[ISN] Secunia Weekly Summary - Issue: 2004-30
InfoSec News
isn at c4i.org
Fri Jul 23 10:25:02 EDT 2004
========================================================================
The Secunia Weekly Advisory Summary
2004-07-15 - 2004-07-22
This week : 34 advisories
========================================================================
Table of Contents:
1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing
========================================================================
1) Word From Secunia:
New Features at Secunia.com
Secunia has implemented various statistical features at the websites
for both Secunia advisories and Virus Information.
Secunia Advisories Statistics:
http://secunia.com/advisory_statistics/
Examples of Specific Product Statistics:
http://secunia.com/product/11/ (Internet Explorer 6)
http://secunia.com/product/761/ (Opera 7.x)
http://secunia.com/product/1480/ (Mozilla 1.3)
Secunia Virus Information Statistics:
http://secunia.com/virus_statistics/
Furthermore, Secunia has made it possible for you to include all graphs
available at secunia.com on your own website.
This is described in detail at:
http://secunia.com/secunia_image_inclusion/
========================================================================
2) This Week in Brief:
ADVISORIES:
An unspecified vulnerability in the logging functionality has been
reported in "mod_ssl" for Apache. The impact of this vulnerability is
currently unknown, however, due to the way this software is used and
the potential severity of the vulnerability, Secunia choose to issue
the advisory as "Highly Critical". Thereby, encouraging all
administrators to update their systems as soon as possible.
Reference:
http://secunia.com/SA12077
VIRUS ALERTS:
During the last week, Secunia issued three MEDIUM RISK virus alerts.
Please refer to the grouped virus profiles below for more information:
BAGLE.AH - MEDIUM RISK Virus Alert - 2004-07-19 21:40 GMT+1
http://secunia.com/virus_information/10739/bagle.ah/
Korgo.U - MEDIUM RISK Virus Alert - 2004-07-18 23:37 GMT+1
http://secunia.com/virus_information/10254/korgo.u/
BAGLE.AF - MEDIUM RISK Virus Alert - 2004-07-16 02:16 GMT+1
http://secunia.com/virus_information/10683/bagle.af/
========================================================================
3) This Weeks Top Ten Most Read Advisories:
1. [SA12048] Microsoft Internet Explorer Multiple Vulnerabilities
2. [SA11978] Multiple Browsers Frame Injection Vulnerability
3. [SA11793] Internet Explorer Local Resource Access and Cross-Zone
Scripting Vulnerabilities
4. [SA12076] Mozilla / Firefox Certificate Store Corruption
Vulnerability
5. [SA12077] mod_ssl Unspecified "mod_proxy" Hook Functions Format
String Vulnerability
6. [SA12027] Mozilla Fails to Restrict Access to "shell:"
7. [SA12028] Opera Browser Address Bar Spoofing Vulnerability
8. [SA12064] PHP "strip_tags()" Function and memory_limit
Vulnerabilities
9. [SA11966] Internet Explorer Frame Injection Vulnerability
10. [SA10395] Internet Explorer URL Spoofing Vulnerability
========================================================================
4) Vulnerabilities Summary Listing
Windows:
[SA12111] WWW File Share Pro HTTP Request Denial of Service
Vulnerability
[SA12108] Sysinternals PsTools Fails to Disconnect from Shares
[SA12092] CA eTrust Common Services Denial of Service Vulnerabilities
[SA12101] I-Café client Restriction Bypass
UNIX/Linux:
[SA12116] Slackware update for php
[SA12113] Debian update for php4
[SA12106] Red Hat update for php
[SA12103] PlaySMS SMS Gateway SQL and Command Injection
Vulnerabilities
[SA12095] Debian update for netkit-telnet-ssl
[SA12091] Gentoo update for Unreal
[SA12088] OpenPKG update for mod_ssl
[SA12081] Conectiva update for php4
[SA12078] SuSE update for php4
[SA12073] Gentoo update for php
[SA12109] Gentoo update for Opera
[SA12100] SCO OpenServer Multiple Vulnerabilities in MMDF
[SA12098] Fedora update for httpd
[SA12096] Debian update for l2tpd
[SA12084] Outblaze Script Insertion Vulnerability
[SA12094] Debian update for ethereal
[SA12086] HP-UX WU-FTPD Directory Access Restriction Bypass
Vulnerability
[SA12082] Postnuke "title" Cross Site Scripting Vulnerability
[SA12075] Conectiva update for kernel
