[ISN] Secunia Weekly Summary - Issue: 2005-21

InfoSec News isn at c4i.org
Thu May 26 13:11:19 EDT 2005


========================================================================

                  The Secunia Weekly Advisory Summary                  
                        2005-05-19 - 2005-05-26                        

                       This week : 48 advisories                       

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing

========================================================================
1) Word From Secunia:

The Secunia staff is spending hours every day to assure you the best
and most reliable source for vulnerability information. Every single 
vulnerability report is being validated and verified before a Secunia
advisory is written.

Secunia validates and verifies vulnerability reports in many different
ways e.g. by downloading the software and performing comprehensive
tests, by reviewing source code, or by validating the credibility of
the source from which the vulnerability report was issued.

As a result, Secunia's database is the most correct and complete source
for recent vulnerability information available on the Internet.

Secunia Online Vulnerability Database:
http://secunia.com/

========================================================================
2) This Week in Brief:

Alex Wheeler has reported a vulnerability in various Computer
Associates and Zonelabs products, which can be exploited by malicious
people to compromise a vulnerable system.

Users of Computer Associates and Zonelabs products are advised to
review referenced Secunia advisories, to ensure that your systems are
updated.

Reference:
http://secunia.com/SA15470
http://secunia.com/SA15479

--

Apple has issued a security update for Mac OS X v10.4, which fixes
various vulnerabilities.

Refer to Secunia advisory below for details.

Reference:
http://secunia.com/SA15436


VIRUS ALERTS:

Secunia has not issued any virus alerts during the week.

========================================================================
3) This Weeks Top Ten Most Read Advisories:

1.  [SA15292] Mozilla Firefox Two Vulnerabilities
2.  [SA15470] CA Multiple Products Vet Antivirus Engine Buffer Overflow
3.  [SA15479] Zonelabs ZoneAlarm Vet Antivirus Engine Buffer Overflow
4.  [SA15422] D-Link DSL Routers "firmwarecfg" Authentication Bypass
5.  [SA12758] Microsoft Word Document Parsing Buffer Overflow
              Vulnerabilities
6.  [SA15436] Mac OS X Update Fixes Multiple Vulnerabilities
7.  [SA15472] Cisco Various Products Compressed DNS Messages Denial of
              Service
8.  [SA15486] BEA WebLogic Multiple Vulnerabilities
9.  [SA15393] Cisco Various Products TCP Timestamp Denial of Service
10. [SA14163] Mozilla Products IDN Spoofing Security Issue

========================================================================
4) Vulnerabilities Summary Listing

Windows:
[SA15483] IMail Server Multiple Vulnerabilities
[SA15482] Warrior Kings Denial of Service and Format String
Vulnerabilities
[SA15479] Zonelabs ZoneAlarm Vet Antivirus Engine Buffer Overflow
[SA15470] CA Multiple Products Vet Antivirus Engine Buffer Overflow
[SA15501] Halo: Combat Evolved Denial of Service Vulnerability
[SA15494] FunkyASP AD System "password" SQL Injection Vulnerability
[SA15493] Active News Manager Username and Password SQL Injection
[SA15469] NewsletterEz "Password" SQL Injection Vulnerability
[SA15443] JiRo's Statistics System "Password" SQL Injection
Vulnerability

UNIX/Linux:
[SA15504] Red Hat update for lesstif
[SA15502] Red Hat update for ethereal
[SA15461] Red Hat update for firefox
[SA15464] Red Hat update for mozilla
[SA15462] Debian update for libconvert-uulib-perl
[SA15456] WebAPP APage Module Unspecified Vulnerability
[SA15451] gxine HTTP URL Hostname Format String Vulnerability
[SA15448] Cookie Cart Exposure of Order Notifications and Passwords
[SA15440] Red Hat update for evolution
[SA15439] Debian update for oops
[SA15468] Picasm Error Handling Buffer Overflow Vulnerability
[SA15466] Solaris in.ftpd Wildcard Denial of Service Vulnerability
[SA15454] GNOME gedit Filename Format String Vulnerability
[SA15447] bzip2 Decompression Denial of Service Vulnerability
[SA15485] Fedora update for openssl
[SA15484] Fedora update for openssl096b
[SA15480] Fedora update for kernel
[SA15478] Gentoo update for qpopper
[SA15476] Gentoo update for net-snmp
[SA15475] Qpopper Privilege Escalation Vulnerabilities
[SA15473] Iron Bars SHell Format String Vulnerability
[SA15471] Net-snmp fixproc Insecure Temporary File Creation
[SA15467] Gentoo update for gdb
[SA15460] Ubuntu update for kernel
[SA15457] Linux Kernel Hyper-Threading Support Information Disclosure
[SA15449] GDB Integer Overflow and Insecure Initialisation File
Handling
[SA15445] Gentoo webapp-config Insecure Temporary File Creation
[SA15444] Debian update for ppxp
[SA15455] Ubuntu update for imagemagick
[SA15453] Gentoo update for imagemagick/graphicsmagick
[SA15446] GraphicsMagick XWD Decoding Denial of Service Vulnerability

