AOH :: ISN-1125.HTM

Secunia Weekly Summary - Issue: 2005-27




Secunia Weekly Summary - Issue: 2005-27
Secunia Weekly Summary - Issue: 2005-27



=======================================================================
                  The Secunia Weekly Advisory Summary                  
                        2005-06-30 - 2005-07-07                        

                      This week : 101 advisories                       

=======================================================================Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing

=======================================================================1) Word From Secunia:

The Secunia staff is spending hours every day to assure you the best
and most reliable source for vulnerability information. Every single 
vulnerability report is being validated and verified before a Secunia
advisory is written.

Secunia validates and verifies vulnerability reports in many different
ways e.g. by downloading the software and performing comprehensive
tests, by reviewing source code, or by validating the credibility of
the source from which the vulnerability report was issued.

As a result, Secunia's database is the most correct and complete source
for recent vulnerability information available on the Internet.

Secunia Online Vulnerability Database:
http://secunia.com/ 

=======================================================================2) This Week in Brief:

An exploit has been published for the "javaprxy.dll" Memory Corruption
vulnerability in Internet Explorer. This qualified the advisory for an
Extremely Critical rating.

Currently no patch is available from the vendor, however, the vendor 
has suggested various workarounds, see the Secunia Advisory for
details.

Reference:
http://secunia.com/SA15891 

A highly critical vulnerabiltiy has been discovered by iDEFENSE in the 
popular Adobe Acrobat Reader for Unix, allowing malicious people to
compromise a users system if they open a maliciously crafted PDF
document.

Reference:
http://secunia.com/SA15934 

VIRUS ALERTS:

Secunia has not issued any virus alerts during the week.

=======================================================================3) This Weeks Top Ten Most Read Advisories:

1.  [SA15891] Internet Explorer "javaprxy.dll" Memory Corruption
              Vulnerability
2.  [SA15852] XML-RPC for PHP PHP Code Execution Vulnerability
3.  [SA15489] Mozilla / Firefox / Camino Dialog Origin Spoofing
              Vulnerability
4.  [SA15491] Microsoft Internet Explorer Dialog Origin Spoofing
              Vulnerability
5.  [SA15845] phpBB "highlight" PHP Code Execution Vulnerability
6.  [SA15934] Adobe Acrobat Reader UnixAppOpenFilePerform Buffer
              Overflow Vulnerability
7.  [SA15806] RealOne / RealPlayer / Helix Player / Rhapsody Multiple
              Vulnerabilities
8.  [SA12758] Microsoft Word Document Parsing Buffer Overflow
              Vulnerabilities
9.  [SA15601] Mozilla / Mozilla Firefox Frame Injection Vulnerability
10. [SA15904] BLOG:CMS XML-RPC PHP Code Execution Vulnerability

=======================================================================4) Vulnerabilities Summary Listing

Windows:
[SA15891] Internet Explorer "javaprxy.dll" Memory Corruption
Vulnerability
[SA15940] Documentum eRoom File Sharing Vulnerability
[SA15961] McAfee IntruShield Security Management System Multiple
Vulnerabilities
[SA15933] Peer-to-Peer Chat and File Sharing Application (PrivaShare)
Denial of Service
[SA15932] Access Remote PC User Credentials Disclosure
[SA15894] SSH Tectia Server Insecure Private Key Permissions
[SA15885] Prevx Pro 2005 Intrusion Prevention Feature Bypass
[SA15863] Hitachi Multiple Hibun Products Security Restriction Bypass

