September 27th 2005
12 issues reported (SF)
1. Opera Web Browser Mail Client Multiple Vulnerabilities
2. Opera Web Browser Unspecified Drag And Drop File Upload Vulnerability
3. Mozilla Browser/Firefox Arbitrary Command Execution Vulnerability
4. Webmin / Usermin Remote PAM Authentication Bypass Vulnerability
5. Linux Kernel 64-Bit SMP Routing_ioctl() Local Denial of Service Vulnerability
6. Mozilla Browser/Firefox XBM Image Processing Heap Overflow Vulnerability
7. Mozilla Browser/Firefox JavaScript Engine Integer Overflow Vulnerability
8. Mozilla Browser/Firefox Zero-Width Non-Joiner Stack Corruption Vulnerability
9. Mozilla Browser/Firefox Chrome Window Spoofing Vulnerability
10. Mozilla Browser/Firefox Chrome Page Loading Restriction Bypass Privilege Escalation Weakness
11. Mozilla Browser/Firefox DOM Objects Spoofing Vulnerability
12. Mozilla Browser/Firefox Arbitrary HTTP Request Injection Vulnerability

September 29th 2005
60 issues reported (SN)
[SA16965] Fedora update for firefox
[SA16960] Slackware update for mozilla
[SA16928] Ubuntu update for mozilla/mozilla-firefox
[SA16919] Red Hat update for firefox
[SA16986] Fedora update for HelixPlayer
[SA16980] TWiki "%INCLUDE" Shell Command Injection Vulnerability
[SA16976] Gentoo update for php
[SA16974] SGI Advanced Linux Environment Multiple Updates
[SA16964] Fedora update for mozilla
[SA16962] Red Hat update for HelixPlayer
[SA16961] RealPlayer Error Message Format String Vulnerability
[SA16954] Helix Player Error Message Format String Vulnerability
[SA16953] Mandriva update for mozilla
[SA16948] Trustix update for clamav
[SA16930] SUSE update for clamav
[SA16920] Mac OS X Security Update Fixes Multiple Vulnerabilities
[SA16918] Red Hat update for mozilla
[SA16972] Debian update for python2.3
[SA16968] SUSE update for opera
[SA16967] Astaro Security Linux PPTP Denial of Service Vulnerability
[SA16957] Gentoo update for qt
[SA16945] jPortal Download Search SQL Injection Vulnerability
[SA16940] Gentoo update for webmin/usermin
[SA16939] Debian update for courier
[SA16938] Gentoo update for mantis
[SA16936] wzdftpd SITE Command Arbitrary Shell Command Injection
[SA16923] Interchange Catalog Skeleton SQL Injection and ITL Injection Vulnerabilities
[SA16914] Debian update for python2.1
[SA16943] IBM HMC apache/mod_ssl Vulnerabilities
[SA16978] Polipo Disclosure of Sensitive Information
[SA16950] Red Hat update for cups
[SA16912] Fedora update for cups
[SA16969] Linux Kernel URB Handling Denial of Service Vulnerability
[SA16959] Slackware update for x11
[SA16955] Sun Solaris Xsun and Xprt Privilege Escalation Vulnerability
[SA16935] Qpopper poppassd Insecure Trace File Creation Vulnerability
[SA16927] Ubuntu update for kernel
[SA16925] SUSE update for XFree86-server/xorg-x11-server
[SA16924] SUN Solaris UFS File System Denial of Service
[SA16916] Debian update for kdeedu
[SA16910] Fedora update for kernel
[SA16984] Red Hat update for wget
[SA16944] Netscape Multiple Vulnerabilities
[SA16941] AlstraSoft E-Friends "mode" File Inclusion Vulnerability
[SA16933] phpMyFAQ Multiple Vulnerabilities
[SA16917] Mozilla Multiple Vulnerabilities
[SA16911] Firefox Multiple Vulnerabilities
[SA16979] PostNuke Local File Inclusion and Comment Bypass Vulnerabilities
[SA16949] SEO-Board admin.php SQL Injection Vulnerability
[SA16937] Mailgust "email" SQL Injection Vulnerability
[SA16929] ContentServ "ctsWebsite" Local File Inclusion Vulnerability
[SA16926] MultiTheftAuto Server "motd.txt" Modification and Denial of Service
[SA16913] My Little Forum "search" SQL Injection Vulnerability
[SA16908] PunBB Two Vulnerabilities
[SA16947] RSyslog Syslog Message SQL Injection Vulnerability
[SA16970] CJ LinkOut "123" Cross-Site Scripting Vulnerability
[SA16966] CJ Tag Board Cross-Site Scripting Vulnerabilities
[SA16963] CJ Web2Mail Cross-Site Scripting Vulnerabilities
[SA16934] IPB Riverdark RSS Syndicator Module Cross-Site Scripting
[SA16971] PHP Trailing Slash "open_basedir" Security Bypass

