[ISN] Secunia Weekly Summary - Issue: 2004-23
InfoSec News
isn at c4i.org
Fri Jun 4 02:28:12 EDT 2004
========================================================================
The Secunia Weekly Advisory Summary
2004-05-27 - 2004-06-03
This week : 30 advisories
========================================================================
Table of Contents:
1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing
========================================================================
1) Word From Secunia:
The Secunia staff is spending hours every day to assure you the best
and most reliable source for vulnerability information. Every single
vulnerability report is being validated and verified before a Secunia
advisory is written.
Secunia validates and verifies vulnerability reports in many different
ways e.g. by downloading the software and performing comprehensive
tests, by reviewing source code, or by validating the credibility of
the source from which the vulnerability report was issued.
As a result, Secunia's database is the most correct and complete source
for recent vulnerability information available on the Internet.
Secunia Online Vulnerability Database:
http://secunia.com/
========================================================================
2) This Week in Brief:
ADVISORIES:
Vulnerabilities have been reported in Kerberos V5, which could be
exploited to compromise a vulnerable system.
Patches are available that address these vulnerabilities.
Reference:
http://secunia.com/SA11753
--
Apple has issued a new security update for Mac OS X, which addresses no
less than 8 unspecified vulnerabilities.
Currently, no further details have been disclosed by Apple. Users are
therefore advised to apply this update as soon as possible. See Secunia
advisory below for further details about how to obtain the update.
Reference:
http://secunia.com/SA11724
VIRUS ALERTS:
During the last week, Secunia issued one MEDIUM RISK virus alert.
Please refer to the grouped virus profile below for more information:
Korgo.F - MEDIUM RISK Virus Alert - 2004-06-02 19:58 GMT+1
http://secunia.com/virus_information/9767/korgo.f/
========================================================================
3) This Weeks Top Ten Most Read Advisories:
1. [SA11689] Mac OS X Volume URI Handler Registration Code Execution
Vulnerability
2. [SA11622] Mac OS X URI Handler Arbitrary Code Execution
3. [SA11724] Mac OS X Multiple Unspecified Vulnerabilities
4. [SA11534] Apache mod_ssl "ssl_util_uuencode_binary()" Buffer
Overflow Vulnerability
5. [SA11746] Windows 2000 Expired Password Domain Authentication
Security Issue
6. [SA10395] Internet Explorer URL Spoofing Vulnerability
7. [SA11754] Linksys Routers Administrative Web Interface Access
Security Issue
8. [SA11728] Novell iManager and eDirectory OpenSSL Vulnerabilities
9. [SA11730] Sun Java System Application Server Path Disclosure
Weakness
10. [SA11641] CVS Entry Line Heap Overflow Vulnerability
========================================================================
4) Vulnerabilities Summary Listing
Windows:
[SA11727] WildTangent Web Driver Filename Buffer Overflow
Vulnerability
[SA11731] TinyWEB cgi-bin Content Disclosure Vulnerability
[SA11748] Sambar Server Administrative Area Cross Site Scripting
Vulnerabilities
[SA11746] Windows 2000 Expired Password Domain Authentication Security
Issue
[SA11730] Sun Java System Application Server Path Disclosure Weakness
UNIX/Linux:
[SA11747] spamGuard Multiple Buffer Overflow Vulnerabilities
[SA11741] Isoqlog Multiple Buffer Overflow Vulnerabilities
[SA11733] Debian update for jftpgw
[SA11732] jftpgw Logging Format String Vulnerability
[SA11757] Trustix update for apache
[SA11753] Kerberos V5 "krb5_aname_to_localname()" Buffer Overflow
Vulnerabilities
[SA11751] Mandrake update for apache2
[SA11749] Mandrake update for mod_ssl
[SA11744] Debian update for ethereal
[SA11743] tla libneon Client Code Format String Vulnerabilities
[SA11736] Fedora update for vsftpd
[SA11735] Gentoo update for mplayer/xine-lib
[SA11734] SquirrelMail "Content-Type:" Header Script Injection
Vulnerability
[SA11726] OpenPKG update for apache
[SA11729] Gentoo update for heimdal
[SA11742] OpenBSD update for kerberos
[SA11750] Mandrake update for xpcd
[SA11738] Debian GATOS xatitv Potential Privilege Escalation
Vulnerability
Other:
[SA11754] Linksys Routers Administrative Web Interface Access Security
Issue
Cross Platform:
[SA11740] e107 Multiple Vulnerabilities
[SA11755] PHPoto Unspecified Vulnerabilities
[SA11752] Gallery User Authentication Bypass Vulnerability
[SA11739] Land Down Under BBcode Script Insertion Vulnerability
[SA11737] jPORTAL "print.inc.php" SQL Injection Vulnerability
[SA11728] Novell iManager and eDirectory OpenSSL Vulnerabilities
========================================================================
5) Vulnerabilities Content Listing
Windows:--
[SA11727] WildTangent Web Driver Filename Buffer Overflow
Vulnerability
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-05-28
NGSSoftware has reported a vulnerability in WildTangent Web Driver,
which can be exploited by malicious people to compromise a user's
system.
