Skip Navigation

  • Home
  • Contact us
  • FAQ
  • Glossary
  • Public key
  • Sitemap
  • Cymraeg
  • What's new
CPNI - Centre for the Protection of National Infastructure

Advanced search

  • About CPNI
  • The threats
  • Security planning
  • Methods of attack
  • Protecting your assets
  • Products and services
    • CSIRTUK advisories
      • Advisories archive
    • General protective security publications
    • InfoSec briefings
    • InfoSec technical notes
    • InfoSec vulnerability disclosures
    • Good practice guidelines
    • Viewpoints
    • Information exchanges
  • Research
Home > Products and services > CSIRTUK advisories > Advisories archive > January 2006

January 2006

January 2006

00099 - Two Gentoo Linux Security Advisories: 1. GLSA 200601-16 - MyDNS: Denial of Service 2. GLSA 200601-17 - Xpdf, Poppler, GPdf, libextractor, pdftohtml: Heap overflows

00098 - Two Mandriva Linux Security Advisories: 1. MDKSA-2006:026 - Updated bzip2 packages fix bzgrep vulnerabilities 2. MDKSA-2006:027 - Updated gzip packages fix zgrep vulnerabilities

00097 - Two Debian Security Advisories: 1. DSA 951-2 - New trac packages fix SQLinjection and cross-site scripting 2. DSA 959-1 - New unalz packages fix arbitrary code execution

00096 - Two Gentoo Linux Security Advisories: 1. GLSA 200601-14 - LibAST: Privilege escalation 2. GLSA 200601-15 - Paros: Default administrator password

00095 - Mandriva Linux Advisory: MDKA-2006:017 - Updated mozilla-thunderbird packages merge dropped changes

00094 - Debian Security Advisory: DSA 958-1 - New drupal packages fix several vulnerabilities

00093 - Two Gentoo Linux Security Advisories: 1. GLSA 200601-12 - Trac: Cross-site scripting vulnerability 2. GLSA 200601-13 - Gallery: Cross-site scripting vulnerability

00092 - Nine Mandriva Linux Advisories

00091 - Three Debian Security Advisories: 1. DSA 950-1 - cupsys 2. DSA 957-1 - imagemagick 3. DSA 956-1 - lsh-utils

00090 - Two SUSE Security Announcements: 1. SUSE-SA:2006:004 - phpMyAdmin 2. SUSE-SA:2006:005 - nfs-server

00089 - iDefense Security Advisory: Computer Associates iTechnology iGateway Service Content-Length Buffer Overflow Vulnerability

00088 - Cisco Security Advisory: cisco-sa-20060126-vpn - Cisco VPN 3000 Concentrator Vulnerable to Crafted HTTP Attack

00087 - Sun Security Advisory: Sun Alert ID: 102148 - Security Vulnerabilities in Sun StorEdge Enterprise Backup Software (EBS)

00086 - Two FreeBSD Security Advisories: 1. FreeBSD-SA-06:06. - kmem 2. FreeBSD-SA-06:07. - pf

00085 - Cisco Security Notice: Response to AAA Command Authorization by-pass

00084 - Four Debian Security Advisories: 1. DSA 947-2 - clamav 2. DSA 953-1 - flyspray 3. DSA 954-1 - wine 4. DSA 955-1 - clamav

00083 - Two Mandriva Linux Security Advisories: 1. MDKSA-2006:020 - ipsec-tools 2. MDKSA-2006:021 - Mozilla-Thunderbird

00082 - Gentoo Linux Security Advisory: GLSA 200601-11 - KDE kjs: URI heap overflow vulnerability

00081 - Two Hewlett Packard Security Advisories: 1. SSRT061104 rev.1 - HP Oracle for OpenView (OfO) 2. SSRT061099 rev.1 - HP-UX Local Increased Privilege

00080 - Two AUSCERT Advisories: 1. AA-2006.0003 - Thunderbird 1.5 release fixes email attachment type spoofing vulnerability 2. AL-2006.0008 - HP-UX CIFS Server (Samba) Remote Execution of Arbitrary Code, Denial of Service (DoS)

00079 - Fedora Update Notification: FEDORA-2006-056 - openssh-4.2p1-fc4.10

00078 - Debian Security Advisory: DSA 952-1 - libapache-auth-ldap

00077 - Mandriva Linux Advisory: MDKA-2006:012 - webmin

00076 - AUSCERT ALERT: AL-2006.0007 -- Computer Associates multiple products remote buffer overflow in iGateway component

00075 - 1. SUSE Security Announcements: SUSE-SA:2006:003 - kdelibs3 2. SUSE Security Summary Report: SUSE-SR:2006:002

00074 - Five Debian Security Advisories: 1. DSA 946-1 - sudo 2. DSA 947-1 - clamav 3. DSA 948-1 - kdelibs 4. DSA 949-1 - crawl 5. DSA 951-1 - trac

00073 - Hewlett Packard Security Bulletin: HPSBUX02092 SSRT5971 rev.1 - HP-UX Running ftpd Remote Denial of Service (DoS)

00072 - KDE Security Advisory: kjs encodeuri/decodeuri heap overflow vulnerability

