From security em unicamp.br Wed Apr 5 15:36:09 2006 From: security em unicamp.br (CSIRT - UNICAMP) Date: Wed, 5 Apr 2006 15:36:09 -0300 Subject: [SECURITY-L] Vulnerabilidades de Seguranca Message-ID: <20060405183608.GA51908@unicamp.br> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Srs. Assinantes, Atualizamos o site do CSIRT (Computer Security Incident Response Team) da Unicamp com os seguintes boletins de vulnerabilidades: Anúncio de Segurança do Conectiva Linux: ======================================== 04/04/2006 - CLA-2006:1068 Assunto: sendmail http://www.security.unicamp.br/docs/bugs/2006/04/v006.txt Debian Security Advisory: ========================= 04/04/2006 - DSA 1022-1 Assunto: storebackup http://www.security.unicamp.br/docs/bugs/2006/04/v011.txt 03/04/2006 - DSA 1000-2 Assunto: libapreq2-perl http://www.security.unicamp.br/docs/bugs/2006/04/v002.txt Gentoo Linux Security Advisory: =============================== 04/04/2006 - GLSA 200604-03 Assunto: FreeRADIUS: Authentication bypass in EAP-MSCHAPv2 module http://www.security.unicamp.br/docs/bugs/2006/04/v010.txt 04/04/2006 - GLSA 200604-02 Assunto: Horde Application Framework: Remote code execution http://www.security.unicamp.br/docs/bugs/2006/04/v008.txt 04/04/2006 - GLSA 200604-01 Assunto: MediaWiki: Cross-site scripting vulnerability http://www.security.unicamp.br/docs/bugs/2006/04/v009.txt HP Security Bulletin: ===================== 04/04/2006 - HPSBPI2109 SSRT061141 rev.1 Assunto: HP Color LaserJet 2500 and 4600 Toolbox Running on Microsoft Windows Remote Unauthorized Disclosure of Information http://www.security.unicamp.br/docs/bugs/2006/04/v007.txt Mandriva Linux Security Update Advisory: ======================================== 03/04/2006 - MDKSA-2006:064 Assunto: MySQL http://www.security.unicamp.br/docs/bugs/2006/04/v004.txt 03/04/2006 - MDKSA-2006:062 Assunto: dia http://www.security.unicamp.br/docs/bugs/2006/04/v003.txt Ubuntu Security Notice: ======================= 03/04/2006 - USN-267-1 Assunto: mailman vulnerability http://www.security.unicamp.br/docs/bugs/2006/04/v005.txt 03/04/2006 - USN-266-1 Assunto: dia vulnerabilities http://www.security.unicamp.br/docs/bugs/2006/04/v001.txt - -- Computer Security Incident Response Team - CSIRT Universidade Estadual de Campinas - UNICAMP mailto:security at unicamp.br http://www.security.unicamp.br GnuPG Public Key: http://www.security.unicamp.br/security.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQFENA2E/UMb1l3gm8IRAm+VAJ0ca8hgGPGZBe9bwmmhF/at1SYTlgCglNDq ht5rxxOA3lf7Zl1bgR3gN90= =y8km -----END PGP SIGNATURE----- From security em unicamp.br Tue Apr 11 11:38:33 2006 From: security em unicamp.br (CSIRT - UNICAMP) Date: Tue, 11 Apr 2006 11:38:33 -0300 Subject: [SECURITY-L] Vulnerabilidades de Seguranca Message-ID: <20060411143833.GA60878@unicamp.br> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Srs. Assinantes, Atualizamos o site do CSIRT (Computer Security Incident Response Team) da Unicamp com os seguintes boletins de vulnerabilidades: Cisco Security Advisory: ======================== 05/04/2006 - Cisco Security Advisory: Assunto: Cisco Optical Networking System 15000 series and Cisco Transport Controller Vulnerabilities http://www.security.unicamp.br/docs/bugs/2006/04/v042.txt 05/04/2006 - Cisco Security Advisory: Assunto: Cisco 11500 Content Services Switch HTTP Request Vulnerability http://www.security.unicamp.br/docs/bugs/2006/04/v015.txt Debian Security Advisory: ========================= 