September 30th 2005
23 issues reported in 3 distros (LAW)
python
Xfree86
kdeedu
courier
zsync
gtkdiskfree
util-linux
mantis
webmin
qt
php
firefox
mozilla
cups
helixplayer
realplayer
wget
ghostscript
slocate
net-snmp
openssh
binutils
kernel

Security Focus

1. Opera Web Browser Mail Client Multiple Vulnerabilities
BugTraq ID: 14880
Remote: Yes
Date Published: 2005-09-20
Relevant URL: http://www.securityfocus.com/bid/14880
Summary:
Opera Web Browser Mail client is affected by multiple vulnerabilities. These issues could allow remote attackers to spoof attachment names and carry out script injection attacks. These vulnerabilities may also be combined to carry out various attacks. Opera Web Browser 8.02 is reportedly vulnerable, however, it is likely that other versions are affected as well.

2. Opera Web Browser Unspecified Drag And Drop File Upload Vulnerability
BugTraq ID: 14884
Remote: Yes
Date Published: 2005-09-20
Relevant URL: http://www.securityfocus.com/bid/14884
Summary:
Opera Web Browser is affected by an unspecified drag and drop file upload vulnerability. The cause of this issue was not specified, however, it may allow remote attackers to upload arbitrary files to a computer. This can lead to various attacks including arbitrary code execution in the context of the user running the browser. Due to lack of information, further details cannot be provided at the moment. This BID will be update when more information becomes available.

3. Mozilla Browser/Firefox Arbitrary Command Execution Vulnerability
BugTraq ID: 14888
Remote: Yes
Date Published: 2005-09-20
Relevant URL: http://www.securityfocus.com/bid/14888
Summary:
Mozilla Browser/Firefox are affected by an arbitrary command execution vulnerability. This attack would occur in the context of the user running the vulnerable application and may facilitate unauthorized remote access. Mozilla Firefox 1.0.6 running on UNIX based platforms is reportedly vulnerable. Other versions and applications employing Firefox functionality may be vulnerable as well. Mozilla Browser 1.7.x versions and Thunderbird 1.x versions are also vulnerable to this issue.

4. Webmin / Usermin Remote PAM Authentication Bypass Vulnerability
BugTraq ID: 14889
Remote: Yes
Date Published: 2005-09-20
Relevant URL: http://www.securityfocus.com/bid/14889
Summary:
Webmin and Usermin are susceptible to a remote PAM authentication bypass vulnerability. This issue is present in the 'miniserv.pl' Web server that is bundled with these applications. Due to insufficient input validation, shell metacharacters may be employed to bypass the authentication mechanism. Due to the nature of these applications, full system compromise is very likely after gaining access.

5. Linux Kernel 64-Bit SMP Routing_ioctl() Local Denial of Service Vulnerability
BugTraq ID: 14902
Remote: No
Date Published: 2005-09-22
Relevant URL: http://www.securityfocus.com/bid/14902
Summary:
A local denial of service vulnerability affects the Linux on 64 bit Symmetric Multi-Processor (SMP) platforms. Specifically, the vulnerability presents itself due to an omitted call to the 'sockfd_put()' function in the 32-bit compatible 'routing_ioctl()' function. The 32-bit compatible 'tiocgdev ioctl()' function on x86-64 platforms is affected by this issue as well.

6. Mozilla Browser/Firefox XBM Image Processing Heap Overflow Vulnerability
BugTraq ID: 14916Remote: Yes
Date Published: 2005-09-23
Relevant URL: http://www.securityfocus.com/bid/14916
Summary:
Mozilla and Firefox browsers are prone to a heap overflow when processing malformed XBM images. Successful exploitation can result in arbitrary code execution.

7. Mozilla Browser/Firefox JavaScript Engine Integer Overflow Vulnerability
BugTraq ID: 14917
Remote: Yes
Date Published: 2005-09-23
Relevant URL: http://www.securityfocus.com/bid/14917
Summary:
Mozilla Browser/Firefox are affected by an integer overflow vulnerability in their JavaScript engine. This issue may be exploited by a remote attacker who entices a user to visit a malicious site. A successful attack may facilitate unauthorized remote access to a vulnerable computer. Netscape Browser 8.0.3.3, Netscape 7.2, and K-Meleon 0.9 are vulnerable to this issue as well.

