 |
Summary of Security Items from September 14 through September 20, 2005
Information in the US-CERT Cyber Security Bulletin is a compilation and includes information published by outside sources, therefore the information should not be considered the result of US-CERT analysis. Software vulnerabilities are categorized in the appropriate section reflecting the operating system on which the vulnerability was reported; however, this does not mean that the vulnerability only affects the operating system reported since this information is obtained from open-source information.
This bulletin provides a summary of new or updated vulnerabilities, exploits, trends, viruses, and trojans. Updates to vulnerabilities that appeared in previous bulletins are listed in bold text. The text in the Risk column appears in red for vulnerabilities ranking High. The risks levels applied to vulnerabilities in the Cyber Security Bulletin are based on how the "system" may be impacted. The Recent Exploit/Technique table contains a "Workaround or Patch Available" column that indicates whether a workaround or patch has been published for the vulnerability which the script exploits.
Vulnerabilities
The table below summarizes vulnerabilities that have been identified, even if they are not being exploited. Complete details about patches or workarounds are available from the source of the information or from the URL provided in the section. CVE numbers are listed where applicable. Vulnerabilities that affect both Windows and Unix Operating Systems are included in the Multiple Operating Systems section.
Note: All the information included in the following tables has been discussed in newsgroups and on web sites.
The Risk levels defined below are based on how the system may be impacted:
Note: Even though a vulnerability may allow several malicious acts to be performed, only the highest level risk will be defined in the Risk column.
- High - A high-risk vulnerability is defined as one that will allow an intruder to immediately gain privileged access (e.g., sysadmin or root) to the system or allow an intruder to execute code or alter arbitrary system files. An example of a high-risk vulnerability is one that allows an unauthorized user to send a sequence of instructions to a machine and the machine responds with a command prompt with administrator privileges.
- Medium - A medium-risk vulnerability is defined as one that will allow an intruder immediate access to a system with less than privileged access. Such vulnerability will allow the intruder the opportunity to continue the attempt to gain privileged access. An example of medium-risk vulnerability is a server configuration error that allows an intruder to capture the password file.
- Low - A low-risk vulnerability is defined as one that will provide information to an intruder that could lead to further compromise attempts or a Denial of Service (DoS) attack. It should be noted that while the DoS attack is deemed low from a threat potential, the frequency of this type of attack is very high. DoS attacks against mission-critical nodes are not included in this rating and any attack of this nature should instead be considered to be a "High" threat.
| Windows Operating Systems Only |
Vendor & Software Name |
Vulnerability - Impact
Patches - Workarounds
Attacks Scripts |
Common Name /
CVE Reference |
Risk |
Source |
AhnLab
AhnLab V3 prior to 6.0.0.457 |
Multiple vulnerabilities have been reported in AhnLab V3 that could let local malicious users obtain elevated privileges, obtain arbitrary file access, or execute arbitrary code.
Upgrade to version 6.0.0.457:
http://info.ahnlab.com/
english/advisory/01.html
Currently we are not aware of any exploits for this vulnerability.
|
AhnLab V3 DeviceIoControl Multiple Vulnerabilities
CAN-2005-3030
CAN-2005-3029
CAN-2005-3028
|
High |
Security Tracker, Alert ID: 1014908, September 15, 2005 |
Cambridge Computer Corporation
vxFtpSrv 0.9.7 |
A buffer overflow vulnerability has been reported in vxFtpSrv that could let remote malicious users execute arbitrary code.
No workaround or patch available at time of publishing.
A Proof of Concept exploit script has been published. |
vxFtpSrv Arbitrary Code Execution
CAN-2005-3031
|
High |
Security Tracker, Alert ID: 1014911, September 15, 2005 |
Cambridge Computer Corporation
vxTftpSrv 1.7.0 |
A buffer overflow vulnerability has been reported in vxTftpSrv that could let remote malicious users execute arbitrary code.
No workaround or patch available at time of publishing.
Currently we are not aware of any exploits for this vulnerability. |
vxTftpSrv Arbitrary Code Execution
CAN-2005-3032 |
High |
Security Tracker, Alert ID: 1014912, September 15, 2005 |
Cambridge Computer Corporation
vxWeb 1.1.4 |
A vulnerability has been reported in vxWeb that could let remote malicious users cause a Denial of Service.
No workaround or patch available at time of publishing.
A Proof of Concept exploit script has been published. |
vxWeb Denial of Service
CAN-2005-3033
|
Low |
Security Tracker, Alert ID: 1014910, September 15, 2005 |
Compuware
DriverStudio 2.7 and 3.0 beta 2 |
Multiple vulnerabilities have been reported in DriverStudio that could let local malicious users obtain elevated privileges or execute arbitrary code.
No workaround or patch available at time of publishing.
There is no exploit code required; however, a Proof of Concept exploit script has been published. |
Compuware DriverStudio Privilege Elevation or Arbitrary Code Execution
CAN-2005-3034
CAN-2005-3035 |
Medium |
Security Focus, ID: 14838, 14837, September 15, 2005 |
Digger Solutions
Intranet Open Source 2.7.2 |
A vulnerability has been reported in Intranet Open Source that could let remote malicious users perform SQL injection.
No workaround or patch available at time of publishing.
There is no exploit code required. |
Digger Solutions Intranet Open Source SQL Injection |
Medium |
Security Focus, ID: 14882, September 20, 2005 |
| File Transfer Anywhere 3.01 |
A vulnerability has been reported in File Transfer Anywhere that could let local malicious users disclose password information.
A vendor fix is available, contact the vendor.
There is no exploit code required. |
File Transfer Anywhere Passwords Disclosure
CAN-2005-3036
|
Medium |
Security Tracker, Alert ID: 1014919, September 16, 2005 |
Handy Address Book
Handy Address Book Server 1.1
|
An input validation vulnerability has been reported in Handy Address Book Server that could let remote malicious users conduct Cross-Site Scripting.
No workaround or patch available at time of publishing.
There is no exploit code required; however, a Proof of Concept exploit script has been published. |
|
Medium |
Security Tracker, Alert ID: 1014901, September 15, 2005 |
| Hosting Controller 6.1 with HF2.3 |
A vulnerability has been reported in Hosting Controller that could let remote malicious users disclose information.
A vendor hotfix (2.4) is available:
http://hostingcontroller.com/
english/logs/hotfixlogv61_2_4.html
Currently we are not aware of any exploits for this vulnerability. |
Hosting Controller Information Disclosure
CAN-2005-3038 |
Medium |
Secunia, Advisory: SA16824, September 15, 2005 |
IBM
Clearquest 2003.06.15, 2003.06.14, 2003.06.13, 2003.06.12, 2003.06.10, 2003.06.00, 2002.05.20, 2002.05.00 |
Cross-Site Scripting vulnerabilities have been in XML Style Sheets due to insufficient sanitization of certain parameters, which could let a remote malicious user execute arbitrary HTML and script code.
Upgrades available at:
http://www-1.ibm.com/
support/docview.wss?
uid=swg24010127&rs
=0&cs=utf-8 &context=
SSSH5A&dc=D400&
loc=en_US&lang=en&cc=US
There is no exploit code required. |
IBM Rational ClearQuest Multiple Cross-Site Scripting
CAN-2005-2994
|
Medium |
IBM Security Advisory, September 20, 2005 |
Mall23
Mall23 eCommerce |
An input validation vulnerability has been reported Mall23 eCommerce ('infopage.asp') that could let remote malicious users perform SQL injection.
A vendor patch is available, contact the vendor.
There is no exploit code required; however, a Proof of Concept exploit script has been published. |
Mall23 SQL Injection
CAN-2005-3039
|
Medium |
Security Tracker, Alert ID: 1014882, September 12, 2005
Security Focus, ID: 14803, September 19, 2005 |
Sybari
Antigen for Exchange 8.0 SR2 |
A vulnerability has been reported in Antigen for SMTP/ Exchange that could let remote malicious users bypass security restrictions.
