May 27th 2005
17 issues reported (SF)
1. PServ Symbolic Link Information Disclosure Vulnerability
2. PostNuke Blocks Module Directory Traversal Vulnerability
3. PServ Remote Source Code Disclosure Vulnerability
4. Mozilla Suite And Firefox Multiple Script Manager Security B...
5. Pserv Directory Traversal Vulnerability
6. Mozilla Suite And Firefox DOM Property Overrides Code Execut...
7. Pserv completedPath Remote Buffer Overflow Vulnerability
8. Multiple Linux Kernel IOCTL Handlers Local Memory Corruption...
9. bzip2 Remote Denial of Service Vulnerability
10. MySQL mysql_install_db Insecure Temporary File Creation Vuln...
11. Cheetah Local Privilege Escalation Vulnerability
12. Linux Kernel 64 Bit EXT3 Filesystem Extended Attribute Denia...
13. PPXP Local Privilege Escalation Vulnerability
14. NetWin SurgeMail Multiple Unspecified Input Validation Vulne...
15. GDB Multiple Vulnerabilities
16. Gedit Filename Format String Vulnerability
17. ImageMagick And GraphicsMagick XWD Decoder Denial Of Service...

June 2nd 2005
43 issues reported (SN)
[SA15579] Conectiva update for php4
[SA15529] Gentoo update for mailutils
[SA15528] Ubuntu update for mozilla-firefox
[SA15574] Red Hat update for gnutls
[SA15523] NewLife Blogger Unspecified SQL Injection Vulnerabilities
[SA15514] SGI IRIX update for telnet
[SA15513] Red Hat update for imagemagick
[SA15576] Red Hat update for postgresql
[SA15570] Mandriva update for postgresql
[SA15525] HP-UX Unspecified Security Bypass Vulnerability
[SA15578] Conectiva update for gftp
[SA15533] qmail Memory Corruption Vulnerability
[SA15526] HP-UX ICMP Message Handling Denial of Service
[SA15577] Red Hat update for openssl
[SA15575] Trustix update for binutils
[SA15554] Mandriva update for gdb
[SA15544] Fast n Furious DtDNS Updater Command Line Argument Disclosure
[SA15527] Ubuntu update for binutils/binutils-multiarch
[SA15524] Ubuntu update for gdb
[SA15512] Red Hat update for kernel
[SA15530] Fedora update for imagemagick
[SA15542] Clam AntiVirus on Mac OS X Privilege Escalation Vulnerability
[SA15537] PowerDownload "incdir" File Inclusion Vulnerability
[SA15536] PeerCast URL Format String Vulnerability
[SA15519] C'Nedra "READ_TCP_STRING()" Buffer Overflow Vulnerability
[SA15510] PHP Poll Creator "relativer_pfad" File Inclusion Vulnerability
[SA15569] Calendarix Advanced SQL Injection Vulnerabilities
[SA15558] I-Man File Attachments Upload Vulnerability
[SA15555] Qualiteam X-Cart Gold SQL Injection Vulnerabilities
[SA15552] MyBulletinBoard Multiple Vulnerabilities
[SA15550] ezUserManager Script Insertion and SQL Injection
[SA15538] FreeStyle Wiki Attachments Script Insertion Vulnerability
[SA15535] Ettercap "curses_msg()" Format String Vulnerability
[SA15534] phpThumb() "src" Exposure of Sensitive Information
[SA15532] NPDS Multiple Vulnerabilities
[SA15521] Hosting Controller "UserProfile.asp" Authentication Bypass
[SA15517] WordPress "cat_ID" SQL Injection Vulnerability
[SA15516] PHPstat "check" Authentication Bypass Vulnerability
[SA15562] Symantec Brightmail AntiSpam Static Database Password
[SA15547] Jaws "term" Cross-Site Scripting Vulnerability
[SA15543] PHPMailer "Data()" Denial of Service Vulnerability
[SA15518] NikoSoft WebMail Unspecified Cross-Site Scripting Vulnerability
[SA15545] Invision Power Board Privilege Escalation Vulnerability

June 3rd 2005
13 issues reported across 4 distros (LAW)
qpopper
PHP4
bzip2
ImageMagick
system-config-netboot
system-config-bind
netpbm
gxine
Mailutils
Binutils/elfutils
gnutls
postgresql
openSSL

Security Focus

1. PServ Symbolic Link Information Disclosure Vulnerability
BugTraq ID: 13634
Remote: No
Date Published: May 16 2005
Relevant URL: http://www.securityfocus.com/bid/13634
Summary:
pServ is prone to an information disclosure vulnerability through symbolic link files. This occurs because the application will follow symbolic links to files outside the Web root. This issue was reported to affect pServ 3.2 and 3.3; other versions are likely vulnerable.

