Apple

QuickTime for Windows 6.5.2

A buffer overflow vulnerability has been reported that could let remote
malicious users cause a Denial of Service. This is due to problems
handling a malformed GIF image with the maximum depth start value in
PictureViewer.

No workaround or patch available at time of publishing.

A Proof of Concept exploit has been published.

aspclick.it

ACNews 1.0

An input validation vulnerability has been reported that could let a
remote malicious user execute SQL commands to gain administrative access.
This is due to improper input validation in the 'admin/login.asp' script.

No workaround or patch available at time of publishing.

A Proof of Concept exploit has been published.

Centra

Centra 7

A vulnerability has been reported that could let a remote malicious
user conduct script insertion attacks. This is because of input validation
errors in username, first name, and last name fields.

No workaround or patch available at time of publishing.

Currently we are not aware of any exploits for this
vulnerability.

Comersus Open Technologies

Comersus 4.x

An input validation vulnerability has been reported in the 'curPage'
parameter that could let a remote malicious user conduct Cross-Site
Scripting attacks. The 'comersus_searchItem.asp' script does not properly
validate user-supplied input in the 'curPage' variable.

Version 6 is reportedly not affected.

A Proof of Concept exploit has been published.

DameWare Development

DameWare 4.9 and prior - NT Utilities and MiniRemote Control

A vulnerability has been reported that could let a local malicious user
obtain passwords. A local user with access to NT Utilities 'DNTUS26'
process memory can obtain the username and password. A local user with
access to the DameWare MiniRemote Control 'DWRCS' process memory can
obtain the applicable username and configuration settings. The 'DWRCC'
process is also affected, but can be used to also obtain passwords.

No workaround or patch available at time of publishing.

A Proof of Concept exploit has been published.

exploitlabs

WebcamXP 2.16.468 and prior

Multiple vulnerabilities have been reported in which a remote malicious
user could redirect chat users to arbitrary locations and cause a Denial
of Service. These vulnerabilities are due to input validation errors in
the username field.

A fixed version (2.16.478) is available at: href="http://webcamxp.com">http://webcamxp.com

A Proof of Concept exploit has been published.

McAfee

Internet Security Suite 2005

A file permission vulnerability has been reported that could let a
local malicious user can gain elevated privileges or disable the security
functions. A local user could modify application files, modify or replace
some of the code components with arbitrary code, or move or delete the
executable files to cause the security services to fail to startup at
reboot.

Updates are available through Automatic Update feature.

A Proof of Concept exploit has been published.

McAfee Internet Security Suite Elevated Privilege
Vulnerability

href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1107">CAN-2005-1107

iDEFENSE Security Advisory 04.18.05

Microsoft

Exchange 2000 Server SP3, 2003, 2003 SP1

A vulnerability has been reported due to an unchecked buffer in the
SMTP service that could let a remote malicious user execute arbitrary
code.

V1.1: Bulletin updated to reflect a revised "Security Update
Information" section for the Word 2003 security update.

Updates available: href="http://www.microsoft.com/technet/security/Bulletin/MS05-021.mspx">
http://www.microsoft.com/technet/
security/Bulletin/MS05-021.mspx

Currently we are not aware of any exploits for this
vulnerability.

Microsoft Security
Bulletin. MS05-021,
April 12, 2005

href="http://www.us-cert.gov/cas/techalerts/TA05-102A.html">Technical
Cyber Security Alert TA05-102A

US CERT
VU#275193

Microsoft Security
Bulletin. MS05-021 V1.1, April 14, 2005

Microsoft

Internet Explorer 5.01, 5.5, 6

Multiple vulnerabilities have been reported that include DHTML Object
Memory Corruption, URL Parsing Memory Corruption, and Content Advisor
Memory Corruption Vulnerability. These vulnerabilities could let remote
malicious users execute arbitrary code.

Updates available: href="http://www.microsoft.com/technet/security/Bulletin/MS05-020.mspx">
http://www.microsoft.com/technet/
security/Bulletin/MS05-020.mspx

An exploit script has been published.

Microsoft Security Bulletin MS05-020, April 12, 2005

href="http://www.us-cert.gov/cas/techalerts/TA05-102A.html">Technical
Cyber Security Alert TA05-102A

US-CERT
VU#774338

US-CERT
VU#756122

href="http://www.kb.cert.org/vuls/id/222050">US-CERT VU#222050 href="http://www.kb.cert.org/vuls/id/756122">

Security Focus, 13120, April 12, 2005

Microsoft

Microsoft Windows 2000

Avaya DefinityOne Media Servers, IP600 Media Servers, S3400 Message
Application Server, S8100 Media Servers

Microsoft Windows Explorer is prone to a script injection
vulnerability. This occurs when the Windows Explorer preview pane is
enabled on Windows 2000 computers. If a file with malicious attributes is
selected using Explorer, script code contained in the attribute fields may
be executed with the privilege level of the user that invoked Explorer.
This could be exploited to gain unauthorized access to the vulnerable
computer.

No vendor workaround or patch available at time of publishing.

A Proof of Concept exploit has been published.

Microsoft

Windows 2000 SP 3 and SP4

Windows XP SP 1 and SP2

Windows XP 64-Bit Edition SP1 and 2003 (Itanium)

Windows Server 2003

Windows Server 2003 for Itanium-based Systems

Windows 98, Windows 98 SE, and Windows ME

Multiple vulnerabilities have been reported that include IP Validation,
ICMP Connection Reset, ICMP Path MTU, TCP Connection Reset, and Spoofed
Connection Request. These vulnerabilities could let remote malicious users
execute arbitrary code or execute a Denial of Service.

Updates available:
href="http://www.microsoft.com/technet/security/bulletin/MS05-019.mspx">http://www.microsoft.com/technet/
security/bulletin/MS05-019.mspx

A Proof of Concept exploit has been published.

Microsoft Security Bulletin MS05-019, April 12, 2005

href="http://www.us-cert.gov/cas/techalerts/TA05-102A.html">Technical
Cyber Security Alert TA05-102A

US-CERT
VU#233754

US-CERT
VU#396645

Microsoft

Windows 2000 SP 3 and SP4

Windows XP SP1

Windows XP 64-Bit Edition SP1

Windows 98 and 98 SE

A buffer overflow vulnerability has been reported that could let a
remote malicious user execute arbitrary code.

V1.1: Bulletin updated to reflect an updated
"Registry Key
Verification" section for the Windows XP Service Pack 1 security update.

Updates available: href="http://www.microsoft.com/technet/security/Bulletin/MS05-017.mspx">
http://www.microsoft.com/technet/
security/Bulletin/MS05-017.mspx

Currently we are not aware of any exploits for this
vulnerability.

Microsoft Security Bulletin MS05-017, April 12, 2005

Microsoft Security Bulletin MS05-017 V1.1, April 14, 2005

Microsoft

Windows 2000 SP3 and SP4

Windows XP SP1 and SP2

Windows XP 64-Bit Edition SP 1 and 2003 (Itanium)

Windows Server 2003

Windows Server 2003 for Itanium-based Systems

Windows 98, 98 SE, ME

A vulnerability has been reported that could let a remote malicious
user execute arbitrary code. This is because of an error in the process to
validate which application should load a file. A remote user can convince
the Windows Shell to start the HTML Application Host application when that
application would not typically be used to process files.

Updates available: href="http://www.microsoft.com/technet/security/Bulletin/MS05-016.mspx ">
http://www.microsoft.com/technet/
href="http://www.microsoft.com/technet/security/Bulletin/MS05-016.mspx ">security/Bulletin/MS05-016.mspx

Exploit scripts have been published.

Microsoft Windows Shell Remote Code Execution
Vulnerability

href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0063">CAN-2005-0063

Microsoft Security Bulletin MS05-016, April 12, 2005

US-CERT
VU#673051

Security Focus, 13132, April 13, 2005

Microsoft

Windows 2000 SP3 and SP4

Windows XP SP1 and SP2

Windows XP 64-Bit Edition SP1 and 2003 (Itanium)

Windows Server 2003

Windows Server 2003 for Itanium-based Systems

Windows 98, 98 SE, and ME

Multiple vulnerabilities have been reported that include errors in the
font, Kernel, Object Management Vulnerability and CSRSS. These are due to
input validation and buffer overflow errors. A malicious user could deny
service or obtain escalated privileges.

Updates available: href="http://www.microsoft.com/technet/security/Bulletin/MS05-018.mspx">h
ttp://www.microsoft.com/technet/
security/Bulletin/MS05-018.mspx

Currently we are not aware of any exploits for these
vulnerabilities.

Microsoft Security Bulletin MS05-018, April 12, 2005

href="http://www.kb.cert.org/vuls/id/259197">US-CERT
VU#259197

US-CERT
VU#775933

US-CERT
VU#943749

US-CERT
VU#650181

Microsoft

Windows NT Server 4.0 SP6a, Windows NT Server 4.0 Terminal
Server
Edition SP6a, Windows 2000 Server SP3 & SP4, Windows 2003,
Windows 2003 for Itanium-based Systems

Avaya DefinityOne Media Servers; Avaya IP600 Media Servers; Avaya S3400
Message Application Server; Avaya S8100 Media Servers

A buffer overflow vulnerability exists in the License Logging service
due to a boundary error, which could let a remote malicious user cause a
Denial of Service and possibly execute arbitrary code.

Patches available at: href="http://www.microsoft.com/technet/security/bulletin/MS05-007.mspx">
http://www.microsoft.com/technet/
security/bulletin/MS05-010.mspx

A Proof of Concept exploit has been published.

V 1.2: Bulletin updated to reflect a revised
"Mitigating
Factors" section for Windows 2000 Server Service Pack 4.

Microsoft Security Bulletin, MS05-010, February 8, 2005

US-CERT
Technical Cyber Security Alert TA05-039A

US-CERT
Cyber Security Alert SA05-039A

US-CERT
VU#130433

Security Focus, Bugtraq ID 12481, April 12, 2005

Microsoft Security Bulletin, MS05-010 V1.2, February 8,
2005

Microsoft

Word 2000, 2002

Works Suite 2001, 2002, 2003, and 2004

Office Word 2003

A buffer overflow vulnerability has been reported that could lead to
remote execution of arbitrary code or escalation of privilege.

V1.1 Bulletin updated to point to the correct Exchange 2000
Server Post-Service Pack 3 (SP3) Update Rollup and to advise on the scope
and caveats of workaround "Unregister xlsasink.dll and fallback to Active
Directory for distribution of route information."

Updates
available: href="http://www.microsoft.com/technet/security/Bulletin/MS05-023.mspx">
http://www.microsoft.com/technet/
security/Bulletin/MS05-023.mspx

Currently we are not aware of any exploits for this
vulnerability.

Microsoft Word Remote Code Execution and Escalation of
Privilege Vulnerabilities

href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0963">CAN-2004-0963
href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0558">CAN-2005-0558

Microsoft Security Bulletin MS05-023, April 12, 2005

US-CERT
VU#442567

US-CERT VU#752591

Microsoft Security Bulletin MS05-023 V1.1, April 14,
2005

Musicmatch

Jukebox 10.00.2047 and prior

Multiple vulnerabilities have been reported that could let a local
malicious user gain elevated privileges and let a remote user conduct
Cross-Site Scripting attacks. This is because 'MMFWLaunch.exe' does not
properly quote path data before calling the CreateProcess() function.
Also, the software does not properly filter HTML code from user-supplied
input before displaying the input.

