===========================================================================
The Secunia Weekly Advisory Summary
2003-07-17 - 2003-07-24
This week : 53 advisories
===========================================================================
Are you confident that your environment is secure?
Really Secure?
or have you missed one patch!
Spend 2 minutes and get your security level documented via The Secunia
Vulnerability Scanner.
https://testzone.secunia.com/online_vulnerability_scanner/
===========================================================================
============
2003-07-24
============
Oracle E-Business Exposure of Sensitive Information
Less critical
http://www.secunia.com/advisories/9340/
--
Oracle Database Server Buffer Overflow
Moderately critical
http://www.secunia.com/advisories/9339/
--
Oracle E-Business Remotely Exploitable Buffer Overflow
Highly critical
http://www.secunia.com/advisories/9338/
--
Microsoft Windows NT Denial of Service
Not critical
http://www.secunia.com/advisories/9337/
============
2003-07-23
============
Microsoft SQL Server and MSDE Multiple Vulnerabilities
Moderately critical
http://www.secunia.com/advisories/9336/
--
Microsoft Windows DirectX Remotely Exploitable Buffer Overflow
Highly critical
http://www.secunia.com/advisories/9335/
--
Microsoft Windows Server 2003 / IIS 6 Cross Site Scripting
Moderately critical
http://www.secunia.com/advisories/9334/
--
3Com OfficeConnect Denial of Service
Less critical
http://www.secunia.com/advisories/9333/
--
XAVi 7028r Denial of Service
Less critical
http://www.secunia.com/advisories/9332/
--
ashnews Arbitrary File Inclusion Vulnerability
Highly critical
http://www.secunia.com/advisories/9331/
--
FDclone Insecure Temporary Files
Less critical
http://www.secunia.com/advisories/9330/
--
NeTraverse Merge Privilege Escalation
Less critical
http://www.secunia.com/advisories/9329/
--
Gentoo update for gnupg
Less critical
http://www.secunia.com/advisories/9328/
--
Conectiva update for nfs-utils
Moderately critical
http://www.secunia.com/advisories/9327/
--
Conectiva update for Kernel
Moderately critical
http://www.secunia.com/advisories/9326/
--
Conectiva update for CUPS
Moderately critical
http://www.secunia.com/advisories/9325/
--
Apple QuickTime/Darwin Streaming Server Multiple Vulnerabilities
Moderately critical
http://www.secunia.com/advisories/9324/
============
2003-07-22
============
Sun Solaris Denial of Service
Moderately critical
http://www.secunia.com/advisories/9323/
--
Drupal Cross Site Scripting
Less critical
http://www.secunia.com/advisories/9322/
--
NetTerm NetFTPd Denial of Service
Moderately critical
http://www.secunia.com/advisories/9321/
--
Conectiva update for Apache
Less critical
http://www.secunia.com/advisories/9320/
--
Mandrake update for Kernel
Moderately critical
http://www.secunia.com/advisories/9319/
--
Mandrake update for Apache
Less critical
http://www.secunia.com/advisories/9318/
--
Mandrake update for nfs-utils
Moderately critical
http://www.secunia.com/advisories/9317/
--
Linux Kernel 2.4 Multiple Vulnerabilities
Moderately critical
http://www.secunia.com/advisories/9316/
============
2003-07-21
============
Apache log bypass
Less critical
http://www.secunia.com/advisories/9315/
--
SurfControl Nested ZIP Bypass
Moderately critical
http://www.secunia.com/advisories/9314/
--
MSN Messenger Denial of Service
Not critical
http://www.secunia.com/advisories/9313/
--
WebCalendar Arbitrary File Retrieval Vulnerability
Less critical
http://www.secunia.com/advisories/9312/
--
Witango Remotely Exploitable Buffer Overflow
Highly critical
http://www.secunia.com/advisories/9311/
--
WatchGuard ServerLock Protection Bypass
Moderately critical
http://www.secunia.com/advisories/9310/
--
Gentoo update for nfs-utils
Moderately critical
http://www.secunia.com/advisories/9309/
============
2003-07-19
============
digi-ads / digi-news Authentication Vulnerability
Moderately critical
http://www.secunia.com/advisories/9308/
--
Splatt Forum Cross-Site Scripting Vulnerability
Less critical
http://www.secunia.com/advisories/9307/
--
SimpNews Arbitrary File Inclusion Vulnerability
Highly critical
http://www.secunia.com/advisories/9306/
--
HP-UX update for Java Runtime Environment
Less critical
http://www.secunia.com/advisories/9303/
--
Elite News Authentication Vulnerability
Highly critical
http://www.secunia.com/advisories/9302/
--
McAfee WebShield SMTP Content Filter Bypass Vulnerability
Less critical
http://www.secunia.com/advisories/9300/
============
2003-07-18
============
Backup and Restore Utility Privilege Escalation Vulnerabilities
Less critical
http://www.secunia.com/advisories/9305/
--
OmniHTTPd Cross-Site Scripting Vulnerability
Less critical
http://www.secunia.com/advisories/9304/
--
HP-UX update for Apache
Highly critical
http://www.secunia.com/advisories/9301/
--
Teledat DSL Router Portscan Denial of Service Vulnerability
Moderately critical
http://www.secunia.com/advisories/9299/
--
IBM U2 UniVerse "uvrestore" Buffer Overflow Vulnerability
Less critical
http://www.secunia.com/advisories/9298/
--
IBM U2 UniVerse "uvadmsh" Privilege Escalation Vulnerability
Less critical
http://www.secunia.com/advisories/9297/
--
IBM U2 UniVerse "cci_dir" Privilege Escalation Vulnerability
Less critical
http://www.secunia.com/advisories/9296/
============
2003-07-17
============
eStore Path Disclosure and SQL Injection Vulnerabilities
Moderately critical
http://www.secunia.com/advisories/9295/
--
Citadel/UX Multiple Vulnerabilities
Highly critical
http://www.secunia.com/advisories/9294/
--
E-mail System Database Download and SQL Injection Vulnerabilities
Highly critical
http://www.secunia.com/advisories/9293/
--
SGI IRIX scheme Privilege Escalation Vulnerability
Less critical
http://www.secunia.com/advisories/9292/
--
SGI IRIX Name Service Daemon Multiple Vulnerabilities
Less critical
http://www.secunia.com/advisories/9291/
--
Debian update for php4
Less critical
http://www.secunia.com/advisories/9290/
--
Conectiva update for phpgroupware
Less critical
http://www.secunia.com/advisories/9289/
--
Cisco IOS IPv4 Packet Processing Denial of Service Vulnerability
Moderately critical
http://www.secunia.com/advisories/9288/
===========================================================================
Secunia recommends that you verify all advisories you receive, by clicking
the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.
Contact details:
Web : http://www.secunia.com/
E-mail : supportat_private
Tel : +44 (0) 20 7016 2693
Fax : +44 (0) 20 7637 0419
===========================================================================
-
ISN is currently hosted by Attrition.org
To unsubscribe email majordomoat_private with 'unsubscribe isn'
in the BODY of the mail.
This archive was generated by hypermail 2b30 : Fri Jul 25 2003 - 01:28:23 PDT