LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Closed Thread
  Search this Thread
Old 08-05-2005, 10:30 AM   #1
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 69
LQ Security Report - August 5th 2005


August 2nd 2005
12 issues reported (SF)
1. ClamAV Multiple Integer Overflow Vulnerabilities
2. Vim ModeLines Further Variant Arbitrary Command Execution Vulnerability
3. Gentoo Sandbox Multiple Insecure Temporary File Creation Vulnerabilities
4. PSToText Arbitrary Code Execution Vulnerability
5. NetPBM PSToPNM Arbitrary Code Execution Vulnerability
6. ProFTPD SQLShowInfo SQL Output Format String Vulnerability
7. ProFTPD Shutdown Message Format String Vulnerability
8. Ethereal Multiple Protocol Dissector Vulnerabilities
9. Opera Web Browser Content-Disposition Header Download Dialog File Extension Spoofing Vulnerability
10. Opera Web Browser Image Dragging Cross-Domain Scripting and File Retrieval Vulnerability
11. Kismet Multiple Unspecified Remote Vulnerabilities
12. Metasploit Framework Unspecified Remote Vulnerability

August 4th 2005
44 issues reported (SN)
[SA16327] Debian apt-cacher Unspecified Arbitrary Command Execution
[SA16326] Mandriva update for mozilla
[SA16307] Gentoo update for Compress-Zlib
[SA16302] Ubuntu update for mozilla-thunderbird/mozilla-thunderbird-enigmail
[SA16296] Conectiva update for clamav
[SA16290] Trustix update for multiple packages
[SA16284] Gentoo update for emul-linux-x86-baselibs
[SA16276] Fedora update for ethereal
[SA16257] SUSE Updates for Multiple Packages
[SA16324] Gentoo update for nbsmtp
[SA16305] Gentoo update for pstotext
[SA16304] MySQL Eventum Cross-Site Scripting and SQL Injection
[SA16303] Debian update for pdns
[SA16293] Slackware update for telnet
[SA16291] jabberd "jid.c" Buffer Overflow Vulnerabilities
[SA16288] Gentoo update for ProFTPD
[SA16279] no-brainer SMTP Client "log_msg" Format String Vulnerability
[SA16261] Mandriva update for fetchmail
[SA16299] Fedora update for httpd
[SA16266] Ubuntu update for libtiff4
[SA16259] HP NonStop Server DCE Core Services Denial of Service
[SA16278] Avaya CMS / IR Solaris Runtime Linker Vulnerability
[SA16277] Debian update for gopher
[SA16275] UMN Gopher Insecure Temporary File Creation
[SA16269] Debian update for gaim
[SA16265] Gaim libgadu Memory Alignment Weakness
[SA16309] UnZip File Permissions Change Vulnerability
[SA16319] Karrigell Python Namespace Exposure Vulnerability
[SA16273] Simplicity oF Upload "language" File Inclusion Vulnerability
[SA16260] PHPmyGallery "confdir" File Inclusion Vulnerability
[SA16323] nCipher CHIL Random Cache Inheritance Security Issue
[SA16318] Metasploit Framework "defanged" Mode Bypass Vulnerability
[SA16312] PHPFreeNews Unspecified Vulnerabilities
[SA16300] FlexPHPNews Multiple Vulnerabilities
[SA16287] Ragnarok Online Control Panel Authentication Bypass Vulnerability
[SA16286] Kayako LiveResponse Multiple Vulnerabilities
[SA16262] Naxtor Shopping Cart Cross-Site Scripting and SQL Injection
[SA16316] BrightStor ARCserve Backup Agents Buffer Overflow Vulnerability
[SA16267] Novell eDirectory NMAS Password Challenge Bypass
[SA16311] AderSoftware CFBB "page" Cross-Site Scripting
[SA16292] ChurchInfo SQL Injection Vulnerabilities
[SA16270] UNG "name" and "email" Mail Header Injection
[SA16263] Website Baker Cross-Site Scripting and File Upload Vulnerabilities
[SA16274] phplist "id" SQL Injection Vulnerability

August 5th 2005
36 issues reported across 4 distros (LAW)
gaim
gopher
pdns
apt-cacher
ethereal
im-sdk
selinux-policy-targeted
gamin
pam
netpbm
mkinitrd
kdeaddons
arts
NetworkManager
libraw1394
ckermit
httpd
gphoto2
coreutils
iiimf
yum
gimp
readahead
shorewall
zlib
fetchmail
Kopete
mozilla suite
clamav
sandbox
AMD64 x86 emulation base libraries
pstotext
ProFTPD
nbSMTP
dump
SquirrelMail
 
Old 08-05-2005, 10:31 AM   #2
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Original Poster
Rep: Reputation: 69
August 2nd 2005 (SF)

Security Focus

1. ClamAV Multiple Integer Overflow Vulnerabilities
BugTraq ID: 14359
Remote: Yes
Date Published: 2005-07-25
Relevant URL: http://www.securityfocus.com/bid/14359
Summary:
ClamAV is susceptible to multiple integer overflow vulnerabilities. Specifically, the vulnerabilities present themselves when the ClamAV antivirus library handles malformed files. This may allow attackers to control the flow of execution, and potentially execute attacker-supplied code in the context of the affected application. ClamAV 0.86.1 and prior versions are reported to be affected.

