AOH :: ISNQ3531.HTM

Secunia Weekly Summary - Issue: 2007-4




Secunia Weekly Summary - Issue: 2007-4
Secunia Weekly Summary - Issue: 2007-4



=======================================================================
                  The Secunia Weekly Advisory Summary                  
                        2007-01-18 - 2007-01-25                        

                       This week: 91 advisories                        

=======================================================================Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing

=======================================================================1) Word From Secunia:

New Secunia blog entry about the "availability" of the latest Apple
QuickTime security update.

The update is ready, yet users are still only able to download the
vulnerable version from Apple.com - without any indication or guidance
about why or how to secure it:
http://secunia.com/blog/7/ 

Exploitation appears to be straight forward and the QuickTime player
is installed on more than 50% of all computers!

Use the Secunia Software Inspector for verification and real guidance
on how to secure your QuickTime player:
http://secunia.com/software_Inspector/ 

 --

Should you be interesting a career within Secunia, the current job
openings are available right now:

Security Sales Engineer:
http://corporate.secunia.com/about_secunia/54/ 

German Key Account Manager:
http://corporate.secunia.com/about_secunia/55/ 

International Account Manager - Enterprise Sales:
http://corporate.secunia.com/about_secunia/52/ 

International Sales Manager - IT Security Partner:
http://corporate.secunia.com/about_secunia/51/ 

Danish: Disassembling og Reversing
http://secunia.com/Disassembling_og_Reversing/ 

=======================================================================2) This Week in Brief:

Secunia Research has discovered vulnerabilities in various audio and
media applications caused due to an insecure ActiveX control. The
vulnerable component, NCTAudioFile2.dll, was originally developed by
NCT Company Ltd. (now known as Online Media Technologies Ltd.), and is
known to be used by more than 70 products from 28 different software
companies.

The vulnerability is caused due to a boundary error in the
NCTAudioFile2.AudioFile ActiveX control; specifically, in the handling
of the "SetFormatLikeSample()" method. Passing an argument with
length of about 4,124 bytes induces a stack-based buffer overflow,
making it possible for the attacker to execute arbitrary code on the
user's system.

Successful exploitation requires that the user visit a website where
the exploit is located, and allows execution of arbitrary code.

The library file is present in numerous products, including:
NCTAudioStudio
NCTDialogicVoice
Video Converter Plus
Cheetah CD Burner
Fx Audio Tools
Power Audio Editor
FREE Hi-Q Recorder
iMesh
McFunSoft iPod Audio Studio
Wave MP3 Editor

For a complete list of all the affected products, please visit the
Secunia Research page:
http://secunia.com/secunia_research/ 

For more information on this vulnerability, refer to the following:
http://secunia.com/advisories/23475/ 

 --

Two vulnerabilities were discovered in Microsoft Help Workshop, which
can be exploited by malicious people to compromise a user's system.

Exploiting either vulnerabilities using specially crafted .CNT or .HPJ
files causes a buffer overflow, which can allow an attacker to execute
arbitrary code on the system. 

The vulnerabilities are present in version 4.03.0002 of the Microsoft
Help Workshop, a tool that was published by Microsoft in 2000. Despite
the application being several years old, it is still available for
download on the Microsoft website, and as such, Secunia believes that
users must still be made aware of this issue.

For more information on this vulnerability, refer to the following:
http://secunia.com/advisories/23862/ 

 --

VIRUS ALERTS:

During the past week Secunia collected 173 virus descriptions from the
Antivirus vendors. However, none were deemed MEDIUM risk or higher
according to the Secunia assessment scale.

=======================================================================3) This Weeks Top Ten Most Read Advisories:

1.  [SA23757] Sun Java JRE GIF Image Processing Buffer Overflow
              Vulnerability
2.  [SA23666] Adobe Reader Unspecified Heap Corruption Vulnerability
3.  [SA23836] Cisco Products SSL/TLS and SSH Validation Security Issue
4.  [SA18787] Internet Explorer Drag-and-Drop Vulnerability
5.  [SA23796] Apple Mac OS X slpd Buffer Overflow Vulnerability
6.  [SA23794] Oracle Products Multiple Vulnerabilities
7.  [SA23841] SecureCRT / SecureFX OpenSSL RSA Signature Forgery
8.  [SA23833] Fedora update for the kernel
9.  [SA23832] GNU ed Insecure Temporary File Creation
10. [SA23830] OpenBSD ICMP6 Denial of Service Vulnerability

