Adobe

Adobe Reader 7.0 and earlier

Adobe Acrobat 7.0 and earlier

The Acrobat web control in Adobe Acrobat and Acrobat Reader 7.0 and
earlier, when used with Internet Explorer, allows remote malicious users
to determine the existence of arbitrary files via the LoadFile ActiveX
method.

This is a separate issue from CAN-2005-1347.

Updates available: href="http://www.adobe.com/support/techdocs/331465.html">http://www.adobe.com/support/
techdocs/331465.html

Currently we are not aware of any exploits for this
vulnerability.

Adobe

Acrobat Reader 6.0 and prior

A vulnerability has been reported that could let a remote malicious
user execute arbitrary code. If a specially crafted PDF file is loaded by
Acrobat Reader it will trigger an Invalid-ID-Handle-Error in
'AcroRd32.exe'.

No workaround or patch available at time of publishing.

The vendor has been unable to reproduce this vulnerability. The
original vulnerability reporter has refused to provide sufficient details
to confirm the issue to either Security Tracker or the vendor. This is a
separate issue from CAN-2005-0035.

Currently we are not aware of any exploits for this
vulnerability.

Security Tracker Alert, 1013774, April 21, 2005, Updated May 2,
2005

Altiris

Altiris Client Service for Windows version 6.1.393

A vulnerability has been reported that could let local malicious users
bypass certain security restrictions. This is due to an error in
ACLIENT.EXE that lets a user bypass the password restriction and gain
access to the "Altiris Client Service Properties" window without supplying
a valid password.

No workaround or patch available at time of publishing.

Currently we are not aware of any exploits for this
vulnerability.

BulletProof Software

BulletProof FTP 2.4.0.31

A vulnerability has been reported that could let local malicious users
gain escalated privileges. This is due to the application invoking the
help functionality with SYSTEM privileges when configured to run as a
service.

No workaround or patch available at time of publishing.

A Proof of Concept exploit has been published.

Cybration

ICUII 7.0

A vulnerability has been reported that could let a local malicious user
obtain passwords. This is because the application password and instant
messenger application passwords are stored in plain text format. The file
may contain MSN, Yahoo, AIM, and ICQ user passwords.

No workaround or patch available at time of publishing.

Currently we are not aware of any exploits for this
vulnerability.

Ecommerce-Carts.com

Ecomm Professional Guestbook 3.x

An input validation vulnerability has been reported that could let a
remote malicious user conduct SQL injection attacks.

No workaround or patch available at time of publishing.

A Proof of Concept exploit has been published.

enVivo!soft

enVivo!CMS

A vulnerability has been reported that could let a remote malicious
user inject SQL commands to gain access to the application. The
'admin_login.asp' script does not properly validate user-supplied input in
the 'username' and 'password' parameters.

No workaround or patch available at time of publishing.

A Proof of Concept exploit has been published.

ExoticSoft

FilePocket 1.2

A vulnerability has been reported that could let a local malicious user
view passwords. Proxy passwords are stored in the Windows registry in
plain text format.

No workaround or patch available at time of publishing.

A Proof of Concept exploit has been published.

GlobalSCAPE

Secure FTP Server 3.0.2

A buffer overflow vulnerability has been reported that could let a
remote malicious user execute arbitrary code on the target system. The
remote user can overwrite the EIP (and SEH) registers with an arbitrary
address.

The vendor has reportedly issued a fix: href="http://www.cuteftp.com/gsftps/ ">http://www.cuteftp.com/gsftps/

Proofs of Concept exploit scripts have been published.

Intersoft International

NetTerm 4.x, 5.x

A vulnerability has been reported that could let local malicious users
execute arbitrary code. This is due to a boundary error in the NetFtpd
program which can cause a buffer overflow by passing an overly long
argument to the "USER" FTP command when logging in.

The vendor has removed NetFtpd in NetTerm 5.1.1.1 and later.

Currently we are not aware of any exploits for this
vulnerability.

Intersoft NetTerm Remote Code Execution

href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1323">CAN-2005-1323

Misclassified as Multiple OS in SB05-117.

Kerio

Kerio WinRoute Firewall 6.0.10 and prior

Kerio MailServer 6.0.8 and prior

Kerio Personal Firewall 4.1.2 and prior

Two vulnerabilities have been reported that could let local users cause
a Denial of Service and brute force passwords. Local users can exploit an
error in the remote administration protocol to brute force passwords if
the username is known. Local users can also exploit an error in the remote
administration protocol to consume a large amount of CPU resources by
continuously sending messages.

The following versions are fixed:
* Kerio WinRoute Firewall version
6.0.11 and later.
* Kerio MailServer version 6.0.9 and later.
*
Kerio Personal Firewall version 4.1.3 and later.

Currently we are not aware of any exploits for these
vulnerabilities.

Kerio Products Password Brute Force and Denial of Service

href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1062">CAN-2005-1062
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1063">CAN-2005-1063

Secure Computer Group Document IDs ID: #20050429-1 and #20050429-2,
April 29, 2005

MaxWebPortal

MaxWebPortal 1.30 - 1.33

No workaround or patch available at time of publishing.

A Proof of Concept exploit has been published.

Metalinks

MetaBid

Multiple vulnerabilities have been reported in MetaBid that could let
remote malicious users conduct SQL injection attacks. This is due to input
validation errors in the "intAuctionID" parameter in "item.asp" and the
username and password fields in "logIn.asp."

No workaround or patch available at time of publishing.

A Proof of Concept exploit has been published.

NetLeaf Limited

NotJustBrowsing 1.0.3

A vulnerability has been reported that could let a local malicious user
obtain an application password. This is because the three character 'View
Lock Password' is stored in in plain text format.

No workaround or patch available at time of publishing.

Currently we are not aware of any exploits for this
vulnerability.

Ocean12 Technologies

Ocean12 Mailing List Manager 1.06

An input validation vulnerability has been reported that could let a
remote malicious user inject SQL commands. Input validation errors exist
in the 'Admin_id' and 'Admin_password' fields.

No workaround or patch available at time of publishing.

A Proof of Concept exploit has been published.

Raysoft

Video Cam Server 1.0.0

Several vulnerabilities have been reported that could let a remote
malicious user obtain files from the target system, determine the
installation path, and cause a Denial of Service. A remote user can obtain
files located outside of the web document directory by supplying a special
request, access an administration page to shutdown the camera or the web
service, and request a non-existent page to determine the installation
path.

No workaround or patch available at time of publishing.

A Proof of Concept exploit has been published.

Skype

Skype for Windows 1.2.0.0 to 1.2.0.46

A vulnerability has been reported that could let local malicious users
bypass the identity check for an authorized application, then call
arbitrary Skype API functions by modifying or replacing that
application.

Upgrade to Skype for Windows version 1.2.0.47 or higher: href="http://www.skype.com/download/">http://www.skype.com/download/

Currently we are not aware of any exploits for this
vulnerability.

soft3304

04WebServer 1.81

A input validation vulnerability has been reported that could let remote malicious users gain knowledge of sensitive information. The contents of files and folders one folder outside the document root could be exposed.

No workaround or patch available at time of publishing.

Currently we are not aware of any exploits for this vulnerability.

Software602

602LAN SUITE 2004.0.05.0413

A vulnerability has been reported that could let remote users detect
the presence of local files and cause a Denial of Service. No redirection
occurs when accessing the "mail" script with the "A" parameter referencing
a valid local file via directory traversal attacks.

No workaround or patch available at time of publishing.

A Proof of Concept exploit has been published.

StorePortal 2.63

Multiple SQL injection vulnerabilities have been reported in the
'default.asp' script, which could let a remote malicious user execute
arbitrary SQL code.

No workaround or patch available at time of publishing.

There is no exploit code required; however, Proofs of Concept exploits
have been published.

StumbleInside

GoText 1.01

A vulnerability has been reported that could let a local malicious user
view user configuration data. The software stores user information,
including username, e-mail address, and phone number in the 'Program
Files\GoText\GoText.bin' file.

No workaround or patch available at time of publishing.

A Proof of Concept exploit has been published.

Symantec

Web Security 3.x

Norton SystemWorks 2005

Norton Internet Security 2005

Norton AntiVirus 2005

Mail Security for SMTP 4.x

Mail Security for Exchange 4.x

AntiVirus/Filtering for Domino 3.x

AntiVirus Scan Engine 4.x

A vulnerability has been reported that could let a remote malicious
user bypass certain scanning functionality.This is due to an error in the
Symantec Antivirus component when processing encoded or archived content.
This can be exploited to crash the decomposer component when parsing a
specially crafted RAR file.

Updates are available via LiveUpdate and from the vendor: href="http://www.symantec.com/techsupp/">http://www.symantec.com/techsupp/

Currently we are not aware of any exploits for this
vulnerability.

Uapplication

Uguestbook
Ublog Reload
Uphotogallery

No workaround or patch available at time of publishing.

A Proof of Concept exploit has been published.

WWWguestbook 1.1

No workaround or patch available at time of publishing.

A Proof of Concept exploit has been published.

Apple

Mac OS X 10.0-10.0.4, 10.1-10.1.5, 10.2-10.2.8, 10.3-10.3.9, Mac OS X
Server 10.0-10.1.5, 10.2-10.2.8, 10.3-10.3.9

Version 10.4 of Apple Mac OS X reportedly fixes this vulnerability by
implementing proper default permissions on the pseudo terminal API.

There is no exploit code required.

Apple

Safari 1.3

No workaround or patch available at time of publishing.

Currently we are not aware of any exploits for this
vulnerability.

APSIS

Pound 1.8.2

Upgrade available at:
href="http://www.apsis.ch/pound/Pound-1.8.3.tgz"
target=_blank>http://www.apsis.ch/
pound/Pound-1.8.3.tgz

Currently we are not aware of any exploits for this
vulnerability.

Carnegie Mellon University

Cyrus IMAP Server 2.x

Update available at: href=" http://ftp.andrew.cmu.edu/pub/cyrus/cyrus-imapd-2.2.11.tar.gz">
http://ftp.andrew.cmu.edu/pub/
cyrus/cyrus-imapd-2.2.11.tar.gz

Gentoo: href="http://security.gentoo.org/glsa/glsa-200502-29.xml">
http://security.gentoo.org/
glsa/glsa-200502-29.xml

SUSE:
href="ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/xorg-x11-libs-6.8.1-15.3.i586.rpm"
target=_blank>ftp://ftp.SUSE.com/pub/SUSE

Ubuntu: href="http://security.ubuntu.com/ubuntu/pool/main/c/cyrus21-imapd/">
http://security.ubuntu.com/ubuntu/
pool/main/c/cyrus21-imapd/

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php">
http://www.mandrakesecure.net/
en/ftp.php

Conectiva: href="ftp://atualizacoes.conectiva.com.br/">
ftp://atualizacoes.conectiva.
com.br/

ALT Linux: href="http://lists.altlinux.ru/pipermail/security-announce/2005-March/000287.html">
http://lists.altlinux.ru/pipermail/
security-announce/2005-March
/000287.html

OpenPKG:
href="ftp://ftp.openpkg.org/release/2.2/UPD/">ftp://ftp.openpkg.org/release/

Fedora:
href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/">http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/3/

Currently we are not aware of any exploits for these
vulnerabilities.

Secunia Advisory,
SA14383,
February 24, 2005

Gentoo Linux Security Advisory, GLSA 200502-29,
February 23, 2005

SUSE Security Announcement,
SUSE-SA:2005:009, February 24, 2005

Ubuntu Security
Notice USN-87-1,
February 28, 2005

Mandrakelinux
Security Update Advisory,
MDKSA-2005:051, March
4, 2005

Conectiva Linux Security
Announcement,
CLA-2005:937,
March
17, 2005

ALTLinux Security Advisory,
March 29, 2005

OpenPKG Security Advisory,
OpenPKG-SA-2005.005,
April 5, 2005

Fedora Update Notification,
FEDORA-2005-339, April 27, 2005

Cocktail

Cocktail 3.5.4

A vulnerability has been reported because the administrator password is
passed insecurely, which could let a malicious user obtain sensitive
information.

No workaround or patch available at time of publishing.

There is no exploit code required.

Debian

CVS 1.11.1 p1

Debian:
href="http://security.debian.org/pool/updates/main/c/cvs/">http://security.debian.org/
pool/updates/main/c/cvs/

Currently we are not aware of any exploits for these
vulnerabilities.

ESRI

ArcInfo Workstation on UNIX 9.0

Several vulnerabilities have been reported: a format string
vulnerability was reported in the 'lockmgr' and 'wservice' applications,
which could let a malicious user execute arbitrary code with root
privileges; and a buffer overflow vulnerability was reported in the
'asmaster,' 'asrecovery,' 'asuser,' 'asutulity,' and 'se' applications due
to command line argument boundary errors, which could let a malicious user
execute arbitrary code with root privileges.

