[ISN] Secunia Weekly Summary - Issue: 2008-6

From: InfoSec News (alerts@private)
Date: Thu Feb 07 2008 - 23:39:08 PST


========================================================================

                  The Secunia Weekly Advisory Summary                  
                        2008-01-31 - 2008-02-07                        

                       This week: 65 advisories                        

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing

========================================================================
1) Word From Secunia:

It's been a rough 24 hours for Windows users, as four popular user
programs were patched by their respective vendors against some critical
vulnerabilities.

The four applications, Sun Java, Adobe Reader, Apple Quicktime, and
Skype, are among the most common Windows applications available for
users today, and within 24 hours, each of their vendors released a
security-related update. Any of the vulnerabilities in these
applications can be used to steal information or run malicious
programs. And even if, for example, you don't have Skype installed,
then you are still vulnerable if you have Java, Adobe Reader, or
Quicktime in your computer.

Based on PSI results, these four applications are installed in over 80%
of all computers, resulting in a staggering pool of possible hacking
victims.

Secunia recommends that users who have ANY of these four applications
installed should apply the appropriate security updates immediately.

For more information, you can read more on the Secunia "Security
Watchdog" blog:
http://secunia.com/blog/20/

To find out if your home computer is vulnerable to any of these
security problems, scan using the free Personal Software Inspector:
https://psi.secunia.com/

Check if a vulnerable version is installed on computers in your
corporate network, using the Network Software Inspector:
http://secunia.com/network/software_inspector/

========================================================================
2) This Week in Brief:

A security update has been released for Skype, which implements
security enhancements to prevent the  compromise of users' systems.

Skype uses the Internet Explorer web control to render HTML from
certain websites (e.g. DailyMotion, Metacafe, and SkypeFind). As the
content is rendered in the "Local Machine" security zone, this allows
execution of arbitrary script code on a user's system via script
insertion vulnerabilities present in these websites.

Various vulnerabilities have been discovered in these sites, which
provide attack vectors when a user, for example, uses the Skype video
gallery browser section or finds a video uploaded to the DailyMotion
gallery with a specially crafted video title.

Users are urged to update to version 3.6.*.248 or later.

For more information, refer to:
http://secunia.com/advisories/28791/

 --

A vulnerability in Apple QuickTime reported in January of this year has
been patched.

The highly critical vulnerability, which could compromise a user's
system, is caused due to a boundary error when handling RTSP replies
and can be exploited to cause a heap-based buffer overflow, for
example, by sending a specially crafted reply containing an overly-long
"Reason-Phrase".

Successful exploitation requires that the user is, for example, tricked
into opening a malicious QTL file or visiting a malicious web site.

Users are urged to update to Quicktime 7.4.1, which fixes this
vulnerability.

For more information, refer to:
http://secunia.com/advisories/28423/

 --

Two vulnerabilities have been reported in Sun JRE, which can be
exploited by malicious people to compromise a user's system.

The highly critical vulnerabilities are caused due to unspecified
errors within the handling of Java applets, and can be exploited by
malicious, untrusted applets to read and write local files, or to
execute local applications. Successful exploitation requires that a
user views a malicious applet.

Users are urged to update to Java and JRE 6 update 2 or higher, or Java
and JRE 5 update 14 or higher.

For more information, refer to:
http://secunia.com/advisories/28795/

 --

Some vulnerabilities with unknown impacts have been reported in Adobe
Reader.

The vulnerabilities are caused due to unspecified errors. No further
information is currently available. However, the speed and secrecy with
this update leads Secunia to believe that it may fix one or more sever
security holes. Adobe itself, in its release notes, states that it
closes "security vulnerabilities".

For more information, refer to:
http://secunia.com/advisories/28802/

 --

VIRUS ALERTS:

During the past week Secunia collected 174 virus descriptions from the
Antivirus vendors. However, none were deemed MEDIUM risk or higher
according to the Secunia assessment scale.

