===========================================================================
The Secunia Weekly Advisory Summary
2003-05-29 - 2003-06-05
This week : 58 advisories
===========================================================================
An effective security solution starts with a position of expertise.
The following 58 advisories are written by Secunia.
Customers instantly receive relevant advisories to their unique system by
E-mail and textmessage, enabling them to react efficiently.
Security Experts at Secunia constantly search for new vulnerabilities and
threats.
Vast amounts of advisories, vulnerabilities and security news is gathered
and assessed daily.
- Stay Secure
===========================================================================
============
2003-06-05
============
Sun Solaris Sendmail Privilege Escalation
Less critical
http://www.secunia.com/advisories/8946/
--
Mac OS X LDAP Clear Text User Credentials
Less critical
http://www.secunia.com/advisories/8945/
--
Sun Solaris syslogd Denial of Service
Moderately critical
http://www.secunia.com/advisories/8944/
============
2003-06-04
============
Internet Explorer Object Tag Buffer Overflow Vulnerability
Highly critical
http://www.secunia.com/advisories/8943/
--
newsPHP Arbitrary Field Insertion Vulnerability
Less critical
http://www.secunia.com/advisories/8942/
--
JBoss JSP Source Disclosure Vulnerability
Moderately critical
http://www.secunia.com/advisories/8941/
--
OpenPKG update for Ghostscript
Less critical
http://www.secunia.com/advisories/8939/
--
Red Hat update for kon2
Less critical
http://www.secunia.com/advisories/8938/
--
Pablo FTP Server Username and Password Disclosure Vulnerability
Less critical
http://www.secunia.com/advisories/8937/
============
2003-06-03
============
Linux Kernel Denial of Service Vulnerabilities
Moderately critical
http://www.secunia.com/advisories/8936/
--
Sun Solaris "in.telnetd" Denial of Service Vulnerability
Less critical
http://www.secunia.com/advisories/8935/
--
IRCXpro Server Username and Password Disclosure Vulnerability
Less critical
http://www.secunia.com/advisories/8934/
--
Saarport SPChat Cross Site Scripting Vulnerability
Less critical
http://www.secunia.com/advisories/8933/
--
Saarport WebChat Cross Site Scripting Vulnerability
Less critical
http://www.secunia.com/advisories/8932/
--
Xmame Privilege Escalation Vulnerability
Not critical
http://www.secunia.com/advisories/8931/
--
Sun Management Center Change Manager Buffer Overflow
Less critical
http://www.secunia.com/advisories/8930/
--
Crob FTP Server Username Format String Error Vulnerability
Highly critical
http://www.secunia.com/advisories/8929/
--
mod_gzip Multiple Vulnerabilities
Moderately critical
http://www.secunia.com/advisories/8928/
--
iisCART2000 Upload Vulnerability
Highly critical
http://www.secunia.com/advisories/8927/
--
Sun Cobalt update for MySQL
Less critical
http://www.secunia.com/advisories/8926/
--
Webstores 2000 SQL Injection Vulnerability
Moderately critical
http://www.secunia.com/advisories/8925/
--
Yahoo! Chat and Messenger Hostname Buffer Overflow Vulnerability
Moderately critical
http://www.secunia.com/advisories/8924/
--
Gentoo update for uw-imapd
Less critical
http://www.secunia.com/advisories/8923/
--
Forum Web Server Username and Password Disclosure Vulnerability
Not critical
http://www.secunia.com/advisories/8922/
--
Personal FTP-Server Username and Password Disclosure Vulnerability
Not critical
http://www.secunia.com/advisories/8921/
--
Desktop Orbiter Multiple Connection Denial of Service
Less critical
http://www.secunia.com/advisories/8920/
============
2003-06-02
============
MAILsweeper for SMTP RTF Attachment Denial of Service
Moderately critical
http://www.secunia.com/advisories/8919/
--