Patch available at:
href="http://support.esri.com/index.cfm?fa=downloads.patchesServicePacks.viewPatch&PID=14&MetaID=1015">http://support.esri.com/index.cfm?fa=
downloads.patchesServicePacks.
viewPatch&PID=14&MetaID=1015

Proof of Concept exploits have been published. An exploit script has
also been published for the format string vulnerability.

GNU

sharutils 4.2, 4.2.1

Multiple buffer overflow vulnerabilities exists due to a failure to
verify the length of user-supplied strings prior to copying them into
finite process buffers, which could let a remote malicious user cause a
Denial of Service or execute arbitrary code.

Gentoo: href="http://security.gentoo.org/glsa/glsa-200410-01.xml">
http://security.gentoo.org/
glsa/glsa-200410-01.xml

FedoraLegacy:
href="http://download.fedoralegacy.org/fedora/">http://download.fedoralegacy.
org/fedora/

Ubuntu:
href="http://security.ubuntu.com/ubuntu/pool/main/s/sharutils/">http://security.ubuntu.com/
ubuntu/pool/main/s/sharutils/

Fedora:
href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/">http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/

OpenPKG: href="ftp://ftp.openpkg.org/release">
ftp://ftp.openpkg.org/release

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php">
http://www.mandrakesecure.net/
en/ftp.php

RedHat:
href="http://rhn.redhat.com/errata/RHSA-2005-377.html">http://rhn.redhat.com/
errata/RHSA-2005-377.html

Trustix:
href="ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/">ftp://ftp.turbolinux.co.jp/
pub/TurboLinux/TurboLinux/ia32/

We are not aware of any exploits for these vulnerabilities.

Gentoo Linux
Security Advisory, GLSA 200410-01, October 1, 2004

Fedora Legacy
Update Advisory, FLSA:2155,
March 24, 2005

Ubuntu Security
Notice, USN-102-1 March 29, 2005

Fedora Update Notifications,
FEDORA-2005-
280 & 281, April
1, 2005

Mandrakelinux Security Update Advisory, MDKSA-2005:067, April 7, 2005

RedHat Security Advisory, RHSA-2005:377-07, April 26, 2005

Turbolinux Security Advisory, TLSA-2005-54, April 28, 2005

GNU

sharutils 4.2, 4.2.1

A vulnerability has been reported in the 'unshar' utility due to the
insecure creation of temporary files, which could let a malicious user
create/overwrite arbitrary files.

Ubuntu:
href="http://security.ubuntu.com/ubuntu/pool/main/s/sharutils/">http://security.ubuntu.com/
ubuntu/pool/main/s/sharutils/

Gentoo: href="http://security.gentoo.org/glsa/glsa-200504-06.xml">
http://security.gentoo.org/
glsa/glsa-200504-06.xml

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php">
http://www.mandrakesecure.net/
en/ftp.php

Fedora:
href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/">http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/

RedHat:
href="http://rhn.redhat.com/errata/RHSA-2005-377.html">http://rhn.redhat.com/
errata/RHSA-2005-377.html

Trustix:
href="ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/">ftp://ftp.turbolinux.co.jp/
pub/TurboLinux/TurboLinux/ia32/

There is no exploit code required.

Ubuntu Security
Notice, USN-104-1, April 4, 2005

Gentoo Linux Security Advisory, GLSA 200504-06, April 6, 2005

Mandrakelinux Security Update Advisory, MDKSA-2005:067, April 7, 2005

Fedora Update Notification,
FEDORA-2005-319, April 14, 2005

RedHat Security Advisory, RHSA-2005:377-07, April 26, 2005

Turbolinux Security Advisory, TLSA-2005-54, April 28,
2005

GNU

Lysator LSH 1.5-1.5.5, 2.0

A remote Denial of Service vulnerability has been reported due to an
unspecified error.

Upgrades available at:
href="http://www.lysator.liu.se/%7Enisse/archive/lsh-2.0.1.tar.gz"
target=_blank>http://www.lysator.liu.se/~nisse/
archive/

Patch available at:
href="ftp://ftp.lysator.liu.se/pub/security/lsh/lsh-2.0-2.0.1.diff.gz"
target=_blank>ftp://ftp.lysator.liu.se/pub/security/
lsh/lsh-2.0-2.0.1.diff.gz

Debian:
href="http://security.debian.org/pool/updates/main/l/lsh-utils/">http://security.debian.org/
pool/updates/main/l/lsh-utils/

Currently we are not aware of any exploits for this
vulnerability.

Secunia Advisory,
SA14609, March 17, 2005

Debian Security Advisory, DSA 717-1, April 27, 2005

GnuTLS

GnuTLS 1.2 prior to 1.2.3; 1.0 prior to 1.0.25

Updates available at:
href=" http://www.gnu.org/software/gnutls/download.html">http://www.gnu.org/software/
gnutls/download.html

Currently we are not aware of any exploits for this
vulnerability.

Hewlett Packard Company

OpenView Event Correlation Services 3.32, 3.33

Patches available at:
href="http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=PSD_HPSBMA01141">http://h20000.www2.hp.com/bizsupport/
TechSupport/Document.jsp?objectID=
PSD_HPSBMA01141

Currently we are not aware of any exploits for these
vulnerabilities.

HP Security Bulletin,
HPSBMA01141, May 2, 2005

Hewlett Packard Company

OpenView Network Node Manager 6.2, 6.4, 7.01, 7.50

Several vulnerabilities have been reported due to unspecified errors,
which could let a malicious user cause a Denial of Service or execute
arbitrary code.

Patches available at:
href="http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=PSD_HPSBMA01140">http://h20000.www2.hp.com/bizsupport/
TechSupport/Document.jsp?objectID=
PSD_HPSBMA01140

Currently we are not aware of any exploits for these
vulnerabilities.

Info-ZIP

Zip 2.3; Avaya CVLAN, Intuity LX, MN100, Modular Messaging (MSS) 1.1,
2.0, Network Routing

Ubuntu:
href="http://security.ubuntu.com/ubuntu/pool/main/z/zip/zip_2.30-6ubuntu0.1_amd64.deb"
target=_blank>http://security.ubuntu.com/
ubuntu/pool/main/z/zip/

Fedora: href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/">
http://download.fedora.redhat.com/pub
/fedora/linux/core/updates/

Gentoo: href="http://security.gentoo.org/glsa/glsa-200411-16.xml">
http://security.gentoo.org/glsa/
glsa-200411-16.xml

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php"
target=_blank>
http://www.mandrakesecure.net/
en/ftp.php

SUSE: href=" ftp://ftp.suse.com/pub/suse">
ftp://ftp.SUSE.com/pub/SUSE

Red Hat: href="http://rhn.redhat.com/errata/RHSA-2004-634.html">
http://rhn.redhat.com/errata/
RHSA-2004-634.html

Debian: href="http://www.debian.org/security/2005/dsa-624">
http://www.debian.org/
security/2005/dsa-624

TurboLinux: href="ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/">
ftp://ftp.turbolinux.co.jp/pub/
TurboLinux/TurboLinux/ia32/

Avaya: href="http://support.avaya.com/elmodocs2/security/ASA-2005-019_RHSA-2004-634.pdf">
http://support.avaya.com/elmodocs2/
security/ASA-2005-019_RHSA-2004-634.pdf

Fedora Legacy: href="http://download.fedoralegacy.org/redhat/">
http://download.fedoralegacy.org/
redhat/

href="http://download.fedoralegacy.org/fedora/1/updates/">http://download.fedoralegacy.org
/fedora/1/updates/

Slackware:
href="ftp://ftp.slackware.com/pub/slackware/">ftp://ftp.slackware.com/
pub/slackware/

Currently we are not aware of any exploits for this
vulnerability.

Bugtraq, November 3, 2004

Ubuntu Security Notice, USN-18-1, November 5, 2004

Fedora Update Notification,
FEDORA-2004-399 & FEDORA-2004-400,
November 8 & 9, 2004

Gentoo Linux Security Advisory, GLSA 200411-16, November 9, 2004

Mandrakelinux Security Update Advisory, MDKSA-2004:141, November 26,
2004

SUSE Security Summary Report, SUSE-SR:2004:003, December 7, 2004

Red Hat Advisory, RHSA-2004:634-08, December 16, 2004

Debian DSA-624-1, January 5, 2005

Turbolinux Security Announcement, 20050131, January 31,
2005

Avaya Security Advisory, ASA-2005-019, January 25,
200

Fedora Legacy Update Advisory, FLSA:2255, February 1,
2005

Slackware Security Advisory, SSA:2005-121-01, May
2, 2005

Joshua Chamas

Crypt::SSLeay 0.51

Ubuntu:
href="http://security.ubuntu.com/ubuntu/pool/main/libn/libnet-ssleay-perl/">http://security.ubuntu.com/ubuntu/
pool/main/libn/libnet-ssleay-perl/

There is no exploit code required.

Kalum Somaratna

ProZilla Download Accelerator 1.0 x, 1.3.0-1.3.4, 1.3.5 .2, 1.3.5 .1,
1.3.5-1.3.5.2 1.3.6

Debian:
href="http://security.debian.org/pool/updates/main/p/prozilla/p">http://security.debian.org/pool/
updates/main/p/prozilla/p

An exploit script has been published.

Security Focus, 12635, February 23, 2005

Debian Security Advisory, DSA 719-1, April 28, 2005

KDE

KDE 3.2-3.2.3, 3.3-3.3.2, 3.4,
KDE Quanta 3.1

A vulnerability has been reported due to a design error in Kommander,
which could let a remote malicious user execute arbitrary code.

Patches available at:
href="ftp://ftp.kde.org/pub/kde/security_patches/post-3.3.2-kdewebdev-kommander.diff"
target=_blank>ftp://ftp.kde.org/pub/kde/
security_patches/f

Gentoo: href="http://security.gentoo.org/glsa/glsa-200504-23.xml">
http://security.gentoo.org/
glsa/glsa-200504-23.xml

Fedora:
href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/">http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/3/

Currently we are not aware of any exploits for this
vulnerability.

KDE Security Advisory, April 20, 2005

Gentoo Linux Security Advisory, GLSA 200504-23, April 22, 200

Fedora Update Notification
FEDORA-2005-345, April 28, 2005

LBL

tcpdump 3.4 a6, 3.4, 3.5, alpha, 3.5.2, 3.6.2, 3.6.3, 3.7-3.7.2, class=bodytext>3.8.1 -3.8.3

Remote Denials of Service vulnerabilities have been reported due to the
way tcpdump decodes Border Gateway Protocol (BGP) packets, Label
Distribution Protocol (LDP) datagrams, Resource ReSerVation Protocol
(RSVP) packets, and Intermediate System to Intermediate System (ISIS)
packets.

Fedora:
href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/">http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/3/

Exploit scripts have been published.

Bugtraq, 396932, April 26, 2005

Fedora Update Notification,
FEDORA-2005-351, May 3, 2005

A Denial of Service vulnerability has been reported due to the creation
of an insecure file by the kernel it87 and via686a drivers.

Patch available at:
href="http://kernel.org/pub/linux/kernel/v2.6/patch-2.6.11.8.bz2"
target=_blank>http://kernel.org/pub/linux/
kernel/v2.6/patch-2.6.11.8.bz2

There is no exploit code required.

MandrakeSoft

lam-runtime-7.0.6-2mdk

A vulnerability has been reported in the LAM/MPI Runtime environment
due to the creation of an insecure account, which could let a local/remote
malicious user obtain unauthorized access.

No workaround or patch available at time of publishing.

There is no exploit code required.

Marc Lehmann

Convert-UUlib 1.50

Update available at:
href="http://search.cpan.org/dist/Convert-UUlib/">http://search.cpan.org/
dist/Convert-UUlib/

Gentoo: href="http://security.gentoo.org/glsa/glsa-200504-26.xml">
http://security.gentoo.org/
glsa/glsa-200504-26.xml

Currently we are not aware of any exploits for this
vulnerability.

Gentoo Linux Security Advisory, GLSA 200504-26, April 26, 2005

Secunia Advisory, SA15130, April 27,2 005

mtp-target.org

Mtp-Target for Windows 1.2.2 & prior, Mtp-Target for Linux 1.2.2
& prior

No workaround or patch available at time of publishing.

A Proof of Concept exploit script has been published.

Multiple Vendors

ImageMagick 6.0-6.0.8, 6.1-6.1.8, 6.2 .0.7, 6.2 .0.4, 6.2, 6.2.1

Upgrades available at:
href="http://www.imagemagick.org/script/binary-releases.php"
target=_blank>http://www.imagemagick.org/
script/binary-releases.php

Fedora:
href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/">http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/3/

A Proof of Concept exploit has been published.

