AOH :: ISNQ4617.HTM

Secunia Weekly Summary - Issue: 2007-39




Secunia Weekly Summary - Issue: 2007-39
Secunia Weekly Summary - Issue: 2007-39



=======================================================================
                  The Secunia Weekly Advisory Summary                  
                        2007-09-20 - 2007-09-27                        

                       This week: 61 advisories                        

=======================================================================Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing

=======================================================================1) Word From Secunia:

Try a new way to discover vulnerabilities that ALREADY EXIST in your
IT infrastructure.

The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT
vulnerabilities in more than 4,700 different Windows applications.

Request your account, the Secunia Network Software Inspector (NSI):
http://secunia.com/network_software_inspector/ 

=======================================================================2) This Week in Brief:

This week was not a good week for the Linux Kernel, as two
vulnerabilities and a security issue were disclosed for the kernel.

The first vulnerability, which can be exploited by malicious, local
users to gain escalated privileges, is due to the kernel not
zero-extending x86_64 registers after ptrace in the 32-bit entry
path. This vulnerability has been patched in version 2.4.35.3 or
2.6.22.7. For more information, refer to:
http://secunia.com/advisories/26934/ 

The second vulnerability, which can be exploited by malicious, local
users to disclose potentially sensitive information, is due to an
error within the "snd_mem_proc_read()" function in
sound/core/memalloc.c when handling multiple reads from the
"/proc/driver/snd-page-alloc" file. This can be exploited to
disclose certain kernel memory. This vulnerability has been patched in
version 2.6.22.8. Users of prior versions are urged to update their
systems. For more information, refer to:
http://secunia.com/advisories/26918/ 

A security issue has also been reported, which potentially can be
exploited by malicious, local users to cause a DoS (Denial of
Service). The security issue is caused due to an error in ptrace when
single-stepping a debugged child process with invalid values in the
"CS" register, which can be exploited to cause a kernel oops. The
issue is fixed in the GIT repository. For more information, refer to:
http://secunia.com/advisories/26935/ 

 --

A vulnerability has been discovered in the Ask.com Ask Toolbar, which
can be exploited by malicious people to compromise a user's system.
The vulnerability, a boundary error in the
AskJeevesToolBar.SettingsPlugin.1 ActiveX control (askBar.dll) when
handling the "ShortFormat" property, can be exploited to cause a
stack-based buffer overflow by assigning a string with a length of
more than 500 bytes to the affected property.

Successful exploitation allows execution of arbitrary code. The
vulnerability is confirmed in version 4.0.2 and currently remains
unpatched. For more information, refer to:
http://secunia.com/advisories/26960/ 

 --

Multiple vulnerabilities were disclosed in various VMWare products
this week, which can be exploited by malicious, local users to gain
escalated privileges or cause a DoS (Denial of Service) or by
malicious people to compromise a vulnerable system.

The vulnerabilities affect both VMWare ESX Server version 2.x and
3.x, VMWare ACE versions 1.x and 2.x, VMWare Player versions 1.x
and 2.x, VMWare Server 1.x, and VMWare Workstation versions 5.x
and 6.x. Patches are available for all vulnerabilities. For more
information, refer to:
http://secunia.com/advisories/26890/ 
 
 --

VIRUS ALERTS:

During the past week Secunia collected 140 virus descriptions from the
Antivirus vendors. However, none were deemed MEDIUM risk or higher
according to the Secunia assessment scale.

=======================================================================3) This Weeks Top Ten Most Read Advisories:

1.  [SA26890] VMWare Products Multiple Vulnerabilities
1.  [SA26909] VMware ESX Server Multiple Security Updates
1.  [SA26800] Microsoft Windows CFileFind Class "FindFile()" Buffer
              Overflow
1.  [SA26883] IBM Tivoli Storage Manager Client Information Disclosure
              and Buffer Overflow
1.  [SA26921] libsndfile "flac_buffer_copy()" Buffer Overflow
              Vulnerability
1.  [SA26922] PhpGedView Multiple Cross-Site Scripting Vulnerabilities
1.  [SA26903] SUSE update for OpenOffice_org
1.  [SA26908] PhpWebGallery "author" Script Insertion
1.  [SA26873] HP-UX logins(1M) Command Security Issue
1.  [SA26960] Ask Toolbar ToolbarSettings ActiveX Control Buffer
              Overflow

=======================================================================4) Vulnerabilities Summary Listing

