[ISN] Secunia Weekly Summary - Issue: 2005-15

InfoSec News isn at c4i.org
Thu Apr 14 08:57:50 EDT 2005


========================================================================

                  The Secunia Weekly Advisory Summary                  
                        2005-04-07 - 2005-04-14                        

                       This week : 87 advisories                       

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing

========================================================================
1) Word From Secunia:

Want a new IT Security job?

Vacant positions at Secunia:
http://secunia.com/secunia_vacancies/

========================================================================
2) This Week in Brief:

Microsoft has released their monthly security updates for April, which
correct vulnerabilities in many different Microsoft products.

Users of Microsoft products are advised to check Windows Update for
available updates or view referenced Secunia advisories below.

References:
http://secunia.com/SA12758
http://secunia.com/SA14909
http://secunia.com/SA14915
http://secunia.com/SA14920
http://secunia.com/SA14921
http://secunia.com/SA14922
http://secunia.com/SA14927

--

Security firm HexView has released details about a vulnerability in the
Microsoft Jet Database Engine, which can be exploited by malicious
people to compromise a vulnerable system.

Although Microsoft just released their monthly security updates for
April, a patch was not included for this vulnerability. Users are
therefore recommended not to open untrusted ".mdb" database files.

NOTE: Exploit code has been posted to a public mailing list.

Additional details are available in the Secunia advisory below.

http://secunia.com/SA14896

--

A vulnerability has been reported in OpenOffice, which potentially can
be exploited to compromise a vulnerable system.

The vendor has confirmed the vulnerability and has released a fix,
which is available in the CVS repository. An official updated version
is expected within a short period of time.

References:
http://secunia.com/SA14912

--

A vulnerability has been reported in Maxthon, a popular skin for
Internet Explorer, which can be exploited to compromise a vulnerable
system.

The vendor has released an updated version. Please view Secunia
advisory below for more information about non-vulnerable versions.

References:
http://secunia.com/SA14918

--

Some vulnerabilities have been reported in Lotus Notes/Domino, which
can be exploited by malicious people to cause a DoS (Denial of Service)
or compromise a vulnerable system.

Updated versions are available from the vendor.

References:
http://secunia.com/SA14879


VIRUS ALERTS:

Secunia has not issued any virus alerts during the week.

========================================================================
3) This Weeks Top Ten Most Read Advisories:

1.  [SA14820] Mozilla Firefox JavaScript Engine Information Disclosure
              Vulnerability
2.  [SA14821] Mozilla Suite JavaScript Engine Information Disclosure
              Vulnerability
3.  [SA14896] Microsoft Jet Database Engine Database File Parsing
              Vulnerability
4.  [SA14879] Lotus Notes/Domino Multiple Vulnerabilities
5.  [SA12758] Microsoft Word Document Parsing Buffer Overflow
              Vulnerabilities
6.  [SA14654] Mozilla Firefox Three Vulnerabilities
7.  [SA14922] Microsoft Internet Explorer Multiple Vulnerabilities
8.  [SA14902] Sun Java JDK/SDK Jar Directory Traversal Vulnerability
9.  [SA14927] Microsoft Windows Kernel Multiple Vulnerabilities
10. [SA14804] Netscape JavaScript Engine Information Disclosure
              Vulnerability

========================================================================
4) Vulnerabilities Summary Listing

Windows:
[SA14920] Microsoft Exchange SMTP Service Extended Verb Request Buffer
Overflow
[SA14918] Maxthon Security ID Disclosure Vulnerability
[SA14915] Microsoft MSN Messenger GIF Image Processing Vulnerability
[SA14896] Microsoft Jet Database Engine Database File Parsing
Vulnerability
[SA14879] Lotus Notes/Domino Multiple Vulnerabilities
[SA14870] MailEnable IMAP "LOGIN" Command Buffer Overflow
Vulnerability
[SA14861] AN HTTPD cmdIS.DLL Buffer Overflow and Log File Injection
[SA14909] Microsoft Windows Shell MSHTA Script Execution Vulnerability
[SA14880] DC++ Unspecified Manipulation of Arbitrary Files
[SA14864] Ocean12 Membership Manager Pro Cross-Site Scripting and SQL
Injection
[SA14921] Microsoft Windows Message Queuing Buffer Overflow
Vulnerability
[SA14910] CA BrightStor ARCserve Backup Universal Agent Buffer
Overflow
[SA14930] Centra Profile Script Insertion Vulnerability
[SA14944] WIDCOMM Bluetooth Connectivity Software Directory Traversal
[SA14927] Microsoft Windows Kernel Multiple Vulnerabilities
[SA14923] DeluxeFTP Disclosure of User Credentials
[SA14889] FTP Now Disclosure of User Credentials

