LQ Security Report - October 2nd 2005
September 27th 2005
12 issues reported (SF) 1. Opera Web Browser Mail Client Multiple Vulnerabilities 2. Opera Web Browser Unspecified Drag And Drop File Upload Vulnerability 3. Mozilla Browser/Firefox Arbitrary Command Execution Vulnerability 4. Webmin / Usermin Remote PAM Authentication Bypass Vulnerability 5. Linux Kernel 64-Bit SMP Routing_ioctl() Local Denial of Service Vulnerability 6. Mozilla Browser/Firefox XBM Image Processing Heap Overflow Vulnerability 7. Mozilla Browser/Firefox JavaScript Engine Integer Overflow Vulnerability 8. Mozilla Browser/Firefox Zero-Width Non-Joiner Stack Corruption Vulnerability 9. Mozilla Browser/Firefox Chrome Window Spoofing Vulnerability 10. Mozilla Browser/Firefox Chrome Page Loading Restriction Bypass Privilege Escalation Weakness 11. Mozilla Browser/Firefox DOM Objects Spoofing Vulnerability 12. Mozilla Browser/Firefox Arbitrary HTTP Request Injection Vulnerability September 29th 2005 60 issues reported (SN) [SA16965] Fedora update for firefox [SA16960] Slackware update for mozilla [SA16928] Ubuntu update for mozilla/mozilla-firefox [SA16919] Red Hat update for firefox [SA16986] Fedora update for HelixPlayer [SA16980] TWiki "%INCLUDE" Shell Command Injection Vulnerability [SA16976] Gentoo update for php [SA16974] SGI Advanced Linux Environment Multiple Updates [SA16964] Fedora update for mozilla [SA16962] Red Hat update for HelixPlayer [SA16961] RealPlayer Error Message Format String Vulnerability [SA16954] Helix Player Error Message Format String Vulnerability [SA16953] Mandriva update for mozilla [SA16948] Trustix update for clamav [SA16930] SUSE update for clamav [SA16920] Mac OS X Security Update Fixes Multiple Vulnerabilities [SA16918] Red Hat update for mozilla [SA16972] Debian update for python2.3 [SA16968] SUSE update for opera [SA16967] Astaro Security Linux PPTP Denial of Service Vulnerability [SA16957] Gentoo update for qt [SA16945] jPortal Download Search SQL Injection Vulnerability [SA16940] Gentoo update for webmin/usermin [SA16939] Debian update for courier [SA16938] Gentoo update for mantis [SA16936] wzdftpd SITE Command Arbitrary Shell Command Injection [SA16923] Interchange Catalog Skeleton SQL Injection and ITL Injection Vulnerabilities [SA16914] Debian update for python2.1 [SA16943] IBM HMC apache/mod_ssl Vulnerabilities [SA16978] Polipo Disclosure of Sensitive Information [SA16950] Red Hat update for cups [SA16912] Fedora update for cups [SA16969] Linux Kernel URB Handling Denial of Service Vulnerability [SA16959] Slackware update for x11 [SA16955] Sun Solaris Xsun and Xprt Privilege Escalation Vulnerability [SA16935] Qpopper poppassd Insecure Trace File Creation Vulnerability [SA16927] Ubuntu update for kernel [SA16925] SUSE update for XFree86-server/xorg-x11-server [SA16924] SUN Solaris UFS File System Denial of Service [SA16916] Debian update for kdeedu [SA16910] Fedora update for kernel [SA16984] Red Hat update for wget [SA16944] Netscape Multiple Vulnerabilities [SA16941] AlstraSoft E-Friends "mode" File Inclusion Vulnerability [SA16933] phpMyFAQ Multiple Vulnerabilities [SA16917] Mozilla Multiple Vulnerabilities [SA16911] Firefox Multiple Vulnerabilities [SA16979] PostNuke Local File Inclusion and Comment Bypass Vulnerabilities [SA16949] SEO-Board admin.php SQL Injection Vulnerability [SA16937] Mailgust "email" SQL Injection Vulnerability [SA16929] ContentServ "ctsWebsite" Local File Inclusion Vulnerability [SA16926] MultiTheftAuto Server "motd.txt" Modification and Denial of Service [SA16913] My Little Forum "search" SQL Injection Vulnerability [SA16908] PunBB Two Vulnerabilities [SA16947] RSyslog Syslog Message SQL Injection Vulnerability [SA16970] CJ LinkOut "123" Cross-Site Scripting Vulnerability [SA16966] CJ Tag Board Cross-Site Scripting Vulnerabilities [SA16963] CJ Web2Mail Cross-Site Scripting Vulnerabilities [SA16934] IPB Riverdark RSS Syndicator Module Cross-Site Scripting [SA16971] PHP Trailing Slash "open_basedir" Security Bypass September 30th 2005 23 issues reported in 3 distros (LAW) python Xfree86 kdeedu courier zsync gtkdiskfree util-linux mantis webmin qt php firefox mozilla cups helixplayer realplayer wget ghostscript slocate net-snmp openssh binutils kernel |
September 27th 2005 (SF)
Security Focus
