AOH :: ISNQ4588.HTM

Secunia Weekly Summary - Issue: 2007-38




Secunia Weekly Summary - Issue: 2007-38
Secunia Weekly Summary - Issue: 2007-38



=======================================================================
                  The Secunia Weekly Advisory Summary                  
                        2007-09-13 - 2007-09-20                        

                       This week: 80 advisories                        

=======================================================================Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing

=======================================================================1) Word From Secunia:

Try a new way to discover vulnerabilities that ALREADY EXIST in your
IT infrastructure.

The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT
vulnerabilities in more than 4,700 different Windows applications.

Request your account, the Secunia Network Software Inspector (NSI):
http://secunia.com/network_software_inspector/ 

=======================================================================2) This Week in Brief:

A week after Microsoft released its security patches for August,
several vulnerabilities have been reported in various Microsoft
products, which can be exploited by malicious people to compromise
vulnerable systems.

The first, a vulnerability in Microsoft Windows, is caused by a
boundary error in the "FindFile()" function of the CFileFind class in
the mfc42.dll and mfc42u.dll files. Passing an overly long argument to
the affected function exploits the vulnerability, and causes a
heap-based buffer overflow.

Two Hewlett-Packard products are known to contain vectors that may
allow exploitation of this vulnerability: HP All-in-One Series Web
Release software/driver installer version 2.1.0, and HP Photo &
Imaging Gallery version 1.1.

The vulnerability is confirmed on a fully-patched Windows XP SP2
including mfc42.dll version 6.2.4131.0 and mfc42u.dll version
6.2.8071.0, and remains unpatched. For more information, refer to:
http://secunia.com/advisories/26800/ 

Several other vulnerabilities were reported in two Microsoft Visual
Studio ActiveX controls. The PDWizard.ocx  ActiveX control contains
the insecure methods "StartProcess()" and "SyncShell()", which can be
exploited to execute arbitrary commands on the system. Other insecure
methods have also been reported, such as "SaveAs()",
"CABDefaultURL()", "CABFileName()", and "CABRunFile()".

The "Load()" and "SaveAs()" methods of the VBTOVSI.DLL ActiveX control
can also be exploited to, for example, load a local file and save it
in an arbitrary location or overwrite an arbitrary file.

The vulnerabilities are reported in version 6.0, and remain unpatched.

 --

Some vulnerabilities have been reported in OpenOffice, which 
potentially can be exploited by malicious people to compromise a
user's system. By tricking a user into, for example, opening a
specially crafted document that requires processing of TIFF images,
integer overflows can occur, which when exploited trigger heap-based
buffer overflows. Successful exploitation may allow the execution of
arbitrary code.

The vulnerabilities are reported in versions prior to 2.3. Users of
OpenOffice versions prior to 2.3 are urged to upgrade to the fixed
version. Users of the OpenOffice 1.1.x and 1.0.x branches should note
that these versions are not patched, and should instead upgrade to
version 2.3. For more information, refer to:
http://secunia.com/advisories/26816/ 

 --

A vulnerability in the popular virtual world Second Life was reported
this week, which could potentially give a malicious person access to
a legitimate player's user account.

The problem is that SecondLife registers the "secondlife://" URI
handler and allows invoking SecondLife with arbitrary command line
arguments. By using certain parameters, such as "-autologin" and
"-loginuri", it is possible to gain knowledge of, for example, a
user's username and password hash by specifying a malicious server.

Successful exploitation requires that the legitimate user is, for
example, tricked into visiting a malicious website. The vulnerability,
which is reported in version 1.x, remains unpatched. Users are urged
not to browse untrusted sites. For more information, refer to:
http://secunia.com/advisories/26845/ 
 
 --

VIRUS ALERTS:

During the past week Secunia collected 167 virus descriptions from the
Antivirus vendors. However, none were deemed MEDIUM risk or higher
according to the Secunia assessment scale.

