HolidayBuyer's Guide

Spyware, Viruses, & Security forum

General discussion

VULNERABILITIES - March 19, 2007

by Marianna Schmudlach / March 19, 2007 12:59 AM PDT

Mandriva update for libwpd

TITLE:
Mandriva update for libwpd

SECUNIA ADVISORY ID:
SA24580

VERIFY ADVISORY:
http://secunia.com/advisories/24580/

CRITICAL:
Moderately critical

IMPACT:
DoS, System access

WHERE:
From remote

OPERATING SYSTEM:
Mandriva Linux 2007
http://secunia.com/product/12165/

DESCRIPTION:
Mandriva has issued an update for libwpd. This fixes some
vulnerabilities, which can be exploited by malicious people to cause
a DoS (Denial of Service) or to compromise an application using the
library.

For more information:
SA24507

SOLUTION:
Apply updated packages.

ORIGINAL ADVISORY:
http://www.mandriva.com/security/advisories?name=MDKSA-2007:063

OTHER REFERENCES:
SA24507:
http://secunia.com/advisories/24507/

Discussion is locked
You are posting a reply to: VULNERABILITIES - March 19, 2007
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: VULNERABILITIES - March 19, 2007
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Fedora update for tcpdump
by Marianna Schmudlach / March 19, 2007 1:01 AM PDT

TITLE:
Fedora update for tcpdump

SECUNIA ADVISORY ID:
SA24583

VERIFY ADVISORY:
http://secunia.com/advisories/24583/

CRITICAL:
Less critical

IMPACT:
DoS

WHERE:
From remote

OPERATING SYSTEM:
Fedora Core 6
http://secunia.com/product/12487/
Fedora Core 5
http://secunia.com/product/8808/

DESCRIPTION:
Fedora has issued an update for tcpdump. This fixes a vulnerability,
which potentially can be exploited by malicious people to cause a DoS
(Denial of Service).

For more information:
SA24318

SOLUTION:
Apply updated packages.

ORIGINAL ADVISORY:
http://fedoranews.org/cms/node/2798
http://fedoranews.org/cms/node/2799

OTHER REFERENCES:
SA24318:
http://secunia.com/advisories/24318/

Collapse -
Gentoo lsat Insecure Temporary File Creation
by Marianna Schmudlach / March 19, 2007 1:02 AM PDT

TITLE:
Gentoo lsat Insecure Temporary File Creation

SECUNIA ADVISORY ID:
SA24526

VERIFY ADVISORY:
http://secunia.com/advisories/24526/

CRITICAL:
Less critical

IMPACT:
Privilege escalation

WHERE:
Local system

OPERATING SYSTEM:
Gentoo Linux 1.x
http://secunia.com/product/339/

DESCRIPTION:
Gentoo has acknowledged a vulnerability in lsat, which can be
exploited by malicious, local users to perform certain actions with
escalated privileges.

The vulnerability is caused due to the temporary files being created
insecurely in the "/tmp" directory and can be exploited to overwrite
arbitrary files via symlink attacks.

SOLUTION:
The vendor recommends unmerging "app-admin/lsat".

ORIGINAL ADVISORY:
http://www.gentoo.org/security/en/glsa/glsa-200703-20.xml

Collapse -
WordPress "PHP_SELF" Cross-Site Scripting Vulnerability
by Marianna Schmudlach / March 19, 2007 1:04 AM PDT

TITLE:
WordPress "PHP_SELF" Cross-Site Scripting Vulnerability

SECUNIA ADVISORY ID:
SA24567

VERIFY ADVISORY:
http://secunia.com/advisories/24567/

CRITICAL:
Less critical

IMPACT:
Cross Site Scripting

WHERE:
From remote

SOFTWARE:
WordPress 2.x
http://secunia.com/product/6745/

DESCRIPTION:
A vulnerability has been discovered in WordPress, which can be
exploited by malicious people to conduct cross-site scripting
attacks.

Input passed to the "PHP_SELF" variable is not properly sanitised
before being returned to the user. This can be exploited to execute
arbitrary HTML and script code in a user's browser session in context
of an affected site.

The vulnerability is confirmed in version 2.1.2. Other versions may
also be affected.

SOLUTION:
Reportedly fixed in versions 2.0.10-RC2 and 2.1.3-RC2.