The vendor has released a fixed version at: href="http://www.musicmatch.com/download/free/security.htm">http://www.musicmatch.com
/download/free/security.htm

Currently we are not aware of any exploits for these
vulnerabilities.

NetManage

RUMBA 7.3, 7.4

Multiple buffer overflow vulnerabilities have been reported when RTO
and WPA profiles are loaded, which could let a remote malicious user cause
a Denial of Service and possibly execute arbitrary code.

No workaround or patch available at time of publishing.

Proofs of Concept exploits have been published.

Security Focus,
12965, April 1, 2005

Bugtraq, 395705, April 13, 2005

OneWorldStore

OneWorldStore

Multiple vulnerabilities have been reported that could let a remote
user conduct cross-site scripting, script insertion and SQL injection
attacks. This is due to input validation errors in the "sEmail" parameter
in "owContactUs.asp," "bSub" parameter in "owListProduct.asp,"
"idProduct," and "idCategory" used in a SQL query and the "Name", "Email"
and "Comment" parameters in the review form.

No workaround or patch available at time of publishing.

A Proof of Concept exploit has been published.

Dcrab 's Security Advisory, April 14, 2005

A buffer overflow vulnerability has been reported that could let a
remote malicious user cause a Denial of Service or execute arbitrary
code.

No workaround or patch available at time of publishing.

A Proof of Concept exploit script has been published.

RSA Security

RSA Authentication Agent for Web for IIS 5.2

A vulnerability has been reported that could let remote malicious users
conduct Cross-Site Scripting attacks. This is due to input validation
errors in the "postdata" parameter in "/WebID/IISWebAgentIF.dll."

Update to version 5.3: href="http://www.rsasecurity.com/node.asp?id=2807&node_id=">
http://www.rsasecurity.com/
node.asp?id=2807&node_id=

A Proof of Concept exploit has been published.

Secunia SA14954, April 15, 2005

Sun Microsystems

Sun Java System Web Server (Sun ONE/iPlanet) 6.0 SP7

A vulnerability has been reported that could let remote users cause a
Denial of Service.

Update to Sun Java System Web Server 6.0 Service Pack 8 or later: href="http://wwws.sun.com/software/download/products/40968fe6.html">
http://wwws.sun.com/software/
download/products/40968fe6.html

Currently we are not aware of any exploits for this
vulnerability.

X-Ways Software Technology

WinHex 12.05 SR-14

A vulnerability has been reported that could let a malicious user cause
a Denial of Service with a special filename. The DS, ECX, and ESI register
can be overwritten with arbitrary data.

No workaround or patch available at time of publishing.

Currently we are not aware of any exploits for this
vulnerability.

Yager Development

Yager 5.24 and prior

Multiple vulnerabilities have been reported that could let a remote
malicious user cause a Denial of Service or execute arbitrary code. These
vulnerabilities are due to errors in the handling of the nickname field
and in the communication handling.

No workaround or patch available at time of publishing.

A Proof of Concept exploit has been published.

Luigi Auriemma, April 14, 2005

Apple

Mac OS X 10.0-10.0.4, 10.1-10.1.5, 10.2-10.2.8, 10.3-10.3.8, Mac OS X
Server 10.0, 10.1-10.1.5, 10.2-10.2.8, 10.3-10.3.8

Multiple vulnerabilities have been reported: a Denial of Service
vulnerability has been reported in the kernel syscall emulation
functionality when handling input parameter lists; a vulnerability has
been reported due to an error that allows installation or creation of
SUID/SGID scripts, which could let a malicious user obtain elevated
privileges; a buffer overflow vulnerability has been reported in the
'semop()' system call, which could let a malicious user obtain elevated
privileges; a vulnerability has been reported in the 'searchfs()' system
call due to an integer overflow, which could let a malicious user obtain
elevated privileges; a vulnerability has been reported in the
'setsockopt()' function, which could let a malicious user exhaust
available memory resources; a Denial of Service vulnerability has been
reported in the 'nfs_mount()' function due to insufficient validation of
input values; and a vulnerability has been reported due to an error when
parsing certain executable files, which could let a malicious user
temporary suspend operations.

Upgrades available at:
href="http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty1.pl/product=05640&platform=osx&method=sa/MacOSXUpdateCombo10.3.9.dmg"
target=_blank>http://wsidecar.apple.com/
cgi-bin/nph-reg3rdpty1.pl/

Currently, we are not aware of any exploits for these
vulnerabilities.

Avaya Labs

Libsafe 2.0-16

No workaround or patch available at time of publishing.

A Proof of Concept exploit script has been published.

FreeBSD

FreeBSD 4.x, 5.x releases prior to 5.4-RELEASE

Patches available at:
href="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-05:04/ifconf4.patch"
target=_blank>ftp://ftp.FreeBSD.org/pub/FreeBSD/
CERT/patches/SA-05:04/ifconf4.patch

There is no exploit code required.

GNU

cpio 1.0-1.3, 2.4.2, 2.5, 2.5.90, 2.6

No workaround or patch available at time of publishing.

There is no exploit code required.

GNU

sharutils 4.2, 4.2.1

A vulnerability has been reported in the 'unshar' utility due to the
insecure creation of temporary files, which could let a malicious user
create/overwrite arbitrary files.

Ubuntu:
href="http://security.ubuntu.com/ubuntu/pool/main/s/sharutils/">http://security.ubuntu.com/
ubuntu/pool/main/s/sharutils/

Gentoo: href="http://security.gentoo.org/glsa/glsa-200504-06.xml">
http://security.gentoo.org/
glsa/glsa-200504-06.xml

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php">
http://www.mandrakesecure.net/
en/ftp.php

Fedora:
href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/">http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/

There is no exploit code required.

Ubuntu Security
Notice, USN-104-1, April 4, 2005

Gentoo Linux Security Advisory, GLSA 200504-06, April 6, 2005

Mandrakelinux Security Update Advisory, MDKSA-2005:067, April 7, 2005

Fedora Update Notification,
FEDORA-2005-319, April 14, 2005

GNU

wget 1.9.1

A vulnerability exists which could permit a remote malicious user to
create or overwrite files on the target user's system. wget does not
properly validate user-supplied input. A remote user can bypass the
filtering mechanism if DNS can be modified so that '..' resolves to an IP
address. A specially crafted HTTP response can include control characters
to overwrite portions of the terminal window.

SUSE:
href="ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/xorg-x11-libs-6.8.1-15.3.i586.rpm"
target=_blank>ftp://ftp.SUSE.com/pub/SUSE

A Proof of Concept exploit script has been published.

Security Tracker Alert ID: 1012472, December 10, 2004

SUSE Security Summary Report, SUSE-SR:2005:004, February 11, 2005

SUSE Security Summary Report, SUSE-SR:2005:006, February 25, 2005

SUSE Security Summary Report, SUSE-SR:2005:011, April 15, 2005

Hiroyuki Yamamoto

Sylpheed 0.8.11, 0.9.4-0.9.12, 0.9.99, 1.0 .0-1.0.2

A buffer overflow vulnerability exists in certain headers that contain
non-ASCII characters, which could let a remote malicious user execute
arbitrary code.

Upgrades available at:
href="http://sylpheed.good-day.net/sylpheed/v1.0/sylpheed-1.0.3.tar.gz"
target=_blank>http://sylpheed.good-day.net/
sylpheed/v1.0/sylpheed-
1.0.3.tar.gz

Fedora:
href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/">http://download.fedora.redhat.
com/pub/fedora/linux/core/
updates/3/

RedHat: href="http://rhn.redhat.com/errata/RHSA-2005-303.html">
http://rhn.redhat.com/errata/
RHSA-2005-303.html

Gentoo: href="http://security.gentoo.org/glsa/glsa-200503-26.xml">
http://security.gentoo.org/
glsa/glsa-200503-26.xml

ALTLinux:
href="http://lists.altlinux.ru/pipermail/security-announce/2005-March/000287.html">http://lists.altlinux.ru/pipermail/
security-announce/2005-March/
000287.html

SUSE:
href="ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/xorg-x11-libs-6.8.1-15.3.i586.rpm"
target=_blank>ftp://ftp.SUSE.com/pub/SUSE

TurboLinux:
href="ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/">ftp://ftp.turbolinux.co.jp/pub/
TurboLinux/TurboLinux/ia32/

Currently we are not aware of any exploits for this vulnerability.

Security Tracker Alert, 1013376, March 4, 2005

Fedora Update Notification,
FEDORA-2005-211, March 15, 2005

RedHat Security Advisory, RHSA-2005:303-05, March 18, 2005

Gentoo Linux Security Advisory, GLSA 200503-26, March 20, 2005

SUSE Security Summary Report, SUSE-SR:2005:011, April 15,
2005

Turbolinux Security Advisory, TLSA-2005-44, April 19, 2005

IBM

AIX 5.3

A vulnerability has been reported due to a serialization error, which
could let a malicious user obtain sensitive information.

Fix information available at: href="http://www-1.ibm.com/support/docview.wss?uid=isg1IY70032">
http://www-1.ibm.com/support/
docview.wss?uid=isg1IY70032

Currently, we are not aware of any exploits for this
vulnerability.

Igor Khasilev

Oops Proxy Server 1.4.22, 1.5.53

No workaround or patch available at time of publishing.

Currently, we are not aware of any exploits for this
vulnerability.

IlohaMail

IlohaMail 0.7 .0-0.7.9, 0.8.6-0.8.14

Cross-Site Scripting vulnerabilities have been reported when processing
emails due to an input validation error, which could let a remote
malicious user execute arbitrary HTML and script code.

No workaround or patch available at time of publishing.

There is no exploit code required.

ImageMagick

ImageMagick 5.3.3, 5.3.8, 5.4.3, 5.4.4 .5, 5.4.7, 5.4.8 .2-1.1.0 ,
5.4.8, 5.5.3 .2-1.2.0, 5.5.4, 5.5.6 .0-20030409, 5.5.6, 5.5.7, 6.0,
6.0.1

Upgrades available at:
href="http://www.imagemagick.org/script/download.php?"
target=_blank>http://www.imagemagick.org/
script/download.php?

SuSE:
href="ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/ImageMagick-5.5.4-125.i586.rpm"
target=_blank>ftp://ftp.suse.com/pub/suse

RedHat: href="http://rhn.redhat.com/errata/RHSA-2005-070.html">
http://rhn.redhat.com/errata/
RHSA-2005-070.html

Debian:
href="http://security.debian.org/pool/updates/main/i/imagemagick/">http://security.debian.org/pool/
updates/main/i/imagemagick/

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php">
http://www.mandrakesecure.net/
en/ftp.php

TurboLinux:
href="%20ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/">ftp://ftp.turbolinux.co.jp/pub/
TurboLinux/TurboLinux/ia32/

Currently we are not aware of any exploits for these
vulnerabilities.

Security Tracker
Alert, 1013550,
March 24, 2005

Debian Security Advisory,
DSA 702-1,
April 1, 2005

Mandrakelinux Security Update Advisory,
MDKSA-2005:065, April 3,
2005

Turbolinux Security Advisory, TLSA-2005-47, April 19, 2005

ImageMagick

ImageMagick 6.x

A buffer overflow vulnerability exists in 'coders/psd.c' when a
specially crafted Photoshop document file is submitted, which could let a
remote malicious user execute arbitrary code.