========================================================================
3) This Weeks Top Ten Most Read Advisories:

1.  [SA28746] Sun Java Runtime Environment External XML Entities
              Security Bypass
2.  [SA28715] MySpace Uploader Control ActiveX Control Property
              Handling Buffer Overflow
3.  [SA28757] Yahoo! Music Jukebox ActiveX Control Buffer Overflows
4.  [SA28729] Drupal Comment Upload Module File Upload Vulnerability
5.  [SA28717] Drupal OpenID Module "claimed_id" Authority Spoofing
6.  [SA28747] UltraVNC vncviewer
              "ClientConnection::NegotiateProtocolVersion()" Buffer
              Overflow
7.  [SA28802] Adobe Reader Unspecified Vulnerabilities
8.  [SA28732] Drupal Secure Site Module Security Bypass Vulnerability
9.  [SA28733] Aurigma Image Uploader ActiveX Control "Action" Property
              Buffer Overflow
10. [SA28731] Drupal Project Issue Tracking Module File Upload and
              Script Insertion

========================================================================
4) Vulnerabilities Summary Listing

Windows:
[SA28809] Ourgame GLWorld HanGamePluginCn18 Class ActiveX Control
Buffer Overflows
[SA28757] Yahoo! Music Jukebox ActiveX Control Buffer Overflows
[SA28797] ACDSee Photo Manager XBM File Processing Buffer Overflow
[SA28791] Skype Cross-Zone Scripting Security Enhancement
[SA28765] Nero Media Player Playlist Processing Buffer Overflow
Vulnerability
[SA28760] Titan FTP Server Command Processing Buffer Overflow
[SA28822] IPSwitch WS_FTP Server Manager Security Bypass
[SA28753] IpSwitch WS_FTP Server with SSH Buffer Overflow
Vulnerability
[SA28811] SAP SAPSprint Multiple Vulnerabilities
[SA28786] SAP GUI SAPLPD Multiple Vulnerabilities
[SA28763] WinCom LPD Total Multiple Vulnerabilities
[SA28770] RaidenHTTPD Unspecified Cross-Site Scripting Vulnerability
[SA28755] Xlight FTP Server LDAP Blank Password Security Bypass
[SA28761] Ipswitch WS_FTP Server FTP Log Server Denial of Service
[SA28832] Symantec Altiris Notification Server Agent Privilege
Escalation
[SA28792] Novell Client Challenge Response Client Clipboard Disclosure
Weakness

UNIX/Linux:
[SA28821] Gentoo doomsday Multiple Vulnerabilities
[SA28812] Debian update for poppler
[SA28805] Apple iPhoto Photocast Format String Vulnerability
[SA28801] xine-lib FLAC Processing Memory Corruption Vulnerability
[SA28800] Sun Solaris ImageMagick Multiple Vulnerabilities
[SA28779] MPlayer Multiple Vulnerabilities
[SA28777] SUSE update for IBMJava5-JRE and IBMJava5-SDK
[SA28830] Gentoo update for sdl-image
[SA28819] OpenBSD DNS Server PRNG Transaction ID Vulnerability
[SA28816] NetBSD "ipcomp6_input()" Denial of Service
[SA28814] Debian update for squid
[SA28788] KAME Project "ipcomp6_input()" Denial of Service
[SA28783] rPath update for icu
[SA28782] Fedora update for deluge
[SA28769] Debian update for python-cherrypy
[SA28752] Fedora update for SDL_image
[SA28749] Ubuntu update for apache2
[SA28825] Debian update for net-snmp
[SA28751] Fedora update for kdebase

Other:
[SA28750] HP-UX update for Apache
[SA28762] RouterOS SNMPd "SNMP SET" Denial of Service Vulnerability

