[SECURITY-L] Vulnerabilidades de seguranca

CSIRT - UNICAMP security em unicamp.br
Seg Out 17 16:58:47 -02 2005 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Srs. Assinantes,

Atualizamos o site do CSIRT (Computer Security Incident Response Team) da Unicamp
com os seguintes boletins de vulnerabilidades:


Fedora Update Notification:
===========================
17/10/2005 - FEDORA-2005-996
Assunto: Fedora Core 3: wget. 
http://www.security.unicamp.br/docs/bugs/2005/10/v53.txt

17/10/2005 - FEDORA-2005-994
Assunto: Fedora Core 4: lynx. 
http://www.security.unicamp.br/docs/bugs/2005/10/v52.txt

17/10/2005 - FEDORA-2005-993
Assunto: Fedora Core 3: lynx. 
http://www.security.unicamp.br/docs/bugs/2005/10/v51.txt

14/10/2005 - FEDORA-2005-991
Assunto: Fedora Core 4: texinfo. 
http://www.security.unicamp.br/docs/bugs/2005/10/v44.txt

14/10/2005 - FEDORA-2005-990
Assunto: Fedora Core 3: texinfo. 
http://www.security.unicamp.br/docs/bugs/2005/10/v43.txt

13/10/2005 - FEDORA-2005-989
Assunto: Fedora Core 3: abiword. 
http://www.security.unicamp.br/docs/bugs/2005/10/v48.txt

13/10/2005 - FEDORA-2005-986
Assunto: Fedora Core 4: openssl097a.
http://www.security.unicamp.br/docs/bugs/2005/10/v49.txt

13/10/2005 - FEDORA-2005-986
Assunto: Fedora Core 4: openssl. 
http://www.security.unicamp.br/docs/bugs/2005/10/v47.txt

13/10/2005 - FEDORA-2005-985
Assunto: Fedora Core 3: openssl096b. 
http://www.security.unicamp.br/docs/bugs/2005/10/v50.txt

13/10/2005 - FEDORA-2005-985
Assunto: Fedora Core 3: openssl. 
http://www.security.unicamp.br/docs/bugs/2005/10/v45.txt

13/10/2005 - FEDORA-2005-984
Assunto: Fedora Core 3: koffice 
http://www.security.unicamp.br/docs/bugs/2005/10/v46.txt

07/10/2005 - FEDORA-2005-981
Assunto: Fedora Core 3: xloadimage. 
http://www.security.unicamp.br/docs/bugs/2005/10/v42.txt

07/10/2005 - FEDORA-2005-953
Assunto: Fedora Core 3: w3c-libwww. 
http://www.security.unicamp.br/docs/bugs/2005/10/v41.txt

07/10/2005 - FEDORA-2005-952
Assunto: Fedora Core 4: w3c-libwww.
http://www.security.unicamp.br/docs/bugs/2005/10/v40.txt


Gentoo Linux Security Advisory:
===============================
15/10/2005 - GLSA 200510-13
Assunto: SPE: Insecure file permissions.
http://www.security.unicamp.br/docs/bugs/2005/10/v74.txt

14/10/2005 - GLSA 200510-12
Assunto: KOffice, KWord: RTF import buffer overflow. 
http://www.security.unicamp.br/docs/bugs/2005/10/v73.txt

12/10/2005 - GLSA 200510-11
Assunto: OpenSSL: SSL 2.0 protocol rollback. 
http://www.security.unicamp.br/docs/bugs/2005/10/v72.txt

11/10/2005 - GLSA 200510-10
Assunto: uw-imap: Remote buffer overflow. 
http://www.security.unicamp.br/docs/bugs/2005/10/v69.txt

08/10/2005 - GLSA 200510-09
Assunto: Weex: Format string vulnerability. 
http://www.security.unicamp.br/docs/bugs/2005/10/v67.txt

08/10/2005 - GLSA 200510-08
Assunto: xine-lib: Format string vulnerability. 
http://www.security.unicamp.br/docs/bugs/2005/10/v68.txt

07/10/2005 - GLSA 200510-07
Assunto: RealPlayer, Helix Player: Format string vulnerability. 
http://www.security.unicamp.br/docs/bugs/2005/10/v66.txt


HP Security Bulletin:
=====================
07/10/2005 - HPSBUX01214 - REVISION: 1 - SSRT051003 rev.1
Assunto: HP-UX Java Web Start remote unauthorized privileged access.
http://www.security.unicamp.br/docs/bugs/2005/10/v34.txt

07/10/2005 - HPSBUX01232 - REVISION: 0 - SSRT051043 rev.0
Assunto: Apache Remote Unauthorized access. 
http://www.security.unicamp.br/docs/bugs/2005/10/v33.txt

