RE: [Full-Disclosure] Weekly Vulnerability Summary, Week 41 2003

[Mortis]

 SINTRAQ Weekly Summary
 Week 41, 2003

 Created for you by SINTELLI, the definitive
 source of IT security intelligence.

Hello SINTRAQ:

Keep up the great work.  You guys rock!

I am having trouble signing myself off of your mailing list.
I was hoping you would help me out.

It seems like I got signed up under
[EMAIL PROTECTED]  The funny thing is I
never even signed up.  One of my friends must be pranking
me.  Sorry for the annoyance and waste of your time.

Can you remove [EMAIL PROTECTED] from your
mailing list?  I would send the unsubscribe myself, but this
is a special read-only mailbox.

Don't worry - I'm already signed up from my other address so
I'll be sure to get your summaries and advertisements.

Thanks so much.
--
And so death passed upon all men,
Mortis

___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

[Full-Disclosure] Weekly Vulnerability Summary, Week 41 2003

[Sintelli SINTRAQ]

SINTRAQ Weekly Summary
Week 41, 2003

Created for you by SINTELLI, the definitive source of IT security
intelligence.

Welcome to the latest edition of SINTRAQ Weekly Summary. Information on how
to manage your subscription can be found at the bottom of the newsletter. If
you have any problems or questions, please e-mail us at
[EMAIL PROTECTED]


PDF version : http://www.sintelli.com/sinweek/week41-2003.pdf

=

Highlights:
This week is Week 41 plus elements of Week 40, so the dates covered by this
summary are 02 October - 13October.  The reason for this is Microsoft
surprised everyone by released MS03-40 on the evening of 03 October, thus we
thought it would be more useful to incorporate it into Week 41.  Whilst
still on Microsoft there are two publicly available exploits for MS03-39
available at the K-otik web site:

http://www.k-otik.com/exploits/10.09.rpcdcom3.c.php
http://www.k-otik.com/exploits/10.09.rpcunshell.asm.php

Other items of note this week are multiple vulnerabilities in Adobe SVG,
Peoplesoft and Hummingbird Cyberdocs.

Until next week,
-- SINTELLI Research
www.sintelli.com


***Advertisement***

Looking for a better way to manage your IP security?
Learn how Solsoft can help you:
- Ensure robust IP security through policy-based management
- Make firewall, VPN, and NAT rules interoperable across heterogeneous
networks
- Quickly respond to network events from a central console Download our FREE
whitepaper at:

http://www.solsoft.com/whitepaper_sintelli

***Advertisement***


TABLE OF CONTENTS:

SID-2003-3467 [ Adobe ] Adobe SVG Viewer Active Scripting Bypass
SID-2003-3470 [ Adobe ] Adobe SVG Viewer Cross Domain and Zone Access
SID-2003-3469 [ Adobe ] Adobe SVG Viewer Local and Remote File Reading
SID-2003-3501 [ aziem ] prayerboard_db.php cross-site scripting
vulnerability
SID-2003-3495 [ Centrinity ] FirstClass Denial of Service Vulnerability
SID-2003-3522 [ Compaq ] HP Tru64 dtmailpr Unspecified Flaw
SID-2003-3472 [ Conexant Systems ] Conexant Access Runner DSL Console login
bypass vulnerability
SID-2003-3464 [ divine ] Divine OpenMarket Content Server XSS Vulnerability
SID-2003-3471 [ EFS Software ] Easy File Sharing Web Server Vulnerabilities
SID-2003-3481 [ EternalMart ] EternalMart Guestbook Execution of Arbitrary
Code
SID-2003-3480 [ EternalMart ] EternalMart Mailing List Manager Vulnerability
SID-2003-3497 [ freeguppy.org ] GuppY Cross Site Scripting and Files
Read/Write Vulnerabilities
SID-2003-3504 [ HP ] HP OVOW Unauthorised admin access
SID-2003-3505 [ HP ] HP SCM Unauthorised Access
SID-2003-3486 [ HP ] HPUX dtprintinfo buffer overflow vulnerability
SID-2003-3508 [ Hummingbird ] Hummingbird CyberDOCS error page installation
path disclosure
SID-2003-3509 [ Hummingbird ] Hummingbird CyberDOCS insecure file
permissions vulnerability
SID-2003-3507 [ Hummingbird ] Hummingbird CyberDOCS multiple cross-site
scripting vulnerabilities
SID-2003-3506 [ Hummingbird ] Hummingbird CyberDOCS SQL injection
SID-2003-3474 [ JBoss Group ] JBoss Remote Command Injection Vulnerability
SID-2003-3465 [ Juan Cespedes ] ltrace 'Library Call Tracer' Heap Overflow
SID-2003-3494 [ Kevin Lindsay ] slocate heap overflow
SID-2003-3516 [ Microsoft ] Buffer Overflow in Microsoft Word Macros
SID-2003-3482 [ Microsoft ] Microsoft Internet Explorer XML data binding
vulnerability
SID-2003-3503 [ Microsoft ] Microsoft Windows Media Player DHTML Local Zone
Access
SID-2003-3499 [ Microsoft ] Microsoft Windows PostThreadMessage API process
termination
SID-2003-3487 [ Microsoft ] Microsoft Windows Server 2003 Shell Folders
Directory Traversal
SID-2003-3489 [ muziqpakistan.net ] File inclusion vulnerability in PayPal
Store Front
SID-2003-3485 [ NetScreen ] Netscreen Leakage of Sensitive Information via
DHCP Offer
SID-2003-3483 [ OpenOffice.org ] Openoffice Denial of service Vulnerability
SID-2003-3468 [ Peoplesoft ] PeopleSoft Grid Option Vulnerability
SID-2003-3493 [ Peoplesoft ] PeopleSoft Information Disclosure Vulnerability
SID-2003-3490 [ Peoplesoft ] PeopleSoft Longchar and Varchar Data Upload
Vulnerability
SID-2003-3488 [ PHP-Nuke ] PHP-Nuke 6.6 SQL Injection
SID-2003-3478 [ PHP-Nuke ] PHP-Nuke 6.7 Arbitrary File Upload
SID-2003-3517 [ Planet ] Undocumented Superuser Account in Planet WGSD-1020
Switch
SID-2003-3492 [ S.u.S.E. ] SuSE Linux javarunt symlink attack
SID-2003-3491 [ S.u.S.E. ] SuSE Linux susewm symlink attack
SID-2003-3520 [ scripts4webmasters.com ] TRACKtheCLICK Script Injection
Vulnerabilities
SID-2003-3496 [ SNAP Innovation ] SNAP Innovations PrimeBase Database
Vulnerability
SID-2003-3521 [ SourceForge.net ] Gallery 1.4 file inclusion vulnerability
SID-2003-3484 [ SSH Communications Security ] SSH Vulnerability in BER
Decoding
SID-2003-3479 [ Sun ] Sun Cobalt RaQ Control Panel Cross-Site Scripting
SID-2003-3502 [ Techfirm ]