1. Opera Web Browser Mail Client Multiple Vulnerabilities BugTraq ID: 14880 Remote: Yes Date Published: 2005-09-20 Relevant URL: http://www.securityfocus.com/bid/14880 Summary: Opera Web Browser Mail client is affected by multiple vulnerabilities. These issues could allow remote attackers to spoof attachment names and carry out script injection attacks. These vulnerabilities may also be combined to carry out various attacks. Opera Web Browser 8.02 is reportedly vulnerable, however, it is likely that other versions are affected as well. 2. Opera Web Browser Unspecified Drag And Drop File Upload Vulnerability BugTraq ID: 14884 Remote: Yes Date Published: 2005-09-20 Relevant URL: http://www.securityfocus.com/bid/14884 Summary: Opera Web Browser is affected by an unspecified drag and drop file upload vulnerability. The cause of this issue was not specified, however, it may allow remote attackers to upload arbitrary files to a computer. This can lead to various attacks including arbitrary code execution in the context of the user running the browser. Due to lack of information, further details cannot be provided at the moment. This BID will be update when more information becomes available. 3. Mozilla Browser/Firefox Arbitrary Command Execution Vulnerability BugTraq ID: 14888 Remote: Yes Date Published: 2005-09-20 Relevant URL: http://www.securityfocus.com/bid/14888 Summary: Mozilla Browser/Firefox are affected by an arbitrary command execution vulnerability. This attack would occur in the context of the user running the vulnerable application and may facilitate unauthorized remote access. Mozilla Firefox 1.0.6 running on UNIX based platforms is reportedly vulnerable. Other versions and applications employing Firefox functionality may be vulnerable as well. Mozilla Browser 1.7.x versions and Thunderbird 1.x versions are also vulnerable to this issue. 4. Webmin / Usermin Remote PAM Authentication Bypass Vulnerability BugTraq ID: 14889 Remote: Yes Date Published: 2005-09-20 Relevant URL: http://www.securityfocus.com/bid/14889 Summary: Webmin and Usermin are susceptible to a remote PAM authentication bypass vulnerability. This issue is present in the 'miniserv.pl' Web server that is bundled with these applications. Due to insufficient input validation, shell metacharacters may be employed to bypass the authentication mechanism. Due to the nature of these applications, full system compromise is very likely after gaining access. 5. Linux Kernel 64-Bit SMP Routing_ioctl() Local Denial of Service Vulnerability BugTraq ID: 14902 Remote: No Date Published: 2005-09-22 Relevant URL: http://www.securityfocus.com/bid/14902 Summary: A local denial of service vulnerability affects the Linux on 64 bit Symmetric Multi-Processor (SMP) platforms. Specifically, the vulnerability presents itself due to an omitted call to the 'sockfd_put()' function in the 32-bit compatible 'routing_ioctl()' function. The 32-bit compatible 'tiocgdev ioctl()' function on x86-64 platforms is affected by this issue as well. 6. Mozilla Browser/Firefox XBM Image Processing Heap Overflow Vulnerability BugTraq ID: 14916Remote: Yes Date Published: 2005-09-23 Relevant URL: http://www.securityfocus.com/bid/14916 Summary: Mozilla and Firefox browsers are prone to a heap overflow when processing malformed XBM images. Successful exploitation can result in arbitrary code execution. 7. Mozilla Browser/Firefox JavaScript Engine Integer Overflow Vulnerability BugTraq ID: 14917 Remote: Yes Date Published: 2005-09-23 Relevant URL: http://www.securityfocus.com/bid/14917 Summary: Mozilla Browser/Firefox are affected by an integer overflow vulnerability in their JavaScript engine. This issue may be exploited by a remote attacker who entices a user to visit a malicious site. A successful attack may facilitate unauthorized remote access to a vulnerable computer. Netscape Browser 8.0.3.3, Netscape 7.2, and K-Meleon 0.9 are vulnerable to this issue as well. 8. Mozilla Browser/Firefox Zero-Width Non-Joiner Stack Corruption Vulnerability BugTraq ID: 14918 Remote: Yes Date Published: 2005-09-23 Relevant URL: http://www.securityfocus.com/bid/14918 Summary: Mozilla and Firefox are prone to a stack corruption vulnerability. Successful exploitation could potentially result in arbitrary code execution. 9. Mozilla Browser/Firefox Chrome Window Spoofing Vulnerability BugTraq ID: 14919 Remote: Yes Date Published: 2005-09-23 Relevant URL: http://www.securityfocus.com/bid/14919 Summary: Mozilla and Firefox browsers are prone to a window spoofing vulnerability. An attacker can exploit this vulnerability to enhance phishing-style attacks. 