Information Security News mailing list archives
Secunia Weekly Summary - Issue: 2004-7
From: InfoSec News <isn () c4i org>
Date: Thu, 12 Feb 2004 06:48:02 -0600 (CST)
========================================================================
The Secunia Weekly Advisory Summary
2004-02-05 - 2004-02-12
This week : 50 advisories
========================================================================
Table of Contents:
1.....................................................Word From Secunia
2....................................................This Week In Brief
3...............................This Weeks Top Ten Most Read Advisories
4.......................................Vulnerabilities Summary Listing
5.......................................Vulnerabilities Content Listing
========================================================================
1) Word From Secunia:
The Secunia staff is spending hours every day to assure you the best
and most reliable source for vulnerability information. Every single
vulnerability report is being validated and verified before a Secunia
advisory is written.
Secunia validates and verifies vulnerability reports in many different
ways e.g. by downloading the software and performing comprehensive
tests, by reviewing source code, or by validating the credibility of
the source from which the vulnerability report was issued.
As a result, Secunia's database is the most correct and complete source
for recent vulnerability information available on the Internet.
Secunia Online Vulnerability Database:
http://www.secunia.com/
========================================================================
2) This Week in Brief:
The Opera Browser is affected by a variant of the file download
spoofing vulnerability, which was reported in Internet Explorer some
time ago. The vulnerability allows a malicious website to spoof the
real file extension using CLSID's. Opera is reportedly working on a
fix, which will address this vulnerability.
Reference: [SA10760]
Microsoft has released a security patch, which applies to almost all
versions of windows. The vulnerability was discovered in the Microsoft
ASN.1 Library by security research firm eEye Digital Security.
Furthermore, Microsoft also released two security updates for WINS
Server and Virtual PC for Mac.
Reference: [SA10759], [SA10835] & [SA10836]
A vulnerability has been found in XFree86, allowing malicious, local
users to escalate their privileges. A patch is available from the
vendor.
Reference: [SA10824]
Yet again, this week offered a new vulnerability in Internet explorer,
which can be exploited by malicious websites to determine the existence
of local files on a user's computer.
Reference: [SA10820]
TIP:
Finding Secunia advisories is easily done through the Secunia web site.
Simply enter the SA ID in the URL:
http://secunia.com/SA10760
========================================================================
3) This Weeks Top Ten Most Read Advisories:
1. [SA10736] Internet Explorer File Download Extension Spoofing
2. [SA10395] Internet Explorer URL Spoofing Vulnerability
3. [SA10796] RealOne Player / RealPlayer Multiple Vulnerabilities
4. [SA10759] Microsoft Windows ASN.1 Library Integer Overflow
Vulnerabilities
5. [SA10794] Check Point FireWall-1 HTTP Parsing Format String
Vulnerabilities
6. [SA10820] Internet Explorer File Identification Variant
7. [SA10805] Oracle9i Database Multiple Buffer Overflow
Vulnerabilities
8. [SA10795] Check Point VPN-1 ISAKMP Buffer Overflow Vulnerability
9. [SA10835] Microsoft Windows WINS Server Buffer Overflow
Vulnerability
10. [SA10706] Serv-U FTP Server "SITE CHMOD" Command Buffer Overflow
Vulnerability
========================================================================
4) Vulnerabilities Summary Listing
Windows:
[SA10831] Caucho Resin Source Code Exposure Vulnerability
[SA10835] Microsoft Windows WINS Server Buffer Overflow Vulnerability
[SA10807] IBM Cloudscape Command Injection Vulnerability
[SA10825] JShop Server Cross Site Scripting Vulnerability
[SA10820] Internet Explorer File Identification Variant
