[ISN] Secunia Weekly Summary - Issue: 2005-5

InfoSec News isn at c4i.org
Fri Feb 4 05:44:43 EST 2005


========================================================================

                  The Secunia Weekly Advisory Summary                  
                        2005-01-27 - 2005-02-03                        

                       This week : 65 advisories                       

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing

========================================================================
1) Word From Secunia:

The Secunia staff is spending hours every day to assure you the best
and most reliable source for vulnerability information. Every single 
vulnerability report is being validated and verified before a Secunia
advisory is written.

Secunia validates and verifies vulnerability reports in many different
ways e.g. by downloading the software and performing comprehensive
tests, by reviewing source code, or by validating the credibility of
the source from which the vulnerability report was issued.

As a result, Secunia's database is the most correct and complete source
for recent vulnerability information available on the Internet.

Secunia Online Vulnerability Database:
http://secunia.com/

========================================================================
2) This Week in Brief:

ADVISORIES: 

Qualcomm has released a new version of Eudora, which according to the
vendor corrects some vulnerabilities, which can be exploited to crash
the mail client. However, according to the security researcher who
initially found the vulnerabilities, these can actually be exploited to
run arbitrary code on a vulnerable system.

Please refer to the Secunia advisory below for additional details.

References:
http://secunia.com/SA14104/

--

The Mozilla Foundation has released details about several
vulnerabilities, which was corrected with the releases of Firefox 1.0,
Mozilla 1.7.5, and Thunderbird 1.0.

A listing of the vulnerabilities and additional details are available
in the Secunia advisory below.

References:
http://secunia.com/SA14017/


VIRUS ALERTS:

During the last week, Secunia issued 2 MEDIUM RISK virus alerts.
Please refer to the grouped virus profile below for more information:

Bropia.F - MEDIUM RISK Virus Alert - 2005-02-03 06:25 GMT+1
http://secunia.com/virus_information/15107/bropia.f/

Bagle.BA - MEDIUM RISK Virus Alert - 2005-01-28 02:58 GMT+1
http://secunia.com/virus_information/12174/bagle.ba/

========================================================================
3) This Weeks Top Ten Most Read Advisories:

1.  [SA12889] Microsoft Internet Explorer Multiple Vulnerabilities
2.  [SA13969] DivX Player ".dps" Skin File Directory Traversal
              Vulnerability
3.  [SA14017] Firefox / Mozilla / Thunderbird Multiple Vulnerabilities
4.  [SA13482] Internet Explorer DHTML Edit ActiveX Control Cross-Site
              Scripting
5.  [SA13129] Mozilla / Mozilla Firefox Window Injection Vulnerability
6.  [SA13599] Mozilla / Mozilla Firefox Download Dialog Source Spoofing
7.  [SA12758] Microsoft Word Document Parsing Buffer Overflow
              Vulnerability
8.  [SA13918] Sun Java Plug-In Two Vulnerabilities
9.  [SA13862] Oracle Products 23 Vulnerabilities
10. [SA14061] Windows Registry Key Locking Denial of Service

========================================================================
4) Vulnerabilities Summary Listing

Windows:
[SA14113] Painkiller CD-Key Hash Buffer Overflow Vulnerability
[SA14104] Eudora System Compromise Vulnerabilities
[SA14116] DeskNow Mail and Collaboration Directory Traversal
Vulnerabilities
[SA14077] Eternal Lines Web Server Two Vulnerabilities
[SA14073] Xpand Rally Denial of Service Vulnerability
[SA14063] SnugServer FTP Server Directory Traversal Vulnerability
[SA14054] War FTP Daemon Denial of Service Vulnerability
[SA14053] Winmail Server Multiple Vulnerabilities
[SA14106] Eurofull E-Commerce "nombre" Cross-Site Scripting
[SA14087] RealPlayer RealMedia ".rm" Security Bypass Vulnerability
[SA14080] SmarterMail Attachment Upload Vulnerability
[SA14079] WebAdmin Multiple Vulnerabilities
[SA14058] WebWasher Classic Server Mode Proxying Vulnerability
[SA14078] IceWarp Web Mail Various Weaknesses
[SA14075] Captaris Infinite Mobile Delivery Webmail Cross-Site
Scripting
[SA14061] Windows Registry Key Locking Denial of Service

