[ISN] Secunia Weekly Summary - Issue: 2005-21
InfoSec News
isn at c4i.org
Thu May 26 13:11:19 EDT 2005
========================================================================
The Secunia Weekly Advisory Summary
2005-05-19 - 2005-05-26
This week : 48 advisories
========================================================================
Table of Contents:
1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing
========================================================================
1) Word From Secunia:
The Secunia staff is spending hours every day to assure you the best
and most reliable source for vulnerability information. Every single
vulnerability report is being validated and verified before a Secunia
advisory is written.
Secunia validates and verifies vulnerability reports in many different
ways e.g. by downloading the software and performing comprehensive
tests, by reviewing source code, or by validating the credibility of
the source from which the vulnerability report was issued.
As a result, Secunia's database is the most correct and complete source
for recent vulnerability information available on the Internet.
Secunia Online Vulnerability Database:
http://secunia.com/
========================================================================
2) This Week in Brief:
Alex Wheeler has reported a vulnerability in various Computer
Associates and Zonelabs products, which can be exploited by malicious
people to compromise a vulnerable system.
Users of Computer Associates and Zonelabs products are advised to
review referenced Secunia advisories, to ensure that your systems are
updated.
Reference:
http://secunia.com/SA15470
http://secunia.com/SA15479
--
Apple has issued a security update for Mac OS X v10.4, which fixes
various vulnerabilities.
Refer to Secunia advisory below for details.
Reference:
http://secunia.com/SA15436
VIRUS ALERTS:
Secunia has not issued any virus alerts during the week.
========================================================================
3) This Weeks Top Ten Most Read Advisories:
1. [SA15292] Mozilla Firefox Two Vulnerabilities
2. [SA15470] CA Multiple Products Vet Antivirus Engine Buffer Overflow
3. [SA15479] Zonelabs ZoneAlarm Vet Antivirus Engine Buffer Overflow
4. [SA15422] D-Link DSL Routers "firmwarecfg" Authentication Bypass
5. [SA12758] Microsoft Word Document Parsing Buffer Overflow
Vulnerabilities
6. [SA15436] Mac OS X Update Fixes Multiple Vulnerabilities
7. [SA15472] Cisco Various Products Compressed DNS Messages Denial of
Service
8. [SA15486] BEA WebLogic Multiple Vulnerabilities
9. [SA15393] Cisco Various Products TCP Timestamp Denial of Service
10. [SA14163] Mozilla Products IDN Spoofing Security Issue
========================================================================
4) Vulnerabilities Summary Listing
Windows:
[SA15483] IMail Server Multiple Vulnerabilities
[SA15482] Warrior Kings Denial of Service and Format String
Vulnerabilities
[SA15479] Zonelabs ZoneAlarm Vet Antivirus Engine Buffer Overflow
[SA15470] CA Multiple Products Vet Antivirus Engine Buffer Overflow
[SA15501] Halo: Combat Evolved Denial of Service Vulnerability
[SA15494] FunkyASP AD System "password" SQL Injection Vulnerability
[SA15493] Active News Manager Username and Password SQL Injection
[SA15469] NewsletterEz "Password" SQL Injection Vulnerability
[SA15443] JiRo's Statistics System "Password" SQL Injection
Vulnerability
UNIX/Linux:
[SA15504] Red Hat update for lesstif
[SA15502] Red Hat update for ethereal
[SA15461] Red Hat update for firefox
[SA15464] Red Hat update for mozilla
[SA15462] Debian update for libconvert-uulib-perl
[SA15456] WebAPP APage Module Unspecified Vulnerability
[SA15451] gxine HTTP URL Hostname Format String Vulnerability
[SA15448] Cookie Cart Exposure of Order Notifications and Passwords
[SA15440] Red Hat update for evolution
[SA15439] Debian update for oops
[SA15468] Picasm Error Handling Buffer Overflow Vulnerability
[SA15466] Solaris in.ftpd Wildcard Denial of Service Vulnerability
[SA15454] GNOME gedit Filename Format String Vulnerability
[SA15447] bzip2 Decompression Denial of Service Vulnerability
[SA15485] Fedora update for openssl
[SA15484] Fedora update for openssl096b
[SA15480] Fedora update for kernel
[SA15478] Gentoo update for qpopper
[SA15476] Gentoo update for net-snmp
[SA15475] Qpopper Privilege Escalation Vulnerabilities
[SA15473] Iron Bars SHell Format String Vulnerability
