AOH :: ISNQ5456.HTM

Secunia Weekly Summary - Issue: 2008-14




Secunia Weekly Summary - Issue: 2008-14
Secunia Weekly Summary - Issue: 2008-14



=======================================================================
                  The Secunia Weekly Advisory Summary                  
                        2008-03-27 - 2008-04-03                        

                       This week: 79 advisories                        

=======================================================================Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing

=======================================================================1) Word From Secunia:

Secunia invites you to join us in the biggest IT Expo event of the year
- the RSA Conference in the Moscone Center, San Francisco, California
from 7 to 11 April 2008. If you are interested in going to the expo
exhibit and meeting us, please contact your Secunia Account Executive
for a FREE EXPO PASS!

=======================================================================2) This Week in Brief:

Secunia Research has discovered a highly critical vulnerability in
XnView, which can be exploited by malicious people to compromise a
user's system.

The vulnerability is caused due to a boundary error when processing the
"FontName" parameter of slideshow files (*.sld). This can be exploited
to cause a stack-based buffer overflow by e.g. tricking a user into
opening a specially crafted slideshow file with an overly long
"FontName" parameter.

Successful exploitation allows the execution of arbitrary code.

The vulnerability is confirmed in version 1.92 and 1.92.1. Other
versions may also be affected. Users are advised to update to version
1.93.4 to resolve the vulnerability.

For more information, refer to:
http://secunia.com/advisories/29620/ 

Secunia has constructed the Secunia Personal Software Inspector, which
you can use to check if your personal system is vulnerable:
https://psi.secunia.com/

Corporate users can request for a trial of the Secunia Network Software
Inspector, which you can use to check which systems in your network are
vulnerable:
http://secunia.com/network_software_inspector/ 

 --

A highly critical vulnerability has been reported in Macrovision
InstallShield, which can be exploited by malicious people to compromise
a user's system.

The vulnerability is caused due to an error in the One-Click Install
ActiveX control for InstallScript projects and can be exploited to e.g.
download and load malicious libraries when a user is tricked into
visiting a malicious website.

The vulnerability reportedly affects InstallShield 12 only. The vendor
has provided solutions for all affected versions.

For more information, refer to:
http://secunia.com/advisories/29549/ 

Secunia has constructed the Secunia Personal Software Inspector, which
you can use to check if your personal system is vulnerable:
https://psi.secunia.com/

Corporate users can request for a trial of the Secunia Network Software
Inspector, which you can use to check which systems in your network are
vulnerable:
http://secunia.com/network_software_inspector/ 


 --

Some vulnerabilities have been reported in Opera, which potentially can
be exploited by malicious people to compromise a user's system.

An error when prompting the user to add a newsfeed can be exploited to
cause an invalid memory access via a specially crafted newsfeed source.

Another error exists in the processing of HTML CANVAS elements. This
can be exploited to cause a memory corruption via specially crafted
scaled pattern images.

Successful exploitation of the vulnerabilities may allow execution of
arbitrary code.

The vulnerabilities are resolved in Opera version to 9.27. Users with
prior versions are advised to update.

For more information, refer to:
http://secunia.com/advisories/29549/ 

Secunia has constructed the Secunia Personal Software Inspector, which
you can use to check if your personal system is vulnerable:
https://psi.secunia.com/

Corporate users can request for a trial of the Secunia Network Software
Inspector, which you can use to check which systems in your network are
vulnerable:
http://secunia.com/network_software_inspector/ 

 --

Some vulnerabilities have been reported in Apple QuickTime, which can
be exploited by malicious people to disclose potentially sensitive
information or compromise a vulnerable system.

Several implementation, processing, and other unspecified errors are
reported in various Apple Quicktime components, some of which may allow
execution of arbitrary code, if successfully exploited.

Apple has released version 7.4.5 for Windows and Mac OS systems.

For more information, refer to:
http://secunia.com/advisories/29650/ 

Secunia has constructed the Secunia Personal Software Inspector, which
you can use to check if your personal system is vulnerable:
https://psi.secunia.com/

Corporate users can request for a trial of the Secunia Network Software
Inspector, which you can use to check which systems in your network are
vulnerable:
http://secunia.com/network_software_inspector/ 

 --

VIRUS ALERTS:

During the past week Secunia collected 211 virus descriptions from the
Antivirus vendors. However, none were deemed MEDIUM risk or higher
according to the Secunia assessment scale.

