[ISN] Secunia Weekly Summary - Issue: 2006-12

InfoSec News isn at c4i.org
Fri Mar 24 03:40:35 EST 2006


========================================================================

                  The Secunia Weekly Advisory Summary                  
                        2006-03-16 - 2006-03-23                        

                       This week : 96 advisories                       

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing

========================================================================
1) Word From Secunia:

The Secunia staff is spending hours every day to assure you the best
and most reliable source for vulnerability information. Every single 
vulnerability report is being validated and verified before a Secunia
advisory is written.

Secunia validates and verifies vulnerability reports in many different
ways e.g. by downloading the software and performing comprehensive
tests, by reviewing source code, or by validating the credibility of
the source from which the vulnerability report was issued.

As a result, Secunia's database is the most correct and complete source
for recent vulnerability information available on the Internet.

Secunia Online Vulnerability Database:
http://secunia.com/

========================================================================
2) This Week in Brief:

Secunia Research has discovered a critical vulnerability in Microsoft
Internet Explorer, which can be exploited by malicious people to
compromise a user's system.

While Secunia was coordinating disclosure with Microsoft a third party
also discovered this vulnerability, however, the third party chose to
immediately disclose it to various public mailing lists.

Secunia then quickly issued a Highly Critical Secunia advisory
regarding this to enable our customers and readers to take the
appropriate actions.

Currently, no solution is available from the vendor. Please read the
referenced Secunia advisory for additional details.

Reference:
http://secunia.com/SA18680

  -- 

ISS X-Force has reported a vulnerability in Sendmail, which can be
exploited by malicious people to compromise a vulnerable system.

All users are advised to update or apply available patches.

Additional details can be found in the referenced Secunia advisory
below.

Reference:
http://secunia.com/SA19342


VIRUS ALERTS:

Secunia has not issued any virus alerts during the week.

========================================================================
3) This Weeks Top Ten Most Read Advisories:

1.  [SA19218] Flash Player Unspecified Code Execution Vulnerabilities
2.  [SA19118] AVG Anti-Virus Updated Files Insecure File Permissions
3.  [SA18680] Microsoft Internet Explorer "createTextRange()" Code
              Execution
4.  [SA19138] Microsoft Office Multiple Code Execution Vulnerabilities
5.  [SA19269] Internet Explorer Multiple Event Handlers Denial of
              Service Weakness
6.  [SA18963] Mac OS X File Association Meta Data Shell Script
              Execution
7.  [SA19261] OpenOffice cURL/libcURL URL Parsing Off-By-One
              Vulnerability
8.  [SA19277] phpMyAdmin "set_theme" Cross-Site Scripting
9.  [SA19265] Novell NetWare NWFTPD Potential Denial of Service
              Vulnerability
10. [SA19330] Linux Kernel Buffer Overflow Vulnerabilities

========================================================================
4) Vulnerabilities Summary Listing

Windows:
[SA19288] MailEnable Webmail and POP3 Buffer Overflow Vulnerabilities
[SA19267] Mercur Messaging IMAP Service Buffer Overflow Vulnerability
[SA19292] betaparticle blog SQL Injection Vulnerabilities
[SA19286] ASPPortal "downloadid" SQL Injection Vulnerability
[SA19297] VPMi Enterprise "Request_Name_Display" Cross-Site Scripting
[SA19296] WinHKI Multiple Archive Directory Traversal Vulnerability
[SA19313] Nortel Centrex IP Client Manager Windows Privilege
Escalation
[SA19284] avast! Antivirus Insecure Default File Permissions
[SA19282] PC-cillin Internet Security Insecure Default Directory
Permissions
[SA19338] Baby FTP Server File Enumeration Weakness
[SA19269] Internet Explorer Multiple Event Handlers Denial of Service
Weakness