=======================================================================3) This Weeks Top Ten Most Read Advisories:

1.  [SA26800] Microsoft Windows CFileFind Class "FindFile()" Buffer
              Overflow
2.  [SA26806] Media Player Classic AVI File Processing Buffer Overflow
3.  [SA26820] WinSCP Protocol Handler Command Line Switch Injection
4.  [SA26753] Microsoft Agent ActiveX Control URL Handling Buffer
              Overflow Vulnerability
5.  [SA26779] Microsoft Visual Studio Two ActiveX Controls Insecure
              Methods
6.  [SA26819] Alien Arena 2007 Multiple Vulnerabilities
7.  [SA26809] Joomla joomlaradio Component "mosConfig_live_site" File
              Inclusion
8.  [SA26741] Plesk "PLESKSESSID" SQL Injection Vulnerability
9.  [SA26788] Invision Power Board Multiple Vulnerabilities
10. [SA26760] Red Hat update for kernel

=======================================================================4) Vulnerabilities Summary Listing

Windows:
[SA26835] RemoteDocs R-Viewer RDZ Code Execution and Information
Disclosure
[SA26830] PhotoChannel Networks Photo Upload Plugin ActiveX Control
Buffer Overflows
[SA26820] WinSCP Protocol Handler Command Line Switch Injection
[SA26878] Mercury Mail Transport System IMAPD SEARCH Buffer Overflow
[SA26815] jetCast Server HTTP Request Processing Denial of Service
[SA26889] WebBatch Information Disclosure and Cross-Site Scripting
[SA26845] Second Life URI Handler Registration Vulnerability
[SA26836] MW6 Technologies QRCode ActiveX Control Two Insecure Methods
[SA26832] WinImage Directory Traversal Vulnerability

UNIX/Linux:
[SA26909] VMware ESX Server Multiple Security Updates
[SA26861] rPath update for openoffice.org
[SA26855] Fedora update for openoffice.org
[SA26844] Red Hat update for openoffice.org
[SA26828] Gentoo update for realplayer
[SA26824] rPath update for lighttpd
[SA26822] Trustix Update for Multiple Packages
[SA26817] Debian update for openoffice.org
[SA26896] Red Hat update for nfs-utils-lib
[SA26882] Fedora update for qt
[SA26880] Gentoo update for phpwiki
[SA26868] Ubuntu update for qt
[SA26865] Red Hat update for libvorbis
[SA26862] Gentoo update for poppler
[SA26860] rPath update for kdebase
[SA26858] Sun Solaris BIND 8 Predictable DNS Query IDs Vulnerability
[SA26857] SGI Advanced Linux Environment Multiple Updates
[SA26856] Fedora update for gd
[SA26852] Avaya Products Qt QTextEdit Error Message Handling Format
String Vulnerability
[SA26847] Avaya Products BIND Predictable DNS Query IDs Vulnerability
[SA26838] rPath Update for Multiple php Packages
[SA26827] Gentoo flac123 Comment Parsing Vulnerability
[SA26826] Gentoo update for eggdrop
[SA26821] PHP Webquest "id_actividad" SQL Injection
[SA26814] Gentoo update for streamripper
[SA26813] Gentoo update for kvirc
[SA26811] Qt QUtf8Decoder Off-By-One Vulnerability
[SA26823] rPath update for xorg-x11
[SA26901] Ubuntu update for t1lib
[SA26872] Fedora update for cacti
[SA26870] Fedora update for mediawiki
[SA26863] Fedora update for quagga
[SA26842] Fedora update for httpd
[SA26831] AXIS 207W Network Camera Multiple Vulnerabilities
[SA26829] Ubuntu update for quagga
[SA26825] inotify-tools "inotifytools_snprintf()" Buffer Overflow
Vulnerability
[SA26897] Red Hat update for xorg-x11
[SA26873] HP-UX logins(1M) Command Security Issue
[SA26866] SKK Tools skkdic-expr.c Insecure Temporary Files
[SA26859] Ubuntu update for xorg-server
[SA26834] rPath update for samba and samba-swat
[SA26818] Gentoo update for id3lib
[SA26900] rPath update for gdm
[SA26894] KDE KDM Login Password Check Security Bypass
[SA26879] Gentoo update for gdm
[SA26810] Gentoo update for po4a

