[ISN] Secunia Weekly Summary - Issue: 2004-16

InfoSec News isn at c4i.org
Mon Apr 19 05:29:35 EDT 2004


========================================================================

                  The Secunia Weekly Advisory Summary                  
                        2004-04-08 - 2004-04-15                        

                       This week : 43 advisories                       

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing

========================================================================
1) Word From Secunia:

Secunia has launched a new service called Secunia Virus Information.
Secunia Virus Information is based on information automatically
collected from seven different anti-virus vendors. The data will be
parsed and indexed, resulting in a cronological list, a searchable
index, and grouped profiles with information from the seven vendors.

Example:
http://secunia.com/virus_information/8592/

Furthermore, when certain criteria are triggered virus alerts will be
issued. You can sign-up for the alerts here:

Secunia Virus Alerts:
http://secunia.com/secunia_virus_alerts/

Secunia Virus Information:
http://secunia.com/virus_information/

========================================================================
2) This Week in Brief:

Microsoft has released four patches for various programs and operating
systems, which address more than 20 different vulnerabilities.

Some of the vulnerabilities were reported to Microsoft more than 250
days ago. Users are advised to patch up as soon as possible, as
several of the vulnerabilities can be exploited by a remote attacker
to gain system access to a vulnerable system.

Please refer to the four Secunia Advisories below for more information
about the specific vulnerabilities and affected software.

Reference:
http://secunia.com/SA11068
http://secunia.com/SA11067
http://secunia.com/SA11065
http://secunia.com/SA11064


========================================================================
3) This Weeks Top Ten Most Read Advisories:

1.  [SA10395] Internet Explorer URL Spoofing Vulnerability
2.  [SA10523] Internet Explorer showHelp() Restriction Bypass
              Vulnerability
3.  [SA11064] Microsoft Windows 14 Vulnerabilities
4.  [SA11273] Internet Explorer/Outlook Express Restricted Zone Status
              Bar Spoofing
5.  [SA11067] Microsoft Outlook Express MHTML URL Processing
              Vulnerability
6.  [SA11285] Winamp "in_mod.dll" Heap Overflow Vulnerability
7.  [SA11065] Microsoft Windows RPC/DCOM Multiple Vulnerabilities
8.  [SA11331] Kerio Personal Firewall URL Handling Denial of Service
9.  [SA11312] Panda ActiveScan Control "Internacional" Property Heap
              Overflow Vulnerability
10. [SA11314] RealPlayer/RealOne R3T File Handling Buffer Overflow
              Vulnerability

========================================================================
4) Vulnerabilities Summary Listing

Windows:
[SA11352] IMail Express Web Messaging Buffer Overflow Vulnerability
[SA11354] TUTOS Cross Site Scripting and SQL Injection Vulnerabilities
[SA11331] Kerio Personal Firewall URL Handling Denial of Service
[SA11330] 1st Class Mail Server Directory Traversal and Cross Site
Scripting
[SA11360] Eudora Nested MIME Message Denial of Service Vulnerability

UNIX/Linux:
[SA11350] HP Internet Express WU-FTPD Multiple Vulnerabilities
[SA11346] NewsPHP Admin Access and Cross Site Scripting
[SA11344] TikiWiki Multiple Vulnerabilities
[SA11338] Gentoo update for scorched3d
[SA11325] IBM HTTP Server OpenSSL Vulnerabilities
[SA11319] Scorched 3D Chat Box Format String Vulnerability
[SA11353] Conectiva update for apache
[SA11345] Conectiva update for mod_python
[SA11336] Gentoo update for pwlib
[SA11329] Gentoo update for ipsec-tools
[SA11328] KAME Racoon IKE Daemon RSA Signature Verification
Vulnerability
[SA11327] nukeKalender Multiple Vulnerabilities
[SA11318] Gentoo update for clamav
[SA11349] HP OpenView Operations Authentication Bypass Vulnerability
[SA11333] LCDProc Multiple System Compromise Vulnerabilities
[SA11326] AzDGDatingLite Cross Site Scripting Vulnerability
[SA11322] OpenPKG update for fetchmail
[SA11320] OpenPKG update for tcpdump
[SA11340] Crackalaka Denial of Service Vulnerability
[SA11339] RSniff Multiple Connection Denial of Service Vulnerability
[SA11335] Gentoo update for heimdal
[SA11321] Gentoo update for automake
[SA11334] Open WebMail Directory Creation Vulnerability
[SA11337] Gentoo update for iproute
[SA11332] Sun Cluster Global File System Denial of Service
Vulnerability
[SA11317] Gentoo update for util-linux