=======================================================================3) This Weeks Top Ten Most Read Advisories:

1.  [SA29483] Safari Address Bar Spoofing and Memory Corruption
              Vulnerabilities
2.  [SA29526] Mozilla Firefox Multiple Vulnerabilities
3.  [SA29507] Cisco IOS Multiple Vulnerabilities
4.  [SA29569] Wireshark Multiple Denial of Service Vulnerabilities
5.  [SA29568] GnuPG Duplicated IDs Memory Corruption
6.  [SA29574] FreeBSD "strfmon()" Multiple Integer Overflows
7.  [SA29559] Cisco IOS Denial of Service Vulnerability
7.  [SA29566] HP TCP/IP Services for OpenVMS SSH Server Vulnerability
8.  [SA29501] Debian firebird2 Multiple Vulnerabilities
10. [SA29583] eggBlog "index.php" SQL Injection Vulnerabilities

=======================================================================4) Vulnerabilities Summary Listing

Windows:
[SA29620] XnView Slideshow "FontName" Buffer Overflow Vulnerability
[SA29629] NoticeWare Email Server IMAP Packet Handling Denial of
Service
[SA29614] SLMail Pro Multiple Vulnerabilities
[SA29611] EfesTECH Video "catID" SQL Injection Vulnerability
[SA29641] HP OpenView Network Node Manager Buffer Overflow
Vulnerability
[SA29660] Symantec Products AutoFix Support Tool ActiveX Control Two
Vulnerabilities
[SA29581] Chilkat HTTP ActiveX Component ActiveX Controls
"SaveLastError()" Insecure Method
[SA29572] DigiDomain Multiple Cross-Site Scripting Vulnerabilities
[SA29639] Novell eDirectory Host Environment HTTP Request Processing
Denial of Service
[SA29590] 2X ThinClientServer 2XTFTPd Service Directory Traversal
[SA29605] avast! Home/Professional aavmker4.sys Privilege Escalation

UNIX/Linux:
[SA29621] Comix Arbitrary Shell Command Execution Vulnerability
[SA29618] Fedora update for seamonkey
[SA29616] Debian update for iceweasel
[SA29601] Debian update for xine-lib
[SA29600] Slackware update for xine-lib
[SA29597] Fedora update for centerim
[SA29596] Slackware update for seamonkey
[SA29594] Slackware update for mozilla-firefox
[SA29582] SUSE update for Sun Java
[SA29578] Slackware update for xine-lib
[SA29649] rPath update for lighttpd
[SA29619] Fedora update for Perlbal
[SA29591] VMware ESX Server update for libxml2
[SA29580] Debian update for exiftags
[SA29655] Mandriva update for cups
[SA29634] Gentoo update for cups
[SA29630] Red Hat update for cups
[SA29603] Ubuntu update for cups
[SA29573] Red Hat update for cups
[SA29656] Gentoo update for bzip2
[SA29644] Apache-SSL Environment Variables Manipulation Vulnerability
[SA29574] FreeBSD "strfmon()" Multiple Integer Overflows
[SA29638] HP Internet Express for Tru64 UNIX Multiple PostgreSQL
Vulnerabilities
[SA29570] SUSE update for kernel
[SA29648] Fedora update for mod_suphp
[SA29642] Red Hat lspp-eal4-config-ibm / capp-lspp-eal4-config-hp
Privilege Escalation
[SA29627] OpenBSD update for OpenSSH
[SA29626] Ubuntu update for openssh
[SA29617] Linux Audit "audit_log_user_command()" Buffer Overflow
[SA29615] suPHP Race Condition Vulnerabilities
[SA29588] Fedora update for phpMyAdmin
[SA29577] Eterm X11 Display Security Issue
[SA29576] rxvt X11 Display Security Issue
[SA29666] Fedora update for gnome-screensaver
[SA29654] Solaris inetd Debug Logging Symlink Security Issue
[SA29609] OpenBSD OpenSSH ForceCommand Bypass Weakness
[SA29606] Red Hat update for gnome-screensaver
[SA29602] OpenSSH ForceCommand Bypass Weakness
[SA29595] gnome-screensaver Information Disclosure and Security Bypass

