===========================================================================
The Secunia Weekly Advisory Summary
2003-06-12 - 2003-06-19
This week : 65 advisories
===========================================================================
Secunia would like to offer you a 30 day free trial of our Vulnerability
Tracking Service.
View this page for more information:
http://www.secunia.com/free_trial/
===========================================================================
============
2003-06-19
============
RSA ACE/Agent Cross Site Scripting
Moderately critical
http://www.secunia.com/advisories/9072/
--
Red Hat Stronghold 4 Injection of Malicious Characters
Not critical
http://www.secunia.com/advisories/9071/
--
Red Hat update for Xpdf
Moderately critical
http://www.secunia.com/advisories/9070/
============
2003-06-18
============
Tmax Soft JEUS Cross Site Scripting Vulnerability
Less critical
http://www.secunia.com/advisories/9069/
--
Debian update for ethereal
Moderately critical
http://www.secunia.com/advisories/9068/
--
Red Hat update for KDE
Moderately critical
http://www.secunia.com/advisories/9067/
--
Dantz Retrospect Client Insecure File Permissions
Less critical
http://www.secunia.com/advisories/9066/
--
Snitz Forums 2000 Cross Site Scripting Vulnerabilities
Moderately critical
http://www.secunia.com/advisories/9065/
--
Red Hat update for Ghostscript
Less critical
http://www.secunia.com/advisories/9064/
--
Slackware update for kernel
Moderately critical
http://www.secunia.com/advisories/9063/
--
Debian update for jnethack
Less critical
http://www.secunia.com/advisories/9062/
--
pod.board Cross Site Scripting Vulnerability
Less critical
http://www.secunia.com/advisories/9061/
--
Xoops Tutorials Execution of Arbitrary Code
Highly critical
http://www.secunia.com/advisories/9060/
--
Ability Mail Server Stores Passwords in Plain Text
Not critical
http://www.secunia.com/advisories/9059/
============
2003-06-17
============
BlackICE PC Protection Filter Bypass
Less critical
http://www.secunia.com/advisories/9058/
--
Linux-PAM User Name Spoofing Vulnerability
Less critical
http://www.secunia.com/advisories/9057/
--
Internet Explorer Custom HTTP Error Script Injection Vulnerability
Moderately critical
http://www.secunia.com/advisories/9056/
--
Internet Explorer XML File Cross-Site Scripting Vulnerability
Less critical
http://www.secunia.com/advisories/9055/
--
PostNuke Cross Site Scripting
Less critical
http://www.secunia.com/advisories/9054/
--
Aiglon Web Server Path Disclosure
Not critical
http://www.secunia.com/advisories/9053/
--
Debian update for typespeed
Moderately critical
http://www.secunia.com/advisories/9052/
--
Typespeed Network Buffer Overflow Vulnerability
Moderately critical
http://www.secunia.com/advisories/9051/
--
Conectiva update for Apache
Highly critical
http://www.secunia.com/advisories/9050/
--
Sphera HostingDirector Multiple Vulnerabilities
Highly critical
http://www.secunia.com/advisories/9049/
--
Mandrake update for ethereal
Moderately critical
http://www.secunia.com/advisories/9048/
--
Mandrake update for gzip
Less critical
http://www.secunia.com/advisories/9047/
--
Debian update for noweb
Less critical
http://www.secunia.com/advisories/9046/
--
Tarantella Enterprise 3 Protocol Engine Vulnerability
Less critical
http://www.secunia.com/advisories/9043/
============
2003-06-16
============
pMachine Execution of Arbitrary Code
Highly critical
http://www.secunia.com/advisories/9045/
--
Progress Privilege Escalation
Less critical
http://www.secunia.com/advisories/9044/
--
MyServer Directory Traversal and Denial of Service
Moderately critical
http://www.secunia.com/advisories/9042/
--
LedNews Cross Site Scripting Vulnerability
Less critical
http://www.secunia.com/advisories/9041/
--
Debian update for mikmod
Less critical
http://www.secunia.com/advisories/9040/
--
