June 21st 2005
19 issues reported (SF)
1. RedHat Linux SysReport Proxy Information Disclosure Vulnerability
2. Multiple Vendor Telnet Client Remote Information Disclosure Vulnerability
3. Sun Java Web Start Unspecified Privilege Escalation Vulnerability
4. Iron Bars Shell Multiple Unspecified Buffer Overflow Vulnerabilities
5. Sun Java Runtime Environment Unspecified Privilege Escalation Vulnerability
6. ViRobot Linux Server Remote Buffer Overflow Vulnerability
7. PAFileDB Multiple Input Validation Vulnerabilities
8. Opera Web Browser Cross-Site Scripting Local File Disclosure Vulnerability
9. Opera Web Browser XMLHttpRequest Object Cross-Domain Access Vulnerability
10. Ultimate PHP Board Multiple Cross-Site Scripting Vulnerabilities
11. SquirrelMail Multiple Unspecified Cross-Site Scripting Vulnerabilities
12. Ultimate PHP Board Weak Password Encryption Vulnerability
13. SpamAssassin Malformed Email Header Remote Denial Of Service Vulnerability
14. SuSE Linux GPG2 S/MIME Signing Unspecified Vulnerability
15. Yaws Remote Source Code Disclosure Vulnerability
16. XAMMP Lang.PHP HTML Injection Vulnerability
17. XAMMP Lang.PHP Directory Traversal Vulnerability
18. Vipul Razor-agents Multiple Unspecified Denial Of Service Vulnerability
19. JBoss Malformed HTTP Request Remote Information Disclosure

June 23rd 2005
39 issues reported (SN)
[SA15777] SUSE update for java2
[SA15755] Gentoo update for sun-jdk/sun-jre-bin/blackdown-jdk/blackdown-jre
[SA15753] Gentoo update for peercast
[SA15750] Slackware update for sun-jdk/sun-jre
[SA15772] Fedora update for ruby
[SA15766] Gentoo update for squirrelmail
[SA15749] Sun ONE Messaging Server Unspecified Webmail Vulnerability
[SA15741] SUSE Updates for gpg2/telnet/unace/horde
[SA15740] Yaws Source Code Disclosure Vulnerability
[SA15730] Red Hat update for mc
[SA15773] Ubuntu update for tcpdump
[SA15770] cPanel cpsrvd.pl Cross-Site Scripting Vulnerability
[SA15768] Gentoo update for spamassassin/razor
[SA15754] NanoBlogger Plugins Shell Command Injection Vulnerability
[SA15751] Gentoo update for cpio
[SA15729] Red Hat update for bzip2
[SA15728] Fedora update for spamassassin
[SA15774] Ubuntu update for sudo
[SA15771] Fedora update for sudo
[SA15763] Novell NetMail File Ownership Security Issue
[SA15759] Slackware update for sudo
[SA15748] OpenBSD update for sudo
[SA15744] Sudo Arbitrary Command Execution Vulnerability
[SA15760] Avaya Products Telnet Client Information Disclosure Weakness
[SA15731] Red Hat update for gaim
[SA15767] Ruby XMLRPC Server Arbitrary Command Execution
[SA15758] MercuryBoard "User-Agent" SQL Injection Vulnerability
[SA15752] Trac Arbitrary File Upload/Download Vulnerability
[SA15735] XAMPP "lang.php" Script Insertion and Information Disclosure
[SA15732] Ultimate PHP Board Cross-Site Scripting and User Credentials Exposure
[SA15775] Gentoo update for tor
[SA15764] Tor Disclosure of Sensitive Information
[SA15739] Razor-agents Denial of Service Vulnerabilities
[SA15738] Contelligent Preview Privilege Escalation Vulnerability
[SA15737] ajax-spell Cross-Site Scripting Vulnerability
[SA15736] amaroK Web Frontend Exposure of User Credentials
[SA15742] RealVNC Information Disclosure Weakness
[SA15733] e107 Administrator Account Enumeration Weakness
[SA15746] JBoss "org.jboss.web.WebServer" Information Disclosure

June 24th 2005
31 issues reported across 3 distros (LAW)
elinks
mikmod
tcpdump
parted
system-config-securitylevel
checkpolicy
selinux-policy-targeted
spamassassin
gaim
ruby
arts
kde
sudo
gawk
util-linux
mc
pilot-link
alsa-lib
system-config-soundcard
jpilot
ImageMagick
hwdata
webapp-config
Sun and Blackdown Java Applet
PeerCast
cpio
Tor
SquirrelMail
cacti
Trac
bzip2

Security Focus

1. RedHat Linux SysReport Proxy Information Disclosure Vulnerability
BugTraq ID: 13936
Remote: Yes
Date Published: 2005-06-13
Relevant URL: http://www.securityfocus.com/bid/13936
Summary:
Sysreport is susceptible to an information disclosure vulnerability. This issue is due to a failure of the application to ensure that sensitive information is not included in its generated reports. This vulnerability may result in sending unencrypted proxy authentication usernames and passwords to potentially malicious people. This may aid them in further attacks.

