December 2005

December 2005

01142 - Exploitation of unpatched vulnerability in Windows Metafile (Update)

01141 - Debian Security Advisories

01140 - Mandriva Security Advisories

01139 - Gentoo - Security Advisories

01138 - Unpatched vulnerability in Windows XP

01137 - Two SCO Security Advisories: 1. SCOSA-2005.64 - UnixWare 7.1.3 UnixWare 7.1.4 : TCP Denial of Service Vulnerability 2. SCOSA-2005.65 - OpenServer 6.0.0 : TCP Denial of Service Vulnerability

01136 - Mandriva Linux Advisory: MDKA-2005:060 - msec

01135 - Gentoo Linux Security Advisory: GLSA 200512-12 - Mantis: Multiple vulnerabilities

01134 - Two iDEFENSE Security Advisories: 1. iDEFENSE Security Advisory: ESB-2005.1009 - McAfee Security Center MCINSCTL.DLL ActiveX Control File Overwrite. 2. Linux Kernel Socket Buffer Memory Exhaustion DoS Vulnerability

01133 - AUSCERT Advisory: AA-2005.0034 - [Win][OSX] Vulnerabilities in Apple QuickTime and Apple iTunes

01132 - Two Debian Security Advisories: 1. DSA 924-1 - nbd 2. DSA 925-1 - phpbb2

01131 - SCO Security Advisory: OpenServer 5.0.6 OpenServer 5.0.7 OpenServer 6.0.0 : wu-ftp Denial of Service

01130 - Cisco Security Response: DoS in Cisco Clean Access

01129 - Mandriva Linux Security Advisory: MDKSA-2005:235 - kernel

01128 - SCO Security Advisory: SCOSA-2005.62 - OpenServer 5.0.6 OpenServer 5.0.7 OpenServer 6.0.0 : Xloadimage NIFF Image Title Handling Buffer Overflow Vulnerability

01127 - Cisco Security Response: Response to VLAN and PVLAN Bidirectional Jumping

01126 - SUSE Security Announcement: 1. SUSE-SA:2005:070 - ipsec-tools,freeswan,openswan 2. SUSE-SA:2005:071 - perl

01125 - Two Fedora Update Notifications: 1. FEDORA-2005-1186 - Fedora Core 3 - fetchmail 2. FEDORA-2005-1187 - Fedora Core 4 - fetchmail

01124 - Hewlett Packard Security Bulletin - SSRT5983 rev.1 - HP-UX Running Software Distributor (SD) Remote Unauthorized Access

01123 - Mandriva Linux Security Advisory: MDKSA-2005:234 - sudo

01122 - Nine Red Hat Security Advisories

01121 - Gentoo Linux Security Advisory: GLSA 200512-11 - CenterICQ: Multiple vulnerabilities

01120 - SUN(SM) ALERT WEEKLY SUMMARY REPORT Week of 11-Dec-2005 - 17-Dec-2005

01119 - Cisco Security Notice: Response to Full-Disclosure - Multiple Vulnerabilities within Cisco EIGRP

01118 - Fedora Update Notification - FEDORA-2005-1171: Fedora Core 4 poppler

01117 - Hewlett Packard Security Bulletin: SSRT051026 rev. 1 - HP-UX running WBEM Services Denial of Service (DoS)

01116 - Mandriva Linux Security Advisory: MDKSA-2005:233 - apache2

01115 - Red Hat Security Advisory: RHSA-2005:882-01 - Important: openssl, php, mod_ssl, mod_imap security update for Stronghold

01114 - Four SCO Security Advisories

01113 - SUSE Security Summary Report - SUSE-SR:2005:030

01112 - Debian Security Advisory: DSA 923-1 - dropbear

01111 - Mandriva Linux Advisory: MDKA-2005:059 - digikam

01110 - Three Gentoo Linux Security Advisories: 1. GLSA 200512-07 - OpenLDAP, Gauche: RUNPATH issues 2. GLSA 200512-09 - cURL: Off-by-one errors in URL handling 3. GLSA 200512-10 - Opera: Command-line URL shell command injection

01109 - Five IBM Security Advisories

01108 - Adobe Security Bulletins: - - Flash Media Server - - ColdFusion MX 6.X - - JRun 4.0 server - - ColdFusion MX 7

01107 - Hewlett Packard Security Bulletin: SSRT4728 rev.1 - HP-UX running TCP/IP Remote Denial of Service (DoS)

01106 - Gentoo Linux Security Advisory: GLSA 200512-08 - Xpdf, GPdf, CUPS, Poppler: Multiple vulnerabilities

01105 - AusCERT Update AU-2005.0022 - [Win] Dasher.A and Dasher.B worm targeting MSDTC and COM+ vulnerabilties (MS05-051)

01104 - Three SCO Security Advisories

01103 - Two SUSE Security Announcements: 1. kernel various security and bugfixes (SUSE-SA:2005:068) 2. php4, php5 (SUSE-SA:2005:069)

01102 - Two Debian Security Advisories: 1. DSA 921-1 - kernel-source-2.4.27 2. DSA 922-1 - New Linux 2.6.8 packages fix several vulnerabilities

