[gull-annonces] Résumé SecurityFocus Newsletter #274

Marc SCHAEFER schaefer at alphanet.ch
Fri Nov 12 10:11:02 CET 2004 

Caudium Remote Denial Of Service Vulnerability
BugTraq ID: 11567
Remote: Yes
Date Published: Oct 30 2004
Relevant URL: http://www.securityfocus.com/bid/11567
Summary:

Caudium is reported prone to a remote denial of service vulnerability.

Remote attackers may exploit this vulnerability to crash affected Web
servers, denying service to legitimate users.

Versions of Caudium prior to 1.4.4 RC2 are reported susceptible to
this vulnerability.

[ Serveur WWW GPL performant et comprenant des outils de gestion de
contenu style wml ]

Bogofilter EMail Filter Remote Quoted Printable Decoder Deni...
BugTraq ID: 11568
Remote: Yes
Date Published: Nov 01 2004
Relevant URL: http://www.securityfocus.com/bid/11568
Summary:
A remote quoted printable decoder denial of service vulnerability
reportedly affects Bogofilter.  This issue is due to a failure of the
application to handle malformed email headers.

An attacker can leverage this issue to cause the affected email filter
to crash, denying service to all legitimate users.

Linux Kernel IPTables Initialization Failure Vulnerability
BugTraq ID: 11570
Remote: No
Date Published: Nov 01 2004
Relevant URL: http://www.securityfocus.com/bid/11570
Summary:
Linux kernel iptables is reportedly affected by an initialization
error vulnerability.  This issue is due to a design error within the
application.

This issue causes the affected utility to initialize improperly,
leading to a false sense of security as all of the firewall rules may
not always be loaded.

[ ce problème n'est pas tellement différent de mettre à jour le kernel
d'un firewall en oubliant quelques modules: le mieux est de regarder les
messages d'erreur du démarrage du script de firewall à chaque changement
de configuration et de logiciel système. ]

HTML::Merge Template Parameter File Disclosure Vulnerability
BugTraq ID: 11571
Remote: Yes
Date Published: Nov 01 2004
Relevant URL: http://www.securityfocus.com/bid/11571
Summary:
HTML::Merge is reported prone to a remote file disclosure
vulnerability. The vulnerability presents itself due to a lack of
sufficient sanitization performed on user-supplied data that is passed
to the 'printsource.pl' script.

It is reported that this vulnerability may be exploited by a remote
attacker to specify an arbitrary web server readable file and have
that file served to the attacker.

QwikMail Remote Format String Vulnerability
BugTraq ID: 11572
Remote: Yes
Date Published: Nov 01 2004
Relevant URL: http://www.securityfocus.com/bid/11572
Summary:
It is reported that QwikMail is susceptible to a remote format string
vulnerability. This issue is due to a failure of the application to
properly sanitize user-supplied input before using it as the format
specifier in a formatted printing function.

This vulnerability reportedly allows remote attackers to execute
arbitrary code in the context of the affected daemon process.

Version 0.3 was reported susceptible to this vulnerability. Other
versions may also be affected.

[ MTA/MDA `open source' sans ESMTP, encore version beta. Utilisez
  exim ou postfix
]

Cherokee HTTPD Auth_Pam Authentication Remote Format String ...
BugTraq ID: 11574
Remote: Yes
Date Published: Nov 01 2004
Relevant URL: http://www.securityfocus.com/bid/11574
Summary:
It is reported that Cherokee is susceptible to a remote format string
vulnerability. This issue is due to a failure of the application to
properly sanitize user-supplied input before using it as the format
specifier in a formatted printing function.

A remote attacker may exploit this vulnerability to execute arbitrary
code in the context of the affected service.

[ Petit serveur HTTP pour système embarqué, GPL, très performant ]

PostgreSQL Unspecified RPM Initialization Script Vulnerabili...
BugTraq ID: 11575
Remote: Unknown
Date Published: Nov 01 2004
Relevant URL: http://www.securityfocus.com/bid/11575
Summary:
An unspecified RPM initialization script vulnerability affects
PostgreSQL.  The underlying issue causing this vulnerability is
currently unknown.

