========================================================================
The Secunia Weekly Advisory Summary
2006-12-07 - 2006-12-14
This week: 88 advisories
========================================================================
Table of Contents:
1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing
========================================================================
1) Word From Secunia:
A quick update and some statistics from the Secunia Software Inspector.
Since the launch of the Secunia Software Inspector it has inspected
over 400,000 detected applications, tagging over 35% of the inspected
applications as insecure!
For IE 6.x users, 4.12% were insecure, which is a good sign; most
people probably are aware of using Windows updates to get new IE
versions.
More than one third of Firefox 1.x users (35.47%) were found to be
running vulnerable versions; while Opera users were safer, with only
13.04% running vulnerable versions of Opera 9.x.
For Adobe Flash 9.x users, over 53% were running insecure versions; a
testament to both the popularity of Flash-based web content, and the
lack of awareness on Flash vulnerabilities.
Be sure to check your own system:
http://secunia.com/software_inspector/
Read more in our blog:
http://secunia.com/blog/4/
========================================================================
2) This Week in Brief:
New Microsoft Word 0-day Vulnerability
A new 0-day vulnerability for Microsoft Word was reported last Sunday,
the second time within a week that MS Word has been beset by reports of
a 0-day. Secunia has also received reports that this vulnerability is
currently being exploited, and advises all customers to avoid opening
Word documents from untrusted sources. This vulnerability remains
unpatched.
Please refer to the Secunia Advisory for further details:
http://secunia.com/advisories/23205/
--
Microsoft Patch Release
Microsoft released their latest security updates last Tuesday, with
solutions for seven vulnerabilities, three of which were tagged as
"critical", and four as "important". All users are encouraged to
download these releases by going to the Windows update site.
To check if you are protected against these vulnerabilities, you can
use the Secunia Software Inspector:
http://secunia.com/software_inspector
For more information, please refer to the following Secunia Advisories:
http://secunia.com/advisories/20807/
http://secunia.com/advisories/22603/
http://secunia.com/advisories/23307/
http://secunia.com/advisories/23308/
http://secunia.com/advisories/23311/
http://secunia.com/advisories/23312/
http://secunia.com/advisories/22971/
--
IE Script Error Handling Memory Corruption Vulnerability
Secunia Research discovered a vulnerability in Microsoft Internet
Explorer, which could allow the execution of arbitrary code. The
vulnerability is due to IE's exception handling of script errors,
and can be exploited to corrupt memory by creating a specially crafted
HTML file that triggers certain errors simultaneously.
This vulnerability was patched in the latest Microsoft security update.
To check if you are protected against this vulnerability, you can use
the Secunia Software Inspector:
http://secunia.com/software_inspector
Please refer to the following Secunia Advisory for more information:
http://secunia.com/advisories/20807/
--
Sophos / Trend Micro RAR Processing DoS Vulnerabilities
Sophos' and Trend Micro's anti-virus engines were both found to have
a vulnerability in their processing of RAR files. When exploited
successfully using a specially crafted RAR archive, the vulnerability
causes the anti-virus scanning engine to enter an infinite loop, thus
consuming almost all CPU resources.
Both Sophos and Trend Micro have released scan engine updates. Users of
these anti-virus software are encouraged to update their scan engine
versions immediately.
Please refer to the Secunia Advisories for further details:
http://secunia.com/advisories/23321/
http://secunia.com/advisories/22591/
--
VIRUS ALERTS:
During the past week Secunia collected 150 virus descriptions from the
Antivirus vendors. However, none were deemed MEDIUM risk or higher
according to the Secunia assessment scale.
