[ISN] Secunia Weekly Summary - Issue: 2005-43

InfoSec News isn at c4i.org
Fri Oct 28 02:34:04 EDT 2005


========================================================================

                  The Secunia Weekly Advisory Summary                  
                        2005-10-20 - 2005-10-27                        

                       This week : 47 advisories                       

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing

========================================================================
1) Word From Secunia:

The Secunia staff is spending hours every day to assure you the best
and most reliable source for vulnerability information. Every single 
vulnerability report is being validated and verified before a Secunia
advisory is written.

Secunia validates and verifies vulnerability reports in many different
ways e.g. by downloading the software and performing comprehensive
tests, by reviewing source code, or by validating the credibility of
the source from which the vulnerability report was issued.

As a result, Secunia's database is the most correct and complete source
for recent vulnerability information available on the Internet.

Secunia Online Vulnerability Database:
http://secunia.com/

========================================================================
2) This Week in Brief:

Some vulnerabilities have been reported in Skype, which can be
exploited by malicious people to cause a DoS or to compromise a user's
system.

All users of Skype are advised to update to the latest version.

Reference:
http://secunia.com/SA17305

--

A security issue has been reported in Symantec Discovery, which
potentially can be exploited by malicious people to gain access to, or
to manipulate certain information.

The vendor has released updated versions. Please see the referenced
Secunia advisory for additional details.

Reference:
http://secunia.com/SA17302


VIRUS ALERTS:

Secunia has not issued any virus alerts during the week.

========================================================================
3) This Weeks Top Ten Most Read Advisories:

1.  [SA17305] Skype Multiple Buffer Overflow Vulnerabilities
2.  [SA11762] Opera Browser Favicon Displaying Address Bar Spoofing
              Vulnerability
3.  [SA17250] Oracle Products 85 Unspecified Vulnerabilities
4.  [SA17220] Snort Back Orifice Pre-Processor Buffer Overflow
              Vulnerability
5.  [SA15601] Mozilla / Mozilla Firefox Frame Injection Vulnerability
6.  [SA16560] Windows Registry Editor Utility String Concealment
              Weakness
7.  [SA12758] Microsoft Word Document Parsing Buffer Overflow
              Vulnerabilities
8.  [SA17281] RSA Authentication Agent for Web "Redirect" Buffer
              Overflow
9.  [SA17284] Debian update for mozilla-thunderbird
10. [SA17254] Ethereal Multiple Protocol Dissector and PCRE
              Vulnerabilities

========================================================================
4) Vulnerabilities Summary Listing

Windows:
[SA17301] eBASEweb Unspecified SQL Injection Vulnerability

UNIX/Linux:
[SA17284] Debian update for mozilla-thunderbird
[SA17335] SGI Advanced Linux Environment Multiple Updates
[SA17332] Debian update for koffice
[SA17327] Red Hat update for ethereal
[SA17305] Skype Multiple Buffer Overflow Vulnerabilities
[SA17288] Trustix update for multiple packages
[SA17286] Fedora update for ethereal
[SA17339] Debian update for libgda2
[SA17325] CHM Lib Buffer Overflow Vulnerability
[SA17323] GNOME-DB libgda Logging Functions Format String
Vulnerabilities
[SA17320] SUSE update for curl/wget
[SA17317] F.E.A.R. Lithtech Engine UDP Datagram Denial of Service
[SA17313] HP Oracle for Openview Multiple Vulnerabilities
[SA17309] Gentoo update for zope
[SA17298] Gentoo update for phpmyadmin
[SA17297] Gentoo update for curl
[SA17285] Mandriva update for ruby
[SA17321] Network Appliance Data ONTAP iSCSI Authentication Bypass
[SA17331] RSA ACE/Agent for Web "image" Cross-Site Scripting
Vulnerability
[SA17314] Basic Analysis and Security Engine SQL Injection
Vulnerability
[SA17287] Fedora update for squid
[SA17322] Debian update for sudo
[SA17318] Sudo Environment Cleaning Privilege Escalation Vulnerability
[SA17299] mgdiff Patch Viewer Insecure Temporary File Creation
[SA17293] Fetchmail "fetchmailconf" Password Disclosure Vulnerability
[SA17290] SUSE update for permissions