Gentoo update for CUPS
Less critical
http://www.secunia.com/advisories/9039/
--
Adobe Acrobat Reader Command Execution
Moderately critical
http://www.secunia.com/advisories/9038/
--
Xpdf Command Execution
Moderately critical
http://www.secunia.com/advisories/9037/
--
NGC Active FTPServer Multiple Command Buffer Overflows
Highly critical
http://www.secunia.com/advisories/9036/
--
Red Hat update for lv
Less critical
http://www.secunia.com/advisories/9035/
--
SuSE update for radiusd-cistron
Less critical
http://www.secunia.com/advisories/9034/
--
Gentoo update for kon2
Less critical
http://www.secunia.com/advisories/9033/
--
Gentoo update for gzip
Less critical
http://www.secunia.com/advisories/9032/
--
Gentoo update for LPRng
Not critical
http://www.secunia.com/advisories/9031/
--
Debian "radiusd-cistron" NAS-Port Buffer Overflow
Less critical
http://www.secunia.com/advisories/9030/
--
Gentoo update for Ghostscript
Less critical
http://www.secunia.com/advisories/9029/
============
2003-06-13
============
WebBBS Pro Denial of Service Vulnerabilities
Less critical
http://www.secunia.com/advisories/9028/
--
SMC Barricade Wireless Router PPTP Denial of Service Vulnerability
Less critical
http://www.secunia.com/advisories/9026/
--
Mac OS X Security Update for Apache and dsimportexport
Moderately critical
http://www.secunia.com/advisories/9025/
--
Methodus Web Server Directory Traversal Vulnerability
Moderately critical
http://www.secunia.com/advisories/9024/
--
Sun Java Privilege Escalation Vulnerability
Less critical
http://www.secunia.com/advisories/9022/
--
Methodus FTP Server Directory Traversal Vulnerability
Moderately critical
http://www.secunia.com/advisories/9021/
--
silentThought Simple Web Server Directory Traversal Vulnerability
Moderately critical
http://www.secunia.com/advisories/9020/
--
Debian update for gnocatan
Moderately critical
http://www.secunia.com/advisories/9019/
--
Debian update for lyskom-server
Less critical
http://www.secunia.com/advisories/9018/
--
Mozilla, Opera and Netscape Security Model Violation
Less critical
http://www.secunia.com/advisories/9017/
--
Debian update for webmin
Highly critical
http://www.secunia.com/advisories/9016/
--
Unicenter ServicePlus Service Desk Multiple Vulnerabilities
Moderately critical
http://www.secunia.com/advisories/9015/
--
Unicenter Asset Management Password Weaknesses
Less critical
http://www.secunia.com/advisories/9014/
--
Mollensoft FTP Server Multiple Command Buffer Overflow Vulnerabilities
Moderately critical
http://www.secunia.com/advisories/9013/
============
2003-06-12
============
Gator eWallet Insecure "Encryption"
Less critical
http://www.secunia.com/advisories/9012/
--
Mandrake update for kernel
Moderately critical
http://www.secunia.com/advisories/9011/
--
Debian update for ethereal
Moderately critical
http://www.secunia.com/advisories/9010/
--
H-Sphere Cross Site Scripting
Less critical
http://www.secunia.com/advisories/9009/
--
Nokia GGSN Denial of Service
Moderately critical
http://www.secunia.com/advisories/9008/
--
Ethereal Multiple Protocol Dissector Vulnerabilities
Moderately critical
http://www.secunia.com/advisories/9007/
--
Debian update for cupsys
Less critical
http://www.secunia.com/advisories/9006/
===========================================================================
Secunia recommends that you verify all advisories you receive, by clicking
the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.
Contact details:
Web : http://www.secunia.com/
E-mail : supportat_private
Tel : +44 (0) 20 7016 2693
Fax : +44 (0) 20 7637 0419
===========================================================================
-
ISN is currently hosted by Attrition.org
To unsubscribe email majordomoat_private with 'unsubscribe isn'
in the BODY of the mail.
This archive was generated by hypermail 2b30 : Thu Jun 19 2003 - 05:29:09 PDT