[ISN] Secunia Weekly Summary - Issue: 2004-47

InfoSec News isn at c4i.org
Thu Nov 18 06:20:35 EST 2004


========================================================================

                  The Secunia Weekly Advisory Summary                  
                        2004-11-11 - 2004-11-18                        

                       This week : 48 advisories                       

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing

========================================================================
1) Word From Secunia:

Monitor, Filter, and Manage Security Information
- Filtering and Management of Secunia advisories
- Overview, documentation, and detailed reports
- Alerting via email and SMS

Request Trial:
https://ca.secunia.com/?f=s

========================================================================
2) This Week in Brief:


ADVISORIES:

Again this week, two Secunia advisories regarding vulnerabilities
in Internet Explorer was issued, one of which can be exploited to
circumvent a security feature in Windows XP Service Pack 2.

Microsoft has not yet issued patches. Please view the Secunia
advisories below for more information.

References:
http://secunia.com/SA13208
http://secunia.com/SA13203

--

The popular VoIP program Skype was reported vulnerable to a buffer
overflow vulnerability, which according to the vendor can be exploited
to compromise vulnerable systems.

The vulnerability can be exploited by e.g. tricking a user into
visiting a malicious web site.

A new version, which addresses this vulnerability has been released.

References:
http://secunia.com/SA13191


VIRUS ALERTS:

Secunia has not issued any virus alerts during the last week.

========================================================================
3) This Weeks Top Ten Most Read Advisories:

1.  [SA12959] Internet Explorer IFRAME Buffer Overflow Vulnerability
2.  [SA13191] Skype "callto:" URI Handler Buffer Overflow Vulnerability
3.  [SA13144] Mozilla Firefox Multiple Vulnerabilities
4.  [SA13203] Microsoft Internet Explorer Two Vulnerabilities
5.  [SA12889] Microsoft Internet Explorer Two Vulnerabilities
6.  [SA12712] Mozilla / Mozilla Firefox / Camino Tabbed Browsing
              Vulnerabilities
7.  [SA12758] Microsoft Word Document Parsing Buffer Overflow
              Vulnerability
8.  [SA13208] Microsoft Internet Explorer Cookie Path Attribute
              Vulnerability
9.  [SA13148] Cisco IOS DHCP Packet Handling Denial of Service
              Vulnerability
10. [SA13156] Internet Explorer Flash/Excel Content Status Bar
              Spoofing Weakness

========================================================================
4) Vulnerabilities Summary Listing

Windows:
[SA13207] Hired Team: Trial Multiple Vulnerabilities
[SA13191] Skype "callto:" URI Handler Buffer Overflow Vulnerability
[SA13186] Army Men RTS Format String Vulnerability
[SA13215] IceWarp Web Mail Account Settings Unspecified Vulnerability
[SA13203] Microsoft Internet Explorer Two Vulnerabilities
[SA13200] IMail IMAP Service DELETE Command Buffer Overflow
Vulnerability
[SA13178] Cisco Security Agent Buffer Overflow Detection Security
Bypass
[SA13173] Hotfoon Inappropriate Link Handling
[SA13169] Zone Labs IMsecure Active Link Filter Bypass Vulnerability
[SA13197] Secure Network Messenger Denial of Service Vulnerability
[SA13195] NetNote Server Denial of Service Vulnerability
[SA13198] Spy Sweeper Enterprise Password Information Disclosure
Vulnerability
[SA13208] Microsoft Internet Explorer Cookie Path Attribute
Vulnerability

UNIX/Linux:
[SA13214] Debian update for imagemagick
[SA13190] TWiki "Search.pm" Shell Command Injection Vulnerability
[SA13221] Gentoo update for SquirrelMail
[SA13217] Gentoo update for bnc
[SA13193] Red Hat update for freeradius
[SA13192] Red Hat update for libxml2
[SA13183] Debian update for ez-ipupdate
[SA13182] Fedora update for unarj
[SA13180] Fedora update for gd
[SA13179] GD Graphics Library Unspecified Buffer Overflow
Vulnerabilities
[SA13175] Gentoo update for ez-ipupdate
[SA13219] Red Hat update for samba
[SA13210] SUSE update for samba
[SA13216] Gentoo update for ruby
[SA13196] Fedora update for httpd
[SA13194] Red Hat update for httpd
[SA13176] Gentoo update for samba
[SA13220] Debian update for apache
[SA13218] Trustix update for sudo
[SA13209] Fcron Multiple Vulnerabilities
[SA13199] Sudo Environment Cleaning Privilege Escalation Vulnerability
[SA13185] Gentoo update for davfs2/lvm-user
[SA13184] WEB-DAV Linux File System Insecure Temporary File Creation
[SA13181] Fedora update for glibc
[SA13171] Conectiva update for sasl2

