 |
Summary of Security Items from September 6 through September 13, 2005
Information in the US-CERT Cyber Security Bulletin is a compilation and includes information published by outside sources, therefore the information should not be considered the result of US-CERT analysis. Software vulnerabilities are categorized in the appropriate section reflecting the operating system on which the vulnerability was reported; however, this does not mean that the vulnerability only affects the operating system reported since this information is obtained from open-source information.
This bulletin provides a summary of new or updated vulnerabilities, exploits, trends, viruses, and trojans. Updates to vulnerabilities that appeared in previous bulletins are listed in bold text. The text in the Risk column appears in red for vulnerabilities ranking High. The risks levels applied to vulnerabilities in the Cyber Security Bulletin are based on how the "system" may be impacted. The Recent Exploit/Technique table contains a "Workaround or Patch Available" column that indicates whether a workaround or patch has been published for the vulnerability which the script exploits.
Vulnerabilities
The table below summarizes vulnerabilities that have been identified, even if they are not being exploited. Complete details about patches or workarounds are available from the source of the information or from the URL provided in the section. CVE numbers are listed where applicable. Vulnerabilities that affect both Windows and Unix Operating Systems are included in the Multiple Operating Systems section.
Note: All the information included in the following tables has been discussed in newsgroups and on web sites.
The Risk levels defined below are based on how the system may be impacted:
Note: Even though a vulnerability may allow several malicious acts to be performed, only the highest level risk will be defined in the Risk column.
- High - A high-risk vulnerability is defined as one that will allow an intruder to immediately gain privileged access (e.g., sysadmin or root) to the system or allow an intruder to execute code or alter arbitrary system files. An example of a high-risk vulnerability is one that allows an unauthorized user to send a sequence of instructions to a machine and the machine responds with a command prompt with administrator privileges.
- Medium - A medium-risk vulnerability is defined as one that will allow an intruder immediate access to a system with less than privileged access. Such vulnerability will allow the intruder the opportunity to continue the attempt to gain privileged access. An example of medium-risk vulnerability is a server configuration error that allows an intruder to capture the password file.
- Low - A low-risk vulnerability is defined as one that will provide information to an intruder that could lead to further compromise attempts or a Denial of Service (DoS) attack. It should be noted that while the DoS attack is deemed low from a threat potential, the frequency of this type of attack is very high. DoS attacks against mission-critical nodes are not included in this rating and any attack of this nature should instead be considered to be a "High" threat.
| Windows Operating Systems Only |
Vendor & Software Name |
Vulnerability - Impact
Patches - Workarounds
Attacks Scripts |
Common Name /
CVE Reference |
Risk |
Source |
| AVIRA Desktop for Windows 1.00.00.68 with AVPACK32.DLL version 6.31.0.3 |
A buffer overflow vulnerability has been reported in AVIRA Desktop for Windows, ACE archive processing, that could let remote malicious users execute arbitrary code.
Update to AVPACK32.DLL version 6.31.1.7 using AVIRA's online update feature.
Currently we are not aware of any exploits for this vulnerability. |
AVIRA Antivirus Arbitrary Code Execution |
High |
Secunia, Advisory: SA16691, September 14, 2004 |
CSystems
WebArchiveX 5.5.0.76 |
A vulnerability has been reported in WebArchiveX that could let remote malicious users access arbitrary files.
Upgrade to a release after September 6th, 2005.
There is no exploit code required. |
|
Medium |
Security Tracker, Alert ID: 1014867, September 7, 2005 |
Eset
NOD32 Antivirus for Windows NT, 2000, 2003, XP, trial version 2.5 with nod32.002 version 1.033 build 1127 |
A buffer overflow vulnerability has been reported in NOD32, ARJ archive processing, that could let remote malicious users execute arbitrary code.
Update to nod32.002 version 1.034 build 1132 using NOD32's online update feature.
Currently we are not aware of any exploits for this vulnerability. |
Eset NOD32 Arbitrary Code Execution
CAN-2005-2903
|
High |
Secunia, Advisory: SA16604, September 8, 2005 |
Ipswitch
WhatsUp Gold 8.0 4, Whatsup Small Business 2004 |
Multiple vulnerabilities have been reported in WhatsUp that could let remote malicious users to disclose files, conduct Cross-Site Scripting, or arbitrary code execution.
No workaround or patch available at time of publishing.
There is no exploit code required. |
Ipswitch WhatsUp Multiple Vulnerabilities |
High |
Security Focus, Bugtraq ID: 14792, 14797, 14799, September 9, 2005 |
Mall23
Mall23 eCommerce |
An input validation vulnerability has been reported Mall23 eCommerce ('infopage.asp') that could let remote malicious users perform SQL injection.
No workaround or patch available at time of publishing.
There is no exploit code required; however, a Proof of Concept exploit script has been published. |
Mall23 SQL Injection
|
Medium |
Security Tracker, Alert ID: 1014882, September 12, 2005 |
Microsoft
Exchange Server 2003 |
A vulnerability has been reported in Exchange Server 2003, Microsoft Exchange Information Store service, that could let remote malicious users cause a Denial of Service.
Vendor hotfix available:
http://support.microsoft.com/
default.aspx/kb/840123
There is no exploit code required. |
Microsoft Exchange Server 2003 Denial of Service
|
Low |
Secunia, Advisory: SA16740, September 8, 2005 |
Microsoft
Outlook Express 5.5, 6 |
A remote code execution vulnerability has been reported in Outlook Express when it is used as a newsgroup reader. A malicious user could exploit the vulnerability by constructing a malicious newsgroup server that could that potentially allow remote code execution if a user queried the server for news.
Updates available:
http://www.microsoft.com/technet/
security/Bulletin/MS05-030.mspx
An exploit script has been published. |
Microsoft Outlook Express Could Allow Remote Code Execution
CAN-2005-1213
|
|
Microsoft, MS05-030, June 14, 2004
US-CERT VU#130614
Security Focus, Bugtraq ID: 13951, September 12, 2005 |
SecureOL
VE2 1.05.1008 |
A vulnerability has been reported in VE2 that could let local malicious users bypass security restrictions.
Upgrade to version 1.05.1009:
http://www.download.com/
VE2/3000-2653_4-
10426897.html
A Proof of Concept exploit script has been published.
|
SecureOL VE2 Security Restriction Bypass
CAN-2005-2890 |
Medium |
Secunia Advisory: SA16739, September 8, 2005 |
SoftTree Tech
KillProcess prior to 2.20 |
A buffer overflow vulnerability has been reported in KillProcess that could let local malicious users to execute arbitrary code.
No workaround or patch available at time of publishing.
A Proof of Concept exploit script has been published. |
KillProcess Arbitrary Code Execution |
High |
Security Focus, Bugtraq ID: 14795, September 9, 2005 |
Sophos
Sophos AntiVirus |
A vulnerability has been reported in Sophos Anti-Virus 'Scan Mailboxes' feature that could let remote malicious users cause a Denial of Service.
Vendor workaround available:
http://www.sophos.com/
support/knowledgebase/
article/1691.html
There is no exploit code required. |
Sophos Anti-Virus Denial of Service
|
Low |
Security Tracker, Alert ID: 1014869, September 8, 2005 |
Yaosoft
COOL! Remote Control 1.12 |
A vulnerability has been reported in COOL! Remote Control that could let a local malicious users cause a Denial of Service.
No workaround or patch available at time of publishing.