00071 - FreeBSD Security Advisory: IEEE 802.11 buffer overflow

00070 - Mandriva Linux Security Advisories

00069 - Hewlett Packard Security Bulletin - HPSBUX02092 SSRT5971 rev.1 - HP-UX Running ftpd Remote Denial of Service (DoS)

00068 - Red Hat Security Advisories

00067 - Updated Symantec Advisory: Buffer overflow vulnerability in VERITAS NetBackup

00066 - F-Secure Security Bulletin FSC-2006-1rated Critical

00065 - Cisco Security Advisories

00064 - Cisco Security Advisory: IOS Stack Group Bidding Protocol Crafted Packet DoS

00063 - FreeBSD Security Advisory: FreeBSD SA-06:05.80211 - IEEE 802.11 buffer overflow

00062 - Two Debian Security Advisories: 1. DSA 944-1 - mantis 2. DSA 945-1 - antiword

00061 - Three Mandriva Linux Advisories: 1. MDKA-2006:008 - squid 2. MDKA-2006:009 - OpenOffice.org 3. MDKA-2006:010 - klamav

00060 - Three iDEFENSE Security Advisories: 1. EMC Legato Networker nsrd.exe DoS Vulnerability 2. EMC Legato Networker nsrd.exe Heap Overflow Vulnerability 3. EMC Legato Networker nsrexecd.exe Heap Overflow Vulnerability

00059 - Oracle Critical Patch Update - January 2006

00058 - Debian Security Advisory: DSA 943-1 - New Perl packages fix arbitrary code execution

00057 - Four Mandriva Linux Advisories

00056 - Two Red Hat Security Advisories: 1. RHSA-2006:0101-01 - Important: kernel security update 2. RHSA-2006:0158-01 - Moderate: apache security update

00055 - Two Gentoo Linux Security Advisories: 1. GLSA 200601-10 - Sun and Blackdown Java: Applet privilege escalation 2. GLSA 200601-09:02 - ERRATA UPDATE - Wine: Windows Metafile SETABORTPROC vulnerability

00054 - AusCERT Update: AU-2006.0004 - Proof of concept code released for VERITAS NetBackup 5.x

00053 - Four Debian Security Advisories

00052 - Gentoo Linux Security Advisory: GLSA 200601-09 - Wine: Windows Metafile SETABORTPROC vulnerability

00051 - Sun Microsystem Security Advisory: Sun Alert ID: 102033 - Vulnerabilities in lpsched(1M) May Allow an Unprivileged User to Remove System Files or Disable the LP Service

00050 - SUSE Security Announcements

00049 - SCO Security Advisories

00048 - FreeBSD Security Advisory

00047 - Cisco Security Notice

00046 - Cisco Security Advisory: 20060112 - Access Point Memory Exhaustion from ARP Attacks

00045 - Three Debian Security Advisories: 1. DSA 903-2 - New unzip packages fix unauthorised permissions modification 2. DSA 937-1 - New tetex-bin packages fix arbitrary code execution 3. DSA 938-1 - New koffice packages fix arbitrary code execution

00044 - Two Mandriva Linux Security Advisories: 1. MDKSA-2006:012 - kdegraphics 2. MDKSA-2006:013 - kolab-resource-handlers

00043 - Two PHP Security Advisories: 1. 02/2006: PHP ext/mysqli Format StringVulnerability 2. 01/2006: PHP ext/session HTTP Response Splitting Vulnerability

00042 - Two Gentoo Linux Security Advisories: 1. GLSA 200601-07 - ClamAV: Remote execution of arbitrary code 2. GLSA 200601-08 - Blender: Heap-based buffer overflow

00041 - Symantec Security Advisory: Symantec Norton SystemWorks Protected Recycle Bin Exposure

00040 - Two Sun Microsystems Security Advisories: 1. Security Vulnerability May Allow An Unprivileged Local User to Gain Root Access or Panic the OS 2. Security Vulnerability Using find(1) to Search /proc May Cause a Denial of Service (DoS) Condition

00039 - AusCERT Update AU-2006.0002 - Sun Java vulnerability now being exploited in the wild

00038 - AusCERT Security Bulletin: ESB-2006.0038 - PostgreSQL release fixes remote DoS vulnerability on Windows platform

00037 - Cisco Security Advisory: cisco-sa-20060111-mars - Default Administrative Password in Cisco Security Monitoring, Analysis and Response System (CS-MARS)

00036 - SUSE Security Announcement: SUSE-SA:2006:001 - xpdf,kpdf,gpdf,kword

00035 - Four Red Hat Security Advisories

00034 - Two SCO Security Advisories: 1. SCOSA-2006.6 - OpenServer 5.0.6 OpenServer 5.0.7 OpenServer 6.0.0 : Zlib Multiple Vulnerabilities 2. SCOSA-2006.7 - OpenServer 5.0.7 OpenServer 6.0.0 : Lynx Multiple Vulnerabilities

00033 - Four FreeBSD Security Advisories: 1. FreeBSD-SA-06:01. - texindex 2. FreeBSD-SA-06:02. - ee 3. FreeBSD-SA-06:03. - cpio 4. FreeBSD-SA-06:04. - ipfw

