========================================================================
The Secunia Weekly Advisory Summary
2008-02-21 - 2008-02-28
This week: 87 advisories
========================================================================
Table of Contents:
1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing
========================================================================
1) Word From Secunia:
Secunia invites you to join us in the biggest IT Expo event of the year
- the RSA Conference in the Moscone Center, San Francisco, California
from 7 to 11 April 2008. If you are interested in going to the expo
exhibit and meeting us, please contact your Secunia Account Executive
for a FREE EXPO PASS!
========================================================================
2) This Week in Brief:
A highly critical vulnerability has been discovered in ICQ, which can
be exploited by malicious people to compromise another user's system.
The vulnerability is caused due to a format string error when
generating HTML code to display messages in the embedded Internet
Explorer component. This can then be exploited by sending specially
crafted messages containing format string specifiers to another user.
Successful exploitation allows an attacker to execute arbitrary code.
The vulnerability is confirmed in ICQ 6 build 6043. Other versions may
also be affected. The vulnerability is currently unpatched. Secunia
urges users to avoid accepting messages from untrusted ICQ users, or
accepting messages only from users in their contact lists.
For more information, refer to:
http://secunia.com/advisories/29138/
--
A highly critical vulnerability has been reported in Mozilla
Thunderbird, which can be exploited by malicious people to potentially
compromise a user's system.
The vulnerability is caused due to an error within the handling of
external-body MIME types. This can be exploited to cause a heap-based
buffer overflow by tricking a user into viewing a specially crafted
email.
Successful exploitation may allow an attacker to arbitrary code.
The vendor has provided users with version 2.0.0.9 to resolve the
vulnerability. Users of prior version are urged to download the update
immediately.
For more information, refer to:
http://secunia.com/advisories/29133/
--
Netscape has acknowledged some weaknesses, a security issue, and some
vulnerabilities in Netscape Navigator, which can be exploited by
malicious people to disclose sensitive information, bypass certain
security restrictions, conduct spoofing attacks, or to compromise a
user's system.
The vulnerabilities are due to the use of vulnerable Firefox code, of
which the Netscape Navigator browser is based on.
The vendor has released version 9.0.0.6, which is the final release for
Netscape Navigator. Support for all Netscape browsers will end on 1st of
March 2008.
For more information, refer to:
http://secunia.com/advisories/29049/
--
Two vulnerabilities have been reported in various Symantec products,
which can be exploited by malicious people to cause a DoS (Denial of
Service) or compromise a vulnerable system.
A boundary error in Symantec's Decomposer engine can be exploited to
cause a stack-based buffer overflow when handling a specially crafted
.RAR file. Successful exploitation of this highly critical
vulnerability allows execution of arbitrary code.
An error in Symantec's Decomposer engine can be exploited to cause the
process to consume large amounts of memory when handling a specially
crafted .RAR file.
A variety of Symantec products are affected by these vulnerabilities,
including the Symantec AntiVirus Scan Engine, Symantec Mail Security
for Microsoft Exchange, and Symantec AntiVirus for Network Attached
Storage. The vendor has released security updates for all affected
products.
For more information, refer to:
http://secunia.com/advisories/29140/
--
VIRUS ALERTS:
During the past week Secunia collected 154 virus descriptions from the
Antivirus vendors. However, none were deemed MEDIUM risk or higher
according to the Secunia assessment scale.
========================================================================
3) This Weeks Top Ten Most Read Advisories:
1. [SA29032] VMware ESX Server Multiple Updates
2. [SA29131] D-Link MPEG4 SHM (Audio) Control ActiveX Control "Url"
Property Buffer Overflow
3. [SA27994] Novell iPrint Client iPrint Control "ExecuteRequest()"
Buffer Overflow
4. [SA29008] Joomla astatsPRO Component "id" SQL Injection
Vulnerability
5. [SA29052] Sun Solaris CPU Performance Counters Sub-System Local
Denial of Service
6. [SA29106] Joomla! "mosConfig_absolute_path" File Inclusion
7. [SA29074] Solaris 10 Perl Regular Expressions Unicode Data Buffer
Overflow
8. [SA29037] Sun Solaris 10 DTrace Dynamic Tracing Framework
Information Disclosure
9. [SA29066] lighttpd File Descriptor Array Denial of Service
Vulnerability
10. [SA29070] Red Hat update for tcltk
========================================================================
4) Vulnerabilities Summary Listing
Windows:
[SA29146] 4XEM VatDecoder VatCtrl Class ActiveX Control "Url" Property
Buffer Overflow
[SA29145] RTSP MPEG4 SP Control ActiveX Control "Url" Property Buffer
Overflow
