Report an Incident

If you are a CNI organisation and you have encountered or suspect a cyber threat, please complete and return an Incident Reporting Form.

All incident reports provided to the CCIP are treated in the strictest of confidence. Please see our Confidentiality Charter for more details. Read More

New at CCIP

Current e-Bulletin The CCIP e-Bulletin provides a snapshot of security related news
Read More

Centre for Critical Infrastructure Protection

Home | Vulnerabilities | Vulnerability Alert Archives | November 2006

November 2006

The following table includes the Vulnerability Alerts for the month.

Note: These links reference external sites. CCIP can not accept responsibility for outdated links or such links contents.

Reference	Description	Date
Mandriva	Mandriva update for tar	30/11/06
Gentoo	Gentoo update for openldap	30/11/06
Secunia	Telnet - Ftp Server Two Vulnerabilities	30/11/06
Ubuntu	Ubuntu update for dovecot	30/11/06
Secunia	LHa Multiple Vulnerabilities	30/11/06
Uniras	Crystal Reports Predictable Session Identifier Security Issue	30/11/06
Secunia	P-News Multiple Vulnerabilities	30/11/06
Secunia	F-Secure Products OpenSSL ASN.1 Denial Of Service Vulnerability	30/11/06
Secunia	Borland Products idsql32.dll Buffer Overflow Vulnerability	30/11/06
Symantec	Symantec NetBackup PureDisk PHP Buffer Overflow	30/11/06
Apple	Mac OS X Security Update Fixes Multiple Vulnerabilities	30/11/06
Secunia	Trustix update for openldap and proftpd	29/11/06
Secunia	ProFTPD mod_tls Buffer Overflow Vulnerability	29/11/06
Secunia	GnuPG "make_printable_string()" Buffer Overflow Vulnerability	29/11/06
Secunia	GNU tar "GNUTYPES_NAMES" Record Type Security Issue	29/11/06
Secunia	Avaya Products Wireshark Multiple Vulnerabilities	29/11/06
Secunia	PHP-Nuke "modules/News/index.php" SQL Injection Vulnerabilities	29/11/06
Ubuntu	Ubuntu update for tar	29/11/06
Debian	Debian update for pstotext	29/11/06
Suse	SUSE Update for Multiple Packages	28/11/06
Suse	SUSE update for openldap2-client	28/11/06
Gentoo	Gentoo update for imagemagick	28/11/06
Secunia	MailEnable WebAdmin Blank Password Security Issue	28/11/06
Gentoo	Gentoo update for gv	28/11/06
Secunia	Basic Forum "id" SQL Injection Vulnerability	28/11/06
Gentoo	Gentoo update for horde-ingo	28/11/06
Secunia	Mambo Flyspray ME Component "file" File Inclusion Vulnerability	28/11/06
Secunia	Sisfo Kampus File Inclusion and Directory Traversal	28/11/06
Secunia	SUSE update for phpMyAdmin	27/11/06
Secunia	Crystal Reports Unspecified RPT Processing Vulnerability	27/11/06
Secunia	Messagerie Locale "page" File Inclusion Vulnerability	27/11/06
Secunia	OWLLib "OWLLIB_ROOT" File Inclusion Vulnerability	27/11/06
Secunia	site_news "page" File Inclusion Vulnerability	27/11/06
Secunia	DeskPRO newticket.php Script Insertion Vulnerability	24/11/06
Secunia	NetGear WG311v1 Wireless Driver Long SSID Buffer Overflow	24/11/06
Avaya	Linux Kernel Multiple Vulnerabilities	24/11/06
MailEnable	IMAP Service Buffer Overflow Vulnerability	24/11/06
Secunia	IBM HMC OpenSSH / OpenSSL Vulnerabilities	23/11/06
Secunia	CuteNews Script Insertion and Cross Site Scripting Vulnerabilities	23/11/06
Secunia	ContentNow "pageid" SQL Injection Vulnerability	23/11/06
Secunia	CreaDirectory Cross-Site Scripting and SQL Injection	23/11/06
Secunia	Photo Cart "admin_folder" and "path" File Inclusion	23/11/06
Ubuntu	Update for mozilla-thunderbird	23/11/06
Gentoo	Update for qmailadmin	23/11/06
Gentoo	Update for texinfo	23/11/06
Ubuntu	Update for firefox	23/11/06
PostNuke	PostNuke "error.php" Local File Inclusion	22/11/06
Secunia	Kerio WinRoute Firewall DNS Response Denial of Service	22/11/06