There is no exploit code required; however, a Proof of Concept exploit script has been published. |
Yaosoft COOL! Remote Control Denial of Service |
Low |
Secunia, Advisory: SA16742, September 12, 2005 |
[back to
top]
| UNIX / Linux Operating Systems Only |
Vendor & Software Name |
Vulnerability - Impact
Patches - Workarounds
Attacks Scripts |
Common Name /
CVE Reference |
Risk |
Source |
Apache Software Foundation
Apache 2.0.x |
A vulnerability has been reported in 'modules/ssl/ssl_engine
_kernel.c' because the 'ssl_hook_Access()' function does not properly enforce the 'SSLVerifyClient require' directive in a per-location context if a virtual host is configured with the 'SSLVerifyCLient optional' directive, which could let a remote malicious user bypass security policies.
Patch available at:
http://svn.apache.org/
viewcvs?rev=264800
&view=rev
OpenPKG:
ftp://ftp.openpkg.org/
release/
RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-
608.html
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/
a/apache2/
SGI:
ftp://oss.sgi.com/projects/
sgi_propack/download/
3/updates/
Debian:
http://security.debian.org/
pool/updates/main/
a/apache2/
Mandriva:
http://www.mandriva.com/
security/advisories
Slackware:
ftp://ftp.slackware.com/
pub/slackware/
Trustix:
http://http.trustix.org/
pub/trustix/updates/
Debian:
http://security.debian.org/
pool/updates/main/liba/
There is no exploit code required. |
Apache 'Mod_SSL SSLVerifyClient' Restriction Bypass
CAN-2005-2700 |
Medium |
Security Tracker Alert ID: 1014833, September 1, 2005
OpenPKG Security Advisory, OpenPKG-SA-2005.017, September 3, 2005
RedHat Security Advisory, RHSA-2005:608-7, September 6, 2005
Ubuntu Security Notice, USN-177-1, September 07, 2005
SGI Security Advisory, 20050901-01-U, September 7, 2005
Debian Security Advisory, DSA 805-1, September 8, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:161, September 8, 2005
Slackware Security Advisory, SSA:2005-251-02, September 9, 2005
Trustix Secure Linux Security Advisory, TSLSA-2005-0047, September 9, 2005
Debian Security Advisory DSA 807-1, September 12, 2005
US-CERT VU#744929 |
Apple
Macintosh OS X |
Multiple vulnerabilities have been reported: a vulnerability was reported due to the way temporary files are handled, which could let a remote malicious user corrupt/create arbitrary files; a vulnerability was reported in the privileged helper because temporary files are created insecurely, which could let a remote malicious user corrupt/create arbitrary files; a vulnerability was reported in the Java shared archives update utility, which could let a malicious user obtain elevated privileges; a vulnerability was reported when using Mac OS X specific extensions due to an unspecified error, which could let a malicious user obtain elevated privileges; and a vulnerability was reported in the Java ServerSocket object because it can be created for a port that is in use, which could let a malicious user intercept traffic.
Patches available at:
http://www.apple.com/
support/downloads/
javasecurity update.html
There is no exploit code required. |
|
Medium |
Apple Security Advisory, APPLE-SA-2005-09-13, September 13, 2005 |
Astaro Security
Astaro Security Linux 6.0 01 |
A vulnerability has been reported due to a weakness that may allow remote malicious user to connect to arbitrary ports which could lead to access control bypass.
Upgrades available at:
http://download.astaro.com/
Astaro_Security_Linux/
v6.0/up2date/
There is no exploit code required; however, a Proof of Concept exploit has been published. |
Astaro Security Linux HTTP CONNECT Unauthorized Access
CAN-2005-2729
|
Medium |
Security Focus Bugtraq ID: 14665, August 25, 2005
Security Focus Bugtraq ID: 14665, September 7, 2005 |
BlueZ
BlueZ 2.18 & prior
|
A vulnerability has been reported due to insufficient sanitization of input passed as a remote device name, which could let a remote malicious user execute arbitrary code.
Upgrades available at:
http://www.bluez.org/
redirect.php?url=
http%3A%2F%2F
bluez.sf.net%2F
down load%2F
bluez-libs-2.19.tar.gz
Gentoo:
http://security.gentoo.org/
glsa/glsa-200508-09.xml
Debian:
http://security.debian.org/
pool/updates/contrib/
b/bluez-utils/
Mandriva:
http://www.mandriva.com/
security/advisories
Conectiva:
ftp://atualizacoes.conectiva.
com.br/10/
There is no exploit code required. |
BlueZ Arbitrary Command Execution
CAN-2005-2547
|
High |
Security Focus 14572, August 16, 2005
Gentoo Linux Security Advisory, GLSA 200508-09, August 17, 2005
Debian Security Advisory, DSA 782-1, August 23, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:150, August 25, 2005
Conectiva Linux Announcement, CLSA-2005:1001, September 13, 2005 |
common-lisp-controller
common-lisp-controller
|
A vulnerability has been reported when validating the ownership of the cache directory, which could let a remote malicious user obtain elevated privileges.
Debian:
http://security.debian.org/
pool/updates/main/c/
common-lisp-controller/
common-lisp-controller
_4.15sarge2_all.deb
Currently we are not aware of any exploits for this vulnerability.
|
|
Medium |
Debian Security Advisory, DSA 811-1, September 14, 2005 |
CVS
CVS 1.12.7-1.12.12, 1.12.5, 1.12.2 , 1.12.1, 1.11.19, 1.11.17
|
A vulnerability has been reported in the 'cvsbug.in' script due to the insecure creation of temporary files, which could let a malicious user cause data loss or a Denial of Service.
Fedora:
http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates/
Trustix:
http://http.trustix.org/
pub/trustix/updates/
FreeBSD:
ftp://ftp.FreeBSD.org/
pub/FreeBSD/CERT/
patches/SA-05:20/
cvsbug.patch
SGI:
ftp://oss.sgi.com/projects/
sgi_propack/download/
3/updates/
Debian:
http://security.debian.org/
pool/updates/main/c/cvs/
http://security.debian.org/
pool/updates/main/g/gcvs/
FreeBSD:
ftp://ftp.freebsd.org/pub/
FreeBSD/CERT/advisories/
FreeBSD-SA-05:20.cvsbug.asc
There is no exploit code required. |
CVS 'Cvsbug.In' Script Insecure Temporary File Creation
CAN-2005-2693
|
Low |
Fedora Update Notifications
FEDORA-2005-790 & 791, August 23, 2005
Trustix Secure Linux Security Advisory, TSLSA-2005-0045, August 26, 2005
RedHat Security Advisory, RHSA-2005:756-3, September 6, 2005
SGI Security Advisory, 20050901-01-U, September 7, 2005
FreeBSD Security Advisory, FreeBSD-SA-05:20, September 7, 2005
Debian Security Advisories, DSA 802-1 & 806-1, September 7 & 9, 2005
FreeBSD Security Advisory, FreeBSD-SA-05:20, September 9, 2005 |
Eric Raymond
Fetchmail 6.2.5 |
A remote buffer overflow vulnerability has been reported in the POP3 client due to insufficient boundary checks, which could let a malicious user obtain elevated privileges.
Fedora:
http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates/
Redhat:
http://rhn.redhat.com/
errata/RHSA-2005-
640.html
Ubuntu:
http://www.ubuntulinux.org/
support/ documentation/
usn/usn-153-1
Gentoo:
http://www.gentoo.org/
security/en/glsa/
glsa-200507-21.xml
Debian:
http://security.debian.org/
pool/updates/main/
f/fetchmail/
SGI:
ftp://patches.sgi.com/
support/free/
security/advisories/
TurboLinux:
ftp://ftp.turbolinux.co.jp/
pub/TurboLinux/
TurboLinux/ia32/
Conectiva:
ftp://atualizacoes.conectiva.
com.br/10/
Currently we are not aware of any exploits for this vulnerability. |
|
Medium |
Fedora Update Notifications,
FEDORA-2005-613 & 614, July 21, 2005
Redhat Security Advisory, RHSA-2005:640-08, July 25, 2005
Ubuntu Security Notice, USN-153-1, July 26, 2005
Gentoo Security Advisory, GLSA 200507-21, July 25, 2005
Debian Security Advisory, DSA 774-1, August 12, 2005
SGI Security Advisory, 20050802-01-U, August 15, 2005
Turbolinux Security Advisory, TLSA-2005-84, August 18, 2005
Conectiva Linux Announce-ment, CLSA-2005:1005, September 13, 2005
|
GNU
cpio 1.0, 1.1, 1.2 |
A vulnerability has been reported in 'cpio/main.c' due to a failure to create files securely, which could let a malicious user obtain sensitive information.