[SA29138] ICQ Message Processing Format String Vulnerability
[SA29131] D-Link MPEG4 SHM (Audio) Control ActiveX Control "Url"
Property Buffer Overflow
[SA29109] Rising Online Virus Scanner Web Scan ActiveX Control
"UpdateEngine()" Insecure Method
[SA29108] Move Media Player Quantum Streaming IE Player "UploadLogs()"
Buffer Overflow
[SA29137] NetWin WebMail Format String Vulnerability
[SA29105] SurgeMail Format String and Buffer Overflow Vulnerabilities
[SA29102] Porar Webboard question.asp SQL Injection Vulnerability
[SA29096] SurgeFTP "Content-Length" Denial of Service Vulnerability
[SA29124] Trend Micro OfficeScan CGI Module and Policy Server Buffer
Overflows
[SA29062] Zilab Chat and Instant Messaging Server Multiple
Vulnerabilities
[SA29142] AuthentiX Multiple Cross-Site Scripting Vulnerabilities
[SA29151] Trend Micro OfficeScan 8.0 Policy Server Denial of Service
[SA29075] Double-Take for Windows Information Disclosure and Denial of
Service
[SA29117] VMware Products Shared Folders Directory Traversal
Vulnerability
UNIX/Linux:
[SA29141] Gentoo update for xine-lib
[SA29135] Debian update for ghostscript
[SA29115] Fedora update for sword
[SA29112] Red Hat update for ghostscript
[SA29104] Debian update for koffice
[SA29094] GraphicsMagick Multiple Vulnerabilities
[SA29086] Debian update for iceape
[SA29065] Red Hat update for acroread
[SA29060] Gentoo udpate for clamav
[SA29161] IBM AIX libc "inet_network()" Off-By-One Vulnerability
[SA29157] Red Hat update for gd
[SA29130] Apple Mac OS X "ipcomp6_input()" Denial of Service
[SA29100] Sun Solaris Firewall Security Bypass and Denial of Service
[SA29085] Gentoo update for python
[SA29079] Red Hat update for netpbm
[SA29078] OpenBSD Two Denial of Service Vulnerabilities
[SA29074] Solaris 10 Perl Regular Expressions Unicode Data Buffer
Overflow
[SA29070] Red Hat update for tcltk
[SA29069] Red Hat update for tk
[SA29066] lighttpd File Descriptor Array Denial of Service
Vulnerability
[SA29120] Fedora update for cups
[SA29127] DNSSEC-Tools libval Validation Algorithm Security Issue
[SA29114] Maian Cart "keywords" Cross-Site Scripting
[SA29095] Fedora update for dnssec-tools
[SA29083] Mandriva update for nss_ldap
[SA29071] Debian update for turba2
[SA29058] Debian update for kernel
[SA29132] Mandriva update for cups
[SA29087] Red Hat update for cups
[SA29068] Red Hat update for openldap
[SA29067] Red Hat update for cups
[SA29160] Red Hat update for dbus
[SA29148] D-Bus "send_interface" Security Policy Bypass
[SA29139] IBM AIX X Server Multiple Vulnerabilities
[SA29113] Fedora update for wyrd
[SA29111] Symark PowerBroker Client Binaries Buffer Overflow
Vulnerabilities
[SA29080] SplitVT "xprop" Privilege Escalation Security Issue
[SA29064] Debian update for splitvt
[SA29059] Debian update for dspam
[SA29136] Fedora update for kvm
[SA29129] KVM Block Device Backend Security Bypass
[SA29097] Net Activity Viewer Privilege Escalation Security Issue
[SA29081] Fedora update for qemu
Other:
[SA29082] Cisco IP Phone 7921 Insecure PEAP Implementation
Cross Platform:
[SA29153] Miro MP4 Demuxer Arbitrary Memory Overwrite
[SA29140] Symantec Products Symantec Decomposer RAR File Handling
Vulnerabilities
[SA29133] Mozilla Thunderbird MIME Processing Buffer Overflow
Vulnerability
[SA29122] VLC Media Player MP4 Demuxer Arbitrary Memory Overwrite
[SA29110] DBHcms "extmanager_install" File Inclusion Vulnerability
[SA29103] Ghostscript "zseticcspace()" Buffer Overflow Vulnerability
[SA29099] WordPress Sniplets Plugin Multiple Vulnerabilities
[SA29089] php Download Manager "content" File Inclusion Vulnerability
[SA29088] Interstage Application Server Single Sign-On Buffer Overflow
[SA29077] Quantum Star "CONFIG[gameroot]" File Inclusion
Vulnerabilities
[SA29076] phpQLAdmin "_SESSION[path]" File Inclusion Vulnerabilities
[SA29156] Wireshark Multiple Denial of Service Vulnerabilities
[SA29123] eazyPortal "session_vars" SQL Injection Vulnerability
[SA29107] Xoops XM-Memberstats Module "letter" and "sortby" SQL
Injection
[SA29106] Joomla! "mosConfig_absolute_path" File Inclusion
[SA29090] Joomla! Gary's Cookbook Component "id" SQL Injection
[SA29084] H-Sphere SiteStudio Unspecified Vulnerability
[SA29073] XOOPS Tiny Event Module "id" SQL Injection
[SA29063] XOOPS Prayer List Module "cid" SQL Injection
[SA29061] beContent "id" SQL Injection Vulnerability
[SA29150] Interspire Shopping Cart "search_query" Cross-Site Scripting
[SA29128] Serendipity Script Insertion and Cross-Site Scripting
[SA29118] Drupal Multiple Script Insertion Vulnerabilities
[SA29116] Plume CMS "dir" Cross-Site Scripting Vulnerability
[SA29093] Matt's Whois "domain" Cross-Site Scripting Vulnerability
[SA29092] TikiWiki "tiki-edit_article.php" Script Insertion
Vulnerability
[SA29072] IBM Lotus Quickr/QuickPlace Cross-Site Scripting
Vulnerability
========================================================================
5) Vulnerabilities Content Listing
Windows:--
[SA29146] 4XEM VatDecoder VatCtrl Class ActiveX Control "Url" Property
Buffer Overflow
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2008-02-27
rgod has discovered a vulnerability in 4XEM VatDecoder, which can be
exploited by malicious people to compromise a user's system.
