[ISN] Secunia Weekly Summary - Issue: 2005-47

InfoSec News isn at c4i.org
Mon Nov 28 03:36:52 EST 2005


========================================================================

                  The Secunia Weekly Advisory Summary                  
                        2005-11-17 - 2005-11-24                        

                       This week : 73 advisories                       

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing

========================================================================
1) Word From Secunia:

The Secunia staff is spending hours every day to assure you the best
and most reliable source for vulnerability information. Every single 
vulnerability report is being validated and verified before a Secunia
advisory is written.

Secunia validates and verifies vulnerability reports in many different
ways e.g. by downloading the software and performing comprehensive
tests, by reviewing source code, or by validating the credibility of
the source from which the vulnerability report was issued.

As a result, Secunia's database is the most correct and complete source
for recent vulnerability information available on the Internet.

Secunia Online Vulnerability Database:
http://secunia.com/

========================================================================
2) This Week in Brief:

Secunia has issued a rare Extremely Critical alert regarding a
vulnerability in Internet Explorer. 

The vulnerability, which was first disclosed 6 months ago was only
believed to be a Denial of Service weakness, however, additional
research has shown that this vulnerability can be exploited to execute
arbitrary code on a vulnerable system.

Based on this and the fact that Proof of Concept exploit code has been
released, Secunia issued an Extremely Critical alert.

More details can be found in the referenced Secunia advisory below.

Reference:
http://secunia.com/SA15546

--

Secunia Research has discovered a vulnerability in Opera, which can be
exploited by malicious people to compromise a user's system.

This vulnerability can only be exploited on Unix / Linux based
environments.

Reference:
http://secunia.com/SA16907


VIRUS ALERTS:

During the last week, Secunia issued 1 MEDIUM RISK and 1 HIGH RISK
virus alert.
Please refer to the grouped virus profiles below for more information:

Sober.X - HIGH RISK Virus Alert - 2005-11-23 11:46 GMT+1
http://secunia.com/virus_information/23836/sober.x/

Sober.X - MEDIUM RISK Virus Alert - 2005-11-22 16:24 GMT+1
http://secunia.com/virus_information/23836/sober.x/

========================================================================
3) This Weeks Top Ten Most Read Advisories:

1.  [SA15546] Microsoft Internet Explorer "window()" Arbitrary Code
              Execution Vulnerability
2.  [SA16907] Opera Command Line URL Shell Command Injection
3.  [SA17437] Opera Macromedia Flash Player SWF Arbitrary Code
              Execution
4.  [SA17610] Sony CD First4Internet XCP Uninstallation ActiveX Control
              Vulnerability
5.  [SA17430] Macromedia Flash Player SWF File Handling Arbitrary Code
              Execution
6.  [SA17565] Internet Explorer Image Control Status Bar Spoofing
              Weakness
7.  [SA17622] Mambo "register_globals" Emulation Layer Overwrite
              Vulnerability
8.  [SA17571] Opera Image Control Status Bar Spoofing Weakness
9.  [SA17639] Sony CD SunnComm MediaMax Uninstallation ActiveX Control
              Vulnerability
10. [SA15601] Mozilla / Mozilla Firefox Frame Injection Vulnerability

========================================================================
4) Vulnerabilities Summary Listing

Windows:
[SA17639] Sony CD SunnComm MediaMax Uninstallation ActiveX Control
Vulnerability
[SA17667] NetObjects Fusion Potential Information Disclosure
Vulnerability
[SA17652] e-Quick Cart SQL Injection Vulnerabilities
[SA17650] Cerberus FTP Server Denial of Service Vulnerability
[SA17640] Eudora WorldMail IMAP Server Directory Traversal
Vulnerability
[SA17635] Hitachi Groupmax Mail Denial of Service Vulnerability
[SA17634] Hitachi Products Cross-Site Scripting and Denial of Service
[SA17633] MailEnable Buffer Overflow and Directory Traversal
Vulnerabilities
[SA17696] Ezyhelpdesk Multiple SQL Injection Vulnerabilities

