[ISN] Secunia Weekly Summary - Issue: 2005-49

InfoSec News isn at c4i.org
Fri Dec 9 01:36:51 EST 2005


========================================================================

                  The Secunia Weekly Advisory Summary                  
                        2005-12-01 - 2005-12-08                        

                       This week : 89 advisories                       

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing

========================================================================
1) Word From Secunia:

The Secunia staff is spending hours every day to assure you the best
and most reliable source for vulnerability information. Every single 
vulnerability report is being validated and verified before a Secunia
advisory is written.

Secunia validates and verifies vulnerability reports in many different
ways e.g. by downloading the software and performing comprehensive
tests, by reviewing source code, or by validating the credibility of
the source from which the vulnerability report was issued.

As a result, Secunia's database is the most correct and complete source
for recent vulnerability information available on the Internet.

Secunia Online Vulnerability Database:
http://secunia.com/

========================================================================
2) This Week in Brief:

Several vulnerabilities have been reported in xpdf, which can be
exploited by malicious people to cause a DoS (Denial of Service) and
potentially to compromise a user's system.

Please refer to the Secunia advisory below for additional details.

Reference:
http://secunia.com/SA17897

--

Apple has acknowledged some vulnerabilities in Java for Mac OS X, which
can be exploited by malicious people to compromise a user's system.

References:
http://secunia.com/SA17847
http://secunia.com/SA17748


VIRUS ALERTS:

Secunia has not issued any virus alerts during the week.

========================================================================
3) This Weeks Top Ten Most Read Advisories:

1.  [SA15546] Microsoft Internet Explorer "window()" Arbitrary Code
              Execution Vulnerability
2.  [SA17748] Sun Java JRE Sandbox Security Bypass Vulnerabilities
3.  [SA7127]  Windows XP/2000/NT will let user execute any 16bit
              application
4.  [SA17847] Apple Mac OS X update for Java
5.  [SA16907] Opera Command Line URL Shell Command Injection
6.  [SA15601] Mozilla / Mozilla Firefox Frame Injection Vulnerability
7.  [SA11762] Opera Browser Favicon Displaying Address Bar Spoofing
              Vulnerability
8.  [SA17430] Macromedia Flash Player SWF File Handling Arbitrary Code
              Execution
9.  [SA17813] Mac OS X Security Update Fixes Multiple Vulnerabilities
10. [SA16560] Windows Registry Editor Utility String Concealment
              Weakness

========================================================================
4) Vulnerabilities Summary Listing

Windows:
[SA17863] Ipswitch IMail Server IMAP and SMTP Service Two
Vulnerabilities
[SA17939] CF_Nuke Directory Traversal and Cross-Site Scripting
Vulnerabilities
[SA17900] A-FAQ SQL Injection Vulnerabilities
[SA17906] Ideal BB.NET Custom Error Page Cross-Site Scripting
Vulnerability
[SA17905] rwAuction Pro "searchtxt" Cross-Site Scripting Vulnerability
[SA17904] XcPhotoAlbum "SearchFor" Cross-Site Scripting Vulnerability
[SA17903] XcClassified "SearchFor" Cross-Site Scripting Vulnerability
[SA17902] NetAuctionHelp Auction Software Cross-Site Scripting
Vulnerabilities
[SA17901] IISWorks ASPKnowledgeBase "a" Cross-Site Scripting
Vulnerability
[SA17898] DUware DUportal Pro "result" Cross-Site Scripting
Vulnerability
[SA17857] SiteBeater News System "Archive.asp" Cross-Site Scripting
Vulnerability
[SA17856] SiteBeater MP3 Catalog "Search.asp" Cross-Site Scripting
Vulnerability
[SA17854] Solupress News "search.asp" Cross-Site Scripting
Vulnerability
[SA17851] MyTemplateSite "search.asp" Cross-Site Scripting
Vulnerability
[SA17933] Sony SunnComm MediaMax DRM Software Insecure Directory
Permissions