UNIX/Linux:
[SA14949] Red Hat update for kdegraphics
[SA14922] Microsoft Internet Explorer Multiple Vulnerabilities
[SA14914] SUSE update for kdelibs3
[SA14908] KDE kdelibs PCX Image Buffer Overflow Vulnerability
[SA14900] SUSE Updates for Multiple Packages
[SA14893] UnixWare update for libtiff
[SA14963] Fedora update for openoffice
[SA14939] Debian update for axel
[SA14933] Gentoo update for axel
[SA14907] UnixWare update for telnet
[SA14897] Access_user Class Undocumented Default Password
[SA14873] Camino JavaScript Engine Information Disclosure
Vulnerability
[SA14951] Gentoo update for gld
[SA14948] Red Hat update for dhcp
[SA14941] Gld Multiple Vulnerabilities
[SA14891] UnixWare CDE dtlogin XDMCP Parsing Vulnerability
[SA14946] AIX Various Communication Protocol Security Issues
[SA14945] Sun Solaris ICMP Message Handling Denial of Service
[SA14925] KDE KMail User Interface Spoofing Vulnerability
[SA14911] Gentoo update for phpmyadmin
[SA14898] FirstClass Client Bookmark Files Can Launch Local Programs
[SA14895] Fedora update for gftp
[SA14877] Gentoo update for gnome-vfs/libcdaudio
[SA14936] Debian update for mysql
[SA14872] Mandrake update for mysql
[SA14863] Ubuntu update for mysql-server
[SA14956] Gentoo update for rsnapshot
[SA14926] Ubuntu update for kernel
[SA14903] portupgrade Insecure Temporary File Creation Vulnerability
[SA14894] UnixWare update for cdrecord
[SA14892] OpenServer auditsh/atcronsh/termsh Buffer Overflow
Vulnerabilities
[SA14878] rsnapshot "copy_symlink()" Privilege Escalation
Vulnerability
[SA14876] OpenServer update for cscope
[SA14875] SGI IRIX gr_osview Privilege Escalation and Information
Disclosure
[SA14952] Mandrake update for gaim
[SA14947] Red Hat update for gaim
[SA14886] Mandrake update for gtk+2.0
[SA14885] Mandrake update for gdk-pixbuf
[SA14899] Pine rpdump File Creation Race Condition Vulnerability
[SA14887] Mandrake update for sharutils
[SA14883] Red Hat vixie-cron Exposure of Arbitrary Cron Files
[SA14862] Fedora Core vixie-cron Exposure of Arbitrary Cron Files

Other:
[SA14874] Novell NetWare Unspecified TCP Packet Handling Denial of
Service
[SA14871] Linksys WET11 Password Change Security Bypass Vulnerability
[SA14950] Juniper Networks JUNOS ICMP Message Handling Denial of
Service
[SA14937] Network Appliance Data ONTAP ICMP Message Handling Denial of
Service
[SA14928] WatchGuard Products ICMP Message Handling Denial of Service
[SA14904] Cisco Various Products ICMP Message Handling Denial of
Service
[SA14860] SonicWALL Pro Series Script Insertion Vulnerability