UNIX/Linux:
[SA10853] Red Hat update for mutt
[SA10852] Fedora update for mutt
[SA10848] Gentoo update for gallery
[SA10847] Red Hat update for Mutt
[SA10846] Mutt Buffer Overflow Vulnerability
[SA10850] Monkey HTTP Daemon Denial of Service Vulnerability
[SA10838] Conectiva update for gaim
[SA10837] Conectiva update for vim
[SA10826] Clam AntiVirus UUencoded Message Denial of Service
Vulnerability
[SA10823] Fedora update for mc
[SA10821] Red Hat update for Gaim
[SA10810] Debian update for mpg123
[SA10808] OpenJournal Authentication Bypass Vulnerability
[SA10803] Debian update for gaim
[SA10849] Gentoo update for XFree86
[SA10841] Fedora update for kernel
[SA10822] Red Hat update for mailman
[SA10819] Gentoo update for PHP
[SA10813] Debian update for mailman
[SA10811] Apache-SSL Client Certificate Forging Vulnerability
[SA10845] Sun Solaris Apache "mod_alias" and "mod_rewrite"
Vulnerabilities
[SA10842] Samba Local Privilege Escalation Issue
[SA10836] Microsoft Virtual PC for Mac Insecure Temporary Files
Creation
[SA10833] eTrust InoculateIT for Linux Insecure Default Installation
[SA10824] XFree86 "font.alias" File Parsing Privilege Escalation
Vulnerability
[SA10816] Linux VServer Chroot Escape Vulnerability
[SA10812] Fedora update for NetPBM
[SA10806] BSD "shmat()" Privilege Escalation Vulnerability
[SA10851] OpenLinux update for slocate
Other:
[SA10834] EvolutionX FTP Server Denial of Service Vulnerabilities
[SA10828] httpd / palmhttpd Multiple Connection Denial of Service
Vulnerability
[SA10832] Red-Alert Denial of Service Vulnerability
[SA10809] VMware ESX Server Privilege Escalation Vulnerabilities
[SA10827] Nokia 6310i OBEX Message Denial of Service
[SA10817] ZyXEL ZyNOS Frame Padding Information Disclosure
Vulnerability
Cross Platform:
[SA10839] ezContents Arbitrary File Inclusion and Login Bypass
Vulnerabilities
[SA10815] Jacks FormMail.php Arbitrary File Upload Vulnerability
[SA10843] PHP-Nuke SQL Injection Vulnerabilities
[SA10840] MaxWebPortal Cross-Site Scripting and SQL Injection
Vulnerabilities
[SA10830] PHP-Nuke Cross-Site Scripting and SQL Injection
Vulnerabilities
[SA10844] BosDates SQL Injection Vulnerability
[SA10805] Oracle9i Database Multiple Buffer Overflow Vulnerabilities
[SA10818] PHP Configuration Leakage Vulnerability
[SA10814] Crossday Discuz! Board Cross Site Scripting Vulnerability
[SA10804] Mambo "Itemid" Parameter Cross-Site Scripting Vulnerability
========================================================================
5) Vulnerabilities Content Listing
Windows:--
[SA10831] Caucho Resin Source Code Exposure Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Exposure of sensitive information
Released: 2004-02-10
Wang Yun has reported a vulnerability in Resin, allowing malicious
people to view source code and directory listings.
Full Advisory:
http://www.secunia.com/advisories/10831/
--
[SA10835] Microsoft Windows WINS Server Buffer Overflow Vulnerability
Critical: Moderately critical
Where: From local network
Impact: DoS, System access
Released: 2004-02-10
Qualys has discovered a vulnerability in certain versions of Microsoft
Windows, which can be exploited by malicious people to cause a DoS
(Denial of Service) and potentially compromise a vulnerable system.
Full Advisory:
http://www.secunia.com/advisories/10835/
--
[SA10807] IBM Cloudscape Command Injection Vulnerability
Critical: Moderately critical
Where: From local network
Impact: Exposure of sensitive information, DoS, System access
Released: 2004-02-06
Marc Schoenefeld has reported a vulnerability in IBM Cloudscape, which
can be exploited by malicious people to disclose information, cause a
DoS (Denial of Service) or execute arbitrary executables present on an
affected system.
Full Advisory:
http://www.secunia.com/advisories/10807/
--
[SA10825] JShop Server Cross Site Scripting Vulnerability
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2004-02-10
David Sopas Ferreira has reported a vulnerability in JShop Server,
allowing malicious people to conduct Cross Site Scripting attacks.