Other:
[SA13212] 3Com OfficeConnect Wireless 11g Cable/DSL Gateway UDP Traffic
Handling Denial of Service
[SA13170] HP PSC 2510 Printer FTP Service Printer Denial of Service
Weakness

Cross Platform:
[SA13213] PHP-Nuke Event Calendar Module Multiple Vulnerabilities
[SA13201] PunBB Private Message System Module Two Vulnerabilities
[SA13177] UNARJ Filename Handling Buffer Overflow Vulnerability
[SA13174] Phorum "follow.php" SQL Injection Vulnerability
[SA13189] Samba QFILEPATHINFO Request Handler Buffer Overflow
Vulnerability
[SA13206] phpScheduleIt Reservation Manipulation Vulnerability
[SA13202] Aztek Forum Cross-Site Scripting Vulnerabilities
[SA13172] phpWebSite HTTP Response Splitting Vulnerability

========================================================================
5) Vulnerabilities Content Listing

Windows:--

[SA13207] Hired Team: Trial Multiple Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, DoS, System access
Released:    2004-11-16

Luigi Auriemma has reported multiple vulnerabilities in Hired Team:
Trial, which can be exploited by malicious people to compromise a
vulnerable system, cause a DoS (Denial of Service), and bypass certain
security restrictions.

Full Advisory:
http://secunia.com/advisories/13207/

 --

[SA13191] Skype "callto:" URI Handler Buffer Overflow Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2004-11-15

A vulnerability has been reported in Skype, which can be exploited by
malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/13191/

 --

[SA13186] Army Men RTS Format String Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2004-11-15

Luigi Auriemma has reported a vulnerability in Army Men RTS, which can
be exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/13186/

 --

[SA13215] IceWarp Web Mail Account Settings Unspecified Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Unknown
Released:    2004-11-16

A vulnerability with an unknown impact has been reported in IceWarp Web
Mail.

Full Advisory:
http://secunia.com/advisories/13215/

 --

[SA13203] Microsoft Internet Explorer Two Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Spoofing
Released:    2004-11-17

cyber flash has discovered two vulnerabilities in Internet Explorer,
which can be exploited by malicious people to bypass a security feature
in Microsoft Windows XP SP2 and trick users into downloading malicious
files.

Full Advisory:
http://secunia.com/advisories/13203/

 --

[SA13200] IMail IMAP Service DELETE Command Buffer Overflow
Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2004-11-16

Muts has discovered a vulnerability in IMail Server, which can be
exploited by malicious users to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/13200/

 --

[SA13178] Cisco Security Agent Buffer Overflow Detection Security
Bypass

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass
Released:    2004-11-12

A vulnerability has been reported in Cisco Security Agent (CSA), which
can be exploited by malicious people to bypass certain security
features.

Full Advisory:
http://secunia.com/advisories/13178/

 --

[SA13173] Hotfoon Inappropriate Link Handling

Critical:    Less critical
Where:       From remote
Impact:      
Released:    2004-11-12

saudi linux has reported a security issue in Hotfoon, allowing
malicious people to open arbitrary links.

Full Advisory:
http://secunia.com/advisories/13173/

 --

[SA13169] Zone Labs IMsecure Active Link Filter Bypass Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass
Released:    2004-11-12

Paul Kurczaba has reported a vulnerability in Zone Labs IMsecure, which
can be exploited by malicious people to bypass certain security
restrictions.

Full Advisory:
http://secunia.com/advisories/13169/

 --

[SA13197] Secure Network Messenger Denial of Service Vulnerability

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2004-11-15

Luigi Auriemma has reported a vulnerability in Secure Network
Messenger, which can be exploited by malicious people to cause a DoS
(Denial of Service).

Full Advisory:
http://secunia.com/advisories/13197/

 --

[SA13195] NetNote Server Denial of Service Vulnerability

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2004-11-15

class101 has discovered a vulnerability in NetNote Server, which can be
exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/13195/

 --

[SA13198] Spy Sweeper Enterprise Password Information Disclosure
Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Exposure of sensitive information
Released:    2004-11-15

Frank Mileto has discovered a vulnerability in Spy Sweeper Enterprise,
which can be exploited by malicious, local users to disclose sensitive
information.

Full Advisory:
http://secunia.com/advisories/13198/

 --

[SA13208] Microsoft Internet Explorer Cookie Path Attribute
Vulnerability

Critical:    Not critical
Where:       From remote
Impact:      Hijacking
Released:    2004-11-17

Keigo Yamazaki has reported a vulnerability in Internet Explorer, which
potentially can be exploited by malicious people to conduct session
fixation attacks.

