[ISN] Secunia Weekly Summary - Issue: 2004-49
InfoSec News
isn at c4i.org
Fri Dec 3 04:40:00 EST 2004
========================================================================
The Secunia Weekly Advisory Summary
2004-11-25 - 2004-12-02
This week : 40 advisories
========================================================================
Table of Contents:
1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing
========================================================================
1) Word From Secunia:
Monitor, Filter, and Manage Security Information
- Filtering and Management of Secunia advisories
- Overview, documentation, and detailed reports
- Alerting via email and SMS
Request Trial:
https://ca.secunia.com/?f=s
========================================================================
2) This Week in Brief:
ADVISORIES:
Microsoft has issued a patch for Internet Explorer, which addresses a
buffer overflow vulnerability (also known as the IFRAME vulnerability)
in several HTML elements.
The patch has been long awaited, and all users not running systems with
Windows XP Service Pack 2 installed, are urged to install this update
as soon as possible.
See Secunia advisory below for patch links.
References:
http://secunia.com/SA12959
VIRUS ALERTS:
Secunia has not issued any virus alerts during the last week.
========================================================================
3) This Weeks Top Ten Most Read Advisories:
1. [SA13269] Winamp "IN_CDDA.dll" Buffer Overflow Vulnerability
2. [SA12959] Internet Explorer HTML Elements Buffer Overflow
Vulnerability
3. [SA13317] Microsoft Internet Explorer "Save Picture As" Image
Download Spoofing
4. [SA13271] Sun Java Plug-in Sandbox Security Bypass Vulnerability
5. [SA12889] Microsoft Internet Explorer Two Vulnerabilities
6. [SA13328] Microsoft Windows WINS Replication Packet Handling
Vulnerability
7. [SA13203] Microsoft Internet Explorer Two Vulnerabilities
8. [SA12758] Microsoft Word Document Parsing Buffer Overflow
Vulnerability
9. [SA13334] WS_FTP Server FTP Commands Buffer Overflow
Vulnerabilities
10. [SA13308] Linux Kernel Local DoS and Memory Content Disclosure
Vulnerabilities
========================================================================
4) Vulnerabilities Summary Listing
Windows:
[SA13334] WS_FTP Server FTP Commands Buffer Overflow Vulnerabilities
[SA13318] MailEnable IMAP Service Buffer Overflow Vulnerabilities
[SA13317] Microsoft Internet Explorer "Save Picture As" Image Download
Spoofing
[SA13328] Microsoft Windows WINS Replication Packet Handling
Vulnerability
[SA13333] JanaServer Two Denial of Service Vulnerabilities
UNIX/Linux:
[SA13349] Fedora update for cyrus-imapd
[SA13346] Conectiva update for cyrus-imapd
[SA13345] SUSE Updates For Multiple Packages
[SA13341] Sun Solaris Netscape PNG Image Handling Vulnerabilities
[SA13335] Fedora update for gaim
[SA13332] Gentoo update for
sun-jdk/sun-jre-bin/blackdown-jdk/blackdown-jre
[SA13320] Debian update for tetex-bin
[SA13315] Mandrake update for cyrus-imapd
[SA13310] Debian update for cyrus-imapd
[SA13309] Gentoo update for cyrus-imapd
[SA13307] jabberd Client to Server Component Buffer Overflow
Vulnerability
[SA13344] Conectiva update for abiword
[SA13338] Debian update for libgd
[SA13337] Debian update for libgd2
[SA13323] Fedora update for squirrelmail
[SA13339] SUSE update for kernel
[SA13336] Fedora update for samba
[SA13313] Debian update for yardradius
[SA13312] YardRadius "process_menu()" Buffer Overflow Vulnerability
[SA13354] Fedora update for iptables
[SA13326] Gentoo update for opendchub
[SA13325] Open DC Hub "RedirectAll" Buffer Overflow Vulnerability
[SA13324] Gentoo update for phpwebsite
[SA13322] Gentoo update for phpmyadmin
[SA13343] Debian update for openssl
[SA13340] Sun Solaris ping Utility Privilege Escalation Vulnerability
[SA13316] Mandrake update for a2ps
[SA13314] Mandrake update for zip
[SA13308] Linux Kernel Local DoS and Memory Content Disclosure
Vulnerabilities
Other:
Cross Platform:
[SA13327] Orbz Password Field Buffer Overflow Vulnerability
[SA13331] FreeImage Library Interleaved Bitmap Image Buffer Overflow
Vulnerability
[SA13329] Nuked-Klan "Links" Module Script Insertion Vulnerability
[SA13319] YaBB Unspecified "shadow" Tags Script Insertion
Vulnerability