UNIX/Linux:
[SA19368] Slackware update for sendmail
[SA19367] Debian update for sendmail
[SA19363] Gentoo update for sendmail
[SA19362] Red Hat update for realplayer
[SA19361] SUSE update for sendmail
[SA19360] Sun Solaris Sendmail Signal Handling Memory Corruption
[SA19356] Fedora update for sendmail
[SA19349] AIX sendmail Signal Handling Memory Corruption Vulnerability
[SA19346] Red Hat update for sendmail
[SA19345] FreeBSD update for sendmail
[SA19342] Sendmail Signal Handling Memory Corruption Vulnerability
[SA19328] Gentoo update for netscape-flash
[SA19304] Gentoo update for metamail
[SA19291] Gentoo update for peercast
[SA19276] Debian update for crossfire
[SA19366] FreeBSD IPsec Sequence Number Verification Bypass
[SA19354] KisMAC Cisco Vendor Tag SSID Parsing Buffer Overflow
[SA19344] Gentoo update for curl
[SA19335] Fedora update for curl
[SA19334] Gentoo update for pngcrush
[SA19301] Gentoo update for PEAR-Auth
[SA19287] Trustix update for gnupg
[SA19281] jabberd SASL Negotiation Denial of Service Vulnerability
[SA19279] Debian update for xine-lib
[SA19272] Debian update for vlc
[SA19271] cURL/libcURL TFTP Protocol URL Parsing Buffer Overflow
[SA19266] Debian update for ilohamail
[SA19264] Debian update for kdegraphics
[SA19262] QmailAdmin "PATH_INFO" Handling Buffer Overflow
[SA19350] Debian update for firebird2
[SA19355] Gentoo update for php
[SA19347] FreeBSD OPIE opiepasswd User Verification Vulnerability
[SA19317] HP VirtualVault Apache HTTP Request Smuggling Vulnerability
[SA19303] Gentoo update for crypt-cbc
[SA19302] Gentoo update for heimdal
[SA19300] FreeRADIUS EAP-MSCHAPv2 Authentication Bypass Vulnerability
[SA19339] Debian update for kernel-patch-vserver / util-vserver
[SA19336] Fedora update for beagle
[SA19333] util-vserver Unknown Capabilities Handling Security Issue
[SA19330] Linux Kernel Netfilter Weakness and RNDIS Buffer Overflow
[SA19323] RunIt "chpst" Multiple Groups Handling Security Issue
[SA19318] Debian update for snmptrapfmt
[SA19316] Fedora update for xorg-x11-server
[SA19311] Sun Solaris update for Xorg X Server
[SA19307] X.Org X11 User Privilege Checking Security Bypass
[SA19305] HP-UX usermod Recursive Ownership Change Security Issue
[SA19278] Beagle "beagle-status" Command Execution Vulnerability
[SA19357] Linux Kernel IPv4 "sockaddr_in.sin_zero" Information
Disclosure
[SA19280] Gnome Screensaver Password Bypass Vulnerability

Other:
[SA19337] Firepass 4100 SSL VPN "s" Cross-Site Scripting Vulnerability
[SA19324] Novell NetWare NILE.NLM SSL Negotiation Vulnerabilities
[SA19319] Motorola Cellular Phones Security Dialog Spoofing
Vulnerability
[SA19265] Novell NetWare NWFTPD Potential Denial of Service
Vulnerability

Cross Platform:
[SA19358] RealNetworks Products Multiple Buffer Overflow
Vulnerabilities
[SA19353] XHP CMS "FileManager" File Upload Vulnerability
[SA19352] vBulletin ImpEx Module "systempath" File Inclusion
Vulnerability
[SA19343] FreeWPS "ImageManager" File Upload Vulnerability
[SA19320] Free Articles Directory "page" File Inclusion Vulnerability
[SA19298] KnowledgebasePublisher "dir" File Inclusion Vulnerability
[SA19285] PHP iCalendar File Inclusion and Calendar Upload
Vulnerabilities
[SA19359] AnyPortal(php) "F" Directory Traversal Vulnerability
[SA19329] 1WebCalendar Multiple SQL Injection Vulnerabilities
[SA19322] gCards Multiple Vulnerabilities
[SA19315] phpWebsite "sid" Parameter SQL Injection
[SA19314] Skull-Splitter's Download Counter for Wallpapers SQL
Injection
[SA19310] BEA WebLogic Server/Express Two Vulnerabilities
[SA19309] webcheck Website Content Script Insertion Vulnerability
[SA19290] OSWiki Username Script Insertion Vulnerability
[SA19289] CuteNews "archive" Disclosure of Sensitive Information
Vulnerability
[SA19283] SoftBB "mail" SQL Injection Vulnerability
[SA19275] Maian Support SQL Injection Vulnerabilities
[SA19274] Maian Events Multiple SQL Injection Vulnerabilities
[SA19273] Maian Weblog Multiple SQL Injection Vulnerabilities
[SA19270] Simple PHP Blog "blog_language" Local File Inclusion
[SA19263] Streber Unspecified Script Insertion Vulnerability
[SA19351] AdMan "transactions_offset" SQL Injection Vulnerability
[SA19340] PHP Live! "base_url" Cross-Site Scripting Vulnerability
[SA19332] IBM Tivoli Business Systems Manager Cross-Site Scripting
[SA19321] ExtCalendar calendar.php Cross-Site Scripting
Vulnerabilities
[SA19308] BEA WebLogic Portal JSR-168 Portlets Rendering Security
Issue
[SA19299] Invision Power Board PM Unspecified Cross-Site Scripting
[SA19294] Contrexx CMS Cross-Site Scripting Vulnerability
[SA19293] Woltlab Burning Board "class_db_mysql.php" Cross-Site
Scripting
[SA19277] phpMyAdmin "set_theme" Cross-Site Scripting
[SA19268] Skull-Splitter's PHP Guestbook Cross-Site Scripting
Vulnerability