Full Advisory:
http://secunia.com/advisories/13208/


UNIX/Linux:--

[SA13214] Debian update for imagemagick

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2004-11-16

Debian has issued an update for imagemagick. This fixes a
vulnerability, which potentially can be exploited by malicious people
to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/13214/

 --

[SA13190] TWiki "Search.pm" Shell Command Injection Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2004-11-15

Hans Ulrich Niedermann has reported a vulnerability in TWiki, which can
be exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/13190/

 --

[SA13221] Gentoo update for SquirrelMail

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2004-11-17

Gentoo has issued an update for SquirrelMail. This fixes a
vulnerability, which can be exploited by malicious people to conduct
script insertion attacks.

Full Advisory:
http://secunia.com/advisories/13221/

 --

[SA13217] Gentoo update for bnc

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2004-11-16

Gentoo has issued an update for bnc. This fixes a vulnerability, which
can be exploited by malicious people to cause a DoS (Denial of Service)
and potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/13217/

 --

[SA13193] Red Hat update for freeradius

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2004-11-15

Red Hat has issued an update for freeradius. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/13193/

 --

[SA13192] Red Hat update for libxml2

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2004-11-15

Red Hat has issued an update for libxml2. This fixes some
vulnerabilities, which potentially can be exploited by malicious people
to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/13192/

 --

[SA13183] Debian update for ez-ipupdate

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2004-11-12

Debian has issued an update for ez-ipupdate. This fixes a
vulnerability, which can be exploited by malicious people to compromise
a vulnerable system.

Full Advisory:
http://secunia.com/advisories/13183/

 --

[SA13182] Fedora update for unarj

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2004-11-12

Fedora has issued an update for unarj. This fixes two vulnerabilities,
which potentially can be exploited by malicious people to overwrite
files or compromise a user's system.

Full Advisory:
http://secunia.com/advisories/13182/

 --

[SA13180] Fedora update for gd

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2004-11-12

Fedora has issued an update for gd. This fixes some vulnerabilities,
which potentially can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/13180/

 --

[SA13179] GD Graphics Library Unspecified Buffer Overflow
Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2004-11-12

Some vulnerabilities have been reported in GD Graphics Library, which
potentially can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/13179/

 --

[SA13175] Gentoo update for ez-ipupdate

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2004-11-12

Gentoo has issued an update for ez-ipupdate. This fixes a
vulnerability, which can be exploited by malicious people to compromise
a vulnerable system.

Full Advisory:
http://secunia.com/advisories/13175/

 --

[SA13219] Red Hat update for samba

Critical:    Moderately critical
Where:       From local network
Impact:      DoS, System access
Released:    2004-11-17

Red Hat has issued an update for samba. This fixes two vulnerabilities,
which can be exploited by malicious users to cause a DoS (Denial of
Service) or compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/13219/

 --

[SA13210] SUSE update for samba

Critical:    Moderately critical
Where:       From local network
Impact:      DoS, System access
Released:    2004-11-16

SUSE has issued an update for samba. This fixes two vulnerabilities,
which can be exploited by malicious users to cause a DoS (Denial of
Service) or compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/13210/

 --

[SA13216] Gentoo update for ruby

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2004-11-16

Gentoo has issued an update for ruby. This fixes a vulnerability, which
can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/13216/

 --

[SA13196] Fedora update for httpd

Critical:    Less critical
Where:       From remote
Impact:      DoS, Security Bypass
Released:    2004-11-15

Fedora has issued an update for httpd. This fixes two vulnerabilities,
which can be exploited by malicious people to cause a DoS (Denial of
Service) or bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/13196/

 --

[SA13194] Red Hat update for httpd

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass, DoS
Released:    2004-11-15

Red Hat has issued an update for httpd. This fixes two vulnerabilities,
which can be exploited by malicious people to cause a DoS (Denial of
Service) or bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/13194/

 --

[SA13176] Gentoo update for samba

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2004-11-12

Gentoo has issued an update for samba. This fixes a vulnerability,
which can be exploited by malicious users to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/13176/

 --

[SA13220] Debian update for apache

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2004-11-17

Debian has issued an update for apache. This fixes a vulnerability,
which can be exploited by malicious, local users to gain escalated
privileges.

Full Advisory:
http://secunia.com/advisories/13220/

 --

[SA13218] Trustix update for sudo

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2004-11-17

Trustix has issued an update for sudo. This fixes a vulnerability,
which can be exploited by malicious, local users to gain escalated
privileges.

Full Advisory:
http://secunia.com/advisories/13218/

 --

[SA13209] Fcron Multiple Vulnerabilities

Critical:    Less critical
Where:       Local system
Impact:      Security Bypass, Exposure of system information, Exposure
of sensitive information
Released:    2004-11-16

Karol Wiesek has reported four vulnerabilities in Fcron, which can be
exploited by malicious, local users to gain knowledge of sensitive
information, bypass access restrictions, and delete arbitrary files.