A vendor update is available:
http://www.sybari.com/portal/
alias__Rainbow/lang__en-US/
tabID__3359/DesktopDefault.aspx
There is no exploit code required. |
Sybari Antigen for Exchange Security Bypass
CAN-2005-3027
|
Medium |
Security Tracker, Alert ID: 1014934, September 19, 2005 |
TAC
Vista 4.0 |
An input validation vulnerability has been reported in Vista that could let remote malicious users traverse directories.
Upgrade to version 4.3:
There is no exploit code required; however, a Proof of Concept exploit script has been published. |
TAC Vista Directory Traversal
CAN-2005-3040
|
Medium |
Security Tracker, Alert ID: 1014923, September 16, 2005 |
VERITAS
Storage Exec 5.3 rev2190R
StorageCentral 5.2 rev322 |
A buffer overflow vulnerability has been reported in Storage Exec/ StorageCentral that could let remote malicious users execute arbitrary code.
A vendor fix is available:
http://support.veritas.
com/docs/277566
Currently we are not aware of any exploits for this vulnerability. |
Storage Exec/ StorageCentral Arbitrary Code Execution
CAN-2005-2996
|
High |
Secunia Advisory: SA16871, September 20, 2005 |
Xclusive-software
Multi-Computer Control System 1.1 |
A vulnerability has been reported in Multi-Computer Control System that could let remote malicious users cause a Denial of Service.
No workaround or patch available at time of publishing.
Currently we are not aware of any exploits for this vulnerability. |
Multi-Computer Control System Denial of Service
CAN-2005-3002 |
Low |
Secunia, Advisory: SA16865, September 19, 2005 |
[back to
top]
| UNIX / Linux Operating Systems Only |
Vendor & Software Name |
Vulnerability - Impact
Patches - Workarounds
Attacks Scripts |
Common Name /
CVE Reference |
Risk |
Source |
Apache Software Foundation
Apache 2.0.x |
A vulnerability has been reported in 'modules/ssl/ssl_engine
_kernel.c' because the 'ssl_hook_Access()' function does not properly enforce the 'SSLVerifyClient require' directive in a per-location context if a virtual host is configured with the 'SSLVerifyCLient optional' directive, which could let a remote malicious user bypass security policies.
Patch available at:
http://svn.apache.org/
viewcvs?rev=264800
&view=rev
OpenPKG:
ftp://ftp.openpkg.org/
release/
RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-
608.html
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/
a/apache2/
SGI:
ftp://oss.sgi.com/projects/
sgi_propack/download/
3/updates/
Debian:
http://security.debian.org/
pool/updates/main/
a/apache2/
Mandriva:
http://www.mandriva.com/
security/advisories
Slackware:
ftp://ftp.slackware.com/
pub/slackware/
Trustix:
http://http.trustix.org/
pub/trustix/updates/
Debian:
http://security.debian.org/
pool/updates/main/liba/
Gentoo:
http://security.gentoo.org/
glsa/glsa-200509-12.xml
There is no exploit code required. |
Apache 'Mod_SSL SSLVerifyClient' Restriction Bypass
CAN-2005-2700 |
Medium |
Security Tracker Alert ID: 1014833, September 1, 2005
OpenPKG Security Advisory, OpenPKG-SA-2005.017, September 3, 2005
RedHat Security Advisory, RHSA-2005:608-7, September 6, 2005
Ubuntu Security Notice, USN-177-1, September 07, 2005
SGI Security Advisory, 20050901-01-U, September 7, 2005
Debian Security Advisory, DSA 805-1, September 8, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:161, September 8, 2005
Slackware Security Advisory, SSA:2005-251-02, September 9, 2005
Trustix Secure Linux Security Advisory, TSLSA-2005-0047, September 9, 2005
Debian Security Advisory DSA 807-1, September 12, 2005
US-CERT VU#744929
Gentoo Linux Security Advisory, GLSA 200509-12, September 19, 2005 |
Apple
Safari 2.0.1, 2.0, 1.3, 1.2-1.2.3, 1.0, 1.1
|
A vulnerability has been reported when the browser opens specific 'data:' URLs, which could lead to a Denial of Service.
No workaround or patch available at time of publishing.
A Proof of Concept exploit has been published. |
|
Low |
Security Focus, Bugtraq ID: 14868, September 17, 2005 |
ARC
ARC 5.21 j
|
A vulnerability was reported due to the insecure creation of temporary new archives by 'arc' and 'marc' before renamed to the user specified filename, which could let a malicious user obtain sensitive information.
No workaround or patch available at time of publishing.
There is no exploit code required.
|
|
Medium |
Secunia Advisory: SA16805, September 16, 2005 |
Bacula
Bacula 1.36 .3 |
Vulnerabilities have been reported in 'autoconf/randpass' and 'scripts/mtx-changer.in' due to the insecure creation of temporary files, which could let a remote malicious user create/overwrite arbitrary files.
The vulnerabilities have been fixed in the CVS repositories.
There is no exploit code required. |
|
Medium |
Secunia Advisory: SA16866, September 20, 2005 |
Clam Anti-Virus
ClamAV 0.80 -0.86.2, 0.70, 0.65-0.68, 0.60, 0.51-0.54 |
Several vulnerabilities have been reported: a buffer overflow vulnerability was reported in 'libclamav/upx.c' due to a signedness error, which could let a malicious user execute arbitrary code; and a remote Denial of Service vulnerability was reported in 'libclamav/fsg.c' when handling a specially -crafted FSG-compressed executable file.
Upgrades available at:
http://sourceforge.net/project/
showfiles.php?group
_id=86638
Gentoo:
http://security.gentoo.org/
glsa/glsa-200509-13.xml
Currently we are not aware of any exploits for these vulnerabilities.
|
|
High |
Secunia Advisory: SA16848, September 19, 2005
Gentoo Linux Security Advisory, GLSA 200509-13, September 19, 2005 |
Easy Software Products
CUPS prior to 1.1.21rc1
|
A vulnerability has been reported in incoming print jobs due to a failure to properly apply ACLs (Access Control List), which could let a remote malicious user bypass ACLs.
Upgrades available at: http://www.cups.org/
software.php
RedHat:
http://rhn.redhat.com/errata/
RHSA-2005-571.html
Fedora:
http://download.
fedoralegacy.org/fedora/
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/c/cupsys/
There is no exploit code required. |
Easy Software Products CUPS Access Control
List Bypass
CAN-2004-2154
|
Medium |
Security
Tracker Alert ID: 1014482,
July 14, 2005
RedHat
Security Advisory,
RHSA-2005:
571-06,
July 14, 2005
Fedora Legacy Update Advisory, FLSA:163274, September 14, 2005
Ubuntu Security Notice, USN-185-1, September 20, 2005
|
Gnome Development Team
Gnome Workstation Command Center 0.9.8
|
A vulnerability has been reported due to the insecure creation of the 'gwcc_out.txt' temporary file, which could let a malicious user create/overwrite arbitrary files.
No workaround or patch available at time of publishing.
There is no exploit code required.
|
GNOME Workstation Command Center Insecure Temporary File Creation
CAN-2005-2944
|
Medium |
Security Focus, Bugtraq ID: 14857, September 16, 2005 |
GNU
Mailutils 0.6
|
A format string vulnerability has been reported in 'search.c' when processing user-supplied IMAP SEARCH commands, which could let a remote malicious user execute arbitrary code.