Upgrades available at:
http://ftp.gnu.org/gnu/cpio/
cpio-2.6.tar.gz
SGI:
ftp://oss.sgi.com/projects/sgi_
propack/download/3/updates/
TurboLinux:
ftp://ftp.turbolinux.co.jp/
pub/TurboLinux/
TurboLinux/ia32/
Server/10/updates
Conectiva:
ftp://atualizacoes.conectiva.
com.br/10/
There is no exploit required. |
|
Medium |
Security Tracker Alert, 1013041, January 30, 2005
SGI Security Advisory, 20050204-01-U, March 7, 2005
Turbolinux Security Advisory, TLSA-2005-30, March 10, 2005
Conectiva Linux Announcement, CLSA-2005:1002, September 13, 2005 |
GNU
cpio 1.0-1.3, 2.4.2, 2.5, 2.5.90, 2.6 |
A vulnerability has been reported when an archive is extracted into a world or group writeable directory because non-atomic procedures are used, which could let a malicious user modify file permissions.
Trustix:
ftp://ftp.turbolinux.co.jp/
pub/TurboLinux/
TurboLinux/
Mandriva:
http://www.mandriva.com/
security/advisories
RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-378.html
SGI:
ftp://patches.sgi.com/
support/free/security/
advisories/
SCO:
ftp://ftp.sco.com/pub/
updates/UnixWare/
SCOSA-2005.32
Avaya:
http://support.avaya.com/
elmodocs2/security/
ASA-2005-191.pdf
Conectiva:
ftp://atualizacoes.conectiva.
com.br/10/
There is no exploit code required. |
|
Medium |
Bugtraq, 395703,
April 13, 2005
Trustix Secure Linux Security Advisory, TSLSA-2005-0030, June 24, 2005
Mandriva
Linux Security Update Advisory, MDKSA2005:
116, July 12,
2005
RedHat Security Advisory, RHSA-2005:378-17, July 21, 2005
SGI Security Advisory, 20050802-01-U, August 15, 2005
SCO Security Advisory, SCOSA-2005.32, August 18, 2005
Avaya Security Advisory, ASA-2005-191, September 6, 2005
Conectiva Linux Announcement, CLSA-2005:1002, September 13, 2005 |
GNU
cpio 2.6 |
A Directory Traversal vulnerability has been reported when invoking cpio on a malicious archive, which could let a remote malicious user obtain sensitive information.
Gentoo:
http://security.gentoo.org/
glsa/glsa-200506-16.xml
Trustix:
ftp://ftp.turbolinux.co.jp/
pub/TurboLinux/
TurboLinux/
Mandriva:
http://www.mandriva.com/
security/advisories
SCO:
ftp://ftp.sco.com/pub/
updates/UnixWare/
SCOSA-2005.32
Avaya:
http://support.avaya.com/
elmodocs2/security/
ASA-2005-191.pdf
Conectiva:
ftp://atualizacoes.conectiva.
com.br/10/
A Proof of Concept exploit has been published. |
|
Medium |
Bugtraq,
396429, April 20, 2005
Gentoo Linux Security Advisory, GLSA
200506-16, June 20, 2005
Trustix Secure
Linux Security Advisory, TSLSA-2005-
0030, June 24, 2005
Mandriva Linux Security Update Advisory, MDKSA2005:
116, July 12, 2005
SCO Security Advisory, SCOSA-2005.32, August 18, 2005
Avaya Security Advisory, ASA-2005-191, September 6, 2005
Conectiva Linux Announcement, CLSA-2005:1002, September 13, 2005 |
GNU
Mailutils 0.6
|
A format string vulnerability has been reported in 'search.c' when processing user-supplied IMAP SEARCH commands, which could let a remote malicious user execute arbitrary code.
Patch available at:
http://savannah.gnu.org/
patch/download.php?
item_id=4407&item_
file_id=5 160
A Proof of Concept exploit script has been published.
|
GNU Mailutils Format String
CAN-2005-2878 |
High |
Security Tracker Alert ID: 1014879, September 9, 2005 |
IBM
AIX 5.3 |
Buffer overflow vulnerabilities have been reported in the 'invscout,' 'paginit,' 'diagTasksWebSM,' 'getlvname,' and 'swcons' commands and multiple 'p' commands, which could let a malicious user execute arbitrary code, potentially with root privileges.
IBM has released an advisory (IBM-06-10-2005) to address this and other issues.
Updated APAR availability information. Removed interim fix information.
Vendor fix available:
http://www-1.ibm.com/
servers/eserver/support/
pseries/aixfixes.html
There is no exploit code required; however, a Proof of Concept exploit has been published. |
|
High |
Security Tracker Alert, 1014132, June 8, 2005
IBM Security Advisory, IBM-06-10-2005, June 10, 2005
Security Focus, 13909, July 7, 2005
IBM Security Advisory, September 13, 2005 |
IBM
AIX 5.3
|
A vulnerability has been reported in the NIS client which could let a remote malicious user execute arbitrary code with root privileges.
Updated APAR availability information. Removed interim fix information.
Hotfix available at:
ftp://aix.software.ibm.com/
aix/efixes/security/
nis_2_efix.tar.Z
Currently we are not aware of any exploits for this vulnerability. |
|
High |
Secunia Advisory,
SA14856, April 6, 2005
IBM Security Advisory, Updated September 13, 2005 |
Info-ZIP
UnZip 5.52 |
A vulnerability has been reported due to a security weakness when extracting an archive to a world or group writable directory, which could let a malicious user modify file permissions.
Fedora:
http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates/3/
There is no exploit code required. |
Info-ZIP UnZip File Permission Modification
CAN-2005-2475 |
Medium |
Security Focus, 14450, August 2, 2005
Fedora Update Notification,
FEDORA-2005-844, September 9, 2005 |
KDE
KDE 3.2.0 up to including 3.4.2 |
A vulnerability has been reported in 'kcheckpass.c' due to the insecure creation of the lock file, which could let a malicious user obtain superuser privileges.
Patches available at:
ftp://ftp.kde.org/pub/kde/
security_patches/
post-3.4.2-kdebase-
kcheckpa ss.diff
Mandriva:
http://www.mandriva.com/
security/advisories
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/
k/kdebase/
Slackware:
ftp://ftp.slackware.com/
pub/slackware/
There is no exploit code required.
|
KDE kcheckpass Superuser Privilege Escalation
CAN-2005-2494 |
High |
KDE Security Advisory, September 5, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:160, September 6, 2005
Ubuntu Security Notice, USN-176-1 September 07, 2005
Slackware Security Advisory, SSA:2005-251-01, September 9, 2005 |
KDE
KDE 3.0 - 3.4.2 |
A vulnerability was reported in 'langen2kvtml' due to the insecure creation of temporary files, which could let malicious user obtain elevated privileges.
