@RISK: The Consensus Security Vulnerability Alert

Part I -- Critical Vulnerabilities from TippingPoint (www.tippingpoint.com)

Widely Deployed Software

• (1) CRITICAL: Computer Associates BrightStor ARCserve Multiple Buffer Overflows
• (2) HIGH: QuickTime Java Remote Code Execution Vulnerability
• (3) HIGH: Asterisk SIP Processing Multiple Vulnerabilities
• (4) MODERATE: Courier IMAP Server Remote Command Execution

Other Software

• (5) HIGH: 3proxy Buffer Overflow
• (6) MODERATE: Multiple Cisco Products PHP Buffer Overflow

Technical Details

• (7) DETAILS: Apple Mac OS X RPC Runtime Library Integer Overflow

Part II -- Comprehensive List of Newly Discovered Vulnerabilities from Qualys (www.qualys.com)

Third Party Windows Apps

• 07.18.1 - IncrediMail IMMenuShellExt ActiveX Control Remote Buffer Overflow
• 07.18.2 - Plesk Login.PHP3 Directory Traversal
• 07.18.3 - ABC-View Manager PSP File Buffer Overflow
• 07.18.4 - Fresh View PSP File Buffer Overflow
• 07.18.5 - InterVideo HomeTheater ActiveX Control Remote Buffer Overflow
• 07.18.6 - Nero MediaHome NMMediaServer.EXE Remote Denial of Service
• 07.18.7 - Nullsoft Winamp PLS File Remote Denial of Service
• 07.18.8 - Cdelia Software ImageProcessing Malformed BMP File Denial of Service
• 07.18.9 - Adobe Photoshop Multiple File Format Buffer Overflow
• 07.18.10 - Corel Paint Shop Pro Photo Malformed CLP File Buffer Overflow
• 07.18.11 - WSFTP Null Pointer Dereference Remote Denial of Service
• 07.18.12 - Foxit Reader Malformed PDF File Denial of Service
• 07.18.13 - Check Point Zone Alarm Srescan.SYS Multiple Local Privilege Escalation Vulnerabilities

Linux

• 07.18.14 - Linux Kernel NETLINK_FIB_LOOKUP Local Denial of Service
• 07.18.15 - Linux Kernel L2CAP and HCI Setsockopt Memory Leak Information Disclosure

Solaris

• 07.18.16 - Sun Cluster Software Unspecified Denial of Service

Unix

• 07.18.17 - Courier-IMAP XMAILDIR Shell Command Injection
• 07.18.18 - FreePBX SIP Packet Multiple HTML Injection Vulnerabilities
• 07.18.19 - eXtremail Buffer Overflow And DNS Spoofing Vulnerabilities

Cross Platform

• 07.18.20 - Multiple Web Browsers Digest Authentication HTTP Response Splitting
• 07.18.21 - OPIE Accessfile.C Remote Denial of Service
• 07.18.22 - Apple QuickTime MP4 FlipFileTypeAtom_BtoN Integer Overflow
• 07.18.23 - Clam AntiVirus ClamAV PDF Handling Remote Denial of Service
• 07.18.24 - Cisco NetFlow Collection Engine Remote Default Account
• 07.18.25 - Apple QuickTime MOV File JVTCompEncodeFrame Heap Overflow
• 07.18.26 - Computer Associates BrightStor ArcServe Media Server Multiple Remote Buffer Overflow Vulnerabilities
• 07.18.27 - PostgreSQL SECURITY DEFINER Function Local Privilege Escalation
• 07.18.28 - ACDSee XPMHeaders Buffer Overflow
• 07.18.29 - XnView XPMHeaders Buffer Overflow
• 07.18.30 - OpenSSH S/Key Remote Information Disclosure
• 07.18.31 - Sendmail Unspecified Denial of Service
• 07.18.32 - Photofiltre Studio Malformed TIF File Buffer Overflow
• 07.18.33 - aMsn Malformed Message Denial of Service
• 07.18.34 - Yate SIP Protocol Denial of Service

Web Application - Cross Site Scripting

• 07.18.35 - Moinmoin Index.PHP Cross-Site Scripting
• 07.18.36 - phpMyAdmin Multiple Cross-Site Scripting Vulnerabilities
• 07.18.37 - TJSChat You.PHP Cross-Site Scripting

Web Application - SQL Injection

• 07.18.38 - Computer Associates CleverPath Portal Local SQL Injection
• 07.18.39 - Burak Yilmaz Blog BRY.ASP SQL Injection
• 07.18.40 - MyBulletinBoard Calendar.PHP SQL Injection
• 07.18.41 - EsForum Forum.PHP SQL Injection
• 07.18.42 - uPHP Free Ring Index.PHP SQL Injection