[SA13321] Groupmax World Wide Web Cross-Site Scripting and Directory
Traversal
[SA13330] IberAgents Clear Text User Credential Disclosure
========================================================================
5) Vulnerabilities Content Listing
Windows:--
[SA13334] WS_FTP Server FTP Commands Buffer Overflow Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-11-30
Reed Arvin has discovered some vulnerabilities in WS_FTP Server, which
can be exploited by malicious users to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/13334/
--
[SA13318] MailEnable IMAP Service Buffer Overflow Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-11-26
Hat-Squad has reported two vulnerabilities in MailEnable Professional
and MailEnable Enterprise Edition, which can be exploited by malicious
people to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/13318/
--
[SA13317] Microsoft Internet Explorer "Save Picture As" Image Download
Spoofing
Critical: Moderately critical
Where: From remote
Impact: Spoofing
Released: 2004-11-26
cyber flash has discovered a vulnerability in Microsoft Internet
Explorer, which can be exploited by malicious people to trick users
into downloading malicious files.
Full Advisory:
http://secunia.com/advisories/13317/
--
[SA13328] Microsoft Windows WINS Replication Packet Handling
Vulnerability
Critical: Moderately critical
Where: From local network
Impact: System access
Released: 2004-11-29
Nicolas Waisman has reported a vulnerability in Microsoft Windows,
which can be exploited by malicious people to compromise a vulnerable
system.
Full Advisory:
http://secunia.com/advisories/13328/
--
[SA13333] JanaServer Two Denial of Service Vulnerabilities
Critical: Less critical
Where: From local network
Impact: DoS
Released: 2004-12-01
Luigi Auriemma has reported two vulnerabilities in JanaServer, which
can be exploited by malicious people to cause a DoS (Denial of
Service).
Full Advisory:
http://secunia.com/advisories/13333/
UNIX/Linux:--
[SA13349] Fedora update for cyrus-imapd
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-12-02
Fedora has issued an update for cyrus-imapd. This fixes some
vulnerabilities, which can be exploited by malicious people to
compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/13349/
--
[SA13346] Conectiva update for cyrus-imapd
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-12-02
Conectiva has issued an update for cyrus-imapd. This fixes some
vulnerabilities, which can be exploited by malicious people to
compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/13346/
--
[SA13345] SUSE Updates For Multiple Packages
Critical: Highly critical
Where: From remote
Impact: Security Bypass, DoS, System access
Released: 2004-12-01
SUSE has issued updates for multiple packages. These fix various
vulnerabilities, which can be exploited to bypass certain security
functionality, cause a DoS (Denial-of-Service), and potentially
compromise a user's system.
Full Advisory:
http://secunia.com/advisories/13345/
--
[SA13341] Sun Solaris Netscape PNG Image Handling Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: DoS, System access
Released: 2004-12-01
Sun has acknowledged some vulnerabilities in the Netscape browser for
Solaris, which can be exploited by malicious people to cause a DoS
(Denial of Service) or compromise a user's system.
Full Advisory:
http://secunia.com/advisories/13341/
--
[SA13335] Fedora update for gaim
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-11-30
Fedora has issued an update for gaim. This fixes a vulnerability, which
potentially can be exploited by malicious people to compromise a user's
system.
Full Advisory:
http://secunia.com/advisories/13335/
--
[SA13332] Gentoo update for
sun-jdk/sun-jre-bin/blackdown-jdk/blackdown-jre
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-11-30
Gentoo has issued updates for sun-jdk, sun-jre-bin, blackdown-jdk, and
blackdown-jre. These fix a vulnerability, which can be exploited by
malicious people to compromise a user's system.
Full Advisory:
http://secunia.com/advisories/13332/
--
[SA13320] Debian update for tetex-bin
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-11-26
Debian has issued an update for tetex-bin. This fixes some
vulnerabilities, which potentially can be exploited by malicious people
to compromise a user's system.