UNIX/Linux:
[SA17899] Ubuntu update for kerberos
[SA17847] Apple Mac OS X update for Java
[SA17930] Red Hat update for imap
[SA17929] Red Hat update for xpdf
[SA17928] Red Hat update for libc-client
[SA17926] Fedora update for xpdf
[SA17923] Ubuntu update for apache2
[SA17921] pdftohtml Xpdf Buffer Overflow Vulnerabilities
[SA17920] KDE kpdf Xpdf Buffer Overflow Vulnerabilities
[SA17916] teTeX Xpdf Buffer Overflow Vulnerabilities
[SA17912] Poppler Xpdf Buffer Overflow Vulnerabilities
[SA17910] Horde IMP Attachments Script Insertion Vulnerability
[SA17908] KOffice KWord PDF Filter Xpdf Buffer Overflow
Vulnerabilities
[SA17897] Xpdf Multiple Buffer Overflow Vulnerabilities
[SA17892] FFmpeg libavcodec Buffer Overflow Vulnerability
[SA17882] Debian update for inkscape
[SA17874] Mandriva update for mailman
[SA17860] Debian update for helix-player
[SA17913] coWiki "q" Cross-Site Scripting Vulnerability
[SA17878] Mandriva update for webmin
[SA17877] Mandriva update for spamassassin
[SA17839] FastJar File Extraction Directory Traversal Vulnerability
[SA17917] SUSE update for kernel
[SA17845] Fedora update for openldap
[SA17924] AIX "umountall" Command Absolute Path Vulnerability
[SA17907] cURL/libcURL URL Parsing Off-By-One Vulnerability
[SA17886] Ubuntu update for inkscape
[SA17844] Fedora update for perl

Other:
[SA17888] Cisco Products OpenSSL Potential SSL 2.0 Rollback
Vulnerability
[SA17852] MultiTech MultiVoIP Gateway Denial of Service Vulnerability

Cross Platform:
[SA17925] phpMyAdmin register_globals Emulation "import_blacklist"
Manipulation
[SA17896] DoceboLMS Information Disclosure and File Upload
Vulnerabilities
[SA17887] Jinzora Snoopy "_httpsrequest()" Command Injection
Vulnerability
[SA17866] MediaWiki Language Option PHP Code Execution Vulnerability
[SA17858] PHPX "username" SQL Injection Vulnerability
[SA17935] Magic Forum Personal Cross-Site Scripting and SQL Injection
[SA17915] phpForumPro SQL Injection Vulnerabilities
[SA17914] Cars Portal SQL Injection Vulnerabilities
[SA17911] PluggedOut Blog "index.php" SQL Injection Vulnerabilities
[SA17909] PluggedOut Nexus SQL Injection and Cross-Site Scripting
Vulnerabilities
[SA17894] Trac Search Module SQL Injection Vulnerability
[SA17893] Blog System SQL Injection Vulnerabilities
[SA17884] HobSR "view.php" SQL Injection Vulnerability
[SA17883] Web4Future Affiliate Manager Pro "pid" SQL Injection
Vulnerability
[SA17881] Web4Future eCommerce Products SQL Injection Vulnerabilities
[SA17880] Web4Future Portal Solutions Information Disclosure and SQL
Injection
[SA17879] Web4Future eDating Professional SQL Injection
Vulnerabilities
[SA17871] PHP-Fusion "srch_text" SQL Injection Vulnerability
[SA17869] Zen Cart "admin_email" SQL Injection Vulnerability
[SA17867] Nodezilla Potential Information Disclosure Vulnerability
[SA17861] Quicksilver Forums HTTP_USER_AGENT SQL Injection
Vulnerability
[SA17859] SAPID CMS Security Bypass Vulnerability
[SA17855] Coppermine Photo Gallery "relocate_server.php" Exposure of
Configuration
[SA17853] NetClassifieds Multiple SQL Injection Vulnerabilities
[SA17849] phpYellow SQL Injection Vulnerabilities
[SA17846] Relative Real Estate Systems "mls" SQL Injection
Vulnerability
[SA17843] LandShop SQL Injection Vulnerabilities
[SA17842] Lore "id" SQL Injection Vulnerability
[SA17841] Instant Photo Gallery SQL Injection Vulnerabilities
[SA17840] Widget Imprint "product_id" SQL Injection Vulnerability
[SA17937] Magic List Pro "ListID" SQL Injection Vulnerability
[SA17895] phpMyAdmin Cross-Site Scripting Vulnerabilities
[SA17885] PHP-addressbook "view.php" SQL Injection Vulnerability
[SA17876] KeyWord Frequency Counter "url" Cross-Site Scripting
Vulnerability
[SA17875] Amazon Search Directory "search.cgi" Cross-Site Scripting
Vulnerability
[SA17873] Sun Java System Application Server Reverse SSL Proxy Plug-in
Vulnerability
[SA17872] Hot Links Pro "search.cgi" Cross-Site Scripting
Vulnerability
[SA17868] Hot Links SQL "search.cgi" Cross-Site Scripting
Vulnerability
[SA17864] Warm Links "search.cgi" Cross-Site Scripting Vulnerability
[SA17862] 1-Search "1search.cgi" Cross-Site Scripting Vulnerability
[SA17850] QualityEBiz Quality PPC "REQ" Cross-Site Scripting
Vulnerability
[SA17848] WebCalendar Two Vulnerabilities and a Weakness
[SA17890] e107 "rate.php" Redirection and Multiple Rating Weakness
[SA17889] Sun Java System Communications Services Delegated
Administrator Password Disclosure

