Report an Incident

If you are a CNI organisation and you have encountered or suspect a cyber threat, please complete and return an Incident Reporting Form.

All incident reports provided to the CCIP are treated in the strictest of confidence. Please see our Confidentiality Charter for more details. Read More

New at CCIP

Current e-Bulletin The CCIP e-Bulletin provides a snapshot of security related news
Read More

Centre for Critical Infrastructure Protection

Home | Vulnerabilities | Vulnerability Alert Archives | January 2005

January 2005

The following table includes the Vulnerability Alerts for the month.

Note: These links reference external sites. CCIP can not accept responsibility for outdated links or such links contents.

Reference	Description	Date
Mandrake	Privilege escalation, System access	31/01/05
SIG	Winmail Server Multiple Vulnerabilities	31/01/05
Gentoo	SquirrelMail, Exposure of sensitive information	31/01/05
Mandrake	Updated bind packages fix vulnerability	28/01/05
Redhat	Updated Xpdf package fixes security issue	28/01/05
Secunia	SUSE Updates for Multiple Packages	28/01/05
Gentoo	GraphicsMagick: PSD decoding heap overflow	28/01/05
Gentoo	Update for awstats	27/01/05
Mandrake	Update for kernel	27/01/05
Mandrake	Update for gpdf	27/01/05
Debian	Update for xine-lib	27/01/05
Apple	Mac OS X Security Update Fixes Multiple Vulnerabilities	27/01/05
Cisco	Crafted Packet Causes Reload on Cisco Routers	27/01/05
Cisco	Multiple Crafted IPv6 Packets Cause Reload	27/01/05
Juniper	Juniper unknown denial of service vulnerability	27/01/05
SCO	OpenServer 5.0.6 OpenServer 5.0.7 : bind remote attacker can poison the nameserver cache	26/01/05
UNIRAS	Vulnerability Issues with the BIND 9 Software	26/01/05
UNIRAS	Vulnerability Issues with the BIND 8 Software	26/01/05
Gentoo	Gentoo update for tetex/cstetex/ptex	25/01/05
Gentoo	Gentoo update for xpdf/gpdf	25/01/05
KDE	KOffice "Decrypt::makeFileKey2()" Buffer Overflow	25/01/05
Gentoo	Gentoo update for imagemagick	25/01/05
SGI	SGI Advanced Linux Environment Multiple Updates	25/01/05
Ethereal	Ethereal Multiple Unspecified Packet Dissector Vulnerabilities	25/01/05
Sun	Security Vulnerability in Solaris 8 DHCP Administration Utilities	25/01/05
Mandrake	Updated playmidi packages fix buffer overflow vulnerability	25/01/05
Debian	sword - missing input sanitising	25/01/05
Debian	imagemagick -- buffer overflow	25/01/05
Debian	cupsys -- buffer overflow	25/01/05
iDEFENSE	Multiple Vendor xpdf PDF Viewer Buffer Overflow Vulnerability	25/01/05
Debian	enscript -- several vulnerabilities	25/01/05
Cisco	Vulnerability in Cisco IOS Embedded Call Processing Solutions	21/01/05
Real Player	RealPlayer vulnerabilities	21/01/05
Mandrake	MandrakeSoft has issued an update for mpg123	21/01/05
Mandrake	Mandrake update for xine-lib	21/01/05
Secunia	Fedora update for gpdf	21/01/05
Redhat	Red Hat update for php	21/01/05
ImmunitySec	Multiple vulnerabilities have been reported in Mac OS X	21/01/05
Sun	Sun Java Plug-In Two Vulnerabilities	21/01/05
Secunia	A vulnerability has been reported in 3Com OfficeConnect Wireless 11g	21/01/05
OpenPKG	arbitrary code execution	20/01/05
Oracle	Oracle Products 23 Vulnerabilities	20/01/05
Novell	Security Bypass, Exposure of sensitive information, Privilege escalation, System access	19/01/05
Mandrake	Manipulation of data, DoS, System access	19/01/05
Debian	DSA-645-1 cupsys -- buffer overflow	19/01/05
Debian	DSA-645-1 cupsys -- buffer overflow	19/01/05
IBM	Two Security Advisories for IBM DB2	18/01/05
SGI	SGI Advanced Linux Environment Multiple Updates	18/01/05
Secunia	VMware ESX Server Three Vulnerabilities	18/01/05
Secunia	PHP Gift Registry SQL Injection Vulnerabilities	18/01/05