========================================================================
3) This Weeks Top Ten Most Read Advisories:
1. [SA23232] Microsoft Word Unspecified Memory Corruption
Vulnerability
2. [SA23205] Microsoft Word Unspecified Code Execution Vulnerability
3. [SA21910] Internet Explorer Multiple Vulnerabilities
4. [SA20807] Internet Explorer Script Error Handling Memory Corruption
Vulnerability
5. [SA22971] Windows Media Player ASX/ASF File Parsing Vulnerabilities
6. [SA22477] Internet Explorer 7 "mhtml:" Redirection Information
Disclosure
7. [SA23254] Linux Kernel "ip_summed" Memory Corruption Vulnerability
8. [SA23285] Net-SNMP "rocommunity" and "rouser" Security Bypass
9. [SA23043] AOL CDDBControl ActiveX Control "SetClientInfo()" Buffer
Overflow
10. [SA23277] MadWifi Buffer Overflow Vulnerability
========================================================================
4) Vulnerabilities Summary Listing
Windows:
[SA23325] Sophos Anti-Virus SIT/CPIO File Processing Vulnerabilities
[SA23292] WAWI Multiple Vulnerabilities
[SA23288] Internet Explorer Multiple Vulnerabilities
[SA23286] Newtone ImageKit ActiveX Control Unspecified Buffer Overflow
[SA23360] CoolPlayer Skin Long Key Buffer Overflow Vulnerability
[SA23354] ml_ipod "readAA()" Buffer Overflow Vulnerability
[SA23323] Golden FTP USER Denial of Service Vulnerability
[SA23311] Outlook Express Address Book Contact Record Vulnerability
[SA23310] KhaledMuratList Database Disclosure Security Issue
[SA23304] HR Assist "vdateUsr.asp" SQL Injection Vulnerabilities
[SA23291] Aspee Ziyaretci Defteri "giris.asp" SQL Injection
Vulnerabilities
[SA23312] Windows Remote Installation Service Writable Path
Vulnerability
[SA23307] Microsoft Windows SNMP Service Buffer Overflow Vulnerability
[SA23365] Crob FTP Server LIST Denial of Service Vulnerability
[SA23348] Avaya S8100 Microsoft Windows File Manifest Privilege
Escalation
[SA23308] Microsoft Windows File Manifest Privilege Escalation
Vulnerability
[SA23363] Novell Client NMAS Login Prompt Format String Weakness
UNIX/Linux:
[SA23382] Debian update for enemies-of-carlotta
[SA23377] Enemies of Carlotta Shell Command Injection
[SA23358] MxBB Portal mx_newssuite Module "mx_root_path" File
Inclusion
[SA23356] MxBB Portal Knowledge Base/mx_kb Module "module_root_path"
File Inclusion
[SA23335] SUSE Update for Multiple Packages
[SA23331] MxBB Portal mx_modsdb Module "module_root_path" File
Inclusion
[SA23329] Trustix update for gnupg and proftpd
[SA23328] Gentoo update for f-prot
[SA23309] Gentoo update for emul-linux-x86-baselibs
[SA23305] dadaIMC "FilesMatch" File Upload Vulnerability
[SA23303] Gentoo update for gnupg
[SA23301] Gentoo update for xine-lib
[SA23299] Debian update for gnupg
[SA23298] MxBB Portal mx_errordocs Module "module_root_path" File
Inclusion
[SA23290] Mandriva update for gnupg
[SA23287] Gentoo update for mozilla-firefox
[SA23284] SUSE update for gnupg
[SA23280] HP-UX update for OpenSSL
[SA23362] Mandriva update for clamav
[SA23355] Gentoo update for libgsf
[SA23353] Mandriva update for evince
[SA23351] Solaris OpenSSL Denial of Service Vulnerabilities
[SA23334] OpenLDAP "krbv4_ldap_auth()" Buffer Overflow Vulnerability
[SA23327] Debian update for clamav
[SA23322] rPath update for squirrelmail
[SA23319] Messageriescripthp SQL Injection and Cross-Site Scripting
[SA23318] AnnonceScriptHP Multiple Vulnerabilities
[SA23314] Gentoo update for tar
[SA23306] rPath update for evince
[SA23297] Gentoo update for mozilla-thunderbird
[SA23294] Gentoo update for libmodplug
[SA23289] The Classified Ad System default.asp Cross-Site Scripting and
SQL Injection
[SA23277] MadWifi Buffer Overflow Vulnerability
[SA23273] Gentoo update for wv
[SA23333] Debian update for l2tpns
[SA23357] Gentoo update for trac
[SA23344] Debian update for ruby-1.6 and ruby-1.8
[SA23285] Net-SNMP "rocommunity" and "rouser" Security Bypass
[SA23359] IBM Tivoli Identity Manager JKS Password Exposure
[SA23330] FAI Exposure of Password Hashes
[SA23317] Sun Solaris ld.so Directory Traversal and Buffer Overflow
[SA23373] D-Bus "match_rule_equal()" Weakness
[SA23371] ProFTPD "mod_ctrls" Privilege Escalation Vulnerability
[SA23300] Mandriva update for kdegraphics
Other:
[SA23340] Avaya PDS HP-UX Secure Shell / OpenSSL Multiple
Vulnerabilities
[SA23336] HP Integrated Lights Out Unspecified Security Bypass
[SA23332] D-LINK DWL-2000AP+ Denial of Service
Cross Platform:
[SA23346] b2evolution "inc_path" File Inclusion Vulnerability
[SA23345] BLOG:CMS "DIR_ADMIN" File Inclusion Vulnerability
[SA23342] PhpLeague "cheminmini" File Inclusion Vulnerabilities
[SA23326] CM68 News "addpath" Remote File Inclusion Vulnerability
[SA23313] KDPics Cross-Site Scripting and File Inclusion
Vulnerabilities
[SA23293] awrate.com Message Board "toroot" File Inclusion
[SA23279] ThinkEdit "template_file" File Inclusion Vulnerability
[SA23276] J-OWAMP Web Interface "link" File Inclusion Vulnerability
