The Secunia Weekly Advisory Summary

2004-05-06
2004-05-13



This week : 42 advisories

Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing

========================================================================
1) Word From Secunia:

Secunia has launched a new service called Secunia Virus Information.
Secunia Virus Information is based on information automatically
collected from seven different anti-virus vendors. The data will be
parsed and indexed, resulting in a chronological list, a searchable
index, and grouped profiles with information from the seven vendors.

Furthermore, when certain criteria are triggered virus alerts will be
issued. You can sign-up for the alerts here:

Sign-up for Secunia Virus Alerts:
http://secunia.com/secunia_virus_alerts/

Secunia Virus Information:
http://secunia.com/virus_information/


========================================================================


2) This Week in Brief:


ADVISORIES:

Two vulnerabilities have been reported in the Eudora mail client.

The first vulnerability was discovered by Paul Szabo and can be
triggered by embedding an overly long link in an e-mail. Successful
exploitation may allow execution of arbitrary code.

The second vulnerability was discovered by Brett Glass and can be
exploited to obfuscate the actual link contained in an e-mail.

Reference:
http://secunia.com/SA11581
http://secunia.com/SA11568

--

Microsoft has reported a vulnerability in Windows Help and Support
Center, which can be exploited to compromise a user's system. However,
this will require some user interaction.

Patches have been issued for this. Please refer to Secunia advisory
below.

Reference:
http://secunia.com/SA11590


VIRUS ALERTS:

During the last week, Secunia issued two MEDIUM RISK virus alerts.
Please refer to the grouped virus profiles below for more information:

Wallon.A - MEDIUM RISK Virus Alert - 2004-05-11 18:49 GMT+1
http://secunia.com/virus_information/9320/wallon.a/

Sasser.E - MEDIUM RISK Virus Alert - 2004-05-11 06:46 GMT+1
http://secunia.com/virus_information/9263/sasser.e/

========================================================================
3) This Weeks Top Ten Most Read Advisories:

1. [SA11539] Mac OS X Security Update Fixes Multiple Vulnerabilities
2. [SA11568] Eudora URL Handling Buffer Overflow Vulnerability
3. [SA11582] Microsoft Internet Explorer and Outlook URL Obfuscation
Issue
4. [SA10395] Internet Explorer URL Spoofing Vulnerability
5. [SA11482] Windows Explorer / Internet Explorer Long Share Name
Buffer Overflow
6. [SA11590] Microsoft Windows Help and Support Center URL Validation
Vulnerability
7. [SA10328] Linux Kernel do_brk() Privilege Escalation
Vulnerability
8. [SA11558] Exim Buffer Overflow Vulnerabilities
9. [SA11064] Microsoft Windows 14 Vulnerabilities
10. [SA11553] PHP-Nuke Multiple Vulnerabilities

========================================================================
4) Vulnerabilities Summary Listing

Windows:
[SA11590] Microsoft Windows Help and Support Center URL Validation
Vulnerability
[SA11588] MailEnable Professional HTTPMail Service Buffer Overflow
Vulnerabilities
[SA11568] Eudora URL Handling Buffer Overflow Vulnerability
[SA11566] MyWeb HTTP GET Request Buffer Overflow Vulnerability
[SA11589] eMule Web Interface Negative Content Length Denial of
Service
[SA11578] Icecast Basic Authorization Denial of Service Vulnerability
[SA11573] efFingerD Denial of Service Vulnerabilities
[SA11572] Microsoft Outlook Predictable File Location Weakness
[SA11595] Microsoft Outlook External Reference Vulnerability
[SA11576] TrendMicro OfficeScan Weak Permissions
[SA11582] Microsoft Internet Explorer and Outlook URL Obfuscation
Issue
[SA11581] Eudora URL Obfuscation Issue
[SA11563] Microsoft IIS Inappropriate Cookie Handling Error

UNIX/Linux:
[SA11597] Debian update for exim-tls
[SA11571] OpenPKG update for ssmtp
[SA11562] Debian update for exim
[SA11559] P4DB Input Validation Vulnerabilities
[SA11558] Exim Buffer Overflow Vulnerabilities
[SA11599] Red Hat update for ipsec-tools
[SA11598] OpenPKG update for apache
[SA11592] Gentoo update for OpenOffice
[SA11575] Gentoo update for neon
[SA11574] Gentoo update for LHA
[SA11565] HP WBEM Services OpenSSL Handshake Denial of Service
Vulnerabilities
[SA11564] Conectiva update for lha
[SA11584] Mandrake update for apache2
[SA11583] Mandrake update for rsync
[SA11600] Red Hat update for kernel
[SA11586] SCO OpenServer Insecure Default XHost Access Controls
[SA11585] NetBSD Systrace Privilege Escalation Vulnerability
[SA11580] IBM Parallel Environment Sample Code Privilege Escalation
Vulnerability
[SA11561] OpenPKG update for kolab
[SA11560] Kolab Server OpenLDAP Root Password Disclosure
[SA11591] Gentoo update for ClamAV
[SA11577] Linux Kernel IO Bitmap Access Permissions Inheritance
Vulnerability