UNIX/Linux:
[SA15974] Ubuntu update for zlib
[SA15972] Red Hat update for zlib
[SA15969] Gentoo update for zlib
[SA15968] SUSE update for zlib
[SA15966] Mandriva update for zlib
[SA15964] Debian update for zlib
[SA15959] FreeBSD update for zlib
[SA15947] MailWatch for MailScanner XML-RPC PHP Code Execution
[SA15946] Gentoo update for tikiwiki
[SA15945] Fedora update for php
[SA15934] Adobe Acrobat Reader UnixAppOpenFilePerform Buffer Overflow
Vulnerability
[SA15931] Conectiva update for cacti
[SA15929] Gentoo update for realplayer
[SA15923] Fedora update for zlib
[SA15920] Trustix update for multiple packages
[SA15917] phpGroupWare XML-RPC PHP Code Execution Vulnerability
[SA15916] eGroupWare XML-RPC PHP Code Execution Vulnerability
[SA15915] Ubuntu update for libapache2-mod-php4/php4-pear
[SA15909] UnixWare update for mozilla
[SA15905] Gentoo phpBB "highlight" PHP Code Execution Vulnerability
[SA15897] Gentoo update for PEAR XML_RPC
[SA15888] Mandriva update for php-pear
[SA15880] Community Link Pro "file" Shell Command Injection
Vulnerability
[SA15973] Debian update for trac
[SA15898] Gentoo update for wordpress
[SA15887] Mandriva update for kernel
[SA15886] Mandriva update for kernel-2.4
[SA15875] Fedora update for binutils
[SA15856] Ubuntu update for ruby
[SA15965] SUSE update for heimdal
[SA15858] Gentoo update for heimdal
[SA15948] Debian update for bzip2
[SA15939] Conectiva update for bzip2
[SA15938] Conectiva update for clamav
[SA15937] Conectiva update for gzip
[SA15921] Debian update for razor
[SA15919] Debian update for clamav
[SA15901] Courier Mail Server Memory Corruption Vulnerability
[SA15896] Debian update for spamassassin
[SA15871] FreeBSD ipfw Packet Matching Security Issue
[SA15869] FreeBSD update for bzip2
[SA15867] FreeBSD TCP Stack Implementation Vulnerabilities
[SA15860] SUSE update for clamav
[SA15859] Clam AntiVirus Two File Handling Denial of Service
Vulnerabilities
[SA15930] Net-snmp Stream-based Protocol Denial of Service
[SA15906] OpenLDAP / pam_ldap / nss_ldap Password Disclosure Security
Issue
[SA15963] GNATS Arbitrary File Overwrite Security Issue
[SA15955] Debian "apt-setup" Insecure File Permission Security Issue
[SA15935] Conectiva update for sudo
[SA15913] Centericq Insecure Temporary File Creation
[SA15912] Kpopper Insecure Temporary File Creation
[SA15899] log4sh Insecure Temporary File Creation
[SA15890] Debian update for sudo
[SA15889] ekg Insecure Temporary File Creation
[SA15882] Debian update for crip
[SA15881] Red Hat update for sudo
[SA15878] crip Insecure Temporary File Creation
[SA15877] Avaya CMS/IR lpadmin Arbitrary File Overwrite Vulnerability
[SA15943] Debian update for gaim
[SA15874] NetBSD Audio Drivers ioctl Denial of Service Vulnerability

Other:
[SA15970] Xerox WorkCentre Pro Multiple Vulnerabilities
[SA15876] Avaya Products TCP Timestamp Denial of Service

Cross Platform:
[SA15952] Jinzora "include_path" File Inclusion Vulnerability
[SA15949] zlib "inftrees.c" Buffer Overflow Vulnerability
[SA15944] TikiWiki XML-RPC PHP Code Execution Vulnerability
[SA15927] Mark Kronsbein MyGuestbook "lang" File Inclusion
Vulnerability
[SA15922] Jaws "path" File Inclusion and XML-RPC PHP Code Execution
[SA15910] nabopoll "path" File Inclusion Vulnerability
[SA15908] Cacti "no_http_headers" Security Bypass and Shell Command
Injection
[SA15904] BLOG:CMS XML-RPC PHP Code Execution Vulnerability
[SA15903] PhpWiki XML-RPC PHP Code Execution Vulnerability
[SA15895] Nucleus XML-RPC PHP Code Execution Vulnerability
[SA15893] EasyPHPCalendar "serverPath" File Inclusion Vulnerability
[SA15884] phpPgAds XML-RPC PHP Code Execution Vulnerability
[SA15883] phpAdsNew XML-RPC PHP Code Execution Vulnerability
[SA15873] Pavsta Auto Site "sitepath" File Inclusion Vulnerability
[SA15872] Drupal PHP Code Execution Vulnerabilities
[SA15862] Serendipity XML-RPC Unspecified PHP Code Execution
Vulnerability
[SA15861] PEAR XML_RPC PHP Code Execution Vulnerability
[SA15951] PHPXmail Authentication Bypass Vulnerability
[SA15942] QuickBlogger Comment Script Insertion Vulnerability
[SA15941] phpPgAdmin "formLanguage" Local File Inclusion Vulnerability
[SA15926] Covide Groupware-CRM User ID SQL Injection Vulnerability
[SA15918]  osTicket "t" SQL Injection Vulnerability
[SA15914] Geeklog Unspecified SQL Injection Vulnerability
[SA15911]  PHPNews "prevnext" SQL Injection Vulnerability
[SA15902] Plague News System SQL Injection and Security Bypass
Vulnerabilities
[SA15900] Quick & Dirty PHPSource Printer Directory Traversal
Vulnerability
[SA15865] Comdev eCommerce Review Script Insertion Vulnerability
[SA15864] Comdev News Publisher Cross-Site Scripting and PHP Code
Execution
[SA15950] MediaWiki Move Template Cross-Site Scripting Vulnerability
[SA15928] AutoIndex PHP Script "search" Cross-Site Scripting
Vulnerability
[SA15868] Soldier of Fortune II Ignore Command Denial of Service

=======================================================================5) Vulnerabilities Content Listing

Windows:--

[SA15891] Internet Explorer "javaprxy.dll" Memory Corruption
Vulnerability

Critical:    Extremely critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-07-01

SEC Consult has discovered a vulnerability in Microsoft Internet
Explorer, which can be exploited by malicious people to compromise a
user's system.

