[ISN] Secunia Weekly Summary - Issue: 2008-1

From: InfoSec News (alerts@private)
Date: Thu Jan 03 2008 - 22:28:54 PST


========================================================================

                  The Secunia Weekly Advisory Summary                  
                        2007-12-27 - 2008-01-03                        

                       This week: 37 advisories                        

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing

========================================================================
1) Word From Secunia:

More than 20% of all applications installed on users PC's have known
security flaws but the user have yet to install the patch provided by
the vendor of product.

Read the full blog:
http://secunia.com/blog/17/

Download and test the Secunia PSI today:
https://psi.secunia.com/

========================================================================
2) This Week in Brief:

A highly critical vulnerability in RealPlayer has been reported, which
can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an unspecified error and can be
exploited to cause a buffer overflow. No further information is
currently available.

Successful exploitation allows execution of arbitrary code.

The vulnerability is reported in version 11 build 6.0.14.748. Other
versions may also be affected.

Because the vulnerability is currently unpatched, users are urged not
to open untrusted media files or browse untrusted websites.

For more information:
http://secunia.com/advisories/28276/

 --

A moderately critical vulnerability has been reported in Asterisk,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

The vulnerability is caused due to a null-pointer dereference error
within the handling of the "BYE/Also" transfer method. This can be
exploited to crash the application.

Successful exploitation requires that a dialog has already been
established.

The vulnerability is reported in the following versions:
* Asterisk Open Source 1.4.x prior to version 1.4.17
* Asterisk Business Edition C.x.x prior to version C.1.0-beta8
* AsteriskNOW pre-release prior to beta7
* Asterisk Appliance Developer Kit prior to Asterisk 1.4 revision 95946
* s800i (Asterisk Appliance) 1.0.x prior to version 1.0.3.4

The vendor has released updates to fix all affected versions. Secunia
recommends that users apply updates immediately.

For more information:
http://secunia.com/advisories/28312/

 --

Some vulnerabilities have been reported in Mambo, one with an unknown
impact and others, which can be exploited by malicious people to
conduct cross-site scripting attacks or to compromise a vulnerable
system.

A highly critical vulnerability is caused due to the use of a
vulnerable copy of PHPMailer, an issue that has been known since June
of 2006. The vulnerability can be exploited to inject arbitrary shell
commands.

Input passed to unknown parameters is not properly sanitised before
being returned to the user. This can be exploited to execute arbitrary
HTML and script code in a user's browser session in context of an
affected site. Successful exploitation of this vulnerability requires
that the target user has valid administrator credentials.

A vulnerability is caused due to unknown errors in the template chooser
functionality. No further information is currently available.

The vulnerabilities are reported in version 4.6.2. Prior versions may
also be affected. The vendor has released version 4.6.3 to resolve the
vulnerabilities.

For more information:
http://secunia.com/advisories/28251/

 --

VIRUS ALERTS:

During the past week Secunia collected 128 virus descriptions from the
Antivirus vendors. However, none were deemed MEDIUM risk or higher
according to the Secunia assessment scale.

========================================================================
3) This Weeks Top Ten Most Read Advisories:

1.  [SA28204] RunCms Multiple Vulnerabilities
2.  [SA28194] ZeusCMS SQL Injection and Information Disclosure
3.  [SA28251] Mambo Multiple Vulnerabilities
4.  [SA28250] XZero Community Classifieds "subcatid" SQL Injection
5.  [SA28185] Mantis "Upload File" Script Insertion Vulnerability
6.  [SA28159] MySpace Content Zone "uploadgames.php" File Upload
              Vulnerability
7.  [SA28236] Total Player M3U Playlist Parsing Buffer Overflow
8.  [SA28252] IPortalX Multiple Cross-Site Scripting Vulnerabilities 
9.  [SA28237] Novell Identity Manager asampsp Denial of Service
10. [SA28240] Shadowed Portal File Inclusion and PHP Code Execution

========================================================================
4) Vulnerabilities Summary Listing

