LQ Security Report - June 27th 2005
June 21st 2005
19 issues reported (SF) 1. RedHat Linux SysReport Proxy Information Disclosure Vulnerability 2. Multiple Vendor Telnet Client Remote Information Disclosure Vulnerability 3. Sun Java Web Start Unspecified Privilege Escalation Vulnerability 4. Iron Bars Shell Multiple Unspecified Buffer Overflow Vulnerabilities 5. Sun Java Runtime Environment Unspecified Privilege Escalation Vulnerability 6. ViRobot Linux Server Remote Buffer Overflow Vulnerability 7. PAFileDB Multiple Input Validation Vulnerabilities 8. Opera Web Browser Cross-Site Scripting Local File Disclosure Vulnerability 9. Opera Web Browser XMLHttpRequest Object Cross-Domain Access Vulnerability 10. Ultimate PHP Board Multiple Cross-Site Scripting Vulnerabilities 11. SquirrelMail Multiple Unspecified Cross-Site Scripting Vulnerabilities 12. Ultimate PHP Board Weak Password Encryption Vulnerability 13. SpamAssassin Malformed Email Header Remote Denial Of Service Vulnerability 14. SuSE Linux GPG2 S/MIME Signing Unspecified Vulnerability 15. Yaws Remote Source Code Disclosure Vulnerability 16. XAMMP Lang.PHP HTML Injection Vulnerability 17. XAMMP Lang.PHP Directory Traversal Vulnerability 18. Vipul Razor-agents Multiple Unspecified Denial Of Service Vulnerability 19. JBoss Malformed HTTP Request Remote Information Disclosure June 23rd 2005 39 issues reported (SN) [SA15777] SUSE update for java2 [SA15755] Gentoo update for sun-jdk/sun-jre-bin/blackdown-jdk/blackdown-jre [SA15753] Gentoo update for peercast [SA15750] Slackware update for sun-jdk/sun-jre [SA15772] Fedora update for ruby [SA15766] Gentoo update for squirrelmail [SA15749] Sun ONE Messaging Server Unspecified Webmail Vulnerability [SA15741] SUSE Updates for gpg2/telnet/unace/horde [SA15740] Yaws Source Code Disclosure Vulnerability [SA15730] Red Hat update for mc [SA15773] Ubuntu update for tcpdump [SA15770] cPanel cpsrvd.pl Cross-Site Scripting Vulnerability [SA15768] Gentoo update for spamassassin/razor [SA15754] NanoBlogger Plugins Shell Command Injection Vulnerability [SA15751] Gentoo update for cpio [SA15729] Red Hat update for bzip2 [SA15728] Fedora update for spamassassin [SA15774] Ubuntu update for sudo [SA15771] Fedora update for sudo [SA15763] Novell NetMail File Ownership Security Issue [SA15759] Slackware update for sudo [SA15748] OpenBSD update for sudo [SA15744] Sudo Arbitrary Command Execution Vulnerability [SA15760] Avaya Products Telnet Client Information Disclosure Weakness [SA15731] Red Hat update for gaim [SA15767] Ruby XMLRPC Server Arbitrary Command Execution [SA15758] MercuryBoard "User-Agent" SQL Injection Vulnerability [SA15752] Trac Arbitrary File Upload/Download Vulnerability [SA15735] XAMPP "lang.php" Script Insertion and Information Disclosure [SA15732] Ultimate PHP Board Cross-Site Scripting and User Credentials Exposure [SA15775] Gentoo update for tor [SA15764] Tor Disclosure of Sensitive Information [SA15739] Razor-agents Denial of Service Vulnerabilities [SA15738] Contelligent Preview Privilege Escalation Vulnerability [SA15737] ajax-spell Cross-Site Scripting Vulnerability [SA15736] amaroK Web Frontend Exposure of User Credentials [SA15742] RealVNC Information Disclosure Weakness [SA15733] e107 Administrator Account Enumeration Weakness [SA15746] JBoss "org.jboss.web.WebServer" Information Disclosure June 24th 2005 31 issues reported across 3 distros (LAW) elinks mikmod tcpdump parted system-config-securitylevel checkpolicy selinux-policy-targeted spamassassin gaim ruby arts kde sudo gawk util-linux mc pilot-link alsa-lib system-config-soundcard jpilot ImageMagick hwdata webapp-config Sun and Blackdown Java Applet PeerCast cpio Tor SquirrelMail cacti Trac bzip2 |
June 21st 2005 (SF)
Security Focus
1. RedHat Linux SysReport Proxy Information Disclosure Vulnerability BugTraq ID: 13936 Remote: Yes Date Published: 2005-06-13 Relevant URL: http://www.securityfocus.com/bid/13936 Summary: Sysreport is susceptible to an information disclosure vulnerability. This issue is due to a failure of the application to ensure that sensitive information is not included in its generated reports. This vulnerability may result in sending unencrypted proxy authentication usernames and passwords to potentially malicious people. This may aid them in further attacks. 2. Multiple Vendor Telnet Client Remote Information Disclosure Vulnerability BugTraq ID: 13940 Remote: Yes Date Published: 2005-06-14 Relevant URL: http://www.securityfocus.com/bid/13940 Summary: Telnet clients provided by multiple vendors are susceptible to a remote information disclosure vulnerability. Any information stored in the environment of clients utilizing the affected telnet application is available for attackers to retrieve. The contents of the environment variables may be sensitive in nature, allowing attackers to gain information that may aid them in further system compromise. 