Update available at: link="#999999">
href="http://www.imagemagick.org/www/download.html ">http://www.imagemagick.org/
www/download.html

Ubuntu:
href="http://security.ubuntu.com/ubuntu/pool/main/i/imagemagick/imagemagick_6.0.2.5-1ubuntu1.3_amd64.deb"
target=_blank>http://security.ubuntu.com/ubuntu/
pool/main/i/imagemagick/

Debian: href="http://security.debian.org/pool/updates/main/i/imagemagick/">
http://security.debian.org/pool/
updates/main/i/imagemagick/

Gentoo: href="http://security.gentoo.org/glsa/glsa-200501-26.xml">
http://security.gentoo.org/
glsa/glsa-200501-26.xml

Gentoo: href="http://security.gentoo.org/glsa/glsa-200501-37.xml">
http://security.gentoo.org/
glsa/glsa-200501-37.xm href="http://security.gentoo.org/glsa/glsa-200501-37.xml">l

Fedora:
href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/">http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/

SGI:
href="ftp://oss.sgi.com/projects/sgi_propack/download/3/updates/">ftp://oss.sgi.com/projects/
sgi_propack/download/3/updates/

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php">
http://www.mandrakesecure.net/
en/ftp.php

TurboLinux:
href="%20ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/">ftp://ftp.turbolinux.co.jp/pub/
TurboLinux/TurboLinux/ia32/

Currently we are not aware of any exploits for this
vulnerability.

iDEFENSE Security Advisory, January 17, 2005

Ubuntu Security Notice, USN-62-1, January 18, 2005

Debian Security Advisory, DSA 646-1, January 19, 2005

Gentoo Linux Security Advisory, GLSA 200501-26, January 20, 2005

Gentoo Linux Security Advisory, GLSA 200501-37, January 26, 2005

Mandrakelinux Security Update Advisory, MDKSA-2005:065, April 3, 2005

Turbolinux Security Advisory, TLSA-2005-47, April 19, 2005

ISC

DHCPD 2.0.pl5

A format string vulnerability has been reported because user-supplied
data is logged in an unsafe fashion, which could let a remote malicious
user execute arbitrary code.

Upgrades available at:
href="http://security.debian.org/pool/updates/main/d/dhcp/ ">http://security.debian.org/pool/
updates/main/d/dhcp/

RedHat:
href="http://rhn.redhat.com/errata/RHSA-2005-212.html">http://rhn.redhat.com/
errata/RHSA-2005-212.html

We are not aware of any exploits for this vulnerability.

Debian Security Advisory, DSA 584-1, November 4, 2004

US-CERT
VU#448384

RedHat Security Advisory, RHSA-2005:212-06, April 12, 2005

Jamie Cameron

Usermin prior to 1.130

A vulnerability has been reported in certain configuration files due to
a design error because insecure permissions are assigned, which could let
a remote malicious user obtain control of configuration files.

Updates available at: href=" http://www.webmin.com/">
href=" http://www.webmin.com/"> class=bodytext> href="http://prdownloads.sourceforge.net/webadmin/usermin-1.130.tar.gz"
target=_blank>http://prdownloads.sourceforge.net
/webadmin/usermin-1.130.tar.gz

There is no exploit code required.

Jamie Cameron

Webmin prior to 1.200

A vulnerability has been reported in certain configuration files due to
a design error because insecure permissions are assigned, which could let
a remote malicious user obtain control of configuration files.

Updates available at: href=" http://www.webmin.com/">
href=" http://www.webmin.com/"> class=bodytext> href="http://prdownloads.sourceforge.net/webadmin/usermin-1.130.tar.gz"
target=_blank>http://prdownloads.sourceforge.net
/webadmin/usermin-1.130.tar.gz

There is no exploit code required.

Junkbuster

Internet Junkbuster 2.0.1, 2.0.2

Two vulnerabilities have been reported: a vulnerability has been
reported in the 'ij_untrusted_url()' function, which could let a remote
malicious user modify the configuration; and a vulnerability has been
reported due to errors when filtering URLs, which could let a malicious
user cause a Denial of Service or execute arbitrary code.

Gentoo: href="http://security.gentoo.org/glsa/glsa-200504-11.xml">
http://security.gentoo.org/
glsa/glsa-200504-11.xml

Currently we are not aware of any exploits for these
vulnerabilities.

KDE

KDE 1.1-1.1.2, 1.2, 2.1-2.1.2, 2.2-2.2.2, 3.0- 3.0.5, 3.1-3.1.5,
3.2-3.2.3, 3.3-3.3.2

A Denial of Service vulnerability has been reported in the Desktop
Communication Protocol (DCOP) daemon due to an error in the authentication
process

Upgrade available at:
href="http://www.kde.org/download/"
target=_blank>http://www.kde.org/download/

Gentoo: href="http://security.gentoo.org/glsa/glsa-200503-22.xml">
http://security.gentoo.org/
glsa/glsa-200503-22.xml

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php">
http://www.mandrakesecure.net/
en/ftp.php

Fedora:
href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/">http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/

RedHat: href="http://rhn.redhat.com/errata/RHSA-2005-325.html">
http://rhn.redhat.com/errata/
RHSA-2005-325.html

ALTLinux:
href="http://lists.altlinux.ru/pipermail/security-announce/2005-March/000287.html">http://lists.altlinux.ru/
pipermail/security-announce/
2005-March/000287.html

RedHat: href="http://rhn.redhat.com/errata/RHSA-2005-307.html">
http://rhn.redhat.com/
errata/RHSA-2005-307.html

SUSE:
href="ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/xorg-x11-libs-6.8.1-15.3.i586.rpm"
target=_blank>ftp://ftp.SUSE.com/pub/SUSE

SGI:
href="ftp://patches.sgi.com/support/free/security/advisories/">ftp://patches.sgi.com/support/
free/security/advisories/

Currently we are not aware of any exploits for this vulnerability.

KDE Security Advisory, March 16, 2005

Fedora Update Notifications,
FEDORA-2005-244 & 245, March 23,
2005

RedHat Security Advisory, RHSA-2005:325-07, March 23, 2005

ALTLinux Security Advisory, March 29, 2005

RedHat Security Advisory, RHSA-2005:307-08, April 6,2005

SUSE Security Announcement, SUSE-SA:2005:022, April 11, 2005

SGI Security Advisory, 20050403-01-U, April 15, 2005

LGPL

NASM 0.98.38

A vulnerability was reported in NASM. A remote malicious user can cause
arbitrary code to be executed by the target user. A remote user can create
a specially crafted asm file that, when processed by the target user with
NASM, will execute arbitrary code on the target user's system. The code
will run with the privileges of the target user. The buffer overflow
resides in the error() function in 'preproc.c.'

Gentoo: href="http://www.gentoo.org/security/en/glsa/glsa-200412-20.xml">
http://www.gentoo.org/security/en/
glsa/glsa-200412-20.xml

Debian: href="http://www.debian.org/security/2005/dsa-623">
http://www.debian.org/security/
2005/dsa-623

Mandrake: href="http://www.mandrakesoft.com/security/advisories ">
http://www.mandrakesoft.com/
security/advisories

TurboLinux: href="ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/">
ftp://ftp.turbolinux.co.jp/pub/
TurboLinux/TurboLinux/ia32/

Fedora:
href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/">http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/3/

A Proof of Concept exploit script has been published.

Secunia Advisory ID, SA13523, December 17, 2004

Debian Security Advisory
DSA-623-1 nasm, January 4, 2005

Mandrakelinux Security Update Advisory, MDKSA-2005:004,
January 6, 2005

Turbolinux Security Announcement, TLSA- 24022005, February 24, 2005

Fedora Update Notification,
FEDORA-2005-322, April 18, 2005

libexif

libexif 0.6.9, 0.6.11

Ubuntu:
href="http://security.ubuntu.com/ubuntu/pool/main/libe/libexif/">http://security.ubuntu.com/ubuntu/
pool/main/libe/libexif/

Fedora: href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/">
http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/

Gentoo: href="http://security.gentoo.org/glsa/glsa-200503-17.xml">
http://security.gentoo.org/
glsa/glsa-200503-17.xml

RedHat: href="http://rhn.redhat.com/errata/RHSA-2005-300.html">
http://rhn.redhat.com/errata/
RHSA-2005-300.html

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php">
http://www.mandrakesecure.net/
en/ftp.php

Debian:
href="http://security.debian.org/pool/updates/main/libe/libexif/">http://security.debian.org/pool/
updates/main/libe/libexif/

SUSE:
href="ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/xorg-x11-libs-6.8.1-15.3.i586.rpm"
target=_blank>ftp://ftp.SUSE.com/pub/SUSE

Currently we are not aware of any exploits for this vulnerability.

Ubuntu Security
Notice USN-91-1, March 7, 2005

Fedora Update Notifications,
FEDORA-2005-
199 & 200,

March 8, 2005

Gentoo Linux
Security Advisory,
GLSA 200503-17, March 12, 2005

RedHat Security Advisory,
RHSA-2005:300-08, March 21, 2005

Mandrakelinux Security Update Advisory,
MDKSA-2005:064, March 31,
2005

Debian Security Advisory, DSA 709-1, April 15, 2005

SUSE Security Summary Report, SUSE-SR:2005:011, April 15,
2005

libtiff.org

LibTIFF 3.6.1

Avaya MN100 (All versions), Avaya Intuity LX (version 1.1-5.x), Avaya
Modular Messaging MSS (All versions)

Debian:
href="http://security.debian.org/pool/updates/main/t/tiff/">http://security.debian.org/pool/
updates/main/t/tiff/

Gentoo:
href=" http://security.gentoo.org/glsa/glsa-200410-11.xml">http://security.gentoo.org/glsa/
glsa-200410-11.xml

Fedora: href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/">
http://download.fedora.redhat.com/
pub/fedora/
linux/core/updates/2/

OpenPKG:
href="ftp://ftp.openpkg.org/release/">ftp://ftp.openpkg.org/release/

Trustix: href="ftp://ftp.trustix.org/pub/trustix/updates/">
ftp://ftp.trustix.org/pub/trustix/
updates/

Mandrake:
href="http://www.mandrakesecure.net/en/ftp.php">http://www.mandrakesecure.net/
en/ftp.php

SuSE: href="ftp://ftp.suse.com/pub/suse/">
ftp://ftp.suse.com/pub/suse/

RedHat: href="http://rhn.redhat.com/errata/RHSA-2004-577.html">
http://rhn.redhat.com/errata/
RHSA-2004-577.html

Slackware: href="ftp://ftp.slackware.com/pub/slackware/">
ftp://ftp.slackware.com/pub/
slackware/

Conectiva:
href="ftp://atualizacoes.conectiva.com.br/">ftp://atualizacoes.conectiva.com.br/

KDE: Update to version 3.3.2: href="http://kde.org/download/">
http://kde.org/download/

Apple Mac OS X: href="http://www.apple.com/swupdates/">
http://www.apple.com/swupdates/

Gentoo: KDE kfax: href="http://www.gentoo.org/security/en/glsa/glsa-200412-17.xml">
http://www.gentoo.org/security
/en/glsa/glsa-200412-17.xml

Avaya: No solution but workarounds available at: href="http://support.avaya.com/elmodocs2/security/ASA-2005-002_RHSA-2004-577.pdf">
http://support.avaya.com/
elmodocs2/security/ASA-
2005-002_RHSA-2004-577.pdf

TurboLinux: href="http://www.turbolinux.com/update/">
http://www.turbolinux.com/update/

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php">
http://www.mandrakesecure.net/
en/ftp.php

RedHat:
href="http://rhn.redhat.com/errata/RHSA-2005-354.html">http://rhn.redhat.com/errata/
RHSA-2005-354.html

SGI:
href="ftp://patches.sgi.com/support/free/security/advisories/">ftp://patches.sgi.com/support/
free/security/advisories/

SCO:
href="ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.19">ftp://ftp.sco.com/pub/updates/
UnixWare/SCOSA-2005.19

RedHat:
href="http://rhn.redhat.com/errata/RHSA-2005-021.html">http://rhn.redhat.com/
errata/RHSA-2005-021.html

Proofs of Concept exploits have been published.