Gentoo	Gentoo has issued an update for tnftp	17/01/05
Debian	Debian has issued an update for gopherd	17/01/05
Sun	A security issue has been reported in Sun Solaris	17/01/05
Debian	Debian has issued an update for mc	17/01/05
NGSSoftware	IBM DB2 rec2xml buffer overflow	14/01/05
NGSSoftware	IBM DB2 XML functions overflows	14/01/05
NGSSoftware	IBM DB2 JDBC Applet Server buffer overflow	14/01/05
NGSSoftware	IBM DB2 db2fmp buffer overflow	14/01/05
UNIRAS	Malicious Software Report - Lasco.A	14/01/05
OpenPKG	Vulnerability in perl	14/01/05
NGSSoftware	IBM DB2 generate distfile buffer overflow	14/01/05
Debian	New exim packages fix arbitrary code execution	14/01/05
Mandrake	Update for imlib	14/01/05
redhat	Update for xpdf	14/01/05
redhat	Update for lesstif	14/01/05
Oracle	10g Extproc Buffer Overflow	13/01/05
Oracle	10g/9i Wrapped Procedure Buffer Overflow	13/01/05
Oracle	10g/9i Multiple PL/SQL Injection Vulnerabilities	13/01/05
Oracle	10g Character Conversion Bug	13/01/05
Oracle	10g TNS Listener DoS	13/01/05
SUSE	Update for libtiff/tiff	13/01/05
Gentoo	Update for imlib2	13/01/05
LSS	SquirrelMail Vacation Plugin Two Vulnerabilities	13/01/05
redhat	Netscape Directory Server: stack buffer overflow vulnerability	13/01/05
Apple	iTunes 4.7.1 Update fixes buffer overflow	13/01/05
Gentoo	Update for koffice/kpdf	13/01/05
Gentoo	Update for konqueror	13/01/05
Microsoft	Vulnerability in the Indexing Service Could Allow Remote Code Execution	12/01/05
Microsoft	Vulnerability in Cursor and Icon Format Handling Could Allow Remote Code Execution	12/01/05
Microsoft	Vulnerability in HTML Help Could Allow Code Execution	12/01/05
Gentoo	Update to "media-sound/mpg123-0.59s-r9" or later	12/01/05
Gentoo	TikiWiki Wiki Edit Page Arbitrary Script Upload Vulnerability	12/01/05
Mandrake	Update for libtiff	11/01/05
Gentoo	Gentoo update for dillo	11/01/05
iDEFENSE	Exim host_aton() Buffer Overflow Vulnerability	11/01/05
iDEFENSE	Exim auth_spa_server() Buffer Overflow Vulnerability	11/01/05
Debian	pcal - buffer overflows	10/01/05
Debian	tiff - unsanitised input	10/01/05
Debian	namazu2 - unsanitised input	10/01/05
Debian	imlib2 - integer overflows	10/01/05
Debian	krb5 - buffer overflow	10/01/05
Mandrake	Mandrake update for wxGTK2	10/01/05
redhat	Updated VIM packages fix security vulnerability	07/01/05
redhat	Updated mc package resolves security vulnerabilities	07/01/05
redhat	Updated fam packages fix security issue	07/01/05
Gentoo	xine-lib: Multiple overflows	07/01/05
Gentoo	tiff: New overflows in image decoding	07/01/05
Gentoo	Shoutcast Server: Remote code execution	07/01/05
Debian	zip -- buffer overflow	06/01/05
KDE	ftp kioslave command injection	06/01/05
Hewlett-Packard	HP Tru64 UNIX SWS (Apache) Secure Web Server Remote Denial of Service (DoS)	06/01/05
Hewlett-Packard	HP Tru64 UNIX TCP Stack Remote Denial of Service (DoS)	06/01/05
Gentoo	Mozilla, Firefox, Thunderbird: Various vulnerabilities	06/01/05
AusCERT	Three vulnerabilities in Microsoft Windows and Internet Explorer	05/01/05
GulfTech	Serious Vulnerabilities In PhotoPost Classifieds	05/01/05
GulfTech	Serious Vulnerabilities In PhotoPost ReviewPost	05/01/05
UNIRAS	Exploitation of flaws in Microsoft Windows XP SP2	01/01/05
Debian	xpdf -- buffer overflow	01/01/05
Mandrake	Updated gpdf packages fix buffer overflow vulnerability	01/01/05
Mandrake	Updated koffice packages fix multiple vulnerabilities	01/01/05
Mandrake	Updated kdegraphics packages fix buffer overflow vulnerability	01/01/05
Mozilla	Heap overflow in MSG_UnEscapeSearchUrl	01/01/05
Symantec	Symantec Enterprise Firewall/VPN and Gateway Security 300 Series Appliances Multiple Issues	01/01/05