[ISN] Secunia Weekly Summary - Issue: 2006-17

InfoSec News isn at c4i.org
Fri Apr 28 06:36:43 EDT 2006


========================================================================

                  The Secunia Weekly Advisory Summary                  
                        2006-04-20 - 2006-04-27                        

                       This week: 100 advisories                       

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing

========================================================================
1) Word From Secunia:

The Secunia staff is spending hours every day to assure you the best
and most reliable source for vulnerability information. Every single 
vulnerability report is being validated and verified before a Secunia
advisory is written.

Secunia validates and verifies vulnerability reports in many different
ways e.g. by downloading the software and performing comprehensive
tests, by reviewing source code, or by validating the credibility of
the source from which the vulnerability report was issued.

As a result, Secunia's database is the most correct and complete source
for recent vulnerability information available on the Internet.

Secunia Online Vulnerability Database:
http://secunia.com/

========================================================================
2) This Week in Brief:

Two new vulnerabilities have been discovered in Internet Explorer,
which can be exploited to compromise a vulnerable system or by
malicious people to disclose potentially sensitive information.

Secunia has constructed a test, which can be used to see if your
browser is vulnerable to the Arbitrary Content Disclosure
Vulnerability:
http://secunia.com/Internet_Explorer_Address_Bar_Spoofing_Vulnerability_Test/

Additional details may be found in the referenced Secunia advisories
below.

Reference:
http://secunia.com/SA19521
http://secunia.com/SA19762

 --

Tom Ferris has reported some potential vulnerabilities in Mac OS X,
which can be exploited by malicious people to cause a DoS (Denial of
Service) and potentially compromise a user's system.

Currently, no solution is available from the vendor. Additional details
may be found in the referenced Secunia advisory below.

Reference:
http://secunia.com/SA19686

 --

VIRUS ALERTS:

Secunia has not issued any virus alerts during the week.

========================================================================
3) This Weeks Top Ten Most Read Advisories:

1.  [SA19686] Mac OS X Multiple Potential Vulnerabilities
2.  [SA19631] Firefox Multiple Vulnerabilities
3.  [SA19762] Internet Explorer "object" Tag Memory Corruption Code
              Execution
4.  [SA19521] Internet Explorer Window Loading Race Condition Address
              Bar Spoofing
5.  [SA18680] Microsoft Internet Explorer "createTextRange()" Code
              Execution
6.  [SA19802] Firefox "contentWindow.focus()" Memory Corruption
              Weakness
7.  [SA19737] Linux Kernel perfmon Local Denial of Service
              Vulnerability
8.  [SA19761] PHPSurveyor "surveyid" SQL Injection Vulnerability
9.  [SA19752] HP StorageWorks Secure Path Denial of Service
              Vulnerability
10. [SA15601] Mozilla / Mozilla Firefox Frame Injection Vulnerability

========================================================================
4) Vulnerabilities Summary Listing

Windows:
[SA19842] Juniper Networks IVE ActiveX Control Buffer Overflow
[SA19795] Winny Command Parsing Buffer Overflow Vulnerability
[SA19767] Skulltag Version String Handling Format String Vulnerability
[SA19762] Internet Explorer "object" Tag Memory Corruption Code
Execution
[SA19812] Cartweaver Multiple SQL Injection Vulnerabilities
[SA19806] ampleShop Multiple SQL Injection Vulnerabilities
[SA19784] Pylon Anywhere Access Restriction Bypass Vulnerability
[SA19783] RI Blog Login SQL Injection Vulnerability
[SA19751] Bloggage "check_login.asp" SQL Injection Vulnerabilities
[SA19791] IZArc Multiple Archive Directory Traversal Vulnerability
[SA19771] iOpus Secure Email Attachments Password Usage Security Issue
[SA19848] SolarWinds TFTP Server Directory Traversal Vulnerability
[SA19844] WinAgents TFTP Server Directory Traversal Vulnerability
[SA19752] HP StorageWorks Secure Path Denial of Service Vulnerability
[SA19840] Groupmax Mail Client Attachment Filename Handling Weakness
[SA19824] Phex Chat Request Handling Weakness
[SA19819] Microsoft Office 2003 "mailto:" Automatic Attachment of
Arbitrary Files