=======================================================================4) Vulnerabilities Summary Listing

Windows:
[SA23901] Sami HTTP Server Connection Handling Denial of Service
[SA23894] ASP Edge "user" SQL Injection Vulnerability
[SA23862] Microsoft Help Workshop Two Buffer Overflow Vulnerabilities
[SA23827] uniForum "wbsearch.aspx" SQL Injection Vulnerability
[SA23897] BrightStor ARCserve Backup for Laptops & Desktops
Vulnerabilities
[SA23869] Citrix Presentation Server Print Provider Buffer Overflow
Vulnerability
[SA23896] Symantec Web Security Two Vulnerabilities
[SA23856] Microsoft Visual Studio ".rc" File Handling Buffer Overflow
[SA23841] SecureCRT / SecureFX OpenSSL RSA Signature Forgery

UNIX/Linux:
[SA23920] SGI Advanced Linux Environment Multiple Updates
[SA23915] HP-UX update for Apache
[SA23903] Gentoo update for mit-krb5
[SA23882] SUSE update for acroread
[SA23877] Red Hat update for acroread
[SA23875] phpXMLDOM "path" File Inclusion Vulnerabilities
[SA23861] Transmit "sftp://" URI Handler Buffer Overflow 
[SA23845] Upload-service "maindir" File Inclusion Vulnerability
[SA23835] Gentoo update for sun-jdk and sun-jre-bin
[SA23911] Avaya Products tar "GNUTYPES_NAMES" Record Type Security
Issue
[SA23891] Gentoo update for xine-ui
[SA23870] SUSE Update for Multiple Packages
[SA23863] ulogd Unspecified Buffer Overflow
[SA23858] Linux-PAM Login Bypass Security Vulnerability
[SA23842] Rumpus Multiple Vulnerabilities
[SA23831] AWFFull Unspecified Buffer Overflows
[SA23830] OpenBSD ICMP6 Denial of Service Vulnerability
[SA23829] SUSE update for xine
[SA23935] rPath update for gtk
[SA23933] Red Hat update for gtk2
[SA23921] Ubuntu update for squid
[SA23913] CGI Rescue WebFORM Cross-Site Scripting and HTTP Header
Injection
[SA23906] Ubuntu update for geoip-bin
[SA23889] Mandriva update for squid
[SA23883] Sun Solaris update for Mozilla
[SA23879] Ubuntu update for bluez-utils
[SA23876] rPath update for poppler
[SA23873] Ubuntu update for libsoup
[SA23871] rPath update for libsoup
[SA23859] Apple Mac OS X QuickDraw Denial of Service
[SA23844] Mandriva update for poppler
[SA23837] Trustix update for squid
[SA23833] Fedora update for the kernel
[SA23923] Slackware update for fetchmail
[SA23838] Gentoo update for fetchmail
[SA23907] Sun Solaris 9 Xorg X Server Integer Overflows
[SA23900] Sun Ray Server Software Password Disclosure
[SA23899] Sun Solaris 10 Xorg X Server Integer Overflows
[SA23885] Sun Solaris "kcms_calibrate" Privilege Escalation
[SA23881] Gentoo update for openldap
[SA23872] rPath update for libgtop2
[SA23857] rPath update for ed
[SA23848] Fedora update for ed
[SA23846] Apple Mac OS X "UserNotificationCenter" Privilege Escalation
[SA23840] Gentoo update for libgtop
[SA23832] GNU ed Insecure Temporary File Creation
[SA23839] Mandriva update for kdegraphics

Other:
[SA23867] Cisco IOS Multiple Vulnerabilities
[SA23868] Fritz!Box UDP Packet SIP Denial of Service
[SA23936] SOYO G668 Ethernet IP Phone Session Management Vulnerability
[SA23919] ATCOM AT-320ED IP Phone Session Management Vulnerability
[SA23847] Check Point Products ICS Security Bypass
[SA23853] T-Com Speedport Authentication Bypass
[SA23836] Cisco Products SSL/TLS and SSH Validation Security Issue