========================================================================
5) Vulnerabilities Content Listing

Windows:--

[SA17863] Ipswitch IMail Server IMAP and SMTP Service Two
Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-12-07

Two vulnerabilities have been reported in IMail Server, which can be
exploited by malicious users to cause a DoS (Denial of Service) and to
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/17863/

 --

[SA17939] CF_Nuke Directory Traversal and Cross-Site Scripting
Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Exposure of sensitive information
Released:    2005-12-07

r0t has discovered two vulnerabilities in CF_Nuke, which can be
exploited by malicious people to conduct cross-site scripting attacks
and to disclose potentially sensitive information.

Full Advisory:
http://secunia.com/advisories/17939/

 --

[SA17900] A-FAQ SQL Injection Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-12-06

r0t has reported two vulnerabilities in A-FAQ, which can be exploited
by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/17900/

 --

[SA17906] Ideal BB.NET Custom Error Page Cross-Site Scripting
Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-12-07

r0t has discovered a vulnerability in Ideal BB.NET, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/17906/

 --

[SA17905] rwAuction Pro "searchtxt" Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-12-06

r0t has reported a vulnerability in rwAuction Pro, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/17905/

 --

[SA17904] XcPhotoAlbum "SearchFor" Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-12-06

r0t has reported a vulnerability in XcPhotoAlbum, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/17904/

 --

[SA17903] XcClassified "SearchFor" Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-12-06

r0t has reported a vulnerability in XcClassified, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/17903/

 --

[SA17902] NetAuctionHelp Auction Software Cross-Site Scripting
Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-12-06

r0t has reported some vulnerabilities in NetAuctionHelp Auction
Software, which can be exploited by malicious people to conduct
cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/17902/

 --

[SA17901] IISWorks ASPKnowledgeBase "a" Cross-Site Scripting
Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-12-06

r0t has reported a vulnerability in IISWorks ASPKnowledgeBase, which
can be exploited by malicious people to conduct cross-site scripting
attacks.

Full Advisory:
http://secunia.com/advisories/17901/

 --

[SA17898] DUware DUportal Pro "result" Cross-Site Scripting
Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-12-06

Dj_Eyes has reported a vulnerability in DUware DUportal Pro, which can
be exploited by malicious people to conduct cross-site scripting
attacks.

