 |
Summary of Security Items from September 21 through September 27, 2005
Information in the US-CERT Cyber Security Bulletin is a compilation and includes information published by outside sources, so the information should not be considered the result of US-CERT analysis. Software vulnerabilities are categorized in the appropriate section reflecting the operating system on which the vulnerability was reported; however, this does not mean that the vulnerability only affects the operating system reported since this information is obtained from open-source information.
This bulletin provides a summary of new or updated vulnerabilities, exploits, trends, viruses, and trojans. Updates to vulnerabilities that appeared in previous bulletins are listed in bold text. The text in the Risk column appears in red for vulnerabilities ranking High. The risks levels applied to vulnerabilities in the Cyber Security Bulletin are based on how the "system" may be impacted. The Recent Exploit/Technique table contains a "Workaround or Patch Available" column that indicates whether a workaround or patch has been published for the vulnerability which the script exploits.
Vulnerabilities
The table below summarizes vulnerabilities that have been identified, even if they are not being exploited. Complete details about patches or workarounds are available from the source of the information or from the URL provided in the section. CVE numbers are listed where applicable. Vulnerabilities that affect both Windows and Unix Operating Systems are included in the Multiple Operating Systems section.
Note: All the information included in the following tables has been discussed in newsgroups and on web sites.
The Risk levels defined below are based on how the system may be impacted:
Note: Even though a vulnerability may allow several malicious acts to be performed, only the highest level risk will be defined in the Risk column.
- High - A high-risk vulnerability is defined as one that will allow an intruder to immediately gain privileged access (e.g., sysadmin or root) to the system or allow an intruder to execute code or alter arbitrary system files. An example of a high-risk vulnerability is one that allows an unauthorized user to send a sequence of instructions to a machine and the machine responds with a command prompt with administrator privileges.
- Medium - A medium-risk vulnerability is defined as one that will allow an intruder immediate access to a system with less than privileged access. Such vulnerability will allow the intruder the opportunity to continue the attempt to gain privileged access. An example of medium-risk vulnerability is a server configuration error that allows an intruder to capture the password file.
- Low - A low-risk vulnerability is defined as one that will provide information to an intruder that could lead to further compromise attempts or a Denial of Service (DoS) attack. It should be noted that while the DoS attack is deemed low from a threat potential, the frequency of this type of attack is very high. DoS attacks against mission-critical nodes are not included in this rating and any attack of this nature should instead be considered to be a "High" threat.
| Windows Operating Systems Only |
Vendor & Software Name |
Vulnerability - Impact
Patches - Workarounds
Attacks Scripts |
Common Name /
CVE Reference |
Risk |
Source |
7-Zip 3.13, 4.23, and Beta 4.26
|
A buffer overflow vulnerability has been reported in 7-Zip, ARJ archive processing, that could let remote malicious users execute arbitrary code.
Upgrade to the newest version:
http://www.7-zip.org/
Currently we are not aware of any exploits for this vulnerability.
|
|
High |
Secunia, Advisory: SA16664, September 23, 2005 |
ConeXware
PowerArchiver 2006 9.5 Beta 4, Beta 5, PowerArchiver 2004 9.25, PowerArchiver 2003 8.60,
PowerArchiver 2002 8.10 |
A buffer overflow vulnerability has been reported in PowerArchiver, ARJ and ACE archive processing, that could let remote malicious users execute arbitrary code.
Upgrade to the newest version:
http://www.powerarchiver.
com/download/
Currently we are not aware of any exploits for this vulnerability. |
PowerArchiver Arbitrary Code Execution
CAN-2005-3061 |
High |
Secunia Advisory: SA16713 |
FL Studio 5.0.1, 5.0.2 |
A buffer overflow has been reported in FL Studio, FLP file handling, that could let remote malicious users to execute arbitrary code.
No workaround or patch available at time of publishing.
Currently we are not aware of any exploits for this vulnerability. |
FL Studio Arbitrary Code Execution
CAN-2005-3092 |
High |
Secunia, Advisory: SA16958, September 27, 2005 |
Handy Address Book
Handy Address Book Server 1.1
|
An input validation vulnerability has been reported in Handy Address Book Server that could let remote malicious users conduct Cross-Site Scripting.
Upgrade to version 1.2 http://www.handy
addressbook.com/
downloads/AHABS12.exe
There is no exploit code required; however, a Proof of Concept exploit script has been published. |
|
Medium |
Security Tracker, Alert ID: 1014901, September 15, 2005
Security Focus, ID: 14818, September 26, 2005 |
Novell
GroupWise 6.5.3 |
A vulnerability has been reported in GroupWise that could let local malicious users execute arbitrary code.
Upgrade to version 6.5 SP5:
http://support.novell.com/
filefinder/16963/beta.html
Currently we are not aware of any exploits for this vulnerability. |
Novell GroupWise Arbitrary Code Execution
CAN-2005-2804 |
High |
Security Tracker, Alert ID: 1014977, September 27, 2005 |
| SecureW2 3.0, 3.1.1 |
A vulnerability has been reported in SecureW2 that could let remote malicious users to disclose sensitive information.
No workaround or patch available at time of publishing.
Currently we are not aware of any exploits for this vulnerability. |
SecureW2 Information Disclosure
CAN-2005-3087 |
Medium |
Secunia, Advisory: SA16909, September 26, 2005 |
VERITAS
Storage Exec 5.3 rev2190R
StorageCentral 5.2 rev322 |
A buffer overflow vulnerability has been reported in Storage Exec/ StorageCentral that could let remote malicious users execute arbitrary code.
A vendor fix is available:
http://support.veritas.
com/docs/277566
Currently we are not aware of any exploits for this vulnerability. |
Storage Exec/ StorageCentral Arbitrary Code Execution
CAN-2005-2996
|
High |
Secunia Advisory: SA16871, September 20, 2005
USCERT VU# 927793, 620497, September 22, 2005 |
[back to
top]
| UNIX / Linux Operating Systems Only |
Vendor & Software Name |
Vulnerability - Impact
Patches - Workarounds
Attacks Scripts |
Common Name /
CVE Reference |
Risk |
Source |
Alkalay.net
nslookup.cgi, notify, man-cgi, contribute.pl |
Multiple vulnerabilities have been reported: a vulnerability was reported in various perl scripts due to insufficient sanitization of user-supplied input, which could let a remote malicious user execute arbitrary code; and a Directory Traversal vulnerability was reported in 'contribute.cgi' (aka
contribute.pl), dated 16 Jun 2002, which could a remote malicious user obtain sensitive information.
No workaround or patch available at time of publishing.
There is no exploit code required; however, a Proof of Concept exploit has been published.
|
|
High |
CIRT-200504 Advisory, September 21, 2005 |
Apache Software Foundation
Apache 2.0.x |
A vulnerability has been reported in 'modules/ssl
/ssl_engine_kernel.c' because the 'ssl_hook_Access()' function does not properly enforce the 'SSLVerifyClient require' directive in a per-location context if a virtual host is configured with the 'SSLVerifyCLient optional' directive, which could let a remote malicious user bypass security policies.
Patch available at:
http://svn.apache.org/
viewcvs?rev=264800
&view=rev
OpenPKG:
ftp://ftp.openpkg.org/
release/
RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-
608.html
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/
a/apache2/
SGI:
ftp://oss.sgi.com/projects/
sgi_propack/download/
3/updates/
Debian:
http://security.debian.org/
pool/updates/main/
a/apache2/
Mandriva:
http://www.mandriva.com/
security/advisories
Slackware:
ftp://ftp.slackware.com/
pub/slackware/
Trustix:
http://http.trustix.org/
pub/trustix/updates/
Debian:
http://security.debian.org/
pool/updates/main/liba/
Gentoo:
http://security.gentoo.org/
glsa/glsa-200509-12.xml
Avaya:
http://support.avaya.
com/elmodocs2/
security/
ASA-2005-204.pdf
There is no exploit code required. |
Apache 'Mod_SSL SSLVerifyClient' Restriction Bypass
CAN-2005-2700 |
Medium |
Security Tracker Alert ID: 1014833, September 1, 2005
OpenPKG Security Advisory, OpenPKG-SA-2005.017, September 3, 2005
RedHat Security Advisory, RHSA-2005:608-7, September 6, 2005
Ubuntu Security Notice, USN-177-1, September 07, 2005
SGI Security Advisory, 20050901-01-U, September 7, 2005
Debian Security Advisory, DSA 805-1, September 8, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:161, September 8, 2005
Slackware Security Advisory, SSA:2005-251-02, September 9, 2005
Trustix Secure Linux Security Advisory, TSLSA-2005-0047, September 9, 2005
Debian Security Advisory DSA 807-1, September 12, 2005
US-CERT VU#744929
Gentoo Linux Security Advisory, GLSA 200509-12, September 19, 2005
Avaya Security Advisory, ASA-2005-204, September 23, 2005 |
Apple
Mac OS X Server 10.4-10.4.2, 10.3-10.3.9, Mac OS X 10.4-10.4.2, 10.3-10.3.9 |
Multiple vulnerabilities have been reported: a buffer overflow vulnerability was reported in 'ImageIO' due to a boundary error, which could let a remote malicious user execute arbitrary code; a vulnerability was reported in 'Mail.app' when processing auto-reply rules, which could let a remote malicious user obtain sensitive information; a vulnerability was reported in 'Mail.app' when using Kerberos 5 for SMTP authentication, which could let a remote malicious user obtain sensitive information; a vulnerability was reported because 'malloc' creates diagnostic files insecurely when using certain environmental variables to enable debugging of application memory allocation, which could let a malicious user overwrite arbitrary files; a buffer overflow vulnerability was reported in the 'QuickDraw' manager due to a boundary error, which could let a remote malicious user execute arbitrary code; a vulnerability was reported in the Java extensions that are bundled with Quick Time 6.52 & prior due to a validation error, which could let untrusted applets call arbitrary functions from system libraries; a vulnerability was reported in Ruby, which could let a remote malicious user bypass certain security restrictions; a Cross-Site Scripting vulnerability was reported in Safari when web archives are rendered from a malicious site, which could let a remote malicious user execute arbitrary HTML and script code; a vulnerability was reported in the 'SecurityAgent' due to an error, which could let a malicious user obtain unauthorized access to a current user's desktop; and a vulnerability was reported in the Authorization Services 'securityd' due to a validation error, which could let a malicious user obtain elevated privileges.
Update information available at:
http://docs.info.apple.com/
article.html?artnum=302413
Currently we are not aware of any exploits for these vulnerabilities.
|
|
High |
Apple Security Advisory, LE-SA-2005-09-22, September 22, 2005
US-CERT VU#650681
US-CERT VU#529945 |
Astaro Corporation
Astaro Security Linux 4.0 27 |
A remote Denial of Service vulnerability has been reported in the Point-to-Point Tunneling Protocol (PPTP) server due to an unspecified error.
Upgrade available at:
ftp://ftp.astaro.com/pub/
Astaro_Security_Linux/
v4.0/up2date/
4.028.tar.gpg
Currently we are not aware of any exploits for this vulnerability. |
Astaro Security Linux PPTP Server Unspecified Remote Denial of Service
CAN-2005-3100
|
Low |
Security Focus, Bugtraq ID: 14950, September 27, 2005 |
Clam Anti-Virus
ClamAV 0.80 -0.86.2, 0.70, 0.65-0.68, 0.60, 0.51-0.54 |
Several vulnerabilities have been reported: a buffer overflow vulnerability was reported in 'libclamav/upx.c' due to a signedness error, which could let a malicious user execute arbitrary code; and a remote Denial of Service vulnerability was reported in 'libclamav/fsg.c' when handling a specially -crafted FSG-compressed executable file.
Upgrades available at:
http://sourceforge.net/
project/showfiles.php
?group_id=86638
Gentoo:
http://security.gentoo.org/
glsa/glsa-200509-13.xml
Mandriva:
http://www.mandriva.
com/security
/advisories
Trustix:
http://http.trustix.org/
pub/trustix/updates/
Currently we are not aware of any exploits for these vulnerabilities.
|
|
High |
Secunia Advisory: SA16848, September 19, 2005
Gentoo Linux Security Advisory, GLSA 200509-13, September 19, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:166, September 20, 2005
Trustix Secure Linux Security Advisory, TSLSA-2005-0051, September 23, 2005
|
Detlev Offenbach
eric3 prior to 3.7.2 |
A vulnerability has been reported due to a "potential security exploit." The impact was not specified
Upgrades available at:
http://prdownloads.
sourceforge.net/
eric-ide/eric-3.7.2.
tar.gz?download
Currently we are not aware of any exploits for this vulnerability.
|
|
Not Specified |
Security Tracker Alert ID: 1014947, September 21, 2005 |
Easy Software Products
CUPS 1.1.21, 1.1.22 rc1, 1.1.22 |
A remote Denial of Service vulnerability exists when a malicious user submits a specially crafted HTTP GET request.
Upgrades available at:
http://www.cups.org/
software.php?
SOFTWARE=v1_2
Fedora:
http://download.fedora.
redhat.com/pub/
fedora/inux/core/
updates/3/
RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-
772.html
A Proof of Concept exploit has been published. |
|
Low |
Security Tracker Alert ID, 1012811, January 7, 2005
Fedora Update Notification,
FEDORA-2005-908, September 22, 2005
RedHat Security Advisory, RHSA-2005:772-8, September 27, 2005 |
GNU
gzip 1.2.4 a, 1.2.4, 1.3.3-1.3.5 |
A Directory Traversal vulnerability has been reported due to an input validation error when using 'gunzip' to extract a file with the '-N' flag, which could let a remote malicious user obtain sensitive information.
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/g/gzip/
Trustix:
http://http.trustix.org/
pub/trustix/updates/
Gentoo:
http://security.gentoo.org/
glsa/glsa-200505-05.xml
IPCop:
http://ipcop.org/
modules.php?op=
modload&name=
Downloads&file=index
&req=viewdownload
&cid=3&orderby=dateD
Mandriva:
http://www.mandriva.com/
security/advisories
TurboLinux:
ftp://ftp.turbolinux.co.jp/
pub/TurboLinux/
TurboLinux/ia32/
FreeBSD:
ftp://ftp.FreeBSD.org/
pub/FreeBSD/CERT/
patches/
SA-05:11/gzip.patch
OpenPKG:
http://www.openpkg.org/
security/OpenPKG-
SA-2005.009-
openpkg.html
RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-
357.html
SGI:
ftp://oss.sgi.com/projects/
sgi_propack/download/
3/updates/
Conectiva:
ftp://atualizacoes.
conectiva.com.br/
Debian:
http://security.debian.org/
pool/updates/main/g
/gzip
Sun:
http://sunsolve.sun.com/
search/document.do?
assetkey=1-26-101816-1
Avaya:
http://support.avaya.
com/elmodocs2/
security/
ASA-2005-172.pdf
Sun: Updated Relief/Workaround section.
A Proof of Concept exploit has been published. |
|
Medium |
Bugtraq, 396397, April 20, 2005
Ubuntu Security Notice,
USN-116-1,
May 4, 2005
Trustix Secure Linux Security Advisory,
TSLSA-2005-0018,
May 6, 2005
Gentoo Linux Security Advisory, GLSA 200505-05, May 9, 2005
Security Focus,13290, May 11, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:092, May 19, 2005
Turbolinux Security Advisory, TLSA-2005-59, June 1, 2005
FreeBSD
Security Advisory, FreeBSD-SA-05:11, June 9, 2005
OpenPKG Security Advisory, OpenPKG-SA-2005.009, June 10, 2005
RedHat Security Advisory,
RHSA-2005:357-19, June 13, 2005
SGI Security Advisory, 20050603-01-U, June 23, 2005
Conectiva Linux Announce-ment, CLSA-2005:974, July 6, 2005
Debian Security Advisory DSA 752-1, July 11, 2005
Sun(sm) Alert Notification
Sun Alert ID: 101816, July 20, 2005
Avaya Security Advisory, ASA-2005-172, August 29, 2005
Sun(sm) Alert Notification
Sun Alert ID: 101816, Updated September 27, 2005 |
GNU
Mailutils 0.6
|
A format string vulnerability has been reported in 'search.c' when processing user-supplied IMAP SEARCH commands, which could let a remote malicious user execute arbitrary code.
Patch available at:
http://savannah.gnu.org/
patch/download.php?
item_id=4407&item_
file_id=5 160
Gentoo:
http://security.gentoo.org/
glsa/glsa-200509-10.xml
An exploit script has been published.
|
GNU Mailutils Format String
CAN-2005-2878 |
High |
Security Tracker Alert ID: 1014879, September 9, 2005
Gentoo Linux Security Advisory, GLSA 200509-10, September 17, 2005
Security Focus, Bugtraq ID: 14794, September 26, 2005 |
GNU
gzip 1.2.4, 1.3.3 |
A vulnerability has been reported when an archive is extracted into a world or group writeable directory, which could let a malicious user modify file permissions.
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/g/gzip/
Trustix:
http://http.trustix.org/
pub/trustix/updates/
Gentoo:
http://security.gentoo.org/
glsa/glsa-200505-05.xml
Mandriva:
http://www.mandriva.com/
security/advisories
TurboLinux:
ftp://ftp.turbolinux.co.jp/pub/
TurboLinux/TurboLinux/ia32/
FreeBSD:
ftp://ftp.FreeBSD.org/pub/
FreeBSD/CERT/patches/
SA-05:11/gzip.patch
RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-357.html
SGI:
ftp://oss.sgi.com/projects/
sgi_propack/download
/3/updates/
Conectiva:
ftp://atualizacoes.conectiva.
com.br/
Debian:
http://security.debian.org/
pool/updates/main/g
/gzip/gzip
Sun:
http://sunsolve.sun.com/
search/document.do?
assetkey=1-26-101816-1
Avaya:
http://support.avaya.com/
elmodocs2/security/
ASA-2005-172.pdf
Sun: Updated Relief/Workaround section.
There is no exploit code required. |
|
Medium |
Security Focus,
12996,
April 5, 2005
Ubuntu Security Notice,
USN-116-1,
May 4, 2005
Trustix Secure Linux Security Advisory,
TSLSA-2005-0018,
May 6, 2005
Gentoo Linux Security Advisory, GLSA 200505-05, May 9, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:092,
May 19, 2005
Turbolinux Security Advisory, TLSA-2005-59, June 1, 2005
FreeBSD Security Advisory, FreeBSD-SA-05:11, June 9, 2005
RedHat Security Advisory,
RHSA-2005:357-19, June 13, 2005
SGI Security Advisory, 20050603-01-U, June 23, 2005
Conectiva Linux Announce-ment, CLSA-2005:974, July 6, 2005
Debian Security Advisory DSA 752-1, July 11, 2005
Sun(sm) Alert Notification
Sun Alert ID: 101816, July 20, 2005
Avaya Security Advisory, ASA-2005-172, August 29, 2005
Sun(sm) Alert Notification
Sun Alert ID: 101816, Updated September 27, 2005 |
GNU
wget 1.9.1 |
A vulnerability exists which could permit a remote malicious user to create or overwrite files on the target user's system. Wget does not properly validate user-supplied input. A remote user can bypass the filtering mechanism if DNS can be modified so that '..' resolves to an IP address. A specially crafted HTTP response can include control characters to overwrite portions of the terminal window.
SUSE:
ftp://ftp.SUSE.com
/pub/SUSE
Mandriva:
http://www.mandriva.com/
security/advisories
Trustix:
http://http.trustix.org/
pub/trustix/updates/
RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-
357.html
TurboLinux:
ftp://ftp.turbolinux.co.jp/
pub/TurboLinux/
TurboLinux/ia32/
Ubuntu:
http://security.ubuntu.
com/ubuntu/pool/
main/w/wget/
RedHat:
http://rhn.redhat.com/
errata/RHSA-
2005-771.html
A Proof of Concept exploit script has been published. |
|
Medium |
Security Tracker Alert ID: 1012472, December 10, 2004
SUSE Security Summary Report, SUSE-SR:2005:004, February 11, 2005
SUSE Security Summary Report, SUSE-SR:2005:006, February 25, 2005
SUSE Security Summary Report, SUSE-SR:2005:011, April 15, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:098, June 9, 2005
Trustix Secure Linux Security Advisory, TLSA-2005-0028, June 13, 2005
Turbolinux Security Advisory, TLSA-2005-66, June 15, 2005
Ubuntu Security Notice, USN-145-1, June 28, 2005
Ubuntu Security Notice, USN-145-2, September 06, 2005
RedHat Security Advisory, RHSA-2005:771-10, September 27, 2005
|
Hylafax
Hylafax 4.2.1 |
Several vulnerabilities have been reported: a vulnerability was reported in the 'xferfaxstats' script due to the insecure creation of temporary files, which could let a remote malicious user create/overwrite arbitrary files; and a vulnerability was reported because ownership of the UNIX domain socket is not created or verified, which could let a malicious user obtain sensitive information and cause a Denial of Service.
No workaround or patch available at time of publishing.
There is no exploit code required. |
|
Medium |
Security Focus, Bugtraq ID: 14907, September 22, 2005 |
IBM
AIX 5.3 L, 5.3, 5.2.2, 5.2 L, 5.2 |
A buffer overflow vulnerability has been reported due to a failure to perform boundary checks prior to copying user-supplied data into insufficiently-sized memory buffers, which could let a malicious user execute arbitrary code.
Update information available at:
http://www-1.ibm.com/
support/docview.wss
?uid=isg1IY73850
http://www-1.ibm.com/
support/docview.wss
?uid=isg1IY73814
Currently we are not aware of any exploits for this vulnerability. |
|
High |
IBM Security Advisory, September 28, 2005 |
Info-ZIP
UnZip 5.52 |
A vulnerability has been reported due to a security weakness when extracting an archive to a world or group writeable directory, which could let a malicious user modify file permissions.
Fedora:
http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates/3/
SCO:
ftp://ftp.sco.com/pub/
updates/OpenServer/
SCOSA-2005.39/507
There is no exploit code required. |
Info-ZIP UnZip File Permission Modification
CAN-2005-2475 |
Medium |
Security Focus, 14450, August 2, 2005
Fedora Update Notification,
FEDORA-2005-844, September 9, 2005
SCO Security Advisory, SCOSA-2005.39, September 28, 2005 |
Inter7
SqWebMail 5.0.4 |
A vulnerability has been reported because the '<script>' tag can be used in HTML comments, which could let a remote malicious user execute arbitrary code when malicious email is viewed.
Patch available at:
http://www.courier-
mta.org/beta/
sqwebmail/
Debian:
http://security.debian.org/
pool/updates/main
/c/courier/
There is no exploit code required; however, a Proof of Concept exploit has been published.
|
SqWebMail HTML Email Script Tag Script Injection
CAN-2005-2820 |
Medium |
Secunia Advisory: SA16704, September 6, 2005
Debian Security Advisory DSA 820-1, September 24, 2005 |
Interchange
Interchange 5.2 , 5.0.1 |
Several vulnerabilities have been reported: an SQL injection vulnerability was reported in 'pages/forum/
submit.html' due to insufficient sanitization of certain parameters, which could let a remote malicious user execute arbitrary SQL code; and a vulnerability was reported in 'pages/forumm/submit.html' due to an unspecified error, which could let a remote malicious user inject ITL (Interchange Tag Language) code.
Upgrades available at:
http://ftp.icdevgroup.org/
interchange/
There is no exploit code required.
|
|
Medium |
Secunia Advisory: SA16923, September 23, 2005
|
KDE
KDE 3.2.0 up to including 3.4.2 |
A vulnerability has been reported in 'kcheckpass.c' due to the insecure creation of the lock file, which could let a malicious user obtain superuser privileges.
Patches available at:
ftp://ftp.kde.org/pub/kde/
security_patches/
post-3.4.2-kdebase-
kcheckpa ss.diff
Mandriva:
http://www.mandriva.com/
security/advisories
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/
k/kdebase/
Slackware:
ftp://ftp.slackware.com/
pub/slackware/
Debian:
http://security.debian.org/
pool/updates/main/
k/kdebase/
Conectiva:
ftp://atualizacoes
.conectiva.com.br/10/
There is no exploit code required.
|
KDE kcheckpass Superuser Privilege Escalation
CAN-2005-2494 |
High |
KDE Security Advisory, September 5, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:160, September 6, 2005
Ubuntu Security Notice, USN-176-1 September 07, 2005
Slackware Security Advisory, SSA:2005-251-01 & 251-03, September 9, 2005
Debian Security Advisory DSA 815-1, September 16, 2005
Conectiva Linux Announcement, CLSA-2005:1011, September 23, 2005 |
KDE
KDE 3.0 - 3.4.2 |
A vulnerability was reported in 'langen2kvtml' due to the insecure creation of temporary files, which could let malicious user obtain elevated privileges.
Patches available at:
ftp://ftp.kde.org/pub/
kde/security_patches
Fedora:
http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates/3/
Fedora:
http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates/
Mandriva:
http://www.mandriva.com/
security/advisories
Slackware:
ftp://ftp.slackware.com/
pub/slackware/slackware
-current/slackware/
Debian:
http://security.debian.
org/pool/updates/
main/k/kdeedu/
There is no exploit code required.
|
|
Medium |
KDE Security Advisory, August 15, 2005
Fedora Update Notification,
FEDORA-2005-745, August 15, 2005
Fedora Update Notifications,
FEDORA-2005-744 & 745, August 16, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:159, September 6, 2005
Slackware Security Advisory, SSA:2005-251-03, September 9, 2005
Debian Security Advisory, DSA 818-1, September 22, 2005 |
lm_sensors
lm_sensors 2.9.1
|
A vulnerability has been reported in the 'pwmconfig' script due to the insecure creation of temporary files, which could result in a loss of data or a Denial of Service.
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/
l/lm-sensors/
Mandriva:
http://www.mandriva.com/
security/advisories
Gentoo:
http://security.gentoo.org/
glsa/glsa-200508-19.xml
Debian:
http://security.debian.org/
pool/updates/main/
l/lm-sensors/
Conectiva:
ftp://atualizacoes.
conectiva.com.br/10/
There is no exploit code required. |
LM_sensors PWMConfig Insecure Temporary File Creation
CAN-2005-2672
|
Low |
Security Focus, Bugtraq ID: 14624, August 22, 2005
Ubuntu Security Notice, USN-172-1, August 23, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:149, August 25, 2005
Gentoo Linux Security Advisory, GLSA 200508-19, August 30, 2005
Debian Security Advisory, DSA 814-1, September 15, 2005
Conectiva Linux Announcement, CLSA-2005:1012, September 23, 2005
|
Multiple Vendors
Linux kernel 2.6.10, 2.6.9; RedHat Fedora Core2&3
|
A Denial of Service vulnerability exists in the 'mlockall()' system call due to a failure to properly enforce defined limits.
Fedora:
http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates/
RedHat:
https://rhn.redhat.com
/errata/RHSA-2005-
092.html
Conectiva:
ftp://atualizacoes.
conectiva.com.br/
RedHat:
http://rhn.redhat.com/
errata/RHSA-
2005-663.html
A Proof of Concept exploit script has been published. |
Linux Kernel Local RLIMIT_
MEMLOCK
Bypass Denial
of Service
CAN-2005-0179
|
Low |
Bugtraq, January 7, 2005
Fedora Update Notifications,
FEDORA-2005-013 & 014, January 10, 2005
RedHat Security Advisory, RHSA-2005:092-14, February 18, 2005
Conectiva Linux Security Announcement, CLA-2005:930, March 7, 2005
RedHat Security Advisory, RHSA-2005:663-19, September 28, 2005 |
Multiple Vendors
Linux kernel 2.4 .0-test1-test12, 2.4-2.4.29, 2.6, 2.6-test1-test11, 2.6.1-2.6.11 |
Multiple vulnerabilities have been reported in the ISO9660 handling routines, which could let a malicious user execute arbitrary code.
Fedora:
http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates/
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/l/
linux-source-2.6.8.1/
Fedora:
http://download.fedora.
redhat.com/pub/fedora/l
inux/core/updates/
RedHat:
http://rhn.redhat.com/
errata/RHSA-
2005-366.html
Conectiva:
ftp://atualizacoes.conectiva.
com.br/
FedoraLegacy:
http://download.fedoralegacy.
org/redhat/
RedHat:
http://rhn.redhat.com/
errata/RHSA-
2005-663.html
Currently we are not aware of any exploits for these vulnerabilities. |
Linux Kernel
Multiple ISO9660 Filesystem
Handling
Vulnerabilities
CAN-2005-0815
|
High |
Security Focus,
12837,
March 18, 2005
Fedora Security
Update Notification,
FEDORA-2005-262, March 28, 2005
Ubuntu Security Notice, USN-103-1, April 1, 2005
Fedora Update Notification
FEDORA-2005-313, April 11, 2005
RedHat Security Advisory, RHSA-2005:366-19, April 19, 2005
Conectiva Linux Security Announcement, CLA-2005:952, May 2, 2005
Fedora Legacy Update Advisory, FLSA:152532, June 4, 1005
RedHat Security Advisory, RHSA-2005:663-19, September 28, 2005 |
Multiple Vendors
RedHat Enterprise
Linux WS 4, ES 4, AS 4,
Desktop 4.0;
Linux kernel 2.6.9, 2.6-2.6.8 |
A Denial of Service vulnerability has been reported in the auditing code.
RedHat:
http://rhn.redhat.com/
errata/RHSA-
2005-420.html
RedHat:
http://rhn.redhat.com/
errata/RHSA
-2005-663.html
Currently we are not aware of any exploits for this vulnerability. |
|
Low |
RedHat Security Advisory, RHSA-2005:420-22, June 8, 2005
RedHat Security Advisory,
RHSA-2005
:420-24,
Updated
August 9, 2005
RedHat Security Advisory, RHSA-2005:663-19, September 28, 2005 |
Multiple Vendors
RedHat Fedora Core4, Core3, Enterprise Linux WS 4, ES 4, AS 4, Desktop 4.0;
Real Networks RealPlayer For Unix 10.0.4, 10.0.3, RealPlayer 10 for Linux , Japanese, German, English, Helix Player for Linux 1.0-1.0.4
|
A format string vulnerability has been reported when displaying an invalid-handle error message, which could let a remote malicious user execute arbitrary code.
RedHat:
http://rhn.redhat.com/
errata/RHSA-
2005-788.html
Fedora:
http://download.fedora.
redhat.com/pub/
fedora/linux/
core/updates/
An exploit script has been published. |
RealNetworks RealPlayer & Helix Player Format String
CAN-2005-2710
|
High |
RedHat Security Advisory, RHSA-2005:788-3, September 27, 2005
Fedora Update Notifications,
FEDORA-2005-940 & 941, September 27,2 005
US-CERT VU#361181
|
Multiple Vendors
SuSE Linux Professional
9.3, x86_64,
9.2, x86_64, Linux Personal 9.3, x86_64; Linux kernel
2.6-2.6.12 |
A buffer overflow vulnerability has been reported in the XFRM network architecture code due to insufficient validation of user-supplied input, which could let a malicious user execute arbitrary code.
Patches available at:
http://www.kernel.org/
Ubuntu:
http://security.ubuntu.
com/ubuntu/pool/main/l/
SUSE:
ftp://ftp.SUSE.com/
pub/SUSE
RedHat:
http://rhn.redhat.com/
errata/RHSA-
2005-663.html
Currently we are not aware of any exploits for this vulnerability.
|
Linux Kernel XFRM Array Index Buffer Overflow
CAN-2005-2456 |
High |
Security Focus, 14477, August 5, 2005
Ubuntu Security Notice, USN-169-1, August 19, 2005
SUSE Security Announcement, SUSE-SA:2005:050, September 1, 2005
RedHat Security Advisory, RHSA-2005:663-19, September 28, 2005 |
Multiple Vendors
SuSE Linux Professional
9.0, x86_64; Linux kernel
2.6-2.6.12,
2.5 .0- 2.5.69, 2.4-2.4.32 |
An unspecified Denial of Service vulnerability has been reported when stack fault exceptions are triggered.
SUSE:
ftp://ftp.SUSE.com/
pub/SUSE
Ubuntu:
http://security.ubuntu.
com/ubuntu/pool/
main/l/
RedHat:
http://rhn.redhat.com/
errata/RHSA-
2005-663.html
Currently we are not aware of any exploits for this vulnerability. |
Linux Kernel Stack Fault Exceptions Denial of Service
CAN-2005-1767 |
Low |
Security Focus, 14467, August 3, 2005
SUSE Security Announce-
ment, SUSE-SA:2005:044, August 4, 2005
Ubuntu Security Notice, USN-187-1, September 25, 2005
RedHat Security Advisory, RHSA-2005:663-19, September 28, 2005 |
Multiple Vendors
Ubuntu Linux 5.0 4 amd64, 4.1 ia64;
SuSE Linux 9.3 x86_64, 9.1 x86_64, 9.0 x86_64;
Linux kernel 2.6.10, 2.6.8 |
A Denial of Service has been reported in 'ptrace()' due to insufficient validation of memory addresses.
Updates available at:
http://kernel.org/
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/l/
linux-source-2.6.8.1/
SUSE:
ftp://ftp.SUSE.com/
pub/SUSE
RedHat:
http://rhn.redhat.com/
errata/RHSA-
2005-663.html
Currently we are not aware of any exploits for this vulnerability. |
|
Low |
Ubuntu Security Notice, USN-137-1, June 08, 2005
SUSE Security Announcement, SUSE-SA:2005:029, June 9, 2005
RedHat Security Advisory, RHSA-2005:663-19, September 28, 2005 |
Multiple Vendors
zlib 1.2.2, 1.2.1, 1.2 .0.7, 1.1-1.1.4, 1.0-1.0.9; Ubuntu Linux 5.0 4, powerpc, i386, amd64, 4.1 ppc, ia64, ia32; SuSE Open-Enterprise-Server 9.0, Novell Linux Desktop 9.0, Linux Professional 9.3, x86_64, 9.2, x86_64, 9.1, x86_64, Linux Personal 9.3, x86_64, 9.2, x86_64, 9.1, x86_64, Linux Enterprise Server 9; Gentoo Linux;
FreeBSD 5.4, -RELENG, -RELEASE, -PRERELEASE, 5.3, -STABLE, -RELENG, -RELEASE;
Debian Linux 3.1, sparc, s/390, ppc, mipsel, mips, m68k, ia-64, ia-32, hppa, arm, alpha; zsync 0.4, 0.3-0.3.3, 0.2-0.2.3 , 0.1-0.1.6 1, 0.0.1-0.0.6
|
A buffer overflow vulnerability has been reported due to insufficient validation of input data prior to utilizing it in a memory copy operation, which could let a remote malicious user execute arbitrary code.
Debian:
ftp://security.debian.org
/pool/updates/
main/z/zlib/
FreeBSD:
ftp://ftp.FreeBSD.org
/pub/FreeBSD/
CERT/patches/
SA-05:16/zlib.patch
Gentoo:
http://security.gentoo.org/
glsa/glsa-200507-05.xml
SUSE:
ftp://ftp.suse.com
/pub/suse/
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/z/zlib/
Mandriva:
http://www.mandriva.com/
security/advisories
OpenBSD:
http://www.openbsd.org/
errata.html
OpenPKG:
ftp.openpkg.org
RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-
569.html
Trustix:
http://http.trustix.org/pub/
trustix/updates/
Slackware:
ftp://ftp.slackware.com/
pub/slackware/
TurboLinux:
ftp://ftp.turbolinux.co.jp/
pub/TurboLinux/
TurboLinux/
ia32/Server/10
Fedora:
http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates/
zsync:
http://prdownloads.
sourceforge.net/zsync/
zsync-0.4.1.tar.gz?
download
Apple:
http://docs.info.apple.com/
article.html?artnum=
302163
SCO:
ftp://ftp.sco.com/pub/
updates/UnixWare/
SCOSA-2005.33
IPCop:
http://sourceforge.net/
project/showfiles.php
?group_id=40604&
package_id = 35093
&release_id=351848
Debian:
http://security.debian.org/
pool/updates/main/
z/zsync/
Trolltech:
ftp://ftp.trolltech.com/
qt/source/qt-x11-free-
3.3.5.tar.gz
FedoraLegacy:
http://download.
fedoralegacy.org/
fedora/
Gentoo:
http://security.
gentoo.org/glsa/
glsa-200509-18.xml
Currently we are not aware of any exploits for this vulnerability. |
|
High |
Debian Security Advisory
DSA 740-1,
July 6, 2005
FreeBSD Security Advisory,
FreeBSD-SA-05:16, July 6, 2005
Gentoo Linux Security Advisory, GLSA 200507-
05, July 6, 2005
SUSE Security Announcement, SUSE-SA:2005:039,
July 6, 2005
Ubuntu Security Notice,
USN-148-1, July 06, 2005
RedHat Security Advisory, RHSA-2005:569-03,
July 6, 2005
Fedora Update Notifications,
FEDORA-2005-523, 524,
July 7, 2005
Mandriva Linux Security Update Advisory,
MDKSA-2005:11, July 7, 2005
OpenPKG
Security Advisory, OpenPKG-SA-2005.013,
July 7, 2005
Trustix Secure
Linux Security Advisory,
TSLSA-2005-
0034, July 8,
2005
Slackware Security
Advisory, SSA:2005-
189-01,
July 11, 2005
Turbolinux Security
Advisory, TLSA-2005-77,
July 11, 2005
Fedora Update Notification, FEDORA-2005-565, July 13, 2005
SUSE Security Summary
Report, SUSE-SR:2005:017,
July 13, 2005
Security Focus, 14162, July 21, 2005
USCERT Vulnerability Note VU#680620, July 22, 2005
Apple Security Update 2005-007,
APPLE-SA-2005-08-15, August 15, 2005
SCO Security Advisory, SCOSA-2005.33, August 19, 2005
Security Focus, Bugtraq ID: 14162, August 26, 2005
Debian Security Advisory, DSA 797-1, September 1, 2005
Security Focus, Bugtraq ID: 14162, September 12, 2005
Fedora Legacy Update Advisory, FLSA:162680, September 14, 2005
Gentoo Linux Security Advisory, GLSA 200509-18, September 26, 2005
|
Multiple Vendors
Gentoo Linux;
GNU GDB 6.3 |
Multiple vulnerabilities have been reported: a heap overflow vulnerability was reported when loading malformed object files, which could let a remote malicious user execute arbitrary code; and a vulnerability was reported which could let a malicious user obtain elevated privileges.
Gentoo:
http://security.gentoo.org/
glsa/glsa-200505-15.xml
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/g/gdb/
http://security.ubuntu.com/
ubuntu/pool/main/
b/binutils/
Mandriva:
http://www.mandriva.com/
security/advisories
Trustix:
http://http.trustix.org/pub/
trustix/updates/
TurboLinux:
ftp://ftp.turbolinux.co.jp/
pub/TurboLinux/
TurboLinux/ia32/
RedHat:
http://rhn.redhat.com/
errata/RHSA
-2005-659.html
Currently we are not aware of any exploits for these vulnerabilities. |
|
High |
Gentoo Linux Security Advisory, GLSA 200505-15, May 20, 2005
Turbolinux Security Advisory, TLSA-2005-68, June 22, 2005
RedHat Security Advisory, RHSA-2005:659-9, September 28, 2005 |
Multiple Vendors
Linux Kernel
2.4, 2.6 |
A race condition vulnerability has been reported in ia32 emulation, that could let local malicious users obtain root privileges or create a buffer overflow.
Patch Available:
http://kernel.org/pub/
linux/kernel/v2.4/
testing/
patch-2.4.32-pre1.bz2
Trustix:
http://http.trustix.org/
pub/trustix/updates/
SUSE:
ftp://ftp.SUSE.com/
pub/SUSE
RedHat:
http://rhn.redhat.com/
errata/RHSA-
2005-663.html
Currently we are not aware of any exploits for this vulnerability. |
Linux Kernel Race Condition and Buffer Overflow
CAN-2005-1768
|
High |
Security Focus, 14205, July 11, 2005
Trustix Secure Linux Security Advisory,
TSLSA-2005-
0036, July 14, 2005
SUSE Security Announce-
ment, SUSE-SA:2005:044, August 4, 2005
RedHat Security Advisory, RHSA-2005:663-19, September 28, 2005 |
Multiple Vendors
Linux kernel
2.6 .10,
Linux kernel
2.6 -test1-
test11,
2.6-2.6.8 |
A Denial of Service vulnerability has been reported in the Netfilter code due to a memory leak.
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/l/linux-
source-2.6.8.1/
SuSE:
ftp://ftp.suse.com/
pub/suse/
Fedora:
http://download.fedora.
redhat.com/pub/
fedora/linux/core/
updates/
Conectiva:
ftp://atualizacoes.conectiva.
com.br/10/
Fedora:
http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates/
RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-366.html
RedHat:
http://rhn.redhat.com/
errata/RHSA-
2005-663.html
Currently we are not aware of any exploits for this vulnerability. |
Linux Kernel
Netfilter Memory Leak
Denial of Service
CAN-2005-0210
|
Low |
Ubuntu Security
Notice, USN-95-1 March 15, 2005
SUSE Security Announce-
ment,
SUSE-SA:
2005:
018, March 24, 2005
Fedora Security
Update Notification,
FEDORA-2005-262, March 28, 2005
Conectiva Linux Security Announce-
ment,
CLA-2005:945,
March 31, 2005
Fedora Update Notification
FEDORA-2005-313, April 11, 2005
RedHat Security Advisory,
RHSA-2005
:366-21, August 9, 2005
RedHat Security Advisory, RHSA-2005:663-19, September 28, 2005 |
Multiple Vendors
Linux kernel
2.6 prior to 2.6.12.1
|
A vulnerability has been reported in the 'restore_sigcontext()' function due to a failure to restrict access to the 'ar.rsc' register, which could let a malicious user cause a Denial of Service or obtain elevated privileges.
Updates available at:
http://www.kernel.org/
SUSE:
http://www.novell.com/linux/
security/advisories/
2005_44_kernel.html
RedHat:
http://rhn.redhat.com/
errata/RHSA-
2005-663.html
Currently we are not aware of any exploits for this vulnerability. |
|
Medium |
Security Tracker Alert ID: 1014275, June 23, 2005
SUSE Security Announce-
ment, SUSE-SA:2005:044, August 4, 2005
RedHat Security Advisory, RHSA-2005:663-19, September 28, 2005 |
Multiple Vendors
Linux Kernel 2.2, 2.4, 2.6 |
Several buffer overflow vulnerabilities exist in 'drivers/char/moxa.c' due to insufficient validation of user-supplied inputs to the 'MoxaDriverloctl(),' ' moxaloadbios(),' moxaloadcode(),' and 'moxaload320b()' functions, which could let a malicious user execute arbitrary code with root privileges.
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/l/
linux-source-2.6.8.1/l
SUSE:
ftp://ftp.SUSE.com/
pub/SUSE
FedoraLegacy:
http://download.fedoralegacy.
org/redhat/
RedHat:
http://rhn.redhat.com/
errata/RHSA-
2005-663.html
Currently we are not aware of any exploits for these vulnerabilities. |
|
High |
Security Tracker Alert, 1013273, February 23, 2005
SUSE Security Announcement, SUSE-SA:2005:018, March 24, 2005
Fedora Legacy Update Advisory, FLSA:152532, June 4, 1005
RedHat Security Advisory, RHSA-2005:663-19, September 28, 2005 |
Multiple Vendors
Linux Kernel 2.6 - 2.6.10 rc2 |
The DRM module in the Linux kernel is susceptible to a local Denial of Service vulnerability. This vulnerability likely results in the corruption of video memory, crashing the X server. Malicious users may be able to modify the video output.
Ubuntu:
http://security.ubuntu.com
/ubuntu/pool/main
RedHat:
https://rhn.redhat.com/
errata/RHSA-
2005-092.html
FedoraLegacy:
http://download.
fedoralegacy.org/redhat/
RedHat:
http://rhn.redhat.com/
errata/RHSA-
2005-663.html
Currently we are not aware of any exploits for this vulnerability. |
Multiple Vendors Linux Kernel Local DRM Denial of Service
CAN-2004-1056 |
Low |
Ubuntu Security Notice USN-38-1 December 14, 2004
RedHat Security Advisory, RHSA-2005:092-14, February 18, 2005
Fedora Legacy Update Advisory, FLSA:2336, February 24, 2005
RedHat Security Advisory, RHSA-2005:663-19, September 28, 2005 |
Multiple Vendors
Linux kernel 2.6.10, 2.6, -test1-test 11, 2.6.1- 2.6.11;
RedHat Fedora Core2 |
A vulnerability has been reported in the EXT2 filesystem handling code, which could let malicious user obtain sensitive information.
Patches available at:
http://www.kernel.org/
pub/linux/kernel/v2.6/
patch-2.6.11.6.bz2
Fedora:
http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates/2/
Trustix:
http://http.trustix.org/pub/
trustix/updates/
Fedora:
http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates/
RedHat:
http://rhn.redhat.com/
errata/RHSA-
2005-366.html
Conectiva:
ftp://atualizacoes.
conectiva.com.br/
FedoraLegacy:
http://download.
fedoralegacy.org/
redhat/
SUSE:
ftp://ftp.SUSE.com/
pub/SUSE
RedHat:
http://rhn.redhat.com/
errata/RHSA-
2005-663.html
Currently we are not aware of any exploits for this vulnerability. |
|
Medium |
Security Focus,
12932,
March 29, 2005
Trustix Secure
Linux Security Advisory,
TSLSA-2005-0011, April 5, 2005
Fedora Update Notification
FEDORA-2005-313, April 11, 2005
RedHat Security Advisory, RHSA-2005:366-19, April 19, 2005
Conectiva Linux Security Announcement, CLA-2005:952, May 2, 2005
Fedora Legacy Update Advisory, FLSA:152532, June 4, 1005
SUSE Security Announcement, SUSE-SA:2005:029, June 9, 2005
RedHat Security Advisory, RHSA-2005:663-19, September 28, 2005
|
Multiple Vendors
Linux kernel 2.6.8-2.6.10, 2.4.21
|
Several vulnerabilities have been reported: a buffer overflow vulnerability was reported in 'msg_control' when copying 32 bit contents, which could let a malicious user obtain root privileges and execute arbitrary code; and a vulnerability was reported in the 'raw_sendmsg()' function, which could let a malicious user obtain sensitive information or cause a Denial of Service.
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/l/
Trustix:
http://http.trustix.org/
pub/trustix/updates/
Fedora:
http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates/
RedHat:
http://rhn.redhat.com/
errata/RHSA-
2005-663.html
Currently we are not aware of any exploits for these vulnerabilities. |
Linux Kernel Buffer Overflow, Information Disclosure, & Denial of Service
CAN-2005-2490
CAN-2005-2492 |
High |
Secunia Advisory: SA16747, September 9, 2005
Ubuntu Security Notice, USN-178-1, September 09, 2005
Trustix Secure Linux Security Advisory, TSLSA-2005-0049, September 16, 2005
Fedora Update Notifications,
FEDORA-2005-905 & 906, September 22, 2005
RedHat Security Advisory, RHSA-2005:663-19, September 28, 2005 |
Multiple Vendors
Linux kernel 2.6-2.6.12 .1 |
A vulnerability has been reported due to insufficient authorization before accessing a privileged function, which could let a malicious user bypass IPSEC policies.
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/l/
This issue has been addressed in Linux kernel 2.6.13-rc7.
SUSE:
ftp://ftp.SUSE.com/
RedHat:
http://rhn.redhat.com/
errata/RHSA-
2005-663.html
Currently we are not aware of any exploits for this vulnerability.
|
|
Medium |
Ubuntu Security Notice, USN-169-1, August 19, 2005
Security Focus, Bugtraq ID 14609, August 19, 2005
Security Focus, Bugtraq ID 14609, August 25, 2005
SUSE Security Announcement, SUSE-SA:2005:050, September 1, 2005
RedHat Security Advisory, RHSA-2005:663-19, September 28, 2005 |
Multiple Vendors
Linux kernel 2.6-2.6.13.1 |
A Denial of Service vulnerability has been reported due to an omitted call to the 'sockfd_put()' function in the 32-bit compatible 'routing_ioctl()' function.
Fixed version (2.6.13.2), available at:
http://kernel.org/
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/l/
Currently we are not aware of any exploits for this vulnerability.
|
|
Low |
Security Tracker Alert ID: 1014944, September 21, 2005
Ubuntu Security Notice, USN-187-1, September 25, 2005
|
Multiple Vendors
Linux kernel 2.6-2.6.14 |
Several vulnerabilities have been reported: a Denial of Service vulnerability was reported when handling asynchronous USB access via usbdevio; and a Denial of Service vulnerability was reported in the 'ipt_recent.c' netfilter module due to an error in jiffies comparison.
No workaround or patch available at time of publishing.
Currently we are not aware of any exploits for these vulnerabilities.
|
|
Low |
Secunia Advisory: SA16969, September 27, 2005 |
Multiple Vendors
XFree86 X11R6 4.3 .0,
4.1 .0; X.org X11R6 6.8.2;
RedHat Enterprise Linux WS 2.1, IA64, ES 2.1, IA64, AS 2.1, IA64, Advanced Workstation for the Itanium Processor 2.1, IA64; Gentoo Linux |
A buffer overflow vulnerability has been reported in the pixmap processing code, which could let a malicious user execute arbitrary code and possibly obtain superuser privileges.