Windows:
[SA26960] Ask Toolbar ToolbarSettings ActiveX Control Buffer Overflow
[SA26966] Novus "nota_id" SQL Injection Vulnerability
[SA26927] NetSupport Manager Client Authentication Bypass
Vulnerability
[SA26914] CA BrightStor Hierarchical Storage Manager CsAgent
Vulnerabilities
[SA26959] ebCrypt eb_c_PRNGenerator Class ActiveX Control Insecure
Method
[SA26948] F-Secure Archives and Packed Executables Detection Bypass

UNIX/Linux:
[SA26933] Gentoo update for jrockit-jdk-bin
[SA26916] Gentoo update for clamav
[SA26912] Mandriva update for openoffice.org
[SA26910] Helplink "file" File Inclusion Vulnerability
[SA26939] Red Hat update for gimp
[SA26932] Fedora update for libsndfile
[SA26911] Gentoo update for rsync
[SA26984] Avaya Products tar Directory Traversal Vulnerability
[SA26969] Fedora update for bugzilla
[SA26967] Red Hat update for php
[SA26963] Freeside "failed" Cross-Site Scripting Vulnerability
[SA26952] Fedora update for httpd
[SA26947] Balsa "ir_fetch_seq()" Buffer Overflow Vulnerability
[SA26930] Fedora update for php
[SA26956] ELinks Proxy CONNECT Weakness
[SA26949] Ubuntu update for elinks
[SA26936] Fedora update for elinks
[SA26986] Xen pygrub Command Injection Vulnerability
[SA26955] Ubuntu update for kernel
[SA26953] rPath update for kernel
[SA26943] ChironFS File Creation Incorrect Ownership Vulnerability
[SA26938] Fedora update for ntfs-3g
[SA26934] Linux Kernel ptrace Local Privilege Escalation Vulnerability
[SA26919] Fedora update for kernel
[SA26917] Fedora update for kernel
[SA26950] Sun Solaris Thread Context Handling Denial of Service
[SA26935] Linux Kernel ptrace Single Step "CS" Null Pointer
Dereference
[SA26929] Ubuntu update for kdm
[SA26918] Linux Kernel ALSA "snd_mem_proc_read()" Information
Disclosure
[SA26915] rPath update for kdebase

Other:
[SA26925] HP TCP/IP Services for OpenVMS BIND Vulnerability
[SA26937] Barracuda Spam Firewall "Monitor Web Syslog" Script
Insertion
[SA26988] Cisco Catalyst 6500 / Cisco 7600 Series Devices Accessible
Loopback Address Weakness

Cross Platform:
[SA26962] FrontAccounting Two File Inclusion Vulnerabilities
[SA26931] iziContents Multiple File Inclusion Vulnerabilities
[SA26928] CMS Made Simple PHP "eval()" Injection Vulnerability
[SA26926] ImageMagick Multiple Vulnerabilities
[SA26924] Wordsmith "_path" File Inclusion Vulnerability
[SA26920] DFD Cart "set_depth" Multiple File Inclusion Vulnerabilities
[SA26974] SimpGB Cross-Site Scripting and Information Disclosure
[SA26968] Simple PHP Blog Cross-Site Scripting and File Upload
Vulnerabilities
[SA26961] JSPWiki Multiple Vulnerabilities
[SA26958] PHP-Nuke Dance Music Module Local File Inclusion
[SA26954] NukeSentinel "admin" Cookie SQL Injection
[SA26945] bcoos Arcade "gid" SQL Injection Vulnerability
[SA26942] Tk GIF Processing Buffer Overflow Vulnerability
[SA26941] Xcms "cpass.php" Authentication Bypass Vulnerability
[SA26940] ClanSphere "cat_id" SQL Injection Vulnerability
[SA26921] libsndfile "flac_buffer_copy()" Buffer Overflow
Vulnerability
[SA26965] SimpNews Two Cross-Site Scripting Vulnerabilities
[SA26957] FlatNuke Cross-Site Request Forgery Vulnerability
[SA26944] eGroupWare "cat_data[color]" Cross-Site Scripting
[SA26923] PHP-Nuke Nuke Mobile Entertainment Module Local File
Inclusion
[SA26922] PhpGedView Multiple Cross-Site Scripting Vulnerabilities
[SA26913] CMS Vigile Download and Wiki Cross-Site Scripting

=======================================================================5) Vulnerabilities Content Listing

