[ISN] Secunia Weekly Summary

From: InfoSec News (isn@private)
Date: Thu Nov 06 2003 - 22:55:45 PST

  • Next message: InfoSec News: "[ISN] Attempted attack on Linux kernel foiled" 

    ===========================================================================

                    The Secunia Weekly Advisory Summary
                          2003-10-30 - 2003-11-06

                         This week : 45 advisories

===========================================================================

Receive Filtered Vulnerability Information

- Receive all relevant vulnerability information
- Unlimited number of filters
- Text message alerts on critical advisories requesting your
  immediate attention
- Always access to your configuration via our easy-to-use web
  interface
- Hotline to Secunia Experts for questions regarding vulnerabilities
- Access to vulnerability scan of 5 random IP addresses a week

Try our Vulnerability Tracking Service:
http://www.secunia.com/free_trial/


Secunia - Stay Secure

===========================================================================

============
 2003-11-06
============

EnGarde update for Apache
SA10154 - Less critical
http://www.secunia.com/advisories/10154/

 -- 

Conectiva update for Apache
SA10153 - Less critical
http://www.secunia.com/advisories/10153/

 -- 

Conectiva update for Bugzilla
SA10152 - Moderately critical
http://www.secunia.com/advisories/10152/


============
 2003-11-05
============

Bugzilla Multiple Vulnerabilities
SA10149 - Moderately critical
http://www.secunia.com/advisories/10149/

 -- 

MAILsweeper Malformed Zip Archieve Virus Detection Bypass
SA10148 - Moderately critical
http://www.secunia.com/advisories/10148/

 -- 

OpenBSD Malformed Binary Execution Denial of Service Vulnerability
SA10147 - Not critical
http://www.secunia.com/advisories/10147/

 -- 

SHOUTcast Server "icy-name" and "icy-url" Buffer Overflow Vulnerability
SA10146 - Moderately critical
http://www.secunia.com/advisories/10146/

 -- 

OpenLinux update for ucd-snmp
SA10145 - Less critical
http://www.secunia.com/advisories/10145/

 -- 

NIPrint Buffer Overflow Vulnerability
SA10143 - Moderately critical
http://www.secunia.com/advisories/10143/

 -- 

Hitachi S/MIME Implementation Denial of Service Vulnerability
SA10142 - Less critical
http://www.secunia.com/advisories/10142/

 -- 

Sun Java Insecure Installation Process Vulnerability
SA10141 - Less critical
http://www.secunia.com/advisories/10141/

 -- 

EnGarde update for OpenSSL
SA10140 - Not critical
http://www.secunia.com/advisories/10140/

 -- 

Slackware update for Apache
SA10139 - Less critical
http://www.secunia.com/advisories/10139/

 -- 

Tritanium Bulletin Board Unauthorised Access to Threads
SA10135 - Less critical
http://www.secunia.com/advisories/10135/

 -- 

MLdonkey Admin Access and Cross Site Scripting Vulnerability
SA10134 - Not critical
http://www.secunia.com/advisories/10134/


============
 2003-11-04
============

OpenAutoClassifieds "listing" Parameter Cross-Site Scripting Vulnerability
SA10138 - Less critical
http://www.secunia.com/advisories/10138/

 -- 

Web Wiz Forums Unauthorised Message Access Vulnerability
SA10137 - Less critical
http://www.secunia.com/advisories/10137/

 -- 

LiteServe Log Entry Buffer Overflow Vulnerability
SA10136 - Moderately critical
http://www.secunia.com/advisories/10136/

 -- 

OpenSSL ASN.1 Parsing Denial of Service Vulnerability
SA10133 - Moderately critical
http://www.secunia.com/advisories/10133/

 -- 

FlexWATCH Network Video Server User Authentication Bypass Vulnerability
SA10132 - Moderately critical
http://www.secunia.com/advisories/10132/