05/04/2006 - DSA 1025-1 Assunto: dia http://www.security.unicamp.br/docs/bugs/2006/04/v049.txt 08/04/2006 - DSA 946-2 Assunto: sudo http://www.security.unicamp.br/docs/bugs/2006/04/v034.txt 08/04/2006 - DSA 1031-1 Assunto: cacti http://www.security.unicamp.br/docs/bugs/2006/04/v033.txt 08/04/2006 - DSA 1030-1 Assunto: moodle http://www.security.unicamp.br/docs/bugs/2006/04/v043.txt 08/04/2006 - DSA 1029-1 Assunto: libphp-adodb http://www.security.unicamp.br/docs/bugs/2006/04/v041.txt 07/04/2006 - DSA 1028-1 Assunto: libimager-perl http://www.security.unicamp.br/docs/bugs/2006/04/v035.txt 06/04/2006 - DSA 1027-1 Assunto: mailman http://www.security.unicamp.br/docs/bugs/2006/04/v040.txt 06/04/2006 - DSA 1026-1 Assunto: sash http://www.security.unicamp.br/docs/bugs/2006/04/v044.txt 05/04/2006 - DSA 1024-1 Assunto: clamav http://www.security.unicamp.br/docs/bugs/2006/04/v017.txt 05/04/2006 - DSA 1023-1 Assunto: kaffeine http://www.security.unicamp.br/docs/bugs/2006/04/v046.txt 05/04/2006 - DSA 1018-2 Assutno: kernel-source-2.4.27 http://www.security.unicamp.br/docs/bugs/2006/04/v038.txt Fedora Legacy Update Advisory: ============================== 04/04/2006 - FLSA:186277 Assunto: Updated sendmail packages fix security issue http://www.security.unicamp.br/docs/bugs/2006/04/v028.txt 04/04/2006 - FLSA:184098 Assunto: Updated libc-client packages fixes security issue http://www.security.unicamp.br/docs/bugs/2006/04/v027.txt 04/04/2006 - FLSA:184074 Assunto: Updated pine package fixes security issue http://www.security.unicamp.br/docs/bugs/2006/04/v019.txt 04/04/2006 - FLSA:183571-2 Assunto: Updated tar package fixes security issue http://www.security.unicamp.br/docs/bugs/2006/04/v018.txt 04/04/2006 - FLSA:183571-1 Assunto: Updated tar package fixes security issue http://www.security.unicamp.br/docs/bugs/2006/04/v025.txt 04/04/2006 - FLSA:180159 Assunto: Updated unzip package fixes security issue http://www.security.unicamp.br/docs/bugs/2006/04/v026.txt 04/04/2006 - FLSA:170411 Assunto: Updated imap packages fix security issue http://www.security.unicamp.br/docs/bugs/2006/04/v024.txt 04/04/2006 - FLSA:156290 Assunto: Updated cyrus-imapd packages fix security issues http://www.security.unicamp.br/docs/bugs/2006/04/v023.txt 04/04/2006 - FLSA:156139 Assunto: Updated tcpdump packages fix security issues http://www.security.unicamp.br/docs/bugs/2006/04/v021.txt 04/04/2006 - FLSA:152896 Assunto: Updated mod_python package fixes a security issue http://www.security.unicamp.br/docs/bugs/2006/04/v022.txt 04/04/2006 - FLSA:152873 Assunto: Updated xine package fixes security issues http://www.security.unicamp.br/docs/bugs/2006/04/v020.txt Fedora Update Notification: =========================== 05/04/2006 - FEDORA-2006-261 Assunto: Fedora Core 4: dia http://www.security.unicamp.br/docs/bugs/2006/04/v014.txt 05/04/2006 - FEDORA-2006-194 Assunto: Fedora Core 4: sendmail http://www.security.unicamp.br/docs/bugs/2006/04/v012.txt 05/04/2006 - FEDORA-2006-193 Assunto: Fedora Core 5: sendmail http://www.security.unicamp.br/docs/bugs/2006/04/v013.txt Gentoo Linux Security Advisory: =============================== 07/04/2006 - GLSA 200604-06 Assunto: ClamAV: Multiple vulnerabilities http://www.security.unicamp.br/docs/bugs/2006/04/v045.txt 06/04/2006 - GLSA 200604-05 Assunto: Doomsday: Format string vulnerability http://www.security.unicamp.br/docs/bugs/2006/04/v037.txt 05/04/2006 - GLSA 200604-04 Assunto: Kaffeine: Buffer overflow