UNIX/Linux:
[SA19863] Debian update for mozilla
[SA19862] Debian update for mozilla-firefox
[SA19854] Gentoo update for xine-ui
[SA19839] Gentoo update for ethereal
[SA19828] Fedora update for ethereal
[SA19823] SUSE update for MozillaThunderbird
[SA19811] SGI Advanced Linux Environment 3 Multiple Updates
[SA19805] Mandriva update for ethereal
[SA19794] Mandriva update for firefox
[SA19782] Slackware update for mozilla
[SA19780] Red Hat update for thunderbird
[SA19774] Sun Cobalt Sendmail Memory Corruption Vulnerability
[SA19770] Fenice HTTP Request Handling Two Vulnerabilities
[SA19759] Gentoo update for mozilla-firefox / mozilla-firefox-bin
[SA19748] phpMyAgenda "rootagenda" File Inclusion Vulnerability
[SA19856] Gentoo update for xine-lib
[SA19853] xine-lib MPEG Stream Handling Buffer Overflow Vulnerability
[SA19835] pdnsd DNS Query Handling Memory Leak Vulnerability
[SA19833] Red Hat update for ipsec-tools
[SA19832] Red Hat update for php
[SA19829] Debian update for abcmidi
[SA19826] abcmidi ABC Music File Handling Buffer Overflow
Vulnerabilities
[SA19825] Debian update for cyrus-sasl2
[SA19821] Mandriva update for mozilla-thunderbird
[SA19809] Ubuntu update for cyrus-sasl2
[SA19807] Debian update for abc2ps
[SA19804] Ubuntu update for ruby
[SA19798] SCO OpenServer update for CUPS
[SA19797] UnixWare update for CUPS
[SA19790] Debian update for xzgv
[SA19787] abc2ps ABC Music File Buffer Overflow Vulnerabilities
[SA19785] Gentoo update for crossfire-server
[SA19781] Fedora update for beagle
[SA19779] Debian update for zgv
[SA19778] Beagle Commandline Argument Injection Vulnerability
[SA19772] Mandriva update for ruby
[SA19765] Gentoo update for dia
[SA19757] Gentoo update for zgv/xzgv
[SA19754] Debian update for blender
[SA19753] Gentoo update for cyrus-sasl
[SA19800] Asterisk JPEG Image Handling Buffer Overflow Vulnerability
[SA19837] Debian update for openvpn
[SA19808] BIND Zone Transfer TSIG Handling Denial of Service
[SA19760] Dnsmasq DHCP Broadcast Reply Denial of Service
[SA19799] SCO OpenServer update for Ghostscript
[SA19796] UnixWare update for xserver
[SA19789] Sun Solaris "libpkcs11" Privilege Escalation Vulnerability
[SA19766] Gentoo update for fbida
[SA19775] Mandriva update for php
[SA19763] Safari "rowspan" Attribute Denial of Service Vulnerability

Other:
[SA19822] Juniper Networks JUNOSe DNS Response Handling Vulnerability
[SA19820] FITELnet Products DNS Handling Vulnerability
[SA19847] Océ 3121/3122 Printer Long URL Denial of Service
[SA19818] IP3 Networks NA75 SQL Injection Vulnerability and Weaknesses
[SA19756] 3Com Baseline Switch 2848-SFP DHCP Potential Denial of
Service

Cross Platform:
[SA19830] Invision Power Board Multiple Vulnerabilities
[SA19788] dForum "DFORUM_PATH" File Inclusion Vulnerability
[SA19773] My Gaming Ladder Combo System "stats.php" File Inclusion
Vulnerability
[SA19769] Ethereal Multiple Protocol Dissector Vulnerabilities
[SA19761] PHPSurveyor "surveyid" SQL Injection Vulnerability
[SA19749] built2go Movie Review "full_path" File Inclusion
Vulnerability
[SA19841] Hitachi Multiple JP1 Products Denial of Service
[SA19836] photokorn SQL Injection Vulnerabilities
[SA19831] PowerDNS Recursor Denial of Service Vulnerability
[SA19817] QuickEStore Multiple SQL Injection Vulnerabilities
[SA19813] Instant Photo Gallery "id" SQL Injection Vulnerability
[SA19792] SL_site Multiple Vulnerabilities and Weakness
[SA19777] Scry Directory Traversal Vulnerability and Path Disclosure
Weakness
[SA19776] Help Center Live osTicket SQL Injection Vulnerabilities
[SA19768] OpenTTD Error Number Handling Denial of Service
[SA19764] Simplog SQL Injection and Cross-Site Scripting
Vulnerabilities
[SA19758] Bookmark4U "config.php" Security Bypass
[SA19750] DeleGate DNS Query Handling Denial of Service
[SA19855] DevBB "member" Parameter Cross-Site Scripting Vulnerability
[SA19843] Jax Guestbook "page" Cross-Site Scripting Vulnerability
[SA19827] phpWebFTP Cross-Site Scripting Vulnerability
[SA19815] DCForumLite "az" Cross-Site Scripting Vulnerability
[SA19803] PHP "wordwrap()" Buffer Overflow Vulnerability
[SA19801] PhpWebGallery "picture.php" Disclosure of Arbitrary Pictures
[SA19793] logMethods "kwd" Cross-Site Scripting Vulnerability
[SA19786] MKPortal "pmpopup.php" Cross-Site Scripting Vulnerabilities
[SA19860] Oracle Database "DBMS_EXPORT_EXTENSION" Package SQL
Injection
[SA19802] Firefox "contentWindow.focus()" Memory Corruption Weakness

