[ISN] Secunia Weekly Summary - Issue: 2005-44

InfoSec News isn at c4i.org
Fri Nov 4 12:10:05 EST 2005


========================================================================

                  The Secunia Weekly Advisory Summary                  
                        2005-10-27 - 2005-11-03                        

                       This week : 47 advisories                       

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing

========================================================================
1) Word From Secunia:

The Secunia staff is spending hours every day to assure you the best
and most reliable source for vulnerability information. Every single 
vulnerability report is being validated and verified before a Secunia
advisory is written.

Secunia validates and verifies vulnerability reports in many different
ways e.g. by downloading the software and performing comprehensive
tests, by reviewing source code, or by validating the credibility of
the source from which the vulnerability report was issued.

As a result, Secunia's database is the most correct and complete source
for recent vulnerability information available on the Internet.

Secunia Online Vulnerability Database:
http://secunia.com/

========================================================================
2) This Week in Brief:

A security issue has been reported in First4Internet XCP DRM software
used to playback Sony copy-protected music CDs, which can be exploited
by malicious, local users to hide certain actions on a vulnerable
system from the Administrator.

Reference:
http://secunia.com/SA17408

--

Apple has released a security update for Mac OS X, which fixes some
vulnerabilities.

A complete list and details about the vulnerabilities fixed can be
found in the referenced Secunia advisory.

Reference:
http://secunia.com/SA17368

--

Some vulnerabilities have been reported in PHP, which can be exploited
by malicious people to conduct cross-site scripting attacks, bypass
certain security restrictions, and potentially compromise a vulnerable
system.

Additional details about the vulnerabilities can be found in the
referenced Secunia advisory.

Reference:
http://secunia.com/SA17371


VIRUS ALERTS:

Secunia has not issued any virus alerts during the week.

========================================================================
3) This Weeks Top Ten Most Read Advisories:

1.  [SA17305] Skype Multiple Buffer Overflow Vulnerabilities
2.  [SA17371] PHP Multiple Vulnerabilities
3.  [SA16502] PCRE Quantifier Values Integer Overflow Vulnerability
4.  [SA12758] Microsoft Word Document Parsing Buffer Overflow
              Vulnerabilities
5.  [SA15601] Mozilla / Mozilla Firefox Frame Injection Vulnerability
6.  [SA16560] Windows Registry Editor Utility String Concealment
              Weakness
7.  [SA17358] Novell ZENworks Patch Management SQL Injection
              Vulnerability
8.  [SA17366] phpBB "register_globals" Deregistration Bypass
              Vulnerabilities
9.  [SA17351] GNUMP3d Cross-Site Scripting and Directory Traversal
              Vulnerabilities
10. [SA17384] Linux Kernel Potential Buffer Overflow Vulnerabilities

========================================================================
4) Vulnerabilities Summary Listing

Windows:
[SA17409] Serv-U FTP Server Potential Denial of Service Vulnerability
[SA17394] CheckMark MultiLedger DUNZIP32.dll Buffer Overflow
Vulnerability
[SA17387] ASP Fast Forum "error" Cross-Site Scripting Vulnerability
[SA17385] Snitz Forums 2000 "post.asp" Cross-Site Scripting
Vulnerability
[SA17383] Ringtail CaseBook Cross-Site Scripting and Username
Enumeration
[SA17379] Hyper Estraier Windows Unicode Filename Handling
Vulnerability
[SA17361] F-Secure Products Web Console Directory Traversal
Vulnerability
[SA17408] Sony CD First4Internet XCP DRM Software Security Issue