http://www.security.unicamp.br/docs/bugs/2006/04/v039.txt HP Security Bulletin: ===================== 06/04/2006 - HPSBUX02111 SSRT061132 rev.1 Assunto: HP-UX su (1) Local Unauthorized Access http://www.security.unicamp.br/docs/bugs/2006/04/v048.txt 06/04/2006 - HPSBUX02110 SSRT061110 rev.1 Assunto: HP-UX Running wu-ftpd Remote Denial of Service (DoS) http://www.security.unicamp.br/docs/bugs/2006/04/v047.txt 06/04/2006 - HPSBUX02108 SSRT061133 rev.3 Assunto: HP-UX running Sendmail, Remote Execution of Arbitrary Code http://www.security.unicamp.br/docs/bugs/2006/04/v030.txt Mandriva Linux Security Update Advisory: ======================================== 07/04/2006 - MDKSA-2006:068 Assunto: Mplayer http://www.security.unicamp.br/docs/bugs/2006/04/v029.txt 07/04/2006 - MDKSA-2006:067 Assunto: Clamav http://www.security.unicamp.br/docs/bugs/2006/04/v036.txt 05/04/2006 - MDKSA-2006:066 Assunto: Freeradius http://www.security.unicamp.br/docs/bugs/2006/04/v016.txt 05/04/2006 - MDKSA-2006:065 Assunto: Kaffeine http://www.security.unicamp.br/docs/bugs/2006/04/v031.txt Ubuntu Security Notice: ======================= 06/04/2006 - USN-268-1 Assunto: Kaffeine vulnerability http://www.security.unicamp.br/docs/bugs/2006/04/v032.txt - -- Computer Security Incident Response Team - CSIRT Universidade Estadual de Campinas - UNICAMP mailto:security at unicamp.br http://www.security.unicamp.br GnuPG Public Key: http://www.security.unicamp.br/security.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQFEO773/UMb1l3gm8IRAqbqAJ9gJO+awmMm046PaUeVrss5iR0I1gCfTFY0 cPDZnbeXj3bzS0gF3mj9gOQ= =Z/Qy -----END PGP SIGNATURE----- From security em unicamp.br Mon Apr 17 15:36:01 2006 From: security em unicamp.br (CSIRT - UNICAMP) Date: Mon, 17 Apr 2006 15:36:01 -0300 Subject: [SECURITY-L] Vulnerabilidades de Seguranca Message-ID: <20060417183600.GA77981@unicamp.br> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Srs. Assinantes, Atualizamos o site do CSIRT (Computer Security Incident Response Team) da Unicamp com os seguintes boletins de vulnerabilidades: Anúncio de Segurança do Conectiva Linux: ======================================== 17/04/2006 - CLA-2006:1070 Assunto: fetchmail http://www.security.unicamp.br/docs/bugs/2006/04/v071.txt 17/04/2006 - CLA-2006:1069 Assunto: unzip http://www.security.unicamp.br/docs/bugs/2006/04/v070.txt CAIS-Alerta: ============ 11/04/2006 - CAIS-Alerta Assunto: Atualizacoes de seguranca acumulativas para MS Outlook Express (MS06-016) http://www.security.unicamp.br/docs/bugs/2006/04/v057.txt 11/04/2006 - CAIS-Alerta Assunto: Vulnerabilidade no Windows Explorer pode permitir execucao remota de codigo (MS06-015) http://www.security.unicamp.br/docs/bugs/2006/04/v055.txt 11/04/2006 - CAIS-Alerta Assunto: Vulnerabilidade no Microsoft Frontpage Server Extensions (MS06-017) http://www.security.unicamp.br/docs/bugs/2006/04/v053.txt 11/04/2006 - CAIS-Alerta Assunto: Correcoes de seguranca acumulativas para Internet Explorer (MS06-013) http://www.security.unicamp.br/docs/bugs/2006/04/v052.txt 11/04/2006 - CAIS-Alerta Assunto: Vulnerabilidade na funcao do MDAC pode permitir execucao de codigo (MS06-014) http://www.security.unicamp.br/docs/bugs/2006/04/v051.txt Debian Security Advisory: ========================= 15/04/2006 - DSA 1035-1 Assunto: fcheck http://www.security.unicamp.br/docs/bugs/2006/04/v067.txt 14/04/2006 - DSA 1034-1 Assunto: horde2 http://www.security.unicamp.br/docs/bugs/2006/04/v065.txt 12/04/2006 - DSA 1033-1 