Cross Platform:
[SA23909] Shopping Basket Professional Command Injection
[SA23898] FreeWebShop.org "lang_file" File Inclusion Vulnerability
[SA23878] VisoHotlink  "mosConfig_absolute_path" File Inclusion
Vulnerability
[SA23874] BBClone "BBC_LIB_PATH" File Inclusion Vulnerability
[SA23851] Bradabra "includes_path" File Inclusion Vulnerability
[SA23850] MySpeach "up.php" File Inclusion Vulnerability
[SA23834] Vote! Pro PHP "eval()" Injection Vulnerability
[SA23888] Random PHP Quote pwd.txt Password Disclosure
[SA23886] Smart PHP Subscriber pwd.txt Password Disclosure
[SA23865] Enthusiast Cross-Site Scripting and SQL Injection
[SA23864] MaklerPlus Unspecified Vulnerabilities
[SA23860] PHP Link Directory "URL" Script Insertion Vulnerability
[SA23828] Website Baker "REMEMBER_KEY" Cookie SQL Injection
[SA23826] Django Two Vulnerabilities
[SA23934] MyBB private.php Cross-Site Request Forgery and Cross-Site
Scripting
[SA23926] DokuWiki "media" CRLF Injection Vulnerability
[SA23908] Drupal Project Module Script Insertion Vulnerability
[SA23904] ISC BIND Unspecified Denial of Service Vulnerability
[SA23895] Drupal Acidfree Module "node titles" SQL Injection
Vulnerability
[SA23887] Drupal Project Issue Tracking Module Multiple
Vulnerabilities
[SA23884] GTK+ "GdkPixbufLoader()" Denial of Service
[SA23880] GeoIP C API "GeoIP_update_database_general()" Directory
Traversal
[SA23855] Yana Framework Guestbook Profile Security Bypass
[SA23852] wzdftpd Data Handling Denial of Service Vulnerability
[SA23849] PostNuke "cover" Cross-Site Scripting Vulnerability
[SA23843] Hitachi Web Server Multiple Vulnerabilities
[SA23866] Hitachi OpenTP1 Data Handling Denial of Service
Vulnerability
[SA23854] Hitachi HIBUN Advanced Edition Server Denial of Service

=======================================================================5) Vulnerabilities Content Listing

Windows:--

[SA23901] Sami HTTP Server Connection Handling Denial of Service

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2007-01-24

shinnai has discovered a vulnerability in Sami HTTP Server, which can
be exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/23901/ 

 --

[SA23894] ASP Edge "user" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-01-25

ajann has discovered a vulnerability in ASP Edge, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/23894/ 

 --

[SA23862] Microsoft Help Workshop Two Buffer Overflow Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2007-01-22

porkythepig has discovered two vulnerabilities in Microsoft Help
Workshop, which can be exploited by malicious people to compromise a
user's system.

Full Advisory:
http://secunia.com/advisories/23862/ 

 --

[SA23827] uniForum "wbsearch.aspx" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-01-18

ajann has reported a vulnerability in uniForum, which can be exploited
by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/23827/ 

 --

[SA23897] BrightStor ARCserve Backup for Laptops & Desktops
Vulnerabilities

Critical:    Moderately critical
Where:       From local network
Impact:      DoS, System access
Released:    2007-01-24

Some vulnerabilities have been reported in BrightStor ARCserve Backup
for Laptops & Desktops, which can be exploited by malicious people to
cause a DoS (Denial of Service) or compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/23897/ 

 --

[SA23869] Citrix Presentation Server Print Provider Buffer Overflow
Vulnerability

Critical:    Moderately critical
Where:       From local network
Impact:      System access
Released:    2007-01-25

A vulnerability has been reported in Citrix Presentation Server, which
can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/23869/ 

 --

[SA23896] Symantec Web Security Two Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting, DoS
Released:    2007-01-25

Two vulnerabilities have been reported in Symantec Web Security, which
can be exploited by malicious people to conduct cross-site scripting
attacks or to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/23896/ 

 --

[SA23856] Microsoft Visual Studio ".rc" File Handling Buffer Overflow

Critical:    Less critical
Where:       From remote
Impact:      System access
Released:    2007-01-23

porkythepig has reported a vulnerability in Microsoft Visual Studio,
which can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/23856/ 

 --

[SA23841] SecureCRT / SecureFX OpenSSL RSA Signature Forgery

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass
Released:    2007-01-19

A vulnerability has been acknowledged in SecureCRT and SecureFX, which
can be exploited by malicious people to bypass certain security
restrictions.