2. Multiple Vendor Telnet Client Remote Information Disclosure Vulnerability
BugTraq ID: 13940
Remote: Yes
Date Published: 2005-06-14
Relevant URL: http://www.securityfocus.com/bid/13940
Summary:
Telnet clients provided by multiple vendors are susceptible to a remote information disclosure vulnerability. Any information stored in the environment of clients utilizing the affected telnet application is available for attackers to retrieve. The contents of the environment variables may be sensitive in nature, allowing attackers to gain information that may aid them in further system compromise.

3. Sun Java Web Start Unspecified Privilege Escalation Vulnerability
BugTraq ID: 13945
Remote: Yes
Date Published: 2005-06-14
Relevant URL: http://www.securityfocus.com/bid/13945
Summary:
Sun Java Web Start is susceptible to an unspecified privilege escalation vulnerability. This vulnerability allows remote, untrusted Java applications to gain elevated privileges. This allows them to read or write local files, or to execute arbitrary local applications. These actions are normally forbidden for untrusted applications running in the Java virtual machine. Further details are not available at this time. This BID will be updated as further information is disclosed.

4. Iron Bars Shell Multiple Unspecified Buffer Overflow Vulnerabilities
BugTraq ID: 13957
Remote: No
Date Published: 2005-06-14
Relevant URL: http://www.securityfocus.com/bid/13957
Summary:
Multiple unspecified buffer overflow vulnerabilities affect Iron Bars Shell. These issues are due to a failure of the application to properly validate the length of user-supplied strings prior to copying them into static process buffers. The details currently available regarding these issues are insufficient to provide an accurate technical description. It can bespeculated that these issues may be leveraged by an attacker to gain escalated privileges on a local machine. An attacker may leverage these issues to execute instructions with the privileges of the affected application.

5. Sun Java Runtime Environment Unspecified Privilege Escalation Vulnerability
BugTraq ID: 13958
Remote: Yes
Date Published: 2005-06-14
Relevant URL: http://www.securityfocus.com/bid/13958
Summary:
Sun Java Runtime Environment is susceptible to an unspecified privilege escalation vulnerability. This vulnerability allows remote, untrusted Java applications to gain elevated privileges. This allows them to read or write local files, or to execute arbitrary local applications. These actions are normally forbidden for untrusted applications running in the Java virtual machine. Further details are not available at this time. This BID will be updated as further information is disclosed.

6. ViRobot Linux Server Remote Buffer Overflow Vulnerability
BugTraq ID: 13964
Remote: Yes
Date Published: 2005-06-15
Relevant URL: http://www.securityfocus.com/bid/13964
Summary:
ViRobot Linux Server is prone to a remote buffer overflow vulnerability affecting the Web based management interface. This issue presents itself because the application fails to perform boundary checks prior to copying user-supplied data into sensitive process buffers. An attacker can unauthorized access to a vulnerable computer by supplying malformed values through cookies. This issue can lead to a complete compromise. ViRobot Linux Server 2.0 is vulnerable to this issue. Other versions may be affected as well.

7. PAFileDB Multiple Input Validation Vulnerabilities
BugTraq ID: 13967
Remote: Yes
Date Published: 2005-06-15
Relevant URL: http://www.securityfocus.com/bid/13967
Summary:
paFileDB is prone to multiple input validation vulnerabilities. The following issues are reported: Multiple SQL injection issues exist in paFileDB. The impact of these issues will vary depending on features supported by the database implementation but may be limited due to the nature of affected queries. Multiple cross-site scripting issues are also reported when passing user-supplied arguments to the 'sortby', 'filelist', and 'pages' parameters of the 'pafiledb.php' script. Exploitation of these issues may allow for compromise of the software, session hijacking, or attacks against the underlying database. Finally, paFileDB is prone to a file disclosure vulnerability. The 'action' parameter of the 'pafiledb.php' script is affected by the vulnerability.