UNIX/Linux:
[SA17645] SCO OpenServer update for Multiple Packages
[SA17666] Trustix update for multiple packages
[SA17657] Mandriva update for gdk-pixbuf
[SA17654] Debian update for mantis
[SA17710] Avaya Products GdkPixbuf XPM Image Multiple Vulnerabilities
[SA17703] Horde MIME Viewers Script Insertion Vulnerabilities
[SA17698] Gentoo update for phpsysinfo
[SA17686] PHP Labs Survey Wizard "sid" SQL Injection Vulnerability
[SA17680] Fedora update for openswan
[SA17679] Ubuntu update for netpbm
[SA17678] Debian update for sylpheed
[SA17671] Debian update for netpbm-free
[SA17668] IPsec-Tools ISAKMP IKE Message Processing Denial of Service
[SA17662] Ubuntu update for inkscape
[SA17656] Debian update for gnump3d
[SA17647] GNUMP3d Insecure Temporary File Creation and Directory
Traversal
[SA17646] Gentoo update for gnump3d
[SA17643] Debian update for egroupware
[SA17632] Astaro WebAdmin SSL 2.0 Rollback and PPTP Denial of Service
[SA17704] VHCS Error Page Cross-Site Scripting and Domain Forward
Hijack
[SA17702] Gentoo update for horde
[SA17648] Ubuntu update for kernel
[SA17699] Gentoo eix Insecure Temporary File Creation
[SA17695] Gentoo update for fuse
[SA17691] FUSE "fusermount" Mountpoint Handling Vulnerability
[SA17682] Debian update for ipmenu
[SA17661] Fedora update for perl
[SA17637] Debian update for xmail
[SA17636] Gentoo update for smb4k
[SA17631] Debian update for fetchmail
[SA17630] WHM AutoPilot "c" Cancel Hosting Security Bypass
Vulnerability
[SA17653] Debian update for unzip

Other:
[SA17644] Google Mini Search Appliance Multiple Vulnerabilities
[SA17629] UTStarcom F1000 Wi-Fi Handset Multiple Vulnerabilities
[SA17628] Hitachi WirelessIP5000 IP Phone Multiple Vulnerabilities
[SA17670] Cisco PIX Spoofed TCP SYN Packets Denial of Service

Cross Platform:
[SA17674] FreeMED XML_RPC PHP Code Execution Vulnerability
[SA17706] PHP-Post Cross-Site Scripting and Script Insertion
Vulnerabilities
[SA17697] Omnistar Live SQL Injection Vulnerabilities
[SA17694] WSN Forum "id" SQL Injection Vulnerability
[SA17692] Tunez SQL Injection and Cross-Site Scripting Vulnerabilities
[SA17690] AFFCommerce Shopping Cart Multiple SQL Injection
Vulnerabilities
[SA17687] PHP Labs Top Auction SQL Injection Vulnerabilities
[SA17685] OTRS SQL Injection and Cross-Site Scripting Vulnerabilities
[SA17684] Symantec Firewall/VPN/Gateway ISAKMP Message Processing
Denial of Service
[SA17683] 1-2-3 Music Store "AlbumID" SQL Injection Vulnerability
[SA17675] Joomla! SQL Injection and Cross-Site Scripting
Vulnerabilities
[SA17665] CommodityRentals "user_id" SQL Injection Vulnerability
[SA17664] PHP-Fusion SQL Injection Vulnerabilities
[SA17660] phpComasy "id" SQL Injection Vulnerability
[SA17659] Jetty JSP Source Code Disclosure Vulnerability
[SA17658] IBM WebSphere Application Server for z/OS Double-Free
Vulnerability
[SA17651] Inkspace SVG Importer Buffer Overflow Vulnerability
[SA17649] phpMyFAQ "add content" Script Insertion Vulnerabilities
[SA17642] XMB "Your Current Mood" Script Insertion Vulnerability
[SA17641] Novell NetMail IMAP Buffer Overflow Vulnerability
[SA17638] Nuke ET "query" SQL Injection Vulnerability
[SA17707] PmWiki "q" Cross-Site Scripting Vulnerability
[SA17689] kPlaylist "searchfor" Cross-Site Scripting Vulnerability
[SA17681] IPUpdate "memmcat" Buffer Overflow Vulnerability
[SA17677] Struts Error Message Cross-Site Scripting Vulnerability
[SA17669] Advanced Poll "popup.php" Cross-Site Scripting Vulnerability
[SA17655] Exponent CMS image gallery Module Script Insertion and Full
Path Disclosure
[SA17700] Novell ZENworks Remote-Diagnostics Access Control Weakness