========================================================================
5) Vulnerabilities Content Listing

Windows:--

[SA19288] MailEnable Webmail and POP3 Buffer Overflow Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2006-03-20

Two vulnerabilities have been reported in MailEnable, which can be
exploited by malicious people to cause a DoS (Denial of Service) and to
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/19288/

 --

[SA19267] Mercur Messaging IMAP Service Buffer Overflow Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2006-03-17

Tim Taylor has discovered a vulnerability in Mercur Messaging 2005,
which can be exploited by malicious people and by malicious users to
cause a DoS (Denial of Service) or to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/19267/

 --

[SA19292] betaparticle blog SQL Injection Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2006-03-20

Mustafa Can Bjorn has reported two vulnerabilities in betaparticle
blog, which can be exploited by malicious people to conduct SQL
injection attacks.

Full Advisory:
http://secunia.com/advisories/19292/

 --

[SA19286] ASPPortal "downloadid" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2006-03-21

nukedx has discovered a vulnerability in ASPPortal, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/19286/

 --

[SA19297] VPMi Enterprise "Request_Name_Display" Cross-Site Scripting

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2006-03-21

Steven M. Christey has reported a vulnerability in VPMi Enterprise,
which can be exploited by malicious people to conduct cross-site
scripting attacks.

Full Advisory:
http://secunia.com/advisories/19297/

 --

[SA19296] WinHKI Multiple Archive Directory Traversal Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      System access
Released:    2006-03-20

Hamid Ebadi has discovered a vulnerability in WinHKI, which potentially
can be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/19296/

 --

[SA19313] Nortel Centrex IP Client Manager Windows Privilege
Escalation

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2006-03-20

Nortel Networks has acknowledged some security issues in Centrex IP
Client Manager, which can be exploited by malicious, local users to
gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/19313/

 --

[SA19284] avast! Antivirus Insecure Default File Permissions

Critical:    Less critical
Where:       Local system
Impact:      Security Bypass, Manipulation of data, Privilege
escalation
Released:    2006-03-20

A security issue has been reported in avast! Antivirus, which can be
exploited by malicious, local users to bypass certain security
restrictions or gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/19284/

 --

[SA19282] PC-cillin Internet Security Insecure Default Directory
Permissions

Critical:    Less critical
Where:       Local system
Impact:      Manipulation of data, Privilege escalation
Released:    2006-03-22

Dominique GREGOIRE has discovered a security issue in PC-cillin
Internet Security, which can be exploited by malicious, local users to
gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/19282/

 --

[SA19338] Baby FTP Server File Enumeration Weakness

Critical:    Not critical
Where:       From remote
Impact:      Exposure of system information
Released:    2006-03-23

Ziv Kamir has discovered a weakness in Baby FTP Server, which can be
exploited by malicious people to enumerate files on an affected
system.

