=========================================================================== The Secunia Weekly Advisory Summary 2003-10-30 - 2003-11-06 This week : 45 advisories =========================================================================== Receive Filtered Vulnerability Information - Receive all relevant vulnerability information - Unlimited number of filters - Text message alerts on critical advisories requesting your immediate attention - Always access to your configuration via our easy-to-use web interface - Hotline to Secunia Experts for questions regarding vulnerabilities - Access to vulnerability scan of 5 random IP addresses a week Try our Vulnerability Tracking Service: http://www.secunia.com/free_trial/ Secunia - Stay Secure =========================================================================== ============ 2003-11-06 ============ EnGarde update for Apache SA10154 - Less critical http://www.secunia.com/advisories/10154/ -- Conectiva update for Apache SA10153 - Less critical http://www.secunia.com/advisories/10153/ -- Conectiva update for Bugzilla SA10152 - Moderately critical http://www.secunia.com/advisories/10152/ ============ 2003-11-05 ============ Bugzilla Multiple Vulnerabilities SA10149 - Moderately critical http://www.secunia.com/advisories/10149/ -- MAILsweeper Malformed Zip Archieve Virus Detection Bypass SA10148 - Moderately critical http://www.secunia.com/advisories/10148/ -- OpenBSD Malformed Binary Execution Denial of Service Vulnerability SA10147 - Not critical http://www.secunia.com/advisories/10147/ -- SHOUTcast Server "icy-name" and "icy-url" Buffer Overflow Vulnerability SA10146 - Moderately critical http://www.secunia.com/advisories/10146/ -- OpenLinux update for ucd-snmp SA10145 - Less critical http://www.secunia.com/advisories/10145/ -- NIPrint Buffer Overflow Vulnerability SA10143 - Moderately critical http://www.secunia.com/advisories/10143/ -- Hitachi S/MIME Implementation Denial of Service Vulnerability SA10142 - Less critical http://www.secunia.com/advisories/10142/ -- Sun Java Insecure Installation Process Vulnerability SA10141 - Less critical http://www.secunia.com/advisories/10141/ -- EnGarde update for OpenSSL SA10140 - Not critical http://www.secunia.com/advisories/10140/ -- Slackware update for Apache SA10139 - Less critical http://www.secunia.com/advisories/10139/ -- Tritanium Bulletin Board Unauthorised Access to Threads SA10135 - Less critical http://www.secunia.com/advisories/10135/ -- MLdonkey Admin Access and Cross Site Scripting Vulnerability SA10134 - Not critical http://www.secunia.com/advisories/10134/ ============ 2003-11-04 ============ OpenAutoClassifieds "listing" Parameter Cross-Site Scripting Vulnerability SA10138 - Less critical http://www.secunia.com/advisories/10138/ -- Web Wiz Forums Unauthorised Message Access Vulnerability SA10137 - Less critical http://www.secunia.com/advisories/10137/ -- LiteServe Log Entry Buffer Overflow Vulnerability SA10136 - Moderately critical http://www.secunia.com/advisories/10136/ -- OpenSSL ASN.1 Parsing Denial of Service Vulnerability SA10133 - Moderately critical http://www.secunia.com/advisories/10133/ -- FlexWATCH Network Video Server User Authentication Bypass Vulnerability SA10132 - Moderately critical http://www.secunia.com/advisories/10132/ -- Plug and Play Web Server Proxy Service Denial of Service Vulnerability SA10131 - Moderately critical http://www.secunia.com/advisories/10131/ -- Oracle9i Application Server Portal Component SQL Injection Vulnerability SA10130 - Moderately critical http://www.secunia.com/advisories/10130/ -- Mandrake update for Apache SA10129 - Less critical http://www.secunia.com/advisories/10129/ -- Mandrake update for postgresql SA10128 - Less critical http://www.secunia.com/advisories/10128/ ============ 2003-11-03 ============ Citrix MetaFrame XP Error Page Cross-Site Scripting Vulnerability SA10127 - Less critical http://www.secunia.com/advisories/10127/ -- Red Hat update for fileutils/coreutils SA10126 - Less critical http://www.secunia.com/advisories/10126/ -- Red Hat update for CUPS SA10124 - Less critical http://www.secunia.com/advisories/10124/ -- CUPS Unspecified Denial of Service Vulnerability SA10123 - Less critical http://www.secunia.com/advisories/10123/ -- MPM Guestbook "lng" Parameter Cross-Site Scripting Vulnerability SA10122 - Less critical http://www.secunia.com/advisories/10122/ -- Immunix update for fileutils SA10121 - Less critical http://www.secunia.com/advisories/10121/ -- ThWboard Multiple SQL Injection and Cross-Site Scripting Vulnerabilities SA10120 - Moderately critical http://www.secunia.com/advisories/10120/ -- Ethereal Protocol Dissector Buffer Overflow Vulnerabilities SA10119 - Moderately critical http://www.secunia.com/advisories/10119/ -- SnapGear Release Candidate Fixes Multiple Vulnerabilities SA10117 - Highly critical http://www.secunia.com/advisories/10117/ -- e107 Page Denial of Service Vulnerability SA10115 - Less critical http://www.secunia.com/advisories/10115/ -- dbmail "From:" Address Arbitrary Command Insertion Vulnerability SA10111 - Moderately critical http://www.secunia.com/advisories/10111/ -- PHPRecipeBook Cross-Site Scripting Vulnerability SA10109 - Less critical http://www.secunia.com/advisories/10109/ -- IA WebMail Server GET Request Buffer Overflow Vulnerability SA10107 - Highly critical http://www.secunia.com/advisories/10107/ ============ 2003-10-31 ============ SuSE update for thttpd SA10116 - Highly critical http://www.secunia.com/advisories/10116/ -- Gentoo update for apache2 SA10114 - Less critical http://www.secunia.com/advisories/10114/ -- LedForums Cross-Site Scripting Vulnerabilities SA10113 - Less critical http://www.secunia.com/advisories/10113/ -- OpenBSD update for httpd SA10112 - Less critical http://www.secunia.com/advisories/10112/ ============ 2003-10-30 ============ Booby Error Message Cross-Site Scripting Vulnerability SA10110 - Less critical http://www.secunia.com/advisories/10110/ -- OpenPKG update for postgresql SA10108 - Less critical http://www.secunia.com/advisories/10108/ -- BEA Tuxedo and WebLogic Enterprise Administration Console Vulnerability SA10106 - Less critical http://www.secunia.com/advisories/10106/ -- KPopup Privilege Escalation Vulnerability SA10105 - Less critical http://www.secunia.com/advisories/10105/ =========================================================================== Secunia recommends that you verify all advisories you receive, by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Contact details: Web : http://www.secunia.com/ E-mail : support@private Tel : +44 (0) 20 7016 2693 Fax : +44 (0) 20 7637 0419 =========================================================================== - ISN is currently hosted by Attrition.org To unsubscribe email majordomo@private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Fri Nov 07 2003 - 02:37:19 PST