Other:


Cross Platform:
[SA17328] PHP iCalendar "phpicalendar" File Inclusion Vulnerability
[SA17330] Snoopy "_httpsrequest()" Shell Command Injection
Vulnerability
[SA17324] TClanPortal "id" SQL Injection Vulnerability
[SA17315] PHP-Nuke SQL Injection Vulnerabilities
[SA17312] PHP-Fusion "news_body" Script Insertion Vulnerability
[SA17310] archilles Newsworld "data" Exposure of Sensitive Information
[SA17308] SaphpLesson "forumid" SQL Injection Vulnerability
[SA17307] ar-blog Script Insertion and Authentication Bypass
Vulnerabilities
[SA17306] Zomplog Cross-Site Scripting and SQL Injection
Vulnerabilities
[SA17304] Nuked-Klan Script Insertion and SQL Injection
Vulnerabilities
[SA17303] MWChat "Username" SQL Injection Vulnerability
[SA17300] Xoops Multiple Script Insertion Vulnerabilities
[SA17292] AL-Caricatier "cookie_username" Authentication Bypass
Vulnerability
[SA17291] FlatNuke Cross-Site Scripting and Disclosure of Sensitive
Information
[SA17289] phpMyAdmin Local File Inclusion and Cross-Site Scripting
[SA17302] Symantec Discovery Database Accounts Null Password
[SA17319] IBM HTTP Server HTTP Request Smuggling Vulnerability
[SA17316] Flyspray Cross-Site Scripting Vulnerabilities
[SA17295] phpBB Avatar Script Insertion Vulnerability
[SA17283] Chipmunk Directory "entryID" Cross-Site Scripting
Vulnerability

========================================================================
5) Vulnerabilities Content Listing

Windows:--

[SA17301] eBASEweb Unspecified SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-10-24

A vulnerability has been reported in eBASEweb, which can be exploited
by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/17301/


UNIX/Linux:--

[SA17284] Debian update for mozilla-thunderbird

Critical:    Extremely critical
Where:       From remote
Impact:      Security Bypass, Spoofing, Manipulation of data, System
access
Released:    2005-10-21

Debian has issued an update for mozilla-thunderbird. This fixes some
vulnerabilities, which can be exploited by malicious people to conduct
spoofing attacks, manipulate certain data, bypass certain security
restrictions, and compromise a user's system.

Full Advisory:
http://secunia.com/advisories/17284/

 --

[SA17335] SGI Advanced Linux Environment Multiple Updates

Critical:    Highly critical
Where:       From remote
Impact:      Security Bypass, Exposure of sensitive information,
Privilege escalation, System access
Released:    2005-10-26

SGI has issued a patch for SGI Advanced Linux Environment. This fixes
some vulnerabilities, which can be exploited by malicious, local users
to gain escalated privileges and by malicious people to gain knowledge
of sensitive information, bypass certain security restrictions and
compromise a user's system.

Full Advisory:
http://secunia.com/advisories/17335/

 --

[SA17332] Debian update for koffice

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-10-26

Debian has issue an update for koffice. This fixes a vulnerability,
which can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/17332/

 --

[SA17327] Red Hat update for ethereal

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-10-26

Red Hat has issued an update for ethereal. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service) or compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/17327/

 --

[SA17305] Skype Multiple Buffer Overflow Vulnerabilities

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-10-25

Some vulnerabilities have been reported in Skype, which can be
exploited by malicious people to cause a DoS or to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/17305/

 --

[SA17288] Trustix update for multiple packages

Critical:    Highly critical
Where:       From remote
Impact:      Unknown, Security Bypass, Cross Site Scripting,
Manipulation of data, Privilege escalation, DoS, System access
Released:    2005-10-24

Trustix has issued updates for multiple packages. These fix some
vulnerabilities, where the most critical ones can be exploited by
malicious people to cause a DoS (Denial of Service) and compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/17288/

 --

[SA17286] Fedora update for ethereal

Critical:    Highly critical
Where:       From remote
Impact:      DoS, System access
Released:    2005-10-21

Fedora has issued an update for ethereal. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service) or compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/17286/

 --

[SA17339] Debian update for libgda2

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2005-10-26

Debian has issued an update for libgda2. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
user's system.

