New Security Vulnerabilities 19th April 2007

The following new security tests were added to the Telspace database:

TOTAL THREATS IN THE DATABASE   14399

NEW THREATS RISK FACTOR SUMMARY
   (*****)  Urgent Risk        2
   (**** )  Critical Risk        7
   (***  )  High Risk            0
   (**   )  Medium Risk        4
   (*    )  Low Risk              0

NEW THREATS FAMILY SUMMARY
   FreeBSD Local Checks        4
   Microsoft Bulletins            4
   Centos Local Checks         2
   Fedora Local Checks         2
   Windows                        1

(*****)  Urgent Risk  -  Windows
Kaspersky AV 6.0 Multiple Vulnerabilities

(*****)  Urgent Risk  -  Microsoft Bulletins
Vulnerability in Universal Plug and Play Could Allow Remote Code
Execution (931261)

(**** )  Critical Risk  -  Centos Local Checks
CentOS : RHSA-2007-0152

(**** )  Critical Risk  -  Centos Local Checks
CentOS : RHSA-2007-0126

(**** )  Critical Risk  -  Microsoft Bulletins
Vulnerabilities in CSRSS Could Allow Remote Code Execution (930178)

(**** )  Critical Risk  -  Microsoft Bulletins
Vulnerability in Microsoft Agent Could Allow Remote Code Execution (932168)

(**** )  Critical Risk  -  Fedora Local Checks
Fedora Core 6 2007-423: libXfont

(**** )  Critical Risk  -  Fedora Local Checks
Fedora Core 5 2007-422: libXfont

(**** )  Critical Risk  -  Microsoft Bulletins
Vulnerability in Windows Kernel Could Allow Elevation of Privilege (931784)

(**   )  Medium Risk  -  FreeBSD Local Checks
FreeBSD : zope -- cross-site scripting vulnerability (933)

(**   )  Medium Risk  -  FreeBSD Local Checks
FreeBSD : mcweject -- exploitable buffer overflow (935)

(**   )  Medium Risk  -  FreeBSD Local Checks
FreeBSD : fetchmail -- insecure APOP authentication (936)

(**   )  Medium Risk  -  FreeBSD Local Checks
FreeBSD : webcalendar -- 'noSet' variable overwrite vulnerability (934)