Other:
[SA15472] Cisco Various Products Compressed DNS Messages Denial of
Service
[SA15463] ZyXEL ZyNOS Fragmented IP Packets Denial of Service

Cross Platform:
[SA15486] BEA WebLogic Multiple Vulnerabilities
[SA15458] PortailPHP "id" SQL Injection Vulnerability
[SA15450] PostNuke Multiple Vulnerabilities
[SA15465] Sambar Server Cross-Site Scripting Vulnerabilities
[SA15459] PHPMyCart Multiple Cross-Site Scripting Vulnerabilities
[SA15452] Blue Coat Reporter Multiple Vulnerabilities

========================================================================
5) Vulnerabilities Content Listing

Windows:--

[SA15483] IMail Server Multiple Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      Exposure of system information, Exposure of sensitive
information, DoS, System access
Released:    2005-05-24

Multiple vulnerabilities have been reported in IMail Server, which can
be exploited to gain knowledge of sensitive information, cause a DoS
(Denial of Service), or compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/15483/

 --

[SA15482] Warrior Kings Denial of Service and Format String
Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-05-24

Luigi Auriemma has reported two vulnerabilities in Warrior Kings and
Warrior Kings: Battle, which can be exploited by malicious people to
cause a DoS (Denial of Service) and potentially compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/15482/

 --

[SA15479] Zonelabs ZoneAlarm Vet Antivirus Engine Buffer Overflow

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-05-24

Alex Wheeler has reported a vulnerability in ZoneAlarm Security Suite
and ZoneAlarm Antivirus, which can be exploited by malicious people to
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/15479/

 --

[SA15470] CA Multiple Products Vet Antivirus Engine Buffer Overflow

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-05-24

Alex Wheeler has reported a vulnerability in various Computer
Associates products, which can be exploited by malicious people to
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/15470/

 --

[SA15501] Halo: Combat Evolved Denial of Service Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2005-05-25

Luigi Auriemma has reported a vulnerability in Halo: Combat Evolved,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/15501/

 --

[SA15494] FunkyASP AD System "password" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-05-25

Romty has reported a vulnerability in FunkyASP AD System, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/15494/

 --

[SA15493] Active News Manager Username and Password SQL Injection

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-05-25

Romty has reported a vulnerability in Active News Manager, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/15493/

 --

[SA15469] NewsletterEz "Password" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-05-24

Romty has reported a vulnerability in NewsletterEz, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/15469/

 --

[SA15443] JiRo's Statistics System "Password" SQL Injection
Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-05-23

dj romty has reported a vulnerability in JiRo's Statistics System,
which can be exploited by malicious people to conduct SQL injection
attacks.

Full Advisory:
http://secunia.com/advisories/15443/


UNIX/Linux:--

[SA15504] Red Hat update for lesstif

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-05-25

Red Hat has issued an update for lesstif. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/15504/

 --

[SA15502] Red Hat update for ethereal

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-05-25

Red Hat has issued an update for ethereal. This fixes multiple
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service) or compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/15502/

 --

[SA15461] Red Hat update for firefox

Critical:    Highly critical
Where:       From remote
Impact:      Cross Site Scripting, System access
Released:    2005-05-23

Red Hat has issued an update for firefox. This fixes two
vulnerabilities, which can be exploited by malicious people to conduct
cross-site scripting attacks and compromise a user's system.

Full Advisory:
http://secunia.com/advisories/15461/

 --

[SA15464] Red Hat update for mozilla

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-05-23

Red Hat has issued an update for mozilla. This fixes a vulnerability,
which can be exploited by malicious people to conduct cross-site
scripting attacks.

Full Advisory:
http://secunia.com/advisories/15464/

 --

[SA15462] Debian update for libconvert-uulib-perl

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2005-05-23

Debian has issued an update for libconvert-uulib-perl. This fixes a
vulnerability, which potentially can be exploited by malicious people
to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/15462/

 --

[SA15456] WebAPP APage Module Unspecified Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Unknown
Released:    2005-05-23

A vulnerability with an unknown impact has been reported in the APage
module for WebAPP.

Full Advisory:
http://secunia.com/advisories/15456/

 --

[SA15451] gxine HTTP URL Hostname Format String Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2005-05-23

jsk:exworm has reported a vulnerability in gxine, which potentially can
be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/15451/

 --

[SA15448] Cookie Cart Exposure of Order Notifications and Passwords

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of sensitive information, Exposure of system
information
Released:    2005-05-23

SoulBlack Security Research has reported a security issue in Cookie
Cart, which can be exploited by malicious people to disclose system and
sensitive information.