Other:
[SA29587] Novell NetWare iPrint Request Denial of Service

Cross Platform:
[SA29662] Opera Multiple Vulnerabilities
[SA29650] Apple QuickTime Multiple Vulnerabilities
[SA29653] DaZPHPNews "prefixdir" Local File Inclusion Vulnerability
[SA29652] Writers Block CMS "PostID" SQL Injection Vulnerability
[SA29647] IBM DB2 Content Manager AllowedTrustedLogin Security Issue
[SA29628] Faphoto "id" SQL Injection Vulnerability
[SA29624] EasyNews Multiple Vulnerabilities
[SA29612] CuteFlow Cross-Site Scripting and SQL Injection
[SA29608] WordPress WP-Download Plugin "dl_id" SQL Injection
[SA29593] AuraCMS "country" SQL Injection Vulnerability
[SA29592] Sava's GuestBook "action" Local File Inclusion
[SA29589] Sava's Link Manager Two Vulnerabilities
[SA29584] PowerDNS Recursor DNS Cache Poisoning Vulnerability
[SA29583] eggBlog "index.php" SQL Injection Vulnerabilities
[SA29579] PHPkrm Unspecified Script Insertion Vulnerability
[SA29575] Sympa Malformed "Content-Type" Header Denial of Service
Vulnerability
[SA29571] Smoothflash "cid" SQL Injection Vulnerability
[SA29569] Wireshark Multiple Denial of Service Vulnerabilities
[SA29658] Drupal Flickr Module Cross-Site Scripting Vulnerabilities
[SA29646] Simple Gallery "album" Cross-Site Scripting
[SA29643] HP Select Identity Unspecified Unauthorised Access
Vulnerability
[SA29633] Drupal Webform Module Unspecified Script Insertion
[SA29623] Smart Classified / Photo ADS Cross-Site Scripting
Vulnerabilities
[SA29610] InspIRCd Unspecified Vulnerability
[SA29599] JV2 Folder Gallery "image" Cross-Site Scripting
[SA29598] JV2 Quick Gallery "f" Cross-Site Scripting
[SA29613] phpMyAdmin Username/Password Session File Information
Disclosure
[SA29586] Nik Sharpener Pro Insecure File Permissions

=======================================================================5) Vulnerabilities Content Listing

Windows:--

[SA29620] XnView Slideshow "FontName" Buffer Overflow Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2008-03-31

Secunia Research has discovered a vulnerability in XnView, which can be
exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/29620/ 

 --

[SA29629] NoticeWare Email Server IMAP Packet Handling Denial of
Service

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2008-04-02

Ray has discovered a vulnerability in NoticeWare Email Server, which
can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/29629/ 

 --

[SA29614] SLMail Pro Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2008-03-31

Luigi Auriemma has discovered some vulnerabilities in SLMail Pro, which
can be exploited by malicious people to cause a DoS (Denial of Service)
or potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/29614/ 

 --

[SA29611] EfesTECH Video "catID" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2008-04-01

RMx has discovered a vulnerability in EfesTECH Video, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/29611/ 

 --

[SA29641] HP OpenView Network Node Manager Buffer Overflow
Vulnerability

Critical:    Moderately critical
Where:       From local network
Impact:      System access
Released:    2008-04-03

Mati Aharoni has discovered a vulnerability in HP OpenView Network Node
Manager, which can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/29641/ 

 --

[SA29660] Symantec Products AutoFix Support Tool ActiveX Control Two
Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      System access
Released:    2008-04-03

Two vulnerabilities have been reported in various Symantec products,
which can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/29660/ 

 --

[SA29581] Chilkat HTTP ActiveX Component ActiveX Controls
"SaveLastError()" Insecure Method

Critical:    Less critical
Where:       From remote
Impact:      Manipulation of data
Released:    2008-04-01

shinnai has discovered a vulnerability in Chilkat HTTP ActiveX
Component, which can be exploited by malicious people to overwrite
arbitrary files.