Full Advisory:
http://secunia.com/advisories/17898/

 --

[SA17857] SiteBeater News System "Archive.asp" Cross-Site Scripting
Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-12-05

r0t has reported a vulnerability in SiteBeater News System, which can
be exploited by malicious people to conduct cross-site scripting
attacks.

Full Advisory:
http://secunia.com/advisories/17857/

 --

[SA17856] SiteBeater MP3 Catalog "Search.asp" Cross-Site Scripting
Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-12-05

r0t has reported a vulnerability in SiteBeater MP3 Catalog, which can
be exploited by malicious people to conduct cross-site scripting
attacks.

Full Advisory:
http://secunia.com/advisories/17856/

 --

[SA17854] Solupress News "search.asp" Cross-Site Scripting
Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-12-05

r0t has reported a vulnerability in Solupress News, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/17854/

 --

[SA17851] MyTemplateSite "search.asp" Cross-Site Scripting
Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-12-05

r0t has reported a vulnerability in MyTemplateSite, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/17851/

 --

[SA17933] Sony SunnComm MediaMax DRM Software Insecure Directory
Permissions

Critical:    Less critical
Where:       Local system
Impact:      Manipulation of data, Privilege escalation
Released:    2005-12-07

Jesse Burns and Alex Stamos has reported a security issue in SunnComm
MediaMax, which can be exploited by malicious, local users to gain
escalated privileges.

Full Advisory:
http://secunia.com/advisories/17933/


UNIX/Linux:--

[SA17899] Ubuntu update for kerberos

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-12-06

Ubuntu has issued an update for kerberos. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service) and compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/17899/

 --

[SA17847] Apple Mac OS X update for Java

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-12-02

Apple has acknowledged some vulnerabilities in Java for Mac OS X, which
can be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/17847/

 --

[SA17930] Red Hat update for imap

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-12-07

Red Hat has issued an update for imap. This fixes a vulnerability,
which can be exploited by malicious users to cause a DoS (Denial of
Service) or compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/17930/

 --

[SA17929] Red Hat update for xpdf

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-12-07

Red Hat has issued an update for xpdf. This fixes some vulnerabilities,
which can be exploited by malicious people to cause a DoS (Denial of
Service) and potentially to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/17929/

 --

[SA17928] Red Hat update for libc-client

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-12-07

Red Hat has issued an update for libc-client. This fixes a
vulnerability, which can be exploited by malicious users to cause a DoS
(Denial of Service) or compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/17928/

 --

[SA17926] Fedora update for xpdf

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-12-07

Fedora has issued an update for xpdf. This fixes some vulnerabilities,
which can be exploited by malicious people to cause a DoS (Denial of
Service) and potentially to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/17926/

 --

[SA17923] Ubuntu update for apache2

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2005-12-07

Ubuntu has issued an update for apache2. This fixes a vulnerability,
which potentially can be exploited by malicious people to cause a DoS
(Denial of Service).

Full Advisory:
http://secunia.com/advisories/17923/

 --

[SA17921] pdftohtml Xpdf Buffer Overflow Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      System access, DoS
Released:    2005-12-07

Some vulnerabilities have been reported in pdftohtml, which can be
exploited by malicious people to cause a DoS (Denial of Service) and
potentially to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/17921/

 --

[SA17920] KDE kpdf Xpdf Buffer Overflow Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      System access, DoS
Released:    2005-12-07

Some vulnerabilities have been reported in KDE kpdf, which can be
exploited by malicious people to cause a DoS (Denial of Service) and
potentially to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/17920/

 --

[SA17916] teTeX Xpdf Buffer Overflow Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-12-07

Some vulnerabilities have been reported in teTeX, which can be
exploited by malicious people to cause a DoS (Denial of Service) and
potentially to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/17916/

 --

[SA17912] Poppler Xpdf Buffer Overflow Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-12-07

Some vulnerabilities have been reported in Poppler, which can be
exploited by malicious people to cause a DoS (Denial of Service) and
potentially to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/17912/

 --

[SA17910] Horde IMP Attachments Script Insertion Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-12-06

Igor has reported a vulnerability in Horde IMP, which can be exploited
by malicious people to conduct script insertion attacks.