Full Advisory:
http://secunia.com/advisories/23841/ 


UNIX/Linux:--

[SA23920] SGI Advanced Linux Environment Multiple Updates

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-01-25

SGI has issued a patch for SGI Advanced Linux Environment. This fixes
some vulnerabilities, which potentially can be exploited by malicious
people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/23920/ 

 --

[SA23915] HP-UX update for Apache

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, DoS, System access
Released:    2007-01-25

HP has issued an update for Apache. This fixes some vulnerabilities,
which can be exploited by malicious people to bypass certain security
restrictions, cause a DoS (Denial of Service), or to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/23915/ 

 --

[SA23903] Gentoo update for mit-krb5

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-01-25

Gentoo has issued an update for krb5. This fixes some vulnerabilities,
which can potentially be exploited by malicious people to cause a DoS
(Denial of Service) or compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/23903/ 

 --

[SA23882] SUSE update for acroread

Critical:    Highly critical
Where:       From remote
Impact:      Hijacking, Cross Site Scripting, DoS, System access
Released:    2007-01-23

SUSE has issued an update for acroread. This fixes some
vulnerabilities, which can be exploited by malicious people to conduct
cross-site scripting attacks, as a vector for conducting cross-site
request forgery attacks, or to potentially compromise a user's system.

Full Advisory:
http://secunia.com/advisories/23882/ 

 --

[SA23877] Red Hat update for acroread

Critical:    Highly critical
Where:       From remote
Impact:      Hijacking, Cross Site Scripting, DoS, System access
Released:    2007-01-23

Red Hat has issued an update for acroread. This fixes some
vulnerabilities, which can be exploited by malicious people to conduct
cross-site scripting attacks, as a vector for cross-site request
forgery attacks, or to potentially compromise a user's system.

Full Advisory:
http://secunia.com/advisories/23877/ 

 --

[SA23875] phpXMLDOM "path" File Inclusion Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-01-24

Dr Max Virus has reported some vulnerabilities in phpXMLDOM, which can
be exploited by malicious people to compromise vulnerable systems.

Full Advisory:
http://secunia.com/advisories/23875/ 

 --

[SA23861] Transmit "sftp://" URI Handler Buffer Overflow 

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-01-22

KF and LMH have reported a vulnerability in Transmit, which can
potentially be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/23861/ 

 --

[SA23845] Upload-service "maindir" File Inclusion Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-01-22

Ahmad Muammar W.K has discovered a vulnerability in Upload-service,
which can be exploited by malicious people to compromise vulnerable
systems.

Full Advisory:
http://secunia.com/advisories/23845/ 

 --

[SA23835] Gentoo update for sun-jdk and sun-jre-bin

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Privilege escalation, System access
Released:    2007-01-23

Gentoo has issued an update for sun-jdk and sun-jre-bin. This fixes
some vulnerabilities, which can be exploited by malicious people to
bypass certain security restrictions or compromise a user's system.

Full Advisory:
http://secunia.com/advisories/23835/ 

 --

[SA23911] Avaya Products tar "GNUTYPES_NAMES" Record Type Security
Issue

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-01-25

Avaya has acknowledged a vulnerability in various Avaya products, which
can be exploited by malicious people to overwrite arbitrary files.

Full Advisory:
http://secunia.com/advisories/23911/ 

 --

[SA23891] Gentoo update for xine-ui

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-01-24

Gentoo has issued an update for xine-ui. This fixes a vulnerability,
which can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/23891/ 

 --

[SA23870] SUSE Update for Multiple Packages

Critical:    Moderately critical
Where:       From remote
Impact:      Unknown, System access
Released:    2007-01-22

SUSE has issued an update for multiple packages. This fixes some
vulnerabilities, which have unknown impacts or can be exploited by
malicious people to potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/23870/ 

 --

[SA23863] ulogd Unspecified Buffer Overflow

Critical:    Moderately critical
Where:       From remote
Impact:      Unknown
Released:    2007-01-22

A vulnerability with an unknown impact has been reported in ulogd.

