Current e-BulletinThe CCIP e-Bulletin provides a snapshot of security related news.
Read More
Latest Information Note VoIP. This report outlines characteristics and history of VoIP.
Read More
New Zealand Goverment

March 2008

The following table includes the Vulnerability Alerts for the month.

Note: These links reference external sites. CCIP can not accept responsibility for outdated links or such links contents.
Reference Description Date
Wireshark
Multiple Denial of Service Vulnerabilities
31/03/08
HP
TCP/IP Services for OpenVMS SSH Server Vulnerability
31/03/08
Red Hat
update for seamonkey
31/03/08
SUSE
Update for epiphany
31/03/08
rPath
Update for firefox
31/03/08
Mandriva
Update for sarg
31/03/08
Debian
Update for exiftags
31/03/08
Debian
Update for xulrunner
31/03/08
Debian
Update for iceape
31/03/08
TFTP
Server SP Long Filename Buffer Overflow Vulnerability
31/03/08
Red Hat
update for firefox
31/03/08
Ubuntu
Update for firefox
31/03/08
Quick
Tftp Server Pro Long Mode Buffer Overflow Vulnerability
28/03/08
Ubuntu
Update for sdl-image
28/03/08
Fedora
Update for firefox
28/03/08
Cisco
IOS Multiple Vulnerabilities
28/03/08
Cisco
IOS Denial of Service Vulnerability
28/03/08
Mandriva
Update for perl-Tk
28/03/08
IBM
SolidDB Multiple Vulnerabilities
28/03/08
Ubuntu
Update for dovecot
28/03/08
Debian
Firebird2 Multiple Vulnerabilities
28/03/08
HP
Tru64 UNIX SSH SFTP Server Vulnerability
28/03/08
Mozilla
Firefox Multiple Vulnerabilities
28/03/08
Mozilla
Thunderbird Multiple Vulnerabilities
28/03/08
SILC
Server "NEW_CLIENT" Packet Denial of Service
28/03/08
Debian
Update for cupsys
28/03/08
Secunia
Aeries Browser Interface Cross-Site Scripting and SQL Injection
28/03/08
Mozilla
SeaMonkey Multiple Vulnerabilities
28/03/08
File
Transfer Request File Directory Traversal Vulnerability
28/03/08
PowerBook
"page" Local File Inclusion Vulnerability
28/03/08
Orb
Networks Orb Variant Array Parsing Integer Overflow
27/03/08
Gentoo
Update for wireshark
27/03/08
Gentoo
Update for krb5
27/03/08
Ubuntu
Update for libicu
27/03/08
Debian
Update for serendipity
27/03/08
Novell
EDirectory LDAP Extended Request Message Processing BufferOverflow
27/03/08
Joomla
Rekry!Joom Component "op_id" SQL Injection
27/03/08
VLC
Media Player "MP4_ReadBox_rdrf()" Buffer Overflow Vulnerability
27/03/08
Apache
AuthCAS Session ID SQL Injection Vulnerability
27/03/08
phpBB
EXtreme Styles Module "phpEx" Local File Inclusion
27/03/08
Joomla
Custompages Component "cpage" File Inclusion
26/03/08
Fedora
Update for krb5
26/03/08
bzip2
Unspecified Vulnerability
26/03/08
ASUS
Remote Console DPC Proxy Service Buffer Overflow
26/03/08
rPath
Update for unzip
26/03/08
Fedora
Update for xine-lib
26/03/08
Fedora
Update for asterisk
26/03/08
rPath
Update for bzip2
25/03/08
snircd
"send_user_mode" Denial of Service Vulnerability
25/03/08
Safari
Address Bar Spoofing and Memory Corruption Vulnerabilities
25/03/08
Undernet
Ircu "send_user_mode" Denial of Service Vulnerability
25/03/08
Sun
Solaris rpc.ypupdated Arbitrary Command Execution
25/03/08
SecureSphere
MX Management Server Alert Script Insertion
25/03/08
Apple
Aperture/iPhoto DNG Image Parsing Buffer Overflow
25/03/08
PEEL
Multiple Vulnerabilities
25/03/08
Ubuntu
Update for mysql-dfsg-5.0
25/03/08
Ubuntu
Update for unzip
25/03/08
Speedport
W500 b_banner.stm Password Disclosure
25/03/08
CenterIM
URL Parsing Command Execution Vulnerability
25/03/08
Secunia
Piczo Image Uploader ActiveX Control Buffer Overflows
25/03/08
xine-lib
Multiple Integer Overflow Vulnerabilities
25/03/08
Sun