Security Focus, 13351, April 25, 2005

Fedora Update Notification
FEDORA-2005-344, April 28, 2005

Multiple Vendors

KDE 2.0, beta, 2.0.1, 2.1-2.1.2, 2.2-2.2.2, 3.0-3.0.5, 3.1-3.1.5,
3.2-3.2.3, 3.3-3.3.2, 3.4; Novell Linux Desktop 9; SuSE E. Linux 9.1,
x86_64, 9.2, x86_64, 9.3, Linux Enterprise Server 9

Patches available at:
href="http://bugs.kde.org/attachment.cgi?id=10325&action=view">http://bugs.kde.org/attachment.cgi
?id=10325&action=view

href="http://bugs.kde.org/attachment.cgi?id=10326&action=view ">http://bugs.kde.org/attachment.cgi
?id=10326&action=view

SuSE:
href="ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kdelibs3-3.2.1-44.46.i586.rpm"
target=_blank>ftp://ftp.suse.com/pub/suse/

Gentoo: href="http://security.gentoo.org/glsa/glsa-200504-22.xml">
http://security.gentoo.org/
glsa/glsa-200504-22.xml

Debian:
href="http://security.debian.org/pool/updates/main/k/kdelibs/">http://security.debian.org/
pool/updates/main/k/kdelibs/

Fedora:
href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/">http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/3/

Denial of Service Proofs of Concept exploits have been published.

SUSE Security Announcement, SUSE-SA:2005:022, April 11, 2005

Gentoo Linux Security Advisory, GLSA 200504-22, April 22, 2005

Debian Security Advisory, DSA 714-1, April 26, 2005

Fedora Update Notification,
FEDORA-2005-350, May 2, 2005

Multiple Vendors

Larry Wall Perl 5.0 05_003, 5.0 05, 5.0 04_05, 5.0 04_04, 5.0 04, 5.0
03, 5.6, 5.6.1, 5.8, 5.8.1, 5.8.3, 5.8.4 -5, 5.8.4 -4, 5.8.4 -3, 5.8.4
-2.3, 5.8.4 -2, 5.8.4 -1, 5.8.4, 5.8.5, 5.8.6

Ubuntu:
href="http://security.ubuntu.com/ubuntu/pool/universe/p/perl/libcgi-fast-perl_5.8.4-2ubuntu0.4_all.deb"
target=_blank>http://security.ubuntu.com/
ubuntu/pool/universe/p/perl/

Gentoo: href="http://security.gentoo.org/glsa/glsa-200501-38.xml">
http://security.gentoo.org/glsa/
glsa-200501-38.xml

Debian: href="http://security.debian.org/pool/updates/main/p/perl/">
http://security.debian.org/pool
/updates/main/p/perl/

TurboLinux:
href="ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/">ftp://ftp.turbolinux.co.jp/pub/
TurboLinux/TurboLinux/ia32/

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php">
http://www.mandrakesecure.net/
en/ftp.php

Currently we are not aware of any exploits for this
vulnerability.

Ubuntu Security Notice, USN-94-1 March 09, 2005

Gentoo Linux Security Advisory [UPDATE], GLSA 200501-38:03, March 15,
2005

Debian Security Advisory, DSA 696-1 , March 22, 2005

Turbolinux Security Advisory, TLSA-2005-45, April 19, 2005

Mandriva Linux Security Update Advisory, MDKSA-2005:079, April
29, 2005

Multiple Vendors

Linux kernel 2.4 .0-test1-test12, 2.4-2.4.29, 2.6, 2.6-test1-test11,
2.6.1-2.6.11

Multiple vulnerabilities have been reported in the ISO9660 handling
routines, which could let a malicious user execute arbitrary code.

Fedora:
href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/">http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/

Ubuntu:
href="http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/">http://security.ubuntu.com/
ubuntu/pool/main/l/linux-source-2.6.8.1/

Fedora:
href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/">http://download.fedora.
redhat.com/pub/fedora/l
inux/core/updates/

RedHat:
href="http://rhn.redhat.com/errata/RHSA-2005-366.html">http://rhn.redhat.com/
errata/RHSA-2005-366.html

Conectiva:
href="ftp://atualizacoes.conectiva.com.br/">ftp://atualizacoes.conectiva.
com.br/

Currently we are not aware of any exploits for these
vulnerabilities.

Security Focus,
12837,
March 18, 2005

Fedora Security
Update Notification,
FEDORA-2005-262, March 28,
2005

Ubuntu Security Notice, USN-103-1, April 1, 2005

Fedora Update Notification
FEDORA-2005-313, April 11, 2005

RedHat Security Advisory, RHSA-2005:366-19, April 19, 2005

Conectiva Linux Security Announcement,
CLA-2005:952, May 2, 2005

Multiple Vendors

Perl

A race condition vulnerability was reported in the
'File::Path::rmtree()' function. A remote user may be able to obtain
potentially sensitive information. A remote user may be able to obtain
potentially sensitive information or modify files.

The vendor has released Perl version 5.8.4-5 to address this
vulnerability. Customers are advised to contact the vendor for information
regarding update availability.

Debian:
href="http://security.debian.org/pool/updates/main/p/perl/perl-doc_5.6.1-8.8_all.deb"
target=_blank>http://security.debian.org/pool/
updates/main/p/perl/

Ubuntu:
href="http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl-doc_5.8.4-2ubuntu0.2_all.deb"
target=_blank>http://security.ubuntu.com/
ubuntu/pool/main/p/perl/

OpenPKG:
href="ftp://ftp.openpkg.org/release/2.1/UPD/perl-5.8.4-2.1.1.src.rpm"
target=_blank>ftp://ftp.openpkg.org/release/
2.1/UPD/perl-5.8.4-2.1.1.src.rpm

Gentoo: href=" http://security.gentoo.org/glsa/glsa-200501-38.xml">
http://security.gentoo.org/
glsa/glsa-200501-38.xml

Mandrake: href="http://www.mandrakesoft.com/security/advisories?name=MDKSA-2005:031">
http://www.mandrakesoft.com/
security/advisories?name=
MDKSA-2005:031

SUSE: href="ftp://ftp.suse.com/pub/suse/">
ftp://ftp.suse.com/pub/suse/

Gentoo: href="http://security.gentoo.org/glsa/glsa-200501-38.xml">
http://security.gentoo.org
/glsa/glsa-200501-38.xml

Fedora:
href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/">http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/3/

Currently we are not aware of any exploits for this
vulnerability.

Multiple Vendors Perl File::Path::rmtree() Permission

Modification
Vulnerability

href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0452">CAN-2004-0452

Ubuntu Security Notice, USN-44-1, December 21, 2004

Debian Security Advisory, DSA 620-1, December 30, 2004

OpenPKG Security Advisory, OpenPKG-SA-2005.001, January 11, 2005

Gentoo Linux Security Advisory, GLSA 200501-38, January 26, 2005

MandrakeSoft Security Advisory, MDKSA-2005:031, February 8, 2005

SUSE Security Summary Report, SUSE-SR:2005:004, February 11, 2005

Gentoo Linux Security Advisory [UPDATE], GLSA 200501-38:03, March 15,
2005

Fedora Update Notification,
FEDORA-2005-353, May 2, 2005

Multiple Vendors

Squid Web Proxy Cache 2.5 .STABLE9, .STABLE8, .STABLE7

A vulnerability exists when using the Netscape Set-Cookie
recommendations for handling cookies in caches due to a race condition,
which could let a malicious user obtain sensitive information.

Patches available at:
href="http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE9-setcookie.patch"
target=_blank>http://www.squid-cache.org/Versions
/v2/2.5/bugs/squid-2.5.STABLE9-setcookie.patch

Ubuntu: href=" http://security.ubuntu.com/ubuntu/pool/main/s/squid/">
http://security.ubuntu.com/ubuntu/
pool/main/s/squid/

Fedora:
href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/">http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/

Conectiva:
href="ftp://atualizacoes.conectiva.com.br/">ftp://atualizacoes.
conectiva.com.br/

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php">
http://www.mandrakesecure.net/
en/ftp.php

There is no exploit code required.

Secunia Advisory, SA14451,
March 3, 2005

Ubuntu Security
Notice,
USN-93-1
March 08, 2005

Fedora Update Notifications,
FEDORA-2005-
275 & 276,

March 30, 2005

Conectiva Linux Security Announcement, CLA-2005:948, April 27,
2005

Mandriva Linux Security Update Advisory, MDKSA-2005:078, April
29, 2005

Multiple Vendors

Concurrent Versions System (CVS) 1.x;Gentoo Linux; SuSE Linux 8.2, 9.0,
9.1, x86_64, 9.2, x86_64, 9.3, Linux Enterprise Server 9, 8,
Open-Enterprise-Server 9.0, School-Server 1.0, SUSE CORE 9 for x86,
UnitedLinux 1.0

Multiple vulnerabilities have been reported: a buffer overflow
vulnerability was reported due to an unspecified boundary error, which
could let a remote malicious user potentially execute arbitrary code; a
remote Denial of Service vulnerability was reported due to memory leaks
and NULL pointer dereferences; an unspecified error was reported due to an
arbitrary free (the impact was not specified), and several errors were
reported in the contributed Perl scripts, which could let a remote
malicious user execute arbitrary code.

Update available at:
href="https://ccvs.cvshome.org/servlets/ProjectDocumentList">https://ccvs.cvshome.org/
servlets/ProjectDocumentList

Gentoo:
href="http://security.gentoo.org/glsa/glsa-200504-16.xml">http://security.gentoo.org/
glsa/glsa-200504-16.xml

SuSE:
href="ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/cvs-1.11.5-116.i586.rpm"
target=_blank>ftp://ftp.suse.com/pub/suse/i

Fedora: href=" http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/">
http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/3/

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php">
http://www.mandrakesecure.net/
en/ftp.php

Trustix: href="http://http.trustix.org/pub/trustix/updates/">
http://http.trustix.org/pub/
trustix/updates/

FreeBSD:
href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/S">ftp://ftp.FreeBSD.org/pub/

Peachtree: href="http://peachtree.burdell.org/updates/">
http://peachtree.burdell.org/
updates/

RedHat: href="http://rhn.redhat.com/errata/RHSA-2005-387.html">
http://rhn.redhat.com/errata/
RHSA-2005-387.html

OpenBSD: href="http://www.openbsd.org/errata.html#cvs">
http://www.openbsd.org/
errata.html#cvs

TurboLinux:
href="ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/">ftp://ftp.turbolinux.co.jp/p
ub/TurboLinux/TurboLinux/ia32/

Currently we are not aware of any exploits for these
vulnerabilities.

Gentoo Linux Security Advisory, GLSA 200504-16, April 18, 2005

SuSE Security Announcement, SUSE-SA:2005:024, April 18, 2005

Secunia Advisory, SA14976, April 19, 2005

Fedora Update Notification,
FEDORA-2005-330, April 20, 2006

Mandriva Linux Security Update Advisory, MDKSA-2005:073, April 21, 2005

Trustix Secure Linux Security Advisory, TSLSA-2005-0013, April 21, 2005

Gentoo Linux Security Advisory [UPDATE], GLSA 200504-16:02, April 22,
2005

FreeBSD Security Advisory, FreeBSD-SA-05:05, April 22, 2005

Peachtree Linux Security Notice, PLSN-0005, April 22, 2005

RedHat Security Advisory, RHSA-2005:387-06, April 25, 2005

Turbolinux Security Advisory, TLSA-2005-51, April 28, 2005

Multiple Vendors

Larry Wall Perl 5.8, 5.8.1, 5.8.3, 5.8.4, 5.8.4 -1-5.8.4-5; Ubuntu
Linux 4.1 ppc, ia64, ia32

Ubuntu:
href="http://security.ubuntu.com/ubuntu/pool/universe/p/perl/libcgi-fast-perl_5.8.4-2ubuntu0.3_all.deb"
target=_blank>http://security.ubuntu.com/
ubuntu/pool/universe/p/perl/

Gentoo: href="http://security.gentoo.org/glsa/glsa-200502-13.xml">
http://security.gentoo.org/
glsa/glsa-200502-13.xml

Mandrake: href="http://www.mandrakesoft.com/security/advisories?name=MDKSA-2005:031">
http://www.mandrakesoft.com/security/
advisories?name=MDKSA-2005:031

RedHat: href="http://rhn.redhat.com/errata/RHSA-2005-105.html">
http://rhn.redhat.com/errata/
RHSA-2005-105.html

SGI: href="ftp://oss.sgi.com/projects/sgi_propack/download/3/updates/">
ftp://oss.sgi.com/projects/
sgi_propack/download/3/updates/

SUSE: href="ftp://ftp.suse.com/pub/suse/">
ftp://ftp.suse.com/pub/suse/

Trustix: href="http://www.trustix.org/errata/2005/0003/">
http://www.trustix.org/errata/2005/0003/

IBM: href="ftp://aix.software.ibm.com/aix/efixes/security/perl58x.tar.Z">
ftp://aix.software.ibm.com/
aix/efixes/security/perl58x.tar.Z

Fedora:
href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/">http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/3/

Proofs of Concept exploits have been published.

