cpe:/a:dec:dec_openvms:5.4 cpe:/a:dec:dec_openvms:5.1.1 cpe:/a:dec:dec_openvms:5.1.2 cpe:/a:dec:dec_openvms:5.4.1 cpe:/a:dec:dec_openvms:5.1 cpe:/a:dec:dec_openvms:5.0 cpe:/a:dec:dec_openvms:5.2.1 cpe:/a:dec:dec_openvms:5.3 cpe:/a:dec:dec_openvms:5.2 cpe:/a:dec:dec_openvms:5.4.2 cpe:/a:dec:dec_openvms:5.1b cpe:/a:dec:dec_openvms:5.0.1 cpe:/a:dec:dec_openvms:5.0.2 cpe:/a:dec:dec_openvms:5.3.1 cpe:/a:dec:dec_openvms:5.3.2 CVE-1999-1395 1992-11-17T00:00:00.000-05:00 2009-10-31T00:02:35.750-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS CERT CA-92.16 CERT CA-1992-18 BID 51 XF vms-monitor-gain-privileges(7136) OSVDB 59332 Vulnerability in Monitor utility (SYS$SHARE:SPISHR.EXE) in VMS 5.0 through 5.4-2 allows local users to gain privileges. cpe:/o:microsoft:windows_nt CVE-1999-0593 1999-01-01T00:00:00.000-05:00 2009-10-31T00:01:02.017-04:00 2.1 LOCAL LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 XF nt-shutdown-without-logon(1291) MISC http://www.microsoft.com/technet/archive/winntas/deploy/confeat/06wntpcc.mspx?mfr=true CONFIRM http://technet.microsoft.com/en-us/library/cc722469.aspx OSVDB 59333 The default setting for the Winlogon key entry ShutdownWithoutLogon in Windows NT allows users with physical access to shut down a Windows NT system without logging in. cpe:/a:intersystems:cache_database:5 CVE-2003-0498 2003-08-07T00:00:00.000-04:00 2009-11-22T00:20:53.703-05:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS Cach�Ã�© Database 5.x installs the /cachesys/csp directory with insecure permissions, which allows local users to execute arbitrary code by adding server-side scripts that are executed with root privileges. cpe:/a:intersystems:cache_database:5 CVE-2003-0497 2003-08-07T00:00:00.000-04:00 2009-11-22T00:20:47.517-05:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS Cach�Ã�© Database 5.x installs /cachesys/bin/cache with world-writable permissions, which allows local users to gain privileges by modifying cache and executing it via cuxs. cpe:/o:gentoo:linux cpe:/o:redhat:enterprise_linux:4.0::enterprise_server cpe:/o:ubuntu:ubuntu_linux:4.10 cpe:/o:debian:debian_linux:3.0::woody cpe:/o:redhat:enterprise_linux:4.0::workstation cpe:/o:redhat:enterprise_linux:4.0::advanced_server cpe:/o:redhat:enterprise_linux_desktop:4.0 CVE-2005-0077 2005-05-02T00:00:00.000-04:00 2009-11-13T00:35:29.127-05:00 2.1 LOCAL LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2005-06-02T22:05:00.000-04:00 XF dbi-library-file-overwrite(19068) REDHAT RHSA-2005:072 GENTOO GLSA-200501-38 DEBIAN DSA-658 BUGTRAQ 20050125 [USN-70-1] Perl DBI module vulnerability BID 12360 FEDORA FLSA-2006:178989 MANDRAKE MDKSA-2005:030 SECTRACK 1013007 SECUNIA 14050 SECUNIA 14015 The DBI library (libdbi-perl) for Perl allows local users to overwrite arbitrary files via a symlink attack on a temporary PID file. cpe:/o:ubuntu:ubuntu_linux:5.04 CVE-2005-0106 2005-05-03T00:00:00.000-04:00 2009-11-13T00:39:05.670-05:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-05-12T15:05:00.000-04:00 UBUNTU USN-113-1 BID 13471 MANDRIVA MDKSA-2006:023 SECUNIA 18639 SSLeay.pm in libnet-ssleay-perl before 1.25 uses the /tmp/entropy file for entropy if a source is not set in the EGD_PATH variable, which allows local users to reduce the cryptographic strength of certain operations by modifying the file. cpe:/a:apache:http_server:2.0.46 cpe:/a:apache:http_server:2.0.47 cpe:/a:apache:http_server:2.0.45 cpe:/a:apache:http_server:1.3.29 cpe:/a:apache:http_server:2.0.48 cpe:/a:apache:http_server:2.0.49 cpe:/a:apache:http_server:1.3.30 cpe:/a:apache:http_server:2.0.50 cpe:/a:apache:http_server:1.3.32 cpe:/a:apache:http_server:2.0.51 cpe:/a:apache:http_server:1.3.31 cpe:/a:apache:http_server:2.0.52 cpe:/a:apache:http_server:2.0.53 cpe:/a:apache:http_server:2.0.54 cpe:/a:apache:http_server:1.3.33 CVE-2005-2088 2005-07-05T00:00:00.000-04:00 2009-11-08T00:44:39.920-05:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2005-07-05T14:17:00.000-04:00 HP SSRT051128 MISC http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf UBUNTU USN-160-2 BID 15647 BID 14106 HP HPSBUX02074 HP HPSBUX02074 HP HPSBUX02074 HP HPSBUX02074 MISC http://www.securiteam.com/securityreviews/5GP0220G0U.html REDHAT RHSA-2005:582 VUPEN ADV-2006-1018 VUPEN ADV-2006-0789 VUPEN ADV-2005-2659 VUPEN ADV-2005-2140 DEBIAN DSA-805 DEBIAN DSA-803 CONFIRM http://www.apache.org/dist/httpd/CHANGES_2.0 CONFIRM http://www.apache.org/dist/httpd/CHANGES_1.3 AIXAPAR PK16139 AIXAPAR PK13959 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm SUNALERT 102198 SUNALERT 102197 SLACKWARE SSA:2005-310-04 SECTRACK 1014323 SECUNIA 19317 SECUNIA 19185 SECUNIA 19073 SECUNIA 19072 SECUNIA 17813 SECUNIA 17487 SECUNIA 17319 SECUNIA 14530 BUGTRAQ 20050606 A new whitepaper by Watchfire - HTTP Request Smuggling MLIST [apache-httpd-announce] 20051014 Apache HTTP Server 2.0.55 Released TRUSTIX TSLSA-2005-0059 APPLE APPLE-SA-2005-11-29 CONFIRM https://secure-support.novell.com/KanisaPlatform/Publishing/741/3222109_f.SAL_Public.html SUSE SUSE-SA:2005:046 SUSE SUSE-SR:2005:018 MANDRIVA MDKSA-2005:130 VUPEN ADV-2006-4680 SREASON 604 SECUNIA 23074 MANDRIVA MDKSA-2005:130 The Apache HTTP server before 1.3.34, and 2.0.x before 2.0.55, when acting as an HTTP proxy, allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Apache to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling." cpe:/a:pear:xml_rpc:1.0.4 cpe:/a:pear:xml_rpc:1.2.0rc7 cpe:/a:pear:xml_rpc:1.0.2 cpe:/a:pear:xml_rpc:1.0.3 cpe:/a:pear:xml_rpc:1.2.0rc3 cpe:/a:pear:xml_rpc:1.3.0rc1 cpe:/a:pear:xml_rpc:1.2.0rc4 cpe:/a:pear:xml_rpc:1.3.0rc2 cpe:/a:pear:xml_rpc:1.2.0rc5 cpe:/a:pear:xml_rpc:1.3.0rc3 cpe:/a:pear:xml_rpc:1.2.0rc6 cpe:/a:pear:xml_rpc:1.2.2 cpe:/a:pear:xml_rpc:1.2.0rc2 cpe:/a:pear:xml_rpc:1.2.1 cpe:/a:pear:xml_rpc:1.2.0 cpe:/a:pear:xml_rpc:1.2.0rc1 cpe:/a:pear:xml_rpc:1.1.0 CVE-2005-1921 2005-07-05T00:00:00.000-04:00 2009-11-07T00:40:39.670-05:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-07-05T11:58:00.000-04:00 ALLOWS_OTHER_ACCESS MANDRAKE MDKSA-2005:109 MISC http://www.gulftech.org/?node=research&article_id=00087-07012005 MISC http://pear.php.net/package/XML_RPC/download/1.3.1 BUGTRAQ 20050629 Advisory 02/2005: Remote code execution in Serendipity HP HPSBTU02083 MISC http://www.hardened-php.net/advisory-022005.php BID 14088 HP HPSBTU02083 REDHAT RHSA-2005:564 SUSE SUSE-SA:2005:049 SUSE SUSE-SA:2005:041 SUSE SUSE-SR:2005:018 VUPEN ADV-2005-2827 CONFIRM http://www.drupal.org/security/drupal-sa-2005-003/advisory.txt DEBIAN DSA-789 DEBIAN DSA-747 DEBIAN DSA-746 DEBIAN DSA-745 CONFIRM http://www.ampache.org/announce/3_3_1_2.php CONFIRM http://sourceforge.net/project/shownotes.php?release_id=338803 CONFIRM http://sourceforge.net/project/showfiles.php?group_id=87163 SECTRACK 1015336 GENTOO GLSA-200507-07 GENTOO GLSA-200507-06 GENTOO GLSA-200507-01 SECUNIA 18003 SECUNIA 17674 SECUNIA 17440 SECUNIA 16693 SECUNIA 16339 SECUNIA 16001 SECUNIA 15957 SECUNIA 15947 SECUNIA 15944 SECUNIA 15922 SECUNIA 15917 SECUNIA 15916 SECUNIA 15904 SECUNIA 15903 SECUNIA 15895 SECUNIA 15884 SECUNIA 15883 SECUNIA 15872 SECUNIA 15861 SECUNIA 15855 SECUNIA 15852 SECUNIA 15810 SUSE SUSE-SA:2005:051 BUGTRAQ 20050629 [DRUPAL-SA-2005-003] Drupal 4.6.2 / 4.5.4 fixes critical XML-RPC issue Eval injection vulnerability in PEAR XML_RPC 1.3.0 and earlier (aka XML-RPC or xmlrpc) and PHPXMLRPC (aka XML-RPC For PHP or php-xmlrpc) 1.1 and earlier, as used in products such as (1) WordPress, (2) Serendipity, (3) Drupal, (4) egroupware, (5) MailWatch, (6) TikiWiki, (7) phpWebSite, (8) Ampache, and others, allows remote attackers to execute arbitrary PHP code via an XML file, which is not properly sanitized before being used in an eval statement. cpe:/a:mit:kerberos:5-1.3.2 cpe:/a:mit:kerberos:5-1.3.1 cpe:/a:mit:kerberos:5-1.4.1 cpe:/a:mit:kerberos:5-1.3.3 cpe:/a:mit:kerberos:5-1.3.4 cpe:/a:mit:kerberos:5-1.3 cpe:/a:mit:kerberos:5-1.3.5 cpe:/a:mit:kerberos:5-1.3.6 cpe:/a:mit:kerberos:5-1.4 CVE-2005-1689 2005-07-18T00:00:00.000-04:00 2009-10-29T00:38:07.547-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-07-18T09:53:00.000-04:00 ALLOWS_USER_ACCESS CERT-VN VU#623332 GENTOO GLSA-200507-11 DEBIAN DSA-757 XF kerberos-kdc-krb5recvauth-execute-code(21055) UBUNTU USN-224-1 TURBO TLSA-2005-78 TRUSTIX 2005-0036 BID 14239 HP HPSBUX02152 HP HPSBUX02152 HP HPSBUX02152 REDHAT RHSA-2005:567 REDHAT RHSA-2005:562 SUSE SUSE-SR:2005:017 VUPEN ADV-2006-3776 VUPEN ADV-2005-1066 CONFIRM http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2005-003-recvauth.txt SUNALERT 101810 SECTRACK 1014461 SECUNIA 22090 SECUNIA 17899 SECUNIA 17135 SECUNIA 16041 BUGTRAQ 20050712 MITKRB5-SA-2005-003: double-free in krb5_recvauth APPLE APPLE-SA-2005-08-15 APPLE APPLE-SA-2005-08-17 CONECTIVA CLA-2005:993 SGI 20050703-01-U Double free vulnerability in the krb5_recvauth function