2. Vim ModeLines Further Variant Arbitrary Command Execution Vulnerability
BugTraq ID: 14374
Remote: Yes
Date Published: 2005-07-25
Relevant URL: http://www.securityfocus.com/bid/14374
Summary:
Vim is susceptible to an arbitrary command execution vulnerability with ModeLines. This issue is due to insufficient sanitization of user-supplied input. By modifying a text file to include ModeLines containing the 'glob()', or 'expand()' functions with shell metacharacters, attackers may cause arbitrary commands to be executed. This vulnerability allows an attacker to execute arbitrary commands with the privileges of the vim user. This gives an attacker the ability to gain remote access to computers running the vulnerable software. This issue is similar to BIDs 6384 and 11941.

3. Gentoo Sandbox Multiple Insecure Temporary File Creation Vulnerabilities
BugTraq ID: 14375
Remote: No
Date Published: 2005-07-25
Relevant URL: http://www.securityfocus.com/bid/14375
Summary:
Sandbox is reported prone to multiple local insecure temporary file creation vulnerabilities. These issues are due to design errors that cause the application to fail to verify the existence of files before writing to them. This application runs with superuser privileges, allowing local attackers to overwrite arbitrary files. This may cause system-wide crashes, denying service to legitimate users. It may also be possible to gain elevated privileges by exploiting this vulnerability, but this has not been confirmed.

4. PSToText Arbitrary Code Execution Vulnerability
BugTraq ID: 14378
Remote: Yes
Date Published: 2005-07-25
Relevant URL: http://www.securityfocus.com/bid/14378
Summary:
pstotext is susceptible to an arbitrary command execution vulnerability. This issue is due to a failure of the application to ensure that GhostScript is executed in a secure manner. This issue allows attackers to create malicious PostScript files, that when parsed by the affected utility, allow arbitrary commands to be executed. This occurs in the context of the user running the affected utility.

5. NetPBM PSToPNM Arbitrary Code Execution Vulnerability
BugTraq ID: 14379
Remote: Yes
Date Published: 2005-07-25
Relevant URL: http://www.securityfocus.com/bid/14379
Summary:
pstopnm is susceptible to an arbitrary command execution vulnerability. This issue is due to a failure of the application to ensure that GhostScript is executed in a secure manner. This issue allows attackers to create malicious PostScript files, that when parsed by the affected utility, allow arbitrary commands to be executed. This occurs in the context of the user running the affected utility. This vulnerability was reported in version 10.0 of netpbm. Other versions may also be affected.

6. ProFTPD SQLShowInfo SQL Output Format String Vulnerability
BugTraq ID: 14380
Remote: Yes
Date Published: 2005-07-26
Relevant URL: http://www.securityfocus.com/bid/14380
Summary:
A format string vulnerability exists in ProFTPD. This issue is exposed when the SQLShowInfo directive is enabled. If the attacker can influence data in the backend SQL database, it is possible to exploit this issue by inserting a malicious format string into data that will be queried by ProFTPD. Successful exploitation will result in arbitrary code execution in the context of the server.

7. ProFTPD Shutdown Message Format String Vulnerability
BugTraq ID: 14381
Remote: Yes
Date Published: 2005-07-26
Relevant URL: http://www.securityfocus.com/bid/14381
Summary:
A format string vulnerability exists in ProFTPD. This issue is exposed when the server prints a shutdown message containing certain variables such as the current directory. If an attacker could create a directory on the server, it may be possible to trigger this issue. Successful exploitation will result in arbitrary code execution in the context of the server.

8. Ethereal Multiple Protocol Dissector Vulnerabilities
BugTraq ID: 14399
Remote: Yes
Date Published: 2005-07-27
Relevant URL: http://www.securityfocus.com/bid/14399
Summary:
Many vulnerabilities in Ethereal have been disclosed by the vendor. The reported issues are in various protocol dissectors. These issues include:
- Buffer overflow vulnerabilities
- Format string vulnerabilities
- Null pointer dereference denial of service vulnerabilities
- Infinite loop denial of service vulnerabilities
- Memory exhaustion denial of service vulnerabilities
- Unspecified denial of service vulnerabilities
These issues could allow remote attackers to execute arbitrary machine code in the context of the vulnerable application. Attackers could also crash the affected application. Various vulnerabilities affect differing versions of Ethereal, from 0.8.5, through to 0.10.11.

9. Opera Web Browser Content-Disposition Header Download Dialog File
Extension Spoofing Vulnerability
BugTraq ID: 14402
Remote: Yes
Date Published: 2005-07-28
Relevant URL: http://www.securityfocus.com/bid/14402
Summary:
Opera Web Browser is prone to a vulnerability that can allow remote attackers to spoof file extensions through the download dialog. An attacker may exploit this issue by crafting a malformed HTTP 'Content-Disposition' header that spoofs file extensions to trick vulnerable users into opening and executing a malicious file. Opera Web Browser versions prior to 8.02 are affected by this issue.