Other:
[SA26853] OmniPCX Enterprise Unified Maintenance Tool Shell Command
Injection
[SA26869] AirDefense Airsensor M520 HTTPS Request Handling Denial of
Service Vulnerabilities

Cross Platform:
[SA26849] Joomla Joomla!12Pictures Component "mosConfig_live_site" File
Inclusion
[SA26840] Shop-Script FREE Security Bypass and PHP Code Execution
[SA26839] OpenOffice TIFF Parsing Integer Overflow Vulnerabilities
[SA26819] Alien Arena 2007 Multiple Vulnerabilities
[SA26816] OpenOffice 2 TIFF Parsing Integer Overflow Vulnerabilities
[SA26812] phpFFL "PHPFFL_FILE_ROOT" File Inclusion Vulnerabilities
[SA26809] Joomla joomlaradio Component "mosConfig_live_site" File
Inclusion
[SA26908] PhpWebGallery "author" Script Insertion
[SA26902] OneCMS "abc" SQL Injection Vulnerability
[SA26877] Merak Mail Server Email Body Script Insertion Vulnerability
[SA26875] phpBB Styles Demo Module SQL Injection and Cross-Site
Scripting
[SA26851] Chupix "fichier" Directory Traversal Vulnerability
[SA26890] VMWare Products Multiple Vulnerabilities
[SA26883] IBM Tivoli Storage Manager Client Information Disclosure and
Buffer Overflow
[SA26886] Phormer Multiple Cross-Site Scripting Vulnerabilities
[SA26881] Firefox "-chrome" Parameter Security Issue
[SA26854] b1gMail "chapter" Cross-Site Scripting
[SA26848] Bugzilla "createemailregexp" Security Bypass Vulnerability
[SA26843] Coppermine Photo Gallery Cross-Site Scripting and Local File
Inclusion
[SA26841] TinyWebGallery Multiple URL Cross-Site Scripting
[SA26837] Python imageop "tovideo()" Integer Overflow Security Issue
[SA26833] osCMax URL Cross-Site Scripting Vulnerability
[SA26876] Dibbler Multiple Denial of Service Vulnerabilities

=======================================================================5) Vulnerabilities Content Listing

Windows:--

[SA26835] RemoteDocs R-Viewer RDZ Code Execution and Information
Disclosure

Critical:    Highly critical
Where:       From remote
Impact:      Exposure of sensitive information, System access
Released:    2007-09-18

Adam Baldwin has reported a vulnerability and a security issue in
RemoteDocs R-Viewer, which potentially can be exploited by malicious,
local users to disclose sensitive information and by malicious people
to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26835/ 

 --

[SA26830] PhotoChannel Networks Photo Upload Plugin ActiveX Control
Buffer Overflows

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-09-17

Will Dormann has reported some vulnerabilities in PhotoChannel Networks
Photo Upload Plugin ActiveX Control, which can be exploited by malicious
people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/26830/ 

 --

[SA26820] WinSCP Protocol Handler Command Line Switch Injection

Critical:    Highly critical
Where:       From remote
Impact:      Manipulation of data, System access
Released:    2007-09-14

Kender.Security has discovered a vulnerability in WinSCP, which can be
exploited by malicious people to manipulate certain files on a user's
system and potentially to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26820/ 

 --

[SA26878] Mercury Mail Transport System IMAPD SEARCH Buffer Overflow

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2007-09-20

void has discovered a vulnerability in Mercury Mail Transport System,
which can be exploited by malicious users to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/26878/ 

 --

[SA26815] jetCast Server HTTP Request Processing Denial of Service

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2007-09-14

vCore has discovered a vulnerability in jetCast Server, which can be
exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/26815/ 

 --

[SA26889] WebBatch Information Disclosure and Cross-Site Scripting

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting, Exposure of sensitive information
Released:    2007-09-20

Doz has reported a vulnerability and a security issue in WebBatch,
which can be exploited by malicious people to disclose system
information or conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/26889/ 

 --

[SA26845] Second Life URI Handler Registration Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Exposure of sensitive information
Released:    2007-09-18

pdp has reported a vulnerability in Second Life, which can be exploited
by malicious people to disclose certain sensitive information.