Patches available at:
ftp://ftp.kde.org/pub/
kde/security_patches
Fedora:
http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates/3/
Fedora:
http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates/
Mandriva:
http://www.mandriva.com/
security/advisories
Slackware:
ftp://ftp.slackware.com/
pub/slackware/slackware
-current/slackware/
There is no exploit code required.
|
|
Medium |
KDE Security Advisory, August 15, 2005
Fedora Update Notification,
FEDORA-2005-745, August 15, 2005
Fedora Update Notifications,
FEDORA-2005-744 & 745, August 16, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:159, September 6, 2005
Slackware Security Advisory, SSA:2005-251-03, September 9, 2005 |
Mark D. Roth
pam_per_user 0.1-0.3 |
A vulnerability has been reported in the authentication function due to an error when checking if the user name has been changed between calls, which could let a remote malicious user bypass authentication.
Upgrades available at:
ftp://ftp.feep.net/pub/software/
PAM/pam_per_user/
pam_per_user-0.4.tar.gz
There is no exploit code required.
|
Mark D. Roth PAM_Per_User Authentication Bypass |
Medium |
Security Focus, Bugtraq ID: 14813, September 12, 2005 |
Mike Kershaw
Kismet 2005-07-R1
|
Multiple vulnerabilities have been reported: an integer underflow vulnerability was reported when handling pcap files; a vulnerability was reported due to an unspecified error when handling non-printable characters in SSID; and a integer underflow vulnerability was reported in the data frame dissection, which could possibly lead to the execution of arbitrary code.
Upgrade available at:
http://www.kismetwireless.
net/code/kismet-
2005-08-R1.tar.gz
Gentoo:
http://security.gentoo.org/
glsa/glsa-200508-10.xml
Debian:
http://security.debian.org/
pool/updates/main
/k/kismet/
SUSE:
ftp://ftp.suse.com
/pub/suse/
Currently we are not aware of any exploits for these vulnerabilities.
|
Kismet Multiple Remote Vulnerabilities
CAN-2005-2626
CAN-2005-2627 |
High |
Security Focus, Bugtraq ID 14430, August 16, 2005
Gentoo Linux Security Advisory, GLSA 200508-10, August 19, 200
Debian Security Advisory, DSA 788-1, August 29, 2005
SUSE Security Summary Report, SUSE-SR:2005:020, September 12, 2005 |
Multiple Vendors
OpenLDAP 2.1.25; Padl Software pam_ldap Builds 166, 85, 202, 199, 198, 194, 183-192, 181, 180, 173, 172, 122, 121, 113, 107, 105
|
A vulnerability has been reported in OpenLDAP, 'pam_ldap,' and 'nss_ldap' when a connection to a slave is established using TLS and the client is referred to a master, which could let a remote malicious user obtain sensitive information.
Trustix:
http://http.trustix.org/pub/
trustix/updates/
Gentoo:
http://security.gentoo.org/
glsa/glsa-200507-13.xml
Mandriva:
http://www.mandriva.com/
security/advisories
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/universe/libn/
TurboLinux:
ftp://ftp.turbolinux.co.jp/
pub/TurboLinux/
TurboLinux/ia32/
SUSE:
ftp://ftp.SUSE.com
/pub/SUSE
There is no exploit code required. |
|
Medium |
Trustix Secure
Linux Advisory, TSLSA-2005-
0031, July 1, 2005
Gentoo Linux Security
Advisory, GLSA 200507-13,
July 14, 2005
Mandriva Linux Security Update Advisory,
MDKSA-2005:
121, July 19, 2005
Ubuntu Security Notice, USN-152-1, July 21, 2005
Turbolinux Security Advisory, TLSA-2005-86 & 87, August 29, 2006
SUSE Security Summary Report, SUSE-SR:2005:020, September 12, 2005 |
Multiple Vendors
zlib 1.2.2, 1.2.1, 1.2 .0.7, 1.1-1.1.4, 1.0-1.0.9; Ubuntu Linux 5.0 4, powerpc, i386, amd64, 4.1 ppc, ia64, ia32; SuSE Open-Enterprise-Server 9.0, Novell Linux Desktop 9.0, Linux Professional 9.3, x86_64, 9.2, x86_64, 9.1, x86_64, Linux Personal 9.3, x86_64, 9.2, x86_64, 9.1, x86_64, Linux Enterprise Server 9; Gentoo Linux;
FreeBSD 5.4, -RELENG, -RELEASE, -PRERELEASE, 5.3, -STABLE, -RELENG, -RELEASE;
Debian Linux 3.1, sparc, s/390, ppc, mipsel, mips, m68k, ia-64, ia-32, hppa, arm, alpha; zsync 0.4, 0.3-0.3.3, 0.2-0.2.3 , 0.1-0.1.6 1, 0.0.1-0.0.6
|
A buffer overflow vulnerability has been reported due to insufficient validation of input data prior to utilizing it in a memory copy operation, which could let a remote malicious user execute arbitrary code.
Debian:
ftp://security.debian.org
/pool/updates/
main/z/zlib/
FreeBSD:
ftp://ftp.FreeBSD.org/pub/
FreeBSD/CERT/patches/
SA-05:16/zlib.patch
Gentoo:
http://security.gentoo.org/
glsa/glsa-200507-05.xml
SUSE:
ftp://ftp.suse.com
/pub/suse/
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/z/zlib/
Mandriva:
http://www.mandriva.com/
security/advisories
OpenBSD:
http://www.openbsd.org/
errata.html
OpenPKG:
ftp.openpkg.org
RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-
569.html
Trustix:
http://http.trustix.org/pub/
trustix/updates/
Slackware:
ftp://ftp.slackware.com/
pub/slackware/
TurboLinux:
ftp://ftp.turbolinux.co.jp/
pub/TurboLinux/
TurboLinux/
ia32/Server/10
Fedora:
http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates/
zsync:
http://prdownloads.
sourceforge.net/zsync/
zsync-0.4.1.tar.gz?
download
Apple:
http://docs.info.apple.com/
article.html?artnum=302163
SCO:
ftp://ftp.sco.com/pub/
updates/UnixWare/
SCOSA-2005.33
IPCop:
http://sourceforge.net/
project/showfiles.php
?group_id=40604&
package_id = 35093
&release_id=351848
Debian:
http://security.debian.org/
pool/updates/main/
z/zsync/
Trolltech:
ftp://ftp.trolltech.com/
qt/source/qt-x11-free-
3.3.5.tar.gz
Currently we are not aware of any exploits for this vulnerability. |
|
High |
Debian Security Advisory
DSA 740-1,
July 6, 2005
FreeBSD Security Advisory,
FreeBSD-SA-05:16, July 6, 2005
Gentoo Linux Security Advisory, GLSA 200507-
05, July 6, 2005
SUSE Security Announcement, SUSE-SA:2005:039,
July 6, 2005
Ubuntu Security Notice,
USN-148-1, July 06, 2005
RedHat Security Advisory, RHSA-2005:569-03,
July 6, 2005
Fedora Update Notifications,
FEDORA-2005-523, 524,
July 7, 2005
Mandriva Linux Security Update Advisory,
MDKSA-2005:11, July 7, 2005
OpenPKG
Security Advisory, OpenPKG-SA-2005.013,
July 7, 2005
Trustix Secure
Linux Security Advisory,
TSLSA-2005-
0034, July 8,
2005
Slackware Security
Advisory, SSA:2005-
189-01,
July 11, 2005
Turbolinux Security
Advisory, TLSA-2005-77,
July 11, 2005
Fedora Update Notification, FEDORA-2005-565, July 13, 2005
SUSE Security Summary
Report, SUSE-SR:2005:017,
July 13, 2005
Security Focus, 14162, July 21, 2005
USCERT Vulnerability Note VU#680620, July 22, 2005
Apple Security Update 2005-007,
APPLE-SA-2005-08-15, August 15, 2005
SCO Security Advisory, SCOSA-2005.33, August 19, 2005
Security Focus, Bugtraq ID: 14162, August 26, 2005
Debian Security Advisory, DSA 797-1, September 1, 2005
Security Focus, Bugtraq ID: 14162, September 12, 2005
|
Multiple Vendors
zlib 1.2.2, 1.2.1; Ubuntu Linux 5.04 powerpc, i386, amd64,
4.1 ppc, ia64, ia32; Debian Linux 3.1
sparc, s/390, ppc, mipsel, mips, m68k,
ia-64, ia-32,
hppa, arm,
alpha
|
A remote Denial of Service vulnerability has been reported due to a failure of the library to properly handle unexpected compression routine input.