========================================================================
5) Vulnerabilities Content Listing

Windows:--

[SA19842] Juniper Networks IVE ActiveX Control Buffer Overflow

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2006-04-27

eEye Digital Security has reported a vulnerability in Juniper IVE OS,
which can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/19842/

 --

[SA19795] Winny Command Parsing Buffer Overflow Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2006-04-24

eEye Digital Security has reported a vulnerability in Winny, which can
be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/19795/

 --

[SA19767] Skulltag Version String Handling Format String Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2006-04-24

Luigi Auriemma has reported a vulnerability in Skulltag, which
potentially can be exploited by malicious people to cause a DoS (Denial
of Service) and to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/19767/

 --

[SA19762] Internet Explorer "object" Tag Memory Corruption Code
Execution

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2006-04-25

Michal Zalewski has discovered a vulnerability in Internet Explorer,
which can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/19762/

 --

[SA19812] Cartweaver Multiple SQL Injection Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2006-04-26

r0t has reported some vulnerabilities in Cartweaver, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/19812/

 --

[SA19806] ampleShop Multiple SQL Injection Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2006-04-25

r0t has reported some vulnerabilities in ampleShop, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/19806/

 --

[SA19784] Pylon Anywhere Access Restriction Bypass Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Exposure of sensitive information
Released:    2006-04-24

A vulnerability has been reported in Pylon Anywhere, which can be
exploited by malicious users to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/19784/

 --

[SA19783] RI Blog Login SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Manipulation of data
Released:    2006-04-24

omnipresent has discovered a vulnerability in RI Blog, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/19783/

 --

[SA19751] Bloggage "check_login.asp" SQL Injection Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Manipulation of data
Released:    2006-04-21

omnipresent has discovered two vulnerabilities in Bloggage, which can
be exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/19751/

 --

[SA19791] IZArc Multiple Archive Directory Traversal Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      System access
Released:    2006-04-24

Claus Berghamer has discovered a vulnerability in IZArc, which
potentially can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/19791/

 --

[SA19771] iOpus Secure Email Attachments Password Usage Security Issue

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass
Released:    2006-04-25

NtWaK0 and NoPh0BiA have reported a security issue in iOpus Secure
Email Attachments, which potentially can be exploited by malicious
people to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/19771/

 --

[SA19848] SolarWinds TFTP Server Directory Traversal Vulnerability

Critical:    Less critical
Where:       From local network
Impact:      Exposure of sensitive information
Released:    2006-04-27

Rapid7 has reported a vulnerability in SolarWinds TFTP Server, which
can be exploited by malicious people to disclose potentially sensitive
information.

Full Advisory:
http://secunia.com/advisories/19848/

 --

[SA19844] WinAgents TFTP Server Directory Traversal Vulnerability

Critical:    Less critical
Where:       From local network
Impact:      Exposure of sensitive information
Released:    2006-04-27

Rapid7 has reported a vulnerability in WinAgents TFTP Server, which can
be exploited by malicious people to disclose potentially sensitive
information.

Full Advisory:
http://secunia.com/advisories/19844/

 --

[SA19752] HP StorageWorks Secure Path Denial of Service Vulnerability

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2006-04-21

A vulnerability has been reported in HP StorageWorks Secure Path, which
potentially can be exploited by malicious people to cause a DoS (Denial
of Service).