Other:
[SA11342] X-Micro Access Point Default Username and Password
[SA11324] Cisco IPSec VPN Services Module Denial of Service
Vulnerability
[SA11323] CiscoWorks 1105 WLSE and HSE Default User Account

Cross Platform:
[SA11358] BEA WebLogic SSL Impersonation Vulnerability
[SA11347] PHP-Nuke SQL Injection and Cross Site Scripting
[SA11341] Nuked-KlaN Arbitrary File Inclusion
[SA11355] Blackboard Cross Site Scripting Vulnerabilities
[SA11343] SurgeLDAP Arbitrary File Retrieval Vulnerability
[SA11359] BEA WebLogic Exposure of Administrative Credentials
[SA11348] Citadel/UX Insecure Default Database Permissions
[SA11357] BEA WebLogic Database Password Stored in Plain Text Issue
[SA11356] BEA WebLogic Group Membership Security Issue

========================================================================
5) Vulnerabilities Content Listing

Windows:--

[SA11352] IMail Express Web Messaging Buffer Overflow Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2004-04-13

The vendor has reported a vulnerability in IMail Express, which
potentially can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/11352/

 --

[SA11354] TUTOS Cross Site Scripting and SQL Injection Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data
Released:    2004-04-14

Kereval has reported some vulnerabilities in TUTOS, allowing malicious
people to conduct Cross Site Scripting and SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/11354/

 --

[SA11331] Kerio Personal Firewall URL Handling Denial of Service

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2004-04-09

Emmanouel Kellinis has reported a vulnerability in Kerio Personal
Firewall, allowing malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/11331/

 --

[SA11330] 1st Class Mail Server Directory Traversal and Cross Site
Scripting

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Exposure of sensitive information
Released:    2004-04-09

Dr_insane has reported some vulnerabilities in 1st Class Mail Server,
allowing malicious people to view arbitrary files or conduct Cross Site
Scripting attacks.

Full Advisory:
http://secunia.com/advisories/11330/

 --

[SA11360] Eudora Nested MIME Message Denial of Service Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2004-04-14

Paul Szabo has reported a vulnerability in Eudora, allowing malicious
people to cause a Denial of Service.

Full Advisory:
http://secunia.com/advisories/11360/


UNIX/Linux:--

[SA11350] HP Internet Express WU-FTPD Multiple Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, DoS, System access
Released:    2004-04-13

HP has acknowledged some vulnerabilities in their version of WU-FTPD.
These can be exploited by malicious people to cause a DoS (Denial of
Service) or compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/11350/

 --

[SA11346] NewsPHP Admin Access and Cross Site Scripting

Critical:    Highly critical
Where:       From remote
Impact:      Cross Site Scripting, Privilege escalation, System access
Released:    2004-04-13

Manuel Lopez has reported some vulnerabilities in NewsPHP, allowing
malicious people to gain administrative access and conduct Cross Site
Scripting attacks.

Full Advisory:
http://secunia.com/advisories/11346/

 --

[SA11344] TikiWiki Multiple Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Manipulation of data, Exposure of
sensitive information, System access
Released:    2004-04-12

JeiAr has discovered multiple vulnerabilities in TikiWiki, allowing
malicious people to conduct Cross Site Scripting, SQL injection, script
insertion attacks and compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/11344/

 --

[SA11338] Gentoo update for scorched3d

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2004-04-10

Gentoo has issued an update for scorched3d. This fixes a vulnerability,
which potentially can be exploited by malicious users to compromise a
vulnerable server.

Full Advisory:
http://secunia.com/advisories/11338/

 --

[SA11325] IBM HTTP Server OpenSSL Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2004-04-09

IBM has confirmed some older vulnerabilities in IBM HTTP Server, which
can be exploited by malicious people to compromise a vulnerable system
or cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/11325/

 --

[SA11319] Scorched 3D Chat Box Format String Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2004-04-10

FieldySnuts has discovered a vulnerability in Scorched 3D, which
potentially can be exploited by malicious people to compromise a
vulnerable server.

Full Advisory:
http://secunia.com/advisories/11319/

 --

[SA11353] Conectiva update for apache

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2004-04-14

Conectiva has issued updated packages for Apache 2. These fix three
vulnerabilities, potentially allowing malicious people to cause a
Denial of Service or compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/11353/

 --

[SA11345] Conectiva update for mod_python

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2004-04-13

Conectiva has issued updated packages for mod_python. These fix a
vulnerability, which can be exploited by malicious people to cause a
Denial of Service.