Ubuntu Security Notice, USN-72-1, February 2, 2005

MandrakeSoft Security Advisory, MDKSA-2005:031, February 9, 2005

RedHat Security Advisory, RHSA-2005:105-11, February 7, 2005

SGI Security Advisory, 20050202-01-U, February 9, 2005

SUSE Security Summary Report, SUSE-SR:2005:004, February 11, 2005

Gentoo Linux Security Advisory, GLSA 200502-13, February 11, 2005

Trustix Secure Linux Security Advisory, TSLSA-2005-0003,February 11,
2005

IBM SECURITY ADVISORY, February 28, 2005

Fedora Update Notification,
FEDORA-2005-353, May 2,
2005

Multiple Vendors

Linux kernel 2.4-2.4.29, 2.6 .10, 2.6-2.6.11

A vulnerability has been reported in the 'bluez_sock_create()' function
when a negative integer value is submitted, which could let a malicious
user execute arbitrary code with root privileges.

Patches available at:
href="http://www.kernel.org/pub/linux/kernel/v2.4/testing/patch-2.4.30-rc3.bz2"
target=_blank>http://www.kernel.org/pub/linux/
kernel/v2.4/testing/patch-
2.4.30-rc3.bz2

Fedora:
href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/">http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/

SUSE:
href="ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/xorg-x11-libs-6.8.1-15.3.i586.rpm"
target=_blank>ftp://ftp.SUSE.com/pub/SUSE

Trustix:
href="http://http.trustix.org/pub/trustix/updates/">http://http.trustix.org/pub/
trustix/updates/

Fedora:
href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/">http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/

RedHat:
href="http://rhn.redhat.com/errata/RHSA-2005-366.html">http://rhn.redhat.com/
errata/RHSA-2005-366.html

RedHat:
href="http://rhn.redhat.com/errata/RHSA-2005-283.html">http://rhn.redhat.com/
errata/RHSA-2005-283.html

href="http://rhn.redhat.com/errata/RHSA-2005-284.html">http://rhn.redhat.com/
errata/RHSA-2005-284.html

Conectiva:
href="ftp://atualizacoes.conectiva.com.br/">ftp://atualizacoes.conectiva.
com.br/

A Proof of Concept exploit script has been published.

Security Tracker
Alert, 1013567,
March 27, 2005

SUSE Security Announcement, SUSE-SA:2005
:021, April 4, 2005

Trustix Secure
Linux Security Advisory,
TSLSA-2005-0011, April
5, 2005

US-CERT

VU#685461

Fedora Update Notification
FEDORA-2005-313, April 11, 2005

RedHat Security Advisory, RHSA-2005:366-19, April 19, 2005

RedHat Security Advisories, RHSA-2005:283-15 &
RHSA-2005:284-11, April 28, 2005

Conectiva Linux Security Announcement,
CLA-2005:952, May 2, 2005

Multiple Vendors

Linux kernel 2.4-2.4.30

A Denial of Service vulnerability has been reported due to a failure to
handle system calls that contain missing arguments.

RedHat:
href="http://rhn.redhat.com/errata/RHSA-2005-293.html">http://rhn.redhat.com/
errata/RHSA-2005-293.html

href="http://rhn.redhat.com/errata/RHSA-2005-284.html">http://rhn.redhat.com/
errata/RHSA-2005-284.html

Currently we are not aware of any exploits for this
vulnerability.

Multiple Vendors

Linux Kernel 2.6.10, 2.6 -test1-test11, 2.6-2.6.11

A Denial of Service vulnerability has been reported in the
'load_elf_library' function.

Patches available at:
href="http://www.kernel.org/pub/linux/kernel/v2.6/patch-2.6.11.6.bz2"
target=_blank>http://www.kernel.org/pub/
linux/kernel/v2.6/patch-2.6.11.6.bz2

Fedora:
href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/">http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/2/

Trustix:
href="http://http.trustix.org/pub/trustix/updates/">http://http.trustix.org/pub/
trustix/updates/

Fedora:
href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/">http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/

RedHat:
href="http://rhn.redhat.com/errata/RHSA-2005-366.html">http://rhn.redhat.com/
errata/RHSA-2005-366.html

Conectiva:
href="ftp://atualizacoes.conectiva.com.br/">ftp://atualizacoes.conectiva.
com.br/

Currently we are not aware of any exploits for this
vulnerability.

Fedora Security
Update Notification,
FEDORA-2005-262, March 28,
2005

Trustix Secure
Linux Security Advisory,
TSLSA-2005-0011, April
5, 2005

Fedora Update Notification
FEDORA-2005-313, April 11, 2005

RedHat Security Advisory, RHSA-2005:366-19, April 19, 2005

Conectiva Linux Security Announcement,
CLA-2005:952, May 2, 2005

Multiple Vendors

Linux kernel 2.6.10, 2.6 -test9-CVS, 2.6 -test1-test11, 2.6, 2.6.1
rc1&rc2, 2.6.1-2.6.8

A remote Denial of Service vulnerability has been reported in the
Point-to-Point Protocol (PPP) Driver.

Ubuntu:
href="http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/">http://security.ubuntu.com/ubuntu/
pool/main/l/linux-source-2.6.8.1/

Trustix: href="http://http.trustix.org/pub/trustix/updates">
http://http.trustix.org/pub/
trustix/updates

SUSE:
href="ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/xorg-x11-libs-6.8.1-15.3.i586.rpm"
target=_blank>ftp://ftp.SUSE.com/pub/SUSE

Fedora:
href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/">http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/2/

ALTLinux:
href="http://lists.altlinux.ru/pipermail/security-announce/2005-March/000287.html">http://lists.altlinux.ru/
pipermail/security-announce/
2005-March/000287.html

Fedora:
href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/">http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/

RedHat:
href="http://rhn.redhat.com/errata/RHSA-2005-366.html">http://rhn.redhat.com/
errata/RHSA-2005-366.html

RedHat:
href="http://rhn.redhat.com/errata/RHSA-2005-283.html">http://rhn.redhat.com/
errata/RHSA-2005-283.html

href="http://rhn.redhat.com/errata/RHSA-2005-284.html">http://rhn.redhat.com/
errata/RHSA-2005-284.html

Conectiva:
href="ftp://atualizacoes.conectiva.com.br/">ftp://atualizacoes.
conectiva.com.br/

Currently we are not aware of any exploits for this vulnerability.

Ubuntu Security Notice, USN-95-1 March 15, 2005

Trustix Secure Linux Security Advisory, TSL-2005-0009, March 21, 2005

SUSE Security Announcement, SUSE-SA:2005:018, March 24, 2005

Fedora Security Update Notification,
FEDORA-2005-262, March 28,
2005

ALTLinux Security Advisory, March 29, 2005

Fedora Update Notification
FEDORA-2005-313, April 11, 2005

RedHat Security Advisory, RHSA-2005:366-19, April 19, 2005

RedHat Security Advisories, RHSA-2005:283-15 &
RHSA-2005:284-11, April 28, 2005

Conectiva Linux Security Announcement, CLA-2005:952, May 2,
2005

Multiple Vendors

Linux kernel 2.6.10, 2.6 -test9-CVS, 2.6-test1- -test11, 2.6,
2.6.1-2.6.11 ; RedHat Desktop 4.0, Enterprise Linux WS 4, ES 4, AS 4

Multiple vulnerabilities exist: a vulnerability exists in the 'shmctl'
function, which could let a malicious user obtain sensitive information; a
Denial of Service vulnerability exists in 'nls_ascii.c' due to the use of
incorrect table sizes; a race condition vulnerability exists in the
'setsid()' function; and a vulnerability exists in the OUTS instruction on
the AMD64 and Intel EM64T architecture, which could let a malicious user
obtain elevated privileges.

RedHat: href="https://rhn.redhat.com/errata/RHSA-2005-092.html">
https://rhn.redhat.com/errata/
RHSA-2005-092.html

Ubuntu: href="http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/">
http://security.ubuntu.com/ubuntu/
pool/main/l/linux-source-2.6.8.1/

Conectiva: href="ftp://atualizacoes.conectiva.com.br/1">
ftp://atualizacoes.conectiva.
com.br/

SUSE:
href="ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/xorg-x11-libs-6.8.1-15.3.i586.rpm"
target=_blank>ftp://ftp.SUSE.com/pub/SUSE

Fedora:
href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/">http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/2/

Conectiva:
href="ftp://atualizacoes.conectiva.com.br/10/">ftp://atualizacoes.conectiva.
com.br/10/

Fedora:
href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/">http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/

RedHat:
href="http://rhn.redhat.com/errata/RHSA-2005-366.html">http://rhn.redhat.com/
errata/RHSA-2005-366.html

RedHat:
href="http://rhn.redhat.com/errata/RHSA-2005-283.html">http://rhn.redhat.com/
errata/RHSA-2005-283.html

href="http://rhn.redhat.com/errata/RHSA-2005-284.html">http://rhn.redhat.com/
errata/RHSA-2005-284.html

Currently we are not aware of any exploits for these
vulnerabilities.

Ubuntu Security
Notice, USN-82-1, February 15, 2005

RedHat Security Advisory,
RHSA-2005:092-14, February 18, 2005

SUSE Security Announcement,
SUSE-SA:2005:018, March 24, 2005

Fedora Security
Update Notification,
FEDORA-2005-262, March 28,
2005

Conectiva Linux Security Announcement,
CLA-2005:945,
March 31,
2005

Fedora Update Notification
FEDORA-2005-313, April 11, 2005

RedHat Security Advisory, RHSA-2005:366-19, April 19, 2005

RedHat Security Advisories, RHSA-2005:283-15 &
RHSA-2005:284-11, April 28, 2005

Multiple Vendors

Linux kernel 2.6.10, 2.6, -test1-test 11, 2.6.1- 2.6.11;
RedHat
Fedora Core2

Patches available at:
href="http://www.kernel.org/pub/linux/kernel/v2.6/patch-2.6.11.6.bz2"
target=_blank>http://www.kernel.org/pub/linux/
kernel/v2.6/patch-2.6.11.6.bz2

Fedora:
href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/">http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/2/

Trustix:
href="http://http.trustix.org/pub/trustix/updates/">http://http.trustix.org/pub/
trustix/updates/

Fedora:
href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/">http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/

RedHat:
href="http://rhn.redhat.com/errata/RHSA-2005-366.html">http://rhn.redhat.com/
errata/RHSA-2005-366.html

Conectiva:
href="ftp://atualizacoes.conectiva.com.br/">ftp://atualizacoes.conectiva.
com.br/

Currently we are not aware of any exploits for this
vulnerability.

Security Focus,
12932,
March 29, 2005

Trustix Secure
Linux Security Advisory,
TSLSA-2005-0011, April
5, 2005

Fedora Update Notification
FEDORA-2005-313, April 11, 2005

RedHat Security Advisory, RHSA-2005:366-19, April 19, 2005

Conectiva Linux Security Announcement,
CLA-2005:952, May 2, 2005

Multiple Vendors

Linux kernel 2.6.10, 2.6, -test9-CVS, -test1-test11, 2.6.1-2.6.9;

RedHat Desktop 4.0, Enterprise Linux WS 4, ES 4, AS 4

A Denial of Service vulnerability has been reported in the
'Unw_Unwind_To_User' function.

RedHat;
href="http://rhn.redhat.com/errata/RHSA-2005-366.html">http://rhn.redhat.com/
errata/RHSA-2005-366.html

href="http://rhn.redhat.com/errata/RHSA-2005-293.html">http://rhn.redhat.com/
errata/RHSA-2005-293.html

RedHat:
href="http://rhn.redhat.com/errata/RHSA-2005-284.html">http://rhn.redhat.com/
errata/RHSA-2005-284.html

Currently we are not aware of any exploits for this
vulnerability.

RedHat Security Advisory, RHSA-2005:366-19 & RHSA-2005-2935 , April
19 & 22, 2005

RedHat Security Advisory, RHSA-2005:284-11, April 28, 2005

Multiple Vendors

Linux kernel 2.6-2.6.11

A vulnerability has been reported in 'SYS_EPoll_Wait' due to a failure
to properly handle user-supplied size values, which could let a malicious
user obtain elevated privileges.

Ubuntu: href="http://security.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.8.1/">
http://security.ubuntu.com/ubuntu/
pool/main/l/linux-source-2.6.8.1

Fedora:
href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/">http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/

RedHat:
href="http://rhn.redhat.com/errata/RHSA-2005-366.html">http://rhn.redhat.com/
errata/RHSA-2005-366.html

Conectiva:
href="ftp://atualizacoes.conectiva.com.br/">ftp://atualizacoes.conectiva.
com.br/

An exploit script has been published.