[SA23364] Kerio MailServer LDAP Query Denial of Service
[SA23347] Clam AntiVirus Multipart Nestings Denial of Service
[SA23343] Drupal Chatroom Module Session ID Information Disclosure
[SA23321] Trend Micro Products RAR Processing Denial Of Service
[SA23316] Bluetrait "bt-trackback.php" SQL-Injection Vulnerabilities
[SA23315] ProNews Multiple Vulnerabilities
[SA23296] MidiCart Shopping Cart Multiple Vulnerabilities
[SA23275] DUware DUdirectory SQL Injection Vulnerabilities
[SA23368] Symantec Veritas Netbackup Multiple Vulnerabilities
[SA23383] w00t Gallery Multiple Installation Security Bypass
[SA23350] jclarens Unspecified SQL Injection Vulnerabilities
[SA23302] cPanel "account" Cross-Site Scripting Vulnerability
[SA23295] Drupal Help Tip Module Multiple Vulnerabilities
[SA23283] phpBB privmsg.php Cross-Site Request Forgery and Cross-Site
Scripting
[SA23281] Adobe ColdFusion MX Cross-Site Scripting Protection Bypass
[SA23274] ShopSite "prevlocation" Cross-Site Scripting Vulnerability
========================================================================
5) Vulnerabilities Content Listing
Windows:--
[SA23325] Sophos Anti-Virus SIT/CPIO File Processing Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2006-12-13
Two vulnerabilities have been reported in Sophos Anti-Virus, which can
be exploited by malicious people to compromise a user's system.
Full Advisory:
http://secunia.com/advisories/23325/
--
[SA23292] WAWI Multiple Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: Security Bypass, Exposure of sensitive information, DoS,
System access
Released: 2006-12-11
Luigi Auriemma has discovered some vulnerabilities in WAWI, which can
be exploited by malicious users to gain knowledge of sensitive
information, bypass certain security restrictions, or compromise a
vulnerable system, and by malicious people to potentially compromise a
vulnerable system.
Full Advisory:
http://secunia.com/advisories/23292/
--
[SA23288] Internet Explorer Multiple Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: Exposure of system information, Exposure of sensitive
information, System access
Released: 2006-12-12
Some vulnerabilities have been reported in Internet Explorer, which can
be exploited by malicious people to gain knowledge of certain
information or potentially compromise a user's system.
Full Advisory:
http://secunia.com/advisories/23288/
--
[SA23286] Newtone ImageKit ActiveX Control Unspecified Buffer Overflow
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2006-12-08
Will Dormann has reported a vulnerability in Newtone ImageKit, which
potentially can be exploited by malicious people to compromise a user's
system.
Full Advisory:
http://secunia.com/advisories/23286/
--
[SA23360] CoolPlayer Skin Long Key Buffer Overflow Vulnerability
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2006-12-14
Mehdi Oudad and Kevin Fernandez have discovered a vulnerability in
CoolPlayer, which can be exploited by malicious people to compromise a
user's system.
Full Advisory:
http://secunia.com/advisories/23360/
--
[SA23354] ml_ipod "readAA()" Buffer Overflow Vulnerability
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2006-12-13
Luigi Auriemma has reported a vulnerability in ml_ipod, which
potentially can be exploited by malicious people to compromise a user's
system.
Full Advisory:
http://secunia.com/advisories/23354/
--
[SA23323] Golden FTP USER Denial of Service Vulnerability
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2006-12-11
rgod has discovered a vulnerability in Golden FTP, which can be
exploited by malicious people to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/23323/
--
[SA23311] Outlook Express Address Book Contact Record Vulnerability
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2006-12-12
A vulnerability has been reported in Outlook Express, which can be
exploited by malicious people to compromise a user's system.
Full Advisory:
http://secunia.com/advisories/23311/
--
[SA23310] KhaledMuratList Database Disclosure Security Issue
Critical: Moderately critical
Where: From remote
Impact: Exposure of sensitive information
Released: 2006-12-11
BLaSTER has reported a security issue in KhaledMuratList, which can be
exploited by malicious people to disclose potentially sensitive
information.
Full Advisory:
http://secunia.com/advisories/23310/
--
[SA23304] HR Assist "vdateUsr.asp" SQL Injection Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2006-12-11
ajann has reported some vulnerabilities in HR Assist, which can be
exploited by malicious people to conduct SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/23304/
--
[SA23291] Aspee Ziyaretci Defteri "giris.asp" SQL Injection
Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2006-12-08
ShaFuck31 has discovered some vulnerabilities in Aspee Ziyaretci
Defteri, which can be exploited by malicious people to conduct SQL
injection attacks.
