LQ Security Report - April 10th 2005
April 5th 2005
19 issues handled (SF) 1. Linux Kernel Bluetooth Signed Buffer Index Vulnerability 2. Multiple Vendor Telnet Client LINEMODE Sub-Options Remote Bu... 3. Multiple Vendor Telnet Client Env_opt_add Heap-Based Buffer ... 4. Midnight Commander Insert_Text Buffer Overflow Vulnerability 5. Linux Kernel EXT2 File System Information Leak Vulnerability 6. Sylpheed MIME-Encoded Attachment Name Buffer Overflow Vulner... 7. Linux Kernel Elf Binary Loading Local Denial of Service Vuln... 8. Mailreader Remote HTML Injection Vulnerability 9. YepYep MTFTPD Remote CWD Argument Format String Vulnerabilit... 10. Linux Kernel File Lock Local Denial Of Service Vulnerability 11. GDK-Pixbuf BMP Image Processing Double Free Remote Denial of... 12. PAFileDB ID Parameter Cross-Site Scripting Vulnerability 13. BZip2 CHMod File Permission Modification Race Condition Weak... 14. Linux Kernel Futex Local Deadlock Denial Of Service Vulnerab... 15. PHP Group PHP Image File Format Remote Denial Of Service Vul... 16. PHP Group PHP Remote JPEG File Format Remote Denial Of Servi... 17. BakBone NetVault Configure.CFG Local Buffer Overflow Vulnera... 18. BakBone NetVault Remote Heap Overflow Vulnerability 19. Linux Kernel TmpFS Driver Local Denial Of Service Vulnerabil... April 7th 2005 46 issues handled (SN) [SA14819] Red Hat update for tetex [SA14816] Debian update for imagemagick [SA14807] SGI Advanced Linux Environment Multiple Updates [SA14806] Gentoo update for sylpheed / sylpheed-claws [SA14800] Mandrake update for ImageMagick [SA14791] teTeX Multiple Image Decoder Parsing Vulnerabilities [SA14855] Ubuntu update for libapache2-mod-php4/php4-cgi [SA14845] Red Hat update for curl [SA14830] Gentoo update for dnsmasq [SA14828] Slackware update for php [SA14817] Debian update for krb5 [SA14805] Gentoo update for telnet-bsd [SA14798] Ubuntu update for kernel [SA14797] SUSE update for ipsec-tools [SA14796] Mandrake update for libexif [SA14794] Mandrake update for ipsec-tools [SA14792] PHP Multiple Vulnerabilities [SA14856] AIX Unspecified NIS Client System Compromise Vulnerability [SA14826] Debian update for remstats [SA14810] remstats Insecure Temporary File Creation and Arbitrary Command Execution [SA14834] Debian update for wu-ftpd [SA14803] Mandrake update for grip [SA14799] phpMyAdmin "convcharset" Cross-Site Scripting Vulnerability [SA14795] Mandrake update for htdig [SA14847] Fedora update for mysql [SA14846] Red Hat update for mysql-server [SA14822] Conectiva update for mysql [SA14842] FreeBSD sendfile Kernel Memory Disclosure Vulnerability [SA14840] Trustix update for kernel [SA14836] SCO OpenServer nwclient Privilege Escalation Vulnerability [SA14835] SUSE update for kernel [SA14827] FreeBSD amd64 Direct Hardware Access Security Issue [SA14850] Fedora update for gaim [SA14849] Ubuntu update for gaim [SA14844] Red Hat update for gdk-pixbuf [SA14838] Ubuntu update for libgdk-pixbuf2/libgtk2.0-0 [SA14818] Red Hat update for gtk2 [SA14815] Gaim Multiple Denial of Service Weaknesses [SA14824] Ubuntu update for unshar [SA14802] AlstraSoft EPay Pro Cross-Site Scripting and Arbitrary File Inclusion [SA14814] BakBone NetVault Buffer Overflow Vulnerabilities [SA14832] PayProCart Multiple Vulnerabilities [SA14821] Mozilla Suite JavaScript Engine Information Disclosure Vulnerability [SA14820] Mozilla Firefox JavaScript Engine Information Disclosure Vulnerability [SA14804] Netscape JavaScript Engine Information Disclosure Vulnerability [SA14793] MX Shop / MX Kart SQL Injection Vulnerabilities |
April 5th 2005 (SF)
Security Focus