Windows:
[SA28307] Georgia SoftWorks SSH2 Server Multiple Vulnerabilities
[SA28276] RealPlayer Unspecified Buffer Overflow Vulnerability

UNIX/Linux:
[SA28290] Gentoo update for opera
[SA28286] Gentoo update for openoffice, openoffice-bin, and hsqldb
[SA28278] Gentoo update for clamav
[SA28277] Gentoo update for mozilla-firefox/-bin and seamonkey/-bin
[SA28260] Debian update for peercast
[SA28325] Mandriva update for wireshark
[SA28312] Asterisk "BYE/Also" Denial of Service Vulnerability
[SA28309] AGENCY4NET WEBFTP "file" Directory Traversal Vulnerability
[SA28289] Gentoo update for emul-linux-x86-gtklibs
[SA28288] Gentoo update for wireshark
[SA28268] Gentoo update for exiftags
[SA28267] Gentoo update for exiv2
[SA28266] Gentoo update for libexif
[SA28265] Debian update for libsndfile
[SA28253] Netembryo "Url_init()" Denial of Service Vulnerability
[SA28269] Gentoo update for mt-daapd
[SA28321] Fedora update for qt
[SA28320] Avaya Products openssh Multiple Vulnerabilities
[SA28319] Avaya Products pam Vulnerability and Security Issue
[SA28310] Fedora update for wordpress
[SA28271] Dovecot LDAP Auth Cache Security Bypass
[SA28255] Debian update for tar
[SA28279] Gentoo update for syslog-ng

Other:


Cross Platform:
[SA28287] White_dune Format String and Buffer Overflow Vulnerabilities
[SA28318] PHP Multiple Vulnerabilities
[SA28295] Joomla PU Arcade Component "fid" SQL Injection Vulnerability
[SA28293] Plone LiveSearch Module News Item Script Insertion
[SA28285] CMS Made Simple "templateid" SQL Injection Vulnerability
[SA28281] zenphoto "albumnr" SQL Injection
[SA28280] MyPHP Forum SQL Injection Vulnerabilities
[SA28263] Logaholic Cross-Site Scripting and SQL Injection
[SA28258] PHCDownload "string" Cross-Site Scripting and SQL Injection
[SA28306] milliscripts Redirection "cat" Cross-Site Scripting
Vulnerability
[SA28303] phpWebSite "search" Cross-Site Scripting Vulnerability
[SA28274] Apache Tomcat JULI Logging Component Security Bypass

========================================================================
5) Vulnerabilities Content Listing

Windows:--

[SA28307] Georgia SoftWorks SSH2 Server Multiple Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2008-01-03

Luigi Auriemma has reported some vulnerabilities in Georgia SoftWorks
SSH2 Server, which potentially can be exploited by malicious people to
cause a DoS (Denial of Service) or compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/28307/

 --

[SA28276] RealPlayer Unspecified Buffer Overflow Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2008-01-03

Evgeny Legerov has reported a vulnerability in RealPlayer, which can be
exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/28276/


UNIX/Linux:--

[SA28290] Gentoo update for opera

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Exposure of sensitive information, System
access
Released:    2008-01-02

Gentoo has issued an update for opera. This fixes some vulnerabilities,
which can be exploited by malicious people to bypass certain security
restrictions, disclose sensitive information, and compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/28290/

 --

[SA28286] Gentoo update for openoffice, openoffice-bin, and hsqldb

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2008-01-02

Gentoo has issued an update for openoffice, openoffice-bin, and hsqldb.
This fixes a vulnerability, which can be exploited by malicious people
to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/28286/

 --

[SA28278] Gentoo update for clamav

Critical:    Highly critical
Where:       From remote
Impact:      Unknown, DoS, System access
Released:    2008-01-02

Gentoo has issued an update for clamav. This fixes some
vulnerabilities, where one vulnerability has an unknown impact and
others can be exploited by malicious people to cause a DoS (Denial of
Service) or compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/28278/

 --

[SA28277] Gentoo update for mozilla-firefox/-bin and seamonkey/-bin

Critical:    Highly critical
Where:       From remote
Impact:      Cross Site Scripting, DoS, System access
Released:    2008-01-02

Gentoo has issued an update for mozilla-firefox, mozilla-firefox-bin,
seamonkey, and seamonkey-bin. This fixes a security issue and some
vulnerabilities, which can be exploited by malicious people to conduct
cross-site scripting and request forgery attacks and potentially
compromise a user's system.

