[ISN] Secunia Weekly Summary - Issue: 2005-34

InfoSec News isn at c4i.org
Fri Aug 26 04:20:00 EDT 2005


========================================================================

                  The Secunia Weekly Advisory Summary                  
                        2005-08-18 - 2005-08-25                        

                       This week : 78 advisories                       

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing

========================================================================
1) Word From Secunia:

The Secunia staff is spending hours every day to assure you the best
and most reliable source for vulnerability information. Every single 
vulnerability report is being validated and verified before a Secunia
advisory is written.

Secunia validates and verifies vulnerability reports in many different
ways e.g. by downloading the software and performing comprehensive
tests, by reviewing source code, or by validating the credibility of
the source from which the vulnerability report was issued.

As a result, Secunia's database is the most correct and complete source
for recent vulnerability information available on the Internet.

Secunia Online Vulnerability Database:
http://secunia.com/

========================================================================
2) This Week in Brief:

A vulnerability has been reported in Internet Explorer, which can be
exploited by malicious people to compromise a vulnerable system.

The vulnerability is caused due to an error when the "msdds.dll"
(Microsoft DDS Library Shape Control) COM object is instantiated in the
Internet Explorer browser.

Information about products, which include the vulnerable COM object,
can be found in the referenced Secunia advisory below.

Reference:
http://secunia.com/SA16480

--

Secunia Research has discovered a vulnerability in various HAURI
anti-virus products, which can be exploited by malicious people to
compromise a vulnerable system.

Additional information can be found in the referenced Secunia advisory
below.

Reference:
http://secunia.com/SA16488


VIRUS ALERTS:

Secunia has not issued any virus alerts during the week.

========================================================================
3) This Weeks Top Ten Most Read Advisories:

1.  [SA16480] Microsoft DDS Library Shape Control Code Execution
              Vulnerability
2.  [SA16466] Adobe Acrobat / Reader Plug-in Buffer Overflow
              Vulnerability
3.  [SA16548] Microsoft IIS "500-100.asp" Source Code Disclosure
4.  [SA16560] Windows Registry Editor Utility String Concealment
              Weakness
5.  [SA15601] Mozilla / Mozilla Firefox Frame Injection Vulnerability
6.  [SA16545] Cisco Intrusion Prevention System Privilege Escalation
7.  [SA12758] Microsoft Word Document Parsing Buffer Overflow
              Vulnerabilities
8.  [SA16449] Mac OS X Security Update Fixes Multiple Vulnerabilities
9.  [SA16463] OpenVPN Multiple DoS Vulnerabilities
10. [SA16513] CA Various Products Message Queuing Vulnerabilities

========================================================================
4) Vulnerabilities Summary Listing

Windows:
[SA16480] Microsoft DDS Library Shape Control Code Execution
Vulnerability
[SA16478] Chris Moneymaker's World Poker Championship Buffer Overflow
[SA16556] Home Ftp Server Directory Traversal Vulnerability
[SA16552] LeapFTP Site Queue File Buffer Overflow Vulnerability
[SA16489] Emefa Guestbook Script Insertion Vulnerability
[SA16548] Microsoft IIS "500-100.asp" Source Code Disclosure
[SA16530] Cisco Clean Access Host-based Check Bypass Security Issue
[SA16542] ZipTorrent Proxy Password Disclosure Security Issue
[SA16525] Process Explorer "CompanyName" Buffer Overflow
[SA16560] Windows Registry Editor Utility String Concealment Weakness