[SA12104] Sun Solaris SVM Local Denial of Service Vulnerability
Other:
[SA12117] Cisco ONS 15000 Multiple Denial of Service Vulnerabilities
[SA12110] Conceptronic CADSLR1 Router Denial of Service Vulnerability
[SA12112] Lexmark T522 HTTP Host Header Denial of Service
Vulnerability
Cross Platform:
[SA12099] artmedic kleinanzeigen Inclusion of Arbitrary Files
[SA12089] Medal of Honor Buffer Overflow Vulnerability
[SA12077] mod_ssl Unspecified "mod_proxy" Hook Functions Format String
Vulnerability
[SA12097] BLOG:CMS / Nucleus / PunBB Inclusion of Arbitrary Files
[SA12083] PHP-Nuke Multiple Vulnerabilities
[SA12105] Invision Power Board "index.php" Cross Site Scripting
Vulnerability
[SA12076] Mozilla / Firefox Certificate Store Corruption Vulnerability
========================================================================
5) Vulnerabilities Content Listing
Windows:--
[SA12111] WWW File Share Pro HTTP Request Denial of Service
Vulnerability
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2004-07-21
nekd0 has reported a vulnerability in WWW File share Pro, which can be
exploited by malicious people to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/12111/
--
[SA12108] Sysinternals PsTools Fails to Disconnect from Shares
Critical: Less critical
Where: From local network
Impact: System access
Released: 2004-07-21
Alan Ridgeway has reported a security issue in PsTools, potentially
allowing malicious users to gain administrative privileges on remote
systems.
Full Advisory:
http://secunia.com/advisories/12108/
--
[SA12092] CA eTrust Common Services Denial of Service Vulnerabilities
Critical: Less critical
Where: From local network
Impact: DoS
Released: 2004-07-19
Cengiz Aykanat has reported two vulnerabilities in eTrust Common
Services, allowing malicious people to cause a Denial of Service.
Full Advisory:
http://secunia.com/advisories/12092/
--
[SA12101] I-Café client Restriction Bypass
Critical: Less critical
Where: Local system
Impact: Security Bypass
Released: 2004-07-20
Lostmon has reported a weakness in I-Café client, allowing malicious
users to by disable the software.
Full Advisory:
http://secunia.com/advisories/12101/
UNIX/Linux:--
[SA12116] Slackware update for php
Critical: Highly critical
Where: From remote
Impact: System access, Security Bypass
Released: 2004-07-21
Slackware has issued an update for php. This fixes two vulnerabilities,
which can be exploited by malicious people to bypass certain security
functionality or compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/12116/
--
[SA12113] Debian update for php4
Critical: Highly critical
Where: From remote
Impact: Security Bypass, System access
Released: 2004-07-21
Debian has issued an update for php4. This fixes two vulnerabilities,
which can be exploited by malicious people to bypass certain security
functionality or compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/12113/
--
[SA12106] Red Hat update for php
Critical: Highly critical
Where: From remote
Impact: Security Bypass, System access
Released: 2004-07-19
Red Hat has issued an update for php. This fixes two vulnerabilities,
which can be exploited by malicious people to bypass certain security
functionality or compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/12106/
--
[SA12103] PlaySMS SMS Gateway SQL and Command Injection
Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: Manipulation of data, System access
Released: 2004-07-19
The vendor has reported two vulnerabilities in PlaySMS, allowing
malicious people to conduct SQL injection attacks and execute arbitrary
system commands.
Full Advisory:
http://secunia.com/advisories/12103/
--
[SA12095] Debian update for netkit-telnet-ssl
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-07-19
Debian has issued an update for netkit-telnet-ssl. This fixes a
vulnerability, which can be exploited by malicious people to compromise
a vulnerable system.
Full Advisory:
http://secunia.com/advisories/12095/
--
[SA12091] Gentoo update for Unreal
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-07-20
Gentoo has issued an update for Unreal. This fixes a vulnerability,
which can be exploited by malicious people to compromise a vulnerable
system.