Web Application

• 07.18.43 - phpBandManager Index.PHP Remote File Include
• 07.18.44 - Doruk100Net Info.PHP Remote File Include
• 07.18.45 - phpOracleView Include_All.Inc.PHP Remote File Include
• 07.18.46 - HYIP Manager Pro Multiple Remote File Include Vulnerabilities
• 07.18.47 - Comus Accept.PHP Remote File Include
• 07.18.48 - Lunascape RSS Feed HTML Injection
• 07.18.49 - DynaTracker Base_Path Parameter Multiple Remote File Include Vulnerabilities
• 07.18.50 - Active PHP Bookmarks APB.PHP Remote File Include
• 07.18.51 - TurnkeyWebTools Sunshop Multiple Remote File Include Vulnerabilities
• 07.18.52 - Sinato Jmuffin Multiple Remote File Include Vulnerabilities
• 07.18.53 - PHPMyTGP AddVIP.PHP Remote File Include
• 07.18.54 - Ahhp Portal Page.PHP Multiple Remote File Include Vulnerabilities
• 07.18.55 - Cafelog B2 Multiple Remote File Include Vulnerabilities
• 07.18.56 - Built2Go PHP Link Portal Remote File Include
• 07.18.57 - Ext Feed-Proxy.PHP Directory Traversal
• 07.18.58 - Google Talk DXImageTransform HTML Injection
• 07.18.59 - MyNewsGroups Include.PHP Remote File Include
• 07.18.60 - Progress Webspeed _CPYFile.P Unauthorized Access
• 07.18.61 - Wavewoo Loading.PHP Remote File Include
• 07.18.62 - SilverString CMS Search Functionality Unspecified
• 07.18.63 - JulmaCMS File.PHP Directory Traversal
• 07.18.64 - DMCMS Upload_File.PHP Arbitrary File Upload
• 07.18.65 - Xaraya Roles Module Form Handler Security Bypass
• 07.18.66 - USP FOSS Distribution Download.PHP Directory Traversal
• 07.18.67 - Advanced Webhost Billing System Cart2.PHP Remote File Include
• 07.18.68 - YA Book City Field HTML Injection
• 07.18.69 - GPB Bulletin Board Multiple Remote File Include Vulnerabilities
• 07.18.70 - Pagode Navigator_ok.PHP Directory Traversal
• 07.18.71 - LMS RTMessageAdd.PHP Remote File Include
• 07.18.72 - Joomla! PCLTar.PHP Remote File Include
• 07.18.73 - Maran PHP Forum Forum_write.PHP Arbitrary File Upload
• 07.18.74 - Phorum Multiple Input Validation Vulnerabilities
• 07.18.75 - Claroline RootSys Remote File Include
• 07.18.76 - acvsws_php5 Transport.PHP Remote File Include
• 07.18.77 - Post Revolution Dir Multiple Remote File Include Vulnerabilities
• 07.18.78 - File117 Multiple Remote File Include Vulnerabilities
• 07.18.79 - Big Blue Guestbook Comment HTML Injection
• 07.18.80 - Ripe Website Manager Multiple Input Validation Vulnerabilities
• 07.18.81 - Allfaclassifieds Level2.PHP Remote File Include
• 07.18.82 - PHPMyBibli Init.Inc.PHP Remote File Include
• 07.18.83 - WEBinsta FM Manager Admin Cookies Remote File Include
• 07.18.84 - Supasite Multiple Remote File Include Vulnerabilities
• 07.18.85 - JCHit Counter Imgsrv.PHP Directory Traversal
• 07.18.86 - PHP Turbulence Turbulence.PHP Remote File Include
• 07.18.87 - Exponent CMS Multiple Input Validation Vulnerabilities
• 07.18.88 - NeatUpload HTTPWorkerRequest.FlushResponse Information Disclosure

Network Device

• 07.18.89 - Asterisk SIP T.38 SDP Parsing Remote Stack Buffer Overflow Vulnerabilities
• 07.18.90 - Asterisk ManagerInterface Manager.Conf Remote Denial of Service
• 07.18.91 - HP StorageWorks Command View Unspecified Local Unauthorized Access
• 07.18.92 - Linksys SPA941 7 Character Denial of Service
• 07.18.93 - IPv6 Protocol Type 0 Route Header Denial of Service

PART I Critical Vulnerabilities

Part I for this issue has been compiled by Rob King and Rohit Dhamankar at TippingPoint, a division of 3Com, as a by-product of that company's continuous effort to ensure that its intrusion prevention products effectively block exploits using known vulnerabilities. TippingPoint's analysis is complemented by input from a council of security managers from twelve large organizations who confidentially share with SANS the specific actions they have taken to protect their systems. A detailed description of the process may be found at http://www.sans.org/newsletters/cva/#process

Part II: Weekly Comprehensive List of Newly Discovered Vulnerabilities
Week 18, 2007

This list is compiled by Qualys ( www.qualys.com ) as part of that company's ongoing effort to ensure its vulnerability management web service tests for all known vulnerabilities that can be scanned. As of this week Qualys scans for 5436 unique vulnerabilities. For this special SANS community listing, Qualys also includes vulnerabilities that cannot be scanned remotely.

• 07.18.1 - CVE: CVE-2007-1683
• Platform: Third Party Windows Apps
• Title: IncrediMail IMMenuShellExt ActiveX Control Remote Buffer Overflow
• Description: IncrediMail is an email application for the Microsoft Windows operating system. The application is exposed to a stack-based buffer overflow issue because it fails to sufficiently check boundaries of user-supplied input before copying it to an insufficiently sized memory buffer.
• Ref: http://www.kb.cert.org/vuls/id/906777

• 07.18.2 - CVE: Not Available
• Platform: Third Party Windows Apps
• Title: Plesk Login.PHP3 Directory Traversal
• Description: Plesk is a server management application targeted at hosting providers. The application is exposed to a directory traversal issue because it fails to properly sanitize user-supplied input to the "locale_id" parameter of "login.php3". Plesk for Windows 8.1.1, 8.1 and 7.6.1 are affected.
• Ref: http://www.securityfocus.com/bid/23639

• 07.18.3 - CVE: Not Available
• Platform: Third Party Windows Apps
• Title: ABC-View Manager PSP File Buffer Overflow
• Description: ABC-View Manager is an image viewing and management application for Microsoft Windows platforms. It supports various image file formats, including PSP (Paint Shop Pro) files. The application is exposed to a buffer overflow issue because it fails to bounds check user-supplied data before copying it into an insufficiently sized buffer. ABC-View Manager version 1.42 is affected.
• Ref: http://www.securityfocus.com/bid/23653

• 07.18.4 - CVE: Not Available
• Platform: Third Party Windows Apps
• Title: Fresh View PSP File Buffer Overflow
• Description: Fresh View is a multimedia file viewing and management application for Microsoft Windows platforms. It supports various multimedia file formats, including PSP (Paint Shop Pro) files. The application is exposed to a buffer overflow issue because it fails to bounds check user-supplied data before copying it into an insufficiently sized buffer. Fresh View version 7.15 is affected.
• Ref: http://www.securityfocus.com/bid/23660

• 07.18.5 - CVE: Not Available
• Platform: Third Party Windows Apps
• Title: InterVideo HomeTheater ActiveX Control Remote Buffer Overflow
• Description: InterVideo HomeTheater is a media player. The application is exposed to a buffer overflow issue which stems from a boundary condition in the "GetDiscType()" method in the "WinDVDX" ActiveX control. InterVideo HomeTheater versions 2.1.13.0 and 2.5.13.58, incorporating WinDVDX.ocx 1.0.0.1 are affected.
• Ref: http://support.microsoft.com/kb/240797

• 07.18.6 - CVE: Not Available
• Platform: Third Party Windows Apps
• Title: Nero MediaHome NMMediaServer.EXE Remote Denial of Service
• Description: Nero MediaHome is an application that allows users to stream videos, TV and music. The application is exposed to a denial of service issue because it fails to handle exceptional conditions in the "NMMediaServer.exe" when handling specially crafted packets. Nero MediaHome version 2.5.5.0 and Nero MediaHome CE 1.3.0.4 are affected.
• Ref: http://www.securityfocus.com/bid/23640