Full Advisory:
http://secunia.com/advisories/29146/
--
[SA29145] RTSP MPEG4 SP Control ActiveX Control "Url" Property Buffer
Overflow
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2008-02-27
rgod has discovered a vulnerability in RTSP MPEG4 SP Control, which can
be exploited by malicious people to compromise a user's system.
Full Advisory:
http://secunia.com/advisories/29145/
--
[SA29138] ICQ Message Processing Format String Vulnerability
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2008-02-28
B0B has discovered a vulnerability in ICQ, which can be exploited by
malicious people to compromise another user's system.
Full Advisory:
http://secunia.com/advisories/29138/
--
[SA29131] D-Link MPEG4 SHM (Audio) Control ActiveX Control "Url"
Property Buffer Overflow
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2008-02-27
rgod has discovered a vulnerability in D-Link MPEG4 SHM (Audio)
Control, which can be exploited by malicious people to compromise a
user's system.
Full Advisory:
http://secunia.com/advisories/29131/
--
[SA29109] Rising Online Virus Scanner Web Scan ActiveX Control
"UpdateEngine()" Insecure Method
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2008-02-26
John Smith has discovered a vulnerability in Rising Online Virus
Scanner, which can be exploited by malicious people to compromise a
user's system.
Full Advisory:
http://secunia.com/advisories/29109/
--
[SA29108] Move Media Player Quantum Streaming IE Player "UploadLogs()"
Buffer Overflow
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2008-02-26
Elazar Broad has discovered a vulnerability in Move Media Player, which
can be exploited by malicious people to compromise a user's system.
Full Advisory:
http://secunia.com/advisories/29108/
--
[SA29137] NetWin WebMail Format String Vulnerability
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2008-02-27
Luigi Auriemma has reported a vulnerability in NetWin WebMail, which
potentially can be exploited by malicious people to compromise a
vulnerable system.
Full Advisory:
http://secunia.com/advisories/29137/
--
[SA29105] SurgeMail Format String and Buffer Overflow Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: DoS, System access
Released: 2008-02-26
Luigi Auriemma has discovered some vulnerabilities in SurgeMail, which
can be exploited by malicious people to cause a DoS (Denial of Service)
or potentially compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/29105/
--
[SA29102] Porar Webboard question.asp SQL Injection Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2008-02-26
xcorpitx has reported a vulnerability in Porar Webboard, which can be
exploited by malicious people to conduct SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/29102/
--
[SA29096] SurgeFTP "Content-Length" Denial of Service Vulnerability
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2008-02-26
Luigi Auriemma has discovered a vulnerability in SurgeFTP, which can be
exploited by malicious people to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/29096/
--
[SA29124] Trend Micro OfficeScan CGI Module and Policy Server Buffer
Overflows
Critical: Moderately critical
Where: From local network
Impact: DoS, System access
Released: 2008-02-28
Luigi Auriemma has discovered some vulnerabilities in Trend Micro
OfficeScan, which can be exploited by malicious people to cause a DoS
(Denial of Service) or compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/29124/
--
[SA29062] Zilab Chat and Instant Messaging Server Multiple
Vulnerabilities
Critical: Moderately critical
Where: From local network
Impact: DoS, System access
Released: 2008-02-22
Luigi Auriemma has discovered some vulnerabilities in Zilab Chat and
Instant Messaging (ZIM) Server, which can be exploited by malicious
people to cause a DoS (Denial of Service) or compromise a vulnerable
system.