10. Mozilla Browser/Firefox Chrome Page Loading Restriction Bypass Privilege Escalation Weakness BugTraq ID: 14920 Remote: Yes Date Published: 2005-09-23 Relevant URL: http://www.securityfocus.com/bid/14920 Summary: Mozilla Browser/Firefox are prone to a potential arbitrary code execution weakness. Specifically, an attacker can load privileged 'chrome' pages from an unprivileged 'about:' page. This issue does not pose a threat unless it is combined with a same-origin violation issue. If successfully exploited, this issue may allow a remote attacker to execute arbitrary code and gain unauthorized remote access to a computer. This would occur in the context of the user running the browser. 11. Mozilla Browser/Firefox DOM Objects Spoofing Vulnerability BugTraq ID: 14921 Remote: Yes Date Published: 2005-09-23 Relevant URL: http://www.securityfocus.com/bid/14921 Summary: Mozilla and Firefox are prone to a DOM object spoofing vulnerability. Successful exploitation could allow a remote attacker to execute arbitrary script code with elevated privileges. 12. Mozilla Browser/Firefox Arbitrary HTTP Request Injection Vulnerability BugTraq ID: 14923 Remote: Yes Date Published: 2005-09-23 Relevant URL: http://www.securityfocus.com/bid/14923 Summary: Mozilla and Firefox browsers are prone to a vulnerability that permits the injection of arbitrary HTTP requests. This issue is due to a failure in the application to properly sanitize user-supplied input. This issue can be used to exploit server or proxy flaws from the user's machine, or to fool a server or proxy into thinking a single request is a stream of separate requests. |
September 29th 2005 (SN) Part 1
Secunia
[SA16965] Fedora update for firefox Critical: Extremely critical Where: From remote Impact: Security Bypass, Spoofing, Manipulation of data, System access Released: 2005-09-27 Fedora has issued an update for firefox. This fixes some vulnerabilities, which can be exploited by malicious people to conduct spoofing attacks, manipulate certain data, bypass certain security restrictions, and compromise a user's system. Full Advisory: http://secunia.com/advisories/16965/ [SA16960] Slackware update for mozilla Critical: Extremely critical Where: From remote Impact: Security Bypass, Spoofing, Manipulation of data, System access Released: 2005-09-27 Slackware has issued an update for mozilla. This fixes some vulnerabilities, which can be exploited by malicious people to conduct spoofing attacks, manipulate certain data, bypass certain security restrictions, and compromise a user's system. Full Advisory: http://secunia.com/advisories/16960/ [SA16928] Ubuntu update for mozilla/mozilla-firefox Critical: Extremely critical Where: From remote Impact: Security Bypass, Spoofing, Manipulation of data, System access Released: 2005-09-26 Ubuntu has issued updates for mozilla and mozilla-firefox. These fix some vulnerabilities, which can be exploited by malicious people to conduct spoofing attacks, manipulate certain data, bypass certain security restrictions, and compromise a user's system. Full Advisory: http://secunia.com/advisories/16928/ [SA16919] Red Hat update for firefox Critical: Extremely critical Where: From remote Impact: Security Bypass, Spoofing, Manipulation of data, System access Released: 2005-09-23 Red Hat has issued an update for firefox. This fixes some vulnerabilities, which can be exploited by malicious people to conduct spoofing attacks, manipulate certain data, bypass certain security restrictions, and compromise a user's system. Full Advisory: http://secunia.com/advisories/16919/ [SA16986] Fedora update for HelixPlayer Critical: Highly critical Where: From remote Impact: System access Released: 2005-09-28 Fedora has issued an update for HelixPlayer. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/16986/ [SA16980] TWiki "%INCLUDE" Shell Command Injection Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2005-09-28 A vulnerability has been reported in TWiki, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/16980/ [SA16976] Gentoo update for php Critical: Highly critical Where: From remote Impact: System access Released: 2005-09-28 Gentoo has issued an update for php. This fixes two vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/16976/ [SA16974] SGI Advanced Linux Environment Multiple Updates Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2005-09-28 SGI has issued a patch for SGI Advanced Linux Environment. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/16974/ [SA16964] Fedora update for mozilla Critical: Highly critical Where: From remote Impact: Security Bypass, Spoofing, Manipulation of data, System access Released: 2005-09-27 Fedora has issued an update for mozilla. This fixes some vulnerabilities, which can be exploited by malicious people to conduct spoofing attacks, manipulate certain data, bypass certain security restrictions, and compromise a user's system. Full Advisory: http://secunia.com/advisories/16964/ [SA16962] Red Hat update for HelixPlayer Critical: Highly critical Where: From remote Impact: System access Released: 2005-09-27 Red Hat has issued an update for HelixPlayer. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/16962/ [SA16961] RealPlayer Error Message Format String Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2005-09-27 c0ntex has discovered a vulnerability in RealPlayer, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/16961/ [SA16954] Helix Player Error Message Format String Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2005-09-27 c0ntex has discovered a vulnerability in Helix Player, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/16954/ [SA16953] Mandriva update for mozilla Critical: Highly critical Where: From remote Impact: System access, Manipulation of data, Spoofing, Security Bypass Released: 2005-09-27 Mandriva has issued an update for mozilla. This fixes some vulnerabilities, which can be exploited by malicious people to conduct spoofing attacks, manipulate certain data, bypass certain security restrictions, and compromise a user's system. Full Advisory: http://secunia.com/advisories/16953/ [SA16948] Trustix update for clamav Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2005-09-26 Trustix has issued an update for clamav. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service), or potentially to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/16948/ [SA16930] SUSE update for clamav Critical: Highly critical Where: From remote Impact: DoS, System access Released: 2005-09-26 SUSE has issued an update for clamav. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service), or potentially to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/16930/ [SA16920] Mac OS X Security Update Fixes Multiple Vulnerabilities Critical: Highly critical Where: From remote Impact: Security Bypass, Cross Site Scripting, Exposure of sensitive information, Privilege escalation, System access Released: 2005-09-23 Apple has issued a security update for Mac OS X, which fixes 10 vulnerabilities. Full Advisory: http://secunia.com/advisories/16920/ [SA16918] Red Hat update for mozilla Critical: Highly critical Where: From remote Impact: Security Bypass, Spoofing, Manipulation of data, System access Released: 2005-09-23 Red Hat has issued an update for mozilla. This fixes some vulnerabilities, which can be exploited by malicious people to conduct spoofing attacks, manipulate certain data, bypass certain security restrictions, and compromise a user's system. Full Advisory: http://secunia.com/advisories/16918/ [SA16972] Debian update for python2.3 Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2005-09-28 Debian has issued an update for python2.3. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/16972/ [SA16968] SUSE update for opera Critical: Moderately critical Where: From remote Impact: Unknown, Cross Site Scripting, Spoofing Released: 2005-09-27 SUSE has issued an update for opera. This fixes two vulnerabilities, which can be exploited by a malicious person to conduct script insertion attacks and to spoof the name of attached files. Full Advisory: http://secunia.com/advisories/16968/ [SA16967] Astaro Security Linux PPTP Denial of Service Vulnerability Critical: Moderately critical Where: From remote Impact: DoS Released: 2005-09-27 A vulnerability has been reported in Astaro Security Linux, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/16967/ [SA16957] Gentoo update for qt Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2005-09-27 Gentoo has issued an update for qt. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a user's system. Full Advisory: http://secunia.com/advisories/16957/ [SA16945] jPortal Download Search SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2005-09-27 krasza has discovered a vulnerability in jPortal, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/16945/ [SA16940] Gentoo update for webmin/usermin Critical: Moderately critical Where: From remote Impact: Security Bypass Released: 2005-09-26 Gentoo has issued an update for webmin/usermin. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/16940/ [SA16939] Debian update for courier Critical: Moderately critical Where: From remote Impact: Cross Site Scripting Released: 2005-09-26 Debian has issued an update for courier. This fixes a vulnerability, which can be exploited by malicious people to conduct script insertion attacks. Full Advisory: http://secunia.com/advisories/16939/ [SA16938] Gentoo update for mantis Critical: Moderately critical Where: From remote Impact: Cross Site Scripting, Manipulation of data Released: 2005-09-26 Gentoo has issued an update for mantis. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks. Full Advisory: http://secunia.com/advisories/16938/ [SA16936] wzdftpd SITE Command Arbitrary Shell Command Injection Critical: Moderately critical Where: From remote Impact: System access Released: 2005-09-26 kcope has discovered a vulnerability in wzdftpd, which can be exploited by malicious users to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/16936/ [SA16923] Interchange Catalog Skeleton SQL Injection and ITL Injection Vulnerabilities Critical: Moderately critical Where: From remote Impact: Unknown, Manipulation of data Released: 2005-09-23 Two vulnerabilities have been reported in Interchange, which can be exploited by malicious people to conduct SQL injection attacks, or to perform actions with an unknown impact. Full Advisory: http://secunia.com/advisories/16923/ [SA16914] Debian update for python2.1 Critical: Moderately critical Where: From remote Impact: DoS, System access Released: 2005-09-23 Debian has issued an update for python2.1. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/16914/ [SA16943] IBM HMC apache/mod_ssl Vulnerabilities Critical: Less critical Where: From remote Impact: Security Bypass, Cross Site Scripting, Manipulation of data, Privilege escalation Released: 2005-09-26 IBM has acknowledged some vulnerabilities in IBM HMC, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or potentially gain escalated privileges, or by malicious people to bypass certain security restrictions or conduct HTTP request smuggling attacks. Full Advisory: http://secunia.com/advisories/16943/ [SA16978] Polipo Disclosure of Sensitive Information Critical: Less critical Where: From local network Impact: Unknown, Exposure of sensitive information Released: 2005-09-28 A vulnerability has been reported in Polipo, which can be exploited by malicious people to disclose potentially sensitive information. Full Advisory: http://secunia.com/advisories/16978/ [SA16950] Red Hat update for cups Critical: Less critical Where: From local network Impact: DoS Released: 2005-09-27 Red Hat has issued an update for cups. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/16950/ [SA16912] Fedora update for cups Critical: Less critical Where: From local network Impact: DoS Released: 2005-09-23 Fedora has issued an update for cups. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/16912/ |
September 29th 2005 (SN) Part 2
[SA16969] Linux Kernel URB Handling Denial of Service Vulnerability
Critical: Less critical Where: Local system Impact: DoS Released: 2005-09-27 A vulnerability and a security issue have been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/16969/ [SA16959] Slackware update for x11 Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-09-27 Slackware has issued an update for x11. This fixes a vulnerability, which potentially can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/16959/ [SA16955] Sun Solaris Xsun and Xprt Privilege Escalation Vulnerability Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-09-27 A vulnerability has been reported in Solaris, which can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/16955/ [SA16935] Qpopper poppassd Insecure Trace File Creation Vulnerability Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-09-26 kcope has discovered a vulnerability in