2. PostNuke Blocks Module Directory Traversal Vulnerability
BugTraq ID: 13636
Remote: Yes
Date Published: May 16 2005
Relevant URL: http://www.securityfocus.com/bid/13636
Summary:
PostNuke Blocks module is affected by a directory traversal vulnerability. The problem presents itself when an attacker passes a name for a target file, along with directory traversal sequences, to the affected application. An attacker may leverage this issue to disclose arbitrary files on an affected computer. It was also reported that an attacker can supply NULL bytes with a target file name. This may aid in other attacks such as crashing the server.

3. PServ Remote Source Code Disclosure Vulnerability
BugTraq ID: 13638
Remote: Yes
Date Published: May 16 2005
Relevant URL: http://www.securityfocus.com/bid/13638
Summary:
pServ is affected by a remote source code disclosure vulnerability. When handling a specially-crafted URI request, the application discloses the source code of scripts in the 'cgi-bin' directory. Information gathered through this attack could be used to launch further attacks against a system.

4. Mozilla Suite And Firefox Multiple Script Manager Security B...
BugTraq ID: 13641
Remote: Yes
Date Published: May 16 2005
Relevant URL: http://www.securityfocus.com/bid/13641
Summary:
Multiple issues exist in Mozilla Suite and Firefox. These issues allow attackers to bypass security checks in the script security manager. Security checks in the script security manager are designed to prevent script injection vulnerabilities. An attacker sending certain undisclosed JavaScript in 'view-source:', and 'jar:' pseudo protocol URIs, may bypass these security checks. An undisclosed, nested URI, as well as a variant of BID 13216 are reportedly also able to bypass security checks. These vulnerabilities allow remote attackers to execute script code with elevated privileges, leading to the installation and execution of malicious applications on an affected computer. Cross-site scripting, and other attacks are also likely possible. The vendor has not provided enough information to determine how many specific instances of the issue were addressed, and has not clarified whether or not they have addressed a single general vulnerability or multiple specific vulnerabilities. This BID may be split into its separate issues as further information is disclosed. Further details are scheduled to be released in the future. This BID will be updated at that time.

5. Pserv Directory Traversal Vulnerability
BugTraq ID: 13642
Remote: Yes
Date Published: May 16 2005
Relevant URL: http://www.securityfocus.com/bid/13642
Summary:
pServ is prone to a directory traversal vulnerability. This occurs because the application does not implement a proper method for filtering directory traversal sequences from URIs. Since this can be done from the cgi-bin directory, it is possible to execute commands to which the Web server has permission. This issue was reported to affect pServ version 3.2; earlier versions are like vulnerable.

6. Mozilla Suite And Firefox DOM Property Overrides Code Execut...
BugTraq ID: 13645
Remote: Yes
Date Published: May 16 2005
Relevant URL: http://www.securityfocus.com/bid/13645
Summary:
Mozilla Suite and Mozilla Firefox are affected by a code execution vulnerability. This issue is due to a failure in the application to properly verify Document Object Model (DOM) property values. An attacker may leverage this issue to execute arbitrary code with the privileges of the user that activated the vulnerable Web browser, ultimately facilitating a compromise of the affected computer. This issue is reportedly a variant of BID 13233. Further details are scheduled to be released in the future, and this BID will be updated accordingly.

7. Pserv completedPath Remote Buffer Overflow Vulnerability
BugTraq ID: 13648
Remote: Yes
Date Published: May 16 2005
Relevant URL: http://www.securityfocus.com/bid/13648
Summary:
pServ is prone to a remotely exploitable buffer overflow vulnerability. The issue occurs because proper boundary checks are not performed allowing an internal buffer to be overrun. This vulnerability could potentially be exploited to execute arbitrary code in the context of the Web server. This issue was fixed in pServ 3.3; earlier versions are likely vulnerable.