Full Advisory:
http://secunia.com/advisories/29062/
--
[SA29142] AuthentiX Multiple Cross-Site Scripting Vulnerabilities
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2008-02-28
William Hicks and Chris Castaldo have discovered some vulnerabilities
in AuthentiX, which can be exploited by malicious people to conduct
cross-site scripting attacks.
Full Advisory:
http://secunia.com/advisories/29142/
--
[SA29151] Trend Micro OfficeScan 8.0 Policy Server Denial of Service
Critical: Less critical
Where: From local network
Impact: DoS
Released: 2008-02-28
Luigi Auriemma has discovered a vulnerability in Trend Micro
OfficeScan, which can be exploited by malicious people to cause a DoS
(Denial of Service).
Full Advisory:
http://secunia.com/advisories/29151/
--
[SA29075] Double-Take for Windows Information Disclosure and Denial of
Service
Critical: Less critical
Where: From local network
Impact: Exposure of system information, DoS
Released: 2008-02-25
Luigi Auriemma has reported some vulnerabilities in Double-Take for
Windows, which can be exploited by malicious people to disclose system
information and cause a DoS (Denial of Service)
Full Advisory:
http://secunia.com/advisories/29075/
--
[SA29117] VMware Products Shared Folders Directory Traversal
Vulnerability
Critical: Less critical
Where: Local system
Impact: Security Bypass
Released: 2008-02-26
Gerardo Richarte has reported a vulnerability in VMware products, which
can be exploited by malicious, local users or malicious applications to
bypass certain security restrictions.
Full Advisory:
http://secunia.com/advisories/29117/
UNIX/Linux:--
[SA29141] Gentoo update for xine-lib
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2008-02-27
Gentoo has issued an update in xine-lib. This fixes some
vulnerabilities, which can be exploited by malicious people to
compromise a user's system.
Full Advisory:
http://secunia.com/advisories/29141/
--
[SA29135] Debian update for ghostscript
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2008-02-28
Debian has issued an update for ghostscript. This fixes a
vulnerability, which can be exploited by malicious people to compromise
a user's system.
Full Advisory:
http://secunia.com/advisories/29135/
--
[SA29115] Fedora update for sword
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2008-02-26
Fedora has issued an update for sword. This fixes a vulnerability,
which can be exploited by malicious people to compromise a vulnerable
system.
Full Advisory:
http://secunia.com/advisories/29115/
--
[SA29112] Red Hat update for ghostscript
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2008-02-28
Red Hat has issued an update for ghostscript. This fixes a
vulnerability, which can be exploited by malicious people to compromise
a user's system.
Full Advisory:
http://secunia.com/advisories/29112/
--
[SA29104] Debian update for koffice
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2008-02-26
Debian has issued an update for koffice. This fixes some
vulnerabilities, which can be exploited by malicious people to
compromise a user's system.
Full Advisory:
http://secunia.com/advisories/29104/
--
[SA29094] GraphicsMagick Multiple Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: DoS, System access
Released: 2008-02-25
Some vulnerabilities have been reported in GraphicsMagick, which can be
exploited by malicious people to conduct DoS (Denial of Service) attacks
or compromise a user's system.
Full Advisory:
http://secunia.com/advisories/29094/
--
[SA29086] Debian update for iceape
Critical: Highly critical
Where: From remote
Impact: Security Bypass, Cross Site Scripting, Spoofing, Exposure
of sensitive information, DoS, System access
Released: 2008-02-25
Debian has issued an update for iceape. This fixes some vulnerabilities
and weaknesses, which can be exploited by malicious people to disclose
sensitive information, bypass certain security restrictions, conduct
spoofing attacks, or to compromise a user's system.
Full Advisory:
http://secunia.com/advisories/29086/
--
[SA29065] Red Hat update for acroread
Critical: Highly critical
Where: From remote
Impact: Unknown, Hijacking, DoS, System access
Released: 2008-02-25
Red Hat has issued an update for acroread. This fixes some
vulnerabilities, some of which have unknown impacts, while others can
be exploited by malicious people to conduct cross-site request forgery
attacks, cause a DoS (Denial of Service), or compromise a user's
system.