Patch available at:
http://savannah.gnu.org/
patch/download.php?
item_id=4407&item_
file_id=5 160
Gentoo:
http://security.gentoo.org/
glsa/glsa-200509-10.xml
A Proof of Concept exploit script has been published.
|
GNU Mailutils Format String
CAN-2005-2878 |
High |
Security Tracker Alert ID: 1014879, September 9, 2005
Gentoo Linux Security Advisory, GLSA 200509-10, September 17, 2005 |
GNU
Texinfo 4.7 |
A vulnerability has been reported in 'textindex.c' due to insecure creation of temporary files by the 'sort_offline()' function, which could let a malicious user create/ overwrite arbitrary files.
No workaround or patch available at time of publishing.
There is no exploit code required.
|
|
Medium |
Security Focus, Bugtraq ID: 14854, September 15, 2005 |
Grip
Grip 3.1.2, 3.2 .0 |
A buffer overflow vulnerability has been reported in the CDDB protocol due to a boundary error, which could let a remote malicious user cause a Denial of Service and possibly execute arbitrary code.
Fedora:
http://download.fedora.redhat.
com/pub/fedora/linux/core/
updates
Gentoo:
http://security.gentoo.org/
glsa/glsa-200503-21.xml
RedHat:
http://rhn.redhat.com/errata/
RHSA-2005-304.html
Mandrake:
http://www.mandrakesecure.
net/en/ftp.php
Gentoo:
http://security.gentoo.org/
glsa/glsa-200504-07.xml
SUSE:
ftp://ftp.SUSE.com/
pub/SUSE
Mandrake:
http://www.mandrakesecure.
net/en/ftp.php
Peachtree:
http://peachtree.burdell.org/
updates/
FedoraLegacy:
http://download.fedoralegacy.
org/fedora/
Currently we are not aware of any exploits for this vulnerability. |
|
|
Fedora Update Notifications,
FEDORA-2005-
202 & 203,
March 9, 2005
Gentoo Linux
Security Advisory,
GLSA 200503-21,
March 17, 2005
RedHat Security Advisory, RHSA-2005:304-08,
March 28, 2005
Mandrakelinux Security Update Advisory,
MDKSA-2005:066,
April 3, 2005
Gentoo Linux Security Advisory, GLSA 200504-07, April 8, 2005
SUSE Security Summary Report, SUSE-SR:2005:010, April 8, 2005
Mandriva Linux Security Update Advisories, MDKSA-2005:074 & 075, April 21, 2005
Peachtree Linux Security Notice, PLSN-0007, April 22, 2005
Fedora Legacy Update Advisory, FLSA:152919, September 15, 2005 |
GtkDiskFree
GtkDiskFree 1.9.3 |
A vulnerability has been reported in the 'src/mount.c' file due to the insecure creation of temporary files, which could let a malicious user cause a Denial of Service or overwrite files.
No workaround or patch available at time of publishing.
There is no exploit code required. |
|
Medium |
ZATAZ Audits Advisory, September 15, 2005 |
Hewlett Packard Company
Tru64 5.1 B-3, 5.1 B-2 PK4, 5.1 A PK, 4.0 G PK4, 4.0 F PK8 |
A remote Denial of Service vulnerability has been reported caused due to an unspecified error in the FTP daemon.
Upgrades available at:
http://h20000.www2.hp.com/
bizsupport/TechSupport/
Document.jsp?objectID=
PSD_HPSBTU01227
Currently we are not aware of any exploits for this vulnerability.
|
|
Low |
HP Security Bulletin,
HPSBTU01227, September 20, 2005 |
LibTIFF
LibTIFF 3.4, 3.5.1-3.5.5, 3.5.7, 3.6 .0, 3.6.1, 3.7, 3.7.1 |
A buffer overflow vulnerability has been reported in the 'TIFFOpen()' function when opening malformed TIFF files, which could let a remote malicious user execute arbitrary code.
Patches available at:
http://bugzilla.remotesensing.org/
attachment.cgi?id=238
Gentoo:
http://security.gentoo.org/
glsa/glsa-200505-07.xml
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/t/tiff/
SuSE:
ftp://ftp.suse.com/pub/suse/
TurboLinux:
ftp://ftp.turbolinux.co.jp/pub/
TurboLinux/TurboLinux/ia32/
Debian:
http://security.debian.org/
pool/updates/main/t/tiff/
SCO:
ftp://ftp.sco.com/pub/
updates/UnixWare/
SCOSA-2005.34
Currently we are not aware of any exploits for this vulnerability. |
|
High |
Gentoo Linux Security Advisory, GLSA 200505-07, May 10, 2005
Ubuntu Security Notice,
USN-130-1, May 19, 2005
SUSE Security Summary Report, SUSE-SR:2005:014,
June 7, 2005
Turbolinux
Security Advisory, TLSA-2005-72, June 28, 2005
Debian Security Advisory, DSA 755-1, July 13, 2005
SCO Security Advisory,
SCOSA-2005.34,
September 19, 2005 |
LineControl
LineContol Java Client 0.8 |
A vulnerability has been reported in 'AuthInfo.java' due to an error, which could let a malicious user obtain password information.
Upgrade available at:
http://prdownloads.
sourceforge.net/linecontrol/
jlc-0.8.1.tar.gz
There is no exploit code required. |
|
Medium |
Secunia Advisory: SA16817, September 14, 2005 |
lm_sensors
lm_sensors 2.9.1
|
A vulnerability has been reported in the 'pwmconfig' script due to the insecure creation of temporary files, which could result in a loss of data or a Denial of Service.
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/
l/lm-sensors/
Mandriva:
http://www.mandriva.com/
security/advisories
Gentoo:
http://security.gentoo.org/
glsa/glsa-200508-19.xml
Debian:
http://security.debian.org/
pool/updates/main/
l/lm-sensors/
There is no exploit code required. |
LM_sensors PWMConfig Insecure Temporary File Creation
CAN-2005-2672
|
Low |
Security Focus, Bugtraq ID: 14624, August 22, 2005
Ubuntu Security Notice, USN-172-1, August 23, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:149, August 25, 2005
Gentoo Linux Security Advisory, GLSA 200508-19, August 30, 2005
Debian Security Advisory, DSA 814-1, September 15, 2005
|
MasqMail
MasqMail 0.2.18 |
Several vulnerabilities have been reported: a vulnerability was reported in the email address due to a sanitization error when the message fails to be sent, which could let a malicious user execute arbitrary commands with privileges of the mail user; and a vulnerability was reported when handling log files due to an unspecified error, which could let a remote malicious user overwrite arbitrary files.
Mandriva:
http://www.mandriva.com/
security/advisories
There is no exploit code required.
|
MasqMail Elevated Privileges
CAN-2005-2662
CAN-2005-2663 |
Medium |
Mandriva Linux Security Update Advisory, MDKSA-2005:168, September 20, 2005 |
Multiple Vendors
Glyph and Cog Xpdf 3.0, pl2 & pl3; Ubuntu Linux 5.0 4 powerpc, i386, amd64;
RedHat Enterprise Linux WS 4, ES 4, AS 4, Desktop 4.0;
KDE 3.4.1, 3.4, 3.3.1, 3.3.2; GNOME GPdf 2.8.3, 2.1
|
A remote Denial of Service vulnerability has been reported when verifying malformed 'loca' table in PDF files.
RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-
670.html
http://rhn.redhat.com/
errata/RHSA-
2005-671.html
http://rhn.redhat.com/
errata/RHSA-
2005-708.html
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/x/xpdf/
KDE:
http://www.kde.org/info/
security/advisory-
20050809-1.txt
Mandriva:
http://www.mandriva.com/
security/advisories
SGI:
ftp://patches.sgi.com/
support/free/security/
advisories/
Gentoo:
http://security.gentoo.org/
glsa/glsa-200508-08.xml
Fedora:
http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates/
Debian:
http://security.debian.
org/pool/updates/
main/
k/kdegraphics/
Trustix:
http://http.trustix.org/
pub/trustix/updates/
TurboLinux:
ftp://ftp.turbolinux.co.jp/
pub/TurboLinux/
TurboLinux/ia32/
Conectiva:
ftp://atualizacoes.conectiva.
com.br/10/
Mandriva:
http://www.mandriva.com/
security/advisories
Currently we are not aware of any exploits for this vulnerability.
|
XPDF Loca Table Verification Remote Denial of Service
CAN-2005-2097
|
Low |
RedHat Security Advisories, RHSA-2005:670-05 & RHSA-2005:671-03, & RHSA-2005:708-05, August 9, 2005
Ubuntu Security Notice, USN-163-1, August 09, 2005
KDE Security Advisory, 20050809-1, August 9, 2005
Mandriva Linux Security Update Advisories, MDKSA-2005:134, 135, 136 & 138, August 11, 2005
SGI Security Advisory, 20050802-01-U, August 15, 2005
Gentoo Linux Security Advisory GLSA, 200508-08, August 16, 2005
Fedora Update Notifications,
FEDORA-2005-729, 730, 732, & 733, August 15 & 17, 2005
Debian Security Advisory, DSA 780-1, August 22, 2005
Trustix Secure Linux Security Advisory, TSLSA-2005-0043, September 2, 2005
Turbolinux Security Advisory, TLSA-2005-88, September 5, 2005
Conectiva Linux Announce-ment, CLSA-2005:1010, September 13, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:138-1, September 19, 2005
|
Multiple Vendors
Larry Wall Perl 5.0 05_003, 5.0 05, 5.0 04_05, 5.0 04_04, 5.0 04, 5.0 03, 5.6, 5.6.1, 5.8, 5.8.1, 5.8.3, 5.8.4 -5, 5.8.4 -4, 5.8.4 -3, 5.8.4 -2.3, 5.8.4 -2, 5.8.4 -1, 5.8.4, 5.8.5, 5.8.6 |
A vulnerability has been reported in the 'rmtree()' function in the 'File::Path.pm' module when handling directory permissions while cleaning up directories, which could let a malicious user obtain elevated privileges.
A fixed version (5.8.4 or later) is available at:
http://www.perl.com/CPAN/src/
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/universe/p/perl/
Gentoo:
http://security.gentoo.org/glsa/
glsa-200501-38.xml
Debian:
http://security.debian.org/pool
/updates/main/p/perl/
TurboLinux:
ftp://ftp.turbolinux.co.jp/pub/
TurboLinux/TurboLinux/ia32/
Mandrake:
http://www.mandrakesecure.net/
en/ftp.php
HP:
http://software.hp.com/
Fedora:
http://download.fedora.
redhat.com/ pub/fedora/linux/
core/updates/3/
Avaya:
http://support.avaya.com/
elmodocs2/security/
ASA-2005-196.pdf
Currently we are not aware of any exploits for this vulnerability. |
|
Medium |
Ubuntu Security Notice, USN-94-1 March 09, 2005
Gentoo Linux Security Advisory [UPDATE], GLSA 200501-38:03, March 15, 2005
Debian Security Advisory, DSA 696-1 , March 22, 2005
Turbolinux Security Advisory, TLSA-2005-45, April 19, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:079, April 29, 2005
HP Security Bulletin, HPSBUX01208, June 16, 2005
Secunia, Advisory: SA16193, July 25, 2005
Avaya Security Advisory, ASA-2005-196, September 13, 2005 |
Multiple Vendors
zlib 1.2.2, 1.2.1, 1.2 .0.7, 1.1-1.1.4, 1.0-1.0.9; Ubuntu Linux 5.0 4, powerpc, i386, amd64, 4.1 ppc, ia64, ia32; SuSE Open-Enterprise-Server 9.0, Novell Linux Desktop 9.0, Linux Professional 9.3, x86_64, 9.2, x86_64, 9.1, x86_64, Linux Personal 9.3, x86_64, 9.2, x86_64, 9.1, x86_64, Linux Enterprise Server 9; Gentoo Linux;
FreeBSD 5.4, -RELENG, -RELEASE, -PRERELEASE, 5.3, -STABLE, -RELENG, -RELEASE;
Debian Linux 3.1, sparc, s/390, ppc, mipsel, mips, m68k, ia-64, ia-32, hppa, arm, alpha; zsync 0.4, 0.3-0.3.3, 0.2-0.2.3 , 0.1-0.1.6 1, 0.0.1-0.0.6
|
A buffer overflow vulnerability has been reported due to insufficient validation of input data prior to utilizing it in a memory copy operation, which could let a remote malicious user execute arbitrary code.
Debian:
ftp://security.debian.org
/pool/updates/
main/z/zlib/
FreeBSD:
ftp://ftp.FreeBSD.org/pub/
FreeBSD/CERT/patches/
SA-05:16/zlib.patch
Gentoo:
http://security.gentoo.org/
glsa/glsa-200507-05.xml
SUSE:
ftp://ftp.suse.com
/pub/suse/
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/z/zlib/
Mandriva:
http://www.mandriva.com/
security/advisories
OpenBSD:
http://www.openbsd.org/
errata.html
OpenPKG:
ftp.openpkg.org
RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-
569.html
Trustix:
http://http.trustix.org/pub/
trustix/updates/
Slackware:
ftp://ftp.slackware.com/
pub/slackware/
TurboLinux:
ftp://ftp.turbolinux.co.jp/
pub/TurboLinux/
TurboLinux/
ia32/Server/10
Fedora:
http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates/
zsync:
http://prdownloads.
sourceforge.net/zsync/
zsync-0.4.1.tar.gz?
download
Apple:
http://docs.info.apple.com/
article.html?artnum=302163
SCO:
ftp://ftp.sco.com/pub/
updates/UnixWare/
SCOSA-2005.33
IPCop:
http://sourceforge.net/
project/showfiles.php
?group_id=40604&
package_id = 35093
&release_id=351848
Debian:
http://security.debian.org/
pool/updates/main/
z/zsync/
Trolltech:
ftp://ftp.trolltech.com/
qt/source/qt-x11-free-
3.3.5.tar.gz
FedoraLegacy:
http://download.fedoralegacy.
org/fedora/
Currently we are not aware of any exploits for this vulnerability. |
|
High |
Debian Security Advisory
DSA 740-1,
July 6, 2005
FreeBSD Security Advisory,
FreeBSD-SA-05:16, July 6, 2005
Gentoo Linux Security Advisory, GLSA 200507-
05, July 6, 2005
SUSE Security Announcement, SUSE-SA:2005:039,
July 6, 2005
Ubuntu Security Notice,
USN-148-1, July 06, 2005
RedHat Security Advisory, RHSA-2005:569-03,
July 6, 2005
Fedora Update Notifications,
FEDORA-2005-523, 524,
July 7, 2005
Mandriva Linux Security Update Advisory,
MDKSA-2005:11, July 7, 2005
OpenPKG
Security Advisory, OpenPKG-SA-2005.013,
July 7, 2005
Trustix Secure
Linux Security Advisory,
TSLSA-2005-
0034, July 8,
2005
Slackware Security
Advisory, SSA:2005-
189-01,
July 11, 2005
Turbolinux Security
Advisory, TLSA-2005-77,
July 11, 2005
Fedora Update Notification, FEDORA-2005-565, July 13, 2005
SUSE Security Summary
Report, SUSE-SR:2005:017,
July 13, 2005
Security Focus, 14162, July 21, 2005
USCERT Vulnerability Note VU#680620, July 22, 2005
Apple Security Update 2005-007,
APPLE-SA-2005-08-15, August 15, 2005
SCO Security Advisory, SCOSA-2005.33, August 19, 2005
Security Focus, Bugtraq ID: 14162, August 26, 2005
Debian Security Advisory, DSA 797-1, September 1, 2005
Security Focus, Bugtraq ID: 14162, September 12, 2005
Fedora Legacy Update Advisory, FLSA:162680, September 14, 2005
|
Multiple Vendors
zlib 1.2.2, 1.2.1; Ubuntu Linux 5.04 powerpc, i386, amd64,
4.1 ppc, ia64, ia32; Debian Linux 3.1
sparc, s/390, ppc, mipsel, mips, m68k,
ia-64, ia-32,
hppa, arm,
alpha
|
A remote Denial of Service vulnerability has been reported due to a failure of the library to properly handle unexpected compression routine input.