Full Advisory:
http://secunia.com/advisories/23863/ 

 --

[SA23858] Linux-PAM Login Bypass Security Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2007-01-24

A vulnerability has been reported in Linux-PAM, which can be exploited
by malicious people to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/23858/ 

 --

[SA23842] Rumpus Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Privilege escalation, DoS, System access
Released:    2007-01-19

LMH and KF have reported some vulnerabilities in Rumpus, which can be
exploited by malicious, local users to gain escalated privileges and
potentially by malicious users to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/23842/ 

 --

[SA23831] AWFFull Unspecified Buffer Overflows

Critical:    Moderately critical
Where:       From remote
Impact:      Unknown
Released:    2007-01-24

Some potential vulnerabilities with unknown impacts have been reported
in AWFFull.

Full Advisory:
http://secunia.com/advisories/23831/ 

 --

[SA23830] OpenBSD ICMP6 Denial of Service Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2007-01-19

A vulnerability has been reported in OpenBSD, which can be exploited by
malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/23830/ 

 --

[SA23829] SUSE update for xine

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-01-23

SUSE has issued an update for xine-ui, xine-lib, xine-extra and
xine-devel. This fixes a vulnerability, which potentially can be
exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/23829/ 

 --

[SA23935] rPath update for gtk

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2007-01-25

rPath has issued an update for gtk. This fixes a vulnerability, which
can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/23935/ 

 --

[SA23933] Red Hat update for gtk2

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2007-01-25

Red Hat has issued an update for gtk2. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/23933/ 

 --

[SA23921] Ubuntu update for squid

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2007-01-25

Ubuntu has issued an update for squid. This fixes some vulnerabilities,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/23921/ 

 --

[SA23913] CGI Rescue WebFORM Cross-Site Scripting and HTTP Header
Injection

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-01-25

Some vulnerabilities have been reported in CGI Rescue WebFORM, which
can be exploited by malicious people to conduct cross-site scripting
and HTTP header injection attacks.

Full Advisory:
http://secunia.com/advisories/23913/ 

 --

[SA23906] Ubuntu update for geoip-bin

Critical:    Less critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-01-24

Ubuntu has issued an update for geoip-bin. This fixes a vulnerability,
which can be exploited by malicious people to overwrite arbitrary files
on a user's system.

Full Advisory:
http://secunia.com/advisories/23906/ 

 --

[SA23889] Mandriva update for squid

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2007-01-24

Mandriva has issued an update for squid. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/23889/ 

 --

[SA23883] Sun Solaris update for Mozilla

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass
Released:    2007-01-23

Sun has acknowledged a vulnerability in Mozilla, which can be exploited
by malicious people to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/23883/ 

 --

[SA23879] Ubuntu update for bluez-utils

Critical:    Less critical
Where:       From remote
Impact:      System access
Released:    2007-01-24

Ubuntu has issued an update for bluez-utils. This fixes a
vulnerability, which can be exploited by malicious people to compromise
a vulnerable system.

Full Advisory:
http://secunia.com/advisories/23879/ 

 --

[SA23876] rPath update for poppler

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2007-01-23

rPath has issued an update for poppler. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/23876/ 

 --

[SA23873] Ubuntu update for libsoup

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2007-01-24

Ubuntu has issued an update for libsoup. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/23873/ 

 --

[SA23871] rPath update for libsoup

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2007-01-23

rPath has issued an update for libsoup. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/23871/ 

 --

[SA23859] Apple Mac OS X QuickDraw Denial of Service

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2007-01-25

LMH has reported a vulnerability in Apple Mac OS X, which can be
exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/23859/ 

 --

[SA23844] Mandriva update for poppler

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2007-01-19

Mandriva has issued an update for poppler. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/23844/ 

 --

[SA23837] Trustix update for squid

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2007-01-22

Trustix has issued an update for squid. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/23837/ 

 --

[SA23833] Fedora update for the kernel

Critical:    Less critical
Where:       From remote
Impact:      Manipulation of data, Privilege escalation, DoS
Released:    2007-01-19

Fedora has issued an update for the kernel. This fixes some
vulnerabilities, which can be exploited by malicious, local users to
cause a DoS (Denial of Service), overwrite arbitrary files, or gain
escalated privileges, and by malicious people to cause a DoS.

Full Advisory:
http://secunia.com/advisories/23833/ 

 --

[SA23923] Slackware update for fetchmail

Critical:    Less critical
Where:       From local network
Impact:      Exposure of sensitive information, DoS
Released:    2007-01-25

Slackware has issued an update for fetchmail. This fixes a
vulnerability and a security issue, which can be exploited by
malicious, local users to cause a DoS (Denial of Service) and by
malicious people to gain knowledge of sensitive information.