UNIX/Linux:
[SA14103] Debian update for prozilla
[SA14096] Debian update for squirrelmail
[SA14086] Red Hat update for ethereal
[SA14081] HP VirtualVault / Webproxy Apache Vulnerabilities
[SA14065] Gentoo update for tikiwiki
[SA14059] Gentoo update for ngircd
[SA14056] ngIRCd "Lists_MakeMask()" Buffer Overflow Vulnerability
[SA14112] Gentoo update for squid
[SA14109] Red Hat update for enscript
[SA14105] Gentoo update for enscript
[SA14101] Fedora update for squid
[SA14100] Mandrake update for imap
[SA14099] Mandrake update for chbg
[SA14097] Gentoo update for uw-imap
[SA14093] Fedora update for openssl096b
[SA14091] Squid Oversized Reply Header Handling Security Issue
[SA14089] Gentoo update for clamav
[SA14088] Avaya Intuity Audix Denial of Service Vulnerabilities
[SA14085] Mandrake update for clamav
[SA14084] Clam AntiVirus ZIP File Handling Denial of Service
[SA14082] HP VirtualVault TGA Daemon Unspecified Denial of Service
[SA14062] Fedora update for openswan
[SA14057] UW-imapd CRAM-MD5 Authentication Bypass Vulnerability
[SA14055] Mandrake update for evolution
[SA14107] Red Hat update for cups
[SA14095] AIX Unspecified NIS Client System Compromise Vulnerability
[SA14098] Gentoo update for newspost
[SA14094] newsfetch NNTP Response Handling Buffer Overflows
[SA14092] Newspost "socket_getline()" Buffer Overflow Vulnerability
[SA14069] Gentoo update for gallery
[SA14111] Mandrake update for ncpfs
[SA14072] fprobe Weak Hash Functions Denial of Service
[SA14071] Dante FD_SET Overflow Vulnerability
[SA14070] Gentoo update for ncpfs
[SA14068] ncpfs Two Vulnerabilities
[SA14121] Debian cpio Incorrect File Permissions
[SA14115] Mandrake update for vim
[SA14108] Red Hat update for perl-DBI
[SA14102] Gentoo update for firehol
[SA14067] Gentoo update for f2c
[SA14066] Gentoo update for vdr
[SA14052] Debian update for f2c

Other:
[SA14122] Cisco IP/VC 3500 Series Hard-Coded SNMP Community Strings
[SA14060] Ingate Firewall Active Blocked PPTP Tunnel Security Issue

Cross Platform:
[SA14124] Mambo Global Variables Security Bypass Vulnerability
[SA14064] Xoops Incontent Module Arbitrary File Content Disclosure
[SA14090] PHP-Fusion "forum_search.php" Information Disclosure
[SA14074] JShop Server "xProd" and "xSec" Parameters Cross-Site
Scripting
[SA14076] Squid WCCP Message Handling Buffer Overflow Vulnerability

========================================================================
5) Vulnerabilities Content Listing

Windows:--

[SA14113] Painkiller CD-Key Hash Buffer Overflow Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access, DoS
Released:    2005-02-03

Luigi Auriemma has reported a vulnerability in Painkiller, which
potentially can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/14113/

 --

[SA14104] Eudora System Compromise Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-02-03

John Heasman of NGSSoftware has reported some vulnerabilities in
Eudora, which can be exploited by malicious people to compromise a
user's system.

Full Advisory:
http://secunia.com/advisories/14104/

 --

[SA14116] DeskNow Mail and Collaboration Directory Traversal
Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data, DoS, System access
Released:    2005-02-03

Tan Chew Keong has reported two vulnerabilities in DeskNow Mail and
Collaboration, which can be exploited by malicious users to delete
arbitrary files and potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/14116/

 --

[SA14077] Eternal Lines Web Server Two Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Exposure of sensitive information, DoS
Released:    2005-02-01

Two vulnerabilities have been reported in Eternal Lines Web Server,
which can be exploited by malicious people to cause a DoS (Denial of
Service), disclose sensitive information, and bypass certain security
restrictions.