Other:


Cross Platform:
[SA11587] phpShop Arbitrary File Inclusion Vulnerability
[SA11569] DeleGate SSLway Filter Buffer Overflow Vulnerability
[SA11579] NukeJokes SQL Injection Vulnerabilities
[SA11570] Sun Java Runtime Environment Unspecified Denial of Service
Vulnerability
[SA11567] e107 Login Name/Author Script Insertion Vulnerability
[SA11593] BEA WebLogic weblogic.xml May Reset to Default Permissions
[SA11594] BEA WebLogic Admins and Operators May be Able to Stop the
Service

========================================================================
5) Vulnerabilities Content Listing

Windows:--

[SA11590] Microsoft Windows Help and Support Center URL Validation
Vulnerability

Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-05-11

Microsoft has issued patches for Microsoft Windows to fix a
vulnerability in the Help and Support Center.

Full Advisory:
http://secunia.com/advisories/11590/

--

[SA11588] MailEnable Professional HTTPMail Service Buffer Overflow
Vulnerabilities

Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-05-11

Behrang Fouladi has discovered two vulnerabilities in MailEnable
Professional, which potentially can be exploited by malicious people to
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/11588/

--

[SA11568] Eudora URL Handling Buffer Overflow Vulnerability

Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-05-07

Paul Szabo has reported a vulnerability in Eudora, which can be
exploited by malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/11568/

--

[SA11566] MyWeb HTTP GET Request Buffer Overflow Vulnerability

Critical: Highly critical
Where: From remote
Impact: DoS, System access
Released: 2004-05-08

badpack3t has reported a vulnerability in MyWeb, which can be exploited
by malicious people to cause a DoS (Denial of Service) and potentially
compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/11566/

--

[SA11589] eMule Web Interface Negative Content Length Denial of
Service

Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2004-05-11

A vulnerability has been discovered in eMule, which can be exploited by
malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/11589/

--

[SA11578] Icecast Basic Authorization Denial of Service Vulnerability

Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2004-05-12

ned has discovered a vulnerability in Icecast, which can be exploited
by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/11578/

--

[SA11573] efFingerD Denial of Service Vulnerabilities

Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2004-05-10

Dr_insane has reported a vulnerability in efFingerD, which can be
exploited by malicious people to cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/11573/

--

[SA11572] Microsoft Outlook Predictable File Location Weakness

Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2004-05-10

http-equiv has reported a security issue in Microsoft Outlook,
potentially allowing malicious people to place a file in a predictable
location.

Full Advisory:
http://secunia.com/advisories/11572/

--

[SA11595] Microsoft Outlook External Reference Vulnerability

Critical: Less critical
Where: From remote
Impact: Security Bypass
Released: 2004-05-12

http-equiv has reported a security issue in Microsoft Outlook,
potentially allowing malicious people (spammers) to verify if a
recipient has read an email.

Full Advisory:
http://secunia.com/advisories/11595/

--

[SA11576] TrendMicro OfficeScan Weak Permissions

Critical: Less critical
Where: Local system
Impact: Security Bypass
Released: 2004-05-10

Matt has reported a vulnerability in TrendMicro OfficeScan, allowing
local users to stop the virus scanning.

Full Advisory:
http://secunia.com/advisories/11576/

--

[SA11582] Microsoft Internet Explorer and Outlook URL Obfuscation
Issue

Critical: Not critical
Where: From remote
Impact: ID Spoofing
Released: 2004-05-10

http-equiv has discovered an issue in Microsoft Internet Explorer,
Outlook and Outlook Express, allowing malicious people to obfuscate
URLs.

Full Advisory:
http://secunia.com/advisories/11582/

--

[SA11581] Eudora URL Obfuscation Issue

Critical: Not critical
Where: From remote
Impact: ID Spoofing
Released: 2004-05-10

Brett Glass has reported an issue in Eudora, allowing malicious people
to obfuscate URLs.