Full Advisory:
http://secunia.com/advisories/15891/ 

 --

[SA15940] Documentum eRoom File Sharing Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, System access
Released:    2005-07-07

c0ntex has reported a vulnerability in Documentum eRoom, which can be
exploited by malicious users to conduct script insertion attacks and
compromise a user's system.

Full Advisory:
http://secunia.com/advisories/15940/ 

 --

[SA15961] McAfee IntruShield Security Management System Multiple
Vulnerabilities

Critical:    Moderately critical
Where:       From local network
Impact:      Security Bypass, Cross Site Scripting, Manipulation of
data
Released:    2005-07-07

Several vulnerabilities have been reported in McAfee Intrushield IPS
Management Console, which can be exploited by malicious users to
conduct cross-site scripting attacks, bypass security restrictions, and
gain escalated privileges in the web application.

Full Advisory:
http://secunia.com/advisories/15961/ 

 --

[SA15933] Peer-to-Peer Chat and File Sharing Application (PrivaShare)
Denial of Service

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2005-07-07

basher13 has discovered a vulnerability in PrivaShare, which can be
exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/15933/ 

 --

[SA15932] Access Remote PC User Credentials Disclosure

Critical:    Less critical
Where:       Local system
Impact:      Exposure of sensitive information
Released:    2005-07-06

Kozan has discovered a security issue in Access Remote PC, which can be
exploited by malicious, local users to gain knowledge of sensitive
information.

Full Advisory:
http://secunia.com/advisories/15932/ 

 --

[SA15894] SSH Tectia Server Insecure Private Key Permissions

Critical:    Less critical
Where:       Local system
Impact:      Exposure of sensitive information
Released:    2005-07-01

A security issue has been reported in SSH Tectia Server and SSH Secure
Shell for Windows Servers, which can be exploited by malicious, local
users to gain knowledge of sensitive information.

Full Advisory:
http://secunia.com/advisories/15894/ 

 --

[SA15885] Prevx Pro 2005 Intrusion Prevention Feature Bypass

Critical:    Less critical
Where:       Local system
Impact:      Security Bypass
Released:    2005-07-01

Tri Huynh has discovered two vulnerabilities in Prevx Pro 2005, which
can be exploit to bypass security features provided by the product.

Full Advisory:
http://secunia.com/advisories/15885/ 

 --

[SA15863] Hitachi Multiple Hibun Products Security Restriction Bypass

Critical:    Less critical
Where:       Local system
Impact:      Security Bypass
Released:    2005-06-30

Two security issues have been reported in various Hitachi Hibun
products, which can be exploit by malicious, local users to bypass
certain security restrictions.

Full Advisory:
http://secunia.com/advisories/15863/ 


UNIX/Linux:--

[SA15974] Ubuntu update for zlib

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-07-07

Ubuntu has issued an update for zlib. This fixes a vulnerability, which
can be exploited by malicious people to conduct a DoS (Denial of
Service) against a vulnerable application, or potentially to execute
arbitrary code.

Full Advisory:
http://secunia.com/advisories/15974/ 

 --

[SA15972] Red Hat update for zlib

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-07-07

Red Hat has issued an update for zlib. This fixes a vulnerability,
which can be exploited by malicious people to conduct a DoS (Denial of
Service) against a vulnerable application, or potentially to execute
arbitrary code.

Full Advisory:
http://secunia.com/advisories/15972/ 

 --

[SA15969] Gentoo update for zlib

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-07-07

Gentoo has issued an update for zlib. This fixes a vulnerability, which
can be exploited by malicious people to conduct a DoS (Denial of
Service) against a vulnerable application, or potentially to execute
arbitrary code.

Full Advisory:
http://secunia.com/advisories/15969/ 

 --

[SA15968] SUSE update for zlib

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-07-07

SUSE has issued an update for zlib. This fixes a vulnerability, which
can be exploited by malicious people to conduct a DoS (Denial of
Service) against a vulnerable application, or potentially to execute
arbitrary code.