PROVIDED AND/OR DISCOVERED BY:
Independently discovered by Alexander Concha and Jungsonn.

ORIGINAL ADVISORY:
http://www.buayacorp.com/files/wordpress/wordpress-advisory.txt

Collapse -
Debian update for lookup-el
by Marianna Schmudlach / March 19, 2007 1:06 AM PDT

TITLE:
Debian update for lookup-el

SECUNIA ADVISORY ID:
SA24590

VERIFY ADVISORY:
http://secunia.com/advisories/24590/

CRITICAL:
Less critical

IMPACT:
Privilege escalation

WHERE:
Local system

OPERATING SYSTEM:
Debian GNU/Linux unstable alias sid
http://secunia.com/product/530/
Debian GNU/Linux 3.1
http://secunia.com/product/5307/

DESCRIPTION:
Debian has issued an update for lookup-el. This fixes a
vulnerability, which can be exploited by malicious, local users to
perform certain actions with escalated privileges.

For more information:
SA24377

SOLUTION:
Apply updated packages.

ORIGINAL ADVISORY:
http://www.us.debian.org/security/2007/dsa-1269

OTHER REFERENCES:
SA24377:
http://secunia.com/advisories/24377/

Collapse -
Lookup "ndeb-binary" Insecure Temporary File Creation
by Marianna Schmudlach / March 19, 2007 1:07 AM PDT

TITLE:
Lookup "ndeb-binary" Insecure Temporary File Creation

SECUNIA ADVISORY ID:
SA24377

VERIFY ADVISORY:
http://secunia.com/advisories/24377/

CRITICAL:
Less critical

IMPACT:
Privilege escalation

WHERE:
Local system

SOFTWARE:
Lookup 1.x
http://secunia.com/product/13691/

DESCRIPTION:
Tatsuya Kinoshita has reported a vulnerability in Lookup, which can
be exploited by malicious, local users to perform certain actions
with escalated privileges.

The vulnerability is caused due to temporary files being created
insecurely. This can be exploited via symlink attacks to overwrite
arbitrary files with the permissions of the user running the
application.

Successful exploitation requires that the "ndeb-binary" feature is
used.

SOLUTION:
Restrict access to trusted persons only. Do not use the "ndeb-binary"
feature.

PROVIDED AND/OR DISCOVERED BY:
Tatsuya Kinoshita

ORIGINAL ADVISORY:
http://www.us.debian.org/security/2007/dsa-1269

Collapse -
Network Audio System Multiple Vulnerabilities
by Marianna Schmudlach / March 19, 2007 1:08 AM PDT

TITLE:
Network Audio System Multiple Vulnerabilities

SECUNIA ADVISORY ID:
SA24527

VERIFY ADVISORY:
http://secunia.com/advisories/24527/

CRITICAL:
Less critical

IMPACT:
Privilege escalation, DoS

WHERE:
From local network

SOFTWARE:
Network Audio System 1.x
http://secunia.com/product/13684/

DESCRIPTION:
Luigi Auriemma has reported some vulnerabilities in Network Audio
System, which potentially can be exploited by malicious, local users
to gain escalated privileges or by malicious people to cause a DoS
(Denial of Service).

1) A boundary error within "accept_att_local()" in
server/os/connection.c can be exploited to cause a stack-based buffer
overflow via an overly long (greater than 64 bytes) slave name in a
USL connection.

Successful exploitation may allow malicious, local users to gain root
privileges.

2) An input validation error within "AddResource()" in
server/dia/resource.c can be exploited to cause the service to crash
via a specially crafted packet with an invalid client ID.

3) An integer-overflow error within "ProcAuWriteElement()" in
server/dia/audispatch.c can be exploited to cause the service to
crash via a specially crafted packet with an overly large max_samples
value.

4) A boundary error within "ProcAuSetElements()" in
server/dia/audispatch.c can be exploited to cause the service to
crash via a specially crafted packet with an overly large num_actions
or numElements value.

5) An input validation error within "compileInputs()" in
server/dia/auutil.c can be exploited to cause the service to crash
via a specially crafted packet with an invalid element number.

6) A NULL-pointer dereference error within when processing
simultaneous connections can be exploited to cause the service to
crash.

The vulnerabilities are reported in version 1.8a. Other versions may
also be affected.