Full Advisory:
http://secunia.com/advisories/19338/

 --

[SA19269] Internet Explorer Multiple Event Handlers Denial of Service
Weakness

Critical:    Not critical
Where:       From remote
Impact:      DoS
Released:    2006-03-20

Michal Zalewski has discovered a weakness in Internet Explorer, which
can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/19269/


UNIX/Linux:--

[SA19368] Slackware update for sendmail

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2006-03-23

Slackware has issued an update for sendmail. This fixes a
vulnerability, which can be exploited by malicious people to compromise
a vulnerable system.

Full Advisory:
http://secunia.com/advisories/19368/

 --

[SA19367] Debian update for sendmail

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2006-03-23

Debian has issued an update for sendmail. This fixes a vulnerability,
which can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/19367/

 --

[SA19363] Gentoo update for sendmail

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2006-03-23

Gentoo has issued an update for sendmail. This fixes a vulnerability,
which can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/19363/

 --

[SA19362] Red Hat update for realplayer

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2006-03-23

Red Hat has issued an update for RealPlayer. This fixes a
vulnerability, which can be exploited by malicious people to compromise
a user's system.

Full Advisory:
http://secunia.com/advisories/19362/

 --

[SA19361] SUSE update for sendmail

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2006-03-23

SUSE has issued an update for sendmail. This fixes a vulnerability,
which can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/19361/

 --

[SA19360] Sun Solaris Sendmail Signal Handling Memory Corruption

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2006-03-23

Sun has acknowledged a vulnerability in Solaris, which can be exploited
by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/19360/

 --

[SA19356] Fedora update for sendmail

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2006-03-23

Fedora has issued an update for sendmail. This fixes a vulnerability,
which can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/19356/

 --

[SA19349] AIX sendmail Signal Handling Memory Corruption Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2006-03-23

IBM has acknowledged a vulnerability in sendmail in AIX, which can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/19349/

 --

[SA19346] Red Hat update for sendmail

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2006-03-23

Red Hat has issued an update for sendmail. This fixes a vulnerability,
which can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/19346/

 --

[SA19345] FreeBSD update for sendmail

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2006-03-23

FreeBSD has issued an update for sendmail. This fixes a vulnerability,
which can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/19345/

 --

[SA19342] Sendmail Signal Handling Memory Corruption Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2006-03-23

ISS X-Force has reported a vulnerability in Sendmail, which can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/19342/

 --

[SA19328] Gentoo update for netscape-flash

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2006-03-22

Gentoo has issued an update for netscape-flash. This fixes a
vulnerability, which can be exploited by malicious people to compromise
a user's system.

Full Advisory:
http://secunia.com/advisories/19328/

 --

[SA19304] Gentoo update for metamail

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2006-03-20

Gentoo has issued an update for metamail. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
user's system.

Full Advisory:
http://secunia.com/advisories/19304/

 --

[SA19291] Gentoo update for peercast

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2006-03-21

Gentoo has issued an update for peercast. This fixes a vulnerability,
which can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/19291/

 --

[SA19276] Debian update for crossfire

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2006-03-20

Debian has issued an update for crossfire. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service) and potentially to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/19276/

 --

[SA19366] FreeBSD IPsec Sequence Number Verification Bypass

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2006-03-23

A security issue has been reported in FreeBSD, which potentially can be
exploited by malicious people to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/19366/

 --

[SA19354] KisMAC Cisco Vendor Tag SSID Parsing Buffer Overflow

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2006-03-23

Stefan Esser has reported a vulnerability in KisMAC, which potentially
can be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/19354/

 --

[SA19344] Gentoo update for curl

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2006-03-22

Gentoo has issued an update for curl. This fixes a vulnerability, which
potentially can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/19344/

 --

[SA19335] Fedora update for curl

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2006-03-22

Fedora has issued an update for curl. This fixes a vulnerability, which
potentially can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/19335/

 --

[SA19334] Gentoo update for pngcrush

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2006-03-22

Gentoo has issued an update for pngcrush. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/19334/

 --

[SA19301] Gentoo update for PEAR-Auth

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Manipulation of data
Released:    2006-03-20

Gentoo has issued an update for PEAR-Auth. This fixes some
vulnerabilities, which can be exploited by malicious people to bypass
certain security restrictions.

Full Advisory:
http://secunia.com/advisories/19301/

 --

[SA19287] Trustix update for gnupg

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2006-03-20

Trustix has issued an update for gnupg. This fixes a vulnerability,
which can be exploited by malicious people to bypass certain security
restrictions.

