======================================================================== The Secunia Weekly Advisory Summary 2008-03-20 - 2008-03-27 This week: 94 advisories ======================================================================== Table of Contents: 1.....................................................Word From Secunia 2....................................................This Week In Brief 3...............................This Weeks Top Ten Most Read Advisories 4.......................................Vulnerabilities Summary Listing 5.......................................Vulnerabilities Content Listing ======================================================================== 1) Word From Secunia: Secunia invites you to join us in the biggest IT Expo event of the year - the RSA Conference in the Moscone Center, San Francisco, California from 7 to 11 April 2008. If you are interested in going to the expo exhibit and meeting us, please contact your Secunia Account Executive for a FREE EXPO PASS! ======================================================================== 2) This Week in Brief: Two vulnerabilities have been discovered in Safari, which can be exploited by malicious people to conduct spoofing attacks or potentially compromise a user's system. A highly critical error when downloading e.g. a .ZIP file with an overly long filename can be exploited to cause a memory corruption. Successful exploitation may allow an attacker to execute arbitrary code on a vulnerable system. A less critical error in the handling of windows can be exploited to display arbitrary content while showing the URL of a trusted web site in the address bar. The vulnerabilities are confirmed in version 3.1 for Windows. Other versions may also be affected. As the vulnerabilities are currently unpatched, Secunia recommends that users avoid visiting untrusted websites. For more information, refer to: http://secunia.com/advisories/29483/ -- Some vulnerabilities and weaknesses have been reported in Mozilla Firefox, Thunderbird, and Seamonkey, which can be exploited by malicious people to bypass certain security restrictions, disclose potentially sensitive information, conduct cross-site scripting and phishing attacks, and potentially compromise a user's system. An unspecified error in the handling of "XPCNativeWrappers" can lead to the execution of arbitrary Javascript code with the user's privileges via "setTimeout()" calls. Various errors in the handling of Javascript code, in the layout engine, and in the Javascript engine can be exploited to execute arbitrary code. Various errors in the handling of Javascript code can also be used to conduct cross-site scripting attacks. An error within the handling of HTTP "Referer:" headers sent with requests to URLs containing "Basic Authentication" credentials having an empty username can be exploited to bypass cross-site request forgery protections. An error in the handling of the "jar:" protocol can be exploited to establish connections to arbitrary ports on the local machine. This is related to a vulnerability in Sun Java. An error when displaying XUL pop-up windows can be exploited to hide the window's borders and facilitate phishing attacks. Lastly, a problem exists because Firefox offers a previously configured private SSL certificate when establishing connections to webservers requesting SSL Client Authentication. This can potentially be exploited to disclose sensitive information via a malicious webserver. The vulnerabilities are reported in versions prior to 2.0.0.13. Users are advised to update version 2.0.0.13 as soon as possible. For more information, refer to: http://secunia.com/advisories/29239/ To find out if your home computer is vulnerable to any of these security problems, scan using the free Personal Software Inspector. Check if a vulnerable version is installed on computers in your corporate network, using the Network Software Inspector. -- Microsoft updated two security bulletins this week. The first, a Microsoft Jet Engine advisory from 2005, was updated due to recent reports that a new attack vector using Microsoft Word was available in the wild. Microsoft was quick to respond with a security bulletin, but the vulnerability has not yet been patched. In the meantime, users are advised not to open untrusted Office documents. For more information, refer to: http://secunia.com/advisories/14896/ The second is an update on a Microsoft Office vulnerability from 2007. Microsoft has reported that additional software, namely the "Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats" application, is also vulnerable to the flaw. Updated patches are now available for all affected systems. For more information, refer to: http://secunia.com/advisories/25178/ -- VIRUS ALERTS: During the past week Secunia collected 71 virus descriptions from the Antivirus vendors. However, none were deemed MEDIUM risk or higher according to the Secunia assessment scale. ======================================================================== 3) This Weeks Top Ten Most Read Advisories: 1. [SA29483] Safari Address Bar Spoofing and Memory Corruption