8. Mozilla Browser/Firefox Zero-Width Non-Joiner Stack Corruption Vulnerability
BugTraq ID: 14918
Remote: Yes
Date Published: 2005-09-23
Relevant URL: http://www.securityfocus.com/bid/14918
Summary:
Mozilla and Firefox are prone to a stack corruption vulnerability. Successful exploitation could potentially result in arbitrary code execution.

9. Mozilla Browser/Firefox Chrome Window Spoofing Vulnerability
BugTraq ID: 14919
Remote: Yes
Date Published: 2005-09-23
Relevant URL: http://www.securityfocus.com/bid/14919
Summary:
Mozilla and Firefox browsers are prone to a window spoofing vulnerability. An attacker can exploit this vulnerability to enhance phishing-style attacks.

10. Mozilla Browser/Firefox Chrome Page Loading Restriction Bypass Privilege Escalation Weakness
BugTraq ID: 14920
Remote: Yes
Date Published: 2005-09-23
Relevant URL: http://www.securityfocus.com/bid/14920
Summary:
Mozilla Browser/Firefox are prone to a potential arbitrary code execution weakness. Specifically, an attacker can load privileged 'chrome' pages from an unprivileged 'about:' page. This issue does not pose a threat unless it is combined with a same-origin violation issue. If successfully exploited, this issue may allow a remote attacker to execute arbitrary code and gain unauthorized remote access to a computer. This would occur in the context of the user running the browser.

11. Mozilla Browser/Firefox DOM Objects Spoofing Vulnerability
BugTraq ID: 14921
Remote: Yes
Date Published: 2005-09-23
Relevant URL: http://www.securityfocus.com/bid/14921
Summary:
Mozilla and Firefox are prone to a DOM object spoofing vulnerability. Successful exploitation could allow a remote attacker to execute arbitrary script code with elevated privileges.

12. Mozilla Browser/Firefox Arbitrary HTTP Request Injection Vulnerability
BugTraq ID: 14923
Remote: Yes
Date Published: 2005-09-23
Relevant URL: http://www.securityfocus.com/bid/14923
Summary:
Mozilla and Firefox browsers are prone to a vulnerability that permits the injection of arbitrary HTTP requests. This issue is due to a failure in the application to properly sanitize user-supplied input. This issue can be used to exploit server or proxy flaws from the user's machine, or to fool a server or proxy into thinking a single request is a stream of separate requests.

Secunia

[SA16965] Fedora update for firefox
Critical: Extremely critical
Where: From remote
Impact: Security Bypass, Spoofing, Manipulation of data, System
access
Released: 2005-09-27
Fedora has issued an update for firefox. This fixes some
vulnerabilities, which can be exploited by malicious people to conduct
spoofing attacks, manipulate certain data, bypass certain security
restrictions, and compromise a user's system.
Full Advisory:
http://secunia.com/advisories/16965/

[SA16960] Slackware update for mozilla
Critical: Extremely critical
Where: From remote
Impact: Security Bypass, Spoofing, Manipulation of data, System
access
Released: 2005-09-27
Slackware has issued an update for mozilla. This fixes some
vulnerabilities, which can be exploited by malicious people to conduct
spoofing attacks, manipulate certain data, bypass certain security
restrictions, and compromise a user's system.
Full Advisory:
http://secunia.com/advisories/16960/

[SA16928] Ubuntu update for mozilla/mozilla-firefox
Critical: Extremely critical
Where: From remote
Impact: Security Bypass, Spoofing, Manipulation of data, System
access
Released: 2005-09-26
Ubuntu has issued updates for mozilla and mozilla-firefox. These fix
some vulnerabilities, which can be exploited by malicious people to
conduct spoofing attacks, manipulate certain data, bypass certain
security restrictions, and compromise a user's system.
Full Advisory:
http://secunia.com/advisories/16928/

[SA16919] Red Hat update for firefox
Critical: Extremely critical
Where: From remote
Impact: Security Bypass, Spoofing, Manipulation of data, System
access
Released: 2005-09-23
Red Hat has issued an update for firefox. This fixes some
vulnerabilities, which can be exploited by malicious people to conduct
spoofing attacks, manipulate certain data, bypass certain security
restrictions, and compromise a user's system.
Full Advisory:
http://secunia.com/advisories/16919/