Full Advisory:
http://secunia.com/advisories/19287/

 --

[SA19281] jabberd SASL Negotiation Denial of Service Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2006-03-20

A vulnerability has been reported in jabberd, which can be exploited by
malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/19281/

 --

[SA19279] Debian update for xine-lib

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2006-03-17

Debian has issued an update for xine-lib. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service) and potentially to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/19279/

 --

[SA19272] Debian update for vlc

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2006-03-17

Debian has issued an update for vlc. This fixes a vulnerability, which
can be exploited by malicious people to cause a DoS (Denial of Service)
and potentially to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/19272/

 --

[SA19271] cURL/libcURL TFTP Protocol URL Parsing Buffer Overflow

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2006-03-20

Ulf Harnhammar has reported a vulnerability in cURL/libcURL, which
potentially can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/19271/

 --

[SA19266] Debian update for ilohamail

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2006-03-20

Debian has issued an update for ilohamail. This fixes some
vulnerabilities, which can be exploited by malicious people to conduct
script insertion attacks.

Full Advisory:
http://secunia.com/advisories/19266/

 --

[SA19264] Debian update for kdegraphics

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2006-03-20

Debian has issued an update for kdegraphics. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service) and potentially to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/19264/

 --

[SA19262] QmailAdmin "PATH_INFO" Handling Buffer Overflow

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2006-03-17

A vulnerability has been reported in QmailAdmin, which potentially can
be exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/19262/

 --

[SA19350] Debian update for firebird2

Critical:    Moderately critical
Where:       From local network
Impact:      DoS, System access
Released:    2006-03-23

Debian has issued an update for firebird2. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service) and potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/19350/

 --

[SA19355] Gentoo update for php

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting, System access
Released:    2006-03-23

Gentoo has issued an update for php. This fixes a vulnerability, which
can be exploited by malicious people to conduct HTTP response splitting
attacks, potentially conduct cross-site scripting attacks, and
potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/19355/

 --

[SA19347] FreeBSD OPIE opiepasswd User Verification Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass, Privilege escalation
Released:    2006-03-23

A vulnerability has been reported in FreeBSD, which can be exploited by
malicious, local users to gain escalated privileges or by malicious
users to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/19347/

 --

[SA19317] HP VirtualVault Apache HTTP Request Smuggling Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, Manipulation of
data
Released:    2006-03-21

HP has acknowledged a vulnerability in Virtualvault, which can be
exploited by malicious people to conduct HTTP request smuggling
attacks.

Full Advisory:
http://secunia.com/advisories/19317/

 --

[SA19303] Gentoo update for crypt-cbc

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass
Released:    2006-03-20

Gentoo has issued an update for crypt-cbc. This fixes a security issue,
which can be exploited by malicious people to bypass certain security
restrictions.

Full Advisory:
http://secunia.com/advisories/19303/

 --

[SA19302] Gentoo update for heimdal

Critical:    Less critical
Where:       From local network
Impact:      Privilege escalation
Released:    2006-03-20

Gentoo has issued an update for heimdal. This fixes a vulnerability,
which can be exploited by malicious, local users to gain escalated
privileges.

Full Advisory:
http://secunia.com/advisories/19302/

 --

[SA19300] FreeRADIUS EAP-MSCHAPv2 Authentication Bypass Vulnerability

Critical:    Less critical
Where:       From local network
Impact:      DoS, Security Bypass
Released:    2006-03-21

A vulnerability has been reported in FreeRADIUS, which can be exploited
by malicious people to cause a DoS (Denial of Service) and to bypass
certain security restrictions.

Full Advisory:
http://secunia.com/advisories/19300/

 --

[SA19339] Debian update for kernel-patch-vserver / util-vserver

Critical:    Less critical
Where:       Local system
Impact:      Security Bypass
Released:    2006-03-22

Debian has issued updates for kernel-patch-vserver and util-vserver.
This fixes two security issues, which can be exploited by malicious
programs to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/19339/

 --

[SA19336] Fedora update for beagle

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2006-03-22

Fedora has issued an update for beagle. This fixes a vulnerability,
which can be exploited by malicious, local users to perform certain
actions on a vulnerable system with escalated privileges.