Full Advisory:
http://secunia.com/advisories/15968/ 

 --

[SA15966] Mandriva update for zlib

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-07-07

Mandriva has issued an update for zlib. This fixes a vulnerability,
which can be exploited by malicious people to conduct a DoS (Denial of
Service) against a vulnerable application, or potentially to execute
arbitrary code.

Full Advisory:
http://secunia.com/advisories/15966/ 

 --

[SA15964] Debian update for zlib

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-07-07

Debian has issued an update for zlib. This fixes a vulnerability, which
can be exploited by malicious people to conduct a DoS (Denial of
Service) against a vulnerable application, or potentially to execute
arbitrary code.

Full Advisory:
http://secunia.com/advisories/15964/ 

 --

[SA15959] FreeBSD update for zlib

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-07-07

FreeBSD has issued an update for zlib. This fixes a vulnerability,
which can be exploited by malicious people to conduct a DoS (Denial of
Service) against a vulnerable application, or potentially to execute
arbitrary code.

Full Advisory:
http://secunia.com/advisories/15959/ 

 --

[SA15947] MailWatch for MailScanner XML-RPC PHP Code Execution

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-07-07

A vulnerability has been reported in MailWatch for MailScanner, which
can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/15947/ 

 --

[SA15946] Gentoo update for tikiwiki

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-07-07

Gentoo has issued an update for tikiwiki. This fixes a vulnerability,
which can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/15946/ 

 --

[SA15945] Fedora update for php

Critical:    Highly critical
Where:       From remote
Impact:      Privilege escalation, System access
Released:    2005-07-06

Fedora has issued an update for php. This fixes two vulnerabilities,
which potentially can be exploited by malicious, local users to perform
certain actions on a vulnerable system with escalated privileges and by
malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/15945/ 

 --

[SA15934] Adobe Acrobat Reader UnixAppOpenFilePerform Buffer Overflow
Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-07-06

A vulnerability has been reported in Adobe Acrobat Reader, which
potentially can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/15934/ 

 --

[SA15931] Conectiva update for cacti

Critical:    Highly critical
Where:       From remote
Impact:      Manipulation of data, System access
Released:    2005-07-07

Conectiva has issued an update for cacti. This fixes some
vulnerabilities, which can be exploited by malicious people to conduct
SQL injection attacks or compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/15931/ 

 --

[SA15929] Gentoo update for realplayer

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-07-06

Gentoo has issued an update for realplayer. This fixes a vulnerability,
which can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/15929/ 

 --

[SA15923] Fedora update for zlib

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-07-07

Fedora has issued an update for zlib. This fixes a vulnerability, which
can be exploited by malicious people to conduct a DoS (Denial of
Service) against a vulnerable application, or potentially to execute
arbitrary code.

Full Advisory:
http://secunia.com/advisories/15923/ 

 --

[SA15920] Trustix update for multiple packages

Critical:    Highly critical
Where:       From remote
Impact:      Manipulation of data, Exposure of sensitive information,
DoS, System access
Released:    2005-07-04

Trustix has issued various updated packages. These fix some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service), to overwrite arbitrary files, to compromise a
vulnerable system, or by malicious users to gain knowledge of sensitive
information.

Full Advisory:
http://secunia.com/advisories/15920/ 

 --

[SA15917] phpGroupWare XML-RPC PHP Code Execution Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-07-04

A vulnerability has been reported in phpGroupWare, which can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/15917/ 

 --

[SA15916] eGroupWare XML-RPC PHP Code Execution Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-07-04

A vulnerability has been reported in eGroupWare, which can be exploited
by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/15916/ 

 --

[SA15915] Ubuntu update for libapache2-mod-php4/php4-pear

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-07-05

Ubuntu has issued updates for libapache2-mod-php4 and php4-pear. These
fix a vulnerability, which can be exploited by malicious people to
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/15915/ 

 --

[SA15909] UnixWare update for mozilla

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, Exposure of system
information, Exposure of sensitive information, System access
Released:    2005-07-04

SCO has issued an update for mozilla. This fixes some vulnerabilities,
which can be exploited by malicious people to gain knowledge of
potentially sensitive information, conduct cross-site scripting
attacks, bypass certain security restrictions, and compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/15909/ 

 --

[SA15905] Gentoo phpBB "highlight" PHP Code Execution Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-07-05

Gentoo has acknowledged a vulnerability in phpBB, which can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/15905/ 

 --

[SA15897] Gentoo update for PEAR XML_RPC

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-07-04

Gentoo has issued an update for PEAR XML_RPC. This fixes a
vulnerability, which can be exploited by malicious people to compromise
a vulnerable system.

