New Security Vulnerabilities - 13th October 2008
The following new vulnerabilities were added to the Telspace's database this
month:
105 NEW THREATS ADDED SINCE SEPTEMBER 24
TOTAL THREATS IN THE DATABASE 23678
NEW THREATS RISK FACTOR SUMMARY
(*****) Urgent Risk 4
(**** ) Critical Risk 71
(*** ) High Risk 11
(** ) Medium Risk 11
(* ) Low Risk 8
NEW THREATS FAMILY SUMMARY
Unix 1
Microsoft Bulletins 1
FTP Services 1
Mail Services 1
Cross-Site Scripting 1
HP-UX Local Checks 2
Miscellaneous 2
Service Detection 3
Centos Local Checks 3
Slackware Local Checks 3
MacOS X Local Checks 4
FreeBSD Local Checks 5
Windows 6
Gentoo Local Checks 7
Red Hat Local Checks 7
Debian Local Checks 7
Web Services 13
SuSE Local Checks 16
Fedora Local Checks 22
(*****) Urgent Risk - Gentoo Local Checks
Gentoo is not up-to-date
(*****) Urgent Risk - Unix
Default password (rootme) for 'root' account
(*****) Urgent Risk - Miscellaneous
eDirectory < 8.7.3 SP10 FTF1 Multiple Vulnerabilities (OF, DoS)
(*****) Urgent Risk - MacOS X Local Checks
Mac OS X Security Update 2008-007
(**** ) Critical Risk - Fedora Local Checks
Fedora Core 8 2008-8401: seamonkey
(**** ) Critical Risk - Fedora Local Checks
Fedora Core 9 2008-8425: yelp
(**** ) Critical Risk - Microsoft Bulletins
Vulnerabilities in Microsoft SQL Server Could Allow Elevation of Privilege
(941203) - Network check
(**** ) Critical Risk - Fedora Local Checks
Fedora Core 8 2008-8399: yelp
(**** ) Critical Risk - Fedora Local Checks
Fedora Core 9 2008-8429: seamonkey
(**** ) Critical Risk - Red Hat Local Checks
RHSA-2008-0885: kernel
(**** ) Critical Risk - Fedora Local Checks
Fedora Core 9 2008-8379: emacspeak
(**** ) Critical Risk - SuSE Local Checks
SuSE Security Update: Security update for MozillaFirefox
(MozillaFirefox-5644)
(**** ) Critical Risk - SuSE Local Checks
SuSE Security Update: Security update for OpenSSH (openssh-5627)
(**** ) Critical Risk - HP-UX Local Checks
HP-UX Security patch : PHNE_36982
(**** ) Critical Risk - SuSE Local Checks
SuSE Security Update: MozillaFirefox: Update to 2.0.0.17
(MozillaFirefox-5640)
(**** ) Critical Risk - Fedora Local Checks
Fedora Core 8 2008-8423: emacspeak
(**** ) Critical Risk - MacOS X Local Checks
Mac OS X : Flip4Mac < 2.2.1 Unspecified Vulnerability
(**** ) Critical Risk - SuSE Local Checks
SuSE Security Update: GraphicsMagick security update (GraphicsMagick-5646)
(**** ) Critical Risk - Centos Local Checks
CentOS : RHSA-2008-0890
(**** ) Critical Risk - HP-UX Local Checks
HP-UX Security patch : PHNE_37110
(**** ) Critical Risk - Red Hat Local Checks
RHSA-2008-0892: xen
(**** ) Critical Risk - Red Hat Local Checks
RHSA-2008-0908: thunderbird
(**** ) Critical Risk - SuSE Local Checks
SuSE Security Update: Security update for the Linux Kernel (x86)
(kernel-5566)
(**** ) Critical Risk - SuSE Local Checks
SuSE Security Update: dovecot security update (dovecot-5647)
(**** ) Critical Risk - Fedora Local Checks
Fedora Core 9 2008-8322: rubygem-actionmailer
(**** ) Critical Risk - Red Hat Local Checks
RHSA-2008-0907: pam_krb
(**** ) Critical Risk - Windows
WinZip 11.x gdiplus.dll Unspecified Vulnerability
(**** ) Critical Risk - Debian Local Checks
[DSA1644] DSA-1644-1 mplayer
(**** ) Critical Risk - SuSE Local Checks