Full Advisory:
http://secunia.com/advisories/11727/
--
[SA11731] TinyWEB cgi-bin Content Disclosure Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Exposure of sensitive information
Released: 2004-06-01
Ziv Kamir has discovered a vulnerability in TinyWEB, which can be
exploited by malicious people to download or disclose the content of
files in the "cgi-bin/" directory.
Full Advisory:
http://secunia.com/advisories/11731/
--
[SA11748] Sambar Server Administrative Area Cross Site Scripting
Vulnerabilities
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2004-06-02
Oliver Karow has reported some vulnerabilities in Sambar Server, which
can be exploited to conduct cross-site scripting attacks.
Full Advisory:
http://secunia.com/advisories/11748/
--
[SA11746] Windows 2000 Expired Password Domain Authentication Security
Issue
Critical: Less critical
Where: From local network
Impact: Security Bypass
Released: 2004-06-01
A security issue has been discovered in Windows 2000, which may allow
bypassing certain security restrictions.
Full Advisory:
http://secunia.com/advisories/11746/
--
[SA11730] Sun Java System Application Server Path Disclosure Weakness
Critical: Not critical
Where: From remote
Impact: Exposure of system information
Released: 2004-05-28
Marc Schoenefeld has reported a weakness in Sun Java System Application
Server, which can be exploited by malicious people to gain knowledge of
path information.
Full Advisory:
http://secunia.com/advisories/11730/
UNIX/Linux:--
[SA11747] spamGuard Multiple Buffer Overflow Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-06-01
Multiple vulnerabilities have been discovered in spamGuard, where some
potentially can be exploited by malicious people to compromise a
vulnerable system.
Full Advisory:
http://secunia.com/advisories/11747/
--
[SA11741] Isoqlog Multiple Buffer Overflow Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-06-01
Multiple vulnerabilities have been discovered in isoqlog, where some
potentially can be exploited by malicious people to compromise a
vulnerable system.
Full Advisory:
http://secunia.com/advisories/11741/
--
[SA11733] Debian update for jftpgw
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-05-30
Debian has issued an update for jftpgw. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
vulnerable system.
Full Advisory:
http://secunia.com/advisories/11733/
--
[SA11732] jftpgw Logging Format String Vulnerability
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-05-30
Jaguar has reported a vulnerability in jftpgw, which potentially can be
exploited by malicious people to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/11732/
--
[SA11757] Trustix update for apache
Critical: Moderately critical
Where: From remote
Impact: DoS, System access
Released: 2004-06-02
Trustix has issued an update for apache. This fixes a vulnerability,
which potentially can be exploited by malicious people to cause a DoS
(Denial of Service) or compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/11757/
--
[SA11753] Kerberos V5 "krb5_aname_to_localname()" Buffer Overflow
Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2004-06-02
Vulnerabilities have been discovered in Kerberos V5, which can be
exploited by malicious users to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/11753/
--
[SA11751] Mandrake update for apache2
Critical: Moderately critical
Where: From remote
Impact: DoS, System access
Released: 2004-06-02
MandrakeSoft has issued an update for apache2. This fixes a
vulnerability, which potentially can be exploited by malicious people
to cause a DoS (Denial of Service) or compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/11751/
--
[SA11749] Mandrake update for mod_ssl
Critical: Moderately critical
Where: From remote
Impact: DoS, System access
Released: 2004-06-02
MandrakeSoft has issued an update for mod_ssl. This fixes a
vulnerability, which potentially can be exploited by malicious people
to cause a DoS (Denial of Service) or compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/11749/
--
[SA11744] Debian update for ethereal
Critical: Moderately critical
Where: From remote
Impact: System access, DoS
Released: 2004-05-31
Debian has issued an update for ethereal. This fixes some
vulnerabilities, which can be exploited by malicious people to
compromise a vulnerable system or cause a DoS (Denial-of-Service).
Full Advisory:
http://secunia.com/advisories/11744/
--
[SA11743] tla libneon Client Code Format String Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2004-05-31
tla is affected by some vulnerabilities, which potentially can be
exploited by malicious people to compromise a user's system.
Full Advisory:
http://secunia.com/advisories/11743/
--
[SA11736] Fedora update for vsftpd
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2004-05-31
Fedora has issued an update for vsftpd. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).