Full Advisory:
http://secunia.com/advisories/19336/

 --

[SA19333] util-vserver Unknown Capabilities Handling Security Issue

Critical:    Less critical
Where:       Local system
Impact:      Security Bypass
Released:    2006-03-22

A security issue has been reported in util-vserver, which potentially
can be exploited by malicious programs to bypass certain security
restrictions.

Full Advisory:
http://secunia.com/advisories/19333/

 --

[SA19330] Linux Kernel Netfilter Weakness and RNDIS Buffer Overflow

Critical:    Less critical
Where:       Local system
Impact:      Unknown
Released:    2006-03-22

A weakness and a vulnerability have been reported in the Linux Kernel,
which have unknown impacts.

Full Advisory:
http://secunia.com/advisories/19330/

 --

[SA19323] RunIt "chpst" Multiple Groups Handling Security Issue

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2006-03-22

Tino Keitel has reported a security issue in RunIt, which potentially
can cause a process to run with escalated group privileges.

Full Advisory:
http://secunia.com/advisories/19323/

 --

[SA19318] Debian update for snmptrapfmt

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2006-03-22

Debian has issued an update for snmptrapfmt. This fixes a
vulnerability, which potentially can be exploited by malicious, local
users to perform certain actions on a vulnerable system with escalated
privileges.

Full Advisory:
http://secunia.com/advisories/19318/

 --

[SA19316] Fedora update for xorg-x11-server

Critical:    Less critical
Where:       Local system
Impact:      Security Bypass
Released:    2006-03-21

Fedora has issued an update for xorg-x11-server. This fixes a
vulnerability, which can be exploited by malicious, local users to
bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/19316/

 --

[SA19311] Sun Solaris update for Xorg X Server

Critical:    Less critical
Where:       Local system
Impact:      Security Bypass
Released:    2006-03-21

Sun has issued an update for Xorg X Server. This fixes a vulnerability,
which can be exploited by malicious, local users to bypass certain
security restrictions.

Full Advisory:
http://secunia.com/advisories/19311/

 --

[SA19307] X.Org X11 User Privilege Checking Security Bypass

Critical:    Less critical
Where:       Local system
Impact:      Security Bypass
Released:    2006-03-21

A vulnerability has been reported in X11, which can be exploited by
malicious, local users to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/19307/

 --

[SA19305] HP-UX usermod Recursive Ownership Change Security Issue

Critical:    Less critical
Where:       Local system
Impact:      Security Bypass
Released:    2006-03-20

A security issue has been reported in HP-UX, which potentially can be
exploited by malicious people to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/19305/

 --

[SA19278] Beagle "beagle-status" Command Execution Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2006-03-17

James McCaw has discovered a vulnerability in Beagle, which can be
exploited by malicious, local users to perform certain actions on a
vulnerable system with escalated privileges.

Full Advisory:
http://secunia.com/advisories/19278/

 --

[SA19357] Linux Kernel IPv4 "sockaddr_in.sin_zero" Information
Disclosure

Critical:    Not critical
Where:       Local system
Impact:      Exposure of sensitive information
Released:    2006-03-23

Pavel Kankovsky has reported a weakness in the Linux kernel, which can
be exploited by malicious, local users to disclose potentially
sensitive information.

Full Advisory:
http://secunia.com/advisories/19357/

 --

[SA19280] Gnome Screensaver Password Bypass Vulnerability

Critical:    Not critical
Where:       Local system
Impact:      Security Bypass
Released:    2006-03-20

Sam Morris has reported a vulnerability in gnome-screensaver, which can
be exploited by a malicious person with physical access to a system to
bypass the password protected screensaver.

Full Advisory:
http://secunia.com/advisories/19280/


Other:--

[SA19337] Firepass 4100 SSL VPN "s" Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2006-03-22

ILION Research Labs has reported a vulnerability in Firepass 4100 SSL
VPN, which can be exploited by malicious people to conduct cross-site
scripting attacks.

Full Advisory:
http://secunia.com/advisories/19337/

 --

[SA19324] Novell NetWare NILE.NLM SSL Negotiation Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass
Released:    2006-03-22

Some vulnerabilities have been reported in Novell NetWare / Open
Enterprise Server, which potentially can be exploited by malicious
people to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/19324/

 --

[SA19319] Motorola Cellular Phones Security Dialog Spoofing
Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass, Spoofing, Exposure of sensitive
information
Released:    2006-03-22

Kevin Finisterre has reported a vulnerability in Motorola PEBL U6 and
Motorola V600, which can be exploited by malicious people to trick
users into accepting certain security dialogs.