Full Advisory:
http://secunia.com/advisories/17910/

 --

[SA17908] KOffice KWord PDF Filter Xpdf Buffer Overflow
Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-12-07

Some vulnerabilities have been reported in KOffice, which can be
exploited by malicious people to cause a DoS (Denial of Service) and
potentially to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/17908/

 --

[SA17897] Xpdf Multiple Buffer Overflow Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-12-06

infamous41md has reported some vulnerabilities in xpdf, which can be
exploited by malicious people to cause a DoS (Denial of Service) and
potentially to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/17897/

 --

[SA17892] FFmpeg libavcodec Buffer Overflow Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-12-06

Simon Kilvington has reported a vulnerability in FFmpeg libavcodec,
which can be exploited by malicious people to cause a DoS (Denial of
Service) and potentially to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/17892/

 --

[SA17882] Debian update for inkscape

Critical:    Moderately critical
Where:       From remote
Impact:      Privilege escalation, DoS, System access
Released:    2005-12-07

Debian has issued an update for inkscape. This fixes two
vulnerabilities, which can be exploited by malicious, local users to
perform certain actions on a vulnerable system with escalated
privileges and by malicious people to potentially compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/17882/

 --

[SA17874] Mandriva update for mailman

Critical:    Moderately critical
Where:       From remote
Impact:      Unknown, DoS
Released:    2005-12-05

Mandriva has issued an update for mailman. This fixes a vulnerability,
which potentially can be exploited by malicious people to cause a DoS
(Denial of Service).

Full Advisory:
http://secunia.com/advisories/17874/

 --

[SA17860] Debian update for helix-player

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2005-12-02

Debian has issued an update for helix-player. This fixes a
vulnerability, which can be exploited by malicious people to compromise
a user's system.

Full Advisory:
http://secunia.com/advisories/17860/

 --

[SA17913] coWiki "q" Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-12-06

r0t has reported a vulnerability in coWiki, which can be exploited by
malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/17913/

 --

[SA17878] Mandriva update for webmin

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2005-12-05

Mandriva has issued an update for webmin. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/17878/

 --

[SA17877] Mandriva update for spamassassin

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2005-12-05

Mandriva has issued an update for spamassassin. This fixes a
vulnerability, which can be exploited by malicious people to cause a
DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/17877/

 --

[SA17839] FastJar File Extraction Directory Traversal Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      System access
Released:    2005-12-01

tv has discovered a vulnerability in FastJar, which potentially can be
exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/17839/

 --

[SA17917] SUSE update for kernel

Critical:    Less critical
Where:       From local network
Impact:      Exposure of sensitive information, DoS
Released:    2005-12-06

SUSE has issued an update for the kernel. This fixes some
vulnerabilities, which can be exploited by malicious, local users to
cause a DoS (Denial of Service), or by malicious people to disclose
certain sensitive information.

Full Advisory:
http://secunia.com/advisories/17917/

 --

[SA17845] Fedora update for openldap

Critical:    Less critical
Where:       From local network
Impact:      Exposure of sensitive information
Released:    2005-12-02

Fedora has issued an update for openldap. This fixes a security issue,
which can be exploited by malicious people to gain knowledge of
sensitive information.

Full Advisory:
http://secunia.com/advisories/17845/

 --

[SA17924] AIX "umountall" Command Absolute Path Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Unknown
Released:    2005-12-07

A vulnerability has been reported in AIX, which can be exploited by
malicious, local users with unknown impact.