UNIX/Linux:
[SA16554] Red Hat update for elm
[SA16550] Gentoo update for PEAR-XML_RPC / phpxmlrpc
[SA16535] SUSE Updates for Multiple Packages
[SA16533] Red Hat update for php
[SA16527] Debian update for mozilla-thunderbird
[SA16524] Mandriva update for php-pear
[SA16520] Gentoo update for evolution
[SA16512] Ubuntu update for php4
[SA16511] AreaEdit SpellChecker Plugin Code Execution Vulnerability
[SA16510] SUSE update for acroread
[SA16508] ELM "Expires" Header Parsing Buffer Overflow Vulnerability
[SA16507] Debian update for mozilla-firefox
[SA16505] Gentoo update for acroread
[SA16504] Zorum prod.php Arbitrary Command Execution Vulnerability
[SA16483] Fedora update for gaim
[SA16572] Fedora update for pcre
[SA16547] Fedora update for squirrelmail
[SA16543] Ubuntu update for libpcre3/apache2
[SA16539] SqWebMail Attached File Script Insertion Vulnerability
[SA16536] Debian update for mantis
[SA16532] Debian update for bluez-utils
[SA16529] Mandriva update for vim
[SA16526] UnixWare update for zlib
[SA16519] Red Hat update for vim
[SA16517] Red Hat update for netpbm
[SA16506] Mantis Cross-Site Scripting and SQL Injection
Vulnerabilities
[SA16499] Coppermine Photo Gallery EXIF Data Script Insertion
[SA16485] mutt Attachment Decoding Buffer Overflow Vulnerability
[SA16481] Fedora update for netpbm
[SA16521] Sun Solaris DHCP Client Arbitrary Code Execution
Vulnerability
[SA16540] Gentoo update for tor
[SA16537] Debian update for kdegraphics
[SA16518] pam_ldap Client Authentication Security Bypass
[SA16500] Ubuntu update for kernel
[SA16498] Mandriva update for wxPythonGTK
[SA16495] UnixWare update for cpio
[SA16487] Mandriva update for kdegraphics
[SA16486] Mandriva update for libtiff
[SA16482] Fedora update for cups
[SA16546] Avaya CMS / IR Solaris printd Daemon Arbitrary File Deletion
[SA16484] Fedora update for ncpfs
[SA16549] Ubuntu update for lm-sensors
[SA16541] Adobe Version Cue VCNative Privilege Escalation
[SA16515] Debian update for mysql-dfsg
[SA16501] LM Sensors Insecure Temporary File Creation Vulnerability
[SA16557] Fedora update for cvs
[SA16553] CVS Insecure Temporary File Usage Security Issue

Other:
[SA16545] Cisco Intrusion Prevention System Privilege Escalation

Cross Platform:
[SA16528] WebCalendar "includedir" Arbitrary File Inclusion
Vulnerability
[SA16523] Netquery "host" Parameter Arbitrary Command Execution
[SA16522] SaveWebPortal Multiple Vulnerabilities
[SA16492] PHPTB "absolutepath" Arbitrary File Inclusion Vulnerability
[SA16491] MailWatch for MailScanner XML-RPC PHP Code Execution
[SA16488] HAURI Anti-Virus ACE Archive Handling Buffer Overflow
[SA16551] Ventrilo Server Denial of Service Vulnerability
[SA16538] BEA WebLogic Portal User-Entitlement Security Bypass
[SA16531] PHPKit SQL Injection Vulnerabilities
[SA16514] RunCMS SQL Injection and Arbitrary Variable Overwrite
Vulnerability
[SA16503] BBCaffe Email Address Script Insertion Vulnerability
[SA16502] PCRE Quantifier Values Integer Overflow Vulnerability
[SA16497] w-Agora "site" Local File Inclusion Vulnerability
[SA16493] MediaBox404 Admin Logon SQL Injection Vulnerability
[SA16490] PHPFreeNews SQL Injection and Cross-Site Scripting
[SA16513] CA Various Products Message Queuing Vulnerabilities
[SA16534] PostNuke "show" Parameter SQL Injection Vulnerability
[SA16516] vBulletin BBCode IMG Tag Cross-Site Request Forgery
[SA16496] ATutor Cross-Site Scripting Vulnerabilities
[SA16544] Cisco IDS Management Software SSL Certificate Validation
Vulnerability

========================================================================
5) Vulnerabilities Content Listing

Windows:--

[SA16480] Microsoft DDS Library Shape Control Code Execution
Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-08-18

A vulnerability has been reported in Internet Explorer, which can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/16480/

 --

[SA16478] Chris Moneymaker's World Poker Championship Buffer Overflow

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-08-18

Luigi Auriemma has reported a vulnerability in Chris Moneymaker's World
Poker Championship, which potentially can be exploited by malicious
people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/16478/

 --

[SA16556] Home Ftp Server Directory Traversal Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information
Released:    2005-08-25

Donato Ferrante has discovered a vulnerability in Home FTP Server,
which can be exploited by malicious users to access arbitrary files on
a vulnerable system.