Assunto: horde3 http://www.security.unicamp.br/docs/bugs/2006/04/v062.txt 12/04/2006 - DSA 1032-1 Assunto: zope-cmfplone http://www.security.unicamp.br/docs/bugs/2006/04/v060.txt Gentoo Linux Security Advisory: =============================== 14/04/2006 - GLSA 200604-07 Assunto: Cacti: Multiple vulnerabilities in included ADOdb http://www.security.unicamp.br/docs/bugs/2006/04/v066.txt HP Security Bulletin: ===================== 13/04/2006 - HPSBUX02108 SSRT061133 rev.6 Assunto: HP-UX running Sendmail, Remote Execution of Arbitrary Code http://www.security.unicamp.br/docs/bugs/2006/04/v063.txt Mandriva Linux Security Update Advisory: ======================================== 11/04/2006 - MDKSA-2006:071 Assunto: xscreensaver http://www.security.unicamp.br/docs/bugs/2006/04/v058.txt 10/04/2006 - MDKSA-2006:070 Assunto: sash http://www.security.unicamp.br/docs/bugs/2006/04/v059.txt 10/04/2006 - MDKSA-2006:069 Assunto: openvpn http://www.security.unicamp.br/docs/bugs/2006/04/v056.txt Microsoft Security Bulletins: ============================= 11/04/2005 Assunto: Microsoft Security Bulletin Summary for April 2006 http://www.security.unicamp.br/docs/bugs/2006/03/v069.txt 11/04/2005 Assunto: Microsoft Security Bulletin Re-Releases http://www.security.unicamp.br/docs/bugs/2006/03/v068.txt Slackware Security Advisory: ============================ 17/04/2006 - SSA:2006-107-01 Assunto: firefox http://www.security.unicamp.br/docs/bugs/2006/04/v072.txt Ubuntu Security Notice: ======================= 13/04/2006 - USN-270-1 Assunto: kdegraphics, koffice, xpdf, cupsys, poppler, tetex-bin vulnerabilities http://www.security.unicamp.br/docs/bugs/2006/04/v064.txt 11/04/2006 - USN-269-1 Assunto: xscreensaver vulnerability http://www.security.unicamp.br/docs/bugs/2006/04/v050.txt US-CERT Technical Cyber Security Alert: ======================================= 11/04/2006 - TA06-101A Assunto: Microsoft Windows and Internet Explorer Vulnerabilities http://www.security.unicamp.br/docs/bugs/2006/04/v054.txt - -- Computer Security Incident Response Team - CSIRT Universidade Estadual de Campinas - UNICAMP mailto:security at unicamp.br http://www.security.unicamp.br GnuPG Public Key: http://www.security.unicamp.br/security.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQFEQ9+y/UMb1l3gm8IRAsjAAKDEU1bJHQIGLHT8S0fwQT1gqd59hgCfUfRm PBujl/QhIrl87Vnkm7mheOQ= =rVCh -----END PGP SIGNATURE----- From security em unicamp.br Thu Apr 20 15:06:26 2006 From: security em unicamp.br (CSIRT - UNICAMP) Date: Thu, 20 Apr 2006 15:06:26 -0300 Subject: [SECURITY-L] Vulnerabilidades de Seguranca Message-ID: <20060420180623.GA35325@unicamp.br> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Srs. Assinantes, Atualizamos o site do CSIRT (Computer Security Incident Response Team) da Unicamp com os seguintes boletins de vulnerabilidades: Cisco Security Advisory: ======================== 19/04/2006 - Cisco Security Advisory Assunto: Multiple Vulnerabilities in the WLSE Appliance http://www.security.unicamp.br/docs/bugs/2006/04/v085.txt 19/04/2006 - Cisco Security Advisory Assunto: Cisco IOS XR MPLS Vulnerabilities http://www.security.unicamp.br/docs/bugs/2006/04/v083.txt Debian Security Advisory: ========================= 17/04/2006 - DSA 1036-1 Assunto: bsdgames http://www.security.unicamp.br/docs/bugs/2006/04/v074.txt Fedora Update Notification: =========================== 20/04/2006 - FEDORA-2006-423 Assunto: Fedora Core 4: kernel http://www.security.unicamp.br/docs/bugs/2006/04/v087.txt 