Full Advisory:
http://secunia.com/advisories/19319/

 --

[SA19265] Novell NetWare NWFTPD Potential Denial of Service
Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2006-03-17

A vulnerability has been reported in NetWare, which potentially can be
exploited by malicious users to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/19265/


Cross Platform:--

[SA19358] RealNetworks Products Multiple Buffer Overflow
Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2006-03-23

Some vulnerabilities have been reported in various RealNetworks
products, which can be exploited by malicious people to compromise a
user's system.

Full Advisory:
http://secunia.com/advisories/19358/

 --

[SA19353] XHP CMS "FileManager" File Upload Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2006-03-23

rgod has discovered a vulnerability in XHP CMS, which can be exploited
by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/19353/

 --

[SA19352] vBulletin ImpEx Module "systempath" File Inclusion
Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2006-03-23

ReZEN has reported a vulnerability in the ImpEx module for vBulletin,
which can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/19352/

 --

[SA19343] FreeWPS "ImageManager" File Upload Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2006-03-22

alexander wilhelm has discovered a vulnerability in FreeWPS, which can
be exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/19343/

 --

[SA19320] Free Articles Directory "page" File Inclusion Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2006-03-22

Botan has discovered a vulnerability in Free Articles Directory, which
can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/19320/

 --

[SA19298] KnowledgebasePublisher "dir" File Inclusion Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2006-03-21

uid0 has reported a vulnerability in KnowledgebasePublisher, which
potentially can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/19298/

 --

[SA19285] PHP iCalendar File Inclusion and Calendar Upload
Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      Exposure of sensitive information, System access
Released:    2006-03-21

rgod has discovered two vulnerabilities in PHP iCalendar, which can be
exploited by malicious people to disclose potentially sensitive
information and to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/19285/

 --

[SA19359] AnyPortal(php) "F" Directory Traversal Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      System access, Exposure of sensitive information,
Manipulation of data
Released:    2006-03-23

Nuno Justo has discovered a vulnerability in AnyPortal(php), which can
be exploited by malicious users to disclose and manipulate sensitive
information, and compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/19359/

 --

[SA19329] 1WebCalendar Multiple SQL Injection Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2006-03-22

r0t has discovered some vulnerabilities in 1WebCalendar, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/19329/

 --

[SA19322] gCards Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data, Exposure of
sensitive information
Released:    2006-03-21

rgod has discovered multiple vulnerabilities in gcards, which can be
exploited by malicious people to conduct cross-site scripting attacks,
disclose sensitive information, and conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/19322/

 --

[SA19315] phpWebsite "sid" Parameter SQL Injection

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2006-03-22

DaBDouB-MoSiKaR has discovered a vulnerability in phpWebsite, which can
be exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/19315/

 --

[SA19314] Skull-Splitter's Download Counter for Wallpapers SQL
Injection

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2006-03-20

Aliaksandr Hartsuyeu has reported some vulnerabilities in Download
Counter for Wallpapers, which can be exploited by malicious people to
conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/19314/

 --

[SA19310] BEA WebLogic Server/Express Two Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information, DoS
Released:    2006-03-21

Two vulnerabilities have been reported in WebLogic Server / Express,
which can be exploited by malicious people to disclose potentially
sensitive information and to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/19310/

 --

[SA19309] webcheck Website Content Script Insertion Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2006-03-23

A vulnerability has been reported in webcheck, which can be exploited
by malicious people to conduct script insertion attacks.

Full Advisory:
http://secunia.com/advisories/19309/

 --

[SA19290] OSWiki Username Script Insertion Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2006-03-22

A vulnerability has been reported in OSWiki, which can be exploited by
malicious people to conduct script insertion attacks.

Full Advisory:
http://secunia.com/advisories/19290/

 --

[SA19289] CuteNews "archive" Disclosure of Sensitive Information
Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of sensitive information
Released:    2006-03-20

Hamid Ebadi has discovered a vulnerability in CuteNews, which can be
exploited by malicious people to disclose sensitive information.