Zlib:
http://www.zlib.net/
zlib-1.2.3.tar.gz
Debian:
http://security.debian.org/
pool/updates/main/z/zlib/
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/z/zlib/
OpenBSD:
http://www.openbsd.org/
errata.html#libz2
Mandriva:
http://www.mandriva.com/
security/ advisories
?name=
MDKSA-2005:124
Fedora:
http://download.fedora.
redhat.com/ pub/fedora
/linux/core/updates/
Slackware:
http://slackware.com/
security/viewer.php?
l=slackware-security&y=
2005&m=slackware-
security.323596
FreeBSD:
ftp://ftp.freebsd.org/
pub/FreeBSD/CERT/
advisories/FreeBSD
-SA-05:18.zlib.asc
SUSE:
http://lists.suse.com/
archive/suse-security-
announce/2005-
Jul/0007.html
Gentoo:
http://security.gentoo.org/
glsa/glsa-200507-28.xml
http://security.gentoo.org/
glsa/glsa-200508-01.xml
Trustix:
ftp://ftp.trustix.org/pub/
trustix/updates/
Conectiva:
ftp://atualizacoes.conectiva.
com.br/10/
Apple:
http://docs.info.apple.com/
article.html?artnum=
302163
TurboLinux:
ftp://ftp.turbolinux.co.jp/
pub/TurboLinux/
TurboLinux/ia32/
Server/10/updates/
SCO:
ftp://ftp.sco.com/pub/
updates/UnixWare/
SCOSA-2005.33
Debian:
http://security.debian.org/
pool/updates/main/
z/zsync/
Trolltech:
ftp://ftp.trolltech.com/
qt/source/qt-x11-free-
3.3.5.tar.gz
FedoraLegacy:
http://download.fedoralegacy.
org/fedora/
Currently we are not aware of any exploits for this vulnerability.
|
Multiple Vendor Zlib Compression Library Decompression Remote Denial of Service
CAN-2005-1849
|
Low |
Security Focus, Bugtraq ID 14340, July 21, 2005
Debian Security Advisory DSA 763-1, July 21, 2005
Ubuntu Security Notice, USN-151-1, July 21, 2005
OpenBSD, Release Errata 3.7, July 21, 2005
Mandriva Security Advisory, MDKSA-2005:124, July 22, 2005
Secunia, Advisory: SA16195, July 25, 2005
Slackware Security Advisory, SSA:2005-
203-03, July 22, 2005
FreeBSD Security Advisory, SA-05:18, July 27, 2005
SUSE Security Announce-
ment, SUSE-SA:2005:043,
July 28, 2005
Gentoo Linux Security Advisory, GLSA 200507-28, July 30, 2005
Gentoo Linux Security Advisory, GLSA 200508-01, August 1, 2005
Trustix Secure Linux Security Advisory, TSLSA-2005-0040, August 5, 2005
Conectiva Linux Announcement, CLSA-2005:997, August 11, 2005
Apple Security Update, APPLE-SA-2005-08-15, August 15, 2005
Turbolinux Security Advisory , TLSA-2005-83, August 18, 2005
SCO Security Advisory, SCOSA-2005.33, August 19, 2005
Debian Security Advisory, DSA 797-1, September 1, 2005
Security Focus, Bugtraq ID: 14340, September 12, 2005
Fedora Legacy Update Advisory, FLSA:162680, September 14, 2005
|
Multiple Vendors
Gentoo Linux;
RedHat Fedora Core3, Core2;
SUSE Linux 8.1, 8.2, 9.0-9.2, Desktop 1.0, Enterprise Server 9, 8, Novell Linux Desktop 1.0;
X.org X11R6 6.7 .0, 6.8, 6.8.1;
XFree86 X11R6 3.3, 3.3.2-3.3.6, 4.0-4.0.3, 4.1 .0, 4.1 -12, 4.1 -11, 4.2 .0, 4.2.1 Errata, 4.2.1
4.3 .0 |
Multiple vulnerabilities have been reported due to integer overflows, memory access errors, input validation errors, and logic errors, which could let a remote malicious user execute arbitrary code, obtain sensitive information, or cause a Denial of Service.
Fedora:
http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates
Gentoo:
http://security.gentoo.org/
glsa/glsa-200411-28.xml
SUSE:
ftp://ftp.SUSE.com/
pub/SUSE
X.org:
http://www.x.org/pub/
Fedora:
http://download.fedora.redhat.
com/pub/fedora/linux/
core/updates/2/
RedHat:
http://rhn.redhat.com/errata/
RHSA-2004-537.html
Mandrakesoft:
http://www.mandrakesoft.
com/security/advisories?
name=MDKSA-2004:137
(libxpm)
http://www.mandrakesoft.
com/security/advisories?
name=MDKSA-2004:138
(XFree86)
Debian:
http://www.debian.org/
security/2004/dsa-607
(XFree86)
SGI:
ftp://patches.sgi.com/
support/free/security/
patches/ProPack/3/
TurboLinux:
http://www.turbolinux.com/
update/
Avaya:
http://support.avaya.com/
elmodocs2/security/
ASA-2005-023_
RHSA-2004-537.pdf
http://support.avaya.com/|
elmodocs2/security/
ASA-2005-025_
RHSA-2005-004.pdf
Gentoo:
http://security.gentoo.org/
glsa/glsa-200502-06.xml
http://security.gentoo.org/
glsa/glsa-200502-07.xml
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/
FedoraLegacy:
http://download.fedoralegacy.
org/redhat/
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main
/l/lesstif1-1/
HP:
http://h20000.www2.hp.com/
bizsupport/TechSupport/
Document.jsp?objectID=
PSD_HPSBTU01228
Currently we are not aware of any exploits for these vulnerabilities.
|
|
|
X.Org Foundation Security Advisory, November 17, 2004
Fedora Update Notifications,
FEDORA-2004-433 & 434, November 17 & 18, 2004
SUSE Security Announcement, SUSE-SA:2004:041, November 17, 2004
Gentoo Linux Security Advisory, GLSA 200411-28, November 19, 2004
Fedora Security Update Notifications
FEDORA-2003-464, 465, 466, & 467, December 1, 2004
RedHat Security Advisory, RHSA-2004:537-17, December 2, 2004
Mandrakesoft: MDKSA-2004:137: libxpm4; MDKSA-2004:138: XFree86, November 22, 2004
Debian Security Advisory
DSA-607-1 xfree86 -- several vulnerabilities, December 10, 2004
Turbolinux Security Announcement, January 20, 2005
Avaya Security Advisories, ASA-2005-023 & 025, January 25, 2005
Gentoo Linux Security Advisories, GLSA 200502-06 & 07, February 7, 2005
Ubuntu Security Notice, USN-83-1 February 16, 2005
Fedora Legacy Update Advisory, FLSA:2314, March 2, 2005
Ubuntu Security Notice, USN-83-2, September 12, 2005
HP Security Bulletin, HPSBTU01228, September 20, 2005 |
Multiple Vendors
Linux kernel 2.6.8-2.6.10, 2.4.21
|
Several vulnerabilities have been reported: a buffer overflow vulnerability was reported in 'msg_control' when copying 32 bit contents, which could let a malicious user obtain root privileges and execute arbitrary code; and a vulnerability was reported in the 'raw_sendmsg()' function, which could let a malicious user obtain sensitive information or cause a Denial of Service.