Full Advisory:
http://secunia.com/advisories/26845/ 

 --

[SA26836] MW6 Technologies QRCode ActiveX Control Two Insecure Methods

Critical:    Less critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-09-18

shinnai has discovered two vulnerabilities in MW6 Technologies QRCode
ActiveX control, which can be exploited by malicious people to
overwrite arbitrary files.

Full Advisory:
http://secunia.com/advisories/26836/ 

 --

[SA26832] WinImage Directory Traversal Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      System access
Released:    2007-09-18

j00ru has discovered a vulnerability in WinImage, which can be
exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/26832/ 


UNIX/Linux:--

[SA26909] VMware ESX Server Multiple Security Updates

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Privilege escalation, DoS, System access
Released:    2007-09-20

VMware has issued an update for VMware ESX Server. This fixes some
vulnerabilities, which can be exploited by malicious, local users to
bypass certain security restrictions, perform certain actions with
escalated privileges, or to cause a DoS (Denial of Service), by
malicious users to bypass certain security restrictions, and by
malicious people to cause a DoS (Denial of Service) or compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/26909/ 

 --

[SA26861] rPath update for openoffice.org

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-09-19

rPath has issued an update for openoffice.org. This fixes a
vulnerability, which potentially can be exploited by malicious people
to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/26861/ 

 --

[SA26855] Fedora update for openoffice.org

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-09-19

Fedora has issued an update for openoffice.org. This fixes a
vulnerability, which potentially can be exploited by malicious people
to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/26855/ 

 --

[SA26844] Red Hat update for openoffice.org

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-09-18

Red Hat has issued an update for openoffice.org. This fixes some
vulnerabilities, which potentially can be exploited by malicious people
to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/26844/ 

 --

[SA26828] Gentoo update for realplayer

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-09-17

Gentoo has issued an update for realplayer. This fixes a vulnerability,
which can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/26828/ 

 --

[SA26824] rPath update for lighttpd

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-09-17

rPath has issued an update for lighttpd. This fixes a vulnerability,
which can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/26824/ 

 --

[SA26822] Trustix Update for Multiple Packages

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, DoS, System access
Released:    2007-09-18

Trustix has issued an update for multiple packages. This fixes some
vulnerabilities, which can be exploited by malicious, local users to
cause a DoS (Denial of Service) or bypass certain security
restrictions, and by malicious people to cause a DoS, conduct
cross-site scripting attacks, or compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26822/ 

 --

[SA26817] Debian update for openoffice.org

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-09-18

Debian has issued an update for openoffice.org. This fixes some
vulnerabilities, which potentially can be exploited by malicious people
to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/26817/ 

 --

[SA26896] Red Hat update for nfs-utils-lib

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2007-09-20

Red Hat has issued an update for nfs-utils-lib. This fixes a
vulnerability, which can be exploited by malicious people to cause a
DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/26896/ 

 --

[SA26882] Fedora update for qt

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-09-19

Fedora has issued an update for qt. This fixes some vulnerabilities,
which can be exploited by malicious people to cause a DoS (Denial of
Service) or compromise an application using the library.

Full Advisory:
http://secunia.com/advisories/26882/ 

 --

[SA26880] Gentoo update for phpwiki

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2007-09-19

Gentoo has issued an update for phpwiki. This fixes a vulnerability,
which can be exploited by malicious people to bypass certain security
restrictions.

Full Advisory:
http://secunia.com/advisories/26880/ 

 --

[SA26868] Ubuntu update for qt

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-09-19

Ubuntu has issued an update for qt. This fixes a vulnerability, which
can potentially be exploited by malicious people to cause a DoS (Denial
of Service) or to compromise an application using the library.

Full Advisory:
http://secunia.com/advisories/26868/ 

 --

[SA26865] Red Hat update for libvorbis

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-09-20

Red Hat has issued an update for libvorbis. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service) or potentially compromise an application using
the library.