Solaris libexif Integer Overflow Vulnerability
25/03/08
Joomla
Joovideo Component "id" SQL Injection Vulnerability
25/03/08
Adobe
Flash FLA File Parsing Vulnerabilities
25/03/08
Mandriva
Update for krb5
25/03/08
rPath
Update for krb5
25/03/08
Joomla
Alberghi Component "id" SQL Injection Vulnerability
25/03/08
Joomla
Restaurante Component "id" SQL Injection Vulnerability
25/03/08
Gentoo
Update for moinmoin
25/03/08
CUPS
CGI Buffer Overflow Vulnerability
25/03/08
Joomla
Acajoom PRO Component "mailingid" SQL Injection
25/03/08
xine-lib
"sdpplin_parse()" Array Indexing Vulnerability
25/03/08
Mac
OS X Security Update Fixes Multiple Vulnerabilities
25/03/08
Kerberos
Multiple Vulnerabilities
25/03/08
Asterisk
Multiple Vulnerabilities
25/03/08
WinRAR
Multiple Unspecified Vulnerabilities
25/03/08
Red Hat
update for unzip
25/03/08
Mandriva
Update for unzip
25/03/08
SUSE
Update for krb5
25/03/08
Apple
Safari Multiple Vulnerabilities
25/03/08
Debian
Update for krb5
25/03/08
Ubuntu
Update for krb5
25/03/08
Red Hat
update for krb5
25/03/08
SUSE
Update for cups
20/03/08
Gentoo
Update for libpcre and glib
20/03/08
UnZip
"inflate_dynamic()" Uninitialized Pointers Vulnerability
20/03/08
Debian
Update for unzip
20/03/08
Debian
Update for ikiwiki
20/03/08
PHPauction
GPL "include_path" File Inclusion Vulnerabilities
20/03/08
Gentoo
Update for dovecot
20/03/08
Home
FTP Server Passive Mode Denial of Service
20/03/08
Serendipity
Security Bypass and Script Insertion Vulnerabilities
20/03/08
Debian
Update for dovecot
19/03/08
Avaya
CMS Solaris Firewall Security Bypass and Denial of Service
19/03/08
SUSE
Update for Multiple Packages
19/03/08
Debian
Update for horde3
19/03/08
F-Secure
Archives Handling Unspecified Vulnerabilities
18/03/08
CA
BrightStor ARCserve Backup "ListCtrl" ActiveX Control BufferOverflow
18/03/08
Gentoo
Update for live
17/03/08
CiscoWorks
Internetwork Performance Monitor Arbitrary CommandExecution
17/03/08
SUSE
Update for evolution
17/03/08
MDaemon
IMAP Server "FETCH" Command Buffer Overflow
17/03/08
DB2
Monitoring Console File Upload and Unauthorized Database Access
17/03/08
Cisco
User-Changeable Password Multiple Vulnerabilities
17/03/08
Fedora
Update for ruby
17/03/08
rPath
Update for dovecot
17/03/08
Gentoo
Update for sarg
17/03/08
Secunia
StoreFront "CategoryId" SQL Injection Vulnerability
17/03/08
Fedora
Update for horde
17/03/08
Fedora
Update for dovecot
17/03/08
XOOPS
Tutorials Module "tid" SQL Injection
17/03/08
UnixWare
Update for openssh
17/03/08
Roundup
Multiple Vulnerabilities
17/03/08
Fully
Modded phpBB "k" SQL Injection Vulnerability
17/03/08
Fedora
Update for roundup
14/03/08
Secunia
EXV2 bamaGalerie "cid" SQL Injection Vulnerability
14/03/08
McAfee
EPolicy Orchestrator Framework Service Format StringVulnerability
14/03/08
Red Hat
update for java-1.4.2-bea
14/03/08
HP-UX
HP CIFS Server Multiple Vulnerabilities
14/03/08
Gentoo
Update for icu
14/03/08
Adobe
Form Designer/Form Client Buffer Overflow Vulnerabilities
14/03/08
IBM
WebSphere Application Server Multiple Vulnerabilities
14/03/08
Bloo
Multiple SQL Injection Vulnerabilities
13/03/08
Gentoo
Update for cacti
13/03/08
RealPlayer
ActiveX Control "Console" Property Memory Corruption
13/03/08
PHP-Nuke
Hadith Module "cat" SQL Injection
13/03/08
MaxDB
Multiple Vulnerabilities
13/03/08
Motorola
Timbuktu Pro Denial of Service and File UploadVulnerabilities
13/03/08
Gentoo
Update for mplayer
13/03/08
Microsoft
Office Web Components Two Vulnerabilities
13/03/08
Kingsoft
Antivirus Online Update Module ActiveX Control BufferOverflow
13/03/08
Joomla!