8. Opera Web Browser Cross-Site Scripting Local File Disclosure Vulnerability
BugTraq ID: 13969
Remote: Yes
Date Published: 2005-06-16
Relevant URL: http://www.securityfocus.com/bid/13969
Summary:
Opera Web Browser is affected by a cross-site scripting vulnerability that can be leveraged to disclose local files as well. Attackers may steal cookie-based authentication credentials, disclose local files in the context of the browser and carry out other attacks. Opera Web Browser version 8.0 is prone to this issue.

9. Opera Web Browser XMLHttpRequest Object Cross-Domain Access Vulnerability
BugTraq ID: 13970
Remote: Yes
Date Published: 2005-06-16
Relevant URL: http://www.securityfocus.com/bid/13970
Summary:
Opera Web Browser is prone to an issue that allows a violation of the cross-domain security model. This issue arises due to an access validation error affecting the 'XMLHttpRequest' object. Successful exploitation may result in cookie theft, content manipulation, information disclosure or other attacks. Opera Web Browser version 8.0 is prone to this issue.

10. Ultimate PHP Board Multiple Cross-Site Scripting Vulnerabilities
BugTraq ID: 13971
Remote: Yes
Date Published: 2005-06-16
Relevant URL: http://www.securityfocus.com/bid/13971
Summary:
Ultimate PHP Board is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.

11. SquirrelMail Multiple Unspecified Cross-Site Scripting Vulnerabilities
BugTraq ID: 13973
Remote: Yes
Date Published: 2005-06-16
Relevant URL: http://www.securityfocus.com/bid/13973
Summary:
SquirrelMail is affected by multiple unspecified cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input. These issues could permit a remote attacker to create a malicious URI link that includes hostile HTML and script code. If this link were to be followed, the hostile code may be rendered in the web browser of the victim user. This would occur in the security context of the affected web site and may allow for theft of cookie-based authentication credentials or other attacks.

12. Ultimate PHP Board Weak Password Encryption Vulnerability
BugTraq ID: 13975
Remote: Yes
Date Published: 2005-06-16
Relevant URL: http://www.securityfocus.com/bid/13975
Summary:
Ultimate PHP Board is prone to a weak password encryption vulnerability. This issue is due to a failure of the application to protect passwords with a sufficiently effective encryption scheme. This issue may allow a malicious user to gain access to user and administrator passwords for the affected application.

13. SpamAssassin Malformed Email Header Remote Denial Of Service Vulnerability
BugTraq ID: 13978
Remote: Yes
Date Published: 2005-06-17
Relevant URL: http://www.securityfocus.com/bid/13978
Summary:
SpamAssassin is prone to a remote denial of service vulnerability. This issue is due to a failure of the application to properly handle overly long email headers. Further details regarding this vulnerability are currently not available. This BID will be updated as more information is disclosed. An attacker may cause SpamAssassin to take inordinate amounts of time to check a specially crafted email message. By sending many malicious messages, it may be possible for attackers to cause extremely large delays in email delivery, denying service to legitimate users.

14. SuSE Linux GPG2 S/MIME Signing Unspecified Vulnerability
BugTraq ID: 13980
Remote: Yes
Date Published: 2005-06-17
Relevant URL: http://www.securityfocus.com/bid/13980
Summary:
SuSE Linux is affected by an unspecified vulnerability related to S/MIME signing using gpg2. The cause and impact of this issue is currently unknown. Due to a lack of details, it cannot be confirmed whether this issue poses a security threat or results in an adverse affect on the functionality of the application. It is conjectured that this issue is remote in nature. SUSE Linux 9.3 is affected by this issue.

15. Yaws Remote Source Code Disclosure Vulnerability
BugTraq ID: 13981
Remote: Yes
Date Published: 2005-06-17
Relevant URL: http://www.securityfocus.com/bid/13981
Summary:
A vulnerability has been reported in Yaws that may result in the disclosure of script files' source code. Information obtained in this manner may be used by the attacker to launch further attacks against a vulnerable system. Yaws 1.55 and prior versions are affected.

16. XAMMP Lang.PHP HTML Injection Vulnerability
BugTraq ID: 13982
Remote: Yes
Date Published: 2005-06-17
Relevant URL: http://www.securityfocus.com/bid/13982
Summary:
XAMMP is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be executed in the context of the affected Web site, potentially allowing for theft of cookie-based authentication credentials. An attacker could also exploit this issue to control how the site is rendered to the user; other attacks are also possible. This issue is reported to affect the Linux distribution of XAMMP.

17. XAMMP Lang.PHP Directory Traversal Vulnerability
BugTraq ID: 13983
Remote: Yes
Date Published: 2005-06-17
Relevant URL: http://www.securityfocus.com/bid/13983
Summary:
XAMMP is prone to a directory traversal vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. A remote unauthorized user can disclose the contents of arbitrary local PHP scripts through the use of directory traversal strings '../'. Exploitation of this vulnerability could lead to a loss of confidentiality. This issue is reported to affect the Linux distribution of XAMMP.