Full Advisory:
http://secunia.com/advisories/16556/

 --

[SA16552] LeapFTP Site Queue File Buffer Overflow Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2005-08-24

Sowhat has reported a vulnerability in LeapFTP, which potentially can
be exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/16552/

 --

[SA16489] Emefa Guestbook Script Insertion Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-08-18

David Sopas Ferreira has discovered a vulnerability in Emefa Guestbook,
which can be exploited by malicious people to conduct script insertion
attacks.

Full Advisory:
http://secunia.com/advisories/16489/

 --

[SA16548] Microsoft IIS "500-100.asp" Source Code Disclosure

Critical:    Less critical
Where:       From remote
Impact:      Exposure of sensitive information
Released:    2005-08-23

Inge Henriksen has discovered a vulnerability in Microsoft Internet
Information Services (IIS), which can be exploited by malicious people
to gain knowledge of potentially sensitive information.

Full Advisory:
http://secunia.com/advisories/16548/

 --

[SA16530] Cisco Clean Access Host-based Check Bypass Security Issue

Critical:    Less critical
Where:       From local network
Impact:      Security Bypass
Released:    2005-08-23

llhansen has reported a security issue in CCA (Cisco Clean Access),
which can be exploited by malicious people to bypass certain security
restrictions.

Full Advisory:
http://secunia.com/advisories/16530/

 --

[SA16542] ZipTorrent Proxy Password Disclosure Security Issue

Critical:    Less critical
Where:       Local system
Impact:      Exposure of sensitive information
Released:    2005-08-24

Kozan has discovered a security issue in ZipTorrent, which can be
exploited by malicious, local users to disclose certain sensitive
information.

Full Advisory:
http://secunia.com/advisories/16542/

 --

[SA16525] Process Explorer "CompanyName" Buffer Overflow

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-08-22

ATmaCA has discovered a vulnerability in Process Explorer, which
potentially can be exploited by malicious, local users to gain
escalated privileges.

Full Advisory:
http://secunia.com/advisories/16525/

 --

[SA16560] Windows Registry Editor Utility String Concealment Weakness

Critical:    Not critical
Where:       Local system
Impact:      Spoofing
Released:    2005-08-24

Igor Franchuk has discovered a weakness in Microsoft Windows, which can
be exploited to hide certain information.

Full Advisory:
http://secunia.com/advisories/16560/


UNIX/Linux:--

[SA16554] Red Hat update for elm

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-08-24

Red Hat has issued an update for elm. This fixes a vulnerability, which
can be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/16554/

 --

[SA16550] Gentoo update for PEAR-XML_RPC / phpxmlrpc

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-08-24

Gentoo has issued an update for PEAR-XML_RPC / phpxmlrpc. This fixes a
vulnerability, which can be exploited by malicious people to compromise
a vulnerable system.

Full Advisory:
http://secunia.com/advisories/16550/

 --

[SA16535] SUSE Updates for Multiple Packages

Critical:    Highly critical
Where:       From remote
Impact:      Cross Site Scripting, DoS, System access
Released:    2005-08-22

SUSE has issued updates for multiple packages. These fix various
vulnerabilities, which can be exploited by malicious people to conduct
cross-site scripting attacks, cause a DoS (Denial of Service), or
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/16535/

 --

[SA16533] Red Hat update for php

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-08-22

Red Hat has issued an update for php. This fixes a vulnerability, which
can be exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/16533/

 --

[SA16527] Debian update for mozilla-thunderbird

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, Exposure of system
information, Exposure of sensitive information, System access
Released:    2005-08-23

Debian has issued an update for mozilla-thunderbird. This fixes some
vulnerabilities, which can be exploited by malicious people to bypass
certain security restrictions, gain knowledge of potentially sensitive
information, conduct cross-site scripting attacks and compromise a
user's system.