Full Advisory:
http://secunia.com/advisories/26865/ 

 --

[SA26862] Gentoo update for poppler

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2007-09-20

Gentoo has issued an update for poppler. This fixes some
vulnerabilities, which potentially can be exploited by malicious people
to compromise an application using the library.

Full Advisory:
http://secunia.com/advisories/26862/ 

 --

[SA26860] rPath update for kdebase

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of sensitive information
Released:    2007-09-19

rPath has issued an update for kdebase. This fixes a vulnerability,
which can be exploited by malicious people to disclose potentially
sensitive information.

Full Advisory:
http://secunia.com/advisories/26860/ 

 --

[SA26858] Sun Solaris BIND 8 Predictable DNS Query IDs Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Spoofing
Released:    2007-09-19

Sun has acknowledged a vulnerability in BIND 8 for Sun Solaris, which
can be exploited by malicious people to poison the DNS cache.

Full Advisory:
http://secunia.com/advisories/26858/ 

 --

[SA26857] SGI Advanced Linux Environment Multiple Updates

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, DoS, System access
Released:    2007-09-20

SGI has issued multiple updates for SGI Advanced Linux Environment.
These fix some vulnerabilities, which can be exploited by malicious
people to conduct cross-site scripting attacks, cause a DoS (Denial of
Service), and potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26857/ 

 --

[SA26856] Fedora update for gd

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2007-09-19

Fedora has issued an update for gd. This fixes some vulnerabilities,
which can potentially be exploited to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/26856/ 

 --

[SA26852] Avaya Products Qt QTextEdit Error Message Handling Format
String Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2007-09-17

Avaya has acknowledged a vulnerability in various Avaya products, which
potentially can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/26852/ 

 --

[SA26847] Avaya Products BIND Predictable DNS Query IDs Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Spoofing
Released:    2007-09-17

Avaya has acknowledged a vulnerability in various Avaya products, which
can be exploited by malicious people to poison the DNS cache.

Full Advisory:
http://secunia.com/advisories/26847/ 

 --

[SA26838] rPath Update for Multiple php Packages

Critical:    Moderately critical
Where:       From remote
Impact:      Unknown, Security Bypass
Released:    2007-09-18

rPath has issued an update for multiple php packages. This fixes some
vulnerabilities, where some have unknown impacts and others can be
exploited by malicious, local users and malicious users to bypass
certain security restrictions.

Full Advisory:
http://secunia.com/advisories/26838/ 

 --

[SA26827] Gentoo flac123 Comment Parsing Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2007-09-17

Gentoo has acknowledged a vulnerability in flac123, which potentially
can be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/26827/ 

 --

[SA26826] Gentoo update for eggdrop

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2007-09-17

Gentoo has issued an update for eggdrop. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/26826/ 

 --

[SA26821] PHP Webquest "id_actividad" SQL Injection

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data, Exposure of sensitive information
Released:    2007-09-17

D4real_TeaM has discovered a vulnerability in PHP Webquest, which can
be exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/26821/ 

 --

[SA26814] Gentoo update for streamripper

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2007-09-14

Gentoo has issued an update for streamripper. This fixes some
vulnerabilities, which can be exploited by malicious people to
compromise a user's system.

Full Advisory:
http://secunia.com/advisories/26814/ 

 --

[SA26813] Gentoo update for kvirc

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2007-09-14

Gentoo has issues an update for kvirc. This fixes a vulnerability,
which can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/26813/ 

 --

[SA26811] Qt QUtf8Decoder Off-By-One Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-09-14

A vulnerability has been reported in Qt, which can potentially be
exploited by malicious people to cause a DoS (Denial of Service) or to
compromise an application using the library.

Full Advisory:
http://secunia.com/advisories/26811/ 

 --

[SA26823] rPath update for xorg-x11

Critical:    Moderately critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-09-17

rPath has issued an update for xorg-x11. This fixes a vulnerability,
which can potentially be exploited by malicious, local users to gain
escalated privileges.