SuSE Security Update: MozillaThunderbird: Security update to 2.0.0.17
(MozillaThunderbird-5655)
(**** ) Critical Risk - Fedora Local Checks
Fedora Core 9 2008-8618: pam_krb5
(**** ) Critical Risk - Centos Local Checks
CentOS : RHSA-2008-0908
(**** ) Critical Risk - Web Services
Blue Coat Reporter Common admin Password
(**** ) Critical Risk - Fedora Local Checks
Fedora Core 9 2008-8575: libxml2
(**** ) Critical Risk - Fedora Local Checks
Fedora Core 8 2008-8582: libxml2
(**** ) Critical Risk - Fedora Local Checks
Fedora Core 8 2008-8605: pam_krb5
(**** ) Critical Risk - Windows
GdPicture ActiveX Control SaveAsPDF File Overwriting Vulnerability
(**** ) Critical Risk - Debian Local Checks
[DSA1646] DSA-1646-1 squid
(**** ) Critical Risk - Fedora Local Checks
Fedora Core 8 2008-8678: mediawiki
(**** ) Critical Risk - SuSE Local Checks
SuSE Security Update: cups security update (cups-5652)
(**** ) Critical Risk - Fedora Local Checks
Fedora Core 9 2008-8639: mediawiki
(**** ) Critical Risk - Debian Local Checks
[DSA1645] DSA-1645-1 lighttpd
(**** ) Critical Risk - SuSE Local Checks
SuSE Security Update: seamonkey: Update to 1.1.12 security update version
(seamonkey-5657)
(**** ) Critical Risk - SuSE Local Checks
SuSE Security Update: Security update for CUPS (cups-5653)
(**** ) Critical Risk - Debian Local Checks
[DSA1647] DSA-1647-1 php5
(**** ) Critical Risk - SuSE Local Checks
SuSE Security Update: Security update for Mozilla (gecko-sdk-5654)
(**** ) Critical Risk - Windows
Trend Micro OfficeScan Multiple CGI Module Vulnerabilities
(**** ) Critical Risk - Debian Local Checks
[DSA1643] DSA-1643-1 feta
(**** ) Critical Risk - Windows
Opera < 9.60 Multiple Vulnerabilities
(**** ) Critical Risk - Debian Local Checks
[DSA1649] DSA-1649-1 iceweasel
(**** ) Critical Risk - Red Hat Local Checks
RHSA-2008-0882: seamonkey
(**** ) Critical Risk - SuSE Local Checks
SuSE Security Update: mozilla-xulrunner181: Security update to 1.8.1.17
(mozilla-xulrunner181-5656)
(**** ) Critical Risk - Red Hat Local Checks
RHSA-2008-0879: devhelp
(**** ) Critical Risk - SuSE Local Checks
SuSE Security Update: Security update for Bluetooth utilities
(bluez-cups-5437)
(**** ) Critical Risk - Web Services
Openads Delivery Engine PHP Code Injection Vulnerability
(**** ) Critical Risk - Debian Local Checks
[DSA1648] DSA-1648-1 mon
(**** ) Critical Risk - Web Services
OpenX bannerid SQL Injection Vulnerability
(**** ) Critical Risk - Red Hat Local Checks
RHSA-2008-0890: wireshark
(**** ) Critical Risk - Web Services
OpenNMS Web Console Default Credentials
(**** ) Critical Risk - Fedora Local Checks
Fedora Core 8 2008-8270: viewvc
(**** ) Critical Risk - Fedora Local Checks
Fedora Core 9 2008-8335: phpMyAdmin
(**** ) Critical Risk - MacOS X Local Checks
Mac OS X : Java for Mac OS X 10.4 Release 7
(**** ) Critical Risk - Windows
Mozilla Thunderbird < 2.0.0.17
(**** ) Critical Risk - Fedora Local Checks
Fedora Core 8 2008-8364: rkhunter
(**** ) Critical Risk - Fedora Local Checks
Fedora Core 9 2008-8370: phpMyAdmin
(**** ) Critical Risk - Fedora Local Checks
Fedora Core 8 2008-8269: phpMyAdmin
(**** ) Critical Risk - Centos Local Checks
CentOS : RHSA-2008-0882
(**** ) Critical Risk - Web Services