18. Vipul Razor-agents Multiple Unspecified Denial Of Service Vulnerability
BugTraq ID: 13984
Remote: Yes
Date Published: 2005-06-17
Relevant URL: http://www.securityfocus.com/bid/13984
Summary:
Vipul Razor-agents is prone to multiple unspecified denial of service vulnerabilities. The following issues are reported:The first denial of service vulnerability exists in the discovery logic of Razor-agents. The second issue exists in the preprocessing code of Razor-agents. Both issues may be exploited to cause a denial of service for the vulnerable application.

19. JBoss Malformed HTTP Request Remote Information Disclosure Vulnerability
BugTraq ID: 13985
Remote: Yes
Date Published: 2005-06-17
Relevant URL: http://www.securityfocus.com/bid/13985
Summary:
JBoss is prone to a remote information disclosure vulnerability. The issue exists in the 'org.jboss.web.WebServer' class and is due to a lack of sufficient sanitization of user-supplied request data. Information that is harvested through leveraging of this issue may be used to aid in further attacks that are launched against the affected service.

Secunia

[SA15777] SUSE update for java2
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2005-06-22
SUSE has issued an update for java2. This fixes two vulnerabilities,
which can be exploited by malicious people to compromise a user's
system.
Full Advisory:
http://secunia.com/advisories/15777/

[SA15755] Gentoo update for
sun-jdk/sun-jre-bin/blackdown-jdk/blackdown-jre
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2005-06-20
Gentoo has issued updates for sun-jdk, sun-jre-bin, blackdown-jdk, and
blackdown-jre. These fix a vulnerability, which can be exploited by
malicious people to compromise a user's system.
Full Advisory:
http://secunia.com/advisories/15755/

[SA15753] Gentoo update for peercast
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2005-06-20
Gentoo has issued an update for peercast. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
vulnerable system.
Full Advisory:
http://secunia.com/advisories/15753/

[SA15750] Slackware update for sun-jdk/sun-jre
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2005-06-20
Slackware has issued an update for sun-jdk/sun-jre. This fixes two
vulnerabilities, which can be exploited by malicious people to
compromise a user's system.
Full Advisory:
http://secunia.com/advisories/15750/

[SA15772] Fedora update for ruby
Critical: Moderately critical
Where: From remote
Impact: Security Bypass
Released: 2005-06-22
Fedora has issued an update for ruby. This fixes a vulnerability, which
potentially can be exploited by malicious people to bypass certain
security restrictions.
Full Advisory:
http://secunia.com/advisories/15772/

[SA15766] Gentoo update for squirrelmail
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting
Released: 2005-06-22
Gentoo has issued an update for squirrelmail. This fixes several
vulnerabilities, which can be exploited by malicious people to conduct
cross-site scripting attacks.
Full Advisory:
http://secunia.com/advisories/15766/

[SA15749] Sun ONE Messaging Server Unspecified Webmail Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting
Released: 2005-06-20
A vulnerability has been reported in Sun ONE Messaging Server, which
may be exploited by malicious people to conduct script insertion
attacks.
Full Advisory:
http://secunia.com/advisories/15749/

[SA15741] SUSE Updates for gpg2/telnet/unace/hord
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting, Exposure of system information,
System access
Released: 2005-06-20
SUSE has issued updates for gpg2, telnet, unace and horde. These fix
some vulnerabilities, which can be exploited by malicious people to
gain knowledge of various information, conduct cross-site scripting
attacks and compromise a user's system.
Full Advisory:
http://secunia.com/advisories/15741/

[SA15740] Yaws Source Code Disclosure Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Exposure of sensitive information
Released: 2005-06-17
M. Eiszner has reported a vulnerability in Yaws, which can be exploited
by malicious people to gain knowledge of potentially sensitive
information.
Full Advisory:
http://secunia.com/advisories/15740/

[SA15730] Red Hat update for mc
Critical: Moderately critical
Where: From remote
Impact: Unknown, Privilege escalation, DoS
Released: 2005-06-17
Red Hat has issued an update for mc. This fixes several
vulnerabilities, which potentially can be exploited by malicious people
to cause a DoS (Denial of Service) or compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/15730/

[SA15773] Ubuntu update for tcpdump
Critical: Less critical
Where: From remote
Impact: DoS
Released: 2005-06-22
Ubuntu has issued an update for tcpdump. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).
Full Advisory:
http://secunia.com/advisories/15773/