• 07.18.7 - CVE: Not Available
• Platform: Third Party Windows Apps
• Title: Nullsoft Winamp PLS File Remote Denial of Service
• Description: Winamp is a freely available media player from Nullsoft. The application is exposed to a denial of service issue when processing malformed files. Winamp version 5.33 is affected.
• Ref: http://www.securityfocus.com/bid/23627

• 07.18.8 - CVE: Not Available
• Platform: Third Party Windows Apps
• Title: Cdelia Software ImageProcessing Malformed BMP File Denial of Service
• Description: Cdelia Software ImageProcessing is an application that allows users to view and edit images. The application is exposed to a denial of service issue because it fails to handle specially crafted BMP files.
• Ref: http://www.securityfocus.com/bid/23629

• 07.18.9 - CVE: Not Available
• Platform: Third Party Windows Apps
• Title: Adobe Photoshop Multiple File Format Buffer Overflow
• Description: Adobe Photoshop is an application that allows users to view and edit various graphic formats. The application is exposed to a buffer overflow issue because it fails to bounds check user-supplied data before copying it into an insufficiently sized buffer. Adobe Photoshop versions CS2 and CS3 are affected.
• Ref: http://www.securityfocus.com/bid/23621

• 07.18.10 - CVE: Not Available
• Platform: Third Party Windows Apps
• Title: Corel Paint Shop Pro Photo Malformed CLP File Buffer Overflow
• Description: Corel Paint Shop Pro Photo is an application that allows users to view and edit various graphic formats. The application is exposed to a buffer overflow issue because it fails to bounds check user-supplied data before copying it into an insufficiently sized buffer. Corel Paint Shop Pro Photo version 11.20 is affected.
• Ref: http://www.securityfocus.com/bid/23604

• 07.18.11 - CVE: Not Available
• Platform: Third Party Windows Apps
• Title: WSFTP Null Pointer Dereference Remote Denial of Service
• Description: WSFTP is a file transfer protocol application available for multiple Microsoft Windows platforms. The application is exposed to a remote denial of service issue because the application fails to handle exceptional conditions. Ipswitch WS_FTP Home 2007 and Server Professional 2007 are affected.
• Ref: http://www.securityfocus.com/archive/1/466576

• 07.18.12 - CVE: Not Available
• Platform: Third Party Windows Apps
• Title: Foxit Reader Malformed PDF File Denial of Service
• Description: Foxit Reader is a PDF document reader available for Microsoft Windows. The application is exposed to a denial of service issue because it fails to handle specially crafted PDF files. Foxit Reader 2.0 is affected.
• Ref: http://www.securityfocus.com/bid/23576

• 07.18.13 - CVE: Not Available
• Platform: Third Party Windows Apps
• Title: Check Point Zone Alarm Srescan.SYS Multiple Local Privilege Escalation Vulnerabilities
• Description: ZoneAlarm is a firewall and application security package designed for the Microsoft Windows operating systems. It is distributed and maintained by Check Point. The application is exposed to multiple local privilege escalation issues which exist in the IOCTL handling code of the "srescan.sys" device driver that contains the spyware removal engine. Check Point Zone Alarm versions using ZoneAlarm Spyware Removal Engine (SRE) versions prior to 5.0.156.0 are affected. Ref: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=517

• 07.18.14 - CVE: Not Available
• Platform: Linux
• Title: Linux Kernel NETLINK_FIB_LOOKUP Local Denial of Service
• Description: The Linux kernel is exposed to a denial of service issue when a NETLINK message is misrouted. The NETLINK protocol is used for communications between user-space and kernel-space. Versions of the Linux kernel prior to 2.6.20.8 are affected.
• Ref: http://www.securityfocus.com/bid/23677

• 07.18.15 - CVE: CVE-2007-1353
• Platform: Linux
• Title: Linux Kernel L2CAP and HCI Setsockopt Memory Leak Information Disclosure
• Description: The Linux Kernel is exposed to an information disclosure issue because it fails to handle unexpected user-supplied input. The Linux kernel versions 2.4.34.2 and earlier are affected.
• Ref: http://www.securityfocus.com/bid/23594

• 07.18.16 - CVE: Not Available
• Platform: Solaris
• Title: Sun Cluster Software Unspecified Denial of Service
• Description: Sun Cluster Software is a multi-system disaster recovery solution that manages the availability of applications, services and data. The application is exposed to a remote denial of service issue due to an unspecified error in the Sun Cluster Software application. Sun Cluster Software versions 3.1 for Solaris 8, 9 and 10 and Sun Cluster 3.2 for Solaris 9 and 10 for SPARC and x86 platforms are affected. Ref: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102874-1&searchclause=

• 07.18.17 - CVE: Not Available
• Platform: Unix
• Title: Courier-IMAP XMAILDIR Shell Command Injection
• Description: Courier-IMAP is an IMAP daemon for Linux and UNIX systems. The application is exposed to a shell command injection issue because it fails to properly sanitize user-supplied input to the "XMAILDIR" variable. Courier-IMAP versions for Gentoo prior to 4.0.6-r2 are affected.
• Ref: http://bugs.gentoo.org/show_bug.cgi?id=168196

• 07.18.18 - CVE: Not Available
• Platform: Unix
• Title: FreePBX SIP Packet Multiple HTML Injection Vulnerabilities
• Description: FreePBX is a web-based configuration tool for the open source Asterisk PBX. The application is exposed to multiple HTML injection issues because it fails to properly sanitize user-supplied input from Asterisk's log files before using it in dynamically generated content. The FreePBX 2.2 series is affected.
• Ref: http://www.securityfocus.com/bid/23575

• 07.18.19 - CVE: Not Available
• Platform: Unix
• Title: eXtremail Buffer Overflow And DNS Spoofing Vulnerabilities
• Description: eXtremail is a mail server application. The application is exposed to a buffer overflow issue. It is also exposed to unspecified DNS spoofing issues when an attacker sends malicious DNS data to trigger them. eXtremail versions 2.1 and 2.1.1 are affected.
• Ref: http://www.securityfocus.com/bid/23577

• 07.18.20 - CVE: Not Available
• Platform: Cross Platform
• Title: Multiple Web Browsers Digest Authentication HTTP Response Splitting
• Description: Multiple web browsers are prone to an HTTP response splitting vulnerability. This issue is caused by a failure to properly sanitize user-supplied input before using it to create dynamic content. Microsoft Internet Explorer version 7.0.5730.11 and Mozilla Firefox version 2.0.0.3 are affected.
• Ref: http://www.securityfocus.com/bid/23668

