Advisories - SecurityLab

•

About the security content of iPhone OS 3.1.3 and iPhone OS 3.1.3 for iPod touch

•

About Security Update 2010-001

•

About Security Update 2009-006 / Mac OS X v10.6.2

CERT Coordination Center

•

Adobe Reader browser plug-in cross domain violation

•

Apple QuickTime and iTunes RTSP buffer overflow

•

Mozilla Updates for Multiple Vulnerabilities

•

Cisco Security Advisory: Multiple Vulnerabilities in Cisco IronPort Encryption Appliance

•

Cisco Security Advisory: Multiple Cisco WebEx WRF Player Vulnerabilities

•

Cisco Security Advisory: Transport Layer Security Renegotiation Vulnerability

•

[DSA-1964-1] New PostgreSQL packages fix several vulnerabilities

•

[DSA-1953-2] New expat packages fix regression

•

[DSA 1958-1] New libtool packages fix privilege escalation

•

Fedora 11 Update: ImageMagick-6.5.1.2-2.fc11

•

Fedora 12 Update: pdns-recursor-3.1.7.2-1.fc12

•

Fedora 11 Update: condor-7.4.1-1.fc11

•

FreeBSD-EN-10:02.sched_ule: Deadlock in ULE scheduler

•

FreeBSD-EN-10:01.freebsd: Various FreeBSD 8.0-RELEASE improvements

•

FreeBSD-SA-10:01.bind: BIND named(8) cache poisoning with DNSSEC validation

•

[ GLSA 201003-01 ] sudo: Privilege escalation

•

[ GLSA 201001-09 ] Ruby: Terminal Control Character Injection

•

[ GLSA 201001-08 ] SquirrelMail: Multiple vulnerabilities

HEWLETT-PACKARD

•

HPSBMA02489 SSRT090065 rev.1 - HP Performance Insight , Remote Execution of Arbitrary Commands

•

HPSBMA02486 SSRT090049 rev.2 - HP OpenView Network Node Manager (OV NNM) Java Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Execution of Arbitrary Code and Other Vulnerabilities

•

HPSBMA02488 SSRT100013 rev.1 - HP ProLiant Support Pack 8.30 for Windows, Remote Code Execution, Information Disclosure

IBM Global Services

•

PowerHA Cluster Management port vulnerability

•

AIX libtt.a rpc.ttdbserver remote buffer overflow vulnerability

•

AIX rmsock log append file vulnerability

•

Macromedia Security Bulletin -- MPSB05-07 Flash Player 7 Improper Memory Access Vulnerability

•

MPSB04-03 Potential Security Risk with Macromedia E-Licensing Client Activation Code

•

MPSB05-05 - Security Patch available for JRun 4.0 token collision

•

[ MDVSA-2008:215 ] wireshark

•

[ MDVA-2008:158 ] urpmi

•

[ MDVA-2008:156-1 ] kdebase4-workspace

•

MS10-017: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (980150)

•

MS10-016: Vulnerability in Windows Movie Maker Could Allow Remote Code Execution (975561)

•

MS10-015: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (977165)

•

NetBSD-SA2010-003: azalia(4)/hdaudio(4) negative mixer index panic

•

NetBSD Security Advisory 2009-012: SHA2 implementation potential buffer overflow

•

NetBSD Security Advisory 2008-015: ICMPv6 Packet Too Big messages

•

Potential Security Vulnerability with Apache on NetWare 6.5 after installing OES2 Linux Server

•

Cross-Site Scripting vulnerability in the User Application

•

Security Vulnerability - XSS Cross Site Scripting in iMonitor error messages

•

[OpenBSD] -- VGA driver may allow local privilege escalation via agp_ioctl()

•

[OpenBSD] -- Multiple fixes for OpenBSD, November 2006

•

[OpenBSD] -- Fix 2 security bugs found in OpenSSH

•

[ OpenPKG-SA-2007.023 ] OpenPKG Security Advisory (perl)

•

[ OpenPKG-SA-2007.022 ] OpenPKG Security Advisory (bind)

•

[ OpenPKG-SA-2007.021 ] OpenPKG Security Advisory (wordpress)

