From: Security Threat Watch Newsletter (NetworkComputingupdate.networkcomputing.com)
Date: Mon Dec 05 2005 - 13:06:07 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Security Threat Watch
    Number 109
    Monday, December 5, 2005
    Created for you by Network Computing & Neohapsis

The most notable bug released last week involved a format string
vulnerability in Webmin's miniserv.pl Web server. This is a bit of an
interesting vulnerability because it takes advantage of a largely
under-publicized class of format string vulnerabilities in interpreted
languages (Perl, in this case). Steven Christey (from the Mitre CVE
project) wrote an analysis paper of Perl format string
vulnerabilities, which is available to read online at:
http://archives.neohapsis.com/archives/bugtraq/2005-12/0025.html

Although we don't normally make general software version
announcements, we felt compelled to mention that the Apache 2.2.0
series has just been released. The full announcement is available at:
http://archives.neohapsis.com/archives/apache/2005/0015.html

Until next issue,
- The Neohapsis Security Threat Watch Team

--- Advertisement
-----------------------------------------------------

This issue presented by CDW.
The security of your entire network is in your hands. And you
don't show a hint of panic. No matter what you need in
technology, you can count on CDW for the right technology,
right away. So visit us online and find out first hand how we
make it happen. Every order, every visit, every time.

--- Secure Enterprise Survey
-----------------------------------------------

Our sister publication, Secure Enterprise, is preparing a Special Report on the
top myths in network security today, and the editors want to give you the
opportunity to identify and debunk them. What non-issues are over hyped? What
important issues are ignored? Your perspective on this topic is important to
their readers. The editors at Secure Enterprise would like to request five
minutes of your valuable time to answer the following questions. They will keep
your answers anonymous and confidential. Please take the Secure Enterprise
survey at:
http://www.surveymonkey.com/s.asp?u=846461565594

--- New Vulnerabilities
-----------------------------------------------

Below is a list of new vulnerabilities announced this week.
Vulnerabilities considered to be 'critical' involve highly-deployed
software, or carry a high-risk of system compromise. Note that
vulnerabilities not highlighted may still be of critical severity
to your environment.

**** Highlighted critical vulnerabilities ****

Webmin: miniserv.pl remote format string vulnerability

**** Newly announced vulnerabilities this week ****

____Windows____

Cisco Security Agent 4.5.1: local privilege escalation
http://archives.neohapsis.com/archives/cisco/2005-q4/0009.html

Google Talk 1.0.0.64: insecure storage of password in memory
http://archives.neohapsis.com/archives/bugtraq/2005-11/0337.html

WinEggDropShell 1.7: remote overflows
http://archives.neohapsis.com/archives/bugtraq/2005-12/0029.html

____Network Devices____

Cisco IOS HTTP Server: XSS
http://archives.neohapsis.com/archives/cisco/2005-q4/0010.html
http://archives.neohapsis.com/archives/bugtraq/2005-11/0335.html

____CGI____

ASP-Rider 1.6: SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2005-11/0352.html

Alisveristr E-Commerce: SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2005-12/0037.html

Drupal 4.6.x/4.5.x: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2005-12/0008.html
http://archives.neohapsis.com/archives/bugtraq/2005-12/0009.html
http://archives.neohapsis.com/archives/bugtraq/2005-12/0014.html

Edgewall Trac 0.9: SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2005-12/0010.html

Free Web Stat 1.0r37: XSS
http://archives.neohapsis.com/archives/bugtraq/2005-11/0327.html

Gallery 2.0.1: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2005-11/0371.html

Guppy 4.5.9: remote PHP code execution
http://archives.neohapsis.com/archives/bugtraq/2005-11/0324.html

N-13 News: SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2005-11/0359.html

PHP-Fusion 6.00.109: SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2005-12/0044.html

Php Web Statistik 1.4: XSS
http://archives.neohapsis.com/archives/bugtraq/2005-11/0326.html

PhpX 3.5.9: SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2005-11/0384.html

Randshop: SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2005-11/0334.html

WebCalendar 1.0.1: SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2005-11/0325.html

Xaraya 1.0.0rc4: remote file/directory overwriting
http://archives.neohapsis.com/archives/bugtraq/2005-11/0351.html

Zen-Cart 1.2.6d: SQL tampering
http://archives.neohapsis.com/archives/bugtraq/2005-12/0045.html

eXtreme Styles mod 2.2.1: remote file reading
http://archives.neohapsis.com/archives/bugtraq/2005-12/0035.html

phpMyChat 0.14.6: XSS
http://archives.neohapsis.com/archives/bugtraq/2005-12/0017.html

____Cross-Platform____

APC PowerChute: HTTP remote admin unencrypted protocol
http://archives.neohapsis.com/archives/bugtraq/2005-11/0328.html

Kadu: remote DoS
http://archives.neohapsis.com/archives/bugtraq/2005-11/0336.html

Opera 8.50: malicious Java applet DoS
http://archives.neohapsis.com/archives/bugtraq/2005-11/0372.html

Panda Antivirus: malicious .ZOO file overflow
http://archives.neohapsis.com/archives/bugtraq/2005-11/0358.html

Perl: format string integer wrap vulnerability
http://archives.neohapsis.com/archives/bugtraq/2005-12/0012.html

Trifinite.org sobexsrv: remote format string vulnerability
http://archives.neohapsis.com/archives/bugtraq/2005-12/0042.html

Webmin: miniserv.pl remote format string vulnerability
http://archives.neohapsis.com/archives/bugtraq/2005-11/0353.html

ktools 0.3: buffer overflow
http://archives.neohapsis.com/archives/bugtraq/2005-11/0330.html

openMotif libUil: multiple overflows
http://archives.neohapsis.com/archives/bugtraq/2005-12/0026.html
http://archives.neohapsis.com/archives/vulnwatch/2005-q4/0055.html

--- Patches and Updates
-----------------------------------------------

The following contains a list of vendor patches and updates released
this week.