Cross Platform:
[SA14916] DokuWiki File Upload Vulnerability
[SA14890] ModernBill Cross-Site Scripting and File Inclusion
Vulnerabilities
[SA14935] Oracle Products Multiple Unspecified Vulnerabilities
[SA14929] Mambo zOOm Media Gallery Module "catid" SQL Injection
[SA14919] jPortal Banner Module SQL Injection Vulnerability
[SA14913] aeDating Multiple Vulnerabilities
[SA14912] OpenOffice ".doc" Document Handling Buffer Overflow
[SA14906] RadBids Gold Multiple Vulnerabilities
[SA14888] SurgeFTP "LEAK" Command Denial of Service Vulnerability
[SA14882] PunBB SQL Injection and Cross-Site Scripting Vulnerabilities
[SA14881] Macromedia ColdFusion MX Exposure of Class Files
[SA14869] Runcms / exoops Arbitrary File Upload Vulnerability
[SA14866] PHP-Nuke Multiple SQL Injection Vulnerabilities
[SA14934] Veritas i3 FocalPoint Server Unspecified Vulnerability
[SA14940] eGroupWare Exposure of Mail Attachments
[SA14924] Pinnacle Cart "pg" Cross-Site Scripting Vulnerability
[SA14902] Sun Java JDK/SDK Jar Directory Traversal Vulnerability
[SA14884] TowerBlog Exposure of Sensitive Information
[SA14868] PostNuke Cross-Site Scripting and SQL Injection
Vulnerabilities
[SA14867] CubeCart "language" PHP Script Inclusion Vulnerability
[SA14865] HP OpenView Network Node Manager Unspecified Denial of
Service

========================================================================
5) Vulnerabilities Content Listing

Windows:--

[SA14920] Microsoft Exchange SMTP Service Extended Verb Request Buffer
Overflow

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-04-12

ISS X-Force has reported a vulnerability in Microsoft Exchange Server,
which can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/14920/

 --

[SA14918] Maxthon Security ID Disclosure Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-04-11

Aviv Raff has reported a vulnerability in Maxthon, which potentially
can be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/14918/

 --

[SA14915] Microsoft MSN Messenger GIF Image Processing Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-04-12

Hongzhen Zhou has reported a vulnerability in MSN Messenger, which can
be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/14915/

 --

[SA14896] Microsoft Jet Database Engine Database File Parsing
Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-04-12

HexView has discovered a vulnerability in Microsoft Jet Database
Engine, which can be exploited by malicious people to compromise a
user's system.

Full Advisory:
http://secunia.com/advisories/14896/

 --

[SA14879] Lotus Notes/Domino Multiple Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      Cross Site Scripting, DoS, System access
Released:    2005-04-08

Some vulnerabilities have been reported in Lotus Notes/Domino, which
can be exploited by malicious people to cause a DoS (Denial of Service)
or compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/14879/

 --

[SA14870] MailEnable IMAP "LOGIN" Command Buffer Overflow
Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-04-07

H D Moore has discovered a vulnerability in MailEnable, which can be
exploited by malicious people to cause a DoS (Denial of Service) and
potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/14870/

 --

[SA14861] AN HTTPD cmdIS.DLL Buffer Overflow and Log File Injection

Critical:    Highly critical
Where:       From remote
Impact:      Manipulation of data, System access
Released:    2005-04-08

Tan Chew Keong has reported two vulnerabilities in AN HTTPD, which can
be exploited by malicious people to inject arbitrary data into log
files or compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/14861/

 --

[SA14909] Microsoft Windows Shell MSHTA Script Execution Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2005-04-12

A vulnerability has been reported in Microsoft Windows, which can be
exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/14909/

 --

[SA14880] DC++ Unspecified Manipulation of Arbitrary Files

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-04-11

cologic has reported a vulnerability in DC++, which can be exploited by
malicious people to manipulate sensitive information.

Full Advisory:
http://secunia.com/advisories/14880/

 --

[SA14864] Ocean12 Membership Manager Pro Cross-Site Scripting and SQL
Injection

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data
Released:    2005-04-07

Zinho has reported two vulnerabilities in Ocean12 Membership Manager
Pro, which can be exploited by malicious people to conduct cross-site
scripting and SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/14864/

 --

[SA14921] Microsoft Windows Message Queuing Buffer Overflow
Vulnerability

Critical:    Moderately critical
Where:       From local network
Impact:      System access
Released:    2005-04-12

Kostya Kortchinsky has reported a vulnerability in Microsoft Windows,
which can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/14921/

 --

[SA14910] CA BrightStor ARCserve Backup Universal Agent Buffer
Overflow

Critical:    Moderately critical
Where:       From local network
Impact:      System access
Released:    2005-04-12

A vulnerability has been reported in BrightStor ARCserve/Enterprise
Backup, which can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/14910/

 --

[SA14930] Centra Profile Script Insertion Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-04-13

Clorox has reported a vulnerability in Centra, which can be exploited
by malicious users to conduct script insertion attacks.