Full Advisory:
http://secunia.com/advisories/16527/

 --

[SA16524] Mandriva update for php-pear

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-08-23

Mandriva has issued an update for php-pear. This fixes a vulnerability,
which can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/16524/

 --

[SA16520] Gentoo update for evolution

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-08-23

Gentoo has issued an update for evolution. This fixes some
vulnerabilities, which can be exploited by malicious people to
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/16520/

 --

[SA16512] Ubuntu update for php4

Critical:    Highly critical
Where:       From remote
Impact:      Privilege escalation, System access
Released:    2005-08-22

Ubuntu has issued updates for php4-dev and php4-pear. These fix some
vulnerabilities, which can be exploited by malicious, local users to
perform certain actions with escalated privileges or by malicious
people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/16512/

 --

[SA16511] AreaEdit SpellChecker Plugin Code Execution Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-08-22

A vulnerability has been reported in AreaEdit, which can be exploited
by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/16511/

 --

[SA16510] SUSE update for acroread

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-08-22

SUSE has issued an update for acroread. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
user's system.

Full Advisory:
http://secunia.com/advisories/16510/

 --

[SA16508] ELM "Expires" Header Parsing Buffer Overflow Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-08-22

Ulf Harnhammar has reported a vulnerability in ELM, which can be
exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/16508/

 --

[SA16507] Debian update for mozilla-firefox

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, Spoofing, System
access
Released:    2005-08-22

Debian has issued an update for mozilla-firefox. This fixes some
vulnerabilities, which can be exploited by malicious people to bypass
certain security restrictions, conduct cross-site scripting and
spoofing attacks, and compromise a user's system.

Full Advisory:
http://secunia.com/advisories/16507/

 --

[SA16505] Gentoo update for acroread

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-08-19

Gentoo has issued an update for acroread. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
user's system.

Full Advisory:
http://secunia.com/advisories/16505/

 --

[SA16504] Zorum prod.php Arbitrary Command Execution Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-08-19

rgod has discovered a vulnerability in Zorum, which can be exploited by
malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/16504/

 --

[SA16483] Fedora update for gaim

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-08-18

Fedora has issued an update for gaim. This fixes a vulnerability and
two weaknesses, which can be exploited by malicious people to cause a
DoS (Denial of Service) or compromise a user's system.

Full Advisory:
http://secunia.com/advisories/16483/

 --

[SA16572] Fedora update for pcre

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2005-08-25

Fedora has issued an update for pcre. This fixes a vulnerability, which
potentially can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/16572/

 --

[SA16547] Fedora update for squirrelmail

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-08-23

Fedora has issued an update for squirrelmail. This fixes some
vulnerabilities, which can be exploited by malicious people to conduct
cross-site scripting attacks and disclose or manipulate sensitive
information.

Full Advisory:
http://secunia.com/advisories/16547/

 --

[SA16543] Ubuntu update for libpcre3/apache2

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2005-08-24

Ubuntu has issued updates for libpcre3, apache2, apache2-mpm-perchild,
apache2-mpm-prefork, apache2-mpm-threadpool, and apache2-mpm-worker.
These fix a vulnerability, which potentially can be exploited by
malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/16543/

 --

[SA16539] SqWebMail Attached File Script Insertion Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-08-24

Secunia Research has discovered a vulnerability in SqWebMail, which can
be exploited by malicious people to conduct script insertion attacks.

Full Advisory:
http://secunia.com/advisories/16539/

 --

[SA16536] Debian update for mantis

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data
Released:    2005-08-22

Debian has issued an update for mantis. This fixes some
vulnerabilities, which can be exploited by malicious people to conduct
cross-site scripting and SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/16536/

 --

[SA16532] Debian update for bluez-utils

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, System access
Released:    2005-08-23

Debian has issued an update for bluez-utils. This fixes a
vulnerability, which can be exploited by malicious people to bypass
certain security restrictions or compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/16532/

 --

[SA16529] Mandriva update for vim

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2005-08-23

Mandriva has issued an update for vim. This fixes a vulnerability,
which can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/16529/

