|
Summary of Security Items from August 10 through August 16, 2005
Information in the US-CERT Cyber Security Bulletin is a compilation and includes information published by outside sources, therefore the information should not be considered the result of US-CERT analysis. Software vulnerabilities are categorized in the appropriate section reflecting the operating system on which the vulnerability was reported; however, this does not mean that the vulnerability only affects the operating system reported since this information is obtained from open-source information.
This bulletin provides a summary of new or updated vulnerabilities, exploits, trends, viruses, and trojans. Updates to vulnerabilities that appeared in previous bulletins are listed in bold text. The text in the Risk column appears in red for vulnerabilities ranking High. The risks levels applied to vulnerabilities in the Cyber Security Bulletin are based on how the "system" may be impacted. The Recent Exploit/Technique table contains a "Workaround or Patch Available" column that indicates whether a workaround or patch has been published for the vulnerability which the script exploits.
Vulnerabilities
The table below summarizes vulnerabilities that have been identified, even if they are not being exploited. Complete details about patches or workarounds are available from the source of the information or from the URL provided in the section. CVE numbers are listed where applicable. Vulnerabilities that affect both Windows and Unix Operating Systems are included in the Multiple Operating Systems section.
Note: All the information included in the following tables has been discussed in newsgroups and on web sites.
The Risk levels defined below are based on how the system may be impacted:
Note: Even though a vulnerability may allow several malicious acts to be performed, only the highest level risk will be defined in the Risk column.
- High - A high-risk vulnerability is defined as one that will allow an intruder to immediately gain privileged access (e.g., sysadmin or root) to the system or allow an intruder to execute code or alter arbitrary system files. An example of a high-risk vulnerability is one that allows an unauthorized user to send a sequence of instructions to a machine and the machine responds with a command prompt with administrator privileges.
- Medium - A medium-risk vulnerability is defined as one that will allow an intruder immediate access to a system with less than privileged access. Such vulnerability will allow the intruder the opportunity to continue the attempt to gain privileged access. An example of medium-risk vulnerability is a server configuration error that allows an intruder to capture the password file.
- Low - A low-risk vulnerability is defined as one that will provide information to an intruder that could lead to further compromise attempts or a Denial of Service (DoS) attack. It should be noted that while the DoS attack is deemed low from a threat potential, the frequency of this type of attack is very high. DoS attacks against mission-critical nodes are not included in this rating and any attack of this nature should instead be considered to be a "High" threat.
Windows Operating Systems Only |
Vendor & Software Name |
Vulnerability - Impact
Patches - Workarounds
Attacks Scripts |
Common Name /
CVE Reference |
Risk |
Source |
DVBBS 7.1, 7.1SP2
|
Multiple input validation vulnerabilities have been reported in DVBBS that could let remote malicious users conduct Cross-Site Scripting.
No workaround or patch available at time of publishing.
There is no exploit code required; however, Proof of Concept exploits have been published. |
DVBBS Cross Site Scripting
CAN-2005-2588 |
Medium |
Security Tracker, Alert ID: 1014632, August 8, 2005 |
McAfee
ePolicy Orchestrator 3.5 |
An vulnerability has been reported in ePolicy Orchestrator that could let local malicious users disclose information and obtain elevated privileges.
No workaround or patch available at time of publishing.
An exploit script has been published. |
ePolicy Information Disclosure and Privilege Elevation
CAN-2005-2554 |
Medium |
Security Focus, ID: 14549, August 11, 2005 |
Microsoft
Plug and Play |
A vulnerability has been reported in Plug and Play that could let local or remote malicious users execute arbitrary code or obtain elevated privileges.
Vendor fix available:
http://www.microsoft.com/
technet/security/Bulletin
/MS05-039.mspx
Exploit scripts have been published and worm, "Worm:Win32/Zotob.A", is circulating. |
Microsoft Plug and Play Arbitrary Code Execution or Elevated Privileges
CAN-2005-1983 |
High |
Microsoft Security Bulletin MS05-039, August 9, 2005
US-CERT VU#998653
Microsoft Security Advisory, 899588, August 15, 2005 |
Parlando
MindAlign 5.0 |
Multiple vulnerabilities have been reported in MindAlign that could let local or remote malicious users perform a Denial of Service, bypass security, conduct Cross-Site Scripting, or disclose information.
Fix available through vendor: support@parlano.com
Currently we are not aware of any exploits for these vulnerabilities. |
MindAlign Multiple Vulnerabilities
CAN-2005-2590
CAN-2005-2591
CAN-2005-2592
CAN-2005-2593
|
Medium |
NISCC Vulnerability Advisory 356752, August 12, 2005 |
Novell
eDirectory 8.7.3 iMonitor
|
A buffer overflow vulnerability has been reported in eDirectory iMonitor that could let remote malicious users to cause a Denial of Service or execute arbitrary code.
Vendor fix available:
http://support.novell.com/
cgi-bin/search/searchtid.cgi?
/10098568.htm
An exploit script has been published. |
Novell eDirectory Denial of Service or Arbitrary Code Execution
CAN-2005-2551 |
High |
Novell, TID10098568, August 12, 2005
US-CERT VU#213165 |
[back to
top]
UNIX / Linux Operating Systems Only |
Vendor & Software Name |
Vulnerability - Impact
Patches - Workarounds
Attacks Scripts |
Common Name /
CVE Reference |
Risk |
Source |
Apache
Spam
Assassin 3.0.1, 3.0.2, 3.0.3 |
A vulnerability has been reported that could let remote malicious users cause a Denial of Service. A remote user can send e-mail containing special message headers to cause the application to take an excessive amount of time to check the message.
A fixed version (3.0.4) is available at: http://spamassassin.
apache.org/
downloads.cgi
Fedora:
http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates/
Gentoo:
http://security.gentoo.org/
glsa/glsa-200506-17.xml
SUSE:
ftp://ftp.SUSE.com/
pub/SUSE
RedHat:
http://rhn.redhat.com/
errata/RHSA-
2005-498.html
Mandriva:
http://www.mandriva.com/
security/advisories
Debian:
http://security.debian.org/
pool/updates/main/
There is no exploit code required. |
|
Low |
Security Tracker Alert ID: 1014219,
June 16, 2005
Fedora Update Notifications,
FEDORA-
2005-427 &
428,
June 16 & 17, 2005
Gentoo Linux Security
Advisory,
GLSA 200506-17,
June 21, 200
SUSE Security Announce-
ment, SUSE-SA:2005:033, June 22, 2005
RedHat
Security Advisory,
RHSA-2005:
498-10,
June 23, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:106,
June 28, 2005
Debian Security Advisory, DSA 773-1, August 11, 2005 |
Apple
Mac OS X Server 10.4-10.4.2, 10.3.9, Mac OS X 1-.4-10.4.2, 10.3.9
|
Multiple security vulnerabilities have been reported: five vulnerabilities were reported ranging from buffer overflows to access validation in Apache; three vulnerabilities were reported in Appkit which could lead to the execution of arbitrary code or local account creation; an authentication bypass vulnerability was reported in Bluetooth; two vulnerabilities were reported in CoreFoundation which could result in a buffer overflow and a Denial of Service; two vulnerabilities were reported in CUPS, which could lead to a remote Denial of Service; three vulnerabilities were reported in Directory Services ranging from a buffer overflow, unauthorized account creation/deletion and and elevated privileges; a vulnerability was reported in Htoolbox that lead to information disclosure; five vulnerabilities were reported in Kerberos that could lead to a buffer overflow, arbitrary code execution and root compromise; a vulnerability was reported in 'loginwindow' which could let a malicious user obtain access to other logged in accounts; a vulnerability has been reported regarding the loss of privacy when remote images are loaded into HTML email; three security vulnerabilities have been reported in MySQL which could lead to remote arbitrary code execution; two vulnerabilities have been reported in OpenSSL which could lead to a Denial of Service; a vulnerability has been reported in ping that could lead to local privilege escalation and arbitrary code execution; a vulnerability has been reported in QuartzComposerScreen
Saver, which could let remote malicious users open pages while the RSS Visualizer screen is locked; two vulnerabilities have been reported in Safari which could lead to remote command execution or have information submitted to an incorrect site; a vulnerability has been reported in SecurityInterface which could lead to sensitive information disclosure; a buffer overflow vulnerability has been reported in 'servermgrd' which ultimately lead to the execution of arbitrary code; a vulnerability has been reported in 'servermgr_ipfilter' regarding firewall settings not always being written to the Active Rules; two vulnerabilities have been reported in SquirrelMail which could lead to Cross-Site Scripting; a vulnerability was reported in 'traceroute' which could lead to remote arbitrary code execution and privilege escalation; a vulnerability was reported in 'WebKit' that could lead to arbitrary code execution regarding a malformed PDF file; multiple Cross-Site Scripting vulnerabilities have been reported in Weblog Server; a vulnerability has been reported in 'X11' that could lead to remote arbitrary code execution; and two Denial of Service vulnerabilities were reported in zlib that potentially could lead to arbitrary code execution.
Patch information available at:
http://docs.info.apple.com/
article.html?artnum=302163
Currently we are not aware of any exploits for these vulnerabilities. |
|
High |
Apple Security Update 2005-007,
APPLE-SA-2005-08-15, August 15, 2005
|
Apple
Safari Web Browser 1.3 |
A remote Denial of Service vulnerability has been reported when certain JavaScript operations are performed.
No workaround or patch available at time of publishing.
A Proof of Concept exploit has been published.
|
Apple Safari Web Browser JavaScript Remote Denial of Service
CAN-2005-2594
|
Low |
Security Focus 14528, August 9, 2005 |
BlueZ
BlueZ 2.18 & prior
|
A vulnerability has been reported due to insufficient sanitization of input passed as a remote device name, which could let a remote malicious user execute arbitrary code.
Upgrades available at:
http://www.bluez.org/
redirect.php?url=
http%3A%2F%2F
bluez.sf.net%2F
down load%2F
bluez-libs-2.19.tar.gz
Gentoo:
http://security.gentoo.org/
glsa/glsa-200508-09.xml
There is no exploit code required. |
BlueZ Arbitrary Command Execution
CAN-2005-2547
|
High |
Security Focus 14572, August 16, 2005
Gentoo Linux Security Advisory, GLSA 200508-09, August 17, 2005 |
Centericq
Centericq 4.20 |
A vulnerability has been reported in 'gaduhook::handletoken()' due to the insecure creation of temporary files, which could let a malicious user obtain elevated privileges.
Debian:
http://security.debian.org/
pool/updates/main/c/
centericq/
Debian:
http://security.debian.org/
pool/updates/main/
There is no exploit code required. |
|
Medium |
Security
Focus, 14144,
July 5, 2005
Debian
Security
Advisory,
DSA 754-1,
July 13, 2005
Debian Security Advisory, DSA 773-1, August 11, 2005 |
Charlton
crip 3.5 |
A vulnerability has been reported due to the creation of temporary files in an insecure manner, which could let a malicious user overwrite files or cause a Denial of Service.
Debian:
http://security.debian.org
/pool/updates/main/c/crip/
Debian:
http://security.debian.org/
pool/updates/main/
There is no exploit code required. |
Crip Helper Script Insecure Temporary File Creation
CAN-2005-0393
|
Medium |
Debian Security Advisory, DSA 733-1, June 30, 2005
Debian Security Advisory, DSA 773-1, August 11, 2005 |
Clam AntiVirus
ClamAV 0.x |
Several vulnerabilities have been reported: a remote Denial of Service vulnerability was reported in the 'cli_scanszdd()' function in 'libclamav/scanners.c' due to a memory and file descriptor leak; and a remote Denial of Service vulnerability was reported in 'libclamav/mspack/mszipd.c' due to insufficient validation of the 'ENSURE_BITS()' macro user-supplied cabinet file header.
Upgrades available at:
http://prdownloads.source
forge.net/clamav/clamav-0.86.1.tar.gz?download
Conectiva:
ftp://atualizacoes.
conectiva.com.br/
Debian:
http://security.debian.org/
pool/updates/main/c/clamav/
Debian:
http://security.debian.org/
pool/updates/main/
Currently we are not aware of any exploits for these vulnerabilities. |
|
Low |
Security Tracker Alert ID: 1014332, June 29, 2005
Conectiva Linux Announce-
ment, CLSA-2005:973, July 6, 2005
Debian Security Advisory, DSA 737-1, July 6, 2005
Debian Security Advisory, DSA 773-1, August 11, 2005 |
Dada Mail
Dada Mail 2.9.2 |
A vulnerability has been reported due to insufficient sanitization of archived messages before displayed, which could let a remote malicious user inject arbitrary script code.
Upgrade available at:
http://prdownloads.
sourceforge.net/
mojomail/dada-2_
10_0-alpha1.tar.
gz? download
There is no exploit code required. |
Dada Mail Archives HTML Injection
CAN-2005-2595 |
Medium |
Secunia Advisory: SA16435, August 16, 2005 |
Eric Raymond
Fetchmail 6.2.5 |
A remote buffer overflow vulnerability has been reported in the POP3 client due to insufficient boundary checks, which could let a malicious user obtain elevated privileges.
Fedora:
http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates/
Redhat:
http://rhn.redhat.com/errata/
RHSA-2005-640.html
Ubuntu:
http://www.ubuntulinux.org/
support/ documentation/
usn/usn-153-1
Gentoo:
http://www.gentoo.org/
security/en/glsa/
glsa-200507-21.xml
Debian:
http://security.debian.org/
pool/updates/main/
f/fetchmail/
SGI:
ftp://patches.sgi.com/
support/free/
security/advisories/
Currently we are not aware of any exploits for this vulnerability. |
|
Medium |
Fedora Update Notifications,
FEDORA-2005-613 & 614, July 21, 2005
Redhat Security Advisory, RHSA-2005:640-08, July 25, 2005
Ubuntu Security Notice, USN-153-1, July 26, 2005
Gentoo Security Advisory, GLSA 200507-21, July 25, 2005
Debian Security Advisory, DSA 774-1, August 12, 2005
SGI Security Advisory, 20050802-01-U, August 15, 2005
|
Ettercap
Ettercap 0.6 .b, 0.6 .a, 0.6.3.1, 0.6.4, 0.6.5, 0.6.6 .6, 0.6.7, 0.6.9, Ettercap-NG 0.7 .0-0.7.2 |
A format string vulnerability has been reported in the 'curses_msg()' function in the Ncurses interface, which could let a remote malicious user execute arbitrary code.
Upgrades available at:
http://prdownloads.
sourceforge.net/ettercap/
ettercap-NG-0.7.3.
tar.gz?download
Debian:
http://security.debian.org/
pool/updates/main/
Currently we are not aware of any exploits for this vulnerability. |
|
High |
Secunia Advisory, SA15535, May 31, 2005
US-CERT VU#286468
Debian Security Advisory, DSA 773-1, August 11, 2005 |
FUSE
FUSE 2.x |
A vulnerability has been reported because certain memory is not correctly cleared before returned to users, which could let a malicious user obtain sensitive information.
Update available at:
http://sourceforge.net/project/
showfiles.php?
group_id=121684
Debian:
http://security.debian.org/
pool/updates/main/
A Proof of Concept exploit script has been published. |
|
Medium |
Secunia Advisory, SA15561, June 3, 2005
Debian Security Advisory, DSA 773-1, August 11, 2005 |
Gallery
Gallery 1.5 1.4 -1.4.4 -pl5 |
A vulnerability has been reported in 'classes/postnuke0.7.1/user.php' when determining the gallery name due to incorrect use of the global '$name' variable, which could let a remote malicious user bypass security restrictions.
Upgrades available at:
http://sourceforge.net/project/
showfiles.php?group_id=
7130&package_id=
7239&release_id=348064
There is no exploit code required.
|
|
Medium |
Secunia Advisory: SA16389, August 11, 2005 |
GNOME
gEdit 2.0.2, 2.2 .0, 2.10.2 |
A format string vulnerability has been reported when invoking the program with a filename that includes malicious format specifiers, which could let a remote malicious user cause a Denial of Service and potentially execute arbitrary code.
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/g/gedit/
Gentoo:
http://security.gentoo.org/
glsa/glsa-200506-09.xml
RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-499.html
Mandriva:
http://www.mandriva.com/
security/advisories
TurboLinux:
ftp://ftp.turbolinux.co.jp/pub/
TurboLinux/TurboLinux/
ia32/Desktop/10/updates/
SGI:
ftp://oss.sgi.com/projects/
sgi_propack/download
/3/updates/
Debian:
http://security.debian.org/
pool/updates/main/g/gedit/
Debian:
http://security.debian.org/
pool/updates/main/
An exploit has been published. |
|
High |
Securiteam,
May 22, 2005
Ubuntu Security Notice,
USN-138-1,
June 09, 2005
Gentoo Linux Security Advisory, GLSA 200506-09,
June 11, 2005
RedHat Security Advisory,
RHSA-2005:499-05, June 13, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:102,
June 16, 2005
Turbolinux Security Advisory,
TLSA-2005-70, June 22, 2005
SGI Security Advisory, 20050603-
01-U, June 23, 2005
Debian Security Advisory,
DSA 753-1,
July 12, 2005
Debian Security Advisory, DSA 773-1, August 11, 2005 |
Hewlett Packard Company
Ignite-UX B.3.x, C.6.x
|
Several vulnerabilities have been reported: a vulnerability was reported in 'add_new_client' command, which could let a malicious user obtain access to the file system or cause a Denial of Service; and a vulnerability was reported in the 'make_recovery' command, which could let a malicious user obtain sensitive information.
Patches available at:
http://www.hp.com/
go/softwaredepot
There is no exploit code required; however, a Proof of Concept exploit has been published. |
|
Medium |
HP Security Bulletin,
HPSBUX01219, August 16, 2005 |
High Availability
Linux Project
Heartbeat 1.2.3 |
An insecure file creation vulnerability has been reported in Heartbeat that could let local users arbitrarily overwrite files.
Debian:
http://security.debian.org/
pool/updates/main/
h/heartbeat/
Conectiva:
ftp://atualizacoes.
conectiva.com.br
Gentoo:
http://security.gentoo.org/
glsa/glsa-200508-05.xml
Mandriva:
http://www.mandriva.com/
security/advisories
Debian:
http://security.debian.org/
pool/updates/main/
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/
h/heartbeat/
There is no exploit code required. |
Heartbeat Arbitrary File Overwrite
CAN-2005-2231 |
Medium |
Secunia Advisory: SA16039,
July 12, 2005
Debian Security Advisory,
DSA 761-1,
July 19, 2005
Conectiva Linux Announce-
ment,
CLSA-2005:
991, August 4, 2005
Gentoo Linux Security Advisory, GLSA 200508-05, August 7, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:132, August 10, 2005
Debian Security Advisory, DSA 773-1, August 11, 2005
Ubuntu Security Notice, USN-165-1, August 11, 2005
Debian Security Advisory DSA 761-2 , August 15, 2005
|
HT Editor
HT Editor 0.8 |
Several vulnerabilities have been reported: a vulnerability was reported in the Executable and Linking Format (ELF) parser due to a heap overflow, which could let a remote malicious user execute arbitrary code; and a buffer overflow vulnerability was reported in the Portable Executable (PE) parser due to a boundary error, which could let a remote malicious user execute arbitrary code.
Gentoo:
http://security.gentoo.org/
glsa/glsa-200505-08.xml
Debian:
http://security.debian.org/
pool/updates/main/
Currently we are not aware of any exploits for these vulnerabilities. |
|
High |
Gentoo Linux Security Advisory, GLSA 200505-08, May 10, 2005
Debian Security Advisory, DSA 773-1, August 11, 2005 |
Kadu
Kadu 0.4.0 |
An integer overflow vulnerability has been reported in Kadu (libgadu) which could let remote malicious users cause a Denial of Service.
Upgrade to version 0.4.1:
http://www.kadu.net/wiki/
index.php/English:
Main_Page
Gentoo:
http://www.gentoo.org/
security/en/glsa/
glsa-200507-26.xml
Conectiva:
ftp://atualizacoes.
conectiva.com.br/
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/e/ekg/
Debian:
http://security.debian.org/
pool/updates/main/
Currently we are not aware of any exploits for this vulnerability. |
Kadu Denial of Service
CAN-2005-1852 |
Low |
Secunia, Advisory: SA16238, July 27, 2005
Gentoo Security Advisory, GLSA 200507-26, July 27, 2005
Conectiva Linux Announce-
ment, CLSA-2005:989, August 4, 2005
Ubuntu Security Notice,
USN-162-1, August 08, 2005
Debian Security Advisory, DSA 773-1, August 11, 2005
|
Kaspersky Labs
Antivirus for Linux Servers 5.5 -2 |
A vulnerability have been reported in '/var/log/kav/5.5/kav4unix' due to insecure default directory permissions, which could let a malicious user overwrite arbitrary files with privileges of the root user.
Users of affected packages are urged to contact the vendor for further information on obtaining fixes.
There is no exploit code required; however, an exploit script has been published.
|
|
Medium |
Secunia Advisory: SA16425, August 15, 2005 |
KDE
KDE 3.0 - 3.4.2 |
A vulnerability was reported in 'langen2kvtml' due to the insecure creation of temporary files, which could let malicious user obtain elevated privileges.
Patches available at:
ftp://ftp.kde.org/pub/
kde/security_patches
Fedora:
http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates/3/
There is no exploit code required.
|
|
Medium |
KDE Security Advisory, August 15, 2005
Fedora Update Notification,
FEDORA-2005-745, August 15, 2005
|
Mozilla.org
Firefox 1.0 |
A vulnerability exists when a predictable name is issued for the plugin temporary directory, which could let a malicious user cause a Denial of Service or modify system/user information.
Update available at:
http://www.mozilla.org/
products/firefox/all.html
Fedora:
http://download.fedora.redhat.
com/pub/fedora/linux/
core/updates/3/
Gentoo:
http://security.gentoo.org/
glsa/glsa-200503-10.xml
SuSE:
ftp://ftp.suse.com/pub/suse/
Fedora:
http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates/3/
Gentoo:
http://security.gentoo.org/
glsa/glsa-200503-30.xml
http://security.gentoo.org/
glsa/glsa-200503-32.xml
FedoraLegacy:
http://download.fedoralegacy.org/\
redhat/
HP:
http://h20000.www2.hp.com/
bizsupport/TechSupport/
Document.jsp?objectID=
PSD_HPSBUX01133
An exploit has been published.
|
Mozilla Firefox Predictable Plugin Temporary
Directory
CAN-2005-0578
|
|
Mozilla Foundation Security Advisory, 2005-28, February 25, 2005
SUSE Security Announcement, SUSE-SA:2005:016, March 16, 2005
Fedora Update Notification,
FEDORA-2005-247
2005-03-23
Gentoo Linux Security Advisory, GLSA 200503-30 & GLSA 200503-032, March 25, 2005
Fedora Legacy Update Advisory, FLSA:152883, May 18, 2005
HP Security Bulletin,
HPSBUX01133, August 8, 2005 |
Multiple Vendors
Glyph and Cog Xpdf 3.0, pl2 & pl3; Ubuntu Linux 5.0 4 powerpc, i386, amd64;
RedHat Enterprise Linux WS 4, ES 4, AS 4, Desktop 4.0;
KDE 3.4.1, 3.4, 3.3.1, 3.3.2; GNOME GPdf 2.8.3, 2.1
|
A remote Denial of Service vulnerability has been reported when verifying malformed 'loca' table in PDF files.
RedHat:
http://rhn.redhat.com/errata/
RHSA-2005-670.html
http://rhn.redhat.com/errata/
RHSA-2005-671.html
http://rhn.redhat.com/errata/
RHSA-2005-708.html
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/x/xpdf/
KDE:
http://www.kde.org/info/
security/advisory-
20050809-1.txt
Mandriva:
http://www.mandriva.com/
security/advisories
SGI:
ftp://patches.sgi.com/
support/free/security/
advisories/
Gentoo:
http://security.gentoo.org/
glsa/glsa-200508-08.xml
Currently we are not aware of any exploits for this vulnerability.
|
XPDF Loca Table Verification Remote Denial of Service
CAN-2005-2097
|
Low |
RedHat Security Advisories, RHSA-2005:670-05 & RHSA-2005:671-03, & RHSA-2005:708-05, August 9, 2005
Ubuntu Security Notice, USN-163-1, August 09, 2005
KDE Security Advisory, 20050809-1, August 9, 2005
Mandriva Linux Security Update Advisories, MDKSA-2005:134, 135, 136 & 138, August 11, 2005
SGI Security Advisory, 20050802-01-U, August 15, 2005
Gentoo Linux Security Advisory GLSA, 200508-08, August 16, 200-5
|
Multiple Vendors
dhcpcd 1.3.22 |
A vulnerability has been reported in dhcpcd that could let a remote user perform a Denial of Service.
Debian:
http://security.debian.org/
pool/updates/main/d/dhcpcd/
Mandriva:
http://www.mandriva.com/
security/advisories
Gentoo:
http://security.gentoo.org/
glsa/glsa-200507-16.xml
Conectiva:
http://distro.conectiva.com.br/
atualizacoes/ index.php
?id=a&
anuncio=000983
RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-603.html
Debian:
http://security.debian.org/
pool/updates/main/
Currently we are not aware of any exploits for this vulnerability. |
dhcpcd Denial of Service
CAN-2005-1848 |
Low |
Secunia, Advisory: SA15982, July 11, 2005
Debian Security Advisory, DSA 750-1, July 11, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:117, July 13, 2005
Gentoo Linux Security Advisory, GLSA 200507-16, July 15, 2005
Conectiva, CLSA-2005:983, July 25, 2005
RedHat Security Advisory, RHSA-2005:603-07, July 27, 2005
Debian Security Advisor, DSA 773-1, August 11, 2005 |
Multiple Vendors
Qpopper 4.x; Gentoo Linux |
Several vulnerabilities have been reported: a vulnerability was reported because user supplied config and trace files are processed with elevated privileges, which could let a malicious user create/overwrite arbitrary files; and a vulnerability was reported due to an unspecified error which could let a malicious user create group or world-writable files.
Upgrades available at:
ftp://ftp.qualcomm.com/eudora/
servers/unix/popper/
old/qpopper4.0.5.tar.gz
Gentoo:
http://security.gentoo.org/
glsa/glsa-200505-17.xml
Debian:
http://security.debian.org/
pool/updates/main/q/qpopper/
SuSE:
ftp://ftp.suse.com/pub/suse/
Debian:
http://security.debian.org/
pool/updates/main/
There is no exploit code required. |
|
Medium |
Gentoo Linux Security Advisory GLSA 200505-17, May 23, 2005
Secunia Advisory, SA15475, May 24, 2005
Debian Security Advisories, DSA 728-1 & 728-2, May 25 & 26, 2005
SUSE Security Summary Report, SUSE-SR:2005:014, June 7, 2005
Debian Security Advisor, DSA 773-1, August 11, 2005 |
Multiple Vendors
RedHat Enterprise Linux WS 4, WS 3, ES 4, ES 3, AS 4, AS 3, Desktop 4.0, 3.0; Easy Software Products CUPS 1.1.19
- 1.1.23 |
A remote Denial of Service vulnerability has been reported when the application fails to do proper bounds checking when handling malformed PDF files.
RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-706.html
Currently we are not aware of any exploits for this vulnerability.
|
Easy Software Products CUPS Remote Denial of Service
CAN-2005-2097
|
Low |
RedHat Security Advisory, RHSA-2005:706-04, August 9, 2005 |
Multiple Vendors
Ubuntu Linux 5.0 4 powerpc, i386, amd64,
4.1 ppc, ia64, ia32;
Rob Flynn Gaim 1.3.1, 1.3 .0, 1.2.1, 1.2 , 1.1.1 -1.1.4, 1.0-1.0.2; RedHat Enterprise Linux WS 2.1, IA64, ES 2.1, IA64, AS 2.1, IA64, Desktop 4.0, Advanced Workstation for the Itanium Processor 2.1, IA64
|
Several vulnerabilities have been reported: a buffer overflow vulnerability was reported due to the way away messages are handled, which could let a remote malicious user execute arbitrary code; and a remote Denial of Service vulnerability has been reported due to an error when handling file transfers.
Updates available at: http://gaim.sourceforge.net/
downloads.php
RedHat:
http://rhn.redhat.com/errata/
RHSA-2005-589.html
http://rhn.redhat.com/errata/
RHSA-2005-627.html
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/g/gaim/
Gentoo:
http://security.gentoo.org/
glsa/glsa-200508-06.xml
SGI:
ftp://patches.sgi.com/
support/free/security/
advisories/
Mandriva:
http://www.mandriva.com/
security/advisories
A Proof of Concept exploit has been published for the buffer overflow vulnerability.
|
|
High |
RedHat Security Advisories, RHSA-2005:589-16 & RHSA-2005:627-11, August 9, 2005
Ubuntu Security Notice, USN-168-1, August 12, 2005
Gentoo Linux Security Advisory, GLSA 200508-06, August 15, 2005
SGI Security Advisory, 20050802-01-U, August 15, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:139, August 16, 2005
|
Multiple Vendors
UbuntuLinux 5.0 4 powerpc, i386, amd64, 4.1 ppc, ia64, ia32;
GNOME Evolution 2.3.1 -2.3.6 .1, 2,0- 2.2 , 1.5
|
Multiple format string vulnerabilities have been reported: a vulnerability was reported when vCard information is attached to an email message, which could let a remote malicious user execute arbitrary code; a vulnerability was reported when specially crafted contact data that has been retrieved from an LDAP server is displayed, which could let a remote malicious user execute arbitrary code; and a vulnerability was reported when specially crafted task list data that has been retrieved from remote servers and the data has been saved under the 'Calendars' tab is displayed, which could let a remote malicious user execute arbitrary code.
Updates available at:
http://ftp.gnome.org/pub/
gnome/sources/evolution/2.3/
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/
e/evolution/
Currently we are not aware of any exploits for these vulnerabilities. |
|
High |
Secunia Advisory: SA16394, August 11, 2005
Ubuntu Security Notice, USN-166-1, August 11, 2005
|
MySQL AB
MySQL 3.x, 4.x
|
Two vulnerabilities exist: a vulnerability exists due to an error in 'ALTER TABLE ... RENAME' operations because the 'CREATE/INSERT' rights of old tables are checked, which potentially could let a remote malicious user bypass security restrictions; and a remote Denial of Service vulnerability exists when multiple threads issue 'alter' commands against 'merge' tables to modify the 'union.'
Updates available at:
http://dev.mysql.com/
downloads/mysql/
Debian:
http://security.debian.org/
pool/updates/main/
m/mysql
Trustix:
http://http.trustix.org/pub/
trustix/updates/
Mandrake:
http://www.mandrakesoft.com
/security/advisories
Conectiva:
ftp://atualizacoes.
conectiva.com.br/
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/
m/mysql-dfsg/
SuSE:
ftp://ftp.suse.com/
pub/suse
Fedora:
http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates/2/
TurboLinux:
ftp://ftp.turbolinux.co.jp/pub/
TurboLinux/TurboLinux/ia32/
FedoraLegacy:
http://download.fedoralegacy.
org/fedora/
Sun:
http://sunsolve.sun.com/
search/document.do?
assetkey=1-26-101864-1
We are not aware of any exploits for these vulnerabilities. |
|
|
Secunia Advisory, SA12783, October 11, 2004
Trustix Secure Linux Security Advisory, TSLSA-2004-0054, October 15, 2004
Mandrakelinux Security Update Advisory, MDKSA-2004:119, November 1, 2004
Conectiva Linux Security Announcement, CLA-2004:892, November 18, 2004
Ubuntu Security Notice, USN-32-1, November 25, 2004
SUSE Security Summary Report, SUSE-SR:2004:001, November 24, 2004
Fedora Update Notification,
FEDORA-2004-530, December 8, 2004
Turbolinux Security Announcement, February 17, 2005
Fedora Legacy Update Advisory, FLSA:2129, March 24, 2005
Sun(sm) Alert Notification
Sun Alert ID: 101864, August 11, 2005 |
MySQL
MySQL 4.x |
A vulnerability exists in the 'mysqlaccess.sh' script because temporary files are created in an unsafe manner, which could let a malicious user obtain elevated privileges.
Update available at:
http://lists.mysql.com/
internals/20600
Ubuntu:
http://www.ubuntulinux.org/
support/documentation/
usn/usn-63-1
Debian:
http://www.debian.org/
security/2005/dsa-647
Gentoo:
http://www.gentoo.org/
security/en/glsa/
glsa-200501-33.xml
Mandrake:
http://www.mandrakesecure.
net/en/ftp.php
FedoraLegacy:
http://download.
fedoralegacy.
org/fedora/
Conectiva:
ftp://atualizacoes.conectiva.
com.br/
OpenPKG:
ftp://ftp.openpkg.org/
release/2.2/
UPD/mysql-
4.0.21-2.2.2.src.rpm
Sun:
http://sunsolve.sun.com/
search/document.do?
assetkey=1-26-101864-1
Currently we are not aware of any exploits for this vulnerability. |
MySQL 'mysqlaccess.sh' Unsafe Temporary Files
CAN-2005-0004 |
Medium |
Security Tracker Alert, 1012914, January 17,2005
Ubuntu Security Notice USN-63-1 January 18, 2005
Debian Security Advisory
DSA-647-1 mysql, January 19, 2005
Gentoo GLSA 200501-33, January 23, 2005
Mandrakelinux Security Update Advisory, MDKSA-2005:036, February 11, 2005
Trustix Secure Linux Security Advisory, TSLSA-2005-0003, February 11, 2005
Fedora Legacy Update Advisory, FLSA:2129, March 24, 2005
Conectiva Linux Security Announcement, CLA-2005:947, April 20, 2005
OpenPKG Security Advisory, OpenPKG-SA-2005.006, April 20, 2005
Sun(sm) Alert Notification
Sun Alert ID: 101864, August 11, 2005 |
Namazu Project
Namazu 2.0.13 and prior |
A vulnerability exists which can be exploited by malicious people to conduct Cross-Site Scripting attacks. Input passed to 'namazu.cgi' isn't properly sanitized before being returned to the user if the query begins from a tab ('%09'). This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of a vulnerable site.
Update to version 2.0.14:
http://namazu.org/#download
Fedora:
http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates/
Debian:
http://security.debian.org/
pool/updates
/main/n/namazu2/
SuSE:
ftp://ftp.suse.com/
pub/suse/
HP:
http://h20000.www2.hp.com/
bizsupport/TechSupport/
Document.
jsp?objectID=PSD_
HPSBMA01212&
locale=en_US
Currently we are not aware of any exploits for this vulnerability. |
|
Medium |
Namazu Security Advisory, December 15, 2004
Debian Security Advisory, DSA 627-1, January 6, 2005
SUSE Security Summary Report, SUSE-SR:2005:001, January 12, 2005
HP Security Bulletin, HPSBMA01212, August 9, 2005
|
netpbm
10.0 |
A vulnerability has been reported in netpbm ('-dSAFER') that could let malicious users execute arbitrary postscript code.
Trustix:
ftp://ftp.trustix.org/pub/
trustix/updates/
Gentoo:
http://security.gentoo.org/
glsa/glsa-200508-04.xml
Mandriva:
http://www.mandriva.com/
security/advisories
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/n/
netpbm-free/
There is no exploit code required. |
netpbm Arbitrary Code Execution
CAN-2005-2471
|
High |
Secunia Advisory: SA16184, July 25, 2005
Trustix Secure Linux Security Advisory, #2005-0038, July 29, 2005
Gentoo Linux Security Advisory, GLSA 200508-04, August 5, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:133, August 10, 2005
Ubuntu Security Notice, USN-164-1, August 11, 2005
|
Net-SNMP
Net-SNMP 5.2.1, 5.2, 5.1-5.1.2, 5.0.3 -5.0.9, 5.0.1
|
A remote Denial of Service vulnerability has been reported when handling stream-based protocols.
Upgrades available at:
http://sourceforge.net/project/
showfiles.php?group_id=
12694&package_id =
11571&release_id=338899
Trustix:
http://http.trustix.org/
pub/trustix/updates/
Fedora:
http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates/
RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-720.html
Mandriva:
http://www.mandriva.com/
security/advisories
Currently we are not aware of any exploits for this vulnerability.
|
|
Low |
Secunia
Advisory: SA15930,
July 6, 2005
Trustix Secure
Linux Security Advisory, TSLSA-2005-0034,
July 8, 2005
Fedora Update Notifications,
FEDORA-2005
-561 & 562, July 13, 2005
RedHat Security Advisory, RHSA-2005:720-04, August 9, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:137, August 11, 2005 |
Nullsoft
SHOUTcast 1.9.4 |
A format string vulnerability exists that could allow a remote malicious user to execute arbitrary code on the target system. A remote user can supply a specially crafted request to the target server containing format string characters to cause the target service to crash or execute arbitrary code.
Gentoo:
http://security.gentoo.org/
glsa/glsa-200501-04.xml
Nullsoft:
http://www.shoutcast.
com/download/
files.phtml
An exploit script has been published. |
|
High |
Security Tracker Alert ID: 1012675, December 24, 2004
Gentoo GLSA 200501-04, January 5, 2005
Security Focus, 12096, February 19, 2005
Security Focus, 12096, August 14, 2005
|
RedHat
sysreport 1.1-1.3, Enterprise Linux WS 4, WS 3, WS 2.1 IA64, WS 2.1, ES 4, ES 3, ES 2.1 IA64, ES 2.1, AS 4, AS 3, AS 2.1 IA64, AS 2.1, Desktop 4.0, 3.0, Advanced Workstation for the Itanium Processor 2.1, IA64 |
A vulnerability has been reported in the Sysreport proxy due to a failure to ensure that sensitive information is not included in generated reports, which could let a remote malicious user obtain sensitive information.
Updates available at:
http://rhn.redhat.com/
errata/RHSA-
2005-502.html
SGI:
ftp://oss.sgi.com/projects/
sgi_propack/download/
3/updates/
RedHat:
http://rhn.redhat.com/
errata/RHSA-
2005-598.html
There is no exploit code required. |
RedHat Linux SysReport Proxy Information Disclosure
CAN-2005-1760
|
Medium |
RedHat Security Advisory, RHSA-2005:502-03, June 13, 2005
SGI Security Advisory, 20050603-01-U, June 23, 2005
RedHat Security Advisory, RHSA-2005:598-04, August 9, 2005 |
Rob Flynn
Gaim prior to 1.3.1 |
Several vulnerabilities have been reported: a remote Denial of Service vulnerability has been reported when using the Yahoo! protocol to download a file; and a remote Denial of Service vulnerability was reported in the MSN Messenger service when a malicious user submits a specially crafted MSN message.
Updates available at:
http://gaim.sourceforge.net
/downloads.php
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/g/gaim/
Gentoo:
http://security.gentoo.org/
glsa/glsa-200506-11.xml
Mandriva:
http://www.mandriva.com/
security/advisories
Fedora:
http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates/
RedHat:
http://rhn.redhat.com/
errata/RHSA-
2005-518.html
Debian:
http://security.debian.org/
pool/updates/main/g/gaim/
SUSE:
ftp://ftp.SUSE.com/
pub/SUSE
Debian:
http://security.debian.org/
pool/updates/main/
There is no exploit code required. |
|
Low |
Secunia Advisory, SA15648,
June 10, 2005
Ubuntu Security Notice USN-139-1, June 10, 2005
Gentoo Linux Security Advisory, GLSA 200506-
11, June 12, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:099,
June 14, 2005
Fedora Update Notifications,
FEDORA-2005-410, & 411,
June 17, 2005
RedHat Security Advisory, RHSA-2005:518-03,
June 16, 2005
Debian Security Advisory,
DSA 734-1,
July 5, 2005
SUSE Security Summary Report, SUSE-SR:2005:017,
July 13, 2005
Debian Security Advisory, DSA 773-1, August 11, 2005 |
Royal Institute of Technology
Heimdal 0.6-0.6.4, 0.5.0-0.5.3, 0.4 a-f |
Multiple buffer overflow vulnerabilities have been reported in the 'getterminaltype()' function due to a boundary error in telnetd, which could let a remote malicious user execute arbitrary code.
Upgrades available at:
ftp://ftp.pdc.kth.se/
pub/heimdal/src/
heimdal-0.6.5.tar.gz
Gentoo:
http://security.gentoo.org/
glsa/glsa-200506-24.xml
SUSE:
ftp://ftp.SUSE.com/
pub/SUSE
Debian:
http://security.debian.org/
pool/updates/main/
h/heimdal/
Debian:
http://security.debian.
org/pool/updates/main/
Currently we are not aware of any exploits for these vulnerabilities. |
|
High |
Secunia Advisory, SA15718,
June 20, 2005
Gentoo Linux Security Advisory, GLSA 200506-
24, June 29, 2005
SUSE Security Announcement, SUSE-SA:2005:040,
July 6, 2005
Debian Security Advisory,
DSA 758-1,
July 18, 2005
Debian Security Advisory, DSA 773-1, August 11, 2005 |
Sendmail Consortium
Sendmail 8.8.8 , 8.9 .0-8.9.2, 8.10-8.10.2, 8.11-8.11.7, 8.12.1-8.12.9, 8.12.11 |
A remote Denial of Service vulnerability has been reported in the milter interface due to the configuration of overly long default timeouts.
SUSE:
ftp://ftp.SUSE.com/
pub/SUSE
Debian:
http://security.debian.org/
pool/updates/main/
c/clamav/
Debian:
http://security.debian.
org/pool/updates/main/
There is no exploit code required. |
|
Low |
Security Focus, 14047, June 23
SUSE Security Announcement, SUSE-SA:2005:038, June 29, 2005
Debian Security Advisory, DSA 737-1, July 6, 2005
Debian Security Advisory, DSA 773-1, August 11, 2005 |
Todd Miller
Sudo 1.6-1.6.8, 1.5.6-1.5.9 |
A race condition vulnerability has been reported when the sudoers configuration file contains a pseudo-command 'ALL' that directly follows a users sudoers entry, which could let a malicious user execute arbitrary code.
Upgrades available at:
http://www.sudo.ws/sudo/
dist/sudo-1.6.8p9.tar.gz
OpenBSD:
http://www.openbsd.org/
errata.html
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/s/sudo/
Fedora:
http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates/
Slackware:
ftp://ftp.slackware.com/
pub/slackware/
Mandriva:
http://www.mandriva.com/
security/advisories
OpenPKG:
ftp://ftp.openpkg.org/
release/
Gentoo:
http://security.gentoo.org/
glsa/glsa-200506-22.xml
SUSE:
ftp://ftp.SUSE.com/
pub/SUSE
TurboLinux:
ftp://ftp.turbolinux.co.jp/
pub/TurboLinux/
TurboLinux/ia32/
RedHat:
http://rhn.redhat.com/
errata/RHSA-
2005-535.html
Debian:
http://security.debian.org/
pool/updates/main/s/sudo/
Conectiva:
ftp://atualizacoes.conectiva.
com.br/
Debian:
http://security.debian.org/
pool/updates/main/s/sudo/
OpenBSD:
http://www.openbsd.org/
errata.html
SGI:
http://www.sgi.com/
support/security/
Debian:
http://security.debian.
org/pool/updates/main/
There is no exploit code required. |
|
High |
Security Focus, 13993, June 20, 2005
Ubuntu Security Notice, USN-142-1, June 21, 2005
Fedora Update Notifications,
FEDORA-2005-
472 & 473,
June 21, 2005
Slackware
Security Advisory, SSA:2005-172-01, June 22, 2005
Mandriva Linux Security Update Advisory,
MDKSA-2005:
103, June 22,
2005
OpenPKG
Security Advisory, OpenPKG-SA-2005.012,
June 23, 2005
Gentoo Linux Security Advisory, GLSA 200506-22, June 23, 2005
Trustix Secure
Linux Security Advisory,
TSLSA-2005-
0030, June 24, 2005
SUSE Security Announce-
ment, SUSE-SA:2005:036,
June 24, 2005
Turbolinux
Security Advisory,
TLSA-2005-73, June 28, 2005
RedHat Security Advisory,
RHSA-2005:
535-06,
June 29, 2005
Debian Security Advisory, 735-1, July 1, 2005
Conectiva
Linux Announce-ment, CLSA-2005:976,
July 6, 2005
Debian Security Advisory,
DSA 735-2,
July 8, 2005
SGI Security Advisory, 20050702-01-U, July 12, 2005
Debian Security Advisory, DSA 773-1, August 11, 2005 |
University of Minnesota
gopherd 3.0.9, 3.0.7, 3.0.3 |
A vulnerability has been reported in 'gopher.c' due to the failure to verify a file's existence before writing to it, which could let a malicious user obtain elevated privileges.
Debian:
http://security.debian.org/
pool/updates/main/g/gopher
Debian:
http://security.debian.org/
pool/updates/main/
There is no exploit code required. |
Gopher Insecure Temporary File Creation
CAN-2005-1853 |
Medium |
Debian Security Advisory, DSA 770-1, July 29, 2005
Debian Security Advisory, DSA 773-1, August 11, 2005 |
Vipul
Razor-agents prior to 2.72 |
Two vulnerabilities have been reported that could let malicious users cause a Denial of Service. This is due to an unspecified error in the preprocessing of certain HTML and an error in the discovery logic.
Updates available at:
http://prdownloads.
sourceforge.net/
razor/razor-agents-2.72.
tar.gz?down load
Gentoo:
http://security.gentoo.org/
glsa/glsa-200506-17.xml
SUSE:
ftp://ftp.SUSE.com/
pub/SUSE
Trustix:
ftp://ftp.turbolinux.co.jp/
pub/TurboLinux/
TurboLinux/
Debian:
http://security.debian.org/
pool/updates/main/r/razor/
Debian:
http://security.debian.
org/pool/updates/main/
Currently we are not aware of any exploits for these vulnerabilities. |
|
Low |
Security Focus, Bugtraq ID 13984, June 17, 2005
Gentoo Linux Security Advisory, GLSA 200506-17, June 21, 2005
SUSE Security Announce-
ment, SUSE-SA:2005:035, June 23, 2005
Trustix Secure Linux Security Advisory,
TSLSA-2005-0030, June 24, 2005
Debian Security Advisory, DSA 738-1, July 5,2 005
Debian Security Advisory, DSA 773-1, August 11, 2005 |
Wojtek Kaniewski
ekg 2005-
06-05 22:03 |
A vulnerability has been reported in 'contrib/scripts/linki.py' due to the insecure creation of temporary files, which could let a malicious user obtain elevated privileges.
Debian:
http://security.debian.org/
pool/updates/main/e/ekg/
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/e/ekg/
Debian:
http://security.debian.
org/pool/updates/main/
There is no exploit code required. |
Wojtek Kaniewski
EKG Insecure
Temporary File
Creation
CAN-2005-1916
|
Medium |
Secunia Advisory: SA15889,
July 5, 2005
Debian Security Advisory,
DSA 760-1,
July 18, 2005
Ubuntu Security Notice, USN-162-1, August 08, 2005
Debian Security Advisory, DSA 773-1, August 11, 2005 |
Wojtek Kaniewski
Ekspery-mentalny
Klient Gadu-Gadu (ekg) 2005-04-11 |
Several vulnerabilities have been reported: a vulnerability was reported in 'contrib/ekgnv.sh,' 'contrib/getekg.sh,' and 'contrib/ekgh' due to the insecure creation of a temporary file, which could let a remote malicious user create/overwrite arbitrary files; and an SQL injection vulnerability was reported in 'contrib/scripts/ekgbot-pre1.py' due to an error, which could let a remote malicious user inject arbitrary shell commands.
Debian:
http://security.debian.org/
pool/updates/main/e/ekg/
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/e/ekg/
Debian:
http://security.debian.
org/pool/updates/main/
There is no exploit code required. |
|
Medium |
Debian Security Advisory,
DSA 760-1,
July 18, 2005
Ubuntu Security Notice, USN-162-1, August 08, 2005
Debian Security Advisory, DSA 773-1, August 11, 2005
|
Yukihiro Matsumoto
Ruby 1.8.2 |
A vulnerability has been reported in the XMLRPC server due to a failure to set a valid default value that prevents security protection using handlers, which could let a remote malicious user execute arbitrary code.
Fedora:
http://download.fedora.
redhat.com/pub/
fedora/linux/core/
updates/
TurboLinux:
ftp://ftp.turbolinux.co.jp/
pub/TurboLinux/
TurboLinux/ia32/
Debian:
http://security.debian.org/
pool/updates/
main/r/ruby1.8/
Gentoo:
http://security.gentoo.
org/glsa/
glsa-200507-10.xml
Mandriva:
http://www.mandriva.
com/security/advisories
RedHat:
http://rhn.redhat.com/
errata/RHSA-
2005-543.html
Debian:
http://security.debian.
org/pool/updates/main/
Currently we are not aware of any exploits for this vulnerability. |
Yukihiro Matsumoto Ruby XMLRPC Server Unspecified Command Execution
CAN-2005-1992
|
High |
Fedora Update Notifications,
FEDORA-
2005-474 & 475, June 21, 2005
Turbolinux
Security
Advisory,
TLSA-2005-74, June 28, 2005
Debian Security Advisory, DSA 748-1, July 11, 2005
Gentoo Linux Security
Advisory,
GLSA 200507-
10, July 11,
2005
Mandriva Linux Security Update Advisory,
MDKSA-2005:
118, July 13,
2005
RedHat Security Advisory, RHSA-2005:
543-08, August 5, 2005
Debian Security Advisory, DSA 773-1, August 11, 2005 |
[back to
top]
Multiple Operating Systems - Windows / UNIX / Linux / Other |
Vendor & Software Name |
Vulnerability - Impact
Patches - Workarounds
Attacks Scripts |
Common Name /
CVE Reference |
Risk |
Source |
Adobe
Acrobat 5.1-7.0.2
, Acrobat Reader 5.1-7.0.2
|
A buffer overflow vulnerability has been reported in the core application plug-in due to an unspecified boundary error, which could let a remote malicious user execute arbitrary code.
Update information available at:
http://www.adobe.com/
support/techdocs/
321644.html
There is no exploit code required. |
Adobe Acrobat / Reader Plug-in Buffer Overflow
CAN-2005-2470 |
High |
Adobe Security Advisory, August 16, 2005
US-CERT VU#896220 |
America OnLine
AOL Client Software 9.0 |
A vulnerability has been reported due to a failure to secure the installation path from modifications, which could let a malicious user execute arbitrary code with SYSTEM privileges.
No workaround or patch available at time of publishing.
There is no exploit code required.
|
|
High |
Security Focus, 14530, August 9, 2005 |
BONA Computech Co. Ltd.
ADSL-FR4II
|
Multiple vulnerabilities have been reported: a vulnerability was reported because an undocumented open port on 5678/tcp allows web management access; a Denial of Service vulnerability was reported when port scanning all ports; and a vulnerability was reported in the backup configuration file because the administrative password is in clear text.
No workaround or patch available at time of publishing.
There is no exploit code required.
|
|
Medium |
Secunia Advisory: SA16445, August 15, 2005 |
Clam AntiVirus
ClamAV 0.x |
A Denial of Service vulnerability has been reported in the Quantum decompressor due to an unspecified error.
Updates available at:
http://prdownloads.
sourceforge.net/
clamav/clamav-
Gentoo:
http://security.gentoo.org/
glsa/glsa-200506-23.xml
Trustix:
http://http.trustix.org/pub/
trustix/updates/
SUSE:
ftp://ftp.SUSE.com/
pub/SUSE
Debian:
http://security.
debian.org/pool/
updates/main/c/clamav/
Conectiva:
ftp://atualizacoes.conectiva.
com.br/
Mandriva:
http://www.mandriva.com/
security/advisories
Debian:
http://security.
debian.org/pool/
updates/main/
Currently we are not aware of any exploits for this vulnerability. |
|
Low |
Secunia
Advisory, SA15811,
June 24, 2005
Trustix Security Advisory, TSLSA-2005-0029, June 24, 2005
Gentoo Linux Security
Advisory,
GLSA 200506-23, June 27,
2005
SUSE Security Announcement, SUSE-SA:2005:038, June 29, 2005
Debian Security Advisory, DSA 737-1, July 6, 2005
Conectiva Linux Announcement, CLSA-2005:973, July 6, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:113, July 12, 2005
Debian Security Advisory, DSA 773-1, August 11, 2005 |
CPAINT
CPAINT 1.3 |
A vulnerability has been reported due to an unspecified error, which could let a remote malicious user execute arbitrary ASP/PHP commands or obtain sensitive information.
Upgrade available at:
http://prdownloads.
sourceforge.net/cpaint/
cpaint-v1.3-SP.
tar.gz?download
There is no exploit code required. |
CPaint Arbitrary Command Execution & Information Disclosure
CAN-2005-2613
|
High |
Security Focus, 14565, August 15, 2005 |
Discuz!
Discuz! 4.0 rc4 & prior |
A vulnerability has been reported due to insufficient validation of user-supplied filenames on uploaded files, which could let a remote malicious user execute arbitrary code.
No workaround or patch available at time of publishing.
There is no exploit code required. |
|
High |
STG Security Advisory: [SSA-20050812-27, August 15, 2005 |
Dokeos
Open Source Learning & Knowledge Management Tool 1.6 RC, 1.5.3-1.5.5, 1.5 , 1.4 |
Multiple Directory Traversal vulnerabilities have been reported: a vulnerability was reported in '/claroline/scorm/
scormdocument.php' due to insufficient sanitization of the 'delete' parameter before used to delete directories, which could let a remote malicious user obtain sensitive information; a vulnerability was reported in '/claroline/document/
document.php' due to insufficient sanitization of the 'move_file' and 'move_to' parameters before used to move files, which could let a remote malicious user obtain sensitive information; and a vulnerability has been reported in 'claroline/scorm/
showinframes.php' and '/claroline/scorm/
contents.php' because generated error messages can be used to determine the existence of a file.
No workaround or patch available at time of publishing.
There is no exploit code required. |
|
Medium |
Secunia Advisory: SA16407, August 15, 2005 |
EMC Software
NetWorker 6.x, 7.1.3, 7.2; Sun StorEdge Enterprise Backup Software 7.0-7.2, Solstice Backup Software 6.0, 6.1
|
Several vulnerabilities have been reported: a vulnerability was been reported in 'AUTH_UNIX' due to weak authentication, which could let a remote malicious user execute arbitrary commands, view/modify configuration, cause a Denial of Service, or obtain sensitive information; a vulnerability was reported due to insufficient authentication of tokens, which could let a remote malicious user execute arbitrary commands as ROOT; and a vulnerability was reported in the Legato PortMapper because any host can call 'pmap_set' and 'pmap_unset,' which could let a remote malicious user cause a Denial of Service or eavesdrop on NetWorker process communications.
Patch information available at:
http://www.legato.com/
support/websupport/
product_alerts/
081605_NW_
authentication.htm
http://www.legato.com/
support/websupport/
product_alerts/
081605_NW_
token_authentication.htm
http://www.legato.com/
support/websupport/
product_alerts/
081605_NW_
port_mapper.htm
Sun:
http://sunsolve.sun.com/
search/document.do?
assetkey=1-26-101886-1
There is no exploit code required.
|
EMC Legato NetWorker Multiple Vulnerabilities
CAN-2005-0357
CAN-2005-0358
CAN-2005-0359 |
High |
US-CERT VU#606857
US-CERT VU#407641
US-CERT VU#801089
Sun(sm) Alert Notification
Sun Alert ID: 101886, August 17, 2005 |
EQdkp
EQdkp 1.2 .0, 1.1 .0 |
A vulnerability has been reported in 'session.php' due to a handling error, which could let a remote malicious user bypass security restrictions.
Upgrades available at:
http://eqdkp.com/
download.php?file
=eqdkp-1.3.0.tar.gz
There is no exploit code required. |
|
Medium |
Secunia Advisory: SA16285, August 10, 2005 |
Ethereal
Ethereal
V0.10.11 |
Multiple dissector and zlib vulnerabilities have been reported in Ethereal that could let remote malicious users cause a Denial of Service or execute arbitrary code.
Upgrade to version 0.10.12:
http://www.ethereal.com/
download.html
Fedora:
http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates/
Mandriva:
http://www.mandriva.com/
security/advisories
RedHat:
http://rhn.redhat.com/
errata/RHSA-
2005-687.html
Currently we are not aware of any exploits for these vulnerabilities. |
|
High |
Secunia, Advisory: SA16225, July 27, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:131, August 4, 2005
RedHat Security Advisory, RHSA-2005:687-03, August 10, 2005
|
ezUpload
ezUpload 2.2 |
Multiple file include vulnerabilities have been reported due to insufficient of user-supplied input, which could let a remote malicious user obtain unauthorized access.
No workaround or patch available at time of publishing.
There is no exploit code required; however, a Proof of Concept exploit has been published.
|
|
Medium |
Security Focus 14534, August 10, 2005 |
Grandstream Networks
Grandstream BudgeTone 100 Series SIP Phones |
A Denial of Service vulnerability has been reported due to an error when processing large UDP datagrams.
No workaround or patch available at time of publishing.
There is no exploit code required; however, an exploit script has been published. |
Grandstream BudgeTone Denial of Service
CAN-2005-2581 |
Low |
Security Tracker Alert ID: 1014665, August 13, 2005 |
Hewlett Packard Company
Proliant DL585 Server, Integrated Lights Out 1.80 |
A vulnerability has been reported because when the server is powered down a remote malicious user can obtain unauthorized access.
Updates available at:
http://h20000.www2.hp.com/
bizsupport/TechSupport/
Document.jsp?objectID=
PSD_HPSBMA01220
Currently we are not aware of any exploits for this vulnerability. |
HP Proliant DL585 Server Unauthorized Remote Access
CAN-2005-2552
|
Medium |
HP Security Bulletin,
HPSBMA01220, August 11, 2005 |
Hummingbird Ltd.
Hummingbird FTP 2006,
Hummingbird Connectivity 10.0 |
A vulnerability has been reported due to a weak encryption algorithm when encrypting the user's password stored in the FTP profile, which could let a malicious user obtain sensitive information.
No workaround or patch available at time of publishing.
There is no exploit code required.
|
|
Medium |
Secunia Advisory: SA16430, August 15, 2005 |
Ilia Alshanetsky
FUDForum 2.6.15 |
A vulnerability has been reported in the 'mid' parameter due to insufficient validation before retrieving a forum post, which could let a remote malicious user bypass certain security restrictions and obtain sensitive information.
No workaround or patch available at time of publishing.
There is no exploit code required.
|
|
Medium |
Secunia Advisory: SA16414, August 12, 2005 |
Linksys
WRT54GS Firmware 4.50.6 |
A vulnerability has been reported in WRT54GS Firmware that could allow remote malicious users to bypass authentication.
No workaround or patch available at time of publishing.
There is no exploit code required. |
|
Medium |
Security Focus, ID: 14566, August 15, 2005 |
MidiCart Software
MidiCart ASP
|
A vulnerability has been reported in the 'Item_Show.asp' and 'search_list.asp' scripts due to insufficient sanitization of user-supplied input before using in an SQL query, which could let a remote malicious user execute arbitrary SQL code.
No workaround or patch available at time of publishing.
There is no exploit code required; however, a Proof of Concept exploit has been published. |
|
Medium |
Security Tracker Alert ID: 1014660, August 12, 2005 |
Mozilla.org
Firefox 0.x, 1.x |
Multiple vulnerabilities have been reported: a vulnerability was reported due to an error because untrusted events generated by web content are delivered to the browser user interface; a vulnerability was reported because scripts in XBL controls can be executed even when JavaScript has been disabled; a vulnerability was reported because remote malicious users can execute arbitrary code by tricking the user into using the 'Set As Wallpaper' context menu on an image URL that is really a javascript; a vulnerability was reported in the 'InstallTrigger.install()' function due to an error in the callback function, which could let a remote malicious user execute arbitrary code; a vulnerability was reported due to an error when handling 'data:' URL that originates from the sidebar, which could let a remote malicious user execute arbitrary code; an input validation vulnerability was reported in the 'InstallVersion.compareTo()' function when handling unexpected JavaScript objects, which could let a remote malicious user execute arbitrary code; a vulnerability was reported because it is possible for remote malicious user to steal information and possibly execute arbitrary code by using standalone applications such as Flash and QuickTime to open a javascript: URL; a vulnerability was reported due to an error when handling DOM node names with different namespaces, which could let a remote malicious user execute arbitrary code; and a vulnerability was reported due to insecure cloning of base objects, which could let a remote malicious user execute arbitrary code.
Updates available at:
http://www.mozilla.org/
products/firefox/
Gentoo:
ftp://security.gentoo.org/
glsa/
Mandriva:
http://www.mandriva.com/
security/advisories
Fedora:
http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates
RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-
586.html
Slackware:
http://slackware.com/
security/viewer.php?
l=slackware-security
&y=2005& m=
slackware-security
.418880
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/
e/epiphany-browser/
http://security.ubuntu.com/
ubuntu/pool/main/e/
enigmail/
http://security.ubuntu.com/
ubuntu/pool/main/
m/mozilla-thunderbird/
SUSE:
ftp://ftp.SUSE.com/
pub/SUSE
Debian:
http://security.debian.
org/pool/updates/
main/m
/mozilla-firefox/
http://security.debian.
org/pool/updates/
main/m/mozilla/
SGI:
ftp://patches.sgi.com/
support/free/security/
advisories/
Exploits have been published.
|
Firefox Multiple Vulnerabilities
CAN-2005-2260
CAN-2005-2261
CAN-2005-2262
CAN-2005-2263
CAN-2005-2264
CAN-2005-2265
CAN-2005-2267
CAN-2005-2269
CAN-2005-2270
|
|
Secunia Advisory: SA16043, July 13, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:120, July 13, 2005
Gentoo Linux Security Advisory, GLSA 200507-14, July 15, 2005
Gentoo Linux Security Advisory, GLSA 200507-17, July 18, 2005
Fedora Update Notifications,
FEDORA-2005-603 & 605, July 20, 2005
RedHat Security Advisory, RHSA-2005:586-11, July 21, 2005
Slackware Security Advisory, SSA:2005-203-01, July 22, 2005
US-CERT VU#652366
US-CERT VU#996798
Ubuntu Security Notices, USN-155-1 & 155-2 July 26 & 28, 2005
Ubuntu Security Notices, USN-157-1 & 157-2 August 1& 2, 2005
SUSE Security Announcement, SUSE-SA:2005:045, August 11, 2005
Debian Security Advisory, DSA 775-1, August 15, 2005
SGI Security Advisory, 20050802-01-U, August 15, 2005
Debian Security Advisory, DSA 777-1, August 17, 2005 |
Mozilla.org
Mozilla
Browser 1.0-1.0.2, 1.1-1.7.6;
Firefox 0.8-0.10.1, 1.0.1, 1.0.2; Netscape Navigator 7.0, 7.0.2, 7.1, 7.2, 7.0-7.2 |
Multiple vulnerabilities have been reported: a vulnerability was reported in the 'EMBED' tag for non-installed plugins when processing the 'PLUGINSPAGE' attribute due to an input validation error, which could let a remote malicious user execute arbitrary code; a vulnerability was reported because blocked popups that are opened through the GUI incorrectly run with 'chrome' privileges, which could let a remote malicious user execute arbitrary code; a vulnerability was reported because the global scope of a window or tab are not cleaned properly before navigating to a new web site, which could let a remote malicious user execute arbitrary code; a vulnerability was reported because the URL of a 'favicons' icon for a web site isn't verified before changed via JavaScript, which could let a remote malicious user execute arbitrary code with elevated privileges; a vulnerability was reported because the search plugin action URL is not properly verified before used to perform a search, which could let a remote malicious user execute arbitrary code; a vulnerability was reported due to the way links are opened in a sidebar when using the '_search' target, which could let a remote malicious user execute arbitrary code; several input validation vulnerabilities were reported when handling invalid type parameters passed to 'InstallTrigger' and 'XPInstall' related objects, which could let a remote malicious user execute arbitrary code; and vulnerabilities were reported due to insufficient validation of DOM nodes in certain privileged UI code, which could let a remote malicious user execute arbitrary code.
Upgrades available at:
http://www.mozilla.org/
products/firefox/
http://www.mozilla.org/
products/mozilla1.x/
Gentoo:
http://security.gentoo.org/
glsa/glsa-200504-18.xml
RedHat:
http://rhn.redhat.com/
errata/RHSA-
2005-383.html
http://rhn.redhat.com/
errata/RHSA-2005
-386.html
TurboLinux:
ftp://ftp.turbolinux.co.jp/
pub/TurboLinux/
TurboLinux/
ia32/
SUSE:
ftp://ftp.SUSE.com/
pub/SUSE
RedHat:
http://rhn.redhat.com/
errata/RHSA-
2005-384.html
SGI:
ftp://patches.sgi.com/
support/free/security/
advisories/
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/m/
mozilla-firefox/
Mandriva:
http://www.mandriva.com/
security/advisories
FedoraLegacy:
http://download.
fedoralegacy.
org/redhat/
SCO:
ftp://ftp.sco.com/pub/
updates/UnixWare/
SCOSA-2005.29
Gentoo:
http://security.gentoo.org/
glsa/glsa-200507-17.xml
Fedora:
http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates/
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/
e/enigmail/
http://security.ubuntu.com/
ubuntu/pool/main/
m/mozilla-thunderbird/
HP:
http://h20000.www2.hp.com/
bizsupport/TechSupport/
Document.jsp?objectID=
PSD_HPSBUX01133
An exploit script has been published. |
Mozilla Suite / Firefox Multiple Vulnerabilities
CAN-2005-0752
CAN-2005-1153
CAN-2005-1154
CAN-2005-1155
CAN-2005-1156
CAN-2005-1157
CAN-2005-1158
CAN-2005-1159
CAN-2005-1160
|
|
Mozilla Foundation Security Advisories, 2005-35 -
2005-41,
April 16, 2005
Gentoo Linux Security Advisory, GLSA 200504-18, April 19, 2005
US-CERT VU#973309
RedHat Security Advisories, RHSA-2005:383-07 & RHSA-2005-386., April 21 & 26, 2005
Turbolinux Security Advisory,
TLSA-2005-49, April 21, 2005
US-CERT VU#519317
SUSE Security Announcement, SUSE-SA:2005:028, April 27, 2005
RedHat Security Advisory, RHSA-2005:384-11, April 28, 2005
SGI Security Advisory, 20050501-01-U, May 5, 2005
Ubuntu Security Notice, USN-124-1 & USN-124-2, May 11 & 12, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:088,
May 14, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:088-1,
May 17, 2005
Fedora Legacy Update Advisory, FLSA:152883, May 18, 2005
PacketStorm, May 23, 2005
SCO Security Advisory, SCOSA-2005.29, July 1, 2005
Gentoo Linux Security Advisory, GLSA 200507-17, July 18, 2005
Fedora Update Notifications,
FEDORA-2005-604 & 605, July 20, 2005
Ubuntu Security Notices, USN-157-1 & 157-2 August 1& 2, 2005
HP Security Bulletin,
HPSBUX01133, August 8, 2005
|
Mozilla.org
Mozilla Browser prior to 1.7.8;
Mozilla Suite prior to 1.7.8; Firefox prior to 1.0.4; Firebird 0.5, 0.6.1, 0.7 |
A vulnerability was reported due to a failure in the application to properly verify Document Object Model (DOM) property values, which could let a remote malicious user execute arbitrary code.
Firefox:
http://www.mozilla.org/
products/firefox/
Mozilla Browser Suite:
http://www.mozilla.org/
products/mozilla1.x/
TurboLinux::
ftp://ftp.turbolinux.co.jp/
pub/ TurboLinux/
TurboLinux/ia32/
RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-
434.html
http://rhn.redhat.com/
errata/RHSA-2005-
435.html
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/m/
mozilla-firefox/
SUSE:
ftp://ftp.SUSE.com/
pub/SUSE
SGI:
ftp://patches.sgi.com/
support/ free/security
/advisories/
Fedora:
http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates/
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main
/e/enigmail/
http://security.ubuntu.com/
ubuntu/pool/main/
m/mozilla-thunderbird/
HP:
http://h20000.www2.hp.com/
bizsupport/TechSupport/
Document.jsp?objectID=
PSD_HPSBUX01133
Currently we are not aware of any exploits for this vulnerability. |
Mozilla Suite And Firefox DOM Property Overrides
CAN-2005-1532 |
|
Mozilla Foundation Security Advisory,
2005-44,
May 12, 2005
Turbolinux Security Advisory,
TLSA-2005
-56, May 16, 2005
RedHat Security Advisories, RHSA-2005:434-10 & RHSA-2005:435-10, May 23 & 24, 2005
Ubuntu Security Notice, USN-134-1, May 26, 2005
SUSE Security Summary Report, SUSE-SR:2005:014, June 7, 2005
SGI Security Advisory, 20050503-01-U, June 8, 2005
SUSE Security Announcement, SUSE-SA:2005:030, June 9, 2005
Ubuntu Security Notices, USN-157-1 & 157-2 August 1& 2, 2005
HP Security Bulletin,
HPSBUX01133, August 8, 2005 |
Mozilla.org
Mozilla Browser Suite prior to 1.7.6 ; Thunderbird prior to 1.0.2 ; Firefox prior to 1.0.2
|
A buffer overflow vulnerability has been reported due to a boundary error in the GIF image processing of Netscape extension 2 blocks, which could let a remote malicious user execute arbitrary code.
Mozilla Browser Suite;
http://www.mozilla.org/
products/mozilla1.x/
Thunderbird:
http://download.mozilla.org/?
product=thunderbird-1.0.2&
os=win〈=en-US
Firefox:
http://www.mozilla.org/
products/firefox/
Fedora:
http://download.fedora.redhat.
com/pub/fedora/linux/
core/updates/3/
Gentoo:
http://security.gentoo.org/
glsa/
Slackware:
http://slackware.com/
security/viewer.php?l
=slackware-security
&y=2005&m=
slackware-security.
000123
FedoraLegacy:
http://download.fedoralegacy.
org/redhat/
HP:
http://h20000.www2.hp.com/
bizsupport/TechSupport/
Document.jsp?objectID=
PSD_HPSBUX01133
An exploit script has been published.
|
Mozilla Suite/ Firefox/ Thunderbird GIF Image Processing Remote
Buffer Overflow
CAN-2005-0399
|
High |
Mozilla Foundation Security Advisory 2005-30, March 23, 2005
US-CERT VU#557948
Fedora Legacy Update Advisory, FLSA:152883, May 18, 2005
Security Focus, 12881, July 5, 2005
HP Security Bulletin,
HPSBUX01133, August 8, 2005 |
Mozilla.org
Mozilla Suite prior to 1.7.6, Firefox prior to 1.0.2 |
A vulnerability has been reported when processing drag and drop operations due to insecure XUL script loading, which could let a remote malicious user execute arbitrary code.
Mozilla Browser:
http://www.mozilla.org/
products/mozilla1.x/
Firefox:
http://www.mozilla.org/
products/firefox/
Fedora:
http://download.fedora.
redhat.com/pub/
fedora/linux/core/
updates/
Gentoo:
http://security.gentoo.org/
glsa/glsa-200503-30.xml
http://security.gentoo.org
/glsa/glsa-200503-31.xml
Slackware:
http://slackware.com/
security/viewer.php?
El=slackware-
security&ay=2005&m=
slackware-security.000123
RedHat:
http://rhn.redhat.com/
errata/RHSA-
2005-384.html
SGI:
ftp://patches.sgi.com/
support/free/security/
advisories/
Mandriva:
http://www.mandriva.com/
security/advisories
FedoraLegacy:
http://download.fedoralegacy.
org/redhat/
HP:
http://h20000.www2.hp.com/
bizsupport/TechSupport/
Document.jsp?objectID=
PSD_HPSBUX01133
A Proof of Concept exploit has been published. |
Mozilla Suite/ Firefox
Drag and Drop
Arbitrary Code
Execution
CAN-2005-0401
|
High |
Mozilla Foundation Security Advisory 2005-32, March 23, 2005
RedHat Security Advisory, RHSA-2005:384-11, April 28, 2005
SGI Security Advisory, 20050501
-01-U, May 5, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:088,
May 14, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:088-1,
May 17, 2005
Fedora Legacy Update Advisory, FLSA:152883, May 18, 2005
HP Security Bulletin,
HPSBUX01133, August 8, 2005 |
Mozilla.org
Mozilla Thunderbird 1.0, Firefox 1.0.6 |
A vulnerability has been reported when overly long URIs are submitted, which could let a remote malicious user obfuscate the URI of a link.
No workaround or patch available at time of publishing.
There is no exploit code required. |
Mozilla Firefox And Thunderbird Long URI Obfuscation
CAN-2005-2602
|
Medium |
Security Focus, 14526, August 9, 2005 |
Mozilla
Firefox 1.0 |
A vulnerability exists in the XPCOM implementation that could let a remote malicious user execute arbitrary code. The exploit can be automated in conjunction with other reported vulnerabilities so no user interaction is required.
A fixed version (1.0.1) is available at: http://www.mozilla.org/
products/firefox/all.html
Fedora:
http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates/3/
Gentoo:
http://security.gentoo.org/
glsa/glsa-200503-30.xml
SGI:
ftp://patches.sgi.com/
support/free/security/
advisories/
Mandriva:
http://www.mandriva.com/
security/advisories
FedoraLegacy:
http://download.fedoralegacy.
org/redhat/
HP:
http://h20000.www2.hp.com/
bizsupport/TechSupport/
Document.jsp?objectID=
PSD_HPSBUX01133
A Proof of Concept exploit has been published. |
Mozilla Firefox Remote Code Execution Vulnerability
CAN-2005-0527
|
High |
Security Tracker Alert ID: 1013301, February 25, 2005
Gentoo Linux Security Advisory GLSA 200503-30. March 25, 2005
SGI Security Advisory, 20050501
-01-U, May 5, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:088,
May 14, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:088-1,
May 17, 2005
Fedora Legacy Update Advisory, FLSA:152883, May 18, 2005
HP Security Bulletin,
HPSBUX01133, August 8, 2005 |
Mozilla
Mozilla 0.x, 1.0, 1.1, 1.2, 1.3, 1.4, 1.5, 1.6, 1.7.x
Mozilla Firefox 0.x
Mozilla Thunderbird 0.x |
Multiple vulnerabilities exist in Firefox, Mozilla and Thunderbird that can permit users to bypass certain security restrictions, conduct spoofing and script insertion attacks and disclose sensitive and system information.
Mozilla: Update to version 1.7.5:
http://www.mozilla.org/
products/mozilla1.x/
Firefox: Update to version 1.0:
http://www.mozilla.org/
products/firefox/
Thunderbird: Update to version 1.0:
http://www.mozilla.org/
products/thunderbird/
Fedora:
http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates/
Slackware:
http://slackware.com/
security/viewer.php?
El=slackware-security
&y=2005&m=slackware
-security.000123
RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-384.html
SGI:
ftp://patches.sgi.com/
support/free/security/
advisories/
Mandriva:
http://www.mandriva.com/
security/advisories
FedoraLegacy:
http://download.fedoralegacy.
org/redhat/
HP:
http://h20000.www2.hp.com/
bizsupport/TechSupport/
Document.jsp?objectID=
PSD_HPSBUX01133
Currently we are not aware of any exploits for these vulnerabilities.
|
|
|
Mozilla Foundation Security Advisory 2005-01, 03, 04, 07, 08, 09, 10, 11, 12
Fedora Update Notification,
FEDORA-
2005-248, 249, 251, 253,
March 23 & 25, 2005
Slackware Security Advisory, SSA:2005-
085-01,
March 27,
2005
RedHat
Security Advisory, RHSA-2005:384-11, April 28, 2005
SGI Security Advisory, 20050501
-01-U,
May 5, 2005
Mandriva Linux
Security Update Advisory, MDKSA-2005:088,
May 14, 2005
Mandriva Linux
Security Update Advisory, MDKSA-2005:088-1,
May 17, 2005
Fedora Legacy Update Advisory, FLSA:152883, May 18, 2005
HP Security Bulletin,
HPSBUX01133, August 8, 2005 |
Mozilla
Mozilla 1.7.3 |
A heap overflow vulnerability exists in the processing of NNTP URLs. A remote malicious user can execute arbitrary code on the target system. A remote user can create a specially crafted 'news://' URL that, when loaded by the target user, will trigger a buffer overflow and execute arbitrary code on the target user's system. The code will run with the privileges of the target user. The flaw resides in the *MSG_UnEscapeSearchUrl() function in 'nsNNTPProtocol.cpp'.
The vendor has issued a fixed version (1.7.5), available at: http://www.mozilla.org/
products/mozilla1.x/
Gentoo:
http://security.gentoo.org/
glsa/glsa-200501-03.xml
SGI:
http://support.sgi.com
/browse_request/
linux_patches_by_os
SuSE:
ftp://ftp.suse.com/
pub/suse/
HP:
http://itrc.hp.com/service/
cki/docDisplay.do?
docId=HPSBTU01114
HP:
http://h20000.www2.hp.com/
bizsupport/TechSupport/
Document.jsp?objectID=
PSD_HPSBUX01133
A Proof of Concept exploit has been published. |
|
High |
iSEC Security ResearchAdvisory, December 29, 2004
Gentoo Linux Security Advisor, GLSA 200501-03, January 5, 2005
SUSE Security Summary Report, SUSE-SR:2005:002, January 26, 2005
HP Security Advisory, HPSBTU01114, February 4, 2005
HP Security Bulletin,
HPSBUX01133, August 8, 2005 |
Mozilla
Mozilla 1.7.x and prior
Mozilla Firefox 1.x and prior
Mozilla Thunderbird 1.x and prior
Netscape Netscape 7.2 |
Multiple vulnerabilities exist in Firefox, Mozilla and Thunderbird. These can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges and by malicious people to conduct spoofing attacks, disclose and manipulate sensitive information, and potentially compromise a user's system.
Firefox: Update to version 1.0.1:
http://www.mozilla.org/
products/firefox/
Mozilla:
The vulnerabilities have been fixed in the CVS repository and will be included in the upcoming 1.7.6 version.
Thunderbird:
The vulnerabilities have been fixed in the CVS repository and will be included in the upcoming 1.0.1 version.
Fedora update for Firefox:
http://download.fedora.
redhat.com/pub/
fedora/linux/core/updates/
Red Hat:
http://rhn.redhat.com/errata/
RHSA-2005-176.html
Gentoo:
http://www.gentoo.org/
security/en/glsa/
glsa-200503-10.xml
SUSE:
ftp://ftp.SUSE.com/
pub/SUSE
Fedora:
http://download.fedora.
redhat.com/pub/
fedora/linux/
core/updates/3/
Gentoo:
http://security.gentoo.org/
glsa/glsa-200503-30.xml
http://security.gentoo.org/
glsa/glsa-200503-32.xml
Slackware:
http://slackware.com/
security/viewer.php?l
=slackware-security
&y=2005&m=slackware-
security.000123
SGI:
ftp://patches.sgi.com/
support/free/security/
advisories/
FedoraLegacy:
http://download.fedoralegacy.
org/redhat/
HP:
http://h20000.www2.hp.com/
bizsupport/TechSupport/
Document.jsp?objectID=
PSD_HPSBUX01133
Currently we are not aware of any exploits for these vulnerabilities. |
Mozilla / Firefox / Thunderbird Multiple Vulnerabilities
CAN-2005-0255
CAN-2005-0584
CAN-2005-0585
CAN-2005-0587
CAN-2005-0588
CAN-2005-0589
CAN-2005-0590
CAN-2005-0592
CAN-2005-0593 |
|
Mozilla Foundation Security Advisories 2005-14, 15, 17, 18, 19, 20, 21, 24, 28
Red Hat RHSA-2005:176-11, March 1, 2005
Gentoo, GLSA 200503-10, March 4, 2005
SUSE Security Announcement, SUSE-SA:2005:016, March 16, 2005
Fedora Update Notification,
FEDORA-2005-248, 249, 251, & 253, March 23 & 25, 2005
Gentoo Linux Security Advisory, GLSA 200503-30 & GLSA 200503-032, March 25, 2005
Slackware Security Advisory, SSA:2005-085-01, March 27, 2005
SGI Security Advisory, 20050501-01-U, May 5, 2005
Fedora Legacy Update Advisory, FLSA:152883, May 18, 2005
HP Security Bulletin,
HPSBUX01133, August 8, 2005 |
Mozilla
Mozilla Firefox 1.0 and 1.0.1 |
A vulnerability exists that could let remote malicious users conduct Cross-Site Scripting attacks. This is due to missing URI handler validation when dragging an image with a "javascript:" URL to the address bar.
Gentoo:
http://security.gentoo.org/
glsa/glsa-200503-30.xml
RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-384.html
SGI:
ftp://patches.sgi.com/support/
free/security/advisories/
Mandriva:
http://www.mandriva.com/
security/advisories
FedoraLegacy:
http://download.fedoralegacy.
org/redhat/
HP:
http://h20000.www2.hp.com/
bizsupport/TechSupport/
Document.jsp?objectID=
PSD_HPSBUX01133
A Proof of Concept exploit has been published. |
Mozilla Firefox Image Javascript URI Dragging Cross-Site Scripting Vulnerability
CAN-2005-0591
|
Medium |
Secunia SA14406, March 1, 2005
Gentoo Linux Security Advisory, GLSA 200503-30, March 25, 2005
RedHat Security Advisory, RHSA-2005:384-11, April 28, 2005
SGI Security Advisory, 20050501-01-U, May 5, 2005
Mandriva Linux Security Update, MDKSA-2005:088-1, Advisory, May 17, 2005
Fedora Legacy Update Advisory, FLSA:152883, May 18, 2005
HP Security Bulletin,
HPSBUX01133, August 8, 2005 |
Multiple Vendors
Mozilla Firefox 1.0; Gentoo Linux; Thunderbird 0.6, 0.7- 0.7.3, 0.8, 0.9, 1.0, 1.0.1;
Netscape Netscape 7.2 |
There are multiple vulnerabilities in Mozilla Firefox. A remote user may be able to cause a target user to execute arbitrary operating system commands in certain situations or access access content from other windows, including the 'about:config' settings. This is due to a hybrid image vulnerability that allows batch statements to be dragged to the desktop and because tabbed javascript vulnerabilities let remote users access other windows.
A fix is available via the CVS repository
Fedora:
ftp://aix.software.ibm.com/
aix/efixes/security/
perl58x.tar.Z
Red Hat:
http://rhn.redhat.com/
errata/RHSA-2005-176.html
Gentoo:
http://www.gentoo.org/
security/en/
glsa/glsa-200503-10.xml
Thunderbird:
http://download.mozilla.org/?
product=thunderbird-1.0.2
&os=win<=en-US
Gentoo:
http://security.gentoo.org/
glsa/glsa-200503-30.xml
RedHat:
http://rhn.redhat.com/
errata/RHSA-
2005-384.html
SGI:
ftp://patches.sgi.com/support/
free/security/advisories/
FedoraLegacy:
http://download.fedoralegacy.
org/redhat/
HP:
http://h20000.www2.hp.com/
bizsupport/TechSupport/
Document.jsp?objectID=
PSD_HPSBUX01133
A Proof of Concept exploit has been published. |
Mozilla Firefox Multiple Vulnerabilities
CAN-2005-0230
CAN-2005-0231
CAN-2005-0232 |
High |
Security Tracker Alert ID: 1013108, February 8, 2005
Fedora Update Notification,
FEDORA-2005-182, February 26, 2005
Red Hat RHSA-2005:176-11, March 1, 2005
Gentoo, GLSA 200503-10, March 4, 2005
Security Focus, 12468, March 22, 2005
Gentoo Linux Security Advisory, GLSA 200503-30, March 25, 2005
RedHat Security Advisory, RHSA-2005:384-11, April 28, 2005
SGI Security Advisory, 20050501-01-U, May 5, 2005
Fedora Legacy Update Advisory, FLSA:152883, May 18, 2005
HP Security Bulletin,
HPSBUX01133, August 8, 2005 |
Multiple Vendors
Mozilla.org Mozilla Browser 1.7.6, Firefox 1.0.1, 1.0.2; K-Meleon 0.9; Netscape 7.2 |
A vulnerability has been reported in the javascript implementation due to improper parsing of lamba list regular expressions, which could a remote malicious user obtain sensitive information.
The vendor has issued a fix, available via CVS.
RedHat:
http://rhn.redhat.com/
errata/ RHSA-2005-
383.html
http://rhn.redhat.com/
errata/RHSA-
2005-386.html
Slackware:
http://www.mozilla.org
/projects/security/known-
vulnerabilities.html
TurboLinux:
ftp://ftp.turbolinux.co.jp/
pub/ TurboLinux/
TurboLinux/ia32/
SUSE:
ftp://ftp.SUSE.com
/pub/SUSE
RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-
384.html
SGI:
ftp://patches.sgi.com/
support/ free/security
/advisories/
Mandriva:
http://www.mandriva.com/
security/advisories
FedoraLegacy:
http://download.
fedoralegacy.
org/redhat/
SCO:
ftp://ftp.sco.com/pub/
updates/ UnixWare/
SCOSA-2005.29
Gentoo:
http://security.gentoo.org/
glsa/glsa-200507-17.xml
Fedora:
http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates/
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/e
/enigmail/
http://security.ubuntu.com/
ubuntu/pool/main/
m/mozilla-thunderbird/
HP:
http://h20000.www2.hp.com/
bizsupport/TechSupport/
Document.jsp?objectID=
PSD_HPSBUX01133
There is no exploit code required; however, a Proof of Concept exploit has been published. |
Mozilla Suite/Firefox JavaScript Lambda Information Disclosure
CAN-2005-0989 |
Medium |
Security Tracker Alert, 1013635, April 4, 2005
Security Focus, 12988, April 16, 2005
RedHat Security Advisories, RHSA-2005:383-07 & RHSA-2005:386-08,
April 21 & 26, 2005
Turbolinux
Security Advisory, TLSA-2005-49, April 21, 2005
Slackware Security Advisory, SSA:2005-111-04, April 22, 2005
SUSE Security Announcement, SUSE-SA:2005:028, April 27, 2005
RedHat Security Advisory, RHSA-2005:384-11, April 28, 2005
SGI Security Advisory, 20050501-01-U, May 5, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:088,
May 14, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:088-1,
May 17, 2005
Fedora Legacy Update Advisory, FLSA:152883, May 18, 2005
SCO Security Advisory, SCOSA-2005.29, July 1, 2005
Gentoo Linux Security Advisory, GLSA 200507-17, July 18, 2005
Fedora Update Notifications,
FEDORA-2005-604 & 605, July 20, 2005
Ubuntu Security Notices, USN-157-1 & 157-2 August 1& 2, 2005
HP Security Bulletin,
HPSBUX01133, August 8, 2005
|
Multiple Vendors
ALT Linux
Compact 2.3,
Junior 2.3;
Apple Mac OS X 10.0-10.0.4,
10.1-10.1.5,
10.2-10.2.8,
10.3-10.3.8,
Mac OS X Server 10.0, 10.1-10.1.5, 10.2-10.2.8,
10.3-10.3.8; MIT Kerberos 5 1.0, 5 1.0.6, 5 1.0.8,
51.1-5 1.4; Netkit Linux Netkit
0.9-0.12,
0.14-0.17,
0.17.17; Openwall
GNU/*/Linux
(Owl)-current,
1.0, 1.1; FreeBSD 4.10-
PRERELEASE,
2.0, 4.0 .x,
-RELENG,
alpha, 4.0, 4.1,
4.1.1 -STABLE, -RELEASE, 4.1.1,
4.2, -STABLE
pre122300, -STABLE
pre050201, 4.2 -STABLE,
-RELEASE,
4.2, 4.3 -
STABLE,
-RELENG, 4.3 -RELEASE
-p38, 4.3 -RELEASE, 4.3, 4.4
-STABLE,
-RELENG,
-RELEASE-p42,
4.4, 4.5
-STABLE
pre2002-
03-07, 4.5 -STABLE,
-RELENG, 4.5 -RELEASE-p32, 4.5 -RELEASE, 4.5, 4.6 -STABLE, -RELENG, 4.6 -RELEASE
-p20, 4.6 -RELEASE, 4.6, 4.6.2, 4.7 -STABLE, 4.7 -RELENG, 4.7 -RELEASE-p17, 4.7 -RELEASE, 4.7, 4.8 -RELENG,
4.8 -RELEASE-p7, 4.8 -PRE
RELEASE,
4.8, 4.9 -RELENG, 4.9 -PRE
RELEASE, 4.9, 4.10 -RELENG, 4.10 -RELEASE,
4.10, 4.11 -STABLE, 5.0 -RELENG, 5.0, 5.1 -RELENG, 5.1 -RELEASE-p5, 5.1 -RELEASE, 5.1, 5.2 -RELENG, 5.2 -RELEASE, 5.2,
5.2.1 -RELEASE, 5.3 -STABLE, 5.3 -RELEASE, 5.3, 5.4 -PRE
RELEASE; SuSE Linux 7.0, sparc, ppc, i386, alpha, 7.1, x86, sparc, ppc, alpha, 7.2, i386; SGI IRIX 6.5.24-6.5.27 |
Two buffer overflow vulnerabilities have been reported in Telnet: a buffer overflow vulnerability has been reported in the 'slc_add_reply()' function when a large number of specially crafted LINEMODE Set Local Character (SLC) commands is submitted, which could let a remote malicious user execute arbitrary code; and a buffer overflow vulnerability has been reported in the 'env_opt_add()' function, which could let a remote malicious user execute arbitrary code.
ALTLinux:
http://lists.altlinux.ru/
pipermail /security
-announce/2005-
March/000287.html
Apple:
http://wsidecar.apple.com/
cgi-bin/ nph-reg3rdpty1.pl/
product=05529& platform=
osx&method=sa/
SecUpd 2005-003Pan.dmg
Debian:
http://security.debian.
org/pool/ updates/main
/n/netkit-telnet/
Fedora:
http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates/
FreeBSD:
ftp://ftp.FreeBSD.org/pub/
FreeBSD/CERT/patches/
SA-05:01/
MIT Kerberos:
http://web.mit.edu/kerberos/
advisories/2005-001-patch
_1.4.txt
Netkit:
ftp://ftp.uk.linux.org/
pub/linux/
Networking/netkit/
Openwall:
http://www.openwall.com/
Owl/ CHANGES-
current.shtml
RedHat:
http://rhn.redhat.com/errata/
RHSA-2005-327.html
Sun:
http://sunsolve.sun.com/
search/ document.do?
assetkey= 1-26-57755-1
SUSE:
ftp://ftp.SUSE.com/
pub/SUSE
Ubuntu:
http://security.ubuntu.com/
ubuntu/ pool/main/n/
netkit-telnet/
OpenBSD:
http://www.openbsd.org/
errata.html#telnet
Mandrake:
http://www.mandrakesecure
.net/ en/ftp.php
Gentoo:
http://security.gentoo.org/
glsa/glsa-200503-36.xml
http://security.gentoo.org/
glsa/glsa-200504-01.xml
Debian:
http://security.debian.org/
pool/updates/main/k/krb5/
Gentoo:
http://security.gentoo.org/
glsa/glsa-200504-04.xml
SGI:
ftp://oss.sgi.com/projects/
sgi_propack/download
/3/updates/
SCO:
ftp://ftp.sco.com/pub/
updates/ UnixWare/
SCOSA-2005.21
Sun:
http://sunsolve.sun.com/
search/document.do?
assetkey=1-26-57761-1
Openwall:
http://www.openwall.com/
Owl/CHANGES-
current.shtml
Avaya:
http://support.avaya.com/
elmodocs2/security/
ASA-2005-088_
RHSA-2005-330.pdf
Gentoo:
http://security.gentoo.org/
glsa/glsa-200504-28.xml
TurboLinux:
ftp://ftp.turbolinux.co.jp/
pub/TurboLinux/
TurboLinux/
ia32/
Sun:
http://sunsolve.sun.com/
search/ document.do?
assetkey=1-26-57761-1
OpenWall:
http://www.openwall.com/
Owl/CHANGES-
current.shtml
SCO:
ftp://ftp.sco.com/pub/
updates/ OpenServer/
SCOSA-2005.23
SGI IRIX:
Apply patch 5892 for IRIX 6.5.24-6.5.27:
ftp://patches.sgi.com/
support/free/security/
patches/
Debian:
http://security.debian.org/
pool/updates/main/k/krb4/
Conectiva:
http://distro.conectiva.com
.br/ atualizacoes/
index.php?id=
a&anuncio=000962
Trustix:
ftp://ftp.trustix.org/pub/
trustix/ updates/
Avaya:
http://support.avaya.com/
elmodocs2/security/
ASA-2005-132_
RHSA-2005-327.pdf
FedoraLegacy:
http://download.
fedoralegacy.
org/redhat/
Slackware:
ftp://ftp.slackware.com/
pub/slackware/
Debian:
http://security.debian.
org/pool/updates/main/
Currently we are not aware of any exploits for these vulnerabilities. |
Telnet Client 'slc_add_reply()' & 'env_opt_add()'
Buffer Overflows
CAN-2005-0468
CAN-2005-0469
|
|
iDEFENSE Security Advisory,
March 28, 2005
US-CERT VU#291924
Mandrakelinux Security Update Advisory, MDKSA-2005:061,
March 30, 2005
Gentoo Linux Security Advisories, GLSA 200503-36 & GLSA 200504-01, March 31 &
April 1, 2005
Debian Security Advisory, DSA 703-1, April 1, 2005
US-CERT VU#341908
Gentoo Linux Security Advisory, GLSA 200504-04,
April 6, 2005
SGI Security Advisory, 20050401-01-U, April 6, 2005
Sun(sm) Alert Notification, 57761,
April 7, 2005
SCO Security Advisory, SCOSA-2005.21,
April 8, 2005
Avaya Security Advisory, ASA-2005-088, April 27, 2005
Gentoo Linux Security Advisory, GLSA 200504-28, April 28, 2005
Turbolinux Security Advisory, TLSA-2005-52, April 28, 2005
Sun(sm) Alert Notification, 57761, April 29, 2005
SCO Security Advisory, SCOSA-2005.23, May 17, 2005
SGI Security Advisory, 20050405-01-P, May 26, 2005
Debian Security Advisory, DSA 731-1, June 2, 2005
Conectiva Security Advisory, CLSA-2005:962, June 6, 2005
Trustix Secure Linux Security Advisory, TLSA-2005-0028, June 13, 2005
Avaya Security Advisory, ASA-2005-132, June 14, 2005
Fedora Legacy Update Advisory, FLSA:152583, July 11, 2005
Slackware Security Advisory, SSA:2005-210-01, August 1, 2005
Debian Security Advisory, DSA 773-1, August 11, 2005 |
Multiple Vendors
Concurrent Versions System (CVS) 1.x;Gentoo Linux; SuSE Linux 8.2, 9.0, 9.1, x86_64, 9.2, x86_64, 9.3, Linux Enterprise Server 9, 8, Open-Enterprise-Server 9.0, School-Server 1.0, SUSE CORE 9 for x86, UnitedLinux 1.0 |
Multiple vulnerabilities have been reported: a buffer overflow vulnerability was reported due to an unspecified boundary error, which could let a remote malicious user potentially execute arbitrary code; a remote Denial of Service vulnerability was reported due to memory leaks and NULL pointer dereferences; an unspecified error was reported due to an arbitrary free (the impact was not specified), and several errors were reported in the contributed Perl scripts, which could let a remote malicious user execute arbitrary code.
Update available at:
https://ccvs.cvshome.org/
servlets/Project
DocumentList
Gentoo:
http://security.gentoo.org/
glsa/glsa-200504-16.xml
SuSE:
ftp://ftp.suse.com/
pub/suse/
Fedora:
http://download.fedora.
redhat.com/pub/
fedora/linux/core/
updates/3/
Mandrake:
http://www.mandrakesecure.
net/en/ftp.php
Trustix:
http://http.trustix.org/pub/
trustix/updates/
FreeBSD:
ftp://ftp.FreeBSD.org/pub/
Peachtree:
http://peachtree.burdell.org/
updates/
RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-387.html
OpenBSD:
http://www.openbsd.org/
errata.html#cvs
TurboLinux:
ftp://ftp.turbolinux.co.jp/p
ub/TurboLinux/
TurboLinux/ia32/
OpenBSD:
http://www.openbsd.org/
errata35.html#
Ubuntu:
http://security.ubuntu.com/
Subunit/pool/main/c/cvs/
SGI:
ftp://patches.sgi.com/
support/free/security/
advisories/
OpenBSD:
http://www.openbsd.org/
errata.html#cvs
Conectiva:
http://distro.conectiva.
com.br/atualizacoes/
index.php?id=
a&anuncio=000966
Debian:
http://security.debian.
org/pool/ updates/main
Currently we are not aware of any exploits for these vulnerabilities. |
|
|
Gentoo Linux Security Advisory, GLSA 200504-16, April 18, 2005
SuSE Security Announcement, SUSE-SA:2005:024, April 18, 2005
Secunia Advisory, SA14976, April 19, 2005
Fedora Update Notification,
FEDORA-2005-330, April 20, 2006
Mandriva Linux Security Update Advisory, MDKSA-2005:073, April 21, 2005
Trustix Secure Linux Security Advisory, TSLSA-2005-0013, April 21, 2005
Gentoo Linux Security Advisory [UPDATE], GLSA 200504-16:02, April 22, 2005
FreeBSD Security Advisory, FreeBSD-SA-05:05, April 22, 2005
Peachtree Linux Security Notice, PLSN-0005, April 22, 2005
RedHat Security Advisory, RHSA-2005:387-06, April 25, 2005
Turbolinux Security Advisory, TLSA-2005-51, April 28, 2005
Ubuntu Security Notice, USN-117-1 May 04, 2005
SGI Security Advisory, 20050501-01-U, May 5, 2005
Conectiva Security Advisory, CLSA-2005:966, June 13, 2005
Debian Security Advisory, DSA 773-1, August 11, 2005 |
Multiple Vendors
IETF RFC 2406: IPSEC; Hitachi GR2000-1B, GR2000-2B, GR2000-2B+, GR2000-BH |
A vulnerability has been reported that affects certain configurations of IPSec when configured to employ Encapsulating Security Payload (ESP) in tunnel mode with only confidentiality and systems that use Authentication Header (AH) for integrity protection, which could let a remote malicious user obtain plaintext IP datagrams and potentially sensitive information.
Hitachi advises affected users to use the AH protocol workaround to mitigate this issue.
HP:
http://h20000.www2.hp.com/
bizsupport/TechSupport/
Document.
jsp?objectID=PSD_
HPSBTU01217&
locale=en_US
Currently we are not aware of any exploits for this vulnerability. |
|
Medium |
NISCC Vulnerability Advisory, IPSEC - 004033,
May 9, 2005
US-CERT VU#302220
Security Focus, 13562, May 11, 2005
HP Security Bulletin, HPSBTU01217, August 9, 2005
|
Multiple Vendors
PHPXMLRPC 1.1.1;
PEAR XML_RPC 1.3.3; Drupal 4.6-4.6.2, 4.5- 4.5.4
|
A vulnerability has been reported in XML-RPC due to insufficient sanitization of certain XML tags that are nested in parsed documents being used in an 'eval()' call, which could let a remote malicious user execute arbitrary PHP code.
PHPXMLRPC :
http://prdownloads.
sourceforge.net/
phpxmlrpc/xmlrpc.
1.2.tgz?download
Pear:
http://pear.php.net/
get/XML_RPC-1.4.0.tgz
Drupal:
http://drupal.org/files/
projects/drupal-4.5.5.tar.gz
There is no exploit code required. |
PHPXMLRPC and PEAR XML_RPC Remote Arbitrary Code Execution
CAN-2005-2498
|
High |
Security Focus, 14560, August 15, 2005 |
Multiple Vendors
Ubuntu Linux 5.0 4 powerpc, i386, amd64; AWStats 6.4 & prior |
A vulnerability has been reported due to insufficient sanitization of the 'url' parameter before using in an 'eval()' function when Referer field statistics are generated, which could let a remote malicious user execute arbitrary code. Note: The system is only vulnerable if at least one URLPlugin is enabled.
Updates available at:
http://awstats.sourceforge.
net/files/awstats-6.4.tgz
Gentoo:
http://security.gentoo.org/
glsa/glsa-200508-07.xml
There is no exploit code required. |
|
High |
iDEFENSE Security Advisory, August 9, 2005
Ubuntu Security Notice, USN-167-1, August 11, 2005
Gentoo Linux Security Advisory, GLSA 200508-07, August 16, 2005
|
My Image Gallery
My Image Gallery 1.4.1 |
Several vulnerabilities have been reported: a Cross-Site Scripting vulnerability has been reported in the 'currDIR' and 'image' parameters due to insufficient sanitization, which could let a remote malicious user execute arbitrary HTML and script code; and it is also possible to obtain path information.
Upgrade available at:
http://prdownloads.
sourceforge.net/mig/
mig-1.5.0.tar.gz?download
There is no exploit code required; however, Proofs of Concept exploits have been published. |
My Image Gallery Multiple Cross Site Scripting & Path Disclosure
CAN-2005-2603
CAN-2005-2604 |
Medium |
Secunia Advisory: SA16405, August 16, 2005 |
MyBB Group
MyBulletinBoard RC4 |
Multiple SQL injection vulnerabilities have been reported due to insufficient sanitization of user-supplied input before using in an SQL query, which could let a remote malicious user execute arbitrary SQL code. Reports indicate that administrative access can be obtained through at least one of these vulnerabilities.
No workaround or patch available at time of publishing.
There is no exploit code required; however, Proofs of Concept exploits have been published.
|
|
High |
Security Focus, 14553, August 12, 2005 |
Nokia
Affix 3.0-3.2, 2.1-2.1.2, 2.0-2.0.2
|
A buffer overflow vulnerability has been reported in Affix BTFTP that could let remote malicious users execute arbitrary code.
Vendor patch available:
Affix_320_sec.patch
http://affix.sourceforge.net/
affix_320_sec.patch
Affix_212_sec.patch
http://affix.sourceforge.net/
affix_212_sec.patch
Debian:
http://security.debian.org/
pool/updates/main/
a/affix/affix
An exploit has been published.
|
Nokia Affix BTFTP Arbitrary Code Execution
CAN-2005-2250 |
High |
Security Focus, 14230, July 12, 2005
Debian Security Advisory, DSA 762-1, July 19, 2005
Debian Security Advisory, DSA 773-1, August 11, 2005 |
Nokia
Affix 3.0-3.2, 2.1-2.1.2, 2.0-2.0.2 |
A vulnerability has been reported in btsrv/btobex due to insufficient sanitization of input before using in a 'system()' call, which could let a remote malicious user execute arbitrary code.
Patches available at:
http://affix.sourceforge.net/
affix_212_sec.patch
Debian:
http://security.debian.org/
pool/updates/main/
a/affix/affix
There is no exploit code required; however, a Proof of Concept exploit has been published.
|
Nokia Affix BTSRV/BTOBEX Remote Command Execution
CAN-2005-2277 |
High |
Security Focus, 14232, July 12, 2005
Debian Security Advisory, DSA 762-1, July 19, 2005
Debian Security Advisory, DSA 773-1, August 11, 2005 |
OmniPilot Software
Lasso Professional Server 8.0.5, 8.0.4 |
A vulnerability has been reported due to a failure to enforce security constraints, which could let a remote malicious user bypass authentication.
Patches available at:
http://support.omnipilot.com/
article_files/Security%
20Fix%20804-805.zip
There is no exploit code required.
|
Lasso Professional Server Remote Authentication Bypass
CAN-2005-2605
|
Medium |
Security Focus, 14543, August 10, 2005 |
phlyLabs
PHlyMail Lite 3.x, MessageCenter 3.x, Personal Edition 3.x |
A vulnerability has been reported when authenticating users due to an unspecified error, which could let a remote malicious user bypass security restrictions.
Upgrades available at:
http://phlymail.de/download/
PHlyMail_Lite/
phmmc_lite_30201.zip
There is no exploit code required.
|
|
Medium |
Secunia Advisory: SA16388, August 10, 2005 |
PHP Group
PHP 4.3.6-4.3.9, 5.0 candidate 1-canidate 3, 5.0 .0-5.0.2 |
Multiple vulnerabilities exist: a buffer overflow vulnerability exists in the 'pack()' function, which could let a remote malicious user execute arbitrary code; an integer overflow vulnerability exists in the 'unpack()' function, which could let a remote malicious user obtain sensitive information; a vulnerability exists in 'safe_mode' when executing commands, which could let a remote malicious user bypass the security restrictions; a vulnerability exists in 'safe_mode' combined with certain implementations of 'realpath(),' which could let a remote malicious user bypass security restrictions; a vulnerability exists in 'realpath()' because filenames are truncated; a vulnerability exists in the 'unserialize()' function, which could let a remote malicious user obtain sensitive information or execute arbitrary code; a vulnerability exists in the 'shmop_write()' function, which may result in an attempt to write to an out-of-bounds memory location; a vulnerability exists in the 'addslashes()' function because '\0' is not escaped correctly; a vulnerability exists in the 'exif_read_data()' function when a long sectionname is used, which could let a remote malicious user obtain sensitive information; and a vulnerability exists in 'magic_quotes_gpc,' which could let a remote malicious user obtain sensitive information.
Upgrades available at:
http://www.php.net/
downloads.php
Mandrake:
http://www.mandrakesecure.
net/en/ftp.php
Conectiva:
ftp://atualizacoes.
conectiva.com.br/
RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-031.html
SuSE:
ftp://ftp.suse.com/
pub/suse/
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/p/php4/
Apple:
http://www.apple.com/
support/downloads/
FedoraLegacy:
http://download.
fedoralegacy.org/
redhat/
Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/p/php4/
HP:
http://h20000.www2.hp.com/
bizsupport/TechSupport/
Document.
jsp?objectID=PSD_
HPSBMA01212&
locale=en_US
There is no exploit code required; however, a Proof of Concept exploit script has been published. |
PHP Multiple Remote Vulnerabilities
CAN-2004-1018
CAN-2004-1063
CAN-2004-1064
CAN-2004-1019
CAN-2004-1020
CAN-2004-1065 |
|
Bugtraq, December 16, 2004
Conectiva Linux Security Announcement, CLA-2005:915, January 13, 2005
Red Hat, Advisory: RHSA-2005:031-08, January 19, 2005
SUSE Security Announcement, SUSE-SA:2005:002, January 17, 2005
Ubuntu Security Notice, USN-66-1, January 20, 2005
Apple Security Update, APPLE-SA-2005-01-25, January 26, 2005
Fedora Legacy Update Advisory, FLSA:2344, March 7, 2005
Ubuntu Security Notice, USN-99-1 March 18, 2005
Mandriva Linux Security Update Advisory, MDKSA-2005:072, April 19, 2005
HP Security Advisory, HPSBMA01212. August 9, 2005
|
PHPSimplicity
Simplicity oF Upload 1.3 |
A vulnerability has been reported in Simplicity oF Upload that could let remote malicious users execute arbitrary code.
Update available at:
http://www.phpsimplicity.
com/downloads.php?
scriptID=3
There is no exploit code required; however, Proof of Concept exploits have been published. |
Simplicity oF Upload Arbitrary Code Execution
CAN-2005-2607
|
High |
Security Tracker, Alert ID: 1014591, July 29, 2005
Security Focus, 14424, August 10, 2005 |
PowerDNS
PowerDNS 2.x |
Several vulnerabilities have been reported: a remote Denial of Service vulnerability was reported in the LDAP backend due to insufficient validation of user-supplied queries; and a remote Denial of Service vulnerability was reported due to an error when handling requests that are denied recursion.
Update available at:
http://www.powerdns.com/
downloads/
Debian:
http://security.debian.org/
pool/updates/main/p/pdns/
Debian:
http://security.debian.org/
pool/updates/main/
Currently we are not aware of any exploits for these vulnerabilities.
|
|
Low |
Secunia Advisory: SA16111, July 18, 2005
Debian Security Advisory, DSA 771-1, August 1, 2005
Debian Security Advisory, DSA 773-1, August 11, 2005 |
SafeHTML
SafeHTML 1.3.2 |
A Cross-Site Scripting vulnerability has been reported when handling script encoded in UTF-7 and in CSS comments, which could let a remote malicious user execute arbitrary HTML and script code.
Update available at:
http://pixel-apes.com/
safehtml/
There is no exploit code required. |
SafeHTML UTF-7 And CSS Comment Tag Cross Site Scripting
CAN-2005-2608 |
Medium |
Security Focus, 14574, August 16, 2005 |
Topic Board
PHPTB Topic Board 2.0 |
Multiple SQL injection vulnerabilities have been reported due to insufficient sanitization of user-supplied input before using in an SQL query, which could let a remote malicious user execute arbitrary SQL code.
No workaround or patch available at time of publishing.
There is no exploit code required; however, a Proof of Concept exploit has been published. |
|
Medium |
Security Focus, 14535, August 10, 2005 |
VegaDNS
VegaDNS 0.9.9, 0.9.8, 0.8.1
|
Several vulnerabilities have been reported: a Cross-Site Scripting vulnerability was reported in the 'index.php' script due to insufficient sanitization of the 'message' parameter, which could let a remote malicious user execute arbitrary HTML and script code; and a vulnerability was reported in the 'VDNS_Sessid' parameter because it is possible to obtain path information.
No workaround or patch available at time of publishing.
There is no exploit code required; however, a Proof of Concept exploit has been published. |
|
Medium |
Secunia Advisory: SA16370, August 10, 2005 |
Veritas Software
NetBackup for NetWare Media Servers 5.1, MP1-MP3, 5.0, MP1-MP5, 4.5, MP1-MP8, FP1- FP8, Backup Exec Remote Agent for Windows Server, Backup Exec Remote Agent for Unix/Linux Server, Backup Exec Remote Agent for NetWare Server, Backup Exec for NetWare Servers 9.1.1156, 9.1.1154, 9.1.1152 .4, 9.1.1152, 9.1.1151 .1, 9.1.1127 .1, 9.1.1067 .3, 9.1.1067 .2, 9.1.307, 9.1.306, Backup Exec 10.0 rev. 5520, rev. 5484, SP1, 9.1, rev 4691, SP2, 9.0, rev. 4454, SP1, rev. 4367, SP1, 4367
|
A vulnerability has been reported because a static password is used when authenticating to the remote agent, which could let a remote malicious user bypass certain security restrictions and download arbitrary files.
Update information available at:
http://securityresponse.
symantec.com/
avcenter/security/
Content/2005.08.12b.html
An exploit script has been published. |
Veritas Backup Exec Remote Agent Arbitrary File DIsclosure
CAN-2005-2611
|
Medium |
Symantec Security Advisory, SYM05-011, August 12, 2005
US-CERT VU#378957 |
WordPress
WordPress 1.5.3 & prior
|
A vulnerability has been reported in the 'cache_lastpostdata' parameter due to insufficient sanitization, which could let a remote malicious user execute arbitrary PHP script code.
No workaround or patch available at time of publishing.
There is no exploit code required. |
|
High |
Secunia Advisory: SA16386, August 10, 2005 |
Wyse
Winterm 1125SE 4.4.061f,
4.2.09f |
A remote Denial of Service vulnerability has been reported when a malicious user submits a specially crafted packet with the IP option length field set to zero.
No workaround or patch available at time of publishing.
An exploit script has been published.
|
|
Low |
Security Tracker Alert ID: 1014659, August 11, 2005 |
Wireless
The section below contains wireless vulnerabilities, articles, and viruses/trojans identified during this reporting period.
Wireless Vulnerabilities
[back to top]
Recent Exploit Scripts/Techniques
The table below contains a sample of exploit scripts and "how to" guides identified during this period. The "Workaround or Patch Available" column indicates if vendors, security vulnerability listservs, or Computer Emergency Response Teams (CERTs) have published workarounds or patches.
Note: At times, scripts/techniques may contain names or content that may be considered offensive.
Date of Script
(Reverse Chronological Order) |
Script name |
Workaround or Patch Available |
Script Description |
August 16, 2005 |
ezupload-2.2.0.pl |
No |
Exploit for the EZUpload Multiple Remote File Include vulnerability. |
August 16, 2005 |
lynn-cisco.zip |
N/A |
Mike Lynn's DefCon Presentation which explains how to remotely exploit cisco routers. |
August 15, 2005 |
mdaemon_imap.pm.txt |
Yes |
Exploit for the Alt-N MDaemon Remote Buffer Overflow vulnerability. |
August 15, 2005 |
WebRoot.txt |
N/A |
A bruteforce directory/file scanner that looks for files and directories on a website which might contain interesting data, but which are not referenced anywhere on the site. |
August 15, 2005 |
zenworks_desktop_agent.pm.txt |
Yes |
Exploit for the Novell ZENworks Remote Management Buffer Overflows vulnerabilities. |
August 14, 2005 |
backupexec_dump.pm |
Yes |
Exploit script for the Veritas Backup Exec Remote Agent Arbitrary File DIsclosure vulnerability. |
August 14, 2005 |
shoutcast_format_win32.pm |
Yes |
Exploit for the Nullsoft SHOUTcast Format String Flaw. |
August 13, 2005 |
edirectory_imonitor.pm
edirectory_imonitor.pm.txt |
Yes |
Exploit for the Novell eDirectory Server iMonitor Buffer Overflow vulnerability. |
August 13, 2005 |
grandstream-DoS.pl.txt |
No |
Exploit for the Grandstream BudgeTone Denial of Service vulnerability. |
August 13, 2005 |
kavLocalRoot.txt |
Yes |
Exploit details for the Kaspersky Anti-Virus Insecure Log Directory vulnerability. |
August 12, 2005 |
backupexec_dump.pm |
No |
Exploit for the Veritas Backup Exec Remote Agent for Windows Servers Arbitrary File Download vulnerability. |
August 12, 2005 |
ms05039.c
HOD-ms05039-pnp-expl.c |
Yes |
Exploits for the Microsoft Plug and Play Arbitrary Code Execution or Elevated Privileges vulnerability. |
August 12, 2005 |
NAePolicy.txt |
No |
Exploit details for the ePolicy Information Disclosure and Privilege Elevation vulnerability. |
August 12, 2005 |
TheftOfLinkKey.txt |
N/A |
Paper entitled "Theft of Bluetooth Link Keys for Fun and Profit?" |
August 11, 2005 |
FreznoShopSQL.txt |
No |
Sample exploitation for the FreznoShop SQL Injection Vulnerability. |
August 10, 2005 |
isec-options.c |
No |
Script that exploits the Wyse Winterm 1125SE Remote Denial of Service vulnerability. |
[back to
top]
Trends
-
NIST creates online treasure trove of security woes: The National Institute of Standards and Technology has launched a comprehensive cybersecurity database that is updated daily with the latest information on vulnerabilities in popular products. Source: http://www.fcw.com/article89911-08-15-05-Print.
- Exploit for Vulnerability in VERITAS Backup Exec Remote Agent: US-CERT is aware of a public exploit for a vulnerability in VERITAS Backup Exec Remote Agent for Windows Servers. This exploit may allow a remote attacker to retrieve arbitrary files on a system. The VERITAS Backup Exec Remote Agent listens on network port 10000/tcp. Source: http://www.us-cert.gov/current/.
- Tools drive point-and-click crime: According to the security firm, Websense, new software tools make stealing data from users as easy as browsing the web. These easy-to-use tools are being created by malicious and criminal hackers to run the networks of compromised home computers they control. Source: http://news.bbc.co.uk/2/hi/technology/4152626.stm.
[back to top]
Viruses/Trojans
Top Ten Virus Threats
A list of high threat viruses, as reported to various anti-virus vendors and virus incident reporting organizations, has been ranked and categorized in the table below. For the purposes of collecting and collating data, infections involving multiple systems at a single location are considered a single infection. It is therefore possible that a virus has infected hundreds of machines but has only been counted once. With the number of viruses that appear each month, it is possible that a new virus will become widely distributed before the next edition of this publication. To limit the possibility of infection, readers are reminded to update their anti-virus packages as soon as updates become available. The table lists the viruses by ranking (number of sites affected), common virus name, type of virus code (i.e., boot, file, macro, multi-partite, script), trends (based on number of infections reported since last week), and approximate date first found.
Rank |
Common Name |
Type of Code |
Trend |
Date |
Description |
1 |
Netsky-P |
Win32 Worm |
Stable |
March 2004 |
A mass-mailing worm that uses its own SMTP engine to send itself to the email addresses it finds when scanning the hard drives and mapped drives. The worm also tries to spread through various file-sharing programs by copying itself into various shared files. |
2 |
Mytob.C |
Win32 Worm |
Slight Increase |
March 2004 |
A mass-mailing worm with IRC backdoor functionality which can also infect computers vulnerable to the Windows LSASS (MS04-011) exploit. The worm will attempt to harvest email addresses from the local hard disk by scanning files. |
3 |
Zafi-D |
Win32 Worm |
Slight Decrease |
December 2004 |
A mass-mailing worm that sends itself to email addresses gathered from the infected computer. The worm may also attempt to lower security settings, terminate processes, and open a back door on the compromised computer. |
4 |
Netsky-Q |
Win32 Worm |
Stable |
March 2004 |
A mass-mailing worm that attempts to launch Denial of Service attacks against several web pages, deletes the entries belonging to several worms, and emits a sound through the internal speaker. |
5 |
Mytob-BE |
Win32 Worm |
Slight Decrease |
June 2005 |
A slight variant of the mass-mailing worm that utilizes an IRC backdoor, LSASS vulnerability, and email to propagate. Harvesting addresses from the Windows address book, disabling antivirus, and modifying data. |
6 |
Mytob-AS |
Win32 Worm |
Stable |
June 2005 |
A slight variant of the mass-mailing worm that disables security related programs and processes, redirection various sites, and changing registry values. This version downloads code from the net and utilizes its own email engine. |
7 |
Zafi-B |
Win32 Worm |
Increase |
June 2004 |
A mass-mailing worm that spreads via e-mail using several different languages, including English, Hungarian and Russian. When executed, the worm makes two copies of itself in the %System% directory with randomly generated file names. |
8 |
Netsky-D |
Win32 Worm |
Slight Increase |
March 2004 |
A simplified variant of the Netsky mass-mailing worm in that it does not contain many of the text strings that were present in NetSky.C and it does not copy itself to shared folders. Netsky.D spreads itself in e-mails as an executable attachment only. |
9 |
Netsky-Z |
Win32 Worm |
Decrease |
April 2004 |
A mass-mailing worm that is very close to previous variants. The worm spreads in e-mails, but does not spread to local network and P2P and does not uninstall Bagle worm. The worm has a backdoor that listens on port 665. |
10 |
Lovgate.w |
Win32 Worm |
Decrease |
April 2004 |
A mass-mailing worm that propagates via by using MAPI as a reply to messages, by using an internal SMTP, by dropping copies of itself on network shares, and through peer-to-peer networks. Attempts to access all machines in the local area network. |
Table Updated August 13, 2005
- Worm spreading through Microsoft Plug-and-Play flaw: According to two security groups, a worm is spreading using a flaw in the Windows operating system's Plug-and-Play functionality. Users are advised to update systems using a patch released by Microsoft. The worm, known as Zotob by antivirus firm F-Secure, compromises systems by sending data on port 445. If a computer is infected with the program, the worm starts a file-transfer protocol (FTP) server and attempts to spread further. Source: http://www.securityfocus.com/news/11281.
- Chain attack Trojan nets 3m email addresses: A sophisticated global 'chain' attack has been discovered by security experts at Panda Software that uses the pamNet.A Trojan to infect victim PCs with up to 19 malicious malware programs.
The infection chain begins when a user visits the first infected page. This web page uses the Iframe tag to try to open two new pages. This initiates two parallel processes, each one associated to one of the two pages. Source: http://www.vnunet.com/vnunet/news/2141148/chain-attack-trojan-nets-3m.
[back to
top]
|
|
|
Last updated
February 13, 2008
|
|