Gentoo update for maelstrom
Not critical
http://www.secunia.com/advisories/8918/
--
Meteor FTP User Enumeration Vulnerability
Less critical
http://www.secunia.com/advisories/8917/
--
Gentoo update for Apache
Highly critical
http://www.secunia.com/advisories/8916/
--
Activity Monitor 2002 Denial of Service Vulnerability
Not critical
http://www.secunia.com/advisories/8915/
--
Titan FTP Server Directory Traversal Vulnerability
Less critical
http://www.secunia.com/advisories/8914/
--
VisNetic FTPServer Directory Traversal Vulnerability
Less critical
http://www.secunia.com/advisories/8913/
--
Gentoo update for tomcat
Less critical
http://www.secunia.com/advisories/8912/
--
Mandrake update for apache2
Highly critical
http://www.secunia.com/advisories/8911/
--
Red Hat update for Ghostscript
Less critical
http://www.secunia.com/advisories/8910/
--
Baby POP3 Server Multiple Connection Denial of Service
Moderately critical
http://www.secunia.com/advisories/8909/
--
Vignette Story Server Multiple Vulnerabilities
Moderately critical
http://www.secunia.com/advisories/8908/
--
Baby ASP Web Server Directory Traversal and Multiple Connection DoS
Moderately critical
http://www.secunia.com/advisories/8907/
--
ICQ Lite Insecure File Permissions
Not critical
http://www.secunia.com/advisories/8906/
--
Zeus Admin Server Cross Site Scripting Vulnerability
Not critical
http://www.secunia.com/advisories/8905/
--
Baby FTP Server Directory Traversal and Multiple Connection DoS
Moderately critical
http://www.secunia.com/advisories/8904/
--
Quick and Easy FTP Server Multiple Connection DoS
Moderately critical
http://www.secunia.com/advisories/8903/
============
2003-05-30
============
P-Synch Total Password Management Solution Multiple Vulnerabilities
Moderately critical
http://www.secunia.com/advisories/8902/
--
BaSoMail Server Denial of Service
Moderately critical
http://www.secunia.com/advisories/8901/
--
BNC IRC proxy Denial of Service
Not critical
http://www.secunia.com/advisories/8900/
--
Batalla Naval Buffer Overflow
Moderately critical
http://www.secunia.com/advisories/8899/
--
Philboard Admin Access
Moderately critical
http://www.secunia.com/advisories/8898/
--
D-Link DI-704P Denial of Service
Less critical
http://www.secunia.com/advisories/8897/
--
Mandrake update for CUPS
Less critical
http://www.secunia.com/advisories/8896/
--
Geeklog Admin Access and Execution of Arbitrary Code
Highly critical
http://www.secunia.com/advisories/8895/
--
b2 cafelog Execution of Arbitrary Code
Highly critical
http://www.secunia.com/advisories/8894/
--
GoldMine Execution of Arbitrary Code
Highly critical
http://www.secunia.com/advisories/8893/
--
PHP Multiple Issues
Moderately critical
http://www.secunia.com/advisories/8892/
--
Red Hat update for kernel
Moderately critical
http://www.secunia.com/advisories/8891/
============
2003-05-29
============
Son hServer Directory Traversal Vulnerability
Moderately critical
http://www.secunia.com/advisories/8890/
--
Slackware update for CUPS
Less critical
http://www.secunia.com/advisories/8889/
--
Remote PC Access Server Denial of Service
Less critical
http://www.secunia.com/advisories/8888/
===========================================================================
Secunia recommends that you verify all advisories you receive, by clicking
the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.
Contact details:
Web : http://www.secunia.com/
E-mail : supportat_private
Tel : +44 (0) 20 7016 2693
Fax : +44 (0) 20 7637 0419
===========================================================================
-
ISN is currently hosted by Attrition.org
To unsubscribe email majordomoat_private with 'unsubscribe isn'
in the BODY of the mail.
This archive was generated by hypermail 2b30 : Fri Jun 06 2003 - 01:06:25 PDT