Full Advisory:
http://secunia.com/advisories/23291/
--
[SA23312] Windows Remote Installation Service Writable Path
Vulnerability
Critical: Moderately critical
Where: From local network
Impact: System access
Released: 2006-12-12
A vulnerability has been reported in Microsoft Windows, which can be
exploited by malicious people to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/23312/
--
[SA23307] Microsoft Windows SNMP Service Buffer Overflow Vulnerability
Critical: Moderately critical
Where: From local network
Impact: System access
Released: 2006-12-12
A vulnerability has been reported in Microsoft Windows, which can be
exploited by malicious people to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/23307/
--
[SA23365] Crob FTP Server LIST Denial of Service Vulnerability
Critical: Less critical
Where: From remote
Impact: DoS
Released: 2006-12-13
shinnai has discovered a vulnerability in Crob FTP Server, which can be
exploited by malicious users to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/23365/
--
[SA23348] Avaya S8100 Microsoft Windows File Manifest Privilege
Escalation
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2006-12-14
Avaya has acknowledged a vulnerability in S8100, which can be exploited
by malicious, local users to gain escalated privileges.
Full Advisory:
http://secunia.com/advisories/23348/
--
[SA23308] Microsoft Windows File Manifest Privilege Escalation
Vulnerability
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2006-12-12
A vulnerability has been reported in Microsoft Windows, which can be
exploited by malicious, local users to gain escalated privileges.
Full Advisory:
http://secunia.com/advisories/23308/
--
[SA23363] Novell Client NMAS Login Prompt Format String Weakness
Critical: Not critical
Where: Local system
Impact: Exposure of sensitive information, DoS
Released: 2006-12-13
Deral Heiland has reported a weakness in Novell Client, which can be
exploited by malicious, local users to gain knowledge of sensitive
information or cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/23363/
UNIX/Linux:--
[SA23382] Debian update for enemies-of-carlotta
Critical: Highly critical
Where: From remote
Impact: DoS, System access
Released: 2006-12-14
Debian has issued an update for enemies-of-carlotta. This fixes a
vulnerability, which potentially can be exploited by malicious people
to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/23382/
--
[SA23377] Enemies of Carlotta Shell Command Injection
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2006-12-14
Antti-Juhani Kaijanaho has reported a vulnerability in Enemies of
Carlotta, which potentially can be exploited by malicious people to
compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/23377/
--
[SA23358] MxBB Portal mx_newssuite Module "mx_root_path" File
Inclusion
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2006-12-13
Dr Max Virus has discovered a vulnerability in the mx_newssuite module
for MxBB Portal, which can be exploited by malicious people to
compromise vulnerable systems.
Full Advisory:
http://secunia.com/advisories/23358/
--
[SA23356] MxBB Portal Knowledge Base/mx_kb Module "module_root_path"
File Inclusion
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2006-12-13
Dr Max Virus has discovered a vulnerability in the Knowledge Base/mx_kb
module for MxBB Portal, which can be exploited by malicious people to
compromise vulnerable systems.
Full Advisory:
http://secunia.com/advisories/23356/
--
[SA23335] SUSE Update for Multiple Packages
Critical: Highly critical
Where: From remote
Impact: DoS, System access
Released: 2006-12-11
SUSE has issued an update for multiple packages. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service) and compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/23335/
--
[SA23331] MxBB Portal mx_modsdb Module "module_root_path" File
Inclusion
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2006-12-13
Lu7k has discovered a vulnerability in the mx_modsdb module for MxBB
Portal, which can be exploited by malicious people to compromise
vulnerable systems.
Full Advisory:
http://secunia.com/advisories/23331/
--
[SA23329] Trustix update for gnupg and proftpd
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2006-12-11
Trustix has issued an update for gnupg and proftpd. This fixes some
vulnerabilities, which potentially can be exploited by malicious users
and malicious people to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/23329/
--
[SA23328] Gentoo update for f-prot
Critical: Highly critical
Where: From remote
Impact: DoS, System access
Released: 2006-12-13
Gentoo has issued an update for f-prot. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service) and potentially compromise a vulnerable
system.
Full Advisory:
http://secunia.com/advisories/23328/
--
[SA23309] Gentoo update for emul-linux-x86-baselibs
Critical: Highly critical
Where: From remote
Impact: DoS, System access
Released: 2006-12-12
Gentoo has issued an update for emul-linux-x86-baselibs. This fixes
some vulnerabilities, which can be exploited by malicious people to
cause a DoS (Denial of Service) and compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/23309/
--
[SA23305] dadaIMC "FilesMatch" File Upload Vulnerability
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2006-12-12
Hagbard Celine has reported a vulnerability in dadaIMC, which can be
exploited by malicious people to compromise vulnerable systems.