Full Advisory:
http://secunia.com/advisories/15897/ 

 --

[SA15888] Mandriva update for php-pear

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-07-01

Mandriva has issued an update for php-pear. This fixes a vulnerability,
which can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/15888/ 

 --

[SA15880] Community Link Pro "file" Shell Command Injection
Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-06-30

spher3 and mozako have reported a vulnerability in Community Link Pro,
which can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/15880/ 

 --

[SA15973] Debian update for trac

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data, Exposure of sensitive information,
System access
Released:    2005-07-07

Debian has issued an update for trac. This fixes a vulnerability, which
can be exploited by malicious users to disclose sensitive information
and potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/15973/ 

 --

[SA15898] Gentoo update for wordpress

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data, Exposure of
system information, System access
Released:    2005-07-05

Gentoo has issued an update for wordpress. This fixes some
vulnerabilities, which can be exploited by malicious people to
manipulate mail messages, conduct cross-site scripting and SQL
injection attacks, and by malicious users to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/15898/ 

 --

[SA15887] Mandriva update for kernel

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of sensitive information, Privilege escalation,
DoS
Released:    2005-07-01

Mandriva has issued an update for kernel. This fixes some
vulnerabilities, which can be exploited by malicious, local users to
gain knowledge of potentially sensitive information, cause a DoS
(Denial of Service), or gain escalated privileges, or by malicious
people to cause a DoS.

Full Advisory:
http://secunia.com/advisories/15887/ 

 --

[SA15886] Mandriva update for kernel-2.4

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of sensitive information, Privilege escalation,
DoS
Released:    2005-07-01

Mandriva has issued an update for kernel-2.4. This fixes some
vulnerabilities, which can be exploited by malicious, local users to
gain knowledge of potentially sensitive information, cause a DoS
(Denial of Service), or gain escalated privileges, or by malicious
people to cause a DoS.

Full Advisory:
http://secunia.com/advisories/15886/ 

 --

[SA15875] Fedora update for binutils

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2005-06-30

Fedora has issued an update for binutils. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
user's system.

Full Advisory:
http://secunia.com/advisories/15875/ 

 --

[SA15856] Ubuntu update for ruby

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2005-06-29

Ubuntu has issued an update for ruby. This fixes a vulnerability, which
potentially can be exploited by malicious people to bypass certain
security restrictions.

Full Advisory:
http://secunia.com/advisories/15856/ 

 --

[SA15965] SUSE update for heimdal

Critical:    Moderately critical
Where:       From local network
Impact:      System access
Released:    2005-07-07

SUSE has issued an update for heimdal. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/15965/ 

 --

[SA15858] Gentoo update for heimdal

Critical:    Moderately critical
Where:       From local network
Impact:      System access
Released:    2005-06-29

Gentoo has issued an update for heimdal. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/15858/ 

 --

[SA15948] Debian update for bzip2

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2005-07-07

Debian has issued an update for bzip2. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/15948/ 

 --

[SA15939] Conectiva update for bzip2

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2005-07-06

Conectiva has issued an update for bzip2. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/15939/ 

 --

[SA15938] Conectiva update for clamav

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2005-07-06

Conectiva has issued an update for clamav. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/15938/ 

 --

[SA15937] Conectiva update for gzip

Critical:    Less critical
Where:       From remote
Impact:      System access
Released:    2005-07-06

Conectiva has isused an update for gzip. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
user's system.

Full Advisory:
http://secunia.com/advisories/15937/ 

 --

[SA15921] Debian update for razor

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2005-07-06

Debian has issued an update for razor. This fixes two vulnerabilities,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/15921/ 

 --

[SA15919] Debian update for clamav

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2005-07-06

Debian has issued an update for clamav. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/15919/ 

 --

[SA15901] Courier Mail Server Memory Corruption Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2005-07-04

A vulnerability has been reported in Courier Mail Server, which
potentially can be exploited by malicious people to cause a DoS (Denial
of Service).

Full Advisory:
http://secunia.com/advisories/15901/ 

 --

[SA15896] Debian update for spamassassin

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2005-07-01

Debian has issued an update for spamassassin. This fixes a
vulnerability, which can be exploited by malicious people to cause a
DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/15896/ 

 --

[SA15871] FreeBSD ipfw Packet Matching Security Issue

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass
Released:    2005-06-30

A security issue has been reported in FreeBSD, which can be exploited
by malicious people to bypass the firewall ruleset.

