Internet Security Vulnerabilities Summary 91002
Internet Security Summary
This Internet Security Report revals a vulnerability reported in First4Internet XCP'suninstallation ActiveX control, which potentially can be exploited by
malicious people to compromise a user's system.
The vulnerability is caused due to the "CodeSupport.ocx" ActiveX
control that is installed via Internet Explorer when the user
un-installs the XCP DRM software by visiting the vendor's website.
The ActiveX control is marked safe-for-scripting and supports several
potentially dangerous methods like "RebootMachine", "InstallUpdate",
and "IsAdministrator". This may be exploited to install arbitrary code
on the user's system.
Additional Internet Security information may be found in the referenced
advisories below.
-- A vulnerability has been reported in Lynx, which can be exploited by malicious people to compromise a user's system. The vendor has released a new version, which address this issue. VIRUS ALERTS: No virus alerts.Internet Security Vulnerabilities Summary 91002:
Sony CD First4Internet XCP Uninstallation ActiveX Control Vulnerability Freeftpd USER Command Buffer Overflow Vulnerability Macromedia Breeze Communication Server/Live Server Denial of Service AudienceView "TSerrorMessage" Cross-Site Scripting Vulnerability Internet Explorer Image Control Status Bar Spoofing Weakness UNIX/Linux: Fedora update for lynx SUSE Updates for Multiple Packages Red Hat update for lynx Gentoo scorched3d Multiple Vulnerabilities Mandriva update for lynx Fedora update for gdk-pixbuf Fedora update for gtk2 Red Hat update for gtk2 Debian update for linux-ftpd-ssl Debian update for phpsysinfo Openswan ISAKMP IKE Message Processing Denial of Service Ubuntu update for gtk2-engines-pixbuf / libgdk-pixbuf2 Sun Solaris in.iked ISAKMP IKE Message Processing Denial of Service Debian update for abiword Pnmtopng "alphas_of_color" Buffer Overflow Vulnerability Gentoo update for sylpheed Red Hat update for gdk-pixbuf Red Hat update for php Gentoo update for linux-ftpd-ssl UnixWare update for openssl LiteSpeed Web Server WebAdmin Cross-Site Scripting Vulnerability PEAR Installer Arbitrary Code Execution Vulnerability Debian update for acidlab ACID Cross-Site Scripting and SQL Injection Vulnerabilities Debian update for uim HP-UX xterm Unspecified Unauthorized Access Vulnerability Fedora update for sysreport Red Hat update for lm_sensors Sudo Perl Environment Cleaning Privilege Escalation Vulnerability Red Hat update for cpio MigrationTools Insecure Temporary File Usage Vulnerability Campsite MySQL Password Exposure Mail Transfer Security Issue Fedora update for kernel Other: Nortel Switched Firewall ISAKMP IKE Message Processing Denial of Service Juniper JUNOS/JUNOSe ISAKMP IKE Message Processing Denial of Service Cisco ISAKMP IKE Message Processing Denial of Service Belkin Wireless G Router Web Management Authentication Bypass Cisco ASA Failover Denial of Service Weakness Cross Platform: AlstraSoft Affiliate Network Pro Multiple Vulnerabilities AlstraSoft Template Seller Pro File Inclusion and SQL Injection PollVote "pollname" File Inclusion Vulnerability Secgo Crypto IP Gateway/Client ISAKMP IKE Message Processing Vulnerability iCMS "page" File Inclusion Vulnerability CodeGrrl Products "siteurl" File Inclusion Vulnerability Macromedia Flash Communication Server MX Denial of Service OnContent // CMS "pid" SQL Injection Vulnerability phpwcms Disclosure of Sensitive Information and Cross-Site Scripting Help Center Live "file" Local File Inclusion Vulnerability phpPgAds Multiple Vulnerabilities MyBulletinBoard Multiple Vulnerabilities Xoops WF-Downloads Module "list" SQL Injection Vulnerability Xoops "xoopsConfig[language]" Local File Inclusion Vulnerability Ekinboard Topic Title Script Insertion Vulnerability StoneGate Firewall and VPN ISAKMP IKE Message Processing Denial of Service Wizz Forum Multiple SQL Injection Vulnerabilities PHP-Nuke "query" SQL Injection Vulnerability Peel "rubid" SQL Injection Vulnerability Pearl Forums SQL Injection and Local File Inclusion Vulnerabilities phpMyAdmin HTTP Response Splitting Vulnerability PHP GEN Cross-Site Scripting Vulnerabilities Walla TeleSite Cross-Site Scripting Vulnerability Dev-Editor Virtual Root Directory Restriction Bypass Macromedia Contribute Publishing Server Weak Password Encryption Opera Image Control Status Bar Spoofing WeaknessInternet Security Listings Content:
Sony CD First4Internet XCP Uninstallation ActiveX Control Vulnerability Critical: Highly critical Where: From remote Impact: System access A vulnerability has been reported in First4Internet XCP's uninstallation ActiveX control, which potentially can be exploited by malicious people to compromise a user's system. -- Freeftpd USER Command Buffer Overflow Vulnerability Critical: Highly critical Where: From remote Impact: System access barabas mutsonline has discovered a vulnerability in freeftpd, which can be exploited by malicious people to compromise a vulnerable system. -- Macromedia Breeze Communication Server/Live Server Denial of Service Critical: Moderately critical Where: From remote Impact: DoS A vulnerability has been reported in Breeze Communication Server and Breeze Live Server, which potentially can be exploited by malicious people to cause a DoS (Denial of Service). -- AudienceView "TSerrorMessage" Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting syst3m_f4ult has reported a vulnerability in AudienceView, which can be exploited by malicious people to conduct cross-site scripting attacks. -- Internet Explorer Image Control Status Bar Spoofing Weakness Critical: Not critical Where: From remote Impact: Security Bypass Claudio "Sverx" has discovered a weakness in Internet Explorer, which can be exploited by malicious people to trick users into visiting a malicious website by obfuscating URLs displayed in the status bar. UNIX/Linux:-- Fedora update for lynx Critical: Highly critical Where: From remote Impact: System access Fedora has issued an update for lynx. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. -- SUSE Updates for Multiple Packages Critical: Highly critical Where: From remote Impact: DoS, System access SUSE has issued updates for multiple packages. These fix various vulnerabilities, which can be exploited by malicious people to disclose system information, cause a DoS (Denial of Service) and potentially to compromise a vulnerable or a user's system. -- Red Hat update for lynx Critical: Highly critical Where: From remote Impact: System access Red Hat has issued an update for lynx. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. -- Gentoo scorched3d Multiple Vulnerabilities Critical: Highly critical Where: From remote Impact: DoS, System access Gentoo has acknowledged some vulnerabilities in scorched3d, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. -- Mandriva update for lynx Critical: Highly critical Where: From remote Impact: System access Mandriva has issued an update for lynx. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. -- Fedora update for gdk-pixbuf Critical: Moderately critical Where: From remote Impact: DoS, System access Fedora has issued an update for gdk-pixbuf. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a user's system. -- Fedora update for gtk2 Critical: Moderately critical Where: From remote Impact: DoS, System access Fedora has issued an update for gtk2. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a user's system. -- Red Hat update for gtk2 Critical: Moderately critical Where: From remote Impact: DoS, System access Red Hat has issued an update for gtk2. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a user's system. -- Debian update for linux-ftpd-ssl Critical: Moderately critical Where: From remote Impact: System access Debian has issued an update for linux-ftpd-ssl. This fixes a vulnerability, which can be exploited by malicious users to compromise a vulnerable system. -- Debian update for phpsysinfo Critical: Moderately critical Where: From remote Impact: Cross Site Scripting, Manipulation of data, Exposure of system information, Exposure of sensitive information Debian has issued an update for phpsysinfo. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks and manipulate certain information. -- Openswan ISAKMP IKE Message Processing Denial of Service Critical: Moderately critical Where: From remote Impact: DoS Two vulnerabilities have been reported in openswan-2, which can be exploited by malicious people to cause a DoS (Denial of Service). -- Ubuntu update for gtk2-engines-pixbuf / libgdk-pixbuf2 Critical: Moderately critical Where: From remote Impact: DoS, System access Ubuntu has issued an update for gtk2-engines-pixbuf / libgdk-pixbuf2. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a user's system. -- Sun Solaris in.iked ISAKMP IKE Message Processing Denial of Service Critical: Moderately critical Where: From remote Impact: DoS Sun has acknowledged a vulnerability in Solaris, which can be exploited by malicious people to cause a DoS (Denial of Service). -- Debian update for abiword Critical: Moderately critical Where: From remote Impact: System access Debian has issued an update for abiword. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a user's system. -- Pnmtopng "alphas_of_color" Buffer Overflow Vulnerability Critical: Moderately critical Where: From remote Impact: DoS, System access A vulnerability has been reported in pnmtopng, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a vulnerable system. -- Gentoo update for sylpheed Critical: Moderately critical Where: From remote Impact: System access Gentoo has issued an update for sylpheed. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system. -- Red Hat update for gdk-pixbuf Critical: Moderately critical Where: From remote Impact: DoS, System access Red Hat has issued an update for gdk-pixbuf. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a user's system. -- Red Hat update for php Critical: Moderately critical Where: From remote Impact: Security Bypass, Cross Site Scripting Red Hat has issued an update for php. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks and bypass certain security restrictions. -- Gentoo update for linux-ftpd-ssl Critical: Moderately critical Where: From remote Impact: System access Gentoo has issued an update for ftpd. This fixes a vulnerability, which can be exploited by malicious users to compromise a vulnerable system. -- UnixWare update for openssl Critical: Less critical Where: From remote Impact: Security Bypass SCO has issued an update for openssl. This fixes a vulnerability, which potentially can be exploited by malicious people to bypass certain security restrictions. -- LiteSpeed Web Server WebAdmin Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Ziv Kamir has discovered a vulnerability in LiteSpeed Web Server, which can be exploited by malicious people to conduct cross-site scripting attacks. -- PEAR Installer Arbitrary Code Execution Vulnerability Critical: Less critical Where: From remote Impact: Security Bypass A vulnerability has been reported in PEAR, which can be exploited by malicious people to bypass certain security restrictions. -- Debian update for acidlab Critical: Less critical Where: From remote Impact: Cross Site Scripting, Manipulation of data Debian has issued an update for acidlab. This fixes some vulnerabilities, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting attacks. -- ACID Cross-Site Scripting and SQL Injection Vulnerabilities Critical: Less critical Where: From remote Impact: Cross Site Scripting, Manipulation of data Some vulnerabilities have been reported in ACID, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting attacks. -- Debian update for uim Critical: Less critical Where: Local system Impact: Privilege escalation Debian has issued an update for uim. This fixes a vulnerability, which potentially can be exploited by malicious, local users to gain escalated privileges. -- HP-UX xterm Unspecified Unauthorized Access Vulnerability Critical: Less critical Where: Local system Impact: Security Bypass A vulnerability has been reported in HP-UX, which can be exploited by malicious, local users to bypass certain security restrictions. -- Fedora update for sysreport Critical: Less critical Where: Local system Impact: Privilege escalation Fedora has issued an update for sysreport. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges. -- Red Hat update for lm_sensors Critical: Less critical Where: Local system Impact: Privilege escalation Red Hat has issued an update for lm_sensors. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges. -- Sudo Perl Environment Cleaning Privilege Escalation Vulnerability Critical: Less critical Where: Local system Impact: Privilege escalation A vulnerability has been reported in Sudo, which can be exploited by malicious, local users to gain escalated privileges. -- Red Hat update for cpio Critical: Less critical Where: Local system Impact: Manipulation of data, Exposure of sensitive information Red Hat has issued an update for cpio. This fixes a vulnerability, which can be exploited by by malicious, local users to disclose and manipulate information. -- MigrationTools Insecure Temporary File Usage Vulnerability Critical: Less critical Where: Local system Impact: Exposure of sensitive information Jason Hoover has discovered a vulnerability in MigrationTools, which can be exploited by malicious, local users to disclose potentially sensitive information or to perform certain actions on a vulnerable system with escalated privileges. -- Campsite MySQL Password Exposure Mail Transfer Security Issue Critical: Not critical Where: From remote Impact: Exposure of sensitive information john has reported a