===========================================================================
The Secunia Weekly Advisory Summary
2003-04-24 - 2003-05-01
This week : 55 advisories
===========================================================================
An effective security solution starts with a position of expertise.
The following 55 advisories are written by Secunia.
Customers instantly receive relevant advisories to their unique system by
E-mail and textmessage, enabling them to react efficiently.
Security Experts at Secunia constantly search for new vulnerabilities and
threats.
Vast amounts of advisories, vulnerabilities and security news is gathered
and assessed daily.
- Stay Secure
===========================================================================
============
2003-05-01
============
Microsoft BizTalk Server Two Vulnerabilities
Moderately critical
http://www.secunia.com/advisories/8707/
--
Conectiva update for Apache
Moderately critical
http://www.secunia.com/advisories/8706/
--
Conectiva update for glibc
Moderately critical
http://www.secunia.com/advisories/8705/
============
2003-04-30
============
Gentoo update for balsa
Less critical
http://www.secunia.com/advisories/8704/
--
OpenLinux update for tcp_sec
Not critical
http://www.secunia.com/advisories/8703/
--
OpenLinux update for file
Less critical
http://www.secunia.com/advisories/8702/
--
IdeaBox Arbitrary File Inclusion Vulnerability
Highly critical
http://www.secunia.com/advisories/8701/
--
3D-FTP Banner Buffer Overflow Vulnerability
Less critical
http://www.secunia.com/advisories/8700/
--
Debian update for kdebase
Moderately critical
http://www.secunia.com/advisories/8699/
--
ColdFusion MX Java Environment Integer Overflow Vulnerability
Not critical
http://www.secunia.com/advisories/8698/
--
HP-UX "rexec" Buffer Overflow Vulnerability
Less critical
http://www.secunia.com/advisories/8697/
--
Linux-atm "les" Buffer Overflow Vulnerability
Less critical
http://www.secunia.com/advisories/8696/
--
Debian update for pptpd
Highly critical
http://www.secunia.com/advisories/8695/
--
HP Tru64 "setld" and "dupatch" Vulnerability
Less critical
http://www.secunia.com/advisories/8694/
--
MDaemon IMAP Buffer Overflow Vulnerability
Less critical
http://www.secunia.com/advisories/8693/
--
Red Hat update for MySQL
Less critical
http://www.secunia.com/advisories/8692/
--
MDaemon UIDL and DELE Command Negative Value DoS
Not critical
http://www.secunia.com/advisories/8687/
============
2003-04-29
============
Opera Long Filename Extension Heap Overflow
Less critical
http://www.secunia.com/advisories/8691/
--
Opera Javascript Console Script Injection Vulnerability
Less critical
http://www.secunia.com/advisories/8690/
--
Oracle Database Link Buffer Overflow Vulnerability
Less critical
http://www.secunia.com/advisories/8689/
--
Qpopper poppassd Privilege Escalation Vulnerability
Less critical
http://www.secunia.com/advisories/8688/
--
Sun Solaris "lofiadm" Command Memory Leak Vulnerability
Not critical
http://www.secunia.com/advisories/8686/
--
Sun Solaris rpcbind Denial of Service
Less critical
http://www.secunia.com/advisories/8685/
--
Pi3Web Long HTTP Request Denial of Service
Moderately critical
http://www.secunia.com/advisories/8684/
--
Truegalerie Authentication Bypass and File Read Vulnerability
Moderately critical
http://www.secunia.com/advisories/8683/
--
Kerio Personal Firewall Administration Interface Buffer Overflow and
Replay Attack
Highly critical
http://www.secunia.com/advisories/8682/
--
Mandrake update for Snort
Highly critical
http://www.secunia.com/advisories/8681/
============
2003-04-28
============
SonicWall Pro Large HTTP POST Denial of Service
Less critical
http://www.secunia.com/advisories/8680/
--
Red Hat update for MySQL
Less critical
http://www.secunia.com/advisories/8679/
--
Red Hat "mod_auth_any" Command Execution Vulnerability
Moderately critical
http://www.secunia.com/advisories/8678/
--
Red Hat update for mICQ
Not critical
http://www.secunia.com/advisories/8677/
--
OpenBB SQL Injection Vulnerability
Moderately critical
http://www.secunia.com/advisories/8676/
--
Gentoo update for pptpd
Highly critical
http://www.secunia.com/advisories/8675/
--
Gentoo update for mgetty
Highly critical
http://www.secunia.com/advisories/8674/
--
Gentoo update for monkeyd
Highly critical
http://www.secunia.com/advisories/8673/
--
XOOPS MyTextSanitizer Cross-Site Scripting
Less critical
http://www.secunia.com/advisories/8672/
--
ColdFusion MX Path Disclosure Vulnerability
Not critical
http://www.secunia.com/advisories/8671/
--
SGI IRIX "nsd" User Authentication Bypass
Moderately critical
http://www.secunia.com/advisories/8670/
============
2003-04-26
============
Bugzilla XSS and Insecure Temporary File Creation Vulnerabilities
Less critical
http://www.secunia.com/advisories/8669/
--
BRS WebWeaver FTP RETR Command Denial of Service
Less critical
http://www.secunia.com/advisories/8668/
============
2003-04-25
============
VisNetic ActiveDefense Denial of Service Vulnerability
Moderately critical
http://www.secunia.com/advisories/8667/
--
bttlxeForum Login SQL Injection Vulnerability
Moderately critical
http://www.secunia.com/advisories/8666/
--
SAP DB Development Tools Installation Vulnerability
Less critical
http://www.secunia.com/advisories/8665/
--
SAP DB Installation Race Condition Vulnerability
Not critical
http://www.secunia.com/advisories/8664/
--
Kerio Personal Firewall Filter Bypass Vulnerability
Not critical
http://www.secunia.com/advisories/8663/
--
PHP-Nuke Cross-Site Scripting
Less critical
http://www.secunia.com/advisories/8662/
--
Red Hat update for squirrelmail
Less critical
http://www.secunia.com/advisories/8661/
--
Xeneo Web Server Long Query String Argument DoS
Moderately critical
http://www.secunia.com/advisories/8660/
--
Red Hat update for LPRng
Not critical
http://www.secunia.com/advisories/8659/
--
Red Hat update for mICQ
Not critical
http://www.secunia.com/advisories/8658/
--
Mandrake update for Ethereal
Moderately critical
http://www.secunia.com/advisories/8657/
--
XMB Registration Process SQL Injection
Less critical
http://www.secunia.com/advisories/8656/
============
2003-04-24
============
SuSE update for KDE
Moderately critical
http://www.secunia.com/advisories/8655/
--
Cisco Catalyst User Authentication Bypass Vulnerability
Less critical
http://www.secunia.com/advisories/8654/
--
Cisco Secure ACS Administration Service Buffer Overflow
Highly critical
http://www.secunia.com/advisories/8653/
===========================================================================
Secunia recommends that you verify all advisories you receive, by clicking
the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.
Contact details:
Web : http://www.secunia.com/
E-mail : supportat_private
Tel : +44 (0) 20 7016 2693
Fax : +44 (0) 20 7637 0419
===========================================================================
To unsubscribe click following link:
isnat_private">http://www.secunia.com/summary/unsubscribe/?email=isnat_private
===========================================================================
-
ISN is currently hosted by Attrition.org
To unsubscribe email majordomoat_private with 'unsubscribe isn'
in the BODY of the mail.
This archive was generated by hypermail 2b30 : Fri May 02 2003 - 01:01:57 PDT