Zlib:
http://www.zlib.net/
zlib-1.2.3.tar.gz
Debian:
http://security.debian.org/
pool/updates/main/z/zlib/
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/z/zlib/
OpenBSD:
http://www.openbsd.org/
errata.html#libz2
Mandriva:
http://www.mandriva.com/
security/ advisories
?name=
MDKSA-2005:124
Fedora:
http://download.fedora.
redhat.com/ pub/fedora
/linux/core/updates/
Slackware:
http://slackware.com/
security/viewer.php?
l=slackware-security&y=
2005&m=slackware-
security.323596
FreeBSD:
ftp://ftp.freebsd.org/
pub/FreeBSD/CERT/
advisories/FreeBSD
-SA-05:18.zlib.asc
SUSE:
http://lists.suse.com/
archive/suse-security-
announce/2005-
Jul/0007.html
Gentoo:
http://security.gentoo.org/
glsa/glsa-200507-28.xml
http://security.gentoo.org/
glsa/glsa-200508-01.xml
Trustix:
ftp://ftp.trustix.org/pub/
trustix/updates/
Conectiva:
ftp://atualizacoes.conectiva.
com.br/10/
Apple:
http://docs.info.apple.com/
article.html?artnum=
302163
TurboLinux:
ftp://ftp.turbolinux.co.jp/
pub/TurboLinux/
TurboLinux/ia32/
Server/10/updates/
SCO:
ftp://ftp.sco.com/pub/
updates/UnixWare/
SCOSA-2005.33
Debian:
http://security.debian.org/
pool/updates/main/
z/zsync/
Trolltech:
ftp://ftp.trolltech.com/
qt/source/qt-x11-free-
3.3.5.tar.gz
Currently we are not aware of any exploits for this vulnerability.
|
Multiple Vendor Zlib Compression Library Decompression Remote Denial of Service
CAN-2005-1849
|
Low |
Security Focus, Bugtraq ID 14340, July 21, 2005
Debian Security Advisory DSA 763-1, July 21, 2005
Ubuntu Security Notice, USN-151-1, July 21, 2005
OpenBSD, Release Errata 3.7, July 21, 2005
Mandriva Security Advisory, MDKSA-2005:124, July 22, 2005
Secunia, Advisory: SA16195, July 25, 2005
Slackware Security Advisory, SSA:2005-
203-03, July 22, 2005
FreeBSD Security Advisory, SA-05:18, July 27, 2005
SUSE Security Announce-
ment, SUSE-SA:2005:043,
July 28, 2005
Gentoo Linux Security Advisory, GLSA 200507-28, July 30, 2005
Gentoo Linux Security Advisory, GLSA 200508-01, August 1, 2005
Trustix Secure Linux Security Advisory, TSLSA-2005-0040, August 5, 2005
Conectiva Linux Announcement, CLSA-2005:997, August 11, 2005
Apple Security Update, APPLE-SA-2005-08-15, August 15, 2005
Turbolinux Security Advisory , TLSA-2005-83, August 18, 2005
SCO Security Advisory, SCOSA-2005.33, August 19, 2005
Debian Security Advisory, DSA 797-1, September 1, 2005
Security Focus, Bugtraq ID: 14340, September 12, 2005 |
Multiple Vendors
dhcpcd 1.3.22 |
A vulnerability has been reported in dhcpcd that could let a remote user perform a Denial of Service.
Debian:
http://security.debian.org/
pool/updates/main/d/dhcpcd/
Mandriva:
http://www.mandriva.com/
security/advisories
Gentoo:
http://security.gentoo.org/
glsa/glsa-200507-16.xml
Conectiva:
http://distro.conectiva.com.br/
atualizacoes/ index.php
?id=a&
anuncio=000983
RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-603.html
Debian:
http://security.debian.org/
pool/updates/main/
IPCop:
http://sourceforge.net/project/
showfiles.php?group_id=
40604&package_id =
35093&release_id=351848
Slackware:
ftp://ftp.slackware.com/
pub/slackware/
Currently we are not aware of any exploits for this vulnerability. |
dhcpcd Denial of Service
CAN-2005-1848 |
Low |
Secunia, Advisory: SA15982, July 11, 2005
Debian Security Advisory, DSA 750-1, July 11, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:117, July 13, 2005
Gentoo Linux Security Advisory, GLSA 200507-16, July 15, 2005
Conectiva, CLSA-2005:983, July 25, 2005
RedHat Security Advisory, RHSA-2005:603-07, July 27, 2005
Debian Security Advisor, DSA 773-1, August 11, 2005
Security Focus, Bugtraq ID: 14206 , August 26, 2005
Slackware Security Advisory, SSA:2005-255-01, September 12, 2005 |
Multiple Vendors
Gentoo Linux;
RedHat Fedora Core3, Core2;
SUSE Linux 8.1, 8.2, 9.0-9.2, Desktop 1.0, Enterprise Server 9, 8, Novell Linux Desktop 1.0;
X.org X11R6 6.7 .0, 6.8, 6.8.1;
XFree86 X11R6 3.3, 3.3.2-3.3.6, 4.0-4.0.3, 4.1 .0, 4.1 -12, 4.1 -11, 4.2 .0, 4.2.1 Errata, 4.2.1
4.3 .0 |
Multiple vulnerabilities exist due to integer overflows, memory access errors, input validation errors, and logic errors, which could let a remote malicious user execute arbitrary code, obtain sensitive information, or cause a Denial of Service.
Fedora:
http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates
Gentoo:
http://security.gentoo.org/
glsa/glsa-200411-28.xml
SUSE:
ftp://ftp.SUSE.com/
pub/SUSE
X.org:
http://www.x.org/pub/
Fedora:
http://download.fedora.redhat.
com/pub/fedora/linux/
core/updates/2/
RedHat:
http://rhn.redhat.com/errata/
RHSA-2004-537.html
Mandrakesoft:
http://www.mandrakesoft.
com/security/advisories?
name=MDKSA-2004:137
(libxpm)
http://www.mandrakesoft.
com/security/advisories?
name=MDKSA-2004:138
(XFree86)
Debian:
http://www.debian.org/
security/2004/dsa-607
(XFree86)
SGI:
ftp://patches.sgi.com/
support/free/security/
patches/ProPack/3/
TurboLinux:
http://www.turbolinux.com/
update/
Avaya:
http://support.avaya.com/
elmodocs2/security/
ASA-2005-023_
RHSA-2004-537.pdf
http://support.avaya.com/|
elmodocs2/security/
ASA-2005-025_
RHSA-2005-004.pdf
Gentoo:
http://security.gentoo.org/
glsa/glsa-200502-06.xml
http://security.gentoo.org/
glsa/glsa-200502-07.xml
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/
FedoraLegacy:
http://download.fedoralegacy.
org/redhat/
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main
/l/lesstif1-1/
Currently we are not aware of any exploits for these vulnerabilities. |
|
|
X.Org Foundation Security Advisory, November 17, 2004
Fedora Update Notifications,
FEDORA-2004-433 & 434, November 17 & 18, 2004
SUSE Security Announcement, SUSE-SA:2004:041, November 17, 2004
Gentoo Linux Security Advisory, GLSA 200411-28, November 19, 2004
Fedora Security Update Notifications
FEDORA-2003-464, 465, 466, & 467, December 1, 2004
RedHat Security Advisory, RHSA-2004:537-17, December 2, 2004
Mandrakesoft: MDKSA-2004:137: libxpm4; MDKSA-2004:138: XFree86, November 22, 2004
Debian Security Advisory
DSA-607-1 xfree86 -- several vulnerabilities, December 10, 2004
Turbolinux Security Announcement, January 20, 2005
Avaya Security Advisories, ASA-2005-023 & 025, January 25, 2005
Gentoo Linux Security Advisories, GLSA 200502-06 & 07, February 7, 2005
Ubuntu Security Notice, USN-83-1 February 16, 2005
Fedora Legacy Update Advisory, FLSA:2314, March 2, 2005
Ubuntu Security Notice, USN-83-2, September 12, 2005
|
Multiple Vendors
IPsec-Tools IPsec-Tools 0.5; KAME Racoon prior to 20050307 |
A remote Denial of Service vulnerability has been reported when parsing ISAKMP headers.
