New Security Vulnerabilities 14 November 2008

The following new vulnerabilities were added to the Telspace's database this
month:

33 NEW THREATS ADDED SINCE NOVEMBER 07

TOTAL THREATS IN THE DATABASE 24048


NEW THREATS RISK FACTOR SUMMARY
(*****) Urgent Risk 0
(**** ) Critical Risk 21
(*** ) High Risk 6
(** ) Medium Risk 6
(* ) Low Risk 0


NEW THREATS FAMILY SUMMARY
Remote Shell Access 1
Debian Local Checks 1
Database Services 1
Web Services 2
Slackware Local Checks 2
Gentoo Local Checks 3
SuSE Local Checks 3
Windows 3
HP-UX Local Checks 3
FreeBSD Local Checks 4
Fedora Local Checks 10


(**** ) Critical Risk - Fedora Local Checks
Fedora Core 9 2008-9479: drupal-cck

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 9 2008-9257: wordpress

(**** ) Critical Risk - Windows
VLC Media Player 0.5.0 to 0.9.5 Stack-Based Buffer Overflows

(**** ) Critical Risk - HP-UX Local Checks
HP-UX Security patch : PHSS_34392

(**** ) Critical Risk - HP-UX Local Checks
HP-UX Security patch : PHSS_37972

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 8 2008-9502: moodle

(**** ) Critical Risk - Windows
Flash Player APSB08-18 / APSB08-20

(**** ) Critical Risk - SuSE Local Checks
SuSE Security Update: libcdaudio remotely exploitable buffer overflow
(libcdaudio-5745)

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 9 2008-9508: moodle

(**** ) Critical Risk - SuSE Local Checks
SuSE Security Update: Security update for ipsec-tools (ipsec-tools-5638)

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 9 2008-9420: php-Smarty

(**** ) Critical Risk - SuSE Local Checks
SuSE Security Update: ipsec-tools security update (ipsec-tools-5630)

(**** ) Critical Risk - HP-UX Local Checks
HP-UX Security patch : PHSS_38840

(**** ) Critical Risk - Web Services
Openfire AuthCheck Authentication Bypass

(**** ) Critical Risk - Remote Shell Access
ClamAV < 0.94.1 get_unicode_name() Off-by-One Buffer Overflow

(**** ) Critical Risk - Debian Local Checks
[DSA1663] DSA-1663-1 net-snmp

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 8 2008-9016: ipsec-tools

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 8 2008-9401: php-Smarty

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 8 2008-9304: wordpress

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 9 2008-9007: ipsec-tools

(**** ) Critical Risk - Fedora Local Checks
Fedora Core 9 2008-9458: cman

(*** ) High Risk - Gentoo Local Checks
[GLSA-200811-02] Gallery: Multiple vulnerabilities

(*** ) High Risk - Gentoo Local Checks
[GLSA-200811-04] Graphviz: User-assisted execution of arbitrary code

(*** ) High Risk - Gentoo Local Checks
[GLSA-200811-03] FAAD2: User-assisted execution of arbitrary code

(*** ) High Risk - Windows
Google Chrome < 0.3.154.9 Address Spoofing

(*** ) High Risk - Web Services
PHPWebAdmin for hMailServer Multiple File Include Vulnerabilities

(*** ) High Risk - Database Services
MySQL Enterprise Server 5.0 < 5.0.70 Privilege Bypass

(** ) Medium Risk - Slackware Local Checks
SSA-2008-315-01 gnutls

(** ) Medium Risk - FreeBSD Local Checks
FreeBSD : vlc -- cue processing stack overflow (1187)

(** ) Medium Risk - Slackware Local Checks
SSA-2008-312-01 cups

(** ) Medium Risk - FreeBSD Local Checks
FreeBSD : emacs -- run-python vulnerability (1190)

(** ) Medium Risk - FreeBSD Local Checks
FreeBSD : trac -- potential DOS vulnerability (1188)

(** ) Medium Risk - FreeBSD Local Checks
FreeBSD : clamav -- off-by-one heap overflow in VBA project parser (1189)


Terms and Conditions | Acceptable Use Policy Copyright © 2010 Telspace. All Rights Reserved