[SA16986] Fedora update for HelixPlayer
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2005-09-28
Fedora has issued an update for HelixPlayer. This fixes a
vulnerability, which potentially can be exploited by malicious people
to compromise a user's system.
Full Advisory:
http://secunia.com/advisories/16986/

[SA16980] TWiki "%INCLUDE" Shell Command Injection Vulnerability
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2005-09-28
A vulnerability has been reported in TWiki, which can be exploited by
malicious people to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/16980/

[SA16976] Gentoo update for php
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2005-09-28
Gentoo has issued an update for php. This fixes two vulnerabilities,
which can be exploited by malicious people to compromise a vulnerable
system.
Full Advisory:
http://secunia.com/advisories/16976/

[SA16974] SGI Advanced Linux Environment Multiple Updates
Critical: Highly critical
Where: From remote
Impact: DoS, System access
Released: 2005-09-28
SGI has issued a patch for SGI Advanced Linux Environment. This fixes
some vulnerabilities, which can be exploited by malicious people to
cause a DoS (Denial of Service) or to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/16974/

[SA16964] Fedora update for mozilla
Critical: Highly critical
Where: From remote
Impact: Security Bypass, Spoofing, Manipulation of data, System
access
Released: 2005-09-27
Fedora has issued an update for mozilla. This fixes some
vulnerabilities, which can be exploited by malicious people to conduct
spoofing attacks, manipulate certain data, bypass certain security
restrictions, and compromise a user's system.
Full Advisory:
http://secunia.com/advisories/16964/

[SA16962] Red Hat update for HelixPlayer
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2005-09-27
Red Hat has issued an update for HelixPlayer. This fixes a
vulnerability, which potentially can be exploited by malicious people
to compromise a user's system.
Full Advisory:
http://secunia.com/advisories/16962/

[SA16961] RealPlayer Error Message Format String Vulnerability
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2005-09-27
c0ntex has discovered a vulnerability in RealPlayer, which potentially
can be exploited by malicious people to compromise a user's system.
Full Advisory:
http://secunia.com/advisories/16961/

[SA16954] Helix Player Error Message Format String Vulnerability
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2005-09-27
c0ntex has discovered a vulnerability in Helix Player, which
potentially can be exploited by malicious people to compromise a user's
system.
Full Advisory:
http://secunia.com/advisories/16954/

[SA16953] Mandriva update for mozilla
Critical: Highly critical
Where: From remote
Impact: System access, Manipulation of data, Spoofing, Security
Bypass
Released: 2005-09-27
Mandriva has issued an update for mozilla. This fixes some
vulnerabilities, which can be exploited by malicious people to conduct
spoofing attacks, manipulate certain data, bypass certain security
restrictions, and compromise a user's system.
Full Advisory:
http://secunia.com/advisories/16953/

[SA16948] Trustix update for clamav
Critical: Highly critical
Where: From remote
Impact: DoS, System access
Released: 2005-09-26
Trustix has issued an update for clamav. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service), or potentially to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/16948/

[SA16930] SUSE update for clamav
Critical: Highly critical
Where: From remote
Impact: DoS, System access
Released: 2005-09-26
SUSE has issued an update for clamav. This fixes two vulnerabilities,
which can be exploited by malicious people to cause a DoS (Denial of
Service), or potentially to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/16930/

[SA16920] Mac OS X Security Update Fixes Multiple Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: Security Bypass, Cross Site Scripting, Exposure of
sensitive information, Privilege escalation, System access
Released: 2005-09-23
Apple has issued a security update for Mac OS X, which fixes 10
vulnerabilities.
Full Advisory:
http://secunia.com/advisories/16920/

[SA16918] Red Hat update for mozilla
Critical: Highly critical
Where: From remote
Impact: Security Bypass, Spoofing, Manipulation of data, System access
Released: 2005-09-23
Red Hat has issued an update for mozilla. This fixes some
vulnerabilities, which can be exploited by malicious people to conduct
spoofing attacks, manipulate certain data, bypass certain security
restrictions, and compromise a user's system.
Full Advisory:
http://secunia.com/advisories/16918/

[SA16972] Debian update for python2.3
Critical: Moderately critical
Where: From remote
Impact: DoS, System access
Released: 2005-09-28
Debian has issued an update for python2.3. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
vulnerable system.
Full Advisory:
http://secunia.com/advisories/16972/