Full Advisory:
http://secunia.com/advisories/12091/
--
[SA12088] OpenPKG update for mod_ssl
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-07-19
OpenPKG has issued an update for apache with mod_ssl. This fixes a
vulnerability, which can be exploited by malicious people to compromise
a vulnerable system.
Full Advisory:
http://secunia.com/advisories/12088/
--
[SA12081] Conectiva update for php4
Critical: Highly critical
Where: From remote
Impact: System access, Security Bypass
Released: 2004-07-19
Conectiva has issued an update for php4. This fixes two
vulnerabilities, which can be exploited by malicious people to bypass
certain security functionality or compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/12081/
--
[SA12078] SuSE update for php4
Critical: Highly critical
Where: From remote
Impact: Security Bypass, System access
Released: 2004-07-19
SuSE has issued an update for php4. This fixes two vulnerabilities,
which can be exploited by malicious people to bypass certain security
functionality or compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/12078/
--
[SA12073] Gentoo update for php
Critical: Highly critical
Where: From remote
Impact: Security Bypass, System access
Released: 2004-07-16
Gentoo has issued an update for php. This fixes two vulnerabilities,
which can be exploited by malicious people to bypass certain security
functionality or compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/12073/
--
[SA12109] Gentoo update for Opera
Critical: Moderately critical
Where: From remote
Impact: Spoofing
Released: 2004-07-21
Gentoo has issued an update for Opera. This fixes a vulnerability,
which can be exploited by malicious people to conduct phishing attacks
against a user.
Full Advisory:
http://secunia.com/advisories/12109/
--
[SA12100] SCO OpenServer Multiple Vulnerabilities in MMDF
Critical: Moderately critical
Where: From remote
Impact: Unknown
Released: 2004-07-20
Some vulnerabilities has been reported in SCO MMDF, the impact of the
vulnerabilities is unknown.
Full Advisory:
http://secunia.com/advisories/12100/
--
[SA12098] Fedora update for httpd
Critical: Moderately critical
Where: From remote
Impact: DoS, System access
Released: 2004-07-20
Fedora has issued an update for httpd. This fixes some vulnerabilities,
which can be exploited by malicious people to cause a DoS (Denial of
Service) and potentially compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/12098/
--
[SA12096] Debian update for l2tpd
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2004-07-19
Debian has issued an update for l2tpd. This fixes a vulnerability,
which can be exploited by malicious people to compromise a vulnerable
system.
Full Advisory:
http://secunia.com/advisories/12096/
--
[SA12084] Outblaze Script Insertion Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting
Released: 2004-07-20
DarkBicho has reported a vulnerability in Outblaze, allowing malicious
people to conduct script insertion attacks.
Full Advisory:
http://secunia.com/advisories/12084/
--
[SA12094] Debian update for ethereal
Critical: Less critical
Where: From remote
Impact: DoS
Released: 2004-07-19
Debian has issued an update for Ethereal. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).
Full Advisory:
http://secunia.com/advisories/12094/
--
[SA12086] HP-UX WU-FTPD Directory Access Restriction Bypass
Vulnerability
Critical: Less critical
Where: From remote
Impact: Security Bypass
Released: 2004-07-19
HP has acknowledged a vulnerability in their version of WU-FTPD. This
can be exploited by malicious, authenticated users to circumvent
certain restrictions.
Full Advisory:
http://secunia.com/advisories/12086/
--
[SA12082] Postnuke "title" Cross Site Scripting Vulnerability
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2004-07-19
DarkBicho has reported a vulnerability in Postnuke, allowing malicious
people to conduct Cross Site Scripting attacks.
Full Advisory:
http://secunia.com/advisories/12082/
--
[SA12075] Conectiva update for kernel
Critical: Less critical
Where: Local system
Impact: Security Bypass, Exposure of system information, Exposure
of sensitive information, Privilege escalation, DoS
Released: 2004-07-16
Conectiva has issued an update for the kernel. This fixes multiple
vulnerabilities, which can be exploited to gain escalated privileges,
cause a DoS (Denial of Service), or gain knowledge of sensitive
information.