in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to execute arbitrary code via certain error conditions. cpe:/a:pcre:pcre:5.0 cpe:/a:pcre:pcre:6.0 cpe:/a:pcre:pcre:6.1 CVE-2005-2491 2005-08-23T00:00:00.000-04:00 2009-11-01T00:46:24.170-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-08-23T10:18:00.000-04:00 ALLOWS_USER_ACCESS SECTRACK 1014744 BID 14620 HP HPSBUX02074 HP HPSBUX02074 BID 15647 HP HPSBUX02074 FEDORA FLSA:168516 REDHAT RHSA-2006:0197 REDHAT RHSA-2005:761 REDHAT RHSA-2005:358 CONFIRM http://www.php.net/release_4_4_1.php SUSE SUSE-SA:2005:052 SUSE SUSE-SA:2005:049 SUSE SUSE-SA:2005:048 GENTOO GLSA-200509-19 GENTOO GLSA-200509-12 GENTOO GLSA-200509-02 GENTOO GLSA-200509-08 VUPEN ADV-2006-4502 VUPEN ADV-2006-4320 VUPEN ADV-2006-0789 VUPEN ADV-2005-2659 VUPEN ADV-2005-1511 CONFIRM http://www.ethereal.com/appnotes/enpa-sa-00021.html DEBIAN DSA-821 DEBIAN DSA-819 DEBIAN DSA-817 DEBIAN DSA-800 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-159.htm CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2005-223.pdf CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2005-216.pdf SUNALERT 102198 SREASON 604 SECUNIA 22875 SECUNIA 22691 SECUNIA 21522 SECUNIA 19532 SECUNIA 19193 SECUNIA 19072 SECUNIA 17813 SECUNIA 17252 SECUNIA 16679 SECUNIA 16502 OPENPKG OpenPKG-SA-2005.018 SUSE SUSE-SA:2005:051 TRUSTIX TSLSA-2005-0059 HP SSRT061238 APPLE APPLE-SA-2005-11-29 SGI 20060401-01-U SCO SCOSA-2006.10 Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products such as Python, Ethereal, and PHP, allows attackers to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based buffer overflow. cpe:/a:larry_wall:perl:5.8.6 cpe:/a:larry_wall:perl:5.9.2 CVE-2005-3962 2005-12-01T12:03:00.000-05:00 2009-11-08T00:51:15.017-05:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-12-01T12:21:00.000-05:00 ALLOWS_USER_ACCESS CERT-VN VU#948385 CERT TA06-333A MISC http://www.dyadsecurity.com/perl-0002.html FULLDISC 20051201 Perl format string integer wrap vulnerability FEDORA FLSA-2006:176731 UBUNTU USN-222-1 TRUSTIX TSLSA-2005-0070 BID 15629 HP HPSBTU02125 HP HPSBTU02125 BUGTRAQ 20051201 Perl format string integer wrap vulnerability REDHAT RHSA-2005:881 REDHAT RHSA-2005:880 OSVDB 22255 OSVDB 21345 OPENPKG OpenPKG-SA-2005.025 OPENBSD [3.7] 20060105 007: SECURITY FIX: January 5, 2006 SUSE SUSE-SA:2005:071 GENTOO GLSA-200512-01 VUPEN ADV-2006-0771 VUPEN ADV-2005-2688 DEBIAN DSA-943 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm SUNALERT 102192 SECUNIA 19041 SECUNIA 18517 SECUNIA 18413 SECUNIA 18295 SECUNIA 18187 SECUNIA 18183 SECUNIA 18075 SECUNIA 17993 SECUNIA 17952 SECUNIA 17941 SECUNIA 17844 SECUNIA 17802 SECUNIA 17762 FULLDISC 20051201 Perl format string integer wrap vulnerability MANDRAKE MDKSA-2005:225 CONECTIVA CLSA-2006:1056 SGI 20060101-01-U MISC ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/001_perl.patch MISC ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/007_perl.patch HP HPSBTU02125 SUSE SUSE-SR:2005:029 MANDRAKE MDKSA-2005:225 CONFIRM http://www.ipcop.org/index.php?name=News&file=article&sid=41 VUPEN ADV-2006-4750 VUPEN ADV-2006-2613 SECUNIA 31208 SECUNIA 23155 SECUNIA 20894 APPLE APPLE-SA-2006-11-28 CONFIRM http://docs.info.apple.com/article.html?artnum=304829 Integer overflow in the format string functionality (Perl_sv_vcatpvfn) in Perl 5.9.2 and 5.8.6 Perl allows attackers to overwrite arbitrary memory and possibly execute arbitrary code via format string specifiers with large values, which causes an integer wrap and leads to a buffer overflow, as demonstrated using format string vulnerabilities in Perl applications. cpe:/a:alt-n:worldclient:8.1.3 cpe:/a:alt-n:mdaemon:8.1.3 CVE-2005-4209 2005-12-13T06:03:00.000-05:00 2009-10-31T00:54:01.500-04:00 7.1 NETWORK MEDIUM NONE NONE NONE COMPLETE http://nvd.nist.gov 2005-12-13T10:36:00.000-05:00 XF mdaemon-worldclient-subject-dos(23551) BID 15815 MISC http://www.ipomonis.com/advisories/mdaemon.zip SECUNIA 17990 WorldClient webmail in Alt-N MDaemon 8.1.3 allows remote attackers to prevent arbitrary users from accessing their inboxes via script tags in the Subject header of an e-mail message, which prevents the user from being able to access the Inbox folder, possibly due to a cross-site scripting (XSS) vulnerability. cpe:/a:apache:http_server:2.0.32:beta:win32 cpe:/a:apache:http_server:1.3.17::win32 cpe:/a:apache:http_server:1.3.23::win32 cpe:/a:apache:http_server:2.0.55 cpe:/a:apache:http_server:1.3.18 cpe:/a:apache:http_server:1.3.17 cpe:/a:apache:http_server:1.3.18::win32 cpe:/a:apache:http_server:1.3.14::mac_os cpe:/a:apache:http_server:1.3.19 cpe:/a:apache:http_server:1.3.14 cpe:/a:apache:http_server:1.3.25::win32 cpe:/a:apache:http_server:1.3.19::win32 cpe:/a:apache:http_server:1.3.13 cpe:/a:apache:http_server:1.3.16 cpe:/a:apache:mod_imap cpe:/a:apache:http_server:1.3.15 cpe:/a:apache:http_server:1.3.10 cpe:/a:apache:http_server:1.3.12 cpe:/a:apache:http_server:2.0.50 cpe:/a:apache:http_server:1.3.11 cpe:/a:apache:http_server:2.0.51 cpe:/a:apache:http_server:2.0.52 cpe:/a:apache:http_server:2.0.53 cpe:/a:apache:http_server:2.0.54 cpe:/a:apache:http_server:2.0.9 cpe:/a:apache:http_server:1.3.15::win32 cpe:/a:apache:http_server:2.0.34:beta:win32 cpe:/a:apache:http_server:1.3.13::win32 cpe:/a:apache:http_server:2.0.46 cpe:/a:apache:http_server:2.0.47 cpe:/a:apache:http_server:2.0.44 cpe:/a:apache:http_server:2.0.45 cpe:/a:apache:http_server:2.0.48 cpe:/a:apache:http_server:1.3.14::win32 cpe:/a:apache:http_server:2.0.49 cpe:/a:apache:http_server:2.0.42 cpe:/a:apache:http_server:2.0.43 cpe:/a:apache:http_server:2.0.40 cpe:/a:apache:http_server:2.0.41 cpe:/a:apache:http_server:1.3.24::win32 cpe:/a:apache:http_server:1.3.16::win32 cpe:/a:apache:http_server:2.0.28:beta:win32 cpe:/a:apache:http_server:1.3.1 cpe:/a:apache:http_server:1.3.0 cpe:/a:apache:http_server:2.0.32 cpe:/a:apache:http_server:2.0.38 cpe:/a:apache:http_server:1.3.9 cpe:/a:apache:http_server:2.0.37 cpe:/a:apache:http_server:1.3.8 cpe:/a:apache:http_server:1.3.30 cpe:/a:apache:http_server:1.3.7 cpe:/a:apache:http_server:2.0.39 cpe:/a:apache:http_server:1.3.6 cpe:/a:apache:http_server:1.3.11::win32 cpe:/a:apache:http_server:1.3.32 cpe:/a:apache:http_server:1.3.5 cpe:/a:apache:http_server:1.3.31 cpe:/a:apache:http_server:1.3.4 cpe:/a:apache:http_server:2.0.36 cpe:/a:apache:http_server:1.3.3 cpe:/a:apache:http_server:1.3.7::dev cpe:/a:apache:http_server:2.0.35 cpe:/a:apache:http_server:1.3.2 cpe:/a:apache:http_server:1.3.26::win32 cpe:/a:apache:http_server:1.3.27 cpe:/a:apache:http_server:1.3.26 cpe:/a:apache:http_server:1.3.25 cpe:/a:apache:http_server:1.3.24 cpe:/a:apache:http_server:2.0.28:beta cpe:/a:apache:http_server:1.3.29 cpe:/a:apache:http_server:1.3.28 cpe:/a:apache:http_server:2.0.28 cpe:/a:apache:http_server:1.3 cpe:/a:apache:http_server:1.3.20::win32 cpe:/a:apache:http_server:1.3.22::win32 cpe:/a:apache:http_server:1.3.12::win32 cpe:/a:apache:http_server:1.3.23 cpe:/a:apache:http_server:2.0 cpe:/a:apache:http_server:1.3.22 cpe:/a:apache:http_server:1.3.20 CVE-2005-3352 2005-12-13T15:03:00.000-05:00 2009-10-30T00:41:31.233-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2005-12-14T10:33:00.000-05:00 CERT TA08-150A SECTRACK 1015344 MANDRIVA MDKSA-2006:007 UBUNTU USN-241-1 TRUSTIX TSLSA-2005-0074 BID 15834 HP SSRT061265 FEDORA FLSA-2006:175406 REDHAT RHSA-2006:0158 FEDORA FEDORA-2006-052 OPENPKG OpenPKG-SA-2005.029 GENTOO GLSA-200602-03 VUPEN ADV-2005-2870 AIXAPAR PK16139 SECUNIA 19012 SECUNIA 18743 SECUNIA 18585 SECUNIA 18526 SECUNIA 18517 SECUNIA 18429 SECUNIA 18340 SECUNIA 18339 SECUNIA 18333 SECUNIA 18008 SECUNIA 17319 REDHAT RHSA-2006:0159 SUSE SUSE-SR:2006:004 CONFIRM http://issues.apache.org/bugzilla/show_bug.cgi?id=37874 SGI 20060101-01-U HP SSRT061265 HP SSRT061269 HP HPSBUX02145 SUSE SUSE-SA:2006:043 VUPEN ADV-2008-1697 VUPEN ADV-2008-1246 VUPEN ADV-2008-0924 VUPEN ADV-2006-4868 VUPEN ADV-2006-4300 VUPEN ADV-2006-4015 VUPEN ADV-2006-3995 VUPEN ADV-2006-2423 DEBIAN DSA-1167 AIXAPAR PK25355 SUNALERT 102663 SUNALERT 102662 SLACKWARE SSA:2006-129-01 SLACKWARE SSA:2006-130-01 SECUNIA 30430 SECUNIA 29849 SECUNIA 29420 SECUNIA 25239 SECUNIA 23260 SECUNIA 22669 SECUNIA 22388 SECUNIA 22368 SECUNIA 22140 SECUNIA 21744 SECUNIA 20670 SECUNIA 20046 REDHAT RHSA-2006:0692 SUSE SUSE-SR:2007:011 APPLE APPLE-SA-2008-03-18 APPLE APPLE-SA-2008-05-28 HP SSRT071293 CONFIRM http://docs.info.apple.com/article.html?artnum=307562 Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps. CVE-2005-4265 2005-12-15T06:03:00.000-05:00 2009-10-31T00:54:22.077-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-4209. Reason: This candidate is a duplicate of CVE-2005-4209. Notes: All CVE users should reference CVE-2005-4209 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. cpe:/a:info-zip:unzip:5.31 cpe:/a:info-zip:unzip:5.42 cpe:/a:info-zip:unzip:5.50 