01101 - Six Mandriva Linux Security Advisories: 1. MDKSA-2005:227 - ethereal 2. MDKSA-2005:228 - xine-lib 3. MDKSA-2005:229 - xmovie 4. MDKSA-2005:230 - mplayer 5. MDKSA-2005:231 - ffmpeg 6. MDKSA-2005:232 - gstreamer-ffmpeg

01100 - OpenPKG Security Advisory: OpenPKG-SA-2005.029 - apache

01099 - Two Gentoo Security Advisories: 1. GLSA 200512-05 - Xmail: Privilege escalation through sendmail 2. GLSA 100512-06 - Ethereal: Buffer overflow in OSPF protocol dissector

01098 - Five iDEFENSE Security Advisories

01097 - Juniper Networks Security Advisory (CERT/CC VU#102014)

01096 - SUN(SM) ALERT WEEKLY SUMMARY REPORT Week of 04-Dec-2005 - 10-Dec-2005

01095 - Two SCO Security Advisories: 1. SCOSA-2005.53 - UnixWare 7.1.3 UnixWare 7.1.4 : OpenSSH Multiple Vulnerabilities 2. SCOSA-2005.54 - UnixWare 7.1.3 UnixWare 7.1.4 : uidadmin Buffer Overflow Vulnerability

01094 - Microsoft Security Bulletin Minor Revisions

01093 - Two Debian Security Advisories: 1. DSA 919-1 - curl 2. DSA 920-1 - ethereal

01092 - Mandriva Linux Security Advisory: MDKSA-2005:226 - mozilla-thunderbird

01091 - Gentoo Linux Security Advisory: GLSA 200512-04 - Openswan, IPsec-Tools: Vulnerabilities in ISAKMP Protocol implementation

01088 - US-CERT Technical Cyber Security Alert TA05-347A - Microsoft Internet Explorer Vulnerabilities

01087 - Two PHP Security Advisories: 1. phpMyAdmin Variable Overwrite Vulnerability 2. libcurl URL Parsing Vulnerability

01086 - Three Mandrake Security Advisories: 1. MDKSA-2005:206-1 - openvpn 2. MDKSA-2005:224 - curl 3. MDKSA-2005:225 - perl

01085 - Two Debian Security Advisories: 1. DSA 917-1 - courier 2. DSA 918-1 - osh

01084 - Hewlett Packard Security Advisory: PHP/XMLRPC Remote Unauthorized Execution of Arbitrary Code

01083 - OpenPKG Security Advisory: OpenPKG-SA-2005.028 - curl

01082 - Three Gentoo Security Advisories: 1. GLSA 200512-01 - Perl: Format string errors can lead to code execution 2. GLSA 200512-02 - Webmin, Usermin: Format string vulnerability 3. GLSA 200512-03 - phpMyAdmin: Multiple vulnerabilities

01081 - Two iDefense Security Advisories: 1. Dell TrueMobile 2300 Wireless Broadband Router Authentication Bypass Vulnerability 2. Ethereal OSPF Protocol Dissector Buffer Overflow Vulnerability

01080 - Three Sun Microsystems Advisories:

01079 - Microsoft Security Response Center Bulletin - Notification Issued: December 08, 2005

01078 - iDefense - xpdf vulnerabilities

01077 - iDefense - Ipswitch advisories

01076 - Debian Security Advisory - inkscape

01075 - Hewlett Packard security advisories

01074 - Red Hat Security Advisories

01073 - Malicious Software Report Linux/Elxbot

01072 - SUN(SM) ALERT WEEKLY SUMMARY REPORT - Week of 27-Nov-2005 - 03-Dec-2005

01071 - SUSE Security Summary Report

01070 - Hewlett Packard Security Bulletin - HPSBUX01059 SSRT4704 Revised - HP-UX Running wu-ftpd Local Unauthorized Access

01069 - Cisco Security Notice: Response to OpenSSL - Potential SSL 2.0 Rollback

01067 - Cisco Security Advisory: IOS HTTP Server Command Injection Vulnerability

01066 - Two Debian Security Advisories: 1. DSA 914-1 - horde2 2. DSA 915-1 - helix-player

01065 - Hewlett Packard Security Bulletin: HPSBMA01076 SSRT4787 Revised - HP Systems Insight Manager (SIM) for HP-UX Remote Denial of Service (DoS)

01064 - AUSCERT Advisory: AA-2005.0032 - New patches fix denial of service vulnerability in Symantec pcAnywhere

01063 - Title: Microsoft Security Bulletin Minor Revisions Issued: November 30, 2005

01062 - Apple Security Notification: APPLE-SA-2005-11-30 J2SE 5.0 Release 3

01061 - Two Debian Security Advisories: 1. DSA 912-1 - centericq 2. DSA 913-1 - gdk-pixbuf

01060 - Four Mandriva Linux Security Advisories: 1. MDKSA-2005:217 - netpbm 2. MDKSA-2005:220 - kernel 3. MDKSA-2005:218 - kernel 4. MDKSA-2005:219 - kernel

01059 - Sun Alert Notification: 101974 - OpenSSL May Allow an Agent to Force a Rollback to a Cryptographically Weak Protocol