3. Sun Java Web Start Unspecified Privilege Escalation Vulnerability BugTraq ID: 13945 Remote: Yes Date Published: 2005-06-14 Relevant URL: http://www.securityfocus.com/bid/13945 Summary: Sun Java Web Start is susceptible to an unspecified privilege escalation vulnerability. This vulnerability allows remote, untrusted Java applications to gain elevated privileges. This allows them to read or write local files, or to execute arbitrary local applications. These actions are normally forbidden for untrusted applications running in the Java virtual machine. Further details are not available at this time. This BID will be updated as further information is disclosed. 4. Iron Bars Shell Multiple Unspecified Buffer Overflow Vulnerabilities BugTraq ID: 13957 Remote: No Date Published: 2005-06-14 Relevant URL: http://www.securityfocus.com/bid/13957 Summary: Multiple unspecified buffer overflow vulnerabilities affect Iron Bars Shell. These issues are due to a failure of the application to properly validate the length of user-supplied strings prior to copying them into static process buffers. The details currently available regarding these issues are insufficient to provide an accurate technical description. It can bespeculated that these issues may be leveraged by an attacker to gain escalated privileges on a local machine. An attacker may leverage these issues to execute instructions with the privileges of the affected application. 5. Sun Java Runtime Environment Unspecified Privilege Escalation Vulnerability BugTraq ID: 13958 Remote: Yes Date Published: 2005-06-14 Relevant URL: http://www.securityfocus.com/bid/13958 Summary: Sun Java Runtime Environment is susceptible to an unspecified privilege escalation vulnerability. This vulnerability allows remote, untrusted Java applications to gain elevated privileges. This allows them to read or write local files, or to execute arbitrary local applications. These actions are normally forbidden for untrusted applications running in the Java virtual machine. Further details are not available at this time. This BID will be updated as further information is disclosed. 6. ViRobot Linux Server Remote Buffer Overflow Vulnerability BugTraq ID: 13964 Remote: Yes Date Published: 2005-06-15 Relevant URL: http://www.securityfocus.com/bid/13964 Summary: ViRobot Linux Server is prone to a remote buffer overflow vulnerability affecting the Web based management interface. This issue presents itself because the application fails to perform boundary checks prior to copying user-supplied data into sensitive process buffers. An attacker can unauthorized access to a vulnerable computer by supplying malformed values through cookies. This issue can lead to a complete compromise. ViRobot Linux Server 2.0 is vulnerable to this issue. Other versions may be affected as well. 7. PAFileDB Multiple Input Validation Vulnerabilities BugTraq ID: 13967 Remote: Yes Date Published: 2005-06-15 Relevant URL: http://www.securityfocus.com/bid/13967 Summary: paFileDB is prone to multiple input validation vulnerabilities. The following issues are reported: Multiple SQL injection issues exist in paFileDB. The impact of these issues will vary depending on features supported by the database implementation but may be limited due to the nature of affected queries. Multiple cross-site scripting issues are also reported when passing user-supplied arguments to the 'sortby', 'filelist', and 'pages' parameters of the 'pafiledb.php' script. Exploitation of these issues may allow for compromise of the software, session hijacking, or attacks against the underlying database. Finally, paFileDB is prone to a file disclosure vulnerability. The 'action' parameter of the 'pafiledb.php' script is affected by the vulnerability. 8. Opera Web Browser Cross-Site Scripting Local File Disclosure Vulnerability BugTraq ID: 13969 Remote: Yes Date Published: 2005-06-16 Relevant URL: http://www.securityfocus.com/bid/13969 Summary: Opera Web Browser is affected by a cross-site scripting vulnerability that can be leveraged to disclose local files as well. Attackers may steal cookie-based authentication credentials, disclose local files in the context of the browser and carry out other attacks. Opera Web Browser version 8.0 is prone to this issue. 