===========================================================================
The Secunia Weekly Advisory Summary
2003-09-11 - 2003-09-18
This week : 60 advisories
===========================================================================
On September 10th Microsoft released a patch against three new RPC
vulnerabilities. Several sources have reported that exploit code is in the
wild.
Make sure that your systems are patched and secure against a new series of
possible Blaster like worms.
Secunia has made an on-line test which quickly determines whether your
system is vulnerable or not:
http://www.secunia.com/MS03-039/
For more information see SA9692:
http://www.secunia.com/advisories/9692/
Secunia - Stay Secure
===========================================================================
============
2003-09-18
============
Red Hat update for sendmail
SA9768 - Highly critical
http://www.secunia.com/advisories/9768/
--
FreeBSD update for sendmail
SA9767 - Highly critical
http://www.secunia.com/advisories/9767/
--
Gentoo update for sendmail
SA9766 - Highly critical
http://www.secunia.com/advisories/9766/
--
Mandrake update for sendmail
SA9765 - Highly critical
http://www.secunia.com/advisories/9765/
============
2003-09-17
============
OpenBSD update for sendmail
SA9764 - Highly critical
http://www.secunia.com/advisories/9764/
--
Slackware update for sendmail
SA9763 - Highly critical
http://www.secunia.com/advisories/9763/
--
Red Hat update for sendmail
SA9762 - Highly critical
http://www.secunia.com/advisories/9762/
--
OpenPKG update for OpenSSH
SA9761 - Highly critical
http://www.secunia.com/advisories/9761/
--
Yahoo! Chat and Messenger Stack and Heap Overflows
SA9760 - Highly critical
http://www.secunia.com/advisories/9760/
--
SGI Irix update for NFS
SA9759 - Less critical
http://www.secunia.com/advisories/9759/
--
Sendmail prescan() Vulnerability
SA9758 - Highly critical
http://www.secunia.com/advisories/9758/
--
XFree Weak Session Cookies
SA9757 - Less critical
http://www.secunia.com/advisories/9757/
--
Cisco Multiple Products Affected by OpenSSH Vulnerability
SA9756 - Highly critical
http://www.secunia.com/advisories/9756/
--
Mandrake update for KDE
SA9755 - Less critical
http://www.secunia.com/advisories/9755/
--
Red Hat update for KDE
SA9754 - Less critical
http://www.secunia.com/advisories/9754/
--
KDE Privilege Escalation and Weak Session Cookie
SA9753 - Less critical
http://www.secunia.com/advisories/9753/
--
Slackware update for OpenSSH
SA9752 - Highly critical
http://www.secunia.com/advisories/9752/
--
Mandrake update for OpenSSH
SA9751 - Highly critical
http://www.secunia.com/advisories/9751/
--
SuSE update for OpenSSH
SA9750 - Highly critical
http://www.secunia.com/advisories/9750/
--
Gentoo update for OpenSSH
SA9749 - Highly critical
http://www.secunia.com/advisories/9749/
--
OpenBSD update for OpenSSH
SA9746 - Highly critical
http://www.secunia.com/advisories/9746/
--
FreeBSD update for OpenSSH
SA9745 - Highly critical
http://www.secunia.com/advisories/9745/
============
2003-09-16
============
Debian update for OpenSSH
SA9748 - Highly critical
http://www.secunia.com/advisories/9748/
--
Red Hat update for OpenSSH
SA9747 - Highly critical
http://www.secunia.com/advisories/9747/
--
EnGarde update for OpenSSH
SA9744 - Highly critical
http://www.secunia.com/advisories/9744/
--
OpenSSH "buffer_append_space()" Buffer Management Vulnerability
SA9743 - Highly critical
http://www.secunia.com/advisories/9743/
--
Sun Solaris Sadmind Insecure Default Configuration
SA9742 - Moderately critical
http://www.secunia.com/advisories/9742/
--
Spider Privilege Escalation Vulnerability
SA9741 - Not critical
http://www.secunia.com/advisories/9741/
--
Nokia Electronic Documentation Multiple Vulnerabilities
SA9740 - Less critical
http://www.secunia.com/advisories/9740/
--
WideChapter URL Buffer Overflow Vulnerability
SA9739 - Highly critical
http://www.secunia.com/advisories/9739/
--
Forum Web Server Directory Traversal and Login Bypass