8. Multiple Linux Kernel IOCTL Handlers Local Memory Corruption...
BugTraq ID: 13651
Remote: No
Date Published: May 17 2005
Relevant URL: http://www.securityfocus.com/bid/13651
Summary:
The Linux kernel raw device and pktcdvd block device ioctl handlers are reported prone to local kernel-based memory corruption vulnerabilities. The issues manifest due to a lack of sanity checks performed on argument values that are passed to the 'raw_ioctl()' and 'pkt_ioctl()' functions. A local attacker, that has read access to a sufficient block device, may leverage this memory corruption to execute arbitrary attacker-supplied code in the context of the system kernel (ring-0).

9. bzip2 Remote Denial of Service Vulnerability
BugTraq ID: 13657
Remote: Yes
Date Published: May 17 2005
Relevant URL: http://www.securityfocus.com/bid/13657
Summary:
bzip2 is prone to a remote denial of service vulnerability. This issue arises when the application processes malformed archives. A successful attack can result in resource exhaustion and trigger a denial of service condition. bzip2 version 1.0.2 is reportedly affected by this issue. Other version are likely vulnerable as well.

10. MySQL mysql_install_db Insecure Temporary File Creation Vuln...
BugTraq ID: 13660
Remote: No
Date Published: May 17 2005
Relevant URL: http://www.securityfocus.com/bid/13660
Summary:
MySQL is reportedly affected by a vulnerability that can allow local attackers to gain unauthorized access to the database or gain elevated privileges. This issue results from a design error due to the creation of temporary files in an insecure manner. The vulnerability affects the 'mysql_install_db' script. Due to the nature of the script it may be possible to create database accounts or gain elevated privileges. MySQL versions prior to 4.0.12 and MySQL 5.x releases 5.0.4 and prior versions are reported to be affected.

11. Cheetah Local Privilege Escalation Vulnerability
BugTraq ID: 13662
Remote: No
Date Published: May 17 2005
Relevant URL: http://www.securityfocus.com/bid/13662
Summary:
Cheetah is prone to a local privilege escalation vulnerability. The issue arises because the application imports modules from the '/tmp' directory before searching for the path from the 'PYTHONPATH' variable. This can result in arbitrary code execution granting elevated privileges to an attacker. Cheetah versions prior to 0.9.17-rc1 are affected by this issue.

12. Linux Kernel 64 Bit EXT3 Filesystem Extended Attribute Denia...
BugTraq ID: 13680
Remote: No
Date Published: May 19 2005
Relevant URL: http://www.securityfocus.com/bid/13680
Summary:
The Linux Kernel is prone to a local denial of service vulnerability. Reports indicate the issue manifests on 64-bit platforms and is because of a flaw present in offset handling for the extended attribute file system code. A local attacker may trigger this issue to crash the system kernel.

13. PPXP Local Privilege Escalation Vulnerability
BugTraq ID: 13681
Remote: No
Date Published: May 19 2005
Relevant URL: http://www.securityfocus.com/bid/13681
Summary:
ppxp is prone to a local privilege escalation vulnerability. An attacker may abuse the issue to open a shell with superuser privileges.

14. NetWin SurgeMail Multiple Unspecified Input Validation Vulne...
BugTraq ID: 13689
Remote: Yes
Date Published: May 19 2005
Relevant URL: http://www.securityfocus.com/bid/13689
Summary:
Multiple unspecified vulnerabilities affect SurgeMail. Reportedly, these issues are due to a failure of the application to properly sanitize user-supplied input prior to employing it in critical locations including dynamic content. A successful attack may allow attackers to execute arbitrary HTML and script code in a user's browser. SurgeMail 3.0c2 is reported to be affected by these issues. Other versions may be vulnerable as well. Due to a lack of details, further information cannot be provided at the moment. This BID will be updated when more details are available.