• 07.18.21 - CVE: Not Available
• Platform: Cross Platform
• Title: OPIE Accessfile.C Remote Denial of Service
• Description: OPIE is a package and set of utilities to allow one time passwords for multiple ssh applications. The application is exposed to a remote denial of service issue due to an off-by-one error in a bounds checking operation. OpenSSH using OPIE 2.32 and 2.4 are affected.
• Ref: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=414015

• 07.18.22 - CVE: Not Available
• Platform: Cross Platform
• Title: Apple QuickTime MP4 FlipFileTypeAtom_BtoN Integer Overflow
• Description: Apple QuickTime is a media player that supports multiple file formats. The application is exposed to an integer overflow issue because it fails to properly verify user-supplied input in the "FlipFileTypeAtom_BtoN()" function when the application processes malicious MP4 files. Apple QuickTime Player versions 7.1.5 and earlier are affected.
• Ref: http://security-protocols.com/sp-x46-advisory.php

• 07.18.23 - CVE: CVE-2007-2029
• Platform: Cross Platform
• Title: Clam AntiVirus ClamAV PDF Handling Remote Denial of Service
• Description: ClamAV is an antivirus application for Microsoft Windows and UNIX like operating systems. The application is exposed to a remote denial of service issue because of a file descriptor leakage when handling malicious PDF files.
• Ref: http://www.securityfocus.com/bid/23656

• 07.18.24 - CVE: Not Available
• Platform: Cross Platform
• Title: Cisco NetFlow Collection Engine Remote Default Account
• Description: Cisco NetFlow Collection Engine (NFC) is a network monitoring and management application. The application is exposed to a default account issue due to a design flaw that results in an insecure account being available to remote users. Versions of Cisco NFC prior to version 6.0 are affected. Refer to Cisco Bug ID CSCsh75038.
• Ref: http://www.kb.cert.org/vuls/id/127545

• 07.18.25 - CVE: Not Available
• Platform: Cross Platform
• Title: Apple QuickTime MOV File JVTCompEncodeFrame Heap Overflow
• Description: Apple QuickTime is a media player that supports multiple file formats. The application is exposed to a heap overflow issue because it fails to properly bounds check user-supplied input. Apple QuickTime Player versions 7.1.5 and earlier are affected.
• Ref: http://security-protocols.com/sp-x45-advisory.php

• 07.18.26 - CVE: CVE-2007-2139
• Platform: Cross Platform
• Title: Computer Associates BrightStor ArcServe Media Server Multiple Remote Buffer Overflow Vulnerabilities
• Description: Computer Associates BrightStor ARCserve Backup products provide backup and restore protection. The application is exposed to multiple remote buffer overflow issues because it fails to properly bounds check user-supplied data before copying it into an insufficiently sized memory buffer.
• Ref: http://www.zerodayinitiative.com/advisories/ZDI-07-022.html http://www.kb.cert.org/vuls/id/979825

• 07.18.27 - CVE: CVE-2007-2138
• Platform: Cross Platform
• Title: PostgreSQL SECURITY DEFINER Function Local Privilege Escalation
• Description: PostgreSQL is an open source database for Windows, Unix and Linux. The application is exposed to a local privilege escalation issue which resides in the PostgreSQL "search_path" settings, and allows unprivileged users to use temporary objects to gain escalated privileges in the context of the "security-definer" function. PostgreSQL versions 8.2, 8.1, 8.0, 7.4 and 7.3 are vulnerable.
• Ref: http://www.postgresql.org/support/security

• 07.18.28 - CVE: Not Available
• Platform: Cross Platform
• Title: ACDSee XPMHeaders Buffer Overflow
• Description: ACDSee is a photo viewer available for multiple platforms. The application is exposed to a buffer overflow issue because it fails to bounds check user-supplied input before copying it into an insufficiently sized buffer. ACDSee version 9.0 is affected.
• Ref: http://www.securityfocus.com/bid/23620

• 07.18.29 - CVE: Not Available
• Platform: Cross Platform
• Title: XnView XPMHeaders Buffer Overflow
• Description: XnView is a photo viewer application available for multiple platforms. The application is exposed to a buffer overflow issue because it fails to bounds check user-supplied input before copying it into an insufficiently sized buffer. XnView version 1.90.3 is affected.
• Ref: http://www.securityfocus.com/bid/23625

• 07.18.30 - CVE: Not Available
• Platform: Cross Platform
• Title: OpenSSH S/Key Remote Information Disclosure
• Description: OpenSSH is an open-source implementation of the Secure Shell protocol. The application is exposed to an information disclosure issue due to a failure of the application to properly obscure the existence of valid usernames in authentication attempts.
• Ref: http://www.securityfocus.com/bid/23601

• 07.18.31 - CVE: Not Available
• Platform: Cross Platform
• Title: Sendmail Unspecified Denial of Service
• Description: Sendmail is a widely used MTA for UNIX and Microsoft Windows systems. The application is exposed to a denial of service issue because the application fails to handle exceptional conditions.
• Ref: http://www.kb.cert.org/vuls/id/349305

• 07.18.32 - CVE: Not Available
• Platform: Cross Platform
• Title: Photofiltre Studio Malformed TIF File Buffer Overflow
• Description: Photofiltre Studio is an application that allows users to view and edit various graphic formats. The application is exposed to a buffer overflow issue because the application fails to bounds check user supplied data before copying it into an insufficiently sized buffer. Photofiltre Studio version 8.1.1 is affected.
• Ref: http://www.securityfocus.com/bid/23582

• 07.18.33 - CVE: Not Available
• Platform: Cross Platform
• Title: aMsn Malformed Message Denial of Service
• Description: aMsn is an instant messaging application available for various operating systems. The application is exposed to a remote denial of service issue because it fails to handle exceptional conditions. aMsn versions 0.96 and earlier are affected.
• Ref: http://www.securityfocus.com/bid/23583

• 07.18.34 - CVE: Not Available
• Platform: Cross Platform
• Title: Yate SIP Protocol Denial of Service
• Description: Yate is a telephony engine available for various operating systems. The application is exposed to a remote denial of service issue because it fails to handle exceptional conditions in the SIP protocol. Yate versions 1.1.0 and earlier are affected.
• Ref: http://www.securityfocus.com/bid/23590

• 07.18.35 - CVE: Not Available
• Platform: Web Application - Cross Site Scripting
• Title: Moinmoin Index.PHP Cross-Site Scripting
• Description: Moinmoin is an open-source wiki written in Python. The application is exposed to a cross-site scripting issue because it fails to properly sanitize user-supplied input to the "do" parameter of the "index.php" script when using an "AttachFile" argument to the "action" parameter. Moinmoin version 1.5.7 is affected.
• Ref: http://www.securityfocus.com/bid/23676