Full Advisory:
http://secunia.com/advisories/13209/

 --

[SA13199] Sudo Environment Cleaning Privilege Escalation Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2004-11-15

Liam Helmer has reported a vulnerability in sudo, which can be
exploited by malicious, local users to gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/13199/

 --

[SA13185] Gentoo update for davfs2/lvm-user

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2004-11-12

Gentoo has issued updates for davfs2 and lvm-user. These fix some
vulnerabilities, which potentially can be exploited by malicious, local
users to perform certain actions on a vulnerable system with escalated
privileges.

Full Advisory:
http://secunia.com/advisories/13185/

 --

[SA13184] WEB-DAV Linux File System Insecure Temporary File Creation

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2004-11-12

Florian Schilhabel has reported a vulnerability in WEB-DAV Linux File
System (dav2fs), which potentially can be exploited by malicious, local
users to perform certain actions on a vulnerable system with escalated
privileges.

Full Advisory:
http://secunia.com/advisories/13184/

 --

[SA13181] Fedora update for glibc

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2004-11-12

Fedora has issued an update for glibc. This fixes a vulnerability,
which can be exploited by malicious, local users to perform certain
actions on a vulnerable system with escalated privileges.

Full Advisory:
http://secunia.com/advisories/13181/

 --

[SA13171] Conectiva update for sasl2

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2004-11-12

Conectiva has issued an update for sasl2. This fixes a vulnerability,
which can be exploited by malicious, local users to gain escalated
privileges.

Full Advisory:
http://secunia.com/advisories/13171/


Other:--

[SA13212] 3Com OfficeConnect Wireless 11g Cable/DSL Gateway UDP Traffic
Handling Denial of Service

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2004-11-16

A vulnerability has been reported in 3Com OfficeConnect Wireless 11g
Cable/DSL Gateway, which can be exploited by malicious people to cause
a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/13212/

 --

[SA13170] HP PSC 2510 Printer FTP Service Printer Denial of Service
Weakness

Critical:    Not critical
Where:       From local network
Impact:      DoS
Released:    2004-11-12

Justin Rush has reported a weakness in HP PSC 2510 Photosmart
All-in-One printer, which can be exploited by malicious people to cause
a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/13170/


Cross Platform:--

[SA13213] PHP-Nuke Event Calendar Module Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data, Exposure of
system information
Released:    2004-11-17

Janek Vind "waraxe" has reported a vulnerability in Event Calendar,
allowing malicious people to conduct cross-site scripting, script
insertion and SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/13213/

 --

[SA13201] PunBB Private Message System Module Two Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Exposure of sensitive information
Released:    2004-11-15

Digital-X has reported two vulnerabilities in Private Message System
module for PunBB, which can be exploited by malicious people to conduct
cross-site scripting attacks and disclose sensitive information.

Full Advisory:
http://secunia.com/advisories/13201/

 --

[SA13177] UNARJ Filename Handling Buffer Overflow Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2004-11-12

A vulnerability has been reported in UNARJ, which potentially can be
exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/13177/

 --

[SA13174] Phorum "follow.php" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2004-11-12

Janek Vind "waraxe" has reported a vulnerability in Phorum, which can
be exploited by malicious users to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/13174/

 --

[SA13189] Samba QFILEPATHINFO Request Handler Buffer Overflow
Vulnerability

Critical:    Moderately critical
Where:       From local network
Impact:      System access
Released:    2004-11-15

Stefan Esser has reported a vulnerability in Samba, which can be
exploited by malicious users to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/13189/

 --

[SA13206] phpScheduleIt Reservation Manipulation Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass
Released:    2004-11-16

A vulnerability has been reported in phpScheduleIt, which can be
exploited by malicious users to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/13206/

 --

[SA13202] Aztek Forum Cross-Site Scripting Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2004-11-15

benji lemien has reported two vulnerabilities in Aztek Forum, which can
be exploited by malicious people to conduct cross-site scripting
attacks.

Full Advisory:
http://secunia.com/advisories/13202/

 --

[SA13172] phpWebSite HTTP Response Splitting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2004-11-12

Maestro De-Seguridad has reported a vulnerability in phpWebSite, which
can be exploited by malicious people to conduct cross-site scripting
attacks.

Full Advisory:
http://secunia.com/advisories/13172/



========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Subscribe:
http://secunia.com/secunia_weekly_summary/

Contact details:
Web	: http://secunia.com/
E-mail	: support at secunia.com
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45

========================================================================





More information about the ISN mailing list