Full Advisory:
http://secunia.com/advisories/11581/

--

[SA11563] Microsoft IIS Inappropriate Cookie Handling Error

Critical: Not critical
Where: From remote
Impact: Exposure of system information
Released: 2004-05-10

Cesar Cerrudo has reported a security issue in Microsoft Internet
Information Services (IIS), potentially allowing malicious people to
gain knowledge of certain details about server side scripts.

Full Advisory:
http://secunia.com/advisories/11563/


UNIX/Linux:--

[SA11597] Debian update for exim-tls

Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-05-12

Debian has issued updated packages for exim. These fix two
vulnerabilities, which potentially can be exploited by malicious people
to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/11597/

--

[SA11571] OpenPKG update for ssmtp

Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-05-08

OpenPKG has issued an update for sSMTP. This fixes two vulnerabilities,
allowing malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/11571/

--

[SA11562] Debian update for exim

Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-05-07

Debian has issued updated packages for exim. These fix two
vulnerabilities, which potentially can be exploited by malicious people
to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/11562/

--

[SA11559] P4DB Input Validation Vulnerabilities

Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-05-06

Jon McClintock has reported some vulnerabilities in P4DB, potentially
allowing malicious people to execute system commands.

Full Advisory:
http://secunia.com/advisories/11559/

--

[SA11558] Exim Buffer Overflow Vulnerabilities

Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-05-06

Georgi Guninski has reported two vulnerabilities in exim, which
potentially can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/11558/

--

[SA11599] Red Hat update for ipsec-tools

Critical: Moderately critical
Where: From remote
Impact: Hijacking, Security Bypass, Manipulation of data, DoS
Released: 2004-05-12

Red Hat has issued updated packages for ipsec-tools. These fix various
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service), establish unauthorised connections, and
conduct MitM (Man-in-the-Middle) attacks.

Full Advisory:
http://secunia.com/advisories/11599/

--

[SA11598] OpenPKG update for apache

Critical: Moderately critical
Where: From remote
Impact: DoS, Manipulation of data, ID Spoofing, Security Bypass
Released: 2004-05-12

OpenPKG has issued updates for apache. These fix various
vulnerabilities, which can be exploited to inject potentially malicious
characters into error logfiles, bypass certain restrictions, gain
unauthorised access, or cause a DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/11598/

--

[SA11592] Gentoo update for OpenOffice

Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2004-05-12

Gentoo has issued updates for OpenOffice. These fix a vulnerability
allowing malicious people to compromise a user's system.

Full Advisory:
http://secunia.com/advisories/11592/

--

[SA11575] Gentoo update for neon

Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2004-05-10

Gentoo has issued updated packages for neon. These fix multiple
vulnerabilities, allowing malicious people to compromise a user's
system.

Full Advisory:
http://secunia.com/advisories/11575/

--

[SA11574] Gentoo update for LHA

Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2004-05-10

Gentoo has issued an update for lha. This fixes multiple
vulnerabilities, which potentially can be exploited by malicious people
to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/11574/

--

[SA11565] HP WBEM Services OpenSSL Handshake Denial of Service
Vulnerabilities

Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2004-05-07

HP has reported that WBEM Services is affected by the OpenSSL handshake
vulnerabilities, which can be exploited by malicious people to cause a
DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/11565/

--

[SA11564] Conectiva update for lha

Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2004-05-07

Conectiva has issued updated packages for lha. These fix multiple
vulnerabilities, which potentially can be exploited by malicious people
to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/11564/

--

[SA11584] Mandrake update for apache2

Critical: Less critical
Where: From remote
Impact: DoS
Released: 2004-05-11

MandrakeSoft has issued updated packages for Apache 2. These fix a
vulnerability, which can be exploited by malicious people to cause a
DoS (Denial of Service).

Full Advisory:
http://secunia.com/advisories/11584/

--

[SA11583] Mandrake update for rsync

Critical: Less critical
Where: From remote
Impact: Security Bypass, Manipulation of data
Released: 2004-05-11

MandrakeSoft has issued updated packages for rsync. These fix a
vulnerability, potentially allowing malicious people to write files
outside the intended directory.

Full Advisory:
http://secunia.com/advisories/11583/

--

[SA11600] Red Hat update for kernel

Critical: Less critical
Where: Local system
Impact: Privilege escalation, Exposure of sensitive information,
Exposure of system information
Released: 2004-05-12

Red Hat has issued updated packages for the kernel. These fix various
vulnerabilities, which can be exploited by malicious, local users to
gain knowledge of sensitive information or gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/11600/

--

[SA11586] SCO OpenServer Insecure Default XHost Access Controls

Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-05-12

SCO has fixed an old security issue, which can be exploited by
malicious, local users to gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/11586/

--

[SA11585] NetBSD Systrace Privilege Escalation Vulnerability

Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-05-11

Stefan Esser has reported a vulnerability in the NetBSD -current
implementation of the systrace utility and in a FreeBSD port by
Vladimir Kotal, which can be exploited by malicious, local users to
gain escalated privileges.

