITTFaxStream::lookChar()" method in xpdf/Stream.cc can be exploited to cause a heap-based buffer overflow by tricking a user into opening a PDF file containing a specially crafted "CCITTFaxDecode" filter. These vulnerabilities have also been discovered to exist in other applications that use the vulnerable Xpdf code, such as Poppler, KDE, KOffice, and GNOME gpdf. The vendor has released patches for Xpdf. Other vulnerable applications may not yet be patched. For more information, refer to the following: http://secunia.com/advisories/27260/ http://secunia.com/advisories/27553/ http://secunia.com/advisories/27578/ -- VIRUS ALERTS: During the past week Secunia collected 156 virus descriptions from the Antivirus vendors. However, none were deemed MEDIUM risk or higher according to the Secunia assessment scale. ======================================================================== 3) This Weeks Top Ten Most Read Advisories: 1. [SA27523] Apple QuickTime Multiple Vulnerabilities 2. [SA27469] SonicWALL SSL VPN ActiveX Controls Multiple Vulnerabilities 3. [SA27509] IBM Lotus Domino Web Server Cross-Site Scripting Vulnerability 4. [SA21910] Internet Explorer Multiple Vulnerabilities 5. [SA27498] Symantec Mail Security Appliance File Parsing Vulnerabilities 6. [SA27488] Symantec AntiVirus for Macintosh Privilege Escalation Weakness 7. [SA25952] ACDSee Products Image and Archive Plug-ins Buffer Overflows 8. [SA27500] Ourgame GLWorld GlobalLink Chat Control Buffer Overflows 9. [SA27507] Fedora update for flac 10. [SA27506] Fedora update for phpmyadmin ======================================================================== 4) Vulnerabilities Summary Listing Windows: [SA27561] SSReader Pdg2 Control ActiveX Control Buffer Overflow Vulnerability [SA27500] Ourgame GLWorld GlobalLink Chat Control Buffer Overflows [SA27569] Cerberus FTP Server Web Interface Cross-Site Scripting Vulnerability [SA27552] Microsoft Sysinternals DebugView Dbgv.sys Privilege Escalation UNIX/Linux: [SA27580] Red Hat update for tcpdump [SA27578] KDE and KOffice "Stream.cc" Multiple Vulnerabilities [SA27575] Red Hat update for gpdf [SA27574] Red Hat update for xpdf [SA27573] Red Hat update for poppler [SA27556] Cypress Malicious Code Execution Vulnerability [SA27553] Poppler "Stream.cc" Multiple Vulnerabilities [SA27520] Debian update for perdition [SA27513] Fedora update for firefox [SA27510] Fedora update for thunderbird [SA27592] Red Hat update for wireshark [SA27579] Red Hat update for tetex [SA27577] Red Hat update for cups [SA27554] rPath update for pcre [SA27551] MyWebFTP pass.php Information Disclosure [SA27548] Red Hat update for perl [SA27547] Red Hat update for pcre [SA27545] Avaya Products PHP Multiple Vulnerabilities [SA27543] PCRE Multiple Vulnerabilities [SA27538] Debian update for pcre3 [SA27531] Mandriva update for perl [SA27524] Mandriva update for opal [SA27507] Fedora update for flac [SA27503] Gentoo update for sitebar [SA27502] Gentoo update for gallery [SA27501] Gentoo update for gftp [SA27540] Ubuntu update for cups [SA27499] Mandriva update for cups [SA27496] Fedora update for nagios-plugins [SA27494] Fedora update for cups [SA27593] Red Hat update for httpd [SA27590] Red Hat update for pam [SA27588] Red Hat update for openssh [SA27583] Gentoo update for mono [SA27563] Gentoo update for apache [SA27562] Gentoo update for python [SA27555] Linux Kernel "ieee80211_rx()" Denial of Service Vulnerability [SA27544] Avaya Products Star Directory Traversal Vulnerability [SA27541] Gentoo update for madwifi [SA27532] SkaLinks Cross-Site Request Forgery [SA27529] Gentoo update for libpng [SA27518] Mandriva update for pwlib [SA27516] Fedora update for proftpd [SA27515] rPath update for perl [SA27506] Fedora update for phpmyadmin [SA27505] Avaya Messaging Products Web Interface Denial of Service [SA27492] Fedora update for libpng [SA27484] NetCommons Unspecified Cross-Site Scripting Vulnerability [SA27558] Net-snmp GETBULK Denial of Service Vulnerability [SA27591] Red Hat update for coolkey [SA27586] GForge Insecure Temporary Files [SA27560] Mandriva update for xfs [SA27549] Debian update for gforge [SA27528] Avaya Products Linux Kernel Multiple Vulnerabilities [SA27512] Sun SRS Net Connect Software "srsexec" Format String Vulnerability [SA27511] Debian update for mono [SA27497] Fedora update for xen [SA27491] Fedora update for liferea [SA27486] Mandriva update for xen [SA27557] Red Hat Update for rhpki-util, rhpki-common, and rhpki-ca [SA27514] Fedora update for tar [SA27495] Fedora update for pidgin [SA27489] Mandriva update for netpbm [SA27589] Red Hat update for mcstrans [SA27536] Avaya CMS / IR Sun Solaris Kernel Statistics Retrieval Denial of Service [SA27519] Sun Solaris SVM Denial of Service Weakness [SA27488] Symantec AntiVirus for Macintosh Privilege Escalation Weakness [SA27483] iSCSI Enterprise