10. Opera Web Browser Image Dragging Cross-Domain Scripting and File
Retrieval Vulnerability
BugTraq ID: 14410
Remote: Yes
Date Published: 2005-07-28
Relevant URL: http://www.securityfocus.com/bid/14410
Summary:
Opera Web Browser is prone to a vulnerability that may allow an attacker to carry out cross-domain scripting attacks and retrieve files from the local computer. Opera Web Browser versions prior to 8.02 are affected by this issue.

11. Kismet Multiple Unspecified Remote Vulnerabilities
BugTraq ID: 14430
Remote: Yes
Date Published: 2005-07-29
Relevant URL: http://www.securityfocus.com/bid/14430
Summary:
Kismet is prone to three unspecified remote vulnerabilities. These issues could be exploited to completely compromise a computer running Kismet to sniff wireless network traffic. There is no further information available at this time.

12. Metasploit Framework Unspecified Remote Vulnerability
BugTraq ID: 14431
Remote: Yes
Date Published: 2005-07-30
Relevant URL: http://www.securityfocus.com/bid/14431
Summary:
Metasploit Framework is prone to an unspecified vulnerability. This issue allows remote attackers to compromise the computer of users using the affected application. This vulnerability is likely exploited by returning malicious data to the application in unknown network connections, causing arbitrary code to be executed in the context of the scanning application.
UPDATE: This BID has been retired as it been determined that the issue is not a vulnerability. Additional information has been provided that states the issue is a due to insufficient filtering of potentially malicious terminal escape sequences when logging external input. These escape sequences are not interpreted at any point by the application, and only pose a threat if rendered with an external viewer within a terminal emulator program that will interpret them. In that instance, this presents a security vulnerability in the terminal emulator program. As Metasploit does not interpret the malicious input itself, it is not within the scope of the application to filter this type of input. This is not a vulnerability in Metasploit since it does not impact security properties of the application itself.
 
Old 08-05-2005, 10:33 AM   #3
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Original Poster
Rep: Reputation: 69
August 4th 2005 (SN)

Secunia

[SA16327] Debian apt-cacher Unspecified Arbitrary Command Execution
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2005-08-03
Eduard Bloch has reported a vulnerability in apt-cacher, which
potentially can be exploited by malicious people to compromise a
vulnerable system.
Full Advisory:
http://secunia.com/advisories/16327/

[SA16326] Mandriva update for mozilla
Critical: Highly critical
Where: From remote
Impact: System access, Spoofing, Cross Site Scripting, Security
Bypass
Released: 2005-08-03
Mandriva has issued an update for mozilla. This fixes some
vulnerabilities, which can be exploited by malicious people to bypass
certain security restrictions, conduct cross-site scripting and
spoofing attacks, and compromise a user's system.
Full Advisory:
http://secunia.com/advisories/16326/

[SA16307] Gentoo update for Compress-Zlib
Critical: Highly critical
Where: From remote
Impact: System access, DoS
Released: 2005-08-01
Gentoo has issued an update for Compress-Zlib. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service) or potentially compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/16307/

[SA16302] Ubuntu update for
mozilla-thunderbird/mozilla-thunderbird-enigmail
Critical: Highly critical
Where: From remote
Impact: Security Bypass, Cross Site Scripting, Exposure of system
information, Exposure of sensitive information, System access
Released: 2005-08-01
Ubuntu has issued updates for mozilla-thunderbird and
mozilla-thunderbird-enigmail. These fix some vulnerabilities, which can
be exploited by malicious people to bypass certain security
restrictions, gain knowledge of potentially sensitive information,
conduct cross-site scripting attacks and compromise a user's system.
Full Advisory:
http://secunia.com/advisories/16302/

[SA16296] Conectiva update for clamav
Critical: Highly critical
Where: From remote
Impact: DoS, System access
Released: 2005-08-01
Conectiva has issued an update for clamav. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service) or compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/16296/

[SA16290] Trustix update for multiple packages
Critical: Highly critical
Where: From remote
Impact: Security Bypass, Cross Site Scripting, Manipulation of
data, Exposure of sensitive information, Privilege escalation, DoS,
System access
Released: 2005-08-02
Trustix has issued various updated packages. These fix some
vulnerabilities, which can be exploited by malicious, local users to
gain escalated privileges, by malicious users to cause a DoS (Denial of
Service), or by malicious people to gain knowledge of sensitive
information, conduct HTTP request smuggling attacks, or compromise a
vulnerable system,
Full Advisory:
http://secunia.com/advisories/16290/

[SA16284] Gentoo update for emul-linux-x86-baselibs
Critical: Highly critical
Where: From remote
Impact: DoS, System access
Released: 2005-08-01
Gentoo has issued an update for emul-linux-x86-baselibs. This fixes
some vulnerabilities, which can be exploited by malicious people to
cause a DoS (Denial of Service) or potentially compromise a vulnerable
system.
Full Advisory:
http://secunia.com/advisories/16284/