========================================================================
5) Vulnerabilities Content Listing

Windows:--

[SA17639] Sony CD SunnComm MediaMax Uninstallation ActiveX Control
Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-11-18

J. Alex Halderman has reported a vulnerability in SunnComm MediaMax's
uninstallation ActiveX control, which potentially can be exploited by
malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/17639/

 --

[SA17667] NetObjects Fusion Potential Information Disclosure
Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of sensitive information
Released:    2005-11-23

A vulnerability has been reported in NetObjects Fusion, which can be
exploited by malicious people to disclose potentially sensitive
information.

Full Advisory:
http://secunia.com/advisories/17667/

 --

[SA17652] e-Quick Cart SQL Injection Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-11-21

BiPi_HaCk has reported some vulnerabilities in e-Quick Cart, which can
be exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/17652/

 --

[SA17650] Cerberus FTP Server Denial of Service Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2005-11-23

A vulnerability has been reported in Cerberus FTP Server, which
potentially can be exploited by malicious people to cause a DoS (Denial
of Service).

Full Advisory:
http://secunia.com/advisories/17650/

 --

[SA17640] Eudora WorldMail IMAP Server Directory Traversal
Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Exposure of sensitive information
Released:    2005-11-18

A vulnerability has been reported in Eudora WorldMail IMAP Server,
which can be exploited by malicious users to bypass certain security
restrictions and to gain access to potentially sensitive information.

Full Advisory:
http://secunia.com/advisories/17640/

 --

[SA17635] Hitachi Groupmax Mail Denial of Service Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2005-11-18

A vulnerability has been reported in Hitachi Groupmax Mail, which can
be exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/17635/

 --

[SA17634] Hitachi Products Cross-Site Scripting and Denial of Service

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, DoS
Released:    2005-11-18

Some vulnerabilities have been reported in various Hitachi products,
which can be exploited by malicious people to conduct cross-site
scripting attacks and cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/17634/

 --

[SA17633] MailEnable Buffer Overflow and Directory Traversal
Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-11-18

Secunia Research has discovered some vulnerabilities in Mail Enable
Professional/Enterprise, which can be exploited by malicious users to
cause a DoS (Denial of Service) and to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/17633/

 --

[SA17696] Ezyhelpdesk Multiple SQL Injection Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-11-23

r0t has reported some vulnerabilities in Ezyhelpdesk, which can be
exploited by malicious users to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/17696/


UNIX/Linux:--

[SA17645] SCO OpenServer update for Multiple Packages

Critical:    Extremely critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, Spoofing,
Manipulation of data, Exposure of system information, Exposure of
sensitive information, DoS, System access
Released:    2005-11-18

SCO has issued a maintenance pack for OpenServer. This fixes various
vulnerabilities in Mozilla, zip, libpng, zlib, libtiff, bzip2, openssh,
php, perl, gzip, CUPS, wu-ftpd, cdrecord and squid, which can be
exploited by malicious people to cause a DoS (Denial of Service), spoof
the content of websites, gain knowledge of potentially sensitive
information, conduct cross-site scripting attacks, bypass certain
security restrictions, manipulate certain data, or compromise a user's
system, and by malicious, local users to gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/17645/

 --

[SA17666] Trustix update for multiple packages

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, Privilege
escalation, DoS, System access
Released:    2005-11-22

Trustix has issued updates for multiple packages. These fix some
vulnerabilities, where the most critical ones can be exploited by
malicious people to bypass certain security restrictions, cause a DoS
(Denial of Service), and compromise a user's system or vulnerable
system.

Full Advisory:
http://secunia.com/advisories/17666/

 --

[SA17657] Mandriva update for gdk-pixbuf

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-11-21

Mandriva has issued an update for gdk-pixbuf. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service), and potentially to compromise a user's system
or vulnerable system.