cpe:/a:info-zip:unzip:5.41 cpe:/a:info-zip:unzip:5.40 cpe:/a:info-zip:unzip:5.3 cpe:/a:info-zip:unzip:5.2 cpe:/a:info-zip:unzip:5.32 CVE-2005-4667 2005-12-31T00:00:00.000-05:00 2009-11-12T00:52:35.563-05:00 3.7 LOCAL HIGH NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2006-01-26T09:12:00.000-05:00 ALLOWS_USER_ACCESS UBUNTU USN-248-2 UBUNTU USN-248-1 TRUSTIX 2006-0006 FEDORA FLSA:180159 DEBIAN DSA-1012 BID 15968 REDHAT RHSA-2007:0203 OSVDB 22400 SECUNIA 25098 FULLDISC 20051219 Unzip *ALL* verisons ;)) MANDRIVA MDKSA-2006:050 Buffer overflow in UnZip 5.50 and earlier allows user-assisted attackers to execute arbitrary code via a long filename command line argument. NOTE: since the overflow occurs in a non-setuid program, there are not many scenarios under which it poses a vulnerability, unless unzip is passed long arguments when it is invoked from other programs. cpe:/o:linux:linux_kernel:2.6.14:rc1 cpe:/o:linux:linux_kernel:2.6.14:rc4 cpe:/o:linux:linux_kernel:2.6.14:rc3 cpe:/o:linux:linux_kernel:2.6.14:rc2 cpe:/o:linux:linux_kernel:2.6.12.5 cpe:/o:linux:linux_kernel:2.6.12.6 cpe:/o:linux:linux_kernel:2.6.12.1 cpe:/o:linux:linux_kernel:2.6.12.2 cpe:/o:linux:linux_kernel:2.6.12.3 cpe:/o:linux:linux_kernel:2.6.12.4 cpe:/o:linux:linux_kernel:2.6.13:rc1 cpe:/o:linux:linux_kernel:2.6.13.1 cpe:/o:linux:linux_kernel:2.6.13.2 cpe:/o:linux:linux_kernel:2.6.13.3 cpe:/o:linux:linux_kernel:2.6.13.4 cpe:/o:linux:linux_kernel:2.6.13:rc4 cpe:/o:linux:linux_kernel:2.6.13:rc6 cpe:/o:linux:linux_kernel:2.6.14 cpe:/o:linux:linux_kernel:2.6.13 cpe:/o:linux:linux_kernel:2.6.13:rc7 cpe:/o:linux:linux_kernel:2.6.14.3 cpe:/o:linux:linux_kernel:2.6.14.1 cpe:/o:linux:linux_kernel:2.6.14.2 cpe:/o:linux:linux_kernel:2.6.12:rc4 cpe:/o:linux:linux_kernel:2.6.12:rc5 cpe:/o:linux:linux_kernel:2.6.12:rc1 CVE-2005-4639 2005-12-31T00:00:00.000-05:00 2009-11-12T00:51:24.483-05:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2006-06-06T08:16:00.000-04:00 ALLOWS_USER_ACCESS UBUNTU USN-244-1 BID 16142 VUPEN ADV-2006-0035 SECUNIA 18527 SECUNIA 18216 CONFIRM http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.15 XF linux-kernel-cadriver-bo(43323) MANDRIVA MDKSA-2006:040 Buffer overflow in the CA-driver (dst_ca.c) for TwinHan DST Frontend/Card in Linux kernel 2.6.12 and other versions before 2.6.15 allows local users to cause a denial of service (crash) and possibly execute arbitrary code by "reading more than 8 bytes into an 8 byte long array". cpe:/a:openoffice:openoffice:1.0.1 cpe:/a:openoffice:openoffice:1.0.2 cpe:/a:openoffice:openoffice:1.1.2 cpe:/a:openoffice:openoffice:1.1.3 cpe:/a:openoffice:openoffice:1.1.0 cpe:/a:openoffice:openoffice:1.1.1 cpe:/a:openoffice:openoffice:2.0 cpe:/a:openoffice:openoffice:1.1.4 cpe:/a:openoffice:openoffice:1.1.5 CVE-2005-4636 2005-12-31T00:00:00.000-05:00 2009-11-12T00:51:24.170-05:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2006-01-12T22:47:00.000-05:00 SECTRACK 1015419 CONFIRM http://qa.openoffice.org/issues/show_bug.cgi?id=53491 MANDRIVA MDKSA-2006:033 OpenOffice.org 2.0 and earlier, when hyperlinks has been disabled, does not prevent the user from clicking the WWW-browser button in the Hyperlink dialog, which makes it easier for attackers to trick the user into bypassing intended security settings. cpe:/o:linux:linux_kernel:2.6.14:rc1 cpe:/o:linux:linux_kernel:2.6.14:rc4 cpe:/o:linux:linux_kernel:2.6.14:rc3 cpe:/o:linux:linux_kernel:2.6.14:rc2 cpe:/o:linux:linux_kernel:2.6.11:rc2 cpe:/o:linux:linux_kernel:2.6.6:rc1 cpe:/o:linux:linux_kernel:2.6.11:rc4 cpe:/o:linux:linux_kernel:2.6.11:rc3 cpe:/o:linux:linux_kernel:2.6.12.5 cpe:/o:linux:linux_kernel:2.6.12.6 cpe:/o:linux:linux_kernel:2.6.12.1 cpe:/o:linux:linux_kernel:2.6.12.2 cpe:/o:linux:linux_kernel:2.6.12.3 cpe:/o:linux:linux_kernel:2.6.12.4 cpe:/o:linux:linux_kernel:2.6.13.1 cpe:/o:linux:linux_kernel:2.6.13.2 cpe:/o:linux:linux_kernel:2.6.13.3 cpe:/o:linux:linux_kernel:2.6.13.4 cpe:/o:linux:linux_kernel:2.6_test9_cvs cpe:/o:linux:linux_kernel:2.6.0:test10 cpe:/o:linux:linux_kernel:2.6.13:rc4 cpe:/o:linux:linux_kernel:2.6.13:rc6 cpe:/o:linux:linux_kernel:2.6.0:test11 cpe:/o:linux:linux_kernel:2.6.13:rc7 cpe:/o:linux:linux_kernel:2.6.14.3 cpe:/o:linux:linux_kernel:2.6.14.4 cpe:/o:linux:linux_kernel:2.6.7:rc1 cpe:/o:linux:linux_kernel:2.6.14.5 cpe:/o:linux:linux_kernel:2.6.10:rc2 cpe:/o:linux:linux_kernel:2.6.2 cpe:/o:linux:linux_kernel:2.6.3 cpe:/o:linux:linux_kernel:2.6.0 cpe:/o:linux:linux_kernel:2.6.14.1 cpe:/o:linux:linux_kernel:2.6.1 cpe:/o:linux:linux_kernel:2.6.14.2 cpe:/o:linux:linux_kernel:2.6.7 cpe:/o:linux:linux_kernel:2.6.0:test3 cpe:/o:linux:linux_kernel:2.6.6 cpe:/o:linux:linux_kernel:2.6.11.8 cpe:/o:linux:linux_kernel:2.6.0:test2 cpe:/o:linux:linux_kernel:2.6.5 cpe:/o:linux:linux_kernel:2.6.11.7 cpe:/o:linux:linux_kernel:2.6.0:test5 cpe:/o:linux:linux_kernel:2.6.4 cpe:/o:linux:linux_kernel:2.6.11.6 cpe:/o:linux:linux_kernel:2.6.0:test4 cpe:/o:linux:linux_kernel:2.6.11.5 cpe:/o:linux:linux_kernel:2.6.0:test1 cpe:/o:linux:linux_kernel:2.6.8 cpe:/o:linux:linux_kernel:2.6.13:rc1 cpe:/o:linux:linux_kernel:2.6.10 cpe:/o:linux:linux_kernel:2.6.1:rc2 cpe:/o:linux:linux_kernel:2.6.11.11 cpe:/o:linux:linux_kernel:2.6.11.12 cpe:/o:linux:linux_kernel:2.6.1:rc1 cpe:/o:linux:linux_kernel:2.6.15:rc1 cpe:/o:linux:linux_kernel:2.6.14 cpe:/o:linux:linux_kernel:2.6.13 cpe:/o:linux:linux_kernel:2.6.15:rc3 cpe:/o:linux:linux_kernel:2.6.11 cpe:/o:linux:linux_kernel:2.6.15 cpe:/o:linux:linux_kernel:2.6.9:2.6.20 cpe:/o:linux:linux_kernel:2.6.8:rc1 cpe:/o:linux:linux_kernel:2.6.0:test7 cpe:/o:linux:linux_kernel:2.6.8:rc2 cpe:/o:linux:linux_kernel:2.6.0:test6 cpe:/o:linux:linux_kernel:2.6.8:rc3 cpe:/o:linux:linux_kernel:2.6.0:test9 cpe:/o:linux:linux_kernel:2.6.0:test8 cpe:/o:linux:linux_kernel:2.6.12:rc4 cpe:/o:linux:linux_kernel:2.6.12:rc5 cpe:/o:linux:linux_kernel:2.6.12:rc1 CVE-2005-4618 2005-12-31T00:00:00.000-05:00 2009-11-12T00:51:20.547-05:00 3.6 LOCAL LOW NONE NONE PARTIAL PARTIAL http://nvd.nist.gov 2006-06-05T14:58:00.000-04:00 BID 16141 VUPEN ADV-2006-0035 DEBIAN DSA-1018 DEBIAN DSA-1017 SECUNIA 19374 SECUNIA 19369 SECUNIA 18527 SECUNIA 18216 UBUNTU USN-244-1 MISC http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.15 MISC http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=8febdd85adaa41fa1fc1cb31286210fc2cd3ed0c MISC http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.15 MANDRIVA MDKSA-2006:040 Buffer overflow in sysctl in the Linux Kernel 2.6 before 2.6.15 allows local users to corrupt user memory and possibly cause a denial of service via a long string, which causes sysctl to write a zero byte outside the buffer. NOTE: since the sysctl is called from a userland program that provides the argument, this might not be a vulnerability, unless a legitimate user-assisted or setuid scenario can be identified. cpe:/o:linux:linux_kernel:2.6.14:rc1 cpe:/o:linux:linux_kernel:2.6.15:rc1 cpe:/o:linux:linux_kernel:2.6.14:rc4 cpe:/o:linux:linux_kernel:2.6.15:rc3 cpe:/o:linux:linux_kernel:2.6.14:rc3 cpe:/o:linux:linux_kernel:2.6.14:rc2 cpe:/o:linux:linux_kernel:2.6.14.3 CVE-2005-4605 2005-12-31T00:00:00.000-05:00 2009-11-12T00:51:19.360-05:00 2.1 LOCAL LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2006-01-03T12:49:00.000-05:00 CONFIRM http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=8b90db0df7187a01fb7177f1f812123138f562cf FULLDISC 20051223 linux procfs vulnerablity CONFIRM http://linux.bkbits.net:8080/linux-2.6/gnupatch@43b562ae6hJGLWZA4TNf2k-RzXnVlQ CONFIRM http://linux.bkbits.net:8080/linux-2.6/cset@43b562ae6hJGLWZA4TNf2k-RzXnVlQ XF linux-procfs-information-disclosure(23811) UBUNTU USN-244-1 BID 16284 FEDORA FLSA:157459-4 REDHAT RHSA-2006:0101 CONFIRM http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00014.html SUSE SUSE-SA:2006:006 MANDRIVA MDKSA-2006:040 DEBIAN DSA-1017 SECUNIA 19374 SECUNIA 19038 SECUNIA 18788 SECUNIA 18527 SECUNIA 18510 SECUNIA 18351 SECUNIA 18216 SUSE SUSE-SA:2006:012 The procfs code (proc_misc.c) in Linux 2.6.14.3 and other versions before 2.6.15 allows attackers to read sensitive kernel memory via unspecified vectors in which a signed value is added to an unsigned value. cpe:/a:jean-jacques_sarton:mtink:1.0.5 CVE-2005-4604 2005-12-31T00:00:00.000-05:00 2009-11-12T00:51:19.110-05:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2006-01-03T08:00:00.000-05:00 ALLOWS_ADMIN_ACCESS BID 16095 SECUNIA 18287 SECUNIA 18249 MANDRIVA MDKSA-2005:239 Buffer overflow in MTink in the printer-filters-utils package allows local users to execute arbitrary code via a long HOME environment variable. cpe:/a:imagemagick:imagemagick:6.2.4.5 CVE-2005-4601 2005-12-31T00:00:00.000-05:00 2009-11-12T00:51:18.797-05:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2006-01-03T07:51:00.000-05:00 ALLOWS_USER_ACCESS BID 16093 SECUNIA 18261 MISC http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=345238 