Full Advisory:
http://secunia.com/advisories/14930/

 --

[SA14944] WIDCOMM Bluetooth Connectivity Software Directory Traversal

Critical:    Less critical
Where:       From local network
Impact:      Security Bypass
Released:    2005-04-13

Kevin Finisterre has reported a vulnerability in WIDCOMM Bluetooth
Connectivity Software, which can be exploited by malicious people to
bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/14944/

 --

[SA14927] Microsoft Windows Kernel Multiple Vulnerabilities

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation, DoS
Released:    2005-04-12

Some vulnerabilities have been reported in the Microsoft Windows, which
can be exploited by malicious, local users to cause a DoS (Denial of
Service) or gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/14927/

 --

[SA14923] DeluxeFTP Disclosure of User Credentials

Critical:    Less critical
Where:       Local system
Impact:      Exposure of sensitive information
Released:    2005-04-11

Lostmon has discovered a security issue in DeluxeFTP, which can be
exploited by malicious, local users to disclose sensitive information.

Full Advisory:
http://secunia.com/advisories/14923/

 --

[SA14889] FTP Now Disclosure of User Credentials

Critical:    Less critical
Where:       Local system
Impact:      Exposure of sensitive information
Released:    2005-04-08

Kozan has discovered a security issue in FTP Now, which can be
exploited by malicious, local users to disclose sensitive information.

Full Advisory:
http://secunia.com/advisories/14889/


UNIX/Linux:--

[SA14949] Red Hat update for kdegraphics

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-04-13

Red Hat has issued an update for kdegraphics. This fixes a
vulnerability, which potentially can be exploited by malicious people
to compromise a user's system or cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/14949/

 --

[SA14922] Microsoft Internet Explorer Multiple Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-04-12

Some vulnerabilities has been reported in Microsoft Internet Explorer,
which can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/14922/

 --

[SA14914] SUSE update for kdelibs3

Critical:    Highly critical
Where:       From remote
Impact:      Spoofing, DoS, System access
Released:    2005-04-12

SUSE has issued an update for kdelibs3. This fixes some
vulnerabilities, which can be exploited to cause a DoS (Denial of
Service), spoof the URL displayed in an address bar and status bar, or
potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/14914/

 --

[SA14908] KDE kdelibs PCX Image Buffer Overflow Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-04-12

Bruno Rohee has reported a vulnerability in KDE kdelibs, which
potentially can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/14908/

 --

[SA14900] SUSE Updates for Multiple Packages

Critical:    Highly critical
Where:       From remote
Impact:      Exposure of system information, Privilege escalation,
System access
Released:    2005-04-11

SUSE has issued updates for multiple packages. These fix various
vulnerabilities, which can be exploited by malicious, local users to
escalate their privileges and by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/14900/

 --

[SA14893] UnixWare update for libtiff

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-04-08

SCO has issued an update for libtiff. This fixes some vulnerabilities,
which potentially can be exploited by malicious people to cause a DoS
(Denial of Service) and compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/14893/

 --

[SA14963] Fedora update for openoffice

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-04-14

Fedora has issued an update for openoffice. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
user's system.

Full Advisory:
http://secunia.com/advisories/14963/

 --

[SA14939] Debian update for axel

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2005-04-13

Debian has issued an update for axel. This fixes a vulnerability, which
potentially can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/14939/

 --

[SA14933] Gentoo update for axel

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2005-04-13

Gentoo has issued an update for axel. This fixes a vulnerability, which
potentially can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/14933/

 --

[SA14907] UnixWare update for telnet

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2005-04-11

Unixware has issued an update for telnet. This fixes two
vulnerabilities, which can be exploited by malicious people to
compromise a user's system.

Full Advisory:
http://secunia.com/advisories/14907/

 --

[SA14897] Access_user Class Undocumented Default Password

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2005-04-08

The vendor has reported a security issue in Access_user Class, which
can be exploited by malicious people to get access to arbitrary
accounts.

Full Advisory:
http://secunia.com/advisories/14897/

 --

[SA14873] Camino JavaScript Engine Information Disclosure
Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information
Released:    2005-04-08

A vulnerability has been discovered in Camino, which can be exploited
by malicious people to gain knowledge of potentially sensitive
information.