Full Advisory:
http://secunia.com/advisories/26823/ 

 --

[SA26901] Ubuntu update for t1lib

Critical:    Less critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-09-20

Ubuntu has issued an update for t1lib. This fixes a vulnerability,
which can be exploited by malicious users to potentially compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/26901/ 

 --

[SA26872] Fedora update for cacti

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2007-09-19

Fedora has issued an update for cacti. This fixes some vulnerabilities,
which potentially can be exploited by malicious people to cause a DoS
(Denial of Service).

Full Advisory:
http://secunia.com/advisories/26872/ 

 --

[SA26870] Fedora update for mediawiki

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-09-19

Fedora has issued an update for mediawiki. This fixes a vulnerability,
which can be exploited by malicious people to conduct cross-site
scripting attacks.

Full Advisory:
http://secunia.com/advisories/26870/ 

 --

[SA26863] Fedora update for quagga

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2007-09-19

Fedora has issued an update for quagga. This fixes some
vulnerabilities, which potentially  can be exploited by malicious users
to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/26863/ 

 --

[SA26842] Fedora update for httpd

Critical:    Less critical
Where:       From remote
Impact:      Exposure of sensitive information, DoS
Released:    2007-09-19

Fedora has issued an update for httpd. This fixes some vulnerabilities,
which can be exploited by malicious people to cause a DoS (Denial of
Service) and disclose potentially sensitive information.

Full Advisory:
http://secunia.com/advisories/26842/ 

 --

[SA26831] AXIS 207W Network Camera Multiple Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting, DoS
Released:    2007-09-17

Seth Fogie has reported some vulnerabilities in the AXIS 207W Network
Camera, which can be exploited by malicious people to conduct
cross-site scripting and cross-site request forgery attacks, or by
malicious users to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/26831/ 

 --

[SA26829] Ubuntu update for quagga

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2007-09-17

Ubuntu has issued an update for quagga. This fixes some
vulnerabilities, which can be exploited by malicious users to cause a
DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/26829/ 

 --

[SA26825] inotify-tools "inotifytools_snprintf()" Buffer Overflow
Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-09-19

A vulnerability has been reported in inotify-tools, which can
potentially be exploited by malicious users to compromise an
application using the library.

Full Advisory:
http://secunia.com/advisories/26825/ 

 --

[SA26897] Red Hat update for xorg-x11

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-09-20

Red Hat has issued an update for xorg-x11. This fixes a vulnerability,
which potentially can be exploited by malicious, local users to gain
escalated privileges.

Full Advisory:
http://secunia.com/advisories/26897/ 

 --

[SA26873] HP-UX logins(1M) Command Security Issue

Critical:    Less critical
Where:       Local system
Impact:      Security Bypass
Released:    2007-09-20

A security issue has been reported in HP-UX, which may result in
password problems not being detected.

Full Advisory:
http://secunia.com/advisories/26873/ 

 --

[SA26866] SKK Tools skkdic-expr.c Insecure Temporary Files

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-09-19

A security issue has been reported in SKK Tools. This can be exploited
by malicious, local users to perform certain actions with escalated
privileges.

Full Advisory:
http://secunia.com/advisories/26866/ 

 --

[SA26859] Ubuntu update for xorg-server

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-09-19

Ubuntu has issued an update for xorg-server. This fixes a
vulnerability, which potentially can be exploited by malicious, local
users to gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/26859/ 

 --

[SA26834] rPath update for samba and samba-swat

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-09-17

rPath has issued an update for samba and samba-swat. This fixes a
security issue, which can be exploited by malicious, local users gain
escalated privileges.

Full Advisory:
http://secunia.com/advisories/26834/ 

 --

[SA26818] Gentoo update for id3lib

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-09-17

Gentoo has issued an update for id3lib. This fixes a security issue,
which can be exploited by malicious, local users to gain escalated
privileges.