Full Advisory:
http://secunia.com/advisories/17339/

 --

[SA17325] CHM Lib Buffer Overflow Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2005-10-26

Sven Tantau has reported a vulnerability in CHM Lib (chmlib), which
potentially can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/17325/

 --

[SA17323] GNOME-DB libgda Logging Functions Format String
Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2005-10-26

Steve Kemp has reported two vulnerabilities in GNOME-DB libgda, which
potentially can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/17323/

 --

[SA17320] SUSE update for curl/wget

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2005-10-25

SUSE has issued updates for curl and wget. These fix a vulnerability,
which can be exploited by malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/17320/

 --

[SA17317] F.E.A.R. Lithtech Engine UDP Datagram Denial of Service

Critical:    Moderately critical
Where:       From remote
Impact:      DoS
Released:    2005-10-24

Luigi Auriemma has reported a vulnerability in F.E.A.R. (First
Encounter Assault and Recon), which can be exploited by malicious
people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/17317/

 --

[SA17313] HP Oracle for Openview Multiple Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Unknown, Cross Site Scripting, Manipulation of data,
System access
Released:    2005-10-25

HP has acknowledged some vulnerabilities in HP OfO (Oracle for
Openview), which can be exploited with unknown impact, to conduct
PL/SQL injection attacks, cross-site scripting attacks, or potentially
to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/17313/

 --

[SA17309] Gentoo update for zope

Critical:    Moderately critical
Where:       From remote
Impact:      Unknown
Released:    2005-10-25

Gentoo has issued an update for zope. This fixes a vulnerability with
an unknown impact.

Full Advisory:
http://secunia.com/advisories/17309/

 --

[SA17298] Gentoo update for phpmyadmin

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Exposure of sensitive information
Released:    2005-10-25

Gentoo has issued an update for phpmyadmin. This fixes two
vulnerabilities, which can be exploited by malicious people to conduct
cross-site scripting attacks and disclose sensitive information.

Full Advisory:
http://secunia.com/advisories/17298/

 --

[SA17297] Gentoo update for curl

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2005-10-24

Gentoo has issued an update for curl. This fixes a vulnerability, which
can be exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/17297/

 --

[SA17285] Mandriva update for ruby

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2005-10-21

Mandriva has issued an update for ruby. This fixes a vulnerability,
which can be exploited by malicious people to bypass certain security
restrictions.

Full Advisory:
http://secunia.com/advisories/17285/

 --

[SA17321] Network Appliance Data ONTAP iSCSI Authentication Bypass

Critical:    Moderately critical
Where:       From local network
Impact:      Security Bypass
Released:    2005-10-25

Thomas H. Ptacek has reported a vulnerability in Network Appliance Data
ONTAP, which can be exploited by malicious people to bypass certain
security restrictions.

Full Advisory:
http://secunia.com/advisories/17321/

 --

[SA17331] RSA ACE/Agent for Web "image" Cross-Site Scripting
Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-10-26

SEC Consult has reported a vulnerability in RSA ACE/Agent for Web,
which can be exploited by malicious people to conduct cross-site
scripting attacks.

Full Advisory:
http://secunia.com/advisories/17331/

 --

[SA17314] Basic Analysis and Security Engine SQL Injection
Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-10-25

Remco Verhoef has discovered a vulnerability in Basic Analysis and
Security Engine (BASE), which can be exploited by malicious users to
conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/17314/

 --

[SA17287] Fedora update for squid

Critical:    Less critical
Where:       From remote
Impact:      DoS
Released:    2005-10-21

Fedora has issued an update for squid. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

Full Advisory:
http://secunia.com/advisories/17287/

 --

[SA17322] Debian update for sudo

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-10-26

Debian has issued an update for sudo. This fixes a vulnerability, which
can be exploited by malicious, local users to gain escalated
privileges.