Full Advisory:
http://secunia.com/advisories/28277/

 --

[SA28260] Debian update for peercast

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2008-01-02

Debian has issued an update for peercast. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service) or potentially to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/28260/

 --

[SA28325] Mandriva update for wireshark

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2008-01-03

Mandriva has issued an update for wireshark. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/28325/

 --

[SA28312] Asterisk "BYE/Also" Denial of Service Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2008-01-03

A vulnerability has been reported in Asterisk, which can be exploited
by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/28312/

 --

[SA28309] AGENCY4NET WEBFTP "file" Directory Traversal Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information
Released:    2008-01-03

GoLd_M has discovered a vulnerability in AGENCY4NET WEBFTP, which can
be exploited by malicious people to disclose sensitive information.

Full Advisory:
http://secunia.com/advisories/28309/

 --

[SA28289] Gentoo update for emul-linux-x86-gtklibs

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2008-01-02

Gentoo has issued an update for emul-linux-x86-gtklibs. This fixes a
vulnerability, which can be exploited by malicious people to compromise
an application using the library.

Full Advisory:
http://secunia.com/advisories/28289/

 --

[SA28288] Gentoo update for wireshark

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2008-01-02

Gentoo has issued an update for wireshark. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/28288/

 --

[SA28268] Gentoo update for exiftags

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2008-01-02

Gentoo has issued an update for exiftags. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service) or potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/28268/

 --

[SA28267] Gentoo update for exiv2

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2008-01-02

Gentoo has issued an update for exiv2. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service) or to potentially compromise an application using the
library.

Full Advisory:
http://secunia.com/advisories/28267/

 --

[SA28266] Gentoo update for libexif

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2008-01-02

Gentoo has issued an update for libexif. This fixes two
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service) or to compromise an application using the
library.

Full Advisory:
http://secunia.com/advisories/28266/

 --

[SA28265] Debian update for libsndfile

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2008-01-02

Debian has issued an update for libsndfile. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise an
application using the library.

Full Advisory:
http://secunia.com/advisories/28265/

 --

[SA28253] Netembryo "Url_init()" Denial of Service Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2007-12-28

Luigi Auriemma has reported a vulnerability in Netembryo, which can be
exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/28253/

 --

[SA28269] Gentoo update for mt-daapd

Critical:    Moderately critical
Where:       From local network
Impact:      DoS, System access
Released:    2008-01-02

Gentoo has acknowledged some vulnerabilities mt-daapd, which can be
exploited by malicious people to cause a DoS (Denial of Service) or
potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/28269/

 --

[SA28321] Fedora update for qt

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass, Spoofing
Released:    2008-01-03

Fedora has issued an update for qt. This fixes a vulnerability, which
can be exploited by malicious people to bypass certain security
restrictions.

Full Advisory:
http://secunia.com/advisories/28321/

 --

[SA28320] Avaya Products openssh Multiple Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Manipulation of data, Exposure of sensitive information
Released:    2008-01-03

Avaya has acknowledged some vulnerabilities in various Avaya products,
which can be exploited by malicious people to disclose certain system
information and to inject certain data.

Full Advisory:
http://secunia.com/advisories/28320/

 --

[SA28319] Avaya Products pam Vulnerability and Security Issue

Critical:    Less critical
Where:       From remote
Impact:      Manipulation of data, Exposure of sensitive information
Released:    2008-01-03

Avaya has acknowledged a vulnerability and a security issue in various
Avaya products, which can be exploited by malicious, local users to
disclose sensitive information and by malicious users to inject certain
data.