Vulnerabilities 2. [SA29344] Linksys WRT54G Security Bypass Vulnerability 3. [SA29458] Windows Vista "NoDriveTypeAutoRun" Security Issue 4. [SA29455] Adobe Flash FLA File Parsing Vulnerabilities 5. [SA29484] xine-lib Multiple Integer Overflow Vulnerabilities 6. [SA29469] Apple Aperture/iPhoto DNG Image Parsing Buffer Overflow 7. [SA29445] Piczo Image Uploader ActiveX Control Buffer Overflows 8. [SA29526] Mozilla Firefox Multiple Vulnerabilities 9. [SA29489] CenterIM URL Parsing Command Execution Vulnerability 10. [SA29386] Namazu namazu.cgi UTF-7 Cross-Site Scripting ======================================================================== 4) Vulnerabilities Summary Listing Windows: [SA29483] Safari Address Bar Spoofing and Memory Corruption Vulnerabilities [SA29540] File Transfer Request File Directory Traversal Vulnerability [SA29533] Aeries Browser Interface Cross-Site Scripting and SQL Injection [SA29499] Efestech E-Kontr "id" SQL Injection [SA29488] DotNetNuke Multiple Vulnerabilities [SA29455] Adobe Flash FLA File Parsing Vulnerabilities [SA29508] TFTP Server SP Long Filename Buffer Overflow Vulnerability [SA29494] Quick Tftp Server Pro Long Mode Buffer Overflow Vulnerability [SA29538] LEADTOOLS Multimedia Library ActiveX Controls "SaveSettingsToFile()" Insecure Method [SA29524] ManageEngine EventLog Analyzer "searchText" Cross-Site Scripting [SA29467] IBM Rational ClearQuest Cross-Site Scripting Vulnerabilities [SA29453] Internet Explorer HTTP Request Smuggling/Splitting Vulnerabilities [SA29458] Windows Vista "NoDriveTypeAutoRun" Security Issue UNIX/Linux: [SA29563] Fedora update for firefox [SA29550] Red Hat update for firefox [SA29541] Ubuntu update for firefox [SA29516] Gentoo update for krb5 [SA29515] MPlayer "sdpplin_parse()" Integer Overflow Vulnerability [SA29489] CenterIM URL Parsing Command Execution Vulnerability [SA29484] xine-lib Multiple Integer Overflow Vulnerabilities [SA29472] Fedora update for xine-lib [SA29470] Fedora update for asterisk [SA29469] Apple Aperture/iPhoto DNG Image Parsing Buffer Overflow [SA29464] Fedora update for krb5 [SA29462] Mandriva update for krb5 [SA29457] rPath update for krb5 [SA29557] Ubuntu update for dovecot [SA29552] HP Tru64 UNIX SSH SFTP Server Vulnerability [SA29546] Mandriva update for perl-Tk [SA29542] Ubuntu update for sdl-image [SA29511] Gentoo update for wireshark [SA29502] Debian update for serendipity [SA29497] rPath update for bzip2 [SA29495] rPath update for unzip [SA29492] Apache::AuthCAS Session ID SQL Injection Vulnerability [SA29486] Undernet ircu "send_user_mode" Denial of Service Vulnerability [SA29481] snircd "send_user_mode" Denial of Service Vulnerability [SA29485] Debian update for cupsys [SA29454] Sun Solaris rpc.ypupdated Arbitrary Command Execution [SA29562] Fedora update for php-pear-PhpDocumentor [SA29561] Fedora update for namazu [SA29556] Ubuntu update for ruby [SA29555] Ubuntu update for libnet-dns-perl [SA29536] rPath update for ruby [SA29534] ClanSphere Unspecified Cross-Site Scripting Vulnerabilities [SA29529] Sun SPARC Enterprise T5120 and T5220 Servers Insecure Configuration [SA29506] Ubuntu update for bzip2 [SA29504] IBM WebSphere Application Server for z/OS HTTP Server mod_status Cross-Site Scripting [SA29475] Mandriva update for bzip2 [SA29465] Fedora update for libsilc [SA29461] Gentoo update for openldap [SA29460] Gentoo update for viewvc [SA29456] Debian update for asterisk [SA29554] Mandriva update for openssh [SA29537] rPath update for gnome-ssh-askpass and openssh [SA29522] OpenSSH X11 Forwarding Information Disclosure Vulnerability [SA29518] IBM AIX "usr/sbin/chnfsmnt" Vulnerability [SA29482] Red Hat Directory Server Insecure File Permissions Other: [SA29559] Cisco IOS Denial of Service Vulnerability [SA29507] Cisco IOS Multiple Vulnerabilities [SA29531] D-Link DI-604 "rf" Cross-Site Scripting Vulnerability [SA29530] D-Link DSL-G604T "var:category" Cross-Site Scripting Vulnerability Cross Platform: [SA29548] Mozilla Thunderbird Multiple Vulnerabilities [SA29547] Mozilla SeaMonkey Multiple Vulnerabilities [SA29526] Mozilla Firefox Multiple Vulnerabilities [SA29520] Joomla Custompages Component "cpage" File Inclusion [SA29503] VLC Media Player "MP4_ReadBox_rdrf()" Buffer Overflow Vulnerability [SA29463] SILC "silc_pkcs1_decode" Integer Overflow Vulnerability [SA29535] BolinOS Multiple Vulnerabilities [SA29514] phpAddressBook Multiple Vulnerabilities [SA29513] RunCMS Photo Module "cid" SQL Injection Vulnerability [SA29510] Joomla rekry!Joom Component "op_id" SQL Injection [SA29509] PECL Alternative PHP Cache "apc_search_paths" Buffer Overflow Vulnerability [SA29496] Elastic Path Multiple Directory Traversal Vulnerabilities [SA29493] e107 my_gallery Plugin "file" Information Disclosure [SA29487] phpBB eXtreme Styles Module "phpEx" Local File Inclusion [SA29480] PowerBook "page" Local File Inclusion Vulnerability [SA29479] XLPortal "query" SQL Injection Vulnerability [SA29478] HIS-Webshop "t" Directory Traversal Vulnerability [SA29474] Joomla Joovideo Component "id" SQL Injection Vulnerability [SA29473] Joomla Alberghi Component "id" SQL Injection Vulnerability [SA29471] Joomla Restaurante Component "id" SQL Injection Vulnerability [SA29466] PEEL Multiple Vulnerabilities [SA29459] SILC Server "NEW_CLIENT" Packet Denial of Service [SA29512] IBM solidDB Multiple Vulnerabilities [SA29476] Novell eDirectory LDAP delRequest Message Processing Buffer Overflow [SA29532] CubeCart Two Cross-Site Scripting Vulnerabilities [SA29528] GNB DesignForm Cross-Site Scripting Vulnerability [SA29525] LinPHA Multiple Cross-Site Scripting Vulnerabilities [SA29517] PerlMailer Cross-Site Scripting Vulnerability [SA29491] eGroupWare HTML Filter Bypass Vulnerability [SA29490] Photo Cart "amessage" Cross-Site Scripting Vulnerability [SA29468] CS-Cart "q" Cross-Site Scripting Vulnerability [SA29527] Novell eDirectory eMBox Utility Unspecified Vulnerability ======================================================================== 5) Vulnerabilities Content Listing Windows:-- [SA29483] Safari Address Bar Spoofing and Memory Corruption Vulnerabilities Critical: Highly critical Where: From remote Impact: Spoofing, System access Released: 2008-03-24 Juan Pablo Lopez Yacubian has discovered two vulnerabilities in Safari, which can be exploited by malicious people to conduct spoofing attacks or potentially compromise a user's system. Full Advisory: http://secunia.com/advisories/29483/ -- [SA29540] File Transfer Request File Directory Traversal Vulnerability Critical: Moderately critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information Released: 2008-03-26 teeed has reported a vulnerability in File Transfer, which can be exploited by malicious people to disclose sensitive information. Full Advisory: http://secunia.com/advisories/29540/ -- [SA29533] Aeries Browser Interface Cross-Site Scripting and SQL Injection Critical: Moderately critical Where: From remote Impact: Manipulation of data, Cross Site Scripting Released: 2008-03-26 Arsalan Emamjomehkashan has reported some vulnerabilities in Aeries Browser Interface, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks. Full Advisory: http://secunia.com/advisories/29533/ -- [SA29499] Efestech E-Kontr "id" SQL Injection Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2008-03-25 RMx has reported a vulnerability in Efestech E-Kontr, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/29499/ -- [SA29488] DotNetNuke Multiple Vulnerabilities Critical: Moderately critical Where: From remote Impact: Security Bypass, Privilege escalation, System access Released: 2008-03-25 Some vulnerabilities and a security issue have been reported in DotNetNuke, which can be exploited by malicious users to gain escalated privileges or to compromise a vulnerable system, and by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/29488/ -- [SA29455] Adobe Flash FLA File Parsing Vulnerabilities Critical: Moderately critical Where: From remote Impact: System access Released: 2008-03-20 cocoruder has reported some vulnerabilities in Adobe Flash, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/29455/ -- [SA29508] TFTP Server SP Long Filename Buffer Overflow Vulnerability Critical: Moderately critical Where: From local network Impact: DoS, System access Released: 2008-03-27 Mati Aharoni has discovered a vulnerability in TFTP Server SP, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/29508/ -- [SA29494] Quick Tftp Server Pro Long Mode Buffer Overflow Vulnerability Critical: Moderately critical Where: From local network Impact: DoS, System access Released: 2008-03-27 Mati Aharoni has discovered a vulnerability in Quick Tftp Server Pro, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/29494/ -- [SA29538] LEADTOOLS Multimedia Library ActiveX Controls "SaveSettingsToFile()" Insecure Method Critical: Less critical Where: From remote Impact: Manipulation of data Released: 2008-03-26 shinnai has discovered some vulnerabilities in LEADTOOLS Multimedia, which can be exploited by malicious people to overwrite arbitrary files. Full Advisory: http://secunia.com/advisories/29538/ -- [SA29524] ManageEngine EventLog Analyzer "searchText" Cross-Site Scripting Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2008-03-25 Yogesh Kulkarni has reported a vulnerability in ManageEngine EventLog Analyzer, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/29524/ -- [SA29467] IBM Rational ClearQuest Cross-Site Scripting Vulnerabilities Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2008-03-20 sasquatch has reported some vulnerabilities in IBM Rational ClearQuest, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/29467/ -- [SA29453] Internet Explorer HTTP Request Smuggling/Splitting Vulnerabilities Critical: Less critical Where: From remote Impact: Security Bypass, Cross Site Scripting Released: 2008-03-24 Stefano Di Paola has reported some vulnerabilities in Internet Explorer, which can be exploited by malicious people to conduct HTTP request smuggling/splitting attacks. Full Advisory: http://secunia.com/advisories/29453/ -- [SA29458] Windows Vista "NoDriveTypeAutoRun" Security Issue Critical: Not critical Where: Local system Impact: Security Bypass Released: 2008-03-21 CERT/CC has reported a security issue