[SA16968] SUSE update for opera
Critical: Moderately critical
Where: From remote
Impact: Unknown, Cross Site Scripting, Spoofing
Released: 2005-09-27
SUSE has issued an update for opera. This fixes two vulnerabilities,
which can be exploited by a malicious person to conduct script
insertion attacks and to spoof the name of attached files.
Full Advisory:
http://secunia.com/advisories/16968/

[SA16967] Astaro Security Linux PPTP Denial of Service Vulnerability
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2005-09-27
A vulnerability has been reported in Astaro Security Linux, which can
be exploited by malicious people to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/16967/

[SA16957] Gentoo update for qt
Critical: Moderately critical
Where: From remote
Impact: DoS, System access
Released: 2005-09-27
Gentoo has issued an update for qt. This fixes some vulnerabilities,
which can be exploited by malicious people to cause a DoS (Denial of
Service) or potentially compromise a user's system.
Full Advisory:
http://secunia.com/advisories/16957/

[SA16945] jPortal Download Search SQL Injection Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2005-09-27
krasza has discovered a vulnerability in jPortal, which can be
exploited by malicious people to conduct SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/16945/

[SA16940] Gentoo update for webmin/usermin
Critical: Moderately critical
Where: From remote
Impact: Security Bypass
Released: 2005-09-26
Gentoo has issued an update for webmin/usermin. This fixes a
vulnerability, which can be exploited by malicious people to bypass
certain security restrictions.
Full Advisory:
http://secunia.com/advisories/16940/

[SA16939] Debian update for courier
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting
Released: 2005-09-26
Debian has issued an update for courier. This fixes a vulnerability,
which can be exploited by malicious people to conduct script insertion
attacks.
Full Advisory:
http://secunia.com/advisories/16939/

[SA16938] Gentoo update for mantis
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting, Manipulation of data
Released: 2005-09-26
Gentoo has issued an update for mantis. This fixes some
vulnerabilities, which can be exploited by malicious people to conduct
cross-site scripting and SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/16938/

[SA16936] wzdftpd SITE Command Arbitrary Shell Command Injection
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2005-09-26
kcope has discovered a vulnerability in wzdftpd, which can be exploited
by malicious users to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/16936/

[SA16923] Interchange Catalog Skeleton SQL Injection and ITL Injection Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Unknown, Manipulation of data
Released: 2005-09-23
Two vulnerabilities have been reported in Interchange, which can be
exploited by malicious people to conduct SQL injection attacks, or to
perform actions with an unknown impact.
Full Advisory:
http://secunia.com/advisories/16923/

[SA16914] Debian update for python2.1
Critical: Moderately critical
Where: From remote
Impact: DoS, System access
Released: 2005-09-23
Debian has issued an update for python2.1. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
vulnerable system.
Full Advisory:
http://secunia.com/advisories/16914/

[SA16943] IBM HMC apache/mod_ssl Vulnerabilities
Critical: Less critical
Where: From remote
Impact: Security Bypass, Cross Site Scripting, Manipulation of
data, Privilege escalation
Released: 2005-09-26
IBM has acknowledged some vulnerabilities in IBM HMC, which can be
exploited by malicious, local users to cause a DoS (Denial of Service)
or potentially gain escalated privileges, or by malicious people to
bypass certain security restrictions or conduct HTTP request smuggling
attacks.
Full Advisory:
http://secunia.com/advisories/16943/

[SA16978] Polipo Disclosure of Sensitive Information
Critical: Less critical
Where: From local network
Impact: Unknown, Exposure of sensitive information
Released: 2005-09-28
A vulnerability has been reported in Polipo, which can be exploited by
malicious people to disclose potentially sensitive information.
Full Advisory:
http://secunia.com/advisories/16978/

[SA16950] Red Hat update for cups
Critical: Less critical
Where: From local network
Impact: DoS
Released: 2005-09-27
Red Hat has issued an update for cups. This fixes a vulnerability,
which can be exploited by malicious users to cause a DoS (Denial of
Service).
Full Advisory:
http://secunia.com/advisories/16950/

[SA16912] Fedora update for cups
Critical: Less critical
Where: From local network
Impact: DoS
Released: 2005-09-23
Fedora has issued an update for cups. This fixes a vulnerability, which
can be exploited by malicious users to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/16912/

[SA16969] Linux Kernel URB Handling Denial of Service Vulnerability
Critical: Less critical
Where: Local system
Impact: DoS
Released: 2005-09-27
A vulnerability and a security issue have been reported in the Linux
Kernel, which can be exploited by malicious, local users to cause a DoS
(Denial of Service).
Full Advisory:
http://secunia.com/advisories/16969/

