AOH :: ISNQ5701.HTM

Secunia Weekly Summary - Issue: 2008-22




Secunia Weekly Summary - Issue: 2008-22
Secunia Weekly Summary - Issue: 2008-22



=======================================================================
                  The Secunia Weekly Advisory Summary                  
                        2008-05-22 - 2008-05-29                        

                       This week: 66 advisories                        

=======================================================================Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing

=======================================================================1) Word From Secunia:

Secunia is pleased to announce that we are sponsoring the upcoming
Gartner IT Security Summit from June 2 to 4 in Washington, DC. The
event brings together Gartner analysts, leading executives, and
innovators to present research, case studies, and insight into the
business-critical aspect of IT.

If you would like to meet with Secunia representatives in the
conference, you can get a $400 discount off the regular registration
fee. Please contact pr@secunia.com to receive the priority code and 
schedule the meeting.

=======================================================================2) This Week in Brief:

Secunia Research has discovered a highly critical vulnerability in
Samba, which can be exploited by malicious people to compromise a
vulnerable system.

The vulnerability is caused due to a boundary error within the
"receive_smb_raw()" function in lib/util_sock.c when parsing SMB
packets. This can be exploited to cause a heap-based buffer overflow
via an overly large SMB packet received in a client context.

Successful exploitation allows execution of arbitrary code by tricking
a user into connecting to a malicious server (e.g. by clicking an
"smb://" link) or by sending specially crafted packets to an "nmbd"
server configured as a local or domain master browser.

The vulnerability is confirmed in versions 3.0.28a and 3.0.29. Prior
versions may also be affected. Update to version 3.0.30 or apply patch
to resolve the vulnerability.

For more information, refer to:
http://secunia.com/advisories/30228/ 

 --

A highly critical vulnerability has been reported in various Cisco
products, which can be exploited by malicious people to compromise a
vulnerable system.

The vulnerability is caused due to an unspecified error in CiscoWorks
Common Services, which can be exploited to execute arbitrary code via a
specially crafted URL.

The vulnerability is reported in CiscoWorks Common Services versions
3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.1, and 3.1.1.

Update to CiscoWorks Common Services version 3.2 or apply patches.

For a complete list of all affected products, refer to:
http://secunia.com/advisories/30422/ 

 --

A moderately critical vulnerability has been reported in Symantec
Backup Exec System Recovery Manager, which can be exploited by
malicious people to disclose potentially sensitive information and
potentially compromise a vulnerable system.

The vulnerability is caused due to an input validation error and can be
exploited to e.g. read certain system files and gain unauthorized access
to the vulnerable system via directory traversal attacks.

The vulnerability is reported in versions 7.x and 8.x. The vendor has
released versions 7.0.4 and 8.0.2 to resolve the issues.

For more information, refer to:
http://secunia.com/advisories/30432/ 

 --

Apple has issued a security update for Mac OS X, which fixes multiple
vulnerabilities.

The vulnerabilities include:

- An error in AFP server
- Various vulnerabilities in Apache (for Mac OS X Server v10.4.x)
- An unspecified error in AppKit
- Multiple unspecified errors in the processing of Pixlet video files
- An unspecified error exists in Apple Type Services when processing
embedded fonts in PDF files
- An error in Safari's SSL client certificate handling
- An integer overflow exists in CoreFoundation when handling CFData
objects
- An error due to an uninitialised variable in CoreGraphics
- A weakness due to users not being warned before opening certain
potentially unsafe content types
- An error when printing to password-protected printers with debug
logging enabled
- Various vulnerabilities in Adobe Flash Player
- An integer underflow error in Help Viewer when handling help:topic
URLs
- A conversion error exists in ICU when handling certain character
encodings
- Unspecified parameters in Image Capture's embedded web server not
being properly sanitised before use
- An error in the handling of temporary files in Image Capture
- A boundary error in the BMP and GIF image decoding engine in ImageIO
- Various vulnerabilities in ImageIO due to the use of vulnerable
libpng code
- An integer overflow error in ImageIO within the processing of
JPEG2000 images
- An error in Mail is caused due to an uninitialised variable
- A vulnerability in Mongrel
- A weakness in the sso_util command-line tool 
- An error in Wiki Server
- A vulnerability in Apple iCal
- A vulnerability due to an error in the handling of return values of
"hashes()" in the "cs_validate_page()" function when processing signed
Mach-O binaries
- A vulnerability due to an error within the "ipcomp6_input()" function
in bsd/netinet6/ipcomp_input.c when processing packets with an IPComp
header

For more information, refer to:
http://secunia.com/advisories/30430/ 

 --

VIRUS ALERTS:

During the past week Secunia collected 33 virus descriptions from the
Antivirus vendors. However, none were deemed MEDIUM risk or higher
according to the Secunia assessment scale.