Full Advisory:
http://secunia.com/advisories/29065/
--
[SA29060] Gentoo udpate for clamav
Critical: Highly critical
Where: From remote
Impact: DoS, System access
Released: 2008-02-22
Gentoo has issued an update for clamav. This fixes some
vulnerabilities, which can be exploited to cause a DoS (Denial of
Service) or to potentially compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/29060/
--
[SA29161] IBM AIX libc "inet_network()" Off-By-One Vulnerability
Critical: Moderately critical
Where: From remote
Impact: DoS, System access
Released: 2008-02-28
IBM has acknowledged a vulnerability in AIX, which can be exploited by
malicious people to cause a DoS (Denial of Service) or to potentially
compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/29161/
--
[SA29157] Red Hat update for gd
Critical: Moderately critical
Where: From remote
Impact: DoS, System access
Released: 2008-02-28
Red Hat has issued an update for gd. This fixes some vulnerabilities,
which can be exploited by malicious people to cause a DoS (Denial of
Service) or potentially compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/29157/
--
[SA29130] Apple Mac OS X "ipcomp6_input()" Denial of Service
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2008-02-27
A vulnerability has been reported in Apple Mac OS X, which can be
exploited by malicious people to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/29130/
--
[SA29100] Sun Solaris Firewall Security Bypass and Denial of Service
Critical: Moderately critical
Where: From remote
Impact: Security Bypass, DoS
Released: 2008-02-25
Sun has acknowledged a vulnerability in Solaris, which can be exploited
by malicious people to bypass certain security restrictions and cause a
DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/29100/
--
[SA29085] Gentoo update for python
Critical: Moderately critical
Where: From remote
Impact: DoS, System access
Released: 2008-02-25
Gentoo has issued an update for python. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service) or potentially compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/29085/
--
[SA29079] Red Hat update for netpbm
Critical: Moderately critical
Where: From remote
Impact: DoS, System access
Released: 2008-02-28
Red Hat has issued an update for netpbm. This fixes a vulnerability,
which can potentially be exploited by malicious people to compromise a
vulnerable system.
Full Advisory:
http://secunia.com/advisories/29079/
--
[SA29078] OpenBSD Two Denial of Service Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2008-02-25
Two vulnerabilities have been reported in OpenBSD, which can be
exploited by malicious people to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/29078/
--
[SA29074] Solaris 10 Perl Regular Expressions Unicode Data Buffer
Overflow
Critical: Moderately critical
Where: From remote
Impact: DoS, System access
Released: 2008-02-22
Sun has acknowledged a vulnerability in Solaris, which potentially can
be exploited by malicious people to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/29074/
--
[SA29070] Red Hat update for tcltk
Critical: Moderately critical
Where: From remote
Impact: DoS, System access
Released: 2008-02-22
Red Hat has issued an update for tcltk. This fixes some
vulnerabilities, which can be exploited by malicious users to cause a
DoS (Denial of Service) and potentially by malicious people to
compromise an application using the library.
Full Advisory:
http://secunia.com/advisories/29070/
--
[SA29069] Red Hat update for tk
Critical: Moderately critical
Where: From remote
Impact: DoS, System access
Released: 2008-02-22
Red Hat has issued an update for tk. This fixes some vulnerabilities,
which can be exploited by malicious people to compromise an application
using the library.
Full Advisory:
http://secunia.com/advisories/29069/
--
[SA29066] lighttpd File Descriptor Array Denial of Service
Vulnerability
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2008-02-22
A vulnerability has been reported in lighttpd, which can be exploited
by malicious people to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/29066/
--
[SA29120] Fedora update for cups
Critical: Moderately critical
Where: From local network
Impact: DoS, System access
Released: 2008-02-26
Fedora has issued an update for cups. This fixes a vulnerability, which
can be exploited by malicious people to cause a DoS (Denial of Service)
or to potentially compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/29120/
--
[SA29127] DNSSEC-Tools libval Validation Algorithm Security Issue
Critical: Less critical
Where: From remote
Impact: Security Bypass
Released: 2008-02-26
A security issue has been reported in DNSSEC-Tools, which can be
exploited by malicious people to bypass certain security restrictions.
Full Advisory:
http://secunia.com/advisories/29127/
--
[SA29114] Maian Cart "keywords" Cross-Site Scripting
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2008-02-28
Russ McRee has discovered a vulnerability in Maian Cart, which can be
exploited by malicious people to conduct cross-site scripting attacks.
Full Advisory:
http://secunia.com/advisories/29114/
--
[SA29095] Fedora update for dnssec-tools
Critical: Less critical
Where: From remote
Impact: Security Bypass
Released: 2008-02-26
Fedora has issued an update for dnssec-tools. This fixes a security
issue, which can be exploited by malicious people to bypass certain
security restrictions.
Full Advisory:
http://secunia.com/advisories/29095/
--
[SA29083] Mandriva update for nss_ldap
Critical: Less critical
Where: From remote
Impact: Manipulation of data
Released: 2008-02-25
Mandriva has issued an update for nss_ldap. This fixes a security
issue, which can be exploited by malicious people to manipulate certain
data.
Full Advisory:
http://secunia.com/advisories/29083/
--
[SA29071] Debian update for turba2
Critical: Less critical
Where: From remote
Impact: Security Bypass
Released: 2008-02-25
Debian has issued an update for turba2. This fixes a security issue,
which can be exploited by malicious users to bypass certain security
restrictions.