Full Advisory:
http://secunia.com/advisories/15871/ 

 --

[SA15869] FreeBSD update for bzip2

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2005-06-30

FreeBSD has issued an update for bzip2. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/15869/ 

 --

[SA15867] FreeBSD TCP Stack Implementation Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2005-06-30

FreeBSD has issued an update for the TCP stack. This fixes a
vulnerability, which can be exploited by malicious people to cause a
DoS (Denial of Service) on active TCP sessions.

Full Advisory:
http://secunia.com/advisories/15867/ 

 --

[SA15860] SUSE update for clamav

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2005-06-30

SUSE has issued an update for clamav. This fixes two vulnerabilities,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/15860/ 

 --

[SA15859] Clam AntiVirus Two File Handling Denial of Service
Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2005-06-30

Two vulnerabilities have been reported in clamav, which can be
exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/15859/ 

 --

[SA15930] Net-snmp Stream-based Protocol Denial of Service

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2005-07-06

A vulnerability has been reported in Net-snmp, which can be exploited
by malicious users to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/15930/ 

 --

[SA15906] OpenLDAP / pam_ldap / nss_ldap Password Disclosure Security
Issue

Critical:    Less critical
Where:       From local network
Impact:      Exposure of sensitive information
Released:    2005-07-04

A security issue has been reported in OpenLDAP, pam_ldap and nss_ldap,
which can be exploit by malicious people to gain knowledge of sensitive
information.

Full Advisory:
http://secunia.com/advisories/15906/ 

 --

[SA15963] GNATS Arbitrary File Overwrite Security Issue

Critical:    Less critical
Where:       Local system
Impact:      Security Bypass, Manipulation of data, System access
Released:    2005-07-07

A security issue has been reported in GNATS, which can be exploited by
malicious, local users to overwrite arbitrary files on a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/15963/ 

 --

[SA15955] Debian "apt-setup" Insecure File Permission Security Issue

Critical:    Less critical
Where:       Local system
Impact:      Exposure of sensitive information
Released:    2005-07-07

Alexander Mader has reported a security issue in Debian apt-setup,
which can be exploited by malicious, local users to gain knowledge of
sensitive information.

Full Advisory:
http://secunia.com/advisories/15955/ 

 --

[SA15935] Conectiva update for sudo

Critical:    Less critical
Where:       Local system
Impact:      Security Bypass
Released:    2005-07-06

Conectiva has issued an update for sudo. This fixes a vulnerability,
which can be exploited by malicious, local users to execute arbitrary
commands.

Full Advisory:
http://secunia.com/advisories/15935/ 

 --

[SA15913] Centericq Insecure Temporary File Creation

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-07-05

Eric Romang has reported a vulnerability in Centreicq, which can be
exploited by malicious, local users to perform certain actions on a
vulnerable system with escalated privileges.

Full Advisory:
http://secunia.com/advisories/15913/ 

 --

[SA15912] Kpopper Insecure Temporary File Creation

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-07-05

Eric Romang has reported a vulnerability in Kpopper, which can be
exploited by malicious, local users to perform certain actions on a
vulnerable system with escalated privileges.

Full Advisory:
http://secunia.com/advisories/15912/ 

 --

[SA15899] log4sh Insecure Temporary File Creation

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-07-04

Eric Romang has reported a vulnerability in log4sh, which can be
exploited by malicious, local users to perform certain actions on a
vulnerable system with escalated privileges.

Full Advisory:
http://secunia.com/advisories/15899/ 

 --

[SA15890] Debian update for sudo

Critical:    Less critical
Where:       Local system
Impact:      Security Bypass
Released:    2005-07-01

Debian has issued an update for sudo. This fixes a vulnerability, which
can be exploited by malicious, local users to execute arbitrary commands
with escalated privileges.

Full Advisory:
http://secunia.com/advisories/15890/ 

 --

[SA15889] ekg Insecure Temporary File Creation

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-07-05

Eric Romang has reported a vulnerability in ekg, which can be exploited
by malicious, local users to perform certain actions on a vulnerable
system with escalated privileges.

Full Advisory:
http://secunia.com/advisories/15889/ 

 --

[SA15882] Debian update for crip

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-06-30

Debian has issued an update for crip. This fixes a vulnerability, which
can be exploited by malicious, local users to perform certain actions on
a vulnerable system with escalated privileges.

Full Advisory:
http://secunia.com/advisories/15882/ 

 --

[SA15881] Red Hat update for sudo

Critical:    Less critical
Where:       Local system
Impact:      Security Bypass
Released:    2005-06-30

Red Hat has issued an update for sudo. This fixes a vulnerability,
which can be exploited by malicious, local users to execute arbitrary
commands with escalated privileges.