[SA15770] cPanel cpsrvd.pl Cross-Site Scripting Vulnerability
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2005-06-22
A vulnerability has been discovered in cPanel, which can be exploited
by malicious people to conduct cross-site scripting attacks.
Full Advisory:
http://secunia.com/advisories/15770/

[SA15768] Gentoo update for spamassassin/razor
Critical: Less critical
Where: From remote
Impact: DoS
Released: 2005-06-21
Gentoo has issued updates for spamassassin and razor. These fix a
vulnerability, which can be exploited by malicious people to cause a
DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/15768/

[SA15754] NanoBlogger Plugins Shell Command Injection Vulnerability
Critical: Less critical
Where: From remote
Impact: System access
Released: 2005-06-21
A vulnerability has been reported in NanoBlogger, which potentially can
be exploited by malicious people to compromise a user's system.
Full Advisory:
http://secunia.com/advisories/15754/

[SA15751] Gentoo update for cpio
Critical: Less critical
Where: From remote
Impact: Security Bypass, Manipulation of data
Released: 2005-06-20
Gentoo has issued an update for cpio. This fixes a vulnerability, which
can be exploited by malicious people to cause files to be unpacked to
arbitrary locations on a user's system.
Full Advisory:
http://secunia.com/advisories/15751/

[SA15729] Red Hat update for bzip2
Critical: Less critical
Where: From remote
Impact: Security Bypass, Manipulation of data, DoS
Released: 2005-06-17
Red Hat has issued an update for bzip2. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).
Full Advisory:
http://secunia.com/advisories/15729/

[SA15728] Fedora update for spamassassin
Critical: Less critical
Where: From remote
Impact: DoS
Released: 2005-06-17
Fedora has issued an update for spamassassin. This fixes a
vulnerability, which can be exploited by malicious people to cause a
DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/15728/

[SA15774] Ubuntu update for sudo
Critical: Less critical
Where: Local system
Impact: Security Bypass
Released: 2005-06-22
Ubuntu has issued an update for sudo. This fixes a vulnerability, which
can be exploited by malicious, local users to execute arbitrary commands
with escalated privileges.
Full Advisory:
http://secunia.com/advisories/15774/

[SA15771] Fedora update for sudo
Critical: Less critical
Where: Local system
Impact: Security Bypass
Released: 2005-06-22
Fedora has issued an update for sudo. This fixes a vulnerability, which
can be exploited by malicious, local users to execute arbitrary commands
with escalated privileges.
Full Advisory:
http://secunia.com/advisories/15771/

[SA15763] Novell NetMail File Ownership Security Issue
Critical: Less critical
Where: Local system
Impact: Manipulation of data
Released: 2005-06-21
A security issue has been reported in NetMail, which can be exploited
by malicious, local users to delete or replace the NetMail binaries.
Full Advisory:
http://secunia.com/advisories/15763/

[SA15759] Slackware update for sudo
Critical: Less critical
Where: Local system
Impact: Security Bypass
Released: 2005-06-22
Slackware has issued an update for sudo. This fixes a vulnerability,
which can be exploited by malicious, local users to execute arbitrary
commands with escalated privileges.
Full Advisory:
http://secunia.com/advisories/15759/

[SA15748] OpenBSD update for sudo
Critical: Less critical
Where: Local system
Impact: Security Bypass
Released: 2005-06-21
OpenBSD has issued an update for sudo. This fixes a vulnerability,
which can be exploited by malicious, local users to execute arbitrary
commands with escalated privileges.
Full Advisory:
http://secunia.com/advisories/15748/

[SA15744] Sudo Arbitrary Command Execution Vulnerability
Critical: Less critical
Where: Local system
Impact: Security Bypass
Released: 2005-06-21
A vulnerability has been reported in sudo, which can be exploited by
malicious, local users to execute arbitrary commands.
Full Advisory:
http://secunia.com/advisories/15744/

[SA15760] Avaya Products Telnet Client Information Disclosure Weakness
Critical: Not critical
Where: From remote
Impact: Exposure of system information
Released: 2005-06-21
Avaya has acknowledged a weakness in the telnet client included in
certain products, which can be exploited by malicious people to gain
knowledge of certain system information.
Full Advisory:
http://secunia.com/advisories/15760/

[SA15731] Red Hat update for gaim
Critical: Not critical
Where: From remote
Impact: DoS
Released: 2005-06-17
Red Hat has issued an update for gaim. This fixes two weaknesses, which
can be exploited by malicious people to cause a DoS (Denial of
Service).
Full Advisory:
http://secunia.com/advisories/15731/