1. Linux Kernel Bluetooth Signed Buffer Index Vulnerability BugTraq ID: 12911 Remote: No Date Published: Mar 28 2005 Relevant URL: http://www.securityfocus.com/bid/12911 Summary: A local signed buffer index vulnerability affects the Linux kernel. This issue is due to a failure of the affected kernel to securely handle signed values when validating memory indexes. This issue may be leverage by a local attacker to gain escalated privileges on an affected computer. 2. Multiple Vendor Telnet Client LINEMODE Sub-Options Remote Bu... BugTraq ID: 12918 Remote: Yes Date Published: Mar 28 2005 Relevant URL: http://www.securityfocus.com/bid/12918 Summary: A remote buffer overflow vulnerability affects Multiple vendor's Telnet client. This issue is due to a failure of the application to properly validate the length of user-supplied strings prior to copying them into static process buffers. An attacker may exploit this issue to execute arbitrary code with the privileges of the user that activated the vulnerable application. This may facilitate unauthorized access or privilege escalation. 3. Multiple Vendor Telnet Client Env_opt_add Heap-Based Buffer ... BugTraq ID: 12919 Remote: Yes Date Published: Mar 28 2005 Relevant URL: http://www.securityfocus.com/bid/12919 Summary: Multiple vendor's Telnet client applications are reported prone to a remote buffer overflow vulnerability. It is reported that the vulnerability exists in a function 'env_opt_add()' in the 'telnet.c' source file, which is apparently common source for all of the affected vendors. A remote attacker may exploit this vulnerability to execute arbitrary code on some of the affected platforms in the context of a user that is using the vulnerable Telnet client to connect to a malicious server. 4. Midnight Commander Insert_Text Buffer Overflow Vulnerability BugTraq ID: 12928 Remote: No Date Published: Mar 29 2005 Relevant URL: http://www.securityfocus.com/bid/12928 Summary: A buffer overflow vulnerability exists in Midnight Commander. The vulnerability is caused by insufficient bounds checking of external data supplied to the 'insert_text()' function. This issue may allow local attackers to execute arbitrary code in the context of another user. 5. Linux Kernel EXT2 File System Information Leak Vulnerability BugTraq ID: 12932 Remote: No Date Published: Mar 29 2005 Relevant URL: http://www.securityfocus.com/bid/12932 Summary: The Linux kernel EXT2 filesystem handling code is reported prone to a local information leakage vulnerability. This issue may be leveraged by a local attacker to gain access to potential sensitive kernel memory. Information gained in this way may lead to further attacks against the affected computer. 6. Sylpheed MIME-Encoded Attachment Name Buffer Overflow Vulner... BugTraq ID: 12934 Remote: Yes Date Published: Mar 29 2005 Relevant URL: http://www.securityfocus.com/bid/12934 Summary: Sylpheed is prone to a buffer overflow when handling email attachments with MIME-encoded file names. Succesful exploitation may allow arbitrary code execution in the security context of the application. 7. Linux Kernel Elf Binary Loading Local Denial of Service Vuln... BugTraq ID: 12935 Remote: No Date Published: Mar 29 2005 Relevant URL: http://www.securityfocus.com/bid/12935 Summary: Linux Kernel is prone to a potential local denial of service vulnerability. It is reported that issue exists in the 'load_elf_library' function. Linux Kernel 2.6.11.5 and prior versions are affected by this issue. 8. Mailreader Remote HTML Injection Vulnerability BugTraq ID: 12945 Remote: Yes Date Published: Mar 30 2005 Relevant URL: http://www.securityfocus.com/bid/12945 Summary: A remote HTML injection vulnerability affects Mailreader. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in dynamically generated Web content. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. 9. YepYep MTFTPD Remote CWD Argument Format String Vulnerabilit... BugTraq ID: 12947 Remote: Yes Date Published: Mar 30 2005 Relevant URL: http://www.securityfocus.com/bid/12947 Summary: mtftpd is reported prone to a remote format string vulnerability. Reports indicate that this issue may be exploited by a remote authenticated attacker to execute arbitrary code in the context of the vulnerable service. This vulnerability is reported to affect mtftpd versions up to an including version 0.0.3. 10. Linux Kernel File Lock Local Denial Of Service Vulnerability BugTraq ID: 12949 Remote: No Date Published: Mar 30 2005 Relevant URL: http://www.securityfocus.com/bid/12949 Summary: A local denial of service vulnerability reportedly affects the Linux kernel. This issue arises due to a failure of the kernel to properly handle malicious, excessive file locks. An attacker may leverage this issue to crash or hang the affected kernel and deny service to legitimate users. It should be noted that Symantec has been unable to reproduce this issue after testing. It is possible that this vulnerability is linked to the reporter's specific configuration. More information will be added as it becomes available. 