===========================================================================
The Secunia Weekly Advisory Summary
2003-07-10 - 2003-07-17
This week : 59 advisories
===========================================================================
Are you confident that your environment is secure?
Really Secure?
or have you missed one patch!
Spend 2 minutes and get your security level documented via The Secunia
Vulnerability Scanner.
https://testzone.secunia.com/online_vulnerability_scanner/
===========================================================================
============
2003-07-16
============
Windows RPC DCOM Interface Buffer Overflow Vulnerability
Moderately critical
http://www.secunia.com/advisories/9287/
--
Windows SMTP Service Invalid Timestamp Denial of Service
Moderately critical
http://www.secunia.com/advisories/9286/
--
.netCART Database Download Vulnerability
Highly critical
http://www.secunia.com/advisories/9285/
--
Synthigence Forum/Chat Database Download Vulnerability
Moderately critical
http://www.secunia.com/advisories/9284/
--
Asus ADSL Routers Information Disclosure Vulnerabilities
Moderately critical
http://www.secunia.com/advisories/9283/
--
Netscape Client Detection Tool Buffer Overflow Vulnerability
Less critical
http://www.secunia.com/advisories/9282/
--
NeoModus Direct Connect Multiple Request Denial of Service
Less critical
http://www.secunia.com/advisories/9281/
--
Mandrake update for kernel
Moderately critical
http://www.secunia.com/advisories/9280/
--
Message Foundry Multiple Vulnerabilities
Moderately critical
http://www.secunia.com/advisories/9279/
--
Polycom MGC-25 Control Port Denial of Service Vulnerability
Less critical
http://www.secunia.com/advisories/9278/
--
Internet Explorer AutoScan Method Cross-Site Scripting Vulnerability
Moderately critical
http://www.secunia.com/advisories/9268/
--
Microsoft JET Database Engine Buffer Overflow Vulnerability
Less critical
http://www.secunia.com/advisories/9265/
--
CyberShop ASP Database Download Vulnerability
Highly critical
http://www.secunia.com/advisories/9257/
============
2003-07-15
============
Conectiva update for ucd-snmp
Less critical
http://www.secunia.com/advisories/9277/
--
Conectiva update for mpg123
Moderately critical
http://www.secunia.com/advisories/9276/
--
HtmltoNuke Cross-Site Scripting Vulnerability
Less critical
http://www.secunia.com/advisories/9275/
--
BlackBook Multiple Information Disclosure Vulnerabilities
Less critical
http://www.secunia.com/advisories/9274/
--
Falcon's Eye Privilege Escalation Vulnerability
Not critical
http://www.secunia.com/advisories/9273/
--
SuSE update for nfs-utils
Moderately critical
http://www.secunia.com/advisories/9272/
--
Invision Power File Manager Unspecified Vulnerability
Highly critical
http://www.secunia.com/advisories/9270/
--
Sun Linux update for Netscape
Moderately critical
http://www.secunia.com/advisories/9269/
--
Invision Power Board Cross-Site Scripting and SQL Injection
Moderately critical
http://www.secunia.com/advisories/9266/
--
Debian update for nfs-utils
Moderately critical
http://www.secunia.com/advisories/9264/
--
Slackware update for nfs-utils
Moderately critical
http://www.secunia.com/advisories/9263/
--
Red Hat update for Mozilla
Moderately critical
http://www.secunia.com/advisories/9262/
--
Moby NetSuite Directory Traversal Vulnerability
Moderately critical
http://www.secunia.com/advisories/9260/
============
2003-07-14
============
Red Hat update for nfs-utils
Moderately critical
http://www.secunia.com/advisories/9261/
--
nfs-utils "xlog()" Buffer Overflow Vulnerability
Moderately critical
http://www.secunia.com/advisories/9259/
--
phpForum Arbitrary PHP Script Inclusion Vulnerability
Highly critical
http://www.secunia.com/advisories/9258/
--
Mabry Software HTTPServer/X Directory Traversal Vulnerability