• 07.18.36 - CVE: Not Available
• Platform: Web Application - Cross Site Scripting
• Title: phpMyAdmin Multiple Cross-Site Scripting Vulnerabilities
• Description: phpMyAdmin is a web-based SQL database application. The application is exposed to multiple cross-site scripting issues because it fails to sanitize user-supplied input to the "fieldkey" parameter of the "browse_foreigners.php" script and unspecified input to the "PMA_sanitize()" function. phpMyAdmin versions prior to 2.10.1 are affected.
• Ref: http://www.securityfocus.com/bid/23624

• 07.18.37 - CVE: Not Available
• Platform: Web Application - Cross Site Scripting
• Title: TJSChat You.PHP Cross-Site Scripting
• Description: TJSChat is a web-based chat application. The application is exposed to a cross-site scripting issue because it fails to properly sanitize user-supplied input to the "user" parameter of the "you.php" script. TJSChat version 0.95 is affected.
• Ref: http://www.securityfocus.com/bid/23593

• 07.18.38 - CVE: CVE-2007-2230
• Platform: Web Application - SQL Injection
• Title: Computer Associates CleverPath Portal Local SQL Injection
• Description: Computer Associates CleverPath Portal is a web-based portal application available for a variety of operating systems. The application is exposed to a local SQL injection issue because it fails to sufficiently sanitize user-supplied data via the Lite Search field before using it in an SQL query.
• Ref: http://www.securityfocus.com/bid/23671

• 07.18.39 - CVE: Not Available
• Platform: Web Application - SQL Injection
• Title: Burak Yilmaz Blog BRY.ASP SQL Injection
• Description: Burak Yilmaz Blog is a web application. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "id" parameter of the "bry.asp" script before using it in an SQL query. Burak Yilmaz version 1.0 is affected.
• Ref: http://www.securityfocus.com/bid/23678

• 07.18.40 - CVE: Not Available
• Platform: Web Application - SQL Injection
• Title: MyBulletinBoard Calendar.PHP SQL Injection
• Description: MyBulletinBoard is a bulletin board program. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user input to the "day" parameter in the "calendar.php" script before using it in an SQL query. MyBulletinBoard versions 1.2.5 and earlier are affected.
• Ref: http://www.securityfocus.com/bid/23612

• 07.18.41 - CVE: Not Available
• Platform: Web Application - SQL Injection
• Title: EsForum Forum.PHP SQL Injection
• Description: EsForum is a web-based forum application. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "idsalon" parameter of the "forum.php" script before using it in an SQL query. EsForum version 3.0 is affected.
• Ref: http://www.securityfocus.com/bid/23605

• 07.18.42 - CVE: Not Available
• Platform: Web Application - SQL Injection
• Title: uPHP Free Ring Index.PHP SQL Injection
• Description: uPHP Free Ring is a web-based relational directory and ring building tool. The application is exposed to an SQL injection issue because it fails to sufficiently sanitize user-supplied data to the "ring" parameter of the "index.php" script before using it in an SQL query. uPHP Free Ring 0.9 is affected.
• Ref: http://www.securityfocus.com/bid/23586

• 07.18.43 - CVE: Not Available
• Platform: Web Application
• Title: phpBandManager Index.PHP Remote File Include
• Description: phpBandManager is a web-based tool for managing a music band. The application is exposed to a remote file include issue because it fails to sufficiently sanitize user-supplied input to the "_GET[pg]" parameter of the "suite/index.php" script. phpBandManager version 0.8 is affected.
• Ref: http://www.securityfocus.com/bid/23673

• 07.18.44 - CVE: Not Available
• Platform: Web Application
• Title: Doruk100Net Info.PHP Remote File Include
• Description: Doruk100Net is a web application. The application is exposed to a remote file include issue because it fails to sufficiently sanitize user-supplied input to the "file" parameter of the "info.php" script.
• Ref: http://www.securityfocus.com/bid/23675

• 07.18.45 - CVE: Not Available
• Platform: Web Application
• Title: phpOracleView Include_All.Inc.PHP Remote File Include
• Description: phpOracleView is a web-based application to assist in Oracle administration remotely. The application is exposed to a remote file include issue because it fails to sufficiently sanitize user-supplied input to the "page_dir" parameter of the "inc/include_all.inc.php" script.
• Ref: http://www.securityfocus.com/bid/23672

• 07.18.46 - CVE: Not Available
• Platform: Web Application
• Title: HYIP Manager Pro Multiple Remote File Include Vulnerabilities
• Description: HYIP Manager Pro is a package for investment site. The application is exposed to multiple remote file include issues because it fails to sufficiently sanitize user-supplied input to the "plugin_file" of the "Smarty_Compiler.class.php;" script.
• Ref: http://www.securityfocus.com/bid/23663

• 07.18.47 - CVE: Not Available
• Platform: Web Application
• Title: Comus Accept.PHP Remote File Include
• Description: Comus is a photo gallery application. The application is exposed to a remote file include issue because it fails to sufficiently sanitize user-supplied input to the "DOCUMENT_ROOT" parameter of the "accept.php" script. Comus version 2.0 is affected.
• Ref: http://www.securityfocus.com/bid/23661

• 07.18.48 - CVE: Not Available
• Platform: Web Application
• Title: Lunascape RSS Feed HTML Injection
• Description: Lunascape is a RSS feed reader application. The application is exposed to an HTML injection issue because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Lunascape versions prior to 4.2.0 are affected.
• Ref: http://www.securityfocus.com/bid/23665

• 07.18.49 - CVE: Not Available
• Platform: Web Application
• Title: DynaTracker Base_Path Parameter Multiple Remote File Include Vulnerabilities
• Description: DynaTracker is a web-based application. The application is exposed to multiple remote file include issues because it fails to sufficiently sanitize user-supplied input to the "base_path" parameter of the "action.php" and "includes_handler.php" scripts. DynaTracker version 1.5.1 is affected.
• Ref: http://www.securityfocus.com/bid/23667

• 07.18.50 - CVE: Not Available
• Platform: Web Application
• Title: Active PHP Bookmarks APB.PHP Remote File Include
• Description: Active PHP Bookmarks is a bookmark management application. The application is exposed to a remote file include issue because it fails to sufficiently sanitize user-supplied input to the "APB_SETTINGS['apb_path']" parameter of the "apb.php" script. Active PHP Bookmarks version 1.0 is affected.
• Ref: http://www.securityfocus.com/bid/23670