Full Advisory:
http://secunia.com/advisories/19752/

 --

[SA19840] Groupmax Mail Client Attachment Filename Handling Weakness

Critical:    Not critical
Where:       From remote
Impact:      DoS
Released:    2006-04-26

A weakness has been reported in Groupmax Mail Client, which potentially
can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/19840/

 --

[SA19824] Phex Chat Request Handling Weakness

Critical:    Not critical
Where:       From remote
Impact:      DoS
Released:    2006-04-27

A weakness has been reported in Phex, which can be exploited by
malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/19824/

 --

[SA19819] Microsoft Office 2003 "mailto:" Automatic Attachment of
Arbitrary Files

Critical:    Not critical
Where:       From remote
Impact:      Manipulation of data, Exposure of sensitive information
Released:    2006-04-26

Inge Henriksen has discovered a weakness in Microsoft Office 2003,
which can be exploited by malicious people to disclose sensitive
information.

Full Advisory:
http://secunia.com/advisories/19819/


UNIX/Linux:--

[SA19863] Debian update for mozilla

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, Spoofing, Exposure
of sensitive information, DoS, System access
Released:    2006-04-27

Debian has issued an update for mozilla. This fixes some
vulnerabilities, which can be exploited by malicious people to conduct
cross-site scripting and phishing attacks, bypass certain security
restrictions, disclose sensitive information, and potentially
compromise a user's system.

Full Advisory:
http://secunia.com/advisories/19863/

 --

[SA19862] Debian update for mozilla-firefox

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, Spoofing, Exposure
of sensitive information, DoS, System access
Released:    2006-04-27

Debian has issued an update for mozilla-firefox. This fixes some
vulnerabilities, which can be exploited by malicious people to conduct
cross-site scripting and phishing attacks, bypass certain security
restrictions, disclose sensitive information, cause a DoS (Denial of
Service), and potentially compromise a user's system.

Full Advisory:
http://secunia.com/advisories/19862/

 --

[SA19854] Gentoo update for xine-ui

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2006-04-27

Gentoo has issued an update for xine-ui. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
user's system.

Full Advisory:
http://secunia.com/advisories/19854/

 --

[SA19839] Gentoo update for ethereal

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2006-04-27

Gentoo has issued an update for ethereal. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service) or compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/19839/

 --

[SA19828] Fedora update for ethereal

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2006-04-26

Fedora has issued an update for ethereal. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service) or compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/19828/

 --

[SA19823] SUSE update for MozillaThunderbird

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, Spoofing,
Manipulation of data, Exposure of system information, Exposure of
sensitive information, System access
Released:    2006-04-26

SUSE has issued an update for MozillaThunderbird. This fixes some
vulnerabilities, where the most critical ones can be exploited by
malicious people to bypass certain security restrictions, conduct
cross-site scripting and spoofing attacks, potentially disclose
sensitive information, and compromise a user's system.

Full Advisory:
http://secunia.com/advisories/19823/

 --

[SA19811] SGI Advanced Linux Environment 3 Multiple Updates

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, Spoofing, Exposure
of sensitive information, DoS, System access
Released:    2006-04-26

SGI has issued a patch for SGI Advanced Linux Environment. This fixes
some vulnerabilities, which can be exploited by malicious people to
conduct cross-site scripting and phishing attacks, to disclose certain
sensitive information, bypass certain security restrictions, or cause a
DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/19811/

 --

[SA19805] Mandriva update for ethereal

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2006-04-26

Mandriva has issued an update for ethereal. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service) or compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/19805/

 --

[SA19794] Mandriva update for firefox

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, Spoofing, Exposure
of sensitive information, DoS, System access
Released:    2006-04-25

Mandriva has issued an update for firefox. This fixes some
vulnerabilities, which can be exploited by malicious people to conduct
cross-site scripting and phishing attacks, bypass certain security
restrictions, disclose sensitive information, and potentially
compromise a user's system.

Full Advisory:
http://secunia.com/advisories/19794/

 --

[SA19782] Slackware update for mozilla

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, Spoofing, Exposure
of sensitive information, DoS, System access
Released:    2006-04-25

Slackware has issued an update for mozilla. This fixes some
vulnerabilities, which can be exploited by malicious people to conduct
cross-site scripting and phishing attacks, bypass certain security
restrictions, disclose sensitive information, and potentially
compromise a user's system.

Full Advisory:
http://secunia.com/advisories/19782/

 --

[SA19780] Red Hat update for thunderbird

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, Exposure of system
information, Exposure of sensitive information, System access
Released:    2006-04-24

Red Hat has issued an update for thunderbird. This fixes some
vulnerabilities, which can be exploited by malicious people to bypass
certain security restrictions, conduct cross-site scripting attacks,
potentially disclose sensitive information, and potentially compromise
a user's system.