[SA15471] Net-snmp fixproc Insecure Temporary File Creation
[SA15467] Gentoo update for gdb
[SA15460] Ubuntu update for kernel
[SA15457] Linux Kernel Hyper-Threading Support Information Disclosure
[SA15449] GDB Integer Overflow and Insecure Initialisation File
Handling
[SA15445] Gentoo webapp-config Insecure Temporary File Creation
[SA15444] Debian update for ppxp
[SA15455] Ubuntu update for imagemagick
[SA15453] Gentoo update for imagemagick/graphicsmagick
[SA15446] GraphicsMagick XWD Decoding Denial of Service Vulnerability
Other:
[SA15472] Cisco Various Products Compressed DNS Messages Denial of
Service
[SA15463] ZyXEL ZyNOS Fragmented IP Packets Denial of Service
Cross Platform:
[SA15486] BEA WebLogic Multiple Vulnerabilities
[SA15458] PortailPHP "id" SQL Injection Vulnerability
[SA15450] PostNuke Multiple Vulnerabilities
[SA15465] Sambar Server Cross-Site Scripting Vulnerabilities
[SA15459] PHPMyCart Multiple Cross-Site Scripting Vulnerabilities
[SA15452] Blue Coat Reporter Multiple Vulnerabilities
========================================================================
5) Vulnerabilities Content Listing
Windows:--
[SA15483] IMail Server Multiple Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: Exposure of system information, Exposure of sensitive
information, DoS, System access
Released: 2005-05-24
Multiple vulnerabilities have been reported in IMail Server, which can
be exploited to gain knowledge of sensitive information, cause a DoS
(Denial of Service), or compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/15483/
--
[SA15482] Warrior Kings Denial of Service and Format String
Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: DoS, System access
Released: 2005-05-24
Luigi Auriemma has reported two vulnerabilities in Warrior Kings and
Warrior Kings: Battle, which can be exploited by malicious people to
cause a DoS (Denial of Service) and potentially compromise a vulnerable
system.
Full Advisory:
http://secunia.com/advisories/15482/
--
[SA15479] Zonelabs ZoneAlarm Vet Antivirus Engine Buffer Overflow
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2005-05-24
Alex Wheeler has reported a vulnerability in ZoneAlarm Security Suite
and ZoneAlarm Antivirus, which can be exploited by malicious people to
compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/15479/
--
[SA15470] CA Multiple Products Vet Antivirus Engine Buffer Overflow
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2005-05-24
Alex Wheeler has reported a vulnerability in various Computer
Associates products, which can be exploited by malicious people to
compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/15470/
--
[SA15501] Halo: Combat Evolved Denial of Service Vulnerability
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2005-05-25
Luigi Auriemma has reported a vulnerability in Halo: Combat Evolved,
which can be exploited by malicious people to cause a DoS (Denial of
Service).
Full Advisory:
http://secunia.com/advisories/15501/
--
[SA15494] FunkyASP AD System "password" SQL Injection Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2005-05-25
Romty has reported a vulnerability in FunkyASP AD System, which can be
exploited by malicious people to conduct SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/15494/
--
[SA15493] Active News Manager Username and Password SQL Injection
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2005-05-25
Romty has reported a vulnerability in Active News Manager, which can be
exploited by malicious people to conduct SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/15493/
--
[SA15469] NewsletterEz "Password" SQL Injection Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2005-05-24
Romty has reported a vulnerability in NewsletterEz, which can be
exploited by malicious people to conduct SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/15469/
--
[SA15443] JiRo's Statistics System "Password" SQL Injection
Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2005-05-23
dj romty has reported a vulnerability in JiRo's Statistics System,
which can be exploited by malicious people to conduct SQL injection
attacks.
Full Advisory:
http://secunia.com/advisories/15443/
UNIX/Linux:--
[SA15504] Red Hat update for lesstif
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2005-05-25
Red Hat has issued an update for lesstif. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
vulnerable system.