CONFIRM https://issues.rpath.com/browse/RPL-389 XF imagemagick-filename-command-injection(23927) UBUNTU USN-246-1 BUGTRAQ 20061127 rPSA-2006-0218-1 ImageMagick OSVDB 22121 SUSE SUSE-SR:2006:006 MANDRIVA MDKSA-2006:024 VUPEN ADV-2008-0412 DEBIAN DSA-957 SUNALERT 231321 SLACKWARE SSA:2006-045-03 SECUNIA 28800 SECUNIA 23090 SECUNIA 19408 SECUNIA 19183 SECUNIA 18871 SECUNIA 18631 SECUNIA 18607 REDHAT RHSA-2006:0178 SGI 20060301-01-U The delegate code in ImageMagick 6.2.4.5-0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a filename that is processed by the display command. cpe:/a:ibm:http_server:6.0 cpe:/a:apache:http_server:1.3.1 cpe:/a:apache:http_server:1.3.18 cpe:/a:ibm:http_server:6.1 cpe:/a:apache:http_server:2.2.1 cpe:/a:apache:http_server:1.3.17 cpe:/a:apache:http_server:2.0.57 cpe:/a:apache:http_server:1.3.19 cpe:/a:apache:http_server:1.3 cpe:/a:apache:http_server:1.3.12 cpe:/a:apache:http_server:2.2 cpe:/a:apache:http_server:1.3.11::win32 cpe:/a:apache:http_server:1.3.12::win32 cpe:/a:apache:http_server:1.3.22 cpe:/a:apache:http_server:2.0 cpe:/a:apache:http_server:1.3.20 CVE-2006-3918 2006-07-27T20:04:00.000-04:00 2009-10-31T01:17:06.610-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2006-07-31T15:50:00.000-04:00 VUPEN ADV-2006-2964 VUPEN ADV-2006-2963 SECUNIA 21174 SECUNIA 21172 REDHAT RHSA-2006:0619 VUPEN ADV-2006-3264 AIXAPAR PK27875 AIXAPAR PK24631 CONFIRM http://svn.apache.org/viewvc?view=rev&revision=394965 SECTRACK 1016569 SECUNIA 21478 SECUNIA 21399 REDHAT RHSA-2006:0618 HP HPSBUX02465 HP HPSBUX02465 BUGTRAQ 20060724 Write-up by Amit Klein: "Forging HTTP request headers with Flash" BUGTRAQ 20060508 Unfiltered Header Injection in Apache 1.3.34/2.0.57/2.2.1 CONFIRM http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117 UBUNTU USN-575-1 BID 19661 SUSE SUSE-SA:2006:051 VUPEN ADV-2006-5089 VUPEN ADV-2006-4207 DEBIAN DSA-1167 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-194.htm SREASON 1294 SECUNIA 29640 SECUNIA 28749 SECUNIA 22523 SECUNIA 22317 SECUNIA 22140 SECUNIA 21986 SECUNIA 21848 SECUNIA 21744 SECUNIA 21598 REDHAT RHSA-2006:0692 OPENBSD [3.9] 012: SECURITY FIX: October 7, 2006 SUSE SUSE-SA:2008:021 CONFIRM http://kb.vmware.com/KanisaPlatform/Publishing/466/5915871_f.SAL_Public.html SGI 20060801-01-P http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and (2) Apache HTTP Server 1.3 before 1.3.35, 2.0 before 2.0.58, and 2.2 before 2.2.2, does not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated using a Flash SWF file. cpe:/o:ubuntu:ubuntu_linux:5.04 cpe:/a:apache:http_server:2.0.55 cpe:/a:apache:http_server:2.0.56 cpe:/a:apache:http_server:2.0.57 cpe:/a:apache:http_server:2.0.58 cpe:/a:apache:http_server:1.3.9 cpe:/a:apache:http_server:1.3.8 cpe:/a:apache:http_server:1.3.7 cpe:/a:apache:http_server:1.3.30 cpe:/a:apache:http_server:1.3.6 cpe:/a:apache:http_server:2.0.50 cpe:/a:apache:http_server:1.3.5 cpe:/a:apache:http_server:1.3.32 cpe:/a:apache:http_server:2.0.51 cpe:/a:apache:http_server:1.3.4 cpe:/a:apache:http_server:1.3.31 cpe:/a:apache:http_server:2.0.52 cpe:/a:apache:http_server:1.3.7::dev cpe:/a:apache:http_server:1.3.3 cpe:/a:apache:http_server:2.0.53 cpe:/a:apache:http_server:1.3.33 cpe:/a:apache:http_server:2.0.54 cpe:/o:ubuntu:ubuntu_linux:5.10 cpe:/a:apache:http_server:2.0.46 cpe:/a:apache:http_server:2.0.47 cpe:/o:ubuntu:ubuntu_linux:6.06_lts cpe:/a:apache:http_server:1.3.29 cpe:/a:apache:http_server:2.0.48 cpe:/a:apache:http_server:1.3.28 cpe:/a:apache:http_server:2.0.49 CVE-2006-3747 2006-07-28T14:02:00.000-04:00 2009-10-27T00:47:03.577-04:00 7.6 NETWORK HIGH NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2006-07-31T16:54:00.000-04:00 ALLOWS_ADMIN_ACCESS CERT-VN VU#395412 CERT TA08-150A DEBIAN DSA-1132 DEBIAN DSA-1131 CONFIRM http://www.apache.org/dist/httpd/Announcement2.0.html CONFIRM https://issues.rpath.com/browse/RPL-538 XF apache-modrewrite-offbyone-bo(28063) CONFIRM http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117 UBUNTU USN-328-1 BID 19204 HP HPSBUX02164 HP HPSBUX02145 HP HPSBUX02145 HP HPSBUX02145 HP HPSBUX02145 BUGTRAQ 20060820 POC & exploit for Apache mod_rewrite off-by-one BUGTRAQ 20060728 rPSA-2006-0139-1 httpd mod_ssl BUGTRAQ 20060728 Apache mod_rewrite Buffer Overflow Vulnerability BUGTRAQ 20060728 [Announcement] Apache HTTP Server 2.2.3 (2.0.59, 1.3.37) Released OSVDB 27588 OPENPKG OpenPKG-SA-2006.015 SUSE SUSE-SA:2006:043 VUPEN ADV-2006-4015 VUPEN ADV-2006-3995 VUPEN ADV-2006-3884 VUPEN ADV-2006-3282 VUPEN ADV-2006-3264 VUPEN ADV-2006-3017 AIXAPAR PK27875 AIXAPAR PK29156 AIXAPAR PK29154 MISC http://svn.apache.org/viewvc?view=rev&revision=426144 SUNALERT 102663 SUNALERT 102662 SECTRACK 1016601 GENTOO GLSA-200608-01 SECUNIA 22388 SECUNIA 22368 SECUNIA 22262 SECUNIA 21509 SECUNIA 21478 SECUNIA 21315 SECUNIA 21313 SECUNIA 21307 SECUNIA 21284 SECUNIA 21273 SECUNIA 21266 SECUNIA 21247 SECUNIA 21245 SECUNIA 21241 SECUNIA 21197 FULLDISC 20060728 [Announcement] Apache HTTP Server 2.2.3 (2.0.59, 1.3.37) Released FULLDISC 20060728 Apache 1.3.29/2.X mod_rewrite Buffer Overflow Vulnerability CVE-2006-3747 MISC http://kbase.redhat.com/faq/FAQ_68_8653.shtm MANDRIVA MDKSA-2006:133 HP HPSBUX02164 MANDRIVA MDKSA-2006:133 VUPEN ADV-2008-1697 VUPEN ADV-2008-1246 VUPEN ADV-2008-0924 VUPEN ADV-2007-2783 VUPEN ADV-2006-4868 VUPEN ADV-2006-4300 VUPEN ADV-2006-4207 CONFIRM http://www-1.ibm.com/support/docview.wss?uid=swg27007951 SREASON 1312 SECUNIA 30430 SECUNIA 29849 SECUNIA 29420 SECUNIA 26329 SECUNIA 23260 SECUNIA 23028 SECUNIA 22523 SECUNIA 21346 TRUSTIX 2006-0044 APPLE APPLE-SA-2008-03-18 APPLE APPLE-SA-2008-05-28 HP HPSBMA02328 HP SSRT061275 CONFIRM http://docs.info.apple.com/article.html?artnum=307562 Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted URLs that are not properly handled using certain rewrite rules. cpe:/a:openssl:openssl:0.9.3 cpe:/a:openssl:openssl:0.9.4 cpe:/a:openssl:openssl:0.9.7 cpe:/a:openssl:openssl:0.9.8 cpe:/a:openssl:openssl:0.9.5 cpe:/a:openssl:openssl:0.9.6 cpe:/a:openssl:openssl:0.9.6a cpe:/a:openssl:openssl:0.9.6b cpe:/a:openssl:openssl:0.9.1c cpe:/a:openssl:openssl:0.9.8b cpe:/a:openssl:openssl:0.9.6c cpe:/a:openssl:openssl:0.9.8a cpe:/a:openssl:openssl:0.9.6d cpe:/a:openssl:openssl:0.9.6a:beta1 cpe:/a:openssl:openssl:0.9.6e cpe:/a:openssl:openssl:0.9.6f cpe:/a:openssl:openssl:0.9.6a:beta3 cpe:/a:openssl:openssl:0.9.6g cpe:/a:openssl:openssl:0.9.6a:beta2 cpe:/a:openssl:openssl:0.9.6h cpe:/a:openssl:openssl:0.9.6:beta1 cpe:/a:openssl:openssl:0.9.6:beta2 cpe:/a:openssl:openssl:0.9.6:beta3 cpe:/a:openssl:openssl:0.9.7j cpe:/a:openssl:openssl:0.9.7i cpe:/a:openssl:openssl:0.9.7h cpe:/a:openssl:openssl:0.9.7g cpe:/a:openssl:openssl:0.9.7f cpe:/a:openssl:openssl:0.9.7e cpe:/a:openssl:openssl:0.9.7d cpe:/a:openssl:openssl:0.9.7c cpe:/a:openssl:openssl:0.9.7b cpe:/a:openssl:openssl:0.9.5:beta2 cpe:/a:openssl:openssl:0.9.7a cpe:/a:openssl:openssl:0.9.2b cpe:/a:openssl:openssl:0.9.5:beta1 cpe:/a:openssl:openssl:0.9.5a cpe:/a:openssl:openssl:0.9.3a cpe:/a:openssl:openssl:0.9.6m cpe:/a:openssl:openssl:0.9.6k cpe:/a:openssl:openssl:0.9.5a:beta2 cpe:/a:openssl:openssl:0.9.5a:beta1 cpe:/a:openssl:openssl:0.9.6l cpe:/a:openssl:openssl:0.9.6i cpe:/a:openssl:openssl:0.9.6j CVE-2006-4339 2006-09-05T13:04:00.000-04:00 2009-11-21T01:09:20.297-05:00 5.1 NETWORK HIGH NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2006-09-05T13:17:00.000-04:00 ALLOWS_USER_ACCESS CERT-VN VU#845620 CERT TA06-333A DEBIAN DSA-1173 UBUNTU USN-339-1 BID 19849 CONFIRM http://www.openssl.org/news/secadv_20060905.txt VUPEN ADV-2006-3453 DEBIAN DSA-1174 SECUNIA 21709 HP SSRT061213 HP SSRT061213 HP SSRT061213 HP SSRT061213 HP SSRT061213 HP SSRT061213 HP SSRT061213 HP SSRT061213 HP SSRT061213 HP SSRT061213 HP SSRT061213 HP SSRT061213 HP SSRT061213 HP SSRT061213 HP SSRT061213 HP SSRT061213 HP SSRT061213 HP SSRT061213 HP SSRT061213 HP SSRT061213 HP SSRT061213 HP SSRT061213 HP SSRT061213 HP SSRT061213 HP SSRT061213 CONFIRM https://issues.rpath.com/browse/RPL-616 XF openssl-rsa-security-bypass(28755) HP HPSBUX02153 HP HPSBUX02153 HP HPSBUX02153 HP HPSBUX02153 HP HPSBUX02153 HP HPSBUX02165 HP HPSBUX02165 HP HPSBUX02165 HP HPSBUX02165 HP HPSBUX02165 HP HPSBUX02165 HP HPSBUX02165 HP HPSBUX02165 HP HPSBUX02165 BUGTRAQ 20060912 ERRATA: [ GLSA 200609-05 ] OpenSSL, AMD64 x86 emulation base libraries: RSA signature forgery BUGTRAQ 20060905 rPSA-2006-0163-1 openssl openssl-scripts REDHAT RHSA-2008:0629 REDHAT RHSA-2006:0661 OSVDB 28549 CONFIRM http://www.opera.com/support/search/supsearch.dml?index=845 OPENBSD [3.9] 20060908 011: SECURITY FIX: September 8, 2006 SUSE SUSE-SA:2006:055 MISC http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/ MANDRIVA MDKSA-2006:161 MLIST [ietf-openpgp] 20060827 Bleichenbacher's RSA signature forgery based on implementation error VUPEN ADV-2006-3793 VUPEN