Full Advisory:
http://secunia.com/advisories/29581/ 

 --

[SA29572] DigiDomain Multiple Cross-Site Scripting Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2008-03-28

Linux_Drox has reported some vulnerabilities in DigiDomain, which can
be exploited by malicious people to conduct cross-site scripting
attacks.

Full Advisory:
http://secunia.com/advisories/29572/ 

 --

[SA29639] Novell eDirectory Host Environment HTTP Request Processing
Denial of Service

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2008-04-03

Mati Aharoni has discovered a vulnerability in Novell eDirectory, which
can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/29639/ 

 --

[SA29590] 2X ThinClientServer 2XTFTPd Service Directory Traversal

Critical:    Less critical
Where:       From local network
Impact:      Exposure of system information, Exposure of sensitive
information
Released:    2008-03-31

Luigi Auriemma has discovered a vulnerability in 2X ThinClientServer,
which can be exploited by malicious people to disclose potentially
sensitive information.

Full Advisory:
http://secunia.com/advisories/29590/ 

 --

[SA29605] avast! Home/Professional aavmker4.sys Privilege Escalation

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2008-03-31

Tobias Klein has reported a vulnerability in avast! Home/Professional,
which can be exploited by malicious, local users to gain escalated
privileges.

Full Advisory:
http://secunia.com/advisories/29605/ 


UNIX/Linux:--

[SA29621] Comix Arbitrary Shell Command Execution Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2008-04-01

A vulnerability has been reported in Comix, which can be exploited by
malicious people to compromise a user's sytem.

Full Advisory:
http://secunia.com/advisories/29621/ 

 --

[SA29618] Fedora update for seamonkey

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, Spoofing, Exposure
of sensitive information, System access
Released:    2008-04-02

Fedora has issued an update for seamonkey. This fixes some
vulnerabilities, which can be exploited by malicious people to bypass
certain security restrictions, disclose potentially sensitive
information, conduct cross-site scripting and phishing attacks, and
potentially compromise a user's system.

Full Advisory:
http://secunia.com/advisories/29618/ 

 --

[SA29616] Debian update for iceweasel

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, Spoofing, Exposure
of sensitive information, System access
Released:    2008-03-31

Debian has issued an update for iceweasel. This fixes some
vulnerabilities, which can be exploited by malicious people to bypass
certain security restrictions, disclose potentially sensitive
information, conduct cross-site scripting and phishing attacks, and
potentially compromise a user's system.

Full Advisory:
http://secunia.com/advisories/29616/ 

 --

[SA29601] Debian update for xine-lib

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2008-04-01

Debian has issued an update for xine-lib. This fixes some
vulnerabilities, which can be exploited by malicious people  to
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/29601/ 

 --

[SA29600] Slackware update for xine-lib

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2008-04-02

Slackware has issued an update for xine-lib. This fixes some
vulnerabilities, which potentially can be exploited by malicious people
to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/29600/ 

 --

[SA29597] Fedora update for centerim

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2008-04-02

Fedora has issued an update for centerim. This fixes a vulnerability,
which can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/29597/ 

 --

[SA29596] Slackware update for seamonkey

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, Spoofing, Exposure
of sensitive information, System access
Released:    2008-03-31

Slackware has issued an update for seamonkey. This fixes some
vulnerabilities, which can be exploited by malicious people to bypass
certain security restrictions, disclose potentially sensitive
information, conduct cross-site scripting and phishing attacks, and
potentially compromise a user's system.

Full Advisory:
http://secunia.com/advisories/29596/ 

 --

[SA29594] Slackware update for mozilla-firefox

Critical:    Highly critical
Where:       From remote
Impact:      Cross Site Scripting, Spoofing, Exposure of sensitive
information, System access, Security Bypass
Released:    2008-03-31

Slackware has issued an update for mozilla-firefox. This fixes some
vulnerabilities, which can be exploited by malicious people to bypass
certain security restrictions, disclose potentially sensitive
information, conduct cross-site scripting and phishing attacks, and
potentially compromise a user's system.