Full Advisory:
http://secunia.com/advisories/15881/ 

 --

[SA15878] crip Insecure Temporary File Creation

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-06-30

Justin Rye has reported a vulnerability in crip, which can be exploited
by malicious, local users to perform certain actions on a vulnerable
system with escalated privileges.

Full Advisory:
http://secunia.com/advisories/15878/ 

 --

[SA15877] Avaya CMS/IR lpadmin Arbitrary File Overwrite Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Manipulation of data
Released:    2005-06-30

Avaya has acknowledged a vulnerability in Avaya Call Management System
(CMS) and Avaya Interactive Response (IR), which can be exploited by
malicious, local users to overwrite arbitrary files on a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/15877/ 

 --

[SA15943] Debian update for gaim

Critical:    Not critical
Where:       From remote
Impact:      DoS
Released:    2005-07-06

Debian has issued an update for gaim. This fixes two weaknesses, which
can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/15943/ 

 --

[SA15874] NetBSD Audio Drivers ioctl Denial of Service Vulnerability

Critical:    Not critical
Where:       Local system
Impact:      DoS
Released:    2005-07-01

A vulnerability has been reported in NetBSD, which can be exploited by
malicious, local users to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/15874/ 


Other:--

[SA15970] Xerox WorkCentre Pro Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From local network
Impact:      Security Bypass, Cross Site Scripting, Manipulation of
data, Exposure of system information, DoS
Released:    2005-07-07

Several vulnerabilites have been reported in WorkCentre Pro MicroServer
Web Server, which can be exploited by malicious people to gain
unauthorized access, cause a DoS (Denial of Service), or conduct script
insertion attacks.

Full Advisory:
http://secunia.com/advisories/15970/ 

 --

[SA15876] Avaya Products TCP Timestamp Denial of Service

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2005-06-30

Avaya has acknowledged a vulnerability in some products, which can be
exploited by malicious people to cause a DoS (Denial of Service) on an
active TCP session.

Full Advisory:
http://secunia.com/advisories/15876/ 


Cross Platform:--

[SA15952] Jinzora "include_path" File Inclusion Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-07-07

A vulnerability has been reported in Jinzora, which can be exploited by
malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/15952/ 

 --

[SA15949] zlib "inftrees.c" Buffer Overflow Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-07-07

A vulnerability has been reported in zlib, which can be exploited by
malicious people to conduct a DoS (Denial of Service) against a
vulnerable application, or potentially to execute arbitrary code.

Full Advisory:
http://secunia.com/advisories/15949/ 

 --

[SA15944] TikiWiki XML-RPC PHP Code Execution Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-07-07

A vulnerability has been reported in TikiWiki, which can be exploited
by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/15944/ 

 --

[SA15927] Mark Kronsbein MyGuestbook "lang" File Inclusion
Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-07-06

SoulBlack Security Research has discovered a vulnerability in Mark
Kronsbein MyGuestbook, which can be exploited by malicious people to
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/15927/ 

 --

[SA15922] Jaws "path" File Inclusion and XML-RPC PHP Code Execution

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-07-06

Two vulnerabilities have been reported in Jaws, which can be exploited
by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/15922/ 

 --

[SA15910] nabopoll "path" File Inclusion Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-07-04

V4mu has discovered a vulnerability in nabopoll, which can be exploited
by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/15910/ 

 --

[SA15908] Cacti "no_http_headers" Security Bypass and Shell Command
Injection

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Manipulation of data, System access
Released:    2005-07-04

Stefan Esser has reported two vulnerabilities in Cacti, which can be
exploited by malicious people to bypass certain security restrictions
and compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/15908/ 

 --

[SA15904] BLOG:CMS XML-RPC PHP Code Execution Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-07-04

A vulnerability has been reported in BLOG:CMS, which can be exploited
by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/15904/ 

 --

[SA15903] PhpWiki XML-RPC PHP Code Execution Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-07-04

A vulnerability has been reported in PhpWiki, which can be exploited by
malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/15903/ 

 --

[SA15895] Nucleus XML-RPC PHP Code Execution Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-07-01

A vulnerability has been reported in Nucleus, which can be exploited by
malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/15895/ 

 --

[SA15893] EasyPHPCalendar "serverPath" File Inclusion Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-07-05

Mafia_Boy has reported a vulnerability in EasyPHPCalendar, which can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/15893/ 

 --

[SA15884] phpPgAds XML-RPC PHP Code Execution Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-07-01

A vulnerability has been reported in phpPgAds, which can be exploited
by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/15884/ 

 --

[SA15883] phpAdsNew XML-RPC PHP Code Execution Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-07-01

James Bercegay has reported a vulnerability in phpAdsNew, which can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/15883/ 

