New Security Vulnerabilities 1st June 2008

The following new vulnerabilities were added to the Telspace's database this
month:

 

TOTAL THREATS IN THE DATABASE 21645

 

NEW THREATS RISK FACTOR SUMMARY
(*****) Urgent Risk 5
(**** ) Critical Risk 191
(*** ) High Risk 8
(** ) Medium Risk 6
(* ) Low Risk 7

 

NEW THREATS FAMILY SUMMARY
Backdoors 1
Miscellaneous 2
Centos Local Checks 2
HP-UX Local Checks 2
Service Detection 2
Remote Shell Access 3
Web Services 3
Slackware Local Checks 3
FreeBSD Local Checks 3
Ubuntu Local Checks 3
FTP Services 3
Cross-Site Scripting 3
Gentoo Local Checks 4
SuSE Local Checks 4
Microsoft Bulletins 4
Windows 6
Red Hat Local Checks 11
Debian Local Checks 12
Solaris Local Checks 12
Fedora Local Checks 48
AIX Local Checks 86

 

(*****) Urgent Risk - Remote Shell Access
Debian OpenSSH/OpenSSL Package Random Number Generator Weakness (SSL check)

(*****) Urgent Risk - Remote Shell Access Debian OpenSSH/OpenSSL Package Random Number Generator Weakness

(*****) Urgent Risk - Backdoors
Fake SMTP/FTP server (backdoor)

(*****) Urgent Risk - Remote Shell Access
BrightStor ARCserve Backup Multiple Vulnerabilities (QO92996)

(*****) Urgent Risk - Windows
Altiris Deployment Solution < 6.9.176 Multiple Vulnerabilities

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 7 2008-3985: rdesktop

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U815081

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U815049

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 9 2008-4119: lighttpd

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U815073

(**** ) Critical Risk - Windows
Foxit Reader < 2.3 Build 2912 Buffer Overflow Vulnerability

(**** ) Critical Risk - AIX Local Checks
AIX 520010 : U815023

(**** ) Critical Risk – Fedora Local Checks
Fedora Core 9 2008-3886: rdesktop

(**** ) Critical Risk – Debian Local Checks
[DSA1587] DSA-1587-1 mtr

(**** ) Critical Risk – Web Services
DatsoGallery Component User-Agent Header SQL Injection Vulnerability

(**** ) Critical Risk - Debian Local Checks
[DSA1577] DSA-1577-1 gforge

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U815074

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U808774

(**** ) Critical Risk – SuSE Local Checks
SuSE Security Update: bzip2 security update (bzip2-5112)

(**** ) Critical Risk – Fedora Local Checks
Fedora Core 8 2008-4043: kernel

(**** ) Critical Risk – Fedora Local Checks
Fedora Core 9 2008-3668: bugzilla

(**** ) Critical Risk – HP-UX Local Checks
HP-UX Security patch : PHNE_36192

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 7 2008-3117: libfishsound

(**** ) Critical Risk – Fedora Local Checks
Fedora Core 7 2008-3511: audacity

(**** ) Critical Risk - AIX Local Checks
AIX 520010 : U815010

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U810202

(**** ) Critical Risk - AIX Local Checks
AIX 520010 : U815017

(**** ) Critical Risk – Red Hat Local Checks
RHSA-2008-0275: kernel

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 8 2008-3586: cups

(**** ) Critical Risk – Fedora Local Checks
Fedora Core 7 2008-3488: bugzilla

(**** ) Critical Risk - Windows
Altiris Deployment Solution Agent < 6.9.176 Multiple Vulnerabilities

(**** ) Critical Risk - Red Hat Local Checks
RHSA-2008-0194: xen

(**** ) Critical Risk - SuSE Local Checks
SuSE Security Update: Security update for bzip2 (bzip2-5114)

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U815064

(**** ) Critical Risk - AIX Local Checks
AIX 520010 : U815072

(**** ) Critical Risk – Debian Local Checks
[DSA1581] DSA-1581-1 gnutls13

(**** ) Critical Risk – Solaris Local Checks
Solaris 10 (i386) : 127854-02

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U815038

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 7 2008-4104: openoffice.org

(**** ) Critical Risk – Solaris Local Checks
Solaris 10 (i386) : 137872-01

(**** ) Critical Risk - Gentoo Local Checks
[GLSA-200805-19] ClamAV: Multiple vulnerabilities

