[ISN] Secunia Weekly Summary

From: InfoSec News (isnat_private)
Date: Mon Jul 07 2003 - 00:08:07 PDT

  • Next message: InfoSec News: "[ISN] [defaced-commentary] Web vandalism contest results unclear"

    ===========================================================================
    
                        The Secunia Weekly Advisory Summary
                              2003-06-26 - 2003-07-03
    
                             This week : 45 advisories
    
    ===========================================================================
    
    Are you confident that your environment is secure?
    
    Really Secure?
    
    or have you missed one patch!
    
    Spend 2 minutes and get your security level documented via The Secunia
    Vulnerability Scanner.
    
    https://testzone.secunia.com/online_vulnerability_scanner/
    
    ===========================================================================
    
    ============
     2003-07-03
    ============
    
    Red Hat update for ethereal
    Moderately critical
    http://www.secunia.com/advisories/9173/
    
    
    ============
     2003-07-02
    ============
    
    Windows 2000 Server Active Directory Buffer Overflow Vulnerability
    Moderately critical
    http://www.secunia.com/advisories/9171/
    
     -- 
    
    Windows NetMeeting Directory Traversal Vulnerability
    Moderately critical
    http://www.secunia.com/advisories/9170/
    
     -- 
    
    Caché Privilege Escalation Vulnerabilities
    Less critical
    http://www.secunia.com/advisories/9166/
    
     -- 
    
    CyberShop eShop SQL Injection Vulnerability
    Moderately critical
    http://www.secunia.com/advisories/9165/
    
     -- 
    
    eXtremail Logging Function Format String Vulnerability
    Extremely critical
    http://www.secunia.com/advisories/9164/
    
     -- 
    
    Red Hat update for unzip
    Less critical
    http://www.secunia.com/advisories/9163/
    
     -- 
    
    Conectiva update for KDE
    Moderately critical
    http://www.secunia.com/advisories/9162/
    
     -- 
    
    Abyss Web Server Long Request Heap Overflow Vulnerability
    Highly critical
    http://www.secunia.com/advisories/9160/
    
     -- 
    
    MegaBook Cross-Site Scripting Vulnerabilities
    Less critical
    http://www.secunia.com/advisories/9159/
    
     -- 
    
    Red Hat update for PHP
    Less critical
    http://www.secunia.com/advisories/9155/
    
    
    ============
     2003-07-01
    ============
    
    Red Hat update for unzip
    Less critical
    http://www.secunia.com/advisories/9161/
    
     -- 
    
    VMware Workstation Privilege Escalation Vulnerability
    Less critical
    http://www.secunia.com/advisories/9158/
    
     -- 
    
    ProductCart Cross-Site Scripting Vulnerability
    Less critical
    http://www.secunia.com/advisories/9157/
    
     -- 
    
    Opera Browser Multiple Denial of Service Issues
    Not critical
    http://www.secunia.com/advisories/9156/
    
     -- 
    
    Linux Kernel 2.4 execve() Vulnerability
    Not critical
    http://www.secunia.com/advisories/9154/
    
     -- 
    
    CuteNews Cross-Site Scripting Vulnerability
    Moderately critical
    http://www.secunia.com/advisories/9150/
    
     -- 
    
    WebBBS Cross-Site Scripting Vulnerability
    Less critical
    http://www.secunia.com/advisories/9149/
    
    
    ============
     2003-06-30
    ============
    
    Debian update for kernel 2.4.17 (MIPS and Source)
    Moderately critical
    http://www.secunia.com/advisories/9153/
    
     -- 
    
    Debian update for kernel 2.2.20 (i386)
    Moderately critical
    http://www.secunia.com/advisories/9152/
    
     -- 
    
    wzdftpd PORT Command Denial of Service Vulnerability
    Less critical
    http://www.secunia.com/advisories/9151/
    
     -- 
    
    Gentoo update for phpBB
    Moderately critical
    http://www.secunia.com/advisories/9148/
    