Target "/etc/ietd.conf" Information Disclosure Weakness Other: [SA27498] Symantec Mail Security Appliance File Parsing Vulnerabilities Cross Platform: [SA27533] JBC Explorer Security Bypass and PHP Code Execution [SA27530] Plone "statusmessages" and "linkintegrity" Modules Code Execution [SA27527] SyndeoCMS "cmsdir" File Inclusion Vulnerability [SA27523] Apple QuickTime Multiple Vulnerabilities [SA27582] PCRE Regex Parsing Multiple Vulnerabilities [SA27546] Perl Regular Expressions Unicode Data Buffer Overflow [SA27517] E-Vendejo "id" SQL Injection Vulnerability [SA27508] GNU Emacs Local Variable Processing Vulnerability [SA27504] PicoFlat CMS Administration Security Bypass [SA27542] IBM Informix Dynamic Server Unspecified Directory Traversal and Denial of Service [SA27526] Oracle Database PITRIG_DROPMETADATA Buffer Overflow Vulnerability [SA27525] OpenBase SQL Command Injection and Buffer Overflow [SA27539] Perl Archive::Tar Directory Traversal Vulnerability [SA27535] C++ Sockets Library HTTPSocket Denial of Service Vulnerability [SA27534] Coppermine Photo Gallery "data" Cross-Site Scripting [SA27509] IBM Lotus Domino Web Server Cross-Site Scripting Vulnerability [SA27493] Mono Mono.Math.BigInteger Vulnerability [SA27490] Helios Calendar "username" Cross-Site Scripting Vulnerability [SA27487] SF-Shoutbox "nick" and "shout" Script Insertion Vulnerabilities [SA27485] sBlog Cross-Site Request Forgery ======================================================================== 5) Vulnerabilities Content Listing Windows:-- [SA27561] SSReader Pdg2 Control ActiveX Control Buffer Overflow Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2007-11-07 A vulnerability has been discovered in SSReader, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/27561/ -- [SA27500] Ourgame GLWorld GlobalLink Chat Control Buffer Overflows Critical: Highly critical Where: From remote Impact: System access Released: 2007-11-02 Some vulnerabilities have been discovered in Ourgame GLWorld, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/27500/ -- [SA27569] Cerberus FTP Server Web Interface Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-11-08 A vulnerability has been reported in Cerberus FTP Server, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/27569/ -- [SA27552] Microsoft Sysinternals DebugView Dbgv.sys Privilege Escalation Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2007-11-07 A vulnerability has been reported in Microsoft Sysinternals DebugView, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/27552/ UNIX/Linux:-- [SA27580] Red Hat update for tcpdump Critical: Highly critical Where: From remote Impact: System access, DoS Released: 2007-11-08 Red Hat has issued an update for tcpdump. This fixes some vulnerabilities, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a user's system. Full Advisory: http://secunia.com/advisories/27580/ -- [SA27578] KDE and KOffice "Stream.cc" Multiple Vulnerabilities Critical: Highly critical Where: From remote Impact: System access Released: 2007-11-08 Some vulnerabilities have been reported in KDE and KOffice, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/27578/ -- [SA27575] Red Hat update for gpdf Critical: Highly critical Where: From remote Impact: System access Released: 2007-11-08 Red Hat has issued an update for gpdf. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/27575/ -- [SA27574] Red Hat update for xpdf Critical: Highly critical Where: From remote Impact: System access Released: 2007-11-08 Red Hat has issued an update for xpdf. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/27574/ -- [SA27573] Red Hat update for poppler Critical: Highly critical Where: From remote Impact: System access Released: 2007-11-08 Red Hat has issued an update for poppler. This fixes some vulnerabilities, which can be exploited by malicious people to compromise an application using the library. Full Advisory: http://secunia.com/advisories/27573/ -- [SA27556] Cypress Malicious Code Execution Vulnerability Critical: Highly critical Where: From remote Impact: Exposure of sensitive information, System access Released: 2007-11-07 Chris has reported a vulnerability in the Cypress script for BitchX, which can be exploited by malicious people to disclose potentially sensitive information or to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27556/ -- [SA27553] Poppler "Stream.cc" Multiple Vulnerabilities Critical: Highly critical Where: From remote Impact: System access Released: 2007-11-08 Some vulnerabilities have been reported in Poppler, which can be exploited by malicious people to compromise an application using the library. Full Advisory: http://secunia.com/advisories/27553/ -- [SA27520] Debian update for perdition Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2007-11-06 Debian has issued an update for perdition. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27520/ -- [SA27513] Fedora update for firefox Critical: Highly critical Where: From remote Impact: Cross Site Scripting, DoS, System access Released: 2007-11-06 Fedora has issued an update for firefox. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27513/ -- [SA27510] Fedora update for thunderbird Critical: Highly critical Where: From remote Impact: Cross Site Scripting, DoS, System access Released: 2007-11-06 Fedora has issued an update for thunderbird. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27510/ -- [SA27592] Red Hat update for wireshark Critical: Moderately critical Where: From remote Impact: DoS Released: 2007-11-08 Red Hat has issued an update for wireshark. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/27592/ -- [SA27579] Red Hat update for tetex Critical: Moderately critical Where: From remote Impact: System access Released: 2007-11-08 Red Hat has issued an update for tetex. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/27579/ -- [SA27577] Red Hat update for cups Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2007-11-08 Red Hat has issued an update for cups. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27577/ -- [SA27554] rPath update for pcre Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information, DoS, System access Released: 2007-11-07 rPath has issued an update for pcre. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service), disclose sensitive information, or potentially compromise an application using the library. Full Advisory: http://secunia.com/advisories/27554/ -- [SA27551] MyWebFTP pass.php Information Disclosure Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information Released: 2007-11-07 Aria-Security Team have discovered a security issue in MyWebFTP, which can be exploited by malicious people to gain knowledge of sensitive information. Full Advisory: http://secunia.com/advisories/27551/ -- [SA27548] Red Hat update for perl Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2007-11-06 Red Hat has issued an update for perl. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27548/ -- [SA27547] Red Hat update for pcre Critical: Moderately critical Where: From remote Impact: System access Released: 2007-11-06 Red Hat has issued an update for pcre. This fixes some vulnerabilities, which can be exploited by malicious people to compromise an application using the library. Full Advisory: http://secunia.com/advisories/27547/ -- [SA27545] Avaya Products PHP Multiple Vulnerabilities Critical: Moderately critical Where: From remote Impact: Unknown, Security Bypass, DoS Released: 2007-11-06 Avaya has acknowledged some vulnerabilities in multiple Avaya products, where some have unknown impacts and others can be exploited by malicious users to bypass certain security restrictions or by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/27545/ -- [SA27543] PCRE Multiple Vulnerabilities Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information, DoS, System access Released: 2007-11-06 Some vulnerabilities have been reported in PCRE, which can be exploited by malicious people to cause a DoS (Denial of Service), disclose sensitive information, or potentially compromise an application using the library. Full Advisory: http://secunia.com/advisories/27543/ -- [SA27538] Debian update for pcre3 Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information, DoS, System access Released: 2007-11-06 Debian has issued an update for pcre3. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service), disclose sensitive information, or potentially compromise an application using the library. Full Advisory: http://secunia.com/advisories/27538/ -- [SA27531] Mandriva update for perl Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2007-11-06 Mandriva has issued an update for perl. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27531/ -- [SA27524] Mandriva update for opal Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2007-11-05 Mandriva has issued an update for opal. This fixes a vulnerability, which can be exploited by malicious people to compromise an application using the library. Full Advisory: http://secunia.com/advisories/27524/ -- [SA27507] Fedora update for flac Critical: Moderately critical Where: From remote Impact: System access Released: 2007-11-02 Fedora has issued an update for flac. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/27507/ -- [SA27503] Gentoo update for sitebar Critical: Moderately critical Where: From remote Impact: Cross Site Scripting, Exposure of sensitive information, System access Released: 2007-11-07 Gentoo has issued an update for sitebar. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks, or by malicious users to disclose potentially sensitive information and compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27503/ -- [SA27502] Gentoo update for gallery Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2007-11-02 Gentoo has issued an update for gallery. This fixes some vulnerabilities, which can be exploited by malicious users to manipulate data. Full Advisory: http://secunia.com/advisories/27502/ -- [SA27501] Gentoo update for gftp Critical: Moderately critical Where: From remote Impact: System access Released: 2007-11-02 Gentoo has issued an update for gftp. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/27501/ -- [SA27540] Ubuntu update for cups Critical: Moderately critical Where: From local network Impact: System access Released: 2007-11-06 Ubuntu has issued an update for cups. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27540/ -- [SA27499] Mandriva update for cups Critical: Moderately critical Where: From local network Impact: System access Released: 2007-11-02 Mandriva has issued an update for cups. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27499/ -- [SA27496] Fedora update for nagios-plugins Critical: Moderately critical Where: From local network Impact: DoS, System access Released: 2007-11-02 Fedora has issued an update for nagios-plugins. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27496/ -- [SA27494] Fedora update for cups Critical: Moderately critical Where: From local network Impact: System access Released: 2007-11-02 Fedora has issued an update for cups. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27494/ -- [SA27593] Red Hat update for httpd Critical: Less critical Where: From remote Impact: DoS Released: 2007-11-08 Red Hat has issued an update for httpd. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/27593/ -- [SA27590] Red Hat update for pam Critical: Less critical Where: From remote Impact: Manipulation of data, Exposure of sensitive information Released: 2007-11-08 Red Hat has issued an update for pam. This fixes a vulnerability and a security issue, which can be exploited by malicious, local users to disclose sensitive information and by malicious users to inject certain data. Full Advisory: http://secunia.com/advisories/27590/ -- [SA27588] Red Hat update for openssh Critical: Less critical Where: From remote Impact: Manipulation of data, Exposure of system information Released: 2007-11-08 Red Hat has issued an update for openssh. This fixes a vulnerability and a weakness, which can be exploited by malicious people to disclose certain system information and to inject certain data. Full Advisory: http://secunia.com/advisories/27588/ -- [SA27583] Gentoo update for mono Critical: Less critical Where: From remote Impact: Unknown Released: 2007-11-08 Gentoo has issued an update for mono. This fixes a vulnerability with an unknown impact. Full Advisory: http://secunia.com/advisories/27583/ -- [SA27563] Gentoo update for apache Critical: Less critical Where: From remote Impact: Cross Site Scripting, DoS Released: 2007-11-08 Gentoo has issued an update for apache. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and by malicious people to conduct cross-site scripting attacks and cause a DoS. Full Advisory: http://secunia.com/advisories/27563/ -- [SA27562] Gentoo update for python Critical: Less critical Where: From remote Impact: DoS, System access Released: 2007-11-08 Gentoo has issued an update for python. This fixes a security issue, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27562/ -- [SA27555] Linux Kernel "ieee80211_rx()" Denial of Service Vulnerability Critical: Less critical Where: From remote Impact: DoS Released: 2007-11-08 A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/27555/ -- [SA27544] Avaya Products Star Directory Traversal Vulnerability Critical: Less critical Where: From remote Impact: System access Released: 2007-11-06 Avaya has acknowledged a vulnerability in various Avaya products, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/27544/ -- [SA27541] Gentoo update for madwifi Critical: Less critical Where: From remote Impact: DoS Released: 2007-11-08 Gentoo has issued an update for madwifi. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/27541/ -- [SA27532] SkaLinks Cross-Site Request Forgery Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-11-06 Vincy has discovered a vulnerability in SkaLinks, which can be exploited by malicious people to conduct cross-site request forgery attacks. Full Advisory: http://secunia.com/advisories/27532/ -- [SA27529] Gentoo update for libpng Critical: Less critical Where: From remote Impact: DoS Released: 2007-11-08 Gentoo has issued an update for libpng. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/27529/ -- [SA27518] Mandriva update for pwlib Critical: Less critical Where: From remote Impact: DoS Released: 2007-11-05 Mandriva has issued an update for pwlib. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/27518/ -- [SA27516] Fedora update for proftpd Critical: Less critical Where: From remote Impact: Security Bypass Released: 2007-11-06 Fedora has issued an update for proftpd. This fixes a security issue, which potentially can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/27516/ -- [SA27515] rPath update for perl Critical: Less critical Where: From remote Impact: DoS, System access Released: 2007-11-07 rPath has issued an update for perl. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27515/ -- [SA27506] Fedora update for phpmyadmin Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-11-02 Fedora has issued an update for phpmyadmin. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/27506/ -- [SA27505] Avaya Messaging Products Web Interface Denial of Service Critical: Less critical Where: From remote Impact: DoS Released: 2007-11-02 A vulnerability has been reported in multiple Avaya Messaging Products, which potentially can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/27505/ -- [SA27492] Fedora update for libpng Critical: Less critical Where: From remote Impact: DoS Released: 2007-11-06 Fedora has issued an update for libpng. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/27492/ -- [SA27484] NetCommons Unspecified Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-11-05 A vulnerability has been reported in NetCommons, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/27484/ -- [SA27558] Net-snmp GETBULK Denial of Service Vulnerability Critical: Less critical Where: From local network Impact: DoS Released: 2007-11-08 A vulnerability has been reported in Net-snmp, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/27558/ -- [SA27591] Red Hat update for coolkey Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2007-11-08 Red Hat has issued an update for coolkey. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions with escalated privileges. Full Advisory: http://secunia.com/advisories/27591/ -- [SA27586] GForge Insecure Temporary Files Critical: Less critical Where: Local system Impact: Manipulation of data Released: 2007-11-08 Steve Kemp has reported a security issue in GForge, which can be exploited by malicious, local users to truncate arbitrary files. Full Advisory: http://secunia.com/advisories/27586/ -- [SA27560] Mandriva update for xfs Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2007-11-07 Mandriva has issued an update for xfs. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/27560/ -- [SA27549] Debian update for gforge Critical: Less critical Where: Local system Impact: Manipulation of data Released: 2007-11-08 Debian has issued an update for gforge. This fixes a security issue, which can be exploited by malicious, local users to truncate arbitrary files. Full Advisory: http://secunia.com/advisories/27549/ -- [SA27528] Avaya Products Linux Kernel Multiple Vulnerabilities Critical: Less critical Where: Local system Impact: Exposure of sensitive information, DoS Released: 2007-11-06 Avaya has acknowledged some vulnerabilities in various Avaya products, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or to disclose potentially sensitive information. Full Advisory: http://secunia.com/advisories/27528/ -- [SA27512] Sun SRS Net Connect Software "srsexec" Format String Vulnerability Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2007-11-05 A vulnerability has been reported in SRS Net Connect Software, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/27512/ -- [SA27511] Debian update for mono Critical: Less critical Where: Local system Impact: Unknown Released: 2007-11-06 Debian has issued an update for mono. This fixes a vulnerability, which has unknown impacts. Full Advisory: http://secunia.com/advisories/27511/ -- [SA27497] Fedora update for xen Critical: Less critical Where: Local system Impact: Manipulation of data Released: 2007-11-02 Fedora has issued an update for xen. This fixes a security issue, which can be exploited by malicious, local users to truncate arbitrary files. Full Advisory: http://secunia.com/advisories/27497/ -- [SA27491] Fedora update for liferea Critical: Less critical Where: Local system Impact: Exposure of sensitive information Released: 2007-11-02 Fedora has issued an update for liferea. This fixes a security issue, which can be exploited by malicious, local users to disclose sensitive information. Full Advisory: http://secunia.com/advisories/27491/ -- [SA27486] Mandriva update for xen Critical: Less critical Where: Local system Impact: Security Bypass, Manipulation of data, Privilege escalation Released: 2007-11-02 Mandriva has issued an update for xen. This fixes some vulnerabilities, which can be exploited by malicious, local users to truncate arbitrary files, bypass certain security restrictions, or gain escalated privileges. Full Advisory: http://secunia.com/advisories/27486/ -- [SA27557] Red Hat Update for rhpki-util, rhpki-common, and rhpki-ca Critical: Not critical Where: From remote Impact: Security Bypass Released: 2007-11-08 Red Hat has issued an update for rhpki-util, rhpki-common, and rhpki-ca. This fixes a security issue, which can result in bypassing certain security restrictions. Full Advisory: http://secunia.com/advisories/27557/ -- [SA27514] Fedora update for tar Critical: Not critical Where: From remote Impact: DoS Released: 2007-11-06 Fedora has issued an update for tar. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/27514/ -- [SA27495] Fedora update for pidgin Critical: Not critical Where: From remote Impact: DoS Released: 2007-11-02 Fedora has issued an update for pidgin. This fixes a weakness, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/27495/ -- [SA27489] Mandriva update for netpbm Critical: Not critical Where: From remote Impact: DoS Released: 2007-11-06 Mandriva has issued an update for netpbm. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/27489/ -- [SA27589] Red Hat update for mcstrans Critical: Not critical Where: Local system Impact: DoS Released: 2007-11-08 Red Hat has issued an update for mcstrans. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial if Service). Full Advisory: http://secunia.com/advisories/27589/ -- [SA27536] Avaya CMS / IR Sun Solaris Kernel Statistics Retrieval Denial of Service Critical: Not critical Where: Local system Impact: DoS Released: 2007-11-05 Avaya has acknowledged some vulnerabilities in Avaya CMS and IR, which can be exploited by malicious, local users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/27536/ -- [SA27519] Sun Solaris SVM Denial of Service Weakness Critical: Not critical Where: Local system Impact: DoS Released: 2007-11-08 A weakness has been reported in Sun Solaris, which can be exploited by malicious, local users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/27519/ -- [SA27488] Symantec AntiVirus for Macintosh Privilege Escalation Weakness Critical: Not critical Where: Local system Impact: Privilege escalation Released: 2007-11-02 A weakness has been reported in Symantec AntiVirus for Macintosh and Norton AntiVirus for Macintosh, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/27488/ -- [SA27483] iSCSI Enterprise Target "/etc/ietd.conf" Information Disclosure Weakness Critical: Not critical Where: Local system Impact: Exposure of sensitive information Released: 2007-11-02 A weakness has been discovered in iSCSI Enterprise Target, which can be exploited by malicious, local users to disclose sensitive information. Full Advisory: http://secunia.com/advisories/27483/ Other:-- [SA27498] Symantec Mail Security Appliance File Parsing Vulnerabilities Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2007-11-02 Multiple vulnerabilities have been reported in Symantec Mail Security Appliance, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27498/ Cross Platform:-- [SA27533] JBC Explorer Security Bypass and PHP Code Execution Critical: Highly critical Where: From remote Impact: Security Bypass, System access Released: 2007-11-06 DarkFig has discovered a vulnerability in JBC Explorer, which can be exploited by malicious people to bypass certain security restrictions and compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27533/ -- [SA27530] Plone "statusmessages" and "linkintegrity" Modules Code Execution Critical: Highly critical Where: From remote Impact: System access Released: 2007-11-06 Two vulnerabilities have been reported in Plone, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27530/ -- [SA27527] SyndeoCMS "cmsdir" File Inclusion Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2007-11-05 Mdx has reported a vulnerability in SyndeoCMS, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27527/ -- [SA27523] Apple QuickTime Multiple Vulnerabilities Critical: Highly critical Where: From remote Impact: Security Bypass, Exposure of sensitive information, System access Released: 2007-11-06 Some vulnerabilities have been reported in Apple QuickTime, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, and compromise a user's system. Full Advisory: http://secunia.com/advisories/27523/ -- [SA27582] PCRE Regex Parsing Multiple Vulnerabilities Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2007-11-08 Chris Evans has reported some vulnerabilities in PCRE, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library. Full Advisory: http://secunia.com/advisories/27582/ -- [SA27546] Perl Regular Expressions Unicode Data Buffer Overflow Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2007-11-06 Tavis Ormandy and Will Drewry have reported a vulnerability in Perl, which potentially can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27546/ -- [SA27517] E-Vendejo "id" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2007-11-05 