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U810201

(**** ) Critical Risk - AIX Local Checks
AIX 520010 : U815022

(**** ) Critical Risk – Red Hat Local Checks
RHSA-2008-0271: libvorbis

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 8 2008-4183: gnutls

(**** ) Critical Risk – Solaris Local Checks
Solaris 10 (sparc) : 137032-01

(**** ) Critical Risk - AIX Local Checks
AIX 520010 : U815043

(**** ) Critical Risk – Debian Local Checks
[DSA1583] DSA-1583-1 gnome-peercast

(**** ) Critical Risk - AIX Local Checks
AIX 520010 : U815079

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U815035

(**** ) Critical Risk - AIX Local Checks
AIX 520010 : U815077

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U815056

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 9 2008-3756: cups

(**** ) Critical Risk – Debian Local Checks
[DSA1580] DSA-1580-1 phpgedview

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 9 2008-4003: perl-Imager

(**** ) Critical Risk – Fedora Local Checks
Fedora Core 9 2008-3690: sipp

(**** ) Critical Risk – HP-UX Local Checks
HP-UX Security patch : PHNE_36193

(**** ) Critical Risk – Fedora Local Checks
Fedora Core 8 2008-3462: zoneminder

(**** ) Critical Risk – Fedora Local Checks
Fedora Core 9 2008-3900: clamav

(**** ) Critical Risk - Ubuntu Local Checks
USN612-8 : openssl-blacklist update

(**** ) Critical Risk - Miscellaneous
Firebird Default Credentials

(**** ) Critical Risk - SuSE
Local Checks SuSE Security Update: Security update for xine-lib (xine-devel-5205)

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 9 2008-3910: libvorbis

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 9 2008-4126: mt-daapd

(**** ) Critical Risk – Fedora Local Checks
Fedora Core 9 2008-3812: licq

(**** ) Critical Risk - AIX Local Checks
AIX 520010 : U810199

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U815078

(**** ) Critical Risk - AIX Local Checks
AIX 520010 : U808773

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U815048

(**** ) Critical Risk - AIX Local Checks
AIX 520010 : U815039

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U817525

(**** ) Critical Risk - Red Hat Local Checks
RHSA-2008-0270: libvorbis

(**** ) Critical Risk - AIX Local Checks
AIX 520010 : U815011

(**** ) Critical Risk - AIX Local Checks
AIX 520010 : U815030

(**** ) Critical Risk - AIX Local Checks
AIX 520010 : U815076

(**** ) Critical Risk – Fedora Local Checks
Fedora Core 7 2008-3898: libvorbis

(**** ) Critical Risk - AIX Local Checks
AIX 520010 : U810206

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U815037

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U815058

(**** ) Critical Risk - Red Hat Local Checks
RHSA-2008-0485: compiz

(**** ) Critical Risk - Ubuntu Local Checks
USN612-7 : OpenSSH update

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 9 2008-3601: zoneminder

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U815061

(**** ) Critical Risk - Microsoft Bulletins
Vulnerability in Microsoft Jet Database Engine Could Allow Remote Code Execution (950749)