[SA15767] Ruby XMLRPC Server Arbitrary Command Execution
Critical: Moderately critical
Where: From remote
Impact: Security Bypass
Released: 2005-06-22
Nobuhiro IMAI has reported a vulnerability in Ruby, which potentially
can be exploited by malicious people to bypass certain security
restrictions.
Full Advisory:
http://secunia.com/advisories/15767/

[SA15758] MercuryBoard "User-Agent" SQL Injection Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2005-06-22
4yka has reported a vulnerability in MercuryBoard, which can be
exploited by malicious people to conduct SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/15758/

[SA15752] Trac Arbitrary File Upload/Download Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data, Exposure of sensitive information,
System access
Released: 2005-06-20
Stefan Esser has reported a vulnerability in Trac, which can be
exploited by malicious users to disclose sensitive information and
potentially compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/15752/

[SA15735] XAMPP "lang.php" Script Insertion and Information Disclosure
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting, Exposure of sensitive information
Released: 2005-06-17
A vulnerability has been reported in XAMPP, which can be exploited by
malicious people to disclose potentially sensitive information and
conduct script insertion attacks.
Full Advisory:
http://secunia.com/advisories/15735/

[SA15732] Ultimate PHP Board Cross-Site Scripting and User Credentials Exposure
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting, Exposure of sensitive information
Released: 2005-06-17
Alberto Trivero has reported some vulnerabilities and a security issue
in Ultimate PHP Board, which can be exploited by malicious people to
conduct cross-site scripting attacks and disclose sensitive
information.
Full Advisory:
http://secunia.com/advisories/15732/

[SA15775] Gentoo update for tor
Critical: Less critical
Where: From remote
Impact: Exposure of sensitive information
Released: 2005-06-22
Gentoo has issued an update for tor. This fixes a vulnerability, which
potentially can be exploited by malicious people to disclose sensitive
information.
Full Advisory:
http://secunia.com/advisories/15775/

[SA15764] Tor Disclosure of Sensitive Information
Critical: Less critical
Where: From remote
Impact: Exposure of sensitive information
Released: 2005-06-22
A vulnerability has been reported in Tor, which potentially can be
exploited by malicious people to disclose sensitive information.
Full Advisory:
http://secunia.com/advisories/15764/

[SA15739] Razor-agents Denial of Service Vulnerabilities
Critical: Less critical
Where: From remote
Impact: DoS
Released: 2005-06-17
Two vulnerabilities have been reported in Razor-agents, which can be
exploited by malicious people to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/15739/

[SA15738] Contelligent Preview Privilege Escalation Vulnerability
Critical: Less critical
Where: From remote
Impact: Privilege escalation
Released: 2005-06-17
A vulnerability has been reported in Contelligent, which can be
exploited by malicious users to gain escalated privileges.
Full Advisory:
http://secunia.com/advisories/15738/

[SA15737] ajax-spell Cross-Site Scripting Vulnerability
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2005-06-17
A vulnerability has been reported in ajax-spell, which can be exploited
by malicious people to conduct cross-site scripting attacks.
Full Advisory:
http://secunia.com/advisories/15737/

[SA15736] amaroK Web Frontend Exposure of User Credentials
Critical: Less critical
Where: From remote
Impact: Exposure of sensitive information
Released: 2005-06-17
A security issue has been reported in the amaroK Web Frontend plugin
for amaroK, which can be exploited by malicious people to disclose
potentially sensitive information.
Full Advisory:
http://secunia.com/advisories/15736/

[SA15742] RealVNC Information Disclosure Weakness
Critical: Not critical
Where: From remote
Impact: Exposure of system information
Released: 2005-06-20
class101 has reported a weakness in RealVNC, which can be exploited by
malicious people to gain knowledge of various system information.
Full Advisory:
http://secunia.com/advisories/15742/

[SA15733] e107 Administrator Account Enumeration Weakness
Critical: Not critical
Where: From remote
Impact: Exposure of system information
Released: 2005-06-17
Marc Ruef has discovered a weakness in e107, which can be exploited by
malicious people to identify valid administrator accounts.
Full Advisory:
http://secunia.com/advisories/15733/

[SA15746] JBoss "org.jboss.web.WebServer" Information Disclosure
Critical: Not critical
Where: From local network
Impact: Exposure of system information
Released: 2005-06-20
Marc Schoenefeld has reported a weakness in JBoss, which can be
exploited by malicious people to disclose system information.
Full Advisory:
http://secunia.com/advisories/15746/

Linux Advisory Watch

Distribution: Fedora

* Fedora Core 4 Update: elinks-0.10.3-3.1
16th, June, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119321

