Centre for Critical Infrastructure Protection

Home | Vulnerabilities | Vulnerability Alert Archives | October 2005

October 2005

The following table includes the Vulnerability Alerts for the month.

Note: These links reference external sites. CCIP can not accept responsibility for outdated links or such links contents.

Reference	Description	Date
Secunia	Skype Multiple Buffer Overflow Vulnerabilities	31/10/05
Gentoo	Update for mantis	31/10/05
Debian	Update for lynx-ssl	31/10/05
UNIRAS	"SecuryTeam Order" E-mails and Malicious Web Site	31/10/05
Secunia	Mantis File Inclusion and SQL Injection Vulnerabilities	27/10/05
SGI	Advanced Linux Environment Multiple Updates	27/10/05
redhat	Update for ethereal	27/10/05
Trustix	Update for multiple packages	25/10/05
SUSE	Updates for Multiple Packages	25/10/05
Secunia	SCO OpenServer update for xpdf	25/10/05
Debian	Update for mozilla-thunderbird	25/10/05
NISCC	Microsoft - Security Bulletin Minor Revisions MS05-050 & MS05-052	21/10/05
Veritas	VERITAS NetBackup Java User-Interface Remote Format String Vulnerability	21/10/05
Debian	mozilla -- several vulnerabilities	21/10/05
Hewlett-Packard	HP OpenView Operations and OpenView VantagePoint Java Runtime Environment (JRE) Remote Privileged Access	21/10/05
Ethereal	Multiple problems in Ethereal versions 0.7.7 to 0.10.12	21/10/05
Cisco	Cisco 11500 Content Services Switch SSL Malformed Client Certificate Vulnerability	21/10/05
Apache	Apache HTTP Server 2.0.55 Released	20/10/05
e107	e107 "a_name" SQL Injection Vulnerability	20/10/05
Nortel	Threat Protection System - Back Orifice Preprocessor Buffer OverFlow Vulnerability	20/10/05
Oracle	Oracle Critical Patch Update - October 2005	19/10/05
Secunia	Snort Back Orifice Pre-Processor Buffer Overflow Vulnerability	19/10/05
Secunia	MySource Cross-Site Scripting and File Inclusion Vulnerabilities	19/10/05
Nortel	Nortel Centrex IP Client Manager Multiple Vulnerabilities	19/10/05
Secunia	Fedora update for koffice	18/10/05
Sun	Multiple Security Vulnerabilities in Mozilla	18/10/05
NISCC	Microsoft - Various Issues After Installing Microsoft Security Bulletin MS05-051	18/10/05
OpenSSL	OpenSSL version 0.9.7i released	18/10/05
FrSIRT	Lynx Browser NNTP Handling Remote Buffer Overflow Vulnerability	18/10/05
Ubuntu	Curl and wget vulnerabilities	18/10/05
IBM	IBM TotalStorage SAN Volume Controller PuTTY Vulnerability	18/10/05
Sun	Netscape NSS Tools Vulnerability Affects Sun Java Enterprise System and Solaris	17/10/05
Sun	Multiple Security Vulnerabilities in Mozilla	17/10/05
Gentoo	KOffice, KWord: RTF import buffer overflow	17/10/05
Slackware	Advanced Linux Environment Multiple Updates	13/10/05
Ubuntu	Update for mozilla-thunderbird	13/10/05
Ubuntu	Update for koffice-libs/kword	13/10/05
Mandriva	Update for xine-lib	13/10/05
Avaya	Various Products Multiple Vulnerabilities	13/10/05
Debian	Update for xine-lib	13/10/05
Koffice	KWord RTF Importer Buffer Overflow Vulnerability	12/10/05
Kaspersky	Anti-Virus Engine CHM File Parsing Buffer Overflow	12/10/05
F-Secure	Anti-Virus for Linux CHM File Parsing Buffer Overflow	12/10/05
Xine-Lib	CDDB Client Format String Vulnerability	12/10/05
Microsoft	9 Vulnerability patches	12/10/05
Suse	Update for realplayer	11/10/05
Gentoo	Update for xine	11/10/05
Ubuntu	Update for libxine1	11/10/05
Gentoo	Update for realplayer / helixplayer	11/10/05
Secunia	Suse multiple updates	11/10/05
Redhat	Update for thunderbird	11/10/05
Symantec	Symantec Antivirus Scan Engine: Buffer Overflow	05/10/05
Zonelabs	Bypassing Personal Firewall Using "DDE-IPC"	05/10/05
Mailenable	MailEnable W3C Logging Buffer Overflow Vulnerability	05/10/05
Debian	Drupal, missing input sanitising	05/10/05
Symantec	Trojan "Hesive" targets a flaw in Microsoft Access	05/10/05
FrSIRT	Kaspersky Anti-Virus Products Remote Heap Overflow Vulnerability	04/10/05
Debian	New mozilla-firefox packages fox multiple vulnerabilities	04/10/05
Secunia	Fedora update for thunderbird	04/10/05
Debian	Squid -- authentication handling	03/10/05
SUSE	Update for mozilla/MozillaFirefox	03/10/05
SUSE	Updates for Multiple Packages	03/10/05

Centre for Critical Infrastructure Protection (CCIP)

Centre for Critical Infrastructure Protection

October 2005