Full Advisory:
http://secunia.com/advisories/13320/
--
[SA13315] Mandrake update for cyrus-imapd
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-11-26
MandrakeSoft has issued an update for cyrus-imapd. This fixes some
vulnerabilities, which can be exploited by malicious people to
compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/13315/
--
[SA13310] Debian update for cyrus-imapd
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-11-25
Debian has issued an update for cyrus-imapd. This fixes some
vulnerabilities, which can be exploited by malicious people to
compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/13310/
--
[SA13309] Gentoo update for cyrus-imapd
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-11-25
Gentoo has issued an update for cyrus-imapd. This fixes some
vulnerabilities, which can be exploited by malicious people to
compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/13309/
--
[SA13307] jabberd Client to Server Component Buffer Overflow
Vulnerability
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-11-25
Zhaowei has reported a vulnerability in jabberd, which can be exploited
by malicious people to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/13307/
--
[SA13344] Conectiva update for abiword
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2004-12-02
Conectiva has issued an update for abiword. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
user's system.
Full Advisory:
http://secunia.com/advisories/13344/
--
[SA13338] Debian update for libgd
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2004-11-30
Debian has issued an update for libgd. This fixes some vulnerabilities,
which potentially can be exploited by malicious people to compromise a
vulnerable system.
Full Advisory:
http://secunia.com/advisories/13338/
--
[SA13337] Debian update for libgd2
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2004-11-30
Debian has issued an update for libgd2. This fixes some
vulnerabilities, which potentially can be exploited by malicious people
to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/13337/
--
[SA13323] Fedora update for squirrelmail
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting
Released: 2004-11-29
Fedora has issued an update for SquirrelMail. This fixes a
vulnerability, which can be exploited by malicious people to conduct
script insertion attacks.
Full Advisory:
http://secunia.com/advisories/13323/
--
[SA13339] SUSE update for kernel
Critical: Moderately critical
Where: From local network
Impact: Privilege escalation, DoS, Exposure of sensitive
information
Released: 2004-12-02
SUSE has issued an update for the kernel. This fixes multiple
vulnerabilities, which potentially can be exploited by malicious, local
users to gain escalated privileges or by malicious people to cause a DoS
(Denial of Service) or leak kernel memory.
Full Advisory:
http://secunia.com/advisories/13339/
--
[SA13336] Fedora update for samba
Critical: Moderately critical
Where: From local network
Impact: DoS, System access
Released: 2004-11-30
Fedora has issued an update for samba. This fixes two vulnerabilities,
which can be exploited by malicious users to cause a DoS (Denial of
Service) or compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/13336/
--
[SA13313] Debian update for yardradius
Critical: Moderately critical
Where: From local network
Impact: System access
Released: 2004-11-26
Debian has issued an updated for yardradius. This fixes a
vulnerability, which can be exploited by malicious people to compromise
a vulnerable system.
Full Advisory:
http://secunia.com/advisories/13313/
--
[SA13312] YardRadius "process_menu()" Buffer Overflow Vulnerability
Critical: Moderately critical
Where: From local network
Impact: System access
Released: 2004-11-26
Max Vozeler has reported a vulnerability in YardRadius, which can be
exploited by malicious people to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/13312/
--
[SA13354] Fedora update for iptables
Critical: Less critical
Where: From remote
Impact:
Released: 2004-12-02
Fedora has issued an update for iptables. This fixes a security issue,
where iptables under some circumstances fails to load required
modules.
Full Advisory:
http://secunia.com/advisories/13354/
--
[SA13326] Gentoo update for opendchub
Critical: Less critical
Where: From remote
Impact: System access
Released: 2004-11-29
Gentoo has issued an update for opendchub. This fixes a vulnerability,
which can be exploited by certain malicious users to compromise a
vulnerable system.
Full Advisory:
http://secunia.com/advisories/13326/
--
[SA13325] Open DC Hub "RedirectAll" Buffer Overflow Vulnerability
Critical: Less critical
Where: From remote
Impact: System access
Released: 2004-11-29
Donato Ferrante has reported a vulnerability in Open DC Hub, which can
be exploited by certain malicious users to compromise a vulnerable
system.
Full Advisory:
http://secunia.com/advisories/13325/
--
[SA13324] Gentoo update for phpwebsite
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2004-11-29
Gentoo has issued an update for phpwebsite. This fixes a vulnerability,
which can be exploited by malicious people to conduct cross-site
scripting attacks.
