Information Security News mailing list archives
Secunia Weekly Summary
From: InfoSec News <isn () c4i org>
Date: Fri, 12 Sep 2003 02:11:28 -0500 (CDT)
===========================================================================
The Secunia Weekly Advisory Summary
2003-09-04 - 2003-09-11
This week : 38 advisories
===========================================================================
Are you protected against the next attack wave ?
The Object Data vulnerability (SA9580 / MS03-032) is still wide open, at
current there is NO working patch.
Protect your network:
http://www.secunia.com/advisories/9580/
Yesterday Microsoft released a patch against new RPC vulnerabilities
(SA9692 / MS03-039), possibly allowing a new Blaster worm to cause havoc.
Patch up now:
http://www.secunia.com/advisories/9692/
Secunia - Stay Secure
===========================================================================
============
2003-09-11
============
SuSE update for Pine
SA9708 - Highly critical
http://www.secunia.com/advisories/9708/
--
Red Hat update for Pine
SA9707 - Highly critical
http://www.secunia.com/advisories/9707/
--
Slackware update for Pine
SA9706 - Highly critical
http://www.secunia.com/advisories/9706/
--
Pine Message Parsing Buffer Overflow Vulnerabilities
SA9705 - Highly critical
http://www.secunia.com/advisories/9705/
============
2003-09-10
============
RealOne Player Privilege Escalation Vulnerability
SA9704 - Less critical
http://www.secunia.com/advisories/9704/
--
phpBB URL BBCode Tag Cross-Site Scripting Vulnerability
SA9703 - Less critical
http://www.secunia.com/advisories/9703/
--
Escapade Error Page Cross-Site Scripting and Path Disclosure
SA9702 - Less critical
http://www.secunia.com/advisories/9702/
--
WebX Directory Traversal Vulnerability
SA9701 - Moderately critical
http://www.secunia.com/advisories/9701/
--
Roger Wilco Client Data Buffer Overflow Vulnerability
SA9693 - Highly critical
http://www.secunia.com/advisories/9693/
--
Microsoft Windows RPCSS Service DCOM Interface Vulnerabilities
SA9692 - Highly critical
http://www.secunia.com/advisories/9692/
============
2003-09-09
============
Apache::Gallery Privilege Escalation Vulnerability
SA9700 - Less critical
http://www.secunia.com/advisories/9700/
--
Red Hat GtkHTML HTML Message Denial of Service Vulnerability
SA9699 - Less critical
http://www.secunia.com/advisories/9699/
--
Conectiva update for stunnel
SA9698 - Moderately critical
http://www.secunia.com/advisories/9698/
--
Net-SNMP Unauthenticated MIB Object Access Vulnerability
SA9697 - Moderately critical
http://www.secunia.com/advisories/9697/
--
SCO OpenServer update for BIND
SA9696 - Highly critical
http://www.secunia.com/advisories/9696/
--
OSSIM Multiple SQL Injection Vulnerabilities
SA9695 - Moderately critical
http://www.secunia.com/advisories/9695/
--
WinAMP MIDI File Buffer Overflow Vulnerability
SA9694 - Moderately critical
http://www.secunia.com/advisories/9694/
--
Stunnel Local Server Hijacking Vulnerability
SA9691 - Less critical
http://www.secunia.com/advisories/9691/
--
Conectiva update for exim
SA9690 - Moderately critical
http://www.secunia.com/advisories/9690/
--
Conectiva update for pam_smb
SA9689 - Moderately critical
http://www.secunia.com/advisories/9689/
--
Debian Mah-Jong Two Unspecified Vulnerabilities
SA9687 - Highly critical
http://www.secunia.com/advisories/9687/
--
KokeshCMS Unauthenticated Content Editing Vulnerability
SA9685 - Highly critical
http://www.secunia.com/advisories/9685/
============
2003-09-08
============
ICQ Web Front Cross Site Scripting
SA9688 - Less critical
http://www.secunia.com/advisories/9688/
--
FTP Desktop Banner Buffer Overflow Vulnerability
SA9686 - Moderately critical
http://www.secunia.com/advisories/9686/
--
cmdftp File Listing Heap Overflow Vulnerability
SA9684 - Moderately critical
http://www.secunia.com/advisories/9684/
--
RealSecure Server Sensor HTTPS Request Denial of Service
SA9683 - Moderately critical
http://www.secunia.com/advisories/9683/
--
HP Tru64 update for dtterm
SA9679 - Not critical
http://www.secunia.com/advisories/9679/
============
2003-09-05
============
Digital Scribe Cross-Site Scripting Vulnerabilities
SA9682 - Less critical
http://www.secunia.com/advisories/9682/
--
Python Publishing Accessories Cross-Site Scripting Vulnerability
SA9681 - Less critical
http://www.secunia.com/advisories/9681/
--
leafnode remote Denial of Service
SA9678 - Not critical
http://www.secunia.com/advisories/9678/
--
HP Internet Express update for Sendmail
SA9677 - Moderately critical
http://www.secunia.com/advisories/9677/
--
Debian update for WU-FTPD
SA9676 - Highly critical
http://www.secunia.com/advisories/9676/
--
Debian update for exim and exim-tls
SA9675 - Moderately critical
http://www.secunia.com/advisories/9675/
--
Asterisk SIP Request Buffer Overflow Vulnerability
SA9674 - Highly critical
http://www.secunia.com/advisories/9674/
============
2003-09-04
============
Go2Call Denial of Service Vulnerability
SA9673 - Not critical
http://www.secunia.com/advisories/9673/
--
WebCalendar Cross Site Scripting Vulnerability
SA9672 - Less critical
http://www.secunia.com/advisories/9672/
--
WS_FTP Server FTP Command Buffer Overflow Vulnerability
SA9671 - Highly critical
http://www.secunia.com/advisories/9671/
--
Red Hat update for httpd
SA9670 - Less critical
http://www.secunia.com/advisories/9670/
===========================================================================
Secunia recommends that you verify all advisories you receive, by clicking
the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.
Contact details:
Web : http://www.secunia.com/
E-mail : support () secunia com
Tel : +44 (0) 20 7016 2693
Fax : +44 (0) 20 7637 0419
===========================================================================
-
ISN is currently hosted by Attrition.org
To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.
Current thread:
- Secunia Weekly Summary InfoSec News (Sep 05)
- <Possible follow-ups>
- Secunia Weekly Summary InfoSec News (Sep 12)
- Secunia Weekly Summary InfoSec News (Sep 18)
- Secunia Weekly Summary InfoSec News (Sep 26)