Full Advisory:
http://secunia.com/advisories/29071/
--
[SA29058] Debian update for kernel
Critical: Less critical
Where: From remote
Impact: Unknown, Security Bypass, Exposure of sensitive
information, Privilege escalation, DoS
Released: 2008-02-25
Debian has issued an update for kernel-2.4.27 and kernel-2.6.8. This
fixes some weaknesses, security issues, and vulnerabilities, where one
has an unknown impact, and others can be exploited by malicious, local
users to cause a DoS (Denial of Service), disclose potentially
sensitive information, bypass certain security restrictions, and gain
escalated privileges, and by malicious people to cause a DoS.
Full Advisory:
http://secunia.com/advisories/29058/
--
[SA29132] Mandriva update for cups
Critical: Less critical
Where: From local network
Impact: DoS
Released: 2008-02-28
Mandriva has issued an update for cups. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).
Full Advisory:
http://secunia.com/advisories/29132/
--
[SA29087] Red Hat update for cups
Critical: Less critical
Where: From local network
Impact: DoS
Released: 2008-02-25
Red Hat has issued an update for cups. This fixes two vulnerabilities,
which can be exploited by malicious people to cause a DoS (Denial of
Service).
Full Advisory:
http://secunia.com/advisories/29087/
--
[SA29068] Red Hat update for openldap
Critical: Less critical
Where: From local network
Impact: DoS
Released: 2008-02-22
Red Hat has issued an update for openldap. This fixes some
vulnerabilities, which can be exploited by malicious users to cause a
DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/29068/
--
[SA29067] Red Hat update for cups
Critical: Less critical
Where: From local network
Impact: DoS
Released: 2008-02-22
Red Hat has issued an update for cups. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).
Full Advisory:
http://secunia.com/advisories/29067/
--
[SA29160] Red Hat update for dbus
Critical: Less critical
Where: Local system
Impact: Security Bypass
Released: 2008-02-28
Red Hat has issued an update for dbus. This fixes a security issue,
which can be exploited by malicious, local users to bypass certain
security restrictions.
Full Advisory:
http://secunia.com/advisories/29160/
--
[SA29148] D-Bus "send_interface" Security Policy Bypass
Critical: Less critical
Where: Local system
Impact: Security Bypass
Released: 2008-02-28
A security issue has been reported in D-Bus, which can be exploited by
malicious, local users to bypass certain security restrictions.
Full Advisory:
http://secunia.com/advisories/29148/
--
[SA29139] IBM AIX X Server Multiple Vulnerabilities
Critical: Less critical
Where: Local system
Impact: Exposure of sensitive information, Privilege escalation
Released: 2008-02-28
IBM has acknowledged some vulnerabilities in AIX, which can be
exploited by malicious, local users to cause a DoS (Denial of Service),
disclose potentially sensitive information, or to gain escalated
privileges.
Full Advisory:
http://secunia.com/advisories/29139/
--
[SA29113] Fedora update for wyrd
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2008-02-26
Fedora has issued an update for wyrd. This fixes a vulnerability, which
can be exploited by malicious, local users to perform certain actions
with escalated privileges.
Full Advisory:
http://secunia.com/advisories/29113/
--
[SA29111] Symark PowerBroker Client Binaries Buffer Overflow
Vulnerabilities
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2008-02-27
Michael Ligh and Greg Sinclair have reported some vulnerabilities in
Symark PowerBroker, which can be exploited by malicious, local users to
gain escalated privileges.
Full Advisory:
http://secunia.com/advisories/29111/
--
[SA29080] SplitVT "xprop" Privilege Escalation Security Issue
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2008-02-22
A security issue has been reported in SplitVT, which can be exploited
by malicious, local users to gain escalated privileges.
Full Advisory:
http://secunia.com/advisories/29080/
--
[SA29064] Debian update for splitvt
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2008-02-22
Debian has issued an update for splitvt. This fixes a security issue,
which can be exploited by malicious, local users to gain escalated
privileges.
Full Advisory:
http://secunia.com/advisories/29064/
--
[SA29059] Debian update for dspam
Critical: Less critical
Where: Local system
Impact: Exposure of sensitive information
Released: 2008-02-22
Debian has issued an update for dspam. This fixes a security issue,
which can be exploited by malicious, local users to disclose sensitive
information.
Full Advisory:
http://secunia.com/advisories/29059/
--
[SA29136] Fedora update for kvm
Critical: Not critical
Where: Local system
Impact: Security Bypass
Released: 2008-02-26
Fedora has issued an update for kvm. This fixes a vulnerability, which
can be exploited by malicious, local users to bypass certain security
restrictions.
Full Advisory:
http://secunia.com/advisories/29136/
--
[SA29129] KVM Block Device Backend Security Bypass
Critical: Not critical
Where: Local system
Impact: Security Bypass
Released: 2008-02-26
A vulnerability has been reported in KVM, which can be exploited by
malicious, local users to bypass certain security restrictions.