Security Focus, 12763, March 8, 2005

Ubuntu Security Notice, USN-95-1 March 15, 2005

Security Focus, 12763, March 22, 2005

Fedora Security Update Notification,
FEDORA-2005-262, March 28,
2005

Fedora Update Notification
FEDORA-2005-313, April 11, 2005

RedHat Security Advisory, RHSA-2005:366-19, April 19, 2005

Conectiva Linux Security Announcement,
CLA-2005:952, May 2, 2005

Multiple Vendors

RedHat Fedora Core3, Core2;
Rob Flynn Gaim 1.2; Peachtree Linux
release 1

Upgrade available at:
href="http://gaim.sourceforge.net/downloads.php"
target=_blank>http://gaim.sourceforge.net/
downloads.php

Fedora:
href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/">http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/

Gentoo:
href="http://security.gentoo.org/glsa/glsa-200504-05.xml">http://security.gentoo.org/
glsa/glsa-200504-05.xml

RedHat:
href="http://rhn.redhat.com/errata/RHSA-2005-365.html">http://rhn.redhat.com/
errata/RHSA-2005-365.html

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php">
http://www.mandrakesecure.net/
en/ftp.php

SGI:
href="http://www.sgi.com/support/security/">http://www.sgi.com/support/
security/

Peachtree: href="http://peachtree.burdell.org/updates/">
http://peachtree.burdell.org/
updates/

Conectiva:
href="ftp://atualizacoes.conectiva.com.br/">ftp://atualizacoes.
conectiva.com.br/

There is no exploit code required.

Fedora Update Notifications,
FEDORA-2005-
298 & 299,

April 5, 2005

Gentoo Linux Security Advisory, GLSA 200504-05, April 06, 2005

RedHat Security Advisory, RHSA-2005:365-06, April 12, 2005

Mandriva Linux Security Update Advisory, MDKSA-2005:071, April 14, 2005

SGI Security Advisory, 20050404-01-U, April 20, 2005

Peachtree Linux Security Notice, PLSN-0001, April 21, 2005

Conectiva Linux Security Announcement, CLA-2005:949, April 27,
2005

Multiple Vendors

RedHat Fedora Core3, Core2;
Rob Flynn Gaim 1.2; Ubuntu Linux 4.1
ppc, ia64, ia32; Peachtree Linux release 1

Update available at:
href="http://gaim.sourceforge.net/downloads.php"
target=_blank>http://gaim.sourceforge.net
/downloads.php

Fedora:
href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/">http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/

Ubuntu:
href="http://security.ubuntu.com/ubuntu/pool/main/g/gaim/">http://security.ubuntu.com/
ubuntu/pool/main/g/gaim/

Gentoo:
href="http://security.gentoo.org/glsa/glsa-200504-05.xml">http://security.gentoo.org/
glsa/glsa-200504-05.xml

RedHat:
href="http://rhn.redhat.com/errata/RHSA-2005-365.html">http://rhn.redhat.com/
errata/RHSA-2005-365.html

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php">
http://www.mandrakesecure.net/
en/ftp.php

SGI:
href="http://www.sgi.com/support/security/">http://www.sgi.com/support/
security/

Peachtree: href="http://peachtree.burdell.org/updates/">
http://peachtree.burdell.org/
updates/

Conectiva:
href="ftp://atualizacoes.conectiva.com.br/">ftp://atualizacoes.
conectiva.com.br/

Currently we are not aware of any exploits for these
vulnerabilities.

Fedora Update Notifications,
FEDORA-2005
-298 & 299,

April 5, 2005

Ubuntu Security
Notice,
USN-106-1
April 05, 2005

Gentoo Linux Security Advisory, GLSA 200504-05, April 06, 2005

RedHat Security Advisory, RHSA-2005:365-06, April 12, 2005

Mandriva Linux Security Update Advisory, MDKSA-2005:071, April 14, 2005

SGI Security Advisory, 20050404-01-U, April 20, 2005

Peachtree Linux Security Notice, PLSN-0001, April 21, 2005

Conectiva Linux Security Announcement, CLA-2005:949, April 27,
2005

Multiple Vendors

Squid Web Proxy Cache 2.0 PATCH2, 2.1 PATCH2, 2.3 STABLE5, 2.3 STABLE4,
2.4 STABLE7, 2.4 STABLE6, 2.4, STABLE2, 2.5 STABLE3-STABLE7, 2.5
STABLE1

Patches available at:
href="http://www.squid-cache.org/Versions/v2/2.5/squid-2.5.STABLE9.tar.gz"
target=_blank>http://www.squid-cache.org/
Versions/v2/2.5/squid-
2.5.STABLE9.tar.gz

There is no exploit code required.

Multiple Vendors

Squid Web Proxy Cache 2.0 PATCH2, 2.1 PATCH2, 2.3 STABLE5, 2.3 STABLE4,
2.4 STABLE7, 2.4 STABLE6, 2.4, STABLE2, 2.5 STABLE3-STABLE7, 2.5
STABLE1

Patches available at:
href="http://www.squid-cache.org/Versions/v2/2.5/squid-2.5.STABLE9.tar.gz"
target=_blank>http://www.squid-cache.org/
Versions/v2/2.5/squid-
2.5.STABLE9.tar.gz

There is no exploit code required.

Multiple Vendors

X.org X11R6 6.7.0, 6.8, 6.8.1;
XFree86 X11R6 3.3, 3.3.2-3.3.6, 4.0,
4.0.1, 4.0.2 -11, 4.0.3, 4.1.0, 4.1 -12, 4.1 -11, 4.2 .0, 4.2.1 Errata,
4.2.1, 4.3.0.2, 4.3.0.1, 4.3.0

An integer overflow vulnerability exists in 'scan.c' due to
insufficient sanity checks on on the 'bitmap_unit' value, which could let
a remote malicious user execute arbitrary code.

Patch available at: alink="#999999">
face="Arial, Helvetica"> href="https://bugs.freedesktop.org/attachment.cgi?id=1909">https://bugs.freedesktop.org/
attachment.cgi?id=1909

Gentoo: href="http://security.gentoo.org/glsa/glsa-200503-08.xml">
http://security.gentoo.org/glsa/
glsa-200503-08.xml

Ubuntu: href="http://security.ubuntu.com/ubuntu/pool/main/l/lesstif1-1/">
http://security.ubuntu.com/ubuntu/
pool/main/l/lesstif1-1/

Gentoo: href=" http://security.gentoo.org/glsa/glsa-200503-15.xml">
http://security.gentoo.org/
glsa/glsa-200503-15.xml

Ubuntu: href="http://security.ubuntu.com/ubuntu/pool/main/x/xfree86/">
http://security.ubuntu.com/
ubuntu/pool/main/x/xfree86/

ALTLinux:
href="http://lists.altlinux.ru/pipermail/security-announce/2005-March/000287.html">http://lists.altlinux.ru/
pipermail/security-announce/
2005-March/000287.html

Fedora:
href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/">http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/

RedHat:
href="http://rhn.redhat.com/errata/RHSA-2005-331.html">http://rhn.redhat.com/errata/
RHSA-2005-331.html

SGI:
href="ftp://oss.sgi.com/projects/sgi_propack/download/3/updates/">ftp://oss.sgi.com/projects/
sgi_propack/download/3/updates/

RedHat: href="http://rhn.redhat.com/errata/RHSA-2005-044.html">
http://rhn.redhat.com/errata/
RHSA-2005-044.html

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php">
http://www.mandrakesecure.net/
en/ftp.php

Currently we are not aware of any exploits for this
vulnerability.

Security Focus,
12714,
March 2, 2005

Gentoo Linux
Security Advisory,
GLSA 200503-08, March 4, 2005

Ubuntu Security
Notice, USN-92-1 March 07, 2005

Gentoo Linux
Security Advisory, GLSA 200503-15,
March 12, 2005

Ubuntu Security
Notice, USN-97-1
March 16, 2005

ALTLinux Security Advisory, March 29, 2005

Fedora Update Notifications,
FEDORA-2005
-272 & 273,

March 29, 2005

RedHat Security Advisory,
RHSA-2005:
331-06,
March 30, 2005

SGI Security Advisory, 20050401-01-U, April 6, 2005

RedHat Security Advisory, RHSA-2005:044-15, April 6, 2005

Mandriva Linux Security Update Advisory, MDKSA-2005:080, April
29, 2005

Multiple Vendors

xli 1.14-1.17

A vulnerability exists due to a failure to manage internal buffers
securely, which could let a remote malicious user execute arbitrary code.

Gentoo: href="http://security.gentoo.org/glsa/glsa-200503-05.xml">
http://security.gentoo.org/
glsa/glsa-200503-05.xml

Debian: href="http://security.debian.org/pool/updates/main/x/xli/">
http://security.debian.org/
pool/updates/main/x/xli/

ALTLinux:
href="http://lists.altlinux.ru/pipermail/security-announce/2005-March/000287.html">http://lists.altlinux.ru/
pipermail/security-announce/
2005-March/000287.html

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php">
http://www.mandrakesecure.net/
en/ftp.php

SUSE:
href="ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/xorg-x11-libs-6.8.1-15.3.i586.rpm"
target=_blank>ftp://ftp.SUSE.com/pub/SUSE

Currently we are not aware of any exploits for this
vulnerability.

Gentoo Linux Security Advisory, GLSA 200503-05, March 2, 2005

Debian Security Advisory, DSA 695-1, March 21, 2005

ALTLinux Security Advisory, March 29, 2005

Mandriva Linux Security Update Advisory, MDKSA-2005:076, April 21, 2005

SUSE Security Summary Report, SUSE-SR:2005:012, April 29, 2005

Multiple Vendors

xli 1.14-1.17; xloadimage 3.0, 4.0, 4.1

Gentoo: href="http://security.gentoo.org/glsa/glsa-200503-05.xml">
http://security.gentoo.org/
glsa/glsa-200503-05.xml

Debian: href="http://security.debian.org/pool/updates/main/x/xli/">
http://security.debian.org/
pool/updates/main/x/xli/

Fedora:
href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/">http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates/

TurboLinux:
href="%20ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/">ftp://ftp.turbolinux.co.jp/pub/
TurboLinux/TurboLinux/ia32/

RedHat: href="http://rhn.redhat.com/errata/RHSA-2005-332.html">
http://rhn.redhat.com/errata/
RHSA-2005-332.html

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php">
http://www.mandrakesecure.net/
en/ftp.php

SUSE:
href="ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/xorg-x11-libs-6.8.1-15.3.i586.rpm"
target=_blank>ftp://ftp.SUSE.com/pub/SUSE

Currently we are not aware of any exploits for this
vulnerability.

Gentoo Linux Security Advisory, GLSA 200503-05, March 2, 2005

Fedora Update Notifications,
FEDORA-2005-236 & 237, March 18,
2005

Debian Security Advisory, DSA 695-1, March 21, 2005

Turbolinux Security Advisory, TLSA-2005-43, April 19, 2005

RedHat Security Advisory, RHSA-2005:332-10, April 19, 2005

Mandriva Linux Security Update Advisory, MDKSA-2005:076, April 21, 2005

SUSE Security Summary Report, SUSE-SR:2005:012, April 29, 2005

Nokia

Affix Bluetooth Protocol Stack 3.1.1, 3.2

A vulnerability has been reported in the 'affix_sock_register' due to a
failure to properly handle user-supplied buffer size parameters, which
could let a malicious user obtain elevated privileges.

No workaround or patch available at time of publishing.

A Proof of Concept exploit has been published.

Novell

Evolution 2.0.2, 2.0.3

A remote Denial of Service vulnerability has been reported due to the
way messages are processed that contained malformed unicode
specifications.

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php">
http://www.mandrakesecure.net/
en/ftp.php

Conectiva:
href="ftp://atualizacoes.conectiva.com.br/">ftp://atualizacoes.
conectiva.com.br/

Currently we are not aware of any exploits for this
vulnerability.

Mandrakelinux
Security Update Advisory, MDKSA-2005:059, March 17,
2005

Conectiva Linux Security Announcement, CLA-2005:950, April 27,
2005

Open WebMail

Open WebMail prior to 2.51 20050430

A vulnerability has been reported due to insufficient sanitization of
input before using in an 'open()' call, which could let an authenticated
remote malicious user execute arbitrary code.