security issue in Campsite, which can be exploited by malicious people to disclose sensitive information. -- Fedora update for kernel Critical: Not critical Where: Local system Impact: DoS Fedora has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service). Other:-- Nortel Switched Firewall ISAKMP IKE Message Processing Denial of Service Critical: Moderately critical Where: From remote Impact: DoS A vulnerability has been reported in Nortel Switched Firewall, which potentially can be exploited by malicious people to cause a DoS (Denial of Service). -- Juniper JUNOS/JUNOSe ISAKMP IKE Message Processing Denial of Service Critical: Moderately critical Where: From remote Impact: DoS A vulnerability has been reported in JUNOS and JUNOSe, which can be exploited by malicious people to cause a DoS (Denial of Service). -- Cisco ISAKMP IKE Message Processing Denial of Service Critical: Moderately critical Where: From remote Impact: DoS A vulnerability has been reported in various Cisco products, which can be exploited by malicious people to cause a DoS (Denial of Service). -- Belkin Wireless G Router Web Management Authentication Bypass Critical: Less critical Where: From local network Impact: Security Bypass Andrei Mikhailovsky has reported a vulnerability in Belkin Wireless G Router, which can be exploited by malicious people to bypass certain security restrictions. -- Cisco ASA Failover Denial of Service Weakness Critical: Not critical Where: From local network Impact: DoS Amin Tora has reported a weakness in Cisco ASA (Adaptive Security Appliances), which can be exploited by malicious people to cause a DoS (Denial of Service). Cross Platform:-- AlstraSoft Affiliate Network Pro Multiple Vulnerabilities Critical: Highly critical Where: From remote Impact: Security Bypass, Cross Site Scripting, Manipulation of data, Exposure of system information, System access Robin Verton has reported some vulnerabilities in AlstraSoft Affiliate Network Pro, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks, and compromise a vulnerable system. -- AlstraSoft Template Seller Pro File Inclusion and SQL Injection Critical: Highly critical Where: From remote Impact: Manipulation of data, System access Robin Verton has reported two vulnerabilities in AlstraSoft Template Seller Pro, which can be exploited by malicious people to conduct SQL injection attacks and compromise a vulnerable system. -- PollVote "pollname" File Inclusion Vulnerability Critical: Highly critical Where: From remote Impact: System access rUnViRuS has reported a vulnerability in PollVote, which can be exploited by malicious people to compromise a vulnerable system. -- Secgo Crypto IP Gateway/Client ISAKMP IKE Message Processing Vulnerability Critical: Highly critical Where: From remote Impact: DoS, System access Secgo has acknowledged a vulnerability in Secgo Crypto IP Gateway/Client, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a vulnerable system. -- iCMS "page" File Inclusion Vulnerability Critical: Highly critical Where: From remote Impact: System access r0t has reported a vulnerability in iCMS, which can be exploited by malicious people to compromise a vulnerable system. -- CodeGrrl Products "siteurl" File Inclusion Vulnerability Critical: Highly critical Where: From remote Impact: System access Robin Verton has discovered a vulnerability in various CodeGrrl products, which can be exploited by malicious people to compromise a vulnerable system. -- Macromedia Flash Communication Server MX Denial of Service Critical: Moderately critical Where: From remote Impact: DoS A vulnerability has been reported in Macromedia Flash Communication Server MX, which potentially can be exploited by malicious people to cause a DoS (Denial of Service). -- OnContent // CMS "pid" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data r0t has reported a vulnerability in OnContent // CMS, which can be exploited by malicious people to conduct SQL injection attacks. -- phpwcms Disclosure of Sensitive Information and Cross-Site Scripting Critical: Moderately critical Where: From remote Impact: Cross Site Scripting, Exposure of sensitive information Stefan Lochbihler has reported some vulnerabilities in phpwcms, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose sensitive information. -- Help Center Live "file" Local File Inclusion Vulnerability Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information HACKERS PAL has discovered a vulnerability in Help Center Live, which can be exploited by malicious people to disclose sensitive information. -- phpPgAds Multiple Vulnerabilities