=======================================================================3) This Weeks Top Ten Most Read Advisories:

1.  [SA30404] REVOKED: Adobe Flash Player Unspecified Vulnerability
2.  [SA30309] IBM Lotus Sametime Community Services Multiplexer Buffer
              Overflow
3.  [SA29941] Foxit Reader "util.printf()" Buffer Overflow
4.  [SA30336] Trillian Multiple Vulnerabilities
5.  [SA30372] phpFreeForum Cross-Site Scripting Vulnerabilities
6.  [SA30347] HP-UX Secure Shell Unauthorized Access Vulnerability
7.  [SA30258] Linux Kernel Unspecified Vulnerability
8.  [SA30344] Cerberus Helpdesk Information Disclosure Security Issue
9.  [SA30350] Apple iCal Memory Corruption Vulnerability
10. [SA30366] AbleDating "keyword" SQL Injection Vulnerability

=======================================================================4) Vulnerabilities Summary Listing

Windows:
[SA30404] REVOKED: Adobe Flash Player Unspecified Vulnerability
[SA30445] Alive MP3 WAV Converter NCTAudioInformation2.dll ActiveX
Control Buffer Overflow
[SA30421] Power Audio CD Burner NCTAudioInformation2 ActiveX Control
Buffer Overflow
[SA30419] Power Audio CD Grabber NCTAudioInformation2 ActiveX Control
Buffer Overflow
[SA30415] NCTSoft Products NCTAudioInformation2 ActiveX Control Buffer
Overflows
[SA30414] NCTSoft NCTAudioEditor NCTAudioGrabber2 ActiveX Control
Buffer Overflows
[SA30403] Creative Software AutoUpdate Engine ActiveX Control Buffer
Overflow
[SA30395] CinematicMP3 NCTAudioInformation2 ActiveX Control Buffer
Overflow
[SA30382] DT Centrepiece "searchFor" Cross-Site Scripting and SQL
Injection
[SA30410] EMC AlphaStor Multiple Vulnerabilities
[SA30420] CA Internet Security Suite UmxEventCli.dll ActiveX Control
Insecure Method
[SA30389] Core FTP Directory Download Directory Traversal
Vulnerability
[SA30384] BullGuard Backup Client SSL Verification Security Issue
[SA30379] ThinkVantage System Update Missing SSL Certificate Chain
Verification

UNIX/Linux:
[SA30442] Slackware update for samba
[SA30437] rPath update for evolution
[SA30430] Apple Mac OS X Security Update Fixes Multiple
Vulnerabilities
[SA30401] imlib2 PNM and XPM Buffer Overflow Vulnerabilities
[SA30385] Red Hat update for samba
[SA30370] Slackware update for mozilla-thunderbird
[SA30438] Fedora update for cbrpager
[SA30417] cbrPager Archive Handling Arbitrary Command Execution
[SA30411] rPath update for php
[SA30408] spamdyke "smtp_filter()" DATA Command Relay Vulnerability
[SA30402] Fedora update for libpng10
[SA30397] phpFix Two SQL Injection Vulnerabilities
[SA30393] Debian update for libxslt
[SA30392] CKGold "category_id" SQL Injection Vulnerability
[SA30387] Slackware update for php
[SA30380] Slackware update for rdesktop
[SA30368] Debian update for linux-2.6
[SA30413] Fedora update for kvm
[SA30425] Fedora update for stunnel
[SA30391] libpam-pgsql Authentication Bypass Security Issue
[SA30399] Fedora update for system-config-network
[SA30394] SaraB Disclosure of DAR Encryption Ciphers