Full Advisory:
http://secunia.com/advisories/29129/
--
[SA29097] Net Activity Viewer Privilege Escalation Security Issue
Critical: Not critical
Where: Local system
Impact: Privilege escalation
Released: 2008-02-25
A security issue has been reported in Net Activity Viewer, which can be
exploited by malicious, local users to gain escalated privileges.
Full Advisory:
http://secunia.com/advisories/29097/
--
[SA29081] Fedora update for qemu
Critical: Not critical
Where: Local system
Impact: Security Bypass
Released: 2008-02-26
Fedora has issued an update for qemu. This fixes a vulnerability, which
can be exploited by malicious, local users to bypass certain security
restrictions.
Full Advisory:
http://secunia.com/advisories/29081/
Other:--
[SA29082] Cisco IP Phone 7921 Insecure PEAP Implementation
Critical: Less critical
Where: From local network
Impact: Exposure of sensitive information
Released: 2008-02-27
A security issue has been reported in Cisco IP Phone 7921, which
potentially can be exploited by malicious people to disclose sensitive
information.
Full Advisory:
http://secunia.com/advisories/29082/
Cross Platform:--
[SA29153] Miro MP4 Demuxer Arbitrary Memory Overwrite
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2008-02-28
A vulnerability has been reported in Miro, which can potentially be
exploited by malicious people to compromise a user's system.
Full Advisory:
http://secunia.com/advisories/29153/
--
[SA29140] Symantec Products Symantec Decomposer RAR File Handling
Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: DoS, System access
Released: 2008-02-27
Two vulnerabilities have been reported in various Symantec products,
which can be exploited by malicious people to cause a DoS (Denial of
Service) or compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/29140/
--
[SA29133] Mozilla Thunderbird MIME Processing Buffer Overflow
Vulnerability
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2008-02-27
A vulnerability has been reported in Mozilla Thunderbird, which can be
exploited by malicious people to potentially compromise a user's
system.
Full Advisory:
http://secunia.com/advisories/29133/
--
[SA29122] VLC Media Player MP4 Demuxer Arbitrary Memory Overwrite
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2008-02-27
A vulnerability has been reported in VLC Media Player, which can
potentially be exploited by malicious people to compromise a user's
system.
Full Advisory:
http://secunia.com/advisories/29122/
--
[SA29110] DBHcms "extmanager_install" File Inclusion Vulnerability
Critical: Highly critical
Where: From remote
Impact: Exposure of system information, Exposure of sensitive
information, System access
Released: 2008-02-26
Iron has discovered a vulnerability in DBHcms, which can be exploited
by malicious people to disclose sensitive information or to compromise
a vulnerable system.
Full Advisory:
http://secunia.com/advisories/29110/
--
[SA29103] Ghostscript "zseticcspace()" Buffer Overflow Vulnerability
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2008-02-28
Chris Evans has reported a vulnerability in Ghostscript, which can be
exploited by malicious people to compromise a user's system.
Full Advisory:
http://secunia.com/advisories/29103/
--
[SA29099] WordPress Sniplets Plugin Multiple Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: Cross Site Scripting, Exposure of system information,
Exposure of sensitive information, System access
Released: 2008-02-27
NBBN has discovered some vulnerabilities in the Sniplets plugin for
WordPress, which can be exploited by malicious people to conduct
cross-site scripting attacks, disclose sensitive information, or
compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/29099/
--
[SA29089] php Download Manager "content" File Inclusion Vulnerability
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2008-02-25
BeyazKurt has discovered a vulnerability in php Download Manager, which
can be exploited by malicious people to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/29089/
--
[SA29088] Interstage Application Server Single Sign-On Buffer Overflow
Critical: Highly critical
Where: From remote
Impact: DoS, System access
Released: 2008-02-25
A vulnerability has been reported in Interstage Application Server,
which can be exploited by malicious people to cause a DoS (Denial of
Service) or to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/29088/
--
[SA29077] Quantum Star "CONFIG[gameroot]" File Inclusion
Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: Exposure of system information, Exposure of sensitive
information, System access
Released: 2008-02-25
RoMaNcYxHaCkEr has discovered two vulnerabilities in Quantum Star:
Generations, which can be exploited by malicious people to disclose
sensitive information or to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/29077/
--
[SA29076] phpQLAdmin "_SESSION[path]" File Inclusion Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: Exposure of system information, Exposure of sensitive
information, System access
Released: 2008-02-25
RoMaNcYxHaCkEr has reported two vulnerabilities in phpQLAdmin, which
can be exploited by malicious people to disclose sensitive information
or to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/29076/
--
[SA29156] Wireshark Multiple Denial of Service Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2008-02-28
Some vulnerabilities have been reported in Wireshark, which can be
exploited by malicious people to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/29156/
--
[SA29123] eazyPortal "session_vars" SQL Injection Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data, Exposure of sensitive information
Released: 2008-02-28
Iron has discovered a vulnerability in eazyPortal, which can be
exploited by malicious people to conduct SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/29123/
--
[SA29107] Xoops XM-Memberstats Module "letter" and "sortby" SQL
Injection
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2008-02-25
Two vulnerabilities have been discovered in the XM-Memberstats module
for Xoops, which can be exploited by malicious people to conduct SQL
injection attacks.