Full Advisory:
http://secunia.com/advisories/26818/ 

 --

[SA26900] rPath update for gdm

Critical:    Not critical
Where:       Local system
Impact:      DoS
Released:    2007-09-20

rPath has issued an update for gdm. This fixes a vulnerability, which
can be exploited by malicious, local users to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/26900/ 

 --

[SA26894] KDE KDM Login Password Check Security Bypass

Critical:    Not critical
Where:       Local system
Impact:      Security Bypass
Released:    2007-09-20

KDE has acknowledged a security issue in KDM, which can be exploited by
malicious, local users to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/26894/ 

 --

[SA26879] Gentoo update for gdm

Critical:    Not critical
Where:       Local system
Impact:      DoS
Released:    2007-09-19

Gentoo has issued an update for gdm. This fixes a vulnerability, which
can be exploited by malicious, local users to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/26879/ 

 --

[SA26810] Gentoo update for po4a

Critical:    Not critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-09-14

Gentoo has issued an update for po4a. This fixes a security issue,
which can be exploited by malicious, local users to perform certain
actions with escalated privileges.

Full Advisory:
http://secunia.com/advisories/26810/ 


Other:--

[SA26853] OmniPCX Enterprise Unified Maintenance Tool Shell Command
Injection

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-09-17

A vulnerability has been reported in the OmniPCX Enterprise Unified
Maintenance Tool, which can be exploited by malicious people to
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26853/ 

 --

[SA26869] AirDefense Airsensor M520 HTTPS Request Handling Denial of
Service Vulnerabilities

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2007-09-19

Alex Hernandez has reported some vulnerabilities in AirDefense
Airsensor M520, which can be exploited by malicious people to cause a
DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/26869/ 


Cross Platform:--

[SA26849] Joomla Joomla!12Pictures Component "mosConfig_live_site" File
Inclusion

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-09-19

Morgan has reported a vulnerability in the Joomla!12Pictures component
for Joomla, which can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/26849/ 

 --

[SA26840] Shop-Script FREE Security Bypass and PHP Code Execution

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, System access
Released:    2007-09-18

Raz0r has discovered some vulnerabilities in Shop-Script FREE, which
can be exploited by malicious people to bypass certain security
restrictions and compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26840/ 

 --

[SA26839] OpenOffice TIFF Parsing Integer Overflow Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-09-18

Some vulnerabilities have been reported in OpenOffice, which
potentially can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/26839/ 

 --

[SA26819] Alien Arena 2007 Multiple Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-09-14

Luigi Auriemma has reported some vulnerabilities in Alien Arena 2007,
which can be exploited by malicious people to conduct DoS (Denial of
Service) attacks or to potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26819/ 

 --

[SA26816] OpenOffice 2 TIFF Parsing Integer Overflow Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-09-18

Some vulnerabilities have been reported in OpenOffice, which
potentially can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/26816/ 

 --

[SA26812] phpFFL "PHPFFL_FILE_ROOT" File Inclusion Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information, System access
Released:    2007-09-17

Some vulnerabilities have been discovered in phpFFL (Fantasy Football
League Manager), which can be exploited by malicious people to disclose
sensitive information or to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26812/ 

 --

[SA26809] Joomla joomlaradio Component "mosConfig_live_site" File
Inclusion

Critical:    Highly critical
Where:       From remote
Impact:      Exposure of sensitive information, System access
Released:    2007-09-14

Morgan has discovered a vulnerability in the joomlaradio component for
Joomla, which can be exploited by malicious people to disclose
sensitive information or to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26809/ 

 --

[SA26908] PhpWebGallery "author" Script Insertion

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-09-20

nights_shadow has discovered a vulnerability in PhpWebGallery, which
can be exploited by malicious people to conduct script insertion
attacks.

Full Advisory:
http://secunia.com/advisories/26908/ 

 --

[SA26902] OneCMS "abc" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data, Exposure of sensitive information
Released:    2007-09-20

str0ke has reported a vulnerability in OneCMS, which can be exploited
by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/26902/ 

 --

[SA26877] Merak Mail Server Email Body Script Insertion Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-09-19

MWR InfoSecurity has reported a vulnerability in Merak Mail Server,
which can be exploited by malicious people to conduct script insertion
attacks.

Full Advisory:
http://secunia.com/advisories/26877/ 

 --

[SA26875] phpBB Styles Demo Module SQL Injection and Cross-Site
Scripting

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data, Exposure of
sensitive information
Released:    2007-09-19

nexen has discovered two vulnerabilities in the Styles Demo module for
phpBB, which can be exploited by malicious people to conduct cross-site
scripting attacks and SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/26875/ 

 --

[SA26851] Chupix "fichier" Directory Traversal Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information
Released:    2007-09-17

GoLd_M has discovered a vulnerability in Chupix, which can be exploited
by malicious people to disclose sensitive information.