SA9738 - Moderately critical
http://www.secunia.com/advisories/9738/
--
Gentoo update for Pine
SA9737 - Highly critical
http://www.secunia.com/advisories/9737/
--
Easy File Sharing Web Server Cross Site Scripting and Directory Traversal
SA9736 - Moderately critical
http://www.secunia.com/advisories/9736/
--
DBabble Cross Site Scripting Vulnerability
SA9735 - Less critical
http://www.secunia.com/advisories/9735/
============
2003-09-15
============
SCO OpenServer Internet Manager Privilege Escalation
SA9734 - Less critical
http://www.secunia.com/advisories/9734/
--
Gentoo update for Exim
SA9733 - Moderately critical
http://www.secunia.com/advisories/9733/
--
OpenPKG update for MySQL
SA9732 - Not critical
http://www.secunia.com/advisories/9732/
--
Bandwebsite Lack of Authentication
SA9731 - Moderately critical
http://www.secunia.com/advisories/9731/
--
Gentoo update for MySQL
SA9730 - Not critical
http://www.secunia.com/advisories/9730/
--
Eudora Multiple Vulnerabilities
SA9729 - Highly critical
http://www.secunia.com/advisories/9729/
--
MyServer math_sum.mscgi Buffer Overflow Vulnerability
SA9728 - Highly critical
http://www.secunia.com/advisories/9728/
--
Conectiva update for gtkhtml
SA9727 - Less critical
http://www.secunia.com/advisories/9727/
--
Debian update for MySQL
SA9726 - Not critical
http://www.secunia.com/advisories/9726/
============
2003-09-13
============
Conectiva update for Pine
SA9725 - Highly critical
http://www.secunia.com/advisories/9725/
--
Debian update for XFree86
SA9724 - Moderately critical
http://www.secunia.com/advisories/9724/
--
OpenBSD Semaphore Limit Integer Overflow
SA9722 - Not critical
http://www.secunia.com/advisories/9722/
--
FTGatePro Exposure of Sensitive Information
SA9719 - Less critical
http://www.secunia.com/advisories/9719/
--
Asterisk CallerID SQL Injection Vulnerability
SA9718 - Moderately critical
http://www.secunia.com/advisories/9718/
--
Microsoft ASP.NET Request Validation Bypass Vulnerability
SA9716 - Less critical
http://www.secunia.com/advisories/9716/
--
Gordano Exposure of Information and Denial of Service
SA9714 - Not critical
http://www.secunia.com/advisories/9714/
============
2003-09-12
============
4D WebSTAR Remotely Exploitable Buffer Overflow
SA9723 - Highly critical
http://www.secunia.com/advisories/9723/
--
myPHPNuke Arbitrary File Inclusion Vulnerability
SA9721 - Highly critical
http://www.secunia.com/advisories/9721/
--
Windows 2003 Server Buffer Overflow Protection Mechanism Bypass
SA9720 - Less critical
http://www.secunia.com/advisories/9720/
--
EnGarde update for Pine
SA9717 - Highly critical
http://www.secunia.com/advisories/9717/
--
Mandrake update for XFree86
SA9715 - Less critical
http://www.secunia.com/advisories/9715/
--
OpenVMS update for DCE/COM
SA9713 - Less critical
http://www.secunia.com/advisories/9713/
--
Invision Power Board BBCode Tags Cross-Site Scripting
SA9712 - Less critical
http://www.secunia.com/advisories/9712/
============
2003-09-11
============
Microsoft Internet Explorer Multiple Vulnerabilities
SA9711 - Highly critical
http://www.secunia.com/advisories/9711/
--
Debian update for sane-backends
SA9710 - Less critical
http://www.secunia.com/advisories/9710/
--
MySQL Set Password Privilege Escalation Vulnerability
SA9709 - Not critical
http://www.secunia.com/advisories/9709/
===========================================================================
Secunia recommends that you verify all advisories you receive, by clicking
the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.
Contact details:
Web : http://www.secunia.com/
E-mail : supportat_private
Tel : +44 (0) 20 7016 2693
Fax : +44 (0) 20 7637 0419
===========================================================================
-
ISN is currently hosted by Attrition.org
To unsubscribe email majordomoat_private with 'unsubscribe isn'
in the BODY of the mail.
This archive was generated by hypermail 2b30 : Fri Sep 19 2003 - 01:39:27 PDT