Other:
[SA30409] Motorola RAZR JPEG Processing Buffer Overflow
[SA30364] Xerox WorkCentre Web Server Unspecified Script Insertion
[SA30362] Barracuda Spam Firewall "email" Cross-Site Scripting

Cross Platform:
[SA30422] CiscoWorks Common Services Unspecified Code Execution
Vulnerability
[SA30377] Quate CMS Multiple Vulnerabilities
[SA30375] phpRaider "pConfig_auth[phpbb_path]" File Inclusion
[SA30373] plusPHP Short URL Multi-User Script "_pages_dir" File
Inclusion
[SA30407] PHPhotoalbum Two SQL Injection Vulnerabilities
[SA30405] OpenSSL Two Denial of Service Vulnerabilities
[SA30400] TYPO3 sg_zfelib Extension SQL Injection Vulnerabilities
[SA30378] OneCMS "load" Local File Inclusion Vulnerability
[SA30376] RoomPHPlanning SQL Injection and Security Bypass
[SA30374] Xomol CMS Local File Inclusion and SQL Injection
[SA30367] Sava CMS Cross-Site Scripting and SQL Injection
[SA30366] AbleDating "keyword" SQL Injection Vulnerability
[SA30365] ClassSystem "teacher_id" SQL Injection Vulnerabilities
[SA30432] Symantec Backup Exec System Recovery Manager Directory
Traversal
[SA30436] AhsayOBM / AhsayACB SSL Verification Security Issue
[SA30435] SteadyBackup Online Backup Manager SSL Verification Security
Issue
[SA30431] Calcium "CalendarName" Cross-Site Scripting Vulnerability
[SA30398] Ortro Unspecified Cross-Site Scripting Vulnerability
[SA30390] Mini CWB "connector.php" Cross-Site Scripting Vulnerability
[SA30386] TYPO3 kj_imagelightbox2 Extension Cross-Site Scripting
[SA30383] AjaXplorer Password Change Cross-Site Request Forgery
[SA30381] Sun Java System Web Server Advanced Search Cross-Site
Scripting
[SA30372] phpFreeForum Cross-Site Scripting Vulnerabilities
[SA30371] PCPIN Chat URL Redirection Script Cross-Site Scripting
[SA30369] BMForum Multiple Cross-Site Scripting Vulnerabilities
[SA30363] Safari Montage "forgotPW.php" Cross-Site Scripting
Vulnerabilities
[SA30388] encrypt Anubis Plugin Original File Size Weakness

=======================================================================5) Vulnerabilities Content Listing

Windows:--

[SA30404] REVOKED: Adobe Flash Player Unspecified Vulnerability

Critical:    Extremely critical
Where:       From remote
Impact:      System access
Released:    2008-05-28

A vulnerability has been reported in Adobe Flash Player, which can be
exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/30404/ 

 --

[SA30445] Alive MP3 WAV Converter NCTAudioInformation2.dll ActiveX
Control Buffer Overflow

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2008-05-29

A vulnerability has been discovered in Alive MP3 WAV Converter, which
can be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/30445/ 

 --

[SA30421] Power Audio CD Burner NCTAudioInformation2 ActiveX Control
Buffer Overflow

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2008-05-29

A vulnerability has been discovered in Power Audio CD Burner, which can
be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/30421/ 

 --

[SA30419] Power Audio CD Grabber NCTAudioInformation2 ActiveX Control
Buffer Overflow

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2008-05-29

A vulnerability has been discovered in Power Audio CD Grabber, which
can be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/30419/ 

 --

[SA30415] NCTSoft Products NCTAudioInformation2 ActiveX Control Buffer
Overflows

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2008-05-28

Will Dormann has discovered some vulnerabilities in NCTAudioStudio and
NCTAudioEditor, which can be exploited by malicious people to
compromise a user's system.

Full Advisory:
http://secunia.com/advisories/30415/ 

 --

[SA30414] NCTSoft NCTAudioEditor NCTAudioGrabber2 ActiveX Control
Buffer Overflows

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2008-05-28

Will Dormann has reported some vulnerabilities in NCTAudioEditor, which
can be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/30414/ 

 --

[SA30403] Creative Software AutoUpdate Engine ActiveX Control Buffer
Overflow

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2008-05-28

A vulnerability has been reported in Creative Software AutoUpdate
Engine ActiveX Control, which can be exploited by malicious people to
compromise a user's system.