Full Advisory:
http://secunia.com/advisories/29594/ 

 --

[SA29582] SUSE update for Sun Java

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Manipulation of data, DoS, System access
Released:    2008-04-03

SUSE has issued an update for Sun Java. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service), to bypass certain security restrictions, or to
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/29582/ 

 --

[SA29578] Slackware update for xine-lib

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2008-03-31

Slackware has issued an update for xine-lib. This fixes a
vulnerability, which can be exploited by malicious people to compromise
a user's system.

Full Advisory:
http://secunia.com/advisories/29578/ 

 --

[SA29649] rPath update for lighttpd

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2008-04-02

rPath has issued an update for lighttpd. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/29649/ 

 --

[SA29619] Fedora update for Perlbal

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2008-03-31

Fedora has issued an update for Perlbal. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/29619/ 

 --

[SA29591] VMware ESX Server update for libxml2

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2008-03-31

VMware has issued an update for VMware ESX Server. This fixes a
vulnerability, which can be exploited by malicious people to cause a
DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/29591/ 

 --

[SA29580] Debian update for exiftags

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2008-03-28

Debian has issued an update for exiftags. This fixes some
vulnerabilities, which potentially can be exploited by malicious people
to cause a DoS (Denial of Service) or compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/29580/ 

 --

[SA29655] Mandriva update for cups

Critical:    Moderately critical
Where:       From local network
Impact:      DoS, System access
Released:    2008-04-03

Mandriva has issued an update for cups. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service) and potentially compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/29655/ 

 --

[SA29634] Gentoo update for cups

Critical:    Moderately critical
Where:       From local network
Impact:      DoS, System access
Released:    2008-04-02

Gentoo has issued an update for cups. This fixes some vulnerabilities,
which can be exploited by malicious people to cause a DoS (Denial of
Service) or to potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/29634/ 

 --

[SA29630] Red Hat update for cups

Critical:    Moderately critical
Where:       From local network
Impact:      System access
Released:    2008-04-02

Red Hat has issued an update for cups. This fixes some vulnerabilities,
which potentially can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/29630/ 

 --

[SA29603] Ubuntu update for cups

Critical:    Moderately critical
Where:       From local network
Impact:      DoS, System access
Released:    2008-04-03

Ubuntu has issued an update for cups. This fixes some vulnerabilities,
which can be exploited by malicious people to cause a DoS (Denial of
Service) or potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/29603/ 

 --

[SA29573] Red Hat update for cups

Critical:    Moderately critical
Where:       From local network
Impact:      DoS, System access
Released:    2008-04-02

Red Hat has issued an update for cups. This fixes some vulnerabilities,
which can be exploited by malicious people to cause a DoS (Denial of
Service) or to potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/29573/ 

 --

[SA29656] Gentoo update for bzip2

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2008-04-03

Gentoo has issued an update for bzip2. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/29656/ 

 --

[SA29644] Apache-SSL Environment Variables Manipulation Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Manipulation of data, Exposure of sensitive information
Released:    2008-04-03

Alexander Klink has reported a vulnerability in Apache-SSL, which can
be exploited by malicious people to manipulate certain data or to
disclose potentially sensitive information.

Full Advisory:
http://secunia.com/advisories/29644/ 

 --

[SA29574] FreeBSD "strfmon()" Multiple Integer Overflows

Critical:    Less critical
Where:       From remote
Impact:      DoS, System access
Released:    2008-03-28

Maksymilian Arciemowicz has reported some vulnerabilities in FreeBSD,
which potentially can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/29574/ 

 --

[SA29638] HP Internet Express for Tru64 UNIX Multiple PostgreSQL
Vulnerabilities

Critical:    Less critical
Where:       From local network
Impact:      Privilege escalation, DoS
Released:    2008-04-02

HP has acknowledged some vulnerabilities in PostgreSQL, which can be
exploited by malicious users to to gain escalated privileges or to
cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/29638/ 

 --

[SA29570] SUSE update for kernel

Critical:    Less critical
Where:       From local network
Impact:      Security Bypass, Exposure of sensitive information, DoS,
System access
Released:    2008-03-28

SUSE has issued an update for the kernel. This fixes some
vulnerabilities and a security issue, which can be exploited by
malicious, local users to bypass certain security restrictions and
disclose potentially sensitive information, and by malicious people to
cause a DoS (Denial of Service) or potentially compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/29570/ 