SOLUTION:
Fixed in the SVN repository.

PROVIDED AND/OR DISCOVERED BY:
Luigi Auriemma

ORIGINAL ADVISORY:
http://aluigi.altervista.org/adv/nasbugs-adv.txt

Collapse -
Debian update for libwpd
by Marianna Schmudlach / March 19, 2007 1:10 AM PDT

TITLE:
Debian update for libwpd

SECUNIA ADVISORY ID:
SA24572

VERIFY ADVISORY:
http://secunia.com/advisories/24572/

CRITICAL:
Moderately critical

IMPACT:
DoS, System access

WHERE:
From remote

OPERATING SYSTEM:
Debian GNU/Linux unstable alias sid
http://secunia.com/product/530/
Debian GNU/Linux 3.1
http://secunia.com/product/5307/

DESCRIPTION:
Debian has issued an update for libwpd. This fixes some
vulnerabilities, which can be exploited by malicious people to cause
a DoS (Denial of Service) or to compromise an application using the
library.

For more information:
SA24507

SOLUTION:
Apply updated packages.

ORIGINAL ADVISORY:
http://www.debian.org/security/2007/dsa-1268

OTHER REFERENCES:
SA24507:
http://secunia.com/advisories/24507/

Collapse -
rPath update for gnupg
by Marianna Schmudlach / March 19, 2007 1:11 AM PDT

TITLE:
rPath update for gnupg

SECUNIA ADVISORY ID:
SA24544

VERIFY ADVISORY:
http://secunia.com/advisories/24544/

CRITICAL:
Moderately critical

IMPACT:
Security Bypass

WHERE:
From remote

OPERATING SYSTEM:
rPath Linux 1.x
http://secunia.com/product/10614/

DESCRIPTION:
rPath has issued an update for gnupg. This fixes a vulnerability,
which potentially can be exploited by malicious people to bypass
certain security restrictions when applications use GnuPG in an
insecure manner.

For more information:
SA24412

SOLUTION:
Update to "gnupg=/conary.rpath.com@rpl:devel//1/1.4.7-0.1-1".

ORIGINAL ADVISORY:
http://lists.rpath.com/pipermail/security-announce/2007-March/000162.html

OTHER REFERENCES:
SA24412:
http://secunia.com/advisories/24412/

Collapse -
Gentoo update for postgresql
by Marianna Schmudlach / March 19, 2007 1:12 AM PDT

TITLE:
Gentoo update for postgresql

SECUNIA ADVISORY ID:
SA24513

VERIFY ADVISORY:
http://secunia.com/advisories/24513/

CRITICAL:
Less critical

IMPACT:
Exposure of sensitive information, DoS

WHERE:
From local network

OPERATING SYSTEM:
Gentoo Linux 1.x
http://secunia.com/product/339/

DESCRIPTION:
Gentoo has issued an update for postgresql. This fixes some
vulnerabilities, which can be exploited by malicious users to gain
knowledge of potentially sensitive information and cause a DoS
(Denial of Service).

For more information:
SA24033

SOLUTION:
Update to version 8.0.11, 7.4.16, or 7.3.13.

ORIGINAL ADVISORY:
http://www.gentoo.org/security/en/glsa/glsa-200703-15.xml

OTHER REFERENCES:
SA24033:
http://secunia.com/advisories/24033/

Collapse -
rPath update for libwpd
by Marianna Schmudlach / March 19, 2007 1:13 AM PDT

TITLE:
rPath update for libwpd

SECUNIA ADVISORY ID:
SA24557

VERIFY ADVISORY:
http://secunia.com/advisories/24557/

CRITICAL:
Moderately critical

IMPACT:
DoS, System access

WHERE:
From remote

OPERATING SYSTEM:
rPath Linux 1.x
http://secunia.com/product/10614/

DESCRIPTION:
rPath has issued an update for libwpd. This fixes some
vulnerabilities, which can be exploited by malicious people to cause
a DoS (Denial of Service) or to compromise an application using the
library.

For more information:
SA24507

SOLUTION:
Update to "libwpd=/conary.rpath.com@rpl:devel//1/0.8.9-1-0.1".