Full Advisory:
http://secunia.com/advisories/13324/
--
[SA13322] Gentoo update for phpmyadmin
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2004-11-29
Gentoo has issued an update for phpmyadmin. This fixes some
vulnerabilities, which can be exploited by malicious people to conduct
cross-site scripting attacks.
Full Advisory:
http://secunia.com/advisories/13322/
--
[SA13343] Debian update for openssl
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-12-02
Debian has issued an update for openssl. This fixes a vulnerability,
which can be exploited by malicious, local users to perform certain
actions on a vulnerable system with escalated privileges.
Full Advisory:
http://secunia.com/advisories/13343/
--
[SA13340] Sun Solaris ping Utility Privilege Escalation Vulnerability
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-12-01
A vulnerability has been reported in Sun Solaris, which can be
exploited by malicious, local users to gain escalated privileges.
Full Advisory:
http://secunia.com/advisories/13340/
--
[SA13316] Mandrake update for a2ps
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-11-26
MandrakeSoft has issued an update for a2ps. This fixes a vulnerability,
which potentially can be exploited by malicious, local users to gain
escalated privileges.
Full Advisory:
http://secunia.com/advisories/13316/
--
[SA13314] Mandrake update for zip
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-11-26
MandrakeSoft has issued an update for zip. This fixes a vulnerability,
which potentially can be exploited by malicious, local users to gain
escalated privileges.
Full Advisory:
http://secunia.com/advisories/13314/
--
[SA13308] Linux Kernel Local DoS and Memory Content Disclosure
Vulnerabilities
Critical: Less critical
Where: Local system
Impact: Exposure of sensitive information, DoS
Released: 2004-11-25
Two vulnerabilities have been reported in the Linux Kernel, which can
be exploited by malicious, local users to cause a DoS (Denial of
Service) or gain knowledge of potentially sensitive information.
Full Advisory:
http://secunia.com/advisories/13308/
Other:
Cross Platform:--
[SA13327] Orbz Password Field Buffer Overflow Vulnerability
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-11-30
Luigi Auriemma has reported a vulnerability in Orbz, which potentially
can be exploited by malicious people to compromise a vulnerable
system.
Full Advisory:
http://secunia.com/advisories/13327/
--
[SA13331] FreeImage Library Interleaved Bitmap Image Buffer Overflow
Vulnerability
Critical: Moderately critical
Where: From remote
Impact: DoS, System access
Released: 2004-11-30
A vulnerability has been reported in FreeImage, which can be exploited
by malicious people to cause a DoS (Denial of Service) and potentially
compromise a user's system.
Full Advisory:
http://secunia.com/advisories/13331/
--
[SA13329] Nuked-Klan "Links" Module Script Insertion Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting
Released: 2004-11-29
XioNoX has reported a vulnerability in Nuked-Klan, which can be
exploited by malicious people to conduct script insertion attacks.
Full Advisory:
http://secunia.com/advisories/13329/
--
[SA13319] YaBB Unspecified "shadow" Tags Script Insertion
Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting
Released: 2004-11-26
A vulnerability has been reported in YaBB, which can be exploited by
malicious people to conduct script insertion attacks.
Full Advisory:
http://secunia.com/advisories/13319/
--
[SA13321] Groupmax World Wide Web Cross-Site Scripting and Directory
Traversal
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting, Exposure of sensitive information
Released: 2004-11-29
Two vulnerabilities have been reported in Groupmax World Wide Web and
Groupmax World Wide Web Desktop, which can be exploited to conduct
cross-site scripting attacks or access arbitrary HTML files.
Full Advisory:
http://secunia.com/advisories/13321/
--
[SA13330] IberAgents Clear Text User Credential Disclosure
Critical: Less critical
Where: Local system
Impact: Exposure of sensitive information
Released: 2004-11-29
A security issue has been reported in IberAgents, which can be
exploited by malicious, local users to gain knowledge of sensitive
information.
Full Advisory:
http://secunia.com/advisories/13330/
========================================================================
Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Subscribe:
http://secunia.com/secunia_weekly_summary/
Contact details:
Web : http://secunia.com/
E-mail : support at secunia.com
Tel : +45 70 20 51 44
Fax : +45 70 20 51 45
========================================================================
More information about the ISN
mailing list