===========================================================================
The Secunia Weekly Advisory Summary
2003-10-09 - 2003-10-16
This week : 36 advisories
===========================================================================
7 New Microsoft Security Bulletins
Microsoft has released no less than 7 security bulletins for their
products.
Make sure that your system gets the appropriate patches installed! Read
more about the vulnerabilities and patches in the following Secunia
Advisories:
SA10010
http://secunia.com/SA10010/
SA10011
http://secunia.com/SA10011/
SA10012
http://secunia.com/SA10012/
SA10013
http://secunia.com/SA10013/
SA10014
http://secunia.com/SA10014/
SA10015
http://secunia.com/SA10015/
SA10016
http://secunia.com/SA10016/
Secunia - Stay Secure
===========================================================================
============
2003-10-16
============
IRCnet IRCD Buffer Overflow Vulnerability
SA9999 - Not critical
http://www.secunia.com/advisories/9999/
============
2003-10-15
============
Microsoft Exchange Cross-Site Scripting Vulnerability in Outlook Web
Access
SA10016 - Less critical
http://www.secunia.com/advisories/10016/
--
Microsoft Exchange SMTP Extended Request Buffer Overflow
SA10015 - Highly critical
http://www.secunia.com/advisories/10015/
--
Microsoft Windows Buffer Overflow in ListBox and ComboBox Control
SA10014 - Less critical
http://www.secunia.com/advisories/10014/
--
Microsoft Windows HCP protocol Buffer Overflow
SA10013 - Highly critical
http://www.secunia.com/advisories/10013/
--
Microsoft Windows Buffer Overflow in Messenger Service
SA10012 - Highly critical
http://www.secunia.com/advisories/10012/
--
Microsoft Windows 2000 Buffer Overflow in Windows Troubleshooter ActiveX
Control
SA10011 - Highly critical
http://www.secunia.com/advisories/10011/
--
Microsoft Windows May Allow Installation of Arbitrary ActiveX Controls
SA10010 - Highly critical
http://www.secunia.com/advisories/10010/
--
Debian update for tomcat4
SA10009 - Moderately critical
http://www.secunia.com/advisories/10009/
--
Red Hat Stronghold mod_ssl update
SA10008 - Less critical
http://www.secunia.com/advisories/10008/
--
Sun Solaris namefs Mounted Pipe and STREAMS Routines Denial of Service
SA10007 - Not critical
http://www.secunia.com/advisories/10007/
--
Sun Solaris sysinfo Kernel Memory Disclosure Vulnerability
SA10006 - Less critical
http://www.secunia.com/advisories/10006/
--
HP-UX BINDv920 OpenSSL Vulnerabilities
SA10005 - Highly critical
http://www.secunia.com/advisories/10005/
--
WinSyslog Long Syslog Message Denial of Service
SA10004 - Less critical
http://www.secunia.com/advisories/10004/
--
Zoom Search Engine Cross Site Scripting Vulnerability
SA10002 - Less critical
http://www.secunia.com/advisories/10002/
--
dbmail IMAP Service SQL Injection Vulnerability
SA10001 - Moderately critical
http://www.secunia.com/advisories/10001/
============
2003-10-14
============
mIRC IRC URI Handler Buffer Overflow Vulnerability
SA9996 - Moderately critical
http://www.secunia.com/advisories/9996/
--
Novell update for OpenSSH
SA9995 - Highly critical
http://www.secunia.com/advisories/9995/
============
2003-10-13
============
mIRC Unspecified DCC Request Vulnerability
SA10000 - Less critical
http://www.secunia.com/advisories/10000/
--
Gallery Arbitrary File Inclusion Vulnerability
SA9998 - Moderately critical
http://www.secunia.com/advisories/9998/
--
TRACKtheCLICK Cross Site Scripting Vulnerability
SA9997 - Less critical
http://www.secunia.com/advisories/9997/
--
PHP-Nuke SQL Injection Vulnerability
SA9994 - Moderately critical
http://www.secunia.com/advisories/9994/
--
HP Tru64 Unix dtmailpr Unspecified Vulnerability
SA9990 - Moderately critical
http://www.secunia.com/advisories/9990/
============
2003-10-11
============
Debian update for OpenSSL095
SA9993 - Moderately critical
http://www.secunia.com/advisories/9993/
--
PeopleTools Information Disclosure and Denial of Service
SA9992 - Less critical
http://www.secunia.com/advisories/9992/
--
Windows Message Queuing Service Heap Overflow Vulnerability
SA9991 - Moderately critical
http://www.secunia.com/advisories/9991/
============
2003-10-10
============
Windows Server 2003 "Shell Folders" Directory Traversal
SA9989 - Not critical
http://www.secunia.com/advisories/9989/
--
NetBSD update for XFree86
SA9988 - Less critical
http://www.secunia.com/advisories/9988/
--
NetBSD update for Sendmail
SA9987 - Highly critical
http://www.secunia.com/advisories/9987/
--
NetBSD update for OpenSSL
SA9986 - Highly critical
http://www.secunia.com/advisories/9986/
--
CyberDOCS Multiple Vulnerabilities
SA9985 - Moderately critical
http://www.secunia.com/advisories/9985/
--
Mandrake update for SANE
SA9984 - Less critical
http://www.secunia.com/advisories/9984/
============
2003-10-09
============
PayPal Cart Arbitrary File Inclusion Vulnerability
SA9983 - Highly critical
http://www.secunia.com/advisories/9983/
--
EnGarde update for OpenSSL
SA9982 - Moderately critical
http://www.secunia.com/advisories/9982/
--
Red Hat update for MySQL
SA9981 - Not critical
http://www.secunia.com/advisories/9981/
--
OpenOffice UNO Denial of Service Vulnerability
SA9980 - Not critical
http://www.secunia.com/advisories/9980/
===========================================================================
Secunia recommends that you verify all advisories you receive, by clicking
the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.
Contact details:
Web : http://www.secunia.com/
E-mail : support@private
Tel : +44 (0) 20 7016 2693
Fax : +44 (0) 20 7637 0419
===========================================================================
-
ISN is currently hosted by Attrition.org
To unsubscribe email majordomo@private with 'unsubscribe isn'
in the BODY of the mail.
-
ISN is currently hosted by Attrition.org
To unsubscribe email majordomo@private with 'unsubscribe isn'
in the BODY of the mail.
This archive was generated by hypermail 2b30 : Fri Oct 17 2003 - 11:09:28 PDT