Full Advisory:
http://secunia.com/advisories/26851/ 

 --

[SA26890] VMWare Products Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From local network
Impact:      Privilege escalation, DoS, System access
Released:    2007-09-20

Multiple vulnerabilities have been reported in various VMware products,
which can be exploited by malicious, local users to gain escalated
privileges or cause a DoS (Denial of Service) or by malicious people to
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26890/ 

 --

[SA26883] IBM Tivoli Storage Manager Client Information Disclosure and
Buffer Overflow

Critical:    Moderately critical
Where:       From local network
Impact:      Exposure of sensitive information, System access
Released:    2007-09-20

Two vulnerabilities have been reported in IBM Tivoli Storage Manager
(TSM) Client, which can be exploited by malicious people to disclose
sensitive information or potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26883/ 

 --

[SA26886] Phormer Multiple Cross-Site Scripting Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-09-20

nights.shadow has discovered some vulnerabilities in Phormer, which can
be exploited by malicious people to conduct cross-site scripting
attacks.

Full Advisory:
http://secunia.com/advisories/26886/ 

 --

[SA26881] Firefox "-chrome" Parameter Security Issue

Critical:    Less critical
Where:       From remote
Impact:      System access
Released:    2007-09-19

Mozilla has acknowledged a security issue in Firefox, which potentially
can be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/26881/ 

 --

[SA26854] b1gMail "chapter" Cross-Site Scripting

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-09-18

malibu.r has reported a vulnerability in b1gMail, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/26854/ 

 --

[SA26848] Bugzilla "createemailregexp" Security Bypass Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass
Released:    2007-09-19

A vulnerability has been reported in Bugzilla, which can be exploited
by malicious people to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/26848/ 

 --

[SA26843] Coppermine Photo Gallery Cross-Site Scripting and Local File
Inclusion

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting, Exposure of system information,
Exposure of sensitive information
Released:    2007-09-18

L4teral has discovered two vulnerabilities in Coppermine Photo Gallery,
which can be exploited by malicious people to conduct cross-site
scripting attacks and by malicious users to disclose sensitive
information.

Full Advisory:
http://secunia.com/advisories/26843/ 

 --

[SA26841] TinyWebGallery Multiple URL Cross-Site Scripting

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-09-17

VIRANGAR UNDER GR0UND TEAM has discovered some vulnerabilities in
TinyWebGallery, which can be exploited by malicious people to conduct
cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/26841/ 

 --

[SA26837] Python imageop "tovideo()" Integer Overflow Security Issue

Critical:    Less critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-09-19

Slythers Bro has discovered a security issue in the imageop module for
Python, which can be exploited by malicious people to cause a DoS
(Denial of Service) and potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26837/ 

 --

[SA26833] osCMax URL Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-09-17

VIRANGAR UNDER GR0UND TEAM has discovered a vulnerability in osCMax,
which can be exploited by malicious people to conduct cross-site
scripting attacks.

Full Advisory:
http://secunia.com/advisories/26833/ 

 --

[SA26876] Dibbler Multiple Denial of Service Vulnerabilities

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2007-09-20

Mu Security research team has reported some vulnerabilities in Dibbler,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/26876/ 



=======================================================================
Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/ 

Subscribe:
http://secunia.com/secunia_weekly_summary/ 

Contact details:
Web	: http://secunia.com/ 
E-mail	: support@secunia.com 
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45


__________________________________________________________________      
CSI 2007 is the only conference that delivers a business-focused
overview of enterprise security. It will convene 1,500+ delegates,
80 exhibitors and features 100+ sessions/seminars providing a
roadmap for integrating policies and procedures with new tools
and techniques.  Register now for savings on conference fees   
and/or free exhibits admission. - www.csiannual.com 

Site design & layout copyright © 1986-2014 CodeGods