 -- 

Plug and Play Web Server Proxy Service Denial of Service Vulnerability
SA10131 - Moderately critical
http://www.secunia.com/advisories/10131/

 -- 

Oracle9i Application Server Portal Component SQL Injection Vulnerability
SA10130 - Moderately critical
http://www.secunia.com/advisories/10130/

 -- 

Mandrake update for Apache
SA10129 - Less critical
http://www.secunia.com/advisories/10129/

 -- 

Mandrake update for postgresql
SA10128 - Less critical
http://www.secunia.com/advisories/10128/


============
 2003-11-03
============

Citrix MetaFrame XP Error Page Cross-Site Scripting Vulnerability
SA10127 - Less critical
http://www.secunia.com/advisories/10127/

 -- 

Red Hat update for fileutils/coreutils
SA10126 - Less critical
http://www.secunia.com/advisories/10126/

 -- 

Red Hat update for CUPS
SA10124 - Less critical
http://www.secunia.com/advisories/10124/

 -- 

CUPS Unspecified Denial of Service Vulnerability
SA10123 - Less critical
http://www.secunia.com/advisories/10123/

 -- 

MPM Guestbook "lng" Parameter Cross-Site Scripting Vulnerability
SA10122 - Less critical
http://www.secunia.com/advisories/10122/

 -- 

Immunix update for fileutils
SA10121 - Less critical
http://www.secunia.com/advisories/10121/

 -- 

ThWboard Multiple SQL Injection and Cross-Site Scripting Vulnerabilities
SA10120 - Moderately critical
http://www.secunia.com/advisories/10120/

 -- 

Ethereal Protocol Dissector Buffer Overflow Vulnerabilities
SA10119 - Moderately critical
http://www.secunia.com/advisories/10119/

 -- 

SnapGear Release Candidate Fixes Multiple Vulnerabilities
SA10117 - Highly critical
http://www.secunia.com/advisories/10117/

 -- 

e107 Page Denial of Service Vulnerability
SA10115 - Less critical
http://www.secunia.com/advisories/10115/

 -- 

dbmail "From:" Address Arbitrary Command Insertion Vulnerability
SA10111 - Moderately critical
http://www.secunia.com/advisories/10111/

 -- 

PHPRecipeBook Cross-Site Scripting Vulnerability
SA10109 - Less critical
http://www.secunia.com/advisories/10109/

 -- 

IA WebMail Server GET Request Buffer Overflow Vulnerability
SA10107 - Highly critical
http://www.secunia.com/advisories/10107/


============
 2003-10-31
============

SuSE update for thttpd
SA10116 - Highly critical
http://www.secunia.com/advisories/10116/

 -- 

Gentoo update for apache2
SA10114 - Less critical
http://www.secunia.com/advisories/10114/

 -- 

LedForums Cross-Site Scripting Vulnerabilities
SA10113 - Less critical
http://www.secunia.com/advisories/10113/

 -- 

OpenBSD update for httpd
SA10112 - Less critical
http://www.secunia.com/advisories/10112/


============
 2003-10-30
============

Booby Error Message Cross-Site Scripting Vulnerability
SA10110 - Less critical
http://www.secunia.com/advisories/10110/

 -- 

OpenPKG update for postgresql
SA10108 - Less critical
http://www.secunia.com/advisories/10108/

 -- 

BEA Tuxedo and WebLogic Enterprise Administration Console Vulnerability
SA10106 - Less critical
http://www.secunia.com/advisories/10106/

 -- 

KPopup Privilege Escalation Vulnerability
SA10105 - Less critical
http://www.secunia.com/advisories/10105/


===========================================================================

Secunia recommends that you verify all advisories you receive, by clicking
the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Contact details:
Web	: http://www.secunia.com/
E-mail	: support@private
Tel	: +44 (0) 20 7016 2693
Fax	: +44 (0) 20 7637 0419

===========================================================================



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo@private with 'unsubscribe isn'
in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Fri Nov 07 2003 - 02:37:19 PST