Full Advisory:
http://secunia.com/advisories/14873/

 --

[SA14951] Gentoo update for gld

Critical:    Moderately critical
Where:       From local network
Impact:      System access
Released:    2005-04-13

Gentoo has issued an update for gld. This fixes some vulnerabilities,
which potentially can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/14951/

 --

[SA14948] Red Hat update for dhcp

Critical:    Moderately critical
Where:       From local network
Impact:      System access
Released:    2005-04-13

Red Hat has issued an update for dhcp. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/14948/

 --

[SA14941] Gld Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From local network
Impact:      System access
Released:    2005-04-13

dong-hun you has reported some vulnerabilities in Gld, which
potentially can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/14941/

 --

[SA14891] UnixWare CDE dtlogin XDMCP Parsing Vulnerability

Critical:    Moderately critical
Where:       From local network
Impact:      System access
Released:    2005-04-08

SCO has acknowledged a vulnerability in UnixWare, which can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/14891/

 --

[SA14946] AIX Various Communication Protocol Security Issues

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2005-04-13

IBM has acknowledged some security issues in AIX, which can be
exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/14946/

 --

[SA14945] Sun Solaris ICMP Message Handling Denial of Service

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2005-04-13

Sun has acknowledged some security issues in Solaris, which can be
exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/14945/

 --

[SA14925] KDE KMail User Interface Spoofing Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Spoofing
Released:    2005-04-11

Noam Rathaus has discovered a vulnerability in KMail, which can be
exploited by malicious people to conduct spoofing attacks.

Full Advisory:
http://secunia.com/advisories/14925/

 --

[SA14911] Gentoo update for phpmyadmin

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-04-12

Gentoo has issued an update for phpmyadmin. This fixes a vulnerability,
which can be exploited by malicious people to conduct cross-site
scripting attack.

Full Advisory:
http://secunia.com/advisories/14911/

 --

[SA14898] FirstClass Client Bookmark Files Can Launch Local Programs

Critical:    Less critical
Where:       From remote
Impact:      System access
Released:    2005-04-08

dila has reported a vulnerability in FirstClass, which can be exploited
by malicious people to execute arbitrary commands on a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/14898/

 --

[SA14895] Fedora update for gftp

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass, Manipulation of data
Released:    2005-04-08

Fedora has issued an update for gftp. This fixes a vulnerability, which
can be exploited by malicious people to conduct directory traversal
attacks.

Full Advisory:
http://secunia.com/advisories/14895/

 --

[SA14877] Gentoo update for gnome-vfs/libcdaudio

Critical:    Less critical
Where:       From remote
Impact:      System access
Released:    2005-04-08

Gentoo has issued updates for gnome-vfs and libcdaudio. These fix a
vulnerability, which potentially can be exploited by malicious people
to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/14877/

 --

[SA14936] Debian update for mysql

Critical:    Less critical
Where:       From local network
Impact:      Security Bypass, Privilege escalation, System access
Released:    2005-04-14

Debian has issued an update for mysql. This fixes some vulnerabilities,
which can be exploited by malicious users to bypass certain security
restrictions and potentially compromise a vulnerable system and by
malicious, local users to perform certain actions on a vulnerable
system with escalated privileges.

Full Advisory:
http://secunia.com/advisories/14936/

 --

[SA14872] Mandrake update for mysql

Critical:    Less critical
Where:       From local network
Impact:      Security Bypass
Released:    2005-04-13

MandrakeSoft has issued an update for mysql. This fixes a
vulnerability, which can be exploited by malicious users to bypass
certain security restrictions.

Full Advisory:
http://secunia.com/advisories/14872/

 --

[SA14863] Ubuntu update for mysql-server

Critical:    Less critical
Where:       From local network
Impact:      Security Bypass
Released:    2005-04-07

Ubuntu has issued an update for mysql-server. This fixes a
vulnerability, which can be exploited by malicious users to bypass
certain security restrictions.

Full Advisory:
http://secunia.com/advisories/14863/

 --

[SA14956] Gentoo update for rsnapshot

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-04-14

Gentoo has issued an update for rsnapshot. This fixes a vulnerability,
which can be exploited by malicious, local users to perform certain
actions on a vulnerable system with escalated privileges.