UNIX/Linux:
[SA17389] NetBSD Update Fixes Multiple Vulnerabilities
[SA17377] Gentoo update for ethereal
[SA17362] Gentoo update for mantis
[SA17360] Debian update for lynx-ssl
[SA17405] MailWatch for MailScanner Two Vulnerabilities
[SA17403] Red Hat update for curl
[SA17401] Red Hat update for openssl096b
[SA17400] Red Hat update for wget
[SA17398] Red Hat update for openssl
[SA17397] Cisco Management Center for IPS Sensors Security Issue
[SA17392] Avaya Multiple Ethereal Vulnerabilities
[SA17391] Ubuntu update for libgda2-1 / libgda2-3
[SA17381] Fedora update for openssl096b
[SA17376] OpenVPN Format String and Denial of Service Vulnerabilities
[SA17369] Gentoo update for xli / xloadimage
[SA17367] Debian update for gallery
[SA17364] Red Hat update for kernel
[SA17363] Gentoo update for tikiwiki
[SA17390] Ubuntu update for sudo
[SA17382] Ntop Red Hat Initialisation Script Insecure Temporary File
Creation
[SA17380] IBM "chcons" Command Buffer Overflow Vulnerability
[SA17368] Mac OS X Update Fixes Multiple Vulnerabilities
[SA17370] Ethereal IRC Protocol Dissector Denial of Service
[SA17402] HP OpenVMS Unspecified Denial of Service Vulnerability
[SA17399] Mandriva update for wget
[SA17384] Linux Kernel Potential Buffer Overflow Vulnerabilities
[SA17365] Gentoo update for pam

Other:
[SA17413] Cisco IOS System Timers Potential Arbitrary Code Execution
[SA17406] Cisco Wireless LAN Controllers Encryption Bypass
Vulnerability

Cross Platform:
[SA17378] Subdreamer Login SQL Injection Vulnerabilities
[SA17366] phpBB "register_globals" Deregistration Bypass
Vulnerabilities
[SA17396] News2Net "category" SQL Injection Vulnerability
[SA17375] Invision Gallery "st" SQL Injection Vulnerability
[SA17374] MG2 Disclosure of Password Protected Images
[SA17373] oaboard SQL Injection Vulnerabilities
[SA17371] PHP Multiple Vulnerabilities
[SA17404] Simple PHP Blog Cross-Site Scripting Vulnerabilities
[SA17395] Sun Java System Communications Express Configuration File
Disclosure
[SA17393] Invision Gallery Image Script Insertion Vulnerability

========================================================================
5) Vulnerabilities Content Listing

Windows:--

[SA17409] Serv-U FTP Server Potential Denial of Service Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2005-11-02

A vulnerability has been reported in Serv-U, which potentially can be
exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/17409/

 --

[SA17394] CheckMark MultiLedger DUNZIP32.dll Buffer Overflow
Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      System access
Released:    2005-10-31

Juha-Matti Laurio has reported a vulnerability in CheckMark
MultiLedger, which potentially can be exploited by malicious people to
compromise a user's system.

Full Advisory:
http://secunia.com/advisories/17394/

 --

[SA17387] ASP Fast Forum "error" Cross-Site Scripting Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-10-31

syst3m_f4ult has reported a vulnerability in ASP Fast Forum, which can
be exploited by malicious people to conduct cross-site scripting
attacks.

Full Advisory:
http://secunia.com/advisories/17387/

 --

[SA17385] Snitz Forums 2000 "post.asp" Cross-Site Scripting
Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-11-01

h4xorcrew has discovered a vulnerability in Snitz Forums 2000, which
can be exploited by malicious people to conduct cross-site scripting
attacks.

Full Advisory:
http://secunia.com/advisories/17385/

 --

[SA17383] Ringtail CaseBook Cross-Site Scripting and Username
Enumeration

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting, Exposure of system information
Released:    2005-11-01

A weakness and a vulnerability has been reported in Ringtail CaseBook,
which can be exploited by malicious people to gain knowledge of certain
information and conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/17383/

 --

[SA17379] Hyper Estraier Windows Unicode Filename Handling
Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Exposure of sensitive information, DoS
Released:    2005-10-31

A vulnerability has been reported in Hyper Estraier, which can be
exploited by malicious users to cause a DoS (Denial of Service) or to
gain knowledge of certain sensitive information.

