======================================================================== The Secunia Weekly Advisory Summary 2006-03-16 - 2006-03-23
This week : 96 advisories ======================================================================== Table of Contents: 1.....................................................Word From Secunia 2....................................................This Week In Brief 3...............................This Weeks Top Ten Most Read Advisories 4.......................................Vulnerabilities Summary Listing 5.......................................Vulnerabilities Content Listing ======================================================================== 1) Word From Secunia: The Secunia staff is spending hours every day to assure you the best and most reliable source for vulnerability information. Every single vulnerability report is being validated and verified before a Secunia advisory is written. Secunia validates and verifies vulnerability reports in many different ways e.g. by downloading the software and performing comprehensive tests, by reviewing source code, or by validating the credibility of the source from which the vulnerability report was issued. As a result, Secunia's database is the most correct and complete source for recent vulnerability information available on the Internet. Secunia Online Vulnerability Database: http://secunia.com/ ======================================================================== 2) This Week in Brief: Secunia Research has discovered a critical vulnerability in Microsoft Internet Explorer, which can be exploited by malicious people to compromise a user's system. While Secunia was coordinating disclosure with Microsoft a third party also discovered this vulnerability, however, the third party chose to immediately disclose it to various public mailing lists. Secunia then quickly issued a Highly Critical Secunia advisory regarding this to enable our customers and readers to take the appropriate actions. Currently, no solution is available from the vendor. Please read the referenced Secunia advisory for additional details. Reference: http://secunia.com/SA18680 -- ISS X-Force has reported a vulnerability in Sendmail, which can be exploited by malicious people to compromise a vulnerable system. All users are advised to update or apply available patches. Additional details can be found in the referenced Secunia advisory below. Reference: http://secunia.com/SA19342 VIRUS ALERTS: Secunia has not issued any virus alerts during the week. ======================================================================== 3) This Weeks Top Ten Most Read Advisories: 1. [SA19218] Flash Player Unspecified Code Execution Vulnerabilities 2. [SA19118] AVG Anti-Virus Updated Files Insecure File Permissions 3. [SA18680] Microsoft Internet Explorer "createTextRange()" Code Execution 4. [SA19138] Microsoft Office Multiple Code Execution Vulnerabilities 5. [SA19269] Internet Explorer Multiple Event Handlers Denial of Service Weakness 6. [SA18963] Mac OS X File Association Meta Data Shell Script Execution 7. [SA19261] OpenOffice cURL/libcURL URL Parsing Off-By-One Vulnerability 8. [SA19277] phpMyAdmin "set_theme" Cross-Site Scripting 9. [SA19265] Novell NetWare NWFTPD Potential Denial of Service Vulnerability 10. [SA19330] Linux Kernel Buffer Overflow Vulnerabilities ======================================================================== 4) Vulnerabilities Summary Listing Windows: [SA19288] MailEnable Webmail and POP3 Buffer Overflow Vulnerabilities [SA19267] Mercur Messaging IMAP Service Buffer Overflow Vulnerability [SA19292] betaparticle blog SQL Injection Vulnerabilities [SA19286] ASPPortal "downloadid" SQL Injection Vulnerability [SA19297] VPMi Enterprise "Request_Name_Display" Cross-Site Scripting [SA19296] WinHKI Multiple Archive Directory Traversal Vulnerability [SA19313] Nortel Centrex IP Client Manager Windows Privilege Escalation [SA19284] avast! Antivirus Insecure Default File Permissions [SA19282] PC-cillin Internet Security Insecure Default Directory Permissions [SA19338] Baby FTP Server File Enumeration Weakness [SA19269] Internet Explorer Multiple Event Handlers Denial of Service Weakness UNIX/Linux: [SA19368] Slackware update for sendmail [SA19367] Debian update for sendmail [SA19363] Gentoo update for sendmail [SA19362] Red Hat update for realplayer [SA19361] SUSE update for sendmail [SA19360] Sun Solaris Sendmail Signal Handling Memory Corruption [SA19356] Fedora update for sendmail [SA19349] AIX sendmail Signal Handling Memory Corruption Vulnerability [SA19346] Red Hat update for sendmail [SA19345] FreeBSD update for sendmail [SA19342] Sendmail Signal Handling Memory Corruption Vulnerability [SA19328] Gentoo update for netscape-flash [SA19304] Gentoo update for metamail [SA19291] Gentoo update for peercast [SA19276] Debian update for crossfire [SA19366] FreeBSD IPsec Sequence Number Verification Bypass [SA19354] KisMAC Cisco Vendor Tag SSID Parsing Buffer Overflow [SA19344] Gentoo update for curl [SA19335] Fedora update for curl [SA19334] Gentoo update for pngcrush [SA19301] Gentoo update for PEAR-Auth [SA19287] Trustix update for gnupg [SA19281] jabberd SASL Negotiation Denial of Service Vulnerability [SA19279] Debian update for xine-lib [SA19272] Debian update for vlc [SA19271] cURL/libcURL TFTP Protocol URL Parsing Buffer Overflow [SA19266] Debian update for ilohamail [SA19264] Debian update for kdegraphics [SA19262] QmailAdmin "PATH_INFO" Handling Buffer Overflow [SA19350] Debian update for firebird2 [SA19355] Gentoo update for php [SA19347] FreeBSD OPIE opiepasswd User Verification Vulnerability [SA19317] HP VirtualVault Apache HTTP Request Smuggling Vulnerability [SA19303] Gentoo update for crypt-cbc [SA19302] Gentoo update for heimdal [SA19300] FreeRADIUS EAP-MSCHAPv2 Authentication Bypass Vulnerability [SA19339] Debian update for kernel-patch-vserver / util-vserver [SA19336] Fedora update for beagle [SA19333] util-vserver Unknown Capabilities Handling Security Issue [SA19330] Linux Kernel Netfilter Weakness and RNDIS Buffer Overflow [SA19323] RunIt "chpst" Multiple Groups Handling Security Issue [SA19318] Debian update for snmptrapfmt [SA19316] Fedora update for xorg-x11-server [SA19311] Sun Solaris update for Xorg X Server [SA19307] X.Org X11 User Privilege Checking Security Bypass [SA19305] HP-UX usermod Recursive Ownership Change Security Issue [SA19278] Beagle "beagle-status" Command Execution Vulnerability [SA19357] Linux Kernel IPv4 "sockaddr_in.sin_zero" Information Disclosure [SA19280] Gnome Screensaver Password Bypass Vulnerability Other: [SA19337] Firepass 4100 SSL VPN "s" Cross-Site Scripting Vulnerability [SA19324] Novell NetWare NILE.NLM SSL Negotiation Vulnerabilities [SA19319] Motorola Cellular Phones Security Dialog Spoofing Vulnerability [SA19265] Novell NetWare NWFTPD Potential Denial of Service Vulnerability Cross Platform: [SA19358] RealNetworks Products Multiple Buffer Overflow Vulnerabilities [SA19353] XHP CMS "FileManager" File Upload Vulnerability [SA19352] vBulletin ImpEx Module "systempath" File Inclusion Vulnerability [SA19343] FreeWPS "ImageManager" File Upload Vulnerability [SA19320] Free Articles Directory "page" File Inclusion Vulnerability [SA19298] KnowledgebasePublisher "dir" File Inclusion Vulnerability [SA19285] PHP iCalendar File Inclusion and Calendar Upload Vulnerabilities [SA19359] AnyPortal(php) "F" Directory Traversal Vulnerability [SA19329] 1WebCalendar Multiple SQL Injection Vulnerabilities [SA19322] gCards Multiple Vulnerabilities [SA19315] phpWebsite "sid" Parameter SQL Injection [SA19314] Skull-Splitter's Download Counter for Wallpapers SQL Injection [SA19310] BEA WebLogic Server/Express Two Vulnerabilities [SA19309] webcheck Website Content Script Insertion Vulnerability [SA19290] OSWiki Username Script Insertion Vulnerability [SA19289] CuteNews "archive" Disclosure of Sensitive Information Vulnerability [SA19283] SoftBB "mail" SQL Injection Vulnerability [SA19275] Maian Support SQL Injection Vulnerabilities [SA19274] Maian Events Multiple SQL Injection Vulnerabilities [SA19273] Maian Weblog Multiple SQL Injection Vulnerabilities [SA19270] Simple PHP Blog "blog_language" Local File Inclusion [SA19263] Streber Unspecified Script Insertion Vulnerability [SA19351] AdMan "transactions_offset" SQL Injection Vulnerability [SA19340] PHP Live! "base_url" Cross-Site Scripting Vulnerability [SA19332] IBM Tivoli Business Systems Manager Cross-Site Scripting [SA19321] ExtCalendar calendar.php Cross-Site Scripting Vulnerabilities [SA19308] BEA WebLogic Portal JSR-168 Portlets Rendering Security Issue [SA19299] Invision Power Board PM Unspecified Cross-Site Scripting [SA19294] Contrexx CMS Cross-Site Scripting Vulnerability [SA19293] Woltlab Burning Board "class_db_mysql.php" Cross-Site Scripting [SA19277] phpMyAdmin "set_theme" Cross-Site Scripting [SA19268] Skull-Splitter's PHP Guestbook Cross-Site Scripting Vulnerability ======================================================================== 5) Vulnerabilities Content Listing Windows:-- [SA19288] MailEnable Webmail and POP3 Buffer Overflow Vulnerabilities Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2006-03-20 Two vulnerabilities have been reported in MailEnable, which can be exploited by malicious people