Gentoo Linux
Security Advisory,
GLSA 200410-11, October 13,
2004

Fedora Update Notification,
FEDORA-2004-334, October 14, 2004

OpenPKG Security Advisory,
OpenPKG-SA-2004.043,
October 14,
2004

Debian Security Advisory,
DSA 567-1,
October 15, 2004

Trustix Secure Linux Security Advisory, TSLSA-2004-0054, October 15,
2004

Mandrakelinux
Security Update Advisory, MDKSA-2004:109 &

MDKSA-2004:111, October 20 & 21,
2004

SuSE Security Announcement,
SUSE-SA:2004:038, October 22, 2004

RedHat Security Advisory,
RHSA-2004:577-16,
October 22,
2004

Slackware Security Advisory,
SSA:2004-305-02, November 1, 2004

Conectiva Linux Security
Announcement,
CLA-2004:888, November
8, 2004

US-CERT
Vulnerability Notes VU#687568 & VU#948752,
December
1, 2004

Gentoo Linux Security Advisory, GLSA 200412-02,
December 6, 2004

KDE Security
Advisory,
December 9, 2004

Apple Security
Update
SA-2004-12-02

Gentoo Security Advisory, GLSA 200412-17 / kfax, December 19, 2004

Avaya Advisory
ASA-2005-002,
January 5, 2005

Conectiva Linux Security
Announcement,
CLA-2005:914,
January
6, 2005

Turbolinux Security Announcement,
January 20, 2005

Mandrakelinux
Security Update Advisory,
MDKSA-2005:052, March
4, 2005

RedHat Security Advisory,
RHSA-2005:354-03,
April 1, 2005

RedHat Security Advisory, RHSA-2005:021-09, April 12, 2005

Midnight Commander

Midnight Commander 4.5.40-4.5.5.52, 4.5.54, 4.5.55

Debian:
href=" http://security.debian.org/pool/updates/main/m/mc/">http://security.debian.org/pool/
updates/main/m/mc/

TurboLinux:
href="ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/">ftp://ftp.turbolinux.co.jp/pub/
TurboLinux/TurboLinux/ia32/

Currently we are not aware of any exploits for this vulnerability.

Debian Security Advisory, DSA 698-1 , March 29, 2005

Turbolinux Security Advisory, TLSA-2005-46, April 19, 2005

moleSoftware GmbH

VHCS 2.4 & possibly earlier versions

An input validation vulnerability has been reported due to insufficient
validation of user-supplied data in HTTP POST requests, which could let a
remote malicious user execute arbitrary SQL commands.

Upgrades available at:
href="http://isg.ee.ethz.ch/tools/postgrey/pub/postgrey-1.21.tar.gz"
target=_blank>http://isg.ee.ethz.ch/tools/
postgrey/pub/postgrey-1.21.tar.gz

Currently, we are not aware of any exploits for this
vulnerability.

Monkey

Monkey HTTP Daemon 0.1.4, 0.4-0.4.2, 0.5, 0.5.1, 0.6-0.6.3, 0.7.0-
0.7.2, 0.8-0.8.2, 0.9 .0

Upgrades available at:
href="http://monkeyd.sourceforge.net/get_monkey.php?ver=17"
target=_blank>http://monkeyd.sourceforge.net
/get_monkey.php?ver=17

Currently, we are not aware of any exploits for these
vulnerabilities.

Secunia Advisory, SA14953, April 15, 2005

Multiple Vendors

Apple Safari 1.2-1.2.3, RSS 2.0 pre-release;
Omni Group OmniWeb
5.1

Upgrades available at:
href="http://www.apple.com/safari/download/"
target=_blank>http://www.apple.com/
safari/download/

A Proof of Concept exploit has been published.

Multiple Vendors

Larry Wall Perl 5.0 05_003, 5.0 05, 5.0 04_05, 5.0 04_04, 5.0 04, 5.0
03, 5.6, 5.6.1, 5.8, 5.8.1, 5.8.3, 5.8.4 -5, 5.8.4 -4, 5.8.4 -3, 5.8.4
-2.3, 5.8.4 -2, 5.8.4 -1, 5.8.4, 5.8.5, 5.8.6

Ubuntu:
href="http://security.ubuntu.com/ubuntu/pool/universe/p/perl/libcgi-fast-perl_5.8.4-2ubuntu0.4_all.deb"
target=_blank>http://security.ubuntu.com/
ubuntu/pool/universe/p/perl/

Gentoo: href="http://security.gentoo.org/glsa/glsa-200501-38.xml">
http://security.gentoo.org/glsa/
glsa-200501-38.xml

Debian: href="http://security.debian.org/pool/updates/main/p/perl/">
http://security.debian.org/pool
/updates/main/p/perl/

TurboLinux:
href="ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/">ftp://ftp.turbolinux.co.jp/pub/
TurboLinux/TurboLinux/ia32/

Currently we are not aware of any exploits for this
vulnerability.

Ubuntu Security Notice, USN-94-1 March 09, 2005

Gentoo Linux Security Advisory [UPDATE], GLSA 200501-38:03, March 15,
2005

Debian Security Advisory, DSA 696-1 , March 22, 2005

Turbolinux Security Advisory, TLSA-2005-45, April 19, 2005

Multiple Vendors

MySQL AB MySQL 3.20 .x, 3.20.32 a, 3.21.x, 3.22 .x, 3.22.26-3.22.30,
3.22.32, 3.23 .x, 3.23.2-3.23.5, 3.23.8-3.23.10, 3.23.22-3.23.34,
3.23.36-3.23.54, 3.23.56, 3.23.58, 3.23.59, 4.0.0-4.0.15, 4.0.18,
4.0.20;
Trustix Secure Enterprise Linux 2.0, Secure Linux 1.5, 2.0,
2.1

Upgrades available at:
href="http://dev.mysql.com/downloads/mysql/4.0.html ">http://dev.mysql.com/downloads
/mysql/4.0.html

OpenPKG: href="file:///C|/Documents%20and%20Settings/dtrammel/ftp.openpkg.org">
ftp.openpkg.org

RedHat: href="http://rhn.redhat.com/errata/RHSA-2004-611.html">
http://rhn.redhat.com/errata/
RHSA-2004-611.html

SuSE:
href="ftp://ftp.suse.com/pub/suse">ftp://ftp.suse.com/pub/suse

Trustix: href="ftp://ftp.trustix.org/pub/trustix/updates/">
ftp://ftp.trustix.org/pub/
trustix/updates/

Ubuntu: href="http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/m">
http://security.ubuntu.com/
ubuntu/pool/main/m/mysql-dfsg/m

Fedora: href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/">
http://download.fedora.
redhat.com/pub/
fedora/linux/core/updates/2/

TurboLinux:
href="ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/">ftp://ftp.turbolinux.co.jp/pub/
TurboLinux/TurboLinux/ia32/

FedoraLegacy:
href="http://download.fedoralegacy.org/fedora/">http://download.fedoralegacy.
org/fedora/

Ubuntu: href=" http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/">
http://security.ubuntu.com/
ubuntu/pool/main/m/mysql-dfsg/

Debian:
href="http://security.debian.org/pool/updates/main/m/mysql/">http://security.debian.org/
pool/updates/main/m/mysql/

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php">
http://www.mandrakesecure.net/
en/ftp.php

There is no exploit code required.

Trustix Secure Linux Security Advisory, TSLSA-2004-0054, October 15,
2004

Fedora Update Notification,
FEDORA-2004-530, December 8, 2004

Turbolinux Security Announcement, February 17, 2005

Fedora Legacy Update Advisory, FLSA:2129, March 24, 2005

Ubuntu Security Notice, USN-109-1 April 06, 2005

Debian Security Advisory, DSA 707-1, April 13, 2005

Mandriva Linux Security Update Advisory, MDKSA-2005:070, April
13, 2005

Multiple Vendors

Concurrent Versions System (CVS) 1.x;Gentoo Linux; SuSE Linux 8.2, 9.0,
9.1, x86_64, 9.2, x86_64, 9.3, Linux Enterprise Server 9, 8,
Open-Enterprise-Server 9.0, School-Server 1.0, SUSE CORE 9 for x86,
UnitedLinux 1.0

Multiple vulnerabilities have been reported: a buffer overflow
vulnerability was reported due to an unspecified boundary error, which
could let a remote malicious user potentially execute arbitrary code; a
remote Denial of Service vulnerability was reported due to memory leaks
and NULL pointer dereferences; an unspecified error was reported due to an
arbitrary free (the impact was not specified), and several errors were
reported in the contributed Perl scripts, which could let a remote
malicious user execute arbitrary code.

Update available at:
href="https://ccvs.cvshome.org/servlets/ProjectDocumentList">https://ccvs.cvshome.org/
servlets/ProjectDocumentList

Gentoo:
href="http://security.gentoo.org/glsa/glsa-200504-16.xml">http://security.gentoo.org/
glsa/glsa-200504-16.xml

SuSE:
href="ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/cvs-1.11.5-116.i586.rpm"
target=_blank>ftp://ftp.suse.com/pub/suse/i

Currently we are not aware of any exploits for these
vulnerabilities.

Gentoo Linux Security Advisory, GLSA 200504-16, April 18, 2005

SuSE Security Announcement, SUSE-SA:2005:024, April 18, 2005

Secunia Advisory, SA14976, April 19, 2005

Multiple Vendors

Daniel Stenberg curl 6.0-6.4, 6.5-6.5.2, 7.1, 7.1.1, 7.2, 7.2.1, 7.3,
7.4, 7.4.1, 7.10.1, 7.10.3-7.10.7, 7.12.1

A buffer overflow vulnerability exists in the Kerberos authentication
code in the 'Curl_krb_kauth()' and 'krb4_auth()' functions and in the NT
Lan Manager (NTLM) authentication in the 'Curl_input_ntlm()' function,
which could let a remote malicious user execute arbitrary code.