Full Advisory:
http://secunia.com/advisories/14077/

 --

[SA14073] Xpand Rally Denial of Service Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2005-01-31

Luigi Auriemma has reported a vulnerability in Xpand Rally, which can
be exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/14073/

 --

[SA14063] SnugServer FTP Server Directory Traversal Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of sensitive information
Released:    2005-01-28

muts has reported a vulnerability in SnugServer, which can be exploited
by malicious users to disclose sensitive information.

Full Advisory:
http://secunia.com/advisories/14063/

 --

[SA14054] War FTP Daemon Denial of Service Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2005-01-28

MC.Iglo has discovered a vulnerability in War FTP Daemon, which can be
exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/14054/

 --

[SA14053] Winmail Server Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Spoofing, Exposure of sensitive
information, System access
Released:    2005-01-28

Tan Chew Keong has reported some vulnerabilities in Winmail Server,
which can be exploited by malicious users to disclose sensitive
information, use a vulnerable system for port scanning other hosts,
conduct script insertion attacks, or compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/14053/

 --

[SA14106] Eurofull E-Commerce "nombre" Cross-Site Scripting

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-02-02

Security .Net Information has reported a vulnerability in Eurofull
E-Commerce, which can be exploited by malicious people to conduct
cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/14106/

 --

[SA14087] RealPlayer RealMedia ".rm" Security Bypass Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass
Released:    2005-02-01

http-equiv has discovered a vulnerability in RealPlayer, which can be
exploited by malicious people to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/14087/

 --

[SA14080] SmarterMail Attachment Upload Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-01-31

Soroush Dalili has discovered a vulnerability in SmarterMail, which can
be exploited by malicious users to conduct script insertion attacks.

Full Advisory:
http://secunia.com/advisories/14080/

 --

[SA14079] WebAdmin Multiple Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting
Released:    2005-01-31

David Alonso Pérez has reported some vulnerabilities in WebAdmin, which
can be exploited by malicious people to conduct cross-site scripting
attacks and bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/14079/

 --

[SA14058] WebWasher Classic Server Mode Proxying Vulnerability

Critical:    Less critical
Where:       From local network
Impact:      Security Bypass
Released:    2005-01-28

Oliver Karow has discovered a vulnerability in WebWasher Classic, which
can be exploited by malicious people to bypass certain security
restrictions.

Full Advisory:
http://secunia.com/advisories/14058/

 --

[SA14078] IceWarp Web Mail Various Weaknesses

Critical:    Not critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information
Released:    2005-01-31

ShineShadow has reported two weaknesses in IceWarp Web Mail, which can
be exploited by malicious users to gain knowledge of certain system
information or sensitive information.

Full Advisory:
http://secunia.com/advisories/14078/

 --

[SA14075] Captaris Infinite Mobile Delivery Webmail Cross-Site
Scripting

Critical:    Not critical
Where:       From remote
Impact:      Cross Site Scripting, Exposure of system information
Released:    2005-01-31

Steven has reported a vulnerability in Infinite Mobile Delivery, which
can be exploited by malicious people to conduct cross-site scripting
attacks.

Full Advisory:
http://secunia.com/advisories/14075/

 --

[SA14061] Windows Registry Key Locking Denial of Service

Critical:    Not critical
Where:       Local system
Impact:      DoS
Released:    2005-01-31

Vladimir Kraljevic has reported a security issue in Windows, which can
be exploited by malicious, local users to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/14061/


UNIX/Linux:--

[SA14103] Debian update for prozilla

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-02-02

Debian has issued an update for prozilla. This fixes some
vulnerabilities, which can be exploited by malicious people to
compromise a user's system.