Full Advisory:
http://secunia.com/advisories/19780/

 --

[SA19774] Sun Cobalt Sendmail Memory Corruption Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2006-04-26

Sun has acknowledged a vulnerability in Sun Cobalt, which can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/19774/

 --

[SA19770] Fenice HTTP Request Handling Two Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2006-04-24

Luigi Auriemma has reported two vulnerabilities in Fenice, which can be
exploited by malicious people to cause a DoS (Denial of Service) and
potentially to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/19770/

 --

[SA19759] Gentoo update for mozilla-firefox / mozilla-firefox-bin

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, Spoofing, Exposure
of sensitive information, DoS, System access
Released:    2006-04-24

Gentoo has issued an update for mozilla-firefox / mozilla-firefox-bin.
This fixes some vulnerabilities, which can be exploited by malicious
people to conduct cross-site scripting and phishing attacks, bypass
certain security restrictions, disclose sensitive information, cause a
DoS (Denial of Service), and potentially compromise a user's system.

Full Advisory:
http://secunia.com/advisories/19759/

 --

[SA19748] phpMyAgenda "rootagenda" File Inclusion Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2006-04-25

Aesthetico has discovered a vulnerability in phpMyAgenda, which can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/19748/

 --

[SA19856] Gentoo update for xine-lib

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2006-04-27

Gentoo has issued an update for xine-lib. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
user's system.

Full Advisory:
http://secunia.com/advisories/19856/

 --

[SA19853] xine-lib MPEG Stream Handling Buffer Overflow Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2006-04-27

Federico L. Bossi Bonin has reported a vulnerability in xine-lib, which
potentially can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/19853/

 --

[SA19835] pdnsd DNS Query Handling Memory Leak Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2006-04-26

A vulnerability has been reported in pdnsd, which can be exploited by
malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/19835/

 --

[SA19833] Red Hat update for ipsec-tools

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2006-04-26

Red Hat has issued an update for ipsec-tools. This fixes a
vulnerability, which can be exploited by malicious people to cause a
DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/19833/

 --

[SA19832] Red Hat update for php

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, Manipulation of
data, Exposure of sensitive information, DoS, System access
Released:    2006-04-26

Red Hat has issued an update for php. This fixes some vulnerabilities,
which can be exploited by malicious, local users to bypass certain
security restrictions, by malicious users to cause a DoS (Denial of
Service) or to compromise a vulnerable system, and by malicious people
to use PHP as an open mail relay, gain knowledge of potentially
sensitive information, to conduct cross-site scripting attacks, and
potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/19832/

 --

[SA19829] Debian update for abcmidi

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2006-04-26

Debian has issued an update for abcmidi. This fixes some
vulnerabilities, which can be exploited by malicious people to
compromise a user's system.

Full Advisory:
http://secunia.com/advisories/19829/

 --

[SA19826] abcmidi ABC Music File Handling Buffer Overflow
Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2006-04-26

Erik Sjölund has reported some vulnerabilities in abc2midi, which can
be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/19826/

 --

[SA19825] Debian update for cyrus-sasl2

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2006-04-26

Debian has issued an update for cyrus-sasl2. This fixes a
vulnerability, which can be exploited by malicious people to cause a
DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/19825/

 --

[SA19821] Mandriva update for mozilla-thunderbird

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, Exposure of system
information, Exposure of sensitive information, System access
Released:    2006-04-26

Mandriva has issued an update for mozilla-thunderbird. This fixes some
vulnerabilities, which can be exploited by malicious people to bypass
certain security restrictions, conduct cross-site scripting attacks,
potentially disclose sensitive information, and potentially compromise
a user's system.

Full Advisory:
http://secunia.com/advisories/19821/

 --

[SA19809] Ubuntu update for cyrus-sasl2

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2006-04-26

Ubuntu has issued an update for cyrus-sasl2. This fixes a
vulnerability, which can be exploited by malicious people to cause a
DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/19809/

 --

[SA19807] Debian update for abc2ps

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2006-04-25

Debian has issued an update for abc2ps. This fixes some
vulnerabilities, which can be exploited by malicious people to
compromise a user's system.