Full Advisory:
http://secunia.com/advisories/17379/

 --

[SA17361] F-Secure Products Web Console Directory Traversal
Vulnerability

Critical:    Less critical
Where:       From local network
Impact:      Exposure of sensitive information
Released:    2005-11-02

A vulnerability has been reported in F-Secure Anti-Virus for Microsoft
Exchange and F-Secure Internet Gatekeeper, which can be exploited by
malicious people to gain knowledge of potentially sensitive
information.

Full Advisory:
http://secunia.com/advisories/17361/

 --

[SA17408] Sony CD First4Internet XCP DRM Software Security Issue

Critical:    Less critical
Where:       Local system
Impact:      Security Bypass
Released:    2005-11-02

A security issue has been reported in First4Internet XCP DRM software
used to playback Sony copy-protected music CDs, which can be exploited
by malicious, local users to hide certain actions on a vulnerable
system from the Administrator.

Full Advisory:
http://secunia.com/advisories/17408/


UNIX/Linux:--

[SA17389] NetBSD Update Fixes Multiple Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Privilege escalation, DoS, System access
Released:    2005-11-02

Some vulnerabilities have been reported in NetBSD, which can be
exploited by malicious, local users to gain escalated privileges, or by
malicious users to cause a DoS (Denial of Service) and compromise a
vulnerable system, or by malicious people to bypass certain security
restrictions and compromise a user's system.

Full Advisory:
http://secunia.com/advisories/17389/

 --

[SA17377] Gentoo update for ethereal

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-10-31

Gentoo has issued an update for ethereal. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service) or compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/17377/

 --

[SA17362] Gentoo update for mantis

Critical:    Highly critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data, System access
Released:    2005-10-28

Gentoo has issued an update for mantis. This fixes some
vulnerabilities, which can be exploited by malicious people to conduct
cross-site scripting, script insertion, and SQL injection attacks, and
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/17362/

 --

[SA17360] Debian update for lynx-ssl

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-10-28

Debian has issued an update for lynx-ssl. This fixes a vulnerability,
which can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/17360/

 --

[SA17405] MailWatch for MailScanner Two Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Unknown, Manipulation of data
Released:    2005-11-02

Two vulnerabilities have been reported in MailWatch for MailScanner,
where one has an unknown impact, and the other potentially can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/17405/

 --

[SA17403] Red Hat update for curl

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2005-11-02

Red Hat has issued an update for curl. This fixes a vulnerability,
which can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/17403/

 --

[SA17401] Red Hat update for openssl096b

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2005-11-02

Red Hat has issued an update for openssl096b. This fixes a
vulnerability, which can be exploited by malicious people to cause a
DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/17401/

 --

[SA17400] Red Hat update for wget

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2005-11-02

Red Hat has issued an update for wget. This fixes a vulnerability,
which can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/17400/

 --

[SA17398] Red Hat update for openssl

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2005-11-02

Red Hat has issued an update for openssl. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/17398/

 --

[SA17397] Cisco Management Center for IPS Sensors Security Issue

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2005-11-02

A security issue has been reported in Cisco Management Center for IPS
Sensors (IPS MC), which can be exploited by malicious people to bypass
certain security restrictions.

Full Advisory:
http://secunia.com/advisories/17397/

 --

[SA17392] Avaya Multiple Ethereal Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-10-31

Avaya has acknowledged some vulnerabilities in Ethereal included in
some products, which can be exploited by malicious people to cause a
DoS (Denial of Service) or compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/17392/

 --

[SA17391] Ubuntu update for libgda2-1 / libgda2-3

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2005-10-31

Ubuntu has issued updates for libgda2-1 and libgda2-3. These fix a
vulnerability, which potentially can be exploited by malicious people
to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/17391/

 --

[SA17381] Fedora update for openssl096b

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2005-11-01

Fedora has issued an update for openssl096b. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/17381/

 --

[SA17376] OpenVPN Format String and Denial of Service Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-11-01

Two vulnerabilities have been reported in OpenVPN, which can be
exploited by malicious people to cause a DoS (Denial of Service) and
potentially to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/17376/

 --

[SA17369] Gentoo update for xli / xloadimage

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2005-10-31

Gentoo has issued updates for xli and xloadimage. These fix a
vulnerability, which potentially can be exploited by malicious people
to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/17369/

 --

[SA17367] Debian update for gallery

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass
Released:    2005-11-02

Debian has issued an update for gallery. This fixes a security issue,
which can be exploited by malicious users to bypass certain security
restrictions.

