Internet Security Summary 0607
Internet Security Summary 0607
Opera Software has released a new version of their popular browser,which corrects several vulnerabilities.
Additional details can be found in the referenced Secunia advisories
below.
This Weeks Top Ten Most Read Advisories:
1. [SA15870] Opera Download Dialog Spoofing Vulnerability
2. [SA15756] Opera Image Dragging Vulnerability
3. [SA16272] Cisco IOS IPv6 Packet Handling Vulnerability
4. [SA16256] Microsoft Office Insecure Shared Section Permissions
5. [SA16245] Sophos Anti-Virus Unspecified Buffer Overflow
Vulnerability
6. [SA15601] Mozilla / Mozilla Firefox Frame Injection Vulnerability
7. [SA16271] Linksys WRT54G Router Common SSL Private Key Disclosure
8. [SA12758] Microsoft Word Document Parsing Buffer Overflow
Vulnerabilities
9. [SA16267] Novell eDirectory NMAS Password Challenge Bypass
10. [SA16255] MySQL Eventum PEAR XML_RPC PHP Code Execution
Vulnerability
4) Vulnerabilities Summary Listing
Windows:
[SA16314] Naxtor e-directory Cross-Site Scripting and SQL Injection
[SA16308] Sacrifice Format String and Buffer Overflow Vulnerabilities
[SA16306] BusinessMail SMTP Denial of Service Vulnerability
[SA16282] Business Objects Enterprise / Crystal Reports Denial of
Service
[SA16268] Thomson Web Skill Vantage Manager SQL Injection
[SA16258] nProtect Personal OnlineScan Arbitrary File Download
[SA16264] Easy PX 41 CMS Cross-Site Scripting and Information
Disclosure
[SA16283] Microsoft ActiveSync Denial of Service and Equipment ID
Enumeration
[SA16289] Trillian Exposure of User Credentials
UNIX/Linux:
[SA16327] Debian apt-cacher Unspecified Arbitrary Command Execution
[SA16326] Mandriva update for mozilla
[SA16307] Gentoo update for Compress-Zlib
[SA16302] Ubuntu update for
mozilla-thunderbird/mozilla-thunderbird-enigmail
[SA16296] Conectiva update for clamav
[SA16290] Trustix update for multiple packages
[SA16284] Gentoo update for emul-linux-x86-baselibs
[SA16276] Fedora update for ethereal
[SA16257] SUSE Updates for Multiple Packages
[SA16324] Gentoo update for nbsmtp
[SA16305] Gentoo update for pstotext
[SA16304] MySQL Eventum Cross-Site Scripting and SQL Injection
[SA16303] Debian update for pdns
[SA16293] Slackware update for telnet
[SA16291] jabberd "jid.c" Buffer Overflow Vulnerabilities
[SA16288] Gentoo update for ProFTPD
[SA16279] no-brainer SMTP Client "log_msg" Format String Vulnerability
[SA16261] Mandriva update for fetchmail
[SA16299] Fedora update for httpd
[SA16266] Ubuntu update for libtiff4
[SA16259] HP NonStop Server DCE Core Services Denial of Service
[SA16278] Avaya CMS / IR Solaris Runtime Linker Vulnerability
[SA16277] Debian update for gopher
[SA16275] UMN Gopher Insecure Temporary File Creation
[SA16269] Debian update for gaim
[SA16265] Gaim libgadu Memory Alignment Weakness
[SA16309] UnZip File Permissions Change Vulnerability
Other:
[SA16272] Cisco IOS IPv6 Packet Handling Vulnerability
[SA16271] Linksys WRT54G Router Common SSL Private Key Disclosure
Cross Platform:
[SA16319] Karrigell Python Namespace Exposure Vulnerability
[SA16273] Simplicity oF Upload "language" File Inclusion Vulnerability
[SA16260] PHPmyGallery "confdir" File Inclusion Vulnerability
[SA16323] nCipher CHIL Random Cache Inheritance Security Issue
[SA16318] Metasploit Framework "defanged" Mode Bypass Vulnerability
[SA16312] PHPFreeNews Unspecified Vulnerabilities
[SA16300] FlexPHPNews Multiple Vulnerabilities
[SA16287] Ragnarok Online Control Panel Authentication Bypass
Vulnerability
[SA16286] Kayako LiveResponse Multiple Vulnerabilities
[SA16262] Naxtor Shopping Cart Cross-Site Scripting and SQL Injection
[SA16316] BrightStor ARCserve Backup Agents Buffer Overflow
Vulnerability
[SA16267] Novell eDirectory NMAS Password Challenge Bypass
[SA16311] AderSoftware CFBB "page" Cross-Site Scripting
[SA16292] ChurchInfo SQL Injection Vulnerabilities