Windows:--

[SA26960] Ask Toolbar ToolbarSettings ActiveX Control Buffer Overflow

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-09-25

Joey Mengele has discovered a vulnerability in Ask Toolbar, which can
be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/26960/ 

 --

[SA26966] Novus "nota_id" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-09-27

ka0x has reported a vulnerability in Novus, which can be exploited by
malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/26966/ 

 --

[SA26927] NetSupport Manager Client Authentication Bypass
Vulnerability

Critical:    Moderately critical
Where:       From local network
Impact:      Security Bypass
Released:    2007-09-24

A vulnerability has been reported in NetSupport Manager, which can be
exploited by malicious people to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/26927/ 

 --

[SA26914] CA BrightStor Hierarchical Storage Manager CsAgent
Vulnerabilities

Critical:    Moderately critical
Where:       From local network
Impact:      Manipulation of data, DoS, System access
Released:    2007-09-27

Multiple vulnerabilities have been reported in CA BrightStor
Hierarchical Storage Manager, which can be exploited by malicious
people to conduct SQL injection attacks, cause a DoS (Denial of
Service), or compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26914/ 

 --

[SA26959] ebCrypt eb_c_PRNGenerator Class ActiveX Control Insecure
Method

Critical:    Less critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-09-25

shinnai has discovered a vulnerability in ebCrypt, which can be
exploited by malicious people to overwrite arbitrary files.

Full Advisory:
http://secunia.com/advisories/26959/ 

 --

[SA26948] F-Secure Archives and Packed Executables Detection Bypass

Critical:    Not critical
Where:       From remote
Impact:      Security Bypass
Released:    2007-09-27

A vulnerability has been reported in F-Secure Anti-Virus, which can be
exploited by malware to bypass the scanning functionality.

Full Advisory:
http://secunia.com/advisories/26948/ 


UNIX/Linux:--

[SA26933] Gentoo update for jrockit-jdk-bin

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, DoS, System access
Released:    2007-09-24

Gentoo has issued an update for jrockit-jdk-bin. This fixes some
vulnerabilities, which can be exploited by malicious people to bypass
certain security restrictions, conduct cross-site scripting attacks, to
cause a DoS (Denial of Service), or to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26933/ 

 --

[SA26916] Gentoo update for clamav

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-09-21

Gentoo has issued an update for clamav. This fixes some
vulnerabilities, which can potentially be exploited by malicious people
to cause a DoS (Denial of Service) or to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/26916/ 

 --

[SA26912] Mandriva update for openoffice.org

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-09-21

Mandriva has issued an update for openoffice.org. This fixes some
vulnerabilities, which potentially can be exploited by malicious people
to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/26912/ 

 --

[SA26910] Helplink "file" File Inclusion Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information, System access
Released:    2007-09-24

Mahmood_ali has discovered a vulnerability in Helplink, which can be
exploited by malicious people to disclose sensitive information or to
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26910/ 

 --

[SA26939] Red Hat update for gimp

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2007-09-26

Red Hat has issued an update for gimp. This fixes some vulnerabilities,
which can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/26939/ 

 --

[SA26932] Fedora update for libsndfile

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2007-09-25

Fedora has issued an update for libsndfile. This fixes a vulnerability,
which can be exploited by malicious people to compromise an application
using the library.

Full Advisory:
http://secunia.com/advisories/26932/ 

 --

[SA26911] Gentoo update for rsync

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-09-21

Gentoo has issued an update for rsync. This fixes a vulnerability,
which can potentially be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/26911/ 

 --

[SA26984] Avaya Products tar Directory Traversal Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      System access
Released:    2007-09-27

Avaya has acknowledged a vulnerability in various Avaya products, which
can be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/26984/ 

 --

[SA26969] Fedora update for bugzilla

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass
Released:    2007-09-26

Fedora has issued an update for bugzilla. This fixes a vulnerability,
which can be exploited by malicious people to bypass certain security
restrictions.