19/04/2006 - FEDORA-2006-421 Assunto: Fedora Core 5: kernel http://www.security.unicamp.br/docs/bugs/2006/04/v082.txt 19/04/2006 - FEDORA-2006-338 Assunto: Fedora Core 5: gdm http://www.security.unicamp.br/docs/bugs/2006/04/v080.txt 18/04/2006 - FEDORA-2006-411 Assunto: Fedora Core 5: firefox http://www.security.unicamp.br/docs/bugs/2006/04/v077.txt 18/04/2006 - FEDORA-2006-410 Assunto: Fedora Core 4: firefox http://www.security.unicamp.br/docs/bugs/2006/04/v076.txt FreeBSD Security Advisory: ========================== 19/04/2006 - FreeBSD-SA-06:14.fpu Assunto: FPU information disclosure http://www.security.unicamp.br/docs/bugs/2006/04/v079.txt Gentoo Linux Security Advisory: =============================== 17/04/2006 - GLSA 200604-08 Assunto: libapreq2: Denial of Service vulnerability http://www.security.unicamp.br/docs/bugs/2006/04/v075.txt HP Security Bulletin: ===================== 19/04/2006 - HPSBUX02108 SSRT061133 rev.7 Assunto: HP-UX running Sendmail, Remote Execution of Arbitrary Code http://www.security.unicamp.br/docs/bugs/2006/04/v081.txt Mandriva Linux Security Update Advisory: ======================================== 17/04/2006 - MDKSA-2006:072 Assunto: kernel http://www.security.unicamp.br/docs/bugs/2006/04/v078.txt Microsoft Security Bulletins: ============================= Ubuntu Security Notice: ======================= 19/04/2006 - USN-271-1 Assunto: firefox vulnerabilities http://www.security.unicamp.br/docs/bugs/2006/04/v086.txt US-CERT Technical Cyber Security Alert: ======================================= 19/04/2006 - TA06-109A Assunto: Oracle Products Contain Multiple Vulnerabilities http://www.security.unicamp.br/docs/bugs/2006/04/v084.txt 17/04/2006 - TA06-107A Assunto: Mozilla Products Contain Multiple Vulnerabilities http://www.security.unicamp.br/docs/bugs/2006/04/v073.txt - -- Computer Security Incident Response Team - CSIRT Universidade Estadual de Campinas - UNICAMP mailto:security at unicamp.br http://www.security.unicamp.br GnuPG Public Key: http://www.security.unicamp.br/security.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQFER80p/UMb1l3gm8IRAko9AJ0RwsV1dikHp1B0GQYpW/Puv5Y7QQCg9HOO ynXZ5cgDBjZaXn08ctlw1kc= =0DI+ -----END PGP SIGNATURE----- From security em unicamp.br Tue Apr 25 16:39:20 2006 From: security em unicamp.br (CSIRT - UNICAMP) Date: Tue, 25 Apr 2006 16:39:20 -0300 Subject: [SECURITY-L] Vulnerabilidades de Seguranca Message-ID: <20060425193920.GA29713@unicamp.br> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Srs. Assinantes, Atualizamos o site do CSIRT (Computer Security Incident Response Team) da Unicamp com os seguintes boletins de vulnerabilidades: CAIS-Alerta: ============ 20/04/2006 - CAIS-Alerta Assunto: Multiplas vulnerabilidades em produtos Oracle http://www.security.unicamp.br/docs/bugs/2006/04/v089.txt 20/04/2006 - CAIS-Alerta Assunto: Multiplas vulnerabilidades em produtos Mozilla http://www.security.unicamp.br/docs/bugs/2006/04/v088.txt Debian Security Advisory: ========================= 24/04/2006 - DSA 1040-1 Assunto: gdm http://www.security.unicamp.br/docs/bugs/2006/04/v100.txt 24/04/2006 - DSA 1039-1 Assunto: blender http://www.security.unicamp.br/docs/bugs/2006/04/v101.txt 22/04/2006 - DSA 1038-1 Assunto: xzgv http://www.security.unicamp.br/docs/bugs/2006/04/v096.txt 21/04/2006 - DSA 1037-1 Assunto: zgv http://www.security.unicamp.br/docs/bugs/2006/04/v095.txt Fedora Legacy Update Advisory: ============================== 