(**** ) Critical Risk – Ubuntu Local Checks
USN613-1 : GnuTLS vulnerabilities

(**** ) Critical Risk - AIX Local Checks
AIX 520010 : U810211

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U815031

(**** ) Critical Risk – Red Hat Local Checks
RHSA-2008-0297: dovecot

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 8 2008-4248: Django

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U808771

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 9 2008-4267: Django

(**** ) Critical Risk – Fedora Local Checks
Fedora Core 8 2008-3873: kernel

(**** ) Critical Risk - AIX Local Checks
AIX 520010 : U815069

(**** ) Critical Risk – Debian Local Checks
[DSA1582] DSA-1582-1 peercast

(**** ) Critical Risk – Solaris Local Checks
Solaris 10 (sparc) : 120830-06

(**** ) Critical Risk - Red Hat Local Checks
RHSA-2008-0489: gnutls

(**** ) Critical Risk - Red Hat Local Checks
RHSA-2008-0218: gnome

(**** ) Critical Risk - AIX Local Checks
AIX 520010 : U815055

(**** ) Critical Risk – Fedora Local Checks
Fedora Core 7 2008-3519: thunderbird

(**** ) Critical Risk – Debian Local Checks
[DSA1579] DSA-1579-1 netpbm-free

(**** ) Critical Risk - AIX Local Checks
AIX 520010 : U815063

(**** ) Critical Risk – Fedora Local Checks
Fedora Core 8 2008-3969: licq

(**** ) Critical Risk - AIX Local Checks
AIX 520010 : U815075

(**** ) Critical Risk – Fedora Local Checks
Fedora Core 8 2008-3442: bugzilla

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U815032

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U815040

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U815809

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U815053

(**** ) Critical Risk - AIX Local Checks
AIX 520010 : U815027

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U815045

(**** ) Critical Risk - Debian Local Checks
[DSA1578] DSA-1578-1 php4

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U810205

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U810209

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U815082

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U815071

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U815025

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U815029

(**** ) Critical Risk - AIX Local Checks
AIX 520010 : U815059

(**** ) Critical Risk – Red Hat Local Checks
RHSA-2008-0287: libxslt

(**** ) Critical Risk - AIX Local Checks
AIX 520010 : U815047

(**** ) Critical Risk – Windows

Trillian < 3.1.10.0 Multiple Vulnerabilities

(**** ) Critical Risk - AIX Local Checks
AIX 520010 : U815050

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U815066

(**** ) Critical Risk - AIX Local Checks
AIX 520010 : U808772

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U815080

(**** ) Critical Risk - AIX Local Checks
AIX 520010 : U818045

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U815057

(**** ) Critical Risk - AIX Local Checks
AIX 520010 : U815062

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U815054

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 7 2008-3909: licq

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U815068

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 8 2008-3917: rdesktop

(**** ) Critical Risk – Microsoft Bulletins
Vulnerability in Microsoft Publisher Could Allow Remote Code Execution
(951208)

(**** ) Critical Risk - AIX Local Checks
AIX 520010 : U815018

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U815042

(**** ) Critical Risk - Centos Local Checks
CentOS : RHSA-2008-0287

(**** ) Critical Risk – Fedora Local Checks
Fedora Core 7 2008-3516: zoneminder

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U815044

(**** ) Critical Risk – Fedora Local Checks
Fedora Core 8 2008-3456: audacity

(**** ) Critical Risk - SuSE Local Checks
SuSE Security Update: xine-lib security update (xine-devel-5204)

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U815052

(**** ) Critical Risk - AIX Local Checks
AIX 520010 : U808770

(**** ) Critical Risk – Fedora Local Checks
Fedora Core 8 2008-3557: thunderbird

(**** ) Critical Risk - AIX Local Checks
AIX 520010 : U810210

(**** ) Critical Risk – Fedora Local Checks
Fedora Core 7 2008-3508: sipp

(**** ) Critical Risk - Microsoft Bulletins
Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (951207)

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U815067

(**** ) Critical Risk - AIX Local Checks
AIX 520010 : U815041

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U815060

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U815033

(**** ) Critical Risk - AIX Local Checks
AIX 520010 : U815051

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U817523

(**** ) Critical Risk - AIX Local Checks
AIX 520010 : U810203

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U815034

(**** ) Critical Risk - AIX Local Checks
AIX 520010 : U810208

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U815070

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U815036

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U815014

(**** ) Critical Risk – Fedora Local Checks
Fedora Core 7 2008-3920: perl-Imager

(**** ) Critical Risk - Solaris Local Checks
Solaris 10 (sparc) : 137871-01

(**** ) Critical Risk – Fedora Local Checks
Fedora Core 8 2008-3934: libvorbis

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 7 2008-4274: gnutls

(**** ) Critical Risk – Red Hat Local Checks
RHSA-2008-0492: gnutls

(**** ) Critical Risk - Red Hat Local Checks
RHSA-2008-0295: vsftpd

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 7 2008-4191: Django

(**** ) Critical Risk – Miscellaneous
Firebird SYSDBA Unauthorized Authentication Vulnerability