Upgrades available at:
http://www.kame.net/snap-users/
Fedora:
http://download.fedora.redhat.
com/pub/fedora/linux/core/
updates/
RedHat:
http://rhn.redhat.com/errata/
RHSA-2005-232.html
Gentoo:
http://security.gentoo.org/
glsa/glsa-200503-30.xml
ALTLinux:
http://lists.altlinux.ru/
pipermail/security-announce/
2005-March/000287.html
SUSE:
ftp://ftp.SUSE.com/pub/SUSE
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/i/
ipsec-tools/
SCO:
ftp://ftp.sco.com/pub/
updates/UnixWare/
SCOSA-2005.37
Currently we are not aware of any exploits for this vulnerability. |
KAME Racoon Malformed ISAKMP Packet Headers Remote Denial of Service
CAN-2005-0398
|
Low |
Fedora Update Notifications,
FEDORA-2005-
216 & 217,
March 14, 2005
RedHat Security Advisory,
RHSA-2005:232-10, March 23, 2005
Gentoo Linux
Security Advisory, GLSA 200503-33,
March 25, 2005
ALTLinux Security Advisory,
March 29, 2005
SUSE Security Announcement, SUSE-SA:2005:020, March 31, 2005
Ubuntu Security Notice, USN-107-1, April 05, 2005
SCO Security Advisory, SCOSA-2005.37, September 9, 2005 |
Multiple Vendors
Linux kernel 2.6 prior to 2.6.12.1 |
A Denial of Service vulnerability has been reported in the subthread exec signal processing that has a timer pending.
Updates available at:
http://www.kernel.org/
Fedora:
http://download.fedora.redhat.
com/pub/fedora/linux/
core/updates/4/
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/l/
Currently we are not aware of any exploits for this vulnerability. |
|
Low |
Security Tracker Alert ID: 1014274, June 23, 2005
Ubuntu Security Notice, USN-178-1, September 09, 2005
|
Multiple Vendors
Linux kernel 2.6.8, 2.6.10 |
A vulnerability has been reported in the EXT2/EXT3 file systems, which could let a remote malicious user bypass access controls.
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/l/
Currently we are not aware of any exploits for this vulnerability.
|
Linux Kernel EXT2/EXT3 File Access Bypass
CAN-2005-2801 |
Medium |
Security Focus, Bugtraq ID: 14792, September 9, 2005
Ubuntu Security Notice, USN-178-1, September 09, 2005 |
Multiple Vendors
Linux kernel 2.6.8, 2.6.10 |
A remote Denial of Service vulnerability has been reported in the 'ipt_recent' module when specially crafted packets are sent.
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/l/
Currently we are not aware of any exploits for this vulnerability. |
Linux Kernel 'Ipt_recent' Remote Denial of Service
CAN-2005-2872 |
Low |
Security Focus, Bugtraq ID: 14791, September 9, 2005
Ubuntu Security Notice, USN-178-1, September 09, 2005 |
Multiple Vendors
Linux kernel 2.6.8-2.6.10, 2.4.21
|
Several vulnerabilities have been reported: a buffer overflow vulnerability was reported in 'msg_control' when copying 32 bit contents, which could let a malicious user obtain root privileges and execute arbitrary code; and a vulnerability was reported in the 'raw_sendmsg()' function, which could let a malicious user obtain sensitive information or cause a Denial of Service.
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/l/
Currently we are not aware of any exploits for these vulnerabilities. |
Linux Kernel Buffer Overflow, Information Disclosure, & Denial of Service
CAN-2005-2490
CAN-2005-2492 |
High |
Secunia Advisory: SA16747, September 9, 2005
Ubuntu Security Notice, USN-178-1, September 09, 2005
|
Multiple Vendors
RedHat Fedora Core3, Enterprise Linux ES 4, ES 3, AS 4, AS 3; FreeRADIUS 1.0.4 |
Multiple vulnerabilities have been reported: a buffer overflow vulnerability was reported in 'exec.c' due to a boundary error when handling 'radius_exec_program()' function environment variables, which could let a remote malicious user cause a Denial of Service; a vulnerability was reported in 'token.c' and 'sql_unixodbc.c' due to off-by-one errors, which could let a remote malicious user cause a Denial of Service; a vulnerability was reported in 'xlat.c' due to a boundary error when handling server replies; and a vulnerability was reported in 'rlm_ldap.c' due to an error when escaping ldap data, which could let a remote malicious user obtain sensitive information.
Upgrades available at:
ftp://ftp.freeradius.org/
pub/radius/freeradius-
1.0.5.tar.gz
Currently we are not aware of any exploits for these vulnerabilities.
|
FreeRADIUS Multiple Remote Vulnerabilities |
Medium |
Secunia Advisory: SA16712, September 8, 2005 |
Multiple Vendors
SuSE Linux Professional 9.3, x86_64, 9.2, x86_64, 9.1, x86_64, 9.0, x86_64, Linux Personal 9.3, x86_64, 9.2, x86_64, 9.1, x86_64, 9.0, x86_64; KAudioCreator |
A vulnerability has been reported in the CDDB entry title due to insufficient sanitization of user-supplied input, which could let a remote malicious user overwrite arbitrary files.
SUSE:
ftp://ftp.suse.com
/pub/suse/
There is no exploit code required. |
KAudioCreator CDDB Arbitrary File Overwrite |
Medium |
SUSE Security Summary Report, SUSE-SR:2005:020, September 12, 2005 |
Multiple Vendors
Ubuntu Linux 5.0 4 powerpc, i386, amd64,
4.1 ppc, ia64, ia32;
Rob Flynn Gaim 1.3.1, 1.3 .0, 1.2.1, 1.2 , 1.1.1 -1.1.4, 1.0-1.0.2; RedHat Enterprise Linux WS 2.1, IA64, ES 2.1, IA64, AS 2.1, IA64, Desktop 4.0, Advanced Workstation for the Itanium Processor 2.1, IA64
|
Several vulnerabilities have been reported: a buffer overflow vulnerability was reported due to the way away messages are handled, which could let a remote malicious user execute arbitrary code; and a remote Denial of Service vulnerability has been reported due to an error when handling file transfers.