11. GDK-Pixbuf BMP Image Processing Double Free Remote Denial of... BugTraq ID: 12950 Remote: Yes Date Published: Mar 30 2005 Relevant URL: http://www.securityfocus.com/bid/12950 Summary: gdk-pixbuf library is reported prone to a denial of service vulnerability. This issue arises due to a double free condition. It is reported that this vulnerability presents itself when an application that is linked against the library handles malformed Bitmap (.bmp) image files. A successful attack may result in a denial of service condition. It is not confirmed whether this vulnerability could be leveraged to execute arbitrary code. gdk-pixbuf 0.22.0 and gtk2 2.4.14 packages are known to be vulnerable to this issue. It is likely that other versions are affected as well. This BID will be updated when more information becomes available. 12. PAFileDB ID Parameter Cross-Site Scripting Vulnerability BugTraq ID: 12952 Remote: Yes Date Published: Mar 31 2005 Relevant URL: http://www.securityfocus.com/bid/12952 Summary: paFileDB is reported prone to a cross-site scripting vulnerability. The vulnerability presents itself when an attacker supplies malicious HTML and script code through the 'id' parameter. This may allow for theft of cookie-based authentication credentials or other attacks. paFileDB 3.1 and prior versions are affected by this vulnerability. This issue may be related to BID 12788 (PAFileDB Multiple SQL Injection And Cross-Site Scripting Vulnerabilities) and BID 12758 (PHP Arena PAFileDB Multiple Remote Cross Site Scripting Vulnerabilities). This BID will be retired or updated upon further analysis. 13. BZip2 CHMod File Permission Modification Race Condition Weak... BugTraq ID: 12954 Remote: No Date Published: Mar 31 2005 Relevant URL: http://www.securityfocus.com/bid/12954 Summary: bzip2 is reported prone to a security weakness, the issue is only present when an archive is extracted into a world or group writeable directory. It is reported that bzip2 employs non-atomic procedures to write a file and later change the permissions on the newly extracted file. A local attacker may leverage this issue to modify file permissions of target files. This weakness is reported to affect bzip2 version 1.0.2 and previous versions. 14. Linux Kernel Futex Local Deadlock Denial Of Service Vulnerab... BugTraq ID: 12959 Remote: No Date Published: Mar 31 2005 Relevant URL: http://www.securityfocus.com/bid/12959 Summary: The Linux kernel futex functions are reported prone to a local denial of service vulnerability. The issue is reported to manifest because several unspecified futex functions perform 'get_user()' calls and at the same time hold mmap_sem for reading purposes. A local attacker may potentially leverage this issue to trigger a kernel deadlock and potentially deny service for legitimate users. This vulnerability is reported to exist in the 2.6 Linux kernel tree. 15. PHP Group PHP Image File Format Remote Denial Of Service Vul... BugTraq ID: 12962 Remote: Yes Date Published: Apr 01 2005 Relevant URL: http://www.securityfocus.com/bid/12962 Summary: A remote denial of service vulnerability affects PHP Group PHP. This issue is due to a failure of the application to properly handle maliciously formed Image Format File (IFF) image files. It should be noted that this vulnerability can only be exploited remotely if a Web based PHP application is implemented that allows user-supplied images to be processed by the 'getimagesize()' function. The 'getimagesize()' is commonly implemented in PHP Web applications that allow for the display of images. An attacker may leverage this issue to cause the affected script interpreter to consume excessive processing resources on an affected computer, leading to a denial of service condition. 