Qpopper, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges. Full Advisory: http://secunia.com/advisories/16935/ [SA16927] Ubuntu update for kernel Critical: Less critical Where: Local system Impact: DoS Released: 2005-09-26 Ubuntu has issued an update for the kernel. This fixes two vulnerabilities, which potentially can be exploited by malicious, local users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/16927/ [SA16925] SUSE update for XFree86-server/xorg-x11-server Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-09-26 SUSE has issued an update for XFree86-server/xorg-x11-server. This fixes a vulnerability, which potentially can be exploited by malicious, local users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/16925/ [SA16924] SUN Solaris UFS File System Denial of Service Critical: Less critical Where: Local system Impact: DoS Released: 2005-09-23 A vulnerability has been reported in Solaris, which can be exploited by malicious, local users to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/16924/ [SA16916] Debian update for kdeedu Critical: Less critical Where: Local system Impact: Privilege escalation Released: 2005-09-23 Debian has issued an update for kdeedu. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions with escalated privileges on a vulnerable system. Full Advisory: http://secunia.com/advisories/16916/ [SA16910] Fedora update for kernel Critical: Less critical Where: Local system Impact: DoS, Privilege escalation, Exposure of sensitive information Released: 2005-09-23 Fedora has issued an update for the kernel. This fixes some vulnerabilities, which potentially can be exploited by malicious, local users to disclose certain sensitive information, cause a DoS (Denial of Service), and gain escalated privileges. Full Advisory: http://secunia.com/advisories/16910/ [SA16984] Red Hat update for wget Critical: Not critical Where: Local system Impact: Privilege escalation Released: 2005-09-28 Red Hat has issued an update for wget. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges. Full Advisory: http://secunia.com/advisories/16984/ [SA16944] Netscape Multiple Vulnerabilities Critical: Highly critical Where: From remote Impact: Security Bypass, Spoofing, Manipulation of data, System access Released: 2005-09-26 Some vulnerabilities have been discovered in Netscape, which can be exploited by malicious people to manipulate certain data, conduct spoofing attacks, bypass certain security restrictions and potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/16944/ [SA16941] AlstraSoft E-Friends "mode" File Inclusion Vulnerability Critical: Highly critical Where: From remote Impact: System access Released: 2005-09-26 Kurdish Hackers Clan has reported a vulnerability in AlstraSoft E-Friends, which can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/16941/ [SA16933] phpMyFAQ Multiple Vulnerabilities Critical: Highly critical Where: From remote Impact: Cross Site Scripting, Manipulation of data, Exposure of system information, Exposure of sensitive information, System access Released: 2005-09-26 rgod has discovered some vulnerabilities in phpMyFAQ, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks, disclose system and sensitive information, and compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/16933/ [SA16917] Mozilla Multiple Vulnerabilities Critical: Highly critical Where: From remote Impact: Security Bypass, Spoofing, Manipulation of data, System access Released: 2005-09-23 Multiple vulnerabilities have been reported in Mozilla Suite, which can be exploited by malicious people to conduct spoofing attacks, manipulate certain data, bypass certain security restrictions, and compromise a user's system. Full Advisory: http://secunia.com/advisories/16917/ [SA16911] Firefox Multiple Vulnerabilities Critical: Highly critical Where: From remote Impact: Security Bypass, Spoofing, Manipulation of data, System access Released: 2005-09-23 Multiple vulnerabilities have been reported in Firefox, which can be exploited by malicious people to conduct spoofing attacks, manipulate certain data, bypass certain security restrictions, and compromise a user's system. Full Advisory: http://secunia.com/advisories/16911/ [SA16979] PostNuke Local File Inclusion and Comment Bypass Vulnerabilities Critical: Moderately critical Where: From remote Impact: Security Bypass, Exposure of sensitive information