9. Opera Web Browser XMLHttpRequest Object Cross-Domain Access Vulnerability BugTraq ID: 13970 Remote: Yes Date Published: 2005-06-16 Relevant URL: http://www.securityfocus.com/bid/13970 Summary: Opera Web Browser is prone to an issue that allows a violation of the cross-domain security model. This issue arises due to an access validation error affecting the 'XMLHttpRequest' object. Successful exploitation may result in cookie theft, content manipulation, information disclosure or other attacks. Opera Web Browser version 8.0 is prone to this issue. 10. Ultimate PHP Board Multiple Cross-Site Scripting Vulnerabilities BugTraq ID: 13971 Remote: Yes Date Published: 2005-06-16 Relevant URL: http://www.securityfocus.com/bid/13971 Summary: Ultimate PHP Board is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. 11. SquirrelMail Multiple Unspecified Cross-Site Scripting Vulnerabilities BugTraq ID: 13973 Remote: Yes Date Published: 2005-06-16 Relevant URL: http://www.securityfocus.com/bid/13973 Summary: SquirrelMail is affected by multiple unspecified cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input. These issues could permit a remote attacker to create a malicious URI link that includes hostile HTML and script code. If this link were to be followed, the hostile code may be rendered in the web browser of the victim user. This would occur in the security context of the affected web site and may allow for theft of cookie-based authentication credentials or other attacks. 12. Ultimate PHP Board Weak Password Encryption Vulnerability BugTraq ID: 13975 Remote: Yes Date Published: 2005-06-16 Relevant URL: http://www.securityfocus.com/bid/13975 Summary: Ultimate PHP Board is prone to a weak password encryption vulnerability. This issue is due to a failure of the application to protect passwords with a sufficiently effective encryption scheme. This issue may allow a malicious user to gain access to user and administrator passwords for the affected application. 13. SpamAssassin Malformed Email Header Remote Denial Of Service Vulnerability BugTraq ID: 13978 Remote: Yes Date Published: 2005-06-17 Relevant URL: http://www.securityfocus.com/bid/13978 Summary: SpamAssassin is prone to a remote denial of service vulnerability. This issue is due to a failure of the application to properly handle overly long email headers. Further details regarding this vulnerability are currently not available. This BID will be updated as more information is disclosed. An attacker may cause SpamAssassin to take inordinate amounts of time to check a specially crafted email message. By sending many malicious messages, it may be possible for attackers to cause extremely large delays in email delivery, denying service to legitimate users. 14. SuSE Linux GPG2 S/MIME Signing Unspecified Vulnerability BugTraq ID: 13980 Remote: Yes Date Published: 2005-06-17 Relevant URL: http://www.securityfocus.com/bid/13980 Summary: SuSE Linux is affected by an unspecified vulnerability related to S/MIME signing using gpg2. The cause and impact of this issue is currently unknown. Due to a lack of details, it cannot be confirmed whether this issue poses a security threat or results in an adverse affect on the functionality of the application. It is conjectured that this issue is remote in nature. SUSE Linux 9.3 is affected by this issue. 15. Yaws Remote Source Code Disclosure Vulnerability BugTraq ID: 13981 Remote: Yes Date Published: 2005-06-17 Relevant URL: http://www.securityfocus.com/bid/13981 Summary: A vulnerability has been reported in Yaws that may result in the disclosure of script files' source code. Information obtained in this manner may be used by the attacker to launch further attacks against a vulnerable system. Yaws 1.55 and prior versions are affected. 16. XAMMP Lang.PHP HTML Injection Vulnerability BugTraq ID: 13982 Remote: Yes Date Published: 2005-06-17 Relevant URL: http://www.securityfocus.com/bid/13982 Summary: XAMMP is prone to an HTML injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would be executed in the context of the affected Web site, potentially allowing for theft of cookie-based authentication credentials. An attacker could also exploit this issue to control how the site is rendered to the user; other attacks are also possible. This issue is reported to affect the Linux distribution of XAMMP. 17. XAMMP Lang.PHP Directory Traversal Vulnerability BugTraq ID: 13983 Remote: Yes Date Published: 2005-06-17 Relevant URL: http://www.securityfocus.com/bid/13983 Summary: XAMMP is prone to a directory traversal vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. A remote unauthorized user can disclose the contents of arbitrary local PHP scripts through the use of directory traversal strings '../'. Exploitation of this vulnerability could lead to a loss of confidentiality. This issue is reported to affect the Linux distribution of XAMMP. 