[SA16270] UNG "name" and "email" Mail Header Injection
[SA16263] Website Baker Cross-Site Scripting and File Upload
Vulnerabilities
[SA16274] phplist "id" SQL Injection Vulnerability
5) Vulnerabilities Content Listing
Windows:
[SA16314] Naxtor e-directory Cross-Site Scripting and SQL Injection
Critical: Highly critical
Where: From remote
Impact: Security Bypass, Cross Site Scripting, Manipulation of
data, System access
basher13 has reported some vulnerabilities in Naxtor e-directory, which
can be exploited by malicious people to conduct cross-site scripting and
SQL injection attacks and potentially compromise a vulnerable system.
[SA16308] Sacrifice Format String and Buffer Overflow Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: DoS, System access
Luigi Auriemma has reported two vulnerabilities in Sacrifice, which
potentially can be exploited by malicious people to compromise a
vulnerable system.
[SA16306] BusinessMail SMTP Denial of Service Vulnerability
Critical: Moderately critical
Where: From remote
Impact: DoS
Reed Arvin has discovered a vulnerability in BusinessMail, which can be
exploited by malicious people to cause a DoS (Denial of Service).
[SA16282] Business Objects Enterprise / Crystal Reports Denial of
Service
Critical: Moderately critical
Where: From remote
Impact: DoS
A vulnerability has been reported in Business Objects Enterprise and
Crystal Reports Server, which can be exploited by malicious people to
cause a DoS (Denial of Service).
[SA16268] Thomson Web Skill Vantage Manager SQL Injection
Critical: Moderately critical
Where: From remote
Impact: Security Bypass, Manipulation of data
Walter Sobchak has reported a vulnerability in Thomson Web Skill
Vantage Manager, which can be exploited by malicious people to conduct
SQL injection attacks.
[SA16258] nProtect Personal OnlineScan Arbitrary File Download
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data, System access
Park Gyu Tae and Neo have reported in a vulnerability in nProtect
Personal OnlineScan, which potentially can be exploited by malicious
people to compromise a vulnerable system.
[SA16264] Easy PX 41 CMS Cross-Site Scripting and Information
Disclosure
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting, Exposure of system information,
Exposure of sensitive information
FalconDeOro has reported some vulnerabilities in Easy PX 41 CMS, which
can be exploited by malicious people to conduct cross-site scripting
attacks and disclose various information.
[SA16283] Microsoft ActiveSync Denial of Service and Equipment ID
Enumeration
Critical: Less critical
Where: From local network
Impact: Exposure of system information, Exposure of sensitive
information, DoS
Seth Fogie has reported two vulnerabilities in Microsoft ActiveSync,
which can be exploited by malicious people to cause a DoS (Denial of
Service) and enumerate valid equipment IDs.
[SA16289] Trillian Exposure of User Credentials
Critical: Less critical
Where: Local system
Impact: Exposure of sensitive information
Suramya Tomar has discovered a security issue in Trillian, which can be
exploited by malicious, local users to gain knowledge of sensitive
information.
UNIX/Linux:
[SA16327] Debian apt-cacher Unspecified Arbitrary Command Execution
Critical: Highly critical
Where: From remote
Impact: System access
Eduard Bloch has reported a vulnerability in apt-cacher, which
potentially can be exploited by malicious people to compromise a
vulnerable system.
[SA16326] Mandriva update for mozilla
Critical: Highly critical
Where: From remote
Impact: System access, Spoofing, Cross Site Scripting, Security
Bypass
Mandriva has issued an update for mozilla. This fixes some
vulnerabilities, which can be exploited by malicious people to bypass
certain security restrictions, conduct cross-site scripting and
spoofing attacks, and compromise a user's system.
[SA16307] Gentoo update for Compress-Zlib
Critical: Highly critical
Where: From remote
Impact: System access, DoS
Gentoo has issued an update for Compress-Zlib. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service) or potentially compromise a vulnerable system.
[SA16302] Ubuntu update for
mozilla-thunderbird/mozilla-thunderbird-enigmail
Critical: Highly critical
Where: From remote
Impact: Security Bypass, Cross Site Scripting, Exposure of system
information, Exposure of sensitive information, System access
Ubuntu has issued updates for mozilla-thunderbird and
mozilla-thunderbird-enigmail. These fix some vulnerabilities, which can
be exploited by malicious people to bypass certain security
restrictions, gain knowledge of potentially sensitive information,
conduct cross-site scripting attacks and compromise a user's system.
[SA16296] Conectiva update for clamav
Critical: Highly critical
Where: From remote
Impact: DoS, System access
Conectiva has issued an update for clamav. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service) or compromise a vulnerable system.
[SA16290] Trustix update for multiple packages
Critical: Highly critical
Where: From remote
Impact: Security Bypass, Cross Site Scripting, Manipulation of
data, Exposure of sensitive information, Privilege escalation, DoS,
System access
Trustix has issued various updated packages. These fix some
vulnerabilities, which can be exploited by malicious, local users to
gain escalated privileges, by malicious users to cause a DoS (Denial of
Service), or by malicious people to gain knowledge of sensitive
information, conduct HTTP request smuggling attacks, or compromise a
vulnerable system,
[SA16284] Gentoo update for emul-linux-x86-baselibs
Critical: Highly critical
Where: From remote
Impact: DoS, System access
Gentoo has issued an update for emul-linux-x86-baselibs. This fixes
some vulnerabilities, which can be exploited by malicious people to
cause a DoS (Denial of Service) or potentially compromise a vulnerable
system.
[SA16276] Fedora update for ethereal
Critical: Highly critical
Where: From remote
Impact: DoS, System access
Fedora has issued an update for ethereal. This fixes multiple
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service) or compromise a vulnerable system.
[SA16257] SUSE Updates for Multiple Packages
Critical: Highly critical
Where: From remote
Impact: Security Bypass, Cross Site Scripting, Spoofing,
Manipulation of data, Exposure of sensitive information, DoS, System
access
SUSE has issued updates for multiple packages. These fix various
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service), conduct HTTP request smuggling, spoofing and
cross-site scripting attacks, bypass certain security restrictions,
disclose and manipulate sensitive information, and compromise a
vulnerable system.
[SA16324] Gentoo update for nbsmtp
Critical: Moderately critical
Where: From remote
Impact: DoS, System access
Gentoo has issued an update for nbsmtp. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
vulnerable system.
[SA16305] Gentoo update for pstotext
Critical: Moderately critical
Where: From remote
Impact: System access
Gentoo has issued an update for pstotext. This fixes a vulnerability,
which can be exploited by malicious people to compromise a vulnerable
system.
[SA16304] MySQL Eventum Cross-Site Scripting and SQL Injection
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting, Manipulation of data
James Bercegay has reported some vulnerabilities in MySQL Eventum,
which can be exploited by malicious people to conduct cross-site
scripting and SQL injection attacks.
[SA16303] Debian update for pdns
Critical: Moderately critical
Where: From remote
Impact: DoS
Debian has issued an update for pdns. This fixes two vulnerabilities,
which can be exploited by malicious people to cause a DoS (Denial of
Service).
[SA16293] Slackware update for telnet
Critical: Moderately critical
Where: From remote
Impact: System access
Slackware has issued an update for telnet. This fixes two
vulnerabilities, which can be exploited by malicious people to
compromise a user's system.
[SA16291] jabberd "jid.c" Buffer Overflow Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: DoS, System access
Michael has reported some vulnerabilities in jabberd, which potentially
can be exploited by malicious users to compromise a vulnerable system.
[SA16288] Gentoo update for ProFTPD
Critical: Moderately critical
Where: From remote
Impact: Exposure of sensitive information, DoS, System access
Gentoo has issued an update for ProFTPD. This fixes two
vulnerabilities, which can be exploited by malicious users to disclose
certain sensitive information, cause a DoS (Denial of Service), or
potentially compromise a vulnerable system.
[SA16279] no-brainer SMTP Client "log_msg" Format String Vulnerability
Critical: Moderately critical
Where: From remote
Impact: DoS, System access
A vulnerability has been reported in no-brainer SMTP client, which
potentially can be exploited by malicious people to compromise a
vulnerable system.
[SA16261] Mandriva update for fetchmail
Critical: Moderately critical
Where: From remote
Impact: System access
Mandriva has issued an update for fetchmail. This fixes a
vulnerability, which can be exploited by malicious people to compromise
a vulnerable system.
[SA16299] Fedora update for httpd
Critical: Less critical
Where: From remote
Impact: Security Bypass, Cross Site Scripting, Manipulation of
data, DoS
Fedora has issued an update for httpd. This fixes two vulnerabilities,
which can be exploited by malicious people to potentially cause a DoS
(Denial of Service) and conduct HTTP request smuggling attacks.
[SA16266] Ubuntu update for libtiff4
Critical: Less critical
Where: From remote
Impact: DoS
Ubuntu has issued an update for libtiff4. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).
[SA16259] HP NonStop Server DCE Core Services Denial of Service
Critical: Less critical
Where: From local network
Impact: DoS
A vulnerability has been reported in HP NonStop Server, which can be
exploited by malicious people to cause a DoS (Denial of Service).
[SA16278] Avaya CMS / IR Solaris Runtime Linker Vulnerability
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Avaya has acknowledged a vulnerability in CMS and IR, which can be
exploited by malicious, local users to gain escalated privileges.
[SA16277] Debian update for gopher
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Debian has issued an update for gopher. This fixes a vulnerability,
which can be exploited by malicious, local users to perform certain
actions on a vulnerable system with escalated privileges.
[SA16275] UMN Gopher Insecure Temporary File Creation
Critical: Less critical
Where: Local system
Impact: Privilege escalation
John Goerzen has reported a vulnerability in gopher, which can be
exploited by malicious, local users to perform certain actions on a
vulnerable system with escalated privileges.
[SA16269] Debian update for gaim
Critical: Not critical
Where: From remote
Impact: DoS
Debian has issued an update for gaim. This fixes a weakness, which
potentially can be exploited by malicious people to cause a DoS (Denial
of Service).
[SA16265] Gaim libgadu Memory Alignment Weakness
Critical: Not critical
Where: From remote
Impact: DoS
A weakness has been reported in Gaim, which potentially can be
exploited by malicious people to cause a DoS (Denial of Service).
[SA16309] UnZip File Permissions Change Vulnerability
Critical: Not critical
Where: Local system
Impact: Privilege escalation
Imran Ghory has reported a vulnerability in unzip, which can be
exploited by malicious, local users to perform certain actions on a
vulnerable system with escalated privileges.
Other:
[SA16272] Cisco IOS IPv6 Packet Handling Vulnerability
Critical: Moderately critical
Where: From local network
Impact: DoS, System access
A vulnerability has been reported in Ciso IOS, which can be exploited
by malicious people to cause a DoS (Denial of Service) or potentially
compromise a vulnerable network device.
[SA16271] Linksys WRT54G Router Common SSL Private Key Disclosure
Critical: Less critical
Where: From local network
Impact: Exposure of sensitive information
Nick Simicich has reported a security issue in WRT54G, which
potentially can be exploited by malicious people to gain knowledge of
certain sensitive information.
Cross Platform:
[SA16319] Karrigell Python Namespace Exposure Vulnerability
Critical: Highly critical
Where: From remote
Impact: DoS, System access
Radovan Garabik has reported a vulnerability in Karrigell, which can be
exploited by malicious people to cause a DoS (Denial of Service) or
potentially compromise a vulnerable system.