Critical: Moderately critical Where: From remote Impact: Cross Site Scripting, Manipulation of data, Exposure of system information Some vulnerabilities and a weakness have been reported in phpPgAds, which can be exploited by malicious people to disclose system information, and conduct HTTP response splitting and SQL injection attacks. -- MyBulletinBoard Multiple Vulnerabilities Critical: Moderately critical Where: From remote Impact: Cross Site Scripting, Manipulation of data, DoS syini666 has reported some vulnerabilities in MyBulletinBoard, which can be exploited by malicious people to cause a DoS (Denial of Service), manipulate certain information, and conduct script insertion attacks. -- Xoops WF-Downloads Module "list" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data rgod has reported a vulnerability in the WF-Downloads module for Xoops, which can be exploited by malicious people to conduct SQL injection attacks. -- Xoops "xoopsConfig[language]" Local File Inclusion Vulnerability Critical: Moderately critical Where: From remote Impact: Exposure of sensitive information rgod has discovered a vulnerability in Xoops, which can be exploited by malicious people to disclose sensitive information. -- Ekinboard Topic Title Script Insertion Vulnerability Critical: Moderately critical Where: From remote Impact: Cross Site Scripting trueend5 has discovered a vulnerability in Ekinboard, which can be exploited by malicious people to conduct script insertion attacks. -- StoneGate Firewall and VPN ISAKMP IKE Message Processing Denial of Service Critical: Moderately critical Where: From remote Impact: DoS StoneSoft has acknowledged a vulnerability in StoneGate Firewall and VPN, which can be exploited by malicious people to cause a DoS (Denial of Service). -- Wizz Forum Multiple SQL Injection Vulnerabilities Critical: Moderately critical Where: From remote Impact: Manipulation of data HACKERS PAL has discovered some vulnerabilities in Wizz Forum, which can be exploited by malicious people to conduct SQL injection attacks. -- PHP-Nuke "query" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data sp3x has discovered a vulnerability in PHP-Nuke, which can be exploited by malicious people to conduct SQL injection attacks. -- Peel "rubid" SQL Injection Vulnerability Critical: Moderately critical Where: From remote Impact: Manipulation of data r0t has reported a vulnerability in Peel, which can be exploited by malicious people to conduct SQL injection attacks. -- Pearl Forums SQL Injection and Local File Inclusion Vulnerabilities Critical: Moderately critical Where: From remote Impact: Manipulation of data, Exposure of sensitive information Abducter has discovered some vulnerabilities in Pearl Forums, which can be exploited by malicious people to conduct SQL injection attacks and disclose sensitive information. -- phpMyAdmin HTTP Response Splitting Vulnerability Critical: Less critical Where: From remote Impact: Exposure of system information, Cross Site Scripting Toni Koivunen has reported a vulnerability in phpMyAdmin, which can be exploited by malicious people to conduct HTTP response splitting attacks. -- PHP GEN Cross-Site Scripting Vulnerabilities Critical: Less critical Where: From remote Impact: Cross Site Scripting Some vulnerabilities have been reported in PHP GEN, which can be exploited by malicious people to conduct cross-site scripting attacks. -- Walla TeleSite Cross-Site Scripting Vulnerability Critical: Less critical Where: From remote Impact: Cross Site Scripting Rafi Nahum and Pokerface have reported a vulnerability in Walla TeleSite, which can be exploited by malicious people to conduct cross-site scripting attacks. -- Dev-Editor Virtual Root Directory Restriction Bypass Critical: Less critical Where: From remote Impact: Security Bypass A security issue has been discovered in Dev-Editor, which can be exploited by malicious users to bypass certain security restrictions. -- Macromedia Contribute Publishing Server Weak Password Encryption Critical: Less critical Where: Local system Impact: Exposure of sensitive information A security issue has been reported in Macromedia Contribute Publishing Server, which potentially can be exploited by malicious, local users to disclose certain sensitive information. -- Opera Image Control Status Bar Spoofing Weakness Critical: Not critical Where: From remote Impact: Security Bypass Claudio "Sverx" has discovered a weakness in Opera, which can be exploited by malicious people to trick users into visiting a malicious website by obfuscating URLs displayed in the status bar.
