[ISN] Secunia Weekly Summary

From: InfoSec News (isnat_private)
Date: Wed Apr 23 2003 - 21:08:16 PDT

  • Next message: InfoSec News: "[ISN] Security Developer Snared In Legal Tar Pit" 

    ===========================================================================

                    The Secunia Weekly Advisory Summary
                          2003-04-17 - 2003-04-24

                         This week : 39 advisories

===========================================================================

    An effective security solution starts with a position of expertise.


The following 39 advisories are written by Secunia. 
Customers instantly receive relevant advisories to their unique system by
E-mail and textmessage, enabling them to react efficiently.

Security Experts at Secunia constantly search for new vulnerabilities and
threats.

Vast amounts of advisories, vulnerabilities and security news is gathered
and assessed daily.


 - Stay Secure

===========================================================================

============
 2003-04-24
============

Red Hat update for tcpdump
Moderately critical
http://www.secunia.com/advisories/8652/

 -- 

Debian update for gkrellm-newsticker
Moderately critical
http://www.secunia.com/advisories/8651/

 -- 

Red Hat update for Ethereal
Moderately critical
http://www.secunia.com/advisories/8650/

 -- 

YABB SE Arbitrary File Inclusion Vulnerability
Highly critical
http://www.secunia.com/advisories/8646/


============
 2003-04-23
============

Internet Explorer Four Vulnerabilities
Highly critical
http://www.secunia.com/advisories/8649/

 -- 

Outlook Express MHTML URL Handler Vulnerability
Moderately critical
http://www.secunia.com/advisories/8648/

 -- 

Debian update for kdelibs
Moderately critical
http://www.secunia.com/advisories/8647/

 -- 

"mod_ntlm" Heap Overflow and Format String Vulnerability
Highly critical
http://www.secunia.com/advisories/8645/

 -- 

Conectiva update for balsa
Less critical
http://www.secunia.com/advisories/8644/

 -- 

Conectiva update for tcpdump
Moderately critical
http://www.secunia.com/advisories/8643/

 -- 

Microsoft Shell Light-Weight Utility Library Denial of Service
Less critical
http://www.secunia.com/advisories/8642/

 -- 

Debian two vulnerabilities in mime-support
Less critical
http://www.secunia.com/advisories/8641/

 -- 

Mandrake update for Apache
Moderately critical
http://www.secunia.com/advisories/8640/

 -- 

Xeneo Web Server URL Encoding Denial of Service
Moderately critical
http://www.secunia.com/advisories/8639/

 -- 

Twilight Utilities Web Server Long Request Denial of Service
Moderately critical
http://www.secunia.com/advisories/8638/


============
 2003-04-22
============

MPCSoftWeb Guest Book Cross-Site Scripting and Database Retrieval
Moderately critical
http://www.secunia.com/advisories/8637/

 -- 

Xeneo Web Server Long Argument Denial of Service
Moderately critical
http://www.secunia.com/advisories/8636/

 -- 

Windows XP Service Control Manager Information Disclosure
Not critical
http://www.secunia.com/advisories/8635/

 -- 

Debian update for ircii
Moderately critical
http://www.secunia.com/advisories/8634/

 -- 

PTNews Unauthorised Access to Administrative Functions
Moderately critical
http://www.secunia.com/advisories/8633/

 -- 

Xinetd Connection Reject Memory Leak
Less critical
http://www.secunia.com/advisories/8632/

 -- 

HP Tru64 Screend DoS and Bypass of Traffic Detection
Moderately critical
http://www.secunia.com/advisories/8631/

 -- 

HP Tru64 Cluster Alias/NFS DoS and Traffic Detection Bypass
Less critical
http://www.secunia.com/advisories/8630/

 -- 

Gentoo update for Snort
Highly critical
http://www.secunia.com/advisories/8629/

 -- 

AN HTTPd Sample Script File Corruption Vulnerability
Moderately critical
http://www.secunia.com/advisories/8628/


============
 2003-04-21
============

Sun Solaris update for Samba
Moderately critical
http://www.secunia.com/advisories/8627/

 -- 

BadBlue Arbitrary Administrative Actions Vulnerability
Highly critical
http://www.secunia.com/advisories/8626/

 -- 

Quickfront Web Server Directory Traversal
Moderately critical
http://www.secunia.com/advisories/8625/

 -- 

Monkey HTTPd "PostMethod()" Buffer Overflow
Highly critical
http://www.secunia.com/advisories/8624/


============
 2003-04-18
============

Snitz Forums 2000 Cross-Site Scripting
Less critical
http://www.secunia.com/advisories/8623/

 -- 

Smoothwall update for Snort
Highly critical
http://www.secunia.com/advisories/8622/

 -- 

Conectiva update for vixie-cron
Less critical
http://www.secunia.com/advisories/8621/

 -- 

Debian update for rinetd
Highly critical
http://www.secunia.com/advisories/8620/

 -- 

"rinetd" Connection List Buffer Overflow
Highly critical
http://www.secunia.com/advisories/8619/

 -- 

Mandrake update for KDE3
Moderately critical
http://www.secunia.com/advisories/8618/

 -- 

Slackware update for KDE
Moderately critical
http://www.secunia.com/advisories/8617/


============
 2003-04-17
============

Debian update for sendmail-wide
Extremely critical
http://www.secunia.com/advisories/8616/

 -- 

Mozilla and Netscape race condition
Less critical
http://www.secunia.com/advisories/8615/

 -- 

NetScreen weaker VPN encryption
Less critical
http://www.secunia.com/advisories/8614/


===========================================================================

Secunia recommends that you verify all advisories you receive, by clicking
the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Contact details:
Web	: http://www.secunia.com/
E-mail	: supportat_private
Tel	: +44 (0) 20 7016 2693
Fax	: +44 (0) 20 7637 0419

===========================================================================

To unsubscribe click following link:
isnat_private">http://www.secunia.com/summary/unsubscribe/?email=isnat_private

===========================================================================



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomoat_private with 'unsubscribe isn'
in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Thu Apr 24 2003 - 05:00:07 PDT