• 07.18.51 - CVE: Not Available
• Platform: Web Application
• Title: TurnkeyWebTools Sunshop Multiple Remote File Include Vulnerabilities
• Description: Sunshop is a web-based shopping-cart system. The application is exposed to multiple remote file include issues because it fails to sufficiently sanitize user-supplied input to the "abs_path" of the "/include/payment/payflow_pro.php", "global.php" and "libsecure.php" scripts. Sunshop version 4 is affected.
• Ref: http://www.securityfocus.com/bid/23662

• 07.18.52 - CVE: Not Available
• Platform: Web Application
• Title: Sinato Jmuffin Multiple Remote File Include Vulnerabilities
• Description: Sinato Jmuffin is a content management system. The application is exposed to multiple remote file include issues because it fails to sufficiently sanitize user-supplied input to the "relPath" and "folder" parameters of the "detail.php" script.
• Ref: http://www.securityfocus.com/bid/23655

• 07.18.53 - CVE: Not Available
• Platform: Web Application
• Title: PHPMyTGP AddVIP.PHP Remote File Include
• Description: PHPMyTGP is a photo gallery application. The application is exposed to a remote file include issue because it fails to sufficiently sanitize user-supplied input to the "msetstr["PROGSDIR"]" parameter of the "addvip.php" script. PHPMyTGP version 1.4b is affected.
• Ref: http://www.securityfocus.com/bid/23657

• 07.18.54 - CVE: Not Available
• Platform: Web Application
• Title: Ahhp Portal Page.PHP Multiple Remote File Include Vulnerabilities
• Description: Ahhp Portal is a web-based portal application. The application is exposed to multiple remote file include issues because it fails to sufficiently sanitize user-supplied input to the "fp" and "sc" parameters of the "page.php" script.
• Ref: http://www.securityfocus.com/bid/23658

• 07.18.55 - CVE: Not Available
• Platform: Web Application
• Title: Cafelog B2 Multiple Remote File Include Vulnerabilities
• Description: B2 is a weblog and news publishing tool. It is currently known as WordPress. The application is exposed to a remote file include issue because it fails to sufficiently sanitize user-supplied input to the "b2inc" parameter of the "b2archives.php", "b2categories.php" and "b2mail.php" scripts. B2 version 0.6.1 is affected.
• Ref: http://www.securityfocus.com/bid/23659

• 07.18.56 - CVE: Not Available
• Platform: Web Application
• Title: Built2Go PHP Link Portal Remote File Include
• Description: Built2Go PHP Link Portal is a PHP application designed to quickly create a link portal web site. The application is exposed to a remote file include issue because it fails to sufficiently sanitize user-supplied input to the "full_path_to_db" parameter of the "config.php" script. Built2Go PHP Link Portal version 1.79 is affected.
• Ref: http://www.securityfocus.com/bid/23651

• 07.18.57 - CVE: Not Available
• Platform: Web Application
• Title: Ext Feed-Proxy.PHP Directory Traversal
• Description: Ext is a library for Javascript, Ajax and UI components. The application is exposed to a directory traversal issue because it fails to properly sanitize user-supplied input. Ext version 1.0 Alpha1 is affected.
• Ref: http://www.securityfocus.com/bid/23643

• 07.18.58 - CVE: Not Available
• Platform: Web Application
• Title: Google Talk DXImageTransform HTML Injection
• Description: Google Talk is a web-based communication application available for multiple operating systems. The application is exposed to an HTML injection issue because the "src" attribute of the "DXImageTransform()" function is not adequately sanitized prior to being used to display a file-type icon to a transfer recipient in the transfer notification box. Google Talk version 1.0.0.104 is affected.
• Ref: http://www.securityfocus.com/bid/23645

• 07.18.59 - CVE: Not Available
• Platform: Web Application
• Title: MyNewsGroups Include.PHP Remote File Include
• Description: MyNewsGroups is a PHP application that acts as a Web interface to Usenet. The application is exposed to a remote file include issue because it fails to sufficiently sanitize user-supplied input to the "myng_root" parameter of the "include.php" script. MyNewsGroups version 0.6 is affected.
• Ref: http://www.securityfocus.com/bid/23646

• 07.18.60 - CVE: Not Available
• Platform: Web Application
• Title: Progress Webspeed _CPYFile.P Unauthorized Access
• Description: Progress WebSpeed is an application for serving, creating and managing web applications. The application is exposed to an unspecified issue that lets attackers gain unauthorized access to the application's administrative scripts. WebSpeed versions 3.1a, 3.1d, and 3.1e are affected.
• Ref: http://www.securityfocus.com/archive/1/466771

• 07.18.61 - CVE: Not Available
• Platform: Web Application
• Title: Wavewoo Loading.PHP Remote File Include
• Description: Wavewoo is a PHP application to manage scoring and archiving of sports competitions. The application is exposed to a remote file include issue because it fails to sufficiently sanitize user-supplied input to the "path_include" parameter of the "loading.php" script. Wavewoo version 0.1.1 is affected.
• Ref: http://www.securityfocus.com/bid/23636

• 07.18.62 - CVE: Not Available
• Platform: Web Application
• Title: SilverString CMS Search Functionality Unspecified
• Description: SilverString CMS is a content management system. The application is exposed to an unspecified issue in the search functionality. SilverString CMS version 2.0.0 is affected.
• Ref: http://www.securityfocus.com/bid/23641

• 07.18.63 - CVE: Not Available
• Platform: Web Application
• Title: JulmaCMS File.PHP Directory Traversal
• Description: JulmaCMS is a web page management application. The application is exposed to a directory traversal issue because it fails to properly sanitize user-supplied input to the "file" parameter of the "file.php" script. JulmaCMS version 1.4 is affected.
• Ref: http://www.securityfocus.com/bid/23642

• 07.18.64 - CVE: Not Available
• Platform: Web Application
• Title: DMCMS Upload_File.PHP Arbitrary File Upload
• Description: DMCMS is a web-based content management application. The application is exposed to an arbitrary file upload issue because the "upload_file.php" script fails to properly verify the contents of uploaded files. DMCMS version 0.6.3 Beta is affected.
• Ref: http://www.securityfocus.com/bid/23628

• 07.18.65 - CVE: Not Available
• Platform: Web Application
• Title: Xaraya Roles Module Form Handler Security Bypass
• Description: Xaraya is a content manager system. The application is exposed to an issue that lets attackers gain administrative access because the application fails to check privileges within certain form handlers in the Role Module. Xaraya versions prior to 1.1.3 are affected.
• Ref: http://www.securityfocus.com/bid/23631