16. PHP Group PHP Remote JPEG File Format Remote Denial Of Servi... BugTraq ID: 12963 Remote: Yes Date Published: Apr 01 2005 Relevant URL: http://www.securityfocus.com/bid/12963 Summary: A remote denial of service vulnerability affects PHP Group PHP. This issue is due to a failure of the application to properly handle maliciously crafted JPEG image files. It should be noted that this vulnerability can only be exploited remotely if a Web based PHP application is implemented that allows user-supplied images to be processed by the 'getimagesize()' function. The 'getimagesize()' is commonly implemented in PHP Web applications that allow for the display of images. An attacker may leverage this issue to cause the affected script interpreter to consume excessive processing resources on an affected computer, leading to a denial of service condition. 17. BakBone NetVault Configure.CFG Local Buffer Overflow Vulnera... BugTraq ID: 12966 Remote: No Date Published: Apr 01 2005 Relevant URL: http://www.securityfocus.com/bid/12966 Summary: NetVault is reported prone to a local buffer overflow vulnerability. It is reported that a local attacker can exploit this vulnerability by supplying excessive data through a variable in the 'configure.cfg' file. A successful attack can allow local attackers to execute arbitrary code on a vulnerable computer to gain elevated privileges. This issue has been confirmed in NetVault 7 packages running on Windows platforms. Other versions of NetVault running on different platforms may be affected as well. 18. BakBone NetVault Remote Heap Overflow Vulnerability BugTraq ID: 12967 Remote: Yes Date Published: Apr 01 2005 Relevant URL: http://www.securityfocus.com/bid/12967 Summary: NetVault is reported prone to a remote heap overflow vulnerability. A successful attack can allow remote attackers to execute arbitrary code on a vulnerable computer to gain unauthorized access. This issue has been confirmed in NetVault 7 packages running on Windows platforms. Other versions of NetVault running on different platforms may be affected as well. 19. Linux Kernel TmpFS Driver Local Denial Of Service Vulnerabil... BugTraq ID: 12970 Remote: No Date Published: Apr 01 2005 Relevant URL: http://www.securityfocus.com/bid/12970 Summary: The Linux kernel is reported prone to a local denial of service vulnerability. The issue is reported to exist in the Linux kernel tmpfs driver, and is because of a lack of sanitization performed on the address argument of 'shm_nopage()'. |
April 7th 2005 (SN)
Secunia
[SA14819] Red Hat update for tetex Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2005-04-04 Red Hat has issued an update for tetex. This fixes multiple vulnerabilities, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a user's system. Full Advisory: http://secunia.com/advisories/14819/ [SA14816] Debian update for imagemagick Critical: Highly critical Where: From remote Impact: System access Released: 2005-04-04 Debian has issued an update for imagemagick. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/14816/ [SA14807] SGI Advanced Linux Environment Multiple Updates Critical: Highly critical Where: From remote Impact: Security Bypass, Cross Site Scripting, Spoofing, DoS, System access Released: 2005-04-06 SGI has issued a patch for SGI Advanced Linux Environment. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting and spoofing attacks, cause a DoS (Denial of Service), and compromise a user's system. Full Advisory: http://secunia.com/advisories/14807/ [SA14806] Gentoo update for sylpheed / sylpheed-claws Critical: Highly critical Where: From remote Impact: System access Released: 2005-04-04 Gentoo has issued updates for sylpheed and sylpheed-claws. These fix a vulnerability, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/14806/ [SA14800] Mandrake update for ImageMagick Critical: Highly critical Where: From remote Impact: System access Released: 2005-04-04 MandrakeSoft has issued an update for ImageMagick. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/14800/ [SA14791] teTeX Multiple Image Decoder Parsing Vulnerabilities Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2005-04-04 Some vulnerabilities have been reported in tetex, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a user's system. Full Advisory: http://secunia.com/advisories/14791/ [SA14855] Ubuntu update for libapache2-mod-php4/php4-cgi Critical: Moderately critical Where: From remote Impact: DoS Released: 2005-04-06 Ubuntu has issued updates for libapache2-mod-php4 and php4-cgi. These fix two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14855/ [SA14845] Red Hat update for curl Critical: Moderately critical Where: From remote Impact: System access Released: 2005-04-06 Red Hat has issued an update for curl. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/14845/ [SA14830] Gentoo update for dnsmasq Critical: Moderately critical Where: From remote Impact: Spoofing, Manipulation of data, DoS Released: 2005-04-05 Gentoo has issued an update for dnsmasq. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or poison the DNS cache. Full Advisory: http://secunia.com/advisories/14830/ [SA14828] Slackware update for php Critical: Moderately critical Where: From remote Impact: Unknown, DoS Released: 2005-04-06 Slackware has issued an update for php. This fixes some vulnerabilities, where some have an unknown impact and others can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14828/ [SA14817] Debian update for krb5 Critical: Moderately critical Where: From remote Impact: System access Released: 2005-04-04 Debian has issued an update for krb5. This fixes two vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14817/ [SA14805] Gentoo update for telnet-bsd Critical: Moderately critical Where: From remote Impact: System access Released: 2005-04-04 Gentoo has issued an update for telnet-bsd. This fixes two vulnerabilities, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/14805/ [SA14798] Ubuntu update for kernel Critical: Moderately critical Where: From remote Impact: Hijacking, Exposure of system information, Exposure of sensitive information, Privilege escalation, DoS, System access Released: 2005-04-04 Ubuntu has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited to disclose information, cause a DoS (Denial of Service), gain escalated privileges, or potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14798/ [SA14797] SUSE update for ipsec-tools Critical: Moderately critical Where: From remote Impact: DoS Released: 2005-04-01 SUSE has issued an update for ipsec-tools. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14797/ [SA14796] Mandrake update for libexif Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2005-04-01 Mandrakesoft has issued an update for libexif. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14796/ [SA14794] Mandrake update for ipsec-tools Critical: Moderately critical Where: From remote Impact: DoS Released: 2005-04-01 MandrakeSoft has issued an update for ipsec-tools. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14794/ [SA14792] PHP Multiple Vulnerabilities Critical: Moderately critical Where: From remote Impact: Unknown, DoS Released: 2005-04-01 Multiple vulnerabilities have been reported in PHP, where some have an unknown impact and others can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14792/ [SA14856] AIX Unspecified NIS Client System Compromise Vulnerability Critical: Moderately critical Where: From local network Impact: Privilege escalation, System access Released: 2005-04-06 A vulnerability has been reported in AIX, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14856/ [SA14826] Debian update for remstats Critical: Moderately critical Where: From local network Impact: Privilege escalation, System access Released: 2005-04-05 Debian has issued an update for remstats. This fixes two vulnerabilities, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges and by malicious people to potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14826/ [SA14810] remstats Insecure Temporary File Creation and Arbitrary Command Execution Critical: Moderately critical Where: From local network Impact: Privilege escalation, System access Released: 2005-04-05 Jens Steube has reported two vulnerabilities in remstats, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges, and by malicious people to potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14810/ [SA14834] Debian update for wu-ftpd Critical: Less critical Where: From remote Impact: DoS Released: 2005-04-05 Debian has issued an update for wu-ftpd. This fixes two vulnerabilities, which can be exploited by malicious users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14834/ [SA14803] Mandrake update for grip Critical: Less critical Where: From remote Impact: System access Released: 2005-04-04 MandrakeSoft has issued an update for grip. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/14803/ [SA14799] phpMyAdmin "convcharset" Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2005-04-04 Oriol Torrent Santiago has reported a vulnerability in phpMyAdmin, allowing malicious people to conduct cross-site scripting attack. Full Advisory: http://secunia.com/advisories/14799/ [SA14795] Mandrake update for htdig Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2005-04-01 Mandrakesoft has issued an update for htdig. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/14795/ [SA14847] Fedora update for mysql Critical: Less critical Where: From local network Impact: Privilege escalation, System access Released: 2005-04-06 Fedora has issued an update for mysql. This fixes two vulnerabilities, which potentially can be exploited by malicious users to compromise a vulnerable system and by malicious, local users to perform certain actions on a vulnerable system with escalated privileges. Full Advisory: http://secunia.com/advisories/14847/ [SA14846] Red Hat update for mysql-server Critical: Less critical Where: From local network Impact: Privilege escalation, System access Released: 2005-04-06 Red Hat has issued an update for mysql-server. This fixes two vulnerabilities, which potentially can be exploited by malicious users to compromise a vulnerable system and by malicious, local users to perform certain actions on a vulnerable system with escalated privileges. Full Advisory: http://secunia.com/advisories/14846/ [SA14822] Conectiva update for mysql Critical: Less critical Where: From local network Impact: Privilege escalation, System access Released: 2005-04-05 Conectiva has issued an update for mysql. This fixes two vulnerabilities, which potentially can be exploited by malicious users to compromise a vulnerable system and by malicious, local users to perform certain actions on a vulnerable system with escalated privileges. Full Advisory: http://secunia.com/advisories/14822/ [SA14842] FreeBSD sendfile Kernel Memory Disclosure Vulnerability Critical: Less critical Where: Local system Impact: Exposure of system information, Exposure of sensitive information Released: 2005-04-06 Sven Berkvens and Marc Olzheim have reported a vulnerability in FreeBSD, which can be exploited by malicious, local users to gain knowledge of sensitive information. Full Advisory: http://secunia.com/advisories/14842/ [SA14840] Trustix update for kernel Critical: Less critical Where: Local system Impact: Exposure of system information, Exposure of sensitive information, Privilege escalation, DoS Released: 2005-04-06 Trustix has issued an update for kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose information, cause a DoS (Denial of Service), or gain escalated privileges. Full Advisory: http://secunia.com/advisories/14840/ [SA14836] SCO OpenServer nwclient Privilege Escalation Vulnerability Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-04-06 Pasquale Minervini has reported a vulnerability in SCO OpenServer, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/14836/ [SA14835] SUSE update for kernel Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-04-05 SUSE has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/14835/ [SA14827] FreeBSD amd64 Direct Hardware Access Security Issue Critical: Less critical Where: Local system Impact: Security Bypass Released: 2005-04-06 Jari Kirma has reported a security issue in FreeBSD, which can be exploited by malicious, local users to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/14827/ [SA14850] Fedora update for gaim Critical: Not critical Where: From remote Impact: DoS Released: 2005-04-06 Fedora has issued an update for gaim. This fixes three weaknesses, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14850/ [SA14849] Ubuntu update for gaim Critical: Not critical Where: From remote Impact: DoS Released: 2005-04-06 Ubuntu has issued an update for gaim. This fixes two weaknesses, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14849/ [SA14844] Red Hat update