Full Advisory:
http://secunia.com/advisories/30403/ 

 --

[SA30395] CinematicMP3 NCTAudioInformation2 ActiveX Control Buffer
Overflow

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2008-05-29

A vulnerability has been discovered in CinematicMP3, which can be
exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/30395/ 

 --

[SA30382] DT Centrepiece "searchFor" Cross-Site Scripting and SQL
Injection

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data
Released:    2008-05-28

Russ McRee has reported two vulnerabilities in DT Centrepiece, which
can be exploited by malicious people to conduct cross-site scripting
and SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/30382/ 

 --

[SA30410] EMC AlphaStor Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From local network
Impact:      System access
Released:    2008-05-28

Some vulnerabilities have been reported in EMC AlphaStor, which can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/30410/ 

 --

[SA30420] CA Internet Security Suite UmxEventCli.dll ActiveX Control
Insecure Method

Critical:    Less critical
Where:       From remote
Impact:      Manipulation of data
Released:    2008-05-29

A vulnerability has been discovered in CA Internet Security Suite,
which can be exploited by malicious people to overwrite arbitrary
files.

Full Advisory:
http://secunia.com/advisories/30420/ 

 --

[SA30389] Core FTP Directory Download Directory Traversal
Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      System access
Released:    2008-05-26

Tan Chew Keong has reported a vulnerability in Core FTP, which can be
exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/30389/ 

 --

[SA30384] BullGuard Backup Client SSL Verification Security Issue

Critical:    Less critical
Where:       From remote
Impact:      Spoofing
Released:    2008-05-29

Heise Security has reported a security issue in BullGuard Backup, which
can be exploited by malicious people to conduct spoofing attacks.

Full Advisory:
http://secunia.com/advisories/30384/ 

 --

[SA30379] ThinkVantage System Update Missing SSL Certificate Chain
Verification

Critical:    Less critical
Where:       From remote
Impact:      Spoofing
Released:    2008-05-26

Derek Callaway has reported a security issue in ThinkVantage System
Update, which can be exploited by malicious people to conduct spoofing
attacks.

Full Advisory:
http://secunia.com/advisories/30379/ 


UNIX/Linux:--

[SA30442] Slackware update for samba

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2008-05-29

Slackware has issued an update for samba. This fixes a vulnerability,
which can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/30442/ 

 --

[SA30437] rPath update for evolution

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2008-05-29

rPath has issued an update for evolution. This fixes a vulnerability,
which can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/30437/ 

 --

[SA30430] Apple Mac OS X Security Update Fixes Multiple
Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, Exposure of system
information, Exposure of sensitive information, Privilege escalation,
DoS, System access
Released:    2008-05-29

Apple has issued a security update for Mac OS X, which fixes multiple
vulnerabilities.

Full Advisory:
http://secunia.com/advisories/30430/ 

 --

[SA30401] imlib2 PNM and XPM Buffer Overflow Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2008-05-29

Secunia Research has discovered two vulnerabilities in imlib2, which
can be exploited by malicious people to cause a DoS (Denial of Service)
or compromise an application using the library.

Full Advisory:
http://secunia.com/advisories/30401/ 

 --

[SA30385] Red Hat update for samba

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2008-05-28

Red Hat has issued an update for samba. This fixes a vulnerability,
which can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/30385/ 

 --

[SA30370] Slackware update for mozilla-thunderbird

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, System access
Released:    2008-05-26

Slackware has issued an update for mozilla-thunderbird. This fixes some
vulnerabilities, which can be exploited by malicious people to bypass
certain security restrictions, conduct cross-site scripting attacks, or
potentially compromise a user's system.