Released: 2005-09-28 Two vulnerabilities have been reported in PostNuke, which can be exploited by malicious people to bypass certain security restrictions and disclose sensitive information. Full Advisory: http://secunia.com/advisories/16979/ [SA16949] SEO-Board admin.php SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Security Bypass, Manipulation of data Released: 2005-09-26 foster RST/GHC has reported a vulnerability in SEO-Board, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/16949/ [SA16937] Mailgust "email" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Security Bypass, Manipulation of data Released: 2005-09-26 rgod has reported a vulnerability in Mailgust, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/16937/ [SA16929] ContentServ "ctsWebsite" Local File Inclusion Vulnerability Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information Released: 2005-09-26 qobaiashi has reported a vulnerability in ContentServ, which can be exploited by malicious people to disclose sensitive information. Full Advisory: http://secunia.com/advisories/16929/ [SA16926] MultiTheftAuto Server "motd.txt" Modification and Denial of Service Critical: Moderately critical Where: From remote Impact: Manipulation of data, DoS Released: 2005-09-26 Luigi Auriemma has reported two vulnerabilities in MultiTheftAuto Server, which can be exploited by malicious people to modify certain information or cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/16926/ [SA16913] My Little Forum "search" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2005-09-23 rgod has discovered a vulnerability in My Little Forum, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/16913/ [SA16908] PunBB Two Vulnerabilities Critical: Moderately critical Where: From remote Impact: Unknown, Cross Site Scripting Released: 2005-09-22 Two vulnerabilities have been reported in PunBB, where one has an unknown impact and the other can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/16908/ [SA16947] RSyslog Syslog Message SQL Injection Vulnerability Critical: Moderately critical Where: From local network Impact: Manipulation of data, System access Released: 2005-09-26 A vulnerability has been reported in RSyslog, which can be exploited by malicious people to conduct SQL injection attacks, and potentially to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/16947/ [SA16970] CJ LinkOut "123" Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2005-09-27 Psymera has discovered a vulnerability in CJ LinkOut, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/16970/ [SA16966] CJ Tag Board Cross-Site Scripting Vulnerabilities Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2005-09-27 Psymera has discovered some vulnerabilities in CJ Tag Board, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/16966/ [SA16963] CJ Web2Mail Cross-Site Scripting Vulnerabilities Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2005-09-27 Psymera has discovered some vulnerabilities in CJ Web2Mail, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/16963/ [SA16934] IPB Riverdark RSS Syndicator Module Cross-Site Scripting Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2005-09-26 X1NG has reported two vulnerabilities in the Riverdark RSS Syndicator module for Invision Power Board, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/16934/ [SA16971] PHP Trailing Slash "open_basedir" Security Bypass Critical: Not critical Where: Local system Impact: Security Bypass Released: 2005-09-27 thorben has discovered a security issue in PHP, which can be exploited by malicious, local users to access certain files outside the "open_basedir" root. Full Advisory: http://secunia.com/advisories/16971/ |
September 30th 2005 (LAW)
Linux Advisory Watch