Full Advisory:
http://secunia.com/advisories/23923/ 

 --

[SA23838] Gentoo update for fetchmail

Critical:    Less critical
Where:       From local network
Impact:      Exposure of sensitive information, DoS
Released:    2007-01-23

Gentoo has issued an update for fetchmail. This fixes a vulnerability
and a security issue, which can be exploited by malicious, local users
to cause a DoS (Denial of Service) and by malicious people to gain
knowledge of sensitive information.

Full Advisory:
http://secunia.com/advisories/23838/ 

 --

[SA23907] Sun Solaris 9 Xorg X Server Integer Overflows

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-01-24

Sun has acknowledged a vulnerability in Solaris, which can be exploited
by malicious, local users to gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/23907/ 

 --

[SA23900] Sun Ray Server Software Password Disclosure

Critical:    Less critical
Where:       Local system
Impact:      Exposure of sensitive information
Released:    2007-01-24

Sun has acknowledged a security issue in Sun Ray Server Software, which
can be exploited by malicious, local users to gain sensitive
information.

Full Advisory:
http://secunia.com/advisories/23900/ 

 --

[SA23899] Sun Solaris 10 Xorg X Server Integer Overflows

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-01-24

Sun has acknowledged a vulnerability in Solaris, which can be exploited
by malicious, local users to gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/23899/ 

 --

[SA23885] Sun Solaris "kcms_calibrate" Privilege Escalation

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-01-23

A vulnerability has been reported in Sun Solaris, which can be
exploited by malicious, local users to gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/23885/ 

 --

[SA23881] Gentoo update for openldap

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-01-24

Gentoo has issued an update for openldap. This fixes a vulnerability,
which can be exploited by malicious, local users to gain escalated
privileges.

Full Advisory:
http://secunia.com/advisories/23881/ 

 --

[SA23872] rPath update for libgtop2

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-01-23

rPath has issued an update for libgtop2. This fixes a vulnerability,
which can be exploited by malicious, local users to gain escalated
privileges.

Full Advisory:
http://secunia.com/advisories/23872/ 

 --

[SA23857] rPath update for ed

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-01-23

rPath has issued an update for ed. This fixes a vulnerability, which
can be exploited by malicious, local users to perform certain actions
with escalated privileges.

Full Advisory:
http://secunia.com/advisories/23857/ 

 --

[SA23848] Fedora update for ed

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-01-19

Fedora has issued an update for ed. This fixes a vulnerability, which
can be exploited by malicious, local users to perform certain actions
with escalated privileges.

Full Advisory:
http://secunia.com/advisories/23848/ 

 --

[SA23846] Apple Mac OS X "UserNotificationCenter" Privilege Escalation

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-01-24

A vulnerability has been reported in Mac OS X, which can be exploited
by malicious, local users to gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/23846/ 

 --

[SA23840] Gentoo update for libgtop

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-01-23

Gentoo has issued an update for libgtop. This fixes a vulnerability,
which can be exploited by malicious, local users to gain escalated
privileges.

Full Advisory:
http://secunia.com/advisories/23840/ 

 --

[SA23832] GNU ed Insecure Temporary File Creation

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-01-19

A vulnerability has been reported in GNU ed, which can be exploited by
malicious, local users to perform certain actions with escalated
privileges.

Full Advisory:
http://secunia.com/advisories/23832/ 

 --

[SA23839] Mandriva update for kdegraphics

Critical:    Not critical
Where:       From remote
Impact:      DoS
Released:    2007-01-23

Mandriva has issued an update for kdegraphics. This fixes a weakness,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/23839/ 


Other:--

[SA23867] Cisco IOS Multiple Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-01-25

Some vulnerabilities have been reported in Cisco IOS, which can be
exploited by malicious people to cause a DoS (Denial of Service) and
potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/23867/ 

 --

[SA23868] Fritz!Box UDP Packet SIP Denial of Service

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2007-01-22

Matthias Wenzel has reported a vulnerability in AVM Fritz!Box 7050,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/23868/ 

 --

[SA23936] SOYO G668 Ethernet IP Phone Session Management Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass
Released:    2007-01-25

Adrian Pastor has reported a vulnerability in SOYO G668 Ethernet IP
Phone, which can be exploited by malicious people to bypass certain
security restrictions.