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/l/
Trustix:
http://http.trustix.org/
pub/trustix/updates/
Currently we are not aware of any exploits for these vulnerabilities. |
Linux Kernel Buffer Overflow, Information Disclosure, & Denial of Service
CAN-2005-2490
CAN-2005-2492 |
High |
Secunia Advisory: SA16747, September 9, 2005
Ubuntu Security Notice, USN-178-1, September 09, 2005
Trustix Secure Linux Security Advisory, TSLSA-2005-0049, September 16, 2005
|
Multiple Vendors
Ubuntu Linux 5.0 4 powerpc, i386, amd64, 4.1 ppc, ia64, ia32;
GNOME Evolution 2.3.1 -2.3.6 .1, 2,0- 2.2 , 1.5
|
Multiple format string vulnerabilities have been reported: a vulnerability was reported when vCard information is attached to an email message, which could let a remote malicious user execute arbitrary code; a vulnerability was reported when specially crafted contact data that has been retrieved from an LDAP server is displayed, which could let a remote malicious user execute arbitrary code; and a vulnerability was reported when specially crafted task list data that has been retrieved from remote servers and the data has been saved under the 'Calendars' tab is displayed, which could let a remote malicious user execute arbitrary code.
Updates available at:
http://ftp.gnome.org/pub/
gnome/sources/
evolution/2.3/
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/
e/evolution/
Mandriva:
http://www.mandriva.com/
security/advisories
SUSE:
ftp://ftp.suse.com
/pub/suse/
Gentoo:
http://security.gentoo.org/
glsa/glsa-200508-12.xml
RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-
267.html
SGI:
ftp://oss.sgi.com/projects/
sgi_propack/download/
3/updates/
Conectiva:
ftp://atualizacoes.conectiva.
com.br/10/
SUSE:
ftp://ftp.suse.com
/pub/suse/
Currently we are not aware of any exploits for these vulnerabilities. |
|
High |
Secunia Advisory: SA16394, August 11, 2005
Ubuntu Security Notice, USN-166-1, August 11, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:141, August 18, 2005
SUSE Security Summary Report, SUSE-SR:2005:019, August 22, 2005
Gentoo Linux Security Advisory, GLSA 200508-12, August 23, 200
RedHat Security Advisory, RHSA-2005:267-10, August 29, 2005
SGI Security Advisory, 20050901-01-U, September 7, 2005
Conectiva Linux Announce-ment, CLSA-2005:1004, September 13, 2005
SUSE Security Announcement, SUSE-SA:2005:054, September 16, 2005 |
Multiple Vendors
util-linux 2.8-2.13;
Andries Brouwer util-linux 2.11 d, f, h, i, k, l, n, u, 2.10 s
|
A vulnerability has been reported because mounted filesystem options are improperly cleared due to a design flaw, which could let a remote malicious user obtain elevated privileges.
Updates available at:
http://www.kernel.org/
pub/linux/utils/util-linux/
testing/util-linux-2.
12r-pre1.tar.gz
Slackware:
ftp://ftp.slackware.com/
pub/slackware/
Trustix:
http://http.trustix.org/
pub/trustix/updates/
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/
u/util-linux/
Gentoo:
http://security.gentoo.org/
glsa/glsa-200509-15.xml
Mandriva:
http://www.mandriva.com/
security/advisories
There is no exploit code required. |
Util-Linux UMount Remounting Filesystem Elevated Privileges
CAN-2005-2876
|
Medium |
Security Focus, Bugtraq ID: 14816, September 12, 2005
Slackware Security Advisory, SSA:2005-255-02, September 13, 2005
Trustix Secure Linux Security Advisory, TSLSA-2005-0049, September 16, 2005
Ubuntu Security Notice, USN-184-1, September 19, 2005
Gentoo Linux Security Advisory, GLSA 200509-15, September 20, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:167, September 20, 2005
|
Multiple Vendors
XFree86 X11R6 4.3 .0,
4.1 .0; X.org X11R6 6.8.2;
RedHat Enterprise Linux WS 2.1, IA64, ES 2.1, IA64, AS 2.1, IA64, Advanced Workstation for the Itanium Processor 2.1, IA64; Gentoo Linux |
A buffer overflow vulnerability has been reported in the pixmap processing code, which could let a malicious user execute arbitrary code and possibly obtain superuser privileges.
Gentoo:
http://security.gentoo.org/
glsa/glsa-200509-07.xml
RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-329.html
http://rhn.redhat.com/
errata/RHSA-2005-396.html
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/x/xfree86/
Mandriva:
http://www.mandriva.com/
security/advisories?name
=MDKSA-2005:164
Sun:
http://sunsolve.sun.com/
search/document.do?
assetkey=1-26-101926-1
&searchclause
Currently we are not aware of any exploits for this vulnerability. |
|
High |
Gentoo Linux Security Advisory, GLSA 200509-07, September 12, 2005
RedHat Security Advisory, RHSA-2005:329-12 & RHSA-2005:396-9, September 12 & 13, 2005
Ubuntu Security Notice, USN-182-1, September 12, 2005
Mandriva Security Advisory, MDKSA-2005:164, September 13, 2005
US-CERT VU#102441
Sun(sm) Alert Notification
Sun Alert ID: 101926, September 19, 2005
|
ncompress
ncompress 4.2.4 |
A vulnerability has been reported in the 'build,' 'zcmp,' and 'zdiff' scripts due to the insecure creation of temporary files, which could let a malicious user obtain elevated privileges
No workaround or patch available at time of publishing.
There is no exploit code required.
|
|
Medium |
Secunia Advisory: SA16827, September 16, 2005 |
netpbm
10.0 |
A vulnerability has been reported in netpbm ('-dSAFER') that could let malicious users execute arbitrary postscript code.
Trustix:
ftp://ftp.trustix.org/pub/
trustix/updates/
Gentoo:
http://security.gentoo.org/
glsa/glsa-200508-04.xml
Mandriva:
http://www.mandriva.com/
security/advisories
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/n/
netpbm-free/
Fedora:
http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates/
SUSE:
ftp://ftp.suse.com
/pub/suse/
RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-
743.html
SGI:
ftp://oss.sgi.com/projects/
sgi_propack/download/
3/updates/
Conectiva:
ftp://atualizacoes.conectiva.
com.br/10/
TurboLinux:
ftp://ftp.turbolinux.co.jp/
pub/TurboLinux/
TurboLinux/ia32/
There is no exploit code required. |
netpbm Arbitrary Code Execution
CAN-2005-2471
|
High |
Secunia Advisory: SA16184, July 25, 2005
Trustix Secure Linux Security Advisory, #2005-0038, July 29, 2005
Gentoo Linux Security Advisory, GLSA 200508-04, August 5, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:133, August 10, 2005
Ubuntu Security Notice, USN-164-1, August 11, 2005
Fedora Update Notifications,
FEDORA-2005-727 & 728, August 17, 2005
SUSE Security Summary Report, SUSE-SR:2005:019, August 22, 2005
RedHat Security Advisory, RHSA-2005:743-08, August 22, 2005
SGI Security Advisory, 20050901-01-U, September 7, 2005
Conectiva Linux Announcement, CLSA-2005:1007, September 13, 2005
Turbolinux Security Advisory, TLSA-2005-90, September 20, 2005 |
PCRE
PCRE 6.1, 6.0, 5.0 |
A vulnerability has been reported in 'pcre_compile.c' due to an integer overflow, which could let a remote/local malicious user potentially execute arbitrary code.