Full Advisory:
http://secunia.com/advisories/19807/

 --

[SA19804] Ubuntu update for ruby

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2006-04-26

Ubuntu has issued an update for ruby. This fixes a vulnerability, which
can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/19804/

 --

[SA19798] SCO OpenServer update for CUPS

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2006-04-24

SCO has issued an update for CUPS. This fixes some vulnerabilities,
which can be exploited by malicious people to cause a DoS (Denial of
Service) and potentially to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/19798/

 --

[SA19797] UnixWare update for CUPS

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2006-04-24

SCO has issued an update for CUPS. This fixes some vulnerabilities,
which can be exploited by malicious people to cause a DoS (Denial of
Service) and potentially to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/19797/

 --

[SA19790] Debian update for xzgv

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2006-04-24

Debian has issued an update for xzgv. This fixes a vulnerability, which
can be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/19790/

 --

[SA19787] abc2ps ABC Music File Buffer Overflow Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2006-04-25

Erik Sjölund has reported some vulnerabilities in abc2ps, which can be
exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/19787/

 --

[SA19785] Gentoo update for crossfire-server

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2006-04-24

Gentoo has issued an update for crossfire-server. This fixes a
vulnerability, which can be exploited by malicious people to cause a
DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/19785/

 --

[SA19781] Fedora update for beagle

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2006-04-25

Fedora has issued an update for beagle. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
user's system.

Full Advisory:
http://secunia.com/advisories/19781/

 --

[SA19779] Debian update for zgv

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2006-04-24

Debian has issued an update for zgv. This fixes a vulnerability, which
can be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/19779/

 --

[SA19778] Beagle Commandline Argument Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2006-04-25

Chris Evans has reported a vulnerability in Beagle, which potentially
can be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/19778/

 --

[SA19772] Mandriva update for ruby

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2006-04-26

Mandriva has issued an update for ruby. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/19772/

 --

[SA19765] Gentoo update for dia

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2006-04-24

Gentoo has issued an update for dia. This fixes some vulnerabilities,
which potentially can be exploited by malicious people to compromise a
user's system.

Full Advisory:
http://secunia.com/advisories/19765/

 --

[SA19757] Gentoo update for zgv/xzgv

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2006-04-21

Gentoo has issued updates for zgv and xzgv. These fix a vulnerability,
which can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/19757/

 --

[SA19754] Debian update for blender

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2006-04-24

Debian has issued an update for blender. This fixes two
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service) or potentially to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/19754/

 --

[SA19753] Gentoo update for cyrus-sasl

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2006-04-21

Gentoo has issued an update for cyrus-sasl. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/19753/

 --

[SA19800] Asterisk JPEG Image Handling Buffer Overflow Vulnerability

Critical:    Moderately critical
Where:       From local network
Impact:      DoS, System access
Released:    2006-04-24

Emmanouel Kellinis has reported a vulnerability in Asterisk, which can
be exploited by malicious people to cause a DoS (Denial of Service) and
potentially to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/19800/

 --

[SA19837] Debian update for openvpn

Critical:    Less critical
Where:       From remote
Impact:      System access
Released:    2006-04-27

Debian has issued an update for openvpn. This fixes a vulnerability,
which can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/19837/

 --

[SA19808] BIND Zone Transfer TSIG Handling Denial of Service

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2006-04-26

A vulnerability been reported in ISC BIND, which can be exploited by
malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/19808/

 --

[SA19760] Dnsmasq DHCP Broadcast Reply Denial of Service

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2006-04-24

A vulnerability has been reported in Dnsmasq, which potentially can be
exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/19760/

 --

[SA19799] SCO OpenServer update for Ghostscript

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2006-04-24

SCO has issued an update for Ghostscript. This fixes some
vulnerabilities, which can be exploited by malicious, local users to
perform certain actions on a vulnerable system with escalated
privileges.

Full Advisory:
http://secunia.com/advisories/19799/

 --

[SA19796] UnixWare update for xserver

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2006-04-24

SCO has issued an update for xserver. This fixes a vulnerability, which
potentially can be exploited by malicious, local users to gain escalated
privileges.

Full Advisory:
http://secunia.com/advisories/19796/

 --

[SA19789] Sun Solaris "libpkcs11" Privilege Escalation Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2006-04-25

A vulnerability has been reported in Solaris, which can be exploited by
malicious, local users to gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/19789/

 --

[SA19766] Gentoo update for fbida

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2006-04-24

Gentoo has issued an update for fbida. This fixes a vulnerability,
which can be exploited by malicious, local users to perform certain
actions on a vulnerable system with escalated privileges.

