With Service Pack 2, Microsoft introduces a new security feature which warns users before executing files that originate from an untrusted location (zone) such as the Internet. There are two flaws in the implementation of this feature: a cmd issue and the caching of ZoneIDs in Windows Explorer. The Windows command shell cmd ignores zone information and starts executables without warnings. Virus authors could use this to spread viruses despite the new security features of SP2.
Secunia Security Advisory - A vulnerability has been reported in rxvt-unicode, which potentially can be exploited by malicious, local users to manipulate or access sensitive information. The problem is that rxvt-unicode keeps open file handlers to other terminal windows when spawning children. This may potentially allow access to arbitrary terminal windows. This vulnerability affects versions prior to 3.6.
rsync versions 2.6.2 and below have a flaw that allows malicious users to read or write arbitrary files on a vulnerable system. In order to exploit this vulnerability, the rsync daemon cannot be running in a chroot.
Xephyrus Libraries Security Advisory JST-001 - JST versions 3.0 and below are susceptible to a directory traversal vulnerability in the Xephyrus Java Simple Template Engine.
Secunia Security Advisory - A vulnerability has been reported in Simple Form, which can be exploited by malicious people to use it as an open mail relay. Versions below 2.2 are affected.
Secunia Security Advisory - Debasis Mohanty has reported a vulnerability in CuteNews, which can be exploited by malicious people to conduct cross-site scripting attacks.
SpecificMAIL, a freeware spam filter for Outlook and Outlook Express, happens to be extremely intrusive and acts more as spyware than a useful utility to users. Buyer beware.
Debian Security Advisory DSA 537-1 - A problem in the CGI session management of Ruby, an object-oriented scripting language, allows a local attacker to compromise a session due to insecure file creation.
Secunia Security Advisory - Security issues have been reported in Sympa, which can be exploited by malicious people to bypass certain security restrictions. The problem is caused due to an error within Sympa's web interface that makes it possible to approve a pending list without having listmaster privileges. The security issue affects all 2.x, 3.x, and 4.x versions prior to 4.1.2.
Corsaire Security Advisory - Clearswift MAILsweeper versions prior to 4.3.15 do not detect a number of common compression formats, for which it is listed as compatible, and in certain circumstances also fails to identify the name of file attachments when they are encoded.
iDEFENSE Security Advisory 08.12.04-2: Remote exploitation of a buffer overflow in the uudecoding feature of Adobe Acrobat Reader 5.0 for Unix allows an attacker to execute arbitrary code. The Unix and Linux versions of Adobe Acrobat Reader 5.0 automatically attempt to convert uuencoded docuements back into their original format. The vulnerability specifically exists in that Acrobat Reader fails to check the length of the filename before copying it into a fixed length buffer. This allows a maliciously constructed file to cause a buffer overflow resulting in the execution of arbitrary code.
iDEFENSE Security Advisory 08.12.04: Remote exploitation of an input validation error in the uudecoding feature of Adobe Acrobat Reader (Unix) 5.0 allows an attacker to execute arbitrary code. The Unix and Linux versions of Adobe Acrobat Reader 5.0 automatically attempt to convert uuencoded documents back into their original format. The vulnerability specifically exists in the failure of Acrobat Reader to check for the backtick shell metacharacter in the filename before executing a command with a shell. This allows a maliciously constructed filename to execute arbitrary programs.
Secunia Security Advisory - A vulnerability has been reported in MAILsweeper for SMTP, which can be exploited by malicious people to cause a DoS (Denial of Service) on a vulnerable system. The vulnerability is caused due to an error when processing malformed PowerPoint files, which may cause the service to enter an endless loop and exhaust all CPU resources. Versions below 4.3.15 are affected.
SUSE Security Announcement - The SuSE Security Team has discovered various remotely exploitable buffer overflows in the MSN-protocol parsing functions during a code review of the MSN protocol handling code of gaim. Remote attackers can execute arbitrary code as the user running the gaim client.
Secunia Security Advisory - Ziv Kamir has reported some vulnerabilities in Keene Digital Media Server, which can be exploited by malicious people to retrieve sensitive information and perform administrative tasks. The vulnerabilities have been reported in version 1.0.2. Other versions may also be affected.
Secunia Security Advisory - A vulnerability has been discovered in Nokia IPSO, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability affects versions 3.5, 3.5.1, 3.6, 3.7, 3.7.1, and 3.8.
BlackIce Server Protect versions 3.6cno and below from Internet Security Systems installs a firewall ruleset that can be removed or modified by any trusted or local unprivileged user.
KDE Security Advisory - The Konqueror webbrowser allows websites to load webpages into a frame of any other frame-based webpage that the user may have open. A malicious website could abuse Konqueror to insert its own frames into the page of an otherwise trusted website. As a result the user may unknowingly send confidential information intended for the trusted website to the malicious website.
KDE Security Advisory - The Debian project was alerted that KDE's DCOPServer creates temporary files in an insecure manner. Since the temporary files are used for authentication related purposes this can potentially allow a local attacker to compromise the account of any user which runs a KDE application. Affected are version KDE 3.2.x up to KDE 3.2.3 inclusive.
KDE Security Advisory - The SUSE security team was alerted that in some cases the integrity of symlinks used by KDE are not ensured and that these symlinks can be pointing to stale locations. This can be abused by a local attacker to create or truncate arbitrary files or to prevent KDE applications from functioning correctly (Denial of Service). All versions of KDE up to KDE 3.2.3 inclusive.
Secunia Security Advisory - Ziv Kamir has reported a vulnerability in Shuttle FTP Suite 3.x, which can be exploited by malicious people to read or place files in arbitrary locations on a vulnerable system.
An unauthenticated remote attacker can submit various malformed service requests via Bluetooth, triggering a buffer overflow and executing arbitrary code on vulnerable devices using WIDCOMM Bluetooth Connectivity Software. All releases prior to 3.0 are affected.