Vulnerable systems: Volution Manager 1.1 Standard
Full advisory: http://www.net-security.org/advisory.php?id=737
Problem description: Volution Manager stores the unencrypted Directory Administrator's password in the /etc/ldap/slapd.conf file.



Title: Malformed Mail Attribute can Cause Exchange 2000 to Exhaust CPU Resources
Date: June 4 2002
Vendor: Microsoft
Vulnerable systems: Microsoft Exchange
Full advisory: http://www.net-security.org/advisory.php?id=738
Problem description: There is a flaw in the way Exchange 2000 handles certain malformed RFC message attributes on received mail. Upon receiving a message containing such a malformation, the flaw causes the Store service to consume 100% of the available CPU in processing the message.



Title: rpc.passwd vulnerability
Date: June 5 2002
Vendor: SGI
Vulnerable systems: IRIX 6.5.*
Full advisory: http://www.net-security.org/advisory.php?id=739
Problem description: It's been reported that /usr/etc/rpc.passwd has a vulnerability which could allow a user to compromise root.




Title: Denial-of-Service Vulnerability in ISC BIND 9
Date: June 5 2002
Vendor: ISC
Vulnerable systems: ISC BIND 9
Full advisory: http://www.net-security.org/advisory.php?id=740
Problem description: A denial-of-service vulnerability exists in version 9 of the Internet Software Consortium's (ISC) Berkeley Internet Name Domain (BIND) server. ISC BIND versions 8 and 4 are not affected. Exploiting this vulnerability will cause the BIND server to shut down.



Title: Updated xchat packages fix /dns vulnerability
Date: June 5 2002
Vendor: Red Hat
Vulnerable systems: Red Hat Linux 6.2 and 7.x
Full advisory: http://www.net-security.org/advisory.php?id=741
Problem description: A security issue in XChat allows a malicious server to execute arbitrary commands.



Title: Updated bind packages fix denial of service attack
Date: June 5 2002
Vendor: Red Hat
Vulnerable systems: Red Hat Linux 7.x
Full advisory: http://www.net-security.org/advisory.php?id=742