Cross Platform:
[SA28833] TinTin++ / WinTin++ Multiple Vulnerabilities
[SA28810] Documentum Administrator/Webtop "dmclTrace.jsp" Arbitrary
File Overwrite
[SA28795] Sun JRE Applet Handling Two Vulnerabilities
[SA28790] Openads Arbitrary PHP Code Execution Vulnerability
[SA28831] osCommerce Customer Testimonials Addon SQL Injection
[SA28803] Mihalism Multi Host "username" SQL Injection
[SA28802] Adobe Reader Unspecified Vulnerabilities
[SA28789] WordPress MU File Upload and Security Bypass
[SA28784] Tk GIF Processing Buffer Overflow Vulnerability
[SA28781] Deluge "bdecode_recursive()" Stack Overflow Vulnerability
[SA28780] ITechBids "item_id" SQL Injection and Cross-Site Scripting
[SA28773] ITechClassifieds "CatID" SQL Injection and Cross-site
Scripting
[SA28771] IBM DB2 UDB Multiple Vulnerabilities
[SA28767] Wordspew Plugin for Wordpress "id" SQL Injection
Vulnerability
[SA28759] WordPress DMSGuestbook Plugin Multiple Vulnerabilities
[SA28756] BlogPHP SQL Injection and Cross-Site Scripting
[SA28813] HP Storage Essentials SRM Multiple Unspecified
Vulnerabilities
[SA28787] Symantec Backup Exec System Recovery Manager File Upload
Vulnerability
[SA28827] Webmin / Usermin "search" Cross-Site Scripting
[SA28823] WordPress XML-RPC Post Edit Vulnerability
[SA28794] Mailman Script Insertion Vulnerability
[SA28793] Textpattern Multiple Vulnerabilities
[SA28785] IBM WebSphere Edge Server Caching Proxy Cross-Site Scripting
[SA28778] Novell GroupWise WebAccess Cross-Site Scripting
Vulnerabilities
[SA28775] Youtube Script "lang[please_wait]" Cross-Site Scripting
Vulnerability
[SA28774] Domain Trader "id" Cross-Site Scripting Vulnerability
[SA28772] WordPress WP-Footnotes Plugin "admin_panel.php" Cross-Site
Scripting
[SA28798] HP OpenView Network Node Manager Denial of Service

========================================================================
5) Vulnerabilities Content Listing

Windows:--

[SA28809] Ourgame GLWorld HanGamePluginCn18 Class ActiveX Control
Buffer Overflows

Critical:    Extremely critical
Where:       From remote
Impact:      System access
Released:    2008-02-06

Two vulnerabilities have been discovered in Ourgame GLWorld, which can
be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/28809/

 --

[SA28757] Yahoo! Music Jukebox ActiveX Control Buffer Overflows

Critical:    Extremely critical
Where:       From remote
Impact:      System access
Released:    2008-02-04

Some vulnerabilities have been discovered in Yahoo! Music Jukebox,
which can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/28757/

 --

[SA28797] ACDSee Photo Manager XBM File Processing Buffer Overflow

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2008-02-07

Trend Micro has reported a vulnerability in ACDSee Photo Manager, which
can be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/28797/

 --

[SA28791] Skype Cross-Zone Scripting Security Enhancement

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2008-02-06

An update has been released for Skype, which implements security
enhancements to prevent compromise of users' systems.

Full Advisory:
http://secunia.com/advisories/28791/

 --

[SA28765] Nero Media Player Playlist Processing Buffer Overflow
Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2008-02-05

securfrog has discovered a vulnerability in Nero Media Player, which
can be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/28765/

 --

[SA28760] Titan FTP Server Command Processing Buffer Overflow

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2008-02-04

securfrog has discovered a vulnerability in Titan FTP Server, which
potentially can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/28760/

 --

[SA28822] IPSwitch WS_FTP Server Manager Security Bypass

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Exposure of sensitive information
Released:    2008-02-07

Luigi Auriemma has discovered a security issue in IPSwitch WS_FTP
Server, which can be exploited by malicious people to bypass certain
access restrictions and disclose sensitive information.