in Windows Vista, which can be exploited by malicious people to bypass certain security settings. Full Advisory: http://secunia.com/advisories/29458/ UNIX/Linux:-- [SA29563] Fedora update for firefox Critical: Highly critical Where: From remote Impact: Security Bypass, Cross Site Scripting, Spoofing, System access Released: 2008-03-27 Fedora has issued an update for firefox. This fixes some vulnerabilities and a weakness, which can be exploited by malicious people to conduct cross-site scripting and phishing attacks, bypass certain security restrictions, and potentially compromise a user's system. Full Advisory: http://secunia.com/advisories/29563/ -- [SA29550] Red Hat update for firefox Critical: Highly critical Where: From remote Impact: Security Bypass, Cross Site Scripting, System access Released: 2008-03-27 Red Hat has issued an update for firefox. This fixes some vulnerabilities and a weakness, which can be exploited to conduct cross-site scripting attacks, bypass certain security restrictions, and potentially compromise a user's system. Full Advisory: http://secunia.com/advisories/29550/ -- [SA29541] Ubuntu update for firefox Critical: Highly critical Where: From remote Impact: Security Bypass, Cross Site Scripting, Spoofing, Exposure of sensitive information, System access Released: 2008-03-27 Ubuntu has issued an update for firefox. This fixes some vulnerabilities and weaknesses, which can be exploited by malicious people to bypass certain security restrictions, disclose potentially sensitive information, conduct cross-site scripting and phishing attacks, and potentially compromise a user's system. Full Advisory: http://secunia.com/advisories/29541/ -- [SA29516] Gentoo update for krb5 Critical: Highly critical Where: From remote Impact: Exposure of sensitive information, DoS, System access Released: 2008-03-25 Gentoo has issued an update for krb5. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), or potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/29516/ -- [SA29515] MPlayer "sdpplin_parse()" Integer Overflow Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2008-03-26 k`sOSe has discovered a vulnerability in MPlayer, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/29515/ -- [SA29489] CenterIM URL Parsing Command Execution Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2008-03-21 Brian Fonfara has discovered a vulnerability in CenterIM, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/29489/ -- [SA29484] xine-lib Multiple Integer Overflow Vulnerabilities Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2008-03-21 Luigi Auriemma has reported some vulnerabilities in xine-lib, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/29484/ -- [SA29472] Fedora update for xine-lib Critical: Highly critical Where: From remote Impact: System access Released: 2008-03-24 Fedora has issued an update for xine-lib. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/29472/ -- [SA29470] Fedora update for asterisk Critical: Highly critical Where: From remote Impact: Hijacking, Security Bypass, DoS, System access Released: 2008-03-24 Fedora has issued an update for asterisk. This fixes a weakness and some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, cause a DoS (Denial of Service), hijack a user session, and potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/29470/ -- [SA29469] Apple Aperture/iPhoto DNG Image Parsing Buffer Overflow Critical: Highly critical Where: From remote Impact: System access Released: 2008-03-21 A vulnerability has been reported in Aperture and iPhoto, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/29469/ -- [SA29464] Fedora update for krb5 Critical: Highly critical Where: From remote Impact: Exposure of sensitive information, DoS, System access Released: 2008-03-24 Fedora has issued an update for krb5. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), or potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/29464/ -- [SA29462] Mandriva update for krb5 Critical: Highly critical Where: From remote Impact: Exposure of sensitive information, DoS, System access Released: 2008-03-20 Mandriva has issued an update for krb5. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), or potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/29462/ -- [SA29457] rPath update for krb5 Critical: Highly critical Where: From remote Impact: Exposure of sensitive information, DoS, System access Released: 2008-03-20 rPath has issued an update for krb5. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), or potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/29457/ -- [SA29557] Ubuntu update for dovecot Critical: Moderately critical Where: From remote Impact: Security Bypass Released: 2008-03-27 Ubuntu has issued an update for dovecot. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/29557/ -- [SA29552] HP Tru64 UNIX SSH SFTP Server Vulnerability Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2008-03-27 HP has acknowledged a vulnerability in HP Tru64 UNIX, which potentially can be exploited by malicious users to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/29552/ -- [SA29546] Mandriva update for perl-Tk Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2008-03-27 Mandriva has issued an update for perl-Tk. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a user's system. Full Advisory: http://secunia.com/advisories/29546/ -- [SA29542] Ubuntu update for sdl-image Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2008-03-27 Ubuntu has issued an update for sdl-image. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library. Full Advisory: http://secunia.com/advisories/29542/ -- [SA29511] Gentoo update for wireshark Critical: Moderately critical Where: From remote Impact: DoS Released: 2008-03-25 Gentoo has issued an update for wireshark. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/29511/ -- [SA29502] Debian update for serendipity Critical: Moderately critical Where: From remote Impact: Security Bypass, Cross Site Scripting Released: 2008-03-25 Debian has issued an update for serendipity. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and script-insertion attacks or to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/29502/ -- [SA29497] rPath update for bzip2 Critical: Moderately critical Where: From remote Impact: Unknown Released: 2008-03-24 rPath has issued an update for bzip2. This fixes a vulnerability with unknown impact. Full Advisory: http://secunia.com/advisories/29497/ -- [SA29495] rPath update for unzip Critical: Moderately critical Where: From remote Impact: System access Released: 2008-03-24 rPath has issued an update for unzip. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/29495/ -- [SA29492] Apache::AuthCAS Session ID SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2008-03-25 Matthias Bethke has reported a vulnerability in Apache::AuthCAS, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/29492/ -- [SA29486] Undernet ircu "send_user_mode" Denial of Service Vulnerability Critical: Moderately critical Where: From remote Impact: DoS Released: 2008-03-24 Chris Porter has reported a vulnerability in Undernet ircu, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/29486/ -- [SA29481] snircd "send_user_mode" Denial of Service Vulnerability Critical: Moderately critical Where: From remote Impact: DoS Released: 2008-03-24 Chris Porter has reported a vulnerability in snircd, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/29481/ -- [SA29485] Debian update for cupsys Critical: Moderately critical Where: From local network Impact: DoS, System access Released: 2008-03-26 Debian has issued an update for cupsys. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/29485/ -- [SA29454] Sun Solaris rpc.ypupdated Arbitrary Command Execution Critical: Moderately critical Where: From local network Impact: System access Released: 2008-03-21 kcope has discovered a vulnerability in Solaris, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/29454/ -- [SA29562] Fedora update for php-pear-PhpDocumentor Critical: Less critical Where: From remote Impact: Security Bypass Released: 2008-03-27 Fedora has issued an update for php-pear-PhpDocumentor. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/29562/ -- [SA29561] Fedora update for namazu Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2008-03-27 Fedora has issued an update for namazu. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/29561/ -- [SA29556] Ubuntu update for ruby Critical: Less critical Where: From remote Impact: Spoofing Released: 2008-03-27 Ubuntu has issued an update for ruby. This fixes some security issues, which can be exploited by malicious people to conduct spoofing attacks. Full Advisory: http://secunia.com/advisories/29556/ -- [SA29555] Ubuntu update for libnet-dns-perl Critical: Less critical Where: From remote Impact: DoS Released: 2008-03-27 Ubuntu has issued an update for libnet-dns-perl. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/29555/ -- [SA29536] rPath update for ruby Critical: Less critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information Released: 2008-03-26 rPath has issued an update for ruby. This fixes a vulnerability, which can be exploited by malicious people to disclose sensitive information. Full Advisory: http://secunia.com/advisories/29536/ -- [SA29534] ClanSphere Unspecified Cross-Site Scripting Vulnerabilities Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2008-03-27 Some vulnerabilities have been reported in ClanSphere, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/29534/ -- [SA29529] Sun SPARC Enterprise T5120 and T5220 Servers Insecure Configuration Critical: Less critical Where: From remote Impact: Exposure of sensitive information, Exposure of system information, Security Bypass Released: 2008-03-26 A security issue has been reported in some Sun SPARC Enterprise T5120 and T5220 Servers, which can be exploited by malicious users to bypass certain security restrictions Full Advisory: http://secunia.com/advisories/29529/ -- [SA29506] Ubuntu update for bzip2 Critical: Less critical Where: From remote Impact: DoS Released: 2008-03-25 Ubuntu has issued an update for bzip2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/29506/ -- [SA29504] IBM WebSphere Application Server for z/OS HTTP Server mod_status Cross-Site Scripting Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2008-03-25 IBM has acknowledged a vulnerability in IBM WebSphere Application Server for z/OS, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/29504/ -- [SA29475] Mandriva update for bzip2 Critical: Less critical Where: From remote Impact: DoS Released: 2008-03-25 Mandriva has issued an update for bzip2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/29475/ -- [SA29465] Fedora update for libsilc Critical: Less critical Where: From remote Impact: DoS Released: 2008-03-26 Fedora has issue an update for libsilc. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/29465/ -- [SA29461] Gentoo update for openldap Critical: Less critical Where: From remote Impact: DoS Released: 2008-03-20 Gentoo has issued an update for openldap. This fixes some vulnerabilities, which can be exploited by malicious users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/29461/ -- [SA29460] Gentoo update for viewvc Critical: Less critical Where: From remote Impact: Security Bypass Released: 2008-03-20 Gentoo has issued an update for viewvc. This fixes some security issues, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/29460/ -- [SA29456] Debian update for asterisk Critical: Less critical Where: From remote Impact: Security Bypass Released: 2008-03-21 Debian has issued an update for asterisk. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/29456/ -- [SA29554] Mandriva update for openssh Critical: Less critical Where: Local system Impact: Exposure of sensitive information Released: 2008-03-27 Mandriva has issued an update for openssh. This fixes a vulnerability, which can be exploited by malicious, local users to disclose sensitive information. Full Advisory: http://secunia.com/advisories/29554/ -- [SA29537] rPath update for gnome-ssh-askpass and openssh Critical: Less critical Where: Local system Impact: Exposure of sensitive information Released: 2008-03-26 rPath has issued an update for gnome-ssh-askpass and openssh. This fixes a vulnerability, which can be exploited by malicious, local users to disclose sensitive information. Full Advisory: http://secunia.com/advisories/29537/ -- [SA29522] OpenSSH X11 Forwarding Information Disclosure Vulnerability Critical: Less critical Where: Local system Impact: Exposure of sensitive information Released: 2008-03-26 A vulnerability has been discovered in OpenSSH, which can be exploited by malicious, local users to disclose sensitive information. Full Advisory: http://secunia.com/advisories/29522/ -- [SA29518] IBM AIX "usr/sbin/chnfsmnt" Vulnerability Critical: Less critical Where: Local system Impact: Unknown Released: 2008-03-25 A vulnerability with an unknown impact has been reported in IBM AIX. Full Advisory: http://secunia.com/advisories/29518/ -- [SA29482] Red Hat Directory Server Insecure File Permissions Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2008-03-25 A vulnerability has been reported in Red Hat Directory Server, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/29482/ Other:-- [SA29559] Cisco IOS Denial of Service Vulnerability Critical: Moderately critical Where: From remote Impact: DoS Released: 2008-03-27 A vulnerability has been reported in certain Cisco devices, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/29559/ -- [SA29507] Cisco IOS Multiple Vulnerabilities Critical: Moderately critical Where: From remote Impact: Manipulation of data, Exposure of sensitive information, DoS Released: 2008-03-27 Some vulnerabilities have been reported in Cisco IOS, which can be exploited by malicious people to disclose sensitive information, manipulate certain data, or to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/29507/ -- [SA29531] D-Link DI-604 "rf" Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2008-03-25 Jonas has reported a vulnerability in D-Link DI-604, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/29531/ -- [SA29530] D-Link DSL-G604T "var:category" Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2008-03-25 Gareth Heyes has reported a vulnerability in D-Link DSL-G604T, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/29530/ Cross Platform:-- [SA29548] Mozilla Thunderbird Multiple Vulnerabilities Critical: Highly critical Where: From remote Impact: Security Bypass, Cross Site Scripting, System access Released: 2008-03-26 Some vulnerabilities have been reported in Mozilla Thunderbird, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, or potentially compromise a user's system. Full Advisory: http://secunia.com/advisories/29548/ -- [SA29547] Mozilla SeaMonkey Multiple Vulnerabilities Critical: Highly critical Where: From remote Impact: Security Bypass, Cross Site Scripting, Spoofing, Exposure of sensitive information, System access Released: 2008-03-26 Some vulnerabilities and weaknesses have been reported in Mozilla SeaMonkey, which can be exploited by malicious people to bypass certain security restrictions, disclose potentially sensitive information, conduct cross-site scripting and phishing attacks, and potentially