Full Advisory:
http://secunia.com/advisories/15504/
--
[SA15502] Red Hat update for ethereal
Critical: Highly critical
Where: From remote
Impact: DoS, System access
Released: 2005-05-25
Red Hat has issued an update for ethereal. This fixes multiple
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service) or compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/15502/
--
[SA15461] Red Hat update for firefox
Critical: Highly critical
Where: From remote
Impact: Cross Site Scripting, System access
Released: 2005-05-23
Red Hat has issued an update for firefox. This fixes two
vulnerabilities, which can be exploited by malicious people to conduct
cross-site scripting attacks and compromise a user's system.
Full Advisory:
http://secunia.com/advisories/15461/
--
[SA15464] Red Hat update for mozilla
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting
Released: 2005-05-23
Red Hat has issued an update for mozilla. This fixes a vulnerability,
which can be exploited by malicious people to conduct cross-site
scripting attacks.
Full Advisory:
http://secunia.com/advisories/15464/
--
[SA15462] Debian update for libconvert-uulib-perl
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2005-05-23
Debian has issued an update for libconvert-uulib-perl. This fixes a
vulnerability, which potentially can be exploited by malicious people
to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/15462/
--
[SA15456] WebAPP APage Module Unspecified Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Unknown
Released: 2005-05-23
A vulnerability with an unknown impact has been reported in the APage
module for WebAPP.
Full Advisory:
http://secunia.com/advisories/15456/
--
[SA15451] gxine HTTP URL Hostname Format String Vulnerability
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2005-05-23
jsk:exworm has reported a vulnerability in gxine, which potentially can
be exploited by malicious people to compromise a user's system.
Full Advisory:
http://secunia.com/advisories/15451/
--
[SA15448] Cookie Cart Exposure of Order Notifications and Passwords
Critical: Moderately critical
Where: From remote
Impact: Exposure of sensitive information, Exposure of system
information
Released: 2005-05-23
SoulBlack Security Research has reported a security issue in Cookie
Cart, which can be exploited by malicious people to disclose system and
sensitive information.
Full Advisory:
http://secunia.com/advisories/15448/
--
[SA15440] Red Hat update for evolution
Critical: Moderately critical
Where: From remote
Impact: Privilege escalation, System access
Released: 2005-05-20
Red Hat has issued an update for evolution. This fixes a vulnerability,
which can be exploited by malicious people to compromise a user's system
or by malicious, local users to gain escalated privileges.
Full Advisory:
http://secunia.com/advisories/15440/
--
[SA15439] Debian update for oops
Critical: Moderately critical
Where: From local network
Impact: System access
Released: 2005-05-20
Debian has issued an update for oops. This fixes a vulnerability, which
potentially can be exploited by malicious people to compromise a
vulnerable system.
Full Advisory:
http://secunia.com/advisories/15439/
--
[SA15468] Picasm Error Handling Buffer Overflow Vulnerability
Critical: Less critical
Where: From remote
Impact: System access
Released: 2005-05-23
Shaun Colley has reported a vulnerability in Picasm, which can be
exploited by malicious people to compromise a user's system.
Full Advisory:
http://secunia.com/advisories/15468/
--
[SA15466] Solaris in.ftpd Wildcard Denial of Service Vulnerability
Critical: Less critical
Where: From remote
Impact: DoS
Released: 2005-05-23
Sun Microsystems has acknowledged a vulnerability in Solaris, which can
be exploited by malicious users to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/15466/
--
[SA15454] GNOME gedit Filename Format String Vulnerability
Critical: Less critical
Where: From remote
Impact: System access
Released: 2005-05-24
jsk:exworm has reported a vulnerability in gedit, which potentially can
be exploited by malicious people to compromise a user's system.
Full Advisory:
http://secunia.com/advisories/15454/
--
[SA15447] bzip2 Decompression Denial of Service Vulnerability
Critical: Less critical
Where: From remote
Impact: DoS
Released: 2005-05-23
Chris Evans has reported a vulnerability in bzip2, which can be
exploited by malicious people to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/15447/
--
[SA15485] Fedora update for openssl
Critical: Less critical
Where: Local system
Impact: Exposure of sensitive information, Privilege escalation
Released: 2005-05-24
Fedora has issued an update for openssl. This fixes two
vulnerabilities, which can be exploited by malicious, local users to
gain knowledge of sensitive information or perform certain actions with
escalated privileges.