Full Advisory:
http://secunia.com/advisories/11736/
--
[SA11735] Gentoo update for mplayer/xine-lib
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2004-05-31
Gentoo has issued updates for mplayer and xine-lib. These fix some
vulnerabilities, which potentially can be exploited by malicious people
to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/11735/
--
[SA11734] SquirrelMail "Content-Type:" Header Script Injection
Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting
Released: 2004-06-01
Román Medina-Heigl Hernández has reported a vulnerability in
SquirrelMail, which can be exploited by malicious people to conduct
script injection attacks.
Full Advisory:
http://secunia.com/advisories/11734/
--
[SA11726] OpenPKG update for apache
Critical: Moderately critical
Where: From remote
Impact: System access, DoS
Released: 2004-05-28
OpenPKG has issued an update for apache. This fixes a vulnerability,
which potentially can be exploited by malicious people to cause a DoS
(Denial of Service) or compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/11726/
--
[SA11729] Gentoo update for heimdal
Critical: Moderately critical
Where: From local network
Impact: DoS, System access
Released: 2004-05-28
Gentoo has issued an update for heimdal. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
vulnerable system.
Full Advisory:
http://secunia.com/advisories/11729/
--
[SA11742] OpenBSD update for kerberos
Critical: Less critical
Where: From local network
Impact: Spoofing
Released: 2004-05-31
OpenBSD has issued an update for kerberos. This fixes a vulnerability,
which may allow certain people to impersonate others.
Full Advisory:
http://secunia.com/advisories/11742/
--
[SA11750] Mandrake update for xpcd
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-06-02
MandrakeSoft has issued an update for xpcd. This fixes some
vulnerabilities, which potentially can be exploited by malicious people
to execute arbitrary code on a user's system.
Full Advisory:
http://secunia.com/advisories/11750/
--
[SA11738] Debian GATOS xatitv Potential Privilege Escalation
Vulnerability
Critical: Not critical
Where: Local system
Impact: Privilege escalation
Released: 2004-05-31
Debian has issued an update for gatos. This fixes a vulnerability,
which potentially can be exploited by malicious, local users to gain
escalated privileges.
Full Advisory:
http://secunia.com/advisories/11738/
Other:--
[SA11754] Linksys Routers Administrative Web Interface Access Security
Issue
Critical: Moderately critical
Where: From remote
Impact: Security Bypass
Released: 2004-06-02
A security issue has been reported in some Linksys routers, which
potentially may grant malicious people administrative access to a
vulnerable device.
Full Advisory:
http://secunia.com/advisories/11754/
Cross Platform:--
[SA11740] e107 Multiple Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: Cross Site Scripting, Exposure of system information,
Exposure of sensitive information, System access
Released: 2004-06-01
Janek Vind "waraxe" has reported some vulnerabilities in e107, which
can be exploited by malicious people to disclose path information,
conduct cross-site scripting and SQL injection attacks, and include
arbitrary files.
Full Advisory:
http://secunia.com/advisories/11740/
--
[SA11755] PHPoto Unspecified Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Unknown
Released: 2004-06-02
Some unspecified vulnerabilities with unknown impact have been
discovered in PHPoto.
Full Advisory:
http://secunia.com/advisories/11755/
--
[SA11752] Gallery User Authentication Bypass Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Security Bypass
Released: 2004-06-02
A vulnerability has been discovered in Gallery, which can be exploited
by malicious people to bypass the user authentication.
Full Advisory:
http://secunia.com/advisories/11752/
--
[SA11739] Land Down Under BBcode Script Insertion Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting
Released: 2004-05-31
crypt0 has reported a vulnerability in Land Down Under, which can be
exploited by malicious people to conduct script insertion attacks.
Full Advisory:
http://secunia.com/advisories/11739/
--
[SA11737] jPORTAL "print.inc.php" SQL Injection Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data, Exposure of system information,
Exposure of sensitive information
Released: 2004-05-31
Maciek Wierciski has reported a vulnerability in jPORTAL, which can be
exploited by malicious people to conduct SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/11737/
--
[SA11728] Novell iManager and eDirectory OpenSSL Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2004-05-28
Novell has acknowledged multiple OpenSSL vulnerabilities in eDirectory
and iManager, which can be exploited by malicious people to cause a DoS
(Denial of Service).
Full Advisory:
http://secunia.com/advisories/11728/
========================================================================
Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Subscribe:
http://secunia.com/secunia_weekly_summary/
Contact details:
Web : http://secunia.com/
E-mail : support at secunia.com
Tel : +45 70 20 51 44
Fax : +45 70 20 51 45
========================================================================
More information about the ISN
mailing list