Full Advisory:
http://secunia.com/advisories/17924/

 --

[SA17907] cURL/libcURL URL Parsing Off-By-One Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Unknown
Released:    2005-12-07

Stefan Esser has reported a vulnerability in cURL/libcURL, which has an
unknown impact.

Full Advisory:
http://secunia.com/advisories/17907/

 --

[SA17886] Ubuntu update for inkscape

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-12-05

Ubuntu has issued an update for inkscape. This fixes a vulnerability,
which can be exploited by malicious, local users to perform certain
actions on a vulnerable system with escalated privileges.

Full Advisory:
http://secunia.com/advisories/17886/

 --

[SA17844] Fedora update for perl

Critical:    Not critical
Where:       From remote
Impact:      DoS
Released:    2005-12-02

Fedora has issued an update for perl. This fixes a vulnerability, which
can be exploited by malicious people to cause a Denial of Service.

Full Advisory:
http://secunia.com/advisories/17844/


Other:--

[SA17888] Cisco Products OpenSSL Potential SSL 2.0 Rollback
Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass
Released:    2005-12-05

Cisco has acknowledged a vulnerability in some products, which
potentially can be exploited by malicious people to bypass certain
security restrictions.

Full Advisory:
http://secunia.com/advisories/17888/

 --

[SA17852] MultiTech MultiVoIP Gateway Denial of Service Vulnerability

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2005-12-07

Ejovi Nuwere has reported a vulnerability in MultiTech MultiVoIP
Gateway, which potentially can be exploited by malicious people to
cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/17852/


Cross Platform:--

[SA17925] phpMyAdmin register_globals Emulation "import_blacklist"
Manipulation

Critical:    Highly critical
Where:       From remote
Impact:      Cross Site Scripting, Exposure of sensitive information,
System access
Released:    2005-12-07

Stefan Esser has reported a vulnerability in phpMyAdmin, which can be
exploited by malicious people to conduct cross-site scripting attacks,
disclose sensitive information, and compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/17925/

 --

[SA17896] DoceboLMS Information Disclosure and File Upload
Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      Exposure of system information, System access
Released:    2005-12-06

rgod has reported two vulnerabilities in DoceboLMS, which can be
exploited by malicious people to disclose system information and
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/17896/

 --

[SA17887] Jinzora Snoopy "_httpsrequest()" Command Injection
Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-12-05

A vulnerability has been reported in Jinzora, which can be exploited by
malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/17887/

 --

[SA17866] MediaWiki Language Option PHP Code Execution Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-12-05

A vulnerability has been reported in MediaWiki, which can be exploited
by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/17866/

 --

[SA17858] PHPX "username" SQL Injection Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Manipulation of data, System access
Released:    2005-12-02

rgod has reported a vulnerability in PHPX, which can be exploited by
malicious people to conduct SQL injection attacks and compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/17858/

 --

[SA17935] Magic Forum Personal Cross-Site Scripting and SQL Injection

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data
Released:    2005-12-07

r0t has reported some vulnerabilities in Magic Forum Personal, which
can be exploited by malicious people to conduct cross-site scripting
and SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/17935/

 --

[SA17915] phpForumPro SQL Injection Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-12-06

$um$id has reported two vulnerabilities in phpForumPro, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/17915/

 --

[SA17914] Cars Portal SQL Injection Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-12-06

r0t has reported two vulnerabilities in Cars Portal, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/17914/

 --

[SA17911] PluggedOut Blog "index.php" SQL Injection Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-12-06

r0t has discovered some vulnerabilities in PluggedOut Blog, which can
be exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/17911/

 --

[SA17909] PluggedOut Nexus SQL Injection and Cross-Site Scripting
Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data
Released:    2005-12-06

r0t has discovered some vulnerabilities in PluggedOut Nexus, which can
be exploited by malicious people to conduct SQL injection and
cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/17909/

 --

[SA17894] Trac Search Module SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-12-06

A vulnerability has been reported in Trac, which can be exploited by
malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/17894/

 --

[SA17893] Blog System SQL Injection Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-12-06

vipsta has reported two vulnerabilities in Blog System, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/17893/

 --

[SA17884] HobSR "view.php" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-12-05

r0t has reported a vulnerability in HobSR, which can be exploited by
malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/17884/

 --

[SA17883] Web4Future Affiliate Manager Pro "pid" SQL Injection
Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-12-06

r0t has reported a vulnerability in Web4Future Affiliate Manager Pro,
which can be exploited by malicious users to conduct SQL injection
attacks.