R00T[ATI] has reported a vulnerability in E-Vendejo, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/27517/ -- [SA27508] GNU Emacs Local Variable Processing Vulnerability Critical: Moderately critical Where: From remote Impact: System access Released: 2007-11-05 Drake Wilson has reported a vulnerability in GNU Emacs, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/27508/ -- [SA27504] PicoFlat CMS Administration Security Bypass Critical: Moderately critical Where: From remote Impact: Security Bypass, Manipulation of data Released: 2007-11-07 Some vulnerabilities have been reported in PicoFlat CMS, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/27504/ -- [SA27542] IBM Informix Dynamic Server Unspecified Directory Traversal and Denial of Service Critical: Moderately critical Where: From local network Impact: Unknown, DoS Released: 2007-11-07 Some vulnerabilities have been reported in IBM Informix Dynamic Server, one of which has an unknown impact and another can be exploited to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/27542/ -- [SA27526] Oracle Database PITRIG_DROPMETADATA Buffer Overflow Vulnerability Critical: Moderately critical Where: From local network Impact: System access Released: 2007-11-08 A vulnerability has been reported in Oracle Database, which can be exploited by malicious users to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27526/ -- [SA27525] OpenBase SQL Command Injection and Buffer Overflow Critical: Moderately critical Where: From local network Impact: DoS, System access Released: 2007-11-06 Some vulnerabilities have been reported in Openbase SQL, which can be exploited by malicious users to cause a DoS (Denial of Service) or compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/27525/ -- [SA27539] Perl Archive::Tar Directory Traversal Vulnerability Critical: Less critical Where: From remote Impact: System access Released: 2007-11-06 A vulnerability has been reported in the Archive::Tar Perl module, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/27539/ -- [SA27535] C++ Sockets Library HTTPSocket Denial of Service Vulnerability Critical: Less critical Where: From remote Impact: DoS Released: 2007-11-07 A vulnerability has been reported in C++ Sockets Library, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/27535/ -- [SA27534] Coppermine Photo Gallery "data" Cross-Site Scripting Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-11-06 Nicolas Le Gland has reported a vulnerability in Coppermine Photo Gallery, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/27534/ -- [SA27509] IBM Lotus Domino Web Server Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Unknown Released: 2007-11-02 IBM has acknowledged a vulnerability in IBM Lotus Domino Web Server, which can be exploited by malicious users to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/27509/ -- [SA27493] Mono Mono.Math.BigInteger Vulnerability Critical: Less critical Where: From remote Impact: Unknown Released: 2007-11-06 A vulnerability with an unknown impact has been reported in Mono. Full Advisory: http://secunia.com/advisories/27493/ -- [SA27490] Helios Calendar "username" Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-11-05 Ivan Sanchez and Maximiliano Soler have reported a vulnerability in Helios Calendar, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/27490/ -- [SA27487] SF-Shoutbox "nick" and "shout" Script Insertion Vulnerabilities Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-11-05 SkyOut has reported some vulnerabilities in SF-Shoutbox, which can be exploited by malicious people to conduct script insertion attacks. Full Advisory: http://secunia.com/advisories/27487/ -- [SA27485] sBlog Cross-Site Request Forgery Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2007-11-02 0x90 has discovered a vulnerability in sBlog, which can be exploited by malicious people to conduct cross-site request forgery attacks. Full Advisory: http://secunia.com/advisories/27485/ ======================================================================== Secunia recommends that you verify all advisories you receive, by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Subscribe: http://secunia.com/secunia_weekly_summary/ Contact details: Web : http://secunia.com/ E-mail : support@private Tel : +45 70 20 51 44 Fax : +45 70 20 51 45 __________________________________________________________________ CSI 2007 is the only conference that delivers a business-focused overview of enterprise security. It will convene 1,500+ delegates, 80 exhibitors and features 100+ sessions/seminars providing a roadmap for integrating policies and procedures with new tools and techniques. Register now for savings on conference fees and/or free exhibits admission. - www.csiannual.com
This archive was generated by hypermail 2.1.3 : Thu Nov 08 2007 - 23:09:23 PST