[SA16276] Fedora update for ethereal
Critical: Highly critical
Where: From remote
Impact: DoS, System access
Released: 2005-07-29
Fedora has issued an update for ethereal. This fixes multiple
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service) or compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/16276/

[SA16257] SUSE Updates for Multiple Packages
Critical: Highly critical
Where: From remote
Impact: Security Bypass, Cross Site Scripting, Spoofing,
Manipulation of data, Exposure of sensitive information, DoS, System
access
Released: 2005-07-29
SUSE has issued updates for multiple packages. These fix various
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service), conduct HTTP request smuggling, spoofing and
cross-site scripting attacks, bypass certain security restrictions,
disclose and manipulate sensitive information, and compromise a
vulnerable system.
Full Advisory:
http://secunia.com/advisories/16257/

[SA16324] Gentoo update for nbsmtp
Critical: Moderately critical
Where: From remote
Impact: DoS, System access
Released: 2005-08-03
Gentoo has issued an update for nbsmtp. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
vulnerable system.
Full Advisory:
http://secunia.com/advisories/16324/

[SA16305] Gentoo update for pstotext
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2005-08-01
Gentoo has issued an update for pstotext. This fixes a vulnerability,
which can be exploited by malicious people to compromise a vulnerable
system.
Full Advisory:
http://secunia.com/advisories/16305/

[SA16304] MySQL Eventum Cross-Site Scripting and SQL Injection
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting, Manipulation of data
Released: 2005-08-01
James Bercegay has reported some vulnerabilities in MySQL Eventum,
which can be exploited by malicious people to conduct cross-site
scripting and SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/16304/

[SA16303] Debian update for pdns
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2005-08-01
Debian has issued an update for pdns. This fixes two vulnerabilities,
which can be exploited by malicious people to cause a DoS (Denial of
Service).
Full Advisory:
http://secunia.com/advisories/16303/

[SA16293] Slackware update for telnet
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2005-08-01
Slackware has issued an update for telnet. This fixes two
vulnerabilities, which can be exploited by malicious people to
compromise a user's system.
Full Advisory:
http://secunia.com/advisories/16293/

[SA16291] jabberd "jid.c" Buffer Overflow Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: DoS, System access
Released: 2005-08-01
Michael has reported some vulnerabilities in jabberd, which potentially
can be exploited by malicious users to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/16291/

[SA16288] Gentoo update for ProFTPD
Critical: Moderately critical
Where: From remote
Impact: Exposure of sensitive information, DoS, System access
Released: 2005-08-02
Gentoo has issued an update for ProFTPD. This fixes two
vulnerabilities, which can be exploited by malicious users to disclose
certain sensitive information, cause a DoS (Denial of Service), or
potentially compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/16288/

[SA16279] no-brainer SMTP Client "log_msg" Format String Vulnerability
Critical: Moderately critical
Where: From remote
Impact: DoS, System access
Released: 2005-08-01
A vulnerability has been reported in no-brainer SMTP client, which
potentially can be exploited by malicious people to compromise a
vulnerable system.
Full Advisory:
http://secunia.com/advisories/16279/

[SA16261] Mandriva update for fetchmail
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2005-07-29
Mandriva has issued an update for fetchmail. This fixes a
vulnerability, which can be exploited by malicious people to compromise
a vulnerable system.
Full Advisory:
http://secunia.com/advisories/16261/

[SA16299] Fedora update for httpd
Critical: Less critical
Where: From remote
Impact: Security Bypass, Cross Site Scripting, Manipulation of
data, DoS
Released: 2005-08-03
Fedora has issued an update for httpd. This fixes two vulnerabilities,
which can be exploited by malicious people to potentially cause a DoS
(Denial of Service) and conduct HTTP request smuggling attacks.
Full Advisory:
http://secunia.com/advisories/16299/

[SA16266] Ubuntu update for libtiff4
Critical: Less critical
Where: From remote
Impact: DoS
Released: 2005-07-29
Ubuntu has issued an update for libtiff4. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).
Full Advisory:
http://secunia.com/advisories/16266/

[SA16259] HP NonStop Server DCE Core Services Denial of Service
Critical: Less critical
Where: From local network
Impact: DoS
Released: 2005-08-01
A vulnerability has been reported in HP NonStop Server, which can be
exploited by malicious people to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/16259/

[SA16278] Avaya CMS / IR Solaris Runtime Linker Vulnerability
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2005-08-02
Avaya has acknowledged a vulnerability in CMS and IR, which can be
exploited by malicious, local users to gain escalated privileges.
Full Advisory:
http://secunia.com/advisories/16278/

[SA16277] Debian update for gopher
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2005-08-01
Debian has issued an update for gopher. This fixes a vulnerability,
which can be exploited by malicious, local users to perform certain
actions on a vulnerable system with escalated privileges.
Full Advisory:
http://secunia.com/advisories/16277/

[SA16275] UMN Gopher Insecure Temporary File Creation
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2005-08-01
John Goerzen has reported a vulnerability in gopher, which can be
exploited by malicious, local users to perform certain actions on a
vulnerable system with escalated privileges.
Full Advisory:
http://secunia.com/advisories/16275/