ADV-2006-3730 VUPEN ADV-2006-3566 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-188.htm SLACKWARE SSA:2006-257-02 SECTRACK 1016791 GENTOO GLSA-200609-18 GENTOO GLSA-200609-05 FREEBSD FreeBSD-SA-06:19 SECUNIA 31492 SECUNIA 22259 SECUNIA 22161 SECUNIA 22036 SECUNIA 21982 SECUNIA 21930 SECUNIA 21927 SECUNIA 21906 SECUNIA 21873 SECUNIA 21870 SECUNIA 21852 SECUNIA 21846 SECUNIA 21823 SECUNIA 21812 SECUNIA 21791 SECUNIA 21785 SECUNIA 21778 SECUNIA 21776 SECUNIA 21767 HP HPSBMA02250 HP SSRT061273 MANDRIVA MDKSA-2006:178 MANDRIVA MDKSA-2006:177 SGI 20060901-01-P HP SSRT061213 CONFIRM https://secure-support.novell.com/KanisaPlatform/Publishing/41/3143224_f.SAL_Public.html CONFIRM https://issues.rpath.com/browse/RPL-1633 CONFIRM http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117 HP HPSBUX02153 CONFIRM http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html CONFIRM http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html CONFIRM http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html CONFIRM http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html CONFIRM http://www.vmware.com/support/server/doc/releasenotes_server.html CONFIRM http://www.vmware.com/support/player2/doc/releasenotes_player2.html CONFIRM http://www.vmware.com/support/player/doc/releasenotes_player.html CONFIRM http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html CONFIRM http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html CONFIRM http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html CONFIRM http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html CONFIRM http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html CONFIRM http://www.vmware.com/security/advisories/VMSA-2008-0005.html CONFIRM http://www.sybase.com/detail?id=1047991 CONFIRM http://www.serv-u.com/releasenotes/ BID 28276 BID 22083 BUGTRAQ 20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues BUGTRAQ 20070110 VMware ESX server security updates HP HPSBUX02165 REDHAT RHSA-2007:0073 REDHAT RHSA-2007:0072 REDHAT RHSA-2007:0062 CONFIRM http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html OPENPKG OpenPKG-SA-2006.029 OPENPKG OpenPKG-SA-2006.018 SUSE SUSE-SA:2007:010 SUSE SUSE-SA:2006:061 SUSE SUSE-SR:2006:026 MANDRIVA MDKSA-2006:207 MANDRIVA MDKSA-2006:178 MANDRIVA MDKSA-2006:177 GENTOO GLSA-200610-06 VUPEN ADV-2008-0905 VUPEN ADV-2007-4224 VUPEN ADV-2007-2783 VUPEN ADV-2007-2315 VUPEN ADV-2007-2163 VUPEN ADV-2007-1945 VUPEN ADV-2007-1815 VUPEN ADV-2007-1401 VUPEN ADV-2007-0343 VUPEN ADV-2007-0254 VUPEN ADV-2006-5146 VUPEN ADV-2006-4750 VUPEN ADV-2006-4744 VUPEN ADV-2006-4586 VUPEN ADV-2006-4417 VUPEN ADV-2006-4366 VUPEN ADV-2006-4329 VUPEN ADV-2006-4327 VUPEN ADV-2006-4216 VUPEN ADV-2006-4207 VUPEN ADV-2006-4206 VUPEN ADV-2006-4205 VUPEN ADV-2006-3936 VUPEN ADV-2006-3899 VUPEN ADV-2006-3748 CISCO 20061108 Multiple Vulnerabilities in OpenSSL library CISCO 20061108 Multiple Vulnerabilities in OpenSSL Library CONFIRM http://www.bluecoat.com/support/knowledge/openSSL_RSA_Signature_forgery.html CONFIRM http://www.arkoon.fr/upload/alertes/40AK-2006-04-FR-1.1_SSL360_OPENSSL_RSA.pdf CONFIRM http://support.attachmate.com/techdocs/2137.html CONFIRM http://support.attachmate.com/techdocs/2128.html CONFIRM http://support.attachmate.com/techdocs/2127.html SUNALERT 201534 SUNALERT 201247 SUNALERT 200708 SUNALERT 102759 SUNALERT 102744 SUNALERT 102722 SUNALERT 102696 SUNALERT 102686 SUNALERT 102657 SUNALERT 102656 SUNALERT 102648 SLACKWARE SSA:2006-310-01 SECTRACK 1017522 SECUNIA 28115 SECUNIA 26893 SECUNIA 26329 SECUNIA 25649 SECUNIA 25399 SECUNIA 25284 SECUNIA 24950 SECUNIA 24930 SECUNIA 24099 SECUNIA 23915 SECUNIA 23841 SECUNIA 23794 SECUNIA 23680 SECUNIA 23455 SECUNIA 23155 SECUNIA 22949 SECUNIA 22948 SECUNIA 22940 SECUNIA 22939 SECUNIA 22938 SECUNIA 22937 SECUNIA 22936 SECUNIA 22934 SECUNIA 22932 SECUNIA 22799 SECUNIA 22758 SECUNIA 22733 SECUNIA 22711 SECUNIA 22689 SECUNIA 22671 SECUNIA 22585 SECUNIA 22545 SECUNIA 22523 SECUNIA 22513 SECUNIA 22509 SECUNIA 22446 SECUNIA 22325 SECUNIA 22284 SECUNIA 22260 SECUNIA 22232 SECUNIA 22226 SECUNIA 22066 SECUNIA 22044 CONFIRM http://openvpn.net/changelog.html MLIST [bind-announce] 20061103 Internet Systems Consortium Security Advisory. [revised] MLIST [security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues APPLE APPLE-SA-2007-12-14 APPLE APPLE-SA-2006-11-28 HP HPSBUX02186 HP HPSBMA02250 HP SSRT061273 MANDRIVA MDKSA-2006:207 MISC http://docs.info.apple.com/article.html?artnum=307177 CONFIRM http://docs.info.apple.com/article.html?artnum=304829 BEA BEA07-169.00 OpenSSL before 0.9.7, 0.9.7 before 0.9.7k, and 0.9.8 before 0.9.8c, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents OpenSSL from correctly verifying X.509 and other certificates that use PKCS #1. cpe:/a:sun:jre:1.5.0:update7 cpe:/a:sun:jre:1.4.2:update12 cpe:/a:sun:jdk:1.5.0:update7 cpe:/a:sun:sdk:1.3.1_18 cpe:/a:sun:jre:1.3.1:update18 cpe:/a:sun:sdk:1.4.2_12 CVE-2006-6731 2006-12-26T18:28:00.000-05:00 2009-11-20T00:59:35.157-05:00 9.3 NETWORK MEDIUM NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2006-12-27T14:17:00.000-05:00 ALLOWS_ADMIN_ACCESS CERT-VN VU#939609 CERT-VN VU#149457 CERT TA07-022A BID 21675 VUPEN ADV-2006-5073 SUNALERT 102729 SECTRACK 1017425 SECUNIA 23650 SECUNIA 23445 MISC http://scary.beasts.org/security/CESA-2005-008.txt SUSE SUSE-SA:2007:003 HP SSRT071318 HP SSRT071318 HP SSRT071318 HP SSRT071318 HP SSRT071318 HP SSRT071318 HP SSRT071318 REDHAT RHSA-2007:0073 REDHAT RHSA-2007:0072 REDHAT RHSA-2007:0062 SUSE SUSE-SA:2007:010 GENTOO GLSA-200705-20 VUPEN ADV-2007-4224 VUPEN ADV-2007-1814 VUPEN ADV-2007-0936 GENTOO GLSA-200702-08 GENTOO GLSA-200701-15 SECUNIA 28115 SECUNIA 25404 SECUNIA 25283 SECUNIA 24468 SECUNIA 24189 SECUNIA 24099 SECUNIA 23835 APPLE APPLE-SA-2007-12-14 HP SSRT071318 MISC http://docs.info.apple.com/article.html?artnum=307177 BEA BEA07-174.00 Multiple buffer overflows in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 7 and earlier, Java System Development Kit (SDK) and JRE 1.4.2_12 and earlier 1.4.x versions, and SDK and JRE 1.3.1_18 and earlier allow attackers to develop Java applets that read, write, or execute local files, possibly related to (1) integer overflows in the Java_sun_awt_image_ImagingLib_convolveBI, awt_parseRaster, and awt_parseColorModel functions; (2) a stack overflow in the Java_sun_awt_image_ImagingLib_lookupByteRaster function; and (3) improper handling of certain negative values in the Java_sun_font_SunLayoutEngine_nativeLayout function. NOTE: some of these details are obtained from third party information. cpe:/a:ca:brightstor_arcserve_backup_server:11.5 CVE-2006-6917 2006-12-31T00:00:00.000-05:00 2009-11-10T01:16:53.563-05:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2007-01-12T15:55:00.000-05:00 ALLOWS_ADMIN_ACCESS BUGTRAQ 20061211 Re: LS-20060908 - Computer Associates BrightStor ARCserve Backup BUGTRAQ 20061211 Re: LS-20061001 - Computer Associates BrightStor ARCserve Backup BUGTRAQ 20061211 Re: LS-20061001 - Computer Associates BrightStor ARCserve Backup BUGTRAQ 20061208 LS-20060908 - Computer Associates BrightStor ARCserve Backup v11.5 Remote Buffer Overflow Vulnerability MISC http://www.lssec.com/advisories/LS-20061001.pdf MISC http://www.lssec.com/advisories/LS-20060908.pdf CONFIRM http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34959 CONFIRM http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97428 BUGTRAQ 20070109 CA BrightStor ARCserve Backup Tape Engine Exploit Security Notice BUGTRAQ 20070111 [CAID 34955, 34956, 34957, 34958, 34959, 34817]: CA BrightStor ARCserve Backup Multiple Overflow Vulnerabilities MILW0RM 3086 MISC http://supportconnectw.ca.com/public/storage/infodocs/basbrtapeeng-secnotice.asp MILW0RM 3086 Multiple buffer overflows in Computer Associates (CA) BrightStor ARCserve Backup R11.5 Server before SP2 allows remote attackers to execute arbitrary code in the Tape Engine (tapeeng.exe) via a crafted RPC request with (1) opnum 38, which is not properly handled in TAPEUTIL.dll 11.5.3884.0, or (2) opnum 37, which is not properly handled in TAPEENG.dll 11.5.3884.0. cpe:/a:microsoft:internet_explorer:6 cpe:/a:microsoft:xml_core_services:3.0 CVE-2007-0099 2007-01-08T15:28:00.000-05:00 2009-11-05T00:00:00.000-05:00 9.3 NETWORK MEDIUM NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2007-01-08T16:05:00.000-05:00 CERT TA08-316A BID 21872 MS MS08-069 VUPEN ADV-2008-3111 BUGTRAQ 20070104 Re: RE: [Full-disclosure] Concurrency strikes MSIE (potentially exploitablemsxml3 flaws) BUGTRAQ 20070104 RE: [Full-disclosure] Concurrency strikes MSIE (potentially exploitablemsxml3 flaws) BUGTRAQ 20070104 Concurrency strikes MSIE (potentially exploitable msxml3 flaws) SECTRACK 1021164 SECUNIA 23655 FULLDISC 20070104 Concurrency strikes MSIE (potentially exploitable msxml3 flaws) OSVDB 32627 