SourceForge	Fuzzball MUCK MPI Buffer Overflow Vulnerabilities	22/11/06
Secunia	Apple Mac OS X UDIF Memory Corruption Vulnerability	22/11/06
Secunia	mod_auth_kerb "der_get_oid()" Off-By-One Vulnerability	22/11/06
Debian	Update for xine-lib	22/11/06
Ubuntu	Update for OpenLDAP	22/11/06
Sun	Sun Solaris Gimp XCF Parsing Buffer Overflow Vulnerability	22/11/06
Secunia	MxBB Portal CalSnails Module "module_root_path" File Inclusion	21/11/06
IBM	WebSphere Application Server Multiple Vulnerabilities	21/11/06
Secunia	Oliver "conf[motdfile]" File Inclusion Vulnerability	21/11/06
Secunia	PHP Easy Download "file_info/admin/save.php" PHP Code Execution	21/11/06
Secunia	Dovecot Cache File Off-By-One Vulnerability	21/11/06
Acer	LunchApp.APlunch ActiveX Control "Run" Insecure Method	21/11/06
NetGear	MA521 Wireless Driver Long Rates Memory Corruption	21/11/06
Secunia	phpWebThings "editor_insert_bottom" File Inclusion Vulnerability	21/11/06
Secunia	PHPQuickGallery "textFile" File Inclusion Vulnerability	21/11/06
Debian	Update for imagemagick	21/11/06
Gentoo	Update for wordpress	21/11/06
Turbo	Turbo Searcher arj.dll Buffer Overflow Vulnerability	21/11/06
Mandriva	Update for openldap	21/11/06
SUSE	Update for Multiple Packages	21/11/06
CandyPress	"policy" and "brand" SQL Injection	20/11/06
SUSE	Update for asterisk	20/11/06
Avaya	Messaging Storage Server Firefox Multiple Vulnerabilities	20/11/06
NetGear	WG111v2 Wireless Driver Beacon Request Buffer Overflow	20/11/06
Mandriva	Update for chromium	20/11/06
Mandriva	Update for doxygen	20/11/06
SUSE	Update for MozillaFirefox, MozillaThunderbird, and seamonkey	20/11/06
SUSE	Update for pdns	20/11/06
Avaya	Linux Kernel Multiple Vulnerabilities	20/11/06
SUSE	SUSE update for php4 and php5	16/11/06
Secunia	Links "smb" Protocol File Upload/Download Vulnerability	16/11/06
Secunia	ASP Smiley "Username" SQL Injection Vulnerability	16/11/06
WinZip	WinZip FileView ActiveX Control Insecure Methods	16/11/06
Citrix	Citrix Advanced Access Control Two Vulnerabilities	16/11/06
Secunia	Extreme CMS Multiple Vulnerabilities	16/11/06
Sun	Sun Java JRE Swing Library Applet Security Bypass	16/11/06
Citrix	Citrix Access Gateway Appliance Information Disclosure	16/11/06
Trustix	Trustix Update for Multiple Packages	16/11/06
Secunia	Universal FTP Denial of Service Vulnerabilities	16/11/06
ARIA	BPG Easy Publisher / Smart Publisher "vjob" SQL Injection	16/11/06
Sun Solaris	Sun Solaris libXfont Integer Overflow Vulnerability	16/11/06
Secunia	F-PROT Antivirus Unspecified Buffer Overflow	16/11/06
Debian	Debian update for pdns	16/11/06
Secunia	phpPeanuts "Include" File Inclusion Vulnerability	16/11/06
Microsoft	MS06-071: Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution	15/11/06
Microsoft	MS06-070: Microsoft Windows Workstation Service Buffer Overflow Vulnerability	15/11/06
Microsoft	MS06-069: Microsoft Windows Flash Player Multiple Vulnerabilities	15/11/06
Microsoft	MS06-068: Microsoft Windows Agent ActiveX Control Buffer Overflow	15/11/06
Microsoft	MS06-067: Cumulative Security Update for Internet Explorer	15/11/06
Microsoft	MS06-066: Microsoft Windows Client Service for Netware Vulnerabilities	15/11/06
Secunia	Mercury Mail Transport System Unspecified Buffer Overflow	15/11/06
Secunia	ASP Scripter Easy Portal and Live Support SQL Injection	15/11/06
AVG	AVG Anti-Virus Multiple File Parsing Vulnerabilities	15/11/06
Secunia	Mambo shambo2 Component File Inclusion Vulnerability	15/11/06
SUSE	SUSE update for ImageMagick	15/11/06
SUSE	SUSE update for wireshark	15/11/06
Debian	Debian update for mozilla-firefox	15/11/06
Secunia	EncapsCMS "root" File Inclusion Vulnerabilities	15/11/06
Secunia	phpJobScheduler "installed_config_file" File Inclusion Vulnerabilities	15/11/06