[SA16269] Debian update for gaim
Critical: Not critical
Where: From remote
Impact: DoS
Released: 2005-07-29
Debian has issued an update for gaim. This fixes a weakness, which
potentially can be exploited by malicious people to cause a DoS (Denial
of Service).
Full Advisory:
http://secunia.com/advisories/16269/

[SA16265] Gaim libgadu Memory Alignment Weakness
Critical: Not critical
Where: From remote
Impact: DoS
Released: 2005-07-29
A weakness has been reported in Gaim, which potentially can be
exploited by malicious people to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/16265/

[SA16309] UnZip File Permissions Change Vulnerability
Critical: Not critical
Where: Local system
Impact: Privilege escalation
Released: 2005-08-03
Imran Ghory has reported a vulnerability in unzip, which can be
exploited by malicious, local users to perform certain actions on a
vulnerable system with escalated privileges.
Full Advisory:
http://secunia.com/advisories/16309/

[SA16319] Karrigell Python Namespace Exposure Vulnerability
Critical: Highly critical
Where: From remote
Impact: DoS, System access
Released: 2005-08-03
Radovan Garabik has reported a vulnerability in Karrigell, which can be
exploited by malicious people to cause a DoS (Denial of Service) or
potentially compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/16319/

[SA16273] Simplicity oF Upload "language" File Inclusion Vulnerability
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2005-07-29
rgod has reported a vulnerability in Simplicity oF Upload, which can be
exploited by malicious people to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/16273/

[SA16260] PHPmyGallery "confdir" File Inclusion Vulnerability
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2005-07-29
Securitysos Inc. has reported a vulnerability in PHPmyGallery, which
can be exploited by malicious people to compromise a vulnerable
system.
Full Advisory:
http://secunia.com/advisories/16260/

[SA16323] nCipher CHIL Random Cache Inheritance Security Issue
Critical: Moderately critical
Where: From remote
Impact: Unknown
Released: 2005-08-03
A security issue has been reported in nCipher CHIL (Cryptographic
Hardware Interface Library), which may result in a program generating
the same random bytes in all child processes for a certain period of
time.
Full Advisory:
http://secunia.com/advisories/16323/

[SA16318] Metasploit Framework "defanged" Mode Bypass Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Security Bypass
Released: 2005-08-03
Dino Dai Zovi has reported a vulnerability in Metasploit Framework,
which can be exploited by malicious people to bypass certain security
restrictions.
Full Advisory:
http://secunia.com/advisories/16318/

[SA16312] PHPFreeNews Unspecified Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Unknown
Released: 2005-08-02
Some unspecified vulnerabilities with unknown impacts have been
reported in PHPFreeNews.
Full Advisory:
http://secunia.com/advisories/16312/

[SA16300] FlexPHPNews Multiple Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Security Bypass, Cross Site Scripting, Manipulation of
data, Exposure of system information, DoS
Released: 2005-08-02
rgod has reported some vulnerabilities in FlexPHPNews, which can be
exploited by malicious people to cause a DoS (Denial of Service), or
conduct cross-site scripting and SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/16300/

[SA16287] Ragnarok Online Control Panel Authentication Bypass Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Security Bypass
Released: 2005-08-01
VaLiuS has reported a vulnerability in Ragnarok Online Control Panel,
which can be exploited by malicious people to bypass certain security
restrictions.
Full Advisory:
http://secunia.com/advisories/16287/

[SA16286] Kayako LiveResponse Multiple Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting, Manipulation of data, Exposure of
system information
Released: 2005-08-01
James Bercegay has reported some vulnerabilities in Kayako
LiveResponse, which can be exploited by malicious people to conduct
cross-site scripting, script insertion, and SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/16286/

[SA16262] Naxtor Shopping Cart Cross-Site Scripting and SQL Injection
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting, Manipulation of data
Released: 2005-08-03
John Cobb has reported some vulnerabilities in Naxtor Shopping Cart,
which can be exploited by malicious people to conduct cross-site
scripting and SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/16262/

[SA16316] BrightStor ARCserve Backup Agents Buffer Overflow Vulnerability
Critical: Moderately critical
Where: From local network
Impact: System access
Released: 2005-08-03
A vulnerability has been reported in BrightStor ARCserve Backup, which
can be exploited by malicious people to compromise a vulnerable
system.
Full Advisory:
http://secunia.com/advisories/16316/

[SA16267] Novell eDirectory NMAS Password Challenge Bypass
Critical: Moderately critical
Where: From local network
Impact: Security Bypass
Released: 2005-07-29
A security issue has been reported in Novell eDirectory, which can be
exploited by malicious people to bypass certain security restrictions.
Full Advisory:
http://secunia.com/advisories/16267/

[SA16311] AderSoftware CFBB "page" Cross-Site Scripting
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2005-08-02
rUnViRuS has reported a vulnerability in AderSoftware CFBB, which can
be exploited by malicious people to conduct cross-site scripting
attacks.
Full Advisory:
http://secunia.com/advisories/16311/