Full Advisory:
http://secunia.com/advisories/23936/ 

 --

[SA23919] ATCOM AT-320ED IP Phone Session Management Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass
Released:    2007-01-25

Adrian Pastor has reported a vulnerability in ATCOM AT-320ED IP Phone,
which can be exploited by malicious people to bypass certain security
restrictions.

Full Advisory:
http://secunia.com/advisories/23919/ 

 --

[SA23847] Check Point Products ICS Security Bypass

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass
Released:    2007-01-25

Roni Bachar and Nir Goldshlager have reported a vulnerability in Check
Point products, which can be exploited by malicious people to bypass
certain security restrictions.

Full Advisory:
http://secunia.com/advisories/23847/ 

 --

[SA23853] T-Com Speedport Authentication Bypass

Critical:    Less critical
Where:       From local network
Impact:      Security Bypass
Released:    2007-01-22

Virginity has reported a vulnerability in T-Com Speedport, which can be
exploited by malicious people to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/23853/ 

 --

[SA23836] Cisco Products SSL/TLS and SSH Validation Security Issue

Critical:    Less critical
Where:       From local network
Impact:      Spoofing
Released:    2007-01-19

A security issue has been reported in Cisco products, which can be
exploited by malicious people to conduct spoofing attacks.

Full Advisory:
http://secunia.com/advisories/23836/ 


Cross Platform:--

[SA23909] Shopping Basket Professional Command Injection

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-01-25

A vulnerability has been reported in Shopping Basket Professional,
which can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/23909/ 

 --

[SA23898] FreeWebShop.org "lang_file" File Inclusion Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-01-24

David Sopas Ferreira has reported a vulnerability in FreeWebShop.org,
which can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/23898/ 

 --

[SA23878] VisoHotlink  "mosConfig_absolute_path" File Inclusion
Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-01-23

bd0rk has discovered a vulnerability in VisoHotlink, which can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/23878/ 

 --

[SA23874] BBClone "BBC_LIB_PATH" File Inclusion Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information, System access
Released:    2007-01-24

A vulnerability has been discovered in BBClone, which can be exploited
by malicious people to disclose sensitive information and potentially
compromise vulnerable systems.

Full Advisory:
http://secunia.com/advisories/23874/ 

 --

[SA23851] Bradabra "includes_path" File Inclusion Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-01-22

GolD_M aka Mahmood_ali has discovered a vulnerability in Bradabra,
which can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/23851/ 

 --

[SA23850] MySpeach "up.php" File Inclusion Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-01-22

A vulnerability has been discovered in MySpeach, which can be exploited
by malicious people to compromise vulnerable systems.

Full Advisory:
http://secunia.com/advisories/23850/ 

 --

[SA23834] Vote! Pro PHP "eval()" Injection Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-01-23

r0ut3r has reported a vulnerability in Vote! Pro, which can be
exploited by malicious people to compromise vulnerable systems.

Full Advisory:
http://secunia.com/advisories/23834/ 

 --

[SA23888] Random PHP Quote pwd.txt Password Disclosure

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of sensitive information
Released:    2007-01-24

ThE TiGeR 100 has reported a security issue in Random PHP Quote, which
can be exploited by malicious people to gain knowledge of sensitive
information.

Full Advisory:
http://secunia.com/advisories/23888/ 

 --

[SA23886] Smart PHP Subscriber pwd.txt Password Disclosure

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of sensitive information
Released:    2007-01-24

ThE TiGeR 100 has reported a security issue in Smart PHP Subscriber,
which can be exploited by malicious people to gain knowledge of
sensitive information.

Full Advisory:
http://secunia.com/advisories/23886/ 

 --

[SA23865] Enthusiast Cross-Site Scripting and SQL Injection

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data
Released:    2007-01-23

Some vulnerabilities have been discovered in Enthusiast, which can be
exploited by malicious people to conduct cross-site scripting and SQL
injection attacks.

Full Advisory:
http://secunia.com/advisories/23865/ 

 --

[SA23864] MaklerPlus Unspecified Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Unknown
Released:    2007-01-24

Some vulnerabilities with unknown impact have been reported in
MaklerPlus.

Full Advisory:
http://secunia.com/advisories/23864/ 

 --

[SA23860] PHP Link Directory "URL" Script Insertion Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-01-24

A vulnerability has been discovered in PHP Link Directory, which can be
exploited by malicious people to conduct script insertion attacks.