SUSE:
href="ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/xorg-x11-libs-6.8.1-15.3.i586.rpm"
target=_blank>ftp://ftp.SUSE.com/pub/SUSE

Ubuntu:
href="http://security.ubuntu.com/ubuntu/pool/main/c/curl/">http://security.ubuntu.com/ubuntu/
pool/main/c/curl/

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php">
http://www.mandrakesecure.net/
en/ftp.php

Updates available at:
href="http://curl.haxx.se/download/curl-7.13.1.tar.gz"
target=_blank>http://curl.haxx.se/download/
curl-7.13.1.tar.gz

Gentoo: href="http://security.gentoo.org/glsa/glsa-200503-20.xml">
http://security.gentoo.org/
glsa/glsa-200503-20.xml

Conectiva: href="ftp://atualizacoes.conectiva.com.br/10/">
ftp://atualizacoes.conectiva.
com.br/10/

ALT Linux: href="http://lists.altlinux.ru/pipermail/security-announce/2005-March/000287.html">
http://lists.altlinux.ru/pipermail/
security-announce/2005-March
/000287.html

RedHat:
href="http://rhn.redhat.com/errata/RHSA-2005-340.html">http://rhn.redhat.com/
errata/RHSA-2005-340.html

SGI:
href="ftp://patches.sgi.com/support/free/security/advisories/">ftp://patches.sgi.com/support/
free/security/advisories/

Currently we are not aware of any exploits for these
vulnerabilities.

iDEFENSE
Security Advisory ,
February 21, 2005

Mandrakelinux
Security Update Advisory, MDKSA-2005:048, March 4,
2005

Gentoo Linux
Security Advisory, GLSA 200503-20,
March 16, 2005

Conectiva Linux Security
Announcement,
CLA-2005:940,
March
21, 2005

ALTLinux Security Advisory, March 29, 2005

RedHat Security Advisory,
RHSA-2005:340-09,
April 5, 2005

SGI Security Advisory, 20050403-01-U, April 15, 2005

Multiple Vendors

Gentoo Linux;
rsnapshot filesystem snapshot utility 1.0.10,
1.1-1.1.6, 1.2

Upgrades available at:
href="http://www.rsnapshot.org/downloads/rsnapshot-1.1.7.tar.gz"
target=_blank>http://www.rsnapshot.org/
downloads/rsnapshot-1.1.7.tar.gz

Gentoo: href="http://security.gentoo.org/glsa/glsa-200504-12.xml">
http://security.gentoo.org/
glsa/glsa-200504-12.xml

There is no exploit code required.

Multiple Vendors

GNOME GdkPixbuf 0.22
GTK GTK+ 2.4.14
RedHat Fedora
Core3
RedHat Fedora Core2

A remote Denial of Service vulnerability has been reported due to a
double free error in the BMP loader.

Fedora:
href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/">http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/2/

RedHat: href="http://rhn.redhat.com/errata/RHSA-2005-344.html">
http://rhn.redhat.com/
errata/RHSA-2005-344.html

href="http://rhn.redhat.com/errata/RHSA-2005-343.html">http://rhn.redhat.com/
errata/RHSA-2005-343.html

Ubuntu:
href="http://security.ubuntu.com/ubuntu/pool/main/g/gdk-pixbuf/">http://security.ubuntu.com/
ubuntu/pool/main/g/gdk-pixbuf/

SGI:
href="ftp://oss.sgi.com/projects/sgi_propack/download/3/updates/">ftp://oss.sgi.com/projects/
sgi_propack/download/3/updates/

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php">
http://www.mandrakesecure.net/
en/ftp.php

SGI:
href="ftp://patches.sgi.com/support/free/security/advisories/">ftp://patches.sgi.com/support/
free/security/advisories/

Currently we are not aware of any exploits for this
vulnerability.

Fedora Update Notifications,
FEDORA-2005-
265, 266, 267 &
268,
March 30, 2005

RedHat Security Advisories,
RHSA-2005:344-03 &
RHSA-2005:343-03, April 1 & 4, 2005

Ubuntu Security Notice, USN-108-1 April 05, 2005

SGI Security Advisory, 20050401-01-U, April 6, 2005

Mandrakelinux Security Update Advisory, MDKSA-2005:068 & 069, April
8, 2005

SGI Security Advisory, 20050403-01-U, April 15, 2005

Multiple Vendors

RedHat Fedora Core3 & Core 2;
Sylpheed Sylpheed 0.8, 0.8.11,
0.9.4-0.9.12, 0.9.99, 1.0 .0-1.0.3, 1.9-1.9.4

Fedora:
href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/x86_64/sylpheed-1.0.4-0.fc3.x86_64.rpm"
target=_blank>http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/

Sylpheed:
href="http://sylpheed.good-day.net/sylpheed/v1.0/sylpheed-1.0.4.tar.gz"
target=_blank>http://sylpheed.good-day.net/
sylpheed/v1.0/sylpheed-1.0.4.tar.gz

Gentoo:
href="http://security.gentoo.org/glsa/glsa-200504-02.xml">http://security.gentoo.org/
glsa/glsa-200504-02.xml

TurboLinux:
href=" ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/">ftp://ftp.turbolinux.co.jp/pub/
TurboLinux/TurboLinux/ia32/

Currently we are not aware of any exploits for this
vulnerability.

Fedora Update Notifications,
FEDORA-2005-
263 & 264,

March 29, 2005

Gentoo Linux Security Advisory, GLSA 200504-02,
April 2, 2005

Turbolinux Security Advisory, TLSA-2005-44, April 19, 2005

Multiple Vendors

RedHat Fedora Core3, Core2;
Rob Flynn Gaim 1.2

Upgrade available at:
href="http://gaim.sourceforge.net/downloads.php"
target=_blank>http://gaim.sourceforge.net/
downloads.php

Fedora:
href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/">http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/

Gentoo:
href="http://security.gentoo.org/glsa/glsa-200504-05.xml">http://security.gentoo.org/
glsa/glsa-200504-05.xml

RedHat:
href="http://rhn.redhat.com/errata/RHSA-2005-365.html">http://rhn.redhat.com/
errata/RHSA-2005-365.html

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php">
http://www.mandrakesecure.net/
en/ftp.php

There is no exploit code required.

Fedora Update Notifications,
FEDORA-2005-
298 & 299,

April 5, 2005

Gentoo Linux Security Advisory, GLSA 200504-05, April 06, 2005

RedHat Security Advisory, RHSA-2005:365-06, April 12, 2005

Mandriva Linux Security Update Advisory, MDKSA-2005:071, April
14, 2005

Multiple Vendors

RedHat Fedora Core3, Core2;
Rob Flynn Gaim 1.2; Ubuntu Linux 4.1
ppc, ia64, ia32

Update available at:
href="http://gaim.sourceforge.net/downloads.php"
target=_blank>http://gaim.sourceforge.net
/downloads.php

Fedora:
href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/">http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/

Ubuntu:
href="http://security.ubuntu.com/ubuntu/pool/main/g/gaim/">http://security.ubuntu.com/
ubuntu/pool/main/g/gaim/

Gentoo:
href="http://security.gentoo.org/glsa/glsa-200504-05.xml">http://security.gentoo.org/
glsa/glsa-200504-05.xml

RedHat:
href="http://rhn.redhat.com/errata/RHSA-2005-365.html">http://rhn.redhat.com/
errata/RHSA-2005-365.html

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php">
http://www.mandrakesecure.net/
en/ftp.php

Currently we are not aware of any exploits for these
vulnerabilities.

Fedora Update Notifications,
FEDORA-2005
-298 & 299,

April 5, 2005

Ubuntu Security
Notice,
USN-106-1
April 05, 2005

Gentoo Linux Security Advisory, GLSA 200504-05, April 06, 2005

RedHat Security Advisory, RHSA-2005:365-06, April 12, 2005

Mandriva Linux Security Update Advisory, MDKSA-2005:071, April
14, 2005

Multiple Vendors

Todd Miller Sudo 1.5.6-1.5.9, 1.6-1.6.8

No workaround or patch available at time of publishing.

There is no exploit code required.

Multiple Vendors

xli 1.14-1.17; xloadimage 3.0, 4.0, 4.1

Gentoo: href="http://security.gentoo.org/glsa/glsa-200503-05.xml">
http://security.gentoo.org/
glsa/glsa-200503-05.xml

Debian: href="http://security.debian.org/pool/updates/main/x/xli/">
http://security.debian.org/
pool/updates/main/x/xli/

Fedora:
href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/">http://download.fedora.
redhat.com/pub/fedora/
linux/core/updates/

TurboLinux:
href="%20ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/">ftp://ftp.turbolinux.co.jp/pub/
TurboLinux/TurboLinux/ia32/

Currently we are not aware of any exploits for this
vulnerability.

Gentoo Linux Security Advisory, GLSA 200503-05, March 2, 2005

Fedora Update Notifications,
FEDORA-2005-236 & 237, March 18,
2005

Debian Security Advisory, DSA 695-1, March 21, 2005

Turbolinux Security Advisory, TLSA-2005-43, April 19, 2005

Paul Vixie

Vixie Cron 4.1

Fedora:
href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/">http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/

There is no exploit code required; however, a Proof of Concept exploit
script has been published.

Security Focus, 13024, April 6, 2005

Fedora Update Notification,
FEDORA-2005-320, April 15, 2005

PHP Group

PHP 4.3-4.3.10

Upgrades available at:
href="http://ca.php.net/get/php-4.3.11.tar.gz/from/a/mirror"
target=_blank>http://ca.php.net/get/php
4.3.11.tar.gz/from/a/mirror

Ubuntu:
href="http://security.ubuntu.com/ubuntu/pool/main/p/php4/">http://security.ubuntu.com/
ubuntu/pool/main/p/php4/

Gentoo:
href="http://security.gentoo.org/glsa/glsa-200504-15.xml">http://security.gentoo.org/
glsa/glsa-200504-15.xml

Fedora:
href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/">http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php">
http://www.mandrakesecure.net/
en/ftp.php

Currently, we are not aware of any exploits for this
vulnerability.

Security Focus, 13164, April 14, 2005

Ubuntu Security Notice, USN-112-1, April 14, 2005

Gentoo Linux Security Advisory, GLSA 200504-15, April 18, 2005

Fedora Update Notification,
FEDORA-2005-315, April 18, 2005

Mandriva Linux Security Update Advisory, MDKSA-2005:072, April 19, 2005

PHP Group

PHP 4.3-4.3.10

Upgrades available at:
href="http://ca.php.net/get/php-4.3.11.tar.gz/from/a/mirror"
target=_blank>http://ca.php.net/get/php
4.3.11.tar.gz/from/a/mirror

Ubuntu:
href="http://security.ubuntu.com/ubuntu/pool/main/p/php4/">http://security.ubuntu.com/
ubuntu/pool/main/p/php4/

Gentoo:
href="http://security.gentoo.org/glsa/glsa-200504-15.xml">http://security.gentoo.org/
glsa/glsa-200504-15.xml

Fedora:
href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/">http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php">
http://www.mandrakesecure.net/
en/ftp.php

Currently, we are not aware of any exploits for this
vulnerability.

Security Focus, 13163, April 14, 2005

Ubuntu Security Notice, USN-112-1, April 14, 2005

Gentoo Linux Security Advisory, GLSA 200504-15, April 18, 2005

Fedora Update Notification,
FEDORA-2005-315, April 18, 2005

Mandriva Linux Security Update Advisory, MDKSA-2005:072, April 19, 2005

phpMyAdmin

phpMyAdmin 2.0-2.0.5, 2.1- 2.1.2, 2.2, pre 1&pre2, rc1-rc3,
2.2.2-2.2.6, 2.3.1, 2.3.2, 2.4.0, 2.5.0-2.5.2, 2.5.4-2.5.7,
2.6.0pl1-2.6.0pl3, 2.6.1, pl1&pl3, 2.6.1 -rc1

A Cross-Site Scripting vulnerability has been reported in 'index.php'
due to insufficient sanitization of the 'convcharset' parameter, which
could let a remote malicious user execute arbitrary HTML and script code.