[SA16292] ChurchInfo SQL Injection Vulnerabilities
Critical: Less critical
Where: From remote
Impact: Manipulation of data, Exposure of system information
Released: 2005-08-02
thegreatone2176 has discovered some vulnerabilities in ChurchInfo,
which can be exploited by malicious users to conduct SQL injection
attacks.
Full Advisory:
http://secunia.com/advisories/16292/

[SA16270] UNG "name" and "email" Mail Header Injection
Critical: Less critical
Where: From remote
Impact: Manipulation of data
Released: 2005-07-29
A vulnerability has been reported in UNG, which can be exploited by
malicious people to inject arbitrary mail headers.
Full Advisory:
http://secunia.com/advisories/16270/

[SA16263] Website Baker Cross-Site Scripting and File Upload Vulnerabilities
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting, Exposure of system information,
System access
Released: 2005-07-29
thegreatone2176 has discovered some vulnerabilities in Website Baker,
which can be exploited by malicious people to conduct cross-site
scripting attacks and by malicious users to compromise a vulnerable
system.
Full Advisory:
http://secunia.com/advisories/16263/

[SA16274] phplist "id" SQL Injection Vulnerability
Critical: Not critical
Where: From remote
Impact: Manipulation of data
Released: 2005-07-29
thegreatone2176 has discovered a vulnerability in phplist, which can be
exploited by malicious users to conduct SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/16274/
 
Old 08-05-2005, 10:34 AM   #4
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Original Poster
Rep: Reputation: 69
August 5th 2005 (LAW)

Linux Advisory Watch

Distribution: Debian

* Debian: New gaim packages fix denial of service
29th, July, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119944

* Debian: New gopher packages fix insecure temporary file creation
29th, July, 2005
Update package.
http://www.linuxsecurity.com/content/view/119954

* Debian: New pdns packages fix denial of service
1st, August, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119988

* Debian: New apt-cacher package fixes arbitrary command execution
3rd, August, 2005
Updated package.
http://www.linuxsecurity.com/content/view/120011


Distribution: Fedora

* Fedora Core 3 Update: ethereal-0.10.12-1.FC3.1
28th, July, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119939

* Fedora Core 3 Update: im-sdk-12.1-10.FC3.1
28th, July, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119940

* Fedora Core 4 Update: selinux-policy-targeted-1.25.3-6
28th, July, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119941

* Fedora Core 3 Update: gamin-0.1.1-3.FC3
29th, July, 2005
This should fix the problem where monitoring desktop files works
initially but sometimes fails after a while. This is a safe update
from 0.1.1-1.FC3
http://www.linuxsecurity.com/content/view/119955

* Fedora Core 4 Update: gamin-0.1.1-3.FC4
29th, July, 2005
This should fix the problem where monitoring desktop files works
initially but sometimes fails after a while. This is a safe update
from 0.1.1-1.FC4
http://www.linuxsecurity.com/content/view/119956

* Fedora Core 4 Update: pam-0.79-9.4
29th, July, 2005
This update fixes a regression of pam_userdb against FC3 pam and
links to shared audit library as audit-libs-devel is now fixed.
http://www.linuxsecurity.com/content/view/119957

* Fedora Core 4 Update: netpbm-10.28-1.FC4.1
29th, July, 2005
Update package.
http://www.linuxsecurity.com/content/view/119958

* Fedora Core 3 Update: netpbm-10.28-1.FC3.1
29th, July, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119959

* Fedora Core 4 Update: ethereal-0.10.12-1.FC4.1
29th, July, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119960

* Fedora Core 3 Update: mkinitrd-4.1.18.1-1
29th, July, 2005
This update should fix the issue a number of people saw after the
recent kernel update where various modules would fail to load during
boot, making systems unbootable. After updating this package, remove,
and reinstall the recent kernel update, and the initrd will be
recreated correctly.
http://www.linuxsecurity.com/content/view/119961

* Fedora Core 4 Update: kdeaddons-3.4.2-0.fc4.1
29th, July, 2005
KDE 3.4.2 update
http://www.linuxsecurity.com/content/view/119963

* Fedora Core 4 Update: kdesdk-3.4.2-0.fc4.1
29th, July, 2005
KDE 3.4.2 update
http://www.linuxsecurity.com/content/view/119964

* Fedora Core 4 Update: kdepim-3.4.2-0.fc4.2
29th, July, 2005
KDE 3.4.2 update
http://www.linuxsecurity.com/content/view/119965

* Fedora Core 4 Update: kdemultimedia-3.4.2-0.fc4.1
29th, July, 2005
KDE 3.4.2 update
http://www.linuxsecurity.com/content/view/119966

* Fedora Core 4 Update: kdelibs-3.4.2-0.fc4.1
29th, July, 2005
KDE 3.4.2 update
http://www.linuxsecurity.com/content/view/119967

* Fedora Core 4 Update: kdewebdev-3.4.2-0.fc4.1
29th, July, 2005
KDE 3.4.2 update
http://www.linuxsecurity.com/content/view/119968

* Fedora Core 4 Update: kdebase-3.4.2-0.fc4.1
29th, July, 2005
KDE 3.4.2 update
http://www.linuxsecurity.com/content/view/119969