[SA16959] Slackware update for x11
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2005-09-27
Slackware has issued an update for x11. This fixes a vulnerability,
which potentially can be exploited by malicious, local users to gain
escalated privileges.
Full Advisory:
http://secunia.com/advisories/16959/

[SA16955] Sun Solaris Xsun and Xprt Privilege Escalation Vulnerability
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2005-09-27
A vulnerability has been reported in Solaris, which can be exploited by
malicious, local users to gain escalated privileges.
Full Advisory:
http://secunia.com/advisories/16955/

[SA16935] Qpopper poppassd Insecure Trace File Creation Vulnerability
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2005-09-26
kcope has discovered a vulnerability in Qpopper, which can be exploited
by malicious, local users to perform certain actions on a vulnerable
system with escalated privileges.
Full Advisory:
http://secunia.com/advisories/16935/

[SA16927] Ubuntu update for kernel
Critical: Less critical
Where: Local system
Impact: DoS
Released: 2005-09-26
Ubuntu has issued an update for the kernel. This fixes two
vulnerabilities, which potentially can be exploited by malicious, local
users to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/16927/

[SA16925] SUSE update for XFree86-server/xorg-x11-server
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2005-09-26
SUSE has issued an update for XFree86-server/xorg-x11-server. This
fixes a vulnerability, which potentially can be exploited by malicious,
local users to gain escalated privileges.
Full Advisory:
http://secunia.com/advisories/16925/

[SA16924] SUN Solaris UFS File System Denial of Service
Critical: Less critical
Where: Local system
Impact: DoS
Released: 2005-09-23
A vulnerability has been reported in Solaris, which can be exploited by
malicious, local users to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/16924/

[SA16916] Debian update for kdeedu
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2005-09-23
Debian has issued an update for kdeedu. This fixes a vulnerability,
which can be exploited by malicious, local users to perform certain
actions with escalated privileges on a vulnerable system.
Full Advisory:
http://secunia.com/advisories/16916/

[SA16910] Fedora update for kernel
Critical: Less critical
Where: Local system
Impact: DoS, Privilege escalation, Exposure of sensitive
information
Released: 2005-09-23
Fedora has issued an update for the kernel. This fixes some
vulnerabilities, which potentially can be exploited by malicious, local
users to disclose certain sensitive information, cause a DoS (Denial of
Service), and gain escalated privileges.
Full Advisory:
http://secunia.com/advisories/16910/

[SA16984] Red Hat update for wget
Critical: Not critical
Where: Local system
Impact: Privilege escalation
Released: 2005-09-28
Red Hat has issued an update for wget. This fixes a vulnerability,
which can be exploited by malicious, local users to perform certain
actions on a vulnerable system with escalated privileges.
Full Advisory:
http://secunia.com/advisories/16984/

[SA16944] Netscape Multiple Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: Security Bypass, Spoofing, Manipulation of data, System access
Released: 2005-09-26
Some vulnerabilities have been discovered in Netscape, which can be
exploited by malicious people to manipulate certain data, conduct
spoofing attacks, bypass certain security restrictions and potentially
compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/16944/

[SA16941] AlstraSoft E-Friends "mode" File Inclusion Vulnerability
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2005-09-26
Kurdish Hackers Clan has reported a vulnerability in AlstraSoft
E-Friends, which can be exploited by malicious people to compromise a
vulnerable system.
Full Advisory:
http://secunia.com/advisories/16941/

[SA16933] phpMyFAQ Multiple Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: Cross Site Scripting, Manipulation of data, Exposure of
system information, Exposure of sensitive information, System access
Released: 2005-09-26
rgod has discovered some vulnerabilities in phpMyFAQ, which can be
exploited by malicious people to conduct cross-site scripting and SQL
injection attacks, disclose system and sensitive information, and
compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/16933/

[SA16917] Mozilla Multiple Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: Security Bypass, Spoofing, Manipulation of data, System
access
Released: 2005-09-23
Multiple vulnerabilities have been reported in Mozilla Suite, which can
be exploited by malicious people to conduct spoofing attacks, manipulate
certain data, bypass certain security restrictions, and compromise a
user's system.
Full Advisory:
http://secunia.com/advisories/16917/

[SA16911] Firefox Multiple Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: Security Bypass, Spoofing, Manipulation of data, System access
Released: 2005-09-23
Multiple vulnerabilities have been reported in Firefox, which can be
exploited by malicious people to conduct spoofing attacks, manipulate
certain data, bypass certain security restrictions, and compromise a
user's system.
Full Advisory:
http://secunia.com/advisories/16911/