 --

[SA16526] UnixWare update for zlib

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-08-22

SCO has acknowledged some vulnerabilities in zlib included with
UnixWare. These can be exploited by malicious, local users to cause a
DoS (Denial of Service), or by malicious people to cause a DoS or
potentially compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/16526/

 --

[SA16519] Red Hat update for vim

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2005-08-23

Red Hat has issued an update for vim. This fixes a vulnerability, which
can be exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/16519/

 --

[SA16517] Red Hat update for netpbm

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2005-08-22

Red Hat has issued an update for netpbm. This fixes a vulnerability,
which can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/16517/

 --

[SA16506] Mantis Cross-Site Scripting and SQL Injection
Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data
Released:    2005-08-22

Some vulnerabilities have been reported in Mantis, which can be
exploited by malicious people to conduct cross-site scripting, script
insertion, and SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/16506/

 --

[SA16499] Coppermine Photo Gallery EXIF Data Script Insertion

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-08-22

A vulnerability has been reported in Coppermine Photo Gallery, which
can be exploited by malicious people to conduct script insertion
attacks.

Full Advisory:
http://secunia.com/advisories/16499/

 --

[SA16485] mutt Attachment Decoding Buffer Overflow Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-08-22

Frank Denis and Peter Valchev have reported a vulnerability in mutt,
which potentially can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/16485/

 --

[SA16481] Fedora update for netpbm

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2005-08-18

Fedora has issued an update for netpbm. This fixes a vulnerability,
which can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/16481/

 --

[SA16521] Sun Solaris DHCP Client Arbitrary Code Execution
Vulnerability

Critical:    Moderately critical
Where:       From local network
Impact:      System access
Released:    2005-08-24

A vulnerability has been reported in Solaris, which can be exploited by
malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/16521/

 --

[SA16540] Gentoo update for tor

Critical:    Less critical
Where:       From remote
Impact:      Exposure of sensitive information, Manipulation of data
Released:    2005-08-25

Gentoo has issued an update for tor. This fixes a vulnerability, which
potentially can be exploited by malicious people to disclose or modify
certain sensitive information.

Full Advisory:
http://secunia.com/advisories/16540/

 --

[SA16537] Debian update for kdegraphics

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2005-08-22

Debian has issued an update for kdegraphics. This fixes a
vulnerability, which can be exploited by malicious people to cause a
DoS (Denial of Service) on a user's system.

Full Advisory:
http://secunia.com/advisories/16537/

 --

[SA16518] pam_ldap Client Authentication Security Bypass

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass
Released:    2005-08-24

A security issue has been reported in pam_ldap, which can be exploited
by malicious people to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/16518/

 --

[SA16500] Ubuntu update for kernel

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2005-08-19

Ubuntu has issued an update for the kernel. This fixes some
vulnerabilities, which can be exploited by malicious, local users or
malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/16500/

 --

[SA16498] Mandriva update for wxPythonGTK

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2005-08-19

Mandriva has issued an update for wxPythonGTK. This fixes a
vulnerability, which can be exploited by malicious people to cause a
DoS (Denial of Service) on an application linked against the library.

Full Advisory:
http://secunia.com/advisories/16498/

 --

[SA16495] UnixWare update for cpio

Critical:    Less critical
Where:       From remote
Impact:      System access
Released:    2005-08-18

UnixWare has issued an update for cpio. This fixes a vulnerability,
which can be exploited by malicious people to cause files to be
unpacked to arbitrary locations on a user's system.

Full Advisory:
http://secunia.com/advisories/16495/

 --

[SA16487] Mandriva update for kdegraphics

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2005-08-18

Mandriva has issued an update for kdegraphics. This fixes a
vulnerability, which can be exploited by malicious people to cause a
DoS (Denial of Service) on an application linked against the library.

Full Advisory:
http://secunia.com/advisories/16487/

 --

[SA16486] Mandriva update for libtiff

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2005-08-18

Mandriva has issued an update for libtiff. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service) on an application linked against the library.

Full Advisory:
http://secunia.com/advisories/16486/

 --

[SA16482] Fedora update for cups

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2005-08-18

Fedora has issued an update for cups. This fixes a vulnerability, which
can be exploited by malicious people to cause a DoS (Denial of Service)
on a vulnerable system.