VMWare	VMware ESX Server Multiple Vulnerabilities	15/11/06
D-Link	D-Link DWL-G132 Wireless Driver Beacon Rates Buffer Overflow	15/11/06
Gentoo	Gentoo update for openssh	15/11/06
PowerDNS	PowerDNS Recursor Two Vulnerabilities	14/11/06
Secunia	PHPWind "AdminUser" SQL Injection Vulnerability	14/11/06
Secunia	Munch Pro "catid" SQL Injection Vulnerability	14/11/06
Secunia	ContentNow Multiple Vulnerabilities	14/11/06
Broadcom	Broadcom Wireless Driver Probe Response SSID Buffer Overflow	14/11/06
Mandriva	Mandriva update for mozilla-firefox	14/11/06
Mandriva	Mandriva update for mozilla-thunderbird	14/11/06
Red Hat	Red Hat update for thunderbird	13/11/06
Red Hat	Red Hat update for seamonkey	13/11/06
Red Hat	Red Hat update for firefox	13/11/06
Red Hat	update for texinfo	13/11/06
Mandriva	Update for texinfo	13/11/06
Cisco	Products OpenSSL Vulnerabilities	10/11/06
DodosMail	"dodosmail_header_file" and "dodosmail_footer_file" FileInclusion	10/11/06
Red Hat	Update for seamonkey	10/11/06
GreenBeast	CMS File Upload And Logon Bypass	10/11/06
Red Hat	Update for firefox	10/11/06
cwRsync	OpenSSL Vulnerabilities and OpenSSH Weakness	09/11/06
Soholaunch Pro	"_SESSION[docroot_path]" File Inclusion	09/11/06
Debian	Update for php4	09/11/06
Gentoo	Update for nvidia-drivers	09/11/06
Mozilla	Firefox and SeaMonkey Multiple Vulnerabilities	09/11/06
Mandriva	Update for imlib2	09/11/06
iWare	Professional SimpleChat "msg" PHP Code Execution	08/11/06
Secunia	Advanced Guestbook "include_path" Parameter File Inclusion	08/11/06
Secunia	Essentia Web Server GET/POST Buffer Overflow	08/11/06
iPrimal	Forums Multiple Vulnerabilities	08/11/06
OpenEMR	"srcdir" Parameter File Inclusion Vulnerabilities	08/11/06
Red Hat	Update for PHP	08/11/06
ICQ	ICQPhone.SipxPhoneManager ActiveX Control Vulnerability	07/11/06
Cyberfolio	"av" File Inclusion Vulnerabilities	07/11/06
Ubuntu	Update for nvidia-glx	07/11/06
SazCart	"cart.php" File Inclusion Vulnerability	07/11/06
phpDynaSite	"racine" File Inclusion Vulnerabilities	07/11/06
imlib2	Multiple Image File Processing Vulnerabilities	07/11/06
Ubuntu	Update for imlib2	07/11/06
Sun	Solaris NVIDIA Graphics Driver Buffer Overflow Vulnerability	06/11/06
Microsoft	XMLHTTP ActiveX Control Code Execution Vulnerability	06/11/06
Apple	Apple Airport Probe Response Kernel Memory Corruption Vulnerability	03/11/06
Ubuntu	PHP "htmlentities()" and "htmlspecialchars()" Buffer Overflows	03/11/06
Secunia	SAP Web Application Server Multiple Vulnerabilities	03/11/06
Secunia	Easy Address Book Web Server Alternate Data Stream Vulnerability	03/11/06
Cisco	Cisco Security Agent LDAP Authentication Bypass	03/11/06
Red Hat	Red Hat update for qt	03/11/06
rPath	rPath update for tshark and wireshark	03/11/06
Wordpress	WordPress Unspecified Vulnerabilities	03/11/06
Ubuntu	Ubuntu update for imagemagick	03/11/06
HP	HP-UX VirtualVault / Webproxy Apache Multiple Vulnerabilities	03/11/06
Microsoft	Vulnerability in Visual Studio 2005 Could Allow Remote Code Execution	02/11/06
Sun	ONE/Java System Web Server NSS Denial of Service	02/11/06
Secunia	P-Book "pb_lang" File Inclusion Vulnerabilities	02/11/06
PHP-Nuke	"forwhat" SQL Injection Vulnerability	02/11/06
Hosting	Controller Multiple Vulnerabilities	02/11/06
Debian	Update for ethereal	02/11/06
Secunia	phpProfiles "reqpath" and "usrinc" File Inclusions	01/11/06
HP	Tru64 UNIX gzip Multiple Vulnerabilities	01/11/06
Gentoo	Update for asterisk	01/11/06
Mandriva	Update for ImageMagick	01/11/06
Gentoo	Update for php	01/11/06
Secunia	PunBB "language" Parameter Local File Inclusion	01/11/06
Debian	Update for qt-x11-free	01/11/06
Gentoo	Update for cheesetracker	01/11/06