Patches available at: alink="#999999">
face="Arial, Helvetica"> href="http://openwebmail.org/openwebmail/download/cert/patches/SA-05:02/">http://openwebmail.org/openwebmail/
download/cert/patches/SA-05:02/

Currently we are not aware of any exploits for this
vulnerability.
href=" http://openwebmail.org/openwebmail/download/">

osTicket.com

osTicket 1.x

Multiple vulnerabilities have been reported: a vulnerability was
reported due to insufficient sanitization of unspecified input, which
could let a remote malicious user execute arbitrary HTML and script code;
a vulnerability was reported when adding a ticket due to insufficient
sanitization of the name and subject fields, which could let a remote
malicious user execute arbitrary HTML and script code; a vulnerability was
reported due to insufficient sanitization of the 'id' and 'cat' parameters
before using in a SQL query, which could let a remote malicious user
execute arbitrary SQL code; a vulnerability was reported in 'main.php' due
to insufficient verification of the 'include_dir' parameter, which could
let a local/remote malicious user include arbitrary files; and a
vulnerability was reported in 'attachments.php' due to an input validation
error when handling the 'file' parameter, which could let a remote
malicious user obtain sensitive information.

No workaround or patch available at time of publishing.

Proofs of Concept exploits have been published.

PHP Group

PHP 4.3-4.3.10; Peachtree Linux release 1

Upgrades available at:
href="http://ca.php.net/get/php-4.3.11.tar.gz/from/a/mirror"
target=_blank>http://ca.php.net/get/php
4.3.11.tar.gz/from/a/mirror

Ubuntu:
href="http://security.ubuntu.com/ubuntu/pool/main/p/php4/">http://security.ubuntu.com/
ubuntu/pool/main/p/php4/

Gentoo:
href="http://security.gentoo.org/glsa/glsa-200504-15.xml">http://security.gentoo.org/
glsa/glsa-200504-15.xml

Fedora:
href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/">http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php">
http://www.mandrakesecure.net/
en/ftp.php

Peachtree: href="http://peachtree.burdell.org/updates/">
http://peachtree.burdell.org/
updates/

TurboLinux:
href="ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/">ftp://ftp.turbolinux.co.jp/p
ub/TurboLinux/TurboLinux/ia32/

RedHat:
href="http://rhn.redhat.com/errata/RHSA-2005-405.html">http://rhn.redhat.com/
errata/RHSA-2005-405.html

SUSE:
href="ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/xorg-x11-libs-6.8.1-15.3.i586.rpm"
target=_blank>ftp://ftp.SUSE.com/pub/SUSE

Currently, we are not aware of any exploits for this
vulnerability.

Security Focus, 13163, April 14, 2005

Ubuntu Security Notice, USN-112-1, April 14, 2005

Gentoo Linux Security Advisory, GLSA 200504-15, April 18, 2005

Fedora Update Notification,
FEDORA-2005-315, April 18, 2005

Mandriva Linux Security Update Advisory, MDKSA-2005:072, April 19, 2005

Peachtree Linux Security Notice, PLSN-0001, April 21, 2005

Turbolinux Security Advisory, TLSA-2005-50, April 28, 2005

RedHat Security Advisory, RHSA-2005:405-06, April 28, 2005

SUSE Security Summary Report, SUSE-SR:2005:012, April 29, 2005

phpmyAdmin

phpMyAdmin 2.6.2

A vulnerability has been reported due to insecure default permissions
on the SQL install script, which could let a malicious user obtain
unauthorized access.

Gentoo:
href="http://security.gentoo.org/glsa/glsa-200504-30.xml ">http://security.gentoo.org/
glsa/glsa-200504-30.xml

There is no exploit code required.

PostgreSQL

PostgreSQL 7.3 through 8.0.2

Fix available at:
href=" http://www.postgresql.org/about/news.315">http://www.postgresql.org/
about/news.315

Currently we are not aware of any exploits for these
vulnerabilities.

Postgrey

Postgrey 1.16-1.18, 0.84-9.87

A format string vulnerability has been reported in the 'server.pm'
module in the 'log' subroutine, which could let a remote malicious user
cause a Denial of Service or execute arbitrary code.

Upgrades available at:
href="http://isg.ee.ethz.ch/tools/postgrey/pub/postgrey-1.21.tar.gz"
target=_blank>http://isg.ee.ethz.ch/tools/
postgrey/pub/postgrey-1.21.tar.gz

SUSE:
href="ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/xorg-x11-libs-6.8.1-15.3.i586.rpm"
target=_blank>ftp://ftp.SUSE.com/pub/SUSE

Currently, we are not aware of any exploits for this
vulnerability.

Secunia Advisory,
SA14958, April 15, 2005

SUSE Security Summary Report, SUSE-SR:2005:012, April 29, 2005

Linux kernel-2.4.20-8.athlon.rpm, 2.4.20-8.i386.rpm, 2.4.20-8.i586.rpm,
2.4.20-8.i686.rpm, kernel-smp-2.4.20-8.athlon.rpm,
kernel-smp-2.4.20-8.i586.rpm , kernel-smp-2.4.20-8.i686.rpm ,
kernel-source-2.4.20-8.i386.rpm, Linux 8.0, i686, i386

A buffer overflow vulnerability exists in the ‘ubsec_keysetup()’
function in '/drivers/crypto/bcm/pkey.c,' which could let a malicious user
cause a Denial of Service or possibly execute arbitrary code.

Red Hat: href="http://rhn.redhat.com/errata/RHSA-2004-549.html">
http://rhn.redhat.com/
errata/RHSA-2004-549.html

RedHat:
href="http://rhn.redhat.com/errata/RHSA-2005-283.html">http://rhn.redhat.com/
errata/RHSA-2005-283.html

Currently we are not aware of any exploits for this
vulnerability.

(High if arbitrary code can be executed; and Low if a
DoS)

Red Hat Advisory: RHSA-2004:549-10, December 2, 2004

RedHat Security Advisory, RHSA-2005:283-15, April 28, 2005

RedHat

Enterprise Linux WS 3, ES 3, AS 3

RedHat:
href="http://rhn.redhat.com/errata/RHSA-2005-293.html">http://rhn.redhat.com/
errata/RHSA-2005-293.html

Currently we are not aware of any exploits for this
vulnerability.

Rob Flynn

Gaim 1.0-1.0.2, 1.1.1, 1.1.2

Upgrades available at:
href="http://gaim.sourceforge.net/downloads.php"
target=_blank>http://gaim.sourceforge.net/
downloads.php

Fedora: href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/">
http://download.fedora.redhat.
com/pub/fedora/linux/core/
updates/

Ubuntu: href="http://security.ubuntu.com/ubuntu/pool/main/g/gaim/">
http://security.ubuntu.com/
ubuntu/pool/main/g/gaim/

Gentoo: href=" http://security.gentoo.org/glsa/glsa-200503-03.xml">
http://security.gentoo.org/
glsa/glsa-200503-03.xml

Mandrake:
href="Http://www.mandrakesecure.net/en/advisories/">Http://www.mandrakesecure.net/
en/advisories/

RedHat: href="http://rhn.redhat.com/errata/RHSA-2005-215.html">
http://rhn.redhat.com/errata/
RHSA-2005-215.html

Conectiva: href="ftp://atualizacoes.conectiva.com.br/">
ftp://atualizacoes.conectiva.
com.br/

Peachtree: href="http://peachtree.burdell.org/updates/">
http://peachtree.burdell.org/
updates/

Debian:
href="http://security.debian.org/pool/updates/main/g/gaim/">http://security.debian.org/
pool/updates/main/g/gaim/

There is no exploit code required.

Gaim Advisory, February 17, 2005

Fedora Update Notifications,
FEDORA-2005-159 & 160, February
21, 2005

US-CERT
VU#839280

US-CERT
VU#523888

Ubuntu Security Notice, USN-85-1 February 25, 2005

Gentoo Linux Security Advisory, GLSA 200503-03, March 1, 2005

Mandrakelinux Security Update Advisory, MDKSA-2005:049, March 4, 2005

RedHat Security Advisory, RHSA-2005:215-11, March 10, 2005

Conectiva Linux Security Announcement, CLA-2005:933, March 14, 2005

Peachtree Linux Security Notice, PLSN-0002, April 21, 2005

Debian Security Advisory, DSA 716-1, April 27, 2005

Robert Styma Consulting

Ce/Ceterm (ARPUS/Ce) 2.x

No workaround or patch available at time of publishing.

Exploit scripts have been published.

Rootkit.nl

Rootkit Hunter 1.2-1.2.3

Several vulnerabilities have been reported because temporary files are
insecurely opened or created due to a design error, which could let a
malicious user corrupt arbitrary files with elevated privileges.

Gentoo: href="http://security.gentoo.org/glsa/glsa-200504-25.xml">
http://security.gentoo.org/
glsa/glsa-200504-25.xml

There is no exploit code required.

Secunia Advisory, SA15127, April 27, 2005

Gentoo Linux Security Advisory GLSA 200504-25, April 26, 2005

Survivor

Survivor 0.9.5 a

A Cross-Site Scripting vulnerability has been reported due to
insufficient sanitization of unspecified input, which could let a remote
malicious user execute arbitrary HTML and script code.

Upgrade available at:
href="http://www.columbia.edu/acis/dev/projects/survivor/dl/survivor-0.9.6.tar.gz"
target=_blank>http://www.columbia.edu/acis/dev/
projects/survivor/dl/survivor-0.9.6.tar.gz

There is no exploit code required.

Vladislav Bogdanov

SNMP Proxy Daemon 0.4-0.4.5

A format string vulnerability has been reported in SNMPPD due to
insufficient sanitization of user-supplied input before using in a
formatted printing function, which could let a remote malicious user
execute arbitrary code.

No workaround or patch available at time of publishing.

An exploit script has been published.

INetCop Security Advisory #2005-0x82-027, April 24, 2005

Security Focus, 13348, April 29,2005

BakBone

NetVault 7.1

A vulnerability has been reported because 'vstatsmngr.exe' can be
manipulated to obtain elevated privileges.

No workaround or patch available at time of publishing.

An exploit script has been published.

BEA Systems, Inc,

WebLogic Express 8.x, WebLogic Server 8.x

No workaround or patch available at time of publishing.

There is no exploit code required; hover, a Proof of Concept exploit
has been published.

Claroline

Claroline 1.5.3, 1.6 rc1, 1.6 beta

Upgrades available at:
href="http://www.claroline.net/dlarea/claroline154.tar.gz"
target=_blank>http://www.claroline.net/dlarea/

There is no exploit code required; however, Proofs of Concept exploits
have been published.

codetosell.com

ViArt Shop Enterprise 2.x

Multiple vulnerabilities have been reported: a Cross-Site Scripting
vulnerability was reported in the 'basket.php,' 'forum.php,' 'page.php,'
'reviews.php,' 'products.php,' and 'news_view.php' scripts due to
insufficient validation of user-supplied input, which could let a remote
malicious user execute arbitrary HTML and script code; and a Cross-SIte
Scripting vulnerability was reported in the 'forum_new_thread.php' script
due to insufficient sanitization of input passed to the nickname, email,
topic and message fields and the nickname and message fields in
'forum_threads.php,' which could let a remote malicious user execute
arbitrary HTML and script code.

No workaround or patch available at time of publishing.

There is no exploit code required; however, Proofs of Concepts have
been published.

Secunia Advisory, SA15181, May 2, 2005

dream4

Koobi CMS 4.2.3

An SQL injection vulnerability was reported in the 'index.php' due to
insufficient sanitization of the 'p' and 'q' parameters, which could let a
remote malicious user execute arbitrary SQL code.

No workaround or patch available at time of publishing.

There is no exploit code required; however, Proofs of Concept exploits
have been published.

Dream4 Koobi CMS Index.PHP P Parameter SQL Injection

href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1373">CAN-2005-1373

Ethereal Group

Ethereal 0.9-0.9.16, 0.10-0.10.9

Multiple vulnerabilities have been reported: a buffer overflow
vulnerability has been reported in the Etheric dissector, which could let
a remote malicious user cause a Denial of Service or execute arbitrary
code; a remote Denial of Service vulnerability has been reported in the
GPRS-LLC dissector if the 'ignore cipher bit' option is enabled; a buffer
overflow vulnerability has been reported in the 3GPP2 A11 dissector, which
could let a remote malicious user cause a Denial of Service or execute
arbitrary code; and remote Denial of Service vulnerabilities have been
reported in the JXTA and sFLow dissectors.

Upgrades available at:
href="http://www.ethereal.com/download.html">http://www.ethereal.com/
download.html

Gentoo: href="http://security.gentoo.org/glsa/glsa-200503-16.xml">
http://security.gentoo.org/
glsa/glsa-200503-16.xml

Fedora: href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/">
http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php">
http://www.mandrakesecure.net/
en/ftp.php

RedHat: href="http://rhn.redhat.com/errata/RHSA-2005-306.html">
http://rhn.redhat.com/errata/
RHSA-2005-306.html

ALT Linux: href="http://lists.altlinux.ru/pipermail/security-announce/2005-March/000287.html">
http://lists.altlinux.ru/pipermail/
security-announce/2005-March
/000287.html

Conectiva: href="ftp://atualizacoes.conectiva.com.br/">
ftp://atualizacoes.conectiva.
com.br/

Debian:
href="http://security.debian.org/pool/updates/main/e/ethereal/">http://security.debian.org/
pool/updates/main/e/ethereal/

A Denial of Service Proof of Concept exploit script has been published.