Full Advisory:
http://secunia.com/advisories/19766/

 --

[SA19775] Mandriva update for php

Critical:    Not critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting
Released:    2006-04-25

Mandriva has issued an update for php. This fixes some vulnerabilities,
which can be exploited by malicious, local users to bypass certain
security restrictions and by malicious people to conduct cross-site
scripting attacks.

Full Advisory:
http://secunia.com/advisories/19775/

 --

[SA19763] Safari "rowspan" Attribute Denial of Service Vulnerability

Critical:    Not critical
Where:       From remote
Impact:      DoS
Released:    2006-04-25

Yannick von Arx has discovered a vulnerability in Safari, which can be
exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/19763/


Other:--

[SA19822] Juniper Networks JUNOSe DNS Response Handling Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Unknown
Released:    2006-04-26

A vulnerability with unknown impact has been reported in JUNOSe.

Full Advisory:
http://secunia.com/advisories/19822/

 --

[SA19820] FITELnet Products DNS Handling Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Unknown
Released:    2006-04-26

A vulnerability with unknown impact has been reported in various
FITELnet products.

Full Advisory:
http://secunia.com/advisories/19820/

 --

[SA19847] Océ 3121/3122 Printer Long URL Denial of Service

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2006-04-27

Herman Groeneveld has reported a vulnerability in Océ 3121/3122
Printer, which can be exploited by malicious people to cause a DoS
(Denial of Service).

Full Advisory:
http://secunia.com/advisories/19847/

 --

[SA19818] IP3 Networks NA75 SQL Injection Vulnerability and Weaknesses

Critical:    Less critical
Where:       From local network
Impact:      Security Bypass, Manipulation of data, Exposure of
sensitive information, Privilege escalation
Released:    2006-04-26

Ralph Moonen has reported a vulnerability and some weaknesses in IP3
Networks NA75, which can be exploited by malicious, local users to
potentially gain escalated privileges and disclose or manipulate
sensitive information, or by malicious people to conduct SQL injection
attacks.

Full Advisory:
http://secunia.com/advisories/19818/

 --

[SA19756] 3Com Baseline Switch 2848-SFP DHCP Potential Denial of
Service

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2006-04-25

A vulnerability has been reported in 3Com Baseline Switch 2848-SFP,
which potentially can be exploited by malicious people to cause a DoS
(Denial of Service).

Full Advisory:
http://secunia.com/advisories/19756/


Cross Platform:--

[SA19830] Invision Power Board Multiple Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, Manipulation of
data, System access
Released:    2006-04-26

Some vulnerabilities have been reported in Invision Power Board, which
can be exploited by malicious people to conduct script insertion and
SQL injection attacks, and compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/19830/

 --

[SA19788] dForum "DFORUM_PATH" File Inclusion Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2006-04-24

Mustafa Can Bjorn has reported a vulnerability in dForum, which can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/19788/

 --

[SA19773] My Gaming Ladder Combo System "stats.php" File Inclusion
Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2006-04-24

Mustafa Can Bjorn has reported a vulnerability in My Gaming Ladder
Combo System, which can be exploited by malicious people to compromise
a vulnerable system.

Full Advisory:
http://secunia.com/advisories/19773/

 --

[SA19769] Ethereal Multiple Protocol Dissector Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2006-04-25

Multiple vulnerabilities have been reported in Ethereal, which can be
exploited by malicious people to cause a DoS (Denial of Service) or
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/19769/

 --

[SA19761] PHPSurveyor "surveyid" SQL Injection Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      Manipulation of data, System access
Released:    2006-04-21

rgod has reported a vulnerability in PHPSurveyor, which can be
exploited by malicious people to conduct SQL injection attacks and
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/19761/

 --

[SA19749] built2go Movie Review "full_path" File Inclusion
Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2006-04-24

Camille Myers has reported a vulnerability in built2go Movie Review,
which can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/19749/

 --

[SA19841] Hitachi Multiple JP1 Products Denial of Service

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2006-04-26

A vulnerability has been reported in multiple JP1 products, which can
be exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/19841/

 --

[SA19836] photokorn SQL Injection Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2006-04-26

Dr.Jr7 has reported some vulnerabilities in photokorn, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/19836/

 --

[SA19831] PowerDNS Recursor Denial of Service Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2006-04-26

A vulnerability has been reported in PowerDNS, which can be exploited
by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/19831/

 --

[SA19817] QuickEStore Multiple SQL Injection Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2006-04-26

r0t has reported some vulnerabilities in QuickEStore, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/19817/

 --

[SA19813] Instant Photo Gallery "id" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2006-04-26

Qex has reported a vulnerability in Instant Photo Gallery, which can be
exploited by malicious people to conduct cross-site scripting attacks
and SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/19813/

 --

[SA19792] SL_site Multiple Vulnerabilities and Weakness

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data, Exposure of
system information
Released:    2006-04-24

benozor77 has discovered two vulnerabilities and a weakness in SL_site,
which can be exploited by malicious people to disclose system
information, and conduct cross-site scripting and SQL injection
attacks.