Upgrades available at:
href="http://prdownloads.sourceforge.net/phpmyadmin/phpMyAdmin-2.6.2-rc1.tar.gz?download"
target=_blank>http://prdownloads.sourceforge.net
/phpmyadmin/phpMyAdmin-2.6.2-rc1.
tar.gz?download

Gentoo: href="http://security.gentoo.org/glsa/glsa-200504-08.xml">
http://security.gentoo.org/
glsa/glsa-200504-08.xml

SUSE:
href="ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/xorg-x11-libs-6.8.1-15.3.i586.rpm"
target=_blank>ftp://ftp.SUSE.com/pub/SUSE

There is no exploit code required; however, a Proof of Concept exploit
has been published.

phpMyAdmin
Security
Announcement, PMASA-2005-3,
April 3,
2005

Gentoo Linux Security Advisory, GLSA 200504-08, April 11, 2005

SUSE Security Summary Report, SUSE-SR:2005:011, April 15, 2005

Postgrey

Postgrey 1.16-1.18, 0.84-9.87

A format string vulnerability has been reported in the 'server.pm'
module in the 'log' subroutine, which could let a remote malicious user
cause a Denial of Service or execute arbitrary code.

Upgrades available at:
href="http://isg.ee.ethz.ch/tools/postgrey/pub/postgrey-1.21.tar.gz"
target=_blank>http://isg.ee.ethz.ch/tools/
postgrey/pub/postgrey-1.21.tar.gz

Currently, we are not aware of any exploits for this
vulnerability.

Salim Gasmi

GLD 1.0-1.4

Several vulnerabilities have been reported: multiple buffer overflow
vulnerabilities were reported in 'server.c' in the 'HandleChild' function,
which could let a remote malicious user execute arbitrary code; and
several format string vulnerabilities were reported in the 'cnf.c' file in
the 'ErrorLog' function, which could let a remote malicious user execute
arbitrary code with root privileges.

Upgrades available at:
href="http://www.gasmi.net/down/gld-1.5.tgz"
target=_blank>http://www.gasmi.net/
down/gld-1.5.tgz

Gentoo: href=" http://security.gentoo.org/glsa/glsa-200504-10.xml">
http://security.gentoo.org/
glsa/glsa-200504-10.xml

A Proof of Concept exploit script has been published for the format
string vulnerability.

INetCop Security Advisory, #2005-0x82-026, April 11, 2005

Gentoo Linux Security Advisory, GLSA 200504-10, April 13, 2005

Sumus

Sumus Game Server 0.2.2

A buffer overflow vulnerability has been reported in the
'RespondeHTTPPendiente()' function, which could let a remote malicious
user execute arbitrary code.

No workaround or patch available at time of publishing.

An exploit script has been published.

Sun Microsystems, Inc.

Solaris 7.0, 7.0 _x86, 8.0, 8.0 _x86, 9.0, 9.0 _x86

A vulnerability has been reported in the 'libgss' library because an
unprivileged user can loan their own Generic Security Service Application
Program Interface (GSS-API) which could lead to elevated privileges.

Patches available at:
href="http://sunsolve.sun.com/search/document.do?assetkey=1-26-57734-1">http://sunsolve.sun.com/search/
document.do?assetkey=
1-26-57734-1

Currently, we are not aware of any exploits for this
vulnerability.

Sun Microsystems, Inc.

Solaris 8.0, _x86, 9.0, _x86

A vulnerability has been reported due to an unspecified error, which
could let a malicious user hijack non-privileged ports.

Patches available at:
href="http://sunsolve.sun.com/search/document.do?assetkey=1-26-57766-1">http://sunsolve.sun.com/search/
document.do?assetkey=
1-26-57766-1

Currently we are not aware of any exploits for this
vulnerability.

Wilmer van der Gaast

Axel prior to 1.0b

A buffer overflow vulnerability has been reported in 'conn.c' when
processing HTTP redirection messages, which could let a remote malicious
user execute arbitrary code.

Update available at:
href=" http://wilmer.gaast.net/downloads/axel-1.0b.tar.gz">http://wilmer.gaast.net/
downloads/axel-1.0b.tar.gz

Debian:
href="http://security.debian.org/pool/updates/main/a/axel/">http://security.debian.org/pool/
updates/main/a/axel/

Gentoo:
href="http://www.gentoo.org/security/en/glsa/glsa-200504-09.xml">http://www.gentoo.org/security/
en/glsa/glsa-200504-09.xml

Currently, we are not aware of any exploits for this
vulnerability.

All4WWW

All4WWW-Homepagecreator 1.0 a

No workaround or patch available at time of publishing.

There is no exploit code required; however, a Proof of Concept exploit
has been published.

Ariadne

CMS 2.4

No workaround or patch available at time of publishing.

There is no exploit code required.

CityPost

Image Cropper/Resizer 52

No workaround or patch available at time of publishing.

A Proof of Concept exploit has been published.

CityPost

LNKX 52

No workaround or patch available at time of publishing.

A Proof of Concept exploit has been published.

CityPost

Simple PHP Upload 53

No workaround or patch available at time of publishing.

A Proof of Concept exploit has been published.

Computer Associates

BrightStor ARCServe Backup for Windows 9.0.1, 11.0, 11.1, 11.1 (All),
(Client) 11.1, (Eng-All) 9.01, (Eng-Cli) 9.01, (NoEng-All) 9.01,
(NoEng-Cli) 9.01, 64 bit 9.0.1, 64 bit 11.0, 64 bit 11.1, BrightStor
Enterprise Backup 10.0, 10.5, BrightStor Enterprise Backup for Windows 64
bit 10.5

A buffer overflow vulnerability has been reported in the 'option' field
due to a boundary error when receiving certain agent requests, which could
let a remote malicious user cause a Denial of Service or execute arbitrary
code.

Updates available at:
href="http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO66528&startsearch=1"
target=_blank>http://supportconnect.ca.com/
sc/solcenter/

An exploit script has been published.

iDEFENSE Security Advisory,
April 11, 2005

Security Focus, 13102, April 13, 2005

Datenbank

Datenbank Module for phpbb

No workaround or patch available at time of publishing.

There is no exploit code required; however, a Proof of Concept exploit
has been published.

eGroupWare

eGroupWare 1.0.1, 1.0.6

No workaround or patch available at time of publishing.

There is no exploit code required.

eGroupWare

eGroupWare 1.0-1.0.3, 1.0.6

Multiple unspecified vulnerabilities have been fixed in the latest
upgrade. The impact was not specified.

Upgrades available at:
href="http://sourceforge.net/project/showfiles.php?group_id=78745"
target=_blank>http://sourceforge.net/project/
showfiles.php?group_id=78745

Currently we are not aware of any exploits for these
vulnerabilities.

F5

BigIP 9.0.2-9.0.4

Update available at: href="http://tech.f5.com/home/bigip-next/solutions/gui/sol4369.html ">
http://tech.f5.com/home/bigip-
next/solutions/gui/sol4369.html

There is no exploit code required.

Francisco Burzi

PHP-Nuke 7.6

No workaround or patch available at time of publishing.

There is no exploit code required; however, a Proof of Concept exploit
has been published.

GNU

GOCR Optical Character Recognition Utility 0.3.2, 0.3.4, 0.37, 0.39,
0.40

No workaround or patch available at time of publishing.

Currently we are not aware of any exploits for this
vulnerability.

Gregory DEMAR

Coppermine Photo Gallery 1.0 RC3, 1.1 beta 2, 1.1 .0, 1.2, 1.2.1, 1.2.2
b, 1.3

No workaround or patch available at time of publishing.

There is no exploit code required.

IBM

iSeries AS400

No workaround or patch available at time of publishing.

There is no exploit code required.

IBM

Lotus Domino 6.0-6.0.3, 6.5.0-6.5.3

A buffer overflow vulnerability has been reported due to the way
malformed HTTP POST requests are handled, which could let a remote
malicious user cause a Denial of Service or execute arbitrary code.

Upgrade information available at: href="http://www-1.ibm.com/support/docview.wss?rs=463&uid=swg21202431">
http://www-1.ibm.com/support/
docview.wss?rs=463&uid=
swg21202431

Currently we are not aware of any exploits for this
vulnerability.

IBM

OS/400 5.x

A remote Denial of Service vulnerability has been reported in the IRC
service when processing malformed data.

Patch information available at: href="http://www-1.ibm.com/support/docview.wss?uid=nas29afd3991f5f290b086256fdb0053b293">
http://www-1.ibm.com/support/
docview.wss?uid=nas29afd3991
f5f290b086256fdb0053b293

Currently we are not aware of any exploits for this
vulnerability.

IBM

Websphere Application Server 5.0, 5.0.1, 5.0.2 .1-5.0.2 .9, 5.0.2,
5.1.0.2-5.1.0.5, 5.1, 5.1.1-5.1.1 .3, 6.0

Workaround available at:
href="http://publib.boulder.ibm.com/infocenter/ws60help/index.jsp?topic=/com.ibm.websphere.base.doc/info/aes/ae/rtrb_jspsource.html">http://publib.boulder.ibm.com/
infocenter/ws60help/index.jsp
?topic=/com.ibm.
websphere.base.doc/info/aes
/ae/rtrb_jspsource.html

There is no exploit code required; however, a Proof of Concept exploit
has been published.

Kerio Technologies

MailServer prior to 6.0.9

A remote Denial of Service vulnerability has been reported when a
malicious user submits a specially crafted email message.

Update available at:
href="file:///C|/Documents%20and%20Settings/dtrammel/Desktop/www.kerio.com/kms_home.html%20(">www.kerio.com/kms_home.htm

Currently we are not aware of any exploits for this
vulnerability.

LG

M4300, U8120, U8200, U8210

A remote Denial of Service vulnerability has been reported when
processing a malicious MIDI file.

No workaround or patch available at time of publishing.

A Proof of Concept exploit has been published.

Matt Kruse

CalendarScript 3.20, 3.21

Several vulnerabilities have been reported: a Cross-Site Scripting
vulnerability was reported in the 'calendar.pl' script due to insufficient
validation of user-supplied input, which could let a remote malicious user
execute arbitrary HTML and script code; a vulnerability was reported
because a remote malicious user can submit an invalid calendar name to
determine the installation path; a vulnerability was reported (version
3.21) when a remote malicious user submits a certain URL that causes
sensitive information and debug information to be disclosed; and a
vulnerability was reported (version 3.21) in the 'username' parameter
because HTML code is not removed.

No workaround or patch available at time of publishing.

Proofs of Concept exploits have been published.

Mozilla.org

Mozilla Browser 1.0-1.0.2, 1.1-1.7.6, Firefox 0.8-0.10.1, 1.0.1, 1.0.2

Upgrades available at:
href="http://www.mozilla.org/products/firefox/"
target=_blank>http://www.mozilla.org/
products/firefox/

href="http://www.mozilla.org/products/mozilla1.x/"
target=_blank>http://www.mozilla.org/
class=bodytext> target=_blank>products/mozilla1.x/

Gentoo: href="http://security.gentoo.org/glsa/glsa-200504-18.xml">
http://security.gentoo.org/
glsa/glsa-200504-18.xml

There is no exploit code required.

Mozilla Foundation Security Advisories, 2005-35 - 2005-41, April 16,
2005

Gentoo Linux Security Advisory, GLSA 200504-18, April 19, 2005

US-CERT VU#973309

Multiple Vendors

Mozilla.org Mozilla Browser 1.7.6, Firefox 1.0.1, 1.0.2; K-Meleon
K-Meleon 0.9; Netscape 7.2; K-Meleon 0.9

A vulnerability has been reported in the javascript implementation due
to improper parsing of lamba list regular expressions, which could a
remote malicious user obtain sensitive information.

