=========================================================================== The Secunia Weekly Advisory Summary 2003-06-26 - 2003-07-03 This week : 45 advisories =========================================================================== Are you confident that your environment is secure? Really Secure? or have you missed one patch! Spend 2 minutes and get your security level documented via The Secunia Vulnerability Scanner. https://testzone.secunia.com/online_vulnerability_scanner/ =========================================================================== ============ 2003-07-03 ============ Red Hat update for ethereal Moderately critical http://www.secunia.com/advisories/9173/ ============ 2003-07-02 ============ Windows 2000 Server Active Directory Buffer Overflow Vulnerability Moderately critical http://www.secunia.com/advisories/9171/ -- Windows NetMeeting Directory Traversal Vulnerability Moderately critical http://www.secunia.com/advisories/9170/ -- Caché Privilege Escalation Vulnerabilities Less critical http://www.secunia.com/advisories/9166/ -- CyberShop eShop SQL Injection Vulnerability Moderately critical http://www.secunia.com/advisories/9165/ -- eXtremail Logging Function Format String Vulnerability Extremely critical http://www.secunia.com/advisories/9164/ -- Red Hat update for unzip Less critical http://www.secunia.com/advisories/9163/ -- Conectiva update for KDE Moderately critical http://www.secunia.com/advisories/9162/ -- Abyss Web Server Long Request Heap Overflow Vulnerability Highly critical http://www.secunia.com/advisories/9160/ -- MegaBook Cross-Site Scripting Vulnerabilities Less critical http://www.secunia.com/advisories/9159/ -- Red Hat update for PHP Less critical http://www.secunia.com/advisories/9155/ ============ 2003-07-01 ============ Red Hat update for unzip Less critical http://www.secunia.com/advisories/9161/ -- VMware Workstation Privilege Escalation Vulnerability Less critical http://www.secunia.com/advisories/9158/ -- ProductCart Cross-Site Scripting Vulnerability Less critical http://www.secunia.com/advisories/9157/ -- Opera Browser Multiple Denial of Service Issues Not critical http://www.secunia.com/advisories/9156/ -- Linux Kernel 2.4 execve() Vulnerability Not critical http://www.secunia.com/advisories/9154/ -- CuteNews Cross-Site Scripting Vulnerability Moderately critical http://www.secunia.com/advisories/9150/ -- WebBBS Cross-Site Scripting Vulnerability Less critical http://www.secunia.com/advisories/9149/ ============ 2003-06-30 ============ Debian update for kernel 2.4.17 (MIPS and Source) Moderately critical http://www.secunia.com/advisories/9153/ -- Debian update for kernel 2.2.20 (i386) Moderately critical http://www.secunia.com/advisories/9152/ -- wzdftpd PORT Command Denial of Service Vulnerability Less critical http://www.secunia.com/advisories/9151/ -- Gentoo update for phpBB Moderately critical http://www.secunia.com/advisories/9148/ -- Multiple IRC Daemon Format String Vulnerability Less critical http://www.secunia.com/advisories/9147/ -- Conectiva update for kopete Moderately critical http://www.secunia.com/advisories/9146/ -- Gentoo update for noweb Less critical http://www.secunia.com/advisories/9145/ -- Gentoo update for gnocatan Moderately critical http://www.secunia.com/advisories/9144/ -- Conectiva update for radiusd-cistron Less critical http://www.secunia.com/advisories/9143/ -- Mandrake update for ypserv Less critical http://www.secunia.com/advisories/9142/ -- Mandrake update for Xpdf Moderately critical http://www.secunia.com/advisories/9141/ -- ImageMagick Insecure Temporary File Creation Vulnerability Less critical http://www.secunia.com/advisories/9140/ -- ACM Network Protocol Integer Overflow Vulnerability Moderately critical http://www.secunia.com/advisories/9139/ -- XGalaga HOME Environment Variable Buffer Overflow Vulnerability Not critical http://www.secunia.com/advisories/9138/ -- Debian Mantis Insecure File Permissions Less critical http://www.secunia.com/advisories/9137/ -- GTKSee PNG Image Buffer Overflow Vulnerability Moderately critical http://www.secunia.com/advisories/9136/ -- Debian update for proftpd Moderately critical http://www.secunia.com/advisories/9129/ ============ 2003-06-27 ============ VxFS Incorrect File Permissions Vulnerability Less critical http://www.secunia.com/advisories/9135/ -- LBreakout Server Format String Vulnerability Moderately critical http://www.secunia.com/advisories/9134/ -- more.groupware Cross-Site Scripting and File Upload Moderately critical http://www.secunia.com/advisories/9133/ -- iXmail Multiple Vulnerabilities Highly critical http://www.secunia.com/advisories/9132/ -- OptiSwitch User Authentication Bypass Vulnerability Moderately critical http://www.secunia.com/advisories/9131/ -- HP Tru64 ksh Denial of Service Vulnerability Not critical http://www.secunia.com/advisories/9130/ -- Symantec Norton AntiVirus Fails to Detect Malware on Floppy Less critical http://www.secunia.com/advisories/9128/ -- Sun ONE Application Server User Authentication Vulnerability Moderately critical http://www.secunia.com/advisories/9125/ ============ 2003-06-26 ============ Mabry Software FTPServer/X Response Buffer Overflow Vulnerability Highly critical http://www.secunia.com/advisories/9127/ -- Sharp Zaurus SMB Unauthorized Access Vulnerability Moderately critical http://www.secunia.com/advisories/9126/ =========================================================================== Secunia recommends that you verify all advisories you receive, by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Contact details: Web : http://www.secunia.com/ E-mail : supportat_private Tel : +44 (0) 20 7016 2693 Fax : +44 (0) 20 7637 0419 =========================================================================== - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Mon Jul 07 2003 - 02:35:47 PDT