Full Advisory:
http://secunia.com/advisories/19289/

 --

[SA19283] SoftBB "mail" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2006-03-20

A vulnerability has been discovered in SoftBB, which can be exploited
by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/19283/

 --

[SA19275] Maian Support SQL Injection Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Manipulation of data
Released:    2006-03-17

Aliaksandr Hartsuyeu has reported two vulnerabilities in Maian Support,
which can be exploited by malicious people to conduct SQL injection
attacks.

Full Advisory:
http://secunia.com/advisories/19275/

 --

[SA19274] Maian Events Multiple SQL Injection Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2006-03-17

Aliaksandr Hartsuyeu has discovered multiple vulnerabilities in Maian
Events, which can be exploited by malicious people to conduct SQL
injection attacks.

Full Advisory:
http://secunia.com/advisories/19274/

 --

[SA19273] Maian Weblog Multiple SQL Injection Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2006-03-17

Aliaksandr Hartsuyeu has discovered multiple vulnerabilities in Maian
Weblog, which can be exploited by malicious people to conduct SQL
injection attacks.

Full Advisory:
http://secunia.com/advisories/19273/

 --

[SA19270] Simple PHP Blog "blog_language" Local File Inclusion

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of sensitive information
Released:    2006-03-20

rgod has discovered a security issue in Simple PHP Blog, which can be
exploited by malicious people to disclose sensitive information.

Full Advisory:
http://secunia.com/advisories/19270/

 --

[SA19263] Streber Unspecified Script Insertion Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2006-03-20

A vulnerability has been reported in Streber, which potentially can be
exploited by malicious people to conduct script insertion attacks.

Full Advisory:
http://secunia.com/advisories/19263/

 --

[SA19351] AdMan "transactions_offset" SQL Injection Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Manipulation of data, Exposure of system information
Released:    2006-03-23

r0t has reported a vulnerability in AdMan, which can be exploited by
malicious users to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/19351/

 --

[SA19340] PHP Live! "base_url" Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2006-03-23

K-sPecial has reported a vulnerability in PHP Live!, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/19340/

 --

[SA19332] IBM Tivoli Business Systems Manager Cross-Site Scripting

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2006-03-23

A vulnerability has been reported in IBM Tivoli Business Systems
Manager, which can be exploited by malicious people to conduct
cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/19332/

 --

[SA19321] ExtCalendar calendar.php Cross-Site Scripting
Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2006-03-21

Soot has discovered some vulnerabilities in ExtCalendar, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/19321/

 --

[SA19308] BEA WebLogic Portal JSR-168 Portlets Rendering Security
Issue

Critical:    Less critical
Where:       From remote
Impact:      Exposure of sensitive information
Released:    2006-03-21

A security issue has been reported in WebLogic Portal, which can be
exploited by malicious users to disclose potentially sensitive
information.

Full Advisory:
http://secunia.com/advisories/19308/

 --

[SA19299] Invision Power Board PM Unspecified Cross-Site Scripting

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2006-03-22

A vulnerability has been reported in Invision Power Board, which
potentially can be exploited by malicious people to conduct cross-site
scripting attacks.

Full Advisory:
http://secunia.com/advisories/19299/

 --

[SA19294] Contrexx CMS Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2006-03-21

Soot has discovered a vulnerability in Contrexx CMS, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/19294/

 --

[SA19293] Woltlab Burning Board "class_db_mysql.php" Cross-Site
Scripting

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2006-03-20

r57shell has reported a vulnerability in Burning Board and Burning
Board Lite, which can be exploited by malicious people to conduct
cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/19293/

 --

[SA19277] phpMyAdmin "set_theme" Cross-Site Scripting

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2006-03-17

A vulnerability has been reported in phpMyAdmin, which can be exploited
by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/19277/

 --

[SA19268] Skull-Splitter's PHP Guestbook Cross-Site Scripting
Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2006-03-17

Aliaksandr Hartsuyeu has discovered a vulnerability in Skull-Splitter's
PHP Guestbook, which can be exploited by malicious people to conduct
cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/19268/



========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Subscribe:
http://secunia.com/secunia_weekly_summary/

Contact details:
Web	: http://secunia.com/
E-mail	: support at secunia.com
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45





More information about the ISN mailing list