Full Advisory:
http://secunia.com/advisories/15448/

 --

[SA15440] Red Hat update for evolution

Critical:    Moderately critical
Where:       From remote
Impact:      Privilege escalation, System access
Released:    2005-05-20

Red Hat has issued an update for evolution. This fixes a vulnerability,
which can be exploited by malicious people to compromise a user's system
or by malicious, local users to gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/15440/

 --

[SA15439] Debian update for oops

Critical:    Moderately critical
Where:       From local network
Impact:      System access
Released:    2005-05-20

Debian has issued an update for oops. This fixes a vulnerability, which
potentially can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/15439/

 --

[SA15468] Picasm Error Handling Buffer Overflow Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      System access
Released:    2005-05-23

Shaun Colley has reported a vulnerability in Picasm, which can be
exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/15468/

 --

[SA15466] Solaris in.ftpd Wildcard Denial of Service Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2005-05-23

Sun Microsystems has acknowledged a vulnerability in Solaris, which can
be exploited by malicious users to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/15466/

 --

[SA15454] GNOME gedit Filename Format String Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      System access
Released:    2005-05-24

jsk:exworm has reported a vulnerability in gedit, which potentially can
be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/15454/

 --

[SA15447] bzip2 Decompression Denial of Service Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2005-05-23

Chris Evans has reported a vulnerability in bzip2, which can be
exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/15447/

 --

[SA15485] Fedora update for openssl

Critical:    Less critical
Where:       Local system
Impact:      Exposure of sensitive information, Privilege escalation
Released:    2005-05-24

Fedora has issued an update for openssl. This fixes two
vulnerabilities, which can be exploited by malicious, local users to
gain knowledge of sensitive information or perform certain actions with
escalated privileges.

Full Advisory:
http://secunia.com/advisories/15485/

 --

[SA15484] Fedora update for openssl096b

Critical:    Less critical
Where:       Local system
Impact:      Exposure of sensitive information
Released:    2005-05-24

Fedora has issued an update for openssl096b. This fixes a
vulnerability, which can be exploited by malicious, local users to gain
knowledge of sensitive information.

Full Advisory:
http://secunia.com/advisories/15484/

 --

[SA15480] Fedora update for kernel

Critical:    Less critical
Where:       Local system
Impact:      DoS, Privilege escalation
Released:    2005-05-24

Fedora has issued an update for the kernel. This fixes some
vulnerabilities, which can be exploited by malicious, local users to
cause a DoS (Denial of Service) or gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/15480/

 --

[SA15478] Gentoo update for qpopper

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-05-24

Gentoo has issued an update for qpopper. This fixes two
vulnerabilities, which can be exploited by malicious, local users to
perform certain actions on a vulnerable system with escalated
privileges.

Full Advisory:
http://secunia.com/advisories/15478/

 --

[SA15476] Gentoo update for net-snmp

Critical:    Less critical
Where:       Local system
Impact:      Manipulation of data, Privilege escalation
Released:    2005-05-24

Gentoo has issued an update for net-snmp. This fixes a vulnerability,
which can be exploited by malicious, local users to perform certain
actions on a vulnerable system with escalated privileges.

Full Advisory:
http://secunia.com/advisories/15476/

 --

[SA15475] Qpopper Privilege Escalation Vulnerabilities

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-05-24

Two vulnerabilities have been reported in Qpopper, which can be
exploited by malicious, local users to perform certain actions with
escalated privileges.

Full Advisory:
http://secunia.com/advisories/15475/

 --

[SA15473] Iron Bars SHell Format String Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Security Bypass, Privilege escalation
Released:    2005-05-24

A vulnerability has been reported in Iron Bars SHell, which can be
exploited by malicious, local users to bypass certain security
restrictions.

Full Advisory:
http://secunia.com/advisories/15473/

 --

[SA15471] Net-snmp fixproc Insecure Temporary File Creation

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-05-24

Eric Romang has reported a vulnerability in Net-snmp, which can be
exploited by malicious, local users to perform certain actions on a
vulnerable system with escalated privileges.

Full Advisory:
http://secunia.com/advisories/15471/

 --

[SA15467] Gentoo update for gdb

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-05-23

Gentoo has issued an update for gdb. This fixes some vulnerabilities,
which potentially can be exploited by malicious, local users to gain
escalated privileges.