Full Advisory:
http://secunia.com/advisories/28822/

 --

[SA28753] IpSwitch WS_FTP Server with SSH Buffer Overflow
Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2008-02-04

securfrog has discovered a vulnerability in IpSwitch WS_FTP Server with
SSH, which can be exploited by malicious users to cause a DoS (Denial of
Service) or potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/28753/

 --

[SA28811] SAP SAPSprint Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From local network
Impact:      DoS, System access
Released:    2008-02-07

Some vulnerabilities have been reported in SAPSprint, which can be
exploited by malicious people to cause a DoS (Denial of Service) or to
potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/28811/

 --

[SA28786] SAP GUI SAPLPD Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From local network
Impact:      DoS, System access
Released:    2008-02-05

Luigi Auriemma has discovered some vulnerabilities in SAP GUI, which
can be exploited by malicious people to cause a DoS (Denial of Service)
or to potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/28786/

 --

[SA28763] WinCom LPD Total Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From local network
Impact:      Security Bypass, DoS, System access
Released:    2008-02-05

Luigi Auriemma has discovered some vulnerabilities in WinCom LPD Total,
which can be exploited by malicious people to bypass certain security
restrictions, cause a DoS (Denial of Service), or compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/28763/

 --

[SA28770] RaidenHTTPD Unspecified Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2008-02-05

A vulnerability has been reported in RaidenHTTPD, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/28770/

 --

[SA28755] Xlight FTP Server LDAP Blank Password Security Bypass

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass
Released:    2008-02-04

A security issue has been reported in Xlight FTP Server, which can be
exploited by malicious users to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/28755/

 --

[SA28761] Ipswitch WS_FTP Server FTP Log Server Denial of Service

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2008-02-05

Luigi Auriemma has discovered a vulnerability in Ipswitch WS_FTP
Server, which can be exploited by malicious people to cause a DoS
(Denial of Service).

Full Advisory:
http://secunia.com/advisories/28761/

 --

[SA28832] Symantec Altiris Notification Server Agent Privilege
Escalation

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2008-02-07

A vulnerability has been reported in Symantec Altiris Notification
Server, which can be exploited by malicious, local users to gain
escalated privileges.

Full Advisory:
http://secunia.com/advisories/28832/

 --

[SA28792] Novell Client Challenge Response Client Clipboard Disclosure
Weakness

Critical:    Not critical
Where:       Local system
Impact:      Exposure of sensitive information
Released:    2008-02-05

A weakness has been reported in the Challenge Response Client included
in Novell Client, which can be exploited by malicious, local users to
disclose potentially sensitive information.

Full Advisory:
http://secunia.com/advisories/28792/


UNIX/Linux:--

[SA28821] Gentoo doomsday Multiple Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2008-02-07

Gentoo has acknowledged some vulnerabilities in doomsday, which can be
exploited by malicious people to cause a DoS (Denial of Service) or
potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/28821/

 --

[SA28812] Debian update for poppler

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2008-02-06

Debian has issued an update for poppler. This fixes some
vulnerabilities, which can be exploited by malicious people to
compromise an application using the library.

Full Advisory:
http://secunia.com/advisories/28812/

 --

[SA28805] Apple iPhoto Photocast Format String Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2008-02-06

A vulnerability has been reported in Apple iPhoto, which can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/28805/

 --

[SA28801] xine-lib FLAC Processing Memory Corruption Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2008-02-05

A vulnerability has been discovered in xine-lib, which can potentially
be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/28801/

 --

[SA28800] Sun Solaris ImageMagick Multiple Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2008-02-05

Sun has acknowledged some vulnerabilities in ImageMagick for Sun
Solaris, which can be exploited by malicious people to compromise a
user's system.