18. Vipul Razor-agents Multiple Unspecified Denial Of Service Vulnerability BugTraq ID: 13984 Remote: Yes Date Published: 2005-06-17 Relevant URL: http://www.securityfocus.com/bid/13984 Summary: Vipul Razor-agents is prone to multiple unspecified denial of service vulnerabilities. The following issues are reported:The first denial of service vulnerability exists in the discovery logic of Razor-agents. The second issue exists in the preprocessing code of Razor-agents. Both issues may be exploited to cause a denial of service for the vulnerable application. 19. JBoss Malformed HTTP Request Remote Information Disclosure Vulnerability BugTraq ID: 13985 Remote: Yes Date Published: 2005-06-17 Relevant URL: http://www.securityfocus.com/bid/13985 Summary: JBoss is prone to a remote information disclosure vulnerability. The issue exists in the 'org.jboss.web.WebServer' class and is due to a lack of sufficient sanitization of user-supplied request data. Information that is harvested through leveraging of this issue may be used to aid in further attacks that are launched against the affected service. |
June 23rd 2005 (SN)
Secunia
[SA15777] SUSE update for java2 Critical: Highly critical Where: From remote Impact: System access Released: 2005-06-22 SUSE has issued an update for java2. This fixes two vulnerabilities, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/15777/ [SA15755] Gentoo update for sun-jdk/sun-jre-bin/blackdown-jdk/blackdown-jre Critical: Highly critical Where: From remote Impact: System access Released: 2005-06-20 Gentoo has issued updates for sun-jdk, sun-jre-bin, blackdown-jdk, and blackdown-jre. These fix a vulnerability, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/15755/ [SA15753] Gentoo update for peercast Critical: Highly critical Where: From remote Impact: System access Released: 2005-06-20 Gentoo has issued an update for peercast. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/15753/ [SA15750] Slackware update for sun-jdk/sun-jre Critical: Highly critical Where: From remote Impact: System access Released: 2005-06-20 Slackware has issued an update for sun-jdk/sun-jre. This fixes two vulnerabilities, which can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/15750/ [SA15772] Fedora update for ruby Critical: Moderately critical Where: From remote Impact: Security Bypass Released: 2005-06-22 Fedora has issued an update for ruby. This fixes a vulnerability, which potentially can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/15772/ [SA15766] Gentoo update for squirrelmail Critical: Moderately critical Where: From remote Impact: Cross Site Scripting Released: 2005-06-22 Gentoo has issued an update for squirrelmail. This fixes several vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/15766/ [SA15749] Sun ONE Messaging Server Unspecified Webmail Vulnerability Critical: Moderately critical Where: From remote Impact: Cross Site Scripting Released: 2005-06-20 A vulnerability has been reported in Sun ONE Messaging Server, which may be exploited by malicious people to conduct script insertion attacks. Full Advisory: http://secunia.com/advisories/15749/ [SA15741] SUSE Updates for gpg2/telnet/unace/hord Critical: Moderately critical Where: From remote Impact: Cross Site Scripting, Exposure of system information, System access Released: 2005-06-20 SUSE has issued updates for gpg2, telnet, unace and horde. These fix some vulnerabilities, which can be exploited by malicious people to gain knowledge of various information, conduct cross-site scripting attacks and compromise a user's system. Full Advisory: http://secunia.com/advisories/15741/ [SA15740] Yaws Source Code Disclosure Vulnerability Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information Released: 2005-06-17 M. Eiszner has reported a vulnerability in Yaws, which can be exploited by malicious people to gain knowledge of potentially sensitive information. Full Advisory: http://secunia.com/advisories/15740/ [SA15730] Red Hat update for mc Critical: Moderately critical Where: From remote Impact: Unknown, Privilege escalation, DoS Released: 2005-06-17 Red Hat has issued an update for mc. This fixes several vulnerabilities, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/15730/ [SA15773] Ubuntu update for tcpdump Critical: Less critical Where: From remote Impact: DoS Released: 2005-06-22 Ubuntu has issued an update for tcpdump. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/15773/ [SA15770] cPanel cpsrvd.pl Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2005-06-22 A vulnerability has been discovered in cPanel, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/15770/ [SA15768] Gentoo update for spamassassin/razor Critical: Less critical Where: From remote Impact: DoS Released: 2005-06-21 Gentoo has issued updates for spamassassin and razor. These fix a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/15768/ [SA15754] NanoBlogger Plugins Shell Command Injection Vulnerability Critical: Less critical Where: From remote Impact: System access Released: 2005-06-21 A vulnerability has been reported in NanoBlogger, which potentially can be exploited by malicious people to compromise a user's system. Full Advisory: http://secunia.com/advisories/15754/ [SA15751] Gentoo update for cpio Critical: Less critical Where: From remote Impact: Security Bypass, Manipulation of data Released: 2005-06-20 Gentoo has issued an update for cpio. This fixes a vulnerability, which can be exploited by malicious people to cause files to be unpacked to arbitrary locations on a user's system. Full Advisory: http://secunia.com/advisories/15751/ [SA15729] Red Hat update for bzip2 Critical: Less critical Where: From remote Impact: Security Bypass, Manipulation of data, DoS Released: 2005-06-17 Red Hat has issued an update for bzip2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/15729/ [SA15728] Fedora update for spamassassin Critical: Less critical Where: From remote Impact: DoS Released: 2005-06-17 Fedora has issued an update for spamassassin. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/15728/ [SA15774] Ubuntu update for sudo Critical: Less critical Where: Local system Impact: Security Bypass Released: 2005-06-22 Ubuntu has issued an update for sudo. This fixes a vulnerability, which can be exploited by malicious, local users to execute arbitrary commands with escalated privileges. Full Advisory: http://secunia.com/advisories/15774/ [SA15771] Fedora update for sudo Critical: Less critical Where: Local system Impact: Security Bypass Released: 2005-06-22 Fedora has issued an update for sudo. This fixes a vulnerability, which can be exploited by malicious, local users to execute arbitrary commands with escalated privileges. Full Advisory: http://secunia.com/advisories/15771/ [SA15763] Novell NetMail File Ownership Security Issue Critical: Less critical Where: Local system Impact: Manipulation of data Released: 2005-06-21 A security issue has been reported in NetMail, which can be exploited by malicious, local users to delete or replace the NetMail binaries. Full Advisory: http://secunia.com/advisories/15763/ [SA15759] Slackware update for sudo Critical: Less critical Where: Local system Impact: Security Bypass Released: 2005-06-22 Slackware has issued an update for sudo. This fixes a vulnerability, which can be exploited by malicious, local users to execute arbitrary commands with escalated privileges. Full Advisory: http://secunia.com/advisories/15759/ [SA15748] OpenBSD update for sudo Critical: Less critical Where: Local system Impact: Security Bypass Released: 2005-06-21 OpenBSD has issued an update for sudo. This fixes a vulnerability, which can be exploited by malicious, local users to execute arbitrary commands with escalated privileges. Full Advisory: http://secunia.com/advisories/15748/ [SA15744] Sudo Arbitrary Command Execution Vulnerability Critical: Less critical Where: Local system Impact: Security Bypass Released: 2005-06-21 A vulnerability has been reported in sudo, which can be exploited by malicious, local users to execute arbitrary commands. Full Advisory: http://secunia.com/advisories/15744/ [SA15760] Avaya Products Telnet Client Information Disclosure Weakness Critical: Not critical Where: From remote Impact: Exposure of system information Released: 2005-06-21 Avaya has acknowledged a weakness in the telnet client included in certain products, which can be exploited by malicious people to gain knowledge of certain system information. Full Advisory: http://secunia.com/advisories/15760/ [SA15731] Red Hat update for gaim Critical: Not critical Where: From remote Impact: DoS Released: 2005-06-17 Red Hat has issued an update for gaim. This fixes two weaknesses, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/15731/ [SA15767] Ruby XMLRPC Server Arbitrary Command Execution Critical: Moderately critical Where: From remote Impact: Security Bypass Released: 2005-06-22 Nobuhiro IMAI has reported a vulnerability in Ruby, which potentially can be exploited by malicious people to bypass certain security restrictions. Full Advisory: http://secunia.com/advisories/15767/ [SA15758] MercuryBoard "User-Agent" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data Released: 2005-06-22 4yka has reported a vulnerability in MercuryBoard, which can be exploited by malicious people to conduct SQL injection attacks. Full Advisory: http://secunia.com/advisories/15758/ [SA15752] Trac Arbitrary File Upload/Download Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data, Exposure of sensitive information, System