Full Advisory:
http://www.secunia.com/advisories/10825/
--
[SA10820] Internet Explorer File Identification Variant
Critical: Not critical
Where: From remote
Impact: Exposure of system information
Released: 2004-02-09
Jelmer has discovered a vulnerability in Internet Explorer, allowing
malicious sites to detect the presence of local files.
Full Advisory:
http://www.secunia.com/advisories/10820/
UNIX/Linux:--
[SA10853] Red Hat update for mutt
Critical: Highly critical
Where: From remote
Impact: System access, DoS
Released: 2004-02-12
Red Hat has issued updated packages for mutt. These fix a vulnerability
which can be exploited to crash the mail client or potentially
compromise a vulnerable system.
Full Advisory:
http://www.secunia.com/advisories/10853/
--
[SA10852] Fedora update for mutt
Critical: Highly critical
Where: From remote
Impact: DoS, System access
Released: 2004-02-12
Red Hat has issued updated packages for mutt. These fix a vulnerability
which can be exploited to crash the mail client or potentially
compromise a vulnerable system.
Full Advisory:
http://www.secunia.com/advisories/10852/
--
[SA10848] Gentoo update for gallery
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-02-12
Gentoo has issued an update for Gallery. This fixes a vulnerability,
which can be exploited by malicious people to compromise a vulnerable
system.
Full Advisory:
http://www.secunia.com/advisories/10848/
--
[SA10847] Red Hat update for Mutt
Critical: Highly critical
Where: From remote
Impact: DoS, System access
Released: 2004-02-11
Red Hat has issued updated packages for Mutt. These fix a vulnerability
which can be exploited to crash the mail client or potentially
compromise a vulnerable system.
Full Advisory:
http://www.secunia.com/advisories/10847/
--
[SA10846] Mutt Buffer Overflow Vulnerability
Critical: Highly critical
Where: From remote
Impact: DoS, System access
Released: 2004-02-11
Niels Heinen has reported a vulnerability in Mutt, potentially allowing
malicious people to compromise a vulnerable system.
Full Advisory:
http://www.secunia.com/advisories/10846/
--
[SA10850] Monkey HTTP Daemon Denial of Service Vulnerability
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2004-02-12
Luigi Auriemma has discovered a vulnerability in Monkey HTTP Daemon,
which can be exploited by malicious people to cause a DoS (Denial of
Service).
Full Advisory:
http://www.secunia.com/advisories/10850/
--
[SA10838] Conectiva update for gaim
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2004-02-11
Conectiva has issued updated packages for gaim. These fix multiple
vulnerabilities, which potentially can be exploited by malicious people
to compromise a user's system.
Full Advisory:
http://www.secunia.com/advisories/10838/
--
[SA10837] Conectiva update for vim
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2004-02-11
Conectiva has issued updated packages for vim. These fix an old
vulnerability, which potentially can be exploited by malicious people
to compromise a user's system.
Full Advisory:
http://www.secunia.com/advisories/10837/
--
[SA10826] Clam AntiVirus UUencoded Message Denial of Service
Vulnerability
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2004-02-10
Oliver Eikemeier has reported a vulnerability in Clam AntiVirus
(clamav), which can be exploited by malicious people to cause a DoS
(Denial of Service).
Full Advisory:
http://www.secunia.com/advisories/10826/
--
[SA10823] Fedora update for mc
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2004-02-10
Red Hat has issued updated packages for mc. These fix a vulnerability,
which potentially can be exploited by malicious people to compromise a
user's system.
Full Advisory:
http://www.secunia.com/advisories/10823/
--
[SA10821] Red Hat update for Gaim
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2004-02-10
Red Hat has issued updated packages for gaim. These fix multiple
vulnerabilities, which potentially can be exploited by malicious people
to compromise a user's system.
Full Advisory:
http://www.secunia.com/advisories/10821/
--
[SA10810] Debian update for mpg123
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2004-02-09
Debian has issued updated packages for mpg123. These fix a
vulnerability, which potentially can be exploited by malicious people
to compromise a user's system.