• 07.18.66 - CVE: Not Available
• Platform: Web Application
• Title: USP FOSS Distribution Download.PHP Directory Traversal
• Description: USP FOSS Distribution is a file distribution application. The application is exposed to a directory traversal issue because it fails to properly sanitize user-supplied input to the "dnld" parameter of the "download.php" script. USP FOSS Distribution version 1.01 is affected.
• Ref: http://www.securityfocus.com/bid/23632

• 07.18.67 - CVE: Not Available
• Platform: Web Application
• Title: Advanced Webhost Billing System Cart2.PHP Remote File Include
• Description: Advanced Webhost Billing System (AWBS) is an application for web hosting and domain registration. The application is exposed to a remote file include issue because it fails to sufficiently sanitize user-supplied input to the "workdir" parameter of the "cart2.php" script. Advanced Webhost Billing System version 2.4.0 is affected.
• Ref: http://www.securityfocus.com/bid/23633

• 07.18.68 - CVE: Not Available
• Platform: Web Application
• Title: YA Book City Field HTML Injection
• Description: YA Book is a guest book application. The application is exposed to an HTML injection issue because it fails to sufficiently sanitize user-supplied input to the "city" input field of the "index.php" script before displaying it in dynamically generated content. YA Book version 0.98-alpha is affected.
• Ref: http://www.securityfocus.com/archive/1/466743

• 07.18.69 - CVE: Not Available
• Platform: Web Application
• Title: GPB Bulletin Board Multiple Remote File Include Vulnerabilities
• Description: GPB is a forum application. The application is exposed to multiple remote file include issues because it fails to sufficiently sanitize user-supplied input. GPB version 2001.11.14-1 is affected.
• Ref: http://www.securityfocus.com/bid/23622

• 07.18.70 - CVE: Not Available
• Platform: Web Application
• Title: Pagode Navigator_ok.PHP Directory Traversal
• Description: Pagode is a Samba management system. The application is exposed to a directory traversal issue because it fails to properly sanitize user-supplied input when specially crafted HTTP GET requests containing a directory traversal string ("../") are sent to the "asolute" parameter of the "navigator_ok.php" script. Pagode version 0.5.8 is affected.
• Ref: http://www.securityfocus.com/bid/23617

• 07.18.71 - CVE: Not Available
• Platform: Web Application
• Title: LMS RTMessageAdd.PHP Remote File Include
• Description: LMS (LAN Management System) is network management software designed for Internet Service Providers (ISPs). The application is exposed to a remote file include issue because it fails to sufficiently sanitize user-supplied input to the "_LIB_DIR" parameter of the "/modules/rtmessageadd.php" script. LMS versions 1.5.3 and 1.5.4 are affected.
• Ref: http://www.securityfocus.com/bid/23611

• 07.18.72 - CVE: Not Available
• Platform: Web Application
• Title: Joomla! PCLTar.PHP Remote File Include
• Description: Joomla! is a web-based content management system (CMS). The application is exposed to a remote file include issue because it fails to sufficiently sanitize user-supplied input to the "g_pcltar_lib_dir" parameter of the "pcltar.php" script. Joomla! version 1.5.0 Beta is affected.
• Ref: http://www.securityfocus.com/archive/1/466687

• 07.18.73 - CVE: Not Available
• Platform: Web Application
• Title: Maran PHP Forum Forum_write.PHP Arbitrary File Upload
• Description: Maran PHP Forum is a web-based forum application. The application is exposed to an arbitrary file upload issue because the "forum_write.php" script fails to properly verify the contents of uploaded files. Maran PHP Forum version 09.04.2006 is affected.
• Ref: http://www.securityfocus.com/bid/23614

• 07.18.74 - CVE: Not Available
• Platform: Web Application
• Title: Phorum Multiple Input Validation Vulnerabilities
• Description: Phorum is a web-based forum application. The application is exposed to multiple input validation issues because the application fails to sufficiently sanitize user-supplied input. Phorum version 5.1.20 is affected.
• Ref: http://www.securityfocus.com/archive/1/466286

• 07.18.75 - CVE: Not Available
• Platform: Web Application
• Title: Claroline RootSys Remote File Include
• Description: Claroline is a collaborative learning application. The application is exposed to a remote file include issue because it fails to sufficiently sanitize user-supplied input to the "rootSys" parameter of the "/claroline/inc/lib/index.php" script. Claroline versions prior to 1.8 rc1 are affected. Ref: http://www.claroline.net/wiki/index.php/Talk:Manual_security_hack_in_1.6_and_1.7

• 07.18.76 - CVE: Not Available
• Platform: Web Application
• Title: acvsws_php5 Transport.PHP Remote File Include
• Description: acvsws_php5 is a web portal application. The application is exposed to a remote file include issue because it fails to sufficiently sanitize user-supplied input to the "CheminInclude" parameter of the "Transport.php" script.
• Ref: http://www.securityfocus.com/bid/23603

• 07.18.77 - CVE: Not Available
• Platform: Web Application
• Title: Post Revolution Dir Multiple Remote File Include Vulnerabilities
• Description: Post Revolution is a content management application. The application is exposed to multiple remote file include issues because it fails to sufficiently sanitize user-supplied input to the "dir" parameter of the scripts "common.php" and "themes/default/preview_post_completo.php". Post Revolution versions 7.0 RC2 and 6.6 are affected.
• Ref: http://www.securityfocus.com/bid/23607

• 07.18.78 - CVE: Not Available
• Platform: Web Application
• Title: File117 Multiple Remote File Include Vulnerabilities
• Description: File117 is a web-based application. The application is exposed to multiple remote file include issues because it fails to sufficiently sanitize user-supplied input to the "relPath" and "folder" parameters of the "detail.php" script.
• Ref: http://www.securityfocus.com/bid/23600

• 07.18.79 - CVE: Not Available
• Platform: Web Application
• Title: Big Blue Guestbook Comment HTML Injection
• Description: Big Blue Guestbook is a guestbook application. The application is exposed to an HTML injection issue because it fails to properly sanitize user-supplied input before using it in dynamically generated content.
• Ref: http://www.securityfocus.com/bid/23591

• 07.18.80 - CVE: Not Available
• Platform: Web Application
• Title: Ripe Website Manager Multiple Input Validation Vulnerabilities
• Description: Ripe Website Manager is a content management system. The application is exposed to input validation issues because it fails to sufficiently sanitize user-supplied data in the "ripeformpost" parameter of the "contact/index.php" script. Ripe Website Manager version 0.8.4 and earlier are affected.
• Ref: http://www.securityfocus.com/archive/1/466673

