===========================================================================
The Secunia Weekly Advisory Summary
2003-07-31 - 2003-08-07
This week : 62 advisories
===========================================================================
Are you confident that your environment is secure?
Really Secure?
or have you missed one patch!
Spend 2 minutes and get your security level documented via The Secunia
Vulnerability Scanner.
https://testzone.secunia.com/online_vulnerability_scanner/
===========================================================================
============
2003-08-06
============
Sun ONE Application Server Unspecified JSP Source Code Disclosure
Moderately critical
http://www.secunia.com/advisories/9461/
--
Symantec Norton AntiVirus Device Driver Privilege Escalation
Less critical
http://www.secunia.com/advisories/9460/
--
ZoneAlarm TrueVector Device Driver Privilege Escalation
Less critical
http://www.secunia.com/advisories/9459/
--
Macromedia Dreamweaver MX PHP Authentication Cross Site Scripting
Less critical
http://www.secunia.com/advisories/9458/
--
Broadboard Cross Site Scripting Vulnerability
Less critical
http://www.secunia.com/advisories/9457/
--
IBM DB2 Local Privilege Escalation
Not critical
http://www.secunia.com/advisories/9456/
--
Debian update for eroaster
Less critical
http://www.secunia.com/advisories/9455/
--
Debian update for phpGroupWare
Moderately critical
http://www.secunia.com/advisories/9454/
--
Compaq Insight Management Agent Format String Vulnerability
Moderately critical
http://www.secunia.com/advisories/9453/
--
NetBSD OSI Networking Kernel Denial of Service Vulnerability
Moderately critical
http://www.secunia.com/advisories/9452/
============
2003-08-05
============
Mollensoft FTP Server Stores Passwords in Clear Text
Less critical
http://www.secunia.com/advisories/9451/
--
vqServer Stores Password in Clear Text
Less critical
http://www.secunia.com/advisories/9450/
--
xtokkaetama "-nickname" Privilege Escalation Vulnerability
Not critical
http://www.secunia.com/advisories/9449/
--
bj Http Web Server Stores Password in Clear Text
Less critical
http://www.secunia.com/advisories/9448/
--
OpenBSD "realpath()" Buffer Overflow Vulnerability
Highly critical
http://www.secunia.com/advisories/9447/
--
NetBSD "realpath()" Buffer Overflow Vulnerability
Highly critical
http://www.secunia.com/advisories/9446/
--
Engarde update for Postfix
Moderately critical
http://www.secunia.com/advisories/9445/
--
Conectiva update for wget
Less critical
http://www.secunia.com/advisories/9444/
--
Conectiva update for Postfix
Moderately critical
http://www.secunia.com/advisories/9443/
--
Debian update for man-db
Less critical
http://www.secunia.com/advisories/9442/
--
TightVNC "QueryAllowNoPass" Authentication Vulnerability
Moderately critical
http://www.secunia.com/advisories/9441/
--
IISShield Fails to Drop Requests
Moderately critical
http://www.secunia.com/advisories/9440/
--
RobotFTP Server Stores Passwords in Clear Text
Less critical
http://www.secunia.com/advisories/9439/
============
2003-08-04
============
Red Hat update for Postfix
Moderately critical
http://www.secunia.com/advisories/9438/
--
SuSE update for Postfix
Moderately critical
http://www.secunia.com/advisories/9437/
--
Small HTTP Server Disclosure of Administrator Password
Less critical
http://www.secunia.com/advisories/9436/
--
Mandrake update for Postfix
Moderately critical
http://www.secunia.com/advisories/9435/
--
Debian update for Postfix
Moderately critical
http://www.secunia.com/advisories/9434/
--
Postfix DoS and Bounce Scan Vulnerabilities
Moderately critical
http://www.secunia.com/advisories/9433/
--
HP-UX update for rpc.mountd
Not critical
http://www.secunia.com/advisories/9432/
--
LiteServe Stores Passwords in Clear Text
Less critical
