=========================================================================== The Secunia Weekly Advisory Summary 2003-08-14 - 2003-08-21 This week : 51 advisories =========================================================================== Are you confident that your environment is secure? Really Secure? or have you missed one patch! Spend 2 minutes and get your security level documented via The Secunia Vulnerability Scanner. https://testzone.secunia.com/online_vulnerability_scanner/ =========================================================================== ============ 2003-08-20 ============ Updated - Special Alert: Microsoft Internet Explorer Multiple Vulnerabilities Extremely critical http://www.secunia.com/advisories/9580/ -- Microsoft MDAC Buffer Overflow Moderately critical http://www.secunia.com/advisories/9579/ -- Cerberus FTP Server Denial of Service Vulnerability Less critical http://www.secunia.com/advisories/9575/ -- Allenchow POP3 Checker Weak Password Encryption Less critical http://www.secunia.com/advisories/9574/ -- Starfish Family Mail Stores Account Information in Clear Text Less critical http://www.secunia.com/advisories/9573/ -- vHost POP3 Denial of Service Vulnerability Moderately critical http://www.secunia.com/advisories/9572/ -- HP update for Internet Express Highly critical http://www.secunia.com/advisories/9570/ -- Oracle 9i XML Database Buffer Overflow Moderately critical http://www.secunia.com/advisories/9569/ -- Mandrake update for eroaster Less critical http://www.secunia.com/advisories/9568/ ============ 2003-08-19 ============ phpBB Cross Site Scripting Vulnerability Less critical http://www.secunia.com/advisories/9567/ -- WebFtp Stores Account Information in Clear Text Less critical http://www.secunia.com/advisories/9566/ -- MySQL Win32 Exposes Admin Password Less critical http://www.secunia.com/advisories/9565/ -- MatrikzGB Exposure of Passwords Moderately critical http://www.secunia.com/advisories/9564/ -- phpSecureSite SQL Injection Vulnerability Moderately critical http://www.secunia.com/advisories/9563/ -- Conectiva update for OpenSLP Less critical http://www.secunia.com/advisories/9562/ -- Sun Linux update for Mozilla/Galeon Moderately critical http://www.secunia.com/advisories/9561/ -- Sun Linux update for OpenSSH Less critical http://www.secunia.com/advisories/9560/ -- OpenSLP Insecure Temporary File Handling Vulnerability Less critical http://www.secunia.com/advisories/9559/ -- Sun Linux update for stunnel Moderately critical http://www.secunia.com/advisories/9558/ -- Sun Linux update for VNC Moderately critical http://www.secunia.com/advisories/9557/ -- Sun Linux update for wu-ftpd Highly critical http://www.secunia.com/advisories/9556/ -- msmtp Authentication Information Disclosure Vulnerability Less critical http://www.secunia.com/advisories/9555/ -- eMule Multiple Vulnerabilities Moderately critical http://www.secunia.com/advisories/9553/ ============ 2003-08-18 ============ AttilaPHP Cross-Site Scripting and Path Disclosure Less critical http://www.secunia.com/advisories/9554/ -- WebiToome Stores Account Information in Clear Text Less critical http://www.secunia.com/advisories/9552/ -- Debian autorespond Buffer Overflow Vulnerability Moderately critical http://www.secunia.com/advisories/9551/ -- Magic Winmail Server Stores Account Information in Clear Text Less critical http://www.secunia.com/advisories/9550/ -- CPOP Stores Account Information in Clear Text Less critical http://www.secunia.com/advisories/9549/ -- Poster version.two Access to Setup Moderately critical http://www.secunia.com/advisories/9548/ -- Netware XNFS Denial of Service Vulnerability Less critical http://www.secunia.com/advisories/9547/ -- Open UNIX / Unixware update for metamail Highly critical http://www.secunia.com/advisories/9546/ -- Sun Linux Python Insecure Temporary Files Less critical http://www.secunia.com/advisories/9545/ -- PHPki Insecure Temporary File Creation Vulnerability Less critical http://www.secunia.com/advisories/9544/ -- Debian update for netris Moderately critical http://www.secunia.com/advisories/9543/ -- Dropbear SSH Server Username Format String Vulnerability Highly critical http://www.secunia.com/advisories/9542/ -- Ecartis Multiple Vulnerabilities Highly critical http://www.secunia.com/advisories/9539/ -- Horde Exposure of Session ID Less critical http://www.secunia.com/advisories/9530/ ============ 2003-08-15 ============ Sun ONE Web Server Unspecified Denial of Service Moderately critical http://www.secunia.com/advisories/9541/ -- RSA ACE/Agent and URLScan Enumeration of Blocked File Extensions Not critical http://www.secunia.com/advisories/9540/ -- HP-UX DCE Denial of Service Vulnerability Less critical http://www.secunia.com/advisories/9538/ -- Gentoo update for Semi Less critical http://www.secunia.com/advisories/9537/ -- IRIX Checkpoint/Restart System Privilege Escalation Vulnerability Less critical http://www.secunia.com/advisories/9536/ -- Mac OS X "fb_realpath()" Buffer Overflow Vulnerability Highly critical http://www.secunia.com/advisories/9535/ ============ 2003-08-14 ============ Microsoft MCIWNDX.OCX ActiveX Plugin Buffer Overflow Highly critical http://www.secunia.com/advisories/9534/ -- Gentoo update for gentoo-sources Moderately critical http://www.secunia.com/advisories/9533/ -- Inframail Stores Passwords in Clear Text Less critical http://www.secunia.com/advisories/9532/ -- WorkgroupMail Stores Passwords in Clear Text Less critical http://www.secunia.com/advisories/9531/ -- ChitChat.NET Cross-Site Scripting Vulnerability Less critical http://www.secunia.com/advisories/9529/ -- Xoops Cross Site Scripting Less critical http://www.secunia.com/advisories/9528/ -- Small ftpd Stores Passwords in Clear Text Less critical http://www.secunia.com/advisories/9527/ -- WWW File Share Pro Stores Password in Clear Text Less critical http://www.secunia.com/advisories/9526/ =========================================================================== Secunia recommends that you verify all advisories you receive, by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Contact details: Web : http://www.secunia.com/ E-mail : supportat_private Tel : +44 (0) 20 7016 2693 Fax : +44 (0) 20 7637 0419 =========================================================================== - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Fri Aug 22 2003 - 05:08:45 PDT