Full Advisory:
http://secunia.com/advisories/30370/ 

 --

[SA30438] Fedora update for cbrpager

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2008-05-29

Fedora has issued an update for cbrpager. This fixes a vulnerability,
which can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/30438/ 

 --

[SA30417] cbrPager Archive Handling Arbitrary Command Execution

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2008-05-29

A vulnerability has been reported in cbrPager, which can be exploited
by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/30417/ 

 --

[SA30411] rPath update for php

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2008-05-28

rPath has issued an update for php. This fixes some vulnerabilities,
which can be exploited by malicious, local users and malicious users to
bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/30411/ 

 --

[SA30408] spamdyke "smtp_filter()" DATA Command Relay Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2008-05-28

A vulnerability has been reported in spamdyke, which can be exploited
by malicious people to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/30408/ 

 --

[SA30402] Fedora update for libpng10

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of sensitive information, DoS, System access
Released:    2008-05-29

Fedora has issued an update for libpng10. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service), disclose potentially sensitive information, or potentially
compromise an application using the library.

Full Advisory:
http://secunia.com/advisories/30402/ 

 --

[SA30397] phpFix Two SQL Injection Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data, Exposure of sensitive information
Released:    2008-05-27

unohope has reported two vulnerabilities in phpFix, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/30397/ 

 --

[SA30393] Debian update for libxslt

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2008-05-29

Debian has issued an update for libxslt. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service) and potentially to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/30393/ 

 --

[SA30392] CKGold "category_id" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2008-05-28

Cr@zy_King has discovered a vulnerability in CKGold, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/30392/ 

 --

[SA30387] Slackware update for php

Critical:    Moderately critical
Where:       From remote
Impact:      Unknown, Security Bypass, DoS, System access
Released:    2008-05-26

Slackware has issued an update for php. This fixes some
vulnerabilities, which can be exploited by malicious users to bypass
certain security restrictions, and potentially by malicious people to
cause a DoS (Denial of Service) or to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/30387/ 

 --

[SA30380] Slackware update for rdesktop

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2008-05-28

Slackware has issued an update for rdesktop. This fixes a
vulnerability, which can be exploited by malicious people to compromise
a user's system.

Full Advisory:
http://secunia.com/advisories/30380/ 

 --

[SA30368] Debian update for linux-2.6

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, DoS
Released:    2008-05-28

Debian has issued an update for linux-2.6. This fixes some
vulnerabilities, which can be exploited by malicious, local users to
bypass certain security restrictions or cause a DoS (Denial of
service), and by malicious people to potentially cause a DoS.

Full Advisory:
http://secunia.com/advisories/30368/ 

 --

[SA30413] Fedora update for kvm

Critical:    Moderately critical
Where:       Local system
Impact:      Security Bypass
Released:    2008-05-29

Fedora has issued an update for kvm. This fixes a vulnerability, which
can be exploited by malicious, local users to bypass certain security
restrictions or cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/30413/ 

 --

[SA30425] Fedora update for stunnel

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass
Released:    2008-05-29

Fedora has issued an update for stunnel. This fixes a security issue,
which can be exploited by malicious people to bypass certain security
restrictions.

Full Advisory:
http://secunia.com/advisories/30425/ 

 --

[SA30391] libpam-pgsql Authentication Bypass Security Issue

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass
Released:    2008-05-26

A security issue has been reported in libpam-pgsql, which can be
exploited by malicious people to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/30391/ 

 --

[SA30399] Fedora update for system-config-network

Critical:    Less critical
Where:       Local system
Impact:      Security Bypass
Released:    2008-05-29

Fedora has issued an update for system-config-network. This fixes a
security issue, which can be exploited by malicious, local users to
bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/30399/ 

 --

[SA30394] SaraB Disclosure of DAR Encryption Ciphers

Critical:    Less critical
Where:       Local system
Impact:      Exposure of sensitive information
Released:    2008-05-26

A security issue has been reported in SaraB, which can be exploited by
malicious, local users to disclose sensitive information.

Full Advisory:
http://secunia.com/advisories/30394/ 


Other:--

[SA30409] Motorola RAZR JPEG Processing Buffer Overflow

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2008-05-28

A vulnerability has been reported in Motorola RAZR, which can be
exploited by malicious people to compromise a vulnerable device.

Full Advisory:
http://secunia.com/advisories/30409/ 

 --

[SA30364] Xerox WorkCentre Web Server Unspecified Script Insertion

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2008-05-23

A vulnerability has been reported in Xerox WorkCentre, which can be
exploited by malicious people to conduct script insertion attacks.