06/10/2005 - HPSBUX01215 - REVISION: 1 - SSRT051004 rev.1 
Assunto: HP-UX Java Runtime Environment (JRE) Untrusted Applet Elevates
Privilege. 
http://www.security.unicamp.br/docs/bugs/2005/10/v32.txt

06/10/2005 - HPSBTU01210 - REVISION: 1 - SSRT4743, SSRT4884 rev.1
Assunto: HP Tru64 UNIX TCP/IP remote Denial of Service (DoS).
http://www.security.unicamp.br/docs/bugs/2005/10/v31.txt

04/10/2005 - HPSBUX01231 - REVISION: 0 - SSRT051041 rev.0
Assunto: HP-UX Mozilla Remote Unauthorized Execution of Privileged Code
or Denial of Service (DoS).
http://www.security.unicamp.br/docs/bugs/2005/10/v35.txt

04/10/2005 - HPSBUX01230 - REVISION: 0 - SSRT051040 rev.0
Assunto: HP-UX Mozilla Remote Unauthorized Execution of Privileged Code.
http://www.security.unicamp.br/docs/bugs/2005/10/v36.txt

04/10/2005 - HPSBMA01225 - REVISION: 1 - SSRT051030 rev.1
Assunto: HP OpenView Event Correlation Services (OV ECS) Remote Unauthorized
Privileged Access.
http://www.security.unicamp.br/docs/bugs/2005/10/v37.txt

04/10/2005 - HPSBMA01224 - REVISION: 5 - SSRT051023 rev.5
Assunto: HP OpenView Network Node Manager (OV NNM) Remote Unauthorized
Privileged Access.
http://www.security.unicamp.br/docs/bugs/2005/10/v38.txt

04/10/2005 - HPSBUX01133 - REVISION: 2 - SSRT5940 rev.2
Assunto: HP-UX Mozilla remote, unauthorized user may execute privileged code.
http://www.security.unicamp.br/docs/bugs/2005/10/v39.txt


Mandriva Linux Security Update Advisory:
========================================
14/10/2005 - MDKSA-2005:185
Assunto: koffice. 
http://www.security.unicamp.br/docs/bugs/2005/10/v65.txt

13/10/2005 - MDKSA-2005:184
Assunto: cfengine. 
http://www.security.unicamp.br/docs/bugs/2005/10/v64.txt

13/10/2005 - MDKSA-2005:183
Assunto: wget. 
http://www.security.unicamp.br/docs/bugs/2005/10/v63.txt

13/10/2005 - MDKSA-2005:182
Assunto: curl. 
http://www.security.unicamp.br/docs/bugs/2005/10/v62.txt

11/10/2005 - MDKSA-2005:181
Assunto: squid. 
http://www.security.unicamp.br/docs/bugs/2005/10/v61.txt

11/10/2005 - MDKSA-2005:180
Assunto: xine-lib. 
http://www.security.unicamp.br/docs/bugs/2005/10/v60.txt

11/10/2005 - MDKSA-2005:179
Assunto: openssl. 
http://www.security.unicamp.br/docs/bugs/2005/10/v71.txt

11/10/2005 - MDKSA-2005:178
Assunto: squirrelmail. 
http://www.security.unicamp.br/docs/bugs/2005/10/v70.txt

07/10/2005 - MDKSA-2005:177
Assunto: hylafax. 
http://www.security.unicamp.br/docs/bugs/2005/10/v58.txt

07/10/2005 - MDKSA-2005:176
Assunto: webmin. 
http://www.security.unicamp.br/docs/bugs/2005/10/v59.txt

06/10/2005 - MDKSA-2005:175
Assunto: texinfo. 
http://www.security.unicamp.br/docs/bugs/2005/10/v57.txt

06/10/2005 - MDKSA-2005:174
Assunto: mozilla-thunderbird. 
http://www.security.unicamp.br/docs/bugs/2005/10/v56.txt

06/10/2005 - MDKSA-2005:173
Assunto: mozilla-firefox. 
http://www.security.unicamp.br/docs/bugs/2005/10/v55.txt

06/10/2005 - MDKSA-2005:172
Assunto: openssh. 
http://www.security.unicamp.br/docs/bugs/2005/10/v54.txt


- --
Computer Security Incident Response Team - CSIRT
Universidade Estadual de Campinas - UNICAMP
mailto:security at unicamp.br
http://www.security.unicamp.br
GnuPG Public Key: http://www.security.unicamp.br/security.asc

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (FreeBSD)

iD8DBQFDU/RH/UMb1l3gm8IRAsTXAJ45cobq/4JPQPAFNHNRdYrxykXvVQCfWswa
0TGSmorsCgXJdCwOtRUQ71U=
=Rocf
-----END PGP SIGNATURE-----

Mais detalhes sobre a lista de discussão SECURITY-L