Ethereal Advisory, enpa-sa-00018, March 12, 2005

Gentoo Linux Security Advisory, GLSA 200503-16, March 12, 2005

Fedora Update Notifications,
FEDORA-2005-212 & 213, March 16,
2005

Mandrakelinux Security Update Advisory, MDKSA-2005:053, March 16, 2005

RedHat Security Advisory, RHSA-2005:306-10, March 18, 2005

Conectiva Security Linux Announcement, CLA-2005:942, March 28, 2005

ALTLinux Security Advisory, March 29, 2005

Debian Security Advisory, DSA 718-1, April 28, 2005

GrayCMS

GrayCMS 1.1

No workaround or patch available at time of publishing.

There is no exploit code required; however, a Proof of Concept exploit
has been published.

Secunia Advisory, SA15133, April 27, 2005

Hewlett Packard Company

Radia Management Portal 1.0, 2.0

A vulnerability has been reported in the Radia Management Agent due to
an unspecified flaw, which could let a remote malicious user cause a
Denial of Service or execute arbitrary code with SYSTEM privileges on a
Windows platform and elevated privileges on UNIX-based platforms.

Updates available at: href=" http://support.openview.hp.com">http://support.openview.hp.com

Currently we are not aware of any exploits for this
vulnerability.

Horde Project

Horde Kronolith Module

A Cross-Site Scripting vulnerability has been reported due to
insufficient sanitization of input passed to a parent's frame page title,
which could let a remote malicious user execute arbitrary HTML and script
code.

Upgrades available at:
class=moz-txt-link-freetext
href="http://www.horde.org/kronolith/download/">http://www.horde.org/kronolith/
download/

Gentoo:
href="http://security.gentoo.org/glsa/glsa-200505-01.xml">http://security.gentoo.org/
glsa/glsa-200505-01.xml

There is no exploit code required.

Secunia Advisory, SA15080, April 25, 2005

Gentoo Linux Security Advisory, GLSA 200505-01, May 2,
2005

Horde Project

Horde Passwd Module 2.x

A Cross-Site Scripting vulnerability has been reported due to
insufficient sanitization of input passed to a parent's frame page title,
which could let a remote malicious user execute arbitrary HTML and script
code.

Upgrades available at:
href="http://www.horde.org/passwd/download/">http://www.horde.org/passwd/
download/

Gentoo:
href="http://security.gentoo.org/glsa/glsa-200505-01.xml">http://security.gentoo.org/
glsa/glsa-200505-01.xml

There is no exploit code required.

Secunia Advisory, SA15075, April 25, 2005

Gentoo Linux Security Advisory, GLSA 200505-01, May 2,
2005

Horde Project

HordeTurba Module 1.x

A Cross-Site Scripting vulnerability has been reported due to
insufficient sanitization of input passed to a parent's frame page title,
which could let a remote malicious user execute arbitrary HTML and script
code.

Upgrades available at:
href="http://www.horde.org/turba/download/">http://www.horde.org/turba/
download/

Gentoo:
href="http://security.gentoo.org/glsa/glsa-200505-01.xml">http://security.gentoo.org/
glsa/glsa-200505-01.xml

There is no exploit code required.

Secunia Advisory, SA15074, April 25, 2005

Gentoo Linux Security Advisory, GLSA 200505-01, May 2,
2005

Horde Project

Horde Accounts Module 2.1, 2.1.1

A Cross-Site Scripting vulnerability has been reported due to
insufficient sanitization of input passed to a parent's frame page title,
which could let a remote malicious user execute arbitrary HTML and script
code.

Upgrades available at:
href="http://www.horde.org/accounts/download/"
target=_blank>http://www.horde.org/accounts/
download/

Gentoo:
href="http://security.gentoo.org/glsa/glsa-200505-01.xml">http://security.gentoo.org/
glsa/glsa-200505-01.xml

There is no exploit code required.

Secunia Advisory, SA15081, April 25, 2005

Gentoo Linux Security Advisory, GLSA 200505-01, May 2,
2005

Horde Project

Horde Chora 1.1-1.2.2

A Cross-Site Scripting vulnerability has been reported due to
insufficient sanitization of input passed to a parent's frame page title,
which could let a remote malicious user execute arbitrary HTML and script
code.

Upgrades available at:
href="http://www.horde.org/chora/download/"
target=_blank>http://www.horde.org/chora/
download/

Gentoo:
href="http://security.gentoo.org/glsa/glsa-200505-01.xml">http://security.gentoo.org/
glsa/glsa-200505-01.xml

There is no exploit code required.

Secunia Advisory, SA15083, April 25, 2005

Gentoo Linux Security Advisory, GLSA 200505-01, May 2,
2005

Horde Project

Horde Forwards Module 2.1-2.2.1

A Cross-Site Scripting vulnerability has been reported due to
insufficient sanitization of input passed to a parent's frame page title,
which could let a remote malicious user execute arbitrary HTML and script
code.

Upgrades available at:
href="http://www.horde.org/forwards/download/"
target=_blank>http://www.horde.org/forwards/
download/

Gentoo:
href="http://security.gentoo.org/glsa/glsa-200505-01.xml">http://security.gentoo.org/
glsa/glsa-200505-01.xml

There is no exploit code required.

Secunia Advisory, SA15082, April 25, 2005

Gentoo Linux Security Advisory, GLSA 200505-01, May 2,
2005

Horde Project

Horde IMP Webmail Client 3.x

A Cross-Site Scripting vulnerability has been reported due to
insufficient sanitization of input passed to a parent's frame page title,
which could let a remote malicious user execute arbitrary HTML and script
code.

Upgrades available at:
class=moz-txt-link-freetext
href="ftp://ftp.horde.org/pub/imp/imp-3.2.8.tar.gz">ftp://ftp.horde.org/pub/imp/
imp-3.2.8.tar.gz

Gentoo:
href="http://security.gentoo.org/glsa/glsa-200505-01.xml">http://security.gentoo.org/
glsa/glsa-200505-01.xml

There is no exploit code required.

Secunia Advisory, SA15080, April 25, 2005

Gentoo Linux Security Advisory, GLSA 200505-01, May 2,
2005

Horde Project

Horde Mnemo 1.1-1.1.3

A Cross-Site Scripting vulnerability has been reported due to
insufficient sanitization of input passed to a parent's frame page title,
which could let a remote malicious user execute arbitrary HTML and script
code.

Upgrades available at:
href="http://www.horde.org/mnemo/download/">http://www.horde.org/mnemo/
download/

Gentoo:
href="http://security.gentoo.org/glsa/glsa-200505-01.xml">http://security.gentoo.org/
glsa/glsa-200505-01.xml

There is no exploit code required.

Secunia Advisory,
SA15078, April 25, 2005

Gentoo Linux Security Advisory, GLSA 200505-01, May 2,
2005

Horde Project

Horde Vacation 2.0-2.2.1

A Cross-Site Scripting vulnerability has been reported due to
insufficient sanitization of input passed to a parent's frame page title,
which could let a remote malicious user execute arbitrary HTML and script
code.

Upgrades available at:
href="http://www.horde.org/vacation/download/"
target=_blank>http://www.horde.org/vacation/
download/

Gentoo:
href="http://security.gentoo.org/glsa/glsa-200505-01.xml">http://security.gentoo.org/
glsa/glsa-200505-01.xml

There is no exploit code required.

Secunia Advisory, SA15073, April 25, 2005

Gentoo Linux Security Advisory, GLSA 200505-01, May 2,
2005

Horde Project

HordeNag 1.1-1.1.2

A Cross-Site Scripting vulnerability has been reported due to
insufficient sanitization of input passed to a parent's frame page title,
which could let a remote malicious user execute arbitrary HTML and script
code.

Upgrades available at:
href="http://www.horde.org/nag/download/"
target=_blank>http://www.horde.org/nag/
download/

Gentoo:
href="http://security.gentoo.org/glsa/glsa-200505-01.xml">http://security.gentoo.org/
glsa/glsa-200505-01.xml

There is no exploit code required.

Secunia Advisory, SA15079, April 25, 2005

Gentoo Linux Security Advisory, GLSA 200505-01, May 2, 2005

IBM

Lotus Domino 6.0.x, 6.5.x; prior to 6.0.5, prior to 6.5.4

An input validation vulnerability has been reported in the
'@SetHTTPHeader' function when invoked by specially crafted code, which
could let a malicious user conduct HTTP response splitting attacks.

Update information available at: href="http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21202437">
http://www-1.ibm.com/support/
docview.wss?rs=463&uid=
swg21202437

Currently we are not aware of any exploits for this
vulnerability.

IBM

Lotus Domino 6.0.x, 6.5.x; prior to 6.0.5, prior to 6.5.4

Update information available at: alink="#999999">
face="Arial, Helvetica"> href="http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21202525">http://www-1.ibm.com/
support/docview.wss?rs
=463&uid=swg21202525

Currently we are not aware of any exploits for this
vulnerability

IBM

Lotus Notes 6.0.x, 6.5.x; prior to 6.0.5, prior to 6.5.4

A Denial of Service vulnerability has been reported because a malicious
user can modify the 'NOTES.INI' file.

Update information available at: alink="#999999">
face="Arial, Helvetica"> href="http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21202526">http://www-1.ibm.com/
support/docview.wss?rs
=463&uid=swg21202526

Currently we are not aware of any exploits for this vulnerability.

Invision Power Services

Invision Power Board 2.0.3, 2.1 Alpha 2

A Cross-Site Scripting vulnerability has been reported due to
insufficient validation of user-supplied input in certain URL parameters,
which could let a remote malicious user execute arbitrary HTML and script
code.

No workaround or patch available at time of publishing.

A Proof of Concept exploit has been published.

Just William's

Amazon Webstore 04050100

Cross-Site Scripting vulnerabilities have been reported in the
'index.php' and 'closeup.php' scripts due to insufficient validation of
the 'CurrentIsExpanded,' 'image,' ''searchFor,' and 'currentNumber'
parameters, which could let a remote malicious user execute arbitrary HTML
and script code.

No workaround or patch available at time of publishing.

There is no exploit code required; however, a Proof of Concept exploit
has been published.

Morgan Harvey

SitePanel 2.x

Multiple vulnerabilities have been reported: a vulnerability was
reported due to insufficient sanitization of unspecified input, which
could let a remote malicious user execute arbitrary HTML and script code;
a vulnerability as reported in '5.php' due to insufficient verification of
the 'id' parameter, which could let a remote malicious user delete
arbitrary files; a vulnerability was reported in 'index.php' due to
insufficient verification of the 'lang' parameter, which could let a
remote malicious user include arbitrary files; an input validation
vulnerability was reported when handling attachments in trouble tickets,
which could let a remote malicious user upload arbitrary files; and a
vulnerability was reported in 'main.php' due to insufficient verification
of the 'p' parameter, which could let a remote malicious user include
arbitrary files.

Update available at: href=" http://www.sitepanel2.com/">
http://www.sitepanel2.com/

Proofs of Concept exploits have been published.

Mozilla.org

Firefox 1.x, 0.x,
Mozilla 1.7.x, 1.6, 1.5, 1.4, 1.3, 1.2, 1.1, 1.0,
0.x

Gentoo: href="http://security.gentoo.org/glsa/glsa-200503-10.xml">
http://security.gentoo.org/
glsa/glsa-200503-10.xml

Fedora: href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/">
http://download.fedora.redhat.
com/pub/fedora/linux/
core/updates/

Gentoo: href="http://security.gentoo.org/glsa/glsa-200503-30.xml">
http://security.gentoo.org/
glsa/glsa-200503-30.xml

Slackware:
href="http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.000123">http://slackware.com/security/
viewer.php?l=slackware-security
&y=2005&m=slackware-security
.000123

RedHat:
href="http://rhn.redhat.com/errata/RHSA-2005-384.html">http://rhn.redhat.com/
errata/RHSA-2005-384.html

A Proof of Concept exploit has been published.

Vulnerability has appeared in the press and other public media.

