Information Security News mailing list archives
Secunia Weekly Summary
From: InfoSec News <isn () c4i org>
Date: Fri, 5 Sep 2003 02:04:47 -0500 (CDT)
===========================================================================
The Secunia Weekly Advisory Summary
2003-08-28 - 2003-09-04
This week : 38 advisories
===========================================================================
Test to see if your browser is vulnerable to the latest Microsoft Internet
Explorer vulnerability.
The vulnerability which is called the "Object Data Vulnerability" allows
malicious websites, emails or newsgroup messages to silently download and
execute any file on your system.
The 20th August Secunia advised all vulnerable users of Microsoft Internet
Explorer to patch up.
Test and see if you are vulnerable:
http://www.secunia.com/MS03-032/
===========================================================================
============
2003-09-03
============
Microsoft Access Snapshot Viewer Buffer Overflow
SA9668 - Highly critical
http://www.secunia.com/advisories/9668/
--
WordPerfect Converter Buffer Overflow
SA9667 - Moderately critical
http://www.secunia.com/advisories/9667/
--
Microsoft Visual Basic for Applications Buffer Overflow
SA9666 - Moderately critical
http://www.secunia.com/advisories/9666/
--
Microsoft Windows NetBIOS Random Memory Content Disclosure
SA9665 - Less critical
http://www.secunia.com/advisories/9665/
--
Microsoft Word/Works Automated Macro Execution Vulnerability
SA9664 - Moderately critical
http://www.secunia.com/advisories/9664/
--
Mandrake update for pam_ldap
SA9662 - Moderately critical
http://www.secunia.com/advisories/9662/
--
Exim HELO/EHLO Heap Overflow Vulnerability
SA9661 - Moderately critical
http://www.secunia.com/advisories/9661/
--
FTGatePro Mail Server Information Disclosure Vulnerabilities
SA9659 - Less critical
http://www.secunia.com/advisories/9659/
--
pam_ldap pam_filter Access Control Bypass Vulnerability
SA9658 - Moderately critical
http://www.secunia.com/advisories/9658/
============
2003-09-02
============
Gentoo update for atari800
SA9657 - Not critical
http://www.secunia.com/advisories/9657/
--
Gentoo update for gallery
SA9656 - Less critical
http://www.secunia.com/advisories/9656/
--
Gentoo update for eroaster
SA9655 - Less critical
http://www.secunia.com/advisories/9655/
--
Gentoo update for mindi
SA9654 - Less critical
http://www.secunia.com/advisories/9654/
--
Gentoo update for phpwebsite
SA9653 - Moderately critical
http://www.secunia.com/advisories/9653/
--
Wrapsody Viewer "Copy & Paste" Rule Bypass Vulnerability
SA9652 - Less critical
http://www.secunia.com/advisories/9652/
--
XFree86 Multiple Integer Overflow Vulnerabilities
SA9651 - Less critical
http://www.secunia.com/advisories/9651/
--
Gentoo update for horde
SA9649 - Less critical
http://www.secunia.com/advisories/9649/
--
Sun Linux update for KDE
SA9648 - Less critical
http://www.secunia.com/advisories/9648/
--
Sun Linux update for gdm
SA9647 - Less critical
http://www.secunia.com/advisories/9647/
============
2003-09-01
============
e4ums NewsBoard Information Disclosure Vulnerabilities
SA9646 - Moderately critical
http://www.secunia.com/advisories/9646/
--
e4ums SiteSearch Database Content Disclosure Vulnerability
SA9645 - Moderately critical
http://www.secunia.com/advisories/9645/
--
Gentoo update for pam_smb
SA9644 - Moderately critical
http://www.secunia.com/advisories/9644/
--
TWMB Database Content Disclosure Vulnerability
SA9643 - Moderately critical
http://www.secunia.com/advisories/9643/
--
Web Wiz Internet Search Engine Database Content Disclosure Vulnerability
SA9642 - Moderately critical
http://www.secunia.com/advisories/9642/
--
Web Wiz Journal Database Content Disclosure Vulnerability
SA9641 - Moderately critical
http://www.secunia.com/advisories/9641/
--
Web Wiz Mailing Database Content Disclosure Vulnerability
SA9640 - Moderately critical
http://www.secunia.com/advisories/9640/
--
Web Wiz Guestbook Database Content Disclosure Vulnerability
SA9639 - Moderately critical
http://www.secunia.com/advisories/9639/
--
Web Wiz Polls Database Content Disclosure Vulnerability
SA9638 - Moderately critical
http://www.secunia.com/advisories/9638/
--
SAP Internet Transaction Server Multiple Vulnerabilities
SA9637 - Moderately critical
http://www.secunia.com/advisories/9637/
--
TSguestbook Message Field Cross-Site Scripting Vulnerability
SA9636 - Less critical
http://www.secunia.com/advisories/9636/
--
Java Secure Socket Extention CBC Timing Attack Vulnerability
SA9635 - Less critical
http://www.secunia.com/advisories/9635/
--
Conectiva update for sendmail
SA9634 - Moderately critical
http://www.secunia.com/advisories/9634/
============
2003-08-29
============
Debian update for node
SA9633 - Highly critical
http://www.secunia.com/advisories/9633/
--
LinuxNode Format String and Buffer Overflow Vulnerabilities
SA9632 - Highly critical
http://www.secunia.com/advisories/9632/
--
OpenPKG update for sendmail
SA9631 - Moderately critical
http://www.secunia.com/advisories/9631/
--
Mandrake update for GKrellM
SA9630 - Moderately critical
http://www.secunia.com/advisories/9630/
============
2003-08-28
============
GtkFtpd LIST Command Buffer Overflow Vulnerability
SA9629 - Highly critical
http://www.secunia.com/advisories/9629/
--
HP-UX Shells Insecure Temporary File Creation Vulnerability
SA9628 - Less critical
http://www.secunia.com/advisories/9628/
===========================================================================
Secunia recommends that you verify all advisories you receive, by clicking
the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.
Contact details:
Web : http://www.secunia.com/
E-mail : support () secunia com
Tel : +44 (0) 20 7016 2693
Fax : +44 (0) 20 7637 0419
===========================================================================
-
ISN is currently hosted by Attrition.org
To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.
Current thread:
- Secunia Weekly Summary InfoSec News (Sep 05)
- <Possible follow-ups>
- Secunia Weekly Summary InfoSec News (Sep 12)
- Secunia Weekly Summary InfoSec News (Sep 18)
- Secunia Weekly Summary InfoSec News (Sep 26)