[SA16979] PostNuke Local File Inclusion and Comment Bypass Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Security Bypass, Exposure of sensitive information
Released: 2005-09-28
Two vulnerabilities have been reported in PostNuke, which can be
exploited by malicious people to bypass certain security restrictions
and disclose sensitive information.
Full Advisory:
http://secunia.com/advisories/16979/

[SA16949] SEO-Board admin.php SQL Injection Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Security Bypass, Manipulation of data
Released: 2005-09-26
foster RST/GHC has reported a vulnerability in SEO-Board, which can be
exploited by malicious people to conduct SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/16949/

[SA16937] Mailgust "email" SQL Injection Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Security Bypass, Manipulation of data
Released: 2005-09-26
rgod has reported a vulnerability in Mailgust, which can be exploited
by malicious people to conduct SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/16937/

[SA16929] ContentServ "ctsWebsite" Local File Inclusion Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Exposure of sensitive information
Released: 2005-09-26
qobaiashi has reported a vulnerability in ContentServ, which can be
exploited by malicious people to disclose sensitive information.
Full Advisory:
http://secunia.com/advisories/16929/

[SA16926] MultiTheftAuto Server "motd.txt" Modification and Denial of Service
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data, DoS
Released: 2005-09-26
Luigi Auriemma has reported two vulnerabilities in MultiTheftAuto
Server, which can be exploited by malicious people to modify certain
information or cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/16926/

[SA16913] My Little Forum "search" SQL Injection Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2005-09-23
rgod has discovered a vulnerability in My Little Forum, which can be
exploited by malicious people to conduct SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/16913/

[SA16908] PunBB Two Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Unknown, Cross Site Scripting
Released: 2005-09-22
Two vulnerabilities have been reported in PunBB, where one has an
unknown impact and the other can be exploited by malicious people to
conduct cross-site scripting attacks.
Full Advisory:
http://secunia.com/advisories/16908/

[SA16947] RSyslog Syslog Message SQL Injection Vulnerability
Critical: Moderately critical
Where: From local network
Impact: Manipulation of data, System access
Released: 2005-09-26
A vulnerability has been reported in RSyslog, which can be exploited by
malicious people to conduct SQL injection attacks, and potentially to
compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/16947/

[SA16970] CJ LinkOut "123" Cross-Site Scripting Vulnerability
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2005-09-27
Psymera has discovered a vulnerability in CJ LinkOut, which can be
exploited by malicious people to conduct cross-site scripting attacks.
Full Advisory:
http://secunia.com/advisories/16970/

[SA16966] CJ Tag Board Cross-Site Scripting Vulnerabilities
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2005-09-27
Psymera has discovered some vulnerabilities in CJ Tag Board, which can
be exploited by malicious people to conduct cross-site scripting
attacks.
Full Advisory:
http://secunia.com/advisories/16966/

[SA16963] CJ Web2Mail Cross-Site Scripting Vulnerabilities
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2005-09-27
Psymera has discovered some vulnerabilities in CJ Web2Mail, which can
be exploited by malicious people to conduct cross-site scripting
attacks.
Full Advisory:
http://secunia.com/advisories/16963/

[SA16934] IPB Riverdark RSS Syndicator Module Cross-Site Scripting
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2005-09-26
X1NG has reported two vulnerabilities in the Riverdark RSS Syndicator
module for Invision Power Board, which can be exploited by malicious
people to conduct cross-site scripting attacks.
Full Advisory:
http://secunia.com/advisories/16934/

[SA16971] PHP Trailing Slash "open_basedir" Security Bypass
Critical: Not critical
Where: Local system
Impact: Security Bypass
Released: 2005-09-27
thorben has discovered a security issue in PHP, which can be exploited
by malicious, local users to access certain files outside the
"open_basedir" root.
Full Advisory:
http://secunia.com/advisories/16971/

Linux Advisory Watch

Distribution: Debian

* Debian: New python2.2 packages fix arbitrary code execution
22nd, September, 2005
Updated package.
http://www.linuxsecurity.com/content/view/120425

* Debian: New XFree86 packages fix arbitrary code execution
22nd, September, 2005
Updated package.
http://www.linuxsecurity.com/content/view/120426

* Debian: New kdeedu packages fix insecure temporary files
22nd, September, 2005
Updated package.
http://www.linuxsecurity.com/content/view/120429