00032 - Apple Security Advisory: 2006-01-10 QuickTime 7.0.4

00031 - Three Debian Security Advisories

00030 - Hewlett Packard Security Bulletin: HPSBUX02090 - HP-UX Secure Shell Remote Denial of Service (DoS)

00029 - Three Mandriva Linux Advisories: 1. MDKA-2006:005 - Updated kat packages fix various bugs 2. MDKSA-2006:010 - Updated cups packages fix several vulnerabilities 3. MDKSA-2006:011 - Updated tetex packages fix several vulnerabilities

00028 - Red Hat Security Advisory: RHSA-2006:0179-01 - Critical: auth_ldap security update

00027 - Two Gentoo Linux Security Advisories: 1. GLSA 200601-05 - mod_auth_pgsql: Multiple format string vulnerabilities 2. GLSA 200601-06 - xine-lib, FFmpeg: Heap-based buffer overflow

00026 - AusCERT Security Bulletin Summary: ESB-2006.0026 - RIM BlackBerry Enterprise Server Attachment Service does not properly handle PNG image files

00025 - Sun Microsystem Security Vulnerability: ESB-2006.0021 - Security Vulnerabilities in uucp(1C) and uustat(1C)

00024 - Microsoft Security Bulletin Re-Release for January 2006

00023 - Two NetBSD Security Advisories: 1. Advisory 2006-001 - Kernfs kernel memory disclosure 2. Advisory 2006-002 - settimeofday() time wrap

00022 - Six Mandriva Security Advisories

00021 - iDefense Security Advisory 01.09.06 - Multiple Vendor mod_auth_pgsql Format String Vulnerability

00020 - Six Debian Security Advisories: 1. DSA 929-1 - buffer overflow 2. DSA 930-1 - format string attack 3. DSA 931-1 - xpdf 4. DSA 932-1 - kpdf 5. DSA 933-1 - hylafax 6. DSA 934-1 - pound

00019 - AUSCERT ALERT - AL-2006.0001 -- Multiple PHP web applications vulnerable through ADOdb library test scripts

00018 - Hewlett Packard Security Bulletin: SSRT051074 rev.3 - HP-UX Running xterm Local Unauthorized Access

00017 - Two SCO Security Advisories: 1. SCOSA-2006.4 - OpenServer 5.0.6 OpenServer 5.0.7 : TCP Remote ICMP Denial Of Service Vulnerabilities 2. SCOSA-2006.5 - OpenServer 5.0.6 OpenServer 5.0.7 OpenServer 6.0.0 : LibXpm Integer Overflow Vulnerability

00016 - Six Mandriva Linux Security Advisories: 1. MDKSA-2006:003 - poppler 2. MDKSA-2006:004 - pdftohtml 3. MDKSA-2006:005 - xpdf 4. MDKSA-2006:006 - gpdf 5. MDKSA-2006:007 - apache2 6. MDKSA-2006:008 - koffice

00015 - Apple Security Advisory: APPLE-SA-2006-01-05 AirPort firmware update

00014 - Red Hat Security Advisory: RHSA-2006:0159-01 - Moderate: httpd security update

00013 - Three Gentoo Linux Security Advisories: 1. GLSA 200601-02 - KPdf, KWord: Multiple overflows in included Xpdf code 2. GLSA 200601-03 - HylaFAX: Multiple vulnerabilities 3. GLSA 200601-04 - VMware Workstation: Vulnerability in NAT networking

00012 - ESB-2006.0011 - Cisco Secure ACS for Windows Downloadable IP Access Control List Vulnerability

00011 - Two OpenBSD Advisories: 1. ESB-2006.0009 - 3.8 Erratum 001 - Patch fixes Perl vulnerability 2. ESB-2006.0010 - 3.8 Erratum 002 - Patch fixes suid /dev/fd access check

00010 - AusCERT Advisory: AA-2006.0001 - Lotus Domino release 6.5.5 fixes multiple vulnerabilities

00008 - Three SCO Security Advisories

00007 - Two Mandriva Linux Security Advisories: 1. MDKSA-2006:001 - tkcvs 2. MDSKA-2006:002 - ethereal

00006 - Gentoo Linux Security Advisory: GLSA 200601-01 - pinentry: Local privilege escalation

00005 - Debian Security Advisory DSA 927-2 - tkdiff

00004 - Updated Microsoft Security Advisory (912840) concerning a vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution.

00003 - Three Mandriva Linux Security Advisories: 1. MDKSA-2005:239 - printer-filters-utils 2. MDKA-2006:001 - nss_ldap 3. MDKA-2006:002 - mdkonline

00002 - Two Gentoo Linux Security Advisories: 1. GLSA 200512-17 - scponly: Multiple privilege escalation issues 2. GLSA 200512-18 - XnView: Privilege escalation

00001 - Exploitation of unpatched vulnerability in Windows Meta File (Updated)

00009 - Microsoft Security Bulletin MS06-001

  • Accessibility |
  • Terms and conditions |
  • Privacy statement |
  • Data protection act |
  • Freedom of information |