Report an Incident

If you are a CNI organisation and you have encountered or suspect a cyber threat, please complete and return an Incident Reporting Form.

All incident reports provided to the CCIP are treated in the strictest of confidence. Please see our Confidentiality Charter for more details. Read More

New at CCIP

Current e-Bulletin The CCIP e-Bulletin provides a snapshot of security related news
Read More

Centre for Critical Infrastructure Protection

Home | Vulnerabilities | Vulnerability Alert Archives | March 2005

March 2005

The following table includes the Vulnerability Alerts for the month

Note: These links reference external sites. CCIP can not accept responsibility for outdated links or such links contents.

Reference	Description	Date
AusCERT	High level of exploitation of AWStats, phpBB and other web bulletin board software	31/03/05
redhat	krb5 security update	31/03/05
Cisco	Cisco IPSec Malformed IKE Packet Vulnerability	31/03/05
Cisco	Cisco VPN 3000 Concentrator Vulnerable to Crafted SSL attack	31/03/05
MIT	MIT Kerberos 5 versions 1.4 and prior	31/03/05
Sun	Buffer Overflow in telnet(1) Client Software	30/03/05
Apple	Java Web Start Vulnerability	30/03/05
redhat	telnet security update	30/03/05
redhat	MySQL security update	30/03/05
Mozilla	GIF heap overflow parsing Netscape extension 2	24/03/05
redhat	ImageMagick security update	24/03/05
Debian	xloadimage -- missing input sanitising, integer overflow	24/03/05
redhat	ipsec-tools security update	24/03/05
redhat	kdelibs security update	24/03/05
redhat	realplayer security update	23/03/05
redhat	mailman security update	23/03/05
Apple	Security Update 2005-003	22/03/05
SuSE	Secuirity updates for xv, Opera, Apache2, koffice, Squirrelmail and Mozilla	22/03/05
Sun	Security Vulnerability With Java Web Start	21/03/05
Sun	Security Vulnerability in the newgpr(1) Command May Allow Unauthorized Root Privileges	21/03/05
Linux Kernel	Linux Kernel Multiple Vulnerabilities	21/03/05
McAfee	VirusScan 4320 Engine Buffer Overrun Vulnerability	21/03/05
Ubuntu	Update for libxpm4/libxpm4-dbg	18/03/05
Symantec	DNS Cache Poisoning Vulnerability	17/03/05
Mandrake	Update for cyrus-sasl	17/03/05
Debian	Squirrelmail package fixes regression	15/03/05
Gentoo	Update for libexif	15/03/05
Gentoo	Update for xorg-x11	15/03/05
idefense	Ipswitch Collaboration Suite IMAP EXAMINE Buffer Overflow	14/03/05
Ubuntulinux	libexif EXIF Tag Structure Validation Vulnerability	09/03/05
Ubuntulinux	Ubuntu update for lesstif	09/03/05
Secunia	Microsoft Windows LAND Attack Denial of Service	08/03/05
Secunia	Form Mail Script "script_root" File Inclusion Vulnerability	08/03/05
Gentoo	OpenMotif, LessTif: New libXpm buffer overflows	08/03/05
Novell	cyrus-sasl remote code execution	07/03/05
redhat	HelixPlayer security update	07/03/05
Computer Associates	License Software Multiple Buffer Overflow Vulnerabilities	03/03/05
PHPNews	Arbitrary File Inclusion Vulnerability	03/03/05
RealPlayer	WAV and SMIL File Handling Buffer Overflows	03/03/05
SIG	RaidenHTTPD Buffer Overflow and PHP Source Code Disclosure	03/03/05
Gentoo	Gentoo update for phpwebsite	03/03/05
Symantec	SMTP Binding Configuration Settings Bypassed	02/03/05
SuSE	curl buffer overflow in NTLM authentication	02/03/05
SuSE	Security updates for emacs/XEmacs, wpa_supplicant, FreeNX and php4	02/03/05
Mozilla	Memory overwrite in string library	01/03/05
Debian	bsmtpd -- missing input sanitising	01/03/05