 --

[SA29648] Fedora update for mod_suphp

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2008-04-02

Fedora has issued an update for mod_suphp. This fixes some
vulnerabilities, which can be exploited by malicious, local users to
gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/29648/ 

 --

[SA29642] Red Hat lspp-eal4-config-ibm / capp-lspp-eal4-config-hp
Privilege Escalation

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2008-04-02

Red Hat has acknowledged a security issue in the lspp-eal4-config-ibm
and capp-lspp-eal4-config-hp packages, which can be exploited by
malicious, local users to gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/29642/ 

 --

[SA29627] OpenBSD update for OpenSSH

Critical:    Less critical
Where:       Local system
Impact:      Exposure of sensitive information
Released:    2008-04-03

OpenBSD has issued an update for OpenSSH. This fixes a vulnerability,
which can be exploited by malicious, local users to disclose sensitive
information.

Full Advisory:
http://secunia.com/advisories/29627/ 

 --

[SA29626] Ubuntu update for openssh

Critical:    Less critical
Where:       Local system
Impact:      Exposure of sensitive information
Released:    2008-04-02

Ubuntu has issued an update for openssh. This fixes a vulnerability,
which can be exploited by malicious, local users to disclose sensitive
information.

Full Advisory:
http://secunia.com/advisories/29626/ 

 --

[SA29617] Linux Audit "audit_log_user_command()" Buffer Overflow

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2008-03-31

A vulnerability has been reported in Linux Audit, which potentially can
be exploited by malicious, local users to gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/29617/ 

 --

[SA29615] suPHP Race Condition Vulnerabilities

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2008-04-02

Some vulnerabilities have been reported in suPHP, which can be
exploited by malicious, local users to gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/29615/ 

 --

[SA29588] Fedora update for phpMyAdmin

Critical:    Less critical
Where:       Local system
Impact:      Exposure of sensitive information
Released:    2008-04-02

Fedora has issued an update for phpMyAdmin. This fixes a vulnerability,
which can potentially be exploited by malicious users to disclose
sensitive information.

Full Advisory:
http://secunia.com/advisories/29588/ 

 --

[SA29577] Eterm X11 Display Security Issue

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2008-03-31

A security issue has been reported in Eterm, which can be exploited by
malicious, local users to gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/29577/ 

 --

[SA29576] rxvt X11 Display Security Issue

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2008-03-31

Bernhard R. Link has reported a security issue in rxvt, which can be
exploited by malicious, local users to gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/29576/ 

 --

[SA29666] Fedora update for gnome-screensaver

Critical:    Not critical
Where:       Local system
Impact:      Exposure of sensitive information
Released:    2008-04-03

Fedora has issued an update for gnome-screensaver. This fixes a
weakness, which can be exploited by malicious people with physical
access to disclose potentially sensitive information.

Full Advisory:
http://secunia.com/advisories/29666/ 

 --

[SA29654] Solaris inetd Debug Logging Symlink Security Issue

Critical:    Not critical
Where:       Local system
Impact:      Privilege escalation
Released:    2008-04-03

Sun has acknowledged a security issue in Solaris, which can be
exploited by malicious, local users to perform certain actions with
escalated privileges.

Full Advisory:
http://secunia.com/advisories/29654/ 

 --

[SA29609] OpenBSD OpenSSH ForceCommand Bypass Weakness

Critical:    Not critical
Where:       Local system
Impact:      Security Bypass
Released:    2008-03-31

A weakness has been reported in OpenBSD, which can be exploited by
malicious, local users to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/29609/ 

 --

[SA29606] Red Hat update for gnome-screensaver

Critical:    Not critical
Where:       Local system
Impact:      Security Bypass
Released:    2008-04-03

Red Hat has issued an update for gnome-screensaver. This fixes a
security issue, which can be exploited by malicious people with
physical access to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/29606/ 

 --

[SA29602] OpenSSH ForceCommand Bypass Weakness

Critical:    Not critical
Where:       Local system
Impact:      Security Bypass
Released:    2008-03-31

A weakness has been reported in OpenSSH, which can be exploited by
malicious, local users to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/29602/ 

 --

[SA29595] gnome-screensaver Information Disclosure and Security Bypass

Critical:    Not critical
Where:       Local system
Impact:      Security Bypass, Exposure of sensitive information
Released:    2008-04-03

A weakness and a security issue have been reported in
gnome-screensaver, which can be exploited by malicious people with
physical access to disclose potentially sensitive information or bypass
certain security restrictions.