Full Advisory:
http://secunia.com/advisories/15485/
--
[SA15484] Fedora update for openssl096b
Critical: Less critical
Where: Local system
Impact: Exposure of sensitive information
Released: 2005-05-24
Fedora has issued an update for openssl096b. This fixes a
vulnerability, which can be exploited by malicious, local users to gain
knowledge of sensitive information.
Full Advisory:
http://secunia.com/advisories/15484/
--
[SA15480] Fedora update for kernel
Critical: Less critical
Where: Local system
Impact: DoS, Privilege escalation
Released: 2005-05-24
Fedora has issued an update for the kernel. This fixes some
vulnerabilities, which can be exploited by malicious, local users to
cause a DoS (Denial of Service) or gain escalated privileges.
Full Advisory:
http://secunia.com/advisories/15480/
--
[SA15478] Gentoo update for qpopper
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2005-05-24
Gentoo has issued an update for qpopper. This fixes two
vulnerabilities, which can be exploited by malicious, local users to
perform certain actions on a vulnerable system with escalated
privileges.
Full Advisory:
http://secunia.com/advisories/15478/
--
[SA15476] Gentoo update for net-snmp
Critical: Less critical
Where: Local system
Impact: Manipulation of data, Privilege escalation
Released: 2005-05-24
Gentoo has issued an update for net-snmp. This fixes a vulnerability,
which can be exploited by malicious, local users to perform certain
actions on a vulnerable system with escalated privileges.
Full Advisory:
http://secunia.com/advisories/15476/
--
[SA15475] Qpopper Privilege Escalation Vulnerabilities
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2005-05-24
Two vulnerabilities have been reported in Qpopper, which can be
exploited by malicious, local users to perform certain actions with
escalated privileges.
Full Advisory:
http://secunia.com/advisories/15475/
--
[SA15473] Iron Bars SHell Format String Vulnerability
Critical: Less critical
Where: Local system
Impact: Security Bypass, Privilege escalation
Released: 2005-05-24
A vulnerability has been reported in Iron Bars SHell, which can be
exploited by malicious, local users to bypass certain security
restrictions.
Full Advisory:
http://secunia.com/advisories/15473/
--
[SA15471] Net-snmp fixproc Insecure Temporary File Creation
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2005-05-24
Eric Romang has reported a vulnerability in Net-snmp, which can be
exploited by malicious, local users to perform certain actions on a
vulnerable system with escalated privileges.
Full Advisory:
http://secunia.com/advisories/15471/
--
[SA15467] Gentoo update for gdb
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2005-05-23
Gentoo has issued an update for gdb. This fixes some vulnerabilities,
which potentially can be exploited by malicious, local users to gain
escalated privileges.
Full Advisory:
http://secunia.com/advisories/15467/
--
[SA15460] Ubuntu update for kernel
Critical: Less critical
Where: Local system
Impact: Exposure of sensitive information, Privilege escalation,
DoS
Released: 2005-05-23
Ubuntu has issued an update for the kernel. This fixes multiple
vulnerabilities, which can be exploited by malicious, local users to
gain knowledge of sensitive information, cause a DoS (Denial of
Service), or gain escalated privileges.
Full Advisory:
http://secunia.com/advisories/15460/
--
[SA15457] Linux Kernel Hyper-Threading Support Information Disclosure
Critical: Less critical
Where: Local system
Impact: Exposure of sensitive information
Released: 2005-05-23
A vulnerability has been reported in the Linux Kernel, which can be
exploited by malicious, local users to gain knowledge of sensitive
information.
Full Advisory:
http://secunia.com/advisories/15457/
--
[SA15449] GDB Integer Overflow and Insecure Initialisation File
Handling
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2005-05-23
Tavis Ormandy has reported two vulnerabilities in GDB, which
potentially can be exploited by malicious, local users to gain
escalated privileges.
Full Advisory:
http://secunia.com/advisories/15449/
--
[SA15445] Gentoo webapp-config Insecure Temporary File Creation
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2005-05-23
Eric Romang has reported a vulnerability in webapp-config, which can be
exploited by malicious, local users to perform certain actions with
escalated privileges.