EWriting Component "cat" SQL Injection
13/03/08
Microsoft
Outlook "mailto:" URI Handling Vulnerability
13/03/08
Microsoft
Office Two Code Execution Vulnerabilities
13/03/08
IBM
Informix Dynamic Server Multiple Vulnerabilities
12/03/08
Gentoo
Update for vlc
12/03/08
Sun
Solaris ICU Regular Expressions Vulnerabilities
12/03/08
MailEnable
IMAP Service Multiple Vulnerabilities
12/03/08
MailEnable
SMTP Service EXPN/VRFY Denial of Service
12/03/08
Debian
Update for moin
12/03/08
Gentoo
Update for ghostscript
12/03/08
Dovecot
Authentication Bypass Vulnerability
12/03/08
Beehive
Secure File Transfer Appliance "sfoutbox" Hardcoded FTP Account
12/03/08
BM
Classifieds Two SQL Injection Vulnerabilities
12/03/08
Horde
"theme" Local File Inclusion Vulnerability
11/03/08
Red Hat
Update for java-1.5.0-sun
10/03/08
Fedora
Update for vdccm
10/03/08
SynCE
Vdccm Denial of Service and Command Injection
10/03/08
Zimbra
Collaboration Suite Script Insertion Vulnerability
10/03/08
PHP-Nuke
Kütüb-i Sitte Module "kid" SQL Injection
10/03/08
Fedora
Update for lighttpd
10/03/08
SUSE
Update for kernel-rt
10/03/08
Fedora
Update for libtirpc
10/03/08
Fedora
Update for evolution
10/03/08
Fedora
Update for pcre
10/03/08
Fedora
Update for nx
10/03/08
Fedora
Update for kronolith
10/03/08
SUSE
Update for Multiple Packages
10/03/08
Gentoo
Update for lighttpd
10/03/08
Debian
Update for evolution
10/03/08
Ubuntu
Update for evolution
10/03/08
Programmer's
Notepad ctags Processing Buffer Overflow
10/03/08
SUSE
Update for cups
10/03/08
Ruby
WEBrick Information Disclosure Vulnerabilities
10/03/08
Gentoo
Update for evolution
10/03/08
Mandriva
Update for tcl
10/03/08
Linux
Kiss Server "log_message()" Format String Vulnerability
07/03/08
Gentoo
Update for win32codecs
07/03/08
PacketTrap
Pt360 TFTP Server Two Vulnerabilities
07/03/08
Gentoo
Update for opera
07/03/08
Red Hat
update for java-1.5.0-bea
07/03/08
Red
Hat update for evolution
06/03/08
Sun
Java JDK / JRE Unspecified Vulnerabilities
06/03/08
Fedora
Update for ghostscript
06/03/08
Debian
Update for libicu
06/03/08
Borland
VisiBroker Smart Agent Packet Handling Vulnerabilities
06/03/08
Gentoo
Update for sword
06/03/08
Mandriva
Update for wireshark
06/03/08
Slackware
Update for mozilla-thunderbird
05/03/08
Gentoo
Update for firebird
05/03/08
Ubuntu
Update for thunderbird
05/03/08
rPath
Update for thunderbird
05/03/08
rPath
Update for wireshark
05/03/08
Slackware
Update for ghostscript
05/03/08
Gentoo
Update for acroread
05/03/08
Secunia
NetOffice Dwins Authentication Bypass
04/03/08
rPath
Update for espgs
03/03/08
SUSE
Update for ghostscript
03/03/08
Mandriva
Update for ghostscript
03/03/08
Symantec
Backup Exec Calendar Control Multiple Vulnerabilities
03/03/08
Fedora
Update for thunderbird
03/03/08
SUSE
Update for opera
03/03/08
NetBSD
FAST_IPSEC "ipsec4_get_ulp()" Security Bypass
03/03/08
Fedora
Update for turba
03/03/08
rPath
Update for lighttpd
03/03/08
rPath
Update for pcre
03/03/08
Fedora
Update for imp
03/03/08
Fedora
Update for horde
03/03/08
Trend
Micro OfficeScan CGI Module and Policy Server Buffer Overflows
03/03/08
Ghostscript
"zseticcspace()" Buffer Overflow Vulnerability
03/03/08
Wireshark
Multiple Denial of Service Vulnerabilities
03/03/08
Debian
Update for ghostscript
03/03/08
Red Hat
update for ghostscript
03/03/08
ICQ
Message Processing Format String Vulnerability
03/03/08
IBM
AIX libc "inet_network()" Off-By-One Vulnerability
03/03/08

About this Site & Accessibility | Legal, Privacy & Copyright Information | Sitemap | newzealand.govt.nz
Accessibility Page: 0 | Homepage: 1 | Sitemap: 2 | About CCIP: 4 | Vulnerabilities: 5 | Incidents: 6 | Newsroom: 7 | gcsb.govt.nz: 8 | Contact CCIP: 9 | Skip Link: [ | newzealand.govt.nz: /