Full Advisory:
http://secunia.com/advisories/14956/

 --

[SA14926] Ubuntu update for kernel

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation, DoS
Released:    2005-04-11

Ubuntu has issued updates for the kernel. These fixes two
vulnerabilities, which can be exploited by malicious, local users to
cause a DoS (Denial of Service) or gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/14926/

 --

[SA14903] portupgrade Insecure Temporary File Creation Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Manipulation of data
Released:    2005-04-12

Simon L. Nielsen has reported a vulnerability in portupgrade, which can
be exploited by malicious, local users to perform certain actions on a
vulnerable system with escalated privileges.

Full Advisory:
http://secunia.com/advisories/14903/

 --

[SA14894] UnixWare update for cdrecord

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-04-08

SCO has issued an update for cdrecord. This fixes a vulnerability,
which can be exploited by malicious, local users to gain escalated
privileges.

Full Advisory:
http://secunia.com/advisories/14894/

 --

[SA14892] OpenServer auditsh/atcronsh/termsh Buffer Overflow
Vulnerabilities

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-04-08

Joel Soderberg and Christer Oberg have reported some vulnerabilities in
SCO OpenServer, which potentially can be exploited by malicious, local
users to gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/14892/

 --

[SA14878] rsnapshot "copy_symlink()" Privilege Escalation
Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-04-11

A vulnerability has been reported in rsnapshot, which can be exploited
by malicious, local users to perform certain actions on a vulnerable
system with escalated privileges.

Full Advisory:
http://secunia.com/advisories/14878/

 --

[SA14876] OpenServer update for cscope

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-04-08

SCO has issued an update for cscope. This fixes a vulnerability, which
can be exploited by malicious, local users to perform certain actions
on a vulnerable system with escalated privileges.

Full Advisory:
http://secunia.com/advisories/14876/

 --

[SA14875] SGI IRIX gr_osview Privilege Escalation and Information
Disclosure

Critical:    Less critical
Where:       Local system
Impact:      Exposure of sensitive information, Privilege escalation
Released:    2005-04-08

Two vulnerabilities have been reported in SGI IRIX, which can be
exploited by malicious, local users to perform certain actions on a
vulnerable system with escalated privileges and disclose some sensitive
information.

Full Advisory:
http://secunia.com/advisories/14875/

 --

[SA14952] Mandrake update for gaim

Critical:    Not critical
Where:       From remote
Impact:      DoS
Released:    2005-04-14

MandrakeSoft has issued an update for gaim. This fixes three
weaknesses, which can be exploited by malicious people to cause a DoS
(Denial of Service).

Full Advisory:
http://secunia.com/advisories/14952/

 --

[SA14947] Red Hat update for gaim

Critical:    Not critical
Where:       From remote
Impact:      DoS
Released:    2005-04-13

Red Hat has issued an update for gaim. This fixes three weaknesses,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/14947/

 --

[SA14886] Mandrake update for gtk+2.0

Critical:    Not critical
Where:       From remote
Impact:      DoS
Released:    2005-04-08

MandrakeSoft has issued an update for gtk+2.0. This fixes a
vulnerability, which can be exploited by malicious people to crash
certain applications on a vulnerable system.

Full Advisory:
http://secunia.com/advisories/14886/

 --

[SA14885] Mandrake update for gdk-pixbuf

Critical:    Not critical
Where:       From remote
Impact:      DoS
Released:    2005-04-08

MandrakeSoft has issued an update for gdk-pixbuf. This fixes a
vulnerability, which can be exploited by malicious people to crash
certain applications on a vulnerable system.

Full Advisory:
http://secunia.com/advisories/14885/

 --

[SA14899] Pine rpdump File Creation Race Condition Vulnerability

Critical:    Not critical
Where:       Local system
Impact:      Manipulation of data
Released:    2005-04-12

Imran Ghory has reported a vulnerability in Pine, which potentially can
be exploited by malicious, local users to perform certain actions on a
vulnerable system with escalated privileges.

Full Advisory:
http://secunia.com/advisories/14899/

 --

[SA14887] Mandrake update for sharutils

Critical:    Not critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-04-08

MandrakeSoft has issued an update for sharutils. This fixes a
vulnerability, which potentially can be exploited by malicious, local
users to conduct certain actions on a vulnerable system with escalated
privileges.

Full Advisory:
http://secunia.com/advisories/14887/

 --

[SA14883] Red Hat vixie-cron Exposure of Arbitrary Cron Files

Critical:    Not critical
Where:       Local system
Impact:      Exposure of system information
Released:    2005-04-08

Karol Wiêsek has discovered a vulnerability in vixie-cron on Red Hat
Enterprise Linux, which can be exploited by malicious, local users to
read arbitrary cron files.