Full Advisory:
http://secunia.com/advisories/14103/

 --

[SA14096] Debian update for squirrelmail

Critical:    Highly critical
Where:       From remote
Impact:      Cross Site Scripting, System access
Released:    2005-02-02

Debian has issued an update for squirrelmail. This fixes two
vulnerabilities, which can be exploited by malicious people to conduct
cross-site scripting attacks and compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/14096/

 --

[SA14086] Red Hat update for ethereal

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-02-02

Red Hat has issued an update for ethereal. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service) or potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/14086/

 --

[SA14081] HP VirtualVault / Webproxy Apache Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      Privilege escalation, DoS, System access
Released:    2005-01-31

HP has acknowledged some vulnerabilities in Virtualvault and Webproxy,
which can be exploited to gain escalated privileges, cause a DoS
(Denial of Service), and potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/14081/

 --

[SA14065] Gentoo update for tikiwiki

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-01-31

Gentoo has issued an update for tikiwiki. This fixes some
vulnerabilities, which can be exploited by malicious people to
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/14065/

 --

[SA14059] Gentoo update for ngircd

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-01-31

Gentoo has issued an update for ngircd. This fixes a vulnerability,
which can be exploited by malicious users to cause a DoS (Denial of
Service) and potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/14059/

 --

[SA14056] ngIRCd "Lists_MakeMask()" Buffer Overflow Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-01-31

Florian Westphal has reported a vulnerability in ngIRCd, which can be
exploited by malicious users to cause a DoS (Denial of Service) and
potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/14056/

 --

[SA14112] Gentoo update for squid

Critical:    Moderately critical
Where:       From remote
Impact:      Unknown, Security Bypass, DoS
Released:    2005-02-03

Gentoo has issued an update for squid, which fixes various
vulnerabilities. One has an unknown impact, and others can be exploited
by malicious people to bypass certain security restrictions and cause a
DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/14112/

 --

[SA14109] Red Hat update for enscript

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2005-02-02

Red Hat has issued an update for enscript. This fixes some
vulnerabilities, which potentially can be exploited by malicious people
to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/14109/

 --

[SA14105] Gentoo update for enscript

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2005-02-03

Gentoo has issued an update for enscript. This fixes some
vulnerabilities, which potentially can be exploited by malicious people
to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/14105/

 --

[SA14101] Fedora update for squid

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-02-02

Fedora has issued an update for squid. This fixes some vulnerabilities,
which can be exploited by malicious people to cause a DoS (Denial of
Service) or potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/14101/

 --

[SA14100] Mandrake update for imap

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2005-02-02

MandrakeSoft has issued an update for imap. This fixes a vulnerability,
which can be exploited by malicious people to bypass the user
authentication.

Full Advisory:
http://secunia.com/advisories/14100/

 --

[SA14099] Mandrake update for chbg

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2005-02-02

MandrakeSoft has issued an update for chbg. This fixes a vulnerability,
which can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/14099/

 --

[SA14097] Gentoo update for uw-imap

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2005-02-02

Gentoo has issued an update for uw-imap. This fixes a vulnerability,
which can be exploited by malicious people to bypass the user
authentication.

Full Advisory:
http://secunia.com/advisories/14097/

 --

[SA14093] Fedora update for openssl096b

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2005-02-01

Fedora has issued an update for openssl096b. This fixes a
vulnerability, which can be exploited by malicious people to cause a
DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/14093/

 --

[SA14091] Squid Oversized Reply Header Handling Security Issue

Critical:    Moderately critical
Where:       From remote
Impact:      Unknown
Released:    2005-02-01

A security issue with an unknown impact has been reported in Squid.

Full Advisory:
http://secunia.com/advisories/14091/

 --

[SA14089] Gentoo update for clamav

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, Security Bypass
Released:    2005-02-01

Gentoo has issued an update for clamav. This fixes a vulnerability and
a weakness, which allows malware to bypass detection and cause a DoS
(Denial of Service).

Full Advisory:
http://secunia.com/advisories/14089/

 --

[SA14088] Avaya Intuity Audix Denial of Service Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2005-02-01

Avaya has acknowledged some vulnerabilities in Intuity Audix R5, which
can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/14088/

 --

[SA14085] Mandrake update for clamav

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, DoS
Released:    2005-02-01

MandrakeSoft has issued an update for clamav. This fixes a
vulnerability and a weakness, which allows malware to bypass detection
and cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/14085/

 --

[SA14084] Clam AntiVirus ZIP File Handling Denial of Service

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2005-02-01

Reinhard Max has reported a vulnerability in Clam AntiVirus, which can
be exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/14084/

 --

[SA14082] HP VirtualVault TGA Daemon Unspecified Denial of Service

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2005-01-31

A vulnerability has been reported in HP Virtualvault, which can be
exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/14082/

 --

[SA14062] Fedora update for openswan

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2005-01-31

Fedora has issued an update for openswan. This fixes a vulnerability,
which can be exploited by malicious users to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/14062/

 --

[SA14057] UW-imapd CRAM-MD5 Authentication Bypass Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2005-01-28

A vulnerability has been reported in University of Washington IMAP
server, which can be exploited by malicious people to bypass the user
authentication.

