===========================================================================
The Secunia Weekly Advisory Summary
2003-08-07 - 2003-08-14
This week : 60 advisories
===========================================================================
Are you confident that your environment is secure?
Really Secure?
or have you missed one patch!
Spend 2 minutes and get your security level documented via The Secunia
Vulnerability Scanner.
https://testzone.secunia.com/online_vulnerability_scanner/
===========================================================================
============
2003-08-14
============
BulletProof FTP Stores Passwords in Clear Text
Less critical
http://www.secunia.com/advisories/9525/
--
Tru64 UNIX OpenSSL Information Disclosure Vulnerabilities
Less critical
http://www.secunia.com/advisories/9524/
--
IRIX NFS XDR Decoding Denial of Service Vulnerability
Less critical
http://www.secunia.com/advisories/9522/
--
Sun Solaris WU-FTPD Vulnerability
Highly critical
http://www.secunia.com/advisories/9521/
============
2003-08-13
============
MDaemon Allows Relaying Using Blank Passwords
Moderately critical
http://www.secunia.com/advisories/9520/
--
Netris Remotely Exploitable Buffer Overflow
Moderately critical
http://www.secunia.com/advisories/9519/
--
HostAdmin Path Disclosure
Not critical
http://www.secunia.com/advisories/9518/
--
phpWebSite Cross Site Scripting and SQL Injection
Moderately critical
http://www.secunia.com/advisories/9517/
--
HOLA! cms Potential System Access
Highly critical
http://www.secunia.com/advisories/9516/
--
SuSE update for kernel
Moderately critical
http://www.secunia.com/advisories/9515/
============
2003-08-12
============
Lil HTTP Server Stores Passwords in Clear Text
Less critical
http://www.secunia.com/advisories/9514/
--
Meteor FTP Reveals Passwords
Less critical
http://www.secunia.com/advisories/9513/
--
War FTP Daemon Stores Passwords in Clear Text
Less critical
http://www.secunia.com/advisories/9512/
--
Mercury Mail Transport System Stores Passwords in Clear Text
Less critical
http://www.secunia.com/advisories/9511/
--
Xynph FTP-Server Stores Passwords in Clear Text
Less critical
http://www.secunia.com/advisories/9510/
--
Sun update for kernel
Moderately critical
http://www.secunia.com/advisories/9509/
--
Xitami Fails to Log Invalid Requests
Less critical
http://www.secunia.com/advisories/9508/
--
BadBlue Stores Passwords in Clear Text
Less critical
http://www.secunia.com/advisories/9507/
--
distcc Insecure Temporary File Handling Vulnerability
Less critical
http://www.secunia.com/advisories/9506/
--
xMule P2P Client Format String Vulnerability
Moderately critical
http://www.secunia.com/advisories/9505/
--
FreeBSD IBCS2 Kernel Memory Disclosure Vulnerability
Less critical
http://www.secunia.com/advisories/9504/
--
FreeBSD Invalid Signal Number Vulnerability
Less critical
http://www.secunia.com/advisories/9503/
--
SandSprite Chat Server Cross Site Scripting
Less critical
http://www.secunia.com/advisories/9502/
--
Webware for Python Execution of Arbitrary Code
Highly critical
http://www.secunia.com/advisories/9501/
--
Sun iPlanet Directory Server Directory Traversal
Less critical
http://www.secunia.com/advisories/9500/
--
Conectiva update for lynx
Not critical
http://www.secunia.com/advisories/9499/
--
SkunkWEB Directory Traversal and Cross-Site Scripting
Moderately critical
http://www.secunia.com/advisories/9498/
--
Zorum Cross Site Scripting Vulnerability
Less critical
http://www.secunia.com/advisories/9497/
--
DCForum+ Cross Site Scripting Vulnerability
Less critical
http://www.secunia.com/advisories/9496/
--
Stellar Docs Path Disclosure
Not critical
http://www.secunia.com/advisories/9495/