Full Advisory:
http://www.secunia.com/advisories/10810/
--
[SA10808] OpenJournal Authentication Bypass Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Security Bypass
Released: 2004-02-09
Tri Huynh has discovered a vulnerability in OpenJournal, which can be
exploited by malicious people to bypass the user authentication.
Full Advisory:
http://www.secunia.com/advisories/10808/
--
[SA10803] Debian update for gaim
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2004-02-06
Debian has issued updated packages for gaim. These fix multiple
vulnerabilities, which potentially can be exploited by malicious people
to compromise a user's system.
Full Advisory:
http://www.secunia.com/advisories/10803/
--
[SA10849] Gentoo update for XFree86
Critical: Less critical
Where: From remote
Impact: Privilege escalation
Released: 2004-02-12
Gentoo has issued an update for XFree86. This fixes a vulnerability,
which potentially can be exploited by malicious users to escalate their
privileges on a vulnerable system.
Full Advisory:
http://www.secunia.com/advisories/10849/
--
[SA10841] Fedora update for kernel
Critical: Less critical
Where: From remote
Impact: Privilege escalation
Released: 2004-02-11
Red Hat has issued updated kernel packages. These fix various
vulnerabilities, allowing malicious users to escalate their privileges
Full Advisory:
http://www.secunia.com/advisories/10841/
--
[SA10822] Red Hat update for mailman
Critical: Less critical
Where: From remote
Impact: DoS, Cross Site Scripting
Released: 2004-02-10
Red Hat has issued updated packages for mailman. These fix three
vulnerabilities, which can be exploited by malicious people to conduct
cross-site scripting attacks or crash the mailman process.
Full Advisory:
http://www.secunia.com/advisories/10822/
--
[SA10819] Gentoo update for PHP
Critical: Less critical
Where: From remote
Impact: Security Bypass, Exposure of sensitive information
Released: 2004-02-09
Gentoo has issued an update for PHP. This fixes a vulnerability, which
causes PHP configuration options to be leaked.
Full Advisory:
http://www.secunia.com/advisories/10819/
--
[SA10813] Debian update for mailman
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting, DoS
Released: 2004-02-09
Debian has issued updated packages for mailman. These fix three
vulnerabilities, which can be exploited by malicious people to conduct
cross-site scripting attacks or crash the mailman process.
Full Advisory:
http://www.secunia.com/advisories/10813/
--
[SA10811] Apache-SSL Client Certificate Forging Vulnerability
Critical: Less critical
Where: From remote
Impact: ID Spoofing
Released: 2004-02-09
Wietse Venema has discovered a vulnerability in Apache-SSL, which can
be exploited by malicious people to forge client certificates.
Full Advisory:
http://www.secunia.com/advisories/10811/
--
[SA10845] Sun Solaris Apache "mod_alias" and "mod_rewrite"
Vulnerabilities
Critical: Less critical
Where: Local system
Impact: Privilege escalation, DoS
Released: 2004-02-11
Sun has acknowledged some vulnerabilities in Apache bundled with
Solaris. These can be exploited by malicious, local users to cause a
DoS (Denial of Service) or escalate privileges.
Full Advisory:
http://www.secunia.com/advisories/10845/
--
[SA10842] Samba Local Privilege Escalation Issue
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-02-11
Michal Medvecky has reported a security issue in samba, which can be
exploited by malicious, local users to escalate their privileges.
Full Advisory:
http://www.secunia.com/advisories/10842/
--
[SA10836] Microsoft Virtual PC for Mac Insecure Temporary Files
Creation
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-02-10
George Gal has discovered a vulnerability in Microsoft Virtual PC for
Mac, which can be exploited by malicious, local users to gain escalated
privileges.
Full Advisory:
http://www.secunia.com/advisories/10836/
--
[SA10833] eTrust InoculateIT for Linux Insecure Default Installation
Critical: Less critical
Where: Local system
Impact: Manipulation of data, Exposure of system information,
Exposure of sensitive information, Privilege escalation
Released: 2004-02-10
l0om has reported some vulnerabilities in eTrust InoculateIT for Linux,
which can be exploited by malicious, local users to perform certain
actions on a vulnerable system with other users' privileges.