Full Advisory:
http://secunia.com/advisories/30364/ 

 --

[SA30362] Barracuda Spam Firewall "email" Cross-Site Scripting

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2008-05-23

Mark Crowther has reported a vulnerability in Barracuda Spam Firewall,
which can be exploited by malicious people to conduct cross-site
scripting attacks.

Full Advisory:
http://secunia.com/advisories/30362/ 


Cross Platform:--

[SA30422] CiscoWorks Common Services Unspecified Code Execution
Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2008-05-29

A vulnerability has been reported in various Cisco products, which can
be exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/30422/ 

 --

[SA30377] Quate CMS Multiple Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data, Exposure of
system information, Exposure of sensitive information, System access
Released:    2008-05-27

Digital Security Research Group have discovered some vulnerabilities in
Quate CMS, which can be exploited by malicious users to disclose and
manipulate sensitive information, and by malicious people to conduct
cross-site scripting attacks, disclose sensitive information, and
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/30377/ 

 --

[SA30375] phpRaider "pConfig_auth[phpbb_path]" File Inclusion

Critical:    Highly critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information, System access
Released:    2008-05-26

KaCaK has discovered a vulnerability in phpRaider, which can be
exploited by malicious people to disclose sensitive information and to
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/30375/ 

 --

[SA30373] plusPHP Short URL Multi-User Script "_pages_dir" File
Inclusion

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2008-05-26

DR.TOXIC has reported a vulnerability in plusPHP Short URL Multi-User
Script, which can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/30373/ 

 --

[SA30407] PHPhotoalbum Two SQL Injection Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2008-05-29

cOndemned has discovered two vulnerabilities in PHPhotoalbum, which can
be exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/30407/ 

 --

[SA30405] OpenSSL Two Denial of Service Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2008-05-28

Two vulnerabilities have been reported in OpenSSL, which can be
exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/30405/ 

 --

[SA30400] TYPO3 sg_zfelib Extension SQL Injection Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data, Exposure of sensitive information
Released:    2008-05-27

Some vulnerabilities have been reported in the sg_zfelib extension for
TYPO3, which can be exploited by malicious people to conduct SQL
injection attacks.

Full Advisory:
http://secunia.com/advisories/30400/ 

 --

[SA30378] OneCMS "load" Local File Inclusion Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information
Released:    2008-05-26

Digital Security Research Group has discovered a vulnerability in
OneCMS, which can be exploited by malicious people to disclose
sensitive information.

Full Advisory:
http://secunia.com/advisories/30378/ 

 --

[SA30376] RoomPHPlanning SQL Injection and Security Bypass

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Manipulation of data, Exposure of
sensitive information
Released:    2008-05-26

Some vulnerabilities have been discovered in RoomPHPlanning, which can
be exploited by malicious people to conduct SQL injection attacks and
bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/30376/ 

 --

[SA30374] Xomol CMS Local File Inclusion and SQL Injection

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data, Exposure of sensitive information
Released:    2008-05-26

DNX has discovered some vulnerabilities in Xomol CMS, which can be
exploited by malicious people to disclose potentially sensitive
information or conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/30374/ 

 --

[SA30367] Sava CMS Cross-Site Scripting and SQL Injection

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data, Cross Site Scripting
Released:    2008-05-23

Russ McRee has reported some vulnerabilities in Sava CMS, which can be
exploited by malicious people to conduct SQL injection and cross-site
scripting attacks.

Full Advisory:
http://secunia.com/advisories/30367/ 

 --

[SA30366] AbleDating "keyword" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2008-05-23

Ali Jasbi has reported a vulnerability in AbleDating, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/30366/ 

 --

[SA30365] ClassSystem "teacher_id" SQL Injection Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2008-05-27

unohope has reported two vulnerabilities in ClassSystem, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/30365/ 

 --

[SA30432] Symantec Backup Exec System Recovery Manager Directory
Traversal

Critical:    Moderately critical
Where:       From local network
Impact:      Exposure of sensitive information, System access
Released:    2008-05-29

A vulnerability has been reported in Symantec Backup Exec System
Recovery Manager, which can be exploited by malicious people to
disclose potentially sensitive information and potentially compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/30432/ 

 --

[SA30436] AhsayOBM / AhsayACB SSL Verification Security Issue

Critical:    Less critical
Where:       From remote
Impact:      Spoofing
Released:    2008-05-29

Heise Security has reported a security issue in Ahsay Online Backup
Manager and Ahsay A-Click Backup, which can be exploited by malicious
people to conduct spoofing attacks.