15. GDB Multiple Vulnerabilities
BugTraq ID: 13697
Remote: Yes
Date Published: May 20 2005
Relevant URL: http://www.securityfocus.com/bid/13697
Summary:
GDB is reportedly affected by multiple vulnerabilities. These issues can allow an attacker to execute arbitrary code and commands on an affected computer. A successful attack may result in the attacker gaining elevated privileges or unauthorized access.The following specific issues were identified: The application is affected by a remote heap overflow vulnerability when loading malformed object files. Another vulnerability affecting the application may allow local attackers to gain elevated privileges. GDB 6.3 is reportedly affected by these issues. Other versions are likely vulnerable as well.

16. Gedit Filename Format String Vulnerability
BugTraq ID: 13699
Remote: Yes
Date Published: May 30 2005
Relevant URL: http://www.securityfocus.com/bid/13699
Summary:
gEdit is prone to a format string vulnerability. Exploitation may occur when the program is invoked with a filename that includes malicious format specifiers. This issue could be exploited to corrupt arbitrary regions of memory with attacker-supplied data, potentially resulting in execution of arbitrary code in the context of the user running the program.

17. ImageMagick And GraphicsMagick XWD Decoder Denial Of Service...
BugTraq ID: 13705
Remote: Yes
Date Published: May 21 2005
Relevant URL: http://www.securityfocus.com/bid/13705
Summary:
A remote, client-side denial of service vulnerability affects ImageMagick and GraphicsMagick. This issue is due to a failure of the application to handle malformed XWD image files.A remote attacker may leverage this issue to cause the affected application to enter into an infinite loop condition, consuming CPU resources on the affected computer, denying service to legitimate users.

Secunia

[SA15579] Conectiva update for php4
Critical: Highly critical
Where: From remote
Impact: Unknown, DoS, System access
Released: 2005-06-01
Conectiva has issued an update for php4. This fixes some
vulnerabilities, where some have an unknown impact and others can be
exploited by malicious people to cause a DoS (Denial of Service) and
potentially compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/15579/

[SA15529] Gentoo update for mailutils
Critical: Highly critical
Where: From remote
Impact: DoS, System access
Released: 2005-05-27
Gentoo has issued an update for mailutils. This fixes some
vulnerabilities, which can be exploited to cause a DoS (Denial of
Service) or compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/15529/

[SA15528] Ubuntu update for mozilla-firefox
Critical: Highly critical
Where: From remote
Impact: Cross Site Scripting, System access
Released: 2005-05-27
Ubuntu has issued an update for mozilla-firefox. This fixes two
vulnerabilities, which can be exploited by malicious people to conduct
cross-site scripting attacks and compromise a user's system.
Full Advisory:
http://secunia.com/advisories/15528/

[SA15574] Red Hat update for gnutls
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2005-06-01
Red Hat has issued an update for gnutls. This fixes a vulnerability,
which potentially can be exploited by malicious people to cause a DoS
(Denial of Service).
Full Advisory:
http://secunia.com/advisories/15574/

[SA15523] NewLife Blogger Unspecified SQL Injection Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2005-05-30
Some vulnerabilities have been reported in NewLife Blogger, which can
be exploited to conduct SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/15523/

[SA15514] SGI IRIX update for telnet
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2005-05-26
SGI has issued an update for telnet. This fixes two vulnerabilities,
which can be exploited by malicious people to compromise a user's
system.
Full Advisory:
http://secunia.com/advisories/15514/

[SA15513] Red Hat update for imagemagick
Critical: Moderately critical
Where: From remote
Impact: DoS, System access
Released: 2005-05-26
Red Hat has issued an update for imagemagick. This fixes a
vulnerability, which can be exploited by malicious people to cause a
DoS (Denial of Service) or potentially compromise a user's system.
Full Advisory:
http://secunia.com/advisories/15513/

[SA15576] Red Hat update for postgresql
Critical: Moderately critical
Where: From local network
Impact: Unknown, Privilege escalation, DoS
Released: 2005-06-02
Red Hat has released an update for postgresql. This fixes two
vulnerabilities, which can be exploited by malicious users to cause a
DoS (Denial of Service) or potentially gain escalated privileges.
Full Advisory:
http://secunia.com/advisories/15576/

[SA15570] Mandriva update for postgresql
Critical: Moderately critical
Where: From local network
Impact: Unknown, Privilege escalation, DoS
Released: 2005-06-02
Mandriva has issued an update for postgresql. This fixes two
vulnerabilities, which can be exploited by malicious users to cause a
DoS (Denial of Service) or potentially gain escalated privileges.
Full Advisory:
http://secunia.com/advisories/15570/