Updates available at: http://gaim.sourceforge.
net/downloads.php
RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-
589.html
http://rhn.redhat.com/
errata/RHSA-2005-
627.html
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/g/gaim/
Gentoo:
http://security.gentoo.org/
glsa/glsa-200508-06.xml
SGI:
ftp://patches.sgi.com/
support/free/security/
advisories/
Mandriva:
http://www.mandriva.com/
security/advisories
Fedora:
http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates/
SUSE:
ftp://ftp.suse.com
/pub/suse/
Slackware:
ftp://ftp.slackware.com/
pub/slackware/
Conectiva:
ftp://atualizacoes.conectiva.
com.br/10/
A Proof of Concept exploit has been published for the buffer overflow vulnerability.
|
|
High |
RedHat Security Advisories, RHSA-2005:589-16 & RHSA-2005:627-11, August 9, 2005
Ubuntu Security Notice, USN-168-1, August 12, 2005
Gentoo Linux Security Advisory, GLSA 200508-06, August 15, 2005
SGI Security Advisory, 20050802-01-U, August 15, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:139, August 16, 2005
Fedora Update Notifications,
FEDORA-2005-750 & 751, August 17, 2005
SUSE Security Summary Report, SUSE-SR:2005:019, August 22, 2005
Slackware Security Advisory, SSA:2005-242-03, August 31, 2005
Slackware Security Advisory, SSA:2005-251-03, September 9, 2005
SUSE Security Summary Report, SUSE-SR:2005:020, September 12, 2005
Conectiva Linux Announcement, CLSA-2005:1006,
September 13, 2005
|
Multiple Vendors
Glyph and Cog Xpdf 3.0, pl2 & pl3; Ubuntu Linux 5.0 4 powerpc, i386, amd64;
RedHat Enterprise Linux WS 4, ES 4, AS 4, Desktop 4.0;
KDE 3.4.1, 3.4, 3.3.1, 3.3.2; GNOME GPdf 2.8.3, 2.1
|
A remote Denial of Service vulnerability has been reported when verifying malformed 'loca' table in PDF files.
RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-
670.html
http://rhn.redhat.com/
errata/RHSA-
2005-671.html
http://rhn.redhat.com/
errata/RHSA-
2005-708.html
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/x/xpdf/
KDE:
http://www.kde.org/info/
security/advisory-
20050809-1.txt
Mandriva:
http://www.mandriva.com/
security/advisories
SGI:
ftp://patches.sgi.com/
support/free/security/
advisories/
Gentoo:
http://security.gentoo.org/
glsa/glsa-200508-08.xml
Fedora:
http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates/
Debian:
http://security.debian.
org/pool/updates/
main/
k/kdegraphics/
Trustix:
http://http.trustix.org/
pub/trustix/updates/
TurboLinux:
ftp://ftp.turbolinux.co.jp/
pub/TurboLinux/
TurboLinux/ia32/
Conectiva:
ftp://atualizacoes.conectiva.
com.br/10/
Currently we are not aware of any exploits for this vulnerability.
|
XPDF Loca Table Verification Remote Denial of Service
CAN-2005-2097
|
Low |
RedHat Security Advisories, RHSA-2005:670-05 & RHSA-2005:671-03, & RHSA-2005:708-05, August 9, 2005
Ubuntu Security Notice, USN-163-1, August 09, 2005
KDE Security Advisory, 20050809-1, August 9, 2005
Mandriva Linux Security Update Advisories, MDKSA-2005:134, 135, 136 & 138, August 11, 2005
SGI Security Advisory, 20050802-01-U, August 15, 2005
Gentoo Linux Security Advisory GLSA, 200508-08, August 16, 2005
Fedora Update Notifications,
FEDORA-2005-729, 730, 732, & 733, August 15 & 17, 2005
Debian Security Advisory, DSA 780-1, August 22, 2005
Trustix Secure Linux Security Advisory, TSLSA-2005-0043, September 2, 2005
Turbolinux Security Advisory, TLSA-2005-88, September 5, 2005
Conectiva Linux Announce-ment, CLSA-2005:1010, September 13, 2005
|
Multiple Vendors
Ubuntu Linux 5.0 4 powerpc, i386, amd64, 4.1 ppc, ia64, ia32;
GNOME Evolution 2.3.1 -2.3.6 .1, 2,0- 2.2 , 1.5
|
Multiple format string vulnerabilities have been reported: a vulnerability was reported when vCard information is attached to an email message, which could let a remote malicious user execute arbitrary code; a vulnerability was reported when specially crafted contact data that has been retrieved from an LDAP server is displayed, which could let a remote malicious user execute arbitrary code; and a vulnerability was reported when specially crafted task list data that has been retrieved from remote servers and the data has been saved under the 'Calendars' tab is displayed, which could let a remote malicious user execute arbitrary code.
Updates available at:
http://ftp.gnome.org/pub/
gnome/sources/
evolution/2.3/
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/
e/evolution/
Mandriva:
http://www.mandriva.com/
security/advisories
SUSE:
ftp://ftp.suse.com
/pub/suse/
Gentoo:
http://security.gentoo.org/
glsa/glsa-200508-12.xml
RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-
267.html
SGI:
ftp://oss.sgi.com/projects/
sgi_propack/download/
3/updates/
Conectiva:
ftp://atualizacoes.conectiva.
com.br/10/
Currently we are not aware of any exploits for these vulnerabilities. |
|
High |
Secunia Advisory: SA16394, August 11, 2005
Ubuntu Security Notice, USN-166-1, August 11, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:141, August 18, 2005
SUSE Security Summary Report, SUSE-SR:2005:019, August 22, 2005
Gentoo Linux Security Advisory, GLSA 200508-12, August 23, 200
RedHat Security Advisory, RHSA-2005:267-10, August 29, 2005
SGI Security Advisory, 20050901-01-U, September 7, 2005
Conectiva Linux Announce-ment, CLSA-2005:1004, September 13, 2005 |
Multiple Vendors
Ubuntu Linux 5.0 4, i386, amd64, 4.1 ppc, ia64, ia32;
Linux kernel 2.6-2.6.13
|
A Denial of Service vulnerability has been reported in the '/proc/scsi/sg/devices' file due to a memory leak.
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/l/
A Proof of Concept exploit has been published. |
Linux Kernel SCSI ProcFS Denial of Service
CAN-2005-2800 |
Low |
Security Focus, Bugtraq ID: 14790, September 9, 2005
Ubuntu Security Notice, USN-178-1, September 09, 2005
|
Multiple Vendors
util-linux 2.8-2.13;
Andries Brouwer util-linux 2.11 d, f, h, i, k, l, n, u, 2.10 s
|
A vulnerability has been because mounted filesystem options are improperly cleared due to a design flaw, which could let a remote malicious user obtain elevated privileges.
Updates available at:
http://www.kernel.org/
pub/linux/utils/util-linux/
testing/util-linux-2.
12r-pre1.tar.gz
Slackware:
ftp://ftp.slackware.com/
pub/slackware/
There is no exploit code required. |
Util-Linux UMount Remounting Filesystem Elevated Privileges
CAN-2005-2876
|
Medium |
Security Focus, Bugtraq ID: 14816, September 12, 2005
Slackware Security Advisory, SSA:2005-255-02, September 13, 2005 |
Multiple Vendors
XFree86 X11R6 4.3 .0,
4.1 .0; X.org X11R6 6.8.2;
RedHat Enterprise Linux WS 2.1, IA64, ES 2.1, IA64, AS 2.1, IA64, Advanced Workstation for the Itanium Processor 2.1, IA64; Gentoo Linux |
A buffer overflow vulnerability has been reported in the pixmap processing code, which could let a malicious user execute arbitrary code and possibly obtain superuser privileges.
Gentoo:
http://security.gentoo.org/
glsa/glsa-200509-07.xml
RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-329.html
http://rhn.redhat.com/
errata/RHSA-2005-396.html
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/x/xfree86/
Mandriva:
http://www.mandriva.com/
security/advisories?name
=MDKSA-2005:164
Currently we are not aware of any exploits for this vulnerability. |
|
High |
Gentoo Linux Security Advisory, GLSA 200509-07, September 12, 2005
RedHat Security Advisory, RHSA-2005:329-12 & RHSA-2005:396-9, September 12 & 13, 2005
Ubuntu Security Notice, USN-182-1, September 12, 2005
Mandriva Security Advisory, MDKSA-2005:164, September 13, 2005
US-CERT VU#102441
|
netpbm
10.0 |
A vulnerability has been reported in netpbm ('-dSAFER') that could let malicious users execute arbitrary postscript code.