Full Advisory:
http://secunia.com/advisories/17883/

 --

[SA17881] Web4Future eCommerce Products SQL Injection Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-12-06

r0t has reported some vulnerabilities in various Web4Future eCommerce
products, which can be exploited by malicious people to conduct SQL
injection attacks.

Full Advisory:
http://secunia.com/advisories/17881/

 --

[SA17880] Web4Future Portal Solutions Information Disclosure and SQL
Injection

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data, Exposure of system information
Released:    2005-12-05

r0t has reported two vulnerabilities in Web4Future Portal Solutions,
which can be exploited by malicious people to disclose system
information and conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/17880/

 --

[SA17879] Web4Future eDating Professional SQL Injection
Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-12-05

r0t has reported some vulnerabilities in Web4Future eDating
Professional, which can be exploited by malicious people to conduct SQL
injection attacks.

Full Advisory:
http://secunia.com/advisories/17879/

 --

[SA17871] PHP-Fusion "srch_text" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-12-05

Nolan West has reported a vulnerability in PHP-Fusion, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/17871/

 --

[SA17869] Zen Cart "admin_email" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of system information, Manipulation of data
Released:    2005-12-05

rgod has reported a vulnerability in Zen Cart, which can be exploited
by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/17869/

 --

[SA17867] Nodezilla Potential Information Disclosure Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of sensitive information
Released:    2005-12-05

A vulnerability has been reported in Nodezilla, which potentially can
be exploited by malicious people to disclose certain sensitive
information.

Full Advisory:
http://secunia.com/advisories/17867/

 --

[SA17861] Quicksilver Forums HTTP_USER_AGENT SQL Injection
Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-12-05

A vulnerability has been reported in Quicksilver Forums, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/17861/

 --

[SA17859] SAPID CMS Security Bypass Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2005-12-02

A vulnerability has been reported in SAPID, which can be exploited by
malicious people to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/17859/

 --

[SA17855] Coppermine Photo Gallery "relocate_server.php" Exposure of
Configuration

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of sensitive information
Released:    2005-12-02

A security issue has been reported in Coppermine Photo Gallery, which
can be exploited by malicious people to disclose potentially sensitive
information.

Full Advisory:
http://secunia.com/advisories/17855/

 --

[SA17853] NetClassifieds Multiple SQL Injection Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-12-02

r0t has reported some vulnerabilities in NetClassifieds, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/17853/

 --

[SA17849] phpYellow SQL Injection Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-12-05

r0t has reported two vulnerabilities in phpYellow, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/17849/

 --

[SA17846] Relative Real Estate Systems "mls" SQL Injection
Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-12-05

r0t has reported a vulnerability in Relative Real Estate Systems, which
can be exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/17846/

 --

[SA17843] LandShop SQL Injection Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data, Exposure of system information
Released:    2005-12-05

r0t has reported some vulnerabilities in LandShop, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/17843/

 --

[SA17842] Lore "id" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-12-01

r0t has reported a vulnerability in Lore, which can be exploited by
malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/17842/

 --

[SA17841] Instant Photo Gallery SQL Injection Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-12-01

r0t has reported two vulnerabilities in Instant Photo Gallery, which
can be exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/17841/

 --

[SA17840] Widget Imprint "product_id" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-12-05

r0t has reported a vulnerability in Widget Imprint, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/17840/