for gdk-pixbuf Critical: Not critical Where: From remote Impact: DoS Released: 2005-04-06 Red Hat has issued an update for gdk-pixbuf. This fixes a vulnerability, which can be exploited by malicious people to crash certain applications on a vulnerable system. Full Advisory: http://secunia.com/advisories/14844/ [SA14838] Ubuntu update for libgdk-pixbuf2/libgtk2.0-0 Critical: Not critical Where: From remote Impact: DoS Released: 2005-04-06 Ubuntu has issued updates for libgdk-pixbuf2 and libgtk2.0-0. These fix a vulnerability, which can be exploited by malicious people to crash certain applications on a vulnerable system. Full Advisory: http://secunia.com/advisories/14838/ [SA14818] Red Hat update for gtk2 Critical: Not critical Where: From remote Impact: DoS Released: 2005-04-04 Red Hat has issued an update for gtk2. This fixes a vulnerability, which can be exploited by malicious people to crash certain applications on a vulnerable system. Full Advisory: http://secunia.com/advisories/14818/ [SA14815] Gaim Multiple Denial of Service Weaknesses Critical: Not critical Where: From remote Impact: DoS Released: 2005-04-06 Three weaknesses have been reported in Gaim, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/14815/ [SA14824] Ubuntu update for unshar Critical: Not critical Where: Local system Impact: Privilege escalation Released: 2005-04-05 Ubuntu has issued an update for unshar. This fixes a vulnerability, which potentially can be exploited by malicious, local users to conduct certain actions on a vulnerable system with escalated privileges. Full Advisory: http://secunia.com/advisories/14824/ [SA14802] AlstraSoft EPay Pro Cross-Site Scripting and Arbitrary File Inclusion Critical: Highly critical Where: From remote Impact: Cross Site Scripting, System access Released: 2005-04-04 Diabolic Crab has reported some vulnerabilities in AlstraSoft EPay Pro, which can be exploited by malicious people to conduct cross-site scripting attacks and compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14802/ [SA14814] BakBone NetVault Buffer Overflow Vulnerabilities Critical: Highly critical Where: From local network Impact: System access Released: 2005-04-05 class101 has reported some vulnerabilities in BakBone NetVault, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/14814/ [SA14832] PayProCart Multiple Vulnerabilities Critical: Moderately critical Where: From remote Impact: Security Bypass, Cross Site Scripting, Exposure of sensitive information Released: 2005-04-05 Diabolic Crab has reported some vulnerabilities in PayProCart, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose sensitive information, and bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/14832/ [SA14821] Mozilla Suite JavaScript Engine Information Disclosure Vulnerability Critical: Moderately critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information Released: 2005-04-04 A vulnerability has been discovered in Mozilla Suite, which can be exploited by malicious people to gain knowledge of potentially sensitive information. Full Advisory: http://secunia.com/advisories/14821/ [SA14820] Mozilla Firefox JavaScript Engine Information Disclosure Vulnerability Critical: Moderately critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information Released: 2005-04-04 A vulnerability has been discovered in Mozilla Firefox, which can be exploited by malicious people to gain knowledge of potentially sensitive information. Full Advisory: http://secunia.com/advisories/14820/ [SA14804] Netscape JavaScript Engine Information Disclosure Vulnerability Critical: Moderately critical Where: From remote Impact: Exposure of system information, Exposure of sensitive information Released: 2005-04-05 A vulnerability has been discovered in Netscape, which can be exploited by malicious people to gain knowledge of potentially sensitive information. Full Advisory: http://secunia.com/advisories/14804/ [SA14793] MX Shop / MX Kart SQL Injection Vulnerabilities Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2005-04-01 Diabolic Crab has reported some vulnerabilities in MX Shop and MX Kart, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/14793/ |
All times are GMT -5. The time now is 11:44 PM. |