Full Advisory:
http://secunia.com/advisories/17657/

 --

[SA17654] Debian update for mantis

Critical:    Highly critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data, Exposure of
sensitive information, System access
Released:    2005-11-22

Debian has issued an update for mantis. This fixes some
vulnerabilities, which can be exploited by malicious people to disclose
sensitive information, conduct cross-site scripting and SQL injection
attacks, and compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/17654/

 --

[SA17710] Avaya Products GdkPixbuf XPM Image Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-11-23

Avaya has acknowledged some vulnerabilities in various products, which
can be exploited by malicious people to cause a DoS (Denial of Service)
and potentially to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/17710/

 --

[SA17703] Horde MIME Viewers Script Insertion Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-11-23

Daniel Schreckling has reported some vulnerabilities in Horde, which
can be exploited by malicious people to conduct script insertion
attacks.

Full Advisory:
http://secunia.com/advisories/17703/

 --

[SA17698] Gentoo update for phpsysinfo

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data, Exposure of
sensitive information
Released:    2005-11-23

Gentoo has issued an update for phpsysinfo. This fixes a vulnerability,
which can be exploited by malicious people to manipulate certain
information.

Full Advisory:
http://secunia.com/advisories/17698/

 --

[SA17686] PHP Labs Survey Wizard "sid" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-11-23

r0t has reported a vulnerability in PHP Labs Survey Wizard, which can
be exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/17686/

 --

[SA17680] Fedora update for openswan

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2005-11-22

Fedora has issued an update for openswan. This fixes two
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/17680/

 --

[SA17679] Ubuntu update for netpbm

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-11-22

Ubuntu has issued an update for netpbm. This fixes two vulnerabilities,
which can be exploited by malicious people to cause a DoS (Denial of
Service) and potentially to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/17679/

 --

[SA17678] Debian update for sylpheed

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2005-11-23

Debian has issued an update for sylpheed. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
user's system.

Full Advisory:
http://secunia.com/advisories/17678/

 --

[SA17671] Debian update for netpbm-free

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-11-22

Debian has issued an update for netpbm-free. This fixes two
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service) and potentially to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/17671/

 --

[SA17668] IPsec-Tools ISAKMP IKE Message Processing Denial of Service

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2005-11-22

A vulnerability has been reported in IPsec-Tools, which can be
exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/17668/

 --

[SA17662] Ubuntu update for inkscape

Critical:    Moderately critical
Where:       From remote
Impact:      System access, DoS
Released:    2005-11-21

Ubuntu has issued an update for inkscape. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
user's system.

Full Advisory:
http://secunia.com/advisories/17662/

 --

[SA17656] Debian update for gnump3d

Critical:    Moderately critical
Where:       From remote
Impact:      Unknown, Privilege escalation
Released:    2005-11-21

Debian has issued an update for gnump3d. This fixes two
vulnerabilities, which can be exploited by malicious, local users to
perform certain actions on a vulnerable system with escalated
privileges, and by malicious people with an unknown impact.

Full Advisory:
http://secunia.com/advisories/17656/

 --

[SA17647] GNUMP3d Insecure Temporary File Creation and Directory
Traversal

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of sensitive information, Privilege escalation
Released:    2005-11-18

Ludwig Nussel has reported two vulnerabilities in GNUMP3d, which can be
exploited by malicious, local users to perform certain actions on a
vulnerable system with escalated privileges, and by malicious people to
disclose potentially sensitive information.

Full Advisory:
http://secunia.com/advisories/17647/

 --

[SA17646] Gentoo update for gnump3d

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of sensitive information, Privilege escalation
Released:    2005-11-21

Gentoo has issued an update for gnump3d. This fixes two
vulnerabilities, which can be exploited by malicious, local users to
perform certain actions on a vulnerable system with escalated
privileges, and by malicious people to disclose potentially sensitive
information.