Full Advisory:
http://secunia.com/advisories/29595/ 


Other:--

[SA29587] Novell NetWare iPrint Request Denial of Service

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2008-04-02

A vulnerability has been reported in Novell NetWare, which can be
exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/29587/ 


Cross Platform:--

[SA29662] Opera Multiple Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2008-04-03

Some vulnerabilities have been reported in Opera, which potentially can
be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/29662/ 

 --

[SA29650] Apple QuickTime Multiple Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      Exposure of sensitive information, DoS, System access
Released:    2008-04-03

Some vulnerabilities have been reported in Apple QuickTime, which can
be exploited by malicious people to disclose potentially sensitive
information or compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/29650/ 

 --

[SA29653] DaZPHPNews "prefixdir" Local File Inclusion Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information
Released:    2008-04-03

w0cker has discovered a vulnerability in DaZPHPNews, which can be
exploited by malicious people to disclose sensitive information.

Full Advisory:
http://secunia.com/advisories/29653/ 

 --

[SA29652] Writers Block CMS "PostID" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2008-04-03

katharsis has discovered a vulnerability in Writer's Block CMS, which
can be exploited by malicious people to conduct SQL injection attacks

Full Advisory:
http://secunia.com/advisories/29652/ 

 --

[SA29647] IBM DB2 Content Manager AllowedTrustedLogin Security Issue

Critical:    Moderately critical
Where:       From remote
Impact:      Unknown
Released:    2008-04-02

A security issue with an unknown impact has been reported in IBM DB2
Content Manager.

Full Advisory:
http://secunia.com/advisories/29647/ 

 --

[SA29628] Faphoto "id" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data, Exposure of sensitive information
Released:    2008-04-02

IRCRASH has discovered a vulnerability in Faphoto, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/29628/ 

 --

[SA29624] EasyNews Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data, Exposure of
system information, Exposure of sensitive information
Released:    2008-04-02

Dr.Crash has discovered some vulnerabilities in EasyNews, which can be
exploited by malicious people to conduct cross-site scripting and SQL
injection attacks, and to disclose sensitive information.

Full Advisory:
http://secunia.com/advisories/29624/ 

 --

[SA29612] CuteFlow Cross-Site Scripting and SQL Injection

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data
Released:    2008-03-31

Some vulnerabilities have been discovered in CuteFlow, which can be
exploited by malicious users to conduct SQL injection attacks and by
malicious people to conduct cross-site scripting and SQL injection
attacks.

Full Advisory:
http://secunia.com/advisories/29612/ 

 --

[SA29608] WordPress WP-Download Plugin "dl_id" SQL Injection

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data, Exposure of sensitive information
Released:    2008-04-01

BL4CK has reported a vulnerability in the WP-Download plugin for
WordPress, which can be exploited by malicious people to conduct SQL
injection attacks.

Full Advisory:
http://secunia.com/advisories/29608/ 

 --

[SA29593] AuraCMS "country" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2008-04-02

NTOS-Team have discovered a vulnerability in AuraCMS, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/29593/ 

 --

[SA29592] Sava's GuestBook "action" Local File Inclusion

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information
Released:    2008-04-01

Dr. Crash has discovered a vulnerability in Sava's GuestBook, which can
be exploited by malicious people to disclose sensitive information.

Full Advisory:
http://secunia.com/advisories/29592/ 

 --

[SA29589] Sava's Link Manager Two Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data, Exposure of system information,
Exposure of sensitive information
Released:    2008-04-01

Dr. Crash has discovered two vulnerabilities in Sava's Link Manager,
which can be exploited by malicious people to disclose sensitive
information and to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/29589/ 

 --

[SA29584] PowerDNS Recursor DNS Cache Poisoning Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Spoofing
Released:    2008-03-31

Amit Klein has reported a vulnerability in PowerDNS Recursor, which can
be exploited by malicious people to poison the DNS cache.