--
BBPro Store Builder Path Disclosure
Not critical
http://www.secunia.com/advisories/9494/
--
News Wizard Path Disclosure
Not critical
http://www.secunia.com/advisories/9493/
--
geeeekShop Shopping Cart System Path Disclosure
Not critical
http://www.secunia.com/advisories/9492/
--
Polyspaston C-Cart Path Disclosure
Not critical
http://www.secunia.com/advisories/9491/
--
JCSI Single Sign-On Access Control Security Issue
Less critical
http://www.secunia.com/advisories/9489/
============
2003-08-11
============
HP Tru64 UNIX Unspecified Screend Vulnerability
Moderately critical
http://www.secunia.com/advisories/9490/
--
Debian update for zblast-svgalib
Not critical
http://www.secunia.com/advisories/9488/
--
Meteor FTP Denial of Service Vulnerability
Less critical
http://www.secunia.com/advisories/9487/
--
Red Hat update for ddskk
Less critical
http://www.secunia.com/advisories/9486/
--
Debian xpcd Privilege Escalation Vulnerability
Less critical
http://www.secunia.com/advisories/9485/
--
Red Hat update for up2date
Less critical
http://www.secunia.com/advisories/9484/
--
SurgeLDAP Multiple Vulnerabilities
Less critical
http://www.secunia.com/advisories/9483/
--
DCE Unspecified Denial of Service Vulnerability
Less critical
http://www.secunia.com/advisories/9482/
--
Debian pam-pgsql Username Format String Vulnerability
Less critical
http://www.secunia.com/advisories/9481/
--
Red Hat update for KDE
Less critical
http://www.secunia.com/advisories/9480/
--
Debian update for kdelibs-crypto
Moderately critical
http://www.secunia.com/advisories/9479/
--
Debian update for xtokkaetama
Not critical
http://www.secunia.com/advisories/9478/
--
IPNetMonitorX and IPNetSentryX Helper Tool Vulnerabilities
Less critical
http://www.secunia.com/advisories/9476/
--
tcpflow Device Format String Vulnerability
Less critical
http://www.secunia.com/advisories/9475/
============
2003-08-08
============
Cisco Content Services Switch Denial of Service
Moderately critical
http://www.secunia.com/advisories/9477/
--
VMware Workstation Allows Deletion of Arbitrary Files
Less critical
http://www.secunia.com/advisories/9474/
--
Trustix update for Stunnel
Moderately critical
http://www.secunia.com/advisories/9473/
--
Trustix update for Postfix
Moderately critical
http://www.secunia.com/advisories/9472/
--
Novell iChain User Session Security Issue
Moderately critical
http://www.secunia.com/advisories/9471/
--
Immunix update for WU-FTPD
Highly critical
http://www.secunia.com/advisories/9470/
============
2003-08-07
============
Ideal BB Cross-Site Scripting Vulnerability
Less critical
http://www.secunia.com/advisories/9469/
--
IBM Lotus Sametime Encryption Vulnerabilities
Moderately critical
http://www.secunia.com/advisories/9468/
--
Crob FTP Server Denial of Service
Moderately critical
http://www.secunia.com/advisories/9467/
--
BEA WebLogic Cross Site Scripting Vulnerability
Less critical
http://www.secunia.com/advisories/9466/
--
121 WAM! Server Directory Traversal Vulnerability
Moderately critical
http://www.secunia.com/advisories/9465/
===========================================================================
Secunia recommends that you verify all advisories you receive, by clicking
the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.
Contact details:
Web : http://www.secunia.com/
E-mail : supportat_private
Tel : +44 (0) 20 7016 2693
Fax : +44 (0) 20 7637 0419
===========================================================================
-
ISN is currently hosted by Attrition.org
To unsubscribe email majordomoat_private with 'unsubscribe isn'
in the BODY of the mail.
This archive was generated by hypermail 2b30 : Thu Aug 14 2003 - 05:40:13 PDT