Adobe

Acrobat Reader 6.0 and prior

A vulnerability has been reported that could let a remote malicious user execute arbitrary code. If a specially crafted PDF file is loaded by Acrobat Reader it will trigger an Invalid-ID-Handle-Error in 'AcroRd32.exe'.

No workaround or patch available at time of publishing.

Currently we are not aware of any exploits for this vulnerability.

Argosoft.com

ArGoSoft Mail Server 1.8.7.6

Two vulnerabilities have been reported that could let remote malicious users conduct Cross-Site Scripting and script insertion attacks. This is due to input validation errors in parameters passed to mails and user settings.

No workaround or patch available at time of publishing.

A Proof of Concept exploit has been published.

Asp Press

ACS Blog 1.1.3 and prior

An authentication vulnerability was reported that could let a remote malicious user gain administrative privileges on the application. The 'inc_login_check.asp' script grants administrative privileges to the remote user if a certain cookie is set.

No workaround or patch available at time of publishing.

A Proof of Concept exploit has been published.

Black Knight Development

BK Forum 4

An input validation vulnerability has been reported that could let a remote malicious user inject SQL commands. Several scripts do not properly validate user-supplied input. A remote user can create parameter values to execute SQL commands on the underlying database.

No workaround or patch available at time of publishing.

A Proof of Concept exploit has been published.

Citrix

Program Neighborhood Agent for Win32

Citrix MetaFrame Presentation Server client for WinCE (versions
including Program Neighborhood Agent)

Buffer overflow and unspecified vulnerabilities have been reported that could let remote malicious users execute arbitrary code or create arbitrary shortcuts.

Update to:
* Program Neighborhood Agent for Win32 versions 9.0 and later.
* Citrix MetaFrame Presentation Server client for WinCE versions 8.33
and later.

Available at:
http://www.citrix.com/English/SS/
downloads/downloads.asp?dID=2755

A Proof of Concept exploit has been published.

Citrix Program Neighborhood Agent Two Vulnerabilities

CAN-2004-1077
CAN-2004-1078

Ecommerce-Carts.com

Ecomm Professional Shopping Cart 3

A vulnerability has been reported which can be exploited by remote malicious users to conduct SQL injection attacks. Input passed to the 'AdminPWD' parameter in 'verify.asp' isn't properly verified before used in an SQL query.

No workaround or patch available at time of publishing.

A Proof of Concept exploit has been published.

Elemental Software

CartWIZ

Several vulnerabilities have been reported that could let a remote malicious user inject SQL commands and conduct Cross-Site Scripting attacks. Several scripts do not properly validate user-supplied input. A remote user can create parameter values that will execute SQL commands on the underlying database.

No workaround or patch available at time of publishing.

A Proof of Concept exploit has been published.

Fastream Technologies

NETFile Server prior to 7.5.0 Beta 7; Tested on 7.4.6 on English Win2K SP4

A fixed version (7.5.0 Beta 7) is available:
http://ww.fastream.com/products.htm

A Proof of Concept exploit has been published.

SIG^2 Vulnerability Research, April 25, 2005

Iatek

PortalApp 3.3

Input validation vulnerabilities have been reported that could let a remote user conduct Cross-Site Scripting attacks. The 'ContentId,' 'CatId,' 'ContentTypeId,' and 'ForumId' parameters are not properly filtered to remove HTML code.

No workaround or patch available at time of publishing.

A Proof of Concept exploit has been published.

Magnus Lundvall

Yawcam 0.2.5

A vulnerability has been reported that could let a remote malicious user obtain files on the target system that are located outside of the web document directory. This is because the web service does not properly validate user-supplied HTTP GET requests.

No workaround or patch available at time of publishing.

A Proof of Concept exploit has been published.

MailEnable

MailEnable

A potential "security exploit" vulnerability with an unknown impact has been reported by the vendor.

The vendor has issued a fix: http://www.mailenable.com/hotfix/MEHTTPS.zip

Currently we are not aware of any exploits for this vulnerability.

Media Online Italia

Store Portal 2.63

A vulnerability has been reported that could let a remote malicious user inject SQL commands. Several scripts do not properly validate user-supplied input in various parameters when processed as a Referrer URL.

No workaround or patch available at time of publishing.

A Proof of Concept exploit has been published.

Dcrab 's Security Advisory, April 24, 2005

MetaLinks

MetaCart and MetaCart2

No workaround or patch available at time of publishing.

Proofs of Concept exploits have been published.

Microsoft

Windows XP Home Edition and Professional Edition

A vulnerability has been reported that could let a user cause a Denial of Service. This is due to an error in the image rendering for overly large images.

No workaround or patch available at time of publishing.

Currently we are not aware of any exploits for this vulnerability.

Microsoft

Exchange 2000 Server SP3, 2003, 2003 SP1

A vulnerability has been reported due to an unchecked buffer in the SMTP service that could let a remote malicious user execute arbitrary code.

V1.1: Bulletin updated to reflect a revised "Security Update Information" section for the Word 2003 security update.

Updates available: href="http://www.microsoft.com/technet/security/Bulletin/MS05-021.mspx">

http://www.microsoft.com/technet/

security/Bulletin/MS05-021.mspx

A Proof of Concept exploit script has been published.

Microsoft Exchange Server Remote Code Execution Vulnerability

href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0560">CAN-2005-0560

Microsoft Security

Bulletin. MS05-021,

April 12, 2005

href="http://www.us-cert.gov/cas/techalerts/TA05-102A.html">Technical Cyber Security Alert TA05-102A

US CERT VU#275193

Microsoft Security

Bulletin. MS05-021 V1.1, April 14, 2005

Security Focus, 13118, April 20, 2005

A vulnerability has been reported which could let a local malicious user cause a Denial of Service. This is due to an error in the communication handling on port 61427/tcp.

Update to upcoming 3.1 version.

A Proof of Concept exploit has been published.

Novell

Novell Nsure Audit 1.01

A vulnerability has been reported in the processing of ASN.1 messages that could let a remote malicious user cause Denial of Service conditions. A brute force attack against 'webadmin.exe' will cause a Denial of Service.

Update to version 1.0.3.

A Proof of Concept exploit has been published.

Ocean12

Ocean 12 Calendar 1.01

A vulnerability has been reported that could let a remote malicious user inject SQL commands. This is due to input validation errors in the 'Admin_password' field.

No workaround or patch available at time of publishing.

A Proof of Concept exploit has been published.

OneWorldStore

OneWorldStore

A vulnerability has been reported that could let a remote malicious user cause a Denial of Service condition. A remote user can directly access the '/owConnections/chksettings.asp' file to cause the application to crash.

Fix available at: http://www.oneworldstore.com/support_security_
issue_updates.asp#April_20_2005_Lostmon

A Proof of Concept exploit has been published.

OneWorldStore

OneWorldStore

An information disclosure vulnerability has been reported that could let a remote malicious user view order information. A remote user can execute the 'PaymentMethods/owOfflineCC.asp' script with a unique 'idOrder' value to obtain information about another user's order.

A fix is available at: http://oneworldstore.com/support_updates.asp

A Proof of Concept exploit has been published.

Orvado Technologies

ASP Nuke 0.80

Several vulnerabilities have been reported that could let a remote malicious user inject SQL commands or conduct Cross-Site Scripting attacks. The 'profile.asp' and 'select.asp' scripts do not filter HTML code from user-supplied input before displaying the information.

No workaround or patch available at time of publishing.

A Proof of Concept exploit has been published.

Dcrab Security Advisory, April 22, 2005

A buffer overflow vulnerability has been reported that could let a remote malicious user cause a Denial of Service or execute arbitrary code.

No workaround or patch available at time of publishing.

Exploit scripts have been published.

PMSoftware Simple Web Server Remote Code Execution Vulnerability

href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1173">CAN-2005-1173

Low/ High

Secunia SA15000, April 19, 2005

Security Focus, 13227, April 20, 2005

PPP Infotech

netMailshar Professional 4.0 build 15

Multiple vulnerabilities have been reported that could disclose sensitive information and valid user accounts. These is because of an input validation error in the Webmail service (port 8003) and because the Webmail service returns different error messages if a certain username is valid or not.

No workaround or patch available at time of publishing.

Currently we are not aware of any exploits for these vulnerabilities.

RealNetworks

RealPlayer Enterprise 1.1, 1.2, 1.5, 1.6, and 1.7

A vulnerability has been reported that could let a remote malicious user execute arbitrary code. This is due to a boundary error in 'pnen3260.dll' when processing RAM files that can be exploited to cause a buffer overflow.

An updated versions of pnen3260.dll is available:
http://docs.real.com/docs/pnen3260.dll

Currently we are not aware of any exploits for this vulnerability.

Softwin

BitDefender Antivirus Standard 8.x, BitDefender Antivirus Professional Plus 8.x

A vulnerability has been reported that could let local malicious users disable the virus protection or gain escalated privileges.This is because the installation process can create entries insecurely in the 'Run' registry key to automatically run some programs when a user logs in.

The vendor recommends quoting the command line of the created entries in the registry.

A Proof of Concept exploit has been published.

Team JohnLong

RaidenFTPD 2.x

A vulnerability has been reported which can be exploited by remote malicious users to gain knowledge of sensitive information. It is possible to access arbitrary files outside the FTP root.

Update to version 2.4 build 2241: http://www.raidenftpd.com/en/download.html

Currently we are not aware of any exploits for this vulnerability.

Raiden Professional bulletin board advisory, April 20, 2005

Where's James Software

WheresJames Webcam Publisher Beta 2.0.0014

A buffer overflow vulnerability exists that could let a remote malicious user execute arbitrary code.

No workaround or patch available at time of publishing.

A Proof of Concept exploit has been published.

Apple

Mac OS X 10.3.7 with iSync

A buffer overflow vulnerability exists in 'mRouter' when specially crafted options to the '-v' and '-a' command line switches are submitted, which could let a malicious user obtain root privileges.

Upgrade available at:
http://www.apple.com/support/
downloads/securityupdate2005004.html

An exploit script has been published.

Securiteam, January 23, 2005

Apple Security Update, APPLE-SA-2005-04-19, April 19, 2005

David M. Gay

f2c Fortran 77 Translator 1.3.1

Debian:
http://security.debian.org/
pool/updates/main/f/f2c/

Gentoo:
http://security.gentoo.org/glsa
/glsa-200501-43.xml

There is no exploit required.

Debian Security Advisory, DSA 661-1, January 27, 2005

Gentoo Linux Security Advisory GLSA 200501-43, January 30, 2005

Debian Security Advisory, DSA 661-2, April 20,2005

FreeBSD

FreeBSD 5.4 & prior

A vulnerability has been reported in the 'sendfile()' system call due to a failure to secure sensitive memory before distributing it over the network, which could let a malicious user obtain sensitive information.

Patches available at:
ftp://ftp.FreeBSD.org/pub/FreeBSD/
CERT/patches/SA-05:02/

There is no exploit code required.

FreeBSD Security Advisory,
FreeBSD-SA-05:02, April 5, 2005

US-CERT VU#604846

GNU

cpio 2.6

A Directory Traversal vulnerability has been reported when invoking cpio on a malicious archive, which could let a remote malicious user obtain sensitive information.

No workaround or patch available at time of publishing.

A Proof of Concept exploit has been published.

GNU

gzip 1.2.4 a, 1.2.4, 1.3.3-1.3.5

A Directory Traversal vulnerability has been reported due to an input validation error when using 'gunzip' to extract a file with the '-N' flag, which could let a remote malicious user obtain sensitive information.

No workaround or patch available at time of publishing.

A Proof of Concept exploit has been published.

Grip

Grip 3.1.2, 3.2 .0

Fedora:

href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/"
target=_blank>http://download.fedora.redhat.

com/pub/fedora/linux/core/

updates

Gentoo: href="http://security.gentoo.org/glsa/glsa-200503-21.xml">

http://security.gentoo.org/

glsa/glsa-200503-21.xml

RedHat: href="http://rhn.redhat.com/errata/RHSA-2005-304.html">

http://rhn.redhat.com/errata/

RHSA-2005-304.html

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php">

http://www.mandrakesecure.net/

en/ftp.php

Gentoo:
http://security.gentoo.org/
glsa/glsa-200504-07.xml

SUSE:

href="ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/xorg-x11-libs-6.8.1-15.3.i586.rpm"
target=_blank>ftp://ftp.SUSE.com/pub/SUSE

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php">

http://www.mandrakesecure.net/

en/ftp.php

Peachtree:
http://peachtree.burdell.org/
updates/

Currently we are not aware of any exploits for this vulnerability.

Fedora Update Notifications,

FEDORA-2005-
202 & 203,
March 9, 2005

Gentoo Linux
Security Advisory,
GLSA 200503-21,
March 17, 2005

RedHat Security Advisory, RHSA-2005:304-08,
March 28, 2005

Mandrakelinux Security Update Advisory,
MDKSA-2005:066,
April 3, 2005

Gentoo Linux Security Advisory, GLSA 200504-07, April 8, 2005

SUSE Security Summary Report, SUSE-SR:2005:010, April 8, 2005

Mandriva Linux Security Update Advisories, MDKSA-2005:074 & 075, April 21, 2005

Peachtree Linux Security Notice, PLSN-0007, April 22, 2005

Hewlett Packard Company

HP-UX B.11.23, B.11.22, B.11.11, B.11.04, B.11.00

A remote Denial of Service vulnerability has been reported in the Path MTU Discovery (PMTUD) functionality that is supported in the ICMP protocol.

Patches available at:
http://www1.itrc.hp.com/service/
cki/docDisplay.do?docId= HPSBUX01137

Currently we are not aware of any exploits for this vulnerability.

INRIA

GeneWeb 4.0 5-4.0 9

A vulnerability has been reported in the maintainer scripts because files believed to be old '.gwb' datafile files are converted automatically without checking file permissions and content, which could let a malicious user modify arbitrary files.

Debian:
http://security.debian.org/pool/
updates/main/g/geneweb/

Currently we are not aware of any exploits for this vulnerability.

Inter7

SqWebMail 3.4.1, 3.5 .0-3.5.3, 3.6.0-3.6.1, 4.0.4.20040524, 4.0.5.

No workaround or patch available at time of publishing.

There is no exploit code required; however, a Proof of Concept exploit has been published.

J. Schilling

CDRTools 2.0

Ubuntu:

href="http://security.ubuntu.com/ubuntu/pool/main/c/cdrtools/cdrtools-doc_2.0+a30.pre1-1ubuntu2.2_all.deb"
target=_blank>http://security.ubuntu.com/

ubuntu/pool/main/c/cdrtools/

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php">

http://www.mandrakesecure.net/

en/ftp.php

There is no exploit code required.

Ubuntu Security Notice USN-100-1, March 24, 2005

Mandriva Linux Security Update Advisory, MDKSA-2005:077, April 21, 2005

JAWS

JAWS 0.3-0.5 beta2

A Cross-Site Scripting vulnerability has been reported in the Glossary module due to insufficient sanitization, which could let a remote malicious user execute arbitrary HTML and script code.

No workaround or patch available at time of publishing.

There is no exploit code required.

John Bradley

XV 3.10 a

Multiple vulnerabilities have been reported:a buffer overflow vulnerability was reported in the PDS image decoder when processing comments, which could let a remote malicious user execute arbitrary code; a vulnerability was reported in the TIFF and PDS image decoders due to format string errors, which could let a remote malicious execute arbitrary code; a vulnerability was reported due to an input validation error when handling filenames, which could let a remote malicious user execute arbitrary code.

Gentoo:
http://security.gentoo.org/
glsa/glsa-200504-17.xml

There is no exploit code required.

Secunia Advisory,
SA14977, April 19, 2005

Gentoo Linux Security Advisory, GLSA 200504-17, April 19, 2005

Junkbuster

Internet Junkbuster 2.0.1, 2.0.2

Two vulnerabilities have been reported: a vulnerability has been reported in the 'ij_untrusted_url()' function, which could let a remote malicious user modify the configuration; and a vulnerability has been reported due to errors when filtering URLs, which could let a malicious user cause a Denial of Service or execute arbitrary code.

Gentoo: href="http://security.gentoo.org/glsa/glsa-200504-11.xml">

http://security.gentoo.org/

glsa/glsa-200504-11.xml

Debian:
http://security.debian.org/pool/
updates/main/j/junkbuster/

Currently we are not aware of any exploits for these vulnerabilities.

Gentoo Linux Security Advisory GLSA 200504-11, April 13, 2005

Debian Security Advisory, DSA 713-1, April 21, 2005

KDE

KDE 3.2-3.2.3, 3.3-3.3.2, 3.4,
KDE Quanta 3.1

A vulnerability has been reported due to a design error in Kommander, which could let a remote malicious user execute arbitrary code.

Patches available at:
ftp://ftp.kde.org/pub/kde/
security_patches/f

Gentoo:
http://security.gentoo.org/
glsa/glsa-200504-23.xml

Currently we are not aware of any exploits for this vulnerability.

KDE Security Advisory, April 20, 2005

Gentoo Linux Security Advisory, GLSA 200504-23, April 22, 2005

LBL

tcpdump 3.4 a6, 3.4, 3.5, alpha, 3.5.2, 3.6.2, 3.6.3, 3.7-3.7.2, 3.8.1 -3.8.3

Remote Denials of Service vulnerabilities have been reported due to the way tcpdump decodes Border Gateway Protocol (BGP) packets, Label Distribution Protocol (LDP) datagrams, Resource ReSerVation Protocol (RSVP) packets, and Intermediate System to Intermediate System (ISIS) packets.

No workaround or patch available at time of publishing.

Exploit scripts have been published.

libexif

libexif 0.6.9, 0.6.11

Ubuntu:

href="http://security.ubuntu.com/ubuntu/pool/main/libe/libexif/">http://security.ubuntu.com/ubuntu/

pool/main/libe/libexif/

Fedora: href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/">

http://download.fedora.redhat.com/

pub/fedora/linux/core/updates/

Gentoo: href="http://security.gentoo.org/glsa/glsa-200503-17.xml">

http://security.gentoo.org/

glsa/glsa-200503-17.xml

RedHat: href="http://rhn.redhat.com/errata/RHSA-2005-300.html">

http://rhn.redhat.com/errata/

RHSA-2005-300.html

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php">

http://www.mandrakesecure.net/

en/ftp.php

Debian:

href="http://security.debian.org/pool/updates/main/libe/libexif/">http://security.debian.org/pool/

updates/main/libe/libexif/

SUSE:

href="ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/xorg-x11-libs-6.8.1-15.3.i586.rpm"
target=_blank>ftp://ftp.SUSE.com/pub/SUSE

Peachtree:
http://peachtree.burdell.org/
updates/

Currently we are not aware of any exploits for this vulnerability.

Ubuntu Security

Notice USN-91-1, March 7, 2005

Fedora Update Notifications,

FEDORA-2005-

199 & 200,

March 8, 2005

Gentoo Linux

Security Advisory,

GLSA 200503-17, March 12, 2005

RedHat Security Advisory,

RHSA-2005:300-08, March 21, 2005

Mandrakelinux Security Update Advisory,

MDKSA-2005:064, March 31, 2005

Debian Security Advisory, DSA 709-1, April 15, 2005

SUSE Security Summary Report, SUSE-SR:2005:011, April 15, 2005

Peachtree Linux Security Notice, PLSN-0006, April 22, 2005

libtiff.org

LibTIFF 3.6.1

Avaya MN100 (All versions), Avaya Intuity LX (version 1.1-5.x), Avaya Modular Messaging MSS (All versions)

Debian:

href="http://security.debian.org/pool/updates/main/t/tiff/">http://security.debian.org/pool/

updates/main/t/tiff/

Gentoo:

href=" http://security.gentoo.org/glsa/glsa-200410-11.xml">http://security.gentoo.org/glsa/

glsa-200410-11.xml

Fedora: href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/">

http://download.fedora.redhat.com/

pub/fedora/

linux/core/updates/2/

OpenPKG:

href="ftp://ftp.openpkg.org/release/">ftp://ftp.openpkg.org/release/

Trustix: href="ftp://ftp.trustix.org/pub/trustix/updates/">

ftp://ftp.trustix.org/pub/trustix/
updates/

Mandrake:

href="http://www.mandrakesecure.net/en/ftp.php">http://www.mandrakesecure.net/
en/ftp.php

SuSE: href="ftp://ftp.suse.com/pub/suse/">

ftp://ftp.suse.com/pub/suse/

RedHat: href="http://rhn.redhat.com/errata/RHSA-2004-577.html">

http://rhn.redhat.com/errata/

RHSA-2004-577.html

Slackware: href="ftp://ftp.slackware.com/pub/slackware/">

ftp://ftp.slackware.com/pub/
slackware/

Conectiva:

href="ftp://atualizacoes.conectiva.com.br/">ftp://atualizacoes.conectiva.com.br/

KDE: Update to version 3.3.2: href="http://kde.org/download/">

http://kde.org/download/

Apple Mac OS X: href="http://www.apple.com/swupdates/">

http://www.apple.com/swupdates/

Gentoo: KDE kfax: href="http://www.gentoo.org/security/en/glsa/glsa-200412-17.xml">

http://www.gentoo.org/security

/en/glsa/glsa-200412-17.xml

Avaya: No solution but workarounds available at: href="http://support.avaya.com/elmodocs2/security/ASA-2005-002_RHSA-2004-577.pdf">

http://support.avaya.com/
elmodocs2/security/ASA-
2005-002_RHSA-2004-577.pdf

TurboLinux: href="http://www.turbolinux.com/update/">

http://www.turbolinux.com/update/

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php">

http://www.mandrakesecure.net/

en/ftp.php

RedHat:

href="http://rhn.redhat.com/errata/RHSA-2005-354.html">http://rhn.redhat.com/errata/

RHSA-2005-354.html

SGI:

href="ftp://patches.sgi.com/support/free/security/advisories/">ftp://patches.sgi.com/support/

free/security/advisories/

SCO:

href="ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.19">ftp://ftp.sco.com/pub/updates/

UnixWare/SCOSA-2005.19

RedHat:

href="http://rhn.redhat.com/errata/RHSA-2005-021.html">http://rhn.redhat.com/

errata/RHSA-2005-021.html

SGI:
ftp://patches.sgi.com/support/
free/security/advisories/

Sun:
http://sunsolve.sun.com/
search/document.do?
assetkey=1-26-57769-1

Proofs of Concept exploits have been published.

Gentoo Linux

Security Advisory,

GLSA 200410-11, October 13, 2004

Fedora Update Notification,

FEDORA-2004-334, October 14, 2004

OpenPKG Security Advisory,

OpenPKG-SA-2004.043,

October 14, 2004

Debian Security Advisory,

DSA 567-1,

October 15, 2004

Trustix Secure Linux Security Advisory, TSLSA-2004-0054, October 15, 2004

Mandrakelinux

Security Update Advisory, MDKSA-2004:109 &

MDKSA-2004:111, October 20 & 21,

2004

SuSE Security Announcement,

SUSE-SA:2004:038, October 22, 2004

RedHat Security Advisory,

RHSA-2004:577-16,

October 22, 2004

Slackware Security Advisory,

SSA:2004-305-02, November 1, 2004

Conectiva Linux Security

Announcement,

CLA-2004:888, November 8, 2004

US-CERT

Vulnerability Notes VU#687568 & VU#948752,

December 1, 2004

Gentoo Linux Security Advisory, GLSA 200412-02,

December 6, 2004

KDE Security

Advisory,

December 9, 2004

Apple Security

Update

SA-2004-12-02

Gentoo Security Advisory, GLSA 200412-17 / kfax, December 19, 2004

Avaya Advisory

ASA-2005-002,

January 5, 2005

Conectiva Linux Security

Announcement,

CLA-2005:914,

January 6, 2005

Turbolinux Security Announcement,

January 20, 2005

Mandrakelinux

Security Update Advisory,

MDKSA-2005:052, March 4, 2005

RedHat Security Advisory,

RHSA-2005:354-03,

April 1, 2005

RedHat Security Advisory, RHSA-2005:021-09,

SGI Security Advisory, 20050404-01-U, April 20, 2005

Sun(sm) Alert Notification, 57769, April 25, 2005

LogWatch

LogWatch 2.1.1, 2.5, 2.6

RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-364.html

There is no exploit code required; however, a Proof of Concept exploit has been published.

Multiple Vendors

ht//Dig Group ht://Dig 3.1.5 -8, 3.1.5 -7, 3.1.5, 3.1.6, 3.2 .0, 3.2 0b2-0b6; SuSE Linux 8.0, i386, 8.1, 8.2, 9.0, 9.0 x86_64, 9.1, 9.2

A Cross-Site Scripting vulnerability exists due to insufficient filtering of HTML code from the 'config' parameter, which could let a remote malicious user execute arbitrary HTML and script code.

SuSE:
ftp://ftp.suse.com/pub/suse/

Debian:
http://security.debian.org/pool/
updates/main/h/htdig/

Gentoo:
http://security.gentoo.org/glsa/
glsa-200502-16.xml

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php">

http://www.mandrakesecure.net/

en/ftp.php

Fedora:
http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/3/

Proof of Concept exploit has been published.

SUSE Security Summary Report, SUSE-SR:2005:003, February 4, 2005

Debian Security Advisory ,DSA 680-1, February 14, 2005

Gentoo Linux Security Advisory, GLSA 200502-16,
February 14, 2005

Mandrakelinux Security Update Advisory,
MDKSA-2005:063, March 31, 2005

Fedora Update Notification,
FEDORA-2005-367, April 19, 2005

Multiple Vendors

ImageMagick 6.0-6.0.8, 6.1-6.1.8, 6.2 .0.7, 6.2 .0.4, 6.2, 6.2.1

Upgrades available at:
http://www.imagemagick.org/
script/binary-releases.php

A Proof of Concept exploit has been published.

Multiple Vendors

KDE 2.0, beta, 2.0.1, 2.1-2.1.2, 2.2-2.2.2, 3.0-3.0.5, 3.1-3.1.5, 3.2-3.2.3, 3.3-3.3.2, 3.4; Novell Linux Desktop 9; SuSE E. Linux 9.1, x86_64, 9.2, x86_64, 9.3, Linux Enterprise Server 9

Patches available at:
http://bugs.kde.org/attachment.cgi
?id=10325&action=view

http://bugs.kde.org/attachment.cgi
?id=10326&action=view

SuSE:
ftp://ftp.suse.com/pub/suse/

Gentoo:
http://security.gentoo.org/
glsa/glsa-200504-22.xml

Debian:
http://security.debian.org/
pool/updates/main/k/kdelibs/

Denial of Service Proofs of Concept exploits have been published.

SUSE Security Announcement, SUSE-SA:2005:022, April 11, 2005

Gentoo Linux Security Advisory, GLSA 200504-22, April 22, 2005

Debian Security Advisory, DSA 714-1, April 26, 2005

Multiple Vendors

Linux kernel 2.4 .0-test1-test12, 2.4-2.4.29, 2.6, 2.6-test1-test11, 2.6.1-2.6.11

Multiple vulnerabilities have been reported in the ISO9660 handling routines, which could let a malicious user execute arbitrary code.

Fedora:

href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/">http://download.fedora.redhat.com/

pub/fedora/linux/core/updates/

Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/l/linux-source-2.6.8.1/

Fedora:

href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/">http://download.fedora.
redhat.com/pub/fedora/l
inux/core/updates/

RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-366.html

Currently we are not aware of any exploits for these vulnerabilities.

Security Focus,
12837,
March 18, 2005

Fedora Security
Update Notification,

FEDORA-2005-262, March 28, 2005

Ubuntu Security Notice, USN-103-1, April 1, 2005

Fedora Update Notification
FEDORA-2005-313, April 11, 2005

RedHat Security Advisory, RHSA-2005:366-19, April 19, 2005

Multiple Vendors

MySQL AB MySQL 3.20 .x, 3.20.32 a, 3.21.x, 3.22 .x, 3.22.26-3.22.30, 3.22.32, 3.23 .x, 3.23.2-3.23.5, 3.23.8-3.23.10, 3.23.22-3.23.34, 3.23.36-3.23.54, 3.23.56, 3.23.58, 3.23.59, 4.0.0-4.0.15, 4.0.18, 4.0.20;

Trustix Secure Enterprise Linux 2.0, Secure Linux 1.5, 2.0, 2.1

Upgrades available at:

href="http://dev.mysql.com/downloads/mysql/4.0.html ">http://dev.mysql.com/downloads

/mysql/4.0.html

OpenPKG: href="file:///C|/Documents%20and%20Settings/dtrammel/ftp.openpkg.org">

ftp.openpkg.org

RedHat: href="http://rhn.redhat.com/errata/RHSA-2004-611.html">

http://rhn.redhat.com/errata/

RHSA-2004-611.html

SuSE:

href="ftp://ftp.suse.com/pub/suse">ftp://ftp.suse.com/pub/suse

Trustix: href="ftp://ftp.trustix.org/pub/trustix/updates/">

ftp://ftp.trustix.org/pub/

trustix/updates/

Ubuntu: href="http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/m">

http://security.ubuntu.com/

ubuntu/pool/main/m/mysql-dfsg/m

Fedora: href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/">

http://download.fedora.

redhat.com/pub/

fedora/linux/core/updates/2/

TurboLinux:

href="ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/">ftp://ftp.turbolinux.co.jp/pub/

TurboLinux/TurboLinux/ia32/

FedoraLegacy:

href="http://download.fedoralegacy.org/fedora/">http://download.fedoralegacy.

org/fedora/

Ubuntu: href=" http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/">

http://security.ubuntu.com/

ubuntu/pool/main/m/mysql-dfsg/

Debian:

href="http://security.debian.org/pool/updates/main/m/mysql/">http://security.debian.org/

pool/updates/main/m/mysql/

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php">

http://www.mandrakesecure.net/

en/ftp.php

Conectiva:
ftp://atualizacoes.conectiva.com.br/

There is no exploit code required.

Trustix Secure Linux Security Advisory, TSLSA-2004-0054, October 15, 2004

Fedora Update Notification,

FEDORA-2004-530, December 8, 2004

Turbolinux Security Announcement, February 17, 2005

Fedora Legacy Update Advisory, FLSA:2129, March 24, 2005

Ubuntu Security Notice, USN-109-1 April 06, 2005

Debian Security Advisory, DSA 707-1, April 13, 2005

Mandriva Linux Security Update Advisory, MDKSA-2005:070, April 13, 2005

Conectiva Linux Security Announcement, CLA-2005:947, April 20, 2005

Multiple Vendors

Concurrent Versions System (CVS) 1.x;Gentoo Linux; SuSE Linux 8.2, 9.0, 9.1, x86_64, 9.2, x86_64, 9.3, Linux Enterprise Server 9, 8, Open-Enterprise-Server 9.0, School-Server 1.0, SUSE CORE 9 for x86, UnitedLinux 1.0

Multiple vulnerabilities have been reported: a buffer overflow vulnerability was reported due to an unspecified boundary error, which could let a remote malicious user potentially execute arbitrary code; a remote Denial of Service vulnerability was reported due to memory leaks and NULL pointer dereferences; an unspecified error was reported due to an arbitrary free (the impact was not specified), and several errors were reported in the contributed Perl scripts, which could let a remote malicious user execute arbitrary code.

Update available at:

href="https://ccvs.cvshome.org/servlets/ProjectDocumentList">https://ccvs.cvshome.org/

servlets/ProjectDocumentList

Gentoo:

href="http://security.gentoo.org/glsa/glsa-200504-16.xml">http://security.gentoo.org/

glsa/glsa-200504-16.xml

SuSE:

href="ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/cvs-1.11.5-116.i586.rpm"
target=_blank>ftp://ftp.suse.com/pub/suse/i

Fedora:
http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/3/

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php">

http://www.mandrakesecure.net/

en/ftp.php

Trustix:
http://http.trustix.org/pub/
trustix/updates/

FreeBSD:
ftp://ftp.FreeBSD.org/pub/

Peachtree:
http://peachtree.burdell.org/
updates/

RedHat:
http://rhn.redhat.com/errata/
RHSA-2005-387.html

Currently we are not aware of any exploits for these vulnerabilities.

Gentoo Linux Security Advisory, GLSA 200504-16, April 18, 2005

SuSE Security Announcement, SUSE-SA:2005:024, April 18, 2005

Secunia Advisory, SA14976, April 19, 2005

Fedora Update Notification,
FEDORA-2005-330, April 20, 2006

Mandriva Linux Security Update Advisory, MDKSA-2005:073, April 21, 2005

Trustix Secure Linux Security Advisory, TSLSA-2005-0013, April 21, 2005

Gentoo Linux Security Advisory [UPDATE], GLSA 200504-16:02, April 22, 2005

FreeBSD Security Advisory, FreeBSD-SA-05:05, April 22, 2005

Peachtree Linux Security Notice, PLSN-0005, April 22, 2005

RedHat Security Advisory, RHSA-2005:387-06, April 25, 2005

Multiple Vendors

Linux kernel 2.4 .0-test1-test12, 2.4-2.4.28, 2.4.29rc1&rc2, 2.5 .0-2.5.69, 2.6 -test1-test11, 2.6-2.6.10; SuSE . Linux 8.1, 8.2, 9.0

SuSE:
ftp://ftp.suse.com/pub/suse/

Conectiva:
ftp://atualizacoes.conectiva.com.br/

RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-366.html

Currently we are not aware of any exploits for this vulnerability.

SUSE Security Announcement, SUSE-SA:2005:003, January 21, 2005

Conectiva Linux Security Announcement, CLA-2005:930, March 7, 2005

RedHat Security Advisory, RHSA-2005:366-19, April 19, 2005

Multiple Vendors

Linux kernel 2.4-2.4.29, 2.6 .10, 2.6-2.6.11

A vulnerability has been reported in the 'bluez_sock_create()' function when a negative integer value is submitted, which could let a malicious user execute arbitrary code with root privileges.

Patches available at:

href="http://www.kernel.org/pub/linux/kernel/v2.4/testing/patch-2.4.30-rc3.bz2"
target=_blank>http://www.kernel.org/pub/linux/

kernel/v2.4/testing/patch-
2.4.30-rc3.bz2

Fedora:

href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/">http://download.fedora.redhat.com/

pub/fedora/linux/core/updates/

SUSE:

href="ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/xorg-x11-libs-6.8.1-15.3.i586.rpm"
target=_blank>ftp://ftp.SUSE.com/pub/SUSE

Trustix:
http://http.trustix.org/pub/
trustix/updates/

Fedora:

href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/">http://download.fedora.redhat.com/

pub/fedora/linux/core/updates/

RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-366.html

A Proof of Concept exploit script has been published.

Security Tracker
Alert, 1013567,
March 27, 2005

SUSE Security Announcement, SUSE-SA:2005
:021, April 4, 2005

Trustix Secure
Linux Security Advisory,
TSLSA-2005-0011, April 5, 2005

US-CERT
VU#685461

Fedora Update Notification
FEDORA-2005-313, April 11, 2005

RedHat Security Advisory, RHSA-2005:366-19, April 19, 2005

Multiple Vendors

Linux kernel 2.4-2.4.30, 2.6-2.6.11

Patches available at:
http://www.securityfocus.com/data
/vulnerabilities/patches/serport.patch

Ubuntu:
http://security.ubuntu.com/ubuntu/
pool/main/l/linux-source-2.6.8.1/

RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-366.html

Currently we are not aware of any exploits for this vulnerability.

Security Focus,
12971,
April 1, 2005

RedHat Security Advisory, RHSA-2005:366-19, April 19, 2005

Multiple Vendors

Linux kernel 2.4-2.4.30, 2.6-2.6.11; Ubuntu Linux 4.1 ppc, ia64, ia32

A Denial of Service vulnerability has been reported in the 'TmpFS' driver due to insufficient sanitization of the 'shm_nopage()' argument.

Patch available at:
http://www.securityfocus.com/data/
vulnerabilities/patches/shmem.patch

Ubuntu:
http://security.ubuntu.com/ubuntu/
pool/main/l/linux-source-2.6.8.1/

RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-366.html

Currently we are not aware of any exploits for this vulnerability.

Security Focus,
12970
April 1, 2005

RedHat Security Advisory, RHSA-2005:366-19, April 19, 2005

Multiple Vendors

Linux Kernel 2.6.10, 2.6 -test1-test11, 2.6-2.6.11

A Denial of Service vulnerability has been reported in the 'load_elf_library' function.

Patches available at:

href="http://www.kernel.org/pub/linux/kernel/v2.6/patch-2.6.11.6.bz2"
target=_blank>http://www.kernel.org/pub/

linux/kernel/v2.6/patch-2.6.11.6.bz2

Fedora:

href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/">http://download.fedora.redhat.com/

pub/fedora/linux/core/updates/2/

Trustix:
http://http.trustix.org/pub/
trustix/updates/

Fedora:

href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/">http://download.fedora.redhat.com/

pub/fedora/linux/core/updates/

RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-366.html

Currently we are not aware of any exploits for this vulnerability.

Fedora Security
Update Notification,

FEDORA-2005-262, March 28, 2005

Trustix Secure
Linux Security Advisory,
TSLSA-2005-0011, April 5, 2005

Fedora Update Notification
FEDORA-2005-313, April 11, 2005

RedHat Security Advisory, RHSA-2005:366-19, April 19, 2005

Multiple Vendors

Linux kernel 2.6.10, 2.6 -test9-CVS, 2.6 -test1-test11, 2.6, 2.6.1 rc1&rc2, 2.6.1-2.6.8

A remote Denial of Service vulnerability has been reported in the Point-to-Point Protocol (PPP) Driver.

Ubuntu:

href="http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/">http://security.ubuntu.com/ubuntu/

pool/main/l/linux-source-2.6.8.1/

Trustix: href="http://http.trustix.org/pub/trustix/updates">

http://http.trustix.org/pub/

trustix/updates

SUSE:

href="ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/xorg-x11-libs-6.8.1-15.3.i586.rpm"
target=_blank>ftp://ftp.SUSE.com/pub/SUSE

Fedora:

href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/">http://download.fedora.redhat.com/

pub/fedora/linux/core/updates/2/

ALTLinux:

href="http://lists.altlinux.ru/pipermail/security-announce/2005-March/000287.html">http://lists.altlinux.ru/

pipermail/security-announce/

2005-March/000287.html

Fedora:
http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/

RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-366.html

Currently we are not aware of any exploits for this vulnerability.

Ubuntu Security Notice, USN-95-1 March 15, 2005

Trustix Secure Linux Security Advisory, TSL-2005-0009, March 21, 2005

SUSE Security Announcement, SUSE-SA:2005:018, March 24, 2005

Fedora Security Update Notification,

FEDORA-2005-262, March 28, 2005

ALTLinux Security Advisory, March 29, 2005

Fedora Update Notification
FEDORA-2005-313, April 11, 2005

RedHat Security Advisory, RHSA-2005:366-19, April 19, 2005

Multiple Vendors

Linux kernel 2.6.10, 2.6 -test9-CVS, 2.6-test1- -test11, 2.6, 2.6.1-2.6.11 ; RedHat Desktop 4.0, Enterprise Linux WS 4, ES 4, AS 4

Multiple vulnerabilities exist: a vulnerability exists in the 'shmctl' function, which could let a malicious user obtain sensitive information; a Denial of Service vulnerability exists in 'nls_ascii.c' due to the use of incorrect table sizes; a race condition vulnerability exists in the 'setsid()' function; and a vulnerability exists in the OUTS instruction on the AMD64 and Intel EM64T architecture, which could let a malicious user obtain elevated privileges.

RedHat: href="https://rhn.redhat.com/errata/RHSA-2005-092.html">

https://rhn.redhat.com/errata/

RHSA-2005-092.html

Ubuntu: href="http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/">

http://security.ubuntu.com/ubuntu/

pool/main/l/linux-source-2.6.8.1/

Conectiva: href="ftp://atualizacoes.conectiva.com.br/1">

ftp://atualizacoes.conectiva.

com.br/

SUSE:

href="ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/xorg-x11-libs-6.8.1-15.3.i586.rpm"
target=_blank>ftp://ftp.SUSE.com/pub/SUSE

Fedora:

href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/">http://download.fedora.redhat.com/

pub/fedora/linux/core/updates/2/

Conectiva:
ftp://atualizacoes.conectiva.
com.br/10/

Fedora:
http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/

RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-366.html

Currently we are not aware of any exploits for these vulnerabilities.

Ubuntu Security
Notice, USN-82-1, February 15, 2005

RedHat Security Advisory,
RHSA-2005:092-14, February 18, 2005

SUSE Security Announcement,
SUSE-SA:2005:018, March 24, 2005

Fedora Security
Update Notification,

FEDORA-2005-262, March 28, 2005

Conectiva Linux Security Announcement,
CLA-2005:945,
March 31, 2005

Fedora Update Notification
FEDORA-2005-313, April 11, 2005

RedHat Security Advisory, RHSA-2005:366-19, April 19, 2005

Multiple Vendors

Linux kernel 2.6.10, 2.6, -test1-test 11, 2.6.1- 2.6.11;

RedHat Fedora Core2

Patches available at:

href="http://www.kernel.org/pub/linux/kernel/v2.6/patch-2.6.11.6.bz2"
target=_blank>http://www.kernel.org/pub/linux/

kernel/v2.6/patch-2.6.11.6.bz2

Fedora:

href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/">http://download.fedora.redhat.com/

pub/fedora/linux/core/updates/2/

Trustix:
http://http.trustix.org/pub/
trustix/updates/

Fedora:
http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/

RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-366.html

Currently we are not aware of any exploits for this vulnerability.

Security Focus,
12932,
March 29, 2005

Trustix Secure
Linux Security Advisory,
TSLSA-2005-0011, April 5, 2005

Fedora Update Notification
FEDORA-2005-313, April 11, 2005

RedHat Security Advisory, RHSA-2005:366-19, April 19, 2005

Multiple Vendors

Linux kernel 2.6.10, 2.6, -test9-CVS, -test1-test11, 2.6.1-2.6.9;
RedHat Desktop 4.0, Enterprise Linux WS 4, ES 4, AS 4

A Denial of Service vulnerability has been reported in the 'Unw_Unwind_To_User' function.

RedHat;
http://rhn.redhat.com/
errata/RHSA-2005-366.html

Currently we are not aware of any exploits for this vulnerability.

Multiple Vendors

Linux kernel 2.6.10, 2.6, -test9-CVS, -test1-test11, 2.6.1-2.6.9;
RedHat Desktop 4.0, Enterprise Linux WS 4, ES 4, AS 4

A Denial of Service vulnerability has been reported in the 'fib_seq_start' function in 'fib_hash.c.'

RedHat;
http://rhn.redhat.com/
errata/RHSA-2005-366.html

Currently we are not aware of any exploits for this vulnerability.

Multiple Vendors

Linux kernel 2.6-2.6.11

A vulnerability has been reported in 'SYS_EPoll_Wait' due to a failure to properly handle user-supplied size values, which could let a malicious user obtain elevated privileges.

Ubuntu: href="http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/">

http://security.ubuntu.com/ubuntu/

pool/main/l/linux-source-2.6.8.1

Fedora:

href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/">http://download.fedora.redhat.com/

pub/fedora/linux/core/updates/

RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-366.html

An exploit script has been published.

Security Focus, 12763, March 8, 2005

Ubuntu Security Notice, USN-95-1 March 15, 2005

Security Focus, 12763, March 22, 2005

Fedora Security Update Notification,

FEDORA-2005-262, March 28, 2005

Fedora Update Notification
FEDORA-2005-313, April 11, 2005

RedHat Security Advisory, RHSA-2005:366-19, April 19, 2005

Multiple Vendors

Linux kernel 2.6-2.6.11

SuSE:
ftp://ftp.suse.com/pub/suse/

Ubuntu:
http://security.ubuntu.com/
ubuntupool/main/l/linux-source-2.6.8.1/

RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-366.html

Currently we are not aware of any exploits for this vulnerability.

Security Focus, 13091, April 11, 2005

RedHat Security Advisory, RHSA-2005:366-19, April 19, 2005

Multiple Vendors

RedHat Fedora Core3, Core2;

Rob Flynn Gaim 1.2; Peachtree Linux release 1

Upgrade available at:

href="http://gaim.sourceforge.net/downloads.php"
target=_blank>http://gaim.sourceforge.net/

downloads.php

Fedora:

href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/">http://download.fedora.redhat.com/

pub/fedora/linux/core/updates/

Gentoo:

href="http://security.gentoo.org/glsa/glsa-200504-05.xml">http://security.gentoo.org/

glsa/glsa-200504-05.xml

RedHat:

href="http://rhn.redhat.com/errata/RHSA-2005-365.html">http://rhn.redhat.com/

errata/RHSA-2005-365.html

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php">

http://www.mandrakesecure.net/

en/ftp.php

SGI:
http://www.sgi.com/support/
security/

Peachtree:
http://peachtree.burdell.org/
updates/

There is no exploit code required.

Fedora Update Notifications,

FEDORA-2005-

298 & 299,

April 5, 2005

Gentoo Linux Security Advisory, GLSA 200504-05, April 06, 2005

RedHat Security Advisory, RHSA-2005:365-06, April 12, 2005

Mandriva Linux Security Update Advisory, MDKSA-2005:071, April 14, 2005

SGI Security Advisory, 20050404-01-U, April 20, 2005

Peachtree Linux Security Notice, PLSN-0001, April 21, 2005

Multiple Vendors

RedHat Fedora Core3, Core2;

Rob Flynn Gaim 1.2; Ubuntu Linux 4.1 ppc, ia64, ia32; Peachtree Linux release 1

Update available at:

href="http://gaim.sourceforge.net/downloads.php"
target=_blank>http://gaim.sourceforge.net

/downloads.php

Fedora:

href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/">http://download.fedora.redhat.com/

pub/fedora/linux/core/updates/

Ubuntu:

href="http://security.ubuntu.com/ubuntu/pool/main/g/gaim/">http://security.ubuntu.com/

ubuntu/pool/main/g/gaim/

Gentoo:

href="http://security.gentoo.org/glsa/glsa-200504-05.xml">http://security.gentoo.org/

glsa/glsa-200504-05.xml

RedHat:

href="http://rhn.redhat.com/errata/RHSA-2005-365.html">http://rhn.redhat.com/

errata/RHSA-2005-365.html

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php">

http://www.mandrakesecure.net/

en/ftp.php

SGI:
http://www.sgi.com/support/
security/

Peachtree:
http://peachtree.burdell.org/
updates/

Currently we are not aware of any exploits for these vulnerabilities.

Fedora Update Notifications,

FEDORA-2005

-298 & 299,

April 5, 2005

Ubuntu Security

Notice,

USN-106-1

April 05, 2005

Gentoo Linux Security Advisory, GLSA 200504-05, April 06, 2005

RedHat Security Advisory, RHSA-2005:365-06, April 12, 2005

Mandriva Linux Security Update Advisory, MDKSA-2005:071, April 14, 2005

SGI Security Advisory, 20050404-01-U, April 20, 2005

Peachtree Linux Security Notice, PLSN-0001, April 21, 2005

Multiple Vendors

Samba 2.2.9, 3.0.8 and prior

An integer overflow vulnerability in all versions of Samba's smbd 0.8 could allow a remote malicious user to cause controllable heap corruption, leading to execution of arbitrary commands with root privileges.

Patches available at:
http://www.samba.org/samba/ftp/
patches/security/samba-3.0.9-
CAN-2004-1154.patch

Red Hat:
http://rhn.redhat.com/errata/
RHSA-2004-670.html

Gentoo:
http://www.gentoo.org/security/
en/glsa/glsa-200412-13.xml

Trustix:
http://www.trustix.net/errata/
2004/0066/

Red Hat (Updated):
http://rhn.redhat.com/errata/
RHSA-2004-670.html

Fedora:
http://download.fedora.redhat.com
/pub/fedora/linux/core/updates/

SUSE:
http://www.novell.com/linux/security/
advisories/2004_45_samba.html

Mandrakesoft:
http://www.mandrakesoft.com/security/
advisories?name=MDKSA-2004:158

Conectiva:
ftp://atualizacoes.conectiva.com.br/

RedHat:
http://rhn.redhat.com/errata/
RHSA-2005-020.html

HP:
http://software.hp.com

TurboLinux:
ftp://ftp.turbolinux.co.jp/pub/
TurboLinux/TurboLinux/ia32/

SCO:
ftp://ftp.sco.com/pub/updates/
UnixWare/SCOSA-2005.17

Debian:
http://security.debian.org/pool/
updates/main/s/samba/

Currently we are not aware of any exploits for this vulnerability.

iDEFENSE Security Advisory 12.16.04

Red Hat Advisory, RHSA-2004:670-10, December 16, 2004

Gentoo Security Advisory, GLSA 200412-13 / Samba, December 17, 2004

US-CERT,
Vulnerability Note VU#226184,
December 17, 2004

Trustix Secure Linux Advisory #2004-0066, December 17, 2004

Red Hat, RHSA-2004:670-10, December 16, 2004

SUSE, SUSE-SA:2004:045, December 22, 2004

RedHat Security Advisory, RHSA-2005:020-04,
January 5, 2005

Conectiva Linux Security
Announcement,
CLA-2005:913,
January 6, 2005

Turbolinux Security Announcement, February 7, 2005

HP Security Advisory, HPSBUX01115, February 3, 2005

SCO Security
Advisory, SCOSA-2005.17,
March 7, 2005

Debian Security Advisory,
DSA 701-1,
March 31, 2005

Debian Security Advisory, DSA 701-2, April 21, 2005

Multiple Vendors

xli 1.14-1.17

A vulnerability exists due to a failure to manage internal buffers securely, which could let a remote malicious user execute arbitrary code.

Gentoo: href="http://security.gentoo.org/glsa/glsa-200503-05.xml">

http://security.gentoo.org/

glsa/glsa-200503-05.xml

Debian: href="http://security.debian.org/pool/updates/main/x/xli/">

http://security.debian.org/

pool/updates/main/x/xli/

ALTLinux:

href="http://lists.altlinux.ru/pipermail/security-announce/2005-March/000287.html">http://lists.altlinux.ru/

pipermail/security-announce/

2005-March/000287.html

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php">

http://www.mandrakesecure.net/

en/ftp.php

Currently we are not aware of any exploits for this vulnerability.

Gentoo Linux Security Advisory, GLSA 200503-05, March 2, 2005

Debian Security Advisory, DSA 695-1, March 21, 2005

ALTLinux Security Advisory, March 29, 2005

Mandriva Linux Security Update Advisory, MDKSA-2005:076, April 21, 2005

Multiple Vendors

xli 1.14-1.17; xloadimage 3.0, 4.0, 4.1

Gentoo: href="http://security.gentoo.org/glsa/glsa-200503-05.xml">

http://security.gentoo.org/

glsa/glsa-200503-05.xml

Debian: href="http://security.debian.org/pool/updates/main/x/xli/">

http://security.debian.org/

pool/updates/main/x/xli/

Fedora:

href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/">http://download.fedora.

redhat.com/pub/fedora/

linux/core/updates/

TurboLinux:

href="%20ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/">ftp://ftp.turbolinux.co.jp/pub/

TurboLinux/TurboLinux/ia32/

RedHat:
http://rhn.redhat.com/errata/
RHSA-2005-332.html

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php">

http://www.mandrakesecure.net/

en/ftp.php

Currently we are not aware of any exploits for this vulnerability.

Gentoo Linux Security Advisory, GLSA 200503-05, March 2, 2005

Fedora Update Notifications,

FEDORA-2005-236 & 237, March 18, 2005

Debian Security Advisory, DSA 695-1, March 21, 2005

Turbolinux Security Advisory, TLSA-2005-43, April 19, 2005

RedHat Security Advisory, RHSA-2005:332-10, April 19, 2005

Mandriva Linux Security Update Advisory, MDKSA-2005:076, April 21, 2005

MySQL

MySQL 4.x

A vulnerability exists in the 'mysqlaccess.sh' script because temporary files are created in an unsafe manner, which could let a malicious user obtain elevated privileges.

Update available at: href=" http://lists.mysql.com/internals/20600">

http://lists.mysql.com/internals/20600

Ubuntu: href="http://www.ubuntulinux.org/support/documentation/usn/usn-63-1">

http://www.ubuntulinux.org/support/

documentation/usn/usn-63-1

Debian: href="http://www.debian.org/security/2005/dsa-647">

http://www.debian.org/security/

2005/dsa-647

Gentoo: href="http://www.gentoo.org/security/en/glsa/glsa-200501-33.xml">

http://www.gentoo.org/security/en
/glsa/glsa-200501-33.xml

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php"
target=_blank>

http://www.mandrakesecure.net/

en/ftp.php

FedoraLegacy:

href="http://download.fedoralegacy.org/fedora/">http://download.fedoralegacy.

org/fedora/

Conectiva:
ftp://atualizacoes.conectiva.
com.br/

OpenPKG:
ftp://ftp.openpkg.org/release/
2.2/UPD/mysql-4.0.21-2.2.2.src.rpm

Currently we are not aware of any exploits for this vulnerability.

MySQL 'mysqlaccess.sh' Unsafe Temporary Files

href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0004">CAN-2005-0004

Security Tracker Alert, 1012914, January 17,2005

Ubuntu Security Notice USN-63-1 January 18, 2005

Debian Security Advisory

DSA-647-1 mysql, January 19, 2005

Gentoo GLSA 200501-33, January 23, 2005

Mandrakelinux Security Update Advisory, MDKSA-2005:036, February 11, 2005

Trustix Secure Linux Security Advisory, TSLSA-2005-0003, February 11, 2005

Fedora Legacy Update Advisory, FLSA:2129, March 24, 2005

Conectiva Linux Security Announcement, CLA-2005:947, April 20, 2005

OpenPKG Security Advisory, OpenPKG-SA-2005.006, April 20, 2005

openMosixview

openMosixview 1.2-1.5

Gentoo:
http://security.gentoo.org/
glsa/glsa-200504-20.xml

A Proof of Concept exploit script has been published.

Securiteam, March 28, 2005

Gentoo Linux Security Advisory, GLSA 200504-20, April 21, 2005

PHP Group

PHP 4.3-4.3.10; Peachtree Linux release 1

Upgrades available at:

href="http://ca.php.net/get/php-4.3.11.tar.gz/from/a/mirror"
target=_blank>http://ca.php.net/get/php

4.3.11.tar.gz/from/a/mirror

Ubuntu:

href="http://security.ubuntu.com/ubuntu/pool/main/p/php4/">http://security.ubuntu.com/

ubuntu/pool/main/p/php4/

Gentoo:

href="http://security.gentoo.org/glsa/glsa-200504-15.xml">http://security.gentoo.org/

glsa/glsa-200504-15.xml

Fedora:

href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/">http://download.fedora.redhat.com/

pub/fedora/linux/core/updates/

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php">

http://www.mandrakesecure.net/

en/ftp.php

Peachtree:
http://peachtree.burdell.org/
updates/

Currently, we are not aware of any exploits for this vulnerability.

Security Focus, 13164, April 14, 2005

Ubuntu Security Notice, USN-112-1, April 14, 2005

Gentoo Linux Security Advisory, GLSA 200504-15, April 18, 2005

Fedora Update Notification,

FEDORA-2005-315, April 18, 2005

Mandriva Linux Security Update Advisory, MDKSA-2005:072, April 19, 2005

Peachtree Linux Security Notice, PLSN-0001, April 21, 2005

PHP Group

PHP 4.3-4.3.10; Peachtree Linux release 1

Upgrades available at:

href="http://ca.php.net/get/php-4.3.11.tar.gz/from/a/mirror"
target=_blank>http://ca.php.net/get/php

4.3.11.tar.gz/from/a/mirror

Ubuntu:

href="http://security.ubuntu.com/ubuntu/pool/main/p/php4/">http://security.ubuntu.com/

ubuntu/pool/main/p/php4/

Gentoo:

href="http://security.gentoo.org/glsa/glsa-200504-15.xml">http://security.gentoo.org/

glsa/glsa-200504-15.xml

Fedora:

href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/">http://download.fedora.redhat.com/

pub/fedora/linux/core/updates/

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php">

http://www.mandrakesecure.net/

en/ftp.php

Peachtree:
http://peachtree.burdell.org/
updates/

Currently, we are not aware of any exploits for this vulnerability.

Security Focus, 13163, April 14, 2005

Ubuntu Security Notice, USN-112-1, April 14, 2005

Gentoo Linux Security Advisory, GLSA 200504-15, April 18, 2005

Fedora Update Notification,

FEDORA-2005-315, April 18, 2005

Mandriva Linux Security Update Advisory, MDKSA-2005:072, April 19, 2005

Peachtree Linux Security Notice, PLSN-0001, April 21, 2005

Remote Sensing

LibTIFF 3.5.7, 3.6.1, 3.7.0; Avaya CVLAN, Integrated Management, Intuity LX, MN100, Modular Messaging (MSS) 1.1, 2.0

Two vulnerabilities exist which can be exploited by malicious people to compromise a vulnerable system by executing arbitrary code. The vulnerabilities are caused due to an integer overflow in the "TIFFFetchStripThing()" function in "tif_dirread.c" when parsing TIFF files and"CheckMalloc()" function in "tif_dirread.c" and "tif_fax3.c" when handling data from a certain directory entry in the file header.

Update to version 3.7.1:
ftp://ftp.remotesensing.org/pub/libtiff/

Fedora:
http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/

Debian:
http://www.debian.org/security/
2004/dsa-617

Gentoo:
http://security.gentoo.org/glsa/
glsa-200501-06.xml

Mandrake:
http://www.mandrakesecure.net/
en/ftp.php

SUSE:
ftp://ftp.suse.com/pub/suse/

RedHat:
http://rhn.redhat.com/errata/
RHSA-2005-019.html

SGI:
http://support.sgi.com/browse_
request/linux_patches_by_os

TurboLinux:
http://www.turbolinux.com/update/

Conectiva:
ftp://atualizacoes.conectiva.com.br/

Avaya:
http://support.avaya.com/elmodocs2/
security/ASA-2005-021_RHSA-2005-019.pdf

Mandrake:
http://www.mandrakesecure.net/
en/ftp.php

Sun:
http://sunsolve.sun.com/search/
document.do?assetkey=
1-26-57769-1

Currently we are not aware of any exploits for these vulnerabilities.

iDEFENSE Security Advisory 12.21.04

Secunia SA13629, December 23, 2004

SUSE Security Announcement, SUSE-SA:2005:001, January 10, 2005

RedHat Security Advisory, RHSA-2005:019-11, January 13, 2005

US-Cert Vulnerability Note, VU#125598, January 14, 2005

SGI Security Advisory, 20050101-01-U, January 19, 2005

Turbolinux Security Announcement, January 20, 2005

Conectiva Linux Security Announcement, CLA-2005:920, January 20, 2005

Avaya Security Advisory, ASA-2005-021, January 25, 2005

Mandrakelinux Security Update Advisory, MDKSA-2005:052, March 4, 2005

Sun(sm) Alert Notification, 57769, April 25, 2005

Roar Smith

info2www 1.2.2.9

A Cross-Site Scripting vulnerability has been reported due to insufficient sanitization of user-supplied input, which could let a remote malicious user execute arbitrary HTML and script code.

Debian:
http://security.debian.org/pool/
updates/main/i/info2www/

There is no exploit code required.

Rob Flynn

Gaim 1.0-1.0.2, 1.1.1, 1.1.2

Upgrades available at:
http://gaim.sourceforge.net/
downloads.php

Fedora:
http://download.fedora.redhat.
com/pub/fedora/linux/core/
updates/

Ubuntu:
http://security.ubuntu.com/
ubuntu/pool/main/g/gaim/

Gentoo:
http://security.gentoo.org/
glsa/glsa-200503-03.xml

Mandrake:
Http://www.mandrakesecure.net/
en/advisories/

RedHat:
http://rhn.redhat.com/errata/
RHSA-2005-215.html

Conectiva:
ftp://atualizacoes.conectiva.
com.br/

Peachtree:
http://peachtree.burdell.org/
updates/

There is no exploit code required.

Gaim Advisory, February 17, 2005

Fedora Update Notifications,
FEDORA-2005-159 & 160, February 21, 2005

US-CERT VU#839280

US-CERT VU#523888

Ubuntu Security Notice, USN-85-1 February 25, 2005

Gentoo Linux Security Advisory, GLSA 200503-03, March 1, 2005

Mandrakelinux Security Update Advisory, MDKSA-2005:049, March 4, 2005

RedHat Security Advisory, RHSA-2005:215-11, March 10, 2005

Conectiva Linux Security Announcement, CLA-2005:933, March 14, 2005

Peachtree Linux Security Notice, PLSN-0002, April 21, 2005

SWSoft

Confixx Pro 3, Confixx 3.0.6, 3.0.8

No workaround or patch available at time of publishing.

There is no exploit code required.

Vladislav Bogdanov

SNMP Proxy Daemon 0.4-0.4.5

A format string vulnerability has been reported in SNMPPD due to insufficient sanitization of user-supplied input before using in a formatted printing function, which could let a remote malicious user execute arbitrary code.

No workaround or patch available at time of publishing.

Currently we are not aware of any exploits for this vulnerability.

Albrecht Guenther

PHProjekt 4.2 & prior

A Cross-Site Scripting vulnerability has been reported in the chatroom text submission form due to insufficient sanitization, which could let a remote malicious user execute arbitrary HTML and script code.

No workaround or patch available at time of publishing.

There is no exploit code required.

AZ Bulletin Board

AZbb 1.0.7 a-1.0.7 c

Multiple vulnerabilities have been reported: a vulnerability was reported in 'admin_avatar.php' and 'admin_attachment.php' due to validation errors, which could let a remote malicious user with administrative privileges delete arbitrary files; a vulnerability was reported in 'main_index.php' due to insufficient verification of input passed to the 'dir_src' and 'abs_layer' parameters, which could let a remote malicious user include arbitrary files; and a Directory Traversal vulnerability has been reported in 'attachment.php' due to an input validation error, which could let a remote malicious user obtain sensitive information.

Upgrades available at:
http://azbb.cyaccess.com/
azbb.php?1091872271

There is no exploit code required.

bBlog

bBlog 0.7.4

Several vulnerabilities have been reported: a Cross-Site Scripting vulnerability has been reported due to insufficient validation of the entry title field or comment body text, which could let a remote malicious user execute arbitrary HTML and script code; and an SQL injection vulnerability has been reported in the 'postid' parameter, which could let a remote malicious user execute arbitrary SQL commands.

No workaround or patch available at time of publishing.

A Proof of Concept exploit has been published.

Castlehill

A Directory Traversal vulnerability has been reported in the third party tool from Castlehill, as used to secure the iSeries AS/400 FTP server, which could lead to a false sense of security.

Contact the vendor for details regarding obtaining and applying appropriate updates.

There is no exploit code required.

DUware

DUportal 3.1.2 SQL, 3.1.2

No workaround or patch available at time of publishing.

There is no exploit code required; however, Proofs of Concept exploits have been published.

DUware

DUportal Pro 3.4

No workaround or patch available at time of publishing.

There is no exploit code required; however, Proofs of Concept exploits have been published.

eGroupWare

eGroupWare 1.0-1.0.3, 1.0.6

Multiple unspecified vulnerabilities have been fixed in the latest upgrade. The impact was not specified.

Upgrades available at:

href="http://sourceforge.net/project/showfiles.php?group_id=78745"
target=_blank>http://sourceforge.net/project/

showfiles.php?group_id=78745

Gentoo:
http://security.gentoo.org/
glsa/glsa-200504-24.xml

Currently we are not aware of any exploits for these vulnerabilities.

Security Focus, 13212, April 18, 2005

Gentoo Linux Security Advisory, GLSA 200504-24, April 25, 2005

Ethereal Group

Ethereal 0.8, 0.8.13-0.8.15, 0.8.18, 0.8.19, 0.9-0.9.16, 0.10-0.10.9

A remote Denial of Service vulnerability has been reported due to the way Resource ReSerVation Protocol (RSVP) packets are decoded.

No workaround or patch available at time of publishing.

An exploit script has been published.

FlexPHPNews

FlexPHPNews .3

An SQL injection vulnerability was reported in 'news.php' due to insufficient sanitization of the 'newsid' parameter, which could let a remote malicious user execute arbitrary code.

No workaround or patch available at time of publishing.

There is no exploit code required.

Fritz Berger

yappa-ng 0.9, 1.0-1.6, 2.0 .0, 2.0.1, 2.1.0-2.3.1

Upgrades available at:
http://sourceforge.net/project/
showfiles.php?group_id=70802

There is no exploit code required.

GNU

Gaim prior to 1.1.4

Update to version 1.1.4:
href="http://gaim.sourceforge.net/downloads.php">http://gaim.sourceforge.net/
downloads.php

Ubuntu:

href="http://www.ubuntulinux.org/support/documentation/usn/usn-85-1">http://www.ubuntulinux.org/
support/ href="http://www.ubuntulinux.org/support/documentation/usn/usn-85-1">documentation/
usn/usn-85-1

Fedora: href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/">

http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates/

Gentoo: href="http://security.gentoo.org/glsa/glsa-200503-03.xml">

http://security.gentoo.org/

glsa/glsa-200503-03.xml

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php">

http://www.mandrakesecure.net/

en/ftp.php

RedHat: href="http://rhn.redhat.com/errata/RHSA-2005-215.html">

http://rhn.redhat.com/errata/

RHSA-2005-215.html

Conectiva: href="ftp://atualizacoes.conectiva.com.br/">
ftp://atualizacoes.conectiva.
com.br/

Peachtree:
http://peachtree.burdell.org/
updates/

Currently we are not aware of any exploits for this vulnerability.

Sourceforge.net Gaim Vulnerability Note, February 24, 2005

US-CERT VU#795812

Gentoo, GLSA 200503-03, March 1, 2005

Mandrakelinux Security Update Advisory, MDKSA-2005:049, March 4, 2005

RedHat Security Advisory, RHSA-2005:215-11, March 10, 2005

Conectiva Linux Security Announcement, CLA-2005:933, March 14, 2005

Peachtree Linux Security Notice, PLSN-0002, April 21, 2005

Gregory DEMAR

Coppermine Photo Gallery 1.0 RC3, 1.1 beta 2, 1.1 .0, 1.2, 1.2.1, 1.2.2 b, 1.3

Upgrades available at:
http://prdownloads.
sourceforge.net/
coppermine/cpg
1.3.3.zip?download

There is no exploit code required.

Bugtraq, 396080, April 18, 2005

Security Focus, 13218, April 20, 2005

Gregory DEMAR

Coppermine Photo Gallery 1.3.2

Upgrade available at:
http://prdownloads.
sourceforge.net/
coppermine/cpg
1.3.3.zip?download

Currently we are not aware of any exploits for these vulnerabilities.

Horde Project

Horde Passwd Module 2.x

A Cross-Site Scripting vulnerability has been reported due to insufficient sanitization of input passed to a parent's frame page title, which could let a remote malicious user execute arbitrary HTML and script code.

Upgrades available at:
http://www.horde.org/passwd/
download/

There is no exploit code required.

Horde Project

Horde Kronolith Module

A Cross-Site Scripting vulnerability has been reported due to insufficient sanitization of input passed to a parent's frame page title, which could let a remote malicious user execute arbitrary HTML and script code.

Upgrades available at:
http://www.horde.org/kronolith/
download/

There is no exploit code required.

Horde Project

HordeTurba Module 1.x

A Cross-Site Scripting vulnerability has been reported due to insufficient sanitization of input passed to a parent's frame page title, which could let a remote malicious user execute arbitrary HTML and script code.

Upgrades available at:
http://www.horde.org/turba/
download/

There is no exploit code required.

Horde Project

Horde Accounts Module 2.1, 2.1.1

A Cross-Site Scripting vulnerability has been reported due to insufficient sanitization of input passed to a parent's frame page title, which could let a remote malicious user execute arbitrary HTML and script code.

Upgrades available at:
http://www.horde.org/accounts/
download/

There is no exploit code required.

Horde Project

Horde Chora 1.1-1.2.2

A Cross-Site Scripting vulnerability has been reported due to insufficient sanitization of input passed to a parent's frame page title, which could let a remote malicious user execute arbitrary HTML and script code.

Upgrades available at:
http://www.horde.org/chora/
download/

There is no exploit code required.

Horde Project

Horde Forwards Module 2.1-2.2.1

A Cross-Site Scripting vulnerability has been reported due to insufficient sanitization of input passed to a parent's frame page title, which could let a remote malicious user execute arbitrary HTML and script code.

Upgrades available at:
http://www.horde.org/forwards/
download/

There is no exploit code required.

Horde Project

Horde IMP Webmail Client 3.x

A Cross-Site Scripting vulnerability has been reported due to insufficient sanitization of input passed to a parent's frame page title, which could let a remote malicious user execute arbitrary HTML and script code.

Upgrades available at:
ftp://ftp.horde.org/pub/imp/
imp-3.2.8.tar.gz

There is no exploit code required.

Horde Project

Horde Mnemo 1.1-1.1.3

A Cross-Site Scripting vulnerability has been reported due to insufficient sanitization of input passed to a parent's frame page title, which could let a remote malicious user execute arbitrary HTML and script code.

Upgrades available at:
http://www.horde.org/mnemo/
download/

There is no exploit code required.

Horde Project

Horde Vacation 2.0-2.2.1

A Cross-Site Scripting vulnerability has been reported due to insufficient sanitization of input passed to a parent's frame page title, which could let a remote malicious user execute arbitrary HTML and script code.

Upgrades available at:
http://www.horde.org/vacation/
download/

There is no exploit code required.

Horde Project

HordeNag 1.1-1.1.2

A Cross-Site Scripting vulnerability has been reported due to insufficient sanitization of input passed to a parent's frame page title, which could let a remote malicious user execute arbitrary HTML and script code.

Upgrades available at:
http://www.horde.org/nag/
download/

There is no exploit code required.

IBM

Websphere Application Server 6.0

No workaround or patch available at time of publishing.

There is no exploit code required.

IBM

iSeries AS400

A Directory Traversal vulnerability has been reported in the AS400 FTP Service, which could let a remote malicious user obtain sensitive information.

No workaround or patch available at time of publishing.

There is no exploit code required.

InterSoft

NetTerm .1.1

A buffer overflow vulnerability has been reported in the USER command when an overly long string is submitted, which could let a remote malicious user execute arbitrary code.

No workaround or patch available at time of publishing.

An exploit script has been published.

Invision Power Services

Invision Board 2.0.1

No workaround or patch available at time of publishing.

There is no exploit code required; however, a Proof of Concept exploit has been published.

MediaWiki

MediaWiki 1.x

A Cross-Site Scripting vulnerability has been reported due to insufficient sanitization of certain unspecified input, which could let a remote malicious user execute arbitrary HTML and script code.

Upgrades available at:
http://prdownloads.sourceforge.net/
wikipedia/mediawiki-1.4.2.tar.
gz?download

There is no exploit code required.

Mozilla.org

Mozilla Browser 1.0-1.0.2, 1.1-1.7.6, Firefox 0.8-0.10.1, 1.0.1, 1.0.2

Upgrades available at:

href="http://www.mozilla.org/products/firefox/"
target=_blank>http://www.mozilla.org/

products/firefox/

href="http://www.mozilla.org/products/mozilla1.x/"
target=_blank>http://www.mozilla.org/

class=bodytext> target=_blank>products/mozilla1.x/

Gentoo: href="http://security.gentoo.org/glsa/glsa-200504-18.xml">

http://security.gentoo.org/

glsa/glsa-200504-18.xml

RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-383.html

http://rhn.redhat.com/errata/
RHSA-2005-386.html

TurboLinux:
ftp://ftp.turbolinux.co.jp/pub/
TurboLinux/TurboLinux/ia32/

There is no exploit code required.

Mozilla Foundation Security Advisories, 2005-35 - 2005-41, April 16, 2005

Gentoo Linux Security Advisory, GLSA 200504-18, April 19, 2005

US-CERT VU#973309

RedHat Security Advisories, RHSA-2005:383-07 & RHSA-2005-386., April 21 & 26, 2005

Turbolinux Security Advisory, TLSA-2005-49, April 21, 2005

US-CERT VU#519317

Multiple Vendors

Mozilla.org Mozilla Browser 1.7.6, Firefox 1.0.1, 1.0.2; K-Meleon K-Meleon 0.9; Netscape 7.2; K-Meleon 0.9

A vulnerability has been reported in the javascript implementation due to improper parsing of lamba list regular expressions, which could a remote malicious user obtain sensitive information.

The vendor has issued a fix, available via CVS.

RedHat:
http://rhn.redhat.com/errata/
RHSA-2005-383.html

http://rhn.redhat.com/errata/
RHSA-2005-386.html

Slackware:
http://www.mozilla.org
/projects/security/known-vulnerabilities.html

TurboLinux:
ftp://ftp.turbolinux.co.jp/pub/
TurboLinux/TurboLinux/ia32/

There is no exploit code required; however, a Proof of Concept exploit has been published.

Security Tracker Alert, 1013635, April 4, 2005

Security Focus, 12988, April 16, 2005

RedHat Security Advisories, RHSA-2005:383-07 & RHSA-2005:386-08, April 21 & 26, 2005

Turbolinux Security Advisory, TLSA-2005-49, April 21, 2005

Slackware Security Advisory, SSA:2005-111-04, April 22, 2005

Multiple Vendors

MPlayer 1.0pre6 & prior; Xine 0.9.9-1.0; Peachtree Linux release 1

Several vulnerabilities have been reported: a buffer overflow vulnerability has been reported due to a boundary error when processing lines from RealMedia RTSP streams, which could let a remote malicious user execute arbitrary code; and a buffer overflow vulnerability has been reported due to a boundary error when processing stream IDs from Microsoft Media Services MMST streams, which could let a remote malicious user execute arbitrary code.

Patches available at:
http://www.mplayerhq.hu/
MPlayer/patches/rtsp_
fix_20050415.diff

Gentoo:
http://security.gentoo.org/
glsa/glsa-200504-19.xml

Patches available at:
http://cvs.sourceforge.net/viewcvs.py/
xine/xinelib/src/input/

Currently we are not aware of any exploits for these vulnerabilities.

Security Tracker Alert,1013771, April 20, 2005

Gentoo Linux Security Advisory, GLSA 200504-19, April 20, 200

Peachtree Linux Security Notice, PLSN-0003, April 21, 2005

Xine Security Announcement, XSA-2004-8, April 21, 2005

Multiple Vendors

See US-CERT VU#222750 for complete list

Cisco:

href="http://www.cisco.com/warp/public/707/cisco-sa-20050412-icmp.shtml">http://www.cisco.com/warp/

public/707/cisco-sa-

20050412-icmp.shtml

IBM:

href="ftp://aix.software.ibm.com/aix/efixes/security/icmp_efix.tar.Z"
target=_blank>ftp://aix.software.ibm.com/aix/

efixes/security/icmp_efix.tar.Z

RedHat: href="http://rhn.redhat.com/errata/">

http://rhn.redhat.com/errata/

Currently we are not aware of any exploits for these vulnerabilities.

MySQL AB

MaxDB 7.5 .00.23-7.5.00.25, 7.5 .00.19, 7.5 .00.18, 7.5 .00.14-7.5 .00.16, 7.5 .00.12, 7.5 .00.11, 7.5 .00.08, 7.5 .00

Several vulnerabilities have been reported: a buffer overflow vulnerability was reported due to a boundary error in the web administration service when a specially crafted long HTTP 'GET' request is submitted that contains a percent sign, which could let a remote malicious user execute arbitrary code; and a buffer overflow vulnerability was reported in 'WDVHandler_CommonUtils.c' due to a boundary error in the 'getLockTokenHeader()' function, which could let a remote malicious user execute arbitrary code.

Upgrades available at:
http://dev.mysql.com/downloads/
maxdb/7.5.00.html

Currently we are not aware of any exploits for these vulnerabilities.

MySQL AB

MySQL 4.0.23, and 4.1.10

and prior

A vulnerability was reported in the CREATE FUNCTION command that could let an authenticated user gain mysql user privileges on the target system and permit the user to execute arbitrary code.

A fixed version (4.0.24 and 4.1.10a) is available at: href="http://dev.mysql.com/downloads/index.html">

http://dev.mysql.com/

downloads/index.html

Gentoo: href="http://security.gentoo.org/glsa/glsa-200503-19.xml">

http://security.gentoo.org/

glsa/glsa-200503-19.xml

Ubuntu: href="http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/">

http://security.ubuntu.com/

ubuntu/pool/main/m/

mysql-dfsg/

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php"
target=_blank>

http://www.mandrakesecure.net

/en/ftp.php

Trustix: href="http://http.trustix.org/pub/trustix/updates/">

http://http.trustix.org/pub/

trustix/updates/

ALT Linux: href="http://lists.altlinux.ru/pipermail/security-announce/2005-March/000287.html">

http://lists.altlinux.ru/pipermail/

security-announce/2005-March

/000287.html

RedHat: href="http://rhn.redhat.com/errata/RHSA-2005-334.html">

http://rhn.redhat.com/errata/

RHSA-2005-334.html

SuSE: href="ftp://ftp.suse.com/pub/suse/">

ftp://ftp.suse.com/pub/suse/

Conectiva:

href="ftp://atualizacoes.conectiva.com.br/">ftp://atualizacoes.conectiva.

com.br/

Debian:

href="http://security.debian.org/pool/updates/main/m/mysql/">http://security.debian.org/|

pool/updates/main/m/mysql/

OpenPKG:
ftp://ftp.openpkg.org/release/
2.2/UPD/mysql-
4.0.21-2.2.2.src.rpm

TurboLinux:
ftp://ftp.turbolinux.co.jp/pub/
TurboLinux/TurboLinux/ia32/

A Proof of Concept exploit has been published.

Security Tracker Alert ID: 1013415, March 11, 2005

Gentoo Linux Security Advisory, GLSA 200503-19, March 16, 2005

Ubuntu Security Notice, USN-96-1 March 16, 2005

Mandrakelinux Security Update Advisory, MDKSA-2005:060, March 21, 2005

Trustix Secure Linux Security Advisory, TSL-2005-0009, March 21, 2005

SUSE Security Announcement, SUSE-SA:2005:019, March 24, 2005

RedHat Security Advisory, RHSA-2005:334-07, March 28, 2005

ALTLinux Security Advisory, March 29, 2005

Conectiva Linux Security Announcement, CLA-2005:946, April 4, 2005

Debian Security Advisory, DSA 707-1 , April 13, 2005

OpenPKG Security Advisory, OpenPKG-SA-2005.006, April 20, 2005

Turbolinux Security Advisor, TLSA-2005-48, April 21, 2005

NetIQ Corporation

NetIQ

No workaround or patch available at time of publishing.

There is no exploit code required

Netref

Netref 4.2

A vulnerability has been reported in the 'script/cat_for_gen.php' script due to insufficient validation of the 'ad_direct' and 'm_for_racine' parameters, which could let a remote malicious user execute arbitrary code.

No workaround or patch available at time of publishing.

There is no exploit code required; however, a Proof of Concept exploit has been published.

North American Systems International

BSafe

No workaround or patch available at time of publishing.

There is no exploit code required.

Oracle Corporation

Oracle Application Server 10g,
Enterprise Edition, Personal Edition, Standard Edition

Multiple SQL injection vulnerabilities have been reported due to insufficient sanitization of user-supplied data, which could let a remote malicious user execute arbitrary SQL code. An SQL injection vulnerability was reported in the 'SYS.DBMS_CDC_
IPUBLISH.CREATE_
SCN_CHANGE_SET' standard procedure, which could let a remote malicious user execute arbitrary SQL code; An SQL injection vulnerability was reported in 'ALTER_MANUALLOG_
CHANGE_SOURCE' due to insufficient sanitization of user-supplied input, which could let a remote malicious user execute arbitrary SQL code; and An SQL injection vulnerability was reported in the 'SUBSCRIPTION_NAME' parameter due to insufficient sanitization of user-supplied data, which could let a remote malicious user execute arbitrary SQL code.

Update information available at:
href="http://www.oracle.com/technology/deploy/security/pdf/cpuapr2005.pdf">http://www.oracle.com/
technology/deploy/security
/pdf/cpuapr2005.pdf

Proofs of Concept exploits have been published.

Security Focus 13144, April 12, 2005

US-CERT VU#982109

AppSecInc Team SHATTER Security Advisories, April 18, 2005

Oracle Corporation

Oracle Application Server 10g,
Enterprise Edition, Personal Edition, Standard Edition, Oracle9i Enterprise, Edition 8.1.7, 9.0.1.5, 9.0.1 .4, 9.0.1, 9.0.4, 9.2 .0-9.2.0.6, Oracle9i Lite 5.0 .2.9.0, 5.0.2.0.0, 5.0 .1.0.0, 5.0 .0.0.0
Oracle9i Personal Edition 8.1.7, 9.0.1.5, 9.0.1 .4, 9.0.1, 9.0.4, 9.2 .0-9.2.0.6, 9.2, Oracle9i Standard Edition 8.1.7, 9.0, 9.0.1-9.0.1 .5, 9.0.2, 9.0.4, 9.2 .3, 9.2.0.1-9.2.0.6, 9.2

Update information available at:
href="http://www.oracle.com/technology/deploy/security/pdf/cpuapr2005.pdf">http://www.oracle.com/technology/
deploy/security/pdf/cpuapr2005.pdf

Proofs of Concept exploits have been published.

Security Focus, 13238 & 13239, April 18, 2005

US-CERT VU#982109

Palace Guard Software

Secure/NET+

Contact the vendor for details regarding obtaining and applying appropriate updates.

There is no exploit code required.

PHP Group

PHP prior to 5.0.4; Peachtree Linux release 1

Multiple Denial of Service vulnerabilities have been reported in 'getimagesize().'

Upgrade available at:

href="http://ca.php.net/get/php-4.3.11.tar.gz/from/a/mirror"
target=_blank>http://ca.php.net/get/php-
4.3.11.tar.gz/from/a/mirror

Ubuntu:

href="http://security.ubuntu.com/ubuntu/pool/main/p/php4/">http://security.ubuntu.com/

ubuntu/pool/main/p/php4/

Slackware:

href="ftp://ftp.slackware.com/pub/slackware/">ftp://ftp.slackware.com/

pub/slackware/

Debian:

href="http://security.debian.org/pool/updates/main/p/php3/">http://security.debian.org/

pool/updates/main/p/php3/

SUSE:

href="ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/xorg-x11-libs-6.8.1-15.3.i586.rpm"
target=_blank>ftp://ftp.SUSE.com/pub/SUSE

Gentoo:

href="http://security.gentoo.org/glsa/glsa-200504-15.xml">http://security.gentoo.org/

glsa/glsa-200504-15.xml

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php">

http://www.mandrakesecure.net/

en/ftp.php

Peachtree:
http://peachtree.burdell.org/
updates/

Currently we are not aware of any exploits for these vulnerabilities.

iDEFENSE Security Advisory,

March 31, 2005

Ubuntu Security Notice, USN-105-1, April 05, 2005

Slackware Security Advisory, SSA:2005-

095-01,

April 6, 2005

Debian Security Advisory, DSA 708-1, April 15, 2005

SUSE Security Announcement, SUSE-SA:2005:023, April 15, 2005

Gentoo Linux Security Advisory, GLSA 200504-15, April 18, 2005

Mandriva Linux Security Update Advisory, MDKSA-2005:072, April 19, 2005

Peachtree Linux Security Notice, PLSN-0001, April 21, 2005

PHP Labs

proFile

A Cross-Site Scripting vulnerability has been reported in the 'index.php' script due to insufficient validation of the 'dir' and 'file' parameters, which could let a remote malicious user execute arbitrary HTML and script code.

No workaround or patch available at time of publishing.

Proofs of Concept exploits have been published.

phpBB Group

phpBB 2.0-2.0.14

No workaround or patch available at time of publishing.

There is no exploit code required; however, a Proof of Concept exploit has been published.

phpbb-auction

phpbb-auction 1.0, 1.2

No workaround or patch available at time of publishing.

There is no exploit code required; however, Proofs of Concept exploits have been published.

phpMyVisites

phpMyVisites 1.0-1.3

A Cross-Site Scripting vulnerability has been reported in 'index.php' due to insufficient sanitization of the 'part,' 'per,' and 'site' parameters, which could let a remote malicious user execute arbitrary HTML and script code.

Patches available at:
http://cvs.sourceforge.net/
cvstarballs/phpmyvisites
-cvsroot.tar.bz2

There is no exploit code required.

phpMyVisites

phpMyVisites 1.3

A vulnerability has been reported in the 'Set_Lang' file variable, which could let a malicious user obtain sensitive information.

Patches available at:
http://cvs.sourceforge.net/
cvstarballs/phpmyvisites
-cvsroot.tar.bz2

A Proof of Concept exploit has been published.

PixySoft

E-Cart 1.1

No workaround or patch available at time of publishing.

There is no exploit code required; however, a Proof of Concept exploit script has been published.

PowerTech

PowerLock

Contact the vendor for details regarding obtaining and applying appropriate updates.

There is no exploit code required.

profitCode Software

PayProCart 3.0

Cross-Site Scripting vulnerabilities have been reported due to insufficient sanitization input passed to the 'username,' 'chckoutaction,' 'ckprvd,' 'pageID,' 'hdoc,' 'modID,' 'taskID,' 'proMod,' and 'mmactionComm' parameters, which could let a remote malicious user execute arbitrary HTML and script code; It is also possible to disclose the full path to certain scripts by
accessing them directly.

Upgrade available at:
http://www.profitcode.net/
products/payprocart-31.html

There is no exploit code required; however, Proofs of Concept exploits have been published.

Python

SimpleXMLRPCServer 2.2 all versions, 2.3 prior to 2.3.5, 2.4

A vulnerability exists in the SimpleXMLRPCServer library module that could permit a remote malicious user to access internal module data, potentially executing arbitrary code. Python XML-RPC servers that use the register_instance() method to register an object without a _dispatch() method are affected.

Patches for Python 2.2, 2.3, and 2.4, available at:

href="http://python.org/security/PSF-2005-001/patch-2.2.txt">http://python.org/security/

PSF-2005-001/patch-2.2.txt
(Python 2.2)

href="http://python.org/security/PSF-2005-001/patch.txt">http://python.org/security/

PSF-2005-001/patch.txt
(Python 2.3, 2.4)

The vendor plans to issue fixed
versions for 2.3.5, 2.4.1, 2.3.5, and 2.4.1.

Debian: href="http://www.debian.org/security/2005/dsa-666">

http://www.debian.org/security/

2005/dsa-666

Gentoo:

href="http://security.gentoo.org/glsa/glsa-200502-09.xml">http://security.gentoo.org/

glsa/glsa-200502-09.xml

Mandrakesoft: href="http://www.mandrakesoft.com/security/advisories?name=MDKSA-2005:035">

http://www.mandrakesoft.com/
security/advisories?name
=MDKSA-2005:035

Trustix: href="http://www.trustix.org/errata/2005/0003/">

http://www.trustix.org/
errata/2005/0003/

Red Hat: href="http://rhn.redhat.com/errata/RHSA-2005-109.html">

http://rhn.redhat.com/errata

/RHSA-2005-109.html

SUSE:

href="ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/xorg-x11-libs-6.8.1-15.3.i586.rpm"
target=_blank>ftp://ftp.SUSE.com/pub/SUSE

Debian: href="http://security.debian.org/pool/updates/main/liba/libapache-mod-python/">

http://security.debian.org/pool/

updates/main/liba/
libapache-mod-python/

Slackware:
ftp://ftp.slackware.com/
pub/slackware/

Currently we are not aware of any exploits for this vulnerability.

Python SimpleXMLRPC
Server Remote Code

href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0088">CAN-2005-0088
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0089">CAN-2005-0089

Python Security Advisory: PSF-2005-001, February 3, 2005

Gentoo, GLSA 200502-09, February 08, 2005

Mandrakesoft, MDKSA-2005:035, February 10, 2005

Trustix #2005-0003, February 11, 2005

RedHat Security Advisory, RHSA-2005:109-04, February 14, 2005

SUSE Security Summary Report, SUSE-SR:2005:005, February 18, 2005

US-CERT VU#356409

Debian Security Advisory, DSA 689-1, February 23, 2005

Slackware Security Advisory, SSA:2005-111-02, April 22, 2005

Raz-Lee

Security+++ Suite

Contact the vendor for details regarding obtaining and applying appropriate updates.

There is no exploit code required.

SafeStone Technologies

SafeStone

No workaround or patch available at time of publishing.

There is no exploit code required

Sun Microsystems, Inc.

OpenOffice 1.1.4, 2.0 Beta

Fedora:

href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/">http://download.fedora.redhat.com/

pub/fedora/linux/core/updates/

Gentoo:

href="http://security.gentoo.org/glsa/glsa-200504-13.xml">http://security.gentoo.org/

glsa/glsa-200504-13.xml

SUSE:

href="ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/xorg-x11-libs-6.8.1-15.3.i586.rpm"
target=_blank>ftp://ftp.SUSE.com/pub/SUSE

RedHat:
http://rhn.redhat.com/
errata/RHSA-2005-375.html

Currently we are not aware of any exploits for this vulnerability.

Security Focus, 13092,

April 11, 2005

Fedora Update Notification,

FEDORA-2005-316, April 13, 2005

Gentoo Linux Security Advisory, GLSA 200504-13, April 15, 2005

SUSE Security Announcement, SUSE-SA:2005:025, April 19, 2005

RedHat Security Advisory, RHSA-2005:375-07, April 25, 2005

Sun Microsystems, Inc.

Sun Java Web Proxy Server 3.6, SP1-SP6

Upgrades available at:
http://www.sun.com/download/
products.xml?id=424217a1

Currently we are not aware of any exploits for these vulnerabilities.

UBBCentral

UBB.threads 6.0

An SQL injection vulnerability has been reported in the 'Printthread.php' script due to insufficient sanitization of the 'main' parameter, which could let a remote malicious user execute arbitrary SQL code.

No workaround or patch available at time of publishing.

A Proof of Concept exploit script has been published.

University of California (BSD License)

PostgreSQL 7.x, 8.x; Peachtree Linux release 1

Multiple vulnerabilities exist that could permit malicious users to gain escalated privileges or execute arbitrary code. These vulnerabilities are due to an error in the 'LOAD' option, a missing permissions check, an error in 'contrib/intagg,' and a boundary error in the plpgsql cursor declaration.

Update to version 8.0.1, 7.4.7, 7.3.9, or 7.2.7: href="http://wwwmaster.postgresql.org/download/mirrors-ftp">
http://wwwmaster.postgresql.

org/download/mirrors-ftp

Ubuntu: href="http://www.ubuntulinux.org/support/documentation/usn/usn-71-1">

http://www.ubuntulinux.org/

support/ href="http://www.ubuntulinux.org/support/documentation/usn/usn-71-1">documentation/
usn/usn-71-1

Debian: href="http://www.debian.org/security/2005/dsa-668">

http://www.debian.org/

security/2005/dsa-668

Gentoo: href="http://security.gentoo.org/glsa/glsa-200502-08.xml">

http://security.gentoo.org/

glsa/glsa-200502-08.xml

Fedora: href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/">

http://download.fedora.
redhat.com/

pub/fedora/linux/core/updates/

Trustix: href="http://http.trustix.org/pub/trustix/updates/">

http://http.trustix.org/pub/
trustix/updates/

Ubuntu: href="http://security.ubuntu.com/ubuntu/pool/main/p/postgresql/">

http://security.ubuntu.com/

ubuntu/pool/main/p/postgresql/

RedHat: href="http://rhn.redhat.com/errata/RHSA-2005-141.html">

http://rhn.redhat.com/errata/

RHSA-2005-141.html

Gentoo: href="http://security.gentoo.org/glsa/glsa-200502-19.xml">

http://security.gentoo.org/

glsa/glsa-200502-19.xml

Debian: href="http://security.debian.org/pool/updates/main/p/postgresql/">

http://security.debian.org/

pool/updates/main/p/postgresql/

Mandrakesoft: href="http://www.mandrakesoft.com/security/advisories?name=MDKSA-2005:040">

http://www.mandrakesoft.com/

security/ advisories?name=

MDKSA-2005:040

SUSE:

href="ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/xorg-x11-libs-6.8.1-15.3.i586.rpm"
target=_blank>ftp://ftp.SUSE.com/pub/SUSE

Peachtree:
http://peachtree.burdell.org/
updates/

Trustix:
http://www.trustix.org/
errata/2005/0015/

Currently we are not aware of any exploits for these vulnerabilities.

University of
California
PostgreSQL
Multiple
Vulnerabilities

href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0227">CAN-2005-0227

href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0246">CAN-2005-0246

href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0244">CAN-2005-0244

href="http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CAN-2005-0244"> href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0245">CAN-2005-0245

href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0247">CAN-2005-0247

PostgreSQL Security Release, February 1, 2005

Ubuntu Security Notice USN-71-1 February 01, 2005

Debian Security Advisory

DSA-668-1, February 4, 2005

Gentoo GLSA 200502-08, February 7, 2005

Fedora Update Notifications,

FEDORA-2005-124 & 125, February 7, 2005

Ubuntu Security Notice,e USN-79-1 , February 10, 2005

Trustix Secure Linux Security Advisory, TSLSA-2005-0003, February 11, 2005

Gentoo Linux Security Advisory, GLSA 200502-19, February 14, 2005

RedHat Security Advisory, RHSA-2005:141-06, February 14, 2005

Debian Security Advisory, DSA 683-1, February 15, 2005

Mandrakesoft, MDKSA-2005:040, February 17, 2005

SUSE Security Summary Report, SUSE-SR:2005:005, February 18, 2005

Fedora Update Notifications,

FEDORA-2005-157 &158, February 22, 2005

SUSE Security Summary Report, SUSE-SR:2005:006, February 25, 2005

SUSE Security Announcement, SUSE-SA:2005:027, April 20, 2005

Peachtree Linux Security Notice, PLSN-0004, April 21, 2005

Trustix Secure Linux Security Advisory, TSLSA-2005-0015, April 25, 2005

VooDoo

cIRCle 1.0.20, 1.0.32

A remote Denial of Service vulnerability has been reported when handling packets from BOTNET connections due to a boundary error.

Upgrades available at:
http://prdownloads.
sourceforge.net/
voodoo-circle/
voodoo_circle-doc-
1.0.33.zip?download

Currently we are not aware of any exploits for this vulnerability.

WebCT

WebCT Campus Edition 4.1

Workaround available at:
http://www.webct.com
/support/viewpage?
name=support_
bulletins#apr15-05

There is no exploit code required; however, a Proof of Concept exploit has been published.

Security Focus, 13101,
April 11, 2005

Security Focus, 13101,
April 22, 2005

Woltlab

Burning Board 2.3.1

A Cross-Site Scripting vulnerability has been reported in the 'pms.php' script due to insufficient validation, which could let a remote malicious user execute arbitrary HTML and script code.

No workaround or patch available at time of publishing.

There is no exploit code required; however, a Proof of Concept exploit has been published.

Woltlab

Burning Board 2.3.1

A Cross-Site Scripting vulnerability has been reported in the 'thread.php' script due to insufficient validation of the 'hilight' parameter, which could let a remote malicious user execute arbitrary HTML and script code.

No workaround or patch available at time of publishing.

There is no exploit code required; however, a Proof of Concept exploit has been published.

April 20, 2005