Centre for Critical Infrastructure Protection

Home | Vulnerabilities | Vulnerability Alert Archives | January 2006

January 2006

The following table includes the Vulnerability Alerts for the month.

Note: These links reference external sites. CCIP can not accept responsibility for outdated links or such links contents.

Reference	Description	Date
FrSIRT	Nullsoft Winamp Player PLS Handling Remote Buffer Overflow Vulnerability	31/01/06
PmWiki	PmWiki Multiple Vulnerabilities	31/01/06
Sun	SecurityVulnerabilities in Sun StorEdge Enterprise Backup Software (EBS)	30/01/06
FrSIRT	Oracle PL/SQL Gateway Exclusion List Security Bypass Vulnerability	30/01/06
Cisco	Cisco Security Advisory: Cisco VPN 3000 Concentrator	27/01/06
SUSE	Update for phpMyAdmin	27/01/06
Secunia	Mercury Mail Transport System Buffer Overflow	27/01/06
Cisco	Cisco Security Notice: Response to AAA Command Authorization by-pass	26/01/06
iDefense	Computer Associates iTechnology iGateway Buffer Overflow	25/01/06
Novell	SUSE Update for kdelibs3	24/01/06
Gentoo	Update for kdelibs	24/01/06
Ubuntu	Update for kdelibs4c2	24/01/06
Debian	Update for clamav	24/01/06
Debian	Update for libapache-auth-ldap	24/01/06
Mandriva	Update for mod_auth_ldap	24/01/06
redhat	Update for kdelibs	24/01/06
F-Secure	Anti-Virus Archive Handling Vulnerabilities	20/01/06
SGI	Advanced Linux Environment Multiple Updates	20/01/06
Oracle	Critical Patch Update - January 2006	18/01/06
Novell	Open Enterprise Server Remote Manager Buffer Overflow	17/01/06
Trustix	Update for multiple packages	17/01/06
Gentoo	Update for sun-jdk/sun-jre-bin/blackdown-jdk/blackdown-jre	17/01/06
Suse	Update for multiple packages	17/01/06
Gentoo	Update for clamav	16/01/06
Nortel	Nortel Products Microsoft Windows WMF "SETABORTPROC" Code Execution	16/01/06
Mozilla	Official 1.5 release of Thunderbird now available	13/01/06
Cisco	Access Point Memory Exhaustion from ARP Attacks	13/01/06
PostgreSQL	Minor Releases to Fix DoS Vulnerability	13/01/06
Cisco	Default Administrative Password in Cisco Security Monitoring, Analysis and Response System (CS-MARS)	12/01/06
Ethereal	Multiple problems in Ethereal versions 0.8.20 to 0.10.13	12/01/06
SuSE	Updates for xpdf / kpdf / gpdf / kword	12/01/06
Apple	QuickTime Multiple Image/Media File Handling Vulnerabilities	12/01/06
SCO	OpenServer 5.0.7 OpenServer 6.0.0 : Lynx Multiple Vulnerabilities	12/01/06
Secunia	MyPHPim Multiple Vulnerabilities	12/01/06
Hewlett-Packard	HP-UX Secure Shell Remote Denial of Service (DoS)	12/01/06
Blackberry	Corrupt PNG file may cause heap overflow in the BlackBerry Attachment Service	11/01/06
FrSIRT	Clam AntiVirus (ClamAV) UPX File Handling Buffer Overflow Vulnerability	11/01/06
Secunia	ADOdb Insecure Test Scripts Security Issues	11/01/06
iDefense	Multiple Vendor mod_auth_pgsql Format String Vulnerability	11/01/06
Microsoft	Microsoft Security Bulletin Summary for January, 2006	11/01/06
Apache	Apache auth_ldap module Multiple Format Strings Vulnerability	11/01/06
Debian	pound -- several vulnerabilities	11/01/06
Postnuke	Arbitrary SQL code execution via adodb	10/01/06
Cisco	CS ACS for Windows Downloadable IP Access Control List Vulnerability	10/01/06
Gentoo	VMware Workstation: Vulnerability in NAT networking	10/01/06
FrSIRT	BlueCoat WinProxy Remote Code Execution and DoS Vulnerabilities	09/01/06
Apple	AirPort firmware update	09/01/06
Secunia	CUPS xpdf Multiple Integer Overflow Vulnerabilities	09/01/06
IBM	Fix List for Lotus Notes and Lotus Domino Release 6.5.5 Maintenance Release	09/01/06
redhat	Critical: mod_auth_pgsql security update	09/01/06
Microsoft	CRITICAL - WMF Security Patch	06/01/06
SCO	OpenServer update for libXpm	06/01/06
Secunia	VisNetic Mail Server Multiple Webmail Vulnerabilities	04/01/06

Centre for Critical Infrastructure Protection (CCIP)

Centre for Critical Infrastructure Protection

January 2006