Full Advisory:
http://secunia.com/advisories/15467/

 --

[SA15460] Ubuntu update for kernel

Critical:    Less critical
Where:       Local system
Impact:      Exposure of sensitive information, Privilege escalation,
DoS
Released:    2005-05-23

Ubuntu has issued an update for the kernel. This fixes multiple
vulnerabilities, which can be exploited by malicious, local users to
gain knowledge of sensitive information, cause a DoS (Denial of
Service), or gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/15460/

 --

[SA15457] Linux Kernel Hyper-Threading Support Information Disclosure

Critical:    Less critical
Where:       Local system
Impact:      Exposure of sensitive information
Released:    2005-05-23

A vulnerability has been reported in the Linux Kernel, which can be
exploited by malicious, local users to gain knowledge of sensitive
information.

Full Advisory:
http://secunia.com/advisories/15457/

 --

[SA15449] GDB Integer Overflow and Insecure Initialisation File
Handling

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-05-23

Tavis Ormandy has reported two vulnerabilities in GDB, which
potentially can be exploited by malicious, local users to gain
escalated privileges.

Full Advisory:
http://secunia.com/advisories/15449/

 --

[SA15445] Gentoo webapp-config Insecure Temporary File Creation

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-05-23

Eric Romang has reported a vulnerability in webapp-config, which can be
exploited by malicious, local users to perform certain actions with
escalated privileges.

Full Advisory:
http://secunia.com/advisories/15445/

 --

[SA15444] Debian update for ppxp

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-05-20

Debian has issued an update for ppxp. This fixes a vulnerability, which
can be exploited by malicious, local users to gain escalated
privileges.

Full Advisory:
http://secunia.com/advisories/15444/

 --

[SA15455] Ubuntu update for imagemagick

Critical:    Not critical
Where:       From remote
Impact:      DoS
Released:    2005-05-23

Ubuntu has issued an update for imagemagick. This fixes two
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/15455/

 --

[SA15453] Gentoo update for imagemagick/graphicsmagick

Critical:    Not critical
Where:       From remote
Impact:      DoS
Released:    2005-05-23

Gentoo has issued updates for imagemagick and graphicsmagick. These fix
a weakness, which can be exploited by malicious people to cause a DoS
(Denial of Service).

Full Advisory:
http://secunia.com/advisories/15453/

 --

[SA15446] GraphicsMagick XWD Decoding Denial of Service Vulnerability

Critical:    Not critical
Where:       From remote
Impact:      DoS
Released:    2005-05-23

Tavis Ormandy has reported a weakness in GraphicsMagick, which can be
exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/15446/


Other:--

[SA15472] Cisco Various Products Compressed DNS Messages Denial of
Service

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2005-05-24

A vulnerability has been reported in various Cisco products, which can
be exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/15472/

 --

[SA15463] ZyXEL ZyNOS Fragmented IP Packets Denial of Service

Critical:    Not critical
Where:       From local network
Impact:      DoS
Released:    2005-05-24

Federico Kirschbaum has reported a vulnerability in ZyXEL ZyNOS, which
can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/15463/


Cross Platform:--

[SA15486] BEA WebLogic Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, Exposure of system
information, Exposure of sensitive information, DoS
Released:    2005-05-24

Multiple vulnerabilities have been reported in WebLogic, where the most
critical can be exploited by malicious people to disclose sensitive
information and cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/15486/

 --

[SA15458] PortailPHP "id" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-05-24

Censored has reported a vulnerability in PortailPHP, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/15458/

 --

[SA15450] PostNuke Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data, Exposure of
sensitive information
Released:    2005-05-23

Maksymilian Arciemowicz has reported some vulnerabilities in PostNuke,
which can be exploited by malicious people to conduct cross-site
scripting and SQL injection attacks, and disclose sensitive
information.

Full Advisory:
http://secunia.com/advisories/15450/

 --

[SA15465] Sambar Server Cross-Site Scripting Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-05-23

Jamie Fisher has reported some vulnerabilities in Sambar Server, which
can be exploited by malicious people to conduct cross-site scripting
attacks.

Full Advisory:
http://secunia.com/advisories/15465/

 --

[SA15459] PHPMyCart Multiple Cross-Site Scripting Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-05-23

mircia and Talte Security have reported some vulnerabilities in
PHPMyCart, which can be exploited by malicious people to conduct
cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/15459/

 --

[SA15452] Blue Coat Reporter Multiple Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, Privilege
escalation
Released:    2005-05-23

Oliver Karow has reported some vulnerabilities in Blue Coat Reporter,
which can be exploited by to conduct cross-site scripting and script
insertion attacks, bypass certain security restrictions, or gain
escalated privileges.

Full Advisory:
http://secunia.com/advisories/15452/



========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Subscribe:
http://secunia.com/secunia_weekly_summary/

Contact details:
Web	: http://secunia.com/
E-mail	: support at secunia.com
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45





More information about the ISN mailing list