ORIGINAL ADVISORY:
http://lists.rpath.com/pipermail/security-announce/2007-March/000163.html

OTHER REFERENCES:
SA24507:
http://secunia.com/advisories/24507/

Collapse -
Gentoo update for ulogd
by Marianna Schmudlach / March 19, 2007 1:14 AM PDT

TITLE:
Gentoo update for ulogd

SECUNIA ADVISORY ID:
SA24524

VERIFY ADVISORY:
http://secunia.com/advisories/24524/

CRITICAL:
Moderately critical

IMPACT:
Unknown

WHERE:
From remote

OPERATING SYSTEM:
Gentoo Linux 1.x
http://secunia.com/product/339/

DESCRIPTION:
Gentoo has issued an update for ulogd. This fixes a vulnerability,
which has an unknown impact.

For more information:
SA23863

SOLUTION:
Update to "app-admin/ulogd-1.23-r1" or later.

ORIGINAL ADVISORY:
http://www.gentoo.org/security/en/glsa/glsa-200703-17.xml

OTHER REFERENCES:
SA23863:
http://secunia.com/advisories/23863/

Collapse -
Gentoo update for ltsp
by Marianna Schmudlach / March 19, 2007 1:16 AM PDT

TITLE:
Gentoo update for ltsp

SECUNIA ADVISORY ID:
SA24525

VERIFY ADVISORY:
http://secunia.com/advisories/24525/

CRITICAL:
Highly critical

IMPACT:
Security Bypass

WHERE:
From remote

OPERATING SYSTEM:
Gentoo Linux 1.x
http://secunia.com/product/339/

DESCRIPTION:
Gentoo has issued an update for ltsp. This fixes a vulnerability,
which can be exploited by malicious people to bypass certain security
restrictions.

For more information:
SA20940

SOLUTION:
Update to "net-misc/ltsp-4.2-r1" or later.

ORIGINAL ADVISORY:
http://www.gentoo.org/security/en/glsa/glsa-200703-19.xml

OTHER REFERENCES:
SA20940:
http://secunia.com/advisories/20940/

Collapse -
Gentoo update for thunderbird
by Marianna Schmudlach / March 19, 2007 1:18 AM PDT

TITLE:
Gentoo update for thunderbird

SECUNIA ADVISORY ID:
SA24522

VERIFY ADVISORY:
http://secunia.com/advisories/24522/

CRITICAL:
Highly critical

IMPACT:
System access

WHERE:
From remote

OPERATING SYSTEM:
Gentoo Linux 1.x
http://secunia.com/product/339/

DESCRIPTION:
Gentoo has issued an update for thunderbird. This fixes some
vulnerabilities, which potentially can be exploited by malicious
people to compromise a user's system.

For more information:
SA24252
SA24253

SOLUTION:
Mozilla Thunderbird:
Update to "mail-client/mozilla-thunderbird-1.5.0.10" or later.

Mozilla Thunderbird binary:
Update to "mail-client/mozilla-thunderbird-bin-1.5.0.10" or later.

ORIGINAL ADVISORY:
http://www.gentoo.org/security/en/glsa/glsa-200703-18.xml

OTHER REFERENCES:
SA24252:
http://secunia.com/advisories/24252/

SA24253:
http://secunia.com/advisories/24253/

Collapse -
Gentoo update for asterisk
by Marianna Schmudlach / March 19, 2007 1:19 AM PDT

TITLE:
Gentoo update for asterisk

SECUNIA ADVISORY ID:
SA24578

VERIFY ADVISORY:
http://secunia.com/advisories/24578/

CRITICAL:
Moderately critical

IMPACT:
DoS

WHERE:
From remote

OPERATING SYSTEM:
Gentoo Linux 1.x
http://secunia.com/product/339/

DESCRIPTION:
Gentoo has issued an update for asterisk. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).

For more information:
SA24380

SOLUTION:
Update to versions 1.2.14-r1 or 1.0.12-r1.

ORIGINAL ADVISORY:
http://www.gentoo.org/security/en/glsa/glsa-200703-14.xml

OTHER REFERENCES:
SA24380:
http://secunia.com/advisories/24380/

Collapse -
Mandriva update for openoffice.org
by Marianna Schmudlach / March 19, 2007 1:23 AM PDT

Secunia Advisory: SA24593
Release Date: 2007-03-19


Critical:
Moderately critical
Impact: DoS
System access

Where: From remote

Solution Status: Vendor Patch


OS: Mandriva Linux 2007

Description:
Mandriva has issued an update for openoffice.org. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a user's system.