Full Advisory:
http://secunia.com/advisories/23305/
--
[SA23303] Gentoo update for gnupg
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2006-12-11
Gentoo has issued an update for gnupg. This fixes some vulnerabilities,
which can be exploited by malicious people to potentially compromise a
vulnerable system.
Full Advisory:
http://secunia.com/advisories/23303/
--
[SA23301] Gentoo update for xine-lib
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2006-12-11
Gentoo has issued an update for xine-lib. This fixes a vulnerability,
which can be exploited by malicious people to compromise a user's
system.
Full Advisory:
http://secunia.com/advisories/23301/
--
[SA23299] Debian update for gnupg
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2006-12-11
Debian has issued an update for gnupg. This fixes some vulnerabilities,
which potentially can be exploited by malicious people to compromise a
vulnerable system.
Full Advisory:
http://secunia.com/advisories/23299/
--
[SA23298] MxBB Portal mx_errordocs Module "module_root_path" File
Inclusion
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2006-12-12
bd0rk has discovered a vulnerability in the mx_errordocs module for
MxBB Portal, which can be exploited by malicious people to compromise
vulnerable systems.
Full Advisory:
http://secunia.com/advisories/23298/
--
[SA23290] Mandriva update for gnupg
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2006-12-12
Mandriva has issued an update for gnupg. This fixes a vulnerability,
which can be exploited by malicious people to compromise a vulnerable
system.
Full Advisory:
http://secunia.com/advisories/23290/
--
[SA23287] Gentoo update for mozilla-firefox
Critical: Highly critical
Where: From remote
Impact: Security Bypass, Cross Site Scripting, DoS, System access
Released: 2006-12-11
Gentoo has issued an update for mozilla-firefox. This fixes some
vulnerabilities, which can be exploited by malicious people to bypass
certain security restrictions, conduct cross-site scripting attacks,
and potentially compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/23287/
--
[SA23284] SUSE update for gnupg
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2006-12-13
SUSE has issued an update for gnupg. This fixes some vulnerabilities,
which can be exploited by malicious people to compromise a vulnerable
system.
Full Advisory:
http://secunia.com/advisories/23284/
--
[SA23280] HP-UX update for OpenSSL
Critical: Highly critical
Where: From remote
Impact: Security Bypass, DoS, System access
Released: 2006-12-13
HP has issued an update for OpenSSL. This fixes some vulnerabilities,
which can be exploited by malicious people to bypass certain security
restrictions, cause a DoS (Denial of Service), or to compromise a
vulnerable system.
Full Advisory:
http://secunia.com/advisories/23280/
--
[SA23362] Mandriva update for clamav
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2006-12-14
Mandriva has issued an update for clamav. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/23362/
--
[SA23355] Gentoo update for libgsf
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2006-12-13
Gentoo has issued an update for libgsf. This fixes a vulnerability,
which can be exploited by malicious people to compromise an application
using the library.
Full Advisory:
http://secunia.com/advisories/23355/
--
[SA23353] Mandriva update for evince
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2006-12-14
Mandriva has issued an update for evince. This fixes a vulnerability,
which can be exploited by malicious people to compromise a user's
system.
Full Advisory:
http://secunia.com/advisories/23353/
--
[SA23351] Solaris OpenSSL Denial of Service Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2006-12-13
Sun acknowledged some vulnerabilities in Solaris, which can be
exploited by malicious people to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/23351/
--
[SA23334] OpenLDAP "krbv4_ldap_auth()" Buffer Overflow Vulnerability
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2006-12-13
Solar Eclipse has reported a vulnerability in OpenLDAP, which can be
exploited by malicious people to potentially compromise a vulnerable
system.
Full Advisory:
http://secunia.com/advisories/23334/
--
[SA23327] Debian update for clamav
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2006-12-13
Debian has issued an update for clamav. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).
Full Advisory:
http://secunia.com/advisories/23327/
--
[SA23322] rPath update for squirrelmail
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting
Released: 2006-12-13
rPath has issued an update for squirrelmail. This fixes some
vulnerabilities, which can be exploited by malicious people to conduct
cross-site scripting and script insertion attacks.
Full Advisory:
http://secunia.com/advisories/23322/
--
[SA23319] Messageriescripthp SQL Injection and Cross-Site Scripting
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting, Manipulation of data
Released: 2006-12-11
Mr_KaLiMaN has discovered a vulnerability in Messageriescripthp, which
can be exploited by malicious users to conduct SQL injection attacks
and malicious people to conduct cross-site scripting attacks.
Full Advisory:
http://secunia.com/advisories/23319/
--
[SA23318] AnnonceScriptHP Multiple Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting, Manipulation of data, Exposure of
sensitive information
Released: 2006-12-12
Mr_KaLiMaN has discovered several vulnerabilities in AnnonceScriptHP,
which can be exploited by malicious people to disclose sensitive data,
conduct SQL injection and conduct cross-site scripting attacks.
