=========================================================================== The Secunia Weekly Advisory Summary 2003-05-29 - 2003-06-05 This week : 58 advisories =========================================================================== An effective security solution starts with a position of expertise. The following 58 advisories are written by Secunia. Customers instantly receive relevant advisories to their unique system by E-mail and textmessage, enabling them to react efficiently. Security Experts at Secunia constantly search for new vulnerabilities and threats. Vast amounts of advisories, vulnerabilities and security news is gathered and assessed daily. - Stay Secure =========================================================================== ============ 2003-06-05 ============ Sun Solaris Sendmail Privilege Escalation Less critical http://www.secunia.com/advisories/8946/ -- Mac OS X LDAP Clear Text User Credentials Less critical http://www.secunia.com/advisories/8945/ -- Sun Solaris syslogd Denial of Service Moderately critical http://www.secunia.com/advisories/8944/ ============ 2003-06-04 ============ Internet Explorer Object Tag Buffer Overflow Vulnerability Highly critical http://www.secunia.com/advisories/8943/ -- newsPHP Arbitrary Field Insertion Vulnerability Less critical http://www.secunia.com/advisories/8942/ -- JBoss JSP Source Disclosure Vulnerability Moderately critical http://www.secunia.com/advisories/8941/ -- OpenPKG update for Ghostscript Less critical http://www.secunia.com/advisories/8939/ -- Red Hat update for kon2 Less critical http://www.secunia.com/advisories/8938/ -- Pablo FTP Server Username and Password Disclosure Vulnerability Less critical http://www.secunia.com/advisories/8937/ ============ 2003-06-03 ============ Linux Kernel Denial of Service Vulnerabilities Moderately critical http://www.secunia.com/advisories/8936/ -- Sun Solaris "in.telnetd" Denial of Service Vulnerability Less critical http://www.secunia.com/advisories/8935/ -- IRCXpro Server Username and Password Disclosure Vulnerability Less critical http://www.secunia.com/advisories/8934/ -- Saarport SPChat Cross Site Scripting Vulnerability Less critical http://www.secunia.com/advisories/8933/ -- Saarport WebChat Cross Site Scripting Vulnerability Less critical http://www.secunia.com/advisories/8932/ -- Xmame Privilege Escalation Vulnerability Not critical http://www.secunia.com/advisories/8931/ -- Sun Management Center Change Manager Buffer Overflow Less critical http://www.secunia.com/advisories/8930/ -- Crob FTP Server Username Format String Error Vulnerability Highly critical http://www.secunia.com/advisories/8929/ -- mod_gzip Multiple Vulnerabilities Moderately critical http://www.secunia.com/advisories/8928/ -- iisCART2000 Upload Vulnerability Highly critical http://www.secunia.com/advisories/8927/ -- Sun Cobalt update for MySQL Less critical http://www.secunia.com/advisories/8926/ -- Webstores 2000 SQL Injection Vulnerability Moderately critical http://www.secunia.com/advisories/8925/ -- Yahoo! Chat and Messenger Hostname Buffer Overflow Vulnerability Moderately critical http://www.secunia.com/advisories/8924/ -- Gentoo update for uw-imapd Less critical http://www.secunia.com/advisories/8923/ -- Forum Web Server Username and Password Disclosure Vulnerability Not critical http://www.secunia.com/advisories/8922/ -- Personal FTP-Server Username and Password Disclosure Vulnerability Not critical http://www.secunia.com/advisories/8921/ -- Desktop Orbiter Multiple Connection Denial of Service Less critical http://www.secunia.com/advisories/8920/ ============ 2003-06-02 ============ MAILsweeper for SMTP RTF Attachment Denial of Service Moderately critical http://www.secunia.com/advisories/8919/ -- Gentoo update for maelstrom Not critical http://www.secunia.com/advisories/8918/ -- Meteor FTP User Enumeration Vulnerability Less critical http://www.secunia.com/advisories/8917/ -- Gentoo update for Apache Highly critical http://www.secunia.com/advisories/8916/ -- Activity Monitor 2002 Denial of Service Vulnerability Not critical http://www.secunia.com/advisories/8915/ -- Titan FTP Server Directory Traversal Vulnerability Less critical http://www.secunia.com/advisories/8914/ -- VisNetic FTPServer Directory Traversal Vulnerability Less critical http://www.secunia.com/advisories/8913/ -- Gentoo update for tomcat Less critical http://www.secunia.com/advisories/8912/ -- Mandrake update for apache2 Highly critical http://www.secunia.com/advisories/8911/ -- Red Hat update for Ghostscript Less critical http://www.secunia.com/advisories/8910/ -- Baby POP3 Server Multiple Connection Denial of Service Moderately critical http://www.secunia.com/advisories/8909/ -- Vignette Story Server Multiple Vulnerabilities Moderately critical http://www.secunia.com/advisories/8908/ -- Baby ASP Web Server Directory Traversal and Multiple Connection DoS Moderately critical http://www.secunia.com/advisories/8907/ -- ICQ Lite Insecure File Permissions Not critical http://www.secunia.com/advisories/8906/ -- Zeus Admin Server Cross Site Scripting Vulnerability Not critical http://www.secunia.com/advisories/8905/ -- Baby FTP Server Directory Traversal and Multiple Connection DoS Moderately critical http://www.secunia.com/advisories/8904/ -- Quick and Easy FTP Server Multiple Connection DoS Moderately critical http://www.secunia.com/advisories/8903/ ============ 2003-05-30 ============ P-Synch Total Password Management Solution Multiple Vulnerabilities Moderately critical http://www.secunia.com/advisories/8902/ -- BaSoMail Server Denial of Service Moderately critical http://www.secunia.com/advisories/8901/ -- BNC IRC proxy Denial of Service Not critical http://www.secunia.com/advisories/8900/ -- Batalla Naval Buffer Overflow Moderately critical http://www.secunia.com/advisories/8899/ -- Philboard Admin Access Moderately critical http://www.secunia.com/advisories/8898/ -- D-Link DI-704P Denial of Service Less critical http://www.secunia.com/advisories/8897/ -- Mandrake update for CUPS Less critical http://www.secunia.com/advisories/8896/ -- Geeklog Admin Access and Execution of Arbitrary Code Highly critical http://www.secunia.com/advisories/8895/ -- b2 cafelog Execution of Arbitrary Code Highly critical http://www.secunia.com/advisories/8894/ -- GoldMine Execution of Arbitrary Code Highly critical http://www.secunia.com/advisories/8893/ -- PHP Multiple Issues Moderately critical http://www.secunia.com/advisories/8892/ -- Red Hat update for kernel Moderately critical http://www.secunia.com/advisories/8891/ ============ 2003-05-29 ============ Son hServer Directory Traversal Vulnerability Moderately critical http://www.secunia.com/advisories/8890/ -- Slackware update for CUPS Less critical http://www.secunia.com/advisories/8889/ -- Remote PC Access Server Denial of Service Less critical http://www.secunia.com/advisories/8888/ =========================================================================== Secunia recommends that you verify all advisories you receive, by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Contact details: Web : http://www.secunia.com/ E-mail : supportat_private Tel : +44 (0) 20 7016 2693 Fax : +44 (0) 20 7637 0419 =========================================================================== - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Fri Jun 06 2003 - 01:06:25 PDT