Full Advisory:
http://secunia.com/advisories/29584/ 

 --

[SA29583] eggBlog "index.php" SQL Injection Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data, Exposure of sensitive information
Released:    2008-03-28

__GiReX__ has reported two vulnerabilities in eggBlog, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/29583/ 

 --

[SA29579] PHPkrm Unspecified Script Insertion Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2008-03-31

A vulnerability has been reported in PHPkrm, which can be exploited by
malicious people to conduct script insertion attacks.

Full Advisory:
http://secunia.com/advisories/29579/ 

 --

[SA29575] Sympa Malformed "Content-Type" Header Denial of Service
Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2008-04-01

A vulnerability has been reported in Sympa, which can be exploited by
malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/29575/ 

 --

[SA29571] Smoothflash "cid" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data, Exposure of sensitive information
Released:    2008-03-31

S@BUN has reported a vulnerability in Smoothflash, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/29571/ 

 --

[SA29569] Wireshark Multiple Denial of Service Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2008-03-28

Some vulnerabilities have been reported in Wireshark, which can be
exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/29569/ 

 --

[SA29658] Drupal Flickr Module Cross-Site Scripting Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2008-04-03

Some vulnerabilities have been reported in the Flickr module for
Drupal, which can be exploited by malicious people to conduct
cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/29658/ 

 --

[SA29646] Simple Gallery "album" Cross-Site Scripting

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2008-04-03

Russ McRee has discovered a vulnerability in Simple Gallery, which can
be exploited by malicious people to conduct cross-site scripting
attacks.

Full Advisory:
http://secunia.com/advisories/29646/ 

 --

[SA29643] HP Select Identity Unspecified Unauthorised Access
Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass, Exposure of system information, Exposure
of sensitive information
Released:    2008-04-02

A vulnerability has been reported in HP Select Identity, which can be
exploited by malicious users to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/29643/ 

 --

[SA29633] Drupal Webform Module Unspecified Script Insertion

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2008-04-03

Some vulnerabilities have been reported in the Webform module for
Drupal, which can be exploited by malicious users to conduct script
insertion attacks.

Full Advisory:
http://secunia.com/advisories/29633/ 

 --

[SA29623] Smart Classified / Photo ADS Cross-Site Scripting
Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2008-04-03

Russ McRee has reported some vulnerabilities in Smart Classified ADS
and Smart Photo ADS, which can be exploited by malicious people to
conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/29623/ 

 --

[SA29610] InspIRCd Unspecified Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Unknown
Released:    2008-03-31

A vulnerability with unknown impact has been reported in InspIRCd.

Full Advisory:
http://secunia.com/advisories/29610/ 

 --

[SA29599] JV2 Folder Gallery "image" Cross-Site Scripting

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2008-03-31

Russ McRee has discovered a vulnerability in JV2 Folder Gallery, which
can be exploited by malicious people to conduct cross-site scripting
attacks.

Full Advisory:
http://secunia.com/advisories/29599/ 

 --

[SA29598] JV2 Quick Gallery "f" Cross-Site Scripting

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2008-03-31

Russ McRee has discovered a vulnerability in JV2 Quick Gallery, which
can be exploited by malicious people to conduct cross-site scripting
attacks.

Full Advisory:
http://secunia.com/advisories/29598/ 

 --

[SA29613] phpMyAdmin Username/Password Session File Information
Disclosure

Critical:    Less critical
Where:       Local system
Impact:      Exposure of sensitive information
Released:    2008-03-31

Jim Hermann has discovered a vulnerability in phpMyAdmin, which can
potentially be exploited by malicious users to disclose sensitive
information.

Full Advisory:
http://secunia.com/advisories/29613/ 

 --

[SA29586] Nik Sharpener Pro Insecure File Permissions

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2008-03-31

A security issue has been discovered in Nik Sharpener Pro, which
potentially can be exploited by malicious, local users to gain
escalated privileges.

Full Advisory:
http://secunia.com/advisories/29586/ 



=======================================================================
Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/ 

Subscribe:
http://secunia.com/secunia_weekly_summary/ 

Contact details:
Web	: http://secunia.com/ 
E-mail	: support@secunia.com 
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45


___________________________________________________      
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn 

Site design & layout copyright © 1986-2014 CodeGods