Full Advisory:
http://secunia.com/advisories/23318/
--
[SA23314] Gentoo update for tar
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2006-12-12
Gentoo has issued an update for tar. This fixes a security issue, which
can be exploited by malicious people to overwrite arbitrary files.
Full Advisory:
http://secunia.com/advisories/23314/
--
[SA23306] rPath update for evince
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2006-12-13
rPath has issued an update for evince. This fixes a vulnerability,
which can be exploited by malicious people to compromise a user's
system.
Full Advisory:
http://secunia.com/advisories/23306/
--
[SA23297] Gentoo update for mozilla-thunderbird
Critical: Moderately critical
Where: From remote
Impact: Security Bypass, Cross Site Scripting, DoS, System access
Released: 2006-12-11
Gentoo has issued an update for mozilla-thunderbird. This fixes some
vulnerabilities, which can be exploited by malicious people to bypass
certain security restrictions, conduct cross-site scripting attacks,
and potentially compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/23297/
--
[SA23294] Gentoo update for libmodplug
Critical: Moderately critical
Where: From remote
Impact: DoS, System access
Released: 2006-12-11
Gentoo has issued an update for libmodplug. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service) or potentially compromise an application using
the library.
Full Advisory:
http://secunia.com/advisories/23294/
--
[SA23289] The Classified Ad System default.asp Cross-Site Scripting and
SQL Injection
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting, Manipulation of data
Released: 2006-12-08
Laurent Gaffi and Benjamin Moss have reported some vulnerabilities in
The Classifieds Ad System, which can be exploited by malicious people
conduct SQL injection and cross-site scripting vulnerabilities.
Full Advisory:
http://secunia.com/advisories/23289/
--
[SA23277] MadWifi Buffer Overflow Vulnerability
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2006-12-08
Laurent Butti, Jerome Raznieski, and Julien Tinnes have reported a
vulnerability in MadWifi, which can be exploited by malicious people to
compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/23277/
--
[SA23273] Gentoo update for wv
Critical: Moderately critical
Where: From remote
Impact: DoS, System access
Released: 2006-12-08
Gentoo has issued an update for wv. This fixes some vulnerabilities,
which can be exploited by malicious people to cause a DoS (Denial of
Service) and potentially compromise an application using the library.
Full Advisory:
http://secunia.com/advisories/23273/
--
[SA23333] Debian update for l2tpns
Critical: Moderately critical
Where: From local network
Impact: System access
Released: 2006-12-11
Debian has issued an update for l2tpns. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
vulnerable system.
Full Advisory:
http://secunia.com/advisories/23333/
--
[SA23357] Gentoo update for trac
Critical: Less critical
Where: From remote
Impact: Hijacking
Released: 2006-12-13
Gentoo has issued an update for trac. This fixes a vulnerability, which
can be exploited by malicious people to conduct cross-site request
forgery attacks.
Full Advisory:
http://secunia.com/advisories/23357/
--
[SA23344] Debian update for ruby-1.6 and ruby-1.8
Critical: Less critical
Where: From remote
Impact: DoS
Released: 2006-12-13
Debian has issued an update for ruby-1.6 and ruby-1.8. This fixes a
vulnerability, which can be exploited by malicious people to cause a
DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/23344/
--
[SA23285] Net-SNMP "rocommunity" and "rouser" Security Bypass
Critical: Less critical
Where: From local network
Impact: Security Bypass
Released: 2006-12-08
Robert Story has reported a vulnerability in Net-SNMP, which can be
exploited by malicious users to bypass certain security restrictions.
Full Advisory:
http://secunia.com/advisories/23285/
--
[SA23359] IBM Tivoli Identity Manager JKS Password Exposure
Critical: Less critical
Where: Local system
Impact: Exposure of sensitive information
Released: 2006-12-13
A security issue has been reported in IBM Tivoli Identity Manager,
which can be exploited by malicious, local users to disclose sensitive
information.
Full Advisory:
http://secunia.com/advisories/23359/
--
[SA23330] FAI Exposure of Password Hashes
Critical: Less critical
Where: Local system
Impact: Exposure of sensitive information
Released: 2006-12-13
Justin R. Beckley has reported a security issue in fai-client, which
can be exploited by malicious, local users to view administrator
password hashes.
Full Advisory:
http://secunia.com/advisories/23330/
--
[SA23317] Sun Solaris ld.so Directory Traversal and Buffer Overflow
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2006-12-13
A vulnerability and a security issue have been reported in Sun Solaris,
which can be exploited by malicious, local users to disclose sensitive
information or potentially gain escalated privileges.
Full Advisory:
http://secunia.com/advisories/23317/
--
[SA23373] D-Bus "match_rule_equal()" Weakness
Critical: Not critical
Where: From remote
Impact: DoS
Released: 2006-12-14
Kimmo Hmlinen has reported a weakness in D-Bus, which can be
exploited by malicious, local users to cause a DoS (Denial of
Service).