Full Advisory:
http://secunia.com/advisories/23860/ 

 --

[SA23828] Website Baker "REMEMBER_KEY" Cookie SQL Injection

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-01-24

Rolf Huisman has discovered a vulnerability in Website Baker, which can
be exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/23828/ 

 --

[SA23826] Django Two Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, System access
Released:    2007-01-19

Some vulnerabilities have been reported in Django, which can be
exploited by malicious users to bypass certain security restrictions or
malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/23826/ 

 --

[SA23934] MyBB private.php Cross-Site Request Forgery and Cross-Site
Scripting

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-01-25

Some vulnerabilities have been discovered in MyBB, which can be
exploited by malicious people to conduct cross-site request forgery
attacks and cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/23934/ 

 --

[SA23926] DokuWiki "media" CRLF Injection Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass
Released:    2007-01-25

unsticky has discovered a vulnerability in DokuWiki, which can be
exploited by malicious people to bypass certain restrictions.

Full Advisory:
http://secunia.com/advisories/23926/ 

 --

[SA23908] Drupal Project Module Script Insertion Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-01-25

A vulnerability has been reported in the Project module for Drupal,
which can be exploited by malicious users to conduct script insertion
attacks.

Full Advisory:
http://secunia.com/advisories/23908/ 

 --

[SA23904] ISC BIND Unspecified Denial of Service Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2007-01-25

A vulnerability has been reported in ISC BIND, which can be exploited
by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/23904/ 

 --

[SA23895] Drupal Acidfree Module "node titles" SQL Injection
Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-01-24

A vulnerability has been reported in the Acidfree module for Drupal,
which can be exploited by malicious users to conduct SQL injection
attacks.

Full Advisory:
http://secunia.com/advisories/23895/ 

 --

[SA23887] Drupal Project Issue Tracking Module Multiple
Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, Manipulation of
data, Exposure of sensitive information, System access
Released:    2007-01-25

Some vulnerabilities have been reported in the Project issue tracking
module for Drupal, which can be exploited by malicious users to bypass
certain security restrictions, disclose sensitive information,
manipulate data, compromise vulnerable systems or conduct script
insertion attacks.

Full Advisory:
http://secunia.com/advisories/23887/ 

 --

[SA23884] GTK+ "GdkPixbufLoader()" Denial of Service

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2007-01-25

A vulnerability has been reported in GTK+, which can be exploited by
malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/23884/ 

 --

[SA23880] GeoIP C API "GeoIP_update_database_general()" Directory
Traversal

Critical:    Less critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-01-24

Dean Gaudet has reported a vulnerability in GeoIP, which can be
exploited by malicious people to overwrite arbitary files on a user's
system.

Full Advisory:
http://secunia.com/advisories/23880/ 

 --

[SA23855] Yana Framework Guestbook Profile Security Bypass

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass
Released:    2007-01-23

A vulnerability has been reported in Yana Framework, which can be
exploited by malicious users to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/23855/ 

 --

[SA23852] wzdftpd Data Handling Denial of Service Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2007-01-22

Jose Miguel Esparza has discovered a vulnerability in wzdftpd, which
can be exploited by malicious users to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/23852/ 

 --

[SA23849] PostNuke "cover" Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-01-23

Omid has discovered a vulnerability in PostNuke, which can be exploited
by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/23849/ 

 --

[SA23843] Hitachi Web Server Multiple Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting
Released:    2007-01-25

Some vulnerabilities have been reported in Hitachi Web Server, which
can be exploited by malicious people to bypass certain security
restrictions or conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/23843/ 

 --

[SA23866] Hitachi OpenTP1 Data Handling Denial of Service
Vulnerability

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2007-01-25

A vulnerability has been reported in Hitachi OpenTP1, which can be
exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/23866/ 

 --

[SA23854] Hitachi HIBUN Advanced Edition Server Denial of Service

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2007-01-25

A vulnerability has been reported in Hitachi HIBUN Advanced Edition
Server, which can be exploited by malicious people to cause a DoS
(Denial of Service).

Full Advisory:
http://secunia.com/advisories/23854/ 



=======================================================================
Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/ 

Subscribe:
http://secunia.com/secunia_weekly_summary/ 

Contact details:
Web	: http://secunia.com/ 
E-mail	: support@secunia.com 
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45


_____________________________
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn 
 

Site design & layout copyright © 1986-2014 CodeGods