The vendor has issued a fix, available via CVS.

There is no exploit code required; however, a Proof of Concept exploit
has been published.

Security Tracker Alert, 1013635, April 4, 2005

Security Focus, 12988, April 16, 2005

Multiple Vendors

Linux kernel test12, 2.4-2.4.30, 2.6 .10, 2.6 -test1-test11,
2.6-2.6.11; Microsoft Windows 2000 Advanced Server, SP1-SP4, 2000
Datacenter Server, SP1-SP4, 2000 Professional, SP1-SP4, 2000 Server,
SP1-SP4, Windows 98SE, Windows NT Enterprise Server 4.0, SP1-SP6a, NT
Server 4.0, SP1-SP6a, NT Terminal Server 4.0, SP1-SP6a, NT Workstation
4.0, SP1-SP6a, Windows Server 2003 Datacenter Edition, SP1, 2003
Datacenter Edition 64-bit, SP1, Windows Server 2003 Enterprise Edition,
SP1, Windows Server 2003 Enterprise Edition 64-bit, SP1, Windows Server
2003 Enterprise x64 Edition, 2003 Standard Edition SP1

No workaround or patch available at time of publishing.

A Proof of Concept exploit script has been published.

Multiple Vendors

See US-CERT
VU#222750 for complete list

Cisco:
href="http://www.cisco.com/warp/public/707/cisco-sa-20050412-icmp.shtml">http://www.cisco.com/warp/
public/707/cisco-sa-
20050412-icmp.shtml

IBM:
href="ftp://aix.software.ibm.com/aix/efixes/security/icmp_efix.tar.Z"
target=_blank>ftp://aix.software.ibm.com/aix/
efixes/security/icmp_efix.tar.Z

RedHat: href="http://rhn.redhat.com/errata/">
http://rhn.redhat.com/errata/

Currently we are not aware of any exploits for these
vulnerabilities.

Multiple Vendors

Squid Web Proxy Cache 2.3, STABLE2, STABLE4-STABLE7, 2.5, STABLE1,
STABLE3-STABLE9

A remote Denial of Service vulnerability has been reported when a
malicious user prematurely aborts a connection during a PUT or POST
request.

Patches available at:
href="http://www1.uk.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-post.patch"
target=_blank>http://www1.uk.squid-
cache.org/Versions/
v2/2.5/bugs/squid-2.5.
STABLE7-post.patch

Conectiva:
href="ftp://atualizacoes.conectiva.com.br/">ftp://atualizacoes.conectiva.com.br/

Ubuntu:
href="http://security.ubuntu.com/ubuntu/pool/main/s/squid/squid_2.5.5-6ubuntu0.7_amd64.deb"
target=_blank>http://security.ubuntu.com/ubuntu/
pool/main/s/squid/

There is no exploit code required.

mvnForum

mvnForum 1.0 RC4

A Cross-Site Scripting vulnerability has been reported due to
insufficient sanitization of user-supplied input, which could let a remote
malicious user execute arbitrary HTML and script code.

No workaround or patch available at time of publishing.

There is no exploit code required; however,a Proof of Concept exploit
has been published.

MySQL AB

MySQL 4.0.23, and 4.1.10
and prior

A vulnerability was reported in the CREATE FUNCTION command that could
let an authenticated user gain mysql user privileges on the target system
and permit the user to execute arbitrary code.

A fixed version (4.0.24 and 4.1.10a) is available at: href="http://dev.mysql.com/downloads/index.html">
http://dev.mysql.com/
downloads/index.html

Gentoo: href="http://security.gentoo.org/glsa/glsa-200503-19.xml">
http://security.gentoo.org/
glsa/glsa-200503-19.xml

Ubuntu: href="http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/">
http://security.ubuntu.com/
ubuntu/pool/main/m/
mysql-dfsg/

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php"
target=_blank>
http://www.mandrakesecure.net
/en/ftp.php

Trustix: href="http://http.trustix.org/pub/trustix/updates/">
http://http.trustix.org/pub/
trustix/updates/

ALT Linux: href="http://lists.altlinux.ru/pipermail/security-announce/2005-March/000287.html">
http://lists.altlinux.ru/pipermail/
security-announce/2005-March
/000287.html

RedHat: href="http://rhn.redhat.com/errata/RHSA-2005-334.html">
http://rhn.redhat.com/errata/
RHSA-2005-334.html

SuSE: href="ftp://ftp.suse.com/pub/suse/">
ftp://ftp.suse.com/pub/suse/

Conectiva:
href="ftp://atualizacoes.conectiva.com.br/">ftp://atualizacoes.conectiva.
com.br/

Debian:
href="http://security.debian.org/pool/updates/main/m/mysql/">http://security.debian.org/|
pool/updates/main/m/mysql/

A Proof of Concept exploit has been published.

Security Tracker Alert ID: 1013415, March 11, 2005

Gentoo Linux Security Advisory, GLSA 200503-19, March 16, 2005

Ubuntu Security Notice, USN-96-1 March 16, 2005

Mandrakelinux Security Update Advisory, MDKSA-2005:060, March 21, 2005

Trustix Secure Linux Security Advisory, TSL-2005-0009, March 21,
2005

SUSE Security Announcement, SUSE-SA:2005:019, March 24, 2005

RedHat Security Advisory, RHSA-2005:334-07, March 28, 2005

ALTLinux Security Advisory, March 29, 2005

Conectiva Linux Security Announcement, CLA-2005:946, April 4, 2005

Debian Security Advisory, DSA 707-1 , April 13, 2005

MySQL AB

MySQL 4.0.23, and 4.1.10
and prior

A vulnerability has been reported that could let local malicious users
gain escalated privileges. This is because the "CREATE TEMPORARY TABLE"
command can create insecure temporary files.

The vulnerabilities have been fixed in version 4.0.24 (when available):

href="http://dev.mysql.com/downloads/">http://dev.mysql.com/downloads/

Gentoo: href="http://security.gentoo.org/glsa/glsa-200503-19.xml">
http://security.gentoo.org/
glsa/glsa-200503-19.xml

Ubuntu: href="http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/">
http://security.ubuntu.com/
ubuntu/pool/main/m/
mysql-dfsg/

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php"
target=_blank>
http://www.mandrakesecure.net
/en/ftp.php

Trustix: href="http://http.trustix.org/pub/trustix/updates/">
http://http.trustix.org/pub/
trustix/updates/

ALT Linux: href="http://lists.altlinux.ru/pipermail/security-announce/2005-March/000287.html">
http://lists.altlinux.ru/pipermail/
security-announce/2005-March
/000287.html

RedHat: href="http://rhn.redhat.com/errata/RHSA-2005-334.html">
http://rhn.redhat.com/errata/
RHSA-2005-334.html

SuSE: href="ftp://ftp.suse.com/pub/suse/">
ftp://ftp.suse.com/pub/suse/

Conectiva:
href="ftp://atualizacoes.conectiva.com.br/">ftp://atualizacoes.conectiva.
com.br/

Debian:
href="http://security.debian.org/pool/updates/main/m/mysql/">http://security.debian.org/|
pool/updates/main/m/mysql/

A Proof of Concept exploit has been published.

Secunia SA14547, March 11, 2005

Gentoo Linux Security Advisory, GLSA 200503-19, March 16, 2005

Ubuntu Security Notice, USN-96-1 March 16, 2005

Mandrakelinux Security Update Advisory, MDKSA-2005:060, March 21, 2005

SUSE Security Announcement, SUSE-SA:2005:019, March 24, 2005

Trustix Secure Linux Security Advisory, TSL-2005-0009, March 21,
2005

RedHat Security Advisory, RHSA-2005:334-07, March 28, 2005

ALTLinux Security Advisory, March 29, 2005

Conectiva Linux Security Announcement, CLA-2005:946, April 4, 2005

Debian Security Advisory, DSA 707-1 , April 13, 2005

MySQL AB

MySQL 4.0.23, and 4.1.10
and prior

An input validation vulnerability was reported in udf_init() that could
let an authenticated user with certain privileges execute arbitrary
library functions on the target system. The udf_init() function in
'sql_udf.cc' does not properly validate directory names.

A fixed version (4.0.24 and 4.1.10a) is available at: href="http://dev.mysql.com/downloads/index.html">
http://dev.mysql.com/
downloads/index.html

Gentoo: href="http://security.gentoo.org/glsa/glsa-200503-19.xml">
http://security.gentoo.org/
glsa/glsa-200503-19.xml

Ubuntu: href="http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg/">
http://security.ubuntu.com/
ubuntu/pool/main/m/
mysql-dfsg/

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php"
target=_blank>
http://www.mandrakesecure.net
/en/ftp.php

Trustix: href="http://http.trustix.org/pub/trustix/updates/">
http://http.trustix.org/pub/
trustix/updates/

ALT Linux: href="http://lists.altlinux.ru/pipermail/security-announce/2005-March/000287.html">
http://lists.altlinux.ru/pipermail/
security-announce/2005-March
/000287.html

RedHat: href="http://rhn.redhat.com/errata/RHSA-2005-334.html">
http://rhn.redhat.com/errata/
RHSA-2005-334.html

SuSE: href="ftp://ftp.suse.com/pub/suse/">
ftp://ftp.suse.com/pub/suse/

Conectiva:
href="ftp://atualizacoes.conectiva.com.br/">ftp://atualizacoes.conectiva.
com.br/

Debian:
href="http://security.debian.org/pool/updates/main/m/mysql/">http://security.debian.org/|
pool/updates/main/m/mysql/

A Proof of Concept exploit has been published.

Security Tracker Alert ID: 1013414, March 11, 2005

Gentoo Linux Security Advisory, GLSA 200503-19, March 16, 2005

Ubuntu Security Notice, USN-96-1 March 16, 2005

SUSE Security Announcement, SUSE-SA:2005:019, March 24, 2005

Mandrakelinux Security Update Advisory, MDKSA-2005:060, March 21, 2005

Trustix Secure Linux Security Advisory, TSL-2005-0009, March 21,
2005

RedHat Security Advisory, RHSA-2005:334-07, March 28, 2005

ALTLinux Security Advisory, March 29, 2005

Conectiva Linux Security Announcement, CLA-2005:946, April 4, 2005

Debian Security Advisory, DSA 707-1 , April 13, 2005

myWebland

myBloggie 2.1.1

A vulnerability has been reported due to insufficient sanitization of
user-supplied input, which could let a remote malicious user execute
arbitrary HTML and script code.

No workaround or patch available at time of publishing.

There is no exploit code required.

NashTech

EasyPHPCalendar

No workaround or patch available at time of publishing.

A Proof of Concept exploit has been published.

Opera Software

Opera Web Browser 8 Beta 3

No workaround or patch available at time of publishing.

There is no exploit code required.

Oracle Corporation

Oracle Application Server 10g,
Enterprise Edition, Personal
Edition, Standard Edition, Oracle8i Database Enterprise Edition, Standard
Edition, Oracle9i Application Server, Oracle9i Database Enterprise
Edition, Database Standard Edition

Update information available at:
href="http://www.oracle.com/technology/deploy/security/pdf/cpuapr2005.pdf">http://www.oracle.com/technology/
deploy/security/pdf/cpuapr2005.pdf

Proofs of Concept exploits have been published.