Full Advisory:
http://secunia.com/advisories/12075/
--
[SA12104] Sun Solaris SVM Local Denial of Service Vulnerability
Critical: Not critical
Where: Local system
Impact: DoS
Released: 2004-07-19
The vendor has reported a vulnerability in Solaris 9, allowing
malicious local users to cause a Denial of Service.
Full Advisory:
http://secunia.com/advisories/12104/
Other:--
[SA12117] Cisco ONS 15000 Multiple Denial of Service Vulnerabilities
Critical: Less critical
Where: From local network
Impact: Security Bypass, DoS
Released: 2004-07-21
The vendor has reported several vulnerabilities in Cisco ONS 15000
based products, allowing malicious people to cause a Denial of Service
or bypass authentication.
Full Advisory:
http://secunia.com/advisories/12117/
--
[SA12110] Conceptronic CADSLR1 Router Denial of Service Vulnerability
Critical: Less critical
Where: From local network
Impact: DoS
Released: 2004-07-21
Jordi Corrales has reported a vulnerability in CADSLR1, allowing
malicious people to cause a Denial of Service.
Full Advisory:
http://secunia.com/advisories/12110/
--
[SA12112] Lexmark T522 HTTP Host Header Denial of Service
Vulnerability
Critical: Not critical
Where: From local network
Impact: DoS
Released: 2004-07-21
Peter Kruse has reported a vulnerability in Lexmark T522, which can be
exploited by malicious people to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/12112/
Cross Platform:--
[SA12099] artmedic kleinanzeigen Inclusion of Arbitrary Files
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-07-21
Francisco Alisson has reported a vulnerability in artmedic
kleinanzeigen, allowing malicious people to include arbitrary files.
Full Advisory:
http://secunia.com/advisories/12099/
--
[SA12089] Medal of Honor Buffer Overflow Vulnerability
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-07-19
Luigi Auriemma has reported a vulnerability in Medal of Honor, allowing
malicious people to gain system access.
Full Advisory:
http://secunia.com/advisories/12089/
--
[SA12077] mod_ssl Unspecified "mod_proxy" Hook Functions Format String
Vulnerability
Critical: Highly critical
Where: From remote
Impact: Unknown, System access
Released: 2004-07-16
A vulnerability has been reported in mod_ssl, which currently has an
unknown impact but may allow malicious people to compromise a
vulnerable system.
Full Advisory:
http://secunia.com/advisories/12077/
--
[SA12097] BLOG:CMS / Nucleus / PunBB Inclusion of Arbitrary Files
Critical: Moderately critical
Where: From remote
Impact: Unknown, Exposure of sensitive information
Released: 2004-07-20
Radek Hulan has reported a vulnerability in BLOG:CMS, PunBB and
Nucleus, potentially allowing malicious people to gain system access.
Full Advisory:
http://secunia.com/advisories/12097/
--
[SA12083] PHP-Nuke Multiple Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting, Manipulation of data, Exposure of
sensitive information
Released: 2004-07-19
Janek Vind has reported some vulnerabilities in PHP-Nuke, allowing
malicious people to conduct Cross Site Scripting and SQL injection
attacks.
Full Advisory:
http://secunia.com/advisories/12083/
--
[SA12105] Invision Power Board "index.php" Cross Site Scripting
Vulnerability
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2004-07-21
Electrobug has reported a vulnerability in Invision Power Board,
allowing malicious people to conduct Cross Site Scripting attacks.
Full Advisory:
http://secunia.com/advisories/12105/
--
[SA12076] Mozilla / Firefox Certificate Store Corruption Vulnerability
Critical: Less critical
Where: From remote
Impact: DoS
Released: 2004-07-16
Marcel Boesch has reported a vulnerability in Mozilla and Firefox,
which can be exploited by malicious people to cause a DoS (Denial of
Service).
Full Advisory:
http://secunia.com/advisories/12076/
========================================================================
Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Subscribe:
http://secunia.com/secunia_weekly_summary/
Contact details:
Web : http://secunia.com/
E-mail : support at secunia.com
Tel : +45 70 20 51 44
Fax : +45 70 20 51 45
========================================================================
More information about the ISN
mailing list