compromise a user's system. Full Advisory: http://secunia.com/advisories/29547/ -- [SA29526] Mozilla Firefox Multiple Vulnerabilities Critical: Highly critical Where: From remote Impact: Security Bypass, Cross Site Scripting, Spoofing, Exposure of sensitive information, System access Released: 2008-03-26 Some vulnerabilities and weaknesses have been reported in Mozilla Firefox, which can be exploited by malicious people to bypass certain security restrictions, disclose potentially sensitive information, conduct cross-site scripting and phishing attacks, and potentially compromise a user's system. Full Advisory: http://secunia.com/advisories/29526/ -- [SA29520] Joomla Custompages Component "cpage" File Inclusion Critical: Highly critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information, System access Released: 2008-03-25 Sniper456 has discovered a vulnerability in the Custompages component for Joomla!, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/29520/ -- [SA29503] VLC Media Player "MP4_ReadBox_rdrf()" Buffer Overflow Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2008-03-25 A vulnerability has been reported in VLC Media Player, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/29503/ -- [SA29463] SILC "silc_pkcs1_decode" Integer Overflow Vulnerability Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2008-03-26 A vulnerability has been reported in SILC Client, Server, and Toolkit, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/29463/ -- [SA29535] BolinOS Multiple Vulnerabilities Critical: Moderately critical Where: From remote Impact: Cross Site Scripting, Exposure of system information, Exposure of sensitive information Released: 2008-03-26 Digital Security Research Group have discovered some vulnerabilities in BolinOS, which can be exploited by malicious people to conduct cross-site scripting attacks and to disclose sensitive information. Full Advisory: http://secunia.com/advisories/29535/ -- [SA29514] phpAddressBook Multiple Vulnerabilities Critical: Moderately critical Where: From remote Impact: Security Bypass, Cross Site Scripting, Manipulation of data, Exposure of system information, Exposure of sensitive information Released: 2008-03-25 Some vulnerabilities have been discovered in phpAddressBook, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks and to disclose sensitive information. Full Advisory: http://secunia.com/advisories/29514/ -- [SA29513] RunCMS Photo Module "cid" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2008-03-26 S@BUN has reported a vulnerability in the RunCMS Photo module, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/29513/ -- [SA29510] Joomla rekry!Joom Component "op_id" SQL Injection Critical: Moderately critical Where: From remote Impact: Manipulation of data, Exposure of sensitive information Released: 2008-03-25 Sniper456 has discovered a vulnerability in the rekry!Joom component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/29510/ -- [SA29509] PECL Alternative PHP Cache "apc_search_paths" Buffer Overflow Vulnerability Critical: Moderately critical Where: From remote Impact: Security Bypass, DoS, System access Released: 2008-03-26 Daniel Papasian has reported a vulnerability in the PECL Alternative PHP Cache (APC) extension, which can be exploited by malicious users to bypass certain security restrictions and potentially by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/29509/ -- [SA29496] Elastic Path Multiple Directory Traversal Vulnerabilities Critical: Moderately critical Where: From remote Impact: Security Bypass, Exposure of system information, Exposure of sensitive information, System access Released: 2008-03-27 Daniel Martin Gomez has reported some vulnerabilities in Elastic Path, which can be exploited by malicious users to disclose sensitive information or to potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/29496/ -- [SA29493] e107 my_gallery Plugin "file" Information Disclosure Critical: Moderately critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information Released: 2008-03-26 Jerome Athias has discovered a vulnerability in the my_gallery plugin for e107, which can be exploited by malicious people to disclose sensitive information. Full Advisory: http://secunia.com/advisories/29493/ -- [SA29487] phpBB eXtreme Styles Module "phpEx" Local File Inclusion Critical: Moderately critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information Released: 2008-03-25 bd0rk has discovered a vulnerability in the eXtreme Styles module (XS-Mod) for phpBB, which can be exploited by malicious people to disclose sensitive information. Full Advisory: http://secunia.com/advisories/29487/ -- [SA29480] PowerBook "page" Local File Inclusion Vulnerability Critical: Moderately critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information Released: 2008-03-26 Digital Security Research Group has discovered a vulnerability in PowerBook, which can be exploited by malicious people to disclose sensitive information. Full Advisory: http://secunia.com/advisories/29480/ -- [SA29479] XLPortal "query" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data, Exposure of sensitive information Released: 2008-03-26 c0ndemned has reported a vulnerability in XLPortal, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/29479/ -- [SA29478] HIS-Webshop "t" Directory Traversal Vulnerability Critical: Moderately critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information Released: 2008-03-26 Zero X has reported a vulnerability in HIS-Webshop, which can be exploited by malicious people to disclose sensitive information. Full Advisory: http://secunia.com/advisories/29478/ -- [SA29474] Joomla Joovideo Component "id" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data, Exposure of sensitive information Released: 2008-03-20 S@BUN has discovered a vulnerability in the Joovideo component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/29474/ -- [SA29473] Joomla Alberghi Component "id" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data, Exposure of sensitive information Released: 2008-03-20 S@BUN has discovered a vulnerability in the Alberghi component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/29473/ -- [SA29471] Joomla Restaurante Component "id" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data, Exposure of sensitive information Released: 2008-03-20 S@BUN has discovered a vulnerability in the Restaurante component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/29471/ -- [SA29466] PEEL Multiple Vulnerabilities Critical: Moderately critical Where: From remote Impact: Security Bypass, Manipulation of data Released: 2008-03-21 Charles "real" F. has reported some vulnerabilities in PEEL, which can be exploited by malicious people to conduct SQL injection attacks and by malicious users to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/29466/ -- [SA29459] SILC Server "NEW_CLIENT" Packet Denial of Service Critical: Moderately critical Where: From remote Impact: DoS Released: 2008-03-26 A vulnerability has been reported in SILC Server, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/29459/ -- [SA29512] IBM solidDB Multiple Vulnerabilities Critical: Moderately critical Where: From local network Impact: DoS, System access Released: 2008-03-27 Luigi Auriemma has discovered some vulnerabilities in IBM solidDB, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/29512/ -- [SA29476] Novell eDirectory LDAP delRequest Message Processing Buffer Overflow Critical: Moderately critical Where: From local network Impact: DoS, System access Released: 2008-03-25 A vulnerability has been reported in Novell eDirectory, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/29476/ -- [SA29532] CubeCart Two Cross-Site Scripting Vulnerabilities Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2008-03-26 Russ McRee has discovered two vulnerabilities in CubeCart, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/29532/ -- [SA29528] GNB DesignForm Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2008-03-27 A vulnerability has been reported in GNB DesignForm, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/29528/ -- [SA29525] LinPHA Multiple Cross-Site Scripting Vulnerabilities Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2008-03-26 Some vulnerabilities have been reported in LinPHA, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/29525/ -- [SA29517] PerlMailer Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2008-03-27 A vulnerability has been reported in PerlMailer, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/29517/ -- [SA29491] eGroupWare HTML Filter Bypass Vulnerability Critical: Less critical Where: From remote Impact: Security Bypass Released: 2008-03-24 A vulnerability has been reported in eGroupWare, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/29491/ -- [SA29490] Photo Cart "amessage" Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2008-03-25 Russ McRee has reported a vulnerability in Photo Cart, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/29490/ -- [SA29468] CS-Cart "q" Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2008-03-20 sasquatch has discovered a vulnerability in CS-Cart, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/29468/ -- [SA29527] Novell eDirectory eMBox Utility Unspecified Vulnerability Critical: Less critical Where: From local network Impact: Exposure of system information, Exposure of sensitive information, DoS Released: 2008-03-25 A vulnerability has been reported in Novell eDirectory, which can be exploited by malicious people to disclose potentially sensitive information or cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/29527/ ======================================================================== Secunia recommends that you verify all advisories you receive, by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Subscribe: http://secunia.com/secunia_weekly_summary/ Contact details: Web : http://secunia.com/ E-mail : support@private Tel : +45 70 20 51 44 Fax : +45 70 20 51 45 ___________________________________________________ Subscribe to InfoSec News http://www.infosecnews.org/mailman/listinfo/isn
This archive was generated by hypermail 2.1.3 : Fri Mar 28 2008 - 00:38:14 PST