===========================================================================
The Secunia Weekly Advisory Summary
2003-05-22 - 2003-05-29
This week : 51 advisories
===========================================================================
An effective security solution starts with a position of expertise.
The following 51 advisories are written by Secunia.
Customers instantly receive relevant advisories to their unique system by
E-mail and textmessage, enabling them to react efficiently.
Security Experts at Secunia constantly search for new vulnerabilities and
threats.
Vast amounts of advisories, vulnerabilities and security news is gathered
and assessed daily.
- Stay Secure
===========================================================================
============
2003-05-29
============
Webfroot Shoutbox Execution of Arbitrary Code
Highly critical
http://www.secunia.com/advisories/8886/
============
2003-05-28
============
Internet Information Server/Services Multiple Vulnerabilities
Less critical
http://www.secunia.com/advisories/8884/
--
Windows Media Services ISAPI Extension Denial of Service
Moderately critical
http://www.secunia.com/advisories/8883/
--
Red Hat update for httpd
Highly critical
http://www.secunia.com/advisories/8882/
--
Apache Denial of Service and Potential System Compromise Vulnerabilities
Highly critical
http://www.secunia.com/advisories/8881/
--
UpClient Privilege Escalation Vulnerability
Less critical
http://www.secunia.com/advisories/8878/
--
Conectiva update for BitchX
Moderately critical
http://www.secunia.com/advisories/8877/
--
Axis Network Camera HTTP Authentication Bypass Vulnerability
Highly critical
http://www.secunia.com/advisories/8876/
--
HP-UX update for various network drivers
Less critical
http://www.secunia.com/advisories/8875/
--
Red Hat update for kernel
Moderately critical
http://www.secunia.com/advisories/8873/
--
OpenServer update for squid
Moderately critical
http://www.secunia.com/advisories/8872/
--
EVFS Privilege Escalation Vulnerability
Not critical
http://www.secunia.com/advisories/8871/
--
SuSE update for glibc
Moderately critical
http://www.secunia.com/advisories/8870/
--
Conectiva update for netpbm
Less critical
http://www.secunia.com/advisories/8869/
--
Kazaa and FastTrack P2P Network Client Buffer Overflow Vulnerability
Highly critical
http://www.secunia.com/advisories/8868/
--
EServ Directory Listing and Unauthorised Proxy Access
Moderately critical
http://www.secunia.com/advisories/8867/
============
2003-05-27
============
Gentoo update for heimdal
Moderately critical
http://www.secunia.com/advisories/8866/
--
Gentoo update for Nessus
Less critical
http://www.secunia.com/advisories/8865/
--
BLNews Execution of Arbitrary Code
Highly critical
http://www.secunia.com/advisories/8864/
--
CUPS Partial IPP Request Denial of Service Vulnerability
Less critical
http://www.secunia.com/advisories/8863/
--
Newsscript Admin Access Vulnerability
Less critical
http://www.secunia.com/advisories/8862/
--
Privatefirewall Filter Bypass Vulnerability
Not critical
http://www.secunia.com/advisories/8861/
--
AnalogX Proxy Long URL Buffer Overflow Vulnerability
Moderately critical
http://www.secunia.com/advisories/8860/
--
TextPortal Weak Default Account Password
Moderately critical
http://www.secunia.com/advisories/8859/
============
2003-05-26
============
Ultimate PHP Board Arbitrary Code Execution Vulnerability
Highly critical
http://www.secunia.com/advisories/8858/
--
P-News Admin Access Vulnerability
Less critical
http://www.secunia.com/advisories/8857/
--
ST FTP Service Directory Traversal Vulnerability
Moderately critical
http://www.secunia.com/advisories/8856/
--
iisPROTECT SQL Injection Vulnerability
Highly critical
http://www.secunia.com/advisories/8855/
--
Magic Winmail Server Denial of Service
Moderately critical
http://www.secunia.com/advisories/8854/
--
XMB Cross Site Scripting
Less critical
http://www.secunia.com/advisories/8853/
--
ShareMailPro User Enumeration
Less critical
http://www.secunia.com/advisories/8852/
--
Outlook Express File Download Security Restriction Bypass
Less critical
http://www.secunia.com/advisories/8841/
============
2003-05-23
============
Red Hat update for sharutils
Less critical
http://www.secunia.com/advisories/8851/
--
iisPROTECT URL Encoding Authentication Bypass Vulnerability
Moderately critical
http://www.secunia.com/advisories/8850/
--
Sun Cobalt update for glibc
Less critical
http://www.secunia.com/advisories/8849/
--
Red Hat update for glibc
Moderately critical
http://www.secunia.com/advisories/8848/
--
Red Hat update for balsa
Less critical
http://www.secunia.com/advisories/8847/
--
Red Hat update for KDE
Moderately critical
http://www.secunia.com/advisories/8846/
--
Red Hat update for LPRng
Not critical
http://www.secunia.com/advisories/8845/
--
Red Hat update for xinetd
Less critical
http://www.secunia.com/advisories/8844/
--
Load Sharing Facility Privilege Escalation
Less critical
http://www.secunia.com/advisories/8843/
--
Nessus NASL Arbitrary Code Execution Vulnerabilities
Less critical
http://www.secunia.com/advisories/8842/
--
BlackMoon FTP Server Username Enumeration and Password Disclosure
Less critical
http://www.secunia.com/advisories/8840/
--
Slackware update for sysvinit
Not critical
http://www.secunia.com/advisories/8835/
============
2003-05-22
============
Mandrake update for lpr
Less critical
http://www.secunia.com/advisories/8839/
--
WsMP3 Multiple Vulnerabilities
Moderately critical
http://www.secunia.com/advisories/8838/
--
Mandrake update for LPRng
Not critical
http://www.secunia.com/advisories/8837/
--
Conectiva update for bugzilla
Less critical
http://www.secunia.com/advisories/8836/
--
ttCMS Execution of Arbitrary Code
Highly critical
http://www.secunia.com/advisories/8834/
--
Sun Cluster Username and Password Disclosure Vulnerability
Less critical
http://www.secunia.com/advisories/8833/
--
ttForum and ttCMS SQL Injection Vulnerability
Not critical
http://www.secunia.com/advisories/8832/
===========================================================================
Secunia recommends that you verify all advisories you receive, by clicking
the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.
Contact details:
Web : http://www.secunia.com/
E-mail : supportat_private
Tel : +44 (0) 20 7016 2693
Fax : +44 (0) 20 7637 0419
===========================================================================
-
ISN is currently hosted by Attrition.org
To unsubscribe email majordomoat_private with 'unsubscribe isn'
in the BODY of the mail.
This archive was generated by hypermail 2b30 : Thu May 29 2003 - 05:30:55 PDT