Updates available at:
http://www.pcre.org/
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/p/pcre3/
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/
Fedora:
http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates/
Gentoo:
http://security.gentoo.org/
glsa/glsa-200508-17.xml
Mandriva:
http://www.mandriva.com/
security/advisories
SUSE:
ftp://ftp.SUSE.com/
pub/SUSE
Slackware:
ftp://ftp.slackware.com/
pub/slackware/
Ubuntu:
http://security.ubuntu.
com/ubuntu/
pool/main/
Debian:
http://security.debian.
org/pool/updates/
main/p/pcre3/
SUSE:
ftp://ftp.SUSE.com/
pub/SUSE
Slackware:
ftp://ftp.slackware.com/
pub/slackware/
slackware-10.1/
testing/packages/
php-5.0.5/php-
5.0.5-i486-1.tgz
Gentoo:
http://security.gentoo.org/
glsa/glsa-200509-08.xml
Conectiva:
ftp://atualizacoes.conectiva.
com.br/10/
Gentoo:
http://security.gentoo.org/
glsa/glsa-200509-12.xml
Currently we are not aware of any exploits for this vulnerability. |
|
High |
Secunia Advisory: SA16502, August 22, 2005
Ubuntu Security Notice, USN-173-1, August 23, 2005
Ubuntu Security Notices, USN-173-1 & 173-2, August 24, 2005
Fedora Update Notifications,
FEDORA-2005-802 & 803, August 24, 2005
Gentoo Linux Security Advisory, GLSA 200508-17, August 25, 2005
Mandriva Linux Security Update Advisories, MDKSA-2005:151-155, August 25, 26, & 29, 2005
SUSE Security Announcements, SUSE-SA:2005:048 & 049, August 30, 2005
Slackware Security Advisories, SSA:2005-242-01 & 242-02 , August 31, 2005
Ubuntu Security Notices, USN-173-3, 173-4 August 30 & 31, 2005
Debian Security Advisory, DSA 800-1, September 2, 2005
SUSE Security Announcement, SUSE-SA:2005:051, September 5, 2005
Slackware Security Advisory, SSA:2005-251-04, September 9, 2005
Gentoo Linux Security Advisory, GLSA 200509-08, September 12, 2005
Conectiva Linux Announce-ment, CLSA-2005:1009, September 13, 2005
Gentoo Linux Security Advisory, GLSA 200509-12, September 19, 2005 |
PHP
PHP 4.4.0, 4.3-4.3.11, 4.2-4.2.3, 4.1.0-4.1.2, 4.0 0-4.0.7, 3.0 0 -3.0.18
|
A vulnerability has been reported due to the way session variables are stored, which could let a malicious user hijack sessions variables.
No workaround or patch available at time of publishing.
There is no exploit code required. |
PHP Session Hijacking |
Medium |
Security Focus, Bugtraq ID: 14858, September 16, 2005 |
Postgre
SQL
PostgreSQL 7.3 through 8.0.2 |
Two vulnerabilities have been reported: a vulnerability was reported because a remote authenticated malicious user can invoke some client-to-server character set conversion functions and supply specially crafted argument values to potentially execute arbitrary commands; and a remote Denial of Service vulnerability was reported because the 'contrib/tsearch2' module incorrectly declares several functions as returning type 'internal.'
Fix available at:
http://www.postgresql.org/
about/news.315
Trustix:
http://http.trustix.org/
pub/trustix/updates/
Gentoo:
http://security.gentoo.org/
glsa/glsa-200505-12.xml
Trustix:
http://www.trustix.org/
errata/2005/0023/
TurboLinux:
ftp://ftp.turbolinux.co.jp/pub/
TurboLinux/TurboLinux/ia32/
RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-433.html
SGI:
ftp://oss.sgi.com/projects/
sgi_propack/download/
3/updates/
Conectiva:
ftp://atualizacoes.conectiva.
com.br/10/
Currently we are not aware of any exploits for these vulnerabilities. |
|
|
Security Tracker Alert, 1013868, May 3, 2005
Ubuntu Security Notice, USN-118-1, May 04, 2005
Trustix Secure Linux Security Advisory, TSLSA-2005-0018, May 6, 2005
Gentoo Linux Security Advisory, GLSA 200505-12, May 16, 2005
Trustix Secure Linux Bugfix Advisory, TSL-2005-0023, May 16, 2005
Turbolinux Security Advisory , TLSA-2005-62, June 1, 2005
RedHat Security Advisory, RHSA-2005:433-17, June 1, 2005
SGI Security Advisory, 20050602-01-U, June 23, 2005
Conectiva Linux Announcement, CLSA-2005:1008, September 13, 2005 |
PostgreSQL
PostgreSQL 7.4.5; Avaya CVLAN, Integrated Management, Intuity LX, MN100, Modular Messaging (MSS) 1.1, 2.0 |
A vulnerability was reported due to the insecure creation of temporary files, which could possibly let a malicious user overwrite arbitrary files.
Trustix:
ftp://ftp.trustix.org/pub/
trustix/updates/
Gentoo:
http://security.gentoo.org/
glsa/glsa-200410-16.xml
Debian:
http://security.debian.org/
pool/updates/main/
p/postgresql/
OpenPKG:
ftp://ftp.openpkg.org/
release/
Mandrakesoft:
http://www.mandrakesoft.
com/security/advisories
?name=MDKSA-2004:149
Red Hat:
http://rhn.redhat.com/
errata/RHSA-2004-489.html
Avaya:
http://support.avaya.com/
elmodocs2/security/
ASA-2005-024_
RHSA-2004-489.pdf
TurboLinux:
ftp://ftp.turbolinux.co.jp/
pub/TurboLinux/
TurboLinux/
Conectiva:
ftp://atualizacoes.conectiva.
com.br/10/
There is no exploit code required. |
PostgreSQL Insecure Temporary File Creation
CAN-2004-0977
|
Medium |
Trustix Secure Linux Bugfix Advisory, TSL-2004-0050, September 30, 2004
Gentoo Linux Security Advisory, GLSA 200410-16, October 18, 2004
Debian Security Advisory, DSA 577-1, October 29, 2004
OpenPKG Security Advisory, OpenPKG-SA-2004.046, October 29, 2004
Mandrakesoft Security Advisory, MDKSA-2004:149, December 13, 2004
Red Hat Advisory RHSA-2004:489-17, December 20, 2004
Avaya Security Advisory, ASA-2005-024, January 25, 2005
Turbolinux Security Announcement, February 17, 2005
Conectiva Linux Announcement, CLSA-2005:1008, September 13, 2005 |
Rob Flynn
Gaim prior to 1.3.1 |
Several vulnerabilities have been reported: a remote Denial of Service vulnerability has been reported when using the Yahoo! protocol to download a file; and a remote Denial of Service vulnerability was reported in the MSN Messenger service when a malicious user submits a specially crafted MSN message.