Full Advisory:
http://secunia.com/advisories/23373/
--
[SA23371] ProFTPD "mod_ctrls" Privilege Escalation Vulnerability
Critical: Not critical
Where: From remote
Impact: Privilege escalation
Released: 2006-12-14
Alfredo Ortega has reported a vulnerability in the mod_ctrls module for
ProFTPD, which can be exploited by malicious, local users to gain
escalated privileges.
Full Advisory:
http://secunia.com/advisories/23371/
--
[SA23300] Mandriva update for kdegraphics
Critical: Not critical
Where: From remote
Impact: DoS
Released: 2006-12-12
Mandriva has issued an update for kdegraphics. This fixes a weakness,
which can be exploited by malicious people to cause a DoS (Denial of
Service).
Full Advisory:
http://secunia.com/advisories/23300/
Other:--
[SA23340] Avaya PDS HP-UX Secure Shell / OpenSSL Multiple
Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: Security Bypass, Privilege escalation, DoS, System access
Released: 2006-12-13
Avaya has acknowledged some vulnerabilities in Avaya Predictive Dialing
System (PDS), which can be exploited by malicious people to bypass
certain security restrictions, cause a DoS (Denial of Service) or to
compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/23340/
--
[SA23336] HP Integrated Lights Out Unspecified Security Bypass
Critical: Less critical
Where: From local network
Impact: Security Bypass
Released: 2006-12-13
A vulnerability has been reported in HP Integrated Lights Out (iLO),
which can be exploited by malicious people to bypass certain security
restrictions.
Full Advisory:
http://secunia.com/advisories/23336/
--
[SA23332] D-LINK DWL-2000AP+ Denial of Service
Critical: Less critical
Where: From local network
Impact: DoS
Released: 2006-12-12
poplix has reported a vulnerability in D-LINK DWL-2000AP+, which can be
exploited by malicious people to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/23332/
Cross Platform:--
[SA23346] b2evolution "inc_path" File Inclusion Vulnerability
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2006-12-11
tarkus has discovered a vulnerability in b2evolution, which can be
exploited by malicious people to compromise vulnerable systems.
Full Advisory:
http://secunia.com/advisories/23346/
--
[SA23345] BLOG:CMS "DIR_ADMIN" File Inclusion Vulnerability
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2006-12-13
HACKERS PAL has discovered a vulnerability in BLOG:CMS, which can be
exploited by malicious people to compromise vulnerable systems.
Full Advisory:
http://secunia.com/advisories/23345/
--
[SA23342] PhpLeague "cheminmini" File Inclusion Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2006-12-11
ajann and double0 have discovered two vulnerabilities in PhpLeague,
which can be exploited by malicious people to compromise vulnerable
systems.
Full Advisory:
http://secunia.com/advisories/23342/
--
[SA23326] CM68 News "addpath" Remote File Inclusion Vulnerability
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2006-12-11
Paul Bakoyiannis has reported a vulnerability in CM68 News, which can
be exploited by malicious people to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/23326/
--
[SA23313] KDPics Cross-Site Scripting and File Inclusion
Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: Cross Site Scripting, System access
Released: 2006-12-11
Mr_KaLiMaN has discovered some vulnerabilities in KDPics, which can be
exploited by malicious people to conduct cross-site scripting attacks
or compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/23313/
--
[SA23293] awrate.com Message Board "toroot" File Inclusion
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2006-12-08
DeltahackingTEAM has reported a vulnerability in awrate.com Message
Board, which can be exploited by malicious people to compromise a
vulnerable system.
Full Advisory:
http://secunia.com/advisories/23293/
--
[SA23279] ThinkEdit "template_file" File Inclusion Vulnerability
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2006-12-08
r0ut3r has discovered a vulnerability in ThinkEdit, which can be
exploited by malicious people to compromise vulnerable systems.
Full Advisory:
http://secunia.com/advisories/23279/
--
[SA23276] J-OWAMP Web Interface "link" File Inclusion Vulnerability
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2006-12-08
Dr Max Virus has discovered a vulnerability in J-OWAMP Web Interface,
which can be exploited by malicious people to compromise vulnerable
systems.
Full Advisory:
http://secunia.com/advisories/23276/
--
[SA23364] Kerio MailServer LDAP Query Denial of Service
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2006-12-13
A vulnerability has been reported in Kerio MailServer, which can be
exploited by malicious people to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/23364/
--
[SA23347] Clam AntiVirus Multipart Nestings Denial of Service
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2006-12-12
Hendrik Weimer has reported a vulnerability in Clam AntiVirus, which
can be exploited by malicious people to cause a DoS (Denial of
Service).