to cause a DoS (Denial of Service) and to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/19288/ -- [SA19267] Mercur Messaging IMAP Service Buffer Overflow Vulnerability Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2006-03-17 Tim Taylor has discovered a vulnerability in Mercur Messaging 2005, which can be exploited by malicious people and by malicious users to cause a DoS (Denial of Service) or to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/19267/ -- [SA19292] betaparticle blog SQL Injection Vulnerabilities Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2006-03-20 Mustafa Can Bjorn has reported two vulnerabilities in betaparticle blog, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/19292/ -- [SA19286] ASPPortal "downloadid" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2006-03-21 nukedx has discovered a vulnerability in ASPPortal, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/19286/ -- [SA19297] VPMi Enterprise "Request_Name_Display" Cross-Site Scripting Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2006-03-21 Steven M. Christey has reported a vulnerability in VPMi Enterprise, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/19297/ -- [SA19296] WinHKI Multiple Archive Directory Traversal Vulnerability Critical: Less critical Where: From remote Impact: System access Released: 2006-03-20 Hamid Ebadi has discovered a vulnerability in WinHKI, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/19296/ -- [SA19313] Nortel Centrex IP Client Manager Windows Privilege Escalation Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2006-03-20 Nortel Networks has acknowledged some security issues in Centrex IP Client Manager, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/19313/ -- [SA19284] avast! Antivirus Insecure Default File Permissions Critical: Less critical Where: Local system Impact: Security Bypass, Manipulation of data, Privilege escalation Released: 2006-03-20 A security issue has been reported in avast! Antivirus, which can be exploited by malicious, local users to bypass certain security restrictions or gain escalated privileges. Full Advisory: http://secunia.com/advisories/19284/ -- [SA19282] PC-cillin Internet Security Insecure Default Directory Permissions Critical: Less critical Where: Local system Impact: Manipulation of data, Privilege escalation Released: 2006-03-22 Dominique GREGOIRE has discovered a security issue in PC-cillin Internet Security, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/19282/ -- [SA19338] Baby FTP Server File Enumeration Weakness Critical: Not critical Where: From remote Impact: Exposure of system information Released: 2006-03-23 Ziv Kamir has discovered a weakness in Baby FTP Server, which can be exploited by malicious people to enumerate files on an affected system. Full Advisory: http://secunia.com/advisories/19338/ -- [SA19269] Internet Explorer Multiple Event Handlers Denial of Service Weakness Critical: Not critical Where: From remote Impact: DoS Released: 2006-03-20 Michal Zalewski has discovered a weakness in Internet Explorer, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/19269/ UNIX/Linux:-- [SA19368] Slackware update for sendmail Critical: Highly critical Where: From remote Impact: System access Released: 2006-03-23 Slackware has issued an update for sendmail. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/19368/ -- [SA19367] Debian update for sendmail Critical: Highly critical Where: From remote Impact: System access Released: 2006-03-23 Debian has issued an update for sendmail. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/19367/ -- [SA19363] Gentoo update for sendmail Critical: Highly critical Where: From remote Impact: System access Released: 2006-03-23 Gentoo has issued an update for sendmail. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/19363/ -- [SA19362] Red Hat update for realplayer Critical: Highly critical Where: From remote Impact: System access Released: 2006-03-23 Red Hat has issued an update for RealPlayer. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/19362/ -- [SA19361] SUSE update for sendmail Critical: Highly critical Where: From remote Impact: System access Released: 2006-03-23 SUSE has issued an update for sendmail. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/19361/ -- [SA19360] Sun Solaris Sendmail Signal Handling Memory Corruption Critical: Highly critical Where: From remote Impact: System access Released: 2006-03-23 Sun has acknowledged a vulnerability in Solaris, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/19360/ -- [SA19356] Fedora update for sendmail Critical: Highly critical Where: From remote Impact: System access Released: 2006-03-23 Fedora has issued an update for sendmail. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/19356/ -- [SA19349] AIX sendmail Signal Handling Memory Corruption Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2006-03-23 IBM has acknowledged a vulnerability in sendmail in AIX, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/19349/ -- [SA19346] Red Hat update for sendmail Critical: Highly critical Where: From remote Impact: System access Released: 2006-03-23 Red Hat has issued an update for sendmail. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/19346/ -- [SA19345] FreeBSD update for sendmail Critical: Highly critical Where: From remote Impact: System access Released: 2006-03-23 FreeBSD has issued an update for sendmail. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/19345/ -- [SA19342] Sendmail Signal Handling Memory Corruption Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2006-03-23 ISS X-Force has reported a vulnerability in Sendmail, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/19342/ -- [SA19328] Gentoo update for netscape-flash Critical: Highly critical Where: From remote Impact: System access Released: 2006-03-22 Gentoo has issued an update for netscape-flash. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/19328/ -- [SA19304] Gentoo update for metamail Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2006-03-20 Gentoo has issued an update for metamail. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/19304/ -- [SA19291] Gentoo update for peercast Critical: Highly critical Where: From remote Impact: System access Released: 2006-03-21 Gentoo has issued an update for peercast. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/19291/ -- [SA19276] Debian update for crossfire Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2006-03-20 Debian has issued an update for crossfire. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/19276/ -- [SA19366] FreeBSD IPsec Sequence Number Verification Bypass Critical: Moderately critical Where: From remote Impact: Security Bypass Released: 2006-03-23 A security issue has been reported in FreeBSD, which potentially can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/19366/ -- [SA19354] KisMAC Cisco Vendor Tag SSID Parsing Buffer Overflow Critical: Moderately critical Where: From remote Impact: System access Released: 2006-03-23 Stefan Esser has reported a vulnerability in KisMAC, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/19354/ -- [SA19344] Gentoo update for curl Critical: Moderately critical Where: From remote Impact: System access Released: 2006-03-22 Gentoo has issued an update for curl. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/19344/ -- [SA19335] Fedora update for curl Critical: Moderately critical Where: From remote Impact: System access Released: 2006-03-22 Fedora has issued an update for curl. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/19335/ -- [SA19334] Gentoo update for pngcrush Critical: Moderately critical Where: From remote Impact: DoS Released: 2006-03-22 Gentoo has issued an update for pngcrush. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/19334/ -- [SA19301] Gentoo update for PEAR-Auth Critical: Moderately critical Where: From remote Impact: Security Bypass, Manipulation of data Released: 2006-03-20 Gentoo has issued an update for PEAR-Auth. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/19301/ -- [SA19287] Trustix update for gnupg Critical: Moderately critical Where: From remote Impact: Security Bypass Released: 2006-03-20 Trustix has issued an update for gnupg. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/19287/ -- [SA19281] jabberd SASL Negotiation Denial of Service Vulnerability Critical: Moderately critical Where: From remote Impact: DoS Released: 2006-03-20 A vulnerability has been reported in jabberd, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/19281/ -- [SA19279] Debian update for xine-lib Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2006-03-17 Debian has issued an update for xine-lib. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a user's system. Full Advisory: http://secunia.com/advisories/19279/ -- [SA19272] Debian update for vlc Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2006-03-17 Debian has issued an update for vlc. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a user's system. Full Advisory: http://secunia.com/advisories/19272/ -- [SA19271] cURL/libcURL TFTP Protocol URL Parsing Buffer Overflow Critical: Moderately critical Where: From remote Impact: System access Released: 2006-03-20 Ulf Harnhammar has reported a vulnerability in cURL/libcURL, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/19271/ -- [SA19266] Debian update for ilohamail Critical: Moderately critical Where: From remote Impact: Cross Site Scripting Released: 2006-03-20 Debian has issued an update for ilohamail. This fixes some vulnerabilities, which can be exploited by malicious people to conduct script insertion attacks. Full Advisory: http://secunia.com/advisories/19266/ -- [SA19264] Debian update for kdegraphics Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2006-03-20 Debian has issued an update for kdegraphics. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a user's system. Full Advisory: http://secunia.com/advisories/19264/ -- [SA19262] QmailAdmin "PATH_INFO" Handling Buffer Overflow Critical: Moderately critical Where: From remote Impact: DoS Released: 2006-03-17 A vulnerability has been reported in QmailAdmin, which potentially can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/19262/ -- [SA19350] Debian update for firebird2 Critical: Moderately critical Where: From local network Impact: DoS, System access Released: 2006-03-23 Debian has issued an update for firebird2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/19350/ -- [SA19355] Gentoo update for php Critical: Less critical Where: From remote Impact: Cross Site Scripting, System access Released: 2006-03-23 Gentoo has issued an update for php. This fixes a vulnerability, which can be exploited by malicious people to conduct HTTP response splitting attacks, potentially conduct cross-site scripting attacks, and potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/19355/ -- [SA19347] FreeBSD OPIE opiepasswd User Verification Vulnerability Critical: Less critical Where: From remote Impact: Security Bypass, Privilege escalation Released: 2006-03-23 A vulnerability has been reported in FreeBSD, which can be exploited by malicious, local users to gain escalated privileges or by malicious users to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/19347/ -- [SA19317] HP VirtualVault Apache HTTP Request Smuggling Vulnerability Critical: Less critical Where: From remote Impact: Security Bypass, Cross Site Scripting, Manipulation of data Released: 2006-03-21 HP has acknowledged a vulnerability in Virtualvault, which can be exploited by malicious people to conduct HTTP request smuggling attacks. Full Advisory: http://secunia.com/advisories/19317/ -- [SA19303] Gentoo update for crypt-cbc Critical: Less critical Where: From remote Impact: Security Bypass Released: 2006-03-20 Gentoo has issued an update for crypt-cbc. This fixes a security issue, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/19303/ -- [SA19302] Gentoo update for heimdal Critical: Less critical Where: From local network Impact: Privilege escalation Released: 2006-03-20 Gentoo has issued an update for heimdal. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/19302/ -- [SA19300] FreeRADIUS EAP-MSCHAPv2 Authentication Bypass Vulnerability Critical: Less critical Where: From local network Impact: DoS, Security Bypass Released: 2006-03-21 A vulnerability has been reported in FreeRADIUS, which can be exploited by malicious people to cause a DoS (Denial of Service) and to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/19300/ -- [SA19339] Debian update for kernel-patch-vserver / util-vserver Critical: Less critical Where: Local system Impact: Security Bypass Released: 2006-03-22 Debian has issued updates for kernel-patch-vserver and util-vserver. This fixes two security issues, which can be exploited by malicious programs to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/19339/ -- [SA19336] Fedora update for beagle Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2006-03-22 Fedora has issued an update for beagle. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges. Full Advisory: http://secunia.com/advisories/19336/ -- [SA19333] util-vserver Unknown Capabilities Handling Security Issue Critical: Less critical Where: Local system Impact: Security Bypass Released: 2006-03-22 A security issue has been reported in util-vserver, which potentially can be exploited by malicious programs to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/19333/ -- [SA19330] Linux Kernel Netfilter Weakness and RNDIS Buffer Overflow Critical: Less critical Where: Local system Impact: Unknown Released: 2006-03-22 A weakness and a vulnerability have been reported in the Linux Kernel, which have unknown impacts. Full Advisory: http://secunia.com/advisories/19330/ -- [SA19323] RunIt "chpst" Multiple Groups Handling Security Issue Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2006-03-22 