Full Advisory:
http://secunia.com/advisories/28800/

 --

[SA28779] MPlayer Multiple Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2008-02-05

Some vulnerabilities have been reported in MPlayer, which can be
exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/28779/

 --

[SA28777] SUSE update for IBMJava5-JRE and IBMJava5-SDK

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Manipulation of data, Exposure of system
information, Exposure of sensitive information, DoS, System access
Released:    2008-02-04

SUSE has issued an update for IBMJava5-JRE and IBMJava5-SDK. This fixes
some vulnerabilities, which can be exploited by malicious people to
bypass certain security restrictions, manipulate data, disclose
sensitive information, cause a DoS (Denial of Service), or potentially
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/28777/

 --

[SA28830] Gentoo update for sdl-image

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2008-02-07

Gentoo has issued an update for sdl-image. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service) or potentially compromise an application using
the library.

Full Advisory:
http://secunia.com/advisories/28830/

 --

[SA28819] OpenBSD DNS Server PRNG Transaction ID Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Spoofing
Released:    2008-02-07

Amit Klein has reported a vulnerability in OpenBSD, which can be
exploited by malicious people to poison the DNS cache.

Full Advisory:
http://secunia.com/advisories/28819/

 --

[SA28816] NetBSD "ipcomp6_input()" Denial of Service

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2008-02-06

A vulnerability has been reported in NetBSD, which can be exploited by
malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/28816/

 --

[SA28814] Debian update for squid

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2008-02-06

Debian has issued an update for squid. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/28814/

 --

[SA28788] KAME Project "ipcomp6_input()" Denial of Service

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2008-02-06

A vulnerability has been reported in the KAME Project, which can be
exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/28788/

 --

[SA28783] rPath update for icu

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2008-02-07

rPath has issued an update for icu. This fixes some vulnerabilities,
which can be exploited by malicious people to cause a DoS (Denial of
Service) and potentially compromise an application using the library.

Full Advisory:
http://secunia.com/advisories/28783/

 --

[SA28782] Fedora update for deluge

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2008-02-04

Fedora has issued an update for deluge. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/28782/

 --

[SA28769] Debian update for python-cherrypy

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2008-02-06

Debian has issued an update for python-cherrypy. This fixes a
vulnerability, which can be exploited by malicious people to bypass
certain security restrictions.

Full Advisory:
http://secunia.com/advisories/28769/

 --

[SA28752] Fedora update for SDL_image

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2008-02-04

Fedora has issued an update for SDL_image. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service) or potentially compromise an application using
the library.

Full Advisory:
http://secunia.com/advisories/28752/

 --

[SA28749] Ubuntu update for apache2

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting, DoS
Released:    2008-02-05

Ubuntu has issued an update for apache2. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service) or to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/28749/

 --

[SA28825] Debian update for net-snmp

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2008-02-07

Debian has issued an update for net-snmp. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/28825/

 --

[SA28751] Fedora update for kdebase

Critical:    Not critical
Where:       Local system
Impact:      DoS
Released:    2008-02-04

Fedora has issued an update for kdebase. This fixes a weakness, which
can be exploited by malicious, local users to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/28751/


Other:--

[SA28750] HP-UX update for Apache

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting
Released:    2008-02-04

HP-UX has issued an update for Apache. This fixes some vulnerabilities,
which can be exploited by malicious, local users to bypass certain
security restrictions, and by malicious people to conduct cross-site
scripting attacks.

Full Advisory:
http://secunia.com/advisories/28750/

 --

[SA28762] RouterOS SNMPd "SNMP SET" Denial of Service Vulnerability

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2008-02-04

ShadOS has reported a vulnerability in RouterOS, which can be exploited
by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/28762/


Cross Platform:--

[SA28833] TinTin++ / WinTin++ Multiple Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      Manipulation of data, DoS, System access
Released:    2008-02-07

Luigi Auriemma has discovered some vulnerabilities and a weakness in
TinTin++ and WinTin++, which can be exploited by malicious people to
cause a DoS (Denial of Service), manipulate data, or to compromise a
user's system.