Full Advisory:
http://secunia.com/advisories/29107/
--
[SA29106] Joomla! "mosConfig_absolute_path" File Inclusion
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2008-02-25
Hendrik-Jan Verheij has discovered a vulnerability in Joomla!, which
can be exploited by malicious people to compromise a vulnerable
system.
Full Advisory:
http://secunia.com/advisories/29106/
--
[SA29090] Joomla! Gary's Cookbook Component "id" SQL Injection
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2008-02-25
S@BUN has discovered a vulnerability in the Gary's Cookbook component
for Joomla!, which can be exploited by malicious people to conduct SQL
injection attacks.
Full Advisory:
http://secunia.com/advisories/29090/
--
[SA29084] H-Sphere SiteStudio Unspecified Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Unknown
Released: 2008-02-26
A vulnerability with unknown impact has been reported in H-Sphere
SiteStudio.
Full Advisory:
http://secunia.com/advisories/29084/
--
[SA29073] XOOPS Tiny Event Module "id" SQL Injection
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data, Exposure of sensitive information
Released: 2008-02-22
S@BUN has discovered a vulnerability in the Tiny Event module for
XOOPS, which can be exploited by malicious people to conduct SQL
injection attacks.
Full Advisory:
http://secunia.com/advisories/29073/
--
[SA29063] XOOPS Prayer List Module "cid" SQL Injection
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data, Exposure of sensitive information
Released: 2008-02-22
S@BUN has discovered a vulnerability in the Prayer List module for
XOOPS, which can be exploited by malicious people to conduct SQL
injection attacks.
Full Advisory:
http://secunia.com/advisories/29063/
--
[SA29061] beContent "id" SQL Injection Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data, Exposure of sensitive information
Released: 2008-02-22
Cr@zy_King has reported a vulnerability in beContent, which can be
exploited by malicious people to conduct SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/29061/
--
[SA29150] Interspire Shopping Cart "search_query" Cross-Site Scripting
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2008-02-28
Russ McRee has reported a vulnerability in Interspire Shopping Cart,
which can be exploited by malicious people to conduct cross-site
scripting attacks.
Full Advisory:
http://secunia.com/advisories/29150/
--
[SA29128] Serendipity Script Insertion and Cross-Site Scripting
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2008-02-27
Hanno Boeck has discovered two vulnerabilities in Serendipity, which
can be exploited by malicious users to conduct cross-site scripting and
script insertion attacks.
Full Advisory:
http://secunia.com/advisories/29128/
--
[SA29118] Drupal Multiple Script Insertion Vulnerabilities
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2008-02-28
Some vulnerabilities have been reported in Drupal, which can be
exploited by malicious users to conduct script insertion attacks.
Full Advisory:
http://secunia.com/advisories/29118/
--
[SA29116] Plume CMS "dir" Cross-Site Scripting Vulnerability
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2008-02-26
Omer Singer has discovered a vulnerability in Plume CMS, which can be
exploited by malicious people to conduct cross-site scripting attacks.
Full Advisory:
http://secunia.com/advisories/29116/
--
[SA29093] Matt's Whois "domain" Cross-Site Scripting Vulnerability
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2008-02-25
Ivan Sanchez and Maximiliano Soler have reported a vulnerability in
Matt's Whois, which can be exploited by malicious people to conduct
cross-site scripting attacks.
Full Advisory:
http://secunia.com/advisories/29093/
--
[SA29092] TikiWiki "tiki-edit_article.php" Script Insertion
Vulnerability
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2008-02-25
A vulnerability has been reported in TikiWiki, which can be exploited
by malicious users to conduct script insertion attacks.
Full Advisory:
http://secunia.com/advisories/29092/
--
[SA29072] IBM Lotus Quickr/QuickPlace Cross-Site Scripting
Vulnerability
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2008-02-25
Nir Goldshlager (Avnet) has reported a vulnerability in IBM Lotus
Quickr/QuickPlace, which can be exploited by malicious people to
conduct cross-site scripting attacks.
Full Advisory:
http://secunia.com/advisories/29072/
========================================================================
Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Subscribe:
http://secunia.com/secunia_weekly_summary/
Contact details:
Web : http://secunia.com/
E-mail : support@private
Tel : +45 70 20 51 44
Fax : +45 70 20 51 45
___________________________________________________
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn
This archive was generated by hypermail 2.1.3 : Fri Feb 29 2008 - 01:30:35 PST