[SECURITY-L] Vulnerabilidades de Seguranca
Silvana Mieko Misuta
mieko em ccuec.unicamp.br
Sex Fev 21 17:20:30 -03 2003
Srs. Usuarios,
Atualizamos o site da Equipe de Seguranca em Sistemas e Redes
da Unicamp com os seguintes boletins de vulnerabilidades:
21/02/2003
----------
CAIS-Alerta
Assunto: Multiplas Vulnerabilidades em Implementacoes do SIP
http://www.security.unicamp.br/docs/bugs/2003/02/v77.txt
CERT Advisory (CA-2003-06)
Assunto: Multiple vulnerabilities in implementations of the Session Initiation Protocol (SIP)
http://www.security.unicamp.br/docs/bugs/2003/02/v76.txt
20/02/2003
----------
RHN Errata Alert (HSA-2003:057-06)
Assunto: Updated shadow-utils packages fix exposure
http://www.security.unicamp.br/docs/bugs/2003/02/v74.txt
RHN Errata Alert (RHSA-2003:006-10)
Assunto: Updated libpng packages fix buffer overflow
http://www.security.unicamp.br/docs/bugs/2003/02/v73.txt
Conectiva Linux Security Annoucement (CLA-2003:569)
Assunto: Multiple vulnerabilities in KDE
http://www.security.unicamp.br/docs/bugs/2003/02/v72.txt
Anuncio de Seguranca do Conectiva Linux (CLA-2003:569)
Assunto: Vulnerabilidades multiplas no KDE
http://www.security.unicamp.br/docs/bugs/2003/02/v71.txt
RHN Errata Alert (RHSA-2003:057-06)
Assunto: Updated shadow-utils packages fix exposure
http://www.security.unicamp.br/docs/bugs/2003/02/v70.txt
Gentoo Linux Security Announcement(200302-11)
Assunto: denial of service in bitchx
http://www.security.unicamp.br/docs/bugs/2003/02/v69.txt
Gentoo Linux Security Announcement(200302-10)
Assunto: timing based attack in openssl
http://www.security.unicamp.br/docs/bugs/2003/02/v68.txt
EnGarde Secure Linux Security Advisory(ESA-20030220-005)
Assunto: OpenSSL timing-based attack vulnerability
http://www.security.unicamp.br/docs/bugs/2003/02/v67.txt
EnGarde Secure Linux Security Advisory(ESA-20030220-004)
Assunto: Vulnerabilidades de Seguranca nos pacotes MySQL, MySQL-client, MySQL-shared
http://www.security.unicamp.br/docs/bugs/2003/02/v66.txt
CAIS-Alerta
Assunto: Multiplas Vulnerabilidades em Servidores Oracle
http://www.security.unicamp.br/docs/bugs/2003/02/v65.txt
RHN Errata Alert (RHSA-2003:037-09)
Assunto: Updated Xpdf packages fix security vulnerability
http://www.security.unicamp.br/docs/bugs/2003/02/v64.txt
Debian Security Advisory (DSA 232-2)
Assunto: Vulnerabilidades de Seguranca no pacote cupsys
http://www.security.unicamp.br/docs/bugs/2003/02/v45.txt
19/02/2003
----------
CERT Advisory (CA-2003-05)
Assunto: Multiple Vulnerabilities in Oracle Servers
http://www.security.unicamp.br/docs/bugs/2003/02/v75.txt
RHN Errata Alert (RHSA-2003:043-12)
Assunto: Updated WindowMaker packages fix vulnerability in theme-loading
http://www.security.unicamp.br/docs/bugs/2003/02/v63.txt
Mandrake Linux Security Update Advisory(MDKSA-2003:019 )
Assunto: Vulnerabilidade de Seguranca no pacote php
http://www.security.unicamp.br/docs/bugs/2003/02/v62.txt
OpenPKG Security Advisory(OpenPKG-SA-2003.013)
Assunto: obtain plaintext of SSL/TLS communication in openssl
http://www.security.unicamp.br/docs/bugs/2003/02/v61.txt
EnGarde Secure Linux Security Advisory(ESA-20030219-003)
Assunto: Several PHP vulnerabilities in php and mod_php
http://www.security.unicamp.br/docs/bugs/2003/02/v60.txt
Gentoo Linux Security Announcement(200302-09.1)
Assunto: arbitrary code execution in mod_php
http://www.security.unicamp.br/docs/bugs/2003/02/v59.txt
OpenPKG Security Advisory(OpenPKG-SA-2003.012)
Assunto: denial of service (packet storm) in dhcpd
http://www.security.unicamp.br/docs/bugs/2003/02/v58.txt
Gentoo Linux Security Announcement(200302-09)
Assunto: arbitrary code execution in mod_php and php
http://www.security.unicamp.br/docs/bugs/2003/02/v57.txt
18/02/2003
----------
Mandrake Linux Security Update Advisory(MDKSA-2003:018)
Assunto: Vulnerabilidade de Seguranca no pacote apcupsd
http://www.security.unicamp.br/docs/bugs/2003/02/v56.txt
Mandrake Linux Security Update Advisory(MDKSA-2003:017)
Assunto: Vulnerabilidade de Seguranca no pacote pam
http://www.security.unicamp.br/docs/bugs/2003/02/v55.txt
SuSE Security Announcement(SuSE-SA:2003:0009)
Assunto: remote system compromise in mod_php4
http://www.security.unicamp.br/docs/bugs/2003/02/v54.txt
SuSE Security Announcement(SuSE-SA:2003:0008)
Assunto: remote system compromise in imp
http://www.security.unicamp.br/docs/bugs/2003/02/v53.txt
OpenPKG Security Advisory(OpenPKG-SA-2003.011)
Assunto: CRLF injection vulnerability in lynx
http://www.security.unicamp.br/docs/bugs/2003/02/v52.txt
OpenPKG Security Advisory(OpenPKG-SA-2003.010)
Assunto: arbitrary file access and code execution in php, apache
http://www.security.unicamp.br/docs/bugs/2003/02/v51.txt
OpenPKG Security Advisory(OpenPKG-SA-2003.009)
Assunto: cookie information leak in w3m
http://www.security.unicamp.br/docs/bugs/2003/02/v50.txt
Gentoo Linux Security Announcement(200302-08)
Assunto: buffer overflow in nethack
http://www.security.unicamp.br/docs/bugs/2003/02/v49.txt
17/02/2003
----------
PHP Security Advisory
Assunto: CGI vulnerability in PHP version 4.3.0
http://www.security.unicamp.br/docs/bugs/2003/02/v48.txt
Gentoo Linux Security Announcement(200302-07)
Assunto: missing HTML quoting in w3m
http://www.security.unicamp.br/docs/bugs/2003/02/v47.txt
Gentoo Linux Security Announcement(200302-06)
Assunto: security issues in installer in syslinux
http://www.security.unicamp.br/docs/bugs/2003/02/v46.txt
Gentoo Linux Security Announcement(200302-05)
Assunto: cross site scripting in mailman
http://www.security.unicamp.br/docs/bugs/2003/02/v44.txt
--
Equipe de Seguranca em Sistemas e Redes
Unicamp - Universidade Estadual de Campinas
Mailto:security em unicamp.br
http://www.security.unicamp.br
Mais detalhes sobre a lista de discussão SECURITY-L