* Fedora Core 4 Update: mikmod-3.1.6-35.FC4
16th, June, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119322

* Fedora Core 4 Update: tcpdump-3.8.2-13.FC4
16th, June, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119323

* Fedora Core 4 Update: parted-1.6.22-3.FC4
16th, June, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119324

* Fedora Core 4 Update: system-config-securitylevel-1.5.8.1-1
16th, June, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119325

* Fedora Core 3 Update: checkpolicy-1.17.5-1.2
16th, June, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119327

* Fedora Core 3 Update: selinux-policy-targeted-1.17.30-3.9
16th, June, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119328

* Fedora Core 3 Update: spamassassin-3.0.4-1.fc3
16th, June, 2005
Important update for a Denial of Service vulnerability, plus more
bug fixes from upstream. More details available at:
http://wiki.apache.org/spamassassin/NextRelease
http://www.linuxsecurity.com/content/view/119332

* Fedora Core 4 Update: spamassassin-3.0.4-1.fc4
16th, June, 2005
Important update for a Denial of Service vulnerability, plus more
bug fixes from upstream. More details available at:
http://wiki.apache.org/spamassassin/NextRelease
http://www.linuxsecurity.com/content/view/119333

* Fedora Core 3 Update: gaim-1.3.1-0.fc3
16th, June, 2005
More bug and denial of service fixes.
http://www.linuxsecurity.com/content/view/119334

* Fedora Core 4 Update: gaim-1.3.1-0.fc4
16th, June, 2005
More bug and denial of service fixes.
http://www.linuxsecurity.com/content/view/119335

* Fedora Core 4 Update: ruby-1.8.2-7.fc4.1
16th, June, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119338

* Fedora Core 3 Update: ruby-1.8.2-1.fc3.2
16th, June, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119339

* Fedora Core 4 Update: arts-1.4.1-0.fc4.1
17th, June, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119342

* Fedora Core 4 Update: kdelibs-3.4.1-0.fc4.1
17th, June, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119343

* Fedora Core 4 Update: kdebase-3.4.1-0.fc4.1
17th, June, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119344

* Fedora Core 4 Update: kdemultimedia-3.4.1-0.fc4.1
17th, June, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119345

* Fedora Core 4 Update: kdesdk-3.4.1-0.fc4.1
17th, June, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119346

* Fedora Core 4 Update: kdeaccessibility-3.4.1-0.fc4.1
17th, June, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119347

* Fedora Core 4 Update: kdeaddons-3.4.1-0.fc4.1
17th, June, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119348

* Fedora Core 4 Update: kdeartwork-3.4.1-0.fc4.1
17th, June, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119349

* Fedora Core 4 Update: kdebindings-3.4.1-0.fc4.1
17th, June, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119350

* Fedora Core 4 Update: kdeedu-3.4.1-0.fc4.1
17th, June, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119351

* Fedora Core 4 Update: kdegames-3.4.1-0.fc4.1
17th, June, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119352

* Fedora Core 4 Update: kdegraphics-3.4.1-0.fc4.1
17th, June, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119353

* Fedora Core 4 Update: kdenetwork-3.4.1-0.fc4.1
17th, June, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119354

* Fedora Core 4 Update: kdepim-3.4.1-0.fc4.2
17th, June, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119355

* Fedora Core 4 Update: kdeutils-3.4.1-0.fc4.1
17th, June, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119356

* Fedora Core 4 Update: kdevelop-3.2.1-0.fc4.1
17th, June, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119357

* Fedora Core 4 Update: kdewebdev-3.4.1-0.fc4.1
17th, June, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119358

* Fedora Core 4 Update: kdeadmin-3.4.1-0.fc4.1
17th, June, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119359

* Fedora Core 4 Update: kde-i18n-3.4.1-0.fc4.1
17th, June, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119360

* Fedora Core 4 Update: util-linux-2.12p-9.5
17th, June, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119363

* Fedora Core 4 Update: sudo-1.6.8p8-2.1
17th, June, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119364

* Fedora Core 4 Update: gawk-3.1.4-5.2
17th, June, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119365

* Fedora Core 3 Update: util-linux-2.12a-24.3
17th, June, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119366

* Fedora Core 4 Update: mc-4.6.1a-0.10.FC4
20th, June, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119373

* Fedora Core 4 Update: pilot-link-0.12.0-0.pre3.0.fc4.1
20th, June, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119374

* Fedora Core 4 Update: selinux-policy-targeted-1.23.18-12
20th, June, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119375

* Fedora Core 4 Update: alsa-lib-1.0.9rf-2.FC4
21st, June, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119377