Full Advisory:
http://secunia.com/advisories/17646/

 --

[SA17643] Debian update for egroupware

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, Manipulation of
data, Exposure of system information, Exposure of sensitive
information
Released:    2005-11-18

Debian has issued an update for egroupware. This fixes some
vulnerabilities, which can be exploited by malicious people to conduct
cross-site scripting attacks, manipulate certain information, and
bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/17643/

 --

[SA17632] Astaro WebAdmin SSL 2.0 Rollback and PPTP Denial of Service

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, DoS
Released:    2005-11-18

Astaro has issued an update for Astaro Security Linux. This fixes a
vulnerability, which potentially can be exploited by malicious people
to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/17632/

 --

[SA17704] VHCS Error Page Cross-Site Scripting and Domain Forward
Hijack

Critical:    Less critical
Where:       From remote
Impact:      Hijacking, Cross Site Scripting
Released:    2005-11-23

A vulnerability and a security issue have been reported in VHCS, which
can be exploited by malicious users to hijack other users' domain
forwards and by malicious people to conduct cross-site scripting
attacks.

Full Advisory:
http://secunia.com/advisories/17704/

 --

[SA17702] Gentoo update for horde

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-11-23

Gentoo has issued an update for horde. This fixes a vulnerability,
which can be exploited by malicious people to conduct cross-site
scripting attacks.

Full Advisory:
http://secunia.com/advisories/17702/

 --

[SA17648] Ubuntu update for kernel

Critical:    Less critical
Where:       From local network
Impact:      Security Bypass, Exposure of sensitive information, DoS
Released:    2005-11-22

Ubuntu has issued an update for the kernel. This fixes some
vulnerabilities, which potentially can be exploited by malicious, local
users to cause a DoS (Denial of Service) and to disclose certain
sensitive information, or by malicious people to disclose certain
sensitive information, bypass certain security restrictions, and to
cause a DoS.

Full Advisory:
http://secunia.com/advisories/17648/

 --

[SA17699] Gentoo eix Insecure Temporary File Creation

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-11-23

Eric Romang has reported a vulnerability in eix, which can be exploited
by malicious, local users to perform certain actions on a vulnerable
system with escalated privileges.

Full Advisory:
http://secunia.com/advisories/17699/

 --

[SA17695] Gentoo update for fuse

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-11-23

Gentoo has issued an update for fuse. This fixes a vulnerability, which
potentially can be exploited by malicious, local users to perform
certain actions on a vulnerable system with escalated privileges.

Full Advisory:
http://secunia.com/advisories/17695/

 --

[SA17691] FUSE "fusermount" Mountpoint Handling Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-11-23

Thomas Biege has reported a vulnerability in FUSE, which potentially
can be exploited by malicious, local users to perform certain actions
on a vulnerable system with escalated privileges.

Full Advisory:
http://secunia.com/advisories/17691/

 --

[SA17682] Debian update for ipmenu

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-11-23

Debian has issued an update for ipmenu. This fixes a vulnerability,
which can be exploited by malicious, local users to perform certain
actions on a vulnerable system with escalated privileges.

Full Advisory:
http://secunia.com/advisories/17682/

 --

[SA17661] Fedora update for perl

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-11-21

Fedora has issued an update for perl. This fixes some vulnerabilities,
which can be exploited by malicious, local users to perform certain
actions on a vulnerable system with escalated privileges.

Full Advisory:
http://secunia.com/advisories/17661/

 --

[SA17637] Debian update for xmail

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-11-21

Debian has issued an update for xmail. This fixes a vulnerability,
which can be exploited by malicious, local users to gain escalated
privileges.

Full Advisory:
http://secunia.com/advisories/17637/

 --

[SA17636] Gentoo update for smb4k

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-11-21

Gentoo has issued an update for smb4k. This fixes a vulnerability,
which can be exploited by malicious, local users to perform certain
actions on a vulnerable system with escalated privileges.

Full Advisory:
http://secunia.com/advisories/17636/

 --

[SA17631] Debian update for fetchmail

Critical:    Less critical
Where:       Local system
Impact:      Exposure of sensitive information
Released:    2005-11-18

Debian has issued an update for fetchmail. This fixes a vulnerability,
which can be exploited by malicious, local users to gain knowledge of
certain sensitive information.

Full Advisory:
http://secunia.com/advisories/17631/

 --

[SA17630] WHM AutoPilot "c" Cancel Hosting Security Bypass
Vulnerability

Critical:    Not critical
Where:       From remote
Impact:      Security Bypass
Released:    2005-11-18

Agna Zilchi has discovered a vulnerability in WHM AutoPilot, which can
be exploited by malicious users to bypass certain security
restrictions.