____Linux____

Debian > DSA 911-1: gtk+2.0
http://archives.neohapsis.com/archives/vendor/2005-q4/0102.html

Debian > DSA 912-1: centericq
http://archives.neohapsis.com/archives/vendor/2005-q4/0103.html

Debian > DSA 913-1: gdk-pixbuf
http://archives.neohapsis.com/archives/bugtraq/2005-12/0013.html

Debian > DSA 914-1: horde2
http://archives.neohapsis.com/archives/bugtraq/2005-12/0007.html

Debian > DSA 915-1: helix-player
http://archives.neohapsis.com/archives/vendor/2005-q4/0106.html

Fedora > FLSA-2005:166943: PHP
http://archives.neohapsis.com/archives/bugtraq/2005-12/0040.html

Mandriva > MDKSA-2005:217: netpbm
http://archives.neohapsis.com/archives/linux/mandrake/2005-q4/0139.html

Mandriva > MDKSA-2005:218: kernel
http://archives.neohapsis.com/archives/linux/mandrake/2005-q4/0140.html

Mandriva > MDKSA-2005:219: kernel
http://archives.neohapsis.com/archives/linux/mandrake/2005-q4/0142.html

Mandriva > MDKSA-2005:220: kernel
http://archives.neohapsis.com/archives/linux/mandrake/2005-q4/0143.html

Mandriva > MDKSA-2005:221: spamassassin
http://archives.neohapsis.com/archives/linux/mandrake/2005-q4/0156.html

Mandriva > MDKSA-2005:222: mailman
http://archives.neohapsis.com/archives/linux/mandrake/2005-q4/0157.html

Mandriva > MDKSA-2005:223: Webmin
http://archives.neohapsis.com/archives/linux/mandrake/2005-q4/0158.html

____Mac OS____

APPLE-SA-2005-11-29: multiple vulnerabilities
http://archives.neohapsis.com/archives/bugtraq/2005-11/0354.html

--- Advertisement
-----------------------------------------------------

This issue presented by CDW.
The security of your entire network is in your hands. And you
don't show a hint of panic. No matter what you need in
technology, you can count on CDW for the right technology,
right away. So visit us online and find out first hand how we
make it happen. Every order, every visit, every time.

--- Sign Off
----------------------------------------------------------

If this e-mail was passed to you, and you would like to begin receiving
our free security e-mail newsletter on a weekly basis, we invite you to
subscribe today by forwarding this message to [subscribe_stwupdate.networkcomputing.com].
Or you can subscribe directly here:
http://www.networkcomputing.com/go/stw.jhtml

To manage all aspects of your subscription and newsletter account,
simply use the URL below. You'll need your e-mail address and
password to log in. If you don't have your password, you can generate
a new one using the same URL. Once logged in, you can change your
e-mail address and password as well as select specific platforms for
which you'd like to receive information on patches and vulnerabilities.
If you have any questions regarding this system, please don't hesitate
to e-mail us at stwnwc.com.
http://stwpref.update.networkcomputing.com/CMP/NWC/prefctr.asp

Put Us On Your White List
Don't let an over-eager e-mail filter bounce the Network Computing
Security Threat Watch newsletter! Our address:

NetworkComputingupdate.networkcomputing.com

needs to be in your address book or on your anti-spam white list. Ask your
admin or ISP how to do this, or check your anti-spam utility documentation.

Important subscription contacts:
CMP Media LLC
600 Community Drive
Manhasset, NY 11030

Unsubscribe to Network Computing's newsletters.
http://www.networkcomputing.com/newsletters/unsubscribe.html

Sign up for your own issue of this newsletter.
http://www.networkcomputing.com/newsletters/subscriptions.html

Subscribe to Network Computing's newsletters.
http://www.networkcomputing.com/newsletters/subscriptions.html

Still not receiving your own FREE subscription to Network Computing
magazine?
http://networkcomputingsubscriptions.com/customerservice/

ADDITIONAL SUBSCRIPTION CONTACT:
Please send an e-mail message to mailto:newsletterscmp.com if you need
assistance changing your e-mail address, unsubscribing from this
newsletter, or require additional assistance with your subscription.
Please be sure to include the name of this newsletter in your message.

Missed an issue? You can find all back issues of Security Threat Watch
(as well as Security Alert Consensus and Security Express) online.
http://archives.neohapsis.com/

Note: To better serve you we use dynamic URLs within our advertisments,
which allow us to see how many readers click on a given ad. We do not
share this information, or your personal information, with any outside
party. Concerned about the privacy of your information relative to these
tracking URLs? Please refer to our privacy policy.
http://www.doubleclick.net/us/corporate/privacy

We'd like to know what you think about the newsletter and what
information you'd like to see in future editions. E-mail your comments
to (stwnwc.com).

To unsubscribe from this newsletter, forward this message to
[unsubscribe_stwupdate.networkcomputing.com].

Copyright (c) 2005 Network Computing, a CMP Media LLC publication. All
Rights Reserved. Distributed by Network Computing
(http://www.networkcomputing.com). Powered by Neohapsis Inc., a
Chicago-based security assessment and integration services consulting
group (infoneohapsis.com | http://www.neohapsis.com/).

This message powered by DARTmail
http://www.doubleclick.net/us/corporate/privacy

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]