* Fedora Core 4 Update: alsa-utils-1.0.9rf-2.FC4
21st, June, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119378

* Fedora Core 4 Update: system-config-soundcard-1.2.12-2
21st, June, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119379

* Fedora Core 4 Update: jpilot-0.99.8-0.pre9.fc4.1
21st, June, 2005
This is new upstream version which is compatible with new fc4
pilot-link version.
http://www.linuxsecurity.com/content/view/119380

* Fedora Core 3 Update: ruby-1.8.2-1.fc3.3
21st, June, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119385

* Fedora Core 4 Update: ruby-1.8.2-7.fc4.2
21st, June, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119386

* Fedora Core 4 Update: ImageMagick-6.2.2.0-3.fc4.0
21st, June, 2005
The package version numbers of the ImageMagick package could
cause upgrades from FC3 to FC4 to miss the newer ImageMagick
package in FC4.
http://www.linuxsecurity.com/content/view/119387

* Fedora Core 3 Update: sudo-1.6.7p5-30.3
21st, June, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119388

* Fedora Core 4 Update: sudo-1.6.8p8-2.2
21st, June, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119389

* Fedora Core 4 Update: hwdata-0.158.1-1
22nd, June, 2005
This update adds the hisax modules to the hotplug blacklist; this
ensures they aren't loaded at boot, so that the ISDN script can load
them. This works around the problems created by the ISDN module
configuration parameters being written to /etc/sysconfig/isdncard
instead of /etc/modprobe.conf.
http://www.linuxsecurity.com/content/view/119399


Distribution: Gentoo

* Gentoo: webapp-config Insecure temporary file handling
17th, June, 2005
The webapp-config utility insecurely creates temporary files in a
world writable directory, potentially allowing the execution of
arbitrary commands.
http://www.linuxsecurity.com/content/view/119341

* Gentoo: Sun and Blackdown Java Applet privilege escalation
19th, June, 2005
Sun's and Blackdown's JDK or JRE may allow untrusted applets to
elevate their privileges.
http://www.linuxsecurity.com/content/view/119367

* Gentoo: PeerCast Format string vulnerability
19th, June, 2005
PeerCast suffers from a format string vulnerability that could allow
arbitrary code execution.
http://www.linuxsecurity.com/content/view/119368

* Gentoo: cpio Directory traversal vulnerability
19th, June, 2005
cpio contains a flaw which may allow a specially crafted cpio archive
to extract files to an arbitrary directory.
http://www.linuxsecurity.com/content/view/119370

* Gentoo: SpamAssassin 3, Vipul's Razor Denial of Service
vulnerability
21st, June, 2005
SpamAssassin and Vipul's Razor are vulnerable to a Denial of Service
attack when handling certain malformed messages.
http://www.linuxsecurity.com/content/view/119376

* Gentoo: Tor Information disclosure
21st, June, 2005
A flaw in Tor may allow the disclosure of arbitrary memory portions.
http://www.linuxsecurity.com/content/view/119390

* Gentoo: SquirrelMail Several XSS vulnerabilities
21st, June, 2005
Squirrelmail is vulnerable to several cross-site scripting
vulnerabilities which could lead to a compromise of webmail accounts.
http://www.linuxsecurity.com/content/view/119391

* Gentoo: Cacti Several vulnerabilities
22nd, June, 2005
Cacti is vulnerable to several SQL injection and file inclusion
vulnerabilities.
http://www.linuxsecurity.com/content/view/119396

* Gentoo: Trac File upload vulnerability
22nd, June, 2005
Trac may allow remote attackers to upload files, possibly leading to
the execution of arbitrary code.
http://www.linuxsecurity.com/content/view/119398

* Gentoo: sudo Arbitrary command execution
23rd, June, 2005
A vulnerability in sudo may allow local users to elevate privileges.
http://www.linuxsecurity.com/content/view/119400


Distribution: Red Hat

* RedHat: Low: bzip2 security update
16th, June, 2005
Updated bzip2 packages that fix multiple issues are now available.
This update has been rated as having low security impact by the Red
Hat Security Response Team.
http://www.linuxsecurity.com/content/view/119329

* RedHat: Moderate: mc security update
16th, June, 2005
Updated mc packages that fix several security issues are now
available for Red Hat Enterprise Linux 2.1. This update has
been rated as having moderate security impact by the Red Hat
Security Response Team.
http://www.linuxsecurity.com/content/view/119330

* RedHat: Moderate: gaim security update
16th, June, 2005
An updated gaim package that fixes two denial of service issues is
now available. This update has been rated as having moderate security
impact by the Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/119331