[SA15525] HP-UX Unspecified Security Bypass Vulnerability
Critical: Moderately critical
Where: From local network
Impact: Security Bypass
Released: 2005-05-27
A vulnerability has been reported in HP-UX, which potentially can be
exploited by malicious people to bypass certain security restrictions.
Full Advisory:
http://secunia.com/advisories/15525/

[SA15578] Conectiva update for gftp
Critical: Less critical
Where: From remote
Impact: Security Bypass, Manipulation of data
Released: 2005-06-01
Conectiva has issued an update for gftp. This fixes a vulnerability,
which can be exploited by malicious people to conduct directory
traversal attacks.
Full Advisory:
http://secunia.com/advisories/15578/

[SA15533] qmail Memory Corruption Vulnerability
Critical: Less critical
Where: From remote
Impact: DoS, System access
Released: 2005-05-31
Georgi Guninski has reported a vulnerability in qmail, which can be
exploited by malicious people to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/15533/

[SA15526] HP-UX ICMP Message Handling Denial of Service
Critical: Less critical
Where: From remote
Impact: DoS
Released: 2005-05-27
HP has acknowledged a vulnerability in HP-UX, which can be exploited by
malicious people to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/15526/

[SA15577] Red Hat update for openssl
Critical: Less critical
Where: Local system
Impact: Exposure of sensitive information, Privilege escalation
Released: 2005-06-02
Red Hat has issued an update for openssl. This fixes two
vulnerabilities, which can be exploited by malicious, local users to
gain knowledge of sensitive information or perform certain actions with
escalated privileges.
Full Advisory:
http://secunia.com/advisories/15577/

[SA15575] Trustix update for binutils
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2005-06-01
Trustix has issued an update for binutils. This fixes a vulnerability,
which potentially can be exploited by malicious, local users to gain
escalated privileges.
Full Advisory:
http://secunia.com/advisories/15575/

[SA15554] Mandriva update for gdb
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2005-05-31
Mandriva has issued an update for gdb. This fixes two vulnerabilities,
which potentially can be exploited by malicious, local users to gain
escalated privileges.
Full Advisory:
http://secunia.com/advisories/15554/

[SA15544] Fast n Furious DtDNS Updater Command Line Argument Disclosure
Critical: Less critical
Where: Local system
Impact: Exposure of sensitive information
Released: 2005-05-30
A security issue has been reported in Fast n Furious DtDNS Updater,
which may disclose sensitive information to malicious, local users.
Full Advisory:
http://secunia.com/advisories/15544/

[SA15527] Ubuntu update for binutils/binutils-multiarch
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2005-05-27
Ubuntu has issued updates for binutils and binutils-multiarch. These
fix a vulnerability, which potentially can be exploited by malicious,
local users to gain escalated privileges.
Full Advisory:
http://secunia.com/advisories/15527/

[SA15524] Ubuntu update for gdb
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2005-05-27
Ubuntu has issued an update for gdb. This fixes two vulnerabilities,
which potentially can be exploited by malicious, local users to gain
escalated privileges.
Full Advisory:
http://secunia.com/advisories/15524/

[SA15512] Red Hat update for kernel
Critical: Less critical
Where: Local system
Impact: Exposure of sensitive information, Privilege escalation,
Security Bypass
Released: 2005-05-26
Red Hat has issued an update for the kernel. This fixes some
vulnerabilities, which can be exploited by malicious, local users to
gain knowledge of potentially sensitive information and gain escalated
privileges.
Full Advisory:
http://secunia.com/advisories/15512/

[SA15530] Fedora update for imagemagick
Critical: Not critical
Where: From remote
Impact: DoS
Released: 2005-05-27
Fedora has issued an update for imagemagick. This fixes a weakness,
which can be exploited by malicious people to cause a DoS (Denial of
Service).
Full Advisory:
http://secunia.com/advisories/15530/

[SA15542] Clam AntiVirus on Mac OS X Privilege Escalation Vulnerability
Critical: Not critical
Where: Local system
Impact: Privilege escalation
Released: 2005-05-30
Tim Morgan and Kevin Amorin have reported a vulnerability in Clam
AntiVirus, which potentially can be exploited by malicious, local users
to gain escalated privileges.
Full Advisory:
http://secunia.com/advisories/15542/