Updates available at:
http://gaim.sourceforge.net
/downloads.php
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/g/gaim/
Gentoo:
http://security.gentoo.org/
glsa/glsa-200506-11.xml
Mandriva:
http://www.mandriva.com/
security/advisories
Fedora:
http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates/
RedHat:
http://rhn.redhat.com/
errata/RHSA-
2005-518.html
Debian:
http://security.debian.org/
pool/updates/main/g/gaim/
SUSE:
ftp://ftp.SUSE.com/
pub/SUSE
Debian:
http://security.debian.org/
pool/updates/main/
Conectiva:
ftp://atualizacoes.conectiva.
com.br/10/
There is no exploit code required. |
|
Low |
Secunia Advisory, SA15648,
June 10, 2005
Ubuntu Security Notice USN-139-1, June 10, 2005
Gentoo Linux Security Advisory, GLSA 200506-
11, June 12, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:099,
June 14, 2005
Fedora Update Notifications,
FEDORA-2005-410, & 411,
June 17, 2005
RedHat Security Advisory, RHSA-2005:518-03,
June 16, 2005
Debian Security Advisory,
DSA 734-1,
July 5, 2005
SUSE Security Summary Report, SUSE-SR:2005:017,
July 13, 2005
Debian Security Advisory, DSA 773-1, August 11, 2005
Conectiva Linux Announcement, CLSA-2005:1006, September 13, 2005 |
Shorewall
Shorewall 2.0.x, 2.2.x, 2.4.x
|
A vulnerability has been reported due to a failure to properly implement expected firewall rules for MAC address-based filtering, which could let a remote malicious user bypass firewall rules.
Hotfixes available at:
http://www.shorewall.net/
Mandriva:
http://www.mandriva.com/
security/advisories
Gentoo:
http://security.gentoo.org/
glsa/glsa-200507-20.xml
There is no exploit code required. |
|
Medium |
Secunia Advisory: SA16087,
July 18, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:123, July 21, 2005
Gentoo Linux Security Advisory [ERRATA UPDATE], GLSA 200507-20:02, September 17, 2005 |
Simple
CDR-X
SimpleCDR-X 1.3.3 |
A vulnerability has been reported due to the insecure creation of a temporary copy of the ISO image, which could let a malicious user obtain sensitive information.
No workaround or patch available at time of publishing.
There is no exploit code required. |
|
Medium |
Secunia Advisory: SA16835, September 16, 2005 |
slocate
slocate 2.7
|
A Denial of Service vulnerability has been reported when a specially crafted directory structure that contains long paths is submitted.
Mandriva:
http://www.mandriva.com/
security/advisories
TurboLinux:
ftp://ftp.turbolinux.co.jp/
pub/TurboLinux/
TurboLinux/ia32/
There is no exploit code required.
|
|
Low |
Mandriva Linux Security Update Advisory, MDKSA-2005:147, August 22, 2005
Turbolinux Security Advisory, TLSA-2005-91, September 20, 2005 |
Squid Web Proxy
Squid Web Proxy Cache 2.5 & prior |
A remote Denial of Service vulnerability has been reported in the 'storeBuffer()' function when handling aborted requests.
Patches available at:
http://www.squid-
cache.org/Versions/
v2/2.5/bugs/squid-
2.5.STABLE
10-STORE_PENDING.patch
Gentoo:
http://security.gentoo.org/
glsa/glsa-200509-06.xml
OpenPKG:
ftp://ftp.openpkg.org/
release/
Mandriva:
http://www.mandriva.com/
security/advisories
Debian:
http://security.debian.org/
pool/updates/main/
s/squid/
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/universe/
s/squid/
RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-766.html
SUSE:
ftp://ftp.suse.com
/pub/suse/
Currently we are not aware of any exploits for this vulnerability.
|
|
Low |
Security Tracker Alert ID: 1014864, September 7, 2005
Gentoo Linux Security Advisory GLSA 200509-06, September 7, 2005
OpenPKG Security Advisory, OpenPKG-SA-2005.021, September 10, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:162, September 12, 2004
Debian Security Advisory, DSA 809-1, September 13, 2005
Ubuntu Security Notice, USN-183-1, September 13, 2005
RedHat Security Advisory, RHSA-2005:766-7, September 15, 2005
SUSE Security Announcement, SUSE-SA:2005:053, September 16, 2005
|
Squid Web Proxy
Squid Web Proxy Cache 2.5 .STABLE1-STABLE 10, 2.4 .STABLE6 & 7, STABLE 2, 2.4, 2.3 STABLE 4&5, 2.1 Patch 2, 2.0 Patch 2 |
A remote Denial of Service vulnerability has been reported in '/squid/src/ssl.c' when a malicious user triggers a segmentation fault in the 'sslConnectTimeout()' function.
Patches available at:
http://www.squid-
cache.org/Versions/
v2/2.5/bugs/squid-
2.5.STABLE10-ssl
ConnectTimeout.patch
Trustix:
http://http.trustix.org/
pub/trustix/updates/
OpenPKG:
ftp://ftp.openpkg.org/
release/
Mandriva:
http://www.mandriva.com/
security/advisories
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/s/squid/
Debian:
http://security.debian.org/
pool/updates/main/
s/squid/
RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-766.html
SUSE:
ftp://ftp.suse.com
/pub/suse/
There is no exploit code required. |
Squid 'sslConnect
Timeout()' Remote Denial of Service
CAN-2005-2796 |
Low |
Security Tracker Alert ID: 1014846, September 2, 2005
Trustix Secure Linux Security Advisory, TSLSA-2005-0047, September 9, 2005
OpenPKG Security Advisory, OpenPKG-SA-2005.021, September 10, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:162, September 12, 2005
Ubuntu Security Notice, USN-183-1, September 13, 2005
Debian Security Advisory, DSA 809-1, September 13, 2005
RedHat Security Advisory, RHSA-2005:766-7, September 15, 2005
SUSE Security Announcement, SUSE-SA:2005:053, September 16, 2005 |
Sun Microsystems, Inc.
Solaris 10.0, _x86 |
A Denial of Service vulnerability has been reported in the 'ti' driver due to an unspecified error.
Patches available at:
http://sunsolve.sun.com/
search/document.do?
assetkey=1-26-101899
-1&searchclause
Currently we are not aware of any exploits for this vulnerability. |
|
Low |
Sun(sm) Alert Notification
Sun Alert ID: 101899, September 19, 2005 |
SuSE
Linux Professional 9.3 x86_64, 9.3, Linux Personal 9.3 x86_64, 9.3
|
A buffer overflow vulnerability has been reported in Yast, which could let a malicious user execute arbitrary code with superuser privileges.
No workaround or patch available at time of publishing.
A Proof of Concept exploit has been published. |
|
High |
Security Focus, Bugtraq ID: 14861, September 16, 2005 |
Turquoise SuperStat
Turquoise SuperStat 202-2.2.3 |
A buffer overflow has been reported in the date parser due to a boundary error, which could let a remote malicious user execute arbitrary code.
Upgrades available at:
http://freshmeat.net/redir/
turquoise/10809/url_tgz/
turqstat_2.2.4.tar. gz
Debian:
http://security.debian.org/
pool/updates/main/
t/turqstat/
Currently we are not aware of any exploits for this vulnerability.
|
Turquoise SuperStat Date Parser Remote Buffer Overflow
CAN-2005-2658
|
High |
Debian Security Advisory DSA 812-1, September 15, 2005 |
University of California (BSD License)
PostgreSQL 7.x, 8.x; Peachtree Linux release 1
|
Multiple vulnerabilities exist that could permit malicious users to gain escalated privileges or execute arbitrary code. These vulnerabilities are due to an error in the 'LOAD' option, a missing permissions check, an error in 'contrib/intagg,' and a boundary error in the plpgsql cursor declaration.
Update to version 8.0.1, 7.4.7, 7.3.9, or 7.2.7:
http://wwwmaster.postgresql.
org/download/mirrors-ftp
Ubuntu:
http://www.ubuntulinux.org/
support/documentation/
usn/usn-71-1
Debian:
http://www.debian.org/
security/2005/dsa-668
Gentoo:
http://security.gentoo.org/
glsa/glsa-200502-08.xml
Fedora:
http://download.fedora.
redhat.com/
pub/fedora/linux/
core/updates/
Trustix:
http://http.trustix.org/
pub/trustix/updates/
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/
p/postgresql/
RedHat:
http://rhn.redhat.com | |
| |