     -- 
    
    Multiple IRC Daemon Format String Vulnerability
    Less critical
    http://www.secunia.com/advisories/9147/
    
     -- 
    
    Conectiva update for kopete
    Moderately critical
    http://www.secunia.com/advisories/9146/
    
     -- 
    
    Gentoo update for noweb
    Less critical
    http://www.secunia.com/advisories/9145/
    
     -- 
    
    Gentoo update for gnocatan
    Moderately critical
    http://www.secunia.com/advisories/9144/
    
     -- 
    
    Conectiva update for radiusd-cistron
    Less critical
    http://www.secunia.com/advisories/9143/
    
     -- 
    
    Mandrake update for ypserv
    Less critical
    http://www.secunia.com/advisories/9142/
    
     -- 
    
    Mandrake update for Xpdf
    Moderately critical
    http://www.secunia.com/advisories/9141/
    
     -- 
    
    ImageMagick Insecure Temporary File Creation Vulnerability
    Less critical
    http://www.secunia.com/advisories/9140/
    
     -- 
    
    ACM Network Protocol Integer Overflow Vulnerability
    Moderately critical
    http://www.secunia.com/advisories/9139/
    
     -- 
    
    XGalaga HOME Environment Variable Buffer Overflow Vulnerability
    Not critical
    http://www.secunia.com/advisories/9138/
    
     -- 
    
    Debian Mantis Insecure File Permissions
    Less critical
    http://www.secunia.com/advisories/9137/
    
     -- 
    
    GTKSee PNG Image Buffer Overflow Vulnerability
    Moderately critical
    http://www.secunia.com/advisories/9136/
    
     -- 
    
    Debian update for proftpd
    Moderately critical
    http://www.secunia.com/advisories/9129/
    
    
    ============
     2003-06-27
    ============
    
    VxFS Incorrect File Permissions Vulnerability
    Less critical
    http://www.secunia.com/advisories/9135/
    
     -- 
    
    LBreakout Server Format String Vulnerability
    Moderately critical
    http://www.secunia.com/advisories/9134/
    
     -- 
    
    more.groupware Cross-Site Scripting and File Upload
    Moderately critical
    http://www.secunia.com/advisories/9133/
    
     -- 
    
    iXmail Multiple Vulnerabilities
    Highly critical
    http://www.secunia.com/advisories/9132/
    
     -- 
    
    OptiSwitch User Authentication Bypass Vulnerability
    Moderately critical
    http://www.secunia.com/advisories/9131/
    
     -- 
    
    HP Tru64 ksh Denial of Service Vulnerability
    Not critical
    http://www.secunia.com/advisories/9130/
    
     -- 
    
    Symantec Norton AntiVirus Fails to Detect Malware on Floppy
    Less critical
    http://www.secunia.com/advisories/9128/
    
     -- 
    
    Sun ONE Application Server User Authentication Vulnerability
    Moderately critical
    http://www.secunia.com/advisories/9125/
    
    
    ============
     2003-06-26
    ============
    
    Mabry Software FTPServer/X Response Buffer Overflow Vulnerability
    Highly critical
    http://www.secunia.com/advisories/9127/
    
     -- 
    
    Sharp Zaurus SMB Unauthorized Access Vulnerability
    Moderately critical
    http://www.secunia.com/advisories/9126/
    
    
    ===========================================================================
    
    Secunia recommends that you verify all advisories you receive, by clicking
    the link.
    Secunia NEVER sends attached files with advisories.
    Secunia does not advise people to install third party patches, only use
    those supplied by the vendor.
    
    Contact details:
    Web	: http://www.secunia.com/
    E-mail	: supportat_private
    Tel	: +44 (0) 20 7016 2693
    Fax	: +44 (0) 20 7637 0419
    
    ===========================================================================
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Mon Jul 07 2003 - 02:35:47 PDT