access Released: 2005-06-20 Stefan Esser has reported a vulnerability in Trac, which can be exploited by malicious users to disclose sensitive information and potentially compromise a vulnerable system. Full Advisory: http://secunia.com/advisories/15752/ [SA15735] XAMPP "lang.php" Script Insertion and Information Disclosure Critical: Moderately critical Where: From remote Impact: Cross Site Scripting, Exposure of sensitive information Released: 2005-06-17 A vulnerability has been reported in XAMPP, which can be exploited by malicious people to disclose potentially sensitive information and conduct script insertion attacks. Full Advisory: http://secunia.com/advisories/15735/ [SA15732] Ultimate PHP Board Cross-Site Scripting and User Credentials Exposure Critical: Moderately critical Where: From remote Impact: Cross Site Scripting, Exposure of sensitive information Released: 2005-06-17 Alberto Trivero has reported some vulnerabilities and a security issue in Ultimate PHP Board, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose sensitive information. Full Advisory: http://secunia.com/advisories/15732/ [SA15775] Gentoo update for tor Critical: Less critical Where: From remote Impact: Exposure of sensitive information Released: 2005-06-22 Gentoo has issued an update for tor. This fixes a vulnerability, which potentially can be exploited by malicious people to disclose sensitive information. Full Advisory: http://secunia.com/advisories/15775/ [SA15764] Tor Disclosure of Sensitive Information Critical: Less critical Where: From remote Impact: Exposure of sensitive information Released: 2005-06-22 A vulnerability has been reported in Tor, which potentially can be exploited by malicious people to disclose sensitive information. Full Advisory: http://secunia.com/advisories/15764/ [SA15739] Razor-agents Denial of Service Vulnerabilities Critical: Less critical Where: From remote Impact: DoS Released: 2005-06-17 Two vulnerabilities have been reported in Razor-agents, which can be exploited by malicious people to cause a DoS (Denial of Service). Full Advisory: http://secunia.com/advisories/15739/ [SA15738] Contelligent Preview Privilege Escalation Vulnerability Critical: Less critical Where: From remote Impact: Privilege escalation Released: 2005-06-17 A vulnerability has been reported in Contelligent, which can be exploited by malicious users to gain escalated privileges. Full Advisory: http://secunia.com/advisories/15738/ [SA15737] ajax-spell Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Released: 2005-06-17 A vulnerability has been reported in ajax-spell, which can be exploited by malicious people to conduct cross-site scripting attacks. Full Advisory: http://secunia.com/advisories/15737/ [SA15736] amaroK Web Frontend Exposure of User Credentials Critical: Less critical Where: From remote Impact: Exposure of sensitive information Released: 2005-06-17 A security issue has been reported in the amaroK Web Frontend plugin for amaroK, which can be exploited by malicious people to disclose potentially sensitive information. Full Advisory: http://secunia.com/advisories/15736/ [SA15742] RealVNC Information Disclosure Weakness Critical: Not critical Where: From remote Impact: Exposure of system information Released: 2005-06-20 class101 has reported a weakness in RealVNC, which can be exploited by malicious people to gain knowledge of various system information. Full Advisory: http://secunia.com/advisories/15742/ [SA15733] e107 Administrator Account Enumeration Weakness Critical: Not critical Where: From remote Impact: Exposure of system information Released: 2005-06-17 Marc Ruef has discovered a weakness in e107, which can be exploited by malicious people to identify valid administrator accounts. Full Advisory: http://secunia.com/advisories/15733/ [SA15746] JBoss "org.jboss.web.WebServer" Information Disclosure Critical: Not critical Where: From local network Impact: Exposure of system information Released: 2005-06-20 Marc Schoenefeld has reported a weakness in JBoss, which can be exploited by malicious people to disclose system information. Full Advisory: http://secunia.com/advisories/15746/ |
June 24th 2005 (LAW)
Linux Advisory Watch