 --

[SA15873] Pavsta Auto Site "sitepath" File Inclusion Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-06-30

V4mu has reported a vulnerability in Pavsta Auto Site, which can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/15873/ 

 --

[SA15872] Drupal PHP Code Execution Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-06-30

Two vulnerabilities have been reported in Drupal, which can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/15872/ 

 --

[SA15862] Serendipity XML-RPC Unspecified PHP Code Execution
Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-06-30

A vulnerability has been reported in Serendipity, which can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/15862/ 

 --

[SA15861] PEAR XML_RPC PHP Code Execution Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-06-30

James Bercegay has reported a vulnerability in PEAR XML_RPC, which can
be exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/15861/ 

 --

[SA15951] PHPXmail Authentication Bypass Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2005-07-07

Stefan Lochbihler has reported a vulnerability in PHPXmail, which can
be exploited by malicious people to bypass certain security
restrictions.

Full Advisory:
http://secunia.com/advisories/15951/ 

 --

[SA15942] QuickBlogger Comment Script Insertion Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-07-06

Donnie Werner has reported a vulnerability in QuickBlogger, which can
be exploited by malicious people to conduct script insertion attacks.

Full Advisory:
http://secunia.com/advisories/15942/ 

 --

[SA15941] phpPgAdmin "formLanguage" Local File Inclusion Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of sensitive information
Released:    2005-07-07

A vulnerability has been reported in phpPgAdmin, which can be exploited
by malicious people to disclose sensitive information.

Full Advisory:
http://secunia.com/advisories/15941/ 

 --

[SA15926] Covide Groupware-CRM User ID SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-07-06

Hans Wolters has reported a vulnerability in Covide Groupware-CRM,
which can be exploited by malicious people to conduct SQL injection
attacks.

Full Advisory:
http://secunia.com/advisories/15926/ 

 --

[SA15918]  osTicket "t" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-07-04

edisan and foster have discovered a vulnerability in osTicket, which
can be exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/15918/ 

 --

[SA15914] Geeklog Unspecified SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-07-05

Stefan Esser has reported a vulnerability in Geeklog, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/15914/ 

 --

[SA15911]  PHPNews "prevnext" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-07-04

A vulnerability has been reported in PHPNews, which can be exploited by
malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/15911/ 

 --

[SA15902] Plague News System SQL Injection and Security Bypass
Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Manipulation of data
Released:    2005-07-04

Easyex has reported two vulnerabilities in Plague News System, which
can be exploited by malicious people to conduct SQL injection attacks
and bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/15902/ 

 --

[SA15900] Quick & Dirty PHPSource Printer Directory Traversal
Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information
Released:    2005-07-04

Seth Alan Woolley has discovered a vulnerability in Quick & Dirty
PHPSource Printer, which can be exploited by malicious people to gain
knowledge of sensitive information.

Full Advisory:
http://secunia.com/advisories/15900/ 

 --

[SA15865] Comdev eCommerce Review Script Insertion Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-06-30

basher13 has reported a vulnerability in Comdev eCommerce, which can be
exploited by malicious people to conduct script insertion attacks.

Full Advisory:
http://secunia.com/advisories/15865/ 

 --

[SA15864] Comdev News Publisher Cross-Site Scripting and PHP Code
Execution

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, System access
Released:    2005-06-30

basher13 has reported two vulnerabilities in Comdev News Publisher,
which can be exploited by malicious people to conduct cross-site
scripting attacks and by malicious users to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/15864/ 

 --

[SA15950] MediaWiki Move Template Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-07-07

A vulnerability has been reported in MediaWiki, which can be exploited
by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/15950/ 

 --

[SA15928] AutoIndex PHP Script "search" Cross-Site Scripting
Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-07-06

mozako has discovered a vulnerability in AutoIndex PHP Script, which
can be exploited by malicious people to conduct cross-site scripting
attacks.

Full Advisory:
http://secunia.com/advisories/15928/ 

 --

[SA15868] Soldier of Fortune II Ignore Command Denial of Service

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2005-06-30

Luigi Auriemma has reported a vulnerability in Soldier of Fortune II,
which can be exploited by malicious users to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/15868/ 



=======================================================================
Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/ 

Subscribe:
http://secunia.com/secunia_weekly_summary/ 

Contact details:
Web	: http://secunia.com/ 
E-mail	: support@secunia.com 
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45




_________________________________________
Attend the Black Hat Briefings and
Training, Las Vegas July 23-28 - 
2,000+ international security experts, 
10 tracks, no vendor pitches.
www.blackhat.com 

Site design & layout copyright © 1986-2014 CodeGods