Distribution: Debian * Debian: New python2.2 packages fix arbitrary code execution 22nd, September, 2005 Updated package. http://www.linuxsecurity.com/content/view/120425 * Debian: New XFree86 packages fix arbitrary code execution 22nd, September, 2005 Updated package. http://www.linuxsecurity.com/content/view/120426 * Debian: New kdeedu packages fix insecure temporary files 22nd, September, 2005 Updated package. http://www.linuxsecurity.com/content/view/120429 * Debian: New python2.1 packages fix arbitrary code execution 23rd, September, 2005 Updated package. http://www.linuxsecurity.com/content/view/120435 * Debian: New courier packages fix cross-site scripting 24th, September, 2005 Updated package. http://www.linuxsecurity.com/content/view/120440 * Debian: New python2.3 packages fix arbitrary code execution 28th, September, 2005 Updated package. http://www.linuxsecurity.com/content/view/120458 * Debian: Updated zsync i386 packages fix build error 28th, September, 2005 Updated package. http://www.linuxsecurity.com/content/view/120471 * Debian: New gtkdiskfree packages fix insecure temporary file 29th, September, 2005 Updated package. http://www.linuxsecurity.com/content/view/120472 * Debian: New util-linux packages fix privilege escalation 29th, September, 2005 Updated package. http://www.linuxsecurity.com/content/view/120473 Distribution: Gentoo * Gentoo: Mantis XSS and SQL injection vulnerabilities 24th, September, 2005 Mantis is affected by an SQL injection and several cross-site scripting (XSS) vulnerabilities. http://www.linuxsecurity.com/content/view/120441 * Gentoo: Webmin, Usermin Remote code execution through 24th, September, 2005 If Webmin or Usermin is configured to use full PAM conversations, it is vulnerable to the remote execution of arbitrary code with root privileges. http://www.linuxsecurity.com/content/view/120442 * Gentoo: Qt Buffer overflow in the included zlib library 26th, September, 2005 Qt is vulnerable to a buffer overflow which could potentially lead to the execution of arbitrary code. http://www.linuxsecurity.com/content/view/120447 * Gentoo: PHP Vulnerabilities in included PCRE and XML-RPC 27th, September, 2005 PHP makes use of an affected PCRE library and ships with an affected XML-RPC library and is therefore potentially vulnerable to remote execution of arbitrary code. http://www.linuxsecurity.com/content/view/120456 Distribution: Red Hat * RedHat: Critical: firefox security update 22nd, September, 2005 An updated firefox package that fixes several security bugs is now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/120432 * RedHat: Critical: mozilla security update 22nd, September, 2005 Updated mozilla packages that fix several security bugs are now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/120433 * RedHat: Moderate: cups security update 27th, September, 2005 Updated CUPS packages that fix a security issue are now available for Red Hat Enterprise Linux. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/120451 * RedHat: Critical: HelixPlayer security update 27th, September, 2005 An updated HelixPlayer package that fixes a string format issue is now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/120452 * RedHat: Critical: RealPlayer security update 27th, September, 2005 An updated RealPlayer package that fixes a format string bug is now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/120453 * RedHat: Low: wget security update 27th, September, 2005 Updated wget package that fixes several security issues is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/120454 * RedHat: Low: ghostscript security update 28th, September, 2005 Updated ghostscript packages that fix a PDF output issue and a temporary file security bug are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/120462 * RedHat: Low: slocate security update 28th, September, 2005 An updated slocate package that fixes a denial of service and various bugs is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/120463 * RedHat: Low: net-snmp security update 28th, September, 2005 Updated net-snmp packages that fix two security issues and various bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/120464 * RedHat: Low: openssh security update 28th, September, 2005 Updated openssh packages that fix a potential security vulnerability and various other bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/120465 * RedHat: Low: binutils security update 28th, September, 2005 An updated binutils package that fixes several bugs and minor security issues is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/120466 * RedHat: Updated kernel packages available for Red Hat 28th, September, 2005 Updated kernel packages are now available as part of ongoing support and maintenance of Red Hat Enterprise Linux version 3. This is the sixth regular update. This security advisory has been rated as having important security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/120467 |
All times are GMT -5. The time now is 01:35 PM. |