* Fedora Core 4 Update: kdevelop-3.2.2-0.fc4.1
29th, July, 2005
KDE 3.4.2 update
http://www.linuxsecurity.com/content/view/119970

* Fedora Core 4 Update: kdeutils-3.4.2-0.fc4.1
29th, July, 2005
KDE 3.4.2 update
http://www.linuxsecurity.com/content/view/119971

* Fedora Core 4 Update: kdenetwork-3.4.2-0.fc4.1
29th, July, 2005
KDE 3.4.2 update
http://www.linuxsecurity.com/content/view/119972

* Fedora Core 4 Update: kde-i18n-3.4.2-0.fc4.1
29th, July, 2005
KDE 3.4.2 update
http://www.linuxsecurity.com/content/view/119973

* Fedora Core 4 Update: kdegraphics-3.4.2-0.fc4.1
29th, July, 2005
KDE 3.4.2 update
http://www.linuxsecurity.com/content/view/119974

* Fedora Core 4 Update: kdegames-3.4.2-0.fc4.1
29th, July, 2005
KDE 3.4.2 update
http://www.linuxsecurity.com/content/view/119975

* Fedora Core 4 Update: kdeedu-3.4.2-0.fc4.1
29th, July, 2005
KDE 3.4.2 update
http://www.linuxsecurity.com/content/view/119976

* Fedora Core 4 Update: kdebindings-3.4.2-0.fc4.1
29th, July, 2005
KDE 3.4.2 update
http://www.linuxsecurity.com/content/view/119977

* Fedora Core 4 update: kdeartwork-3.4.2-0.fc4.1
29th, July, 2005
KDE 3.4.2 update
http://www.linuxsecurity.com/content/view/119978

* Fedora Core 4 Update: kdeadmin-3.4.2-0.fc4.1
29th, July, 2005
KDE 3.4.2 update
http://www.linuxsecurity.com/content/view/119979

* Fedora Core 4 Update: kdeaccessibility-3.4.2-0.fc4.1
29th, July, 2005
KDE 3.4.2 update
http://www.linuxsecurity.com/content/view/119980

* Fedora Core 4 Update: arts-1.4.2-0.fc4.1
29th, July, 2005
KDE 3.4.2 update
http://www.linuxsecurity.com/content/view/119981

* Fedora Core 4 Update: NetworkManager-0.4-20.FC4.1
29th, July, 2005
Network Manager passes logging messages straight to syslog as the
format string.
http://www.linuxsecurity.com/content/view/119982

* Fedora Core 4 Update: libraw1394-1.2.0-1.fc4
31st, July, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119986

* Fedora Core 4 Update: selinux-policy-targeted-1.25.3-9
1st, August, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119994

* Fedora Core 4 Update: ckermit-8.0.211-2.FC4
1st, August, 2005
Updated package.
http://www.linuxsecurity.com/content/view/119995

* Fedora Core 4 Update: httpd-2.0.54-10.1
2nd, August, 2005
This update security fixes for CVE CAN-2005-2088 and CVE
CAN-2005-1268, along with some minor bug fixes.
http://www.linuxsecurity.com/content/view/120003

* Fedora Core 4 Update: kdegames-3.4.2-0.fc4.2
2nd, August, 2005
Updated package.
http://www.linuxsecurity.com/content/view/120004

* Fedora Core 3 Update: httpd-2.0.53-3.2
2nd, August, 2005
This update includes version 2.0.53 of the Apache HTTP server, and
also adds security fixes for CVE CAN-2005-2088 and CVE CAN-2005-1268.
http://www.linuxsecurity.com/content/view/120005

* Fedora Core 4 Update: gphoto2-2.1.6-1.1
2nd, August, 2005
Updated to new release.
http://www.linuxsecurity.com/content/view/120006

* Fedora Core 4 Update: coreutils-5.2.1-48.1
2nd, August, 2005
This updated package fixes "who -r" and "who -b".
http://www.linuxsecurity.com/content/view/120007

* Fedora Core 4 Update: iiimf-12.2-4.fc4.2
2nd, August, 2005
Updated package.
http://www.linuxsecurity.com/content/view/120008

* Fedora Core 3 Update: yum-2.2.2-0.fc3
2nd, August, 2005
This update fixes a few minor problems.
http://www.linuxsecurity.com/content/view/120010

* Fedora Core 3 Update: ethereal-0.10.12-1.FC3.2
3rd, August, 2005
To reduce the risk of future vulnerabilities in Ethereal, the
ethereal and tethereal programs in this update have been compiled as
Position Independant Executables (PIE).
http://www.linuxsecurity.com/content/view/120018

* Fedora Core 4 Update: ethereal-0.10.12-1.FC4.2
3rd, August, 2005
To reduce the risk of future vulnerabilities in Ethereal, the
ethereal and tethereal programs in this update have been compiled as
Position Independant Executables (PIE).
http://www.linuxsecurity.com/content/view/120019

* Fedora Core 3 Update: gimp-2.2.8-0.fc3.2
3rd, August, 2005
Updated package.
http://www.linuxsecurity.com/content/view/120020