Tino Keitel has reported a security issue in RunIt, which potentially can cause a process to run with escalated group privileges. Full Advisory: http://secunia.com/advisories/19323/ -- [SA19318] Debian update for snmptrapfmt Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2006-03-22 Debian has issued an update for snmptrapfmt. This fixes a vulnerability, which potentially can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges. Full Advisory: http://secunia.com/advisories/19318/ -- [SA19316] Fedora update for xorg-x11-server Critical: Less critical Where: Local system Impact: Security Bypass Released: 2006-03-21 Fedora has issued an update for xorg-x11-server. This fixes a vulnerability, which can be exploited by malicious, local users to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/19316/ -- [SA19311] Sun Solaris update for Xorg X Server Critical: Less critical Where: Local system Impact: Security Bypass Released: 2006-03-21 Sun has issued an update for Xorg X Server. This fixes a vulnerability, which can be exploited by malicious, local users to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/19311/ -- [SA19307] X.Org X11 User Privilege Checking Security Bypass Critical: Less critical Where: Local system Impact: Security Bypass Released: 2006-03-21 A vulnerability has been reported in X11, which can be exploited by malicious, local users to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/19307/ -- [SA19305] HP-UX usermod Recursive Ownership Change Security Issue Critical: Less critical Where: Local system Impact: Security Bypass Released: 2006-03-20 A security issue has been reported in HP-UX, which potentially can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/19305/ -- [SA19278] Beagle "beagle-status" Command Execution Vulnerability Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2006-03-17 James McCaw has discovered a vulnerability in Beagle, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges. Full Advisory: http://secunia.com/advisories/19278/ -- [SA19357] Linux Kernel IPv4 "sockaddr_in.sin_zero" Information Disclosure Critical: Not critical Where: Local system Impact: Exposure of sensitive information Released: 2006-03-23 Pavel Kankovsky has reported a weakness in the Linux kernel, which can be exploited by malicious, local users to disclose potentially sensitive information. Full Advisory: http://secunia.com/advisories/19357/ -- [SA19280] Gnome Screensaver Password Bypass Vulnerability Critical: Not critical Where: Local system Impact: Security Bypass Released: 2006-03-20 Sam Morris has reported a vulnerability in gnome-screensaver, which can be exploited by a malicious person with physical access to a system to bypass the password protected screensaver. Full Advisory: http://secunia.com/advisories/19280/ Other:-- [SA19337] Firepass 4100 SSL VPN "s" Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2006-03-22 ILION Research Labs has reported a vulnerability in Firepass 4100 SSL VPN, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/19337/ -- [SA19324] Novell NetWare NILE.NLM SSL Negotiation Vulnerabilities Critical: Less critical Where: From remote Impact: Security Bypass Released: 2006-03-22 Some vulnerabilities have been reported in Novell NetWare / Open Enterprise Server, which potentially can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/19324/ -- [SA19319] Motorola Cellular Phones Security Dialog Spoofing Vulnerability Critical: Less critical Where: From remote Impact: Security Bypass, Spoofing, Exposure of sensitive information Released: 2006-03-22 Kevin Finisterre has reported a vulnerability in Motorola PEBL U6 and Motorola V600, which can be exploited by malicious people to trick users into accepting certain security dialogs. Full Advisory: http://secunia.com/advisories/19319/ -- [SA19265] Novell NetWare NWFTPD Potential Denial of Service Vulnerability Critical: Less critical Where: From remote Impact: DoS Released: 2006-03-17 A vulnerability has been reported in NetWare, which potentially can be exploited by malicious users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/19265/ Cross Platform:-- [SA19358] RealNetworks Products Multiple Buffer Overflow Vulnerabilities Critical: Highly critical Where: From remote Impact: System access Released: 2006-03-23 Some vulnerabilities have been reported in various RealNetworks products, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/19358/ -- [SA19353] XHP CMS "FileManager" File Upload Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2006-03-23 rgod has discovered a vulnerability in XHP CMS, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/19353/ -- [SA19352] vBulletin ImpEx Module "systempath" File Inclusion Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2006-03-23 ReZEN has reported a vulnerability in the ImpEx module for vBulletin, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/19352/ -- [SA19343] FreeWPS "ImageManager" File Upload Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2006-03-22 alexander wilhelm has discovered a vulnerability in FreeWPS, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/19343/ -- [SA19320] Free Articles Directory "page" File Inclusion Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2006-03-22 Botan has discovered a vulnerability in Free Articles Directory, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/19320/ -- [SA19298] KnowledgebasePublisher "dir" File Inclusion Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2006-03-21 uid0 has reported a vulnerability in KnowledgebasePublisher, which potentially can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/19298/ -- [SA19285] PHP iCalendar File Inclusion and Calendar Upload Vulnerabilities Critical: Highly critical Where: From remote Impact: Exposure of sensitive information, System access Released: 2006-03-21 rgod has discovered two vulnerabilities in PHP iCalendar, which can be exploited by malicious people to disclose potentially sensitive information and to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/19285/ -- [SA19359] AnyPortal(php) "F" Directory Traversal Vulnerability Critical: Moderately critical Where: From remote Impact: System access, Exposure of sensitive information, Manipulation of data Released: 2006-03-23 Nuno Justo has discovered a vulnerability in AnyPortal(php), which can be exploited by malicious users to disclose and manipulate sensitive information, and compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/19359/ -- [SA19329] 1WebCalendar Multiple SQL Injection Vulnerabilities Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2006-03-22 r0t has discovered some vulnerabilities in 1WebCalendar, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/19329/ -- [SA19322] gCards Multiple Vulnerabilities Critical: Moderately critical Where: From remote Impact: Cross Site Scripting, Manipulation of data, Exposure of sensitive information Released: 2006-03-21 rgod has discovered multiple vulnerabilities in gcards, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose sensitive information, and conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/19322/ -- [SA19315] phpWebsite "sid" Parameter SQL Injection Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2006-03-22 DaBDouB-MoSiKaR has discovered a vulnerability in phpWebsite, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/19315/ -- [SA19314] Skull-Splitter's Download Counter for Wallpapers SQL Injection Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2006-03-20 Aliaksandr Hartsuyeu has reported some vulnerabilities in Download Counter for Wallpapers, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/19314/ -- [SA19310] BEA WebLogic Server/Express Two Vulnerabilities Critical: Moderately critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information, DoS Released: 2006-03-21 Two vulnerabilities have been reported in WebLogic Server / Express, which can be exploited by malicious people to disclose potentially sensitive information and to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/19310/ -- [SA19309] webcheck Website Content Script Insertion Vulnerability Critical: Moderately critical Where: From remote Impact: Cross Site Scripting Released: 2006-03-23 A vulnerability has been reported in webcheck, which can be exploited by malicious people to conduct script insertion attacks. Full Advisory: http://secunia.com/advisories/19309/ -- [SA19290] OSWiki Username Script Insertion Vulnerability Critical: Moderately critical Where: From remote Impact: Cross Site Scripting Released: 2006-03-22 A vulnerability has been reported in OSWiki, which can be exploited by malicious people to conduct script insertion attacks. Full Advisory: http://secunia.com/advisories/19290/ -- [SA19289] CuteNews "archive" Disclosure of Sensitive Information Vulnerability Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information Released: 2006-03-20 Hamid Ebadi has discovered a vulnerability in CuteNews, which can be exploited by malicious people to disclose sensitive information. Full Advisory: http://secunia.com/advisories/19289/ -- [SA19283] SoftBB "mail" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2006-03-20 A vulnerability has been discovered in SoftBB, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/19283/ -- [SA19275] Maian Support SQL Injection Vulnerabilities Critical: Moderately critical Where: From remote Impact: Security Bypass, Manipulation of data Released: 2006-03-17 Aliaksandr Hartsuyeu has reported two vulnerabilities in Maian Support, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/19275/ -- [SA19274] Maian Events Multiple SQL Injection Vulnerabilities Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2006-03-17 Aliaksandr Hartsuyeu has discovered multiple vulnerabilities in Maian Events, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/19274/ -- [SA19273] Maian Weblog Multiple SQL Injection Vulnerabilities Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2006-03-17 Aliaksandr Hartsuyeu has discovered multiple vulnerabilities in Maian Weblog, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/19273/ -- [SA19270] Simple PHP Blog "blog_language" Local File Inclusion Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information Released: 2006-03-20 rgod has discovered a security issue in Simple PHP Blog, which can be exploited by malicious people to disclose sensitive information. Full Advisory: http://secunia.com/advisories/19270/ -- [SA19263] Streber Unspecified Script Insertion Vulnerability Critical: Moderately critical Where: From remote Impact: Cross Site Scripting Released: 2006-03-20 A vulnerability has been reported in Streber, which potentially can be exploited by malicious people to conduct script insertion attacks. Full Advisory: http://secunia.com/advisories/19263/ -- [SA19351] AdMan "transactions_offset" SQL Injection Vulnerability Critical: Less critical Where: From remote Impact: Manipulation of data, Exposure of system information Released: 2006-03-23 r0t has reported a vulnerability in AdMan, which can be exploited by malicious users to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/19351/ -- [SA19340] PHP Live! "base_url" Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2006-03-23 K-sPecial has reported a vulnerability in PHP Live!, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/19340/ -- [SA19332] IBM Tivoli Business Systems Manager Cross-Site Scripting Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2006-03-23 A vulnerability has been reported in IBM Tivoli Business Systems Manager, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/19332/ -- [SA19321] ExtCalendar calendar.php Cross-Site Scripting Vulnerabilities Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2006-03-21 Soot has discovered some vulnerabilities in ExtCalendar, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/19321/ -- [SA19308] BEA WebLogic Portal JSR-168 Portlets Rendering Security Issue Critical: Less critical Where: From remote Impact: Exposure of sensitive information Released: 2006-03-21 A security issue has been reported in WebLogic Portal, which can be exploited by malicious users to disclose potentially sensitive information. Full Advisory: http://secunia.com/advisories/19308/ -- [SA19299] Invision Power Board PM Unspecified Cross-Site Scripting Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2006-03-22 A vulnerability has been reported in Invision Power Board, which potentially can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/19299/ -- [SA19294] Contrexx CMS Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2006-03-21 Soot has discovered a vulnerability in Contrexx CMS, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/19294/ -- [SA19293] Woltlab Burning Board "class_db_mysql.php" Cross-Site Scripting Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2006-03-20 r57shell has reported a vulnerability in Burning Board and Burning Board Lite, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/19293/ -- [SA19277] phpMyAdmin "set_theme" Cross-Site Scripting Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2006-03-17 A vulnerability has been reported in phpMyAdmin, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/19277/ -- [SA19268] Skull-Splitter's PHP Guestbook Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2006-03-17 Aliaksandr Hartsuyeu has discovered a vulnerability in Skull-Splitter's PHP Guestbook, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/19268/ ======================================================================== Secunia recommends that you verify all advisories you receive, by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Subscribe: http://secunia.com/secunia_weekly_summary/ Contact details: Web : http://secunia.com/ E-mail : [EMAIL PROTECTED] Tel : +45 70 20 51 44 Fax : +45 70 20 51 45 _________________________________ InfoSec News v2.0 - Coming Soon! http://www.infosecnews.org