Full Advisory:
http://secunia.com/advisories/15445/
--
[SA15444] Debian update for ppxp
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2005-05-20
Debian has issued an update for ppxp. This fixes a vulnerability, which
can be exploited by malicious, local users to gain escalated
privileges.
Full Advisory:
http://secunia.com/advisories/15444/
--
[SA15455] Ubuntu update for imagemagick
Critical: Not critical
Where: From remote
Impact: DoS
Released: 2005-05-23
Ubuntu has issued an update for imagemagick. This fixes two
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/15455/
--
[SA15453] Gentoo update for imagemagick/graphicsmagick
Critical: Not critical
Where: From remote
Impact: DoS
Released: 2005-05-23
Gentoo has issued updates for imagemagick and graphicsmagick. These fix
a weakness, which can be exploited by malicious people to cause a DoS
(Denial of Service).
Full Advisory:
http://secunia.com/advisories/15453/
--
[SA15446] GraphicsMagick XWD Decoding Denial of Service Vulnerability
Critical: Not critical
Where: From remote
Impact: DoS
Released: 2005-05-23
Tavis Ormandy has reported a weakness in GraphicsMagick, which can be
exploited by malicious people to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/15446/
Other:--
[SA15472] Cisco Various Products Compressed DNS Messages Denial of
Service
Critical: Less critical
Where: From remote
Impact: DoS
Released: 2005-05-24
A vulnerability has been reported in various Cisco products, which can
be exploited by malicious people to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/15472/
--
[SA15463] ZyXEL ZyNOS Fragmented IP Packets Denial of Service
Critical: Not critical
Where: From local network
Impact: DoS
Released: 2005-05-24
Federico Kirschbaum has reported a vulnerability in ZyXEL ZyNOS, which
can be exploited by malicious people to cause a DoS (Denial of
Service).
Full Advisory:
http://secunia.com/advisories/15463/
Cross Platform:--
[SA15486] BEA WebLogic Multiple Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Security Bypass, Cross Site Scripting, Exposure of system
information, Exposure of sensitive information, DoS
Released: 2005-05-24
Multiple vulnerabilities have been reported in WebLogic, where the most
critical can be exploited by malicious people to disclose sensitive
information and cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/15486/
--
[SA15458] PortailPHP "id" SQL Injection Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2005-05-24
Censored has reported a vulnerability in PortailPHP, which can be
exploited by malicious people to conduct SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/15458/
--
[SA15450] PostNuke Multiple Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting, Manipulation of data, Exposure of
sensitive information
Released: 2005-05-23
Maksymilian Arciemowicz has reported some vulnerabilities in PostNuke,
which can be exploited by malicious people to conduct cross-site
scripting and SQL injection attacks, and disclose sensitive
information.
Full Advisory:
http://secunia.com/advisories/15450/
--
[SA15465] Sambar Server Cross-Site Scripting Vulnerabilities
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2005-05-23
Jamie Fisher has reported some vulnerabilities in Sambar Server, which
can be exploited by malicious people to conduct cross-site scripting
attacks.
Full Advisory:
http://secunia.com/advisories/15465/
--
[SA15459] PHPMyCart Multiple Cross-Site Scripting Vulnerabilities
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2005-05-23
mircia and Talte Security have reported some vulnerabilities in
PHPMyCart, which can be exploited by malicious people to conduct
cross-site scripting attacks.
Full Advisory:
http://secunia.com/advisories/15459/
--
[SA15452] Blue Coat Reporter Multiple Vulnerabilities
Critical: Less critical
Where: From remote
Impact: Security Bypass, Cross Site Scripting, Privilege
escalation
Released: 2005-05-23
Oliver Karow has reported some vulnerabilities in Blue Coat Reporter,
which can be exploited by to conduct cross-site scripting and script
insertion attacks, bypass certain security restrictions, or gain
escalated privileges.
Full Advisory:
http://secunia.com/advisories/15452/
========================================================================
Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Subscribe:
http://secunia.com/secunia_weekly_summary/
Contact details:
Web : http://secunia.com/
E-mail : support at secunia.com
Tel : +45 70 20 51 44
Fax : +45 70 20 51 45
More information about the ISN
mailing list