Full Advisory:
http://secunia.com/advisories/11585/

--

[SA11580] IBM Parallel Environment Sample Code Privilege Escalation
Vulnerability

Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-05-10

A vulnerability has been discovered in IBM Parallel Environment (PE),
which can be exploited by malicious, local users to gain escalated
privileges.

Full Advisory:
http://secunia.com/advisories/11580/

--

[SA11561] OpenPKG update for kolab

Critical: Less critical
Where: Local system
Impact: Exposure of system information, Exposure of sensitive
information
Released: 2004-05-06

OpenPKG has issued an updated version of kolab. This fixes a
vulnerability, which can be exploited by malicious, local users to gain
knowledge of the OpenLDAP root password.

Full Advisory:
http://secunia.com/advisories/11561/

--

[SA11560] Kolab Server OpenLDAP Root Password Disclosure

Critical: Less critical
Where: Local system
Impact: Exposure of system information, Exposure of sensitive
information
Released: 2004-05-06

Luca Villani has discovered a vulnerability in Kolab Server, which can
be exploited by malicious, local users to gain knowledge of sensitive
information.

Full Advisory:
http://secunia.com/advisories/11560/

--

[SA11591] Gentoo update for ClamAV

Critical: Not critical
Where: Local system
Impact: Privilege escalation
Released: 2004-05-12

Gentoo has issued an update for clamav. This fixes a vulnerability,
which potentially can be exploited by malicious, local users to gain
escalated privileges.

Full Advisory:
http://secunia.com/advisories/11591/

--

[SA11577] Linux Kernel IO Bitmap Access Permissions Inheritance
Vulnerability

Critical: Not critical
Where: Local system
Impact: DoS
Released: 2004-05-10

Stas Sergeev has reported a vulnerability in the Linux kernel, which
potentially can be exploited by malicious, local users to cause a DoS
(Denial of Service).

Full Advisory:
http://secunia.com/advisories/11577/


Other:


Cross Platform:--

[SA11587] phpShop Arbitrary File Inclusion Vulnerability

Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-05-11

Calum Power has reported a vulnerability in phpShop, potentially
allowing malicious people to compromise a vulnerable system.

Full Advisory:
http://secunia.com/advisories/11587/

--

[SA11569] DeleGate SSLway Filter Buffer Overflow Vulnerability

Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-05-07

Joel Eriksson has reported a vulnerability in DeleGate, which
potentially can be exploited by malicious people to compromise a
vulnerable system.

Full Advisory:
http://secunia.com/advisories/11569/

--

[SA11579] NukeJokes SQL Injection Vulnerabilities

Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2004-05-10

Janek Vind has reported multiple vulnerabilities in NukeJokes, allowing
malicious people to conduct SQL injection attacks.

Full Advisory:
http://secunia.com/advisories/11579/

--

[SA11570] Sun Java Runtime Environment Unspecified Denial of Service
Vulnerability

Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2004-05-08

An unspecified vulnerability has been discovered in the Java Runtime
Environment, which can be exploited by malicious people to cause the
Java Virtual Machine to become unresponsive.

Full Advisory:
http://secunia.com/advisories/11570/

--

[SA11567] e107 Login Name/Author Script Insertion Vulnerability

Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting
Released: 2004-05-08

SmOk3 has reported a vulnerability in e107, which can be exploited to
conduct script insertion attacks.

Full Advisory:
http://secunia.com/advisories/11567/

--

[SA11593] BEA WebLogic weblogic.xml May Reset to Default Permissions

Critical: Less critical
Where: From remote
Impact: Security Bypass
Released: 2004-05-12

BEA has issued updates for WebLogic Server and WebLogic Express. These
fix a security issue, which potentially could grant inapropriate
privileges.

Full Advisory:
http://secunia.com/advisories/11593/

--

[SA11594] BEA WebLogic Admins and Operators May be Able to Stop the
Service

Critical: Not critical
Where: From local network
Impact: DoS
Released: 2004-05-12

BEA has issued updates for WebLogic Server and WebLogic Express. These
fix a weakness allowing certain administrative users to stop the
service.

Full Advisory:
http://secunia.com/advisories/11594/



========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Subscribe:
http://secunia.com/secunia_weekly_summary/

Contact details:
Web : http://secunia.com/
E-mail : [email protected]
Tel : +45 70 20 51 44
Fax : +45 70 20 51 45