Security Focus 13144, April 12, 2005

US-CERT VU#982109

Oracle Corporation

Oracle Application Server 10g, Collaboration Suite Release 2, Database
8.x, Database Server 10g, E-Business Suite 11i, Enterprise Manager 10.x,
9.x,
Oracle9i Application Server,
Oracle9i Database Enterprise
Edition,
Oracle9i Database Standard Edition,
PeopleSoft
EnterpriseOne Applications 8.x,
PeopleSoft OneWorldXe/ERP8
Applications

Update information available at:
href="http://www.oracle.com/technology/deploy/security/pdf/cpuapr2005.pdf">http://www.oracle.com/technology/
deploy/security/pdf/cpuapr2005.pdf

Currently we are not aware of any exploits for these
vulnerabilities.

Oracle Corporation

Oracle Forms versions 3.0 up to 10g

A vulnerability has been reported in the 'Query/Where'
feature due to insufficient sanitization of user-supplied data, which
could let a remote malicious user inject arbitrary SQL code.

Update information available at:
href=" http://www.oracle.com/technology/deploy/security/pdf/cpuapr2005.pdf">http://www.oracle.com/technology/
deploy/security/pdf/cpuapr2005.pdf

There is no exploit code required.

Oracle Corporation

Oracle10g Application Server 10.1.0.2, Oracle10g Enterprise Edition
10.1.0.2, Oracle10g Personal Edition 10.1.0.2, Oracle10g Standard Edition
10.1.0.2

Update information available at:
href=" http://www.oracle.com/technology/deploy/security/pdf/cpuapr2005.pdf">http://www.oracle.com/technology/
deploy/security/pdf/cpuapr2005.pdf

A Proof of Concept exploit script has been published.

PHP Group

PHP 4.3.6-4.3.9, 5.0 candidate 1-canidate 3, 5.0 .0-5.0.2

Upgrades available at:
href="http://www.php.net/downloads.php"
target=_blank>http://www.php.net/downloads.php

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php"
target=_blank>
http://www.mandrakesecure.net/
en/ftp.php

Conectiva:
href="ftp://atualizacoes.conectiva.com.br/">ftp://atualizacoes.conectiva.com.br/

RedHat: href="http://rhn.redhat.com/errata/RHSA-2005-031.html">
http://rhn.redhat.com/errata/
RHSA-2005-031.html

SuSE: href="ftp://ftp.suse.com/pub/suse/">
ftp://ftp.suse.com/pub/suse/

Ubuntu: href="http://security.ubuntu.com/ubuntu/pool/main/p/php4/">
http://security.ubuntu.com/
ubuntu/pool/main/p/php4/

Apple: href="http://www.apple.com/support/downloads/">
http://www.apple.com/support/
downloads/

FedoraLegacy:
href="http://download.fedoralegacy.org/redhat/">http://download.fedoralegacy.org/
redhat/

Ubuntu: href="http://security.ubuntu.com/ubuntu/pool/main/p/php4/">
http://security.ubuntu.com/
ubuntu/pool/main/p/php4/

There is no exploit code required; however, a Proof of Concept exploit
script has been published.

PHP Multiple Remote Vulnerabilities

href="http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CAN-2004-1018">CAN-2004-1018
href="http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CAN-2004-1063">CAN-2004-1063
href="http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CAN-2004-1064">CAN-2004-1064
href="http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CAN-2004-1019">CAN-2004-1019 href="http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CAN-2004-1020">
CAN-2004-1020
href="http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CAN-2004-1065">CAN-2004-1065

Bugtraq, December 16, 2004

Conectiva Linux Security Announcement, CLA-2005:915, January 13,
2005

Red Hat, Advisory: RHSA-2005:031-08, January 19, 2005

SUSE Security Announcement, SUSE-SA:2005:002, January 17, 2005

Ubuntu Security Notice, USN-66-1, January 20, 2005

Apple Security Update, APPLE-SA-2005-01-25, January 26, 2005

Fedora Legacy Update Advisory, FLSA:2344, March 7, 2005

Ubuntu Security Notice, USN-99-1 March 18, 2005

Mandriva Linux Security Update Advisory, MDKSA-2005:072, April
19, 2005

PHP Group

PHP prior to 5.0.4

Multiple Denial of Service vulnerabilities have been reported in
'getimagesize().'

Upgrade available at:
href="http://ca.php.net/get/php-4.3.11.tar.gz/from/a/mirror"
target=_blank>http://ca.php.net/get/php-
4.3.11.tar.gz/from/a/mirror

Ubuntu:
href="http://security.ubuntu.com/ubuntu/pool/main/p/php4/">http://security.ubuntu.com/
ubuntu/pool/main/p/php4/

Slackware:
href="ftp://ftp.slackware.com/pub/slackware/">ftp://ftp.slackware.com/
pub/slackware/

Debian:
href="http://security.debian.org/pool/updates/main/p/php3/">http://security.debian.org/
pool/updates/main/p/php3/

SUSE:
href="ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/xorg-x11-libs-6.8.1-15.3.i586.rpm"
target=_blank>ftp://ftp.SUSE.com/pub/SUSE

Gentoo:
href="http://security.gentoo.org/glsa/glsa-200504-15.xml">http://security.gentoo.org/
glsa/glsa-200504-15.xml

Mandrake: href="http://www.mandrakesecure.net/en/ftp.php">
http://www.mandrakesecure.net/
en/ftp.php

Currently we are not aware of any exploits for these
vulnerabilities.

iDEFENSE Security Advisory,
March 31, 2005

Ubuntu Security Notice, USN-105-1
April 05, 2005

Slackware Security Advisory, SSA:2005-
095-01,
April 6, 2005

Debian Security Advisory, DSA 708-1, April 15, 2005

SUSE Security Announcement, SUSE-SA:2005:023, April 15, 2005

Gentoo Linux Security Advisory, GLSA 200504-15, April 18, 2005

Mandriva Linux Security Update Advisory, MDKSA-2005:072, April
19, 2005

phpBB Group

phpBB 1.0 .0, 1.2.0,
1.2.1, 1.4 .0-1.4.2, 1.4.4, 2.0 .0, 2.0
RC1-RC4, 2.0 Beta 1, 2.0.1-2.0.13

A vulnerability has been reported in the Knowledge Base Module due to
insufficient sanitization of user-supplied input, which could let a remote
malicious user execute arbitrary SQL or obtain sensitive information.

No workaround or patch available at time of publishing.

There is no exploit code required; however, a Proof of Concept exploit
has been published.

phpBB2

phpBB2 Plus 1.5, 1.52

No workaround or patch available at time of publishing.

There is no exploit code required; however, Proofs of Concept exploits
have been published.

Pinnacle Cart

Pinnacle Cart

No workaround or patch available at time of publishing.

There is no exploit code required; however, a Proof of Concept exploit
has been published.

S9Y

Serendipity 0.3-0.8

Upgrades available at: href="http://www.s9y.org/12.html">http://www.s9y.org/12.html

An exploit script has been published.

Smartor

Photo Album 2.0.53

No workaround or patch available at time of publishing.

There is no exploit code required; however, Proofs of Concept exploits
have been published.

sphpBlog

sphpBlog 0.4.0

Several vulnerabilities have been reported: a vulnerability was
reported because the password.txt and config.txt files are stored under
the web document root, which could let a remote malicious user obtain
sensitive information; and a vulnerability was reported in
'sb_functions.php' which could let a remote malicious user obtain
sensitive information.

No workaround or patch available at time of publishing.

There is no exploit code required; however, a Proof of Concept exploit
has been published.

sphpBlog

sphpBlog 0.4.0

A Cross-Site Scripting vulnerability has been reported in 'Search.php'
due to insufficient satiation of user-supplied input, which could let a
remote malicious user execute arbitrary HTML and script code.

No workaround or patch available at time of publishing.

There is no exploit code required; however, a Proof of Concept exploit
has been published.

Sun Microsystems, Inc.

OpenOffice 1.1.4, 2.0 Beta

Fedora:
href="http://download.fedora.redhat.com/pub/fedora/linux/core/updates/">http://download.fedora.redhat.com/
pub/fedora/linux/core/updates/

Gentoo:
href="http://security.gentoo.org/glsa/glsa-200504-13.xml">http://security.gentoo.org/
glsa/glsa-200504-13.xml

SUSE:
href="ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/xorg-x11-libs-6.8.1-15.3.i586.rpm"
target=_blank>ftp://ftp.SUSE.com/pub/SUSE

Currently we are not aware of any exploits for this
vulnerability.

Security Focus, 13092,
April 11, 2005

Fedora Update Notification,
FEDORA-2005-316, April 13, 2005

Gentoo Linux Security Advisory, GLSA 200504-13, April 15, 2005

SUSE Security Announcement, SUSE-SA:2005:025, April 19, 2005

Sun Microsystems, Inc.

JavaMail 1.3.2

No workaround or patch available at time of publishing.

There is no exploit code required; however, a Proof of Concept exploit
has been published.

Veritas Software

i3 FocalPoint Server 7.1

A vulnerability has been reported due to an unspecified error. The
impact was also not specified.

Patch available at:
href=" http://seer.support.veritas.com/docs/276119.htm">http://seer.support.veritas.com/
docs/276119.htm

Currently we are not aware of any exploits for this
vulnerability.

Xerox

WorkCentre 32 Color 01.02.077.1, 01.02.058.4, 01.02.053.1, 01.00.060,
1.2.81, WorkCentre 40 Color 01.02.65.1, 01.02.077.1, 01.02.058.4,
01.02.053.1, 01.00.060, 1.2.81, WorkCentre M165 8.47.33.008. 8.47.30.000,
6.47.33.008, 6.47.30.000, WorkCentre M175 8.47.33.008, 8.47.30.000,
6.47.33.008, 6.47.30.000, WorkCentre M35 4.97.20.025, 4.84.16.000,
2.97.20.032, 2.28.11.000, 2.028.11.000, 4.97.20 .032, WorkCentre M45
4.97.20.025, 4.84.16.000, 2.97.20.032, 2.28.11.000, 4.97.20 .032,
WorkCentre M55 4.97.20.025, 4.84.16.000, 2.97.20.032, 2.28.11.000, 4.97.20
.032, WorkCentre Pro 165 7.47.33.008, 7.47.30.000, WorkCentre Pro 175
7.47.33.008, 7.47.30.000, WorkCentre Pro 35 3.97.20.032, 3.028.11.000,
WorkCentre Pro 45 3.97.20.032, 3.028.11.000, WorkCentre Pro 55
3.97.20.032, 3.028.11.000, WorkCentre Pro 65 1.001.02.084, 1.001.00.060,
WorkCentre Pro 75 1.001.02.084, 1.001.00.060, WorkCentre Pro 90
1.001.02.084, 1.001.00.060, WorkCentre Pro Color 2128 0.001.04.044, Pro
Color 2636 0.001.04.044, Pro Color 3545 0.001.04.044

A vulnerability has been reported in the SNMP functionality and the Web
Server software, which could let a remote malicious user bypass
authentication.

Upgrades available at:
href="http://www.xerox.com/downloads/usa/en/c/cert_P21_WCP_WebUI_Patch.zip"
target=_blank>http://www.xerox.com/downloads/
usa/en/c/cert_P21_WCP_
WebUI_Patch.zip

Currently we are not aware of any exploits for this
vulnerability.

0x82-meOw_linuxer_forever.c