* Fedora Core 4 Update: gimp-2.2.8-0.fc4.2
3rd, August, 2005
Updated package.
http://www.linuxsecurity.com/content/view/120021

* Fedora Core 4 Update: readahead-1.1-1.16_FC4
3rd, August, 2005
This update should fix a inverted case where readahead would be
triggered on boxes that have less than 384MB of memory, and would not
occur if the box had more than 384MB of memory.
http://www.linuxsecurity.com/content/view/120023


Distribution: Gentoo

* Gentoo: Ethereal Multiple vulnerabilities
28th, July, 2005
Ethereal is vulnerable to numerous vulnerabilities potentially
resulting in the execution of arbitrary code or abnormal termination.
http://www.linuxsecurity.com/content/view/119934

* Gentoo: Shorewall Security policy bypass
29th, July, 2005
A vulnerability in Shorewall allows clients authenticated by MAC
address filtering to bypass all other security rules.
http://www.linuxsecurity.com/content/view/119945

* Gentoo: zlib Buffer overflow
29th, July, 2005
zlib is vulnerable to a buffer overflow which could potentially lead
to execution of arbitrary code.
http://www.linuxsecurity.com/content/view/119946

* Gentoo: fetchmail Buffer Overflow
29th, July, 2005
fetchmail is susceptible to a buffer overflow resulting in a Denial
of Service or arbitrary code execution.
http://www.linuxsecurity.com/content/view/119947

* Gentoo: Kopete Vulnerability in included Gadu library
29th, July, 2005
Kopete is vulnerable to several input validation vulnerabilities
which may lead to execution of arbitrary code.
http://www.linuxsecurity.com/content/view/119948

* Gentoo: Mozilla Suite Multiple vulnerabilities
29th, July, 2005
Several vulnerabilities in the Mozilla Suite allow attacks ranging
from the execution of javascript code with elevated privileges to
inormation leakage.
http://www.linuxsecurity.com/content/view/119949

* Gentoo: Clam AntiVirus Integer overflows
29th, July, 2005
Clam AntiVirus is vulnerable to integer overflows when handling
several file formats, potentially resulting in the execution of
arbitrary code.
http://www.linuxsecurity.com/content/view/119950

* Gentoo: sandbox Insecure temporary file handling
29th, July, 2005
The sandbox utility may create temporary files in an insecure manner.
http://www.linuxsecurity.com/content/view/119951

* Gentoo: AMD64 x86 emulation base libraries Buffer overflow
30th, July, 2005
The x86 emulation base libraries for AMD64 contain a vulnerable
version of zlib which could potentially lead to execution of
arbitrary code.
http://www.linuxsecurity.com/content/view/119983

* Gentoo: pstotext Remote execution of arbitrary code
31st, July, 2005
pstotext contains a vulnerability which can potentially result in the
execution of arbitrary code.
http://www.linuxsecurity.com/content/view/119984

* Gentoo: Compress:Zlib: Buffer overflow
1st, August, 2005
Compress::Zlib is vulnerable to a buffer overflow which could
potentially lead to execution of arbitrary code.
http://www.linuxsecurity.com/content/view/119987

* Gentoo: ProFTPD Format string vulnerabilities
1st, August, 2005
Under specific circumstances, ProFTPD is vulnerable to format string
vulnerabilities, potentially resulting in the execution of arbitrary
code.
http://www.linuxsecurity.com/content/view/119996

* Gentoo: ProFTPD Format string vulnerabilities
1st, August, 2005
Under specific circumstances, ProFTPD is vulnerable to format string
vulnerabilities, potentially resulting in the execution of arbitrary
code.
http://www.linuxsecurity.com/content/view/119997

* Gentoo: nbSMTP Format string vulnerability
2nd, August, 2005
nbSMTP is vulnerable to a format string vulnerability which may
result in remote execution of arbitrary code.
http://www.linuxsecurity.com/content/view/120002


Distribution: Red Hat

* RedHat: Low: dump security update
3rd, August, 2005
Updated dump packages that address two security issues are now
available for Red Hat Enterprise Linux 2.1. This update has been
rated as having low security impact by the Red Hat Security Response Team.
http://www.linuxsecurity.com/content/view/120016

* RedHat: Moderate: SquirrelMail security update
3rd, August, 2005
An updated squirrelmail package that fixes two security issues is now
available. This update has been rated as having moderate security
impact by the Red Hat Security Response T am.
http://www.linuxsecurity.com/content/view/120017
 
  


Closed Thread


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LQ Security Report - September 5th 2005 Capt_Caveman Linux - Security 3 09-05-2005 07:27 PM
LQ Security Report - June 5th 2005 Capt_Caveman Linux - Security 3 06-05-2005 10:30 PM
LQ Security Report - August 29th 2004 Capt_Caveman Linux - Security 3 08-29-2004 11:43 PM
LQ - Security Report - August 24th 2004 Capt_Caveman Linux - Security 2 08-24-2004 05:27 AM
LQ - Security Report - August 16th 2004 Capt_Caveman Linux - Security 2 08-16-2004 11:25 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 10:22 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration