Secunia Security Summary m34
Secunia Security Summary m34
This Week in Brief:Colin Percival has reported a vulnerability in various operating
systems supporting Intel's Hyper-Threading Technology (HTT), which can
be exploited by malicious, local users to gain knowledge of sensitive
information.
More information can be found in referenced Secunia advisories below.
This Weeks Top Ten Most Read Advisories:
1. [SA15292] Mozilla Firefox Two Vulnerabilities
2. [SA12979] Mozilla Firefox Download Dialog Spoofing Vulnerabilities
3. [SA15310] iTunes MPEG-4 File Parsing Buffer Overflow Vulnerability
4. [SA14820] Mozilla Firefox JavaScript Engine Information Disclosure Vulnerability
5. [SA15348] FreeBSD Hyper-Threading Support Information Disclosure
6. [SA15341] Linux Kernel ELF Core Dump Privilege Escalation
Vulnerability
7. [SA12758] Microsoft Word Document Parsing Buffer Overflow
Vulnerabilities
8. [SA15340] EnCase Device Configuration Overlay Data Acquisition
Weakness
9. [SA15017] Microsoft Windows Explorer Web View Script Insertion
Vulnerability
10. [SA15327] phpBB Attachment Mod Module Unspecified Realname
Vulnerability
Vulnerabilities Summary Listing
Windows:
[SA15397] DotNetNuke Script Insertion Vulnerabilities
[SA15379] Sigma ISP Manager SQL Injection Vulnerabilities
[SA15363] War Times Nickname Handling Denial of Service Vulnerability
[SA15362] ImageGallery system Exposure of User Credentials
[SA15394] Fastream NETFile FTP/Web Server FTP Bounce Vulnerability
[SA15374] Ultimate Forum Exposure of Encrypted User Credentials
[SA15373] GA's Guest Book Exposure of Sensitive Information
UNIX/Linux:
[SA15407] Red Hat update for kdelibs
[SA15387] Pico Server Multiple Vulnerabilities
[SA15376] Gentoo update for Mozilla / Mozilla Firefox
[SA15370] Conectiva update for kde
[SA15367] Mandriva update for mozilla
[SA15358] Mandriva update for kdelibs
[SA15357] Mandriva update for gaim
[SA15350] Red Hat update for openmotif
[SA15408] Red Hat update for cyrus-imapd
[SA15399] iControl Services Manager Multiple Vulnerabilities
[SA15398] SCO OpenServer update for telnet
[SA15389] Slackware update for mozilla
[SA15388] ignitionServer Access Entry Deletion and Channel Locking
Vulnerabilities
[SA15381] Fedora update for squid
[SA15359] Mandriva update for gnutls
[SA15351] Ubuntu update for gnutls
[SA15380] Trustix update for postgresql
[SA15375] Gentoo update for postgresql
[SA15404] Gentoo update for freeradius
[SA15403] Ubuntu update for nasm
[SA15390] Slackware update for ncftp
[SA15378] Gentoo update for phpBB
[SA15364] Slackware update for gaim
[SA15361] FreeRADIUS Potential SQL Injection and Buffer Overflow
Vulnerabilities
[SA15356] Mandriva update for tcpdump
[SA15352] NASM "ieee_putascii()" Buffer Overflow Vulnerability
[SA15383] Trustix update for squid
[SA15406] Red Hat update for ncpfs
[SA15392] Linux Kernel pktcdvd and raw device Block Device
Vulnerabilities
[SA15386] Cheetah Insecure Module Importing Vulnerability
[SA15384] Avaya CMS/IR Network Port Hijacking Vulnerability
[SA15382] Trustix update for kernel
[SA15366] Avaya CMS/IR Xsun and Xprt Server Font Handling
Vulnerabilities
[SA15365] IBM HTTP Server "mod_include" Vulnerability
[SA15354] cdrdao Unspecified Privilege Escalation Vulnerability
[SA15348] FreeBSD Hyper-Threading Support Information Disclosure
Other:
[SA15349] Cisco Firewall Services Module TCP Packet URL Filtering
Bypass
Cross Platform:
[SA15410] eDMS Multiple Unspecified Vulnerabilities
[SA15405] Serendipity File Upload and Cross-Site Scripting
Vulnerabilities
[SA15401] Help Center Live Multiple Vulnerabilities
[SA15396] Woltlab Burning Board JGS-Portal SQL Injection
Vulnerabilities
[SA15395] Woltlab Burning Board "email" SQL Injection Vulnerability
[SA15391] PostNuke "func" Local File Inclusion Vulnerability
[SA15385] NPDS Cross-Site Scripting and SQL Injection Vulnerabilities
[SA15377] Skull-Splitter's PHP Guestbook Script Insertion
Vulnerability
[SA15371] SafeHTML "_writeAttrs()" Quote Handling Security Bypass
[SA15360] Kerio MailServer Two Denial of Service Vulnerabilities
[SA15355] Bug Report Script Insertion Vulnerability
[SA15353] Direct Topics Script Insertion and SQL Injection
[SA15400] Shop-Script FREE "categoryID" and "productID" SQL Injection
Vulnerabilities Content Listing
Windows:
[SA15397] DotNetNuke Script Insertion Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting
Released: 2005-05-17
Mark Woan has reported some vulnerabilities in DotNetNuke, which can be
exploited by malicious people to conduct script insertion attacks.
[SA15379] Sigma ISP Manager SQL Injection Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2005-05-17
last samurai has reported some vulnerabilities in Sigma ISP Manager,
which can be exploited by malicious people to conduct SQL injection
attacks.
[SA15363] War Times Nickname Handling Denial of Service Vulnerability
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2005-05-17
Luigi Auriemma has reported a vulnerability in War Times, which can be
exploited by malicious users to cause a DoS (Denial of Service).
[SA15362] ImageGallery system Exposure of User Credentials
Critical: Moderately critical
Where: From remote
Impact: Exposure of sensitive information
Released: 2005-05-17
g0rellazz G0r has reported a security issue in ImageGallery system,
which can be exploited by malicious people to disclose sensitive
information.
[SA15394] Fastream NETFile FTP/Web Server FTP Bounce Vulnerability
Critical: Less critical
Where: From remote
Impact: Security Bypass
Released: 2005-05-17
Tan Chew Keong has reported a vulnerability in Fastream NETFile FTP/Web
Server, which potentially can be exploited by malicious users to bypass
certain security restrictions.
[SA15374] Ultimate Forum Exposure of Encrypted User Credentials
Critical: Less critical
Where: From remote
Impact: Exposure of sensitive information
Released: 2005-05-17
eric basher has reported a security issue in Ultimate Forum, which can
be exploited by malicious people to disclose sensitive information.
[SA15373] GA's Guest Book Exposure of Sensitive Information
Critical: Less critical
Where: From remote
Impact: Exposure of sensitive information
Released: 2005-05-17
eric basher has reported a security issue in GA's Guest Book, which can
be exploited by malicious people to disclose sensitive information.
UNIX/Linux:
[SA15407] Red Hat update for kdelibs
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2005-05-18
Red Hat has issued an update for kdelibs. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
vulnerable system.
[SA15387] Pico Server Multiple Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: Exposure of sensitive information, System access
Released: 2005-05-17
RedTeam has reported some vulnerabilities Pico Server, which can be
exploited by malicious, local users to gain knowledge of sensitive
information, or by malicious people to gain knowledge of potentially
sensitive information or compromise a vulnerable system.
[SA15376] Gentoo update for Mozilla / Mozilla Firefox
Critical: Highly critical
Where: From remote
Impact: Cross Site Scripting, System access
Released: 2005-05-16
Gentoo has issued an update for Mozilla / Mozilla Firefox. This fixes
two vulnerabilities, which can be exploited by malicious people to
conduct cross-site scripting attacks and compromise a user's system.
[SA15370] Conectiva update for kde
Critical: Highly critical
Where: From remote
Impact: Spoofing, Privilege escalation, DoS, System access
Released: 2005-05-17
Conectiva has issued an update for kde. This fixes multiple
vulnerabilities, which can be exploited to cause a DoS (Denial of
Service), gain escalated privileges, spoof the URL displayed in the
address bar and status bar, or compromise a vulnerable system.
[SA15367] Mandriva update for mozilla
Critical: Highly critical
Where: From remote
Impact: Security Bypass, Cross Site Scripting, Manipulation of
data, Exposure of sensitive information, System access
Released: 2005-05-16
Mandriva has issued updates for mozilla. These fix some
vulnerabilities, which can be exploited by malicious people to conduct
cross-site scripting attacks, bypass certain security restrictions,
gain knowledge of potentially sensitive information and compromise a
user's system.
[SA15358] Mandriva update for kdelibs
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2005-05-13
Mandriva has issued an update for kdelibs. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
vulnerable system.
[SA15357] Mandriva update for gaim
Critical: Highly critical
Where: From remote
Impact: DoS, System access
Released: 2005-05-13
Mandriva has issued an update for gaim. This fixes a vulnerability and
a weakness, which can be exploited by malicious people to cause a DoS
(Denial of Service) or compromise a user's system.
[SA15350] Red Hat update for openmotif
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2005-05-12
Red Hat has issued an update for openmotif. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
vulnerable system.
[SA15408] Red Hat update for cyrus-imapd
Critical: Moderately critical
Where: From remote
Impact: DoS, System access
Released: 2005-05-18
Red Hat has issued an update for cyrus-imapd. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service) and potentially compromise a vulnerable
system.
[SA15399] iControl Services Manager Multiple Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: DoS, System access
Released: 2005-05-18
F5 Networks have acknowledged multiple vulnerabilities in iControl
Services Manager, which can be exploited by malicious, local users to
cause a DoS (Denial of Service) or malicious people to potentially
compromise a vulnerable system.
[SA15398] SCO OpenServer update for telnet
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2005-05-18
SCO has issued an update for telnet. This fixes two vulnerabilities,
which can be exploited by malicious people to compromise a user's
system.
[SA15389] Slackware update for mozilla
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting
Released: 2005-05-16
Slackware has issued an update for mozilla. This fixes a vulnerability,
which can be exploited by malicious people to conduct cross-site
scripting attacks.
[SA15388] ignitionServer Access Entry Deletion and Channel Locking
Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Security Bypass, DoS
Released: 2005-05-17
Two vulnerabilities have been reported in ignitionServer, which can be
exploited by malicious users to delete access entries or prevent
protected operators from accessing certain channels.
[SA15381] Fedora update for squid
Critical: Moderately critical
Where: From remote
Impact: Security Bypass, Spoofing, Manipulation of data
Released: 2005-05-18
Fedora has issued an update for squid. This fixes some vulnerabilities,
which can be exploited by malicious people to spoof DNS lookups and
poison the web proxy cache.
[SA15359] Mandriva update for gnutls
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2005-05-13
Mandriva has issued an update for gnutls. This fixes a vulnerability,
which potentially can be exploited by malicious people to cause a DoS
(Denial of Service).
[SA15351] Ubuntu update for gnutls
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2005-05-13
Ubuntu has issued an update for gnutls. This fixes a vulnerability,
which potentially can be exploited by malicious people to cause a DoS
(Denial of Service).
[SA15380] Trustix update for postgresql
Critical: Moderately critical
Where: From local network
Impact: Unknown, Privilege escalation, DoS
Released: 2005-05-16
Trustix has released an update for postgresql. This fixes two
vulnerabilities, which can be exploited by malicious users to cause a
DoS (Denial of Service) or potentially gain escalated privileges.
[SA15375] Gentoo update for postgresql
Critical: Moderately critical
Where: From local network
Impact: DoS, Privilege escalation, Unknown
Released: 2005-05-16
Gentoo has released an update for postgresql. This fixes two
vulnerabilities, which can be exploited by malicious users to cause a
DoS (Denial of Service) or potentially gain escalated privileges.
[SA15404] Gentoo update for freeradius
Critical: Less critical
Where: From remote
Impact: Unknown, Manipulation of data
Released: 2005-05-18
Gentoo has issued an update for freeradius. This fixes some
vulnerabilities, where one has an unknown impact and the others
potentially can be exploited to conduct SQL injection attacks.
[SA15403] Ubuntu update for nasm
Critical: Less critical
Where: From remote
Impact: System access
Released: 2005-05-18
Ubuntu has issued an update for nasm. This fixes a vulnerability, which
can be exploited by malicious people to compromise a user's system.
[SA15390] Slackware update for ncftp
Critical: Less critical
Where: From remote
Impact: System access
Released: 2005-05-16
Slackware has issued an update for ncftp. This fixes an old
vulnerability, which potentially can be exploited by malicious people
to compromise a user's system.
[SA15378] Gentoo update for phpBB
Critical: Less critical
Where: From remote
Impact: Unknown, Cross Site Scripting
Released: 2005-05-16
Gentoo has issued an update for phpBB. This fixes a vulnerability,
which can be exploited to conduct cross-site scripting or script
insertion attacks.
[SA15364] Slackware update for gaim
Critical: Less critical
Where: From remote
Impact: DoS
Released: 2005-05-16
Slackware has issued an update for gaim. This fixes two weaknesses,
which can be exploited by malicious people to cause a DoS (Denial of
Service).
[SA15361] FreeRADIUS Potential SQL Injection and Buffer Overflow
Vulnerabilities
Critical: Less critical
Where: From remote
Impact: Unknown, Manipulation of data
Released: 2005-05-18
Primoz Bratanic has reported some vulnerabilities in FreeRADIUS, where
one has an unknown impact and the others potentially can be exploited
by malicious users to conduct SQL injection attacks.
[SA15356] Mandriva update for tcpdump
Critical: Less critical
Where: From remote
Impact: DoS
Released: 2005-05-13
Mandriva has issued an update for tcpdump. This fixes some
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service).
[SA15352] NASM "ieee_putascii()" Buffer Overflow Vulnerability
Critical: Less critical
Where: From remote
Impact: System access
Released: 2005-05-18
Jindrich Novy has reported a vulnerability in NASM, which can be
exploited by malicious people to compromise a user's system.
[SA15383] Trustix update for squid
Critical: Less critical
Where: From local network
Impact: Spoofing
Released: 2005-05-16
Trustix has issued an updated for squid. This fixes a vulnerability,
which can be exploited by malicious people to spoof DNS lookups.
[SA15406] Red Hat update for ncpfs
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2005-05-18
Red Hat has issued an update for ncpfs. This fixes a vulnerability,
which can be exploited by malicious, local users to perform certain
actions on a vulnerable system with escalated privileges.
[SA15392] Linux Kernel pktcdvd and raw device Block Device
Vulnerabilities
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2005-05-17
alert7 has reported two vulnerabilities in the Linux kernel, which can
be exploited by malicious, local users to gain escalated privileges.
[SA15386] Cheetah Insecure Module Importing Vulnerability
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2005-05-17
Brian Bird has reported a vulnerability in Cheetah, which can be
exploited by malicious, local users to gain escalated privileges.
[SA15384] Avaya CMS/IR Network Port Hijacking Vulnerability
Critical: Less critical
Where: Local system
Impact: Hijacking
Released: 2005-05-16
Avaya has acknowledged some vulnerabilities in Avaya Call Management
System (CMS) and Avaya Interactive Response (IR), which can be
exploited by malicious, local users to hijack network ports.
[SA15382] Trustix update for kernel
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2005-05-16
Trustix has issued an update for kernel. This can be exploited by
malicious, local users to gain escalated privileges.
[SA15366] Avaya CMS/IR Xsun and Xprt Server Font Handling
Vulnerabilities
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2005-05-16
Avaya has acknowledged some vulnerabilities in Avaya Call Management
System (CMS) and Avaya Interactive Response (IR), which can be
exploited by malicious, local users to gain escalated privileges.
[SA15365] IBM HTTP Server "mod_include" Vulnerability
Critical: Less critical
Where: Local system
Impact: Privilege escalation, DoS
Released: 2005-05-17
IBM has acknowledged a vulnerability in IBM HTTP Server, which can be
exploited by malicious, local users to cause a DoS (Denial of Service)
or potentially gain escalated privileges.
[SA15354] cdrdao Unspecified Privilege Escalation Vulnerability
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2005-05-13
A vulnerability has been reported in cdrdao, which potentially can be
exploited by malicious, local users to gain escalated privileges.
[SA15348] FreeBSD Hyper-Threading Support Information Disclosure
Critical: Less critical
Where: Local system
Impact: Exposure of sensitive information
Released: 2005-05-13
Colin Percival has reported a vulnerability in FreeBSD, which can be
exploited by malicious, local users to gain knowledge of sensitive
information.
Other:
[SA15349] Cisco Firewall Services Module TCP Packet URL Filtering
Bypass
Critical: Less critical
Where: From remote
Impact: Security Bypass
Released: 2005-05-12
A security issue has been reported in Cisco Firewall Services Module
(FWSM), which can result in certain traffic bypassing configured ACLs.
Cross Platform:
[SA15410] eDMS Multiple Unspecified Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Unknown
Released: 2005-05-18
Some vulnerabilities with unknown impacts have been reported in eDMS.
[SA15405] Serendipity File Upload and Cross-Site Scripting
Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Security Bypass, Cross Site Scripting
Released: 2005-05-18
Some vulnerabilities have been reported in Serendipity, which can be
exploited by malicious people to bypass certain security restrictions
and conduct cross-site scripting attacks.
[SA15401] Help Center Live Multiple Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting, Manipulation of data
Released: 2005-05-18
James Bercegay has reported some vulnerabilities in Help Center Live,
which can be exploited by malicious people to conduct cross-site
scripting, script insertion and SQL injection attacks.
[SA15396] Woltlab Burning Board JGS-Portal SQL Injection
Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2005-05-17
deluxe89 and the Security-Project Team has reported some
vulnerabilities in the JGS-Portal module for Woltlab Burning Board,
which can be exploited by malicious people to conduct SQL injection
attacks.
[SA15395] Woltlab Burning Board "email" SQL Injection Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2005-05-17
James Bercegay has reported a vulnerability in Woltlab Burning Board,
which can be exploited by malicious people to conduct SQL injection
attacks.
[SA15391] PostNuke "func" Local File Inclusion Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Exposure of sensitive information
Released: 2005-05-17
pokleyzz has reported a vulnerability in PostNuke, which can be
exploited by malicious people to disclose sensitive information.
[SA15385] NPDS Cross-Site Scripting and SQL Injection Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting, Manipulation of data
Released: 2005-05-18
Some vulnerabilities have been reported in NPDS, which can be exploited
by malicious people to conduct cross-site scripting and SQL injection
attacks.
[SA15377] Skull-Splitter's PHP Guestbook Script Insertion
Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting
Released: 2005-05-17
Morinex Eneco has reported a vulnerability in Skull-Splitter's PHP
Guestbook, which can be exploited by malicious people to conduct script
insertion attacks.
[SA15371] SafeHTML "_writeAttrs()" Quote Handling Security Bypass
Critical: Moderately critical
Where: From remote
Impact: Security Bypass
Released: 2005-05-17
A vulnerability has been reported in SafeHTML, which potentially can be
exploited by malicious people to bypass certain security restrictions.
[SA15360] Kerio MailServer Two Denial of Service Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2005-05-13
Two vulnerabilities have been reported in Kerio MailServer, which
potentially can be exploited by malicious people to cause a DoS (Denial
of Service).
[SA15355] Bug Report Script Insertion Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting
Released: 2005-05-17
Sylvain Thual has reported a vulnerability in Bug Report, which can be
exploited by malicious people to conduct script insertion attacks.
[SA15353] Direct Topics Script Insertion and SQL Injection
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting, Manipulation of data
Released: 2005-05-13
Morinex Eneco has reported two vulnerabilities in Direct Topics, which
can be exploited by malicious people to conduct script insertion and
SQL injection attacks.
[SA15400] Shop-Script FREE "categoryID" and "productID" SQL Injection
Critical: Less critical
Where: From remote
Impact: Manipulation of data
Released: 2005-05-18
Censored has reported a vulnerability in Shop-Script FREE, which can be
exploited by malicious people to conduct SQL injection attacks.