[SA15537] PowerDownload "incdir" File Inclusion Vulnerability
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2005-05-31
SoulBlack Security Research has discovered a vulnerability in
PowerDownload, which can be exploited by malicious people to compromise
a vulnerable system.
Full Advisory:
http://secunia.com/advisories/15537/

[SA15536] PeerCast URL Format String Vulnerability
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2005-05-30
James Bercegay has reported a vulnerability in PeerCast, which
potentially can be exploited by malicious people to compromise a
vulnerable system.
Full Advisory:
http://secunia.com/advisories/15536/

[SA15519] C'Nedra "READ_TCP_STRING()" Buffer Overflow Vulnerability
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2005-05-27
Luigi Auriemma has reported a vulnerability in C'Nedra, which can be
exploited by malicious people to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/15519/

[SA15510] PHP Poll Creator "relativer_pfad" File Inclusion Vulnerability
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2005-05-26
rash ilusion has reported a vulnerability in PHP Poll Creator, which
can be exploited by malicious people to compromise a vulnerable
system.
Full Advisory:
http://secunia.com/advisories/15510/

[SA15569] Calendarix Advanced SQL Injection Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2005-06-01
DarkBicho has discovered some vulnerabilities in Calendarix Advanced,
which can be exploited by malicious people to conduct SQL injection
attacks.
Full Advisory:
http://secunia.com/advisories/15569/

[SA15558] I-Man File Attachments Upload Vulnerability
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2005-06-01
A vulnerability has been reported in I-Man, which can be exploited by
malicious users to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/15558/

[SA15555] Qualiteam X-Cart Gold SQL Injection Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2005-05-31
Censored has reported some vulnerabilities in Qualiteam X-Cart Gold,
which can be exploited by malicious people to conduct SQL injection
attacks.
Full Advisory:
http://secunia.com/advisories/15555/

[SA15552] MyBulletinBoard Multiple Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting, Manipulation of data
Released: 2005-05-31
Some vulnerabilities have been reported in MyBulletinBoard (MyBB),
which can be exploited by malicious people to conduct cross-site
scripting, script insertion and SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/15552/

[SA15550] ezUserManager Script Insertion and SQL Injection
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting, Manipulation of data
Released: 2005-06-01
Some vulnerabilities have been reported in ezUserManager, which can be
exploited by malicious people to conduct script insertion and SQL
injection attacks.
Full Advisory:
http://secunia.com/advisories/15550/

[SA15538] FreeStyle Wiki Attachments Script Insertion Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting
Released: 2005-05-31
A vulnerability has been reported in FreeStyle Wiki and FSWikiLite,
which can be exploited by malicious people to conduct script insertion
attacks.
Full Advisory:
http://secunia.com/advisories/15538/

[SA15535] Ettercap "curses_msg()" Format String Vulnerability
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2005-05-31
A vulnerability has been reported in Ettercap, which can be exploited
by malicious people to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/15535/

[SA15534] phpThumb() "src" Exposure of Sensitive Information
Critical: Moderately critical
Where: From remote
Impact: Exposure of sensitive information
Released: 2005-06-02
A vulnerability has been reported in phpThumb(), which can be exploited
by malicious people to disclose sensitive information.
Full Advisory:
http://secunia.com/advisories/15534/

[SA15532] NPDS Multiple Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting, Manipulation of data
Released: 2005-05-30
NoSP and Romano has reported some vulnerabilities in NPDS, which can be
exploited by malicious people to conduct cross-site scripting, script
insertion and SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/15532/

[SA15521] Hosting Controller "UserProfile.asp" Authentication Bypass
Critical: Moderately critical
Where: From remote
Impact: Security Bypass
Released: 2005-05-31
A vulnerability has been reported in Hosting Controller, which can be
exploited by malicious people to bypass certain security restrictions.
Full Advisory:
http://secunia.com/advisories/15521/

[SA15517] WordPress "cat_ID" SQL Injection Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2005-05-30
A vulnerability has been reported in WordPress, which can be exploited
by malicious people to conduct SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/15517/