Full Advisory:
http://secunia.com/advisories/16482/

 --

[SA16546] Avaya CMS / IR Solaris printd Daemon Arbitrary File Deletion

Critical:    Less critical
Where:       From local network
Impact:      Manipulation of data
Released:    2005-08-23

Avaya has acknowledged a vulnerability in CMS and IR,  which can be
exploited by malicious users to delete files on a vulnerable system.

Full Advisory:
http://secunia.com/advisories/16546/

 --

[SA16484] Fedora update for ncpfs

Critical:    Less critical
Where:       From local network
Impact:      Privilege escalation, System access
Released:    2005-08-18

Fedora has issued an update for ncpfs. This fixes two vulnerabilities
and a potential issue, which can be exploited to perform certain
actions on a vulnerable system with escalated privileges or potentially
compromise a user's system.

Full Advisory:
http://secunia.com/advisories/16484/

 --

[SA16549] Ubuntu update for lm-sensors

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-08-24

Ubuntu has issued an update for lm-sensors. This fixes a vulnerability,
which can be exploited by malicious, local users to perform certain
actions on a vulnerable system with escalated privileges.

Full Advisory:
http://secunia.com/advisories/16549/

 --

[SA16541] Adobe Version Cue VCNative Privilege Escalation

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-08-23

A vulnerability has been reported in Adobe Version Cue, which can be
exploited by malicious, local users to gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/16541/

 --

[SA16515] Debian update for mysql-dfsg

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-08-24

Debian has issued an update for mysql-dfsg. This fixes a vulnerability,
which can be exploited by malicious, local users to conduct various
actions on a vulnerable system with escalated privileges.

Full Advisory:
http://secunia.com/advisories/16515/

 --

[SA16501] LM Sensors Insecure Temporary File Creation Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-08-22

Javier Fernandez-Sanguino Pena has reported a vulnerability in LM
Sensors, which can be exploited by malicious, local users to perform
certain actions on a vulnerable system with escalated privileges.

Full Advisory:
http://secunia.com/advisories/16501/

 --

[SA16557] Fedora update for cvs

Critical:    Not critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-08-24

Fedora has issued an update for cvs. This fixes a security issue, which
potentially can be exploited by malicious, local users to perform
certain actions on a vulnerable system with escalated privileges.

Full Advisory:
http://secunia.com/advisories/16557/

 --

[SA16553] CVS Insecure Temporary File Usage Security Issue

Critical:    Not critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-08-24

Josh Bressers has reported a security issue in cvs, which potentially
can be exploited by malicious, local users to perform certain actions
on a vulnerable system with escalated privileges.

Full Advisory:
http://secunia.com/advisories/16553/


Other:--

[SA16545] Cisco Intrusion Prevention System Privilege Escalation

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-08-23

A vulnerability has been reported in Cisco Intrusion Prevention System,
which can be exploited by malicious, local users to gain escalated
privileges.

Full Advisory:
http://secunia.com/advisories/16545/


Cross Platform:--

[SA16528] WebCalendar "includedir" Arbitrary File Inclusion
Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-08-24

A vulnerability has been reported in WebCalendar, which can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/16528/

 --

[SA16523] Netquery "host" Parameter Arbitrary Command Execution

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-08-23

rgod has discovered a vulnerability in Netquery, which can be exploited
by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/16523/

 --

[SA16522] SaveWebPortal Multiple Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      Cross Site Scripting, System access
Released:    2005-08-23

rgod has discovered some vulnerabilities in SaveWebPortal, which can be
exploited by malicious people to conduct cross-site scripting attacks or
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/16522/

 --

[SA16492] PHPTB "absolutepath" Arbitrary File Inclusion Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-08-18

Filip Groszynski has discovered a vulnerability in PHPTB, which can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/16492/

 --

[SA16491] MailWatch for MailScanner XML-RPC PHP Code Execution

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-08-18

A vulnerability has been reported in MailWatch for MailScanner, which
can be exploited by malicious people to compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/16491/