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 9 2008-4259: gnutls

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U815021

(**** ) Critical Risk - Debian Local Checks
[DSA1588] DSA-1588-1 linux-2.6

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U810204

(**** ) Critical Risk – Fedora Local Checks
Fedora Core 9 2008-3621: tkimg

(**** ) Critical Risk – Fedora Local Checks
Fedora Core 7 2008-3874: libid3tag

(**** ) Critical Risk – Fedora Local Checks
Fedora Core 7 2008-3862: blender

(**** ) Critical Risk – Solaris Local Checks
Solaris 10 (i386) : 120831-06

(**** ) Critical Risk - Solaris Local Checks
Solaris 10 (sparc) : 127853-02

(**** ) Critical Risk – Fedora Local Checks
Fedora Core 9 2008-3949: kernel

(**** ) Critical Risk - AIX Local Checks
AIX 520010 : U815046

(**** ) Critical Risk – Centos Local Checks
CentOS : RHSA-2008-0270

(**** ) Critical Risk - Solaris Local Checks
Solaris 10 (i386) : 137033-01

(**** ) Critical Risk – Solaris Local Checks
Solaris 10 (sparc) : 137093-01

(**** ) Critical Risk - Solaris Local Checks
Solaris 10 (i386) : 137094-01

(**** ) Critical Risk – Debian Local Checks
[DSA1584] DSA-1584-1 libfishsound

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 9 2008-3757: libid3tag

(**** ) Critical Risk – Fedora Local Checks
Fedora Core 7 2008-3545: tkimg

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U815065

(**** ) Critical Risk – Fedora Local Checks
Fedora Core 7 2008-3449: cups

(**** ) Critical Risk – Debian Local Checks
[DSA1586] DSA-1586-1 xine-lib

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U810200

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 9 2008-4245: dbmail

(**** ) Critical Risk – AIX Local Checks
AIX 520010 : U817524

(**** ) Critical Risk - Solaris Local Checks
Solaris 9 (i386) : 137911-01

(**** ) Critical Risk – Debian Local Checks
[DSA1585] DSA-1585-1 speex

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 8 2008-3976: libid3tag

(**** ) Critical Risk – Solaris Local Checks
Solaris 9 (sparc) : 137910-01

(**** ) Critical Risk - Gentoo Local Checks
[GLSA-200805-20] GnuTLS: Execution of arbitrary code

(**** ) Critical Risk – Fedora Local Checks
Fedora Core 8 2008-3875: blender

(*** ) High Risk - Gentoo Local Checks
[GLSA-200805-21] Roundup: Permission bypass

(*** ) High Risk - Windows
Stunnel < 4.23 Local Privilege Escalation Vulnerability

(*** ) High Risk - Web Services
Drupal Site Documentation Module Database Tables Information Disclosure Vulnerability

(*** ) High Risk - Web Services
ViewVC CVSROOT Information Disclosure Vulnerability

(*** ) High Risk - Cross-Site Scripting
Mantis Cross-Site Request Forgery Vulnerabilities

(*** ) High Risk - Microsoft Bulletins
Vulnerabilities in Microsoft Malware Protection Engine Could Allow Denial of Service (952044)

(*** ) High Risk - Cross-Site Scripting
Django Administration Application Cross-Site Scripting Vulnerability

(*** ) High Risk - Gentoo Local Checks
[GLSA-200805-17] Perl: Execution of arbitrary code

(** ) Medium Risk - Slackware Local Checks
SSA-2008-148-01 rdesktop

(** ) Medium Risk – Slackware Local Checks
SSA-2008-128-01 php

(** ) Medium Risk - Slackware Local Checks
SSA-2008-128-02 mozilla-thunderbird

(** ) Medium Risk - FreeBSD Local Checks
FreeBSD : django – XSS vulnerability (1123)

(** ) Medium Risk – FreeBSD Local Checks
FreeBSD : libvorbis -- various security issues (1124)

(** ) Medium Risk - FreeBSD Local Checks
FreeBSD : vorbis-tools – Speex header processing vulnerability (1122)

(* ) Low Risk – Windows
Foxit Reader Detection

(* ) Low Risk - FTP Services
Fake FTP server accepts any command

(* ) Low Risk - FTP Services
Fake FTP server does not accept any command

(* ) Low Risk - Service Detection
MDAP Service Detection

(* ) Low Risk - Cross-Site Scripting
Cross-Domain Policy File

(* ) Low Risk - Service Detection
McAfee Common Management Agent Detection

(* ) Low Risk - FTP Services
Fake FTP server accepts a bad sequence of commands


Terms and Conditions | Acceptable Use Policy Copyright © 2010 Telspace. All Rights Reserved