Trustix:
ftp://ftp.trustix.org/pub/
trustix/updates/
Gentoo:
http://security.gentoo.org/
glsa/glsa-200508-04.xml
Mandriva:
http://www.mandriva.com/
security/advisories
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/n/
netpbm-free/
Fedora:
http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates/
SUSE:
ftp://ftp.suse.com
/pub/suse/
RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-
743.html
SGI:
ftp://oss.sgi.com/projects/
sgi_propack/download/
3/updates/
There is no exploit code required. |
netpbm Arbitrary Code Execution
CAN-2005-2471
|
High |
Secunia Advisory: SA16184, July 25, 2005
Trustix Secure Linux Security Advisory, #2005-0038, July 29, 2005
Gentoo Linux Security Advisory, GLSA 200508-04, August 5, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:133, August 10, 2005
Ubuntu Security Notice, USN-164-1, August 11, 2005
Fedora Update Notifications,
FEDORA-2005-727 & 728, August 17, 2005
SUSE Security Summary Report, SUSE-SR:2005:019, August 22, 2005
RedHat Security Advisory, RHSA-2005:743-08, August 22, 2005
SGI Security Advisory, 20050901-01-U, September 7, 2005 |
Open Webmail
Open Webmail 2.41
|
A Cross-Site Scripting vulnerability has been reported in 'openwebmail-main.pl' due to insufficient sanitization of the 'sessionid' parameter, which could let a remote malicious user execute arbitrary HTML and script code.
No workaround or patch available at time of publishing.
There is no exploit code required. |
Open WebMail Cross-Site Scripting |
Medium |
Security Focus, Bugtraq ID: 14771, September 7, 2005 |
PCRE
PCRE 6.1, 6.0, 5.0 |
A vulnerability has been reported in 'pcre_compile.c' due to an integer overflow, which could let a remote/local malicious user potentially execute arbitrary code.
Updates available at:
http://www.pcre.org/
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/p/pcre3/
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/
Fedora:
http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates/
Gentoo:
http://security.gentoo.org/
glsa/glsa-200508-17.xml
Mandriva:
http://www.mandriva.com/
security/advisories
SUSE:
ftp://ftp.SUSE.com/
pub/SUSE
Slackware:
ftp://ftp.slackware.com/
pub/slackware/
Ubuntu:
http://security.ubuntu.
com/ubuntu/
pool/main/
Debian:
http://security.debian.
org/pool/updates/
main/p/pcre3/
SUSE:
ftp://ftp.SUSE.com/
pub/SUSE
Slackware:
ftp://ftp.slackware.com/
pub/slackware/
slackware-10.1/
testing/packages/
php-5.0.5/php-
5.0.5-i486-1.tgz
Gentoo:
http://security.gentoo.org/
glsa/glsa-200509-08.xml
Conectiva:
ftp://atualizacoes.conectiva.
com.br/10/
Currently we are not aware of any exploits for this vulnerability. |
|
High |
Secunia Advisory: SA16502, August 22, 2005
Ubuntu Security Notice, USN-173-1, August 23, 2005
Ubuntu Security Notices, USN-173-1 & 173-2, August 24, 2005
Fedora Update Notifications,
FEDORA-2005-802 & 803, August 24, 2005
Gentoo Linux Security Advisory, GLSA 200508-17, August 25, 2005
Mandriva Linux Security Update Advisories, MDKSA-2005:151-155, August 25, 26, & 29, 2005
SUSE Security Announcements, SUSE-SA:2005:048 & 049, August 30, 2005
Slackware Security Advisories, SSA:2005-242-01 & 242-02 , August 31, 2005
Ubuntu Security Notices, USN-173-3, 173-4 August 30 & 31, 2005
Debian Security Advisory, DSA 800-1, September 2, 2005
SUSE Security Announcement, SUSE-SA:2005:051, September 5, 2005
Slackware Security Advisory, SSA:2005-251-04, September 9, 2005
Gentoo Linux Security Advisory, GLSA 200509-08, September 12, 2005
Conectiva Linux Announce-ment, CLSA-2005:1009, September 13, 2005 |
Snort Project
Snort 2.4 .0, 2.3.0-2.3.3, 2.2, 2.1.3, 2.1.1 RC1, 2.1 .0, 2.0.6, 2.0.4, 2.0 rc2, 2.0 .0rc1, 2.0
|
A remote Denial of Service vulnerability has been reported in 'log.c' in the 'PrintTcpOptions()' function due to a failure to handle malicious TCP packets.
No workaround or patch available at time of publishing.
An exploit script has been published.
|
Snort 'PrintTcpOptions' Remote Denial of Service |
Low |
Snort Advisory, September 12, 2005 |
Squid Web Proxy
Squid Web Proxy Cache 2.5 & prior |
A remote Denial of Service vulnerability has been reported in the 'storeBuffer()' function when handling aborted requests.
Patches available at:
http://www.squid-
cache.org/Versions/
v2/2.5/bugs/squid-
2.5.STABLE
10-STORE_PENDING.patch
Gentoo:
http://security.gentoo.org/
glsa/glsa-200509-06.xml
OpenPKG:
ftp://ftp.openpkg.org/
release/
Mandriva:
http://www.mandriva.com/
security/advisories
Debian:
http://security.debian.org/
pool/updates/main/
s/squid/
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/universe/
s/squid/
Currently we are not aware of any exploits for this vulnerability.
|
|
Low |
Security Tracker Alert ID: 1014864, September 7, 2005
Gentoo Linux Security Advisory GLSA 200509-06, September 7, 2005
OpenPKG Security Advisory, OpenPKG-SA-2005.021, September 10, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:162, September 12, 2004
Debian Security Advisory, DSA 809-1, September 13, 2005
Ubuntu Security Notice, USN-183-1, September 13, 2005
|
Squid Web Proxy
Squid Web Proxy Cache 2.5 .STABLE1-STABLE 10, 2.4 .STABLE6 & 7, STABLE 2, 2.4, 2.3 STABLE 4&5, 2.1 Patch 2, 2.0 Patch 2 |
A remote Denial of Service vulnerability has been reported in '/squid/src/ssl.c' when a malicious user triggers a segmentation fault in the 'sslConnectTimeout()' function.
Patches available at:
http://www.squid-
cache.org/Versions/
v2/2.5/bugs/squid-
2.5.STABLE10-ssl
ConnectTimeout.patch
Trustix:
http://http.trustix.org/
pub/trustix/updates/
OpenPKG:
ftp://ftp.openpkg.org/
release/
Mandriva:
http://www.mandriva.com/
security/advisories
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/s/squid/
Debian:
http://security.debian.org/
pool/updates/main/
s/squid/
There is no exploit code required. |
Squid 'sslConnect
Timeout()' Remote Denial of Service
CAN-2005-2796 |
Low |
Security Tracker Alert ID: 1014846, September 2, 2005
Trustix Secure Linux Security Advisory, TSLSA-2005-0047, September 9, 2005
OpenPKG Security Advisory, OpenPKG-SA-2005.021, September 10, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:162, September 12, 2005
Ubuntu Security Notice, USN-183-1, September 13, 2005
Debian Security Advisory, DSA 809-1, September 13, 2005
|
TMSNC
TMSNC 0.2.4 |
A format string vulnerability has been reported in 'ur.c' when the 'wprintw()' function is used, which could let a remote malicious user execute arbitrary code.
Upgrade available at:
http://prdownloads.sourceforge.
net/tmsnc/tmsnc-0.2.5.tar.gz
?download
Currently we are not aware of any exploits for this vulnerability.
|
TMSNC Format String |
High |
Securit | |
| |
