=========================================================================== The Secunia Weekly Advisory Summary 2003-05-22 - 2003-05-29 This week : 51 advisories =========================================================================== An effective security solution starts with a position of expertise. The following 51 advisories are written by Secunia. Customers instantly receive relevant advisories to their unique system by E-mail and textmessage, enabling them to react efficiently. Security Experts at Secunia constantly search for new vulnerabilities and threats. Vast amounts of advisories, vulnerabilities and security news is gathered and assessed daily. - Stay Secure =========================================================================== ============ 2003-05-29 ============ Webfroot Shoutbox Execution of Arbitrary Code Highly critical http://www.secunia.com/advisories/8886/ ============ 2003-05-28 ============ Internet Information Server/Services Multiple Vulnerabilities Less critical http://www.secunia.com/advisories/8884/ -- Windows Media Services ISAPI Extension Denial of Service Moderately critical http://www.secunia.com/advisories/8883/ -- Red Hat update for httpd Highly critical http://www.secunia.com/advisories/8882/ -- Apache Denial of Service and Potential System Compromise Vulnerabilities Highly critical http://www.secunia.com/advisories/8881/ -- UpClient Privilege Escalation Vulnerability Less critical http://www.secunia.com/advisories/8878/ -- Conectiva update for BitchX Moderately critical http://www.secunia.com/advisories/8877/ -- Axis Network Camera HTTP Authentication Bypass Vulnerability Highly critical http://www.secunia.com/advisories/8876/ -- HP-UX update for various network drivers Less critical http://www.secunia.com/advisories/8875/ -- Red Hat update for kernel Moderately critical http://www.secunia.com/advisories/8873/ -- OpenServer update for squid Moderately critical http://www.secunia.com/advisories/8872/ -- EVFS Privilege Escalation Vulnerability Not critical http://www.secunia.com/advisories/8871/ -- SuSE update for glibc Moderately critical http://www.secunia.com/advisories/8870/ -- Conectiva update for netpbm Less critical http://www.secunia.com/advisories/8869/ -- Kazaa and FastTrack P2P Network Client Buffer Overflow Vulnerability Highly critical http://www.secunia.com/advisories/8868/ -- EServ Directory Listing and Unauthorised Proxy Access Moderately critical http://www.secunia.com/advisories/8867/ ============ 2003-05-27 ============ Gentoo update for heimdal Moderately critical http://www.secunia.com/advisories/8866/ -- Gentoo update for Nessus Less critical http://www.secunia.com/advisories/8865/ -- BLNews Execution of Arbitrary Code Highly critical http://www.secunia.com/advisories/8864/ -- CUPS Partial IPP Request Denial of Service Vulnerability Less critical http://www.secunia.com/advisories/8863/ -- Newsscript Admin Access Vulnerability Less critical http://www.secunia.com/advisories/8862/ -- Privatefirewall Filter Bypass Vulnerability Not critical http://www.secunia.com/advisories/8861/ -- AnalogX Proxy Long URL Buffer Overflow Vulnerability Moderately critical http://www.secunia.com/advisories/8860/ -- TextPortal Weak Default Account Password Moderately critical http://www.secunia.com/advisories/8859/ ============ 2003-05-26 ============ Ultimate PHP Board Arbitrary Code Execution Vulnerability Highly critical http://www.secunia.com/advisories/8858/ -- P-News Admin Access Vulnerability Less critical http://www.secunia.com/advisories/8857/ -- ST FTP Service Directory Traversal Vulnerability Moderately critical http://www.secunia.com/advisories/8856/ -- iisPROTECT SQL Injection Vulnerability Highly critical http://www.secunia.com/advisories/8855/ -- Magic Winmail Server Denial of Service Moderately critical http://www.secunia.com/advisories/8854/ -- XMB Cross Site Scripting Less critical http://www.secunia.com/advisories/8853/ -- ShareMailPro User Enumeration Less critical http://www.secunia.com/advisories/8852/ -- Outlook Express File Download Security Restriction Bypass Less critical http://www.secunia.com/advisories/8841/ ============ 2003-05-23 ============ Red Hat update for sharutils Less critical http://www.secunia.com/advisories/8851/ -- iisPROTECT URL Encoding Authentication Bypass Vulnerability Moderately critical http://www.secunia.com/advisories/8850/ -- Sun Cobalt update for glibc Less critical http://www.secunia.com/advisories/8849/ -- Red Hat update for glibc Moderately critical http://www.secunia.com/advisories/8848/ -- Red Hat update for balsa Less critical http://www.secunia.com/advisories/8847/ -- Red Hat update for KDE Moderately critical http://www.secunia.com/advisories/8846/ -- Red Hat update for LPRng Not critical http://www.secunia.com/advisories/8845/ -- Red Hat update for xinetd Less critical http://www.secunia.com/advisories/8844/ -- Load Sharing Facility Privilege Escalation Less critical http://www.secunia.com/advisories/8843/ -- Nessus NASL Arbitrary Code Execution Vulnerabilities Less critical http://www.secunia.com/advisories/8842/ -- BlackMoon FTP Server Username Enumeration and Password Disclosure Less critical http://www.secunia.com/advisories/8840/ -- Slackware update for sysvinit Not critical http://www.secunia.com/advisories/8835/ ============ 2003-05-22 ============ Mandrake update for lpr Less critical http://www.secunia.com/advisories/8839/ -- WsMP3 Multiple Vulnerabilities Moderately critical http://www.secunia.com/advisories/8838/ -- Mandrake update for LPRng Not critical http://www.secunia.com/advisories/8837/ -- Conectiva update for bugzilla Less critical http://www.secunia.com/advisories/8836/ -- ttCMS Execution of Arbitrary Code Highly critical http://www.secunia.com/advisories/8834/ -- Sun Cluster Username and Password Disclosure Vulnerability Less critical http://www.secunia.com/advisories/8833/ -- ttForum and ttCMS SQL Injection Vulnerability Not critical http://www.secunia.com/advisories/8832/ =========================================================================== Secunia recommends that you verify all advisories you receive, by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Contact details: Web : http://www.secunia.com/ E-mail : firstname.lastname@example.org Tel : +44 (0) 20 7016 2693 Fax : +44 (0) 20 7637 0419 =========================================================================== - ISN is currently hosted by Attrition.org To unsubscribe email email@example.com with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Thu May 29 2003 - 05:30:55 PDT