Distribution: Fedora * Fedora Core 4 Update: elinks-0.10.3-3.1 16th, June, 2005 Updated package. http://www.linuxsecurity.com/content/view/119321 * Fedora Core 4 Update: mikmod-3.1.6-35.FC4 16th, June, 2005 Updated package. http://www.linuxsecurity.com/content/view/119322 * Fedora Core 4 Update: tcpdump-3.8.2-13.FC4 16th, June, 2005 Updated package. http://www.linuxsecurity.com/content/view/119323 * Fedora Core 4 Update: parted-1.6.22-3.FC4 16th, June, 2005 Updated package. http://www.linuxsecurity.com/content/view/119324 * Fedora Core 4 Update: system-config-securitylevel-1.5.8.1-1 16th, June, 2005 Updated package. http://www.linuxsecurity.com/content/view/119325 * Fedora Core 3 Update: checkpolicy-1.17.5-1.2 16th, June, 2005 Updated package. http://www.linuxsecurity.com/content/view/119327 * Fedora Core 3 Update: selinux-policy-targeted-1.17.30-3.9 16th, June, 2005 Updated package. http://www.linuxsecurity.com/content/view/119328 * Fedora Core 3 Update: spamassassin-3.0.4-1.fc3 16th, June, 2005 Important update for a Denial of Service vulnerability, plus more bug fixes from upstream. More details available at: http://wiki.apache.org/spamassassin/NextRelease http://www.linuxsecurity.com/content/view/119332 * Fedora Core 4 Update: spamassassin-3.0.4-1.fc4 16th, June, 2005 Important update for a Denial of Service vulnerability, plus more bug fixes from upstream. More details available at: http://wiki.apache.org/spamassassin/NextRelease http://www.linuxsecurity.com/content/view/119333 * Fedora Core 3 Update: gaim-1.3.1-0.fc3 16th, June, 2005 More bug and denial of service fixes. http://www.linuxsecurity.com/content/view/119334 * Fedora Core 4 Update: gaim-1.3.1-0.fc4 16th, June, 2005 More bug and denial of service fixes. http://www.linuxsecurity.com/content/view/119335 * Fedora Core 4 Update: ruby-1.8.2-7.fc4.1 16th, June, 2005 Updated package. http://www.linuxsecurity.com/content/view/119338 * Fedora Core 3 Update: ruby-1.8.2-1.fc3.2 16th, June, 2005 Updated package. http://www.linuxsecurity.com/content/view/119339 * Fedora Core 4 Update: arts-1.4.1-0.fc4.1 17th, June, 2005 Updated package. http://www.linuxsecurity.com/content/view/119342 * Fedora Core 4 Update: kdelibs-3.4.1-0.fc4.1 17th, June, 2005 Updated package. http://www.linuxsecurity.com/content/view/119343 * Fedora Core 4 Update: kdebase-3.4.1-0.fc4.1 17th, June, 2005 Updated package. http://www.linuxsecurity.com/content/view/119344 * Fedora Core 4 Update: kdemultimedia-3.4.1-0.fc4.1 17th, June, 2005 Updated package. http://www.linuxsecurity.com/content/view/119345 * Fedora Core 4 Update: kdesdk-3.4.1-0.fc4.1 17th, June, 2005 Updated package. http://www.linuxsecurity.com/content/view/119346 * Fedora Core 4 Update: kdeaccessibility-3.4.1-0.fc4.1 17th, June, 2005 Updated package. http://www.linuxsecurity.com/content/view/119347 * Fedora Core 4 Update: kdeaddons-3.4.1-0.fc4.1 17th, June, 2005 Updated package. http://www.linuxsecurity.com/content/view/119348 * Fedora Core 4 Update: kdeartwork-3.4.1-0.fc4.1 17th, June, 2005 Updated package. http://www.linuxsecurity.com/content/view/119349 * Fedora Core 4 Update: kdebindings-3.4.1-0.fc4.1 17th, June, 2005 Updated package. http://www.linuxsecurity.com/content/view/119350 * Fedora Core 4 Update: kdeedu-3.4.1-0.fc4.1 17th, June, 2005 Updated package. http://www.linuxsecurity.com/content/view/119351 * Fedora Core 4 Update: kdegames-3.4.1-0.fc4.1 17th, June, 2005 Updated package. http://www.linuxsecurity.com/content/view/119352 * Fedora Core 4 Update: kdegraphics-3.4.1-0.fc4.1 17th, June, 2005 Updated package. http://www.linuxsecurity.com/content/view/119353 * Fedora Core 4 Update: kdenetwork-3.4.1-0.fc4.1 17th, June, 2005 Updated package. http://www.linuxsecurity.com/content/view/119354 * Fedora Core 4 Update: kdepim-3.4.1-0.fc4.2 17th, June, 2005 Updated package. http://www.linuxsecurity.com/content/view/119355 * Fedora Core 4 Update: kdeutils-3.4.1-0.fc4.1 17th, June, 2005 Updated package. http://www.linuxsecurity.com/content/view/119356 * Fedora Core 4 Update: kdevelop-3.2.1-0.fc4.1 17th, June, 2005 Updated package. http://www.linuxsecurity.com/content/view/119357 * Fedora Core 4 Update: kdewebdev-3.4.1-0.fc4.1 17th, June, 2005 Updated package. http://www.linuxsecurity.com/content/view/119358 * Fedora Core 4 Update: kdeadmin-3.4.1-0.fc4.1 17th, June, 2005 Updated package. http://www.linuxsecurity.com/content/view/119359 * Fedora Core 4 Update: kde-i18n-3.4.1-0.fc4.1 17th, June, 2005 Updated package. http://www.linuxsecurity.com/content/view/119360 * Fedora Core 4 Update: util-linux-2.12p-9.5 17th, June, 2005 Updated package. http://www.linuxsecurity.com/content/view/119363 * Fedora Core 4 Update: sudo-1.6.8p8-2.1 17th, June, 2005 Updated package. http://www.linuxsecurity.com/content/view/119364 * Fedora Core 4 Update: gawk-3.1.4-5.2 17th, June, 2005 Updated package. http://www.linuxsecurity.com/content/view/119365 * Fedora Core 3 Update: util-linux-2.12a-24.3 17th, June, 2005 Updated package. http://www.linuxsecurity.com/content/view/119366 * Fedora Core 4 Update: mc-4.6.1a-0.10.FC4 20th, June, 2005 Updated package. http://www.linuxsecurity.com/content/view/119373 * Fedora Core 4 Update: pilot-link-0.12.0-0.pre3.0.fc4.1 20th, June, 2005 Updated