Full Advisory:
http://secunia.com/advisories/28833/

 --

[SA28810] Documentum Administrator/Webtop "dmclTrace.jsp" Arbitrary
File Overwrite

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2008-02-06

Pablo Gaston Milano has reported a vulnerability in Documentum
Administrator and Documentum Webtop, which can be exploited by
malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/28810/

 --

[SA28795] Sun JRE Applet Handling Two Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2008-02-06

Two vulnerabilities have been reported in Sun JRE, which can be
exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/28795/

 --

[SA28790] Openads Arbitrary PHP Code Execution Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2008-02-05

A vulnerability has been reported in Openads, which can be exploited by
malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/28790/

 --

[SA28831] osCommerce Customer Testimonials Addon SQL Injection

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data, Exposure of sensitive information
Released:    2008-02-07

A vulnerability has been discovered in the Customer Testimonials addon
for osCommerce, which can be exploited by malicious people to conduct
SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/28831/

 --

[SA28803] Mihalism Multi Host "username" SQL Injection

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data, Exposure of sensitive information
Released:    2008-02-07

Moubik has discovered a vulnerability in Mihalism Multi Host, which can
be exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/28803/

 --

[SA28802] Adobe Reader Unspecified Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Unknown
Released:    2008-02-06

Some vulnerabilities with unknown impacts have been reported in Adobe
Reader.

Full Advisory:
http://secunia.com/advisories/28802/

 --

[SA28789] WordPress MU File Upload and Security Bypass

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, System access
Released:    2008-02-06

Alexander Concha has reported a vulnerability in WordPress MU, which
can be exploited by malicious users to bypass certain security
restrictions and to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/28789/

 --

[SA28784] Tk GIF Processing Buffer Overflow Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2008-02-06

A vulnerability has been reported in Tk, which can potentially be
exploited by malicious people to compromise an application using the
library.

Full Advisory:
http://secunia.com/advisories/28784/

 --

[SA28781] Deluge "bdecode_recursive()" Stack Overflow Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2008-02-04

A vulnerability has been reported in Deluge, which can be exploited by
malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/28781/

 --

[SA28780] ITechBids "item_id" SQL Injection and Cross-Site Scripting

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data, Exposure of
sensitive information
Released:    2008-02-05

Two vulnerabilities have been discovered in ITechBids, which can be
exploited by malicious people to conduct cross-site scripting and SQL
injection attacks.

Full Advisory:
http://secunia.com/advisories/28780/

 --

[SA28773] ITechClassifieds "CatID" SQL Injection and Cross-site
Scripting

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data
Released:    2008-02-04

Crackers_Child has discovered two vulnerabilities in ITechClassifieds,
which can be exploited by malicious people to conduct cross-site
scripting and SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/28773/

 --

[SA28771] IBM DB2 UDB Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Unknown, Security Bypass, Privilege escalation, DoS
Released:    2008-02-04

Multiple vulnerabilities have been reported in IBM DB2 UDB, where some
have unknown impacts, while others can be exploited by malicious, local
users to gain escalated privileges, and by malicious people to bypass
certain security restrictions or to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/28771/

 --

[SA28767] Wordspew Plugin for Wordpress "id" SQL Injection
Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2008-02-04

S@BUN has reported a vulnerability in the Wordspew plugin for
Wordpress, which can be exploited by malicious people to conduct SQL
injection attacks.

Full Advisory:
http://secunia.com/advisories/28767/

 --

[SA28759] WordPress DMSGuestbook Plugin Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data, Exposure of
system information, Exposure of sensitive information
Released:    2008-02-05

NBBN has discovered some vulnerabilities in the DMSGuestbook plugin for
WordPress, which can be exploited by malicious users to disclose
sensitive information or to manipulate data, and by malicious people to
conduct cross-site scripting and script insertion attacks.

Full Advisory:
http://secunia.com/advisories/28759/

 --

[SA28756] BlogPHP SQL Injection and Cross-Site Scripting

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data, Exposure of
sensitive information
Released:    2008-02-04

Dr.Crash has discovered two vulnerabilities in BlogPHP, which can be
exploited by malicious people to conduct cross-site scripting and SQL
injection attacks.

Full Advisory:
http://secunia.com/advisories/28756/

 --

[SA28813] HP Storage Essentials SRM Multiple Unspecified
Vulnerabilities

Critical:    Moderately critical
Where:       From local network
Impact:      Security Bypass, System access
Released:    2008-02-07

Some vulnerabilities have been reported in HP Storage Essentials SRM,
which can be exploited by malicious people to bypass certain security
restrictions or potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/28813/

 --

[SA28787] Symantec Backup Exec System Recovery Manager File Upload
Vulnerability

Critical:    Moderately critical
Where:       From local network
Impact:      System access
Released:    2008-02-05

A vulnerability has been reported in Symantec Backup Exec System
Recovery Manager, which can be exploited by malicious people to
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/28787/

 --

[SA28827] Webmin / Usermin "search" Cross-Site Scripting

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2008-02-07

A vulnerability has been discovered in Webmin and Usermin, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/28827/

 --

[SA28823] WordPress XML-RPC Post Edit Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass, Manipulation of data
Released:    2008-02-07

A vulnerability has been reported in WordPress, which can be exploited
by malicious users to bypass certain security restrictions and to
manipulate data.

Full Advisory:
http://secunia.com/advisories/28823/

 --

[SA28794] Mailman Script Insertion Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2008-02-05

A vulnerability has been reported in Mailman, which can be exploited by
malicious users to conduct script insertion attacks.

Full Advisory:
http://secunia.com/advisories/28794/

 --

[SA28793] Textpattern Multiple Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting, Exposure of system information,
Exposure of sensitive information
Released:    2008-02-05

Some vulnerabilities have been reported in Textpattern, which can be
exploited by malicious users to disclose sensitive information or
conduct script insertion attacks, and by malicious people to conduct
cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/28793/

 --

[SA28785] IBM WebSphere Edge Server Caching Proxy Cross-Site Scripting

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2008-02-07

A vulnerability has been reported in IBM WebSphere Edge Server, which
can be exploited by malicious people to conduct cross-site scripting
attacks.

Full Advisory:
http://secunia.com/advisories/28785/

 --

[SA28778] Novell GroupWise WebAccess Cross-Site Scripting
Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2008-02-04

Some vulnerabilities have been reported in Novell GroupWise, which can
be exploited by malicious people to conduct cross-site scripting
attacks.

Full Advisory:
http://secunia.com/advisories/28778/

 --

[SA28775] Youtube Script "lang[please_wait]" Cross-Site Scripting
Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2008-02-04

Smasher has reported a vulnerability in Youtube Script, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/28775/

 --

[SA28774] Domain Trader "id" Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2008-02-04

Crackers_Child has reported a vulnerability in Domain Trader, which can
be exploited by malicious people to conduct cross-site scripting
attacks.

Full Advisory:
http://secunia.com/advisories/28774/

 --

[SA28772] WordPress WP-Footnotes Plugin "admin_panel.php" Cross-Site
Scripting

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2008-02-04

NBBN has discovered some vulnerabilities in the WP-Footnotes plugin for
WordPress, which can be exploited by malicious people to conduct
cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/28772/

 --

[SA28798] HP OpenView Network Node Manager Denial of Service

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2008-02-06

A vulnerability has been reported in HP OpenView Network Node Manager,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/28798/



========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Subscribe:
http://secunia.com/secunia_weekly_summary/

Contact details:
Web	: http://secunia.com/
E-mail	: support@private
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45


___________________________________________________      
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn 



This archive was generated by hypermail 2.1.3 : Thu Feb 07 2008 - 23:50:55 PST