The vulnerabilities are caused due to the use of a vulnerable version of libwpd.

For more information:
SA24507

Solution:
Apply updated packages.

Original Advisory:
http://www.mandriva.com/security/advisories?name=MDKSA-2007:064

Other References:
SA24507:
http://secunia.com/advisories/24507/

Collapse -
SuSE Security Update Fixes Multiple Denial of Service and Co
by Marianna Schmudlach / March 19, 2007 1:34 AM PDT

SuSE Security Update Fixes Multiple Denial of Service and Code Execution Issues

Advisory ID : FrSIRT/ADV-2007-0980
CVE ID : CVE-2005-4348 - CVE-2006-3126 - CVE-2006-5867 - CVE-2006-5974 - CVE-2006-6142 - CVE-2006-6303 - CVE-2007-0469
Rated as : High Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-03-19
Technical Description

SuSE has released security updates to address multiple vulnerabilities identified in fetchmail, capi4hylafax, squirrelmail, rubygems and ruby. For additional information, see : FrSIRT/ADV-2005-2996 - FrSIRT/ADV-2007-0087 - FrSIRT/ADV-2006-3430 - FrSIRT/ADV-2006-4828 - FrSIRT/ADV-2007-0295 - FrSIRT/ADV-2006-4855

Affected Products

SuSE Linux 10
SuSE Linux 9.x
SuSE Linux 8.x
SuSE Linux 7.x
SuSE Linux Connectivity Server
SuSE Linux Database Server
SuSE Linux Desktop 1.x
SuSE Linux Enterprise Server 7
SuSE Linux Enterprise Server 8
SUSE Linux Enterprise Server 9
SuSE Linux Firewall
SuSE Linux Standard Server 8
SuSE Linux Office Server
SuSE Linux Openexchange Server 4.x

Solution

Upgrade the affected packages :
ftp://ftp.suse.com/pub/suse/update/

References

http://www.frsirt.com/english/advisories/2007/0980
http://lists.suse.com/archive/suse-security-announce/2007-Mar/0005.html

Collapse -
Redhat Security Update Fixes Libwpd Multiple Client-Side Cod
by Marianna Schmudlach / March 19, 2007 1:36 AM PDT

Redhat Security Update Fixes Libwpd Multiple Client-Side Code Execution Vulnerabilities

Advisory ID : FrSIRT/ADV-2007-0993
CVE ID : CVE-2007-0002
Rated as : Moderate Risk
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-03-19
Technical Description

Redhat has released security updates to address multiple vulnerabilities identified in Libwpd. These issues could be exploited by attackers to execute arbitrary commands. For additional information, see : FrSIRT/ADV-2007-0976

Affected Products

RHEL Desktop Workstation (v. 5 client)
RHEL Optional Productivity Applications (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)

Solution

Upgrade the affected packages :
http://rhn.redhat.com/

References

http://www.frsirt.com/english/advisories/2007/0993
http://rhn.redhat.com/errata/RHSA-2007-0055.html

Collapse -
Gentoo update for mod_jk
by Marianna Schmudlach / March 19, 2007 3:02 AM PDT

TITLE:
Gentoo update for mod_jk

SECUNIA ADVISORY ID:
SA24558

VERIFY ADVISORY:
http://secunia.com/advisories/24558/

CRITICAL:
Highly critical

IMPACT:
System access

WHERE:
From remote

OPERATING SYSTEM:
Gentoo Linux 1.x
http://secunia.com/product/339/

DESCRIPTION:
Gentoo has issued an update for mod_jk. This fixes a vulnerability,
which can be exploited by malicious people to compromise a vulnerable
system.

For more information:
SA24398

SOLUTION:
Update to "www-apache/mod_jk-1.2.21-r1" or later.

ORIGINAL ADVISORY:
http://www.gentoo.org/security/en/glsa/glsa-200703-16.xml

OTHER REFERENCES:
SA24398:
http://secunia.com/advisories/24398/

Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

The Samsung RF23M8090SG

One of the best French door fridges we've tested

A good-looking fridge with useful features like an auto-filling water pitcher and a temperature-adjustable "FlexZone" drawer. It was a near-flawless performer in our cooling tests.