Observer <= 0.3.2.1 Multiple Remote Command Execution Vulnerabilities
(**** ) Critical Risk - Fedora Local Checks
Fedora Core 9 2008-7667: initscripts
(**** ) Critical Risk - Fedora Local Checks
Fedora Core 8 2008-8286: phpMyAdmin
(**** ) Critical Risk - MacOS X Local Checks Mac OS X : Java for Mac OS X 10.5 Update 2
(**** ) Critical Risk - SuSE Local Checks
SuSE Security Update: bluez security update (bluez-audio-5441)
(**** ) Critical Risk - Fedora Local Checks Fedora Core 9 2008- 8252: viewvc
(**** ) Critical Risk - Fedora Local Checks
Fedora Core 9 2008-8314: rkhunter
(**** ) Critical Risk - SuSE Local Checks
SuSE Security Update: xgl: Fixes for security vulnerabilities in included X server. (xgl-5526)
(**** ) Critical Risk - SuSE Local Checks
SuSE Security Update: Security update for Xgl (xgl-5528)
(*** ) High Risk - Gentoo Local Checks
[GLSA-200809-17] Wireshark: Multiple Denials of Service
(*** ) High Risk - Web Services
phpScheduleIt start_date Command Injection Vulnerability
(*** ) High Risk - Web Services
lighttpd < 1.4.20 Multiple Vulnerabilities
(*** ) High Risk - Gentoo Local Checks
[GLSA-200809-14] BitlBee: Security bypass
(*** ) High Risk - Web Services
Trend Micro OfficeScan Client Directory Traversal Vulnerability
(*** ) High Risk - Gentoo Local Checks
[GLSA-200810-01] WordNet: Execution of arbitrary code
(*** ) High Risk - Gentoo Local Checks
[GLSA-200809-15] GNU ed: User-assisted execution of arbitrary code
(*** ) High Risk - Web Services
MailWatch for MailScanner doc Parameter File Include Vulnerability
(*** ) High Risk - Gentoo Local Checks
[GLSA-200809-18] ClamAV: Multiple Denials of Service
(*** ) High Risk - Gentoo Local Checks
[GLSA-200809-16] Git: User-assisted execution of arbitrary code
(*** ) High Risk - Web Services
pluck update.php Availability
(** ) Medium Risk - FreeBSD Local Checks
FreeBSD : lighttpd -- multiple vulnerabilities (1169)
(** ) Medium Risk - FTP Services
FTP Clear Text Authentication
(** ) Medium Risk - FreeBSD Local Checks
FreeBSD : mplayer -- multiple integer overflows (1170)
(** ) Medium Risk - Cross-Site Scripting
MailMarshal Spam Quarantine Management Cross-Site Scripting Vulnerability
(** ) Medium Risk - Mail Services
Postfix epoll File Descriptor Leakage Vulnerability
(** ) Medium Risk - FreeBSD Local Checks
FreeBSD : squirrelmail -- Session hijacking vulnerability (1167)
(** ) Medium Risk - FreeBSD Local Checks
FreeBSD : mozilla -- multiple vulnerabilities (1166)
(** ) Medium Risk - Slackware Local Checks
SSA-2008-269-01 mozilla-firefox
(** ) Medium Risk - Slackware Local Checks
SSA-2008-269-02 seamonkey
(** ) Medium Risk - FreeBSD Local Checks
FreeBSD : bitlbee -- account recreation security issues (1168)
(** ) Medium Risk - Slackware Local Checks
SSA-2008-270-01 mozilla-thunderbird
(* ) Low Risk - Service Detection
Dns2TCP Service Detection
(* ) Low Risk - Web Services
Blue Coat Reporter Detection
(* ) Low Risk - Web Services
phpScheduleIt Detection
(* ) Low Risk - Web Services
OpenNMS Web Console Detection
(* ) Low Risk - Windows
TOM-Skype Detection
(* ) Low Risk - Service Detection
Zebedee Server Detection
(* ) Low Risk - Service Detection
echoServer Detection
(* ) Low Risk - Miscellaneous
Port scanners settings
|