The impact of this issue is currently unknown.  This BID will be
updated immediately upon the release of more information.

[ Il manque les informations concernant la distribution, j'ai peine à
croire que cela touche toutes les diverses incarnations de packages
PostgreSQL en RPM. Probablement que c'est lié à la correction de Debian
concernant des fichiers temporaires d'il y a quelques temps. Si le
bug est à la fois dans PostgreSQL distribué comme DPKG et comme RPM,
il est presque certain que cela concerne en fait une vulnérabilité
d'upstream.
En bref, ce rapport d'erreur est totalement inutile en l'état, mais
c'est de plus en plus le cas avec security-focus.
]

Haserl Local Environment Variable Manipulation Vulnerability
BugTraq ID: 11579
Remote: No
Date Published: Nov 02 2004
Relevant URL: http://www.securityfocus.com/bid/11579
Summary:
Haserl is reportedly affected by a local environment variable
manipulation vulnerability.  This issue is due to a design error that
allows local users to manipulate environment variables.

An attacker may leverage this issue to arbitrarily corrupt or update
environment variables with the privileges of the affected web server.

[ petit wrapper en C qui permet des pages dynamiques sans l'overhead de
  PHP/Perl p.ex.,  supporte SUID. Utilisation probable: systèmes embarqués.
]

NetGear ProSafe Dual Band Wireless VPN Firewall Default SNMP...
BugTraq ID: 11580
Remote: Yes
Date Published: Nov 02 2004
Relevant URL: http://www.securityfocus.com/bid/11580
Summary:
ProSafe Dual Band Wireless VPN Firewall is reported prone to a
vulnerability that can allow remote attackers to gain sensitive
information about a network protected by the device.

This issue presents itself because the appliance uses a default
community string for SNMP.

NetGear ProSafe Dual Band Wireless VPN Firewall model FWAG114 is
reported prone to this issue.

[ firmware ]

ISC DHCPD Remote Format String Vulnerability
BugTraq ID: 11591
Remote: Yes
Date Published: Nov 02 2004
Relevant URL: http://www.securityfocus.com/bid/11591
Summary:
A remote format string vulnerability is reported in the ISC DHCPD
server package. User supplied data is logged in an unsafe
fashion. Exploitation of this vulnerability may result in arbitrary
code being executed by the DHCP server. Although unconfirmed it is
conjectured that this issue may only be exploitable when debugging
functionality is enabled.

[ vague ]

Proxytunnel Remote Format String Vulnerability
BugTraq ID: 11592
Remote: Yes
Date Published: Nov 03 2004
Relevant URL: http://www.securityfocus.com/bid/11592
Summary:
Proxytunnel is prone to a remotely exploitable format string
vulnerability.  This vulnerability is exposed when the proxy server
handles malicious input from another remote server.  This issue occurs
when the software is run in daemon mode.

Successful exploitation of this vulnerability may allow for execution
of arbitrary code in the context of the proxy server.

[ GPL. ]

Info-ZIP zip Remote Recursive Directory Compression Buffer O...
BugTraq ID: 11603
Remote: Yes
Date Published: Nov 04 2004
Relevant URL: http://www.securityfocus.com/bid/11603
Summary:
A remote recursive directory compression buffer overflow vulnerability
reportedly affects Info-ZIP zip.  This issue is due to insufficient
buffer boundary verification prior to copying user-supplied data.

Successful exploitation of this issue would allow an attacker to
execute arbitrary code on the affected computer with the privileges of
a user running the affected application.  This issue would likely
facilitate unauthorized access or privilege escalation.

Zile Multiple Unspecified Vulnerabilities
BugTraq ID: 11609
Remote: Yes
Date Published: Nov 05 2004
Relevant URL: http://www.securityfocus.com/bid/11609
Summary:
Zile is affected by multiple unspecified security vulnerabilities.
The underlying cause or causes for these issues is currently unknown.
This BID will be updated when more information becomes available.

It is possible these issue could be exploited to gain unauthorized
access or privilege escalation.  It should be noted however that this
is entirely speculation and cannot be verified.

[ Emacs clone, GPL ]

More information about the gull-annonces mailing list