[SA15516] PHPstat "check" Authentication Bypass Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Security Bypass
Released: 2005-05-27
SoulBlack Security Research has discovered a vulnerability in PHPstat,
which can be exploited by malicious people to bypass certain security
restrictions.
Full Advisory:
http://secunia.com/advisories/15516/

[SA15562] Symantec Brightmail AntiSpam Static Database Password
Critical: Moderately critical
Where: From local network
Impact: Security Bypass
Released: 2005-06-01
A security issue has been reported in Symantec Brightmail AntiSpam,
which can be exploited by malicious people to bypass security
restrictions.
Full Advisory:
http://secunia.com/advisories/15562/

[SA15547] Jaws "term" Cross-Site Scripting Vulnerability
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2005-05-30
Paulino Calderon has reported a vulnerability in Jaws, which can be
exploited by malicious people to conduct cross-site scripting attacks.
Full Advisory:
http://secunia.com/advisories/15547/

[SA15543] PHPMailer "Data()" Denial of Service Vulnerability
Critical: Less critical
Where: From remote
Impact: DoS
Released: 2005-05-31
Mariano Nuñez Di Croce has reported a vulnerability in PHPMailer, which
can be exploited by malicious people to cause a DoS (Denial of
Service).
Full Advisory:
http://secunia.com/advisories/15543/

[SA15518] NikoSoft WebMail Unspecified Cross-Site Scripting Vulnerability
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2005-05-30
A vulnerability has been reported in NikoSoft WebMail, which
potentially can be exploited by malicious people to conduct cross-site
scripting attacks.
Full Advisory:
http://secunia.com/advisories/15518/

[SA15545] Invision Power Board Privilege Escalation Vulnerability
Critical: Not critical
Where: From remote
Impact: Privilege escalation
Released: 2005-05-30
Rapigator has reported a vulnerability in Invision Power Board, which
can be exploited by malicious users to gain escalated privileges.
Full Advisory:
http://secunia.com/advisories/15545/

Linux Advisory Watch

Distribution: Debian

* Debian: New qpopper packages fix arbitrary file overwriting
26th, May, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119199

* Debian: New PHP4 packages fix denial of service
26th, May, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119203

* Debian: New bzip2 packages fix file unauthorised permissions modification
27th, May, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119214


Distribution: Fedora

* Fedora Core 3 Update: ImageMagick-6.2.2.0-2.fc3
26th, May, 2005
An malicious image could cause a denial-of-service in the xwd
coder. The update fixes this issue.
http://www.linuxsecurity.com/content/view/119206

* Fedora Core 3 Update: system-config-netboot-0.1.16-1_FC3
27th, May, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119216

* Fedora Core 3 Update: system-config-bind-4.0.0-16
27th, May, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119217

* Fedora Core 3 Update: netpbm-10.27-4.FC3
1st, June, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119230


Distribution: Gentoo

* Gentoo: gxine Format string vulnerability
26th, May, 2005
A format string vulnerability in gxine could allow a remote attacker
to execute arbitrary code.
http://www.linuxsecurity.com/content/view/119200

* Gentoo: Mailutils Multiple vulnerabilities in imap4d
27th, May, 2005
The imap4d server and the mail utility from GNU Mailutils contain
multiple vulnerabilities, potentially allowing a remote attacker to
execute arbitrary code with root privileges.
http://www.linuxsecurity.com/content/view/119211

* Gentoo: Binutils, elfutils Buffer overflow
1st, June, 2005
Various utilities from the GNU Binutils and elfutils packages are
vulnerable to a heap based buffer overflow, potentially resulting in
the execution of arbitrary code.
http://www.linuxsecurity.com/content/view/119228


Distribution: Red Hat

* RedHat: Moderate: gnutls security update
1st, June, 2005
Updated GnuTLS packages that fix a remote denial of service
vulnerability are available for Red Hat Enterprise Linux 4.
This update has been rated as having moderate security impact by the
Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/119231

* RedHat: Moderate: postgresql security update
1st, June, 2005
Updated postgresql packages that fix several security vulnerabilities
and risks of data loss are now available. This update has been rated as
having moderate security impact by the Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/119232

* RedHat: Moderate: openssl security update
1st, June, 2005
Updated OpenSSL packages that fix security issues are now available.
This update has been rated as having moderate security impact by the
Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/119233