[SA16273] Simplicity oF Upload "language" File Inclusion Vulnerability
Critical: Highly critical
Where: From remote
Impact: System access
rgod has reported a vulnerability in Simplicity oF Upload, which can be
exploited by malicious people to compromise a vulnerable system.
[SA16260] PHPmyGallery "confdir" File Inclusion Vulnerability
Critical: Highly critical
Where: From remote
Impact: System access
Securitysos Inc. has reported a vulnerability in PHPmyGallery, which
can be exploited by malicious people to compromise a vulnerable
system.
[SA16323] nCipher CHIL Random Cache Inheritance Security Issue
Critical: Moderately critical
Where: From remote
Impact: Unknown
A security issue has been reported in nCipher CHIL (Cryptographic
Hardware Interface Library), which may result in a program generating
the same random bytes in all child processes for a certain period of
time.
[SA16318] Metasploit Framework "defanged" Mode Bypass Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Security Bypass
Dino Dai Zovi has reported a vulnerability in Metasploit Framework,
which can be exploited by malicious people to bypass certain security
restrictions.
[SA16312] PHPFreeNews Unspecified Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Unknown
Some unspecified vulnerabilities with unknown impacts have been
reported in PHPFreeNews.
[SA16300] FlexPHPNews Multiple Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Security Bypass, Cross Site Scripting, Manipulation of
data, Exposure of system information, DoS
rgod has reported some vulnerabilities in FlexPHPNews, which can be
exploited by malicious people to cause a DoS (Denial of Service), or
conduct cross-site scripting and SQL injection attacks.
[SA16287] Ragnarok Online Control Panel Authentication Bypass
Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Security Bypass
VaLiuS has reported a vulnerability in Ragnarok Online Control Panel,
which can be exploited by malicious people to bypass certain security
restrictions.
[SA16286] Kayako LiveResponse Multiple Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting, Manipulation of data, Exposure of
system information
James Bercegay has reported some vulnerabilities in Kayako
LiveResponse, which can be exploited by malicious people to conduct
cross-site scripting, script insertion, and SQL injection attacks.
[SA16262] Naxtor Shopping Cart Cross-Site Scripting and SQL Injection
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting, Manipulation of data
John Cobb has reported some vulnerabilities in Naxtor Shopping Cart,
which can be exploited by malicious people to conduct cross-site
scripting and SQL injection attacks.
[SA16316] BrightStor ARCserve Backup Agents Buffer Overflow
Vulnerability
Critical: Moderately critical
Where: From local network
Impact: System access
A vulnerability has been reported in BrightStor ARCserve Backup, which
can be exploited by malicious people to compromise a vulnerable
system.
[SA16267] Novell eDirectory NMAS Password Challenge Bypass
Critical: Moderately critical
Where: From local network
Impact: Security Bypass
A security issue has been reported in Novell eDirectory, which can be
exploited by malicious people to bypass certain security restrictions.
[SA16311] AderSoftware CFBB "page" Cross-Site Scripting
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
rUnViRuS has reported a vulnerability in AderSoftware CFBB, which can
be exploited by malicious people to conduct cross-site scripting
attacks.
[SA16292] ChurchInfo SQL Injection Vulnerabilities
Critical: Less critical
Where: From remote
Impact: Manipulation of data, Exposure of system information
thegreatone2176 has discovered some vulnerabilities in ChurchInfo,
which can be exploited by malicious users to conduct SQL injection
attacks.
[SA16270] UNG "name" and "email" Mail Header Injection
Critical: Less critical
Where: From remote
Impact: Manipulation of data
A vulnerability has been reported in UNG, which can be exploited by
malicious people to inject arbitrary mail headers.
[SA16263] Website Baker Cross-Site Scripting and File Upload
Vulnerabilities
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting, Exposure of system information,
System access
thegreatone2176 has discovered some vulnerabilities in Website Baker,
which can be exploited by malicious people to conduct cross-site
scripting attacks and by malicious users to compromise a vulnerable
system.
[SA16274] phplist "id" SQL Injection Vulnerability
Critical: Not critical
Where: From remote
Impact: Manipulation of data
thegreatone2176 has discovered a vulnerability in phplist, which can be
exploited by malicious users to conduct SQL injection attacks.