 --

[SA17937] Magic List Pro "ListID" SQL Injection Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-12-07

r0t has reported a vulnerability in Magic List Pro, which can be
exploited by malicious users to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/17937/

 --

[SA17895] phpMyAdmin Cross-Site Scripting Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-12-06

Some vulnerabilities have been reported in phpMyAdmin, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/17895/

 --

[SA17885] PHP-addressbook "view.php" SQL Injection Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-12-06

$um$id has discovered a vulnerability in PHP-addressbook, which can be
exploited by malicious users to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/17885/

 --

[SA17876] KeyWord Frequency Counter "url" Cross-Site Scripting
Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-12-06

r0t has discovered a vulnerability in KeyWord Frequency Counter, which
can be exploited by malicious people to conduct cross-site scripting
attacks.

Full Advisory:
http://secunia.com/advisories/17876/

 --

[SA17875] Amazon Search Directory "search.cgi" Cross-Site Scripting
Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-12-05

r0t has reported a vulnerability in Amazon Search Directory, which can
be exploited by malicious people to conduct cross-site scripting
attacks.

Full Advisory:
http://secunia.com/advisories/17875/

 --

[SA17873] Sun Java System Application Server Reverse SSL Proxy Plug-in
Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Hijacking
Released:    2005-12-06

A vulnerability has been reported in Sun ONE and Java System
Application Server, which potentially can be exploited by malicious
people to conduct MitM (Man-in-the-Middle) attacks.

Full Advisory:
http://secunia.com/advisories/17873/

 --

[SA17872] Hot Links Pro "search.cgi" Cross-Site Scripting
Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-12-05

r0t has reported a vulnerability in Hot Links Pro, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/17872/

 --

[SA17868] Hot Links SQL "search.cgi" Cross-Site Scripting
Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-12-05

r0t has reported a vulnerability in Hot Links SQL, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/17868/

 --

[SA17864] Warm Links "search.cgi" Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-12-05

r0t has reported a vulnerability in Warm Links, which can be exploited
by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/17864/

 --

[SA17862] 1-Search "1search.cgi" Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-12-05

r0t has reported a vulnerability in 1-Search, which can be exploited by
malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/17862/

 --

[SA17850] QualityEBiz Quality PPC "REQ" Cross-Site Scripting
Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-12-02

r0t has reported a vulnerability in QualityEBiz Quality PPC
(QualityPPC), which can be exploited by malicious people to conduct
cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/17850/

 --

[SA17848] WebCalendar Two Vulnerabilities and a Weakness

Critical:    Less critical
Where:       From remote
Impact:      Manipulation of data, Exposure of system information,
Cross Site Scripting
Released:    2005-12-02

Two vulnerabilities and a weakness have been reported in WebCalendar,
which can be exploited by malicious users to conduct SQL injection
attacks, and by malicious people to gain knowledge of certain
information and conduct HTTP response splitting attacks.

Full Advisory:
http://secunia.com/advisories/17848/

 --

[SA17890] e107 "rate.php" Redirection and Multiple Rating Weakness

Critical:    Not critical
Where:       From remote
Impact:      Security Bypass
Released:    2005-12-05

Marc Ruef has reported two weakness in e107, which potentially can be
exploited by malicious users to bypass certain security restrictions
and by malicious people to conduct phishing attacks.

Full Advisory:
http://secunia.com/advisories/17890/

 --

[SA17889] Sun Java System Communications Services Delegated
Administrator Password Disclosure

Critical:    Not critical
Where:       From local network
Impact:      Exposure of sensitive information
Released:    2005-12-06

A weakness has been reported in Sun Java System Messaging Server, which
can be exploited by malicious people to disclose potentially sensitive
information.

Full Advisory:
http://secunia.com/advisories/17889/



========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Subscribe:
http://secunia.com/secunia_weekly_summary/

Contact details:
Web	: http://secunia.com/
E-mail	: support at secunia.com
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45





More information about the ISN mailing list