Full Advisory:
http://secunia.com/advisories/11345/

 --

[SA11336] Gentoo update for pwlib

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2004-04-10

Gentoo has issued an update for pwlib. This fixes some vulnerabilities,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/11336/

 --

[SA11329] Gentoo update for ipsec-tools

Critical:    Moderately critical
Where:       From remote
Impact:      Hijacking, Security Bypass
Released:    2004-04-09

Gentoo has issued an update for ipsec-tools. This fixes a
vulnerability, which can be exploited by malicious people to conduct
MitM (Man-in-the-Middle) attacks or establish unauthorised
connections.

Full Advisory:
http://secunia.com/advisories/11329/

 --

[SA11328] KAME Racoon IKE Daemon RSA Signature Verification
Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Hijacking, Security Bypass
Released:    2004-04-09

Ralf Spenneberg has reported a vulnerability in KAME Racoon, which can
be exploited by malicious people to conduct MitM attacks
(Man-in-the-Middle) or establish unauthorised connections.

Full Advisory:
http://secunia.com/advisories/11328/

 --

[SA11327] nukeKalender Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data, Exposure of
sensitive information
Released:    2004-04-09

Janek Vind "waraxe" has reported three vulnerabilities in nukeKalender,
allowing malicious people to conduct Cross Site Scripting and SQL
injection attacks.

Full Advisory:
http://secunia.com/advisories/11327/

 --

[SA11318] Gentoo update for clamav

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2004-04-08

Gentoo has issued an update for clamav. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/11318/

 --

[SA11349] HP OpenView Operations Authentication Bypass Vulnerability

Critical:    Moderately critical
Where:       From local network
Impact:      Security Bypass
Released:    2004-04-13

HP has reported a vulnerability in OpenView Operations, which can be
exploited by malicious people to bypass the authentication.

Full Advisory:
http://secunia.com/advisories/11349/

 --

[SA11333] LCDProc Multiple System Compromise Vulnerabilities

Critical:    Moderately critical
Where:       From local network
Impact:      System access
Released:    2004-04-12

Adriano Lima has reported multiple vulnerabilities in LCDProc, which
can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/11333/

 --

[SA11326] AzDGDatingLite Cross Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2004-04-09

Janek Vind has reported two vulnerabilities in AzDGDatingLite, allowing
malicious people to conduct Cross Site Scripting attacks.

Full Advisory:
http://secunia.com/advisories/11326/

 --

[SA11322] OpenPKG update for fetchmail

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2004-04-08

OpenPKG has issued an update for fetchmail. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS
(Denial-of-Service).

Full Advisory:
http://secunia.com/advisories/11322/

 --

[SA11320] OpenPKG update for tcpdump

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2004-04-08

OpenPKG has issued an updated package for tcpdump. This fixes two
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/11320/

 --

[SA11340] Crackalaka Denial of Service Vulnerability

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2004-04-12

Donato Ferrante has reported a vulnerability in Crackalaka, allowing
malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/11340/

 --

[SA11339] RSniff Multiple Connection Denial of Service Vulnerability

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2004-04-10

Luigi Auriemma has reported a vulnerability in RSniff, which can be
exploited by malicious people to cause a DoS (Denial-of-Service).

Full Advisory:
http://secunia.com/advisories/11339/

 --

[SA11335] Gentoo update for heimdal

Critical:    Less critical
Where:       From local network
Impact:      ID Spoofing
Released:    2004-04-09

Gentoo has issued updated packages for heimdal. These fix a
vulnerability, which can allow certain people to impersonate others.

Full Advisory:
http://secunia.com/advisories/11335/

 --

[SA11321] Gentoo update for automake

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2004-04-08

Gentoo has issued an update for automake. This fixes a vulnerability,
which can be exploited by malicious local users to escalate their
privileges.

Full Advisory:
http://secunia.com/advisories/11321/

 --

[SA11334] Open WebMail Directory Creation Vulnerability

Critical:    Not critical
Where:       From remote
Impact:      Security Bypass
Released:    2004-04-09

Eric Wheeler has reported a vulnerability in Open WebMail, allowing
malicious users to create arbitrary directories.

Full Advisory:
http://secunia.com/advisories/11334/

 --

[SA11337] Gentoo update for iproute

Critical:    Not critical
Where:       Local system
Impact:      DoS
Released:    2004-04-10

Gentoo has issued an update for iproute. This fixes a vulnerability,
which can be exploited by malicious, local users to cause a DoS (Denial
of Service).

Full Advisory:
http://secunia.com/advisories/11337/

 --

[SA11332] Sun Cluster Global File System Denial of Service
Vulnerability

Critical:    Not critical
Where:       Local system
Impact:      DoS
Released:    2004-04-09

A vulnerability has been reported in Sun Cluster, allowing malicious,
local users to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/11332/

 --

[SA11317] Gentoo update for util-linux

Critical:    Not critical
Where:       Local system
Impact:      Exposure of system information, Exposure of sensitive
information
Released:    2004-04-08

Gentoo has issued an update for util-linux. This fixes a vulnerability,
which potentially could disclose information to users.