Full Advisory:
http://secunia.com/advisories/14883/

 --

[SA14862] Fedora Core vixie-cron Exposure of Arbitrary Cron Files

Critical:    Not critical
Where:       Local system
Impact:      Exposure of system information
Released:    2005-04-08

Karol Wiêsek has discovered a vulnerability in vixie-cron on Fedora
Core, which can be exploited by malicious, local users to read
arbitrary cron files.

Full Advisory:
http://secunia.com/advisories/14862/


Other:--

[SA14874] Novell NetWare Unspecified TCP Packet Handling Denial of
Service

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2005-04-08

A vulnerability has been reported in Novell NetWare, which potentially
can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/14874/

 --

[SA14871] Linksys WET11 Password Change Security Bypass Vulnerability

Critical:    Moderately critical
Where:       From local network
Impact:      Security Bypass
Released:    2005-04-07

Kristian Hermansen has reported a vulnerability in Linksys WET11, which
can be exploited by malicious people to bypass certain security
restrictions.

Full Advisory:
http://secunia.com/advisories/14871/

 --

[SA14950] Juniper Networks JUNOS ICMP Message Handling Denial of
Service

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2005-04-13

Juniper Networks has acknowledged some security issues in the M-series
and T-series routers running certain unspecified releases of JUNOS,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/14950/

 --

[SA14937] Network Appliance Data ONTAP ICMP Message Handling Denial of
Service

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2005-04-13

Network Appliance has acknowledged some security issues in Data ONTAP,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/14937/

 --

[SA14928] WatchGuard Products ICMP Message Handling Denial of Service

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2005-04-13

WatchGuard has acknowledged some security issues in the WatchGuard
firewall products, which can be exploited by malicious people to cause
a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/14928/

 --

[SA14904] Cisco Various Products ICMP Message Handling Denial of
Service

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2005-04-12

Fernando Gont has published an Internet-Draft describing how ICMP
(Internet Control Message Protocol) can be exploited by malicious
people to cause a DoS (Denial of Service). Cisco has acknowledged that
various Cisco products are affected.

Full Advisory:
http://secunia.com/advisories/14904/

 --

[SA14860] SonicWALL Pro Series Script Insertion Vulnerability

Critical:    Less critical
Where:       From local network
Impact:      Cross Site Scripting
Released:    2005-04-08

Dev Appan has reported a vulnerability in SonicWALL Pro series, which
can be exploited by malicious people to conduct script insertion
attacks.

Full Advisory:
http://secunia.com/advisories/14860/


Cross Platform:--

[SA14916] DokuWiki File Upload Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-04-13

Håvar Henriksen has reported a vulnerability in DokuWiki, which can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/14916/

 --

[SA14890] ModernBill Cross-Site Scripting and File Inclusion
Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      Cross Site Scripting, System access
Released:    2005-04-11

James Bercegay has reported some vulnerabilities in ModernBill, which
can be exploited by malicious people to conduct cross-site scripting
attacks and compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/14890/

 --

[SA14935] Oracle Products Multiple Unspecified Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Unknown, Manipulation of data, Exposure of system
information, Exposure of sensitive information, DoS
Released:    2005-04-13

Multiple vulnerabilities have been reported in various Oracle products.
Some have an unknown impact, and others can be exploited to gain
knowledge of sensitive information, manipulate data, or cause a DoS
(Denial of Service).

Full Advisory:
http://secunia.com/advisories/14935/

 --

[SA14929] Mambo zOOm Media Gallery Module "catid" SQL Injection

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-04-12

Andreas Constantinides has reported a vulnerability in the zOOm Media
Gallery module for Mambo, which can be exploited by malicious people to
conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/14929/

 --

[SA14919] jPortal Banner Module SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data, Exposure of system information,
Exposure of sensitive information
Released:    2005-04-12

Marcin "CiNU5" Krupowicz has reported a vulnerability in jPortal, which
can be exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/14919/

 --

[SA14913] aeDating Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data, Exposure of
sensitive information
Released:    2005-04-12

dionisio has reported some vulnerabilities in aeDating, which can be
exploited by malicious people to conduct cross-site scripting and SQL
injection attacks and disclose sensitive information.