Full Advisory:
http://secunia.com/advisories/26969/ 

 --

[SA26967] Red Hat update for php

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass, Exposure of sensitive information, DoS
Released:    2007-09-26

Red Hat has issued an update for php. This fixes some vulnerabilities,
which can be exploited by malicious, local users to bypass certain
security restrictions and by malicious people to bypass certain
security restrictions and cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/26967/ 

 --

[SA26963] Freeside "failed" Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-09-25

r0t has reported a vulnerability in Freeside, which can be exploited by
malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/26963/ 

 --

[SA26952] Fedora update for httpd

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2007-09-25

Fedora has issued an update for httpd. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/26952/ 

 --

[SA26947] Balsa "ir_fetch_seq()" Buffer Overflow Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-09-24

A vulnerability has been reported in Balsa, which potentially can be
exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/26947/ 

 --

[SA26930] Fedora update for php

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass, Exposure of sensitive information, DoS
Released:    2007-09-25

Fedora has issued an update for php. This fixes some vulnerabilities,
which can be exploited by malicious, local users to bypass certain
security restrictions and by malicious people to bypass certain
security restrictions and cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/26930/ 

 --

[SA26956] ELinks Proxy CONNECT Weakness

Critical:    Less critical
Where:       From local network
Impact:      Exposure of sensitive information
Released:    2007-09-25

A weakness has been reported in ELinks, which can be exploited by
malicious people to disclose sensitive information.

Full Advisory:
http://secunia.com/advisories/26956/ 

 --

[SA26949] Ubuntu update for elinks

Critical:    Less critical
Where:       From local network
Impact:      Exposure of sensitive information
Released:    2007-09-26

Ubuntu has issued an update for elinks. This fixes a weakness, which
can be exploited by malicious people to disclose sensitive
information.

Full Advisory:
http://secunia.com/advisories/26949/ 

 --

[SA26936] Fedora update for elinks

Critical:    Less critical
Where:       From local network
Impact:      Exposure of sensitive information
Released:    2007-09-25

Fedora has issued an update for elinks. This fixes a weakness, which
can be exploited by malicious people to disclose sensitive
information.

Full Advisory:
http://secunia.com/advisories/26936/ 

 --

[SA26986] Xen pygrub Command Injection Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Security Bypass, Privilege escalation
Released:    2007-09-27

Joris van Rantwijk has reported a vulnerability in Xen, which can be
exploited by malicious, local users to gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/26986/ 

 --

[SA26955] Ubuntu update for kernel

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation, DoS
Released:    2007-09-25

Ubuntu has issued an update for the kernel. This fixes some
vulnerabilities, which can be exploited by malicious, local users to
cause a DoS (Denial of Service) or gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/26955/ 

 --

[SA26953] rPath update for kernel

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-09-25

rPath has issued an update for the kernel. This fixes a vulnerability,
which can be exploited by malicious, local users to gain escalated
privileges.

Full Advisory:
http://secunia.com/advisories/26953/ 

 --

[SA26943] ChironFS File Creation Incorrect Ownership Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-09-24

A vulnerability has been reported in ChironFS, which can be exploited
by malicious, local users to gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/26943/ 

 --

[SA26938] Fedora update for ntfs-3g

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-09-26

Fedora has issued an update for ntfs-3g. This fixes a weakness, which
can be exploited by malicious, local users to perform certain actions
with escalated privileges.

Full Advisory:
http://secunia.com/advisories/26938/ 

 --

[SA26934] Linux Kernel ptrace Local Privilege Escalation Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-09-24

Wojciech Purczynski has reported a vulnerability in the Linux kernel,
which can be exploited by malicious, local users to gain escalated
privileges.

Full Advisory:
http://secunia.com/advisories/26934/ 

 --

[SA26919] Fedora update for kernel

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-09-25

Fedora has issued an update for the kernel. This fixes a vulnerability,
which can be exploited by malicious, local users to gain escalated
privileges.

Full Advisory:
http://secunia.com/advisories/26919/ 

 --

[SA26917] Fedora update for kernel

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2007-09-26

Fedora has issued an update for the kernel. This fixes a vulnerability,
which can be exploited by malicious, local users to gain escalated
privileges.

Full Advisory:
http://secunia.com/advisories/26917/ 

 --

[SA26950] Sun Solaris Thread Context Handling Denial of Service

Critical:    Not critical
Where:       Local system
Impact:      DoS
Released:    2007-09-27

A vulnerability has been reported in Sun Solaris, which can be
exploited by malicious, local users to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/26950/ 

 --

[SA26935] Linux Kernel ptrace Single Step "CS" Null Pointer
Dereference

Critical:    Not critical
Where:       Local system
Impact:      DoS
Released:    2007-09-25

Evan Teran has reported a security issue in the Linux kernel, which
potentially can be exploited by malicious, local users to cause a DoS
(Denial of Service).