MISC http://isc.sans.org/diary.php?storyid=2004 FULLDISC 20070104 Re: Concurrency strikes MSIE (potentially exploitablemsxml3 flaws) Race condition in the msxml3 module in Microsoft XML Core Services 3.0, as used in Internet Explorer 6 and other applications, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via many nested tags in an XML document in an IFRAME, when synchronous document rendering is frequently disrupted with asynchronous events, as demonstrated using a JavaScript timer, which can trigger NULL pointer dereferences or memory corruption, aka "MSXML Memory Corruption Vulnerability." cpe:/a:sun:jdk:1.5.0:update9 cpe:/a:sun:sdk:1.4.2_08 cpe:/a:sun:sdk:1.4.2_09 cpe:/a:sun:jdk:1.5.0:update8 cpe:/a:sun:jdk:1.5.0:update5 cpe:/a:sun:jdk:1.5.0:update4 cpe:/a:sun:jdk:1.5.0:update7 cpe:/a:sun:jre:1.3.1:update18 cpe:/a:sun:jdk:1.5.0:update3 cpe:/a:sun:sdk:1.4.2_03 cpe:/a:sun:jre:1.3.1:update16 cpe:/a:sun:jre:1.4.2:update8 cpe:/a:sun:jre:1.4.2:update7 cpe:/a:sun:jre:1.4.2:update9 cpe:/a:sun:jre:1.4.2:update4 cpe:/a:sun:jre:1.4.2:update3 cpe:/a:sun:jre:1.4.2:update6 cpe:/a:sun:sdk:1.3.1_16 cpe:/a:sun:jre:1.4.2:update5 cpe:/a:sun:sdk:1.3.1_18 cpe:/a:sun:jre:1.4.2:update2 cpe:/a:sun:jre:1.4.2:update1 cpe:/a:sun:sdk:1.4.2 cpe:/a:sun:jre:1.5.0:update5 cpe:/a:sun:jre:1.5.0:update4 cpe:/a:sun:jre:1.5.0:update7 cpe:/a:sun:jre:1.5.0:update6 cpe:/a:sun:jre:1.4.2:update12 cpe:/a:sun:jre:1.5.0:update3 cpe:/a:sun:jre:1.4.2:update10 cpe:/a:sun:jre:1.4.2:update11 cpe:/a:sun:sdk:1.4.2_12 cpe:/a:sun:jre:1.5.0:update9 cpe:/a:sun:jre:1.5.0:update8 cpe:/a:sun:sdk:1.3.1_01a cpe:/a:sun:sdk:1.3.1_01 cpe:/a:sun:sdk:1.4.2_10 CVE-2007-0243 2006-06-16T00:00:00.000-04:00 2007-01-17T17:28:00.000-05:00 2009-11-18T01:21:03.000-05:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2007-01-18T09:13:00.000-05:00 ALLOWS_OTHER_ACCESS CERT TA07-022A CERT-VN VU#388289 MISC http://www.zerodayinitiative.com/advisories/ZDI-07-005.html SUNALERT 102760 XF jre-gif-bo(31537) BID 22085 BUGTRAQ 20070121 Sun Microsystems Java GIF File Parsing Memory Corruption Vulnerability Prove Of Concept Exploit BUGTRAQ 20070117 ZDI-07-005: Sun Microsystems Java GIF File Parsing Memory Corruption Vulnerability REDHAT RHSA-2007:0956 REDHAT RHSA-2007:0167 REDHAT RHSA-2007:0166 SUSE SUSE-SA:2007:045 GENTOO GLSA-200702-07 VUPEN ADV-2007-4224 VUPEN ADV-2007-1814 VUPEN ADV-2007-0936 VUPEN ADV-2007-0211 CONFIRM http://support.novell.com/techcenter/psdb/d2f549cc040cd81ae4a268bb5edfe918.html CONFIRM http://support.novell.com/techcenter/psdb/4f850d1e2b871db609de64ec70f0089c.html SECTRACK 1017520 SREASON 2158 GENTOO GLSA-200702-08 SECUNIA 28115 SECUNIA 27203 SECUNIA 26645 SECUNIA 26119 SECUNIA 26049 SECUNIA 25283 SECUNIA 24993 SECUNIA 24468 SECUNIA 24202 SECUNIA 24189 SECUNIA 23757 OSVDB 32834 APPLE APPLE-SA-2007-12-14 HP HPSBUX02196 HP HPSBUX02196 HP HPSBUX02196 HP HPSBUX02196 HP HPSBUX02196 HP HPSBUX02196 HP HPSBUX02196 HP HPSBUX02196 HP HPSBUX02196 HP HPSBUX02196 HP HPSBUX02196 MISC http://docs.info.apple.com/article.html?artnum=307177 BEA BEA07-172.00 REDHAT RHSA-2008:0261 Buffer overflow in Sun JDK and Java Runtime Environment (JRE) 5.0 Update 9 and earlier, SDK and JRE 1.4.2_12 and earlier, and SDK and JRE 1.3.1_18 and earlier allows applets to gain privileges via a GIF image with a block with a 0 width field, which triggers memory corruption. cpe:/a:apop_protocol:apop_protocol CVE-2007-1558 2007-04-16T18:19:00.000-04:00 2009-11-13T01:34:28.627-05:00 2.6 NETWORK HIGH NONE PARTIAL NONE NONE http://nvd.nist.gov 2007-04-18T09:30:00.000-04:00 CERT TA07-151A BID 23257 CONFIRM http://www.mozilla.org/security/announce/2007/mfsa2007-15.html VUPEN ADV-2007-1994 VUPEN ADV-2007-1939 VUPEN ADV-2007-1480 VUPEN ADV-2007-1468 VUPEN ADV-2007-1467 VUPEN ADV-2007-1466 DEBIAN DSA-1305 CONFIRM https://issues.rpath.com/browse/RPL-1424 CONFIRM https://issues.rpath.com/browse/RPL-1232 CONFIRM https://issues.rpath.com/browse/RPL-1231 UBUNTU USN-520-1 UBUNTU USN-469-1 SECTRACK 1018008 BUGTRAQ 20070620 FLEA-2007-0027-1: thunderbird BUGTRAQ 20070619 FLEA-2007-0026-1: evolution-data-server BUGTRAQ 20070615 rPSA-2007-0122-1 evolution-data-server BUGTRAQ 20070531 FLEA-2007-0023-1: firefox BUGTRAQ 20070403 Re: APOP vulnerability BUGTRAQ 20070402 APOP vulnerability REDHAT RHSA-2009:1140 REDHAT RHSA-2007:0402 REDHAT RHSA-2007:0401 REDHAT RHSA-2007:0386 REDHAT RHSA-2007:0385 REDHAT RHSA-2007:0353 REDHAT RHSA-2007:0344 MLIST [oss-security] 20090818 Re: CVE-2007-1558 update (was: mailfilter 0.8.2 fixes CVE-2007-1558 (APOP)) MLIST [oss-security] 20090815 mailfilter 0.8.2 fixes CVE-2007-1558 (APOP) SUSE SUSE-SA:2007:036 SUSE SUSE-SR:2007:014 MANDRIVA MDKSA-2007:131 MANDRIVA MDKSA-2007:119 MANDRIVA MDKSA-2007:113 MANDRIVA MDKSA-2007:107 MANDRIVA MDKSA-2007:105 DEBIAN DSA-1300 CONFIRM http://www.claws-mail.org/news.php CONFIRM http://sylpheed.sraoss.jp/en/news.html CONFIRM http://sourceforge.net/forum/forum.php?forum_id=683706 SLACKWARE SSA:2007-152-02 GENTOO GLSA-200706-06 SECUNIA 35699 MLIST [balsa-list] 20070704 balsa-2.3.17 released APPLE APPLE-SA-2007-05-24 HP SSRT061236 HP SSRT061236 HP SSRT061236 HP SSRT061236 HP HPSBUX02153 HP HPSBUX02153 HP HPSBUX02153 HP HPSBUX02153 MANDRIVA MDKSA-2007:105 CONFIRM http://fetchmail.berlios.de/fetchmail-SA-2007-01.txt CONFIRM http://docs.info.apple.com/article.html?artnum=305530 CONFIRM http://balsa.gnome.org/download.html SGI 20070602-01-P VUPEN ADV-2008-0082 VUPEN ADV-2007-2788 SECUNIA 26415 SECUNIA 26083 SECUNIA 25894 SECUNIA 25858 SECUNIA 25798 SECUNIA 25750 SECUNIA 25664 SECUNIA 25559 SECUNIA 25546 SECUNIA 25534 SECUNIA 25529 SECUNIA 25496 SECUNIA 25476 SECUNIA 25402 SECUNIA 25353 HP SSRT061236 HP HPSBUX02153 The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle (MITM) attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APOP, including (1) Thunderbird 1.x before 1.5.0.12 and 2.x before 2.0.0.4, (2) Evolution, (3) mutt, (4) fetchmail before 6.3.8, (5) SeaMonkey 1.0.x before 1.0.9 and 1.1.x before 1.1.2, (6) Balsa 2.3.16 and earlier, (7) Mailfilter before 0.8.2, and possibly other products. cpe:/a:php:php:5.2.0 cpe:/a:php:php:5.2.1 cpe:/a:php:php:5.2.2 cpe:/a:php:php:4.4.7 cpe:/a:php:php:5.0.0 cpe:/a:php:php:5.1 cpe:/a:php:php:5.0.2 cpe:/a:php:php:5.1.4 cpe:/a:php:php:5.0.1 cpe:/a:php:php:5.1.5 cpe:/a:php:php:5.1.6 cpe:/a:php:php:5.0.4 cpe:/a:php:php:5.0.3 cpe:/a:php:php:5.1.0 cpe:/a:php:php:5.0.5 cpe:/a:php:php:5.1.1 cpe:/a:php:php:5.1.2 cpe:/a:php:php:5.1.3 CVE-2007-2872 2007-06-04T13:30:00.000-04:00 2009-11-08T01:32:51.203-05:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2007-06-05T08:38:00.000-04:00 CONFIRM http://www.php.net/releases/5_2_3.php FEDORA FEDORA-2007-2215 FEDORA FEDORA-2007-709 CONFIRM https://launchpad.net/bugs/173043 CONFIRM https://issues.rpath.com/browse/RPL-1702 CONFIRM https://issues.rpath.com/browse/RPL-1693 XF php-chunksplit-security-bypass(39398) VUPEN ADV-2008-0059 UBUNTU USN-549-1 UBUNTU USN-549-2 TRUSTIX 2007-0023 SECTRACK 1018186 BID 24261 HP SSRT080056 BUGTRAQ 20070601 SEC Consult SA-20070601-0 :: PHP chunk_split() integer overflow MISC http://www.sec-consult.com/291.html REDHAT RHSA-2007:0891 REDHAT RHSA-2007:0890 REDHAT RHSA-2007:0888 CONFIRM http://www.php.net/releases/4_4_8.php CONFIRM http://www.php.net/ChangeLog-4.php OPENPKG OpenPKG-SA-2007.020 MANDRIVA MDKSA-2007:187 GENTOO GLSA-200710-02 VUPEN ADV-2007-3386 VUPEN ADV-2007-2061 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm SLACKWARE SSA:2007-152-01 SECUNIA 28318 SECUNIA 27864 SECUNIA 27545 SECUNIA 27377 SECUNIA 27351 SECUNIA 27110 SECUNIA 27102 SECUNIA 27037 SECUNIA 26967 SECUNIA 26930 SECUNIA 26895 SECUNIA 26871 SECUNIA 26838 SECUNIA 26231 SECUNIA 26048 SECUNIA 25535 SECUNIA 25456 REDHAT RHSA-2007:0889 SUSE SUSE-SA:2007:044 HP SSRT080010 HP SSRT071447 HP SSRT071447 HP SSRT080056 VUPEN ADV-2008-0398 SLACKWARE SSA:2008-045-03 SECUNIA 30040 SECUNIA 28936 SECUNIA 28750 SECUNIA 28658 SUSE SUSE-SA:2008:004 HP SSRT080010 Multiple integer overflows in the chunk_split function in PHP 5 before 5.2.3 and PHP 4 before 4.4.8 allow remote attackers to cause a denial of service (crash) or execute arbitrary code via the (1) chunks, (2) srclen, and (3) chunklen arguments. cpe:/a:mozilla:firefox:2.0 cpe:/a:mozilla:firefox:0.10 cpe:/a:mozilla:firefox:1.0 cpe:/a:mozilla:firefox:2.0:rc2 cpe:/a:mozilla:firefox:2.0:rc3 cpe:/a:mozilla:firefox:0.9 cpe:/a:mozilla:firefox:2.0:beta1 cpe:/a:mozilla:firefox:0.8 cpe:/a:mozilla:firefox:0.10.1 cpe:/a:mozilla:firefox:1.5.6 cpe:/a:mozilla:firefox:1.5.0.1 cpe:/a:mozilla:firefox:1.5.5 cpe:/a:mozilla:firefox:1.5.0.2 cpe:/a:mozilla:firefox:1.5.4 cpe:/a:mozilla:firefox:1.5.0.11 cpe:/a:mozilla:firefox:1.5.0.3 cpe:/a:mozilla:firefox:1.5.3 cpe:/a:mozilla:firefox:1.5.0.10 cpe:/a:mozilla:firefox:1.5.0.4 cpe:/a:mozilla:firefox:1.5.0.5 cpe:/a:mozilla:firefox:1.5.0.6 cpe:/a:mozilla:firefox:1.5.8 cpe:/a:mozilla:firefox:1.5.0.7 