Full Advisory:
http://secunia.com/advisories/17367/

 --

[SA17364] Red Hat update for kernel

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2005-10-28

Red Hat has issued an update for kernel. This fixes some
vulnerabilities, which can be exploited by malicious, local users to
cause a DoS (Denial of Service), or by malicious people to disclose
certain sensitive information and cause a DoS.

Full Advisory:
http://secunia.com/advisories/17364/

 --

[SA17363] Gentoo update for tikiwiki

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-10-28

Gentoo has issued an update for tikiwiki. This fixes a vulnerability,
which can be exploited by malicious people to conduct cross-site
scripting attacks.

Full Advisory:
http://secunia.com/advisories/17363/

 --

[SA17390] Ubuntu update for sudo

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-10-31

Ubuntu has issued an update for sudo. This fixes a vulnerability, which
can be exploited by malicious, local users to gain escalated
privileges.

Full Advisory:
http://secunia.com/advisories/17390/

 --

[SA17382] Ntop Red Hat Initialisation Script Insecure Temporary File
Creation

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-10-31

nnposter has reported a vulnerability in Ntop, which can be exploited
by malicious, local users to perform certain actions on a vulnerable
system with escalated privileges.

Full Advisory:
http://secunia.com/advisories/17382/

 --

[SA17380] IBM "chcons" Command Buffer Overflow Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Unknown
Released:    2005-10-31

A vulnerability has been reported in AIX, which has an unknown impact.

Full Advisory:
http://secunia.com/advisories/17380/

 --

[SA17368] Mac OS X Update Fixes Multiple Vulnerabilities

Critical:    Less critical
Where:       Local system
Impact:      Security Bypass, Exposure of system information, Exposure
of sensitive information
Released:    2005-11-01

Apple has issued an update for Mac OS X. This fixes some
vulnerabilities and a security issue, which can be exploited by
malicious, local users to bypass certain security restrictions or to
gain knowledge of potentially sensitive information.

Full Advisory:
http://secunia.com/advisories/17368/

 --

[SA17370] Ethereal IRC Protocol Dissector Denial of Service

Critical:    Not critical
Where:       From remote
Impact:      DoS
Released:    2005-10-31

Daniel Gryniewicz has reported a vulnerability in Ethereal, which
potentially can be exploited by malicious people to cause a DoS (Denial
of Service).

Full Advisory:
http://secunia.com/advisories/17370/

 --

[SA17402] HP OpenVMS Unspecified Denial of Service Vulnerability

Critical:    Not critical
Where:       Local system
Impact:      DoS
Released:    2005-11-02

A vulnerability has been reported in OpenVMS, which can be exploited by
malicious, local users to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/17402/

 --

[SA17399] Mandriva update for wget

Critical:    Not critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-11-02

Mandriva has issued an update for wget. This fixes a vulnerability,
which can be exploited by malicious, local users to perform certain
actions on a vulnerable system with escalated privileges.

Full Advisory:
http://secunia.com/advisories/17399/

 --

[SA17384] Linux Kernel Potential Buffer Overflow Vulnerabilities

Critical:    Not critical
Where:       Local system
Impact:      Unknown
Released:    2005-11-01

Two vulnerabilities have been reported in the Linux Kernel, with an
unknown impact.