Full Advisory:
http://secunia.com/advisories/19792/

 --

[SA19777] Scry Directory Traversal Vulnerability and Path Disclosure
Weakness

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information
Released:    2006-04-24

Moroccan Security Team has discovered a vulnerability and a weakness in
Scry, which can be exploited by malicious people to disclose system and
potentially sensitive information.

Full Advisory:
http://secunia.com/advisories/19777/

 --

[SA19776] Help Center Live osTicket SQL Injection Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2006-04-24

Some vulnerabilities have been reported in Help Center Live, which can
be exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/19776/

 --

[SA19768] OpenTTD Error Number Handling Denial of Service

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2006-04-24

Luigi Auriemma has reported a vulnerability in OpenTTD, which can be
exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/19768/

 --

[SA19764] Simplog SQL Injection and Cross-Site Scripting
Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data
Released:    2006-04-24

Mustafa Can Bjorn has reported some vulnerabilities in Simplog, which
can be exploited by malicious users and by malicious people to conduct
SQL injection and cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/19764/

 --

[SA19758] Bookmark4U "config.php" Security Bypass

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Manipulation of data
Released:    2006-04-21

MoHaJaLi has discovered a security issue in Bookmark4U, which can be
exploited by malicious people to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/19758/

 --

[SA19750] DeleGate DNS Query Handling Denial of Service

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2006-04-26

A vulnerability has been reported in DeleGate, which can be exploited
by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/19750/

 --

[SA19855] DevBB "member" Parameter Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2006-04-27

Qex has reported a vulnerability in DevBB, which can be exploited by
malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/19855/

 --

[SA19843] Jax Guestbook "page" Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2006-04-27

ALMOKANN3 has discovered a vulnerability in Jax Guestbook, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/19843/

 --

[SA19827] phpWebFTP Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2006-04-26

A vulnerability has been discovered in phpWebFTP, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/19827/

 --

[SA19815] DCForumLite "az" Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2006-04-26

Breeeeh has reported a vulnerability in DCForumLite, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/19815/

 --

[SA19803] PHP "wordwrap()" Buffer Overflow Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      System access
Released:    2006-04-25

Leon Juranic has discovered a vulnerability in PHP, which potentially
can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/19803/

 --

[SA19801] PhpWebGallery "picture.php" Disclosure of Arbitrary Pictures

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass, Exposure of sensitive information
Released:    2006-04-25

A vulnerability has been reported in PhpWebGallery, which can be
exploited by malicious people to disclose potentially sensitive
information.

Full Advisory:
http://secunia.com/advisories/19801/

 --

[SA19793] logMethods "kwd" Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2006-04-24

r0t has discovered a vulnerability in logMethods, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/19793/

 --

[SA19786] MKPortal "pmpopup.php" Cross-Site Scripting Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2006-04-24

Mustafa Can Bjorn has discovered some vulnerabilities in MKPortal,
which can be exploited by malicious people to conduct cross-site
scripting attacks.

Full Advisory:
http://secunia.com/advisories/19786/

 --

[SA19860] Oracle Database "DBMS_EXPORT_EXTENSION" Package SQL
Injection

Critical:    Less critical
Where:       From local network
Impact:      Manipulation of data
Released:    2006-04-27

David Litchfield has reported a vulnerability in Oracle Database, which
can be exploited by malicious users to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/19860/

 --

[SA19802] Firefox "contentWindow.focus()" Memory Corruption Weakness

Critical:    Not critical
Where:       From remote
Impact:      DoS
Released:    2006-04-25

A weakness has been discovered in Firefox, which can be exploited by
malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/19802/



========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Subscribe:
http://secunia.com/secunia_weekly_summary/

Contact details:
Web	: http://secunia.com/
E-mail	: support at secunia.com
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45





More information about the ISN mailing list