•

Oracle Security Alert for CVE-2010-0073

•

Oracle Critical Patch Update Advisory - January 2010

•

Oracle Critical Patch Update Advisory - July 2009

•

[RHSA-2010:0130-01] Moderate: java-1.5.0-ibm security update

•

[RHSA-2010:0129-01] Moderate: cups security update

•

[RHSA-2010:0126-01] Important: kvm security and bug fix update

Santa Cruz Operation

•

Sendmail Arbitrary Code Execution Vulnerability

•

[SCO] -- GhostScript Insecure Temporary File Creation Vulnerability

•

SCOSA-2006.22 X Server Arbitrary Code Execution Vulnerability

Silicon Graphics

•

20061101-01-P SGI Advanced Linux Environment 3 Security Update #66

•

20061002-01.P SGI Advanced Linux Environment 3 Security Update #65

•

20061001-01-P SGI Advanced Linux Environment 3 Security Update #64

Slackware Linux

•

2010-03-10 - [slackware-security] pidgin (SSA:2010-069-01)

•

2010-03-08 - [slackware-security] httpd (SSA:2010-067-01)

•

2010-03-01 - [slackware-security] seamonkey (SSA:2010-060-01)

Sun Microsystems

•

SunOS 5.10_x86: ucode driver patch

•

Security Vulnerabilities in PostgreSQL Shipped With Solaris May Allow Escalation of Privileges or Man-in-the-Middle on SSL Connections

•

Directory Proxy Server Provided with Directory Server Enterprise Edition 6 is Subject to Denial of Service (DoS) and May Allow Unauthorized Access to Certain Data

•

SUSE Security Summary Report: SUSE-SR:2010:006

•

SUSE Security Announcement: Linux kernel (SUSE-SA:2010:016)

•

SUSE Linux CVE Cross Reference Pages

•

SYM10-001: Security Advisories Relating to Symantec Products - Symantec Altiris Notification Server 6.x Static Encryption Key

•

SYM09-016: Security Advisories Relating to Symantec Products - Symantec’s Altiris Deployment and Notification Management Web Console RunCmd Vulnerability

•

SYM09-013: Security Advisories Relating to Symantec Products - Symantec Altiris Deployment Solution and Notification Server Management Console FileDownload Vulnerability

•

TSLSA-2007-0027 - multi

•

TSLSA-2007-0028 - multi

•

TSLSA-2007-0025 - multi

Cisco Security Advisory: Multiple Vulnerabilities in Cisco IronPort Encryption Appliance

Cisco IronPort Encryption Appliance devices contain two vulnerabilities that allow remote, unauthent ...

11 february, 2010

Cisco Security Advisory: Multiple Cisco WebEx WRF Player Vulnerabilities

Multiple buffer overflow vulnerabilities exist in the Cisco WebEx Recording Format (WRF) Pla ...

18 december, 2009

Cisco Security Advisory: Transport Layer Security Renegotiation Vulnerability

An industry-wide vulnerability exists in the Transport Layer Security (TLS) protocol that co ...

23 november, 2009

MS10-017: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (980150)

This security update resolves seven privately reported vulnerabilities in Microsoft Office Excel.

09 march, 2010

MS10-016: Vulnerability in Windows Movie Maker Could Allow Remote Code Execution (975561)

This security update addresses a privately reported vulnerability in Windows Movie Maker and Microso ...

09 march, 2010

MS10-015: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (977165)

This security update resolves one publicly disclosed and one privately reported vulnerability in Mic ...

10 february, 2010

Sun Microsystems

SunOS 5.10_x86: ucode driver patch

6905530 processor microcode code can panic when retrieving microcode revision.

02 february, 2010

Security Vulnerabilities in PostgreSQL Shipped With Solaris May Allow Escalation of Privileges or Man-in-the-Middle on SSL Connections

Multiple security vulnerabilities have been identified in the PostgreSQL software shipped with Solar ...

31 december, 2009

Directory Proxy Server Provided with Directory Server Enterprise Edition 6 is Subject to Denial of Service (DoS) and May Allow Unauthorized Access to Certain Data

Directory Proxy Server Provided with Directory Server Enterprise Edition 6 is Subject to Denial of S ...

31 december, 2009

[RHSA-2010:0130-01] Moderate: java-1.5.0-ibm security update

Red Hat Security Advisory - Moderate: java-1.5.0-ibm security update

03 march, 2010

[RHSA-2010:0129-01] Moderate: cups security update

Red Hat Security Advisory - Moderate: cups security update

03 march, 2010

[RHSA-2010:0126-01] Important: kvm security and bug fix update

Red Hat Security Advisory - Important: kvm security and bug fix update

01 march, 2010