cpe:/a:mozilla:firefox:1.5.7 cpe:/a:mozilla:firefox:1.5.0.8 cpe:/a:mozilla:firefox:1.5 cpe:/a:mozilla:firefox:1.5.2 cpe:/a:mozilla:firefox:1.5.1 cpe:/a:mozilla:firefox:2.0.0.2 cpe:/a:mozilla:firefox:1.0.8 cpe:/a:mozilla:firefox:2.0.0.1 cpe:/a:mozilla:firefox:2.0.0.4 cpe:/a:mozilla:firefox:2.0.0.3 cpe:/a:mozilla:firefox:0.9.3 cpe:/a:mozilla:firefox:1.5.0.9 cpe:/a:mozilla:firefox:1.0.1 cpe:/a:mozilla:firefox:0.9.2 cpe:/a:mozilla:firefox:1.0.2 cpe:/a:mozilla:firefox:0.9.1 cpe:/a:mozilla:firefox:1.0.3 cpe:/a:mozilla:firefox:1.0.4 cpe:/a:mozilla:firefox:1.0.5 cpe:/a:mozilla:firefox:1.0.6 cpe:/a:mozilla:firefox:1.0.7 CVE-2007-3285 2007-06-20T15:30:00.000-04:00 2009-10-26T01:02:24.127-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2007-06-21T10:26:00.000-04:00 ALLOWS_OTHER_ACCESS MISC https://bugzilla.mozilla.org/show_bug.cgi?id=383478 UBUNTU USN-490-1 SECTRACK 1018413 BID 24447 SUSE SUSE-SA:2007:049 CONFIRM http://www.mozilla.org/security/announce/2007/mfsa2007-22.html MANDRIVA MDKSA-2007:152 MISC http://www.0x000000.com/?i=333 CONFIRM http://support.novell.com/techcenter/psdb/07d098f99c9fe6956523beae37f32fda.html SECUNIA 26271 SECUNIA 26258 SECUNIA 26216 SECUNIA 26204 SECUNIA 26149 SECUNIA 26072 OSVDB 38032 HP HPSBUX02153 CONFIRM ftp://ftp.slackware.com/pub/slackware/slackware-12.0/ChangeLog.txt VUPEN ADV-2007-4256 SUNALERT 201516 SUNALERT 103177 SECUNIA 28135 HP HPSBUX02153 Mozilla Firefox before 2.0.0.5, when run on Windows, allows remote attackers to bypass file type checks and possibly execute programs via a (1) file:/// or (2) resource: URI with a dangerous extension, followed by a NULL byte (%00) and a safer extension, which causes Firefox to treat the requested file differently than Windows would. cpe:/a:adventnet:manageengine_netflow_analyzer:5 CVE-2007-3593 2007-07-06T14:30:00.000-04:00 2009-11-10T01:29:45.953-05:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2007-07-09T17:29:00.000-04:00 BID 24766 SECUNIA 25947 MISC http://lostmon.blogspot.com/2007/07/netflow-analizer-5-opmanager-7-multiple.html XF netflowanalyzer-opmanager-multiple-xss(35263) Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine NetFlow Analyzer 5 allow remote attackers to inject arbitrary web script or HTML via the (1) alpha parameter in (a) netflow/jspui/applicationList.jsp, the (2) task parameter in (b) netflow/jspui/appConfig.jsp, the (3) view parameter in (c) netflow/jspui/index.jsp, and the (4) rtype parameter in (d) netflow/jspui/selectDevice.jsp and (e) netflow/jspui/customReport.jsp. NOTE: it was later reported that vector 3 also affects 7.5 build 7500. cpe:/a:apache:http_server:2.0.32:beta cpe:/a:apache:http_server:2.0.55 cpe:/a:apache:http_server:2.0.56 cpe:/a:apache:http_server:2.2.1 cpe:/a:apache:http_server:2.0.57 cpe:/a:apache:http_server:2.0.58 cpe:/a:apache:http_server:2.0.59 cpe:/a:apache:http_server:2.0.50 cpe:/a:apache:http_server:2.0.51 cpe:/a:apache:http_server:2.2.4 cpe:/a:apache:http_server:2.0.52 cpe:/a:apache:http_server:2.2.5 cpe:/a:apache:http_server:2.0.53 cpe:/a:apache:http_server:2.2.2 cpe:/a:apache:http_server:2.0.54 cpe:/a:apache:http_server:2.2.3 cpe:/a:apache:http_server:2.1.6 cpe:/a:apache:http_server:2.1.5 cpe:/a:apache:http_server:2.1.4 cpe:/a:apache:http_server:2.0.9 cpe:/a:apache:http_server:2.1.3 cpe:/a:apache:http_server:2.1.8 cpe:/a:apache:http_server:2.1.7 cpe:/a:apache:http_server:2.1.2 cpe:/a:apache:http_server:2.1.1 cpe:/a:apache:http_server:2.0.46 cpe:/a:apache:http_server:2.0.47 cpe:/a:apache:http_server:2.0.44 cpe:/a:apache:http_server:2.0.45 cpe:/a:apache:http_server:2.0.48 cpe:/a:apache:http_server:2.0.49 cpe:/a:apache:http_server:2.0.42 cpe:/a:apache:http_server:2.0.43 cpe:/a:apache:http_server:2.0.40 cpe:/a:apache:http_server:2.0.41 cpe:/a:apache:http_server:2.0.34:beta cpe:/a:apache:http_server:2.0.32 cpe:/a:apache:http_server:2.0.38 cpe:/a:apache:http_server:2.0.37 cpe:/a:apache:http_server:2.0.39 cpe:/a:apache:http_server:2.0.36 cpe:/a:apache:http_server:2.0.35 cpe:/a:apache:http_server:2.0.28:beta cpe:/a:apache:http_server:2.0.28 cpe:/a:apache:http_server:2.2 cpe:/a:apache:http_server:2.0.60 cpe:/a:apache:http_server:2.1 cpe:/a:apache:http_server:2.0 cpe:/a:apache:http_server:2.0.61 CVE-2007-4465 2007-09-13T20:17:00.000-04:00 2009-10-31T01:47:12.093-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2007-09-14T09:40:00.000-04:00 CERT TA08-150A BID 25653 BUGTRAQ 20070912 Apache2 Undefined Charset UTF-7 XSS Vulnerability CONFIRM http://www.fujitsu.com/global/support/software/security/products-f/interstage-200807e.html CONFIRM http://www.apache.org/dist/httpd/CHANGES_2.2.6 SREASON 3113 SREASONRES 20070912 Apache2 Undefined Charset UTF-7 XSS Vulnerability SECUNIA 35650 SECUNIA 33105 SECUNIA 31651 HP HPSBUX02465 HP HPSBUX02465 HP SSRT090085 HP SSRT090085 HP HPSBUX02365 HP HPSBUX02365 FEDORA FEDORA-2007-707 XF apache-utf7-xss(36586) UBUNTU USN-575-1 REDHAT RHSA-2008:0261 REDHAT RHSA-2008:0008 REDHAT RHSA-2008:0006 REDHAT RHSA-2008:0005 REDHAT RHSA-2008:0004 REDHAT RHSA-2007:0911 FEDORA FEDORA-2007-2214 SUSE SUSE-SA:2007:061 MANDRIVA MDVSA-2008:014 VUPEN ADV-2008-1697 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2008-032.htm SECTRACK 1019194 GENTOO GLSA-200711-06 SECUNIA 30430 SECUNIA 28749 SECUNIA 28607 SECUNIA 28471 SECUNIA 28467 SECUNIA 27732 SECUNIA 27563 SECUNIA 26952 SECUNIA 26842 APPLE APPLE-SA-2008-05-28 CONFIRM http://bugs.gentoo.org/show_bug.cgi?id=186219 Cross-site scripting (XSS) vulnerability in mod_autoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using the UTF-7 charset. NOTE: it could be argued that this issue is due to a design limitation of browsers that attempt to perform automatic content type detection. cpe:/a:openldap:openldap:2.2.20 cpe:/a:openldap:openldap:2.2.21 cpe:/a:openldap:openldap:2.2.22 cpe:/a:openldap:openldap:2.2.23 cpe:/a:openldap:openldap:2.2.24 cpe:/a:openldap:openldap:2.2.25 cpe:/a:openldap:openldap:2.2.26 cpe:/a:openldap:openldap:2.3.28_20061022 cpe:/a:openldap:openldap:2.2.27 cpe:/a:openldap:openldap:2.1.30 cpe:/a:openldap:openldap:2.1_.20 cpe:/a:openldap:openldap:2.0.21 cpe:/a:openldap:openldap:2.0.20 cpe:/a:openldap:openldap:2.0.23 cpe:/a:openldap:openldap:2.0.22 cpe:/a:openldap:openldap:2.0.25 cpe:/a:openldap:openldap:2.0.24 cpe:/a:openldap:openldap:2.0.27 cpe:/a:openldap:openldap:2.0.26 cpe:/a:openldap:openldap:2.0.11_9 cpe:/a:openldap:openldap:2.3.28_2.20061022 cpe:/a:openldap:openldap:2.1.19 cpe:/a:openldap:openldap:2.1.18 cpe:/a:openldap:openldap:2.0.12 cpe:/a:openldap:openldap:2.1.17 cpe:/a:openldap:openldap:2.0.11 cpe:/a:openldap:openldap:2.1.16 cpe:/a:openldap:openldap:2.0.10 cpe:/a:openldap:openldap:2.1.15 cpe:/a:openldap:openldap:2.1.14 cpe:/a:openldap:openldap:2.2.29_rev_1.134 cpe:/a:openldap:openldap:2.0.16 cpe:/a:openldap:openldap:2.1.13 cpe:/a:openldap:openldap:2.0.15 cpe:/a:openldap:openldap:2.1.12 cpe:/a:openldap:openldap:2.0.14 cpe:/a:openldap:openldap:2.1.11 cpe:/a:openldap:openldap:2.0.13 cpe:/a:openldap:openldap:2.1.10 cpe:/a:openldap:openldap:2.0.19 cpe:/a:openldap:openldap:2.0.18 cpe:/a:openldap:openldap:2.0.17 cpe:/a:openldap:openldap:2.3.28_e1.0.0 cpe:/a:openldap:openldap:2.1.29 cpe:/a:openldap:openldap:2.0 cpe:/a:openldap:openldap:2.1.26 cpe:/a:openldap:openldap:2.1.25 cpe:/a:openldap:openldap:2.1.28 cpe:/a:openldap:openldap:2.1.27 cpe:/a:openldap:openldap:2.1.22 cpe:/a:openldap:openldap:2.0.11_11 cpe:/a:openldap:openldap:2.1.21 cpe:/a:openldap:openldap:2.1.24 cpe:/a:openldap:openldap:2.1.23 cpe:/a:openldap:openldap:2.1.20 cpe:/a:openldap:openldap:1.2.9 cpe:/a:openldap:openldap:1.1.1 cpe:/a:openldap:openldap:1.0.3 cpe:/a:openldap:openldap:1.1.0 cpe:/a:openldap:openldap:1.1.3 cpe:/a:openldap:openldap:1.0.1 cpe:/a:openldap:openldap:1.2.6 cpe:/a:openldap:openldap:1.1.2 cpe:/a:openldap:openldap:1.0.2 cpe:/a:openldap:openldap:1.2.5 cpe:/a:openldap:openldap:1.2.8 cpe:/a:openldap:openldap:1.1.4 cpe:/a:openldap:openldap:1.2.7 cpe:/a:openldap:openldap:1.2.13 cpe:/a:openldap:openldap:1.2.2 cpe:/a:openldap:openldap:1.2.1 cpe:/a:openldap:openldap:1.2.12 cpe:/a:openldap:openldap:1.2.11 cpe:/a:openldap:openldap:1.2.4 cpe:/a:openldap:openldap:1.2.10 cpe:/a:openldap:openldap:1.2.3 cpe:/a:openldap:openldap:1.2.0 cpe:/a:openldap:openldap:2.0.11_11s cpe:/a:openldap:openldap:2.2.28_r2 cpe:/a:openldap:openldap:2.3.27_2.20061018 cpe:/a:openldap:openldap:1.2 cpe:/a:openldap:openldap:1.1 cpe:/a:openldap:openldap:2.2.16 cpe:/a:openldap:openldap:2.1.9 cpe:/a:openldap:openldap:2.2.15 cpe:/a:openldap:openldap:2.2.18 cpe:/a:openldap:openldap:2.2.17 cpe:/a:openldap:openldap:2.1.6 cpe:/a:openldap:openldap:2.2.1 cpe:/a:openldap:openldap:2.2.19 cpe:/a:openldap:openldap:2.1.5 cpe:/a:openldap:openldap:2.2.0 cpe:/a:openldap:openldap:2.1.8 cpe:/a:openldap:openldap:2.1.7 cpe:/a:openldap:openldap:2.2.5 cpe:/a:openldap:openldap:2.1.2 cpe:/a:openldap:openldap:2.2.4 cpe:/a:openldap:openldap:1.0 