Full Advisory:
http://secunia.com/advisories/17630/

 --

[SA17653] Debian update for unzip

Critical:    Not critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-11-21

Debian has issued an update for unzip. This fixes a vulnerability,
which can be exploited by malicious, local users to perform certain
actions on a vulnerable system with escalated privileges.

Full Advisory:
http://secunia.com/advisories/17653/


Other:--

[SA17644] Google Mini Search Appliance Multiple Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      Cross Site Scripting, System access
Released:    2005-11-21

H D Moore has reported some vulnerabilities in Google Mini Search
Appliance, which can be exploited by malicious people to conduct
cross-site scripting attacks and potentially to compromise a vulnerable
appliance.

Full Advisory:
http://secunia.com/advisories/17644/

 --

[SA17629] UTStarcom F1000 Wi-Fi Handset Multiple Vulnerabilities

Critical:    Less critical
Where:       From local network
Impact:      Manipulation of data, Exposure of system information, DoS
Released:    2005-11-17

Shawn Merdinger has reported some vulnerabilities in UTStarcom F1000
Wi-Fi Handset, which can be exploited by malicious people to gain
access to potentially sensitive information, to modify certain
information, and to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/17629/

 --

[SA17628] Hitachi WirelessIP5000 IP Phone Multiple Vulnerabilities

Critical:    Less critical
Where:       From local network
Impact:      Manipulation of data, Exposure of system information,
Exposure of sensitive information, DoS
Released:    2005-11-17

Shawn Merdinger has reported some vulnerabilities in Hitachi
WirelessIP5000, which can be exploited by malicious people to gain
access to potentially sensitive information, to modify certain
information, and to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/17628/

 --

[SA17670] Cisco PIX Spoofed TCP SYN Packets Denial of Service

Critical:    Not critical
Where:       From remote
Impact:      DoS
Released:    2005-11-23

Konstantin V. Gavrilenko has reported a vulnerability in Cisco PIX,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/17670/


Cross Platform:--

[SA17674] FreeMED XML_RPC PHP Code Execution Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-11-23

A vulnerability has been reported in FreeMED, which can be exploited by
malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/17674/

 --

[SA17706] PHP-Post Cross-Site Scripting and Script Insertion
Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-11-23

trueend5 has discovered some vulnerabilities in PHP-Post, which can be
exploited by malicious people to conduct cross-site scripting and
script insertion attacks.

Full Advisory:
http://secunia.com/advisories/17706/

 --

[SA17697] Omnistar Live SQL Injection Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-11-23

r0t has reported some vulnerabilities in Omnistar Live, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/17697/

 --

[SA17694] WSN Forum "id" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-11-23

r0t has discovered a vulnerability in WSN Forum, which can be exploited
by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/17694/

 --

[SA17692] Tunez SQL Injection and Cross-Site Scripting Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data
Released:    2005-11-23

r0t has discovered two vulnerabilities in Tunez, which can be exploited
by malicious people to conduct cross-site scripting and SQL injection
attacks.

Full Advisory:
http://secunia.com/advisories/17692/

 --

[SA17690] AFFCommerce Shopping Cart Multiple SQL Injection
Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-11-23

r0t has reported some vulnerabilities in AFFCommerce Shopping Cart,
which can be exploited by malicious people to conduct SQL injection
attacks.

Full Advisory:
http://secunia.com/advisories/17690/

 --

[SA17687] PHP Labs Top Auction SQL Injection Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-11-23

r0t has reported some vulnerabilities in PHP Labs Top Auction, which
can be exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/17687/

 --

[SA17685] OTRS SQL Injection and Cross-Site Scripting Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data
Released:    2005-11-23

Some vulnerabilities have been reported in OTRS (Open Ticket Request
System), which can be exploited by malicious people to conduct SQL
injection, script insertion, and cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/17685/

 --

[SA17684] Symantec Firewall/VPN/Gateway ISAKMP Message Processing
Denial of Service

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2005-11-22

Symantec has acknowledged a vulnerability in various Symantec products,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/17684/

 --

[SA17683] 1-2-3 Music Store "AlbumID" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-11-23

r0t has reported a vulnerability in 1-2-3 Music Store, which can be
exploited by malicious people to conduct SQL  injection attacks.