Full Advisory:
http://secunia.com/advisories/17322/

 --

[SA17318] Sudo Environment Cleaning Privilege Escalation Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-10-25

Tavis Ormandy has reported a vulnerability in Sudo, which can be
exploited by malicious, local users to gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/17318/

 --

[SA17299] mgdiff Patch Viewer Insecure Temporary File Creation

Critical:    Less critical
Where:       Local system
Impact:      Privilege escalation
Released:    2005-10-24

Javier Fernandez-Sanguino Pena has reported a vulnerability in mgdiff
Patch Viewer, which can be exploited by malicious, local users to
perform certain actions on a vulnerable system with escalated
privileges.

Full Advisory:
http://secunia.com/advisories/17299/

 --

[SA17293] Fetchmail "fetchmailconf" Password Disclosure Vulnerability

Critical:    Less critical
Where:       Local system
Impact:      Exposure of sensitive information
Released:    2005-10-24

A vulnerability has been reported in Fetchmail, which can be exploited
by malicious, local users to gain knowledge of certain sensitive
information.

Full Advisory:
http://secunia.com/advisories/17293/

 --

[SA17290] SUSE update for permissions

Critical:    Less critical
Where:       Local system
Impact:      Security Bypass
Released:    2005-10-24

SUSE has issued an update for permissions. This fixes a vulnerability,
which can be exploited by malicious, local users to bypass certain
security restrictions.

Full Advisory:
http://secunia.com/advisories/17290/


Other:


Cross Platform:--

[SA17328] PHP iCalendar "phpicalendar" File Inclusion Vulnerability

Critical:    Highly critical
Where:       From remote
Impact:      System access
Released:    2005-10-26

Francesco "aScii" Ongaro has discovered a vulnerability in PHP
iCalendar, which can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/17328/

 --

[SA17330] Snoopy "_httpsrequest()" Shell Command Injection
Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      System access
Released:    2005-10-26

Daniel Fabian has discovered a vulnerability in Snoopy, which can be
exploited by malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/17330/

 --

[SA17324] TClanPortal "id" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-10-25

Abducter has discovered a vulnerability in TClanPortal, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/17324/

 --

[SA17315] PHP-Nuke SQL Injection Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-10-25

rgod has discovered some vulnerabilities in PHP-Nuke, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/17315/

 --

[SA17312] PHP-Fusion "news_body" Script Insertion Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-10-25

peanut has discovered a vulnerability in PHP-Fusion, which can be
exploited by malicious people to conduct script insertion attacks.

Full Advisory:
http://secunia.com/advisories/17312/

 --

[SA17310] archilles Newsworld "data" Exposure of Sensitive Information

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Exposure of system information, Exposure
of sensitive information
Released:    2005-10-25

Christoph "Chb" Burchert has discovered a security issue in archilles
Newsworld, which can be exploited by malicious people to disclose
sensitive information.

Full Advisory:
http://secunia.com/advisories/17310/

 --

[SA17308] SaphpLesson "forumid" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-10-25

aLMaSTeR has reported a vulnerability in SaphpLesson, which can be
exploited by malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/17308/

 --

[SA17307] ar-blog Script Insertion and Authentication Bypass
Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting
Released:    2005-10-25

_MoHaJaLi_ has reported two vulnerabilities in ar-blog, which can be
exploited by malicious people to conduct script insertion attacks and
bypass certain security restrictions.

Full Advisory:
http://secunia.com/advisories/17307/

 --

[SA17306] Zomplog Cross-Site Scripting and SQL Injection
Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data
Released:    2005-10-24

BiPi_HaCk has discovered some vulnerabilities in Zomplog, which can be
exploited by malicious people to conduct cross-site scripting and SQL
injection attacks.