Full Advisory:
http://secunia.com/advisories/26935/ 

 --

[SA26929] Ubuntu update for kdm

Critical:    Not critical
Where:       Local system
Impact:      Security Bypass
Released:    2007-09-25

Ubuntu has issued an update for kdm. This fixes a security issue, which
can be exploited by malicious, local users to bypass certain security
restrictions.

Full Advisory:
http://secunia.com/advisories/26929/ 

 --

[SA26918] Linux Kernel ALSA "snd_mem_proc_read()" Information
Disclosure

Critical:    Not critical
Where:       Local system
Impact:      Exposure of sensitive information
Released:    2007-09-26

A vulnerability has been reported in the Linux Kernel, which can be
exploited by malicious, local users to disclose potentially sensitive
information.

Full Advisory:
http://secunia.com/advisories/26918/ 

 --

[SA26915] rPath update for kdebase

Critical:    Not critical
Where:       Local system
Impact:      Security Bypass
Released:    2007-09-21

rPath has issued an update for kdebase. This fixes a security issue,
which can be exploited by malicious, local users to bypass certain
security restrictions.

Full Advisory:
http://secunia.com/advisories/26915/ 


Other:--

[SA26925] HP TCP/IP Services for OpenVMS BIND Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Spoofing
Released:    2007-09-24

HP has acknowledged a vulnerability in HP OpenVMS, which can be
exploited by malicious people to poison the DNS cache.

Full Advisory:
http://secunia.com/advisories/26925/ 

 --

[SA26937] Barracuda Spam Firewall "Monitor Web Syslog" Script
Insertion

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-09-24

Federico Kirschbaum has reported a vulnerability in Barracuda Spam
Firewall, which can be exploited by malicious people to conduct script
insertion attacks.

Full Advisory:
http://secunia.com/advisories/26937/ 

 --

[SA26988] Cisco Catalyst 6500 / Cisco 7600 Series Devices Accessible
Loopback Address Weakness

Critical:    Not critical
Where:       From local network
Impact:      Security Bypass
Released:    2007-09-27

A weakness has been reported in Cisco Catalyst 6500 and Cisco 7600
series devices, which can be exploited by malicious people to bypass
certain security restrictions.

Full Advisory:
http://secunia.com/advisories/26988/ 


Cross Platform:--

[SA26962] FrontAccounting Two File Inclusion Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information, System access
Released:    2007-09-26

K3ZZAP66345 has discovered two vulnerabilities in FrontAccounting,
which can be exploited by malicious people to disclose sensitive
information or to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26962/ 

 --

[SA26931] iziContents Multiple File Inclusion Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      Exposure of sensitive information, System access
Released:    2007-09-24

irk4 has discovered some vulnerabilities in iziContents, which can be
exploited by malicious people to disclose sensitive information or to
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26931/ 

 --

[SA26928] CMS Made Simple PHP "eval()" Injection Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2007-09-24

irk4z has discovered a vulnerability in CMS Made Simple, which can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26928/ 

 --

[SA26926] ImageMagick Multiple Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-09-24

Some vulnerabilities have been reported in ImageMagick, which can be
exploited by malicious people to conduct DoS (Denial of Service)
attacks or compromise a user's system.

Full Advisory:
http://secunia.com/advisories/26926/ 

 --

[SA26924] Wordsmith "_path" File Inclusion Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information, System access
Released:    2007-09-24

ShockShadow has reported a vulnerability in Wordsmith, which can be
exploited by malicious people to disclose sensitive information or to
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26924/ 

 --

[SA26920] DFD Cart "set_depth" Multiple File Inclusion Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information, System access
Released:    2007-09-24

BiNgZa has discovered some vulnerabilities in DFD Cart, which can be
exploited by malicious people to disclose sensitive information or to
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26920/ 

 --

[SA26974] SimpGB Cross-Site Scripting and Information Disclosure

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, Exposure of
sensitive information
Released:    2007-09-26

Jesper Jurcenoks has reported some vulnerabilities in SimpGB, which can
be exploited by malicious people to conduct cross-site scripting attacks
and disclose sensitive information.

Full Advisory:
http://secunia.com/advisories/26974/ 

 --

[SA26968] Simple PHP Blog Cross-Site Scripting and File Upload
Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, System access
Released:    2007-09-26

Luca "ikki" Carettoni and Luca "Daath" De Fulgentis have reported some
vulnerabilities in Simple PHP Blog, which can be exploited by malicious
people to conduct cross-site scripting attacks and by malicious users to
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/26968/ 

 --

[SA26961] JSPWiki Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Exposure of system information
Released:    2007-09-26

Jason Kratzer has reported some vulnerabilities in JSPWiki, which can
be exploited by malicious people to disclose system information and
conduct cross-site scripting and script insertion attacks.