• 07.18.81 - CVE: Not Available
• Platform: Web Application
• Title: Allfaclassifieds Level2.PHP Remote File Include
• Description: Allfaclassifieds is a classified advertising system. The application is exposed to a remote file include issue because it fails to sufficiently sanitize user-supplied input to the "dir" parameter of the "level2.php" script. Allfaclassifieds version 6.04 is affected.
• Ref: http://www.securityfocus.com/bid/23598

• 07.18.82 - CVE: Not Available
• Platform: Web Application
• Title: PHPMyBibli Init.Inc.PHP Remote File Include
• Description: PHPMyBibli is a library management application. The application is exposed to a remote file include issue because it fails to sufficiently sanitize user-supplied input to the "base_path" parameter of the "/includes/init.inc.php" script. PHPMyBibli version 1.32 is affected.
• Ref: http://www.securityfocus.com/bid/23599

• 07.18.83 - CVE: Not Available
• Platform: Web Application
• Title: WEBinsta FM Manager Admin Cookies Remote File Include
• Description: WEBinsta FM Manager is a web-based file manager. The application is exposed to a remote file include issue because it fails to properly sanitize user-supplied input to the "absolute_path" parameter of the "admin/login.php" script only when the administrative "login" and "password" cookies contain data. WEBinsta FM Manager version 0.4.1 is affected.
• Ref: http://www.securityfocus.com/bid/23592/info

• 07.18.84 - CVE: Not Available
• Platform: Web Application
• Title: Supasite Multiple Remote File Include Vulnerabilities
• Description: Supasite is a content management system. The application is exposed to multiple remote file include issues because it fails to sufficiently sanitize user-supplied input to the "supa[db_path]" parameter. Supasite versions 1.23b and earlier are affected.
• Ref: http://www.securityfocus.com/bid/23581

• 07.18.85 - CVE: Not Available
• Platform: Web Application
• Title: JCHit Counter Imgsrv.PHP Directory Traversal
• Description: JCHit Counter is a hit counter script. The application is exposed to a directory traversal issue because it fails to properly sanitize user-supplied input. The issue occurs when specially crafted HTTP GET requests containing a directory-traversal string ("../") are sent to the "acc" parameter of the "imgsrv.php" script. JCHit Counter version 1.0.0 is affected.
• Ref: http://www.securityfocus.com/bid/23585

• 07.18.86 - CVE: Not Available
• Platform: Web Application
• Title: PHP Turbulence Turbulence.PHP Remote File Include
• Description: PHP Turbulence is a suite of PHP scripts that work together in unison. The application is exposed to a remote file include issue because it fails to sufficiently sanitize user-supplied input to the "GLOBALS['tdb']" parameter of the "turbolence.php" script. PHP Turbulence version 0.0.1 alpha is affected.
• Ref: http://www.securityfocus.com/archive/1/466564

• 07.18.87 - CVE: Not Available
• Platform: Web Application
• Title: Exponent CMS Multiple Input Validation Vulnerabilities
• Description: Exponent CMS is a content manager application. The application is exposed to the following input validation issues because it fails to sufficiently sanitize user-supplied input. Exponent CMS version 0.96.6 Alpha and Exponent CMS version 0.96.5 RC1 are affected.
• Ref: http://www.securityfocus.com/bid/23574

• 07.18.88 - CVE: Not Available
• Platform: Web Application
• Title: NeatUpload HTTPWorkerRequest.FlushResponse Information Disclosure
• Description: NeatUpload allows ASP.NET developers to stream uploaded files to storage. The application is exposed to an information disclosure issue because of a race condition in the affected application. NeatUpload versions 1.2.11-1.2.16, 1.1.18-1.1.23 and trunk.379-trunk.445 are affected.
• Ref: http://www.securityfocus.com/archive/1/466404

• 07.18.89 - CVE: Not Available
• Platform: Network Device
• Title: Asterisk SIP T.38 SDP Parsing Remote Stack Buffer Overflow Vulnerabilities
• Description: Asterisk is a private branch exchange (PBX) application available for Linux, BSD and Mac OS X platforms. The application is exposed to multiple remote buffer overflow issues because it fails to perform adequate boundary checks on user-supplied data before copying it to insufficiently sized buffers. Asterisk versions prior to Asterisk Open Source version 1.4.3, AsteriskNOW Beta 6, and Asterisk Appliance Developer Kit version 0.4.0 are affected.
• Ref: http://www.securityfocus.com/archive/1/466883

• 07.18.90 - CVE: Not Available
• Platform: Network Device
• Title: Asterisk ManagerInterface Manager.Conf Remote Denial of Service
• Description: Asterisk is a private branch exchange (PBX) application available for Linux, BSD and Mac OS X platforms. The application is exposed to a remote denial of service issue because it fails to handle exceptional conditions. Asterisk versions prior to Business Edition B.1.3.3 are affected.
• Ref: http://www.securityfocus.com/archive/1/466911

• 07.18.91 - CVE: Not Available
• Platform: Network Device
• Title: HP StorageWorks Command View Unspecified Local Unauthorized Access
• Description: HP StorageWorks Command View XP is software designed to manage various enterprise level storage array products from HP. The application is exposed to a local unauthorized access issue during new user registration or addition.
• Ref: http://www.securityfocus.com/archive/1/466768

• 07.18.92 - CVE: Not Available
• Platform: Network Device
• Title: Linksys SPA941 7 Character Denial of Service
• Description: Linksys SPA941 phones are VOIP enabled telephony products. Linksys SPA941 phones are exposed to a remote denial of service issue when handling SIP messages containing the character "7". Linksys SPA941 with firmware version 5.1.5 is affected.
• Ref: http://www.securityfocus.com/bid/23619

• 07.18.93 - CVE: Not Available
• Platform: Network Device
• Title: IPv6 Protocol Type 0 Route Header Denial of Service
• Description: IPv6 protocol implementations are prone to a denial of service issue due to a design error. The issue exists in the IPv6 type 0 route headers of vulnerable protocol implementations. Ref: http://www.cisco.com/warp/public/707/cisco-sa-20070124-IOS-IPv6.shtml

(c) 2007. All rights reserved. The information contained in this newsletter, including any external links, is provided "AS IS," with no express or implied warranty, for informational purposes only. In some cases, copyright for material in this newsletter may be held by a party other than Qualys (as indicated herein) and permission to use such material must be requested from the copyright owner.

Subscriptions: @RISK is distributed free of charge to people responsible for managing and securing information systems and networks. You may forward this newsletter to others with such responsibility inside or outside your organization.