Full Advisory:
http://secunia.com/advisories/28319/

 --

[SA28310] Fedora update for wordpress

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass, Manipulation of data, Exposure of
sensitive information
Released:    2008-01-03

Fedora has issued an update for wordpress. This fixes some
vulnerabilities, which can be exploited by malicious people to bypass
certain security restrictions, disclose sensitive information, and
conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/28310/

 --

[SA28271] Dovecot LDAP Auth Cache Security Bypass

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass
Released:    2008-01-02

A security issue has been reported in Dovecot, which can be exploited
by malicious users to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/28271/

 --

[SA28255] Debian update for tar

Critical:    Less critical
Where:       From remote
Impact:      System access
Released:    2008-01-02

Debian has issued an update for tar. This fixes a vulnerability, which
can be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/28255/

 --

[SA28279] Gentoo update for syslog-ng

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2008-01-02

Gentoo has issued an update for syslog-ng. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/28279/


Other:


Cross Platform:--

[SA28287] White_dune Format String and Buffer Overflow Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2008-01-03

Luigi Auriemma has reported some vulnerabilities in White_dune, which
can be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/28287/

 --

[SA28318] PHP Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Unknown, Security Bypass
Released:    2008-01-03

Some vulnerabilities have been reported in PHP, where some have unknown
impact and others can be exploited by malicious users to bypass certain
security restrictions.

Full Advisory:
http://secunia.com/advisories/28318/

 --

[SA28295] Joomla PU Arcade Component "fid" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2008-01-03

HouSSamix has reported a vulnerability in the PU Arcade component for
Joomla, which can be exploited by malicious  people to conduct SQL
injection attacks.

Full Advisory:
http://secunia.com/advisories/28295/

 --

[SA28293] Plone LiveSearch Module News Item Script Insertion

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2008-01-02

ilmila has discovered a vulnerability in Plone, which can be exploited
by malicious users to conduct script insertion attacks.

Full Advisory:
http://secunia.com/advisories/28293/

 --

[SA28285] CMS Made Simple "templateid" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2008-01-03

EgiX has reported a vulnerability in CMS Made Simple, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/28285/

 --

[SA28281] zenphoto "albumnr" SQL Injection

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2008-01-03

Silentz has discovered a vulnerability in zenphoto, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/28281/

 --

[SA28280] MyPHP Forum SQL Injection Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2008-01-03

x0kster has reported some vulnerabilities in MyPHP Forum, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/28280/

 --

[SA28263] Logaholic Cross-Site Scripting and SQL Injection

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data
Released:    2008-01-03

malibu.r has reported some vulnerabilities in Logaholic, which can be
exploited by malicious people to conduct cross-site scripting and SQL
injection attacks.

Full Advisory:
http://secunia.com/advisories/28263/

 --

[SA28258] PHCDownload "string" Cross-Site Scripting and SQL Injection

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data
Released:    2008-01-03

lostmon has discovered some vulnerabilities in PHCDownload, which can
be exploited by malicious people to conduct cross-site scripting and
SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/28258/

 --

[SA28306] milliscripts Redirection "cat" Cross-Site Scripting
Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2008-01-03

Jose Luis Gngora Fernndez has reported a vulnerability in
milliscripts Redirection, which can be exploited by malicious people to
conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/28306/

 --

[SA28303] phpWebSite "search" Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2008-01-03

Audun Larsen has discovered a vulnerability in phpWebSite, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/28303/

 --

[SA28274] Apache Tomcat JULI Logging Component Security Bypass

Critical:    Less critical
Where:       Local system
Impact:      Security Bypass
Released:    2008-01-02

A security issue has been reported in Apache Tomcat, which can be
exploited by malicious, local users to bypass certain security
restrictions.

Full Advisory:
http://secunia.com/advisories/28274/



========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Subscribe:
http://secunia.com/secunia_weekly_summary/

Contact details:
Web	: http://secunia.com/
E-mail	: support@private
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45


__________________________________________________________________      
Visit InfoSec News
http://www.infosecnews.org/



This archive was generated by hypermail 2.1.3 : Thu Jan 03 2008 - 22:38:52 PST