http://www.secunia.com/advisories/9431/
--
Mandrake update for PHP
Moderately critical
http://www.secunia.com/advisories/9430/
--
IPTables/Netfilter Denial of Service Vulnerabilities
Moderately critical
http://www.secunia.com/advisories/9429/
--
cdrecord Privilege Escalation
Less critical
http://www.secunia.com/advisories/9428/
--
Symantec/Norton Anti Virus Denial of Service Vulnerability
Moderately critical
http://www.secunia.com/advisories/9427/
--
Novell Groupwise May Expose Usernames and Passwords
Not critical
http://www.secunia.com/advisories/9426/
--
Debian mindi Insecure Temporary File Creation Vulnerability
Less critical
http://www.secunia.com/advisories/9425/
--
RAV ActiveX Component Remotely Exploitable Buffer Overflow
Highly critical
http://www.secunia.com/advisories/9424/
--
FreeBSD "realpath()" Buffer Overflow Vulnerability
Highly critical
http://www.secunia.com/advisories/9423/
============
2003-08-02
============
Conectiva update for WU-FTPD
Highly critical
http://www.secunia.com/advisories/9422/
--
Debian update for kdelibs
Moderately critical
http://www.secunia.com/advisories/9421/
--
Slackware update for KDE
Less critical
http://www.secunia.com/advisories/9420/
============
2003-08-01
============
Debian update for xfstt
Less critical
http://www.secunia.com/advisories/9419/
--
OpenVMS update for OpenSSL
Less critical
http://www.secunia.com/advisories/9418/
--
Debian update for atari800
Less critical
http://www.secunia.com/advisories/9417/
--
Atari800 Privilege Escalation Vulnerabilities
Less critical
http://www.secunia.com/advisories/9416/
--
Sun Solaris Unspecified Denial of Service Vulnerability
Less critical
http://www.secunia.com/advisories/9415/
--
Cisco IOS Possible Exposure of Memory
Less critical
http://www.secunia.com/advisories/9414/
--
McAfee ePolicy Orchestrator Multiple Vulnerabilities
Moderately critical
http://www.secunia.com/advisories/9413/
--
GameSpy Arcade ".APK" File Directory Traversal Vulnerability
Moderately critical
http://www.secunia.com/advisories/9412/
--
Debian update for kernel
Moderately critical
http://www.secunia.com/advisories/9411/
--
Red Hat update for WU-FTPD
Highly critical
http://www.secunia.com/advisories/9410/
--
Mandrake update for WU-FTPD
Highly critical
http://www.secunia.com/advisories/9409/
--
SuSE update for wuftpd
Highly critical
http://www.secunia.com/advisories/9408/
--
Debian update for WU-FTPD
Highly critical
http://www.secunia.com/advisories/9407/
--
WU-FTPD "fb_realpath" Buffer Overflow Vulnerability
Highly critical
http://www.secunia.com/advisories/9406/
--
Linux Kernel NFS XDR Denial of Service
Less critical
http://www.secunia.com/advisories/9403/
============
2003-07-31
============
Mandrake update for kdelibs
Less critical
http://www.secunia.com/advisories/9405/
--
NetScreen ScreenOS TCP Window Denial of Service
Moderately critical
http://www.secunia.com/advisories/9404/
--
WOLK Multiple Kernel Vulnerabilities
Moderately critical
http://www.secunia.com/advisories/9402/
--
HP-UX Denial of Service
Moderately critical
http://www.secunia.com/advisories/9401/
--
BEA WebLogic Server and Express User Impersonation
Less critical
http://www.secunia.com/advisories/9400/
===========================================================================
Secunia recommends that you verify all advisories you receive, by clicking
the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.
Contact details:
Web : http://www.secunia.com/
E-mail : supportat_private
Tel : +44 (0) 20 7016 2693
Fax : +44 (0) 20 7637 0419
===========================================================================
-
ISN is currently hosted by Attrition.org
To unsubscribe email majordomoat_private with 'unsubscribe isn'
in the BODY of the mail.
This archive was generated by hypermail 2b30 : Fri Aug 08 2003 - 01:07:44 PDT