Full Advisory:
http://secunia.com/advisories/17384/

 --

[SA17365] Gentoo update for pam

Critical:    Not critical
Where:       Local system
Impact:      Security Bypass
Released:    2005-10-28

Gentoo has issued an update for pam. This fixes a security issue, which
potentially can be exploited by malicious, local users to bypass certain
security restrictions.

Full Advisory:
http://secunia.com/advisories/17365/


Other:--

[SA17413] Cisco IOS System Timers Potential Arbitrary Code Execution

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2005-11-03

A vulnerability has been reported in Cisco IOS, which potentially can
be exploited by malicious people to bypass certain security
restrictions.

Full Advisory:
http://secunia.com/advisories/17413/

 --

[SA17406] Cisco Wireless LAN Controllers Encryption Bypass
Vulnerability

Critical:    Less critical
Where:       From local network
Impact:      Security Bypass
Released:    2005-11-03

A vulnerability has been reported in Cisco WLAN (Wireless LAN)
Controllers, which can be exploited by malicious people to bypass
certain security restrictions.

Full Advisory:
http://secunia.com/advisories/17406/


Cross Platform:--

[SA17378] Subdreamer Login SQL Injection Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      Manipulation of data, System access, Security Bypass
Released:    2005-10-31

RST/GHC has reported some vulnerabilities in Subdreamer, which can be
exploited by malicious people to conduct SQL injection attacks and
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/17378/

 --

[SA17366] phpBB "register_globals" Deregistration Bypass
Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, Manipulation of
data, System access
Released:    2005-10-31

Stefan Esser has reported some vulnerabilities in phpBB, which can be
exploited by malicious people to conduct cross-site scripting and SQL
injection attacks, bypass certain security restrictions, and compromise
a vulnerable system.

Full Advisory:
http://secunia.com/advisories/17366/

 --

[SA17396] News2Net "category" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-11-02

Mousehack has discovered a vulnerability in News2Net, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/17396/

 --

[SA17375] Invision Gallery "st" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-11-01

almaster has reported a vulnerability in Invision Gallery, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/17375/

 --

[SA17374] MG2 Disclosure of Password Protected Images

Critical:    Moderately critical
Where:       From remote
Impact:      Exposure of sensitive information
Released:    2005-10-31

Preben Nylokken has discovered a vulnerability in MG2, which can be
exploited by malicious people to disclose potentially sensitive
information.

Full Advisory:
http://secunia.com/advisories/17374/

 --

[SA17373] oaboard SQL Injection Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-11-01

Abducter has discovered two vulnerabilities in oaboard, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/17373/

 --

[SA17371] PHP Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, DoS, System access
Released:    2005-10-31

Some vulnerabilities have been reported in PHP, which can be exploited
by malicious people to conduct cross-site scripting attacks, bypass
certain security restrictions, and potentially compromise a vulnerable
system.

Full Advisory:
http://secunia.com/advisories/17371/

 --

[SA17404] Simple PHP Blog Cross-Site Scripting Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-11-02

Nenad Jovanovic has discovered some vulnerabilities in Simple PHP Blog,
which can be exploited by malicious people to conduct cross-site
scripting attacks.

Full Advisory:
http://secunia.com/advisories/17404/

 --

[SA17395] Sun Java System Communications Express Configuration File
Disclosure

Critical:    Less critical
Where:       From remote
Impact:      Exposure of sensitive information
Released:    2005-11-02

A vulnerability has been reported in Sun Java Communications Express,
which can be exploited by malicious users to gain knowledge of
potentially sensitive information.

Full Advisory:
http://secunia.com/advisories/17395/

 --

[SA17393] Invision Gallery Image Script Insertion Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-11-02

Tatercrispies has reported a vulnerability in Invision Gallery, which
can be exploited by malicious people to conduct script insertion
attacks.

Full Advisory:
http://secunia.com/advisories/17393/



========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Subscribe:
http://secunia.com/secunia_weekly_summary/

Contact details:
Web	: http://secunia.com/
E-mail	: support at secunia.com
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45





More information about the ISN mailing list