* Debian: New python2.1 packages fix arbitrary code execution
23rd, September, 2005
Updated package.
http://www.linuxsecurity.com/content/view/120435

* Debian: New courier packages fix cross-site scripting
24th, September, 2005
Updated package.
http://www.linuxsecurity.com/content/view/120440

* Debian: New python2.3 packages fix arbitrary code execution
28th, September, 2005
Updated package.
http://www.linuxsecurity.com/content/view/120458

* Debian: Updated zsync i386 packages fix build error
28th, September, 2005
Updated package.
http://www.linuxsecurity.com/content/view/120471

* Debian: New gtkdiskfree packages fix insecure temporary file
29th, September, 2005
Updated package.
http://www.linuxsecurity.com/content/view/120472

* Debian: New util-linux packages fix privilege escalation
29th, September, 2005
Updated package.
http://www.linuxsecurity.com/content/view/120473


Distribution: Gentoo

* Gentoo: Mantis XSS and SQL injection vulnerabilities
24th, September, 2005
Mantis is affected by an SQL injection and several cross-site
scripting (XSS) vulnerabilities.
http://www.linuxsecurity.com/content/view/120441

* Gentoo: Webmin, Usermin Remote code execution through
24th, September, 2005
If Webmin or Usermin is configured to use full PAM conversations, it
is vulnerable to the remote execution of arbitrary code with root
privileges.
http://www.linuxsecurity.com/content/view/120442

* Gentoo: Qt Buffer overflow in the included zlib library
26th, September, 2005
Qt is vulnerable to a buffer overflow which could potentially lead to
the execution of arbitrary code.
http://www.linuxsecurity.com/content/view/120447

* Gentoo: PHP Vulnerabilities in included PCRE and XML-RPC
27th, September, 2005
PHP makes use of an affected PCRE library and ships with an affected
XML-RPC library and is therefore potentially vulnerable to remote
execution of arbitrary code.
http://www.linuxsecurity.com/content/view/120456


Distribution: Red Hat

* RedHat: Critical: firefox security update
22nd, September, 2005
An updated firefox package that fixes several security bugs is now
available for Red Hat Enterprise Linux 4. This update has been rated
as having critical security impact by the Red Hat Security Response
Team.
http://www.linuxsecurity.com/content/view/120432

* RedHat: Critical: mozilla security update
22nd, September, 2005
Updated mozilla packages that fix several security bugs are now
available. This update has been rated as having critical security
impact by the Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/120433

* RedHat: Moderate: cups security update
27th, September, 2005
Updated CUPS packages that fix a security issue are now available for
Red Hat Enterprise Linux. This update has been rated as having
moderate security impact by the Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/120451

* RedHat: Critical: HelixPlayer security update
27th, September, 2005
An updated HelixPlayer package that fixes a string format issue is
now available. This update has been rated as having critical security
impact by the Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/120452

* RedHat: Critical: RealPlayer security update
27th, September, 2005
An updated RealPlayer package that fixes a format string bug is now
available. This update has been rated as having critical security
impact by the Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/120453

* RedHat: Low: wget security update
27th, September, 2005
Updated wget package that fixes several security issues is now
available. This update has been rated as having low security impact
by the Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/120454

* RedHat: Low: ghostscript security update
28th, September, 2005
Updated ghostscript packages that fix a PDF output issue and a
temporary file security bug are now available. This update has been
rated as having low security impact by the Red Hat Security Response
Team.
http://www.linuxsecurity.com/content/view/120462

* RedHat: Low: slocate security update
28th, September, 2005
An updated slocate package that fixes a denial of service and various
bugs is now available. This update has been rated as having low
security impact by the Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/120463

* RedHat: Low: net-snmp security update
28th, September, 2005
Updated net-snmp packages that fix two security issues and various
bugs are now available. This update has been rated as having low
security impact by the Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/120464

* RedHat: Low: openssh security update
28th, September, 2005
Updated openssh packages that fix a potential security vulnerability
and various other bugs are now available. This update has been rated
as having low security impact by the Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/120465

* RedHat: Low: binutils security update
28th, September, 2005
An updated binutils package that fixes several bugs and minor
security issues is now available. This update has been rated as
having low security impact by the Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/120466

* RedHat: Updated kernel packages available for Red Hat
28th, September, 2005
Updated kernel packages are now available as part of ongoing support
and maintenance of Red Hat Enterprise Linux version 3. This is the
sixth regular update. This security advisory has been rated as having
important security impact by the Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/120467