Full Advisory:
http://secunia.com/advisories/17683/

 --

[SA17675] Joomla! SQL Injection and Cross-Site Scripting
Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data
Released:    2005-11-22

Some vulnerabilities have been reported in Joomla!, which can be
exploited by malicious people to conduct SQL injection or cross-site
scripting attacks.

Full Advisory:
http://secunia.com/advisories/17675/

 --

[SA17665] CommodityRentals "user_id" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-11-23

r0t has reported a vulnerability in CommodityRentals, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/17665/

 --

[SA17664] PHP-Fusion SQL Injection Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data, Exposure of system information
Released:    2005-11-21

Robin Verton has reported some vulnerabilities in PHP-Fusion, which can
be exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/17664/

 --

[SA17660] phpComasy "id" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-11-21

r0t has discovered a vulnerability in phpComasy, which can be exploited
by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/17660/

 --

[SA17659] Jetty JSP Source Code Disclosure Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of sensitive information
Released:    2005-11-21

A vulnerability has been reported in Jetty, which can be exploited by
malicious people to disclose certain sensitive information.

Full Advisory:
http://secunia.com/advisories/17659/

 --

[SA17658] IBM WebSphere Application Server for z/OS Double-Free
Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Unknown
Released:    2005-11-22

A vulnerability has been reported in WebSphere Application Server for
z/OS, which has an unknown impact.

Full Advisory:
http://secunia.com/advisories/17658/

 --

[SA17651] Inkspace SVG Importer Buffer Overflow Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-11-21

Joxean Koret has reported a vulnerability in Inkspace, which
potentially can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/17651/

 --

[SA17649] phpMyFAQ "add content" Script Insertion Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-11-21

Tobias Klein has reported some vulnerabilities in phpMyFAQ, which can
be exploited by malicious people to conduct script insertion attacks.

Full Advisory:
http://secunia.com/advisories/17649/

 --

[SA17642] XMB "Your Current Mood" Script Insertion Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Exposure of system information
Released:    2005-11-18

trueend5 has discovered a vulnerability in XMB, which can be exploited
by malicious people to conduct script insertion attacks.

Full Advisory:
http://secunia.com/advisories/17642/

 --

[SA17641] Novell NetMail IMAP Buffer Overflow Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2005-11-18

A vulnerability has been reported in Novell NetMail, which can be
exploited by malicious users to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/17641/

 --

[SA17638] Nuke ET "query" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-11-21

Lostmon has reported a vulnerability in Nuke ET, which can be exploited
by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/17638/

 --

[SA17707] PmWiki "q" Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-11-23

Moritz Naumann has reported a vulnerability in PmWiki, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/17707/

 --

[SA17689] kPlaylist "searchfor" Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-11-23

r0t has discovered a vulnerability in kPlaylist, which can be exploited
by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/17689/

 --

[SA17681] IPUpdate "memmcat" Buffer Overflow Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      System access
Released:    2005-11-22

A vulnerability has been reported in IPUpdate, which potentially can be
exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/17681/

 --

[SA17677] Struts Error Message Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-11-22

Irene Abezgauz has discovered a vulnerability in Struts, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/17677/

 --

[SA17669] Advanced Poll "popup.php" Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-11-22

][GB][ has discovered a vulnerability in Advanced Poll, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/17669/

 --

[SA17655] Exponent CMS image gallery Module Script Insertion and Full
Path Disclosure

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting, Exposure of system information
Released:    2005-11-22

Hans Wolters has reported a weakness and a vulnerability in the image
gallery module for Exponent CMS, which can be exploited by malicious
users to disclose system information and conduct script insertion
attacks.

Full Advisory:
http://secunia.com/advisories/17655/

 --

[SA17700] Novell ZENworks Remote-Diagnostics Access Control Weakness

Critical:    Not critical
Where:       From local network
Impact:      Security Bypass
Released:    2005-11-23

A weakness has been reported in Novell ZENworks, which potentially can
be exploited by malicious users to bypass certain security
restrictions.

Full Advisory:
http://secunia.com/advisories/17700/



========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Subscribe:
http://secunia.com/secunia_weekly_summary/

Contact details:
Web	: http://secunia.com/
E-mail	: support at secunia.com
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45







More information about the ISN mailing list