Full Advisory:
http://secunia.com/advisories/14057/

 --

[SA14055] Mandrake update for evolution

Critical:    Moderately critical
Where:       From remote
Impact:      Privilege escalation, System access
Released:    2005-01-28

MandrakeSoft has issued an update for evolution. This fixes a
vulnerability, which can be exploited by malicious people to compromise
a user's system or by malicious, local users to gain escalated
privileges.

Full Advisory:
http://secunia.com/advisories/14055/

 --

[SA14107] Red Hat update for cups

Critical:    Moderately critical
Where:       From local network
Impact:      System access
Released:    2005-02-02

Red Hat has issued an update for cups. This fixes a vulnerability,
which potentially can be exploited by malicious users to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/14107/

 --

[SA14095] AIX Unspecified NIS Client System Compromise Vulnerability

Critical:    Moderately critical
Where:       From local network
Impact:      Privilege escalation, System access
Released:    2005-02-01

A vulnerability has been reported in AIX, which can be exploited by
malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/14095/

 --

[SA14098] Gentoo update for newspost

Critical:    Less critical
Where:       From remote
Impact:      System access
Released:    2005-02-03

Gentoo has issued an update for newspost. This fixes a vulnerability,
which can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/14098/

 --

[SA14094] newsfetch NNTP Response Handling Buffer Overflows

Critical:    Less critical
Where:       From remote
Impact:      System access
Released:    2005-02-01

Niels Heinen has reported a vulnerability in newsfetch, which can be
exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/14094/

 --

[SA14092] Newspost "socket_getline()" Buffer Overflow Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      System access
Released:    2005-02-01

Niels Heinen has reported a vulnerability in Newspost, which can be
exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/14092/

 --

[SA14069] Gentoo update for gallery

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-01-31

Gentoo has issued an update for gallery. This fixes a vulnerability,
which can be exploited by malicious people to conduct cross-site
scripting attacks.

Full Advisory:
http://secunia.com/advisories/14069/

 --

[SA14111] Mandrake update for ncpfs

Critical:    Less critical
Where:       From local network
Impact:      Privilege escalation, System access
Released:    2005-02-02

MandrakeSoft has issued an update for ncpfs. This fixes two
vulnerabilities and a potential issue, which can be exploited to
perform certain actions on a vulnerable system with escalated
privileges or potentially compromise a user's system.

Full Advisory:
http://secunia.com/advisories/14111/

 --

[SA14072] fprobe Weak Hash Functions Denial of Service

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2005-01-31

A vulnerability has been reported in fprobe, which potentially can be
exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/14072/

 --

[SA14071] Dante FD_SET Overflow Vulnerability

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2005-01-31

3APA3A has reported a vulnerability in Dante, which can be exploited by
malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/14071/

 --

[SA14070] Gentoo update for ncpfs

Critical:    Less critical
Where:       From local network
Impact:      Privilege escalation, System access
Released:    2005-01-31

Gentoo has issued an update for ncpfs, which fixes two vulnerabilities.
The first can be exploited by malicious, local users to perform certain
actions on a vulnerable system with escalated privileges, and the
second may potentially allow malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/14070/

 --

[SA14068] ncpfs Two Vulnerabilities

Critical:    Less critical
Where:       From local network
Impact:      Privilege escalation, System access
Released:    2005-01-31

Erik Sjolund has reported two vulnerabilities in ncpfs. The first can
be exploited by malicious, local users to perform certain actions on a
vulnerable system with escalated privileges, and the second may
potentially allow malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/14068/

 --

[SA14121] Debian cpio Incorrect File Permissions

Critical:    Less critical
Where:       Local system
Impact:      Manipulation of data, Exposure of sensitive information
Released:    2005-02-03

Debian has issued an update for cpio. This fixes a vulnerability, which
can be exploited by malicious, local users to disclose and manipulate
information.