Secunia SA13129, December 8, 2004

Gentoo Linux Security Advisory GLSA 200503-10, March 4, 2005

Fedora Update Notifications,
FEDORA-2005-248 &
249,
2005-03-23

Fedora Update Notifications,
FEDORA-2005-251 & 253, March 25,
2005

Gentoo Linux Security Advisory, GLSA 200503-30, March 25, 2005

Slackware Security Advisory, March 28, 2005

RedHat Security Advisory, RHSA-2005:384-11, April 28, 2005

Mozilla.org

Mozilla Browser 1.0-1.0.2, 1.1-1.7.6, Firefox 0.8-0.10.1, 1.0.1, 1.0.2

Upgrades available at:
href="http://www.mozilla.org/products/firefox/"
target=_blank>http://www.mozilla.org/
products/firefox/

href="http://www.mozilla.org/products/mozilla1.x/"
target=_blank>http://www.mozilla.org/
class=bodytext> target=_blank>products/mozilla1.x/

Gentoo: href="http://security.gentoo.org/glsa/glsa-200504-18.xml">
http://security.gentoo.org/
glsa/glsa-200504-18.xml

RedHat: href="http://rhn.redhat.com/errata/RHSA-2005-383.html">
http://rhn.redhat.com/
errata/RHSA-2005-383.html

href="http://rhn.redhat.com/errata/RHSA-2005-386.html">http://rhn.redhat.com/errata/
RHSA-2005-386.html

TurboLinux:
href="ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/">ftp://ftp.turbolinux.co.jp/pub/
TurboLinux/TurboLinux/ia32/

SUSE:
href="ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/xorg-x11-libs-6.8.1-15.3.i586.rpm"
target=_blank>ftp://ftp.SUSE.com/pub/SUSE

RedHat:
href="http://rhn.redhat.com/errata/RHSA-2005-384.html">http://rhn.redhat.com/
errata/RHSA-2005-384.html

There is no exploit code required.

Mozilla Foundation Security Advisories, 2005-35 - 2005-41, April 16,
2005

Gentoo Linux Security Advisory, GLSA 200504-18, April 19, 2005

US-CERT VU#973309

RedHat Security Advisories, RHSA-2005:383-07 & RHSA-2005-386.,
April 21 & 26, 2005

Turbolinux Security Advisory, TLSA-2005-49, April 21, 2005

US-CERT
VU#519317

SUSE Security Announcement, SUSE-SA:2005:028, April 27, 2005

RedHat Security Advisory, RHSA-2005:384-11, April 28, 2005

Mozilla.org

Mozilla Suite prior to 1.7.6, Firefox prior to 1.0.2

Mozilla Browser:
href="http://www.mozilla.org/products/mozilla1.x/"
target=_blank>http://www.mozilla.org/products
/mozilla1.x/

Firefox:
href="http://www.mozilla.org/products/firefox/"
target=_blank>http://www.mozilla.org/products
/firefox/

Fedora:
href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/"
target=_blank>http://download.fedora.redhat.
com/pub/fedora/linux/core/
updates/

Gentoo: href="http://security.gentoo.org/glsa/glsa-200503-30.xml">
http://security.gentoo.org/glsa
/glsa-200503-30.xml

href="http://security.gentoo.org/glsa/glsa-200503-30.xml">http://security.gentoo.org
/glsa/glsa-200503-31.xml

Slackware: href="http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.000123">
http://slackware.com/security/
viewer.php?l=slackware-security
&y=2005&m=slackware-security.
000123

RedHat:
href="http://rhn.redhat.com/errata/RHSA-2005-384.html">http://rhn.redhat.com/
errata/RHSA-2005-384.html

A Proof of Concept exploit has been published.

Mozilla Foundation Security Advisory 2005-32, March 23, 2005

RedHat Security Advisory, RHSA-2005:384-11, April 28, 2005

Mozilla

Mozilla 0.x, 1.0, 1.1, 1.2, 1.3, 1.4, 1.5, 1.6, 1.7.x

Mozilla Firefox 0.x

Mozilla Thunderbird 0.x

Multiple vulnerabilities exist in Firefox, Mozilla and Thunderbird that
can permit users to bypass certain security restrictions, conduct spoofing
and script insertion attacks and disclose sensitive and system
information.

Mozilla: Update to version 1.7.5: href="http://www.mozilla.org/products/mozilla1.x/ ">
http://www.mozilla.org/products/
mozilla1.x/

Firefox: Update to version 1.0: href="http://www.mozilla.org/products/firefox/">
http://www.mozilla.org/products/
firefox/

Thunderbird: Update to version 1.0: href="http://www.mozilla.org/products/thunderbird/">
http://www.mozilla.org/products/
thunderbird/

Fedora: href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/">
http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/

Slackware: href="http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.000123">
http://slackware.com/security/
viewer.php?l=slackware-security
&y=2005&m=slackware-security.
000123

RedHat:
href="http://rhn.redhat.com/errata/RHSA-2005-384.html">http://rhn.redhat.com/
errata/RHSA-2005-384.html

Currently we are not aware of any exploits for these
vulnerabilities.

Mozilla Foundation Security Advisory 2005-01, 03, 04, 07, 08, 09, 10,
11, 12

Fedora Update Notification,
FEDORA-2005-248, 249, 251, 253, March 23
& 25, 2005

Slackware Security Advisory, SSA:2005-085-01, March 27, 2005

RedHat Security Advisory, RHSA-2005:384-11, April 28, 2005

Mozilla

Mozilla Firefox 1.0 and 1.0.1

A vulnerability exists that could let remote malicious users conduct
Cross-Site Scripting attacks. This is due to missing URI handler
validation when dragging an image with a "javascript:" URL to the address
bar.

Gentoo: href="http://security.gentoo.org/glsa/glsa-200503-30.xml">
http://security.gentoo.org/
glsa/glsa-200503-30.xml

RedHat:
href="http://rhn.redhat.com/errata/RHSA-2005-384.html">http://rhn.redhat.com/
errata/RHSA-2005-384.html

A Proof of Concept exploit has been published.

Secunia SA14406, March 1, 2005

Gentoo Linux Security Advisory, GLSA 200503-30, March 25, 2005

RedHat Security Advisory, RHSA-2005:384-11, April 28, 2005

Multiple Vendors

Mozilla Firefox 1.0; Gentoo Linux; Thunderbird 0.6, 0.7- 0.7.3, 0.8,
0.9, 1.0, 1.0.1;
Netscape Netscape 7.2

There are multiple vulnerabilities in Mozilla Firefox. A remote user
may be able to cause a target user to execute arbitrary operating system
commands in certain situations or access access content from other
windows, including the 'about:config' settings. This is due to a hybrid
image vulnerability that allows batch statements to be dragged to the
desktop and because tabbed javascript vulnerabilities let remote users
access other windows.

A fix is available via the CVS repository

Fedora: href="ftp://aix.software.ibm.com/aix/efixes/security/perl58x.tar.Z">
ftp://aix.software.ibm.com/aix/
efixes/security/perl58x.tar.Z

Red Hat: href="http://rhn.redhat.com/errata/RHSA-2005-176.html">
http://rhn.redhat.com/errata/
RHSA-2005-176.html

Gentoo:
href="http://www.gentoo.org/security/en/glsa/glsa-200503-10.xml">http://www.gentoo.org/security/en/
glsa/glsa-200503-10.xml

Thunderbird: href="http://download.mozilla.org/?product=thunderbird-1.0.2&os=win
http://download.mozilla.org/?
product=thunderbird-1.0.2
&os=win<=en-US

Gentoo: href="http://security.gentoo.org/glsa/glsa-200503-30.xml">
http://security.gentoo.org/
glsa/glsa-200503-30.xml

RedHat:
href="http://rhn.redhat.com/errata/RHSA-2005-384.html">http://rhn.redhat.com/
errata/RHSA-2005-384.html

A Proof of Concept exploit has been published.

Mozilla Firefox Multiple Vulnerabilities

href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0230">CAN-2005-0230
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0231">CAN-2005-0231
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0232">CAN-2005-0232

Security Tracker Alert ID: 1013108, February 8, 2005

Fedora Update Notification,
FEDORA-2005-182, February 26, 2005

Red Hat RHSA-2005:176-11, March 1, 2005

Gentoo, GLSA 200503-10, March 4, 2005

Security Focus, 12468, March 22, 2005

Gentoo Linux Security Advisory, GLSA 200503-30, March 25, 2005

RedHat Security Advisory, RHSA-2005:384-11, April 28, 2005

Multiple Vendors

Mozilla.org Mozilla Browser 1.7.6, Firefox 1.0.1, 1.0.2; K-Meleon
K-Meleon 0.9; Netscape 7.2; K-Meleon 0.9

A vulnerability has been reported in the javascript implementation due
to improper parsing of lamba list regular expressions, which could a
remote malicious user obtain sensitive information.

The vendor has issued a fix, available via CVS.

RedHat: href="http://rhn.redhat.com/errata/RHSA-2005-383.html">
http://rhn.redhat.com/errata/
RHSA-2005-383.html

href="http://rhn.redhat.com/errata/RHSA-2005-386.html">http://rhn.redhat.com/errata/
RHSA-2005-386.html

Slackware: href="http://www.mozilla.org/projects/security/known-vulnerabilities.html">
http://www.mozilla.org
/projects/security/known-vulnerabilities.html

TurboLinux:
href="ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/">ftp://ftp.turbolinux.co.jp/pub/
TurboLinux/TurboLinux/ia32/

SUSE:
href="ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/xorg-x11-libs-6.8.1-15.3.i586.rpm"
target=_blank>ftp://ftp.SUSE.com/pub/SUSE

RedHat:
href="http://rhn.redhat.com/errata/RHSA-2005-384.html">http://rhn.redhat.com/
errata/RHSA-2005-384.html

There is no exploit code required; however, a Proof of Concept exploit
has been published.

Security Tracker Alert, 1013635, April 4, 2005

Security Focus, 12988, April 16, 2005

RedHat Security Advisories, RHSA-2005:383-07 & RHSA-2005:386-08,
April 21 & 26, 2005

Turbolinux Security Advisory, TLSA-2005-49, April 21, 2005

Slackware Security Advisory, SSA:2005-111-04, April 22, 2005

SUSE Security Announcement, SUSE-SA:2005:028, April 27, 2005

RedHat Security Advisory, RHSA-2005:384-11, April 28,
2005

Multiple Vendors

ALT Linux Compact 2.3, Junior 2.3; Apple Mac OS X 10.0-10.0.4,
10.1-10.1.5, 10.2-10.2.8, 10.3-10.3.8, Mac OS X Server 10.0, 10.1-10.1.5,
10.2-10.2.8, 10.3-10.3.8; MIT Kerberos 5 1.0, 5 1.0.6, 5 1.0.8, 51.1-5
1.4; Netkit Linux Netkit 0.9-0.12, 0.14-0.17, 0.17.17; Openwall
GNU/*/Linux (Owl)-current, 1.0, 1.1; FreeBSD 4.10-PRERELEASE, 2.0, 4.0 .x,
-RELENG, alpha, 4.0, 4.1, 4.1.1 -STABLE, -RELEASE, 4.1.1, 4.2,
-STABLEpre122300, -STABLEpre050201, 4.2 -STABLE, -RELEASE,
4.2, 4.3
-STABLE, -RELENG, 4.3 -RELEASE-p38, 4.3 -RELEASE, 4.3, 4.4 -STABLE,
-RELENG, -RELEASE-p42, 4.4, 4.5 -STABLEpre2002-03-07, 4.5 -STABLE,

-RELENG, 4.5 -RELEASE-p32, 4.5 -RELEASE, 4.5, 4.6 -STABLE, -RELENG,
4.6 -RELEASE-p20, 4.6 -RELEASE, 4.6, 4.6.2, 4.7 -STABLE, 4.7 -RELENG, 4.7
-RELEASE-p17, 4.7 -RELEASE, 4.7, 4.8 -RELENG,
4.8 -RELEASE-p7, 4.8
-PRERELEASE, 4.8, 4.9 -RELENG, 4.9 -PRERELEASE, 4.9, 4.10 -RELENG, 4.10
-RELEASE,
4.10, 4.11 -STABLE, 5.0 -RELENG, 5.0, 5.1 -RELENG, 5.1
-RELEASE-p5, 5.1 -RELEASE, 5.1, 5.2 -RELENG, 5.2 -RELEASE, 5.2,
5.2.1
-RELEASE, 5.3 -STABLE, 5.3 -RELEASE, 5.3, 5.4 -PRERELEASE; SuSE Linux 7.0,
sparc, ppc, i386, alpha, 7.1, x86, sparc, ppc, alpha, 7.2, i386

Two buffer overflow vulnerabilities have been reported in Telnet: a
buffer overflow vulnerability has been reported in the 'slc_add_reply()'
function when a large number of specially crafted LINEMODE Set Local
Character (SLC) commands is submitted, which could let a remote malicious
user execute arbitrary code; and a buffer overflow vulnerability has been
reported in the 'env_opt_add()' function, which could let a remote
malicious user execute arbitrary code.

ALTLinux: href="http://lists.altlinux.ru/pipermail/security-announce/2005-March/000287.html">
http://lists.altlinux.ru/pipermail
/security-announce/2005-
March/000287.html

Apple:
href="http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty1.pl/product=05529&platform=osx&method=sa/SecUpd2005-003Pan.dmg"
target=_blank>http://wsidecar.apple.com/cgi-bin/
nph-reg3rdpty1.pl/product=05529&
platform=osx&method=sa/SecUpd
2005-003Pan.dmg