Full Advisory:
http://secunia.com/advisories/26961/ 

 --

[SA26958] PHP-Nuke Dance Music Module Local File Inclusion

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information
Released:    2007-09-26

Janek Vind has discovered a vulnerability in the Dance Music module for
PHP-Nuke, which can be exploited by malicious people to disclose
sensitive information.

Full Advisory:
http://secunia.com/advisories/26958/ 

 --

[SA26954] NukeSentinel "admin" Cookie SQL Injection

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-09-27

Janek Vind has reported a vulnerability in NukeSentinel, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/26954/ 

 --

[SA26945] bcoos Arcade "gid" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2007-09-24

nights shadow has discovered a vulnerability in bcoos, which can be
exploited by malicious users or malicious people to conduct SQL
injection attacks.

Full Advisory:
http://secunia.com/advisories/26945/ 

 --

[SA26942] Tk GIF Processing Buffer Overflow Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2007-09-27

A vulnerability has been reported in Tk, which can potentially be
exploited by malicious people to compromise an application using the
library.

Full Advisory:
http://secunia.com/advisories/26942/ 

 --

[SA26941] Xcms "cpass.php" Authentication Bypass Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2007-09-24

x0kster has reported a vulnerability in Xcms, which can be exploited by
malicious people to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/26941/ 

 --

[SA26940] ClanSphere "cat_id" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data, Exposure of sensitive information
Released:    2007-09-25

R00T[ATI] has discovered a vulnerability in ClanSphere, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/26940/ 

 --

[SA26921] libsndfile "flac_buffer_copy()" Buffer Overflow
Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2007-09-21

Robert Buchholz has reported a vulnerability in libsndfile, which
potentially can be exploited by malicious people to compromise an
application using the library.

Full Advisory:
http://secunia.com/advisories/26921/ 

 --

[SA26965] SimpNews Two Cross-Site Scripting Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-09-26

Jesper Jurcenoks has reported two vulnerabilities in SimpNews, which
can be exploited by malicious people to conduct cross-site scripting
attacks.

Full Advisory:
http://secunia.com/advisories/26965/ 

 --

[SA26957] FlatNuke Cross-Site Request Forgery Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-09-27

darkbunny91 has discovered a vulnerability in FlatNuke, which can be
exploited by malicious people to conduct cross-site request forgery
attacks.

Full Advisory:
http://secunia.com/advisories/26957/ 

 --

[SA26944] eGroupWare "cat_data[color]" Cross-Site Scripting

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-09-25

Enrico Milanese has reported a vulnerability in eGroupWare, which can
be exploited by malicious people to conduct cross-site scripting
attacks.

Full Advisory:
http://secunia.com/advisories/26944/ 

 --

[SA26923] PHP-Nuke Nuke Mobile Entertainment Module Local File
Inclusion

Critical:    Less critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information
Released:    2007-09-24

BorN To K!LL has discovered a vulnerability in the Nuke Mobile
Entertainment module for PHP-Nuke, which can be exploited by malicious
people to disclose sensitive information.

Full Advisory:
http://secunia.com/advisories/26923/ 

 --

[SA26922] PhpGedView Multiple Cross-Site Scripting Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-09-21

nights shadow has discovered some vulnerabilities in PhpGedView, which
can be exploited by malicious people to conduct cross-site scripting
attacks.

Full Advisory:
http://secunia.com/advisories/26922/ 

 --

[SA26913] CMS Vigile Download and Wiki Cross-Site Scripting

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2007-09-21

x0kster has discovered two vulnerabilities in CMS Vigile, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/26913/ 



=======================================================================
Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/ 

Subscribe:
http://secunia.com/secunia_weekly_summary/ 

Contact details:
Web	: http://secunia.com/ 
E-mail	: support@secunia.com 
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45


__________________________________________________________________      
CSI 2007 is the only conference that delivers a business-focused
overview of enterprise security. It will convene 1,500+ delegates,
80 exhibitors and features 100+ sessions/seminars providing a
roadmap for integrating policies and procedures with new tools
and techniques.  Register now for savings on conference fees   
and/or free exhibits admission. - www.csiannual.com 

Site design & layout copyright © 1986-2014 CodeGods