21/04/2006 - FEDORA-2006-440 Assunto: Fedora Core 5: beagle http://www.security.unicamp.br/docs/bugs/2006/04/v092.txt Fedora Update Notification: =========================== 25/04/2006 - FEDORA-2006-456 Assunto: Fedora Core 5: ethereal http://www.security.unicamp.br/docs/bugs/2006/04/v106.txt Gentoo Linux Security Advisory: =============================== 23/04/2006 - GLSA 200604-14 Assunto: Dia: Arbitrary code execution through XFig import http://www.security.unicamp.br/docs/bugs/2006/04/v102.txt 23/04/2006 - GLSA 200604-13 Assunto: fbida: Insecure temporary file creation http://www.security.unicamp.br/docs/bugs/2006/04/v103.txt 23/04/2006 - GLSA 200604-12 Assunto: Mozilla Firefox: Multiple vulnerabilities http://www.security.unicamp.br/docs/bugs/2006/04/v104.txt 22/04/2006 - GLSA 200604-11 Assunto: Crossfire server: Denial of Service and potential arbitrary code execution http://www.security.unicamp.br/docs/bugs/2006/04/v097.txt 21/04/2006 - GLSA 200604-10 Assunto: zgv, xzgv: Heap overflow http://www.security.unicamp.br/docs/bugs/2006/04/v094.txt 21/04/2006 - GLSA 200604-09 Assunto: Cyrus-SASL: DIGEST-MD5 Pre-Authentication Denial of Service http://www.security.unicamp.br/docs/bugs/2006/04/v093.txt HP Security Bulletin: ===================== 20/04/2006 - HPSBST02112 SSRT061129 rev.1 Assunto: HP StorageWorks Secure Path for Windows Remote Denial of Service (DoS) http://www.security.unicamp.br/docs/bugs/2006/04/v091.txt 20/04/2006 - HPSBTU02095 SSRT051007 rev.3 Assunto: HP Tru64 UNIX Running DNS BIND4/BIND8 as Forwarders: Remote Unauthorized Privileged Access http://www.security.unicamp.br/docs/bugs/2006/04/v090.txt Mandriva Linux Security Update Advisory: ======================================== 24/04/2006 - MDKSA-2006:074 Assunto: php http://www.security.unicamp.br/docs/bugs/2006/04/v107.txt 24/04/2006 - MDKSA-2006:073 Assunto: cyrus-sasl http://www.security.unicamp.br/docs/bugs/2006/04/v108.txt Slackware Security Advisory: ============================ 24/04/2006 - SSA:2006-114-01 Assunto: mozilla security/EOL http://www.security.unicamp.br/docs/bugs/2006/04/v105.txt Ubuntu Security Notice: ======================= 24/04/2006 - USN-273-1 Assunto: ruby1.8 vulnerability http://www.security.unicamp.br/docs/bugs/2006/04/v099.txt 24/04/2006 - USN-272-1 Assunto: cyrus-sasl2 vulnerability http://www.security.unicamp.br/docs/bugs/2006/04/v098.txt - -- Computer Security Incident Response Team - CSIRT Universidade Estadual de Campinas - UNICAMP mailto:security at unicamp.br http://www.security.unicamp.br GnuPG Public Key: http://www.security.unicamp.br/security.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQFETnqa/UMb1l3gm8IRAtPOAJ9h81WVWj7nAJ1wpESpA6W7eYDt+wCcDIxJ fyEnQQJIOHsk8JUYMwnndOc= =6hZh -----END PGP SIGNATURE----- From security em unicamp.br Fri Apr 28 16:46:07 2006 From: security em unicamp.br (CSIRT - UNICAMP) Date: Fri, 28 Apr 2006 16:46:07 -0300 Subject: [SECURITY-L] Vulnerabilidades de Seguranca Message-ID: <20060428194607.GA76925@unicamp.br> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Srs. Assinantes, Atualizamos o site do CSIRT (Computer Security Incident Response Team) da Unicamp com os seguintes boletins de vulnerabilidades: Cisco Security Advisory: ======================== 26/04/2006 - Cisco Security Advisory Assunto: Cisco VPN 3000 Concentrator Vulnerable to Crafted HTTP Attack http://www.security.unicamp.br/docs/bugs/2006/04/v120.txt Debian Security Advisory: ========================= 27/04/2006 - DSA 1046-1 Assunto: mozilla http://www.security.unicamp.br/docs/bugs/2006/04/v132.txt 27/04/2006 - DSA 1045-1 Assunto: openvpn http://www.security.unicamp.br/docs/bugs/2006/04/v131.txt 26/04/2006 - DSA 1044-1 Assunto: mozilla-firefox http://www.security.unicamp.br/docs/bugs/2006/04/v116.txt 26/04/2006 - DSA 1043-1 Assunto: abcdmidi http://www.security.unicamp.br/docs/bugs/2006/04/v119.txt 25/04/2006 - DSA 1042-1 Assunto: cyrus-sas12 http://www.security.unicamp.br/docs/bugs/2006/04/v111.txt 25/04/2006 - DSA 1041-1 Assunto: abc2ps http://www.security.unicamp.br/docs/bugs/2006/04/v110.txt Fedora Update Notification: =========================== 27/04/2006 - FEDORA-2006-474 Assunto: Fedora Core 5: libtiff http://www.security.unicamp.br/docs/bugs/2006/04/v129.txt 27/04/2006 - FEDORA-2006-473 Assunto: Fedora Core 4: libtiff http://www.security.unicamp.br/docs/bugs/2006/04/v128.txt 26/04/2006 - FEDORA-2006-461 Assunto: Fedora Core 4: ethereal http://www.security.unicamp.br/docs/bugs/2006/04/v113.txt Gentoo Linux Security Advisory: =============================== 27/04/2006 - GLSA 200604-17 Assunto: Ethereal: Multiple vulnerabilities in protocol dissectors http://www.security.unicamp.br/docs/bugs/2006/04/v126.txt 26/04/2006 - GLSA 200604-16 Assunto: xine-lib: Buffer overflow vulnerability http://www.security.unicamp.br/docs/bugs/2006/04/v115.txt 26/04/2006 - GLSA 200604-15 Assunto: xine-ui: Format string vulnerabilities http://www.security.unicamp.br/docs/bugs/2006/04/v114.txt HP Security Bulletin: ===================== 27/04/2006 - HPSBMA02113 SSRT061148 rev.1 Assunto: HP Oracle for OpenView (OfO) Critical Patch Update http://www.security.unicamp.br/docs/bugs/2006/04/v127.txt 27/04/2006 - HPSBUX02075 SSRT051074 rev.4 Assunto: HP-UX Running xterm Local Unauthorized Access http://www.security.unicamp.br/docs/bugs/2006/04/v125.txt 27/04/2006 - HPSBUX02108 SSRT061133 rev.9 Assunto: HP-UX running Sendmail, Remote Execution of Arbitrary Code http://www.security.unicamp.br/docs/bugs/2006/04/v124.txt Mandriva Linux Security Update Advisory: ======================================== 25/04/2006 - MDKSA-2006:079 Assunto: ruby http://www.security.unicamp.br/docs/bugs/2006/04/v122.txt 25/04/2006 - MDKSA-2006:078 Assunto: mozilla-thunderbird http://www.security.unicamp.br/docs/bugs/2006/04/v121.txt 25/04/2006 - MDKSA-2006:077 Assunto: ethereal http://www.security.unicamp.br/docs/bugs/2006/04/v118.txt 25/04/2006 - MDKSA-2006:076 Assunto: mozilla http://www.security.unicamp.br/docs/bugs/2006/04/v117.txt 24/04/2006 - MDKSA-2006:075 Assunto: mozilla-firefox http://www.security.unicamp.br/docs/bugs/2006/04/v109.txt Microsoft Security Bulletins: ============================= 25/04/2005 Assunto: Microsoft Security Bulletin Re-Releases http://www.security.unicamp.br/docs/bugs/2006/04/v112.txt Ubuntu Security Notice: ======================= 27/04/2006 - USN-275-1 Assunto: mozilla vulnerabilities http://www.security.unicamp.br/docs/bugs/2006/04/v130.txt 27/04/2006 - USN-274-1 Assunto: mysql-dfsg vulnerability http://www.security.unicamp.br/docs/bugs/2006/04/v123.txt - -- Computer Security Incident Response Team - CSIRT Universidade Estadual de Campinas - UNICAMP mailto:security at unicamp.br http://www.security.unicamp.br GnuPG Public Key: http://www.security.unicamp.br/security.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQFEUnDF/UMb1l3gm8IRAl4KAKCO0u2F+kYVoPj8KgVCNHzhaNUD8QCfTwwQ /EVid104vKMcQEOWRmA8iT8= =INyN -----END PGP SIGNATURE-----