package. http://www.linuxsecurity.com/content/view/119374 * Fedora Core 4 Update: selinux-policy-targeted-1.23.18-12 20th, June, 2005 Updated package. http://www.linuxsecurity.com/content/view/119375 * Fedora Core 4 Update: alsa-lib-1.0.9rf-2.FC4 21st, June, 2005 Updated package. http://www.linuxsecurity.com/content/view/119377 * Fedora Core 4 Update: alsa-utils-1.0.9rf-2.FC4 21st, June, 2005 Updated package. http://www.linuxsecurity.com/content/view/119378 * Fedora Core 4 Update: system-config-soundcard-1.2.12-2 21st, June, 2005 Updated package. http://www.linuxsecurity.com/content/view/119379 * Fedora Core 4 Update: jpilot-0.99.8-0.pre9.fc4.1 21st, June, 2005 This is new upstream version which is compatible with new fc4 pilot-link version. http://www.linuxsecurity.com/content/view/119380 * Fedora Core 3 Update: ruby-1.8.2-1.fc3.3 21st, June, 2005 Updated package. http://www.linuxsecurity.com/content/view/119385 * Fedora Core 4 Update: ruby-1.8.2-7.fc4.2 21st, June, 2005 Updated package. http://www.linuxsecurity.com/content/view/119386 * Fedora Core 4 Update: ImageMagick-6.2.2.0-3.fc4.0 21st, June, 2005 The package version numbers of the ImageMagick package could cause upgrades from FC3 to FC4 to miss the newer ImageMagick package in FC4. http://www.linuxsecurity.com/content/view/119387 * Fedora Core 3 Update: sudo-1.6.7p5-30.3 21st, June, 2005 Updated package. http://www.linuxsecurity.com/content/view/119388 * Fedora Core 4 Update: sudo-1.6.8p8-2.2 21st, June, 2005 Updated package. http://www.linuxsecurity.com/content/view/119389 * Fedora Core 4 Update: hwdata-0.158.1-1 22nd, June, 2005 This update adds the hisax modules to the hotplug blacklist; this ensures they aren't loaded at boot, so that the ISDN script can load them. This works around the problems created by the ISDN module configuration parameters being written to /etc/sysconfig/isdncard instead of /etc/modprobe.conf. http://www.linuxsecurity.com/content/view/119399 Distribution: Gentoo * Gentoo: webapp-config Insecure temporary file handling 17th, June, 2005 The webapp-config utility insecurely creates temporary files in a world writable directory, potentially allowing the execution of arbitrary commands. http://www.linuxsecurity.com/content/view/119341 * Gentoo: Sun and Blackdown Java Applet privilege escalation 19th, June, 2005 Sun's and Blackdown's JDK or JRE may allow untrusted applets to elevate their privileges. http://www.linuxsecurity.com/content/view/119367 * Gentoo: PeerCast Format string vulnerability 19th, June, 2005 PeerCast suffers from a format string vulnerability that could allow arbitrary code execution. http://www.linuxsecurity.com/content/view/119368 * Gentoo: cpio Directory traversal vulnerability 19th, June, 2005 cpio contains a flaw which may allow a specially crafted cpio archive to extract files to an arbitrary directory. http://www.linuxsecurity.com/content/view/119370 * Gentoo: SpamAssassin 3, Vipul's Razor Denial of Service vulnerability 21st, June, 2005 SpamAssassin and Vipul's Razor are vulnerable to a Denial of Service attack when handling certain malformed messages. http://www.linuxsecurity.com/content/view/119376 * Gentoo: Tor Information disclosure 21st, June, 2005 A flaw in Tor may allow the disclosure of arbitrary memory portions. http://www.linuxsecurity.com/content/view/119390 * Gentoo: SquirrelMail Several XSS vulnerabilities 21st, June, 2005 Squirrelmail is vulnerable to several cross-site scripting vulnerabilities which could lead to a compromise of webmail accounts. http://www.linuxsecurity.com/content/view/119391 * Gentoo: Cacti Several vulnerabilities 22nd, June, 2005 Cacti is vulnerable to several SQL injection and file inclusion vulnerabilities. http://www.linuxsecurity.com/content/view/119396 * Gentoo: Trac File upload vulnerability 22nd, June, 2005 Trac may allow remote attackers to upload files, possibly leading to the execution of arbitrary code. http://www.linuxsecurity.com/content/view/119398 * Gentoo: sudo Arbitrary command execution 23rd, June, 2005 A vulnerability in sudo may allow local users to elevate privileges. http://www.linuxsecurity.com/content/view/119400 Distribution: Red Hat * RedHat: Low: bzip2 security update 16th, June, 2005 Updated bzip2 packages that fix multiple issues are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/119329 * RedHat: Moderate: mc security update 16th, June, 2005 Updated mc packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/119330 * RedHat: Moderate: gaim security update 16th, June, 2005 An updated gaim package that fixes two denial of service issues is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. http://www.linuxsecurity.com/content/view/119331 |
All times are GMT -5. The time now is 10:12 PM. |