Full Advisory:
http://secunia.com/advisories/11317/


Other:--

[SA11342] X-Micro Access Point Default Username and Password

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2004-04-12

Gergely Risko has reported a vulnerability in X-Micro WLAN 11b Access
Point, allowing malicious people to gain control of a vulnerable
device.

Full Advisory:
http://secunia.com/advisories/11342/

 --

[SA11324] Cisco IPSec VPN Services Module Denial of Service
Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2004-04-09

Cisco has confirmed a vulnerability in VPNSM, which can be exploited by
malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/11324/

 --

[SA11323] CiscoWorks 1105 WLSE and HSE Default User Account

Critical:    Moderately critical
Where:       From local network
Impact:      System access
Released:    2004-04-09

Cisco has confirmed a vulnerability in CiscoWorks 1105 for WLSE and
HSE, which can be exploited by malicious people to gain control of
certain devices.

Full Advisory:
http://secunia.com/advisories/11323/


Cross Platform:--

[SA11358] BEA WebLogic SSL Impersonation Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      ID Spoofing
Released:    2004-04-14

A vulnerability has been discovered in WebLogic Server and WebLogic
Express, which potentially allows malicious people to impersonate a
user or server.

Full Advisory:
http://secunia.com/advisories/11358/

 --

[SA11347] PHP-Nuke SQL Injection and Cross Site Scripting

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, Manipulation of
data
Released:    2004-04-13

Janek Vind has reported some vulnerabilities in PHP-Nuke, allowing
malicious people to conduct SQL injection and Cross Site Scripting
attacks.

Full Advisory:
http://secunia.com/advisories/11347/

 --

[SA11341] Nuked-KlaN Arbitrary File Inclusion

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data, Exposure of sensitive information,
DoS
Released:    2004-04-12

frog-m at n has reported two vulnerabilities in Nuked-KlaN, allowing
malicious people to include arbitrary scripts and corrupt the
configuration file.

Full Advisory:
http://secunia.com/advisories/11341/

 --

[SA11355] Blackboard Cross Site Scripting Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2004-04-14

DarC KonQuesT has reported some vulnerabilities in Blackboard, allowing
malicious people to conduct Cross Site Scripting attacks.

Full Advisory:
http://secunia.com/advisories/11355/

 --

[SA11343] SurgeLDAP Arbitrary File Retrieval Vulnerability

Critical:    Less critical
Where:       From local network
Impact:      Exposure of sensitive information
Released:    2004-04-12

Dr_insane has reported a vulnerability in SurgeLDAP, allowing malicious
people to retrieve files from a vulnerable system.

Full Advisory:
http://secunia.com/advisories/11343/

 --

[SA11359] BEA WebLogic Exposure of Administrative Credentials

Critical:    Less critical
Where:       Local system
Impact:      Exposure of sensitive information, Exposure of system
information
Released:    2004-04-14

BEA has issued an update for WebLogic Server and WebLogic Express. This
fixes a vulnerability allowing malicious users to gain knowledge of
administrative credentials.

Full Advisory:
http://secunia.com/advisories/11359/

 --

[SA11348] Citadel/UX Insecure Default Database Permissions

Critical:    Less critical
Where:       Local system
Impact:      Exposure of system information, Exposure of sensitive
information
Released:    2004-04-13

The vendor has reported a problem in Citadel/UX, which can be exploited
by malicious, local users to gain direct access to the database.

Full Advisory:
http://secunia.com/advisories/11348/

 --

[SA11357] BEA WebLogic Database Password Stored in Plain Text Issue

Critical:    Not critical
Where:       Local system
Impact:      Exposure of sensitive information
Released:    2004-04-14

A security issue has been discovered in WebLogic Server and WebLogic
Express, which can be exploited by malicious, local users to gain
knowledge of sensitive information.

Full Advisory:
http://secunia.com/advisories/11357/

 --

[SA11356] BEA WebLogic Group Membership Security Issue

Critical:    Not critical
Where:       Local system
Impact:      Privilege escalation
Released:    2004-04-14

A security issue has been discovered in WebLogic Server and WebLogic
Express, which may lead to inappropriate privileges being granted.

Full Advisory:
http://secunia.com/advisories/11356/



========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Subscribe:
http://secunia.com/secunia_weekly_summary/

Contact details:
Web	: http://secunia.com/
E-mail	: support at secunia.com
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45

========================================================================





More information about the ISN mailing list