Full Advisory:
http://www.secunia.com/advisories/10833/
--
[SA10824] XFree86 "font.alias" File Parsing Privilege Escalation
Vulnerability
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-02-11
iDEFENSE has discovered a vulnerability in XFree86, which can be
exploited by malicious, local users to gain escalated privileges.
Full Advisory:
http://www.secunia.com/advisories/10824/
--
[SA10816] Linux VServer Chroot Escape Vulnerability
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-02-09
Markus Müller has identified a vulnerability in Linux VServer, allowing
malicious users to break out of the chroot jail.
Full Advisory:
http://www.secunia.com/advisories/10816/
--
[SA10812] Fedora update for NetPBM
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-02-09
Red Hat has issued updated packages for netpbm. These fix a
vulnerability, allowing malicious users to escalate their privileges on
a vulnerable system.
Full Advisory:
http://www.secunia.com/advisories/10812/
--
[SA10806] BSD "shmat()" Privilege Escalation Vulnerability
Critical: Less critical
Where: Local system
Impact: Exposure of system information, Exposure of sensitive
information, Privilege escalation
Released: 2004-02-06
Joost Pol has discovered a vulnerability in BSD, allowing malicious,
local users to gain escalated privileges.
Full Advisory:
http://www.secunia.com/advisories/10806/
--
[SA10851] OpenLinux update for slocate
Critical: Not critical
Where: Local system
Impact: Privilege escalation
Released: 2004-02-12
SCO has issued updated packages for slocate. These fix a vulnerability,
which can be exploited by malicious, local users to gain "slocate"
group privileges.
Full Advisory:
http://www.secunia.com/advisories/10851/
Other:--
[SA10834] EvolutionX FTP Server Denial of Service Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2004-02-10
Some vulnerabilities have been reported in EvolutionX for Xbox, which
can be exploited by malicious people to cause a DoS (Denial of
Service).
Full Advisory:
http://www.secunia.com/advisories/10834/
--
[SA10828] httpd / palmhttpd Multiple Connection Denial of Service
Vulnerability
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2004-02-10
Shaun Colley has reported a vulnerability in httpd and a product based
on this (palmhttpd), which can be exploited by malicious people to
cause a DoS (Denial of Service).
Full Advisory:
http://www.secunia.com/advisories/10828/
--
[SA10832] Red-Alert Denial of Service Vulnerability
Critical: Moderately critical
Where: From local network
Impact: DoS
Released: 2004-02-10
Bruno Morisson has reported a vulnerability in Red-Alert, which can be
exploited by malicious people to cause a DoS (Denial of Service).
Full Advisory:
http://www.secunia.com/advisories/10832/
--
[SA10809] VMware ESX Server Privilege Escalation Vulnerabilities
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-02-06
VMware has issued updated packages for the kernel. These fix two
vulnerabilities, which can be exploited by malicious, local users to
gain escalated privileges.
Full Advisory:
http://www.secunia.com/advisories/10809/
--
[SA10827] Nokia 6310i OBEX Message Denial of Service
Critical: Not critical
Where: From remote
Impact: DoS
Released: 2004-02-10
Tim Hurman has reported a vulnerability in Nokia 6310i, allowing
malicious people to cause a Denial of Service.
Full Advisory:
http://www.secunia.com/advisories/10827/
--
[SA10817] ZyXEL ZyNOS Frame Padding Information Disclosure
Vulnerability
Critical: Not critical
Where: From local network
Impact: Exposure of system information, Exposure of sensitive
information
Released: 2004-02-09
DiSToAGe has reported that ZyXEL ZyNOS is affected by a known
information disclosure vulnerability, which can be exploited by
malicious people to obtain potentially sensitive information.
Full Advisory:
http://www.secunia.com/advisories/10817/
Cross Platform:--
[SA10839] ezContents Arbitrary File Inclusion and Login Bypass
Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: Security Bypass, System access
Released: 2004-02-11
Some vulnerabilities have been reported in ezContents, which can be
exploited by malicious people to compromise a vulnerable system or
bypass the login.