Full Advisory:
http://secunia.com/advisories/23347/
--
[SA23343] Drupal Chatroom Module Session ID Information Disclosure
Critical: Moderately critical
Where: From remote
Impact: Hijacking, Exposure of sensitive information
Released: 2006-12-11
A vulnerability has been reported in the Chatroom Module for Drupal,
which can be exploited by malicious people to hijack user sessions.
Full Advisory:
http://secunia.com/advisories/23343/
--
[SA23321] Trend Micro Products RAR Processing Denial Of Service
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2006-12-11
A vulnerability has been reported in various Trend Micro products,
which can be exploited by malicious people to cause a DoS (Denial of
Service).
Full Advisory:
http://secunia.com/advisories/23321/
--
[SA23316] Bluetrait "bt-trackback.php" SQL-Injection Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2006-12-12
Some vulnerabilities have been reported in Bluetrait, which can be
exploited by malicious people to conduct SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/23316/
--
[SA23315] ProNews Multiple Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Security Bypass, Cross Site Scripting, Manipulation of
data
Released: 2006-12-12
Some vulnerabilities have been reported in ProNews, which can be
exploited by malicious people to bypass security restrictions, conduct
SQL injection attacks, and conduct cross-site scripting attacks.
Full Advisory:
http://secunia.com/advisories/23315/
--
[SA23296] MidiCart Shopping Cart Multiple Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: System access, Manipulation of data
Released: 2006-12-12
iFX has reported some vulnerabilities in MidiCart Shopping Cart, which
can be exploited by malicious users to compromise a vulnerable system
and by malicious people to manipulate orders.
Full Advisory:
http://secunia.com/advisories/23296/
--
[SA23275] DUware DUdirectory SQL Injection Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2006-12-08
Meftun has reported some vulnerabilities in DUware DUdirectory, which
can be exploited by malicious people to conduct SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/23275/
--
[SA23368] Symantec Veritas Netbackup Multiple Vulnerabilities
Critical: Moderately critical
Where: From local network
Impact: System access
Released: 2006-12-14
Some vulnerabilities have been reported in Symantec Veritas Netbackup,
which can be exploited by malicious people to compromise a vulnerable
system.
Full Advisory:
http://secunia.com/advisories/23368/
--
[SA23383] w00t Gallery Multiple Installation Security Bypass
Critical: Less critical
Where: From remote
Impact: Security Bypass
Released: 2006-12-14
A vulnerability has been discovered in w00t Gallery, which can be
exploited by malicious people to bypass certain security restrictions.
Full Advisory:
http://secunia.com/advisories/23383/
--
[SA23350] jclarens Unspecified SQL Injection Vulnerabilities
Critical: Less critical
Where: From remote
Impact: Manipulation of data
Released: 2006-12-14
Some vulnerabilities have been reported in jclarens, which can be
exploited by malicious users to conduct SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/23350/
--
[SA23302] cPanel "account" Cross-Site Scripting Vulnerability
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2006-12-11
Aria-Security Team has reported a vulnerability in cPanel, which can be
exploited by malicious people to conduct cross-site scripting attacks.
Full Advisory:
http://secunia.com/advisories/23302/
--
[SA23295] Drupal Help Tip Module Multiple Vulnerabilities
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting, Manipulation of data
Released: 2006-12-11
Some vulnerabilities have been reported in the Help Tip module for
Drupal, which can be exploited by malicious users to conduct SQL
injection attacks and by malicious people to conduct cross-site
scripting attacks.
Full Advisory:
http://secunia.com/advisories/23295/
--
[SA23283] phpBB privmsg.php Cross-Site Request Forgery and Cross-Site
Scripting
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2006-12-08
Some vulnerabilities have been discovered in phpBB, which can be
exploited by malicious people to conduct cross-site request forgery
attacks and cross-site scripting attacks.
Full Advisory:
http://secunia.com/advisories/23283/
--
[SA23281] Adobe ColdFusion MX Cross-Site Scripting Protection Bypass
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting, Exposure of system information
Released: 2006-12-12
Brett Moore has reported a vulnerability in Adobe ColdFusion MX, which
can be exploited by malicious people to conduct cross-site scripting
attacks.
Full Advisory:
http://secunia.com/advisories/23281/
--
[SA23274] ShopSite "prevlocation" Cross-Site Scripting Vulnerability
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2006-12-13
DoZ has reported a vulnerability in ShopSite, which can be exploited by
malicious people to conduct cross-site scripting attacks.
Full Advisory:
http://secunia.com/advisories/23274/
========================================================================
Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Subscribe:
http://secunia.com/secunia_weekly_summary/
Contact details:
Web : http://secunia.com/
E-mail : support@secunia.com
Tel : +45 70 20 51 44
Fax : +45 70 20 51 45
========================================================================
|
