[ISN] Secunia Weekly Summary - Issue: 2011-27

From: InfoSec News <alerts_at_private>
Date: Mon, 11 Jul 2011 03:41:33 -0700 (MST)
========================================================================

                   The Secunia Weekly Advisory Summary
                         2011-06-30 - 2011-07-07

                        This week: 38 advisories

========================================================================
Table of Contents:

1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4................................................Secunia Community News
5................................................Secunia Corporate News
6..................................................This Week in Numbers

========================================================================
1) Word From Secunia:

New Aberdeen Group Report ??? Risk Management
Secunia works closely with Aberdeen Group, therefore we have exclusive
access to its new report. ???Is Your Vulnerability Management Program
Leaving You at Risk? (Most Likely, Yes)??? shows that companies may
actually be ignoring 80-90% of their end-point security risk by not
investing in the most efficient and effective risk management approach.

Read more:
http://secunia.com/products/corporate/csi/aberdeengroup_request_2011/

========================================================================
2) This Week in Brief:

Some vulnerabilities have been reported in phpMyAdmin, which can be
exploited by malicious users to disclose sensitive information and by
malicious users and malicious people to compromise a vulnerable system.

http://secunia.com/advisories/45139/

  --

A security issue has been reported in vsftpd, which can be exploited by
malicious people to compromise a vulnerable system.

http://secunia.com/advisories/45133/

  --

SUSE has issued an update for MozillaFirefox, MozillaThunderbird, and
mozilla-xulrunner. This fixes multiple vulnerabilities, which can be
exploited by malicious people to bypass certain security restrictions
and compromise a user's system.

http://secunia.com/advisories/45114/

========================================================================
3) This Weeks Top Ten Most Read Advisories:

For more information on how to receive alerts on these vulnerabilities,
subscribe to the Secunia business solutions:
http://secunia.com/advisories/business_solutions/

1.  [SA45139] phpMyAdmin Multiple Vulnerabilities
2.  [SA44964] Adobe Flash Player Unspecified Memory Corruption
               Vulnerability
3.  [SA44784] Sun Java JDK / JRE / SDK Multiple Vulnerabilities
4.  [SA45054] Apple Mac OS X Multiple Vulnerabilities
5.  [SA45082] ISC BIND UPDATE Request Processing Denial of Service
               Vulnerability
6.  [SA45098] IBM Tivoli Storage Manager Client Two Privilege
               Escalation Vulnerabilities
7.  [SA45099] WordPress Unauthorized Access and SQL Injection
               Vulnerabilities
8.  [SA45090] Drupal Secure Password Hashes (phpass) Module Brute
               Force and Security Bypass Weaknesses
9.  [SA45129] HP Intelligent Management Center Products Packet
               Handling Buffer Overflow Vulnerability
10. [SA45053] AeroMail Cross-Site Scripting and Request Forgery
               Vulnerabilities

========================================================================
4) Secunia Community News

CIO: ???Better Security Needs ???More Informed Patching??????
The article draws on findings from Secunia???s latest white paper and
features commentary from Secunia???s Research Analyst Director. CIO
concludes that patching is an effective defence strategy combined with
other defence technologies.

Read more:
http://secunia.com/company/blog_news/articles/233/

========================================================================
5) Secunia Corporate News

Pre-emptive action against vulnerabilities ??? a priority for effective
security strategies
The Secunia Vulnerability Intelligence Manager (VIM) enables you to
simplify and strategize your handling of emerging threats.

Read more and request a free trial:
http://secunia.com/products/corporate/vim/

========================================================================
6) This Week in Numbers

During the past week 38 Secunia Advisories have been released. All
Secunia customers have received immediate notification on the alerts
that affect their business.

This weeks Secunia Advisories had the following spread across platforms
and criticality ratings:

Platforms:
   Windows             :      8 Secunia Advisories
   Unix/Linux          :     19 Secunia Advisories
   Other               :      2 Secunia Advisories
   Cross platform      :      9 Secunia Advisories

Criticality Ratings:
   Extremely Critical  :      0 Secunia Advisories
   Highly Critical     :      6 Secunia Advisories
   Moderately Critical :     13 Secunia Advisories
   Less Critical       :     16 Secunia Advisories
   Not Critical        :      3 Secunia Advisories

========================================================================

Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.

Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/

Subscribe:
http://secunia.com/advisories/weekly_summary/

Contact details:
Web	: http://secunia.com/
E-mail	: support_at_private
Tel	: +45 70 20 51 44
Fax	: +45 70 20 51 45



___________________________________________________________
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery
Network, Cisco Switches, SAS 70 Type II Datacenter.
Find peace of mind, Defend your Critical Infrastructure.
http://www.tegataiphoenix.com/
Received on Mon Jul 11 2011 - 03:41:33 PDT

This archive was generated by hypermail 2.2.0 : Mon Jul 11 2011 - 03:44:56 PDT