Information Security News mailing list archives
Secunia Weekly Summary
From: InfoSec News <isn () c4i org>
Date: Fri, 16 May 2003 02:26:37 -0500 (CDT)
===========================================================================
The Secunia Weekly Advisory Summary
2003-05-08 - 2003-05-15
This week : 43 advisories
===========================================================================
An effective security solution starts with a position of expertise.
The following 43 advisories are written by Secunia.
Customers instantly receive relevant advisories to their unique system by
E-mail and textmessage, enabling them to react efficiently.
Security Experts at Secunia constantly search for new vulnerabilities and
threats.
Vast amounts of advisories, vulnerabilities and security news is gathered
and assessed daily.
- Stay Secure
===========================================================================
============
2003-05-15
============
Linux Kernel route cache flooding Denial of Service
Moderately critical
http://www.secunia.com/advisories/8786/
--
Conectiva update for evolution
Moderately critical
http://www.secunia.com/advisories/8785/
--
SGI IRIX update for OpenSSL
Less critical
http://www.secunia.com/advisories/8784/
--
Mandrake update for xinetd
Less critical
http://www.secunia.com/advisories/8783/
============
2003-05-14
============
3Com OfficeConnect 812 ADSL Router DHCP Information Disclosure
Less critical
http://www.secunia.com/advisories/8782/
--
UnZip Directory Traversal Vulnerability
Less critical
http://www.secunia.com/advisories/8781/
--
OpenLinux update for mgetty
Highly critical
http://www.secunia.com/advisories/8780/
--
Red Hat update for xinetd
Less critical
http://www.secunia.com/advisories/8779/
--
BEA WebLogic Certificate Chain Validation Vulnerability
Moderately critical
http://www.secunia.com/advisories/8778/
--
BEA WebLogic Password Disclosure Vulnerability
Not critical
http://www.secunia.com/advisories/8777/
============
2003-05-13
============
Neoteris Instant Virtual Extranet Cross Site Scripting
Less critical
http://www.secunia.com/advisories/8776/
--
XMMS Remote Server Command Execution Vulnerability
Highly critical
http://www.secunia.com/advisories/8775/
--
Happymall Directory Traversal and Cross Site Scripting Vulnerability
Moderately critical
http://www.secunia.com/advisories/8774/
--
Apple AirPort Base Station Weak Password Encryption
Less critical
http://www.secunia.com/advisories/8773/
--
Snitz Forums SQL Injection Vulnerability
Highly critical
http://www.secunia.com/advisories/8772/
--
Verilink NetEngine Denial of Service
Not critical
http://www.secunia.com/advisories/8771/
--
Sun Cobalt update for Apache and SSL
Moderately critical
http://www.secunia.com/advisories/8770/
--
Sun Cobalt update for Vim
Moderately critical
http://www.secunia.com/advisories/8769/
--
PowerLinkT Directory Traversal
Less critical
http://www.secunia.com/advisories/8768/
--
Red Hat update for KDE
Moderately critical
http://www.secunia.com/advisories/8767/
--
Phorum Multiple Vulnerabilities
Moderately critical
http://www.secunia.com/advisories/8766/
============
2003-05-12
============
OpenLinux update for kernel
Less critical
http://www.secunia.com/advisories/8765/
--
ttCMS and ttForum Multiple Vulnerabilities
Highly critical
http://www.secunia.com/advisories/8764/
--
EServ Memory Leak Vulnerability
Moderately critical
http://www.secunia.com/advisories/8763/
--
YaBB Execution of Arbitrary Code
Not critical
http://www.secunia.com/advisories/8762/
--
CMailServer "MAIL FROM:" and "RCPT TO:" Buffer Overflows
Highly critical
http://www.secunia.com/advisories/8761/
--
Netbus Authentication Bypass
Less critical
http://www.secunia.com/advisories/8760/
--
LTris and SlashEM Privilege Escalation
Less critical
http://www.secunia.com/advisories/8759/
--
Firebird Environment Variable Buffer Overflow Vulnerabilities
Less critical
http://www.secunia.com/advisories/8758/
--
ListProc Privilege Escalation
Less critical
http://www.secunia.com/advisories/8757/
============
2003-05-09
============
Apple Safari and Konqueror Embedded Common Name Verification Vulnerability
Moderately critical
http://www.secunia.com/advisories/8756/
--
RT Cross Site Scripting Vulnerability
Moderately critical
http://www.secunia.com/advisories/8755/
--
HP-UX wall Privilege Escalation Vulnerability
Less critical
http://www.secunia.com/advisories/8754/
--
MySQL weak password encryption
Not critical
http://www.secunia.com/advisories/8753/
--
Kopete execution of arbitrary commands
Moderately critical
http://www.secunia.com/advisories/8752/
--
Ethereal Multiple Dissector Vulnerabilities
Moderately critical
http://www.secunia.com/advisories/8751/
--
aldweb miniPortail admin access
Moderately critical
http://www.secunia.com/advisories/8750/
--
Conectiva update for slocate
Not critical
http://www.secunia.com/advisories/8749/
============
2003-05-08
============
SLwebmail3 Multiple Vulnerabilities
Highly critical
http://www.secunia.com/advisories/8748/
--
SLmail Multiple Buffer Overflow Vulnerabilities
Highly critical
http://www.secunia.com/advisories/8747/
--
Cisco VPN 3000 Concentrator Multiple Vulnerabilities
Moderately critical
http://www.secunia.com/advisories/8746/
--
Debian update for libgtop
Moderately critical
http://www.secunia.com/advisories/8745/
--
Debian fuzz Privilege Escalation Vulnerability
Less critical
http://www.secunia.com/advisories/8744/
===========================================================================
Secunia recommends that you verify all advisories you receive, by clicking
the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.
Contact details:
Web : http://www.secunia.com/
E-mail : support () secunia com
Tel : +44 (0) 20 7016 2693
Fax : +44 (0) 20 7637 0419
===========================================================================
-
ISN is currently hosted by Attrition.org
To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.
Current thread:
- Secunia Weekly Summary InfoSec News (May 01)
- <Possible follow-ups>
- Secunia Weekly Summary InfoSec News (May 16)
- Secunia Weekly Summary InfoSec News (May 22)
- Secunia Weekly Summary InfoSec News (May 29)