cpe:/a:openldap:openldap:2.2.7 cpe:/a:openldap:openldap:2.1.4 cpe:/a:openldap:openldap:2.2.10 cpe:/a:openldap:openldap:2.2.6 cpe:/a:openldap:openldap:2.1.3 cpe:/a:openldap:openldap:2.2.9 cpe:/a:openldap:openldap:2.2.12 cpe:/a:openldap:openldap:2.2.8 cpe:/a:openldap:openldap:2.2.11 cpe:/a:openldap:openldap:2.2.14 cpe:/a:openldap:openldap:2.2.13 cpe:/a:openldap:openldap:2.0.7 cpe:/a:openldap:openldap:2.0.6 cpe:/a:openldap:openldap:2.0.9 cpe:/a:openldap:openldap:2.0.8 cpe:/a:openldap:openldap:2.0.1 cpe:/a:openldap:openldap:2.0.0 cpe:/a:openldap:openldap:2.0.3 cpe:/a:openldap:openldap:2.0.2 cpe:/a:openldap:openldap:2.0.5 cpe:/a:openldap:openldap:2.0.4 CVE-2007-5707 2007-10-30T15:46:00.000-04:00 2009-11-17T01:41:10.407-05:00 7.1 NETWORK MEDIUM NONE NONE NONE COMPLETE http://nvd.nist.gov 2007-10-31T06:21:00.000-04:00 BID 26245 MLIST [openldap-announce] 20071026 OpenLDAP 2.3.39 available VUPEN ADV-2007-3645 SECUNIA 27424 VUPEN ADV-2009-3184 UBUNTU USN-551-1 SECTRACK 1018924 BID 26245 REDHAT RHSA-2007:1038 REDHAT RHSA-2007:1037 FEDORA FEDORA-2007-741 MISC http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5119 SUSE SUSE-SR:2007:024 MANDRIVA MDKSA-2007:215 DEBIAN DSA-1541 CONFIRM http://support.apple.com/kb/HT3937 GENTOO GLSA-200803-28 SECUNIA 29682 SECUNIA 29461 SECUNIA 27868 SECUNIA 27756 SECUNIA 27683 SECUNIA 27596 SECUNIA 27587 APPLE APPLE-SA-2009-11-09-1 CONFIRM http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=440632 OpenLDAP before 2.3.39 allows remote attackers to cause a denial of service (slapd crash) via an LDAP request with a malformed objectClasses attribute. NOTE: this has been reported as a double free, but the reports are inconsistent. cpe:/a:apache:http_server:2.0.55 cpe:/a:apache:http_server:2.2.0 cpe:/a:apache:http_server:2.0.57 cpe:/a:apache:http_server:2.0.58 cpe:/a:apache:http_server:2.0.59 cpe:/a:apache:http_server:2.0.50 cpe:/a:apache:http_server:2.0.51 cpe:/a:apache:http_server:2.2.4 cpe:/a:apache:http_server:2.0.52 cpe:/a:apache:http_server:2.0.53 cpe:/a:apache:http_server:2.2.2 cpe:/a:apache:http_server:2.0.54 cpe:/a:apache:http_server:2.2.3 cpe:/a:apache:http_server:2.1.6 cpe:/a:apache:http_server:2.1.5 cpe:/a:apache:http_server:2.1.4 cpe:/a:apache:http_server:2.1.3 cpe:/a:apache:http_server:2.1.8 cpe:/a:apache:http_server:2.1.7 cpe:/a:apache:http_server:2.1.2 cpe:/a:apache:http_server:2.1.1 cpe:/a:apache:http_server:2.0.46 cpe:/a:apache:http_server:2.0.47 cpe:/a:apache:http_server:2.0.48 cpe:/a:apache:http_server:2.0.49 CVE-2007-6203 2007-12-03T17:46:00.000-05:00 2009-10-31T01:52:50.377-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2007-12-04T11:13:00.000-05:00 XF apache-413error-xss(38800) UBUNTU USN-731-1 SECTRACK 1019030 BID 26663 BUGTRAQ 20071130 PR07-37: XSS on Apache HTTP Server 413 error pages via malformed HTTP method CONFIRM http://www.fujitsu.com/global/support/software/security/products-f/interstage-200807e.html VUPEN ADV-2008-1875 VUPEN ADV-2007-4301 VUPEN ADV-2007-4060 AIXAPAR PK57952 SECUNIA 34219 SECUNIA 33105 SECUNIA 30732 SECUNIA 28196 SECUNIA 27906 MISC http://procheckup.com/Vulnerability_PR07-37.php HP HPSBUX02465 HP HPSBUX02465 VUPEN ADV-2008-1623 VUPEN ADV-2008-0924 AIXAPAR PK65782 SREASON 3411 GENTOO GLSA-200803-19 SECUNIA 30356 SECUNIA 29640 SECUNIA 29420 SECUNIA 29348 SUSE SUSE-SA:2008:021 APPLE APPLE-SA-2008-03-18 CONFIRM http://docs.info.apple.com/article.html?artnum=307562 Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method specifier header from an HTTP request when it is reflected back in a "413 Request Entity Too Large" error message, which might allow cross-site scripting (XSS) style attacks using web client components that can send arbitrary headers in requests, as demonstrated via an HTTP request containing an invalid Content-length value, a similar issue to CVE-2006-3918. cpe:/a:apache:http_server:1.3 cpe:/a:apache:http_server:2.0 CVE-2008-0005 2008-01-11T19:46:00.000-05:00 2009-10-31T01:54:30.797-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2008-01-14T09:37:00.000-05:00 FEDORA FEDORA-2008-1695 FEDORA FEDORA-2008-1711 XF apache-modproxyftp-utf7-xss(39615) UBUNTU USN-575-1 SECTRACK 1019185 BID 27234 BUGTRAQ 20090821 VMSA-2009-0010 VMware Hosted products update libpng and Apache HTTP Server BUGTRAQ 20080110 SecurityReason - Apache (mod_proxy_ftp) Undefined Charset UTF-7 XSS Vulnerability REDHAT RHSA-2008:0009 REDHAT RHSA-2008:0008 REDHAT RHSA-2008:0007 REDHAT RHSA-2008:0006 REDHAT RHSA-2008:0005 REDHAT RHSA-2008:0004 MANDRIVA MDVSA-2008:016 MANDRIVA MDVSA-2008:015 MANDRIVA MDVSA-2008:014 VUPEN ADV-2008-1875 VUPEN ADV-2008-0924 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2008-032.htm SREASON 3526 SREASONRES 20080110 Apache (mod_proxy_ftp) Undefined Charset UTF-7 XSS Vulnerability GENTOO GLSA-200803-19 SECUNIA 35650 SECUNIA 30732 SECUNIA 29640 SECUNIA 29420 SECUNIA 29348 SECUNIA 28977 SECUNIA 28749 SECUNIA 28607 SECUNIA 28526 SECUNIA 28471 SECUNIA 28467 HP HPSBUX02465 HP HPSBUX02465 HP HPSBUX02431 HP HPSBUX02431 MLIST [security-announce] 20090820 VMSA-2009-0010 VMware Hosted products update libpng and Apache HTTP Server SUSE SUSE-SA:2008:021 APPLE APPLE-SA-2008-03-18 CONFIRM http://docs.info.apple.com/article.html?artnum=307562 mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset, which allows remote attackers to conduct cross-site scripting (XSS) attacks using UTF-7 encoding. cpe:/a:openldap:openldap:2.3.35 CVE-2007-6698 2008-02-01T17:00:00.000-05:00 2009-11-17T01:43:32.687-05:00 4.0 NETWORK LOW SINGLE_INSTANCE NONE NONE PARTIAL http://nvd.nist.gov 2008-02-04T10:04:00.000-05:00 FEDORA FEDORA-2008-1307 CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=431203 VUPEN ADV-2009-3184 SECTRACK 1019480 BID 26245 BUGTRAQ 20080212 rPSA-2008-0059-1 openldap openldap-clients openldap-servers REDHAT RHSA-2008:0110 MLIST [openldap-bugs] 20070411 Re: (ITS#4925) Modify operation with NOOP control on a BDB backend causes slapd to crash MLIST [openldap-bugs] 20070411 (ITS#4925) Modify operation with NOOP control on a BDB backend causes slapd to crash CONFIRM http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0059 CONFIRM http://wiki.rpath.com/Advisories:rPSA-2008-0059 CONFIRM http://support.apple.com/kb/HT3937 SECUNIA 29068 SECUNIA 28953 SECUNIA 28817 APPLE APPLE-SA-2009-11-09-1 UBUNTU USN-584-1 MANDRIVA MDVSA-2008:058 DEBIAN DSA-1541 SECUNIA 29957 SECUNIA 29682 SECUNIA 29256 SECUNIA 29225 SUSE SUSE-SR:2008:010 The BDB backend for slapd in OpenLDAP before 2.3.36 allows remote authenticated users to cause a denial of service (crash) via a potentially-successful modify operation with the NOOP control set to critical, possibly due to a double free vulnerability. cpe:/a:openldap:openldap:2.3.39 CVE-2008-0658 2008-02-13T16:00:00.000-05:00 2009-11-17T01:45:07.750-05:00 4.0 NETWORK LOW SINGLE_INSTANCE NONE NONE PARTIAL http://nvd.nist.gov 2008-02-14T12:05:00.000-05:00 VUPEN ADV-2009-3184 SECTRACK 1019481 BID 27778 BUGTRAQ 20080212 rPSA-2008-0059-1 openldap openldap-clients openldap-servers REDHAT RHSA-2008:0110 CONFIRM http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5358 CONFIRM http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/back-bdb/modrdn.c.diff?r1=1.197&r2=1.198&f=h VUPEN ADV-2008-0536 CONFIRM http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0059 CONFIRM http://wiki.rpath.com/Advisories:rPSA-2008-0059 CONFIRM http://support.apple.com/kb/HT3937 SECUNIA 29068 SECUNIA 28953 SECUNIA 28926 SECUNIA 28914 APPLE APPLE-SA-2009-11-09-1 XF openldap-modrdn-dos(40479) UBUNTU USN-584-1 MANDRIVA MDVSA-2008:058 DEBIAN DSA-1541 GENTOO GLSA-200803-28 SECUNIA 29957 SECUNIA 29682 SECUNIA 29461 SECUNIA 29256 SECUNIA 29225 SUSE SUSE-SR:2008:010 slapd/back-bdb/modrdn.c in the BDB backend for slapd in OpenLDAP 2.3.39 allows remote authenticated users to cause a denial of service (daemon crash) via a modrdn operation with a NOOP (LDAP_X_NO_OPERATION) control, a related issue to CVE-2007-6698. cpe:/a:php:php:5.0.0:rc3 cpe:/a:php:php:5.0.0:rc2 cpe:/a:php:php:5.0.0:rc1 cpe:/a:php:php:5.2.0 cpe:/a:php:php:5.2.1 cpe:/a:php:php:5.2.2 cpe:/a:php:php:5.2.3 cpe:/a:php:php:5.2.4 cpe:/a:php:php:5.2.5 cpe:/a:php:php:5.0.0:beta2 cpe:/a:php:php:5.0.0:beta1 cpe:/a:php:php:5.0.0:beta4 cpe:/a:php:php:5.0.0:beta3 cpe:/a:php:php:5.0.2 cpe:/a:php:php:5.1.4 cpe:/a:php:php:5.0.1 cpe:/a:php:php:5.1.5 cpe:/a:php:php:5.0.4 cpe:/a:php:php:5.1.6 cpe:/a:php:php:5.0.3 cpe:/a:php:php:5.1.0 cpe:/a:php:php:5.0.5 cpe:/a:php:php:5.1.1 cpe:/a:php:php:5.1.2 cpe:/a:php:php:5.1.3 CVE-2008-0599 2008-05-05T13:20:00.000-04:00 2009-10-31T01:56:17.733-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2008-05-06T10:01:00.000-04:00 ALLOWS_ADMIN_ACCESS CERT-VN VU#147027 FEDORA FEDORA-2008-3606 FEDORA FEDORA-2008-3864 CONFIRM https://issues.rpath.com/browse/RPL-2503 XF php-vector-unspecified(42137) UBUNTU USN-628-1 SECTRACK 1019958 BID 29009 BUGTRAQ