Full Advisory:
http://secunia.com/advisories/17306/

 --

[SA17304] Nuked-Klan Script Insertion and SQL Injection
Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Manipulation of data
Released:    2005-10-25

papipsycho has reported some vulnerabilities in Nuked-Klan, which can
be exploited by malicious people to conduct script insertion and SQL
injection attacks.

Full Advisory:
http://secunia.com/advisories/17304/

 --

[SA17303] MWChat "Username" SQL Injection Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Manipulation of data
Released:    2005-10-24

rgod has reported a vulnerability in MWChat, which can be exploited by
malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/17303/

 --

[SA17300] Xoops Multiple Script Insertion Vulnerabilities

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-10-25

Keigo Yamazaki has reported some vulnerabilities in Xoops, which can be
exploited by malicious people to conduct script insertion attacks.

Full Advisory:
http://secunia.com/advisories/17300/

 --

[SA17292] AL-Caricatier "cookie_username" Authentication Bypass
Vulnerability

Critical:    Moderately critical
Where:       From remote
Impact:      Security Bypass
Released:    2005-10-24

God Of Death has discovered a vulnerability in AL-Caricatier, which can
be exploited by malicious people to bypass certain security
protections.

Full Advisory:
http://secunia.com/advisories/17292/

 --

[SA17291] FlatNuke Cross-Site Scripting and Disclosure of Sensitive
Information

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Exposure of sensitive information
Released:    2005-10-24

Abducter has discovered some vulnerabilities in FlatNuke, which can be
exploited by malicious people to conduct cross-site scripting attacks
and disclose sensitive information.

Full Advisory:
http://secunia.com/advisories/17291/

 --

[SA17289] phpMyAdmin Local File Inclusion and Cross-Site Scripting

Critical:    Moderately critical
Where:       From remote
Impact:      Cross Site Scripting, Exposure of sensitive information
Released:    2005-10-24

Two vulnerabilities have been reported in phpMyAdmin, which can be
exploited by malicious people to conduct cross-site scripting attacks
and disclose sensitive information.

Full Advisory:
http://secunia.com/advisories/17289/

 --

[SA17302] Symantec Discovery Database Accounts Null Password

Critical:    Moderately critical
Where:       From local network
Impact:      Manipulation of data, Exposure of sensitive information
Released:    2005-10-25

A security issue has been reported in Symantec Discovery, which
potentially can be exploited by malicious people to gain access to, or
to manipulate certain information.

Full Advisory:
http://secunia.com/advisories/17302/

 --

[SA17319] IBM HTTP Server HTTP Request Smuggling Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Security Bypass, Cross Site Scripting, Manipulation of
data
Released:    2005-10-25

IBM has acknowledged a vulnerability in IBM HTTP server, which can be
exploited by malicious people to conduct HTTP request smuggling
attacks.

Full Advisory:
http://secunia.com/advisories/17319/

 --

[SA17316] Flyspray Cross-Site Scripting Vulnerabilities

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-10-26

Lostmon has reported some vulnerabilities in Flyspray, which can be
exploited by malicious people to conduct cross-site scripting attacks.

Full Advisory:
http://secunia.com/advisories/17316/

 --

[SA17295] phpBB Avatar Script Insertion Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-10-24

K-Gen has discovered a vulnerability in phpBB, which can be exploited
by malicious people to conduct script insertion attacks.

Full Advisory:
http://secunia.com/advisories/17295/

 --

[SA17283] Chipmunk Directory "entryID" Cross-Site Scripting
Vulnerability

Critical:    Less critical
Where:       From remote
Impact:      Cross Site Scripting
Released:    2005-10-21

trueend5 has discovered a vulnerability in Chipmunk Directory, which
can be exploited by malicious people to conduct cross-site scripting
attacks.

Full Advisory:
http://secunia.com/advisories/17283/



========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Subscribe:
http://secunia.com/secunia_weekly_summary/

Contact details:
Web	: http://secunia.com/
E-mail	: support at secunia.com
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45





More information about the ISN mailing list