Moderately critical
http://www.secunia.com/advisories/9256/
--
StoreFront SQL Injection Vulnerability
Highly critical
http://www.secunia.com/advisories/9255/
--
cftp FTP Banner Buffer Overflow Vulnerability
Less critical
http://www.secunia.com/advisories/9254/
--
MailSite Express Unauthorised Attachment Retrieval Vulnerability
Less critical
http://www.secunia.com/advisories/9252/
--
UMN GopherD FTP Gateway and GSisText Buffer Overflows
Highly critical
http://www.secunia.com/advisories/9251/
--
W-Agora Multiple Vulnerabilities
Less critical
http://www.secunia.com/advisories/9247/
============
2003-07-12
============
forum51 / board51 / news51 Password Hash Disclosure
Less critical
http://www.secunia.com/advisories/9253/
--
Q-Shop Arbitrary File Upload Vulnerability
Highly critical
http://www.secunia.com/advisories/9250/
--
HouseCall / Damage Cleanup Server ActiveX Control Buffer Overflow
Moderately critical
http://www.secunia.com/advisories/9249/
--
Netscreen Non-Supported Transport Protocol Filter Bypass
Moderately critical
http://www.secunia.com/advisories/9248/
--
Coda File System RPC2 Denial of Service Vulnerability
Less critical
http://www.secunia.com/advisories/9246/
--
Gattaca Server 2003 Multiple Vulnerabilities
Moderately critical
http://www.secunia.com/advisories/9242/
============
2003-07-11
============
Red Hat update for Hangul
Moderately critical
http://www.secunia.com/advisories/9245/
--
Red Hat update for Ethereal
Moderately critical
http://www.secunia.com/advisories/9244/
--
BillingExplorer Authentication Vulnerability
Highly critical
http://www.secunia.com/advisories/9243/
--
Gentoo update for cistronradius
Less critical
http://www.secunia.com/advisories/9241/
--
Gentoo update for ypserv
Less critical
http://www.secunia.com/advisories/9240/
--
Gentoo update for gtksee
Moderately critical
http://www.secunia.com/advisories/9239/
--
Gentoo update for unzip
Less critical
http://www.secunia.com/advisories/9238/
--
Bitboard Administrator Password Hash Disclosure Vulnerability
Less critical
http://www.secunia.com/advisories/9237/
--
TurboFTP FTP Server Response Buffer Overflow Vulnerability
Less critical
http://www.secunia.com/advisories/9236/
--
OpenPKG update for infozip
Less critical
http://www.secunia.com/advisories/9235/
--
OpenPKG update for imagemagick
Less critical
http://www.secunia.com/advisories/9234/
--
Conectiva update for pam
Less critical
http://www.secunia.com/advisories/9233/
--
BEA WebLogic Server / Express Administrator Password Disclosure
Vulnerability
Less critical
http://www.secunia.com/advisories/9232/
--
BEA WebLogic Server / Express Unauthorised Console Access Vulnerability
Less critical
http://www.secunia.com/advisories/9231/
--
BEA WebLogic Server / Express Node Manager Plain Text Password
Vulnerability
Less critical
http://www.secunia.com/advisories/9230/
--
SQL Server Named Pipe Privilege Escalation Vulnerability
Less critical
http://www.secunia.com/advisories/9229/
============
2003-07-10
============
TeaPOP Authentication Modules SQL Injection Vulnerability
Moderately critical
http://www.secunia.com/advisories/9228/
--
ICQ Account Password Bypass Vulnerability
Not critical
http://www.secunia.com/advisories/9227/
===========================================================================
Secunia recommends that you verify all advisories you receive, by clicking
the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.
Contact details:
Web : http://www.secunia.com/
E-mail : supportat_private
Tel : +44 (0) 20 7016 2693
Fax : +44 (0) 20 7637 0419
===========================================================================
-
ISN is currently hosted by Attrition.org
To unsubscribe email majordomoat_private with 'unsubscribe isn'
in the BODY of the mail.
This archive was generated by hypermail 2b30 : Fri Jul 18 2003 - 03:53:50 PDT