Full Advisory:
http://secunia.com/advisories/14121/

 --

[SA14115] Mandrake update for vim

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-02-03

MandrakeSoft has issued an update for vim. This fixes some
vulnerabilities, which can be exploited by malicious, local users to
perform certain actions on a vulnerable system with escalated
privileges.

Full Advisory:
http://secunia.com/advisories/14115/

 --

[SA14108] Red Hat update for perl-DBI

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-02-02

Red Hat has issued an update for perl-DBI. This fixes a vulnerability,
which can be exploited by malicious, local users to perform certain
actions on a vulnerable system with escalated privileges.

Full Advisory:
http://secunia.com/advisories/14108/

 --

[SA14102] Gentoo update for firehol

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-02-02

Gentoo has issued an update for firehol. This fixes some
vulnerabilities, which can be exploited by malicious, local users to
perform certain actions on a vulnerable system with escalated
privileges.

Full Advisory:
http://secunia.com/advisories/14102/

 --

[SA14067] Gentoo update for f2c

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-01-31

Gentoo has issued an update for f2c. This fixes some vulnerabilities,
which can be exploited by malicious, local users to perform certain
actions on a vulnerable system with escalated privileges.

Full Advisory:
http://secunia.com/advisories/14067/

 --

[SA14066] Gentoo update for vdr

Critical:    Less critical
Where:       Local system
Impact:      Manipulation of data
Released:    2005-01-31

Gentoo has issued an update for vdr. This fixes a vulnerability, which
can be exploited by malicious, local users to manipulate sensitive
information.

Full Advisory:
http://secunia.com/advisories/14066/

 --

[SA14052] Debian update for f2c

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-01-28

Debian has issued an update for f2c. This fixes some vulnerabilities,
which can be exploited by malicious, local users to perform certain
actions on a vulnerable system with escalated privileges.

Full Advisory:
http://secunia.com/advisories/14052/


Other:--

[SA14122] Cisco IP/VC 3500 Series Hard-Coded SNMP Community Strings

Critical:    Moderately critical
Where:       From local network
Impact:      Manipulation of data, Exposure of system information,
Exposure of sensitive information
Released:    2005-02-03

A security issue has been reported in some Cisco IP/VC
Videoconferencing System models, which can be exploited by malicious
people to read or manipulate configuration information.

Full Advisory:
http://secunia.com/advisories/14122/

 --

[SA14060] Ingate Firewall Active Blocked PPTP Tunnel Security Issue

Critical:    Less critical
Where:       From local network
Impact:      Security Bypass
Released:    2005-01-28

Neil Watson has reported a security issue in Ingate Firewall, which may
allow PPTP users to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/14060/


Cross Platform:--

[SA14124] Mambo Global Variables Security Bypass Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2005-02-03

A vulnerability has been reported in Mambo, which can be exploited by
malicious people to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/14124/

 --

[SA14064] Xoops Incontent Module Arbitrary File Content Disclosure

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of sensitive information
Released:    2005-01-31

Larok has reported a vulnerability in the Incontent module for Xoops,
which can be exploited by malicious people to disclose sensitive
information.

Full Advisory:
http://secunia.com/advisories/14064/

 --

[SA14090] PHP-Fusion "forum_search.php" Information Disclosure

Critical:    Less critical
Where:       From remote
Impact:      Exposure of sensitive information
Released:    2005-02-02

TheGreatOne2176 has discovered a vulnerability in PHP-Fusion, which can
be exploited by malicious people to disclose potentially sensitive
information.

Full Advisory:
http://secunia.com/advisories/14090/

 --

[SA14074] JShop Server "xProd" and "xSec" Parameters Cross-Site
Scripting

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-01-31

SmOk3 has reported a vulnerability in JShop Server, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/14074/

 --

[SA14076] Squid WCCP Message Handling Buffer Overflow Vulnerability

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2005-01-31

FSC Vulnerability Research Team has reported a vulnerability in Squid,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/14076/



========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Subscribe:
http://secunia.com/secunia_weekly_summary/

Contact details:
Web	: http://secunia.com/
E-mail	: support at secunia.com
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45





More information about the ISN mailing list