Full Advisory:
http://secunia.com/advisories/30436/ 

 --

[SA30435] SteadyBackup Online Backup Manager SSL Verification Security
Issue

Critical:    Less critical
Where:       From remote
Impact:      Spoofing
Released:    2008-05-29

Heise Security has reported a security issue in SteadyBackup Online
Backup Manager, which can be exploited by malicious people to conduct
spoofing attacks.

Full Advisory:
http://secunia.com/advisories/30435/ 

 --

[SA30431] Calcium "CalendarName" Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2008-05-29

Marvin Simkin has discovered a vulnerability in Calcium, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/30431/ 

 --

[SA30398] Ortro Unspecified Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2008-05-28

A vulnerability has been reported in Ortro, which can be exploited by
malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/30398/ 

 --

[SA30390] Mini CWB "connector.php" Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2008-05-27

CWH Underground has reported a vulnerability in Mini CWB, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/30390/ 

 --

[SA30386] TYPO3 kj_imagelightbox2 Extension Cross-Site Scripting

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2008-05-27

A vulnerability has been reported in the kj_imagelightbox2 extension
for TYPO3, which can be exploited by malicious people to conduct
cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/30386/ 

 --

[SA30383] AjaXplorer Password Change Cross-Site Request Forgery

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2008-05-28

gmda has discovered a vulnerability in AjaXplorer, which can be
exploited by malicious people to conduct cross-site request forgery
attacks.

Full Advisory:
http://secunia.com/advisories/30383/ 

 --

[SA30381] Sun Java System Web Server Advanced Search Cross-Site
Scripting

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2008-05-26

A vulnerability has been reported in Sun Java System Web Server, which
can be exploited by malicious people to conduct cross-site scripting
attacks.

Full Advisory:
http://secunia.com/advisories/30381/ 

 --

[SA30372] phpFreeForum Cross-Site Scripting Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2008-05-23

CWH Underground has reported some vulnerabilities in phpFreeForum,
which can be exploited by malicious people to conduct cross-site
scripting attacks.

Full Advisory:
http://secunia.com/advisories/30372/ 

 --

[SA30371] PCPIN Chat URL Redirection Script Cross-Site Scripting

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2008-05-26

A vulnerability has been reported in PCPIN Chat, which can be exploited
by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/30371/ 

 --

[SA30369] BMForum Multiple Cross-Site Scripting Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2008-05-23

CWH Underground has reported some vulnerabilities in BMForum, which can
be exploited by malicious people to conduct cross-site scripting
attacks.

Full Advisory:
http://secunia.com/advisories/30369/ 

 --

[SA30363] Safari Montage "forgotPW.php" Cross-Site Scripting
Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2008-05-27

Omer Singer has reported some vulnerabilities in Safari Montage, which
can be exploited by malicious people to conduct cross-site scripting
attacks.

Full Advisory:
http://secunia.com/advisories/30363/ 

 --

[SA30388] encrypt Anubis Plugin Original File Size Weakness

Critical:    Not critical
Where:       From remote
Impact:      Exposure of sensitive information
Released:    2008-05-26

A weakness has been reported in the Anubis plugin for encrypt, which
can be exploited by malicious people to disclose potentially sensitive
information.

Full Advisory:
http://secunia.com/advisories/30388/ 



=======================================================================
Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/ 

Subscribe:
http://secunia.com/secunia_weekly_summary/ 

Contact details:
Web	: http://secunia.com/ 
E-mail	: support@secunia.com 
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45


_______________________________________________      
Attend Black Hat USA, August 2-7 in Las Vegas, 
the world's premier technical event for ICT security experts.
Featuring 40 hands-on training courses and 80 Briefings 
presentations with lots of new content and new tools.
Network with 4,000 delegates from 50 nations.  
Visit product displays by 30 top sponsors in 
a relaxed setting. http://www.blackhat.com 

Site design & layout copyright © 1986-2014 CodeGods