 --

[SA16488] HAURI Anti-Virus ACE Archive Handling Buffer Overflow

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-08-24

Secunia Research has discovered a vulnerability in various HAURI
anti-virus products, which can be exploited by malicious people to
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/16488/

 --

[SA16551] Ventrilo Server Denial of Service Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2005-08-24

Luigi Auriemma has discovered a vulnerability in Ventrilo Server, which
can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/16551/

 --

[SA16538] BEA WebLogic Portal User-Entitlement Security Bypass

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2005-08-23

A vulnerability has been reported in WebLogic Portal, which can be
exploited by malicious users to bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/16538/

 --

[SA16531] PHPKit SQL Injection Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-08-24

Phuket has discovered some vulnerabilities in PHPKit, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/16531/

 --

[SA16514] RunCMS SQL Injection and Arbitrary Variable Overwrite
Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-08-22

James Bercegay has reported some vulnerabilities in RunCMS, which can
be exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/16514/

 --

[SA16503] BBCaffe Email Address Script Insertion Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-08-19

rgod has discovered a vulnerability in BBCaffe, which can be exploited
by malicious people to conduct script insertion attacks.

Full Advisory:
http://secunia.com/advisories/16503/

 --

[SA16502] PCRE Quantifier Values Integer Overflow Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-08-22

A vulnerability has been reported in PCRE, which potentially can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/16502/

 --

[SA16497] w-Agora "site" Local File Inclusion Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of sensitive information
Released:    2005-08-19

matrix_killer has discovered a vulnerability in w-Agora, which can be
exploited by malicious people to disclose certain sensitive
information.

Full Advisory:
http://secunia.com/advisories/16497/

 --

[SA16493] MediaBox404 Admin Logon SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-08-18

Cedric Tissieres has reported a vulnerability in MediaBox404, which can
be exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/16493/

 --

[SA16490] PHPFreeNews SQL Injection and Cross-Site Scripting

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data
Released:    2005-08-18

matrix_killer has discovered some vulnerabilities in PHPFreeNews, which
can be exploited by malicious people to conduct SQL injection and
cross-site scripting vulnerabilities.

Full Advisory:
http://secunia.com/advisories/16490/

 --

[SA16513] CA Various Products Message Queuing Vulnerabilities

Critical:    Moderately critical
Where:       From local network
Impact:      Spoofing, DoS, System access
Released:    2005-08-22

Some vulnerabilities have been reported in various products within the
CA Message Queuing (CAM / CAFT) software, which can be exploited by
malicious people to cause a DoS (Denial of Service) or compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/16513/

 --

[SA16534] PostNuke "show" Parameter SQL Injection Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-08-25

Maksymilian Arciemowicz has discovered a vulnerability in PostNuke,
which can be exploited by malicious administrative users to conduct SQL
injection attacks.

Full Advisory:
http://secunia.com/advisories/16534/

 --

[SA16516] vBulletin BBCode IMG Tag Cross-Site Request Forgery

Critical:    Less critical
Where:       From remote
Impact:      Hijacking
Released:    2005-08-24

A vulnerability has been discovered in vBulletin, which can be
exploited by malicious users to conduct cross-site request forgery
attacks.

Full Advisory:
http://secunia.com/advisories/16516/

 --

[SA16496] ATutor Cross-Site Scripting Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-08-19

matrix_killer has discovered some vulnerabilities in ATutor, which can
be exploited by malicious people to conduct cross-site scripting
attacks.

Full Advisory:
http://secunia.com/advisories/16496/

 --

[SA16544] Cisco IDS Management Software SSL Certificate Validation
Vulnerability

Critical:    Less critical
Where:       From local network
Impact:      Spoofing
Released:    2005-08-23

A vulnerability has been reported in CiscoWorks Monitoring Center for
Security and CiscoWorks Management Center for IDS Sensors (IDSMC),
which can be exploited by malicious people to spoof certain
information.

Full Advisory:
http://secunia.com/advisories/16544/



========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Subscribe:
http://secunia.com/secunia_weekly_summary/

Contact details:
Web	: http://secunia.com/
E-mail	: support at secunia.com
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45





More information about the ISN mailing list