Full Advisory:
http://secunia.com/advisories/14913/

 --

[SA14912] OpenOffice ".doc" Document Handling Buffer Overflow

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-04-13

AD-LAB has reported a vulnerability in OpenOffice, which potentially
can be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/14912/

 --

[SA14906] RadBids Gold Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data, Exposure of
sensitive information
Released:    2005-04-11

Diabolic Crab has reported some vulnerabilities in RadBids Gold, which
can be exploited by malicious people to conduct cross-site scripting
and SQL injection attacks, and potentially disclose sensitive
information.

Full Advisory:
http://secunia.com/advisories/14906/

 --

[SA14888] SurgeFTP "LEAK" Command Denial of Service Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2005-04-08

Tan Chew Keong has reported a vulnerability in SurgeFTP, which can be
exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/14888/

 --

[SA14882] PunBB SQL Injection and Cross-Site Scripting Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data
Released:    2005-04-08

Some vulnerabilities have been reported in PunBB, which can be
exploited by malicious people to conduct cross-site scripting attacks
and by malicious users to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/14882/

 --

[SA14881] Macromedia ColdFusion MX Exposure of Class Files

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of sensitive information
Released:    2005-04-08

Sean Waddell has reported a security issue in Macromedia ColdFusion MX,
which can be exploited by malicious people to disclose some potentially
sensitive information.

Full Advisory:
http://secunia.com/advisories/14881/

 --

[SA14869] Runcms / exoops Arbitrary File Upload Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2005-04-07

pokleyzz has reported a vulnerability in Runcms and exoops, which
potentially can be exploited by malicious users to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/14869/

 --

[SA14866] PHP-Nuke Multiple SQL Injection Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data, Exposure of system information
Released:    2005-04-07

Some vulnerabilities have been reported in PHP-Nuke, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/14866/

 --

[SA14934] Veritas i3 FocalPoint Server Unspecified Vulnerability

Critical:    Moderately critical
Where:       From local network
Impact:      Unknown
Released:    2005-04-13

NGSSoftware has reported a vulnerability with an unknown impact in
Veritas i3 FocalPoint server.

Full Advisory:
http://secunia.com/advisories/14934/

 --

[SA14940] eGroupWare Exposure of Mail Attachments

Critical:    Less critical
Where:       From remote
Impact:      Exposure of sensitive information
Released:    2005-04-13

Gerald Quakenbush has discovered a security issue in eGroupWare, which
may expose sensitive information to malicious people.

Full Advisory:
http://secunia.com/advisories/14940/

 --

[SA14924] Pinnacle Cart "pg" Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-04-13

SmOk3 has reported a vulnerability in Pinnacle Cart, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/14924/

 --

[SA14902] Sun Java JDK/SDK Jar Directory Traversal Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      System access
Released:    2005-04-11

Pluf has discovered a vulnerability in Sun Java JDK/SDK, which
potentially can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/14902/

 --

[SA14884] TowerBlog Exposure of Sensitive Information

Critical:    Less critical
Where:       From remote
Impact:      Exposure of sensitive information
Released:    2005-04-11

CorryL has reported a vulnerability in TowerBlog, which can be
exploited by malicious people to disclose sensitive information.

Full Advisory:
http://secunia.com/advisories/14884/

 --

[SA14868] PostNuke Cross-Site Scripting and SQL Injection
Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-04-08

Diabolic Crab has reported some vulnerabilities in PostNuke, which can
be exploited by malicious people to conduct SQL injection and
cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/14868/

 --

[SA14867] CubeCart "language" PHP Script Inclusion Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass, Exposure of system information
Released:    2005-04-07

John Cobb has reported a vulnerability in CubeCart, which can be
exploited by malicious people to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/14867/

 --

[SA14865] HP OpenView Network Node Manager Unspecified Denial of
Service

Critical:    Less critical
Where:       From local network
Impact:      DoS
Released:    2005-04-07

A vulnerability has been reported in OpenView Network Node Manager (OV
NNM), which can be exploited by malicious people to cause a DoS (Denial
of Service).

Full Advisory:
http://secunia.com/advisories/14865/



========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Subscribe:
http://secunia.com/secunia_weekly_summary/

Contact details:
Web	: http://secunia.com/
E-mail	: support at secunia.com
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45





More information about the ISN mailing list