Gentoo:
http://security.gentoo.org/
glsa/glsa-200509-07.xml
RedHat:
http://rhn.redhat.com/
errata/RHSA-
2005-329.html
http://rhn.redhat.com/
errata/RHSA-
2005-396.html
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/x/xfree86/
Mandriva:
http://www.mandriva.com/
security/advisories?name
=MDKSA-2005:164
Fedora:
http://download.fedora.
redhat.com/pub/
fedora/linux/
core/updates/
Trustix:
http://http.trustix.org/
pub/trustix/updates/
Debian:
http://security.debian.org/
pool/updates/main/
x/xfree86/
Sun:
http://sunsolve.sun.com/
search/document.do?
assetkey=1-26-101926-1
&searchclause
SUSE:
ftp://ftp.suse.com
/pub/suse/
Slackware:
ftp://ftp.slackware.com/
pub/slackware/
Currently we are not aware of any exploits for this vulnerability. |
|
High |
Gentoo Linux Security Advisory, GLSA 200509-07, September 12, 2005
RedHat Security Advisory, RHSA-2005:329-12 & RHSA-2005:396-9, September 12 & 13, 2005
Ubuntu Security Notice, USN-182-1, September 12, 2005
Mandriva Security Advisory, MDKSA-2005:164, September 13, 2005
US-CERT VU#102441
Fedora Update Notifications,
FEDORA-2005-893 & 894, September 16, 2005
Trustix Secure Linux Security Advisory, TSLSA-2005-0049, September 16, 2005
Debian Security Advisory DSA 816-1, September 19, 2005
Sun(sm) Alert Notification
Sun Alert ID: 101926, September 19, 2005
SUSE Security Announcement, SUSE-SA:2005:056, September 26, 2005
Slackware Security Advisory, SSA:2005-269-02, September 26, 2005
|
Net-snmp
Net-snmp 5.x |
A vulnerability has been reported in 'fixproc' due to a failure to securely create temporary files in world writeable locations, which could let a malicious user obtain elevated privileges and possibly execute arbitrary code with ROOT privileges.
Gentoo:
http://security.gentoo.org/
glsa/glsa-200505-18.xml
Fedora:
http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates/
RedHat: https://rhn.redhat.com/
There is no exploit code required. |
|
High |
Gentoo Linux Security Advisory, GLSA 200505-18, May 23, 2005
Fedora Update Notifications,
FEDORA-2005
-561 & 562,
July 13, 2005
RedHat Security Advisory, RHSA-2005:373-23, September 28, 2005 |
PCRE
PCRE 6.1, 6.0, 5.0 |
A vulnerability has been reported in 'pcre_compile.c' due to an integer overflow, which could let a remote/local malicious user potentially execute arbitrary code.
Updates available at:
http://www.pcre.org/
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/p/pcre3/
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/
Fedora:
http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates/
Gentoo:
http://security.gentoo.org/
glsa/glsa-200508-17.xml
Mandriva:
http://www.mandriva.com/
security/advisories
SUSE:
ftp://ftp.SUSE.com/
pub/SUSE
Slackware:
ftp://ftp.slackware.com/
pub/slackware/
Ubuntu:
http://security.ubuntu.
com/ubuntu/
pool/main/
Debian:
http://security.debian.
org/pool/updates/
main/p/pcre3/
SUSE:
ftp://ftp.SUSE.com/
pub/SUSE
Slackware:
ftp://ftp.slackware.com/
pub/slackware/
slackware-10.1/
testing/packages/
php-5.0.5/php-
5.0.5-i486-1.tgz
Gentoo:
http://security.gentoo.org/
glsa/glsa-200509-08.xml
Conectiva:
ftp://atualizacoes.conectiva.
com.br/10/
Gentoo:
http://security.gentoo
.org/glsa/glsa-
200509-12.xml
Debian:
http://security.debian.
org/pool/updates/
main/p/python2.2/
Gentoo:
http://security.gentoo.org/
glsa/glsa-200509-19.xml
Debian:
http://security.debian.
org/pool/updates/
main/p/python2.3/
Currently we are not aware of any exploits for this vulnerability. |
|
High |
Secunia Advisory: SA16502, August 22, 2005
Ubuntu Security Notice, USN-173-1, August 23, 2005
Ubuntu Security Notices, USN-173-1 & 173-2, August 24, 2005
Fedora Update Notifications,
FEDORA-2005-802 & 803, August 24, 2005
Gentoo Linux Security Advisory, GLSA 200508-17, August 25, 2005
Mandriva Linux Security Update Advisories, MDKSA-2005:151-155, August 25, 26, & 29, 2005
SUSE Security Announcements, SUSE-SA:2005:048 & 049, August 30, 2005
Slackware Security Advisories, SSA:2005-242-01 & 242-02 , August 31, 2005
Ubuntu Security Notices, USN-173-3, 173-4 August 30 & 31, 2005
Debian Security Advisory, DSA 800-1, September 2, 2005
SUSE Security Announcement, SUSE-SA:2005:051, September 5, 2005
Slackware Security Advisory, SSA:2005-251-04, September 9, 2005
Gentoo Linux Security Advisory, GLSA 200509-08, September 12, 2005
Conectiva Linux Announce-ment, CLSA-2005:1009, September 13, 2005
Gentoo Linux Security Advisory, GLSA 200509-12, September 19, 2005
Debian Security Advisory, DSA 817-1 & DSA 819-1, September 22 & 23, 2005
Gentoo Linux Security Advisory, GLSA 200509-19, September 27, 2005
Debian Security Advisory, DSA 821-1, September 28, 2005 |
Qualcomm
qpopper 4.0.8 |
A vulnerability has been reported in the 'poppassd' setuid-superuser application, which could let a malicious user obtain elevated privileges.
No workaround or patch available at time of publishing.
There is no exploit code required; however, Proof of Concept exploits have been published. |
|
Medium |
Security Focus, Bugtraq ID: 14944, September 26, 2005 |
RSyslog
RSyslog 1.10 , 0.9.3 -0.9.8
|
An SQL injection vulnerability has been reported due to insufficient sanitization of a received syslog message before used in an SQL query, which could let a remote malicious user execute arbitrary SQL code.
Upgrades available at:
http://www.rsyslog.com/
Downloads-index-req-
getit-lid-17.phtml
There is no exploit code required.
|
RSyslog SQL Injection
CAN-2005-3074 |
Medium |
Secunia Advisory: SA16947, September 26, 2005 |
Script
Solutions
PerlDiver 2.31
|
A Cross-Site Scripting vulnerability has been reported in 'Perldiver.cgi' due to insufficient sanitization of the 'module' parameter, which could let a remote malicious user execute arbitrary HTML and script code.
Upgrade available at:
http://www.scriptsolutions.
com/support/
There is no exploit code required; however, Proof of Concept exploits have been published. |
|
Medium |
EXPL-A-2005-014 exploitlabs.com Advisory 043, September 21, 2005 |
slocate
slocate 2.7
|
A Denial of Service vulnerability has been reported when a specially crafted directory structure that contains long paths is submitted.
Mandriva:
http://www.mandriva.com/
security/advisories
TurboLinux:
ftp://ftp.turbolinux.co.jp/
pub/TurboLinux/
TurboLinux/ia32/
RedHat:
https://rhn.redhat.com/
There is no exploit code required.
|
|
Low |
Mandriva Linux Security Update Advisory, MDKSA-2005:147, August 22, 2005
Turbolinux Security Advisory, TLSA-2005-91, September 20, 2005
RedHat Security Advisory, RHSA-2005:345-24, September 28, 2005 |
Sun Microsystems Inc.
Solaris 10.0, _x86, 9.0, _x86, 8.0, _x86, 7.0, _x86 |
A vulnerability has been reported in the Xsun and Xprt commands due to an unspecified error, which could let a malicious user obtain elevated privileges.
Patches available at:
http://sunsolve.sun.com/
search/document.do?
assetkey=1-26-101800-1
Currently we are not aware of any exploits for this vulnerability. |
|
Medium |
Sun(sm) Alert Notification
Sun Alert ID: 101800, September 26, 2005 |
| |
| |