Full Advisory:
http://www.secunia.com/advisories/10839/
--
[SA10815] Jacks FormMail.php Arbitrary File Upload Vulnerability
Critical: Highly critical
Where: From remote
Impact: Security Bypass, System access
Released: 2004-02-09
Himeur Nourredine has reported a vulnerability, potentially allowing
malicious people to compromise a vulnerable system.
Full Advisory:
http://www.secunia.com/advisories/10815/
--
[SA10843] PHP-Nuke SQL Injection Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Security Bypass
Released: 2004-02-11
pokleyzz has reported two vulnerabilities in PHP-Nuke, allowing
malicious people to conduct SQL injection attacks.
Full Advisory:
http://www.secunia.com/advisories/10843/
--
[SA10840] MaxWebPortal Cross-Site Scripting and SQL Injection
Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting, Manipulation of data, Exposure of
system information, Exposure of sensitive information
Released: 2004-02-11
Manuel López has reported some vulnerabilities in MaxWebPortal, which
can be exploited by malicious people to conduct cross-site scripting
and SQL injection attacks.
Full Advisory:
http://www.secunia.com/advisories/10840/
--
[SA10830] PHP-Nuke Cross-Site Scripting and SQL Injection
Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Cross Site Scripting, Manipulation of data, Exposure of
system information, Exposure of sensitive information
Released: 2004-02-10
Janek Vind has reported three vulnerabilities in PHP-Nuke, allowing
malicious people to conduct Cross Site Scripting and SQL injection
attacks.
Full Advisory:
http://www.secunia.com/advisories/10830/
--
[SA10844] BosDates SQL Injection Vulnerability
Critical: Moderately critical
Where: From local network
Impact: Security Bypass
Released: 2004-02-11
G00db0y has reported a vulnerability in BosDates, allowing malicious
people to conduct SQL injection attacks.
Full Advisory:
http://www.secunia.com/advisories/10844/
--
[SA10805] Oracle9i Database Multiple Buffer Overflow Vulnerabilities
Critical: Moderately critical
Where: From local network
Impact: Privilege escalation, System access
Released: 2004-02-06
Cesar Cerrudo and Mark Litchfield have discovered multiple
vulnerabilities in Oracle9i Database, which can be exploited by
malicious database users to compromise the system and gain escalated
privileges.
Full Advisory:
http://www.secunia.com/advisories/10805/
--
[SA10818] PHP Configuration Leakage Vulnerability
Critical: Less critical
Where: From remote
Impact: Security Bypass, Exposure of sensitive information
Released: 2004-02-09
A vulnerability has been identified in PHP, potentially allowing
malicious people to view sensitive data or bypass an administrative
restriction.
Full Advisory:
http://www.secunia.com/advisories/10818/
--
[SA10814] Crossday Discuz! Board Cross Site Scripting Vulnerability
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2004-02-09
Cheng Peng Su has reported a vulnerability in Crossday Discuz! Board,
allowing malicious users to conduct Cross Site Scripting attacks.
Full Advisory:
http://www.secunia.com/advisories/10814/
--
[SA10804] Mambo "Itemid" Parameter Cross-Site Scripting Vulnerability
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2004-02-06
David Sopas Ferreira has reported a vulnerability Mambo, allowing
malicious people to conduct cross-site scripting attacks.
Full Advisory:
http://www.secunia.com/advisories/10804/
========================================================================
Secunia recommends that you verify all advisories you receive,
by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use
those supplied by the vendor.
Definitions: (Criticality, Where etc.)
http://www.secunia.com/about_secunia_advisories/
Subscribe:
http://www.secunia.com/secunia_weekly_summary/
Contact details:
Web : http://www.secunia.com/
E-mail : support () secunia com
Tel : +45 70 20 51 44
Fax : +45 70 20 51 45
========================================================================
-
ISN is currently hosted by Attrition.org
To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.
Current thread:
- Secunia Weekly Summary - Issue: 2004-7 InfoSec News (Feb 12)